From 834a8c71445dceab08f8a001cccab5aa3a68288f Mon Sep 17 00:00:00 2001 From: Tariq Ibrahim Date: Fri, 12 Jun 2026 15:08:42 -0700 Subject: [PATCH] bump openshift/{api,client-go} dependencies Signed-off-by: Tariq Ibrahim --- go.mod | 5 +- go.sum | 39 +- vendor/github.com/gogo/protobuf/AUTHORS | 15 - vendor/github.com/gogo/protobuf/CONTRIBUTORS | 23 - vendor/github.com/gogo/protobuf/LICENSE | 35 - .../github.com/gogo/protobuf/proto/Makefile | 43 - .../github.com/gogo/protobuf/proto/clone.go | 258 -- .../gogo/protobuf/proto/custom_gogo.go | 39 - .../github.com/gogo/protobuf/proto/decode.go | 427 --- .../gogo/protobuf/proto/deprecated.go | 63 - .../github.com/gogo/protobuf/proto/discard.go | 350 -- .../gogo/protobuf/proto/duration.go | 100 - .../gogo/protobuf/proto/duration_gogo.go | 49 - .../github.com/gogo/protobuf/proto/encode.go | 205 -- .../gogo/protobuf/proto/encode_gogo.go | 33 - .../github.com/gogo/protobuf/proto/equal.go | 300 -- .../gogo/protobuf/proto/extensions.go | 605 ---- .../gogo/protobuf/proto/extensions_gogo.go | 389 --- vendor/github.com/gogo/protobuf/proto/lib.go | 973 ------ .../gogo/protobuf/proto/lib_gogo.go | 50 - .../gogo/protobuf/proto/message_set.go | 181 - .../gogo/protobuf/proto/pointer_reflect.go | 357 -- .../protobuf/proto/pointer_reflect_gogo.go | 59 - .../gogo/protobuf/proto/pointer_unsafe.go | 308 -- .../protobuf/proto/pointer_unsafe_gogo.go | 56 - .../gogo/protobuf/proto/properties.go | 610 ---- .../gogo/protobuf/proto/properties_gogo.go | 36 - .../gogo/protobuf/proto/skip_gogo.go | 119 - .../gogo/protobuf/proto/table_marshal.go | 3009 ----------------- .../gogo/protobuf/proto/table_marshal_gogo.go | 388 --- .../gogo/protobuf/proto/table_merge.go | 676 ---- .../gogo/protobuf/proto/table_unmarshal.go | 2249 ------------ .../protobuf/proto/table_unmarshal_gogo.go | 385 --- vendor/github.com/gogo/protobuf/proto/text.go | 930 ----- .../gogo/protobuf/proto/text_gogo.go | 57 - .../gogo/protobuf/proto/text_parser.go | 1018 ------ .../gogo/protobuf/proto/timestamp.go | 113 - .../gogo/protobuf/proto/timestamp_gogo.go | 49 - .../gogo/protobuf/proto/wrappers.go | 1888 ----------- .../gogo/protobuf/proto/wrappers_gogo.go | 113 - .../gogo/protobuf/sortkeys/sortkeys.go | 101 - .../openshift/api/config/v1/types.go | 5 + .../api/config/v1/types_apiserver.go | 70 +- .../api/config/v1/types_authentication.go | 455 ++- .../api/config/v1/types_cluster_operator.go | 5 +- .../api/config/v1/types_cluster_version.go | 26 + .../openshift/api/config/v1/types_dns.go | 9 +- .../openshift/api/config/v1/types_image.go | 30 + .../api/config/v1/types_infrastructure.go | 27 +- .../openshift/api/config/v1/types_ingress.go | 1 + .../api/config/v1/types_kmsencryption.go | 264 +- .../openshift/api/config/v1/types_network.go | 30 + .../api/config/v1/types_tlssecurityprofile.go | 122 +- .../api/config/v1/zz_generated.deepcopy.go | 335 +- ..._generated.featuregated-crd-manifests.yaml | 15 +- .../v1/zz_generated.swagger_doc_generated.go | 230 +- .../openshift/api/config/v1alpha1/register.go | 6 +- .../v1alpha1/types_cluster_image_policy.go | 80 - .../v1alpha1/types_cluster_monitoring.go | 2670 +++++++++++++-- .../api/config/v1alpha1/types_image_policy.go | 289 -- .../api/config/v1alpha1/types_insights.go | 1 + .../api/config/v1alpha1/types_pki.go | 274 ++ .../config/v1alpha1/zz_generated.deepcopy.go | 1614 +++++++-- ..._generated.featuregated-crd-manifests.yaml | 61 +- .../zz_generated.swagger_doc_generated.go | 799 ++++- .../openshift/api/image/v1/generated.pb.go | 1317 +------- .../api/image/v1/generated.protomessage.pb.go | 82 + .../openshift/api/security/v1/generated.pb.go | 684 +--- .../openshift/api/security/v1/generated.proto | 5 +- .../security/v1/generated.protomessage.pb.go | 44 + .../openshift/api/security/v1/types.go | 5 +- ..._generated.featuregated-crd-manifests.yaml | 3 +- .../v1/zz_generated.swagger_doc_generated.go | 4 +- .../config/v1/acceptrisk.go | 4 + .../config/v1/alibabacloudplatformstatus.go | 11 +- .../config/v1/alibabacloudresourcetag.go | 6 +- .../config/v1/apiserver.go | 58 +- .../config/v1/apiserverencryption.go | 28 +- .../config/v1/apiservernamedservingcert.go | 11 +- .../config/v1/apiserverservingcerts.go | 3 + .../config/v1/apiserverspec.go | 73 +- .../applyconfigurations/config/v1/audit.go | 26 +- .../config/v1/auditcustomrule.go | 18 +- .../config/v1/authentication.go | 57 +- .../config/v1/authenticationspec.go | 44 +- .../config/v1/authenticationstatus.go | 16 +- .../config/v1/awsdnsspec.go | 10 + .../config/v1/awsingressspec.go | 18 + .../config/v1/awskmsconfig.go | 32 - .../config/v1/awsplatformspec.go | 6 + .../config/v1/awsplatformstatus.go | 28 +- .../config/v1/awsresourcetag.go | 12 +- .../config/v1/awsserviceendpoint.go | 11 +- .../config/v1/azureplatformstatus.go | 37 +- .../config/v1/azureresourcetag.go | 9 +- .../v1/baremetalplatformloadbalancer.go | 11 + .../config/v1/baremetalplatformspec.go | 29 +- .../config/v1/baremetalplatformstatus.go | 59 +- .../config/v1/basicauthidentityprovider.go | 3 + .../applyconfigurations/config/v1/build.go | 54 +- .../config/v1/builddefaults.go | 25 +- .../config/v1/buildoverrides.go | 18 +- .../config/v1/buildspec.go | 12 +- .../config/v1/clientcredentialconfig.go | 98 + .../config/v1/clientsecretsecretreference.go | 32 + .../config/v1/cloudcontrollermanagerstatus.go | 11 + .../config/v1/cloudloadbalancerconfig.go | 21 +- .../config/v1/cloudloadbalancerips.go | 22 +- .../config/v1/clustercondition.go | 10 +- .../config/v1/clusterimagepolicy.go | 56 +- .../config/v1/clusterimagepolicyspec.go | 17 +- .../config/v1/clusterimagepolicystatus.go | 1 + .../config/v1/clusternetworkentry.go | 8 +- .../config/v1/clusteroperator.go | 58 +- .../config/v1/clusteroperatorstatus.go | 20 +- .../v1/clusteroperatorstatuscondition.go | 20 +- .../config/v1/clusterversion.go | 59 +- .../v1/clusterversioncapabilitiesspec.go | 15 +- .../v1/clusterversioncapabilitiesstatus.go | 7 +- .../config/v1/clusterversionspec.go | 66 +- .../config/v1/clusterversionstatus.go | 65 +- .../config/v1/componentoverride.go | 19 +- .../config/v1/componentroutespec.go | 21 +- .../config/v1/componentroutestatus.go | 43 +- .../config/v1/conditionalupdate.go | 27 +- .../config/v1/conditionalupdaterisk.go | 31 +- .../config/v1/configmapfilereference.go | 6 +- .../config/v1/configmapnamereference.go | 4 + .../applyconfigurations/config/v1/console.go | 58 +- .../config/v1/consoleauthentication.go | 12 + .../config/v1/consolespec.go | 2 + .../config/v1/consolestatus.go | 4 + .../applyconfigurations/config/v1/custom.go | 8 + .../config/v1/customfeaturegates.go | 4 +- .../config/v1/customtlsprofile.go | 13 + .../v1/deprecatedwebhooktokenauthenticator.go | 10 + .../applyconfigurations/config/v1/dns.go | 56 +- .../config/v1/dnsplatformspec.go | 13 +- .../applyconfigurations/config/v1/dnsspec.go | 31 +- .../applyconfigurations/config/v1/dnszone.go | 19 +- .../config/v1/equinixmetalplatformstatus.go | 10 +- .../config/v1/externalclaimssource.go | 97 + .../config/v1/externalipconfig.go | 16 +- .../config/v1/externalippolicy.go | 9 +- .../config/v1/externalplatformspec.go | 4 + .../config/v1/externalplatformstatus.go | 5 + .../config/v1/externalsourceauthentication.go | 57 + ...ecertificateauthorityconfigmapreference.go | 34 + .../config/v1/externalsourcepredicate.go | 43 + .../config/v1/externalsourcetls.go | 30 + .../config/v1/extramapping.go | 32 +- .../config/v1/featuregate.go | 56 +- .../config/v1/featuregateattributes.go | 1 + .../config/v1/featuregatedetails.go | 7 +- .../config/v1/featuregateselection.go | 7 +- .../config/v1/featuregatestatus.go | 12 +- .../config/v1/gatherconfig.go | 17 +- .../config/v1/gathererconfig.go | 15 +- .../config/v1/gatherers.go | 12 +- .../config/v1/gcpplatformstatus.go | 25 +- .../config/v1/gcpresourcelabel.go | 10 +- .../config/v1/gcpresourcetag.go | 19 +- .../config/v1/githubidentityprovider.go | 32 +- .../config/v1/gitlabidentityprovider.go | 23 +- .../config/v1/googleidentityprovider.go | 12 +- .../config/v1/htpasswdidentityprovider.go | 7 + .../config/v1/hubsource.go | 8 +- .../config/v1/hubsourcestatus.go | 9 +- .../config/v1/ibmcloudplatformspec.go | 10 + .../config/v1/ibmcloudplatformstatus.go | 27 +- .../config/v1/ibmcloudserviceendpoint.go | 15 +- .../config/v1/identityprovider.go | 10 +- .../config/v1/identityproviderconfig.go | 30 +- .../applyconfigurations/config/v1/image.go | 61 +- .../config/v1/imagecontentpolicy.go | 52 +- .../config/v1/imagecontentpolicyspec.go | 20 + .../config/v1/imagedigestmirrors.go | 37 +- .../config/v1/imagedigestmirrorset.go | 57 +- .../config/v1/imagedigestmirrorsetspec.go | 27 + .../config/v1/imagelabel.go | 4 +- .../config/v1/imagepolicy.go | 58 +- ...imagepolicyfulciocawithrekorrootoftrust.go | 11 +- .../config/v1/imagepolicypkirootoftrust.go | 12 +- .../v1/imagepolicypublickeyrootoftrust.go | 8 +- .../config/v1/imagepolicyspec.go | 17 +- .../config/v1/imagepolicystatus.go | 2 + .../v1/imagesigstoreverificationpolicy.go | 10 +- .../config/v1/imagespec.go | 39 +- .../config/v1/imagestatus.go | 24 +- .../config/v1/imagetagmirrors.go | 39 +- .../config/v1/imagetagmirrorset.go | 57 +- .../config/v1/imagetagmirrorsetspec.go | 27 + .../config/v1/infrastructure.go | 56 +- .../config/v1/infrastructurespec.go | 20 +- .../config/v1/infrastructurestatus.go | 60 +- .../applyconfigurations/config/v1/ingress.go | 57 +- .../config/v1/ingressplatformspec.go | 14 +- .../config/v1/ingressspec.go | 55 +- .../config/v1/ingressstatus.go | 18 +- .../config/v1/insightsdatagather.go | 51 +- .../config/v1/insightsdatagatherspec.go | 3 + .../config/v1/keystoneidentityprovider.go | 6 +- .../config/v1/kmsconfig.go | 36 - .../config/v1/kmspluginconfig.go | 46 + .../config/v1/kubevirtplatformstatus.go | 10 +- .../config/v1/ldapattributemapping.go | 19 +- .../config/v1/ldapidentityprovider.go | 36 +- .../config/v1/loadbalancer.go | 4 + .../config/v1/maxagepolicy.go | 10 +- .../config/v1/mtumigration.go | 4 + .../config/v1/mtumigrationvalues.go | 6 +- .../applyconfigurations/config/v1/network.go | 60 +- .../config/v1/networkdiagnostics.go | 15 +- .../v1/networkdiagnosticssourceplacement.go | 16 +- .../v1/networkdiagnosticstargetplacement.go | 16 +- .../config/v1/networkmigration.go | 10 +- .../config/v1/networkobservabilityspec.go | 33 + .../config/v1/networkspec.go | 55 +- .../config/v1/networkstatus.go | 22 +- .../applyconfigurations/config/v1/node.go | 56 +- .../applyconfigurations/config/v1/nodespec.go | 22 +- .../config/v1/nodestatus.go | 1 + .../config/v1/nutanixfailuredomain.go | 18 +- .../config/v1/nutanixplatformloadbalancer.go | 11 + .../config/v1/nutanixplatformspec.go | 21 +- .../config/v1/nutanixplatformstatus.go | 46 +- .../config/v1/nutanixprismelementendpoint.go | 10 +- .../config/v1/nutanixprismendpoint.go | 6 +- .../config/v1/nutanixresourceidentifier.go | 9 +- .../applyconfigurations/config/v1/oauth.go | 58 +- .../config/v1/oauthremoteconnectioninfo.go | 30 +- .../config/v1/oauthspec.go | 10 +- .../config/v1/oauthtemplates.go | 26 +- .../config/v1/objectreference.go | 12 +- .../config/v1/oidcclientconfig.go | 39 +- .../config/v1/oidcclientreference.go | 16 +- .../config/v1/oidcclientstatus.go | 34 +- .../config/v1/oidcprovider.go | 59 +- .../config/v1/openidclaims.go | 19 +- .../config/v1/openididentityprovider.go | 33 +- .../v1/openstackplatformloadbalancer.go | 11 + .../config/v1/openstackplatformspec.go | 29 +- .../config/v1/openstackplatformstatus.go | 61 +- .../config/v1/operandversion.go | 6 +- .../config/v1/operatorhub.go | 52 +- .../config/v1/operatorhubspec.go | 17 +- .../config/v1/operatorhubstatus.go | 5 + .../config/v1/ovirtplatformloadbalancer.go | 11 + .../config/v1/ovirtplatformstatus.go | 49 +- .../v1/persistentvolumeclaimreference.go | 5 + .../config/v1/persistentvolumeconfig.go | 12 +- .../config/v1/pkicertificatesubject.go | 9 +- .../config/v1/platformspec.go | 58 +- .../config/v1/platformstatus.go | 55 +- .../config/v1/policyfulciosubject.go | 11 +- .../config/v1/policyidentity.go | 16 +- .../config/v1/policymatchexactrepository.go | 3 + .../config/v1/policymatchremapidentity.go | 13 +- .../config/v1/policyrootoftrust.go | 21 +- .../config/v1/powervsplatformspec.go | 5 + .../config/v1/powervsplatformstatus.go | 26 +- .../config/v1/powervsserviceendpoint.go | 13 +- .../config/v1/prefixedclaimmapping.go | 19 +- .../config/v1/profilecustomizations.go | 10 + .../applyconfigurations/config/v1/project.go | 56 +- .../config/v1/projectspec.go | 8 +- .../config/v1/promqlclustercondition.go | 7 + .../applyconfigurations/config/v1/proxy.go | 56 +- .../config/v1/proxyspec.go | 40 +- .../config/v1/proxystatus.go | 9 +- .../config/v1/registrylocation.go | 10 +- .../config/v1/registrysources.go | 36 +- .../applyconfigurations/config/v1/release.go | 27 +- .../config/v1/repositorydigestmirrors.go | 20 +- .../v1/requestheaderidentityprovider.go | 46 +- .../config/v1/requiredhstspolicy.go | 33 +- .../config/v1/scheduler.go | 57 +- .../config/v1/schedulerspec.go | 51 +- .../config/v1/secretnamereference.go | 4 + .../config/v1/signaturestore.go | 16 +- .../config/v1/sourcedclaimmapping.go | 51 + .../config/v1/sourceurl.go | 67 + .../applyconfigurations/config/v1/storage.go | 12 +- .../config/v1/templatereference.go | 4 + .../config/v1/tlsprofilespec.go | 46 +- .../config/v1/tlssecurityprofile.go | 108 +- .../config/v1/tokenclaimmapping.go | 24 + .../config/v1/tokenclaimmappings.go | 27 +- .../v1/tokenclaimorexpressionmapping.go | 20 +- .../config/v1/tokenclaimvalidationcelrule.go | 7 +- .../config/v1/tokenclaimvalidationrule.go | 22 +- .../config/v1/tokenconfig.go | 23 +- .../config/v1/tokenissuer.go | 27 +- .../config/v1/tokenrequiredclaim.go | 10 +- .../config/v1/tokenuservalidationrule.go | 13 +- .../applyconfigurations/config/v1/update.go | 62 +- .../config/v1/updatehistory.go | 39 +- .../config/v1/usernameclaimmapping.go | 49 +- .../config/v1/usernameprefix.go | 6 + .../config/v1/vaultapproleauthentication.go | 28 + .../config/v1/vaultauthentication.go | 43 + .../config/v1/vaultconfigmapreference.go | 28 + .../config/v1/vaultkmspluginconfig.go | 123 + .../config/v1/vaultsecretreference.go | 28 + .../config/v1/vaulttlsconfig.go | 58 + .../v1/vspherefailuredomainhostgroup.go | 17 +- .../v1/vspherefailuredomainregionaffinity.go | 7 + .../v1/vspherefailuredomainzoneaffinity.go | 15 +- .../v1/vsphereplatformfailuredomainspec.go | 32 +- .../config/v1/vsphereplatformloadbalancer.go | 11 + .../v1/vsphereplatformnodenetworking.go | 4 + .../v1/vsphereplatformnodenetworkingspec.go | 22 +- .../config/v1/vsphereplatformspec.go | 52 +- .../config/v1/vsphereplatformstatus.go | 57 +- .../config/v1/vsphereplatformtopology.go | 51 +- .../config/v1/vsphereplatformvcenterspec.go | 19 +- .../config/v1/webhooktokenauthenticator.go | 13 + .../applyconfigurations/internal/internal.go | 2720 ++++++++++----- .../applyconfigurations/image/v1/image.go | 87 +- .../image/v1/imagelayer.go | 9 +- .../image/v1/imagelookuppolicy.go | 8 + .../image/v1/imagemanifest.go | 21 +- .../image/v1/imagesignature.go | 40 +- .../image/v1/imagestream.go | 81 +- .../image/v1/imagestreammapping.go | 61 +- .../image/v1/imagestreamspec.go | 13 +- .../image/v1/imagestreamstatus.go | 15 +- .../image/v1/namedtageventlist.go | 9 +- .../image/v1/signaturecondition.go | 20 +- .../image/v1/signaturegenericentity.go | 7 +- .../image/v1/signatureissuer.go | 2 + .../image/v1/signaturesubject.go | 7 +- .../applyconfigurations/image/v1/tagevent.go | 14 +- .../image/v1/tageventcondition.go | 20 +- .../image/v1/tagimportpolicy.go | 9 +- .../image/v1/tagreference.go | 30 +- .../image/v1/tagreferencepolicy.go | 12 + .../applyconfigurations/internal/internal.go | 350 +- vendor/modules.txt | 12 +- 339 files changed, 14087 insertions(+), 22176 deletions(-) delete mode 100644 vendor/github.com/gogo/protobuf/AUTHORS delete mode 100644 vendor/github.com/gogo/protobuf/CONTRIBUTORS delete mode 100644 vendor/github.com/gogo/protobuf/LICENSE delete mode 100644 vendor/github.com/gogo/protobuf/proto/Makefile delete mode 100644 vendor/github.com/gogo/protobuf/proto/clone.go delete mode 100644 vendor/github.com/gogo/protobuf/proto/custom_gogo.go delete mode 100644 vendor/github.com/gogo/protobuf/proto/decode.go delete mode 100644 vendor/github.com/gogo/protobuf/proto/deprecated.go delete mode 100644 vendor/github.com/gogo/protobuf/proto/discard.go delete mode 100644 vendor/github.com/gogo/protobuf/proto/duration.go delete mode 100644 vendor/github.com/gogo/protobuf/proto/duration_gogo.go delete mode 100644 vendor/github.com/gogo/protobuf/proto/encode.go delete mode 100644 vendor/github.com/gogo/protobuf/proto/encode_gogo.go delete mode 100644 vendor/github.com/gogo/protobuf/proto/equal.go delete mode 100644 vendor/github.com/gogo/protobuf/proto/extensions.go delete mode 100644 vendor/github.com/gogo/protobuf/proto/extensions_gogo.go delete mode 100644 vendor/github.com/gogo/protobuf/proto/lib.go delete mode 100644 vendor/github.com/gogo/protobuf/proto/lib_gogo.go delete mode 100644 vendor/github.com/gogo/protobuf/proto/message_set.go delete mode 100644 vendor/github.com/gogo/protobuf/proto/pointer_reflect.go delete mode 100644 vendor/github.com/gogo/protobuf/proto/pointer_reflect_gogo.go delete mode 100644 vendor/github.com/gogo/protobuf/proto/pointer_unsafe.go delete mode 100644 vendor/github.com/gogo/protobuf/proto/pointer_unsafe_gogo.go delete mode 100644 vendor/github.com/gogo/protobuf/proto/properties.go delete mode 100644 vendor/github.com/gogo/protobuf/proto/properties_gogo.go delete mode 100644 vendor/github.com/gogo/protobuf/proto/skip_gogo.go delete mode 100644 vendor/github.com/gogo/protobuf/proto/table_marshal.go delete mode 100644 vendor/github.com/gogo/protobuf/proto/table_marshal_gogo.go delete mode 100644 vendor/github.com/gogo/protobuf/proto/table_merge.go delete mode 100644 vendor/github.com/gogo/protobuf/proto/table_unmarshal.go delete mode 100644 vendor/github.com/gogo/protobuf/proto/table_unmarshal_gogo.go delete mode 100644 vendor/github.com/gogo/protobuf/proto/text.go delete mode 100644 vendor/github.com/gogo/protobuf/proto/text_gogo.go delete mode 100644 vendor/github.com/gogo/protobuf/proto/text_parser.go delete mode 100644 vendor/github.com/gogo/protobuf/proto/timestamp.go delete mode 100644 vendor/github.com/gogo/protobuf/proto/timestamp_gogo.go delete mode 100644 vendor/github.com/gogo/protobuf/proto/wrappers.go delete mode 100644 vendor/github.com/gogo/protobuf/proto/wrappers_gogo.go delete mode 100644 vendor/github.com/gogo/protobuf/sortkeys/sortkeys.go delete mode 100644 vendor/github.com/openshift/api/config/v1alpha1/types_cluster_image_policy.go delete mode 100644 vendor/github.com/openshift/api/config/v1alpha1/types_image_policy.go create mode 100644 vendor/github.com/openshift/api/config/v1alpha1/types_pki.go create mode 100644 vendor/github.com/openshift/api/image/v1/generated.protomessage.pb.go create mode 100644 vendor/github.com/openshift/api/security/v1/generated.protomessage.pb.go delete mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/awskmsconfig.go create mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/clientcredentialconfig.go create mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/clientsecretsecretreference.go create mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/externalclaimssource.go create mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/externalsourceauthentication.go create mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/externalsourcecertificateauthorityconfigmapreference.go create mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/externalsourcepredicate.go create mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/externalsourcetls.go delete mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/kmsconfig.go create mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/kmspluginconfig.go create mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/networkobservabilityspec.go create mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/sourcedclaimmapping.go create mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/sourceurl.go create mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vaultapproleauthentication.go create mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vaultauthentication.go create mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vaultconfigmapreference.go create mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vaultkmspluginconfig.go create mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vaultsecretreference.go create mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vaulttlsconfig.go diff --git a/go.mod b/go.mod index bbbbb0058..12c89ea85 100644 --- a/go.mod +++ b/go.mod @@ -14,8 +14,8 @@ require ( github.com/go-logr/zapr v1.3.0 github.com/onsi/ginkgo/v2 v2.29.0 github.com/onsi/gomega v1.41.0 - github.com/openshift/api v0.0.0-20260213204242-d34f11c515b3 - github.com/openshift/client-go v0.0.0-20260213141500-06efc6dce93b + github.com/openshift/api v0.0.0-20260612153628-992ec954f8b3 + github.com/openshift/client-go v0.0.0-20260603140539-6892dc3e1ffc github.com/operator-framework/api v0.42.0 github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring v0.90.1 github.com/prometheus/client_golang v1.23.2 @@ -70,7 +70,6 @@ require ( github.com/go-openapi/swag/typeutils v0.25.4 // indirect github.com/go-openapi/swag/yamlutils v0.25.4 // indirect github.com/go-task/slim-sprig/v3 v3.0.0 // indirect - github.com/gogo/protobuf v1.3.2 // indirect github.com/google/btree v1.1.3 // indirect github.com/google/gnostic-models v0.7.1 // indirect github.com/google/go-cmp v0.7.0 // indirect diff --git a/go.sum b/go.sum index edfb098a9..5ffe38829 100644 --- a/go.sum +++ b/go.sum @@ -105,8 +105,6 @@ github.com/go-task/slim-sprig/v3 v3.0.0 h1:sUs3vkvUymDpBKi3qH1YSqBQk9+9D/8M2mN1v github.com/go-task/slim-sprig/v3 v3.0.0/go.mod h1:W848ghGpv3Qj3dhTPRyJypKRiqCdHZiAzKg9hl15HA8= github.com/goccy/go-yaml v1.19.2 h1:PmFC1S6h8ljIz6gMRBopkjP1TVT7xuwrButHID66PoM= github.com/goccy/go-yaml v1.19.2/go.mod h1:XBurs7gK8ATbW4ZPGKgcbrY1Br56PdM69F7LkFRi1kA= -github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= -github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= github.com/google/btree v1.1.3 h1:CVpQJjYgC4VbzxeGVHfvZrv1ctoYCAI8vbl07Fcxlyg= github.com/google/btree v1.1.3/go.mod h1:qOPhT0dTNdNzV6Z/lhRX0YXUafgPLFUh+gZMl761Gm4= github.com/google/gnostic-models v0.7.1 h1:SisTfuFKJSKM5CPZkffwi6coztzzeYUhc3v4yxLWH8c= @@ -128,8 +126,6 @@ github.com/joshdk/go-junit v1.0.0 h1:S86cUKIdwBHWwA6xCmFlf3RTLfVXYQfvanM5Uh+K6GE github.com/joshdk/go-junit v1.0.0/go.mod h1:TiiV0PqkaNfFXjEiyjWM3XXrhVyCa1K4Zfga6W52ung= github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM= github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= -github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= -github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= github.com/klauspost/compress v1.18.6 h1:2jupLlAwFm95+YDR+NwD2MEfFO9d4z4Prjl1XXDjuao= github.com/klauspost/compress v1.18.6/go.mod h1:cwPg85FWrGar70rWktvGQj8/hthj3wpl0PGDogxkrSQ= github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= @@ -174,10 +170,10 @@ github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8 github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM= github.com/opencontainers/runc v1.4.2 h1:/AEjjXuVH9lTRl9ZyUFQj7oWBM7Xv00qFV6Vx9q5N3o= github.com/opencontainers/runc v1.4.2/go.mod h1:ufk5PTTsy5pnGBAvTh50e+eqGk01pYH2YcVxh557Qlk= -github.com/openshift/api v0.0.0-20260213204242-d34f11c515b3 h1:SZ8+jxtkMvpb4HDTjSAbaOyhFsw5PiWhjBog+XLY7jc= -github.com/openshift/api v0.0.0-20260213204242-d34f11c515b3/go.mod h1:d5uzF0YN2nQQFA0jIEWzzOZ+edmo6wzlGLvx5Fhz4uY= -github.com/openshift/client-go v0.0.0-20260213141500-06efc6dce93b h1:7rTnxq+haKrzUFKQQDylkklyFRtGFox73dlawRlnTA8= -github.com/openshift/client-go v0.0.0-20260213141500-06efc6dce93b/go.mod h1:V3s8weD4bKXGXaN7d9g3V1QS2gmlYBRI2i/lfIwmroM= +github.com/openshift/api v0.0.0-20260612153628-992ec954f8b3 h1:oPRAgR0qOvfiEKKiivzfepwdDYlhl4iGexXCSIYXkSI= +github.com/openshift/api v0.0.0-20260612153628-992ec954f8b3/go.mod h1:pyVjK0nZ4sRs4fuQVQ4rubsJdahI1PB94LnQ8sGdvxo= +github.com/openshift/client-go v0.0.0-20260603140539-6892dc3e1ffc h1:yCLc/pmoZ4YZbMWlAnvYZ2YWkLZoPCilO4Fk/oAu2/E= +github.com/openshift/client-go v0.0.0-20260603140539-6892dc3e1ffc/go.mod h1:eqfaEX/V7xHMZ8Mpf72J03RnnY/kEqoZVLpkpjy5p6s= github.com/operator-framework/api v0.42.0 h1:rkc5V3zW8RxZMjePAe12jdL7Co/hwsYo1pLnkkhuR7s= github.com/operator-framework/api v0.42.0/go.mod h1:bMEj+wl/8tGqcGNtxt38cLUYagu9chNsbYzb/5HQaUQ= github.com/peterbourgon/diskv v2.0.1+incompatible h1:UBdAOUP5p4RWqPBg048CAvpKN+vxiaj6gdUUzhl4XmI= @@ -240,8 +236,6 @@ github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM= github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg= github.com/xlab/treeprint v1.2.0 h1:HzHnuAF1plUN2zGlAFHbSQP2qJ0ZAD3XF5XD7OesXRQ= github.com/xlab/treeprint v1.2.0/go.mod h1:gj5Gd3gPdKtR1ikdDK6fnFLdmIS0X30kTTuNd/WEJu0= -github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto= go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE= go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0= @@ -252,52 +246,27 @@ go.yaml.in/yaml/v2 v2.4.4 h1:tuyd0P+2Ont/d6e2rl3be67goVK4R6deVxCUX5vyPaQ= go.yaml.in/yaml/v2 v2.4.4/go.mod h1:gMZqIpDtDqOfM0uNfy0SkpRhvUryYH0Z6wdMYcacYXQ= go.yaml.in/yaml/v3 v3.0.4 h1:tfq32ie2Jv2UxXFdLJdh3jXuOzWiL1fo0bu/FbuKpbc= go.yaml.in/yaml/v3 v3.0.4/go.mod h1:DhzuOOF2ATzADvBadXxruRBLzYTpT36CKvDb3+aBEFg= -golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.52.0 h1:RMs7fP2rXdep0CftQlK8Uf+kibLm7qkCcradZWYz988= golang.org/x/crypto v0.52.0/go.mod h1:1QgfPxDqh0T2M/elOJtp9RvuR95kVjir0e6/BvEmGbc= -golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.36.0 h1:JJjpVx6myfUsUdAzZuOSTTmRE0PfZeNWzzvKrP7amb4= golang.org/x/mod v0.36.0/go.mod h1:moc6ELqsWcOw5Ef3xVprK5ul/MvtVvkIXLziUOICjUQ= -golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/net v0.54.0 h1:2zJIZAxAHV/OHCDTCOHAYehQzLfSXuf/5SoL/Dv6w/w= golang.org/x/net v0.54.0/go.mod h1:Sj4oj8jK6XmHpBZU/zWHw3BV3abl4Kvi+Ut7cQcY+cQ= golang.org/x/oauth2 v0.34.0 h1:hqK/t4AKgbqWkdkcAeI8XLmbK+4m4G5YeQRrmiotGlw= golang.org/x/oauth2 v0.34.0/go.mod h1:lzm5WQJQwKZ3nwavOZ3IS5Aulzxi68dUSgRHujetwEA= -golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.20.0 h1:e0PTpb7pjO8GAtTs2dQ6jYa5BWYlMuX047Dco/pItO4= golang.org/x/sync v0.20.0/go.mod h1:9xrNwdLfx4jkKbNva9FpL6vEN7evnE43NNNJQ2LF3+0= -golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210616094352-59db8d763f22/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.46.0 h1:noSf2Fq6F8DBgS+LysIkx7rIExoNHJsxOAtPp4rthXw= golang.org/x/sys v0.46.0/go.mod h1:4GL1E5IUh+htKOUEOaiffhrAeqysfVGipDYzABqnCmw= golang.org/x/term v0.43.0 h1:S4RLU2sB31O/NCl+zFN9Aru9A/Cq2aqKpTZJ6B+DwT4= golang.org/x/term v0.43.0/go.mod h1:lrhlHNdQJHO+1qVYiHfFKVuVioJIheAc3fBSMFYEIsk= -golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.37.0 h1:Cqjiwd9eSg8e0QAkyCaQTNHFIIzWtidPahFWR83rTrc= golang.org/x/text v0.37.0/go.mod h1:a5sjxXGs9hsn/AJVwuElvCAo9v8QYLzvavO5z2PiM38= golang.org/x/time v0.14.0 h1:MRx4UaLrDotUKUdCIqzPC48t1Y9hANFKIRpNx+Te8PI= golang.org/x/time v0.14.0/go.mod h1:eL/Oa2bBBK0TkX57Fyni+NgnyQQN4LitPmob2Hjnqw4= -golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= -golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.44.0 h1:UP4ajHPIcuMjT1GqzDWRlalUEoY+uzoZKnhOjbIPD2c= golang.org/x/tools v0.44.0/go.mod h1:KA0AfVErSdxRZIsOVipbv3rQhVXTnlU6UhKxHd1seDI= -golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= gomodules.xyz/jsonpatch/v2 v2.4.0 h1:Ci3iUJyx9UeRx7CeFN8ARgGbkESwJK+KB9lLcWxY/Zw= gomodules.xyz/jsonpatch/v2 v2.4.0/go.mod h1:AH3dM2RI6uoBZxn3LVrfvJ3E0/9dG4cSrbuBJT4moAY= google.golang.org/protobuf v1.36.12-0.20260120151049-f2248ac996af h1:+5/Sw3GsDNlEmu7TfklWKPdQ0Ykja5VEmq2i817+jbI= diff --git a/vendor/github.com/gogo/protobuf/AUTHORS b/vendor/github.com/gogo/protobuf/AUTHORS deleted file mode 100644 index 3d97fc7a2..000000000 --- a/vendor/github.com/gogo/protobuf/AUTHORS +++ /dev/null @@ -1,15 +0,0 @@ -# This is the official list of GoGo authors for copyright purposes. -# This file is distinct from the CONTRIBUTORS file, which -# lists people. For example, employees are listed in CONTRIBUTORS, -# but not in AUTHORS, because the employer holds the copyright. - -# Names should be added to this file as one of -# Organization's name -# Individual's name -# Individual's name - -# Please keep the list sorted. - -Sendgrid, Inc -Vastech SA (PTY) LTD -Walter Schulze diff --git a/vendor/github.com/gogo/protobuf/CONTRIBUTORS b/vendor/github.com/gogo/protobuf/CONTRIBUTORS deleted file mode 100644 index 1b4f6c208..000000000 --- a/vendor/github.com/gogo/protobuf/CONTRIBUTORS +++ /dev/null @@ -1,23 +0,0 @@ -Anton Povarov -Brian Goff -Clayton Coleman -Denis Smirnov -DongYun Kang -Dwayne Schultz -Georg Apitz -Gustav Paul -Johan Brandhorst -John Shahid -John Tuley -Laurent -Patrick Lee -Peter Edge -Roger Johansson -Sam Nguyen -Sergio Arbeo -Stephen J Day -Tamir Duberstein -Todd Eisenberger -Tormod Erevik Lea -Vyacheslav Kim -Walter Schulze diff --git a/vendor/github.com/gogo/protobuf/LICENSE b/vendor/github.com/gogo/protobuf/LICENSE deleted file mode 100644 index f57de90da..000000000 --- a/vendor/github.com/gogo/protobuf/LICENSE +++ /dev/null @@ -1,35 +0,0 @@ -Copyright (c) 2013, The GoGo Authors. All rights reserved. - -Protocol Buffers for Go with Gadgets - -Go support for Protocol Buffers - Google's data interchange format - -Copyright 2010 The Go Authors. All rights reserved. -https://github.com/golang/protobuf - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are -met: - - * Redistributions of source code must retain the above copyright -notice, this list of conditions and the following disclaimer. - * Redistributions in binary form must reproduce the above -copyright notice, this list of conditions and the following disclaimer -in the documentation and/or other materials provided with the -distribution. - * Neither the name of Google Inc. nor the names of its -contributors may be used to endorse or promote products derived from -this software without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - diff --git a/vendor/github.com/gogo/protobuf/proto/Makefile b/vendor/github.com/gogo/protobuf/proto/Makefile deleted file mode 100644 index 00d65f327..000000000 --- a/vendor/github.com/gogo/protobuf/proto/Makefile +++ /dev/null @@ -1,43 +0,0 @@ -# Go support for Protocol Buffers - Google's data interchange format -# -# Copyright 2010 The Go Authors. All rights reserved. -# https://github.com/golang/protobuf -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions are -# met: -# -# * Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# * Redistributions in binary form must reproduce the above -# copyright notice, this list of conditions and the following disclaimer -# in the documentation and/or other materials provided with the -# distribution. -# * Neither the name of Google Inc. nor the names of its -# contributors may be used to endorse or promote products derived from -# this software without specific prior written permission. -# -# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -install: - go install - -test: install generate-test-pbs - go test - - -generate-test-pbs: - make install - make -C test_proto - make -C proto3_proto - make diff --git a/vendor/github.com/gogo/protobuf/proto/clone.go b/vendor/github.com/gogo/protobuf/proto/clone.go deleted file mode 100644 index a26b046d9..000000000 --- a/vendor/github.com/gogo/protobuf/proto/clone.go +++ /dev/null @@ -1,258 +0,0 @@ -// Go support for Protocol Buffers - Google's data interchange format -// -// Copyright 2011 The Go Authors. All rights reserved. -// https://github.com/golang/protobuf -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are -// met: -// -// * Redistributions of source code must retain the above copyright -// notice, this list of conditions and the following disclaimer. -// * Redistributions in binary form must reproduce the above -// copyright notice, this list of conditions and the following disclaimer -// in the documentation and/or other materials provided with the -// distribution. -// * Neither the name of Google Inc. nor the names of its -// contributors may be used to endorse or promote products derived from -// this software without specific prior written permission. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -// Protocol buffer deep copy and merge. -// TODO: RawMessage. - -package proto - -import ( - "fmt" - "log" - "reflect" - "strings" -) - -// Clone returns a deep copy of a protocol buffer. -func Clone(src Message) Message { - in := reflect.ValueOf(src) - if in.IsNil() { - return src - } - out := reflect.New(in.Type().Elem()) - dst := out.Interface().(Message) - Merge(dst, src) - return dst -} - -// Merger is the interface representing objects that can merge messages of the same type. -type Merger interface { - // Merge merges src into this message. - // Required and optional fields that are set in src will be set to that value in dst. - // Elements of repeated fields will be appended. - // - // Merge may panic if called with a different argument type than the receiver. - Merge(src Message) -} - -// generatedMerger is the custom merge method that generated protos will have. -// We must add this method since a generate Merge method will conflict with -// many existing protos that have a Merge data field already defined. -type generatedMerger interface { - XXX_Merge(src Message) -} - -// Merge merges src into dst. -// Required and optional fields that are set in src will be set to that value in dst. -// Elements of repeated fields will be appended. -// Merge panics if src and dst are not the same type, or if dst is nil. -func Merge(dst, src Message) { - if m, ok := dst.(Merger); ok { - m.Merge(src) - return - } - - in := reflect.ValueOf(src) - out := reflect.ValueOf(dst) - if out.IsNil() { - panic("proto: nil destination") - } - if in.Type() != out.Type() { - panic(fmt.Sprintf("proto.Merge(%T, %T) type mismatch", dst, src)) - } - if in.IsNil() { - return // Merge from nil src is a noop - } - if m, ok := dst.(generatedMerger); ok { - m.XXX_Merge(src) - return - } - mergeStruct(out.Elem(), in.Elem()) -} - -func mergeStruct(out, in reflect.Value) { - sprop := GetProperties(in.Type()) - for i := 0; i < in.NumField(); i++ { - f := in.Type().Field(i) - if strings.HasPrefix(f.Name, "XXX_") { - continue - } - mergeAny(out.Field(i), in.Field(i), false, sprop.Prop[i]) - } - - if emIn, ok := in.Addr().Interface().(extensionsBytes); ok { - emOut := out.Addr().Interface().(extensionsBytes) - bIn := emIn.GetExtensions() - bOut := emOut.GetExtensions() - *bOut = append(*bOut, *bIn...) - } else if emIn, err := extendable(in.Addr().Interface()); err == nil { - emOut, _ := extendable(out.Addr().Interface()) - mIn, muIn := emIn.extensionsRead() - if mIn != nil { - mOut := emOut.extensionsWrite() - muIn.Lock() - mergeExtension(mOut, mIn) - muIn.Unlock() - } - } - - uf := in.FieldByName("XXX_unrecognized") - if !uf.IsValid() { - return - } - uin := uf.Bytes() - if len(uin) > 0 { - out.FieldByName("XXX_unrecognized").SetBytes(append([]byte(nil), uin...)) - } -} - -// mergeAny performs a merge between two values of the same type. -// viaPtr indicates whether the values were indirected through a pointer (implying proto2). -// prop is set if this is a struct field (it may be nil). -func mergeAny(out, in reflect.Value, viaPtr bool, prop *Properties) { - if in.Type() == protoMessageType { - if !in.IsNil() { - if out.IsNil() { - out.Set(reflect.ValueOf(Clone(in.Interface().(Message)))) - } else { - Merge(out.Interface().(Message), in.Interface().(Message)) - } - } - return - } - switch in.Kind() { - case reflect.Bool, reflect.Float32, reflect.Float64, reflect.Int32, reflect.Int64, - reflect.String, reflect.Uint32, reflect.Uint64: - if !viaPtr && isProto3Zero(in) { - return - } - out.Set(in) - case reflect.Interface: - // Probably a oneof field; copy non-nil values. - if in.IsNil() { - return - } - // Allocate destination if it is not set, or set to a different type. - // Otherwise we will merge as normal. - if out.IsNil() || out.Elem().Type() != in.Elem().Type() { - out.Set(reflect.New(in.Elem().Elem().Type())) // interface -> *T -> T -> new(T) - } - mergeAny(out.Elem(), in.Elem(), false, nil) - case reflect.Map: - if in.Len() == 0 { - return - } - if out.IsNil() { - out.Set(reflect.MakeMap(in.Type())) - } - // For maps with value types of *T or []byte we need to deep copy each value. - elemKind := in.Type().Elem().Kind() - for _, key := range in.MapKeys() { - var val reflect.Value - switch elemKind { - case reflect.Ptr: - val = reflect.New(in.Type().Elem().Elem()) - mergeAny(val, in.MapIndex(key), false, nil) - case reflect.Slice: - val = in.MapIndex(key) - val = reflect.ValueOf(append([]byte{}, val.Bytes()...)) - default: - val = in.MapIndex(key) - } - out.SetMapIndex(key, val) - } - case reflect.Ptr: - if in.IsNil() { - return - } - if out.IsNil() { - out.Set(reflect.New(in.Elem().Type())) - } - mergeAny(out.Elem(), in.Elem(), true, nil) - case reflect.Slice: - if in.IsNil() { - return - } - if in.Type().Elem().Kind() == reflect.Uint8 { - // []byte is a scalar bytes field, not a repeated field. - - // Edge case: if this is in a proto3 message, a zero length - // bytes field is considered the zero value, and should not - // be merged. - if prop != nil && prop.proto3 && in.Len() == 0 { - return - } - - // Make a deep copy. - // Append to []byte{} instead of []byte(nil) so that we never end up - // with a nil result. - out.SetBytes(append([]byte{}, in.Bytes()...)) - return - } - n := in.Len() - if out.IsNil() { - out.Set(reflect.MakeSlice(in.Type(), 0, n)) - } - switch in.Type().Elem().Kind() { - case reflect.Bool, reflect.Float32, reflect.Float64, reflect.Int32, reflect.Int64, - reflect.String, reflect.Uint32, reflect.Uint64: - out.Set(reflect.AppendSlice(out, in)) - default: - for i := 0; i < n; i++ { - x := reflect.Indirect(reflect.New(in.Type().Elem())) - mergeAny(x, in.Index(i), false, nil) - out.Set(reflect.Append(out, x)) - } - } - case reflect.Struct: - mergeStruct(out, in) - default: - // unknown type, so not a protocol buffer - log.Printf("proto: don't know how to copy %v", in) - } -} - -func mergeExtension(out, in map[int32]Extension) { - for extNum, eIn := range in { - eOut := Extension{desc: eIn.desc} - if eIn.value != nil { - v := reflect.New(reflect.TypeOf(eIn.value)).Elem() - mergeAny(v, reflect.ValueOf(eIn.value), false, nil) - eOut.value = v.Interface() - } - if eIn.enc != nil { - eOut.enc = make([]byte, len(eIn.enc)) - copy(eOut.enc, eIn.enc) - } - - out[extNum] = eOut - } -} diff --git a/vendor/github.com/gogo/protobuf/proto/custom_gogo.go b/vendor/github.com/gogo/protobuf/proto/custom_gogo.go deleted file mode 100644 index 24552483c..000000000 --- a/vendor/github.com/gogo/protobuf/proto/custom_gogo.go +++ /dev/null @@ -1,39 +0,0 @@ -// Protocol Buffers for Go with Gadgets -// -// Copyright (c) 2018, The GoGo Authors. All rights reserved. -// http://github.com/gogo/protobuf -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are -// met: -// -// * Redistributions of source code must retain the above copyright -// notice, this list of conditions and the following disclaimer. -// * Redistributions in binary form must reproduce the above -// copyright notice, this list of conditions and the following disclaimer -// in the documentation and/or other materials provided with the -// distribution. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -package proto - -import "reflect" - -type custom interface { - Marshal() ([]byte, error) - Unmarshal(data []byte) error - Size() int -} - -var customType = reflect.TypeOf((*custom)(nil)).Elem() diff --git a/vendor/github.com/gogo/protobuf/proto/decode.go b/vendor/github.com/gogo/protobuf/proto/decode.go deleted file mode 100644 index 63b0f08be..000000000 --- a/vendor/github.com/gogo/protobuf/proto/decode.go +++ /dev/null @@ -1,427 +0,0 @@ -// Go support for Protocol Buffers - Google's data interchange format -// -// Copyright 2010 The Go Authors. All rights reserved. -// https://github.com/golang/protobuf -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are -// met: -// -// * Redistributions of source code must retain the above copyright -// notice, this list of conditions and the following disclaimer. -// * Redistributions in binary form must reproduce the above -// copyright notice, this list of conditions and the following disclaimer -// in the documentation and/or other materials provided with the -// distribution. -// * Neither the name of Google Inc. nor the names of its -// contributors may be used to endorse or promote products derived from -// this software without specific prior written permission. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -package proto - -/* - * Routines for decoding protocol buffer data to construct in-memory representations. - */ - -import ( - "errors" - "fmt" - "io" -) - -// errOverflow is returned when an integer is too large to be represented. -var errOverflow = errors.New("proto: integer overflow") - -// ErrInternalBadWireType is returned by generated code when an incorrect -// wire type is encountered. It does not get returned to user code. -var ErrInternalBadWireType = errors.New("proto: internal error: bad wiretype for oneof") - -// DecodeVarint reads a varint-encoded integer from the slice. -// It returns the integer and the number of bytes consumed, or -// zero if there is not enough. -// This is the format for the -// int32, int64, uint32, uint64, bool, and enum -// protocol buffer types. -func DecodeVarint(buf []byte) (x uint64, n int) { - for shift := uint(0); shift < 64; shift += 7 { - if n >= len(buf) { - return 0, 0 - } - b := uint64(buf[n]) - n++ - x |= (b & 0x7F) << shift - if (b & 0x80) == 0 { - return x, n - } - } - - // The number is too large to represent in a 64-bit value. - return 0, 0 -} - -func (p *Buffer) decodeVarintSlow() (x uint64, err error) { - i := p.index - l := len(p.buf) - - for shift := uint(0); shift < 64; shift += 7 { - if i >= l { - err = io.ErrUnexpectedEOF - return - } - b := p.buf[i] - i++ - x |= (uint64(b) & 0x7F) << shift - if b < 0x80 { - p.index = i - return - } - } - - // The number is too large to represent in a 64-bit value. - err = errOverflow - return -} - -// DecodeVarint reads a varint-encoded integer from the Buffer. -// This is the format for the -// int32, int64, uint32, uint64, bool, and enum -// protocol buffer types. -func (p *Buffer) DecodeVarint() (x uint64, err error) { - i := p.index - buf := p.buf - - if i >= len(buf) { - return 0, io.ErrUnexpectedEOF - } else if buf[i] < 0x80 { - p.index++ - return uint64(buf[i]), nil - } else if len(buf)-i < 10 { - return p.decodeVarintSlow() - } - - var b uint64 - // we already checked the first byte - x = uint64(buf[i]) - 0x80 - i++ - - b = uint64(buf[i]) - i++ - x += b << 7 - if b&0x80 == 0 { - goto done - } - x -= 0x80 << 7 - - b = uint64(buf[i]) - i++ - x += b << 14 - if b&0x80 == 0 { - goto done - } - x -= 0x80 << 14 - - b = uint64(buf[i]) - i++ - x += b << 21 - if b&0x80 == 0 { - goto done - } - x -= 0x80 << 21 - - b = uint64(buf[i]) - i++ - x += b << 28 - if b&0x80 == 0 { - goto done - } - x -= 0x80 << 28 - - b = uint64(buf[i]) - i++ - x += b << 35 - if b&0x80 == 0 { - goto done - } - x -= 0x80 << 35 - - b = uint64(buf[i]) - i++ - x += b << 42 - if b&0x80 == 0 { - goto done - } - x -= 0x80 << 42 - - b = uint64(buf[i]) - i++ - x += b << 49 - if b&0x80 == 0 { - goto done - } - x -= 0x80 << 49 - - b = uint64(buf[i]) - i++ - x += b << 56 - if b&0x80 == 0 { - goto done - } - x -= 0x80 << 56 - - b = uint64(buf[i]) - i++ - x += b << 63 - if b&0x80 == 0 { - goto done - } - - return 0, errOverflow - -done: - p.index = i - return x, nil -} - -// DecodeFixed64 reads a 64-bit integer from the Buffer. -// This is the format for the -// fixed64, sfixed64, and double protocol buffer types. -func (p *Buffer) DecodeFixed64() (x uint64, err error) { - // x, err already 0 - i := p.index + 8 - if i < 0 || i > len(p.buf) { - err = io.ErrUnexpectedEOF - return - } - p.index = i - - x = uint64(p.buf[i-8]) - x |= uint64(p.buf[i-7]) << 8 - x |= uint64(p.buf[i-6]) << 16 - x |= uint64(p.buf[i-5]) << 24 - x |= uint64(p.buf[i-4]) << 32 - x |= uint64(p.buf[i-3]) << 40 - x |= uint64(p.buf[i-2]) << 48 - x |= uint64(p.buf[i-1]) << 56 - return -} - -// DecodeFixed32 reads a 32-bit integer from the Buffer. -// This is the format for the -// fixed32, sfixed32, and float protocol buffer types. -func (p *Buffer) DecodeFixed32() (x uint64, err error) { - // x, err already 0 - i := p.index + 4 - if i < 0 || i > len(p.buf) { - err = io.ErrUnexpectedEOF - return - } - p.index = i - - x = uint64(p.buf[i-4]) - x |= uint64(p.buf[i-3]) << 8 - x |= uint64(p.buf[i-2]) << 16 - x |= uint64(p.buf[i-1]) << 24 - return -} - -// DecodeZigzag64 reads a zigzag-encoded 64-bit integer -// from the Buffer. -// This is the format used for the sint64 protocol buffer type. -func (p *Buffer) DecodeZigzag64() (x uint64, err error) { - x, err = p.DecodeVarint() - if err != nil { - return - } - x = (x >> 1) ^ uint64((int64(x&1)<<63)>>63) - return -} - -// DecodeZigzag32 reads a zigzag-encoded 32-bit integer -// from the Buffer. -// This is the format used for the sint32 protocol buffer type. -func (p *Buffer) DecodeZigzag32() (x uint64, err error) { - x, err = p.DecodeVarint() - if err != nil { - return - } - x = uint64((uint32(x) >> 1) ^ uint32((int32(x&1)<<31)>>31)) - return -} - -// DecodeRawBytes reads a count-delimited byte buffer from the Buffer. -// This is the format used for the bytes protocol buffer -// type and for embedded messages. -func (p *Buffer) DecodeRawBytes(alloc bool) (buf []byte, err error) { - n, err := p.DecodeVarint() - if err != nil { - return nil, err - } - - nb := int(n) - if nb < 0 { - return nil, fmt.Errorf("proto: bad byte length %d", nb) - } - end := p.index + nb - if end < p.index || end > len(p.buf) { - return nil, io.ErrUnexpectedEOF - } - - if !alloc { - // todo: check if can get more uses of alloc=false - buf = p.buf[p.index:end] - p.index += nb - return - } - - buf = make([]byte, nb) - copy(buf, p.buf[p.index:]) - p.index += nb - return -} - -// DecodeStringBytes reads an encoded string from the Buffer. -// This is the format used for the proto2 string type. -func (p *Buffer) DecodeStringBytes() (s string, err error) { - buf, err := p.DecodeRawBytes(false) - if err != nil { - return - } - return string(buf), nil -} - -// Unmarshaler is the interface representing objects that can -// unmarshal themselves. The argument points to data that may be -// overwritten, so implementations should not keep references to the -// buffer. -// Unmarshal implementations should not clear the receiver. -// Any unmarshaled data should be merged into the receiver. -// Callers of Unmarshal that do not want to retain existing data -// should Reset the receiver before calling Unmarshal. -type Unmarshaler interface { - Unmarshal([]byte) error -} - -// newUnmarshaler is the interface representing objects that can -// unmarshal themselves. The semantics are identical to Unmarshaler. -// -// This exists to support protoc-gen-go generated messages. -// The proto package will stop type-asserting to this interface in the future. -// -// DO NOT DEPEND ON THIS. -type newUnmarshaler interface { - XXX_Unmarshal([]byte) error -} - -// Unmarshal parses the protocol buffer representation in buf and places the -// decoded result in pb. If the struct underlying pb does not match -// the data in buf, the results can be unpredictable. -// -// Unmarshal resets pb before starting to unmarshal, so any -// existing data in pb is always removed. Use UnmarshalMerge -// to preserve and append to existing data. -func Unmarshal(buf []byte, pb Message) error { - pb.Reset() - if u, ok := pb.(newUnmarshaler); ok { - return u.XXX_Unmarshal(buf) - } - if u, ok := pb.(Unmarshaler); ok { - return u.Unmarshal(buf) - } - return NewBuffer(buf).Unmarshal(pb) -} - -// UnmarshalMerge parses the protocol buffer representation in buf and -// writes the decoded result to pb. If the struct underlying pb does not match -// the data in buf, the results can be unpredictable. -// -// UnmarshalMerge merges into existing data in pb. -// Most code should use Unmarshal instead. -func UnmarshalMerge(buf []byte, pb Message) error { - if u, ok := pb.(newUnmarshaler); ok { - return u.XXX_Unmarshal(buf) - } - if u, ok := pb.(Unmarshaler); ok { - // NOTE: The history of proto have unfortunately been inconsistent - // whether Unmarshaler should or should not implicitly clear itself. - // Some implementations do, most do not. - // Thus, calling this here may or may not do what people want. - // - // See https://github.com/golang/protobuf/issues/424 - return u.Unmarshal(buf) - } - return NewBuffer(buf).Unmarshal(pb) -} - -// DecodeMessage reads a count-delimited message from the Buffer. -func (p *Buffer) DecodeMessage(pb Message) error { - enc, err := p.DecodeRawBytes(false) - if err != nil { - return err - } - return NewBuffer(enc).Unmarshal(pb) -} - -// DecodeGroup reads a tag-delimited group from the Buffer. -// StartGroup tag is already consumed. This function consumes -// EndGroup tag. -func (p *Buffer) DecodeGroup(pb Message) error { - b := p.buf[p.index:] - x, y := findEndGroup(b) - if x < 0 { - return io.ErrUnexpectedEOF - } - err := Unmarshal(b[:x], pb) - p.index += y - return err -} - -// Unmarshal parses the protocol buffer representation in the -// Buffer and places the decoded result in pb. If the struct -// underlying pb does not match the data in the buffer, the results can be -// unpredictable. -// -// Unlike proto.Unmarshal, this does not reset pb before starting to unmarshal. -func (p *Buffer) Unmarshal(pb Message) error { - // If the object can unmarshal itself, let it. - if u, ok := pb.(newUnmarshaler); ok { - err := u.XXX_Unmarshal(p.buf[p.index:]) - p.index = len(p.buf) - return err - } - if u, ok := pb.(Unmarshaler); ok { - // NOTE: The history of proto have unfortunately been inconsistent - // whether Unmarshaler should or should not implicitly clear itself. - // Some implementations do, most do not. - // Thus, calling this here may or may not do what people want. - // - // See https://github.com/golang/protobuf/issues/424 - err := u.Unmarshal(p.buf[p.index:]) - p.index = len(p.buf) - return err - } - - // Slow workaround for messages that aren't Unmarshalers. - // This includes some hand-coded .pb.go files and - // bootstrap protos. - // TODO: fix all of those and then add Unmarshal to - // the Message interface. Then: - // The cast above and code below can be deleted. - // The old unmarshaler can be deleted. - // Clients can call Unmarshal directly (can already do that, actually). - var info InternalMessageInfo - err := info.Unmarshal(pb, p.buf[p.index:]) - p.index = len(p.buf) - return err -} diff --git a/vendor/github.com/gogo/protobuf/proto/deprecated.go b/vendor/github.com/gogo/protobuf/proto/deprecated.go deleted file mode 100644 index 35b882c09..000000000 --- a/vendor/github.com/gogo/protobuf/proto/deprecated.go +++ /dev/null @@ -1,63 +0,0 @@ -// Go support for Protocol Buffers - Google's data interchange format -// -// Copyright 2018 The Go Authors. All rights reserved. -// https://github.com/golang/protobuf -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are -// met: -// -// * Redistributions of source code must retain the above copyright -// notice, this list of conditions and the following disclaimer. -// * Redistributions in binary form must reproduce the above -// copyright notice, this list of conditions and the following disclaimer -// in the documentation and/or other materials provided with the -// distribution. -// * Neither the name of Google Inc. nor the names of its -// contributors may be used to endorse or promote products derived from -// this software without specific prior written permission. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -package proto - -import "errors" - -// Deprecated: do not use. -type Stats struct{ Emalloc, Dmalloc, Encode, Decode, Chit, Cmiss, Size uint64 } - -// Deprecated: do not use. -func GetStats() Stats { return Stats{} } - -// Deprecated: do not use. -func MarshalMessageSet(interface{}) ([]byte, error) { - return nil, errors.New("proto: not implemented") -} - -// Deprecated: do not use. -func UnmarshalMessageSet([]byte, interface{}) error { - return errors.New("proto: not implemented") -} - -// Deprecated: do not use. -func MarshalMessageSetJSON(interface{}) ([]byte, error) { - return nil, errors.New("proto: not implemented") -} - -// Deprecated: do not use. -func UnmarshalMessageSetJSON([]byte, interface{}) error { - return errors.New("proto: not implemented") -} - -// Deprecated: do not use. -func RegisterMessageSetType(Message, int32, string) {} diff --git a/vendor/github.com/gogo/protobuf/proto/discard.go b/vendor/github.com/gogo/protobuf/proto/discard.go deleted file mode 100644 index fe1bd7d90..000000000 --- a/vendor/github.com/gogo/protobuf/proto/discard.go +++ /dev/null @@ -1,350 +0,0 @@ -// Go support for Protocol Buffers - Google's data interchange format -// -// Copyright 2017 The Go Authors. All rights reserved. -// https://github.com/golang/protobuf -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are -// met: -// -// * Redistributions of source code must retain the above copyright -// notice, this list of conditions and the following disclaimer. -// * Redistributions in binary form must reproduce the above -// copyright notice, this list of conditions and the following disclaimer -// in the documentation and/or other materials provided with the -// distribution. -// * Neither the name of Google Inc. nor the names of its -// contributors may be used to endorse or promote products derived from -// this software without specific prior written permission. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -package proto - -import ( - "fmt" - "reflect" - "strings" - "sync" - "sync/atomic" -) - -type generatedDiscarder interface { - XXX_DiscardUnknown() -} - -// DiscardUnknown recursively discards all unknown fields from this message -// and all embedded messages. -// -// When unmarshaling a message with unrecognized fields, the tags and values -// of such fields are preserved in the Message. This allows a later call to -// marshal to be able to produce a message that continues to have those -// unrecognized fields. To avoid this, DiscardUnknown is used to -// explicitly clear the unknown fields after unmarshaling. -// -// For proto2 messages, the unknown fields of message extensions are only -// discarded from messages that have been accessed via GetExtension. -func DiscardUnknown(m Message) { - if m, ok := m.(generatedDiscarder); ok { - m.XXX_DiscardUnknown() - return - } - // TODO: Dynamically populate a InternalMessageInfo for legacy messages, - // but the master branch has no implementation for InternalMessageInfo, - // so it would be more work to replicate that approach. - discardLegacy(m) -} - -// DiscardUnknown recursively discards all unknown fields. -func (a *InternalMessageInfo) DiscardUnknown(m Message) { - di := atomicLoadDiscardInfo(&a.discard) - if di == nil { - di = getDiscardInfo(reflect.TypeOf(m).Elem()) - atomicStoreDiscardInfo(&a.discard, di) - } - di.discard(toPointer(&m)) -} - -type discardInfo struct { - typ reflect.Type - - initialized int32 // 0: only typ is valid, 1: everything is valid - lock sync.Mutex - - fields []discardFieldInfo - unrecognized field -} - -type discardFieldInfo struct { - field field // Offset of field, guaranteed to be valid - discard func(src pointer) -} - -var ( - discardInfoMap = map[reflect.Type]*discardInfo{} - discardInfoLock sync.Mutex -) - -func getDiscardInfo(t reflect.Type) *discardInfo { - discardInfoLock.Lock() - defer discardInfoLock.Unlock() - di := discardInfoMap[t] - if di == nil { - di = &discardInfo{typ: t} - discardInfoMap[t] = di - } - return di -} - -func (di *discardInfo) discard(src pointer) { - if src.isNil() { - return // Nothing to do. - } - - if atomic.LoadInt32(&di.initialized) == 0 { - di.computeDiscardInfo() - } - - for _, fi := range di.fields { - sfp := src.offset(fi.field) - fi.discard(sfp) - } - - // For proto2 messages, only discard unknown fields in message extensions - // that have been accessed via GetExtension. - if em, err := extendable(src.asPointerTo(di.typ).Interface()); err == nil { - // Ignore lock since DiscardUnknown is not concurrency safe. - emm, _ := em.extensionsRead() - for _, mx := range emm { - if m, ok := mx.value.(Message); ok { - DiscardUnknown(m) - } - } - } - - if di.unrecognized.IsValid() { - *src.offset(di.unrecognized).toBytes() = nil - } -} - -func (di *discardInfo) computeDiscardInfo() { - di.lock.Lock() - defer di.lock.Unlock() - if di.initialized != 0 { - return - } - t := di.typ - n := t.NumField() - - for i := 0; i < n; i++ { - f := t.Field(i) - if strings.HasPrefix(f.Name, "XXX_") { - continue - } - - dfi := discardFieldInfo{field: toField(&f)} - tf := f.Type - - // Unwrap tf to get its most basic type. - var isPointer, isSlice bool - if tf.Kind() == reflect.Slice && tf.Elem().Kind() != reflect.Uint8 { - isSlice = true - tf = tf.Elem() - } - if tf.Kind() == reflect.Ptr { - isPointer = true - tf = tf.Elem() - } - if isPointer && isSlice && tf.Kind() != reflect.Struct { - panic(fmt.Sprintf("%v.%s cannot be a slice of pointers to primitive types", t, f.Name)) - } - - switch tf.Kind() { - case reflect.Struct: - switch { - case !isPointer: - panic(fmt.Sprintf("%v.%s cannot be a direct struct value", t, f.Name)) - case isSlice: // E.g., []*pb.T - discardInfo := getDiscardInfo(tf) - dfi.discard = func(src pointer) { - sps := src.getPointerSlice() - for _, sp := range sps { - if !sp.isNil() { - discardInfo.discard(sp) - } - } - } - default: // E.g., *pb.T - discardInfo := getDiscardInfo(tf) - dfi.discard = func(src pointer) { - sp := src.getPointer() - if !sp.isNil() { - discardInfo.discard(sp) - } - } - } - case reflect.Map: - switch { - case isPointer || isSlice: - panic(fmt.Sprintf("%v.%s cannot be a pointer to a map or a slice of map values", t, f.Name)) - default: // E.g., map[K]V - if tf.Elem().Kind() == reflect.Ptr { // Proto struct (e.g., *T) - dfi.discard = func(src pointer) { - sm := src.asPointerTo(tf).Elem() - if sm.Len() == 0 { - return - } - for _, key := range sm.MapKeys() { - val := sm.MapIndex(key) - DiscardUnknown(val.Interface().(Message)) - } - } - } else { - dfi.discard = func(pointer) {} // Noop - } - } - case reflect.Interface: - // Must be oneof field. - switch { - case isPointer || isSlice: - panic(fmt.Sprintf("%v.%s cannot be a pointer to a interface or a slice of interface values", t, f.Name)) - default: // E.g., interface{} - // TODO: Make this faster? - dfi.discard = func(src pointer) { - su := src.asPointerTo(tf).Elem() - if !su.IsNil() { - sv := su.Elem().Elem().Field(0) - if sv.Kind() == reflect.Ptr && sv.IsNil() { - return - } - switch sv.Type().Kind() { - case reflect.Ptr: // Proto struct (e.g., *T) - DiscardUnknown(sv.Interface().(Message)) - } - } - } - } - default: - continue - } - di.fields = append(di.fields, dfi) - } - - di.unrecognized = invalidField - if f, ok := t.FieldByName("XXX_unrecognized"); ok { - if f.Type != reflect.TypeOf([]byte{}) { - panic("expected XXX_unrecognized to be of type []byte") - } - di.unrecognized = toField(&f) - } - - atomic.StoreInt32(&di.initialized, 1) -} - -func discardLegacy(m Message) { - v := reflect.ValueOf(m) - if v.Kind() != reflect.Ptr || v.IsNil() { - return - } - v = v.Elem() - if v.Kind() != reflect.Struct { - return - } - t := v.Type() - - for i := 0; i < v.NumField(); i++ { - f := t.Field(i) - if strings.HasPrefix(f.Name, "XXX_") { - continue - } - vf := v.Field(i) - tf := f.Type - - // Unwrap tf to get its most basic type. - var isPointer, isSlice bool - if tf.Kind() == reflect.Slice && tf.Elem().Kind() != reflect.Uint8 { - isSlice = true - tf = tf.Elem() - } - if tf.Kind() == reflect.Ptr { - isPointer = true - tf = tf.Elem() - } - if isPointer && isSlice && tf.Kind() != reflect.Struct { - panic(fmt.Sprintf("%T.%s cannot be a slice of pointers to primitive types", m, f.Name)) - } - - switch tf.Kind() { - case reflect.Struct: - switch { - case !isPointer: - panic(fmt.Sprintf("%T.%s cannot be a direct struct value", m, f.Name)) - case isSlice: // E.g., []*pb.T - for j := 0; j < vf.Len(); j++ { - discardLegacy(vf.Index(j).Interface().(Message)) - } - default: // E.g., *pb.T - discardLegacy(vf.Interface().(Message)) - } - case reflect.Map: - switch { - case isPointer || isSlice: - panic(fmt.Sprintf("%T.%s cannot be a pointer to a map or a slice of map values", m, f.Name)) - default: // E.g., map[K]V - tv := vf.Type().Elem() - if tv.Kind() == reflect.Ptr && tv.Implements(protoMessageType) { // Proto struct (e.g., *T) - for _, key := range vf.MapKeys() { - val := vf.MapIndex(key) - discardLegacy(val.Interface().(Message)) - } - } - } - case reflect.Interface: - // Must be oneof field. - switch { - case isPointer || isSlice: - panic(fmt.Sprintf("%T.%s cannot be a pointer to a interface or a slice of interface values", m, f.Name)) - default: // E.g., test_proto.isCommunique_Union interface - if !vf.IsNil() && f.Tag.Get("protobuf_oneof") != "" { - vf = vf.Elem() // E.g., *test_proto.Communique_Msg - if !vf.IsNil() { - vf = vf.Elem() // E.g., test_proto.Communique_Msg - vf = vf.Field(0) // E.g., Proto struct (e.g., *T) or primitive value - if vf.Kind() == reflect.Ptr { - discardLegacy(vf.Interface().(Message)) - } - } - } - } - } - } - - if vf := v.FieldByName("XXX_unrecognized"); vf.IsValid() { - if vf.Type() != reflect.TypeOf([]byte{}) { - panic("expected XXX_unrecognized to be of type []byte") - } - vf.Set(reflect.ValueOf([]byte(nil))) - } - - // For proto2 messages, only discard unknown fields in message extensions - // that have been accessed via GetExtension. - if em, err := extendable(m); err == nil { - // Ignore lock since discardLegacy is not concurrency safe. - emm, _ := em.extensionsRead() - for _, mx := range emm { - if m, ok := mx.value.(Message); ok { - discardLegacy(m) - } - } - } -} diff --git a/vendor/github.com/gogo/protobuf/proto/duration.go b/vendor/github.com/gogo/protobuf/proto/duration.go deleted file mode 100644 index 93464c91c..000000000 --- a/vendor/github.com/gogo/protobuf/proto/duration.go +++ /dev/null @@ -1,100 +0,0 @@ -// Go support for Protocol Buffers - Google's data interchange format -// -// Copyright 2016 The Go Authors. All rights reserved. -// https://github.com/golang/protobuf -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are -// met: -// -// * Redistributions of source code must retain the above copyright -// notice, this list of conditions and the following disclaimer. -// * Redistributions in binary form must reproduce the above -// copyright notice, this list of conditions and the following disclaimer -// in the documentation and/or other materials provided with the -// distribution. -// * Neither the name of Google Inc. nor the names of its -// contributors may be used to endorse or promote products derived from -// this software without specific prior written permission. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -package proto - -// This file implements conversions between google.protobuf.Duration -// and time.Duration. - -import ( - "errors" - "fmt" - "time" -) - -const ( - // Range of a Duration in seconds, as specified in - // google/protobuf/duration.proto. This is about 10,000 years in seconds. - maxSeconds = int64(10000 * 365.25 * 24 * 60 * 60) - minSeconds = -maxSeconds -) - -// validateDuration determines whether the Duration is valid according to the -// definition in google/protobuf/duration.proto. A valid Duration -// may still be too large to fit into a time.Duration (the range of Duration -// is about 10,000 years, and the range of time.Duration is about 290). -func validateDuration(d *duration) error { - if d == nil { - return errors.New("duration: nil Duration") - } - if d.Seconds < minSeconds || d.Seconds > maxSeconds { - return fmt.Errorf("duration: %#v: seconds out of range", d) - } - if d.Nanos <= -1e9 || d.Nanos >= 1e9 { - return fmt.Errorf("duration: %#v: nanos out of range", d) - } - // Seconds and Nanos must have the same sign, unless d.Nanos is zero. - if (d.Seconds < 0 && d.Nanos > 0) || (d.Seconds > 0 && d.Nanos < 0) { - return fmt.Errorf("duration: %#v: seconds and nanos have different signs", d) - } - return nil -} - -// DurationFromProto converts a Duration to a time.Duration. DurationFromProto -// returns an error if the Duration is invalid or is too large to be -// represented in a time.Duration. -func durationFromProto(p *duration) (time.Duration, error) { - if err := validateDuration(p); err != nil { - return 0, err - } - d := time.Duration(p.Seconds) * time.Second - if int64(d/time.Second) != p.Seconds { - return 0, fmt.Errorf("duration: %#v is out of range for time.Duration", p) - } - if p.Nanos != 0 { - d += time.Duration(p.Nanos) - if (d < 0) != (p.Nanos < 0) { - return 0, fmt.Errorf("duration: %#v is out of range for time.Duration", p) - } - } - return d, nil -} - -// DurationProto converts a time.Duration to a Duration. -func durationProto(d time.Duration) *duration { - nanos := d.Nanoseconds() - secs := nanos / 1e9 - nanos -= secs * 1e9 - return &duration{ - Seconds: secs, - Nanos: int32(nanos), - } -} diff --git a/vendor/github.com/gogo/protobuf/proto/duration_gogo.go b/vendor/github.com/gogo/protobuf/proto/duration_gogo.go deleted file mode 100644 index e748e1730..000000000 --- a/vendor/github.com/gogo/protobuf/proto/duration_gogo.go +++ /dev/null @@ -1,49 +0,0 @@ -// Protocol Buffers for Go with Gadgets -// -// Copyright (c) 2016, The GoGo Authors. All rights reserved. -// http://github.com/gogo/protobuf -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are -// met: -// -// * Redistributions of source code must retain the above copyright -// notice, this list of conditions and the following disclaimer. -// * Redistributions in binary form must reproduce the above -// copyright notice, this list of conditions and the following disclaimer -// in the documentation and/or other materials provided with the -// distribution. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -package proto - -import ( - "reflect" - "time" -) - -var durationType = reflect.TypeOf((*time.Duration)(nil)).Elem() - -type duration struct { - Seconds int64 `protobuf:"varint,1,opt,name=seconds,proto3" json:"seconds,omitempty"` - Nanos int32 `protobuf:"varint,2,opt,name=nanos,proto3" json:"nanos,omitempty"` -} - -func (m *duration) Reset() { *m = duration{} } -func (*duration) ProtoMessage() {} -func (*duration) String() string { return "duration" } - -func init() { - RegisterType((*duration)(nil), "gogo.protobuf.proto.duration") -} diff --git a/vendor/github.com/gogo/protobuf/proto/encode.go b/vendor/github.com/gogo/protobuf/proto/encode.go deleted file mode 100644 index 9581ccd30..000000000 --- a/vendor/github.com/gogo/protobuf/proto/encode.go +++ /dev/null @@ -1,205 +0,0 @@ -// Go support for Protocol Buffers - Google's data interchange format -// -// Copyright 2010 The Go Authors. All rights reserved. -// https://github.com/golang/protobuf -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are -// met: -// -// * Redistributions of source code must retain the above copyright -// notice, this list of conditions and the following disclaimer. -// * Redistributions in binary form must reproduce the above -// copyright notice, this list of conditions and the following disclaimer -// in the documentation and/or other materials provided with the -// distribution. -// * Neither the name of Google Inc. nor the names of its -// contributors may be used to endorse or promote products derived from -// this software without specific prior written permission. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -package proto - -/* - * Routines for encoding data into the wire format for protocol buffers. - */ - -import ( - "errors" - "reflect" -) - -var ( - // errRepeatedHasNil is the error returned if Marshal is called with - // a struct with a repeated field containing a nil element. - errRepeatedHasNil = errors.New("proto: repeated field has nil element") - - // errOneofHasNil is the error returned if Marshal is called with - // a struct with a oneof field containing a nil element. - errOneofHasNil = errors.New("proto: oneof field has nil value") - - // ErrNil is the error returned if Marshal is called with nil. - ErrNil = errors.New("proto: Marshal called with nil") - - // ErrTooLarge is the error returned if Marshal is called with a - // message that encodes to >2GB. - ErrTooLarge = errors.New("proto: message encodes to over 2 GB") -) - -// The fundamental encoders that put bytes on the wire. -// Those that take integer types all accept uint64 and are -// therefore of type valueEncoder. - -const maxVarintBytes = 10 // maximum length of a varint - -// EncodeVarint returns the varint encoding of x. -// This is the format for the -// int32, int64, uint32, uint64, bool, and enum -// protocol buffer types. -// Not used by the package itself, but helpful to clients -// wishing to use the same encoding. -func EncodeVarint(x uint64) []byte { - var buf [maxVarintBytes]byte - var n int - for n = 0; x > 127; n++ { - buf[n] = 0x80 | uint8(x&0x7F) - x >>= 7 - } - buf[n] = uint8(x) - n++ - return buf[0:n] -} - -// EncodeVarint writes a varint-encoded integer to the Buffer. -// This is the format for the -// int32, int64, uint32, uint64, bool, and enum -// protocol buffer types. -func (p *Buffer) EncodeVarint(x uint64) error { - for x >= 1<<7 { - p.buf = append(p.buf, uint8(x&0x7f|0x80)) - x >>= 7 - } - p.buf = append(p.buf, uint8(x)) - return nil -} - -// SizeVarint returns the varint encoding size of an integer. -func SizeVarint(x uint64) int { - switch { - case x < 1<<7: - return 1 - case x < 1<<14: - return 2 - case x < 1<<21: - return 3 - case x < 1<<28: - return 4 - case x < 1<<35: - return 5 - case x < 1<<42: - return 6 - case x < 1<<49: - return 7 - case x < 1<<56: - return 8 - case x < 1<<63: - return 9 - } - return 10 -} - -// EncodeFixed64 writes a 64-bit integer to the Buffer. -// This is the format for the -// fixed64, sfixed64, and double protocol buffer types. -func (p *Buffer) EncodeFixed64(x uint64) error { - p.buf = append(p.buf, - uint8(x), - uint8(x>>8), - uint8(x>>16), - uint8(x>>24), - uint8(x>>32), - uint8(x>>40), - uint8(x>>48), - uint8(x>>56)) - return nil -} - -// EncodeFixed32 writes a 32-bit integer to the Buffer. -// This is the format for the -// fixed32, sfixed32, and float protocol buffer types. -func (p *Buffer) EncodeFixed32(x uint64) error { - p.buf = append(p.buf, - uint8(x), - uint8(x>>8), - uint8(x>>16), - uint8(x>>24)) - return nil -} - -// EncodeZigzag64 writes a zigzag-encoded 64-bit integer -// to the Buffer. -// This is the format used for the sint64 protocol buffer type. -func (p *Buffer) EncodeZigzag64(x uint64) error { - // use signed number to get arithmetic right shift. - return p.EncodeVarint(uint64((x << 1) ^ uint64((int64(x) >> 63)))) -} - -// EncodeZigzag32 writes a zigzag-encoded 32-bit integer -// to the Buffer. -// This is the format used for the sint32 protocol buffer type. -func (p *Buffer) EncodeZigzag32(x uint64) error { - // use signed number to get arithmetic right shift. - return p.EncodeVarint(uint64((uint32(x) << 1) ^ uint32((int32(x) >> 31)))) -} - -// EncodeRawBytes writes a count-delimited byte buffer to the Buffer. -// This is the format used for the bytes protocol buffer -// type and for embedded messages. -func (p *Buffer) EncodeRawBytes(b []byte) error { - p.EncodeVarint(uint64(len(b))) - p.buf = append(p.buf, b...) - return nil -} - -// EncodeStringBytes writes an encoded string to the Buffer. -// This is the format used for the proto2 string type. -func (p *Buffer) EncodeStringBytes(s string) error { - p.EncodeVarint(uint64(len(s))) - p.buf = append(p.buf, s...) - return nil -} - -// Marshaler is the interface representing objects that can marshal themselves. -type Marshaler interface { - Marshal() ([]byte, error) -} - -// EncodeMessage writes the protocol buffer to the Buffer, -// prefixed by a varint-encoded length. -func (p *Buffer) EncodeMessage(pb Message) error { - siz := Size(pb) - sizVar := SizeVarint(uint64(siz)) - p.grow(siz + sizVar) - p.EncodeVarint(uint64(siz)) - return p.Marshal(pb) -} - -// All protocol buffer fields are nillable, but be careful. -func isNil(v reflect.Value) bool { - switch v.Kind() { - case reflect.Interface, reflect.Map, reflect.Ptr, reflect.Slice: - return v.IsNil() - } - return false -} diff --git a/vendor/github.com/gogo/protobuf/proto/encode_gogo.go b/vendor/github.com/gogo/protobuf/proto/encode_gogo.go deleted file mode 100644 index 0f5fb173e..000000000 --- a/vendor/github.com/gogo/protobuf/proto/encode_gogo.go +++ /dev/null @@ -1,33 +0,0 @@ -// Protocol Buffers for Go with Gadgets -// -// Copyright (c) 2013, The GoGo Authors. All rights reserved. -// http://github.com/gogo/protobuf -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are -// met: -// -// * Redistributions of source code must retain the above copyright -// notice, this list of conditions and the following disclaimer. -// * Redistributions in binary form must reproduce the above -// copyright notice, this list of conditions and the following disclaimer -// in the documentation and/or other materials provided with the -// distribution. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -package proto - -func NewRequiredNotSetError(field string) *RequiredNotSetError { - return &RequiredNotSetError{field} -} diff --git a/vendor/github.com/gogo/protobuf/proto/equal.go b/vendor/github.com/gogo/protobuf/proto/equal.go deleted file mode 100644 index d4db5a1c1..000000000 --- a/vendor/github.com/gogo/protobuf/proto/equal.go +++ /dev/null @@ -1,300 +0,0 @@ -// Go support for Protocol Buffers - Google's data interchange format -// -// Copyright 2011 The Go Authors. All rights reserved. -// https://github.com/golang/protobuf -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are -// met: -// -// * Redistributions of source code must retain the above copyright -// notice, this list of conditions and the following disclaimer. -// * Redistributions in binary form must reproduce the above -// copyright notice, this list of conditions and the following disclaimer -// in the documentation and/or other materials provided with the -// distribution. -// * Neither the name of Google Inc. nor the names of its -// contributors may be used to endorse or promote products derived from -// this software without specific prior written permission. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -// Protocol buffer comparison. - -package proto - -import ( - "bytes" - "log" - "reflect" - "strings" -) - -/* -Equal returns true iff protocol buffers a and b are equal. -The arguments must both be pointers to protocol buffer structs. - -Equality is defined in this way: - - Two messages are equal iff they are the same type, - corresponding fields are equal, unknown field sets - are equal, and extensions sets are equal. - - Two set scalar fields are equal iff their values are equal. - If the fields are of a floating-point type, remember that - NaN != x for all x, including NaN. If the message is defined - in a proto3 .proto file, fields are not "set"; specifically, - zero length proto3 "bytes" fields are equal (nil == {}). - - Two repeated fields are equal iff their lengths are the same, - and their corresponding elements are equal. Note a "bytes" field, - although represented by []byte, is not a repeated field and the - rule for the scalar fields described above applies. - - Two unset fields are equal. - - Two unknown field sets are equal if their current - encoded state is equal. - - Two extension sets are equal iff they have corresponding - elements that are pairwise equal. - - Two map fields are equal iff their lengths are the same, - and they contain the same set of elements. Zero-length map - fields are equal. - - Every other combination of things are not equal. - -The return value is undefined if a and b are not protocol buffers. -*/ -func Equal(a, b Message) bool { - if a == nil || b == nil { - return a == b - } - v1, v2 := reflect.ValueOf(a), reflect.ValueOf(b) - if v1.Type() != v2.Type() { - return false - } - if v1.Kind() == reflect.Ptr { - if v1.IsNil() { - return v2.IsNil() - } - if v2.IsNil() { - return false - } - v1, v2 = v1.Elem(), v2.Elem() - } - if v1.Kind() != reflect.Struct { - return false - } - return equalStruct(v1, v2) -} - -// v1 and v2 are known to have the same type. -func equalStruct(v1, v2 reflect.Value) bool { - sprop := GetProperties(v1.Type()) - for i := 0; i < v1.NumField(); i++ { - f := v1.Type().Field(i) - if strings.HasPrefix(f.Name, "XXX_") { - continue - } - f1, f2 := v1.Field(i), v2.Field(i) - if f.Type.Kind() == reflect.Ptr { - if n1, n2 := f1.IsNil(), f2.IsNil(); n1 && n2 { - // both unset - continue - } else if n1 != n2 { - // set/unset mismatch - return false - } - f1, f2 = f1.Elem(), f2.Elem() - } - if !equalAny(f1, f2, sprop.Prop[i]) { - return false - } - } - - if em1 := v1.FieldByName("XXX_InternalExtensions"); em1.IsValid() { - em2 := v2.FieldByName("XXX_InternalExtensions") - if !equalExtensions(v1.Type(), em1.Interface().(XXX_InternalExtensions), em2.Interface().(XXX_InternalExtensions)) { - return false - } - } - - if em1 := v1.FieldByName("XXX_extensions"); em1.IsValid() { - em2 := v2.FieldByName("XXX_extensions") - if !equalExtMap(v1.Type(), em1.Interface().(map[int32]Extension), em2.Interface().(map[int32]Extension)) { - return false - } - } - - uf := v1.FieldByName("XXX_unrecognized") - if !uf.IsValid() { - return true - } - - u1 := uf.Bytes() - u2 := v2.FieldByName("XXX_unrecognized").Bytes() - return bytes.Equal(u1, u2) -} - -// v1 and v2 are known to have the same type. -// prop may be nil. -func equalAny(v1, v2 reflect.Value, prop *Properties) bool { - if v1.Type() == protoMessageType { - m1, _ := v1.Interface().(Message) - m2, _ := v2.Interface().(Message) - return Equal(m1, m2) - } - switch v1.Kind() { - case reflect.Bool: - return v1.Bool() == v2.Bool() - case reflect.Float32, reflect.Float64: - return v1.Float() == v2.Float() - case reflect.Int32, reflect.Int64: - return v1.Int() == v2.Int() - case reflect.Interface: - // Probably a oneof field; compare the inner values. - n1, n2 := v1.IsNil(), v2.IsNil() - if n1 || n2 { - return n1 == n2 - } - e1, e2 := v1.Elem(), v2.Elem() - if e1.Type() != e2.Type() { - return false - } - return equalAny(e1, e2, nil) - case reflect.Map: - if v1.Len() != v2.Len() { - return false - } - for _, key := range v1.MapKeys() { - val2 := v2.MapIndex(key) - if !val2.IsValid() { - // This key was not found in the second map. - return false - } - if !equalAny(v1.MapIndex(key), val2, nil) { - return false - } - } - return true - case reflect.Ptr: - // Maps may have nil values in them, so check for nil. - if v1.IsNil() && v2.IsNil() { - return true - } - if v1.IsNil() != v2.IsNil() { - return false - } - return equalAny(v1.Elem(), v2.Elem(), prop) - case reflect.Slice: - if v1.Type().Elem().Kind() == reflect.Uint8 { - // short circuit: []byte - - // Edge case: if this is in a proto3 message, a zero length - // bytes field is considered the zero value. - if prop != nil && prop.proto3 && v1.Len() == 0 && v2.Len() == 0 { - return true - } - if v1.IsNil() != v2.IsNil() { - return false - } - return bytes.Equal(v1.Interface().([]byte), v2.Interface().([]byte)) - } - - if v1.Len() != v2.Len() { - return false - } - for i := 0; i < v1.Len(); i++ { - if !equalAny(v1.Index(i), v2.Index(i), prop) { - return false - } - } - return true - case reflect.String: - return v1.Interface().(string) == v2.Interface().(string) - case reflect.Struct: - return equalStruct(v1, v2) - case reflect.Uint32, reflect.Uint64: - return v1.Uint() == v2.Uint() - } - - // unknown type, so not a protocol buffer - log.Printf("proto: don't know how to compare %v", v1) - return false -} - -// base is the struct type that the extensions are based on. -// x1 and x2 are InternalExtensions. -func equalExtensions(base reflect.Type, x1, x2 XXX_InternalExtensions) bool { - em1, _ := x1.extensionsRead() - em2, _ := x2.extensionsRead() - return equalExtMap(base, em1, em2) -} - -func equalExtMap(base reflect.Type, em1, em2 map[int32]Extension) bool { - if len(em1) != len(em2) { - return false - } - - for extNum, e1 := range em1 { - e2, ok := em2[extNum] - if !ok { - return false - } - - m1, m2 := e1.value, e2.value - - if m1 == nil && m2 == nil { - // Both have only encoded form. - if bytes.Equal(e1.enc, e2.enc) { - continue - } - // The bytes are different, but the extensions might still be - // equal. We need to decode them to compare. - } - - if m1 != nil && m2 != nil { - // Both are unencoded. - if !equalAny(reflect.ValueOf(m1), reflect.ValueOf(m2), nil) { - return false - } - continue - } - - // At least one is encoded. To do a semantically correct comparison - // we need to unmarshal them first. - var desc *ExtensionDesc - if m := extensionMaps[base]; m != nil { - desc = m[extNum] - } - if desc == nil { - // If both have only encoded form and the bytes are the same, - // it is handled above. We get here when the bytes are different. - // We don't know how to decode it, so just compare them as byte - // slices. - log.Printf("proto: don't know how to compare extension %d of %v", extNum, base) - return false - } - var err error - if m1 == nil { - m1, err = decodeExtension(e1.enc, desc) - } - if m2 == nil && err == nil { - m2, err = decodeExtension(e2.enc, desc) - } - if err != nil { - // The encoded form is invalid. - log.Printf("proto: badly encoded extension %d of %v: %v", extNum, base, err) - return false - } - if !equalAny(reflect.ValueOf(m1), reflect.ValueOf(m2), nil) { - return false - } - } - - return true -} diff --git a/vendor/github.com/gogo/protobuf/proto/extensions.go b/vendor/github.com/gogo/protobuf/proto/extensions.go deleted file mode 100644 index 341c6f57f..000000000 --- a/vendor/github.com/gogo/protobuf/proto/extensions.go +++ /dev/null @@ -1,605 +0,0 @@ -// Go support for Protocol Buffers - Google's data interchange format -// -// Copyright 2010 The Go Authors. All rights reserved. -// https://github.com/golang/protobuf -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are -// met: -// -// * Redistributions of source code must retain the above copyright -// notice, this list of conditions and the following disclaimer. -// * Redistributions in binary form must reproduce the above -// copyright notice, this list of conditions and the following disclaimer -// in the documentation and/or other materials provided with the -// distribution. -// * Neither the name of Google Inc. nor the names of its -// contributors may be used to endorse or promote products derived from -// this software without specific prior written permission. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -package proto - -/* - * Types and routines for supporting protocol buffer extensions. - */ - -import ( - "errors" - "fmt" - "io" - "reflect" - "strconv" - "sync" -) - -// ErrMissingExtension is the error returned by GetExtension if the named extension is not in the message. -var ErrMissingExtension = errors.New("proto: missing extension") - -// ExtensionRange represents a range of message extensions for a protocol buffer. -// Used in code generated by the protocol compiler. -type ExtensionRange struct { - Start, End int32 // both inclusive -} - -// extendableProto is an interface implemented by any protocol buffer generated by the current -// proto compiler that may be extended. -type extendableProto interface { - Message - ExtensionRangeArray() []ExtensionRange - extensionsWrite() map[int32]Extension - extensionsRead() (map[int32]Extension, sync.Locker) -} - -// extendableProtoV1 is an interface implemented by a protocol buffer generated by the previous -// version of the proto compiler that may be extended. -type extendableProtoV1 interface { - Message - ExtensionRangeArray() []ExtensionRange - ExtensionMap() map[int32]Extension -} - -// extensionAdapter is a wrapper around extendableProtoV1 that implements extendableProto. -type extensionAdapter struct { - extendableProtoV1 -} - -func (e extensionAdapter) extensionsWrite() map[int32]Extension { - return e.ExtensionMap() -} - -func (e extensionAdapter) extensionsRead() (map[int32]Extension, sync.Locker) { - return e.ExtensionMap(), notLocker{} -} - -// notLocker is a sync.Locker whose Lock and Unlock methods are nops. -type notLocker struct{} - -func (n notLocker) Lock() {} -func (n notLocker) Unlock() {} - -// extendable returns the extendableProto interface for the given generated proto message. -// If the proto message has the old extension format, it returns a wrapper that implements -// the extendableProto interface. -func extendable(p interface{}) (extendableProto, error) { - switch p := p.(type) { - case extendableProto: - if isNilPtr(p) { - return nil, fmt.Errorf("proto: nil %T is not extendable", p) - } - return p, nil - case extendableProtoV1: - if isNilPtr(p) { - return nil, fmt.Errorf("proto: nil %T is not extendable", p) - } - return extensionAdapter{p}, nil - case extensionsBytes: - return slowExtensionAdapter{p}, nil - } - // Don't allocate a specific error containing %T: - // this is the hot path for Clone and MarshalText. - return nil, errNotExtendable -} - -var errNotExtendable = errors.New("proto: not an extendable proto.Message") - -func isNilPtr(x interface{}) bool { - v := reflect.ValueOf(x) - return v.Kind() == reflect.Ptr && v.IsNil() -} - -// XXX_InternalExtensions is an internal representation of proto extensions. -// -// Each generated message struct type embeds an anonymous XXX_InternalExtensions field, -// thus gaining the unexported 'extensions' method, which can be called only from the proto package. -// -// The methods of XXX_InternalExtensions are not concurrency safe in general, -// but calls to logically read-only methods such as has and get may be executed concurrently. -type XXX_InternalExtensions struct { - // The struct must be indirect so that if a user inadvertently copies a - // generated message and its embedded XXX_InternalExtensions, they - // avoid the mayhem of a copied mutex. - // - // The mutex serializes all logically read-only operations to p.extensionMap. - // It is up to the client to ensure that write operations to p.extensionMap are - // mutually exclusive with other accesses. - p *struct { - mu sync.Mutex - extensionMap map[int32]Extension - } -} - -// extensionsWrite returns the extension map, creating it on first use. -func (e *XXX_InternalExtensions) extensionsWrite() map[int32]Extension { - if e.p == nil { - e.p = new(struct { - mu sync.Mutex - extensionMap map[int32]Extension - }) - e.p.extensionMap = make(map[int32]Extension) - } - return e.p.extensionMap -} - -// extensionsRead returns the extensions map for read-only use. It may be nil. -// The caller must hold the returned mutex's lock when accessing Elements within the map. -func (e *XXX_InternalExtensions) extensionsRead() (map[int32]Extension, sync.Locker) { - if e.p == nil { - return nil, nil - } - return e.p.extensionMap, &e.p.mu -} - -// ExtensionDesc represents an extension specification. -// Used in generated code from the protocol compiler. -type ExtensionDesc struct { - ExtendedType Message // nil pointer to the type that is being extended - ExtensionType interface{} // nil pointer to the extension type - Field int32 // field number - Name string // fully-qualified name of extension, for text formatting - Tag string // protobuf tag style - Filename string // name of the file in which the extension is defined -} - -func (ed *ExtensionDesc) repeated() bool { - t := reflect.TypeOf(ed.ExtensionType) - return t.Kind() == reflect.Slice && t.Elem().Kind() != reflect.Uint8 -} - -// Extension represents an extension in a message. -type Extension struct { - // When an extension is stored in a message using SetExtension - // only desc and value are set. When the message is marshaled - // enc will be set to the encoded form of the message. - // - // When a message is unmarshaled and contains extensions, each - // extension will have only enc set. When such an extension is - // accessed using GetExtension (or GetExtensions) desc and value - // will be set. - desc *ExtensionDesc - value interface{} - enc []byte -} - -// SetRawExtension is for testing only. -func SetRawExtension(base Message, id int32, b []byte) { - if ebase, ok := base.(extensionsBytes); ok { - clearExtension(base, id) - ext := ebase.GetExtensions() - *ext = append(*ext, b...) - return - } - epb, err := extendable(base) - if err != nil { - return - } - extmap := epb.extensionsWrite() - extmap[id] = Extension{enc: b} -} - -// isExtensionField returns true iff the given field number is in an extension range. -func isExtensionField(pb extendableProto, field int32) bool { - for _, er := range pb.ExtensionRangeArray() { - if er.Start <= field && field <= er.End { - return true - } - } - return false -} - -// checkExtensionTypes checks that the given extension is valid for pb. -func checkExtensionTypes(pb extendableProto, extension *ExtensionDesc) error { - var pbi interface{} = pb - // Check the extended type. - if ea, ok := pbi.(extensionAdapter); ok { - pbi = ea.extendableProtoV1 - } - if ea, ok := pbi.(slowExtensionAdapter); ok { - pbi = ea.extensionsBytes - } - if a, b := reflect.TypeOf(pbi), reflect.TypeOf(extension.ExtendedType); a != b { - return fmt.Errorf("proto: bad extended type; %v does not extend %v", b, a) - } - // Check the range. - if !isExtensionField(pb, extension.Field) { - return errors.New("proto: bad extension number; not in declared ranges") - } - return nil -} - -// extPropKey is sufficient to uniquely identify an extension. -type extPropKey struct { - base reflect.Type - field int32 -} - -var extProp = struct { - sync.RWMutex - m map[extPropKey]*Properties -}{ - m: make(map[extPropKey]*Properties), -} - -func extensionProperties(ed *ExtensionDesc) *Properties { - key := extPropKey{base: reflect.TypeOf(ed.ExtendedType), field: ed.Field} - - extProp.RLock() - if prop, ok := extProp.m[key]; ok { - extProp.RUnlock() - return prop - } - extProp.RUnlock() - - extProp.Lock() - defer extProp.Unlock() - // Check again. - if prop, ok := extProp.m[key]; ok { - return prop - } - - prop := new(Properties) - prop.Init(reflect.TypeOf(ed.ExtensionType), "unknown_name", ed.Tag, nil) - extProp.m[key] = prop - return prop -} - -// HasExtension returns whether the given extension is present in pb. -func HasExtension(pb Message, extension *ExtensionDesc) bool { - if epb, doki := pb.(extensionsBytes); doki { - ext := epb.GetExtensions() - buf := *ext - o := 0 - for o < len(buf) { - tag, n := DecodeVarint(buf[o:]) - fieldNum := int32(tag >> 3) - if int32(fieldNum) == extension.Field { - return true - } - wireType := int(tag & 0x7) - o += n - l, err := size(buf[o:], wireType) - if err != nil { - return false - } - o += l - } - return false - } - // TODO: Check types, field numbers, etc.? - epb, err := extendable(pb) - if err != nil { - return false - } - extmap, mu := epb.extensionsRead() - if extmap == nil { - return false - } - mu.Lock() - _, ok := extmap[extension.Field] - mu.Unlock() - return ok -} - -// ClearExtension removes the given extension from pb. -func ClearExtension(pb Message, extension *ExtensionDesc) { - clearExtension(pb, extension.Field) -} - -func clearExtension(pb Message, fieldNum int32) { - if epb, ok := pb.(extensionsBytes); ok { - offset := 0 - for offset != -1 { - offset = deleteExtension(epb, fieldNum, offset) - } - return - } - epb, err := extendable(pb) - if err != nil { - return - } - // TODO: Check types, field numbers, etc.? - extmap := epb.extensionsWrite() - delete(extmap, fieldNum) -} - -// GetExtension retrieves a proto2 extended field from pb. -// -// If the descriptor is type complete (i.e., ExtensionDesc.ExtensionType is non-nil), -// then GetExtension parses the encoded field and returns a Go value of the specified type. -// If the field is not present, then the default value is returned (if one is specified), -// otherwise ErrMissingExtension is reported. -// -// If the descriptor is not type complete (i.e., ExtensionDesc.ExtensionType is nil), -// then GetExtension returns the raw encoded bytes of the field extension. -func GetExtension(pb Message, extension *ExtensionDesc) (interface{}, error) { - if epb, doki := pb.(extensionsBytes); doki { - ext := epb.GetExtensions() - return decodeExtensionFromBytes(extension, *ext) - } - - epb, err := extendable(pb) - if err != nil { - return nil, err - } - - if extension.ExtendedType != nil { - // can only check type if this is a complete descriptor - if cerr := checkExtensionTypes(epb, extension); cerr != nil { - return nil, cerr - } - } - - emap, mu := epb.extensionsRead() - if emap == nil { - return defaultExtensionValue(extension) - } - mu.Lock() - defer mu.Unlock() - e, ok := emap[extension.Field] - if !ok { - // defaultExtensionValue returns the default value or - // ErrMissingExtension if there is no default. - return defaultExtensionValue(extension) - } - - if e.value != nil { - // Already decoded. Check the descriptor, though. - if e.desc != extension { - // This shouldn't happen. If it does, it means that - // GetExtension was called twice with two different - // descriptors with the same field number. - return nil, errors.New("proto: descriptor conflict") - } - return e.value, nil - } - - if extension.ExtensionType == nil { - // incomplete descriptor - return e.enc, nil - } - - v, err := decodeExtension(e.enc, extension) - if err != nil { - return nil, err - } - - // Remember the decoded version and drop the encoded version. - // That way it is safe to mutate what we return. - e.value = v - e.desc = extension - e.enc = nil - emap[extension.Field] = e - return e.value, nil -} - -// defaultExtensionValue returns the default value for extension. -// If no default for an extension is defined ErrMissingExtension is returned. -func defaultExtensionValue(extension *ExtensionDesc) (interface{}, error) { - if extension.ExtensionType == nil { - // incomplete descriptor, so no default - return nil, ErrMissingExtension - } - - t := reflect.TypeOf(extension.ExtensionType) - props := extensionProperties(extension) - - sf, _, err := fieldDefault(t, props) - if err != nil { - return nil, err - } - - if sf == nil || sf.value == nil { - // There is no default value. - return nil, ErrMissingExtension - } - - if t.Kind() != reflect.Ptr { - // We do not need to return a Ptr, we can directly return sf.value. - return sf.value, nil - } - - // We need to return an interface{} that is a pointer to sf.value. - value := reflect.New(t).Elem() - value.Set(reflect.New(value.Type().Elem())) - if sf.kind == reflect.Int32 { - // We may have an int32 or an enum, but the underlying data is int32. - // Since we can't set an int32 into a non int32 reflect.value directly - // set it as a int32. - value.Elem().SetInt(int64(sf.value.(int32))) - } else { - value.Elem().Set(reflect.ValueOf(sf.value)) - } - return value.Interface(), nil -} - -// decodeExtension decodes an extension encoded in b. -func decodeExtension(b []byte, extension *ExtensionDesc) (interface{}, error) { - t := reflect.TypeOf(extension.ExtensionType) - unmarshal := typeUnmarshaler(t, extension.Tag) - - // t is a pointer to a struct, pointer to basic type or a slice. - // Allocate space to store the pointer/slice. - value := reflect.New(t).Elem() - - var err error - for { - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - wire := int(x) & 7 - - b, err = unmarshal(b, valToPointer(value.Addr()), wire) - if err != nil { - return nil, err - } - - if len(b) == 0 { - break - } - } - return value.Interface(), nil -} - -// GetExtensions returns a slice of the extensions present in pb that are also listed in es. -// The returned slice has the same length as es; missing extensions will appear as nil elements. -func GetExtensions(pb Message, es []*ExtensionDesc) (extensions []interface{}, err error) { - epb, err := extendable(pb) - if err != nil { - return nil, err - } - extensions = make([]interface{}, len(es)) - for i, e := range es { - extensions[i], err = GetExtension(epb, e) - if err == ErrMissingExtension { - err = nil - } - if err != nil { - return - } - } - return -} - -// ExtensionDescs returns a new slice containing pb's extension descriptors, in undefined order. -// For non-registered extensions, ExtensionDescs returns an incomplete descriptor containing -// just the Field field, which defines the extension's field number. -func ExtensionDescs(pb Message) ([]*ExtensionDesc, error) { - epb, err := extendable(pb) - if err != nil { - return nil, err - } - registeredExtensions := RegisteredExtensions(pb) - - emap, mu := epb.extensionsRead() - if emap == nil { - return nil, nil - } - mu.Lock() - defer mu.Unlock() - extensions := make([]*ExtensionDesc, 0, len(emap)) - for extid, e := range emap { - desc := e.desc - if desc == nil { - desc = registeredExtensions[extid] - if desc == nil { - desc = &ExtensionDesc{Field: extid} - } - } - - extensions = append(extensions, desc) - } - return extensions, nil -} - -// SetExtension sets the specified extension of pb to the specified value. -func SetExtension(pb Message, extension *ExtensionDesc, value interface{}) error { - if epb, ok := pb.(extensionsBytes); ok { - ClearExtension(pb, extension) - newb, err := encodeExtension(extension, value) - if err != nil { - return err - } - bb := epb.GetExtensions() - *bb = append(*bb, newb...) - return nil - } - epb, err := extendable(pb) - if err != nil { - return err - } - if err := checkExtensionTypes(epb, extension); err != nil { - return err - } - typ := reflect.TypeOf(extension.ExtensionType) - if typ != reflect.TypeOf(value) { - return fmt.Errorf("proto: bad extension value type. got: %T, want: %T", value, extension.ExtensionType) - } - // nil extension values need to be caught early, because the - // encoder can't distinguish an ErrNil due to a nil extension - // from an ErrNil due to a missing field. Extensions are - // always optional, so the encoder would just swallow the error - // and drop all the extensions from the encoded message. - if reflect.ValueOf(value).IsNil() { - return fmt.Errorf("proto: SetExtension called with nil value of type %T", value) - } - - extmap := epb.extensionsWrite() - extmap[extension.Field] = Extension{desc: extension, value: value} - return nil -} - -// ClearAllExtensions clears all extensions from pb. -func ClearAllExtensions(pb Message) { - if epb, doki := pb.(extensionsBytes); doki { - ext := epb.GetExtensions() - *ext = []byte{} - return - } - epb, err := extendable(pb) - if err != nil { - return - } - m := epb.extensionsWrite() - for k := range m { - delete(m, k) - } -} - -// A global registry of extensions. -// The generated code will register the generated descriptors by calling RegisterExtension. - -var extensionMaps = make(map[reflect.Type]map[int32]*ExtensionDesc) - -// RegisterExtension is called from the generated code. -func RegisterExtension(desc *ExtensionDesc) { - st := reflect.TypeOf(desc.ExtendedType).Elem() - m := extensionMaps[st] - if m == nil { - m = make(map[int32]*ExtensionDesc) - extensionMaps[st] = m - } - if _, ok := m[desc.Field]; ok { - panic("proto: duplicate extension registered: " + st.String() + " " + strconv.Itoa(int(desc.Field))) - } - m[desc.Field] = desc -} - -// RegisteredExtensions returns a map of the registered extensions of a -// protocol buffer struct, indexed by the extension number. -// The argument pb should be a nil pointer to the struct type. -func RegisteredExtensions(pb Message) map[int32]*ExtensionDesc { - return extensionMaps[reflect.TypeOf(pb).Elem()] -} diff --git a/vendor/github.com/gogo/protobuf/proto/extensions_gogo.go b/vendor/github.com/gogo/protobuf/proto/extensions_gogo.go deleted file mode 100644 index 6f1ae120e..000000000 --- a/vendor/github.com/gogo/protobuf/proto/extensions_gogo.go +++ /dev/null @@ -1,389 +0,0 @@ -// Protocol Buffers for Go with Gadgets -// -// Copyright (c) 2013, The GoGo Authors. All rights reserved. -// http://github.com/gogo/protobuf -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are -// met: -// -// * Redistributions of source code must retain the above copyright -// notice, this list of conditions and the following disclaimer. -// * Redistributions in binary form must reproduce the above -// copyright notice, this list of conditions and the following disclaimer -// in the documentation and/or other materials provided with the -// distribution. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -package proto - -import ( - "bytes" - "errors" - "fmt" - "io" - "reflect" - "sort" - "strings" - "sync" -) - -type extensionsBytes interface { - Message - ExtensionRangeArray() []ExtensionRange - GetExtensions() *[]byte -} - -type slowExtensionAdapter struct { - extensionsBytes -} - -func (s slowExtensionAdapter) extensionsWrite() map[int32]Extension { - panic("Please report a bug to github.com/gogo/protobuf if you see this message: Writing extensions is not supported for extensions stored in a byte slice field.") -} - -func (s slowExtensionAdapter) extensionsRead() (map[int32]Extension, sync.Locker) { - b := s.GetExtensions() - m, err := BytesToExtensionsMap(*b) - if err != nil { - panic(err) - } - return m, notLocker{} -} - -func GetBoolExtension(pb Message, extension *ExtensionDesc, ifnotset bool) bool { - if reflect.ValueOf(pb).IsNil() { - return ifnotset - } - value, err := GetExtension(pb, extension) - if err != nil { - return ifnotset - } - if value == nil { - return ifnotset - } - if value.(*bool) == nil { - return ifnotset - } - return *(value.(*bool)) -} - -func (this *Extension) Equal(that *Extension) bool { - if err := this.Encode(); err != nil { - return false - } - if err := that.Encode(); err != nil { - return false - } - return bytes.Equal(this.enc, that.enc) -} - -func (this *Extension) Compare(that *Extension) int { - if err := this.Encode(); err != nil { - return 1 - } - if err := that.Encode(); err != nil { - return -1 - } - return bytes.Compare(this.enc, that.enc) -} - -func SizeOfInternalExtension(m extendableProto) (n int) { - info := getMarshalInfo(reflect.TypeOf(m)) - return info.sizeV1Extensions(m.extensionsWrite()) -} - -type sortableMapElem struct { - field int32 - ext Extension -} - -func newSortableExtensionsFromMap(m map[int32]Extension) sortableExtensions { - s := make(sortableExtensions, 0, len(m)) - for k, v := range m { - s = append(s, &sortableMapElem{field: k, ext: v}) - } - return s -} - -type sortableExtensions []*sortableMapElem - -func (this sortableExtensions) Len() int { return len(this) } - -func (this sortableExtensions) Swap(i, j int) { this[i], this[j] = this[j], this[i] } - -func (this sortableExtensions) Less(i, j int) bool { return this[i].field < this[j].field } - -func (this sortableExtensions) String() string { - sort.Sort(this) - ss := make([]string, len(this)) - for i := range this { - ss[i] = fmt.Sprintf("%d: %v", this[i].field, this[i].ext) - } - return "map[" + strings.Join(ss, ",") + "]" -} - -func StringFromInternalExtension(m extendableProto) string { - return StringFromExtensionsMap(m.extensionsWrite()) -} - -func StringFromExtensionsMap(m map[int32]Extension) string { - return newSortableExtensionsFromMap(m).String() -} - -func StringFromExtensionsBytes(ext []byte) string { - m, err := BytesToExtensionsMap(ext) - if err != nil { - panic(err) - } - return StringFromExtensionsMap(m) -} - -func EncodeInternalExtension(m extendableProto, data []byte) (n int, err error) { - return EncodeExtensionMap(m.extensionsWrite(), data) -} - -func EncodeInternalExtensionBackwards(m extendableProto, data []byte) (n int, err error) { - return EncodeExtensionMapBackwards(m.extensionsWrite(), data) -} - -func EncodeExtensionMap(m map[int32]Extension, data []byte) (n int, err error) { - o := 0 - for _, e := range m { - if err := e.Encode(); err != nil { - return 0, err - } - n := copy(data[o:], e.enc) - if n != len(e.enc) { - return 0, io.ErrShortBuffer - } - o += n - } - return o, nil -} - -func EncodeExtensionMapBackwards(m map[int32]Extension, data []byte) (n int, err error) { - o := 0 - end := len(data) - for _, e := range m { - if err := e.Encode(); err != nil { - return 0, err - } - n := copy(data[end-len(e.enc):], e.enc) - if n != len(e.enc) { - return 0, io.ErrShortBuffer - } - end -= n - o += n - } - return o, nil -} - -func GetRawExtension(m map[int32]Extension, id int32) ([]byte, error) { - e := m[id] - if err := e.Encode(); err != nil { - return nil, err - } - return e.enc, nil -} - -func size(buf []byte, wire int) (int, error) { - switch wire { - case WireVarint: - _, n := DecodeVarint(buf) - return n, nil - case WireFixed64: - return 8, nil - case WireBytes: - v, n := DecodeVarint(buf) - return int(v) + n, nil - case WireFixed32: - return 4, nil - case WireStartGroup: - offset := 0 - for { - u, n := DecodeVarint(buf[offset:]) - fwire := int(u & 0x7) - offset += n - if fwire == WireEndGroup { - return offset, nil - } - s, err := size(buf[offset:], wire) - if err != nil { - return 0, err - } - offset += s - } - } - return 0, fmt.Errorf("proto: can't get size for unknown wire type %d", wire) -} - -func BytesToExtensionsMap(buf []byte) (map[int32]Extension, error) { - m := make(map[int32]Extension) - i := 0 - for i < len(buf) { - tag, n := DecodeVarint(buf[i:]) - if n <= 0 { - return nil, fmt.Errorf("unable to decode varint") - } - fieldNum := int32(tag >> 3) - wireType := int(tag & 0x7) - l, err := size(buf[i+n:], wireType) - if err != nil { - return nil, err - } - end := i + int(l) + n - m[int32(fieldNum)] = Extension{enc: buf[i:end]} - i = end - } - return m, nil -} - -func NewExtension(e []byte) Extension { - ee := Extension{enc: make([]byte, len(e))} - copy(ee.enc, e) - return ee -} - -func AppendExtension(e Message, tag int32, buf []byte) { - if ee, eok := e.(extensionsBytes); eok { - ext := ee.GetExtensions() - *ext = append(*ext, buf...) - return - } - if ee, eok := e.(extendableProto); eok { - m := ee.extensionsWrite() - ext := m[int32(tag)] // may be missing - ext.enc = append(ext.enc, buf...) - m[int32(tag)] = ext - } -} - -func encodeExtension(extension *ExtensionDesc, value interface{}) ([]byte, error) { - u := getMarshalInfo(reflect.TypeOf(extension.ExtendedType)) - ei := u.getExtElemInfo(extension) - v := value - p := toAddrPointer(&v, ei.isptr) - siz := ei.sizer(p, SizeVarint(ei.wiretag)) - buf := make([]byte, 0, siz) - return ei.marshaler(buf, p, ei.wiretag, false) -} - -func decodeExtensionFromBytes(extension *ExtensionDesc, buf []byte) (interface{}, error) { - o := 0 - for o < len(buf) { - tag, n := DecodeVarint((buf)[o:]) - fieldNum := int32(tag >> 3) - wireType := int(tag & 0x7) - if o+n > len(buf) { - return nil, fmt.Errorf("unable to decode extension") - } - l, err := size((buf)[o+n:], wireType) - if err != nil { - return nil, err - } - if int32(fieldNum) == extension.Field { - if o+n+l > len(buf) { - return nil, fmt.Errorf("unable to decode extension") - } - v, err := decodeExtension((buf)[o:o+n+l], extension) - if err != nil { - return nil, err - } - return v, nil - } - o += n + l - } - return defaultExtensionValue(extension) -} - -func (this *Extension) Encode() error { - if this.enc == nil { - var err error - this.enc, err = encodeExtension(this.desc, this.value) - if err != nil { - return err - } - } - return nil -} - -func (this Extension) GoString() string { - if err := this.Encode(); err != nil { - return fmt.Sprintf("error encoding extension: %v", err) - } - return fmt.Sprintf("proto.NewExtension(%#v)", this.enc) -} - -func SetUnsafeExtension(pb Message, fieldNum int32, value interface{}) error { - typ := reflect.TypeOf(pb).Elem() - ext, ok := extensionMaps[typ] - if !ok { - return fmt.Errorf("proto: bad extended type; %s is not extendable", typ.String()) - } - desc, ok := ext[fieldNum] - if !ok { - return errors.New("proto: bad extension number; not in declared ranges") - } - return SetExtension(pb, desc, value) -} - -func GetUnsafeExtension(pb Message, fieldNum int32) (interface{}, error) { - typ := reflect.TypeOf(pb).Elem() - ext, ok := extensionMaps[typ] - if !ok { - return nil, fmt.Errorf("proto: bad extended type; %s is not extendable", typ.String()) - } - desc, ok := ext[fieldNum] - if !ok { - return nil, fmt.Errorf("unregistered field number %d", fieldNum) - } - return GetExtension(pb, desc) -} - -func NewUnsafeXXX_InternalExtensions(m map[int32]Extension) XXX_InternalExtensions { - x := &XXX_InternalExtensions{ - p: new(struct { - mu sync.Mutex - extensionMap map[int32]Extension - }), - } - x.p.extensionMap = m - return *x -} - -func GetUnsafeExtensionsMap(extendable Message) map[int32]Extension { - pb := extendable.(extendableProto) - return pb.extensionsWrite() -} - -func deleteExtension(pb extensionsBytes, theFieldNum int32, offset int) int { - ext := pb.GetExtensions() - for offset < len(*ext) { - tag, n1 := DecodeVarint((*ext)[offset:]) - fieldNum := int32(tag >> 3) - wireType := int(tag & 0x7) - n2, err := size((*ext)[offset+n1:], wireType) - if err != nil { - panic(err) - } - newOffset := offset + n1 + n2 - if fieldNum == theFieldNum { - *ext = append((*ext)[:offset], (*ext)[newOffset:]...) - return offset - } - offset = newOffset - } - return -1 -} diff --git a/vendor/github.com/gogo/protobuf/proto/lib.go b/vendor/github.com/gogo/protobuf/proto/lib.go deleted file mode 100644 index 80db1c155..000000000 --- a/vendor/github.com/gogo/protobuf/proto/lib.go +++ /dev/null @@ -1,973 +0,0 @@ -// Go support for Protocol Buffers - Google's data interchange format -// -// Copyright 2010 The Go Authors. All rights reserved. -// https://github.com/golang/protobuf -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are -// met: -// -// * Redistributions of source code must retain the above copyright -// notice, this list of conditions and the following disclaimer. -// * Redistributions in binary form must reproduce the above -// copyright notice, this list of conditions and the following disclaimer -// in the documentation and/or other materials provided with the -// distribution. -// * Neither the name of Google Inc. nor the names of its -// contributors may be used to endorse or promote products derived from -// this software without specific prior written permission. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -/* -Package proto converts data structures to and from the wire format of -protocol buffers. It works in concert with the Go source code generated -for .proto files by the protocol compiler. - -A summary of the properties of the protocol buffer interface -for a protocol buffer variable v: - - - Names are turned from camel_case to CamelCase for export. - - There are no methods on v to set fields; just treat - them as structure fields. - - There are getters that return a field's value if set, - and return the field's default value if unset. - The getters work even if the receiver is a nil message. - - The zero value for a struct is its correct initialization state. - All desired fields must be set before marshaling. - - A Reset() method will restore a protobuf struct to its zero state. - - Non-repeated fields are pointers to the values; nil means unset. - That is, optional or required field int32 f becomes F *int32. - - Repeated fields are slices. - - Helper functions are available to aid the setting of fields. - msg.Foo = proto.String("hello") // set field - - Constants are defined to hold the default values of all fields that - have them. They have the form Default_StructName_FieldName. - Because the getter methods handle defaulted values, - direct use of these constants should be rare. - - Enums are given type names and maps from names to values. - Enum values are prefixed by the enclosing message's name, or by the - enum's type name if it is a top-level enum. Enum types have a String - method, and a Enum method to assist in message construction. - - Nested messages, groups and enums have type names prefixed with the name of - the surrounding message type. - - Extensions are given descriptor names that start with E_, - followed by an underscore-delimited list of the nested messages - that contain it (if any) followed by the CamelCased name of the - extension field itself. HasExtension, ClearExtension, GetExtension - and SetExtension are functions for manipulating extensions. - - Oneof field sets are given a single field in their message, - with distinguished wrapper types for each possible field value. - - Marshal and Unmarshal are functions to encode and decode the wire format. - -When the .proto file specifies `syntax="proto3"`, there are some differences: - - - Non-repeated fields of non-message type are values instead of pointers. - - Enum types do not get an Enum method. - -The simplest way to describe this is to see an example. -Given file test.proto, containing - - package example; - - enum FOO { X = 17; } - - message Test { - required string label = 1; - optional int32 type = 2 [default=77]; - repeated int64 reps = 3; - optional group OptionalGroup = 4 { - required string RequiredField = 5; - } - oneof union { - int32 number = 6; - string name = 7; - } - } - -The resulting file, test.pb.go, is: - - package example - - import proto "github.com/gogo/protobuf/proto" - import math "math" - - type FOO int32 - const ( - FOO_X FOO = 17 - ) - var FOO_name = map[int32]string{ - 17: "X", - } - var FOO_value = map[string]int32{ - "X": 17, - } - - func (x FOO) Enum() *FOO { - p := new(FOO) - *p = x - return p - } - func (x FOO) String() string { - return proto.EnumName(FOO_name, int32(x)) - } - func (x *FOO) UnmarshalJSON(data []byte) error { - value, err := proto.UnmarshalJSONEnum(FOO_value, data) - if err != nil { - return err - } - *x = FOO(value) - return nil - } - - type Test struct { - Label *string `protobuf:"bytes,1,req,name=label" json:"label,omitempty"` - Type *int32 `protobuf:"varint,2,opt,name=type,def=77" json:"type,omitempty"` - Reps []int64 `protobuf:"varint,3,rep,name=reps" json:"reps,omitempty"` - Optionalgroup *Test_OptionalGroup `protobuf:"group,4,opt,name=OptionalGroup" json:"optionalgroup,omitempty"` - // Types that are valid to be assigned to Union: - // *Test_Number - // *Test_Name - Union isTest_Union `protobuf_oneof:"union"` - XXX_unrecognized []byte `json:"-"` - } - func (m *Test) Reset() { *m = Test{} } - func (m *Test) String() string { return proto.CompactTextString(m) } - func (*Test) ProtoMessage() {} - - type isTest_Union interface { - isTest_Union() - } - - type Test_Number struct { - Number int32 `protobuf:"varint,6,opt,name=number"` - } - type Test_Name struct { - Name string `protobuf:"bytes,7,opt,name=name"` - } - - func (*Test_Number) isTest_Union() {} - func (*Test_Name) isTest_Union() {} - - func (m *Test) GetUnion() isTest_Union { - if m != nil { - return m.Union - } - return nil - } - const Default_Test_Type int32 = 77 - - func (m *Test) GetLabel() string { - if m != nil && m.Label != nil { - return *m.Label - } - return "" - } - - func (m *Test) GetType() int32 { - if m != nil && m.Type != nil { - return *m.Type - } - return Default_Test_Type - } - - func (m *Test) GetOptionalgroup() *Test_OptionalGroup { - if m != nil { - return m.Optionalgroup - } - return nil - } - - type Test_OptionalGroup struct { - RequiredField *string `protobuf:"bytes,5,req" json:"RequiredField,omitempty"` - } - func (m *Test_OptionalGroup) Reset() { *m = Test_OptionalGroup{} } - func (m *Test_OptionalGroup) String() string { return proto.CompactTextString(m) } - - func (m *Test_OptionalGroup) GetRequiredField() string { - if m != nil && m.RequiredField != nil { - return *m.RequiredField - } - return "" - } - - func (m *Test) GetNumber() int32 { - if x, ok := m.GetUnion().(*Test_Number); ok { - return x.Number - } - return 0 - } - - func (m *Test) GetName() string { - if x, ok := m.GetUnion().(*Test_Name); ok { - return x.Name - } - return "" - } - - func init() { - proto.RegisterEnum("example.FOO", FOO_name, FOO_value) - } - -To create and play with a Test object: - - package main - - import ( - "log" - - "github.com/gogo/protobuf/proto" - pb "./example.pb" - ) - - func main() { - test := &pb.Test{ - Label: proto.String("hello"), - Type: proto.Int32(17), - Reps: []int64{1, 2, 3}, - Optionalgroup: &pb.Test_OptionalGroup{ - RequiredField: proto.String("good bye"), - }, - Union: &pb.Test_Name{"fred"}, - } - data, err := proto.Marshal(test) - if err != nil { - log.Fatal("marshaling error: ", err) - } - newTest := &pb.Test{} - err = proto.Unmarshal(data, newTest) - if err != nil { - log.Fatal("unmarshaling error: ", err) - } - // Now test and newTest contain the same data. - if test.GetLabel() != newTest.GetLabel() { - log.Fatalf("data mismatch %q != %q", test.GetLabel(), newTest.GetLabel()) - } - // Use a type switch to determine which oneof was set. - switch u := test.Union.(type) { - case *pb.Test_Number: // u.Number contains the number. - case *pb.Test_Name: // u.Name contains the string. - } - // etc. - } -*/ -package proto - -import ( - "encoding/json" - "fmt" - "log" - "reflect" - "sort" - "strconv" - "sync" -) - -// RequiredNotSetError is an error type returned by either Marshal or Unmarshal. -// Marshal reports this when a required field is not initialized. -// Unmarshal reports this when a required field is missing from the wire data. -type RequiredNotSetError struct{ field string } - -func (e *RequiredNotSetError) Error() string { - if e.field == "" { - return fmt.Sprintf("proto: required field not set") - } - return fmt.Sprintf("proto: required field %q not set", e.field) -} -func (e *RequiredNotSetError) RequiredNotSet() bool { - return true -} - -type invalidUTF8Error struct{ field string } - -func (e *invalidUTF8Error) Error() string { - if e.field == "" { - return "proto: invalid UTF-8 detected" - } - return fmt.Sprintf("proto: field %q contains invalid UTF-8", e.field) -} -func (e *invalidUTF8Error) InvalidUTF8() bool { - return true -} - -// errInvalidUTF8 is a sentinel error to identify fields with invalid UTF-8. -// This error should not be exposed to the external API as such errors should -// be recreated with the field information. -var errInvalidUTF8 = &invalidUTF8Error{} - -// isNonFatal reports whether the error is either a RequiredNotSet error -// or a InvalidUTF8 error. -func isNonFatal(err error) bool { - if re, ok := err.(interface{ RequiredNotSet() bool }); ok && re.RequiredNotSet() { - return true - } - if re, ok := err.(interface{ InvalidUTF8() bool }); ok && re.InvalidUTF8() { - return true - } - return false -} - -type nonFatal struct{ E error } - -// Merge merges err into nf and reports whether it was successful. -// Otherwise it returns false for any fatal non-nil errors. -func (nf *nonFatal) Merge(err error) (ok bool) { - if err == nil { - return true // not an error - } - if !isNonFatal(err) { - return false // fatal error - } - if nf.E == nil { - nf.E = err // store first instance of non-fatal error - } - return true -} - -// Message is implemented by generated protocol buffer messages. -type Message interface { - Reset() - String() string - ProtoMessage() -} - -// A Buffer is a buffer manager for marshaling and unmarshaling -// protocol buffers. It may be reused between invocations to -// reduce memory usage. It is not necessary to use a Buffer; -// the global functions Marshal and Unmarshal create a -// temporary Buffer and are fine for most applications. -type Buffer struct { - buf []byte // encode/decode byte stream - index int // read point - - deterministic bool -} - -// NewBuffer allocates a new Buffer and initializes its internal data to -// the contents of the argument slice. -func NewBuffer(e []byte) *Buffer { - return &Buffer{buf: e} -} - -// Reset resets the Buffer, ready for marshaling a new protocol buffer. -func (p *Buffer) Reset() { - p.buf = p.buf[0:0] // for reading/writing - p.index = 0 // for reading -} - -// SetBuf replaces the internal buffer with the slice, -// ready for unmarshaling the contents of the slice. -func (p *Buffer) SetBuf(s []byte) { - p.buf = s - p.index = 0 -} - -// Bytes returns the contents of the Buffer. -func (p *Buffer) Bytes() []byte { return p.buf } - -// SetDeterministic sets whether to use deterministic serialization. -// -// Deterministic serialization guarantees that for a given binary, equal -// messages will always be serialized to the same bytes. This implies: -// -// - Repeated serialization of a message will return the same bytes. -// - Different processes of the same binary (which may be executing on -// different machines) will serialize equal messages to the same bytes. -// -// Note that the deterministic serialization is NOT canonical across -// languages. It is not guaranteed to remain stable over time. It is unstable -// across different builds with schema changes due to unknown fields. -// Users who need canonical serialization (e.g., persistent storage in a -// canonical form, fingerprinting, etc.) should define their own -// canonicalization specification and implement their own serializer rather -// than relying on this API. -// -// If deterministic serialization is requested, map entries will be sorted -// by keys in lexographical order. This is an implementation detail and -// subject to change. -func (p *Buffer) SetDeterministic(deterministic bool) { - p.deterministic = deterministic -} - -/* - * Helper routines for simplifying the creation of optional fields of basic type. - */ - -// Bool is a helper routine that allocates a new bool value -// to store v and returns a pointer to it. -func Bool(v bool) *bool { - return &v -} - -// Int32 is a helper routine that allocates a new int32 value -// to store v and returns a pointer to it. -func Int32(v int32) *int32 { - return &v -} - -// Int is a helper routine that allocates a new int32 value -// to store v and returns a pointer to it, but unlike Int32 -// its argument value is an int. -func Int(v int) *int32 { - p := new(int32) - *p = int32(v) - return p -} - -// Int64 is a helper routine that allocates a new int64 value -// to store v and returns a pointer to it. -func Int64(v int64) *int64 { - return &v -} - -// Float32 is a helper routine that allocates a new float32 value -// to store v and returns a pointer to it. -func Float32(v float32) *float32 { - return &v -} - -// Float64 is a helper routine that allocates a new float64 value -// to store v and returns a pointer to it. -func Float64(v float64) *float64 { - return &v -} - -// Uint32 is a helper routine that allocates a new uint32 value -// to store v and returns a pointer to it. -func Uint32(v uint32) *uint32 { - return &v -} - -// Uint64 is a helper routine that allocates a new uint64 value -// to store v and returns a pointer to it. -func Uint64(v uint64) *uint64 { - return &v -} - -// String is a helper routine that allocates a new string value -// to store v and returns a pointer to it. -func String(v string) *string { - return &v -} - -// EnumName is a helper function to simplify printing protocol buffer enums -// by name. Given an enum map and a value, it returns a useful string. -func EnumName(m map[int32]string, v int32) string { - s, ok := m[v] - if ok { - return s - } - return strconv.Itoa(int(v)) -} - -// UnmarshalJSONEnum is a helper function to simplify recovering enum int values -// from their JSON-encoded representation. Given a map from the enum's symbolic -// names to its int values, and a byte buffer containing the JSON-encoded -// value, it returns an int32 that can be cast to the enum type by the caller. -// -// The function can deal with both JSON representations, numeric and symbolic. -func UnmarshalJSONEnum(m map[string]int32, data []byte, enumName string) (int32, error) { - if data[0] == '"' { - // New style: enums are strings. - var repr string - if err := json.Unmarshal(data, &repr); err != nil { - return -1, err - } - val, ok := m[repr] - if !ok { - return 0, fmt.Errorf("unrecognized enum %s value %q", enumName, repr) - } - return val, nil - } - // Old style: enums are ints. - var val int32 - if err := json.Unmarshal(data, &val); err != nil { - return 0, fmt.Errorf("cannot unmarshal %#q into enum %s", data, enumName) - } - return val, nil -} - -// DebugPrint dumps the encoded data in b in a debugging format with a header -// including the string s. Used in testing but made available for general debugging. -func (p *Buffer) DebugPrint(s string, b []byte) { - var u uint64 - - obuf := p.buf - sindex := p.index - p.buf = b - p.index = 0 - depth := 0 - - fmt.Printf("\n--- %s ---\n", s) - -out: - for { - for i := 0; i < depth; i++ { - fmt.Print(" ") - } - - index := p.index - if index == len(p.buf) { - break - } - - op, err := p.DecodeVarint() - if err != nil { - fmt.Printf("%3d: fetching op err %v\n", index, err) - break out - } - tag := op >> 3 - wire := op & 7 - - switch wire { - default: - fmt.Printf("%3d: t=%3d unknown wire=%d\n", - index, tag, wire) - break out - - case WireBytes: - var r []byte - - r, err = p.DecodeRawBytes(false) - if err != nil { - break out - } - fmt.Printf("%3d: t=%3d bytes [%d]", index, tag, len(r)) - if len(r) <= 6 { - for i := 0; i < len(r); i++ { - fmt.Printf(" %.2x", r[i]) - } - } else { - for i := 0; i < 3; i++ { - fmt.Printf(" %.2x", r[i]) - } - fmt.Printf(" ..") - for i := len(r) - 3; i < len(r); i++ { - fmt.Printf(" %.2x", r[i]) - } - } - fmt.Printf("\n") - - case WireFixed32: - u, err = p.DecodeFixed32() - if err != nil { - fmt.Printf("%3d: t=%3d fix32 err %v\n", index, tag, err) - break out - } - fmt.Printf("%3d: t=%3d fix32 %d\n", index, tag, u) - - case WireFixed64: - u, err = p.DecodeFixed64() - if err != nil { - fmt.Printf("%3d: t=%3d fix64 err %v\n", index, tag, err) - break out - } - fmt.Printf("%3d: t=%3d fix64 %d\n", index, tag, u) - - case WireVarint: - u, err = p.DecodeVarint() - if err != nil { - fmt.Printf("%3d: t=%3d varint err %v\n", index, tag, err) - break out - } - fmt.Printf("%3d: t=%3d varint %d\n", index, tag, u) - - case WireStartGroup: - fmt.Printf("%3d: t=%3d start\n", index, tag) - depth++ - - case WireEndGroup: - depth-- - fmt.Printf("%3d: t=%3d end\n", index, tag) - } - } - - if depth != 0 { - fmt.Printf("%3d: start-end not balanced %d\n", p.index, depth) - } - fmt.Printf("\n") - - p.buf = obuf - p.index = sindex -} - -// SetDefaults sets unset protocol buffer fields to their default values. -// It only modifies fields that are both unset and have defined defaults. -// It recursively sets default values in any non-nil sub-messages. -func SetDefaults(pb Message) { - setDefaults(reflect.ValueOf(pb), true, false) -} - -// v is a struct. -func setDefaults(v reflect.Value, recur, zeros bool) { - if v.Kind() == reflect.Ptr { - v = v.Elem() - } - - defaultMu.RLock() - dm, ok := defaults[v.Type()] - defaultMu.RUnlock() - if !ok { - dm = buildDefaultMessage(v.Type()) - defaultMu.Lock() - defaults[v.Type()] = dm - defaultMu.Unlock() - } - - for _, sf := range dm.scalars { - f := v.Field(sf.index) - if !f.IsNil() { - // field already set - continue - } - dv := sf.value - if dv == nil && !zeros { - // no explicit default, and don't want to set zeros - continue - } - fptr := f.Addr().Interface() // **T - // TODO: Consider batching the allocations we do here. - switch sf.kind { - case reflect.Bool: - b := new(bool) - if dv != nil { - *b = dv.(bool) - } - *(fptr.(**bool)) = b - case reflect.Float32: - f := new(float32) - if dv != nil { - *f = dv.(float32) - } - *(fptr.(**float32)) = f - case reflect.Float64: - f := new(float64) - if dv != nil { - *f = dv.(float64) - } - *(fptr.(**float64)) = f - case reflect.Int32: - // might be an enum - if ft := f.Type(); ft != int32PtrType { - // enum - f.Set(reflect.New(ft.Elem())) - if dv != nil { - f.Elem().SetInt(int64(dv.(int32))) - } - } else { - // int32 field - i := new(int32) - if dv != nil { - *i = dv.(int32) - } - *(fptr.(**int32)) = i - } - case reflect.Int64: - i := new(int64) - if dv != nil { - *i = dv.(int64) - } - *(fptr.(**int64)) = i - case reflect.String: - s := new(string) - if dv != nil { - *s = dv.(string) - } - *(fptr.(**string)) = s - case reflect.Uint8: - // exceptional case: []byte - var b []byte - if dv != nil { - db := dv.([]byte) - b = make([]byte, len(db)) - copy(b, db) - } else { - b = []byte{} - } - *(fptr.(*[]byte)) = b - case reflect.Uint32: - u := new(uint32) - if dv != nil { - *u = dv.(uint32) - } - *(fptr.(**uint32)) = u - case reflect.Uint64: - u := new(uint64) - if dv != nil { - *u = dv.(uint64) - } - *(fptr.(**uint64)) = u - default: - log.Printf("proto: can't set default for field %v (sf.kind=%v)", f, sf.kind) - } - } - - for _, ni := range dm.nested { - f := v.Field(ni) - // f is *T or T or []*T or []T - switch f.Kind() { - case reflect.Struct: - setDefaults(f, recur, zeros) - - case reflect.Ptr: - if f.IsNil() { - continue - } - setDefaults(f, recur, zeros) - - case reflect.Slice: - for i := 0; i < f.Len(); i++ { - e := f.Index(i) - if e.Kind() == reflect.Ptr && e.IsNil() { - continue - } - setDefaults(e, recur, zeros) - } - - case reflect.Map: - for _, k := range f.MapKeys() { - e := f.MapIndex(k) - if e.IsNil() { - continue - } - setDefaults(e, recur, zeros) - } - } - } -} - -var ( - // defaults maps a protocol buffer struct type to a slice of the fields, - // with its scalar fields set to their proto-declared non-zero default values. - defaultMu sync.RWMutex - defaults = make(map[reflect.Type]defaultMessage) - - int32PtrType = reflect.TypeOf((*int32)(nil)) -) - -// defaultMessage represents information about the default values of a message. -type defaultMessage struct { - scalars []scalarField - nested []int // struct field index of nested messages -} - -type scalarField struct { - index int // struct field index - kind reflect.Kind // element type (the T in *T or []T) - value interface{} // the proto-declared default value, or nil -} - -// t is a struct type. -func buildDefaultMessage(t reflect.Type) (dm defaultMessage) { - sprop := GetProperties(t) - for _, prop := range sprop.Prop { - fi, ok := sprop.decoderTags.get(prop.Tag) - if !ok { - // XXX_unrecognized - continue - } - ft := t.Field(fi).Type - - sf, nested, err := fieldDefault(ft, prop) - switch { - case err != nil: - log.Print(err) - case nested: - dm.nested = append(dm.nested, fi) - case sf != nil: - sf.index = fi - dm.scalars = append(dm.scalars, *sf) - } - } - - return dm -} - -// fieldDefault returns the scalarField for field type ft. -// sf will be nil if the field can not have a default. -// nestedMessage will be true if this is a nested message. -// Note that sf.index is not set on return. -func fieldDefault(ft reflect.Type, prop *Properties) (sf *scalarField, nestedMessage bool, err error) { - var canHaveDefault bool - switch ft.Kind() { - case reflect.Struct: - nestedMessage = true // non-nullable - - case reflect.Ptr: - if ft.Elem().Kind() == reflect.Struct { - nestedMessage = true - } else { - canHaveDefault = true // proto2 scalar field - } - - case reflect.Slice: - switch ft.Elem().Kind() { - case reflect.Ptr, reflect.Struct: - nestedMessage = true // repeated message - case reflect.Uint8: - canHaveDefault = true // bytes field - } - - case reflect.Map: - if ft.Elem().Kind() == reflect.Ptr { - nestedMessage = true // map with message values - } - } - - if !canHaveDefault { - if nestedMessage { - return nil, true, nil - } - return nil, false, nil - } - - // We now know that ft is a pointer or slice. - sf = &scalarField{kind: ft.Elem().Kind()} - - // scalar fields without defaults - if !prop.HasDefault { - return sf, false, nil - } - - // a scalar field: either *T or []byte - switch ft.Elem().Kind() { - case reflect.Bool: - x, err := strconv.ParseBool(prop.Default) - if err != nil { - return nil, false, fmt.Errorf("proto: bad default bool %q: %v", prop.Default, err) - } - sf.value = x - case reflect.Float32: - x, err := strconv.ParseFloat(prop.Default, 32) - if err != nil { - return nil, false, fmt.Errorf("proto: bad default float32 %q: %v", prop.Default, err) - } - sf.value = float32(x) - case reflect.Float64: - x, err := strconv.ParseFloat(prop.Default, 64) - if err != nil { - return nil, false, fmt.Errorf("proto: bad default float64 %q: %v", prop.Default, err) - } - sf.value = x - case reflect.Int32: - x, err := strconv.ParseInt(prop.Default, 10, 32) - if err != nil { - return nil, false, fmt.Errorf("proto: bad default int32 %q: %v", prop.Default, err) - } - sf.value = int32(x) - case reflect.Int64: - x, err := strconv.ParseInt(prop.Default, 10, 64) - if err != nil { - return nil, false, fmt.Errorf("proto: bad default int64 %q: %v", prop.Default, err) - } - sf.value = x - case reflect.String: - sf.value = prop.Default - case reflect.Uint8: - // []byte (not *uint8) - sf.value = []byte(prop.Default) - case reflect.Uint32: - x, err := strconv.ParseUint(prop.Default, 10, 32) - if err != nil { - return nil, false, fmt.Errorf("proto: bad default uint32 %q: %v", prop.Default, err) - } - sf.value = uint32(x) - case reflect.Uint64: - x, err := strconv.ParseUint(prop.Default, 10, 64) - if err != nil { - return nil, false, fmt.Errorf("proto: bad default uint64 %q: %v", prop.Default, err) - } - sf.value = x - default: - return nil, false, fmt.Errorf("proto: unhandled def kind %v", ft.Elem().Kind()) - } - - return sf, false, nil -} - -// mapKeys returns a sort.Interface to be used for sorting the map keys. -// Map fields may have key types of non-float scalars, strings and enums. -func mapKeys(vs []reflect.Value) sort.Interface { - s := mapKeySorter{vs: vs} - - // Type specialization per https://developers.google.com/protocol-buffers/docs/proto#maps. - if len(vs) == 0 { - return s - } - switch vs[0].Kind() { - case reflect.Int32, reflect.Int64: - s.less = func(a, b reflect.Value) bool { return a.Int() < b.Int() } - case reflect.Uint32, reflect.Uint64: - s.less = func(a, b reflect.Value) bool { return a.Uint() < b.Uint() } - case reflect.Bool: - s.less = func(a, b reflect.Value) bool { return !a.Bool() && b.Bool() } // false < true - case reflect.String: - s.less = func(a, b reflect.Value) bool { return a.String() < b.String() } - default: - panic(fmt.Sprintf("unsupported map key type: %v", vs[0].Kind())) - } - - return s -} - -type mapKeySorter struct { - vs []reflect.Value - less func(a, b reflect.Value) bool -} - -func (s mapKeySorter) Len() int { return len(s.vs) } -func (s mapKeySorter) Swap(i, j int) { s.vs[i], s.vs[j] = s.vs[j], s.vs[i] } -func (s mapKeySorter) Less(i, j int) bool { - return s.less(s.vs[i], s.vs[j]) -} - -// isProto3Zero reports whether v is a zero proto3 value. -func isProto3Zero(v reflect.Value) bool { - switch v.Kind() { - case reflect.Bool: - return !v.Bool() - case reflect.Int32, reflect.Int64: - return v.Int() == 0 - case reflect.Uint32, reflect.Uint64: - return v.Uint() == 0 - case reflect.Float32, reflect.Float64: - return v.Float() == 0 - case reflect.String: - return v.String() == "" - } - return false -} - -const ( - // ProtoPackageIsVersion3 is referenced from generated protocol buffer files - // to assert that that code is compatible with this version of the proto package. - GoGoProtoPackageIsVersion3 = true - - // ProtoPackageIsVersion2 is referenced from generated protocol buffer files - // to assert that that code is compatible with this version of the proto package. - GoGoProtoPackageIsVersion2 = true - - // ProtoPackageIsVersion1 is referenced from generated protocol buffer files - // to assert that that code is compatible with this version of the proto package. - GoGoProtoPackageIsVersion1 = true -) - -// InternalMessageInfo is a type used internally by generated .pb.go files. -// This type is not intended to be used by non-generated code. -// This type is not subject to any compatibility guarantee. -type InternalMessageInfo struct { - marshal *marshalInfo - unmarshal *unmarshalInfo - merge *mergeInfo - discard *discardInfo -} diff --git a/vendor/github.com/gogo/protobuf/proto/lib_gogo.go b/vendor/github.com/gogo/protobuf/proto/lib_gogo.go deleted file mode 100644 index b3aa39190..000000000 --- a/vendor/github.com/gogo/protobuf/proto/lib_gogo.go +++ /dev/null @@ -1,50 +0,0 @@ -// Protocol Buffers for Go with Gadgets -// -// Copyright (c) 2013, The GoGo Authors. All rights reserved. -// http://github.com/gogo/protobuf -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are -// met: -// -// * Redistributions of source code must retain the above copyright -// notice, this list of conditions and the following disclaimer. -// * Redistributions in binary form must reproduce the above -// copyright notice, this list of conditions and the following disclaimer -// in the documentation and/or other materials provided with the -// distribution. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -package proto - -import ( - "encoding/json" - "strconv" -) - -type Sizer interface { - Size() int -} - -type ProtoSizer interface { - ProtoSize() int -} - -func MarshalJSONEnum(m map[int32]string, value int32) ([]byte, error) { - s, ok := m[value] - if !ok { - s = strconv.Itoa(int(value)) - } - return json.Marshal(s) -} diff --git a/vendor/github.com/gogo/protobuf/proto/message_set.go b/vendor/github.com/gogo/protobuf/proto/message_set.go deleted file mode 100644 index f48a75676..000000000 --- a/vendor/github.com/gogo/protobuf/proto/message_set.go +++ /dev/null @@ -1,181 +0,0 @@ -// Go support for Protocol Buffers - Google's data interchange format -// -// Copyright 2010 The Go Authors. All rights reserved. -// https://github.com/golang/protobuf -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are -// met: -// -// * Redistributions of source code must retain the above copyright -// notice, this list of conditions and the following disclaimer. -// * Redistributions in binary form must reproduce the above -// copyright notice, this list of conditions and the following disclaimer -// in the documentation and/or other materials provided with the -// distribution. -// * Neither the name of Google Inc. nor the names of its -// contributors may be used to endorse or promote products derived from -// this software without specific prior written permission. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -package proto - -/* - * Support for message sets. - */ - -import ( - "errors" -) - -// errNoMessageTypeID occurs when a protocol buffer does not have a message type ID. -// A message type ID is required for storing a protocol buffer in a message set. -var errNoMessageTypeID = errors.New("proto does not have a message type ID") - -// The first two types (_MessageSet_Item and messageSet) -// model what the protocol compiler produces for the following protocol message: -// message MessageSet { -// repeated group Item = 1 { -// required int32 type_id = 2; -// required string message = 3; -// }; -// } -// That is the MessageSet wire format. We can't use a proto to generate these -// because that would introduce a circular dependency between it and this package. - -type _MessageSet_Item struct { - TypeId *int32 `protobuf:"varint,2,req,name=type_id"` - Message []byte `protobuf:"bytes,3,req,name=message"` -} - -type messageSet struct { - Item []*_MessageSet_Item `protobuf:"group,1,rep"` - XXX_unrecognized []byte - // TODO: caching? -} - -// Make sure messageSet is a Message. -var _ Message = (*messageSet)(nil) - -// messageTypeIder is an interface satisfied by a protocol buffer type -// that may be stored in a MessageSet. -type messageTypeIder interface { - MessageTypeId() int32 -} - -func (ms *messageSet) find(pb Message) *_MessageSet_Item { - mti, ok := pb.(messageTypeIder) - if !ok { - return nil - } - id := mti.MessageTypeId() - for _, item := range ms.Item { - if *item.TypeId == id { - return item - } - } - return nil -} - -func (ms *messageSet) Has(pb Message) bool { - return ms.find(pb) != nil -} - -func (ms *messageSet) Unmarshal(pb Message) error { - if item := ms.find(pb); item != nil { - return Unmarshal(item.Message, pb) - } - if _, ok := pb.(messageTypeIder); !ok { - return errNoMessageTypeID - } - return nil // TODO: return error instead? -} - -func (ms *messageSet) Marshal(pb Message) error { - msg, err := Marshal(pb) - if err != nil { - return err - } - if item := ms.find(pb); item != nil { - // reuse existing item - item.Message = msg - return nil - } - - mti, ok := pb.(messageTypeIder) - if !ok { - return errNoMessageTypeID - } - - mtid := mti.MessageTypeId() - ms.Item = append(ms.Item, &_MessageSet_Item{ - TypeId: &mtid, - Message: msg, - }) - return nil -} - -func (ms *messageSet) Reset() { *ms = messageSet{} } -func (ms *messageSet) String() string { return CompactTextString(ms) } -func (*messageSet) ProtoMessage() {} - -// Support for the message_set_wire_format message option. - -func skipVarint(buf []byte) []byte { - i := 0 - for ; buf[i]&0x80 != 0; i++ { - } - return buf[i+1:] -} - -// unmarshalMessageSet decodes the extension map encoded in buf in the message set wire format. -// It is called by Unmarshal methods on protocol buffer messages with the message_set_wire_format option. -func unmarshalMessageSet(buf []byte, exts interface{}) error { - var m map[int32]Extension - switch exts := exts.(type) { - case *XXX_InternalExtensions: - m = exts.extensionsWrite() - case map[int32]Extension: - m = exts - default: - return errors.New("proto: not an extension map") - } - - ms := new(messageSet) - if err := Unmarshal(buf, ms); err != nil { - return err - } - for _, item := range ms.Item { - id := *item.TypeId - msg := item.Message - - // Restore wire type and field number varint, plus length varint. - // Be careful to preserve duplicate items. - b := EncodeVarint(uint64(id)<<3 | WireBytes) - if ext, ok := m[id]; ok { - // Existing data; rip off the tag and length varint - // so we join the new data correctly. - // We can assume that ext.enc is set because we are unmarshaling. - o := ext.enc[len(b):] // skip wire type and field number - _, n := DecodeVarint(o) // calculate length of length varint - o = o[n:] // skip length varint - msg = append(o, msg...) // join old data and new data - } - b = append(b, EncodeVarint(uint64(len(msg)))...) - b = append(b, msg...) - - m[id] = Extension{enc: b} - } - return nil -} diff --git a/vendor/github.com/gogo/protobuf/proto/pointer_reflect.go b/vendor/github.com/gogo/protobuf/proto/pointer_reflect.go deleted file mode 100644 index b6cad9083..000000000 --- a/vendor/github.com/gogo/protobuf/proto/pointer_reflect.go +++ /dev/null @@ -1,357 +0,0 @@ -// Go support for Protocol Buffers - Google's data interchange format -// -// Copyright 2012 The Go Authors. All rights reserved. -// https://github.com/golang/protobuf -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are -// met: -// -// * Redistributions of source code must retain the above copyright -// notice, this list of conditions and the following disclaimer. -// * Redistributions in binary form must reproduce the above -// copyright notice, this list of conditions and the following disclaimer -// in the documentation and/or other materials provided with the -// distribution. -// * Neither the name of Google Inc. nor the names of its -// contributors may be used to endorse or promote products derived from -// this software without specific prior written permission. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -// +build purego appengine js - -// This file contains an implementation of proto field accesses using package reflect. -// It is slower than the code in pointer_unsafe.go but it avoids package unsafe and can -// be used on App Engine. - -package proto - -import ( - "reflect" - "sync" -) - -const unsafeAllowed = false - -// A field identifies a field in a struct, accessible from a pointer. -// In this implementation, a field is identified by the sequence of field indices -// passed to reflect's FieldByIndex. -type field []int - -// toField returns a field equivalent to the given reflect field. -func toField(f *reflect.StructField) field { - return f.Index -} - -// invalidField is an invalid field identifier. -var invalidField = field(nil) - -// zeroField is a noop when calling pointer.offset. -var zeroField = field([]int{}) - -// IsValid reports whether the field identifier is valid. -func (f field) IsValid() bool { return f != nil } - -// The pointer type is for the table-driven decoder. -// The implementation here uses a reflect.Value of pointer type to -// create a generic pointer. In pointer_unsafe.go we use unsafe -// instead of reflect to implement the same (but faster) interface. -type pointer struct { - v reflect.Value -} - -// toPointer converts an interface of pointer type to a pointer -// that points to the same target. -func toPointer(i *Message) pointer { - return pointer{v: reflect.ValueOf(*i)} -} - -// toAddrPointer converts an interface to a pointer that points to -// the interface data. -func toAddrPointer(i *interface{}, isptr bool) pointer { - v := reflect.ValueOf(*i) - u := reflect.New(v.Type()) - u.Elem().Set(v) - return pointer{v: u} -} - -// valToPointer converts v to a pointer. v must be of pointer type. -func valToPointer(v reflect.Value) pointer { - return pointer{v: v} -} - -// offset converts from a pointer to a structure to a pointer to -// one of its fields. -func (p pointer) offset(f field) pointer { - return pointer{v: p.v.Elem().FieldByIndex(f).Addr()} -} - -func (p pointer) isNil() bool { - return p.v.IsNil() -} - -// grow updates the slice s in place to make it one element longer. -// s must be addressable. -// Returns the (addressable) new element. -func grow(s reflect.Value) reflect.Value { - n, m := s.Len(), s.Cap() - if n < m { - s.SetLen(n + 1) - } else { - s.Set(reflect.Append(s, reflect.Zero(s.Type().Elem()))) - } - return s.Index(n) -} - -func (p pointer) toInt64() *int64 { - return p.v.Interface().(*int64) -} -func (p pointer) toInt64Ptr() **int64 { - return p.v.Interface().(**int64) -} -func (p pointer) toInt64Slice() *[]int64 { - return p.v.Interface().(*[]int64) -} - -var int32ptr = reflect.TypeOf((*int32)(nil)) - -func (p pointer) toInt32() *int32 { - return p.v.Convert(int32ptr).Interface().(*int32) -} - -// The toInt32Ptr/Slice methods don't work because of enums. -// Instead, we must use set/get methods for the int32ptr/slice case. -/* - func (p pointer) toInt32Ptr() **int32 { - return p.v.Interface().(**int32) -} - func (p pointer) toInt32Slice() *[]int32 { - return p.v.Interface().(*[]int32) -} -*/ -func (p pointer) getInt32Ptr() *int32 { - if p.v.Type().Elem().Elem() == reflect.TypeOf(int32(0)) { - // raw int32 type - return p.v.Elem().Interface().(*int32) - } - // an enum - return p.v.Elem().Convert(int32PtrType).Interface().(*int32) -} -func (p pointer) setInt32Ptr(v int32) { - // Allocate value in a *int32. Possibly convert that to a *enum. - // Then assign it to a **int32 or **enum. - // Note: we can convert *int32 to *enum, but we can't convert - // **int32 to **enum! - p.v.Elem().Set(reflect.ValueOf(&v).Convert(p.v.Type().Elem())) -} - -// getInt32Slice copies []int32 from p as a new slice. -// This behavior differs from the implementation in pointer_unsafe.go. -func (p pointer) getInt32Slice() []int32 { - if p.v.Type().Elem().Elem() == reflect.TypeOf(int32(0)) { - // raw int32 type - return p.v.Elem().Interface().([]int32) - } - // an enum - // Allocate a []int32, then assign []enum's values into it. - // Note: we can't convert []enum to []int32. - slice := p.v.Elem() - s := make([]int32, slice.Len()) - for i := 0; i < slice.Len(); i++ { - s[i] = int32(slice.Index(i).Int()) - } - return s -} - -// setInt32Slice copies []int32 into p as a new slice. -// This behavior differs from the implementation in pointer_unsafe.go. -func (p pointer) setInt32Slice(v []int32) { - if p.v.Type().Elem().Elem() == reflect.TypeOf(int32(0)) { - // raw int32 type - p.v.Elem().Set(reflect.ValueOf(v)) - return - } - // an enum - // Allocate a []enum, then assign []int32's values into it. - // Note: we can't convert []enum to []int32. - slice := reflect.MakeSlice(p.v.Type().Elem(), len(v), cap(v)) - for i, x := range v { - slice.Index(i).SetInt(int64(x)) - } - p.v.Elem().Set(slice) -} -func (p pointer) appendInt32Slice(v int32) { - grow(p.v.Elem()).SetInt(int64(v)) -} - -func (p pointer) toUint64() *uint64 { - return p.v.Interface().(*uint64) -} -func (p pointer) toUint64Ptr() **uint64 { - return p.v.Interface().(**uint64) -} -func (p pointer) toUint64Slice() *[]uint64 { - return p.v.Interface().(*[]uint64) -} -func (p pointer) toUint32() *uint32 { - return p.v.Interface().(*uint32) -} -func (p pointer) toUint32Ptr() **uint32 { - return p.v.Interface().(**uint32) -} -func (p pointer) toUint32Slice() *[]uint32 { - return p.v.Interface().(*[]uint32) -} -func (p pointer) toBool() *bool { - return p.v.Interface().(*bool) -} -func (p pointer) toBoolPtr() **bool { - return p.v.Interface().(**bool) -} -func (p pointer) toBoolSlice() *[]bool { - return p.v.Interface().(*[]bool) -} -func (p pointer) toFloat64() *float64 { - return p.v.Interface().(*float64) -} -func (p pointer) toFloat64Ptr() **float64 { - return p.v.Interface().(**float64) -} -func (p pointer) toFloat64Slice() *[]float64 { - return p.v.Interface().(*[]float64) -} -func (p pointer) toFloat32() *float32 { - return p.v.Interface().(*float32) -} -func (p pointer) toFloat32Ptr() **float32 { - return p.v.Interface().(**float32) -} -func (p pointer) toFloat32Slice() *[]float32 { - return p.v.Interface().(*[]float32) -} -func (p pointer) toString() *string { - return p.v.Interface().(*string) -} -func (p pointer) toStringPtr() **string { - return p.v.Interface().(**string) -} -func (p pointer) toStringSlice() *[]string { - return p.v.Interface().(*[]string) -} -func (p pointer) toBytes() *[]byte { - return p.v.Interface().(*[]byte) -} -func (p pointer) toBytesSlice() *[][]byte { - return p.v.Interface().(*[][]byte) -} -func (p pointer) toExtensions() *XXX_InternalExtensions { - return p.v.Interface().(*XXX_InternalExtensions) -} -func (p pointer) toOldExtensions() *map[int32]Extension { - return p.v.Interface().(*map[int32]Extension) -} -func (p pointer) getPointer() pointer { - return pointer{v: p.v.Elem()} -} -func (p pointer) setPointer(q pointer) { - p.v.Elem().Set(q.v) -} -func (p pointer) appendPointer(q pointer) { - grow(p.v.Elem()).Set(q.v) -} - -// getPointerSlice copies []*T from p as a new []pointer. -// This behavior differs from the implementation in pointer_unsafe.go. -func (p pointer) getPointerSlice() []pointer { - if p.v.IsNil() { - return nil - } - n := p.v.Elem().Len() - s := make([]pointer, n) - for i := 0; i < n; i++ { - s[i] = pointer{v: p.v.Elem().Index(i)} - } - return s -} - -// setPointerSlice copies []pointer into p as a new []*T. -// This behavior differs from the implementation in pointer_unsafe.go. -func (p pointer) setPointerSlice(v []pointer) { - if v == nil { - p.v.Elem().Set(reflect.New(p.v.Elem().Type()).Elem()) - return - } - s := reflect.MakeSlice(p.v.Elem().Type(), 0, len(v)) - for _, p := range v { - s = reflect.Append(s, p.v) - } - p.v.Elem().Set(s) -} - -// getInterfacePointer returns a pointer that points to the -// interface data of the interface pointed by p. -func (p pointer) getInterfacePointer() pointer { - if p.v.Elem().IsNil() { - return pointer{v: p.v.Elem()} - } - return pointer{v: p.v.Elem().Elem().Elem().Field(0).Addr()} // *interface -> interface -> *struct -> struct -} - -func (p pointer) asPointerTo(t reflect.Type) reflect.Value { - // TODO: check that p.v.Type().Elem() == t? - return p.v -} - -func atomicLoadUnmarshalInfo(p **unmarshalInfo) *unmarshalInfo { - atomicLock.Lock() - defer atomicLock.Unlock() - return *p -} -func atomicStoreUnmarshalInfo(p **unmarshalInfo, v *unmarshalInfo) { - atomicLock.Lock() - defer atomicLock.Unlock() - *p = v -} -func atomicLoadMarshalInfo(p **marshalInfo) *marshalInfo { - atomicLock.Lock() - defer atomicLock.Unlock() - return *p -} -func atomicStoreMarshalInfo(p **marshalInfo, v *marshalInfo) { - atomicLock.Lock() - defer atomicLock.Unlock() - *p = v -} -func atomicLoadMergeInfo(p **mergeInfo) *mergeInfo { - atomicLock.Lock() - defer atomicLock.Unlock() - return *p -} -func atomicStoreMergeInfo(p **mergeInfo, v *mergeInfo) { - atomicLock.Lock() - defer atomicLock.Unlock() - *p = v -} -func atomicLoadDiscardInfo(p **discardInfo) *discardInfo { - atomicLock.Lock() - defer atomicLock.Unlock() - return *p -} -func atomicStoreDiscardInfo(p **discardInfo, v *discardInfo) { - atomicLock.Lock() - defer atomicLock.Unlock() - *p = v -} - -var atomicLock sync.Mutex diff --git a/vendor/github.com/gogo/protobuf/proto/pointer_reflect_gogo.go b/vendor/github.com/gogo/protobuf/proto/pointer_reflect_gogo.go deleted file mode 100644 index 7ffd3c29d..000000000 --- a/vendor/github.com/gogo/protobuf/proto/pointer_reflect_gogo.go +++ /dev/null @@ -1,59 +0,0 @@ -// Protocol Buffers for Go with Gadgets -// -// Copyright (c) 2018, The GoGo Authors. All rights reserved. -// http://github.com/gogo/protobuf -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are -// met: -// -// * Redistributions of source code must retain the above copyright -// notice, this list of conditions and the following disclaimer. -// * Redistributions in binary form must reproduce the above -// copyright notice, this list of conditions and the following disclaimer -// in the documentation and/or other materials provided with the -// distribution. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -// +build purego appengine js - -// This file contains an implementation of proto field accesses using package reflect. -// It is slower than the code in pointer_unsafe.go but it avoids package unsafe and can -// be used on App Engine. - -package proto - -import ( - "reflect" -) - -// TODO: untested, so probably incorrect. - -func (p pointer) getRef() pointer { - return pointer{v: p.v.Addr()} -} - -func (p pointer) appendRef(v pointer, typ reflect.Type) { - slice := p.getSlice(typ) - elem := v.asPointerTo(typ).Elem() - newSlice := reflect.Append(slice, elem) - slice.Set(newSlice) -} - -func (p pointer) getSlice(typ reflect.Type) reflect.Value { - sliceTyp := reflect.SliceOf(typ) - slice := p.asPointerTo(sliceTyp) - slice = slice.Elem() - return slice -} diff --git a/vendor/github.com/gogo/protobuf/proto/pointer_unsafe.go b/vendor/github.com/gogo/protobuf/proto/pointer_unsafe.go deleted file mode 100644 index d55a335d9..000000000 --- a/vendor/github.com/gogo/protobuf/proto/pointer_unsafe.go +++ /dev/null @@ -1,308 +0,0 @@ -// Go support for Protocol Buffers - Google's data interchange format -// -// Copyright 2012 The Go Authors. All rights reserved. -// https://github.com/golang/protobuf -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are -// met: -// -// * Redistributions of source code must retain the above copyright -// notice, this list of conditions and the following disclaimer. -// * Redistributions in binary form must reproduce the above -// copyright notice, this list of conditions and the following disclaimer -// in the documentation and/or other materials provided with the -// distribution. -// * Neither the name of Google Inc. nor the names of its -// contributors may be used to endorse or promote products derived from -// this software without specific prior written permission. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -// +build !purego,!appengine,!js - -// This file contains the implementation of the proto field accesses using package unsafe. - -package proto - -import ( - "reflect" - "sync/atomic" - "unsafe" -) - -const unsafeAllowed = true - -// A field identifies a field in a struct, accessible from a pointer. -// In this implementation, a field is identified by its byte offset from the start of the struct. -type field uintptr - -// toField returns a field equivalent to the given reflect field. -func toField(f *reflect.StructField) field { - return field(f.Offset) -} - -// invalidField is an invalid field identifier. -const invalidField = ^field(0) - -// zeroField is a noop when calling pointer.offset. -const zeroField = field(0) - -// IsValid reports whether the field identifier is valid. -func (f field) IsValid() bool { - return f != invalidField -} - -// The pointer type below is for the new table-driven encoder/decoder. -// The implementation here uses unsafe.Pointer to create a generic pointer. -// In pointer_reflect.go we use reflect instead of unsafe to implement -// the same (but slower) interface. -type pointer struct { - p unsafe.Pointer -} - -// size of pointer -var ptrSize = unsafe.Sizeof(uintptr(0)) - -// toPointer converts an interface of pointer type to a pointer -// that points to the same target. -func toPointer(i *Message) pointer { - // Super-tricky - read pointer out of data word of interface value. - // Saves ~25ns over the equivalent: - // return valToPointer(reflect.ValueOf(*i)) - return pointer{p: (*[2]unsafe.Pointer)(unsafe.Pointer(i))[1]} -} - -// toAddrPointer converts an interface to a pointer that points to -// the interface data. -func toAddrPointer(i *interface{}, isptr bool) pointer { - // Super-tricky - read or get the address of data word of interface value. - if isptr { - // The interface is of pointer type, thus it is a direct interface. - // The data word is the pointer data itself. We take its address. - return pointer{p: unsafe.Pointer(uintptr(unsafe.Pointer(i)) + ptrSize)} - } - // The interface is not of pointer type. The data word is the pointer - // to the data. - return pointer{p: (*[2]unsafe.Pointer)(unsafe.Pointer(i))[1]} -} - -// valToPointer converts v to a pointer. v must be of pointer type. -func valToPointer(v reflect.Value) pointer { - return pointer{p: unsafe.Pointer(v.Pointer())} -} - -// offset converts from a pointer to a structure to a pointer to -// one of its fields. -func (p pointer) offset(f field) pointer { - // For safety, we should panic if !f.IsValid, however calling panic causes - // this to no longer be inlineable, which is a serious performance cost. - /* - if !f.IsValid() { - panic("invalid field") - } - */ - return pointer{p: unsafe.Pointer(uintptr(p.p) + uintptr(f))} -} - -func (p pointer) isNil() bool { - return p.p == nil -} - -func (p pointer) toInt64() *int64 { - return (*int64)(p.p) -} -func (p pointer) toInt64Ptr() **int64 { - return (**int64)(p.p) -} -func (p pointer) toInt64Slice() *[]int64 { - return (*[]int64)(p.p) -} -func (p pointer) toInt32() *int32 { - return (*int32)(p.p) -} - -// See pointer_reflect.go for why toInt32Ptr/Slice doesn't exist. -/* - func (p pointer) toInt32Ptr() **int32 { - return (**int32)(p.p) - } - func (p pointer) toInt32Slice() *[]int32 { - return (*[]int32)(p.p) - } -*/ -func (p pointer) getInt32Ptr() *int32 { - return *(**int32)(p.p) -} -func (p pointer) setInt32Ptr(v int32) { - *(**int32)(p.p) = &v -} - -// getInt32Slice loads a []int32 from p. -// The value returned is aliased with the original slice. -// This behavior differs from the implementation in pointer_reflect.go. -func (p pointer) getInt32Slice() []int32 { - return *(*[]int32)(p.p) -} - -// setInt32Slice stores a []int32 to p. -// The value set is aliased with the input slice. -// This behavior differs from the implementation in pointer_reflect.go. -func (p pointer) setInt32Slice(v []int32) { - *(*[]int32)(p.p) = v -} - -// TODO: Can we get rid of appendInt32Slice and use setInt32Slice instead? -func (p pointer) appendInt32Slice(v int32) { - s := (*[]int32)(p.p) - *s = append(*s, v) -} - -func (p pointer) toUint64() *uint64 { - return (*uint64)(p.p) -} -func (p pointer) toUint64Ptr() **uint64 { - return (**uint64)(p.p) -} -func (p pointer) toUint64Slice() *[]uint64 { - return (*[]uint64)(p.p) -} -func (p pointer) toUint32() *uint32 { - return (*uint32)(p.p) -} -func (p pointer) toUint32Ptr() **uint32 { - return (**uint32)(p.p) -} -func (p pointer) toUint32Slice() *[]uint32 { - return (*[]uint32)(p.p) -} -func (p pointer) toBool() *bool { - return (*bool)(p.p) -} -func (p pointer) toBoolPtr() **bool { - return (**bool)(p.p) -} -func (p pointer) toBoolSlice() *[]bool { - return (*[]bool)(p.p) -} -func (p pointer) toFloat64() *float64 { - return (*float64)(p.p) -} -func (p pointer) toFloat64Ptr() **float64 { - return (**float64)(p.p) -} -func (p pointer) toFloat64Slice() *[]float64 { - return (*[]float64)(p.p) -} -func (p pointer) toFloat32() *float32 { - return (*float32)(p.p) -} -func (p pointer) toFloat32Ptr() **float32 { - return (**float32)(p.p) -} -func (p pointer) toFloat32Slice() *[]float32 { - return (*[]float32)(p.p) -} -func (p pointer) toString() *string { - return (*string)(p.p) -} -func (p pointer) toStringPtr() **string { - return (**string)(p.p) -} -func (p pointer) toStringSlice() *[]string { - return (*[]string)(p.p) -} -func (p pointer) toBytes() *[]byte { - return (*[]byte)(p.p) -} -func (p pointer) toBytesSlice() *[][]byte { - return (*[][]byte)(p.p) -} -func (p pointer) toExtensions() *XXX_InternalExtensions { - return (*XXX_InternalExtensions)(p.p) -} -func (p pointer) toOldExtensions() *map[int32]Extension { - return (*map[int32]Extension)(p.p) -} - -// getPointerSlice loads []*T from p as a []pointer. -// The value returned is aliased with the original slice. -// This behavior differs from the implementation in pointer_reflect.go. -func (p pointer) getPointerSlice() []pointer { - // Super-tricky - p should point to a []*T where T is a - // message type. We load it as []pointer. - return *(*[]pointer)(p.p) -} - -// setPointerSlice stores []pointer into p as a []*T. -// The value set is aliased with the input slice. -// This behavior differs from the implementation in pointer_reflect.go. -func (p pointer) setPointerSlice(v []pointer) { - // Super-tricky - p should point to a []*T where T is a - // message type. We store it as []pointer. - *(*[]pointer)(p.p) = v -} - -// getPointer loads the pointer at p and returns it. -func (p pointer) getPointer() pointer { - return pointer{p: *(*unsafe.Pointer)(p.p)} -} - -// setPointer stores the pointer q at p. -func (p pointer) setPointer(q pointer) { - *(*unsafe.Pointer)(p.p) = q.p -} - -// append q to the slice pointed to by p. -func (p pointer) appendPointer(q pointer) { - s := (*[]unsafe.Pointer)(p.p) - *s = append(*s, q.p) -} - -// getInterfacePointer returns a pointer that points to the -// interface data of the interface pointed by p. -func (p pointer) getInterfacePointer() pointer { - // Super-tricky - read pointer out of data word of interface value. - return pointer{p: (*(*[2]unsafe.Pointer)(p.p))[1]} -} - -// asPointerTo returns a reflect.Value that is a pointer to an -// object of type t stored at p. -func (p pointer) asPointerTo(t reflect.Type) reflect.Value { - return reflect.NewAt(t, p.p) -} - -func atomicLoadUnmarshalInfo(p **unmarshalInfo) *unmarshalInfo { - return (*unmarshalInfo)(atomic.LoadPointer((*unsafe.Pointer)(unsafe.Pointer(p)))) -} -func atomicStoreUnmarshalInfo(p **unmarshalInfo, v *unmarshalInfo) { - atomic.StorePointer((*unsafe.Pointer)(unsafe.Pointer(p)), unsafe.Pointer(v)) -} -func atomicLoadMarshalInfo(p **marshalInfo) *marshalInfo { - return (*marshalInfo)(atomic.LoadPointer((*unsafe.Pointer)(unsafe.Pointer(p)))) -} -func atomicStoreMarshalInfo(p **marshalInfo, v *marshalInfo) { - atomic.StorePointer((*unsafe.Pointer)(unsafe.Pointer(p)), unsafe.Pointer(v)) -} -func atomicLoadMergeInfo(p **mergeInfo) *mergeInfo { - return (*mergeInfo)(atomic.LoadPointer((*unsafe.Pointer)(unsafe.Pointer(p)))) -} -func atomicStoreMergeInfo(p **mergeInfo, v *mergeInfo) { - atomic.StorePointer((*unsafe.Pointer)(unsafe.Pointer(p)), unsafe.Pointer(v)) -} -func atomicLoadDiscardInfo(p **discardInfo) *discardInfo { - return (*discardInfo)(atomic.LoadPointer((*unsafe.Pointer)(unsafe.Pointer(p)))) -} -func atomicStoreDiscardInfo(p **discardInfo, v *discardInfo) { - atomic.StorePointer((*unsafe.Pointer)(unsafe.Pointer(p)), unsafe.Pointer(v)) -} diff --git a/vendor/github.com/gogo/protobuf/proto/pointer_unsafe_gogo.go b/vendor/github.com/gogo/protobuf/proto/pointer_unsafe_gogo.go deleted file mode 100644 index aca8eed02..000000000 --- a/vendor/github.com/gogo/protobuf/proto/pointer_unsafe_gogo.go +++ /dev/null @@ -1,56 +0,0 @@ -// Protocol Buffers for Go with Gadgets -// -// Copyright (c) 2018, The GoGo Authors. All rights reserved. -// http://github.com/gogo/protobuf -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are -// met: -// -// * Redistributions of source code must retain the above copyright -// notice, this list of conditions and the following disclaimer. -// * Redistributions in binary form must reproduce the above -// copyright notice, this list of conditions and the following disclaimer -// in the documentation and/or other materials provided with the -// distribution. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -// +build !purego,!appengine,!js - -// This file contains the implementation of the proto field accesses using package unsafe. - -package proto - -import ( - "reflect" - "unsafe" -) - -func (p pointer) getRef() pointer { - return pointer{p: (unsafe.Pointer)(&p.p)} -} - -func (p pointer) appendRef(v pointer, typ reflect.Type) { - slice := p.getSlice(typ) - elem := v.asPointerTo(typ).Elem() - newSlice := reflect.Append(slice, elem) - slice.Set(newSlice) -} - -func (p pointer) getSlice(typ reflect.Type) reflect.Value { - sliceTyp := reflect.SliceOf(typ) - slice := p.asPointerTo(sliceTyp) - slice = slice.Elem() - return slice -} diff --git a/vendor/github.com/gogo/protobuf/proto/properties.go b/vendor/github.com/gogo/protobuf/proto/properties.go deleted file mode 100644 index 28da1475f..000000000 --- a/vendor/github.com/gogo/protobuf/proto/properties.go +++ /dev/null @@ -1,610 +0,0 @@ -// Protocol Buffers for Go with Gadgets -// -// Copyright (c) 2013, The GoGo Authors. All rights reserved. -// http://github.com/gogo/protobuf -// -// Go support for Protocol Buffers - Google's data interchange format -// -// Copyright 2010 The Go Authors. All rights reserved. -// https://github.com/golang/protobuf -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are -// met: -// -// * Redistributions of source code must retain the above copyright -// notice, this list of conditions and the following disclaimer. -// * Redistributions in binary form must reproduce the above -// copyright notice, this list of conditions and the following disclaimer -// in the documentation and/or other materials provided with the -// distribution. -// * Neither the name of Google Inc. nor the names of its -// contributors may be used to endorse or promote products derived from -// this software without specific prior written permission. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -package proto - -/* - * Routines for encoding data into the wire format for protocol buffers. - */ - -import ( - "fmt" - "log" - "reflect" - "sort" - "strconv" - "strings" - "sync" -) - -const debug bool = false - -// Constants that identify the encoding of a value on the wire. -const ( - WireVarint = 0 - WireFixed64 = 1 - WireBytes = 2 - WireStartGroup = 3 - WireEndGroup = 4 - WireFixed32 = 5 -) - -// tagMap is an optimization over map[int]int for typical protocol buffer -// use-cases. Encoded protocol buffers are often in tag order with small tag -// numbers. -type tagMap struct { - fastTags []int - slowTags map[int]int -} - -// tagMapFastLimit is the upper bound on the tag number that will be stored in -// the tagMap slice rather than its map. -const tagMapFastLimit = 1024 - -func (p *tagMap) get(t int) (int, bool) { - if t > 0 && t < tagMapFastLimit { - if t >= len(p.fastTags) { - return 0, false - } - fi := p.fastTags[t] - return fi, fi >= 0 - } - fi, ok := p.slowTags[t] - return fi, ok -} - -func (p *tagMap) put(t int, fi int) { - if t > 0 && t < tagMapFastLimit { - for len(p.fastTags) < t+1 { - p.fastTags = append(p.fastTags, -1) - } - p.fastTags[t] = fi - return - } - if p.slowTags == nil { - p.slowTags = make(map[int]int) - } - p.slowTags[t] = fi -} - -// StructProperties represents properties for all the fields of a struct. -// decoderTags and decoderOrigNames should only be used by the decoder. -type StructProperties struct { - Prop []*Properties // properties for each field - reqCount int // required count - decoderTags tagMap // map from proto tag to struct field number - decoderOrigNames map[string]int // map from original name to struct field number - order []int // list of struct field numbers in tag order - - // OneofTypes contains information about the oneof fields in this message. - // It is keyed by the original name of a field. - OneofTypes map[string]*OneofProperties -} - -// OneofProperties represents information about a specific field in a oneof. -type OneofProperties struct { - Type reflect.Type // pointer to generated struct type for this oneof field - Field int // struct field number of the containing oneof in the message - Prop *Properties -} - -// Implement the sorting interface so we can sort the fields in tag order, as recommended by the spec. -// See encode.go, (*Buffer).enc_struct. - -func (sp *StructProperties) Len() int { return len(sp.order) } -func (sp *StructProperties) Less(i, j int) bool { - return sp.Prop[sp.order[i]].Tag < sp.Prop[sp.order[j]].Tag -} -func (sp *StructProperties) Swap(i, j int) { sp.order[i], sp.order[j] = sp.order[j], sp.order[i] } - -// Properties represents the protocol-specific behavior of a single struct field. -type Properties struct { - Name string // name of the field, for error messages - OrigName string // original name before protocol compiler (always set) - JSONName string // name to use for JSON; determined by protoc - Wire string - WireType int - Tag int - Required bool - Optional bool - Repeated bool - Packed bool // relevant for repeated primitives only - Enum string // set for enum types only - proto3 bool // whether this is known to be a proto3 field - oneof bool // whether this is a oneof field - - Default string // default value - HasDefault bool // whether an explicit default was provided - CustomType string - CastType string - StdTime bool - StdDuration bool - WktPointer bool - - stype reflect.Type // set for struct types only - ctype reflect.Type // set for custom types only - sprop *StructProperties // set for struct types only - - mtype reflect.Type // set for map types only - MapKeyProp *Properties // set for map types only - MapValProp *Properties // set for map types only -} - -// String formats the properties in the protobuf struct field tag style. -func (p *Properties) String() string { - s := p.Wire - s += "," - s += strconv.Itoa(p.Tag) - if p.Required { - s += ",req" - } - if p.Optional { - s += ",opt" - } - if p.Repeated { - s += ",rep" - } - if p.Packed { - s += ",packed" - } - s += ",name=" + p.OrigName - if p.JSONName != p.OrigName { - s += ",json=" + p.JSONName - } - if p.proto3 { - s += ",proto3" - } - if p.oneof { - s += ",oneof" - } - if len(p.Enum) > 0 { - s += ",enum=" + p.Enum - } - if p.HasDefault { - s += ",def=" + p.Default - } - return s -} - -// Parse populates p by parsing a string in the protobuf struct field tag style. -func (p *Properties) Parse(s string) { - // "bytes,49,opt,name=foo,def=hello!" - fields := strings.Split(s, ",") // breaks def=, but handled below. - if len(fields) < 2 { - log.Printf("proto: tag has too few fields: %q", s) - return - } - - p.Wire = fields[0] - switch p.Wire { - case "varint": - p.WireType = WireVarint - case "fixed32": - p.WireType = WireFixed32 - case "fixed64": - p.WireType = WireFixed64 - case "zigzag32": - p.WireType = WireVarint - case "zigzag64": - p.WireType = WireVarint - case "bytes", "group": - p.WireType = WireBytes - // no numeric converter for non-numeric types - default: - log.Printf("proto: tag has unknown wire type: %q", s) - return - } - - var err error - p.Tag, err = strconv.Atoi(fields[1]) - if err != nil { - return - } - -outer: - for i := 2; i < len(fields); i++ { - f := fields[i] - switch { - case f == "req": - p.Required = true - case f == "opt": - p.Optional = true - case f == "rep": - p.Repeated = true - case f == "packed": - p.Packed = true - case strings.HasPrefix(f, "name="): - p.OrigName = f[5:] - case strings.HasPrefix(f, "json="): - p.JSONName = f[5:] - case strings.HasPrefix(f, "enum="): - p.Enum = f[5:] - case f == "proto3": - p.proto3 = true - case f == "oneof": - p.oneof = true - case strings.HasPrefix(f, "def="): - p.HasDefault = true - p.Default = f[4:] // rest of string - if i+1 < len(fields) { - // Commas aren't escaped, and def is always last. - p.Default += "," + strings.Join(fields[i+1:], ",") - break outer - } - case strings.HasPrefix(f, "embedded="): - p.OrigName = strings.Split(f, "=")[1] - case strings.HasPrefix(f, "customtype="): - p.CustomType = strings.Split(f, "=")[1] - case strings.HasPrefix(f, "casttype="): - p.CastType = strings.Split(f, "=")[1] - case f == "stdtime": - p.StdTime = true - case f == "stdduration": - p.StdDuration = true - case f == "wktptr": - p.WktPointer = true - } - } -} - -var protoMessageType = reflect.TypeOf((*Message)(nil)).Elem() - -// setFieldProps initializes the field properties for submessages and maps. -func (p *Properties) setFieldProps(typ reflect.Type, f *reflect.StructField, lockGetProp bool) { - isMap := typ.Kind() == reflect.Map - if len(p.CustomType) > 0 && !isMap { - p.ctype = typ - p.setTag(lockGetProp) - return - } - if p.StdTime && !isMap { - p.setTag(lockGetProp) - return - } - if p.StdDuration && !isMap { - p.setTag(lockGetProp) - return - } - if p.WktPointer && !isMap { - p.setTag(lockGetProp) - return - } - switch t1 := typ; t1.Kind() { - case reflect.Struct: - p.stype = typ - case reflect.Ptr: - if t1.Elem().Kind() == reflect.Struct { - p.stype = t1.Elem() - } - case reflect.Slice: - switch t2 := t1.Elem(); t2.Kind() { - case reflect.Ptr: - switch t3 := t2.Elem(); t3.Kind() { - case reflect.Struct: - p.stype = t3 - } - case reflect.Struct: - p.stype = t2 - } - - case reflect.Map: - - p.mtype = t1 - p.MapKeyProp = &Properties{} - p.MapKeyProp.init(reflect.PtrTo(p.mtype.Key()), "Key", f.Tag.Get("protobuf_key"), nil, lockGetProp) - p.MapValProp = &Properties{} - vtype := p.mtype.Elem() - if vtype.Kind() != reflect.Ptr && vtype.Kind() != reflect.Slice { - // The value type is not a message (*T) or bytes ([]byte), - // so we need encoders for the pointer to this type. - vtype = reflect.PtrTo(vtype) - } - - p.MapValProp.CustomType = p.CustomType - p.MapValProp.StdDuration = p.StdDuration - p.MapValProp.StdTime = p.StdTime - p.MapValProp.WktPointer = p.WktPointer - p.MapValProp.init(vtype, "Value", f.Tag.Get("protobuf_val"), nil, lockGetProp) - } - p.setTag(lockGetProp) -} - -func (p *Properties) setTag(lockGetProp bool) { - if p.stype != nil { - if lockGetProp { - p.sprop = GetProperties(p.stype) - } else { - p.sprop = getPropertiesLocked(p.stype) - } - } -} - -var ( - marshalerType = reflect.TypeOf((*Marshaler)(nil)).Elem() -) - -// Init populates the properties from a protocol buffer struct tag. -func (p *Properties) Init(typ reflect.Type, name, tag string, f *reflect.StructField) { - p.init(typ, name, tag, f, true) -} - -func (p *Properties) init(typ reflect.Type, name, tag string, f *reflect.StructField, lockGetProp bool) { - // "bytes,49,opt,def=hello!" - p.Name = name - p.OrigName = name - if tag == "" { - return - } - p.Parse(tag) - p.setFieldProps(typ, f, lockGetProp) -} - -var ( - propertiesMu sync.RWMutex - propertiesMap = make(map[reflect.Type]*StructProperties) -) - -// GetProperties returns the list of properties for the type represented by t. -// t must represent a generated struct type of a protocol message. -func GetProperties(t reflect.Type) *StructProperties { - if t.Kind() != reflect.Struct { - panic("proto: type must have kind struct") - } - - // Most calls to GetProperties in a long-running program will be - // retrieving details for types we have seen before. - propertiesMu.RLock() - sprop, ok := propertiesMap[t] - propertiesMu.RUnlock() - if ok { - return sprop - } - - propertiesMu.Lock() - sprop = getPropertiesLocked(t) - propertiesMu.Unlock() - return sprop -} - -type ( - oneofFuncsIface interface { - XXX_OneofFuncs() (func(Message, *Buffer) error, func(Message, int, int, *Buffer) (bool, error), func(Message) int, []interface{}) - } - oneofWrappersIface interface { - XXX_OneofWrappers() []interface{} - } -) - -// getPropertiesLocked requires that propertiesMu is held. -func getPropertiesLocked(t reflect.Type) *StructProperties { - if prop, ok := propertiesMap[t]; ok { - return prop - } - - prop := new(StructProperties) - // in case of recursive protos, fill this in now. - propertiesMap[t] = prop - - // build properties - prop.Prop = make([]*Properties, t.NumField()) - prop.order = make([]int, t.NumField()) - - isOneofMessage := false - for i := 0; i < t.NumField(); i++ { - f := t.Field(i) - p := new(Properties) - name := f.Name - p.init(f.Type, name, f.Tag.Get("protobuf"), &f, false) - - oneof := f.Tag.Get("protobuf_oneof") // special case - if oneof != "" { - isOneofMessage = true - // Oneof fields don't use the traditional protobuf tag. - p.OrigName = oneof - } - prop.Prop[i] = p - prop.order[i] = i - if debug { - print(i, " ", f.Name, " ", t.String(), " ") - if p.Tag > 0 { - print(p.String()) - } - print("\n") - } - } - - // Re-order prop.order. - sort.Sort(prop) - - if isOneofMessage { - var oots []interface{} - switch m := reflect.Zero(reflect.PtrTo(t)).Interface().(type) { - case oneofFuncsIface: - _, _, _, oots = m.XXX_OneofFuncs() - case oneofWrappersIface: - oots = m.XXX_OneofWrappers() - } - if len(oots) > 0 { - // Interpret oneof metadata. - prop.OneofTypes = make(map[string]*OneofProperties) - for _, oot := range oots { - oop := &OneofProperties{ - Type: reflect.ValueOf(oot).Type(), // *T - Prop: new(Properties), - } - sft := oop.Type.Elem().Field(0) - oop.Prop.Name = sft.Name - oop.Prop.Parse(sft.Tag.Get("protobuf")) - // There will be exactly one interface field that - // this new value is assignable to. - for i := 0; i < t.NumField(); i++ { - f := t.Field(i) - if f.Type.Kind() != reflect.Interface { - continue - } - if !oop.Type.AssignableTo(f.Type) { - continue - } - oop.Field = i - break - } - prop.OneofTypes[oop.Prop.OrigName] = oop - } - } - } - - // build required counts - // build tags - reqCount := 0 - prop.decoderOrigNames = make(map[string]int) - for i, p := range prop.Prop { - if strings.HasPrefix(p.Name, "XXX_") { - // Internal fields should not appear in tags/origNames maps. - // They are handled specially when encoding and decoding. - continue - } - if p.Required { - reqCount++ - } - prop.decoderTags.put(p.Tag, i) - prop.decoderOrigNames[p.OrigName] = i - } - prop.reqCount = reqCount - - return prop -} - -// A global registry of enum types. -// The generated code will register the generated maps by calling RegisterEnum. - -var enumValueMaps = make(map[string]map[string]int32) -var enumStringMaps = make(map[string]map[int32]string) - -// RegisterEnum is called from the generated code to install the enum descriptor -// maps into the global table to aid parsing text format protocol buffers. -func RegisterEnum(typeName string, unusedNameMap map[int32]string, valueMap map[string]int32) { - if _, ok := enumValueMaps[typeName]; ok { - panic("proto: duplicate enum registered: " + typeName) - } - enumValueMaps[typeName] = valueMap - if _, ok := enumStringMaps[typeName]; ok { - panic("proto: duplicate enum registered: " + typeName) - } - enumStringMaps[typeName] = unusedNameMap -} - -// EnumValueMap returns the mapping from names to integers of the -// enum type enumType, or a nil if not found. -func EnumValueMap(enumType string) map[string]int32 { - return enumValueMaps[enumType] -} - -// A registry of all linked message types. -// The string is a fully-qualified proto name ("pkg.Message"). -var ( - protoTypedNils = make(map[string]Message) // a map from proto names to typed nil pointers - protoMapTypes = make(map[string]reflect.Type) // a map from proto names to map types - revProtoTypes = make(map[reflect.Type]string) -) - -// RegisterType is called from generated code and maps from the fully qualified -// proto name to the type (pointer to struct) of the protocol buffer. -func RegisterType(x Message, name string) { - if _, ok := protoTypedNils[name]; ok { - // TODO: Some day, make this a panic. - log.Printf("proto: duplicate proto type registered: %s", name) - return - } - t := reflect.TypeOf(x) - if v := reflect.ValueOf(x); v.Kind() == reflect.Ptr && v.Pointer() == 0 { - // Generated code always calls RegisterType with nil x. - // This check is just for extra safety. - protoTypedNils[name] = x - } else { - protoTypedNils[name] = reflect.Zero(t).Interface().(Message) - } - revProtoTypes[t] = name -} - -// RegisterMapType is called from generated code and maps from the fully qualified -// proto name to the native map type of the proto map definition. -func RegisterMapType(x interface{}, name string) { - if reflect.TypeOf(x).Kind() != reflect.Map { - panic(fmt.Sprintf("RegisterMapType(%T, %q); want map", x, name)) - } - if _, ok := protoMapTypes[name]; ok { - log.Printf("proto: duplicate proto type registered: %s", name) - return - } - t := reflect.TypeOf(x) - protoMapTypes[name] = t - revProtoTypes[t] = name -} - -// MessageName returns the fully-qualified proto name for the given message type. -func MessageName(x Message) string { - type xname interface { - XXX_MessageName() string - } - if m, ok := x.(xname); ok { - return m.XXX_MessageName() - } - return revProtoTypes[reflect.TypeOf(x)] -} - -// MessageType returns the message type (pointer to struct) for a named message. -// The type is not guaranteed to implement proto.Message if the name refers to a -// map entry. -func MessageType(name string) reflect.Type { - if t, ok := protoTypedNils[name]; ok { - return reflect.TypeOf(t) - } - return protoMapTypes[name] -} - -// A registry of all linked proto files. -var ( - protoFiles = make(map[string][]byte) // file name => fileDescriptor -) - -// RegisterFile is called from generated code and maps from the -// full file name of a .proto file to its compressed FileDescriptorProto. -func RegisterFile(filename string, fileDescriptor []byte) { - protoFiles[filename] = fileDescriptor -} - -// FileDescriptor returns the compressed FileDescriptorProto for a .proto file. -func FileDescriptor(filename string) []byte { return protoFiles[filename] } diff --git a/vendor/github.com/gogo/protobuf/proto/properties_gogo.go b/vendor/github.com/gogo/protobuf/proto/properties_gogo.go deleted file mode 100644 index 40ea3dd93..000000000 --- a/vendor/github.com/gogo/protobuf/proto/properties_gogo.go +++ /dev/null @@ -1,36 +0,0 @@ -// Protocol Buffers for Go with Gadgets -// -// Copyright (c) 2018, The GoGo Authors. All rights reserved. -// http://github.com/gogo/protobuf -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are -// met: -// -// * Redistributions of source code must retain the above copyright -// notice, this list of conditions and the following disclaimer. -// * Redistributions in binary form must reproduce the above -// copyright notice, this list of conditions and the following disclaimer -// in the documentation and/or other materials provided with the -// distribution. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -package proto - -import ( - "reflect" -) - -var sizerType = reflect.TypeOf((*Sizer)(nil)).Elem() -var protosizerType = reflect.TypeOf((*ProtoSizer)(nil)).Elem() diff --git a/vendor/github.com/gogo/protobuf/proto/skip_gogo.go b/vendor/github.com/gogo/protobuf/proto/skip_gogo.go deleted file mode 100644 index 5a5fd93f7..000000000 --- a/vendor/github.com/gogo/protobuf/proto/skip_gogo.go +++ /dev/null @@ -1,119 +0,0 @@ -// Protocol Buffers for Go with Gadgets -// -// Copyright (c) 2013, The GoGo Authors. All rights reserved. -// http://github.com/gogo/protobuf -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are -// met: -// -// * Redistributions of source code must retain the above copyright -// notice, this list of conditions and the following disclaimer. -// * Redistributions in binary form must reproduce the above -// copyright notice, this list of conditions and the following disclaimer -// in the documentation and/or other materials provided with the -// distribution. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -package proto - -import ( - "fmt" - "io" -) - -func Skip(data []byte) (n int, err error) { - l := len(data) - index := 0 - for index < l { - var wire uint64 - for shift := uint(0); ; shift += 7 { - if index >= l { - return 0, io.ErrUnexpectedEOF - } - b := data[index] - index++ - wire |= (uint64(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - wireType := int(wire & 0x7) - switch wireType { - case 0: - for { - if index >= l { - return 0, io.ErrUnexpectedEOF - } - index++ - if data[index-1] < 0x80 { - break - } - } - return index, nil - case 1: - index += 8 - return index, nil - case 2: - var length int - for shift := uint(0); ; shift += 7 { - if index >= l { - return 0, io.ErrUnexpectedEOF - } - b := data[index] - index++ - length |= (int(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - index += length - return index, nil - case 3: - for { - var innerWire uint64 - var start int = index - for shift := uint(0); ; shift += 7 { - if index >= l { - return 0, io.ErrUnexpectedEOF - } - b := data[index] - index++ - innerWire |= (uint64(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - innerWireType := int(innerWire & 0x7) - if innerWireType == 4 { - break - } - next, err := Skip(data[start:]) - if err != nil { - return 0, err - } - index = start + next - } - return index, nil - case 4: - return index, nil - case 5: - index += 4 - return index, nil - default: - return 0, fmt.Errorf("proto: illegal wireType %d", wireType) - } - } - panic("unreachable") -} diff --git a/vendor/github.com/gogo/protobuf/proto/table_marshal.go b/vendor/github.com/gogo/protobuf/proto/table_marshal.go deleted file mode 100644 index f8babdefa..000000000 --- a/vendor/github.com/gogo/protobuf/proto/table_marshal.go +++ /dev/null @@ -1,3009 +0,0 @@ -// Go support for Protocol Buffers - Google's data interchange format -// -// Copyright 2016 The Go Authors. All rights reserved. -// https://github.com/golang/protobuf -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are -// met: -// -// * Redistributions of source code must retain the above copyright -// notice, this list of conditions and the following disclaimer. -// * Redistributions in binary form must reproduce the above -// copyright notice, this list of conditions and the following disclaimer -// in the documentation and/or other materials provided with the -// distribution. -// * Neither the name of Google Inc. nor the names of its -// contributors may be used to endorse or promote products derived from -// this software without specific prior written permission. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -package proto - -import ( - "errors" - "fmt" - "math" - "reflect" - "sort" - "strconv" - "strings" - "sync" - "sync/atomic" - "unicode/utf8" -) - -// a sizer takes a pointer to a field and the size of its tag, computes the size of -// the encoded data. -type sizer func(pointer, int) int - -// a marshaler takes a byte slice, a pointer to a field, and its tag (in wire format), -// marshals the field to the end of the slice, returns the slice and error (if any). -type marshaler func(b []byte, ptr pointer, wiretag uint64, deterministic bool) ([]byte, error) - -// marshalInfo is the information used for marshaling a message. -type marshalInfo struct { - typ reflect.Type - fields []*marshalFieldInfo - unrecognized field // offset of XXX_unrecognized - extensions field // offset of XXX_InternalExtensions - v1extensions field // offset of XXX_extensions - sizecache field // offset of XXX_sizecache - initialized int32 // 0 -- only typ is set, 1 -- fully initialized - messageset bool // uses message set wire format - hasmarshaler bool // has custom marshaler - sync.RWMutex // protect extElems map, also for initialization - extElems map[int32]*marshalElemInfo // info of extension elements - - hassizer bool // has custom sizer - hasprotosizer bool // has custom protosizer - - bytesExtensions field // offset of XXX_extensions where the field type is []byte -} - -// marshalFieldInfo is the information used for marshaling a field of a message. -type marshalFieldInfo struct { - field field - wiretag uint64 // tag in wire format - tagsize int // size of tag in wire format - sizer sizer - marshaler marshaler - isPointer bool - required bool // field is required - name string // name of the field, for error reporting - oneofElems map[reflect.Type]*marshalElemInfo // info of oneof elements -} - -// marshalElemInfo is the information used for marshaling an extension or oneof element. -type marshalElemInfo struct { - wiretag uint64 // tag in wire format - tagsize int // size of tag in wire format - sizer sizer - marshaler marshaler - isptr bool // elem is pointer typed, thus interface of this type is a direct interface (extension only) -} - -var ( - marshalInfoMap = map[reflect.Type]*marshalInfo{} - marshalInfoLock sync.Mutex - - uint8SliceType = reflect.TypeOf(([]uint8)(nil)).Kind() -) - -// getMarshalInfo returns the information to marshal a given type of message. -// The info it returns may not necessarily initialized. -// t is the type of the message (NOT the pointer to it). -func getMarshalInfo(t reflect.Type) *marshalInfo { - marshalInfoLock.Lock() - u, ok := marshalInfoMap[t] - if !ok { - u = &marshalInfo{typ: t} - marshalInfoMap[t] = u - } - marshalInfoLock.Unlock() - return u -} - -// Size is the entry point from generated code, -// and should be ONLY called by generated code. -// It computes the size of encoded data of msg. -// a is a pointer to a place to store cached marshal info. -func (a *InternalMessageInfo) Size(msg Message) int { - u := getMessageMarshalInfo(msg, a) - ptr := toPointer(&msg) - if ptr.isNil() { - // We get here if msg is a typed nil ((*SomeMessage)(nil)), - // so it satisfies the interface, and msg == nil wouldn't - // catch it. We don't want crash in this case. - return 0 - } - return u.size(ptr) -} - -// Marshal is the entry point from generated code, -// and should be ONLY called by generated code. -// It marshals msg to the end of b. -// a is a pointer to a place to store cached marshal info. -func (a *InternalMessageInfo) Marshal(b []byte, msg Message, deterministic bool) ([]byte, error) { - u := getMessageMarshalInfo(msg, a) - ptr := toPointer(&msg) - if ptr.isNil() { - // We get here if msg is a typed nil ((*SomeMessage)(nil)), - // so it satisfies the interface, and msg == nil wouldn't - // catch it. We don't want crash in this case. - return b, ErrNil - } - return u.marshal(b, ptr, deterministic) -} - -func getMessageMarshalInfo(msg interface{}, a *InternalMessageInfo) *marshalInfo { - // u := a.marshal, but atomically. - // We use an atomic here to ensure memory consistency. - u := atomicLoadMarshalInfo(&a.marshal) - if u == nil { - // Get marshal information from type of message. - t := reflect.ValueOf(msg).Type() - if t.Kind() != reflect.Ptr { - panic(fmt.Sprintf("cannot handle non-pointer message type %v", t)) - } - u = getMarshalInfo(t.Elem()) - // Store it in the cache for later users. - // a.marshal = u, but atomically. - atomicStoreMarshalInfo(&a.marshal, u) - } - return u -} - -// size is the main function to compute the size of the encoded data of a message. -// ptr is the pointer to the message. -func (u *marshalInfo) size(ptr pointer) int { - if atomic.LoadInt32(&u.initialized) == 0 { - u.computeMarshalInfo() - } - - // If the message can marshal itself, let it do it, for compatibility. - // NOTE: This is not efficient. - if u.hasmarshaler { - // Uses the message's Size method if available - if u.hassizer { - s := ptr.asPointerTo(u.typ).Interface().(Sizer) - return s.Size() - } - // Uses the message's ProtoSize method if available - if u.hasprotosizer { - s := ptr.asPointerTo(u.typ).Interface().(ProtoSizer) - return s.ProtoSize() - } - - m := ptr.asPointerTo(u.typ).Interface().(Marshaler) - b, _ := m.Marshal() - return len(b) - } - - n := 0 - for _, f := range u.fields { - if f.isPointer && ptr.offset(f.field).getPointer().isNil() { - // nil pointer always marshals to nothing - continue - } - n += f.sizer(ptr.offset(f.field), f.tagsize) - } - if u.extensions.IsValid() { - e := ptr.offset(u.extensions).toExtensions() - if u.messageset { - n += u.sizeMessageSet(e) - } else { - n += u.sizeExtensions(e) - } - } - if u.v1extensions.IsValid() { - m := *ptr.offset(u.v1extensions).toOldExtensions() - n += u.sizeV1Extensions(m) - } - if u.bytesExtensions.IsValid() { - s := *ptr.offset(u.bytesExtensions).toBytes() - n += len(s) - } - if u.unrecognized.IsValid() { - s := *ptr.offset(u.unrecognized).toBytes() - n += len(s) - } - - // cache the result for use in marshal - if u.sizecache.IsValid() { - atomic.StoreInt32(ptr.offset(u.sizecache).toInt32(), int32(n)) - } - return n -} - -// cachedsize gets the size from cache. If there is no cache (i.e. message is not generated), -// fall back to compute the size. -func (u *marshalInfo) cachedsize(ptr pointer) int { - if u.sizecache.IsValid() { - return int(atomic.LoadInt32(ptr.offset(u.sizecache).toInt32())) - } - return u.size(ptr) -} - -// marshal is the main function to marshal a message. It takes a byte slice and appends -// the encoded data to the end of the slice, returns the slice and error (if any). -// ptr is the pointer to the message. -// If deterministic is true, map is marshaled in deterministic order. -func (u *marshalInfo) marshal(b []byte, ptr pointer, deterministic bool) ([]byte, error) { - if atomic.LoadInt32(&u.initialized) == 0 { - u.computeMarshalInfo() - } - - // If the message can marshal itself, let it do it, for compatibility. - // NOTE: This is not efficient. - if u.hasmarshaler { - m := ptr.asPointerTo(u.typ).Interface().(Marshaler) - b1, err := m.Marshal() - b = append(b, b1...) - return b, err - } - - var err, errLater error - // The old marshaler encodes extensions at beginning. - if u.extensions.IsValid() { - e := ptr.offset(u.extensions).toExtensions() - if u.messageset { - b, err = u.appendMessageSet(b, e, deterministic) - } else { - b, err = u.appendExtensions(b, e, deterministic) - } - if err != nil { - return b, err - } - } - if u.v1extensions.IsValid() { - m := *ptr.offset(u.v1extensions).toOldExtensions() - b, err = u.appendV1Extensions(b, m, deterministic) - if err != nil { - return b, err - } - } - if u.bytesExtensions.IsValid() { - s := *ptr.offset(u.bytesExtensions).toBytes() - b = append(b, s...) - } - for _, f := range u.fields { - if f.required { - if f.isPointer && ptr.offset(f.field).getPointer().isNil() { - // Required field is not set. - // We record the error but keep going, to give a complete marshaling. - if errLater == nil { - errLater = &RequiredNotSetError{f.name} - } - continue - } - } - if f.isPointer && ptr.offset(f.field).getPointer().isNil() { - // nil pointer always marshals to nothing - continue - } - b, err = f.marshaler(b, ptr.offset(f.field), f.wiretag, deterministic) - if err != nil { - if err1, ok := err.(*RequiredNotSetError); ok { - // Required field in submessage is not set. - // We record the error but keep going, to give a complete marshaling. - if errLater == nil { - errLater = &RequiredNotSetError{f.name + "." + err1.field} - } - continue - } - if err == errRepeatedHasNil { - err = errors.New("proto: repeated field " + f.name + " has nil element") - } - if err == errInvalidUTF8 { - if errLater == nil { - fullName := revProtoTypes[reflect.PtrTo(u.typ)] + "." + f.name - errLater = &invalidUTF8Error{fullName} - } - continue - } - return b, err - } - } - if u.unrecognized.IsValid() { - s := *ptr.offset(u.unrecognized).toBytes() - b = append(b, s...) - } - return b, errLater -} - -// computeMarshalInfo initializes the marshal info. -func (u *marshalInfo) computeMarshalInfo() { - u.Lock() - defer u.Unlock() - if u.initialized != 0 { // non-atomic read is ok as it is protected by the lock - return - } - - t := u.typ - u.unrecognized = invalidField - u.extensions = invalidField - u.v1extensions = invalidField - u.bytesExtensions = invalidField - u.sizecache = invalidField - isOneofMessage := false - - if reflect.PtrTo(t).Implements(sizerType) { - u.hassizer = true - } - if reflect.PtrTo(t).Implements(protosizerType) { - u.hasprotosizer = true - } - // If the message can marshal itself, let it do it, for compatibility. - // NOTE: This is not efficient. - if reflect.PtrTo(t).Implements(marshalerType) { - u.hasmarshaler = true - atomic.StoreInt32(&u.initialized, 1) - return - } - - n := t.NumField() - - // deal with XXX fields first - for i := 0; i < t.NumField(); i++ { - f := t.Field(i) - if f.Tag.Get("protobuf_oneof") != "" { - isOneofMessage = true - } - if !strings.HasPrefix(f.Name, "XXX_") { - continue - } - switch f.Name { - case "XXX_sizecache": - u.sizecache = toField(&f) - case "XXX_unrecognized": - u.unrecognized = toField(&f) - case "XXX_InternalExtensions": - u.extensions = toField(&f) - u.messageset = f.Tag.Get("protobuf_messageset") == "1" - case "XXX_extensions": - if f.Type.Kind() == reflect.Map { - u.v1extensions = toField(&f) - } else { - u.bytesExtensions = toField(&f) - } - case "XXX_NoUnkeyedLiteral": - // nothing to do - default: - panic("unknown XXX field: " + f.Name) - } - n-- - } - - // get oneof implementers - var oneofImplementers []interface{} - // gogo: isOneofMessage is needed for embedded oneof messages, without a marshaler and unmarshaler - if isOneofMessage { - switch m := reflect.Zero(reflect.PtrTo(t)).Interface().(type) { - case oneofFuncsIface: - _, _, _, oneofImplementers = m.XXX_OneofFuncs() - case oneofWrappersIface: - oneofImplementers = m.XXX_OneofWrappers() - } - } - - // normal fields - fields := make([]marshalFieldInfo, n) // batch allocation - u.fields = make([]*marshalFieldInfo, 0, n) - for i, j := 0, 0; i < t.NumField(); i++ { - f := t.Field(i) - - if strings.HasPrefix(f.Name, "XXX_") { - continue - } - field := &fields[j] - j++ - field.name = f.Name - u.fields = append(u.fields, field) - if f.Tag.Get("protobuf_oneof") != "" { - field.computeOneofFieldInfo(&f, oneofImplementers) - continue - } - if f.Tag.Get("protobuf") == "" { - // field has no tag (not in generated message), ignore it - u.fields = u.fields[:len(u.fields)-1] - j-- - continue - } - field.computeMarshalFieldInfo(&f) - } - - // fields are marshaled in tag order on the wire. - sort.Sort(byTag(u.fields)) - - atomic.StoreInt32(&u.initialized, 1) -} - -// helper for sorting fields by tag -type byTag []*marshalFieldInfo - -func (a byTag) Len() int { return len(a) } -func (a byTag) Swap(i, j int) { a[i], a[j] = a[j], a[i] } -func (a byTag) Less(i, j int) bool { return a[i].wiretag < a[j].wiretag } - -// getExtElemInfo returns the information to marshal an extension element. -// The info it returns is initialized. -func (u *marshalInfo) getExtElemInfo(desc *ExtensionDesc) *marshalElemInfo { - // get from cache first - u.RLock() - e, ok := u.extElems[desc.Field] - u.RUnlock() - if ok { - return e - } - - t := reflect.TypeOf(desc.ExtensionType) // pointer or slice to basic type or struct - tags := strings.Split(desc.Tag, ",") - tag, err := strconv.Atoi(tags[1]) - if err != nil { - panic("tag is not an integer") - } - wt := wiretype(tags[0]) - sizr, marshalr := typeMarshaler(t, tags, false, false) - e = &marshalElemInfo{ - wiretag: uint64(tag)<<3 | wt, - tagsize: SizeVarint(uint64(tag) << 3), - sizer: sizr, - marshaler: marshalr, - isptr: t.Kind() == reflect.Ptr, - } - - // update cache - u.Lock() - if u.extElems == nil { - u.extElems = make(map[int32]*marshalElemInfo) - } - u.extElems[desc.Field] = e - u.Unlock() - return e -} - -// computeMarshalFieldInfo fills up the information to marshal a field. -func (fi *marshalFieldInfo) computeMarshalFieldInfo(f *reflect.StructField) { - // parse protobuf tag of the field. - // tag has format of "bytes,49,opt,name=foo,def=hello!" - tags := strings.Split(f.Tag.Get("protobuf"), ",") - if tags[0] == "" { - return - } - tag, err := strconv.Atoi(tags[1]) - if err != nil { - panic("tag is not an integer") - } - wt := wiretype(tags[0]) - if tags[2] == "req" { - fi.required = true - } - fi.setTag(f, tag, wt) - fi.setMarshaler(f, tags) -} - -func (fi *marshalFieldInfo) computeOneofFieldInfo(f *reflect.StructField, oneofImplementers []interface{}) { - fi.field = toField(f) - fi.wiretag = math.MaxInt32 // Use a large tag number, make oneofs sorted at the end. This tag will not appear on the wire. - fi.isPointer = true - fi.sizer, fi.marshaler = makeOneOfMarshaler(fi, f) - fi.oneofElems = make(map[reflect.Type]*marshalElemInfo) - - ityp := f.Type // interface type - for _, o := range oneofImplementers { - t := reflect.TypeOf(o) - if !t.Implements(ityp) { - continue - } - sf := t.Elem().Field(0) // oneof implementer is a struct with a single field - tags := strings.Split(sf.Tag.Get("protobuf"), ",") - tag, err := strconv.Atoi(tags[1]) - if err != nil { - panic("tag is not an integer") - } - wt := wiretype(tags[0]) - sizr, marshalr := typeMarshaler(sf.Type, tags, false, true) // oneof should not omit any zero value - fi.oneofElems[t.Elem()] = &marshalElemInfo{ - wiretag: uint64(tag)<<3 | wt, - tagsize: SizeVarint(uint64(tag) << 3), - sizer: sizr, - marshaler: marshalr, - } - } -} - -// wiretype returns the wire encoding of the type. -func wiretype(encoding string) uint64 { - switch encoding { - case "fixed32": - return WireFixed32 - case "fixed64": - return WireFixed64 - case "varint", "zigzag32", "zigzag64": - return WireVarint - case "bytes": - return WireBytes - case "group": - return WireStartGroup - } - panic("unknown wire type " + encoding) -} - -// setTag fills up the tag (in wire format) and its size in the info of a field. -func (fi *marshalFieldInfo) setTag(f *reflect.StructField, tag int, wt uint64) { - fi.field = toField(f) - fi.wiretag = uint64(tag)<<3 | wt - fi.tagsize = SizeVarint(uint64(tag) << 3) -} - -// setMarshaler fills up the sizer and marshaler in the info of a field. -func (fi *marshalFieldInfo) setMarshaler(f *reflect.StructField, tags []string) { - switch f.Type.Kind() { - case reflect.Map: - // map field - fi.isPointer = true - fi.sizer, fi.marshaler = makeMapMarshaler(f) - return - case reflect.Ptr, reflect.Slice: - fi.isPointer = true - } - fi.sizer, fi.marshaler = typeMarshaler(f.Type, tags, true, false) -} - -// typeMarshaler returns the sizer and marshaler of a given field. -// t is the type of the field. -// tags is the generated "protobuf" tag of the field. -// If nozero is true, zero value is not marshaled to the wire. -// If oneof is true, it is a oneof field. -func typeMarshaler(t reflect.Type, tags []string, nozero, oneof bool) (sizer, marshaler) { - encoding := tags[0] - - pointer := false - slice := false - if t.Kind() == reflect.Slice && t.Elem().Kind() != reflect.Uint8 { - slice = true - t = t.Elem() - } - if t.Kind() == reflect.Ptr { - pointer = true - t = t.Elem() - } - - packed := false - proto3 := false - ctype := false - isTime := false - isDuration := false - isWktPointer := false - validateUTF8 := true - for i := 2; i < len(tags); i++ { - if tags[i] == "packed" { - packed = true - } - if tags[i] == "proto3" { - proto3 = true - } - if strings.HasPrefix(tags[i], "customtype=") { - ctype = true - } - if tags[i] == "stdtime" { - isTime = true - } - if tags[i] == "stdduration" { - isDuration = true - } - if tags[i] == "wktptr" { - isWktPointer = true - } - } - validateUTF8 = validateUTF8 && proto3 - if !proto3 && !pointer && !slice { - nozero = false - } - - if ctype { - if reflect.PtrTo(t).Implements(customType) { - if slice { - return makeMessageRefSliceMarshaler(getMarshalInfo(t)) - } - if pointer { - return makeCustomPtrMarshaler(getMarshalInfo(t)) - } - return makeCustomMarshaler(getMarshalInfo(t)) - } else { - panic(fmt.Sprintf("custom type: type: %v, does not implement the proto.custom interface", t)) - } - } - - if isTime { - if pointer { - if slice { - return makeTimePtrSliceMarshaler(getMarshalInfo(t)) - } - return makeTimePtrMarshaler(getMarshalInfo(t)) - } - if slice { - return makeTimeSliceMarshaler(getMarshalInfo(t)) - } - return makeTimeMarshaler(getMarshalInfo(t)) - } - - if isDuration { - if pointer { - if slice { - return makeDurationPtrSliceMarshaler(getMarshalInfo(t)) - } - return makeDurationPtrMarshaler(getMarshalInfo(t)) - } - if slice { - return makeDurationSliceMarshaler(getMarshalInfo(t)) - } - return makeDurationMarshaler(getMarshalInfo(t)) - } - - if isWktPointer { - switch t.Kind() { - case reflect.Float64: - if pointer { - if slice { - return makeStdDoubleValuePtrSliceMarshaler(getMarshalInfo(t)) - } - return makeStdDoubleValuePtrMarshaler(getMarshalInfo(t)) - } - if slice { - return makeStdDoubleValueSliceMarshaler(getMarshalInfo(t)) - } - return makeStdDoubleValueMarshaler(getMarshalInfo(t)) - case reflect.Float32: - if pointer { - if slice { - return makeStdFloatValuePtrSliceMarshaler(getMarshalInfo(t)) - } - return makeStdFloatValuePtrMarshaler(getMarshalInfo(t)) - } - if slice { - return makeStdFloatValueSliceMarshaler(getMarshalInfo(t)) - } - return makeStdFloatValueMarshaler(getMarshalInfo(t)) - case reflect.Int64: - if pointer { - if slice { - return makeStdInt64ValuePtrSliceMarshaler(getMarshalInfo(t)) - } - return makeStdInt64ValuePtrMarshaler(getMarshalInfo(t)) - } - if slice { - return makeStdInt64ValueSliceMarshaler(getMarshalInfo(t)) - } - return makeStdInt64ValueMarshaler(getMarshalInfo(t)) - case reflect.Uint64: - if pointer { - if slice { - return makeStdUInt64ValuePtrSliceMarshaler(getMarshalInfo(t)) - } - return makeStdUInt64ValuePtrMarshaler(getMarshalInfo(t)) - } - if slice { - return makeStdUInt64ValueSliceMarshaler(getMarshalInfo(t)) - } - return makeStdUInt64ValueMarshaler(getMarshalInfo(t)) - case reflect.Int32: - if pointer { - if slice { - return makeStdInt32ValuePtrSliceMarshaler(getMarshalInfo(t)) - } - return makeStdInt32ValuePtrMarshaler(getMarshalInfo(t)) - } - if slice { - return makeStdInt32ValueSliceMarshaler(getMarshalInfo(t)) - } - return makeStdInt32ValueMarshaler(getMarshalInfo(t)) - case reflect.Uint32: - if pointer { - if slice { - return makeStdUInt32ValuePtrSliceMarshaler(getMarshalInfo(t)) - } - return makeStdUInt32ValuePtrMarshaler(getMarshalInfo(t)) - } - if slice { - return makeStdUInt32ValueSliceMarshaler(getMarshalInfo(t)) - } - return makeStdUInt32ValueMarshaler(getMarshalInfo(t)) - case reflect.Bool: - if pointer { - if slice { - return makeStdBoolValuePtrSliceMarshaler(getMarshalInfo(t)) - } - return makeStdBoolValuePtrMarshaler(getMarshalInfo(t)) - } - if slice { - return makeStdBoolValueSliceMarshaler(getMarshalInfo(t)) - } - return makeStdBoolValueMarshaler(getMarshalInfo(t)) - case reflect.String: - if pointer { - if slice { - return makeStdStringValuePtrSliceMarshaler(getMarshalInfo(t)) - } - return makeStdStringValuePtrMarshaler(getMarshalInfo(t)) - } - if slice { - return makeStdStringValueSliceMarshaler(getMarshalInfo(t)) - } - return makeStdStringValueMarshaler(getMarshalInfo(t)) - case uint8SliceType: - if pointer { - if slice { - return makeStdBytesValuePtrSliceMarshaler(getMarshalInfo(t)) - } - return makeStdBytesValuePtrMarshaler(getMarshalInfo(t)) - } - if slice { - return makeStdBytesValueSliceMarshaler(getMarshalInfo(t)) - } - return makeStdBytesValueMarshaler(getMarshalInfo(t)) - default: - panic(fmt.Sprintf("unknown wktpointer type %#v", t)) - } - } - - switch t.Kind() { - case reflect.Bool: - if pointer { - return sizeBoolPtr, appendBoolPtr - } - if slice { - if packed { - return sizeBoolPackedSlice, appendBoolPackedSlice - } - return sizeBoolSlice, appendBoolSlice - } - if nozero { - return sizeBoolValueNoZero, appendBoolValueNoZero - } - return sizeBoolValue, appendBoolValue - case reflect.Uint32: - switch encoding { - case "fixed32": - if pointer { - return sizeFixed32Ptr, appendFixed32Ptr - } - if slice { - if packed { - return sizeFixed32PackedSlice, appendFixed32PackedSlice - } - return sizeFixed32Slice, appendFixed32Slice - } - if nozero { - return sizeFixed32ValueNoZero, appendFixed32ValueNoZero - } - return sizeFixed32Value, appendFixed32Value - case "varint": - if pointer { - return sizeVarint32Ptr, appendVarint32Ptr - } - if slice { - if packed { - return sizeVarint32PackedSlice, appendVarint32PackedSlice - } - return sizeVarint32Slice, appendVarint32Slice - } - if nozero { - return sizeVarint32ValueNoZero, appendVarint32ValueNoZero - } - return sizeVarint32Value, appendVarint32Value - } - case reflect.Int32: - switch encoding { - case "fixed32": - if pointer { - return sizeFixedS32Ptr, appendFixedS32Ptr - } - if slice { - if packed { - return sizeFixedS32PackedSlice, appendFixedS32PackedSlice - } - return sizeFixedS32Slice, appendFixedS32Slice - } - if nozero { - return sizeFixedS32ValueNoZero, appendFixedS32ValueNoZero - } - return sizeFixedS32Value, appendFixedS32Value - case "varint": - if pointer { - return sizeVarintS32Ptr, appendVarintS32Ptr - } - if slice { - if packed { - return sizeVarintS32PackedSlice, appendVarintS32PackedSlice - } - return sizeVarintS32Slice, appendVarintS32Slice - } - if nozero { - return sizeVarintS32ValueNoZero, appendVarintS32ValueNoZero - } - return sizeVarintS32Value, appendVarintS32Value - case "zigzag32": - if pointer { - return sizeZigzag32Ptr, appendZigzag32Ptr - } - if slice { - if packed { - return sizeZigzag32PackedSlice, appendZigzag32PackedSlice - } - return sizeZigzag32Slice, appendZigzag32Slice - } - if nozero { - return sizeZigzag32ValueNoZero, appendZigzag32ValueNoZero - } - return sizeZigzag32Value, appendZigzag32Value - } - case reflect.Uint64: - switch encoding { - case "fixed64": - if pointer { - return sizeFixed64Ptr, appendFixed64Ptr - } - if slice { - if packed { - return sizeFixed64PackedSlice, appendFixed64PackedSlice - } - return sizeFixed64Slice, appendFixed64Slice - } - if nozero { - return sizeFixed64ValueNoZero, appendFixed64ValueNoZero - } - return sizeFixed64Value, appendFixed64Value - case "varint": - if pointer { - return sizeVarint64Ptr, appendVarint64Ptr - } - if slice { - if packed { - return sizeVarint64PackedSlice, appendVarint64PackedSlice - } - return sizeVarint64Slice, appendVarint64Slice - } - if nozero { - return sizeVarint64ValueNoZero, appendVarint64ValueNoZero - } - return sizeVarint64Value, appendVarint64Value - } - case reflect.Int64: - switch encoding { - case "fixed64": - if pointer { - return sizeFixedS64Ptr, appendFixedS64Ptr - } - if slice { - if packed { - return sizeFixedS64PackedSlice, appendFixedS64PackedSlice - } - return sizeFixedS64Slice, appendFixedS64Slice - } - if nozero { - return sizeFixedS64ValueNoZero, appendFixedS64ValueNoZero - } - return sizeFixedS64Value, appendFixedS64Value - case "varint": - if pointer { - return sizeVarintS64Ptr, appendVarintS64Ptr - } - if slice { - if packed { - return sizeVarintS64PackedSlice, appendVarintS64PackedSlice - } - return sizeVarintS64Slice, appendVarintS64Slice - } - if nozero { - return sizeVarintS64ValueNoZero, appendVarintS64ValueNoZero - } - return sizeVarintS64Value, appendVarintS64Value - case "zigzag64": - if pointer { - return sizeZigzag64Ptr, appendZigzag64Ptr - } - if slice { - if packed { - return sizeZigzag64PackedSlice, appendZigzag64PackedSlice - } - return sizeZigzag64Slice, appendZigzag64Slice - } - if nozero { - return sizeZigzag64ValueNoZero, appendZigzag64ValueNoZero - } - return sizeZigzag64Value, appendZigzag64Value - } - case reflect.Float32: - if pointer { - return sizeFloat32Ptr, appendFloat32Ptr - } - if slice { - if packed { - return sizeFloat32PackedSlice, appendFloat32PackedSlice - } - return sizeFloat32Slice, appendFloat32Slice - } - if nozero { - return sizeFloat32ValueNoZero, appendFloat32ValueNoZero - } - return sizeFloat32Value, appendFloat32Value - case reflect.Float64: - if pointer { - return sizeFloat64Ptr, appendFloat64Ptr - } - if slice { - if packed { - return sizeFloat64PackedSlice, appendFloat64PackedSlice - } - return sizeFloat64Slice, appendFloat64Slice - } - if nozero { - return sizeFloat64ValueNoZero, appendFloat64ValueNoZero - } - return sizeFloat64Value, appendFloat64Value - case reflect.String: - if validateUTF8 { - if pointer { - return sizeStringPtr, appendUTF8StringPtr - } - if slice { - return sizeStringSlice, appendUTF8StringSlice - } - if nozero { - return sizeStringValueNoZero, appendUTF8StringValueNoZero - } - return sizeStringValue, appendUTF8StringValue - } - if pointer { - return sizeStringPtr, appendStringPtr - } - if slice { - return sizeStringSlice, appendStringSlice - } - if nozero { - return sizeStringValueNoZero, appendStringValueNoZero - } - return sizeStringValue, appendStringValue - case reflect.Slice: - if slice { - return sizeBytesSlice, appendBytesSlice - } - if oneof { - // Oneof bytes field may also have "proto3" tag. - // We want to marshal it as a oneof field. Do this - // check before the proto3 check. - return sizeBytesOneof, appendBytesOneof - } - if proto3 { - return sizeBytes3, appendBytes3 - } - return sizeBytes, appendBytes - case reflect.Struct: - switch encoding { - case "group": - if slice { - return makeGroupSliceMarshaler(getMarshalInfo(t)) - } - return makeGroupMarshaler(getMarshalInfo(t)) - case "bytes": - if pointer { - if slice { - return makeMessageSliceMarshaler(getMarshalInfo(t)) - } - return makeMessageMarshaler(getMarshalInfo(t)) - } else { - if slice { - return makeMessageRefSliceMarshaler(getMarshalInfo(t)) - } - return makeMessageRefMarshaler(getMarshalInfo(t)) - } - } - } - panic(fmt.Sprintf("unknown or mismatched type: type: %v, wire type: %v", t, encoding)) -} - -// Below are functions to size/marshal a specific type of a field. -// They are stored in the field's info, and called by function pointers. -// They have type sizer or marshaler. - -func sizeFixed32Value(_ pointer, tagsize int) int { - return 4 + tagsize -} -func sizeFixed32ValueNoZero(ptr pointer, tagsize int) int { - v := *ptr.toUint32() - if v == 0 { - return 0 - } - return 4 + tagsize -} -func sizeFixed32Ptr(ptr pointer, tagsize int) int { - p := *ptr.toUint32Ptr() - if p == nil { - return 0 - } - return 4 + tagsize -} -func sizeFixed32Slice(ptr pointer, tagsize int) int { - s := *ptr.toUint32Slice() - return (4 + tagsize) * len(s) -} -func sizeFixed32PackedSlice(ptr pointer, tagsize int) int { - s := *ptr.toUint32Slice() - if len(s) == 0 { - return 0 - } - return 4*len(s) + SizeVarint(uint64(4*len(s))) + tagsize -} -func sizeFixedS32Value(_ pointer, tagsize int) int { - return 4 + tagsize -} -func sizeFixedS32ValueNoZero(ptr pointer, tagsize int) int { - v := *ptr.toInt32() - if v == 0 { - return 0 - } - return 4 + tagsize -} -func sizeFixedS32Ptr(ptr pointer, tagsize int) int { - p := ptr.getInt32Ptr() - if p == nil { - return 0 - } - return 4 + tagsize -} -func sizeFixedS32Slice(ptr pointer, tagsize int) int { - s := ptr.getInt32Slice() - return (4 + tagsize) * len(s) -} -func sizeFixedS32PackedSlice(ptr pointer, tagsize int) int { - s := ptr.getInt32Slice() - if len(s) == 0 { - return 0 - } - return 4*len(s) + SizeVarint(uint64(4*len(s))) + tagsize -} -func sizeFloat32Value(_ pointer, tagsize int) int { - return 4 + tagsize -} -func sizeFloat32ValueNoZero(ptr pointer, tagsize int) int { - v := math.Float32bits(*ptr.toFloat32()) - if v == 0 { - return 0 - } - return 4 + tagsize -} -func sizeFloat32Ptr(ptr pointer, tagsize int) int { - p := *ptr.toFloat32Ptr() - if p == nil { - return 0 - } - return 4 + tagsize -} -func sizeFloat32Slice(ptr pointer, tagsize int) int { - s := *ptr.toFloat32Slice() - return (4 + tagsize) * len(s) -} -func sizeFloat32PackedSlice(ptr pointer, tagsize int) int { - s := *ptr.toFloat32Slice() - if len(s) == 0 { - return 0 - } - return 4*len(s) + SizeVarint(uint64(4*len(s))) + tagsize -} -func sizeFixed64Value(_ pointer, tagsize int) int { - return 8 + tagsize -} -func sizeFixed64ValueNoZero(ptr pointer, tagsize int) int { - v := *ptr.toUint64() - if v == 0 { - return 0 - } - return 8 + tagsize -} -func sizeFixed64Ptr(ptr pointer, tagsize int) int { - p := *ptr.toUint64Ptr() - if p == nil { - return 0 - } - return 8 + tagsize -} -func sizeFixed64Slice(ptr pointer, tagsize int) int { - s := *ptr.toUint64Slice() - return (8 + tagsize) * len(s) -} -func sizeFixed64PackedSlice(ptr pointer, tagsize int) int { - s := *ptr.toUint64Slice() - if len(s) == 0 { - return 0 - } - return 8*len(s) + SizeVarint(uint64(8*len(s))) + tagsize -} -func sizeFixedS64Value(_ pointer, tagsize int) int { - return 8 + tagsize -} -func sizeFixedS64ValueNoZero(ptr pointer, tagsize int) int { - v := *ptr.toInt64() - if v == 0 { - return 0 - } - return 8 + tagsize -} -func sizeFixedS64Ptr(ptr pointer, tagsize int) int { - p := *ptr.toInt64Ptr() - if p == nil { - return 0 - } - return 8 + tagsize -} -func sizeFixedS64Slice(ptr pointer, tagsize int) int { - s := *ptr.toInt64Slice() - return (8 + tagsize) * len(s) -} -func sizeFixedS64PackedSlice(ptr pointer, tagsize int) int { - s := *ptr.toInt64Slice() - if len(s) == 0 { - return 0 - } - return 8*len(s) + SizeVarint(uint64(8*len(s))) + tagsize -} -func sizeFloat64Value(_ pointer, tagsize int) int { - return 8 + tagsize -} -func sizeFloat64ValueNoZero(ptr pointer, tagsize int) int { - v := math.Float64bits(*ptr.toFloat64()) - if v == 0 { - return 0 - } - return 8 + tagsize -} -func sizeFloat64Ptr(ptr pointer, tagsize int) int { - p := *ptr.toFloat64Ptr() - if p == nil { - return 0 - } - return 8 + tagsize -} -func sizeFloat64Slice(ptr pointer, tagsize int) int { - s := *ptr.toFloat64Slice() - return (8 + tagsize) * len(s) -} -func sizeFloat64PackedSlice(ptr pointer, tagsize int) int { - s := *ptr.toFloat64Slice() - if len(s) == 0 { - return 0 - } - return 8*len(s) + SizeVarint(uint64(8*len(s))) + tagsize -} -func sizeVarint32Value(ptr pointer, tagsize int) int { - v := *ptr.toUint32() - return SizeVarint(uint64(v)) + tagsize -} -func sizeVarint32ValueNoZero(ptr pointer, tagsize int) int { - v := *ptr.toUint32() - if v == 0 { - return 0 - } - return SizeVarint(uint64(v)) + tagsize -} -func sizeVarint32Ptr(ptr pointer, tagsize int) int { - p := *ptr.toUint32Ptr() - if p == nil { - return 0 - } - return SizeVarint(uint64(*p)) + tagsize -} -func sizeVarint32Slice(ptr pointer, tagsize int) int { - s := *ptr.toUint32Slice() - n := 0 - for _, v := range s { - n += SizeVarint(uint64(v)) + tagsize - } - return n -} -func sizeVarint32PackedSlice(ptr pointer, tagsize int) int { - s := *ptr.toUint32Slice() - if len(s) == 0 { - return 0 - } - n := 0 - for _, v := range s { - n += SizeVarint(uint64(v)) - } - return n + SizeVarint(uint64(n)) + tagsize -} -func sizeVarintS32Value(ptr pointer, tagsize int) int { - v := *ptr.toInt32() - return SizeVarint(uint64(v)) + tagsize -} -func sizeVarintS32ValueNoZero(ptr pointer, tagsize int) int { - v := *ptr.toInt32() - if v == 0 { - return 0 - } - return SizeVarint(uint64(v)) + tagsize -} -func sizeVarintS32Ptr(ptr pointer, tagsize int) int { - p := ptr.getInt32Ptr() - if p == nil { - return 0 - } - return SizeVarint(uint64(*p)) + tagsize -} -func sizeVarintS32Slice(ptr pointer, tagsize int) int { - s := ptr.getInt32Slice() - n := 0 - for _, v := range s { - n += SizeVarint(uint64(v)) + tagsize - } - return n -} -func sizeVarintS32PackedSlice(ptr pointer, tagsize int) int { - s := ptr.getInt32Slice() - if len(s) == 0 { - return 0 - } - n := 0 - for _, v := range s { - n += SizeVarint(uint64(v)) - } - return n + SizeVarint(uint64(n)) + tagsize -} -func sizeVarint64Value(ptr pointer, tagsize int) int { - v := *ptr.toUint64() - return SizeVarint(v) + tagsize -} -func sizeVarint64ValueNoZero(ptr pointer, tagsize int) int { - v := *ptr.toUint64() - if v == 0 { - return 0 - } - return SizeVarint(v) + tagsize -} -func sizeVarint64Ptr(ptr pointer, tagsize int) int { - p := *ptr.toUint64Ptr() - if p == nil { - return 0 - } - return SizeVarint(*p) + tagsize -} -func sizeVarint64Slice(ptr pointer, tagsize int) int { - s := *ptr.toUint64Slice() - n := 0 - for _, v := range s { - n += SizeVarint(v) + tagsize - } - return n -} -func sizeVarint64PackedSlice(ptr pointer, tagsize int) int { - s := *ptr.toUint64Slice() - if len(s) == 0 { - return 0 - } - n := 0 - for _, v := range s { - n += SizeVarint(v) - } - return n + SizeVarint(uint64(n)) + tagsize -} -func sizeVarintS64Value(ptr pointer, tagsize int) int { - v := *ptr.toInt64() - return SizeVarint(uint64(v)) + tagsize -} -func sizeVarintS64ValueNoZero(ptr pointer, tagsize int) int { - v := *ptr.toInt64() - if v == 0 { - return 0 - } - return SizeVarint(uint64(v)) + tagsize -} -func sizeVarintS64Ptr(ptr pointer, tagsize int) int { - p := *ptr.toInt64Ptr() - if p == nil { - return 0 - } - return SizeVarint(uint64(*p)) + tagsize -} -func sizeVarintS64Slice(ptr pointer, tagsize int) int { - s := *ptr.toInt64Slice() - n := 0 - for _, v := range s { - n += SizeVarint(uint64(v)) + tagsize - } - return n -} -func sizeVarintS64PackedSlice(ptr pointer, tagsize int) int { - s := *ptr.toInt64Slice() - if len(s) == 0 { - return 0 - } - n := 0 - for _, v := range s { - n += SizeVarint(uint64(v)) - } - return n + SizeVarint(uint64(n)) + tagsize -} -func sizeZigzag32Value(ptr pointer, tagsize int) int { - v := *ptr.toInt32() - return SizeVarint(uint64((uint32(v)<<1)^uint32((int32(v)>>31)))) + tagsize -} -func sizeZigzag32ValueNoZero(ptr pointer, tagsize int) int { - v := *ptr.toInt32() - if v == 0 { - return 0 - } - return SizeVarint(uint64((uint32(v)<<1)^uint32((int32(v)>>31)))) + tagsize -} -func sizeZigzag32Ptr(ptr pointer, tagsize int) int { - p := ptr.getInt32Ptr() - if p == nil { - return 0 - } - v := *p - return SizeVarint(uint64((uint32(v)<<1)^uint32((int32(v)>>31)))) + tagsize -} -func sizeZigzag32Slice(ptr pointer, tagsize int) int { - s := ptr.getInt32Slice() - n := 0 - for _, v := range s { - n += SizeVarint(uint64((uint32(v)<<1)^uint32((int32(v)>>31)))) + tagsize - } - return n -} -func sizeZigzag32PackedSlice(ptr pointer, tagsize int) int { - s := ptr.getInt32Slice() - if len(s) == 0 { - return 0 - } - n := 0 - for _, v := range s { - n += SizeVarint(uint64((uint32(v) << 1) ^ uint32((int32(v) >> 31)))) - } - return n + SizeVarint(uint64(n)) + tagsize -} -func sizeZigzag64Value(ptr pointer, tagsize int) int { - v := *ptr.toInt64() - return SizeVarint(uint64(v<<1)^uint64((int64(v)>>63))) + tagsize -} -func sizeZigzag64ValueNoZero(ptr pointer, tagsize int) int { - v := *ptr.toInt64() - if v == 0 { - return 0 - } - return SizeVarint(uint64(v<<1)^uint64((int64(v)>>63))) + tagsize -} -func sizeZigzag64Ptr(ptr pointer, tagsize int) int { - p := *ptr.toInt64Ptr() - if p == nil { - return 0 - } - v := *p - return SizeVarint(uint64(v<<1)^uint64((int64(v)>>63))) + tagsize -} -func sizeZigzag64Slice(ptr pointer, tagsize int) int { - s := *ptr.toInt64Slice() - n := 0 - for _, v := range s { - n += SizeVarint(uint64(v<<1)^uint64((int64(v)>>63))) + tagsize - } - return n -} -func sizeZigzag64PackedSlice(ptr pointer, tagsize int) int { - s := *ptr.toInt64Slice() - if len(s) == 0 { - return 0 - } - n := 0 - for _, v := range s { - n += SizeVarint(uint64(v<<1) ^ uint64((int64(v) >> 63))) - } - return n + SizeVarint(uint64(n)) + tagsize -} -func sizeBoolValue(_ pointer, tagsize int) int { - return 1 + tagsize -} -func sizeBoolValueNoZero(ptr pointer, tagsize int) int { - v := *ptr.toBool() - if !v { - return 0 - } - return 1 + tagsize -} -func sizeBoolPtr(ptr pointer, tagsize int) int { - p := *ptr.toBoolPtr() - if p == nil { - return 0 - } - return 1 + tagsize -} -func sizeBoolSlice(ptr pointer, tagsize int) int { - s := *ptr.toBoolSlice() - return (1 + tagsize) * len(s) -} -func sizeBoolPackedSlice(ptr pointer, tagsize int) int { - s := *ptr.toBoolSlice() - if len(s) == 0 { - return 0 - } - return len(s) + SizeVarint(uint64(len(s))) + tagsize -} -func sizeStringValue(ptr pointer, tagsize int) int { - v := *ptr.toString() - return len(v) + SizeVarint(uint64(len(v))) + tagsize -} -func sizeStringValueNoZero(ptr pointer, tagsize int) int { - v := *ptr.toString() - if v == "" { - return 0 - } - return len(v) + SizeVarint(uint64(len(v))) + tagsize -} -func sizeStringPtr(ptr pointer, tagsize int) int { - p := *ptr.toStringPtr() - if p == nil { - return 0 - } - v := *p - return len(v) + SizeVarint(uint64(len(v))) + tagsize -} -func sizeStringSlice(ptr pointer, tagsize int) int { - s := *ptr.toStringSlice() - n := 0 - for _, v := range s { - n += len(v) + SizeVarint(uint64(len(v))) + tagsize - } - return n -} -func sizeBytes(ptr pointer, tagsize int) int { - v := *ptr.toBytes() - if v == nil { - return 0 - } - return len(v) + SizeVarint(uint64(len(v))) + tagsize -} -func sizeBytes3(ptr pointer, tagsize int) int { - v := *ptr.toBytes() - if len(v) == 0 { - return 0 - } - return len(v) + SizeVarint(uint64(len(v))) + tagsize -} -func sizeBytesOneof(ptr pointer, tagsize int) int { - v := *ptr.toBytes() - return len(v) + SizeVarint(uint64(len(v))) + tagsize -} -func sizeBytesSlice(ptr pointer, tagsize int) int { - s := *ptr.toBytesSlice() - n := 0 - for _, v := range s { - n += len(v) + SizeVarint(uint64(len(v))) + tagsize - } - return n -} - -// appendFixed32 appends an encoded fixed32 to b. -func appendFixed32(b []byte, v uint32) []byte { - b = append(b, - byte(v), - byte(v>>8), - byte(v>>16), - byte(v>>24)) - return b -} - -// appendFixed64 appends an encoded fixed64 to b. -func appendFixed64(b []byte, v uint64) []byte { - b = append(b, - byte(v), - byte(v>>8), - byte(v>>16), - byte(v>>24), - byte(v>>32), - byte(v>>40), - byte(v>>48), - byte(v>>56)) - return b -} - -// appendVarint appends an encoded varint to b. -func appendVarint(b []byte, v uint64) []byte { - // TODO: make 1-byte (maybe 2-byte) case inline-able, once we - // have non-leaf inliner. - switch { - case v < 1<<7: - b = append(b, byte(v)) - case v < 1<<14: - b = append(b, - byte(v&0x7f|0x80), - byte(v>>7)) - case v < 1<<21: - b = append(b, - byte(v&0x7f|0x80), - byte((v>>7)&0x7f|0x80), - byte(v>>14)) - case v < 1<<28: - b = append(b, - byte(v&0x7f|0x80), - byte((v>>7)&0x7f|0x80), - byte((v>>14)&0x7f|0x80), - byte(v>>21)) - case v < 1<<35: - b = append(b, - byte(v&0x7f|0x80), - byte((v>>7)&0x7f|0x80), - byte((v>>14)&0x7f|0x80), - byte((v>>21)&0x7f|0x80), - byte(v>>28)) - case v < 1<<42: - b = append(b, - byte(v&0x7f|0x80), - byte((v>>7)&0x7f|0x80), - byte((v>>14)&0x7f|0x80), - byte((v>>21)&0x7f|0x80), - byte((v>>28)&0x7f|0x80), - byte(v>>35)) - case v < 1<<49: - b = append(b, - byte(v&0x7f|0x80), - byte((v>>7)&0x7f|0x80), - byte((v>>14)&0x7f|0x80), - byte((v>>21)&0x7f|0x80), - byte((v>>28)&0x7f|0x80), - byte((v>>35)&0x7f|0x80), - byte(v>>42)) - case v < 1<<56: - b = append(b, - byte(v&0x7f|0x80), - byte((v>>7)&0x7f|0x80), - byte((v>>14)&0x7f|0x80), - byte((v>>21)&0x7f|0x80), - byte((v>>28)&0x7f|0x80), - byte((v>>35)&0x7f|0x80), - byte((v>>42)&0x7f|0x80), - byte(v>>49)) - case v < 1<<63: - b = append(b, - byte(v&0x7f|0x80), - byte((v>>7)&0x7f|0x80), - byte((v>>14)&0x7f|0x80), - byte((v>>21)&0x7f|0x80), - byte((v>>28)&0x7f|0x80), - byte((v>>35)&0x7f|0x80), - byte((v>>42)&0x7f|0x80), - byte((v>>49)&0x7f|0x80), - byte(v>>56)) - default: - b = append(b, - byte(v&0x7f|0x80), - byte((v>>7)&0x7f|0x80), - byte((v>>14)&0x7f|0x80), - byte((v>>21)&0x7f|0x80), - byte((v>>28)&0x7f|0x80), - byte((v>>35)&0x7f|0x80), - byte((v>>42)&0x7f|0x80), - byte((v>>49)&0x7f|0x80), - byte((v>>56)&0x7f|0x80), - 1) - } - return b -} - -func appendFixed32Value(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - v := *ptr.toUint32() - b = appendVarint(b, wiretag) - b = appendFixed32(b, v) - return b, nil -} -func appendFixed32ValueNoZero(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - v := *ptr.toUint32() - if v == 0 { - return b, nil - } - b = appendVarint(b, wiretag) - b = appendFixed32(b, v) - return b, nil -} -func appendFixed32Ptr(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - p := *ptr.toUint32Ptr() - if p == nil { - return b, nil - } - b = appendVarint(b, wiretag) - b = appendFixed32(b, *p) - return b, nil -} -func appendFixed32Slice(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - s := *ptr.toUint32Slice() - for _, v := range s { - b = appendVarint(b, wiretag) - b = appendFixed32(b, v) - } - return b, nil -} -func appendFixed32PackedSlice(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - s := *ptr.toUint32Slice() - if len(s) == 0 { - return b, nil - } - b = appendVarint(b, wiretag&^7|WireBytes) - b = appendVarint(b, uint64(4*len(s))) - for _, v := range s { - b = appendFixed32(b, v) - } - return b, nil -} -func appendFixedS32Value(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - v := *ptr.toInt32() - b = appendVarint(b, wiretag) - b = appendFixed32(b, uint32(v)) - return b, nil -} -func appendFixedS32ValueNoZero(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - v := *ptr.toInt32() - if v == 0 { - return b, nil - } - b = appendVarint(b, wiretag) - b = appendFixed32(b, uint32(v)) - return b, nil -} -func appendFixedS32Ptr(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - p := ptr.getInt32Ptr() - if p == nil { - return b, nil - } - b = appendVarint(b, wiretag) - b = appendFixed32(b, uint32(*p)) - return b, nil -} -func appendFixedS32Slice(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - s := ptr.getInt32Slice() - for _, v := range s { - b = appendVarint(b, wiretag) - b = appendFixed32(b, uint32(v)) - } - return b, nil -} -func appendFixedS32PackedSlice(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - s := ptr.getInt32Slice() - if len(s) == 0 { - return b, nil - } - b = appendVarint(b, wiretag&^7|WireBytes) - b = appendVarint(b, uint64(4*len(s))) - for _, v := range s { - b = appendFixed32(b, uint32(v)) - } - return b, nil -} -func appendFloat32Value(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - v := math.Float32bits(*ptr.toFloat32()) - b = appendVarint(b, wiretag) - b = appendFixed32(b, v) - return b, nil -} -func appendFloat32ValueNoZero(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - v := math.Float32bits(*ptr.toFloat32()) - if v == 0 { - return b, nil - } - b = appendVarint(b, wiretag) - b = appendFixed32(b, v) - return b, nil -} -func appendFloat32Ptr(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - p := *ptr.toFloat32Ptr() - if p == nil { - return b, nil - } - b = appendVarint(b, wiretag) - b = appendFixed32(b, math.Float32bits(*p)) - return b, nil -} -func appendFloat32Slice(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - s := *ptr.toFloat32Slice() - for _, v := range s { - b = appendVarint(b, wiretag) - b = appendFixed32(b, math.Float32bits(v)) - } - return b, nil -} -func appendFloat32PackedSlice(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - s := *ptr.toFloat32Slice() - if len(s) == 0 { - return b, nil - } - b = appendVarint(b, wiretag&^7|WireBytes) - b = appendVarint(b, uint64(4*len(s))) - for _, v := range s { - b = appendFixed32(b, math.Float32bits(v)) - } - return b, nil -} -func appendFixed64Value(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - v := *ptr.toUint64() - b = appendVarint(b, wiretag) - b = appendFixed64(b, v) - return b, nil -} -func appendFixed64ValueNoZero(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - v := *ptr.toUint64() - if v == 0 { - return b, nil - } - b = appendVarint(b, wiretag) - b = appendFixed64(b, v) - return b, nil -} -func appendFixed64Ptr(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - p := *ptr.toUint64Ptr() - if p == nil { - return b, nil - } - b = appendVarint(b, wiretag) - b = appendFixed64(b, *p) - return b, nil -} -func appendFixed64Slice(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - s := *ptr.toUint64Slice() - for _, v := range s { - b = appendVarint(b, wiretag) - b = appendFixed64(b, v) - } - return b, nil -} -func appendFixed64PackedSlice(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - s := *ptr.toUint64Slice() - if len(s) == 0 { - return b, nil - } - b = appendVarint(b, wiretag&^7|WireBytes) - b = appendVarint(b, uint64(8*len(s))) - for _, v := range s { - b = appendFixed64(b, v) - } - return b, nil -} -func appendFixedS64Value(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - v := *ptr.toInt64() - b = appendVarint(b, wiretag) - b = appendFixed64(b, uint64(v)) - return b, nil -} -func appendFixedS64ValueNoZero(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - v := *ptr.toInt64() - if v == 0 { - return b, nil - } - b = appendVarint(b, wiretag) - b = appendFixed64(b, uint64(v)) - return b, nil -} -func appendFixedS64Ptr(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - p := *ptr.toInt64Ptr() - if p == nil { - return b, nil - } - b = appendVarint(b, wiretag) - b = appendFixed64(b, uint64(*p)) - return b, nil -} -func appendFixedS64Slice(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - s := *ptr.toInt64Slice() - for _, v := range s { - b = appendVarint(b, wiretag) - b = appendFixed64(b, uint64(v)) - } - return b, nil -} -func appendFixedS64PackedSlice(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - s := *ptr.toInt64Slice() - if len(s) == 0 { - return b, nil - } - b = appendVarint(b, wiretag&^7|WireBytes) - b = appendVarint(b, uint64(8*len(s))) - for _, v := range s { - b = appendFixed64(b, uint64(v)) - } - return b, nil -} -func appendFloat64Value(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - v := math.Float64bits(*ptr.toFloat64()) - b = appendVarint(b, wiretag) - b = appendFixed64(b, v) - return b, nil -} -func appendFloat64ValueNoZero(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - v := math.Float64bits(*ptr.toFloat64()) - if v == 0 { - return b, nil - } - b = appendVarint(b, wiretag) - b = appendFixed64(b, v) - return b, nil -} -func appendFloat64Ptr(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - p := *ptr.toFloat64Ptr() - if p == nil { - return b, nil - } - b = appendVarint(b, wiretag) - b = appendFixed64(b, math.Float64bits(*p)) - return b, nil -} -func appendFloat64Slice(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - s := *ptr.toFloat64Slice() - for _, v := range s { - b = appendVarint(b, wiretag) - b = appendFixed64(b, math.Float64bits(v)) - } - return b, nil -} -func appendFloat64PackedSlice(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - s := *ptr.toFloat64Slice() - if len(s) == 0 { - return b, nil - } - b = appendVarint(b, wiretag&^7|WireBytes) - b = appendVarint(b, uint64(8*len(s))) - for _, v := range s { - b = appendFixed64(b, math.Float64bits(v)) - } - return b, nil -} -func appendVarint32Value(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - v := *ptr.toUint32() - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(v)) - return b, nil -} -func appendVarint32ValueNoZero(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - v := *ptr.toUint32() - if v == 0 { - return b, nil - } - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(v)) - return b, nil -} -func appendVarint32Ptr(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - p := *ptr.toUint32Ptr() - if p == nil { - return b, nil - } - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(*p)) - return b, nil -} -func appendVarint32Slice(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - s := *ptr.toUint32Slice() - for _, v := range s { - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(v)) - } - return b, nil -} -func appendVarint32PackedSlice(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - s := *ptr.toUint32Slice() - if len(s) == 0 { - return b, nil - } - b = appendVarint(b, wiretag&^7|WireBytes) - // compute size - n := 0 - for _, v := range s { - n += SizeVarint(uint64(v)) - } - b = appendVarint(b, uint64(n)) - for _, v := range s { - b = appendVarint(b, uint64(v)) - } - return b, nil -} -func appendVarintS32Value(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - v := *ptr.toInt32() - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(v)) - return b, nil -} -func appendVarintS32ValueNoZero(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - v := *ptr.toInt32() - if v == 0 { - return b, nil - } - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(v)) - return b, nil -} -func appendVarintS32Ptr(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - p := ptr.getInt32Ptr() - if p == nil { - return b, nil - } - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(*p)) - return b, nil -} -func appendVarintS32Slice(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - s := ptr.getInt32Slice() - for _, v := range s { - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(v)) - } - return b, nil -} -func appendVarintS32PackedSlice(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - s := ptr.getInt32Slice() - if len(s) == 0 { - return b, nil - } - b = appendVarint(b, wiretag&^7|WireBytes) - // compute size - n := 0 - for _, v := range s { - n += SizeVarint(uint64(v)) - } - b = appendVarint(b, uint64(n)) - for _, v := range s { - b = appendVarint(b, uint64(v)) - } - return b, nil -} -func appendVarint64Value(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - v := *ptr.toUint64() - b = appendVarint(b, wiretag) - b = appendVarint(b, v) - return b, nil -} -func appendVarint64ValueNoZero(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - v := *ptr.toUint64() - if v == 0 { - return b, nil - } - b = appendVarint(b, wiretag) - b = appendVarint(b, v) - return b, nil -} -func appendVarint64Ptr(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - p := *ptr.toUint64Ptr() - if p == nil { - return b, nil - } - b = appendVarint(b, wiretag) - b = appendVarint(b, *p) - return b, nil -} -func appendVarint64Slice(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - s := *ptr.toUint64Slice() - for _, v := range s { - b = appendVarint(b, wiretag) - b = appendVarint(b, v) - } - return b, nil -} -func appendVarint64PackedSlice(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - s := *ptr.toUint64Slice() - if len(s) == 0 { - return b, nil - } - b = appendVarint(b, wiretag&^7|WireBytes) - // compute size - n := 0 - for _, v := range s { - n += SizeVarint(v) - } - b = appendVarint(b, uint64(n)) - for _, v := range s { - b = appendVarint(b, v) - } - return b, nil -} -func appendVarintS64Value(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - v := *ptr.toInt64() - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(v)) - return b, nil -} -func appendVarintS64ValueNoZero(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - v := *ptr.toInt64() - if v == 0 { - return b, nil - } - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(v)) - return b, nil -} -func appendVarintS64Ptr(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - p := *ptr.toInt64Ptr() - if p == nil { - return b, nil - } - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(*p)) - return b, nil -} -func appendVarintS64Slice(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - s := *ptr.toInt64Slice() - for _, v := range s { - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(v)) - } - return b, nil -} -func appendVarintS64PackedSlice(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - s := *ptr.toInt64Slice() - if len(s) == 0 { - return b, nil - } - b = appendVarint(b, wiretag&^7|WireBytes) - // compute size - n := 0 - for _, v := range s { - n += SizeVarint(uint64(v)) - } - b = appendVarint(b, uint64(n)) - for _, v := range s { - b = appendVarint(b, uint64(v)) - } - return b, nil -} -func appendZigzag32Value(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - v := *ptr.toInt32() - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64((uint32(v)<<1)^uint32((int32(v)>>31)))) - return b, nil -} -func appendZigzag32ValueNoZero(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - v := *ptr.toInt32() - if v == 0 { - return b, nil - } - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64((uint32(v)<<1)^uint32((int32(v)>>31)))) - return b, nil -} -func appendZigzag32Ptr(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - p := ptr.getInt32Ptr() - if p == nil { - return b, nil - } - b = appendVarint(b, wiretag) - v := *p - b = appendVarint(b, uint64((uint32(v)<<1)^uint32((int32(v)>>31)))) - return b, nil -} -func appendZigzag32Slice(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - s := ptr.getInt32Slice() - for _, v := range s { - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64((uint32(v)<<1)^uint32((int32(v)>>31)))) - } - return b, nil -} -func appendZigzag32PackedSlice(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - s := ptr.getInt32Slice() - if len(s) == 0 { - return b, nil - } - b = appendVarint(b, wiretag&^7|WireBytes) - // compute size - n := 0 - for _, v := range s { - n += SizeVarint(uint64((uint32(v) << 1) ^ uint32((int32(v) >> 31)))) - } - b = appendVarint(b, uint64(n)) - for _, v := range s { - b = appendVarint(b, uint64((uint32(v)<<1)^uint32((int32(v)>>31)))) - } - return b, nil -} -func appendZigzag64Value(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - v := *ptr.toInt64() - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(v<<1)^uint64((int64(v)>>63))) - return b, nil -} -func appendZigzag64ValueNoZero(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - v := *ptr.toInt64() - if v == 0 { - return b, nil - } - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(v<<1)^uint64((int64(v)>>63))) - return b, nil -} -func appendZigzag64Ptr(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - p := *ptr.toInt64Ptr() - if p == nil { - return b, nil - } - b = appendVarint(b, wiretag) - v := *p - b = appendVarint(b, uint64(v<<1)^uint64((int64(v)>>63))) - return b, nil -} -func appendZigzag64Slice(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - s := *ptr.toInt64Slice() - for _, v := range s { - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(v<<1)^uint64((int64(v)>>63))) - } - return b, nil -} -func appendZigzag64PackedSlice(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - s := *ptr.toInt64Slice() - if len(s) == 0 { - return b, nil - } - b = appendVarint(b, wiretag&^7|WireBytes) - // compute size - n := 0 - for _, v := range s { - n += SizeVarint(uint64(v<<1) ^ uint64((int64(v) >> 63))) - } - b = appendVarint(b, uint64(n)) - for _, v := range s { - b = appendVarint(b, uint64(v<<1)^uint64((int64(v)>>63))) - } - return b, nil -} -func appendBoolValue(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - v := *ptr.toBool() - b = appendVarint(b, wiretag) - if v { - b = append(b, 1) - } else { - b = append(b, 0) - } - return b, nil -} -func appendBoolValueNoZero(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - v := *ptr.toBool() - if !v { - return b, nil - } - b = appendVarint(b, wiretag) - b = append(b, 1) - return b, nil -} - -func appendBoolPtr(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - p := *ptr.toBoolPtr() - if p == nil { - return b, nil - } - b = appendVarint(b, wiretag) - if *p { - b = append(b, 1) - } else { - b = append(b, 0) - } - return b, nil -} -func appendBoolSlice(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - s := *ptr.toBoolSlice() - for _, v := range s { - b = appendVarint(b, wiretag) - if v { - b = append(b, 1) - } else { - b = append(b, 0) - } - } - return b, nil -} -func appendBoolPackedSlice(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - s := *ptr.toBoolSlice() - if len(s) == 0 { - return b, nil - } - b = appendVarint(b, wiretag&^7|WireBytes) - b = appendVarint(b, uint64(len(s))) - for _, v := range s { - if v { - b = append(b, 1) - } else { - b = append(b, 0) - } - } - return b, nil -} -func appendStringValue(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - v := *ptr.toString() - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(len(v))) - b = append(b, v...) - return b, nil -} -func appendStringValueNoZero(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - v := *ptr.toString() - if v == "" { - return b, nil - } - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(len(v))) - b = append(b, v...) - return b, nil -} -func appendStringPtr(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - p := *ptr.toStringPtr() - if p == nil { - return b, nil - } - v := *p - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(len(v))) - b = append(b, v...) - return b, nil -} -func appendStringSlice(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - s := *ptr.toStringSlice() - for _, v := range s { - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(len(v))) - b = append(b, v...) - } - return b, nil -} -func appendUTF8StringValue(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - var invalidUTF8 bool - v := *ptr.toString() - if !utf8.ValidString(v) { - invalidUTF8 = true - } - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(len(v))) - b = append(b, v...) - if invalidUTF8 { - return b, errInvalidUTF8 - } - return b, nil -} -func appendUTF8StringValueNoZero(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - var invalidUTF8 bool - v := *ptr.toString() - if v == "" { - return b, nil - } - if !utf8.ValidString(v) { - invalidUTF8 = true - } - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(len(v))) - b = append(b, v...) - if invalidUTF8 { - return b, errInvalidUTF8 - } - return b, nil -} -func appendUTF8StringPtr(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - var invalidUTF8 bool - p := *ptr.toStringPtr() - if p == nil { - return b, nil - } - v := *p - if !utf8.ValidString(v) { - invalidUTF8 = true - } - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(len(v))) - b = append(b, v...) - if invalidUTF8 { - return b, errInvalidUTF8 - } - return b, nil -} -func appendUTF8StringSlice(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - var invalidUTF8 bool - s := *ptr.toStringSlice() - for _, v := range s { - if !utf8.ValidString(v) { - invalidUTF8 = true - } - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(len(v))) - b = append(b, v...) - } - if invalidUTF8 { - return b, errInvalidUTF8 - } - return b, nil -} -func appendBytes(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - v := *ptr.toBytes() - if v == nil { - return b, nil - } - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(len(v))) - b = append(b, v...) - return b, nil -} -func appendBytes3(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - v := *ptr.toBytes() - if len(v) == 0 { - return b, nil - } - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(len(v))) - b = append(b, v...) - return b, nil -} -func appendBytesOneof(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - v := *ptr.toBytes() - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(len(v))) - b = append(b, v...) - return b, nil -} -func appendBytesSlice(b []byte, ptr pointer, wiretag uint64, _ bool) ([]byte, error) { - s := *ptr.toBytesSlice() - for _, v := range s { - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(len(v))) - b = append(b, v...) - } - return b, nil -} - -// makeGroupMarshaler returns the sizer and marshaler for a group. -// u is the marshal info of the underlying message. -func makeGroupMarshaler(u *marshalInfo) (sizer, marshaler) { - return func(ptr pointer, tagsize int) int { - p := ptr.getPointer() - if p.isNil() { - return 0 - } - return u.size(p) + 2*tagsize - }, - func(b []byte, ptr pointer, wiretag uint64, deterministic bool) ([]byte, error) { - p := ptr.getPointer() - if p.isNil() { - return b, nil - } - var err error - b = appendVarint(b, wiretag) // start group - b, err = u.marshal(b, p, deterministic) - b = appendVarint(b, wiretag+(WireEndGroup-WireStartGroup)) // end group - return b, err - } -} - -// makeGroupSliceMarshaler returns the sizer and marshaler for a group slice. -// u is the marshal info of the underlying message. -func makeGroupSliceMarshaler(u *marshalInfo) (sizer, marshaler) { - return func(ptr pointer, tagsize int) int { - s := ptr.getPointerSlice() - n := 0 - for _, v := range s { - if v.isNil() { - continue - } - n += u.size(v) + 2*tagsize - } - return n - }, - func(b []byte, ptr pointer, wiretag uint64, deterministic bool) ([]byte, error) { - s := ptr.getPointerSlice() - var err error - var nerr nonFatal - for _, v := range s { - if v.isNil() { - return b, errRepeatedHasNil - } - b = appendVarint(b, wiretag) // start group - b, err = u.marshal(b, v, deterministic) - b = appendVarint(b, wiretag+(WireEndGroup-WireStartGroup)) // end group - if !nerr.Merge(err) { - if err == ErrNil { - err = errRepeatedHasNil - } - return b, err - } - } - return b, nerr.E - } -} - -// makeMessageMarshaler returns the sizer and marshaler for a message field. -// u is the marshal info of the message. -func makeMessageMarshaler(u *marshalInfo) (sizer, marshaler) { - return func(ptr pointer, tagsize int) int { - p := ptr.getPointer() - if p.isNil() { - return 0 - } - siz := u.size(p) - return siz + SizeVarint(uint64(siz)) + tagsize - }, - func(b []byte, ptr pointer, wiretag uint64, deterministic bool) ([]byte, error) { - p := ptr.getPointer() - if p.isNil() { - return b, nil - } - b = appendVarint(b, wiretag) - siz := u.cachedsize(p) - b = appendVarint(b, uint64(siz)) - return u.marshal(b, p, deterministic) - } -} - -// makeMessageSliceMarshaler returns the sizer and marshaler for a message slice. -// u is the marshal info of the message. -func makeMessageSliceMarshaler(u *marshalInfo) (sizer, marshaler) { - return func(ptr pointer, tagsize int) int { - s := ptr.getPointerSlice() - n := 0 - for _, v := range s { - if v.isNil() { - continue - } - siz := u.size(v) - n += siz + SizeVarint(uint64(siz)) + tagsize - } - return n - }, - func(b []byte, ptr pointer, wiretag uint64, deterministic bool) ([]byte, error) { - s := ptr.getPointerSlice() - var err error - var nerr nonFatal - for _, v := range s { - if v.isNil() { - return b, errRepeatedHasNil - } - b = appendVarint(b, wiretag) - siz := u.cachedsize(v) - b = appendVarint(b, uint64(siz)) - b, err = u.marshal(b, v, deterministic) - - if !nerr.Merge(err) { - if err == ErrNil { - err = errRepeatedHasNil - } - return b, err - } - } - return b, nerr.E - } -} - -// makeMapMarshaler returns the sizer and marshaler for a map field. -// f is the pointer to the reflect data structure of the field. -func makeMapMarshaler(f *reflect.StructField) (sizer, marshaler) { - // figure out key and value type - t := f.Type - keyType := t.Key() - valType := t.Elem() - tags := strings.Split(f.Tag.Get("protobuf"), ",") - keyTags := strings.Split(f.Tag.Get("protobuf_key"), ",") - valTags := strings.Split(f.Tag.Get("protobuf_val"), ",") - stdOptions := false - for _, t := range tags { - if strings.HasPrefix(t, "customtype=") { - valTags = append(valTags, t) - } - if t == "stdtime" { - valTags = append(valTags, t) - stdOptions = true - } - if t == "stdduration" { - valTags = append(valTags, t) - stdOptions = true - } - if t == "wktptr" { - valTags = append(valTags, t) - } - } - keySizer, keyMarshaler := typeMarshaler(keyType, keyTags, false, false) // don't omit zero value in map - valSizer, valMarshaler := typeMarshaler(valType, valTags, false, false) // don't omit zero value in map - keyWireTag := 1<<3 | wiretype(keyTags[0]) - valWireTag := 2<<3 | wiretype(valTags[0]) - - // We create an interface to get the addresses of the map key and value. - // If value is pointer-typed, the interface is a direct interface, the - // idata itself is the value. Otherwise, the idata is the pointer to the - // value. - // Key cannot be pointer-typed. - valIsPtr := valType.Kind() == reflect.Ptr - - // If value is a message with nested maps, calling - // valSizer in marshal may be quadratic. We should use - // cached version in marshal (but not in size). - // If value is not message type, we don't have size cache, - // but it cannot be nested either. Just use valSizer. - valCachedSizer := valSizer - if valIsPtr && !stdOptions && valType.Elem().Kind() == reflect.Struct { - u := getMarshalInfo(valType.Elem()) - valCachedSizer = func(ptr pointer, tagsize int) int { - // Same as message sizer, but use cache. - p := ptr.getPointer() - if p.isNil() { - return 0 - } - siz := u.cachedsize(p) - return siz + SizeVarint(uint64(siz)) + tagsize - } - } - return func(ptr pointer, tagsize int) int { - m := ptr.asPointerTo(t).Elem() // the map - n := 0 - for _, k := range m.MapKeys() { - ki := k.Interface() - vi := m.MapIndex(k).Interface() - kaddr := toAddrPointer(&ki, false) // pointer to key - vaddr := toAddrPointer(&vi, valIsPtr) // pointer to value - siz := keySizer(kaddr, 1) + valSizer(vaddr, 1) // tag of key = 1 (size=1), tag of val = 2 (size=1) - n += siz + SizeVarint(uint64(siz)) + tagsize - } - return n - }, - func(b []byte, ptr pointer, tag uint64, deterministic bool) ([]byte, error) { - m := ptr.asPointerTo(t).Elem() // the map - var err error - keys := m.MapKeys() - if len(keys) > 1 && deterministic { - sort.Sort(mapKeys(keys)) - } - - var nerr nonFatal - for _, k := range keys { - ki := k.Interface() - vi := m.MapIndex(k).Interface() - kaddr := toAddrPointer(&ki, false) // pointer to key - vaddr := toAddrPointer(&vi, valIsPtr) // pointer to value - b = appendVarint(b, tag) - siz := keySizer(kaddr, 1) + valCachedSizer(vaddr, 1) // tag of key = 1 (size=1), tag of val = 2 (size=1) - b = appendVarint(b, uint64(siz)) - b, err = keyMarshaler(b, kaddr, keyWireTag, deterministic) - if !nerr.Merge(err) { - return b, err - } - b, err = valMarshaler(b, vaddr, valWireTag, deterministic) - if err != ErrNil && !nerr.Merge(err) { // allow nil value in map - return b, err - } - } - return b, nerr.E - } -} - -// makeOneOfMarshaler returns the sizer and marshaler for a oneof field. -// fi is the marshal info of the field. -// f is the pointer to the reflect data structure of the field. -func makeOneOfMarshaler(fi *marshalFieldInfo, f *reflect.StructField) (sizer, marshaler) { - // Oneof field is an interface. We need to get the actual data type on the fly. - t := f.Type - return func(ptr pointer, _ int) int { - p := ptr.getInterfacePointer() - if p.isNil() { - return 0 - } - v := ptr.asPointerTo(t).Elem().Elem().Elem() // *interface -> interface -> *struct -> struct - telem := v.Type() - e := fi.oneofElems[telem] - return e.sizer(p, e.tagsize) - }, - func(b []byte, ptr pointer, _ uint64, deterministic bool) ([]byte, error) { - p := ptr.getInterfacePointer() - if p.isNil() { - return b, nil - } - v := ptr.asPointerTo(t).Elem().Elem().Elem() // *interface -> interface -> *struct -> struct - telem := v.Type() - if telem.Field(0).Type.Kind() == reflect.Ptr && p.getPointer().isNil() { - return b, errOneofHasNil - } - e := fi.oneofElems[telem] - return e.marshaler(b, p, e.wiretag, deterministic) - } -} - -// sizeExtensions computes the size of encoded data for a XXX_InternalExtensions field. -func (u *marshalInfo) sizeExtensions(ext *XXX_InternalExtensions) int { - m, mu := ext.extensionsRead() - if m == nil { - return 0 - } - mu.Lock() - - n := 0 - for _, e := range m { - if e.value == nil || e.desc == nil { - // Extension is only in its encoded form. - n += len(e.enc) - continue - } - - // We don't skip extensions that have an encoded form set, - // because the extension value may have been mutated after - // the last time this function was called. - ei := u.getExtElemInfo(e.desc) - v := e.value - p := toAddrPointer(&v, ei.isptr) - n += ei.sizer(p, ei.tagsize) - } - mu.Unlock() - return n -} - -// appendExtensions marshals a XXX_InternalExtensions field to the end of byte slice b. -func (u *marshalInfo) appendExtensions(b []byte, ext *XXX_InternalExtensions, deterministic bool) ([]byte, error) { - m, mu := ext.extensionsRead() - if m == nil { - return b, nil - } - mu.Lock() - defer mu.Unlock() - - var err error - var nerr nonFatal - - // Fast-path for common cases: zero or one extensions. - // Don't bother sorting the keys. - if len(m) <= 1 { - for _, e := range m { - if e.value == nil || e.desc == nil { - // Extension is only in its encoded form. - b = append(b, e.enc...) - continue - } - - // We don't skip extensions that have an encoded form set, - // because the extension value may have been mutated after - // the last time this function was called. - - ei := u.getExtElemInfo(e.desc) - v := e.value - p := toAddrPointer(&v, ei.isptr) - b, err = ei.marshaler(b, p, ei.wiretag, deterministic) - if !nerr.Merge(err) { - return b, err - } - } - return b, nerr.E - } - - // Sort the keys to provide a deterministic encoding. - // Not sure this is required, but the old code does it. - keys := make([]int, 0, len(m)) - for k := range m { - keys = append(keys, int(k)) - } - sort.Ints(keys) - - for _, k := range keys { - e := m[int32(k)] - if e.value == nil || e.desc == nil { - // Extension is only in its encoded form. - b = append(b, e.enc...) - continue - } - - // We don't skip extensions that have an encoded form set, - // because the extension value may have been mutated after - // the last time this function was called. - - ei := u.getExtElemInfo(e.desc) - v := e.value - p := toAddrPointer(&v, ei.isptr) - b, err = ei.marshaler(b, p, ei.wiretag, deterministic) - if !nerr.Merge(err) { - return b, err - } - } - return b, nerr.E -} - -// message set format is: -// message MessageSet { -// repeated group Item = 1 { -// required int32 type_id = 2; -// required string message = 3; -// }; -// } - -// sizeMessageSet computes the size of encoded data for a XXX_InternalExtensions field -// in message set format (above). -func (u *marshalInfo) sizeMessageSet(ext *XXX_InternalExtensions) int { - m, mu := ext.extensionsRead() - if m == nil { - return 0 - } - mu.Lock() - - n := 0 - for id, e := range m { - n += 2 // start group, end group. tag = 1 (size=1) - n += SizeVarint(uint64(id)) + 1 // type_id, tag = 2 (size=1) - - if e.value == nil || e.desc == nil { - // Extension is only in its encoded form. - msgWithLen := skipVarint(e.enc) // skip old tag, but leave the length varint - siz := len(msgWithLen) - n += siz + 1 // message, tag = 3 (size=1) - continue - } - - // We don't skip extensions that have an encoded form set, - // because the extension value may have been mutated after - // the last time this function was called. - - ei := u.getExtElemInfo(e.desc) - v := e.value - p := toAddrPointer(&v, ei.isptr) - n += ei.sizer(p, 1) // message, tag = 3 (size=1) - } - mu.Unlock() - return n -} - -// appendMessageSet marshals a XXX_InternalExtensions field in message set format (above) -// to the end of byte slice b. -func (u *marshalInfo) appendMessageSet(b []byte, ext *XXX_InternalExtensions, deterministic bool) ([]byte, error) { - m, mu := ext.extensionsRead() - if m == nil { - return b, nil - } - mu.Lock() - defer mu.Unlock() - - var err error - var nerr nonFatal - - // Fast-path for common cases: zero or one extensions. - // Don't bother sorting the keys. - if len(m) <= 1 { - for id, e := range m { - b = append(b, 1<<3|WireStartGroup) - b = append(b, 2<<3|WireVarint) - b = appendVarint(b, uint64(id)) - - if e.value == nil || e.desc == nil { - // Extension is only in its encoded form. - msgWithLen := skipVarint(e.enc) // skip old tag, but leave the length varint - b = append(b, 3<<3|WireBytes) - b = append(b, msgWithLen...) - b = append(b, 1<<3|WireEndGroup) - continue - } - - // We don't skip extensions that have an encoded form set, - // because the extension value may have been mutated after - // the last time this function was called. - - ei := u.getExtElemInfo(e.desc) - v := e.value - p := toAddrPointer(&v, ei.isptr) - b, err = ei.marshaler(b, p, 3<<3|WireBytes, deterministic) - if !nerr.Merge(err) { - return b, err - } - b = append(b, 1<<3|WireEndGroup) - } - return b, nerr.E - } - - // Sort the keys to provide a deterministic encoding. - keys := make([]int, 0, len(m)) - for k := range m { - keys = append(keys, int(k)) - } - sort.Ints(keys) - - for _, id := range keys { - e := m[int32(id)] - b = append(b, 1<<3|WireStartGroup) - b = append(b, 2<<3|WireVarint) - b = appendVarint(b, uint64(id)) - - if e.value == nil || e.desc == nil { - // Extension is only in its encoded form. - msgWithLen := skipVarint(e.enc) // skip old tag, but leave the length varint - b = append(b, 3<<3|WireBytes) - b = append(b, msgWithLen...) - b = append(b, 1<<3|WireEndGroup) - continue - } - - // We don't skip extensions that have an encoded form set, - // because the extension value may have been mutated after - // the last time this function was called. - - ei := u.getExtElemInfo(e.desc) - v := e.value - p := toAddrPointer(&v, ei.isptr) - b, err = ei.marshaler(b, p, 3<<3|WireBytes, deterministic) - b = append(b, 1<<3|WireEndGroup) - if !nerr.Merge(err) { - return b, err - } - } - return b, nerr.E -} - -// sizeV1Extensions computes the size of encoded data for a V1-API extension field. -func (u *marshalInfo) sizeV1Extensions(m map[int32]Extension) int { - if m == nil { - return 0 - } - - n := 0 - for _, e := range m { - if e.value == nil || e.desc == nil { - // Extension is only in its encoded form. - n += len(e.enc) - continue - } - - // We don't skip extensions that have an encoded form set, - // because the extension value may have been mutated after - // the last time this function was called. - - ei := u.getExtElemInfo(e.desc) - v := e.value - p := toAddrPointer(&v, ei.isptr) - n += ei.sizer(p, ei.tagsize) - } - return n -} - -// appendV1Extensions marshals a V1-API extension field to the end of byte slice b. -func (u *marshalInfo) appendV1Extensions(b []byte, m map[int32]Extension, deterministic bool) ([]byte, error) { - if m == nil { - return b, nil - } - - // Sort the keys to provide a deterministic encoding. - keys := make([]int, 0, len(m)) - for k := range m { - keys = append(keys, int(k)) - } - sort.Ints(keys) - - var err error - var nerr nonFatal - for _, k := range keys { - e := m[int32(k)] - if e.value == nil || e.desc == nil { - // Extension is only in its encoded form. - b = append(b, e.enc...) - continue - } - - // We don't skip extensions that have an encoded form set, - // because the extension value may have been mutated after - // the last time this function was called. - - ei := u.getExtElemInfo(e.desc) - v := e.value - p := toAddrPointer(&v, ei.isptr) - b, err = ei.marshaler(b, p, ei.wiretag, deterministic) - if !nerr.Merge(err) { - return b, err - } - } - return b, nerr.E -} - -// newMarshaler is the interface representing objects that can marshal themselves. -// -// This exists to support protoc-gen-go generated messages. -// The proto package will stop type-asserting to this interface in the future. -// -// DO NOT DEPEND ON THIS. -type newMarshaler interface { - XXX_Size() int - XXX_Marshal(b []byte, deterministic bool) ([]byte, error) -} - -// Size returns the encoded size of a protocol buffer message. -// This is the main entry point. -func Size(pb Message) int { - if m, ok := pb.(newMarshaler); ok { - return m.XXX_Size() - } - if m, ok := pb.(Marshaler); ok { - // If the message can marshal itself, let it do it, for compatibility. - // NOTE: This is not efficient. - b, _ := m.Marshal() - return len(b) - } - // in case somehow we didn't generate the wrapper - if pb == nil { - return 0 - } - var info InternalMessageInfo - return info.Size(pb) -} - -// Marshal takes a protocol buffer message -// and encodes it into the wire format, returning the data. -// This is the main entry point. -func Marshal(pb Message) ([]byte, error) { - if m, ok := pb.(newMarshaler); ok { - siz := m.XXX_Size() - b := make([]byte, 0, siz) - return m.XXX_Marshal(b, false) - } - if m, ok := pb.(Marshaler); ok { - // If the message can marshal itself, let it do it, for compatibility. - // NOTE: This is not efficient. - return m.Marshal() - } - // in case somehow we didn't generate the wrapper - if pb == nil { - return nil, ErrNil - } - var info InternalMessageInfo - siz := info.Size(pb) - b := make([]byte, 0, siz) - return info.Marshal(b, pb, false) -} - -// Marshal takes a protocol buffer message -// and encodes it into the wire format, writing the result to the -// Buffer. -// This is an alternative entry point. It is not necessary to use -// a Buffer for most applications. -func (p *Buffer) Marshal(pb Message) error { - var err error - if p.deterministic { - if _, ok := pb.(Marshaler); ok { - return fmt.Errorf("proto: deterministic not supported by the Marshal method of %T", pb) - } - } - if m, ok := pb.(newMarshaler); ok { - siz := m.XXX_Size() - p.grow(siz) // make sure buf has enough capacity - pp := p.buf[len(p.buf) : len(p.buf) : len(p.buf)+siz] - pp, err = m.XXX_Marshal(pp, p.deterministic) - p.buf = append(p.buf, pp...) - return err - } - if m, ok := pb.(Marshaler); ok { - // If the message can marshal itself, let it do it, for compatibility. - // NOTE: This is not efficient. - var b []byte - b, err = m.Marshal() - p.buf = append(p.buf, b...) - return err - } - // in case somehow we didn't generate the wrapper - if pb == nil { - return ErrNil - } - var info InternalMessageInfo - siz := info.Size(pb) - p.grow(siz) // make sure buf has enough capacity - p.buf, err = info.Marshal(p.buf, pb, p.deterministic) - return err -} - -// grow grows the buffer's capacity, if necessary, to guarantee space for -// another n bytes. After grow(n), at least n bytes can be written to the -// buffer without another allocation. -func (p *Buffer) grow(n int) { - need := len(p.buf) + n - if need <= cap(p.buf) { - return - } - newCap := len(p.buf) * 2 - if newCap < need { - newCap = need - } - p.buf = append(make([]byte, 0, newCap), p.buf...) -} diff --git a/vendor/github.com/gogo/protobuf/proto/table_marshal_gogo.go b/vendor/github.com/gogo/protobuf/proto/table_marshal_gogo.go deleted file mode 100644 index 997f57c1e..000000000 --- a/vendor/github.com/gogo/protobuf/proto/table_marshal_gogo.go +++ /dev/null @@ -1,388 +0,0 @@ -// Protocol Buffers for Go with Gadgets -// -// Copyright (c) 2018, The GoGo Authors. All rights reserved. -// http://github.com/gogo/protobuf -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are -// met: -// -// * Redistributions of source code must retain the above copyright -// notice, this list of conditions and the following disclaimer. -// * Redistributions in binary form must reproduce the above -// copyright notice, this list of conditions and the following disclaimer -// in the documentation and/or other materials provided with the -// distribution. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -package proto - -import ( - "reflect" - "time" -) - -// makeMessageRefMarshaler differs a bit from makeMessageMarshaler -// It marshal a message T instead of a *T -func makeMessageRefMarshaler(u *marshalInfo) (sizer, marshaler) { - return func(ptr pointer, tagsize int) int { - siz := u.size(ptr) - return siz + SizeVarint(uint64(siz)) + tagsize - }, - func(b []byte, ptr pointer, wiretag uint64, deterministic bool) ([]byte, error) { - b = appendVarint(b, wiretag) - siz := u.cachedsize(ptr) - b = appendVarint(b, uint64(siz)) - return u.marshal(b, ptr, deterministic) - } -} - -// makeMessageRefSliceMarshaler differs quite a lot from makeMessageSliceMarshaler -// It marshals a slice of messages []T instead of []*T -func makeMessageRefSliceMarshaler(u *marshalInfo) (sizer, marshaler) { - return func(ptr pointer, tagsize int) int { - s := ptr.getSlice(u.typ) - n := 0 - for i := 0; i < s.Len(); i++ { - elem := s.Index(i) - e := elem.Interface() - v := toAddrPointer(&e, false) - siz := u.size(v) - n += siz + SizeVarint(uint64(siz)) + tagsize - } - return n - }, - func(b []byte, ptr pointer, wiretag uint64, deterministic bool) ([]byte, error) { - s := ptr.getSlice(u.typ) - var err, errreq error - for i := 0; i < s.Len(); i++ { - elem := s.Index(i) - e := elem.Interface() - v := toAddrPointer(&e, false) - b = appendVarint(b, wiretag) - siz := u.size(v) - b = appendVarint(b, uint64(siz)) - b, err = u.marshal(b, v, deterministic) - - if err != nil { - if _, ok := err.(*RequiredNotSetError); ok { - // Required field in submessage is not set. - // We record the error but keep going, to give a complete marshaling. - if errreq == nil { - errreq = err - } - continue - } - if err == ErrNil { - err = errRepeatedHasNil - } - return b, err - } - } - - return b, errreq - } -} - -func makeCustomPtrMarshaler(u *marshalInfo) (sizer, marshaler) { - return func(ptr pointer, tagsize int) int { - if ptr.isNil() { - return 0 - } - m := ptr.asPointerTo(reflect.PtrTo(u.typ)).Elem().Interface().(custom) - siz := m.Size() - return tagsize + SizeVarint(uint64(siz)) + siz - }, func(b []byte, ptr pointer, wiretag uint64, deterministic bool) ([]byte, error) { - if ptr.isNil() { - return b, nil - } - m := ptr.asPointerTo(reflect.PtrTo(u.typ)).Elem().Interface().(custom) - siz := m.Size() - buf, err := m.Marshal() - if err != nil { - return nil, err - } - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(siz)) - b = append(b, buf...) - return b, nil - } -} - -func makeCustomMarshaler(u *marshalInfo) (sizer, marshaler) { - return func(ptr pointer, tagsize int) int { - m := ptr.asPointerTo(u.typ).Interface().(custom) - siz := m.Size() - return tagsize + SizeVarint(uint64(siz)) + siz - }, func(b []byte, ptr pointer, wiretag uint64, deterministic bool) ([]byte, error) { - m := ptr.asPointerTo(u.typ).Interface().(custom) - siz := m.Size() - buf, err := m.Marshal() - if err != nil { - return nil, err - } - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(siz)) - b = append(b, buf...) - return b, nil - } -} - -func makeTimeMarshaler(u *marshalInfo) (sizer, marshaler) { - return func(ptr pointer, tagsize int) int { - t := ptr.asPointerTo(u.typ).Interface().(*time.Time) - ts, err := timestampProto(*t) - if err != nil { - return 0 - } - siz := Size(ts) - return tagsize + SizeVarint(uint64(siz)) + siz - }, func(b []byte, ptr pointer, wiretag uint64, deterministic bool) ([]byte, error) { - t := ptr.asPointerTo(u.typ).Interface().(*time.Time) - ts, err := timestampProto(*t) - if err != nil { - return nil, err - } - buf, err := Marshal(ts) - if err != nil { - return nil, err - } - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(len(buf))) - b = append(b, buf...) - return b, nil - } -} - -func makeTimePtrMarshaler(u *marshalInfo) (sizer, marshaler) { - return func(ptr pointer, tagsize int) int { - if ptr.isNil() { - return 0 - } - t := ptr.asPointerTo(reflect.PtrTo(u.typ)).Elem().Interface().(*time.Time) - ts, err := timestampProto(*t) - if err != nil { - return 0 - } - siz := Size(ts) - return tagsize + SizeVarint(uint64(siz)) + siz - }, func(b []byte, ptr pointer, wiretag uint64, deterministic bool) ([]byte, error) { - if ptr.isNil() { - return b, nil - } - t := ptr.asPointerTo(reflect.PtrTo(u.typ)).Elem().Interface().(*time.Time) - ts, err := timestampProto(*t) - if err != nil { - return nil, err - } - buf, err := Marshal(ts) - if err != nil { - return nil, err - } - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(len(buf))) - b = append(b, buf...) - return b, nil - } -} - -func makeTimeSliceMarshaler(u *marshalInfo) (sizer, marshaler) { - return func(ptr pointer, tagsize int) int { - s := ptr.getSlice(u.typ) - n := 0 - for i := 0; i < s.Len(); i++ { - elem := s.Index(i) - t := elem.Interface().(time.Time) - ts, err := timestampProto(t) - if err != nil { - return 0 - } - siz := Size(ts) - n += siz + SizeVarint(uint64(siz)) + tagsize - } - return n - }, - func(b []byte, ptr pointer, wiretag uint64, deterministic bool) ([]byte, error) { - s := ptr.getSlice(u.typ) - for i := 0; i < s.Len(); i++ { - elem := s.Index(i) - t := elem.Interface().(time.Time) - ts, err := timestampProto(t) - if err != nil { - return nil, err - } - siz := Size(ts) - buf, err := Marshal(ts) - if err != nil { - return nil, err - } - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(siz)) - b = append(b, buf...) - } - - return b, nil - } -} - -func makeTimePtrSliceMarshaler(u *marshalInfo) (sizer, marshaler) { - return func(ptr pointer, tagsize int) int { - s := ptr.getSlice(reflect.PtrTo(u.typ)) - n := 0 - for i := 0; i < s.Len(); i++ { - elem := s.Index(i) - t := elem.Interface().(*time.Time) - ts, err := timestampProto(*t) - if err != nil { - return 0 - } - siz := Size(ts) - n += siz + SizeVarint(uint64(siz)) + tagsize - } - return n - }, - func(b []byte, ptr pointer, wiretag uint64, deterministic bool) ([]byte, error) { - s := ptr.getSlice(reflect.PtrTo(u.typ)) - for i := 0; i < s.Len(); i++ { - elem := s.Index(i) - t := elem.Interface().(*time.Time) - ts, err := timestampProto(*t) - if err != nil { - return nil, err - } - siz := Size(ts) - buf, err := Marshal(ts) - if err != nil { - return nil, err - } - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(siz)) - b = append(b, buf...) - } - - return b, nil - } -} - -func makeDurationMarshaler(u *marshalInfo) (sizer, marshaler) { - return func(ptr pointer, tagsize int) int { - d := ptr.asPointerTo(u.typ).Interface().(*time.Duration) - dur := durationProto(*d) - siz := Size(dur) - return tagsize + SizeVarint(uint64(siz)) + siz - }, func(b []byte, ptr pointer, wiretag uint64, deterministic bool) ([]byte, error) { - d := ptr.asPointerTo(u.typ).Interface().(*time.Duration) - dur := durationProto(*d) - buf, err := Marshal(dur) - if err != nil { - return nil, err - } - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(len(buf))) - b = append(b, buf...) - return b, nil - } -} - -func makeDurationPtrMarshaler(u *marshalInfo) (sizer, marshaler) { - return func(ptr pointer, tagsize int) int { - if ptr.isNil() { - return 0 - } - d := ptr.asPointerTo(reflect.PtrTo(u.typ)).Elem().Interface().(*time.Duration) - dur := durationProto(*d) - siz := Size(dur) - return tagsize + SizeVarint(uint64(siz)) + siz - }, func(b []byte, ptr pointer, wiretag uint64, deterministic bool) ([]byte, error) { - if ptr.isNil() { - return b, nil - } - d := ptr.asPointerTo(reflect.PtrTo(u.typ)).Elem().Interface().(*time.Duration) - dur := durationProto(*d) - buf, err := Marshal(dur) - if err != nil { - return nil, err - } - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(len(buf))) - b = append(b, buf...) - return b, nil - } -} - -func makeDurationSliceMarshaler(u *marshalInfo) (sizer, marshaler) { - return func(ptr pointer, tagsize int) int { - s := ptr.getSlice(u.typ) - n := 0 - for i := 0; i < s.Len(); i++ { - elem := s.Index(i) - d := elem.Interface().(time.Duration) - dur := durationProto(d) - siz := Size(dur) - n += siz + SizeVarint(uint64(siz)) + tagsize - } - return n - }, - func(b []byte, ptr pointer, wiretag uint64, deterministic bool) ([]byte, error) { - s := ptr.getSlice(u.typ) - for i := 0; i < s.Len(); i++ { - elem := s.Index(i) - d := elem.Interface().(time.Duration) - dur := durationProto(d) - siz := Size(dur) - buf, err := Marshal(dur) - if err != nil { - return nil, err - } - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(siz)) - b = append(b, buf...) - } - - return b, nil - } -} - -func makeDurationPtrSliceMarshaler(u *marshalInfo) (sizer, marshaler) { - return func(ptr pointer, tagsize int) int { - s := ptr.getSlice(reflect.PtrTo(u.typ)) - n := 0 - for i := 0; i < s.Len(); i++ { - elem := s.Index(i) - d := elem.Interface().(*time.Duration) - dur := durationProto(*d) - siz := Size(dur) - n += siz + SizeVarint(uint64(siz)) + tagsize - } - return n - }, - func(b []byte, ptr pointer, wiretag uint64, deterministic bool) ([]byte, error) { - s := ptr.getSlice(reflect.PtrTo(u.typ)) - for i := 0; i < s.Len(); i++ { - elem := s.Index(i) - d := elem.Interface().(*time.Duration) - dur := durationProto(*d) - siz := Size(dur) - buf, err := Marshal(dur) - if err != nil { - return nil, err - } - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(siz)) - b = append(b, buf...) - } - - return b, nil - } -} diff --git a/vendor/github.com/gogo/protobuf/proto/table_merge.go b/vendor/github.com/gogo/protobuf/proto/table_merge.go deleted file mode 100644 index 60dcf70d1..000000000 --- a/vendor/github.com/gogo/protobuf/proto/table_merge.go +++ /dev/null @@ -1,676 +0,0 @@ -// Go support for Protocol Buffers - Google's data interchange format -// -// Copyright 2016 The Go Authors. All rights reserved. -// https://github.com/golang/protobuf -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are -// met: -// -// * Redistributions of source code must retain the above copyright -// notice, this list of conditions and the following disclaimer. -// * Redistributions in binary form must reproduce the above -// copyright notice, this list of conditions and the following disclaimer -// in the documentation and/or other materials provided with the -// distribution. -// * Neither the name of Google Inc. nor the names of its -// contributors may be used to endorse or promote products derived from -// this software without specific prior written permission. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -package proto - -import ( - "fmt" - "reflect" - "strings" - "sync" - "sync/atomic" -) - -// Merge merges the src message into dst. -// This assumes that dst and src of the same type and are non-nil. -func (a *InternalMessageInfo) Merge(dst, src Message) { - mi := atomicLoadMergeInfo(&a.merge) - if mi == nil { - mi = getMergeInfo(reflect.TypeOf(dst).Elem()) - atomicStoreMergeInfo(&a.merge, mi) - } - mi.merge(toPointer(&dst), toPointer(&src)) -} - -type mergeInfo struct { - typ reflect.Type - - initialized int32 // 0: only typ is valid, 1: everything is valid - lock sync.Mutex - - fields []mergeFieldInfo - unrecognized field // Offset of XXX_unrecognized -} - -type mergeFieldInfo struct { - field field // Offset of field, guaranteed to be valid - - // isPointer reports whether the value in the field is a pointer. - // This is true for the following situations: - // * Pointer to struct - // * Pointer to basic type (proto2 only) - // * Slice (first value in slice header is a pointer) - // * String (first value in string header is a pointer) - isPointer bool - - // basicWidth reports the width of the field assuming that it is directly - // embedded in the struct (as is the case for basic types in proto3). - // The possible values are: - // 0: invalid - // 1: bool - // 4: int32, uint32, float32 - // 8: int64, uint64, float64 - basicWidth int - - // Where dst and src are pointers to the types being merged. - merge func(dst, src pointer) -} - -var ( - mergeInfoMap = map[reflect.Type]*mergeInfo{} - mergeInfoLock sync.Mutex -) - -func getMergeInfo(t reflect.Type) *mergeInfo { - mergeInfoLock.Lock() - defer mergeInfoLock.Unlock() - mi := mergeInfoMap[t] - if mi == nil { - mi = &mergeInfo{typ: t} - mergeInfoMap[t] = mi - } - return mi -} - -// merge merges src into dst assuming they are both of type *mi.typ. -func (mi *mergeInfo) merge(dst, src pointer) { - if dst.isNil() { - panic("proto: nil destination") - } - if src.isNil() { - return // Nothing to do. - } - - if atomic.LoadInt32(&mi.initialized) == 0 { - mi.computeMergeInfo() - } - - for _, fi := range mi.fields { - sfp := src.offset(fi.field) - - // As an optimization, we can avoid the merge function call cost - // if we know for sure that the source will have no effect - // by checking if it is the zero value. - if unsafeAllowed { - if fi.isPointer && sfp.getPointer().isNil() { // Could be slice or string - continue - } - if fi.basicWidth > 0 { - switch { - case fi.basicWidth == 1 && !*sfp.toBool(): - continue - case fi.basicWidth == 4 && *sfp.toUint32() == 0: - continue - case fi.basicWidth == 8 && *sfp.toUint64() == 0: - continue - } - } - } - - dfp := dst.offset(fi.field) - fi.merge(dfp, sfp) - } - - // TODO: Make this faster? - out := dst.asPointerTo(mi.typ).Elem() - in := src.asPointerTo(mi.typ).Elem() - if emIn, err := extendable(in.Addr().Interface()); err == nil { - emOut, _ := extendable(out.Addr().Interface()) - mIn, muIn := emIn.extensionsRead() - if mIn != nil { - mOut := emOut.extensionsWrite() - muIn.Lock() - mergeExtension(mOut, mIn) - muIn.Unlock() - } - } - - if mi.unrecognized.IsValid() { - if b := *src.offset(mi.unrecognized).toBytes(); len(b) > 0 { - *dst.offset(mi.unrecognized).toBytes() = append([]byte(nil), b...) - } - } -} - -func (mi *mergeInfo) computeMergeInfo() { - mi.lock.Lock() - defer mi.lock.Unlock() - if mi.initialized != 0 { - return - } - t := mi.typ - n := t.NumField() - - props := GetProperties(t) - for i := 0; i < n; i++ { - f := t.Field(i) - if strings.HasPrefix(f.Name, "XXX_") { - continue - } - - mfi := mergeFieldInfo{field: toField(&f)} - tf := f.Type - - // As an optimization, we can avoid the merge function call cost - // if we know for sure that the source will have no effect - // by checking if it is the zero value. - if unsafeAllowed { - switch tf.Kind() { - case reflect.Ptr, reflect.Slice, reflect.String: - // As a special case, we assume slices and strings are pointers - // since we know that the first field in the SliceSlice or - // StringHeader is a data pointer. - mfi.isPointer = true - case reflect.Bool: - mfi.basicWidth = 1 - case reflect.Int32, reflect.Uint32, reflect.Float32: - mfi.basicWidth = 4 - case reflect.Int64, reflect.Uint64, reflect.Float64: - mfi.basicWidth = 8 - } - } - - // Unwrap tf to get at its most basic type. - var isPointer, isSlice bool - if tf.Kind() == reflect.Slice && tf.Elem().Kind() != reflect.Uint8 { - isSlice = true - tf = tf.Elem() - } - if tf.Kind() == reflect.Ptr { - isPointer = true - tf = tf.Elem() - } - if isPointer && isSlice && tf.Kind() != reflect.Struct { - panic("both pointer and slice for basic type in " + tf.Name()) - } - - switch tf.Kind() { - case reflect.Int32: - switch { - case isSlice: // E.g., []int32 - mfi.merge = func(dst, src pointer) { - // NOTE: toInt32Slice is not defined (see pointer_reflect.go). - /* - sfsp := src.toInt32Slice() - if *sfsp != nil { - dfsp := dst.toInt32Slice() - *dfsp = append(*dfsp, *sfsp...) - if *dfsp == nil { - *dfsp = []int64{} - } - } - */ - sfs := src.getInt32Slice() - if sfs != nil { - dfs := dst.getInt32Slice() - dfs = append(dfs, sfs...) - if dfs == nil { - dfs = []int32{} - } - dst.setInt32Slice(dfs) - } - } - case isPointer: // E.g., *int32 - mfi.merge = func(dst, src pointer) { - // NOTE: toInt32Ptr is not defined (see pointer_reflect.go). - /* - sfpp := src.toInt32Ptr() - if *sfpp != nil { - dfpp := dst.toInt32Ptr() - if *dfpp == nil { - *dfpp = Int32(**sfpp) - } else { - **dfpp = **sfpp - } - } - */ - sfp := src.getInt32Ptr() - if sfp != nil { - dfp := dst.getInt32Ptr() - if dfp == nil { - dst.setInt32Ptr(*sfp) - } else { - *dfp = *sfp - } - } - } - default: // E.g., int32 - mfi.merge = func(dst, src pointer) { - if v := *src.toInt32(); v != 0 { - *dst.toInt32() = v - } - } - } - case reflect.Int64: - switch { - case isSlice: // E.g., []int64 - mfi.merge = func(dst, src pointer) { - sfsp := src.toInt64Slice() - if *sfsp != nil { - dfsp := dst.toInt64Slice() - *dfsp = append(*dfsp, *sfsp...) - if *dfsp == nil { - *dfsp = []int64{} - } - } - } - case isPointer: // E.g., *int64 - mfi.merge = func(dst, src pointer) { - sfpp := src.toInt64Ptr() - if *sfpp != nil { - dfpp := dst.toInt64Ptr() - if *dfpp == nil { - *dfpp = Int64(**sfpp) - } else { - **dfpp = **sfpp - } - } - } - default: // E.g., int64 - mfi.merge = func(dst, src pointer) { - if v := *src.toInt64(); v != 0 { - *dst.toInt64() = v - } - } - } - case reflect.Uint32: - switch { - case isSlice: // E.g., []uint32 - mfi.merge = func(dst, src pointer) { - sfsp := src.toUint32Slice() - if *sfsp != nil { - dfsp := dst.toUint32Slice() - *dfsp = append(*dfsp, *sfsp...) - if *dfsp == nil { - *dfsp = []uint32{} - } - } - } - case isPointer: // E.g., *uint32 - mfi.merge = func(dst, src pointer) { - sfpp := src.toUint32Ptr() - if *sfpp != nil { - dfpp := dst.toUint32Ptr() - if *dfpp == nil { - *dfpp = Uint32(**sfpp) - } else { - **dfpp = **sfpp - } - } - } - default: // E.g., uint32 - mfi.merge = func(dst, src pointer) { - if v := *src.toUint32(); v != 0 { - *dst.toUint32() = v - } - } - } - case reflect.Uint64: - switch { - case isSlice: // E.g., []uint64 - mfi.merge = func(dst, src pointer) { - sfsp := src.toUint64Slice() - if *sfsp != nil { - dfsp := dst.toUint64Slice() - *dfsp = append(*dfsp, *sfsp...) - if *dfsp == nil { - *dfsp = []uint64{} - } - } - } - case isPointer: // E.g., *uint64 - mfi.merge = func(dst, src pointer) { - sfpp := src.toUint64Ptr() - if *sfpp != nil { - dfpp := dst.toUint64Ptr() - if *dfpp == nil { - *dfpp = Uint64(**sfpp) - } else { - **dfpp = **sfpp - } - } - } - default: // E.g., uint64 - mfi.merge = func(dst, src pointer) { - if v := *src.toUint64(); v != 0 { - *dst.toUint64() = v - } - } - } - case reflect.Float32: - switch { - case isSlice: // E.g., []float32 - mfi.merge = func(dst, src pointer) { - sfsp := src.toFloat32Slice() - if *sfsp != nil { - dfsp := dst.toFloat32Slice() - *dfsp = append(*dfsp, *sfsp...) - if *dfsp == nil { - *dfsp = []float32{} - } - } - } - case isPointer: // E.g., *float32 - mfi.merge = func(dst, src pointer) { - sfpp := src.toFloat32Ptr() - if *sfpp != nil { - dfpp := dst.toFloat32Ptr() - if *dfpp == nil { - *dfpp = Float32(**sfpp) - } else { - **dfpp = **sfpp - } - } - } - default: // E.g., float32 - mfi.merge = func(dst, src pointer) { - if v := *src.toFloat32(); v != 0 { - *dst.toFloat32() = v - } - } - } - case reflect.Float64: - switch { - case isSlice: // E.g., []float64 - mfi.merge = func(dst, src pointer) { - sfsp := src.toFloat64Slice() - if *sfsp != nil { - dfsp := dst.toFloat64Slice() - *dfsp = append(*dfsp, *sfsp...) - if *dfsp == nil { - *dfsp = []float64{} - } - } - } - case isPointer: // E.g., *float64 - mfi.merge = func(dst, src pointer) { - sfpp := src.toFloat64Ptr() - if *sfpp != nil { - dfpp := dst.toFloat64Ptr() - if *dfpp == nil { - *dfpp = Float64(**sfpp) - } else { - **dfpp = **sfpp - } - } - } - default: // E.g., float64 - mfi.merge = func(dst, src pointer) { - if v := *src.toFloat64(); v != 0 { - *dst.toFloat64() = v - } - } - } - case reflect.Bool: - switch { - case isSlice: // E.g., []bool - mfi.merge = func(dst, src pointer) { - sfsp := src.toBoolSlice() - if *sfsp != nil { - dfsp := dst.toBoolSlice() - *dfsp = append(*dfsp, *sfsp...) - if *dfsp == nil { - *dfsp = []bool{} - } - } - } - case isPointer: // E.g., *bool - mfi.merge = func(dst, src pointer) { - sfpp := src.toBoolPtr() - if *sfpp != nil { - dfpp := dst.toBoolPtr() - if *dfpp == nil { - *dfpp = Bool(**sfpp) - } else { - **dfpp = **sfpp - } - } - } - default: // E.g., bool - mfi.merge = func(dst, src pointer) { - if v := *src.toBool(); v { - *dst.toBool() = v - } - } - } - case reflect.String: - switch { - case isSlice: // E.g., []string - mfi.merge = func(dst, src pointer) { - sfsp := src.toStringSlice() - if *sfsp != nil { - dfsp := dst.toStringSlice() - *dfsp = append(*dfsp, *sfsp...) - if *dfsp == nil { - *dfsp = []string{} - } - } - } - case isPointer: // E.g., *string - mfi.merge = func(dst, src pointer) { - sfpp := src.toStringPtr() - if *sfpp != nil { - dfpp := dst.toStringPtr() - if *dfpp == nil { - *dfpp = String(**sfpp) - } else { - **dfpp = **sfpp - } - } - } - default: // E.g., string - mfi.merge = func(dst, src pointer) { - if v := *src.toString(); v != "" { - *dst.toString() = v - } - } - } - case reflect.Slice: - isProto3 := props.Prop[i].proto3 - switch { - case isPointer: - panic("bad pointer in byte slice case in " + tf.Name()) - case tf.Elem().Kind() != reflect.Uint8: - panic("bad element kind in byte slice case in " + tf.Name()) - case isSlice: // E.g., [][]byte - mfi.merge = func(dst, src pointer) { - sbsp := src.toBytesSlice() - if *sbsp != nil { - dbsp := dst.toBytesSlice() - for _, sb := range *sbsp { - if sb == nil { - *dbsp = append(*dbsp, nil) - } else { - *dbsp = append(*dbsp, append([]byte{}, sb...)) - } - } - if *dbsp == nil { - *dbsp = [][]byte{} - } - } - } - default: // E.g., []byte - mfi.merge = func(dst, src pointer) { - sbp := src.toBytes() - if *sbp != nil { - dbp := dst.toBytes() - if !isProto3 || len(*sbp) > 0 { - *dbp = append([]byte{}, *sbp...) - } - } - } - } - case reflect.Struct: - switch { - case isSlice && !isPointer: // E.g. []pb.T - mergeInfo := getMergeInfo(tf) - zero := reflect.Zero(tf) - mfi.merge = func(dst, src pointer) { - // TODO: Make this faster? - dstsp := dst.asPointerTo(f.Type) - dsts := dstsp.Elem() - srcs := src.asPointerTo(f.Type).Elem() - for i := 0; i < srcs.Len(); i++ { - dsts = reflect.Append(dsts, zero) - srcElement := srcs.Index(i).Addr() - dstElement := dsts.Index(dsts.Len() - 1).Addr() - mergeInfo.merge(valToPointer(dstElement), valToPointer(srcElement)) - } - if dsts.IsNil() { - dsts = reflect.MakeSlice(f.Type, 0, 0) - } - dstsp.Elem().Set(dsts) - } - case !isPointer: - mergeInfo := getMergeInfo(tf) - mfi.merge = func(dst, src pointer) { - mergeInfo.merge(dst, src) - } - case isSlice: // E.g., []*pb.T - mergeInfo := getMergeInfo(tf) - mfi.merge = func(dst, src pointer) { - sps := src.getPointerSlice() - if sps != nil { - dps := dst.getPointerSlice() - for _, sp := range sps { - var dp pointer - if !sp.isNil() { - dp = valToPointer(reflect.New(tf)) - mergeInfo.merge(dp, sp) - } - dps = append(dps, dp) - } - if dps == nil { - dps = []pointer{} - } - dst.setPointerSlice(dps) - } - } - default: // E.g., *pb.T - mergeInfo := getMergeInfo(tf) - mfi.merge = func(dst, src pointer) { - sp := src.getPointer() - if !sp.isNil() { - dp := dst.getPointer() - if dp.isNil() { - dp = valToPointer(reflect.New(tf)) - dst.setPointer(dp) - } - mergeInfo.merge(dp, sp) - } - } - } - case reflect.Map: - switch { - case isPointer || isSlice: - panic("bad pointer or slice in map case in " + tf.Name()) - default: // E.g., map[K]V - mfi.merge = func(dst, src pointer) { - sm := src.asPointerTo(tf).Elem() - if sm.Len() == 0 { - return - } - dm := dst.asPointerTo(tf).Elem() - if dm.IsNil() { - dm.Set(reflect.MakeMap(tf)) - } - - switch tf.Elem().Kind() { - case reflect.Ptr: // Proto struct (e.g., *T) - for _, key := range sm.MapKeys() { - val := sm.MapIndex(key) - val = reflect.ValueOf(Clone(val.Interface().(Message))) - dm.SetMapIndex(key, val) - } - case reflect.Slice: // E.g. Bytes type (e.g., []byte) - for _, key := range sm.MapKeys() { - val := sm.MapIndex(key) - val = reflect.ValueOf(append([]byte{}, val.Bytes()...)) - dm.SetMapIndex(key, val) - } - default: // Basic type (e.g., string) - for _, key := range sm.MapKeys() { - val := sm.MapIndex(key) - dm.SetMapIndex(key, val) - } - } - } - } - case reflect.Interface: - // Must be oneof field. - switch { - case isPointer || isSlice: - panic("bad pointer or slice in interface case in " + tf.Name()) - default: // E.g., interface{} - // TODO: Make this faster? - mfi.merge = func(dst, src pointer) { - su := src.asPointerTo(tf).Elem() - if !su.IsNil() { - du := dst.asPointerTo(tf).Elem() - typ := su.Elem().Type() - if du.IsNil() || du.Elem().Type() != typ { - du.Set(reflect.New(typ.Elem())) // Initialize interface if empty - } - sv := su.Elem().Elem().Field(0) - if sv.Kind() == reflect.Ptr && sv.IsNil() { - return - } - dv := du.Elem().Elem().Field(0) - if dv.Kind() == reflect.Ptr && dv.IsNil() { - dv.Set(reflect.New(sv.Type().Elem())) // Initialize proto message if empty - } - switch sv.Type().Kind() { - case reflect.Ptr: // Proto struct (e.g., *T) - Merge(dv.Interface().(Message), sv.Interface().(Message)) - case reflect.Slice: // E.g. Bytes type (e.g., []byte) - dv.Set(reflect.ValueOf(append([]byte{}, sv.Bytes()...))) - default: // Basic type (e.g., string) - dv.Set(sv) - } - } - } - } - default: - panic(fmt.Sprintf("merger not found for type:%s", tf)) - } - mi.fields = append(mi.fields, mfi) - } - - mi.unrecognized = invalidField - if f, ok := t.FieldByName("XXX_unrecognized"); ok { - if f.Type != reflect.TypeOf([]byte{}) { - panic("expected XXX_unrecognized to be of type []byte") - } - mi.unrecognized = toField(&f) - } - - atomic.StoreInt32(&mi.initialized, 1) -} diff --git a/vendor/github.com/gogo/protobuf/proto/table_unmarshal.go b/vendor/github.com/gogo/protobuf/proto/table_unmarshal.go deleted file mode 100644 index 937229386..000000000 --- a/vendor/github.com/gogo/protobuf/proto/table_unmarshal.go +++ /dev/null @@ -1,2249 +0,0 @@ -// Go support for Protocol Buffers - Google's data interchange format -// -// Copyright 2016 The Go Authors. All rights reserved. -// https://github.com/golang/protobuf -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are -// met: -// -// * Redistributions of source code must retain the above copyright -// notice, this list of conditions and the following disclaimer. -// * Redistributions in binary form must reproduce the above -// copyright notice, this list of conditions and the following disclaimer -// in the documentation and/or other materials provided with the -// distribution. -// * Neither the name of Google Inc. nor the names of its -// contributors may be used to endorse or promote products derived from -// this software without specific prior written permission. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -package proto - -import ( - "errors" - "fmt" - "io" - "math" - "reflect" - "strconv" - "strings" - "sync" - "sync/atomic" - "unicode/utf8" -) - -// Unmarshal is the entry point from the generated .pb.go files. -// This function is not intended to be used by non-generated code. -// This function is not subject to any compatibility guarantee. -// msg contains a pointer to a protocol buffer struct. -// b is the data to be unmarshaled into the protocol buffer. -// a is a pointer to a place to store cached unmarshal information. -func (a *InternalMessageInfo) Unmarshal(msg Message, b []byte) error { - // Load the unmarshal information for this message type. - // The atomic load ensures memory consistency. - u := atomicLoadUnmarshalInfo(&a.unmarshal) - if u == nil { - // Slow path: find unmarshal info for msg, update a with it. - u = getUnmarshalInfo(reflect.TypeOf(msg).Elem()) - atomicStoreUnmarshalInfo(&a.unmarshal, u) - } - // Then do the unmarshaling. - err := u.unmarshal(toPointer(&msg), b) - return err -} - -type unmarshalInfo struct { - typ reflect.Type // type of the protobuf struct - - // 0 = only typ field is initialized - // 1 = completely initialized - initialized int32 - lock sync.Mutex // prevents double initialization - dense []unmarshalFieldInfo // fields indexed by tag # - sparse map[uint64]unmarshalFieldInfo // fields indexed by tag # - reqFields []string // names of required fields - reqMask uint64 // 1< 0 { - // Read tag and wire type. - // Special case 1 and 2 byte varints. - var x uint64 - if b[0] < 128 { - x = uint64(b[0]) - b = b[1:] - } else if len(b) >= 2 && b[1] < 128 { - x = uint64(b[0]&0x7f) + uint64(b[1])<<7 - b = b[2:] - } else { - var n int - x, n = decodeVarint(b) - if n == 0 { - return io.ErrUnexpectedEOF - } - b = b[n:] - } - tag := x >> 3 - wire := int(x) & 7 - - // Dispatch on the tag to one of the unmarshal* functions below. - var f unmarshalFieldInfo - if tag < uint64(len(u.dense)) { - f = u.dense[tag] - } else { - f = u.sparse[tag] - } - if fn := f.unmarshal; fn != nil { - var err error - b, err = fn(b, m.offset(f.field), wire) - if err == nil { - reqMask |= f.reqMask - continue - } - if r, ok := err.(*RequiredNotSetError); ok { - // Remember this error, but keep parsing. We need to produce - // a full parse even if a required field is missing. - if errLater == nil { - errLater = r - } - reqMask |= f.reqMask - continue - } - if err != errInternalBadWireType { - if err == errInvalidUTF8 { - if errLater == nil { - fullName := revProtoTypes[reflect.PtrTo(u.typ)] + "." + f.name - errLater = &invalidUTF8Error{fullName} - } - continue - } - return err - } - // Fragments with bad wire type are treated as unknown fields. - } - - // Unknown tag. - if !u.unrecognized.IsValid() { - // Don't keep unrecognized data; just skip it. - var err error - b, err = skipField(b, wire) - if err != nil { - return err - } - continue - } - // Keep unrecognized data around. - // maybe in extensions, maybe in the unrecognized field. - z := m.offset(u.unrecognized).toBytes() - var emap map[int32]Extension - var e Extension - for _, r := range u.extensionRanges { - if uint64(r.Start) <= tag && tag <= uint64(r.End) { - if u.extensions.IsValid() { - mp := m.offset(u.extensions).toExtensions() - emap = mp.extensionsWrite() - e = emap[int32(tag)] - z = &e.enc - break - } - if u.oldExtensions.IsValid() { - p := m.offset(u.oldExtensions).toOldExtensions() - emap = *p - if emap == nil { - emap = map[int32]Extension{} - *p = emap - } - e = emap[int32(tag)] - z = &e.enc - break - } - if u.bytesExtensions.IsValid() { - z = m.offset(u.bytesExtensions).toBytes() - break - } - panic("no extensions field available") - } - } - // Use wire type to skip data. - var err error - b0 := b - b, err = skipField(b, wire) - if err != nil { - return err - } - *z = encodeVarint(*z, tag<<3|uint64(wire)) - *z = append(*z, b0[:len(b0)-len(b)]...) - - if emap != nil { - emap[int32(tag)] = e - } - } - if reqMask != u.reqMask && errLater == nil { - // A required field of this message is missing. - for _, n := range u.reqFields { - if reqMask&1 == 0 { - errLater = &RequiredNotSetError{n} - } - reqMask >>= 1 - } - } - return errLater -} - -// computeUnmarshalInfo fills in u with information for use -// in unmarshaling protocol buffers of type u.typ. -func (u *unmarshalInfo) computeUnmarshalInfo() { - u.lock.Lock() - defer u.lock.Unlock() - if u.initialized != 0 { - return - } - t := u.typ - n := t.NumField() - - // Set up the "not found" value for the unrecognized byte buffer. - // This is the default for proto3. - u.unrecognized = invalidField - u.extensions = invalidField - u.oldExtensions = invalidField - u.bytesExtensions = invalidField - - // List of the generated type and offset for each oneof field. - type oneofField struct { - ityp reflect.Type // interface type of oneof field - field field // offset in containing message - } - var oneofFields []oneofField - - for i := 0; i < n; i++ { - f := t.Field(i) - if f.Name == "XXX_unrecognized" { - // The byte slice used to hold unrecognized input is special. - if f.Type != reflect.TypeOf(([]byte)(nil)) { - panic("bad type for XXX_unrecognized field: " + f.Type.Name()) - } - u.unrecognized = toField(&f) - continue - } - if f.Name == "XXX_InternalExtensions" { - // Ditto here. - if f.Type != reflect.TypeOf(XXX_InternalExtensions{}) { - panic("bad type for XXX_InternalExtensions field: " + f.Type.Name()) - } - u.extensions = toField(&f) - if f.Tag.Get("protobuf_messageset") == "1" { - u.isMessageSet = true - } - continue - } - if f.Name == "XXX_extensions" { - // An older form of the extensions field. - if f.Type == reflect.TypeOf((map[int32]Extension)(nil)) { - u.oldExtensions = toField(&f) - continue - } else if f.Type == reflect.TypeOf(([]byte)(nil)) { - u.bytesExtensions = toField(&f) - continue - } - panic("bad type for XXX_extensions field: " + f.Type.Name()) - } - if f.Name == "XXX_NoUnkeyedLiteral" || f.Name == "XXX_sizecache" { - continue - } - - oneof := f.Tag.Get("protobuf_oneof") - if oneof != "" { - oneofFields = append(oneofFields, oneofField{f.Type, toField(&f)}) - // The rest of oneof processing happens below. - continue - } - - tags := f.Tag.Get("protobuf") - tagArray := strings.Split(tags, ",") - if len(tagArray) < 2 { - panic("protobuf tag not enough fields in " + t.Name() + "." + f.Name + ": " + tags) - } - tag, err := strconv.Atoi(tagArray[1]) - if err != nil { - panic("protobuf tag field not an integer: " + tagArray[1]) - } - - name := "" - for _, tag := range tagArray[3:] { - if strings.HasPrefix(tag, "name=") { - name = tag[5:] - } - } - - // Extract unmarshaling function from the field (its type and tags). - unmarshal := fieldUnmarshaler(&f) - - // Required field? - var reqMask uint64 - if tagArray[2] == "req" { - bit := len(u.reqFields) - u.reqFields = append(u.reqFields, name) - reqMask = uint64(1) << uint(bit) - // TODO: if we have more than 64 required fields, we end up - // not verifying that all required fields are present. - // Fix this, perhaps using a count of required fields? - } - - // Store the info in the correct slot in the message. - u.setTag(tag, toField(&f), unmarshal, reqMask, name) - } - - // Find any types associated with oneof fields. - // gogo: len(oneofFields) > 0 is needed for embedded oneof messages, without a marshaler and unmarshaler - if len(oneofFields) > 0 { - var oneofImplementers []interface{} - switch m := reflect.Zero(reflect.PtrTo(t)).Interface().(type) { - case oneofFuncsIface: - _, _, _, oneofImplementers = m.XXX_OneofFuncs() - case oneofWrappersIface: - oneofImplementers = m.XXX_OneofWrappers() - } - for _, v := range oneofImplementers { - tptr := reflect.TypeOf(v) // *Msg_X - typ := tptr.Elem() // Msg_X - - f := typ.Field(0) // oneof implementers have one field - baseUnmarshal := fieldUnmarshaler(&f) - tags := strings.Split(f.Tag.Get("protobuf"), ",") - fieldNum, err := strconv.Atoi(tags[1]) - if err != nil { - panic("protobuf tag field not an integer: " + tags[1]) - } - var name string - for _, tag := range tags { - if strings.HasPrefix(tag, "name=") { - name = strings.TrimPrefix(tag, "name=") - break - } - } - - // Find the oneof field that this struct implements. - // Might take O(n^2) to process all of the oneofs, but who cares. - for _, of := range oneofFields { - if tptr.Implements(of.ityp) { - // We have found the corresponding interface for this struct. - // That lets us know where this struct should be stored - // when we encounter it during unmarshaling. - unmarshal := makeUnmarshalOneof(typ, of.ityp, baseUnmarshal) - u.setTag(fieldNum, of.field, unmarshal, 0, name) - } - } - - } - } - - // Get extension ranges, if any. - fn := reflect.Zero(reflect.PtrTo(t)).MethodByName("ExtensionRangeArray") - if fn.IsValid() { - if !u.extensions.IsValid() && !u.oldExtensions.IsValid() && !u.bytesExtensions.IsValid() { - panic("a message with extensions, but no extensions field in " + t.Name()) - } - u.extensionRanges = fn.Call(nil)[0].Interface().([]ExtensionRange) - } - - // Explicitly disallow tag 0. This will ensure we flag an error - // when decoding a buffer of all zeros. Without this code, we - // would decode and skip an all-zero buffer of even length. - // [0 0] is [tag=0/wiretype=varint varint-encoded-0]. - u.setTag(0, zeroField, func(b []byte, f pointer, w int) ([]byte, error) { - return nil, fmt.Errorf("proto: %s: illegal tag 0 (wire type %d)", t, w) - }, 0, "") - - // Set mask for required field check. - u.reqMask = uint64(1)<= 0 && (tag < 16 || tag < 2*n) { // TODO: what are the right numbers here? - for len(u.dense) <= tag { - u.dense = append(u.dense, unmarshalFieldInfo{}) - } - u.dense[tag] = i - return - } - if u.sparse == nil { - u.sparse = map[uint64]unmarshalFieldInfo{} - } - u.sparse[uint64(tag)] = i -} - -// fieldUnmarshaler returns an unmarshaler for the given field. -func fieldUnmarshaler(f *reflect.StructField) unmarshaler { - if f.Type.Kind() == reflect.Map { - return makeUnmarshalMap(f) - } - return typeUnmarshaler(f.Type, f.Tag.Get("protobuf")) -} - -// typeUnmarshaler returns an unmarshaler for the given field type / field tag pair. -func typeUnmarshaler(t reflect.Type, tags string) unmarshaler { - tagArray := strings.Split(tags, ",") - encoding := tagArray[0] - name := "unknown" - ctype := false - isTime := false - isDuration := false - isWktPointer := false - proto3 := false - validateUTF8 := true - for _, tag := range tagArray[3:] { - if strings.HasPrefix(tag, "name=") { - name = tag[5:] - } - if tag == "proto3" { - proto3 = true - } - if strings.HasPrefix(tag, "customtype=") { - ctype = true - } - if tag == "stdtime" { - isTime = true - } - if tag == "stdduration" { - isDuration = true - } - if tag == "wktptr" { - isWktPointer = true - } - } - validateUTF8 = validateUTF8 && proto3 - - // Figure out packaging (pointer, slice, or both) - slice := false - pointer := false - if t.Kind() == reflect.Slice && t.Elem().Kind() != reflect.Uint8 { - slice = true - t = t.Elem() - } - if t.Kind() == reflect.Ptr { - pointer = true - t = t.Elem() - } - - if ctype { - if reflect.PtrTo(t).Implements(customType) { - if slice { - return makeUnmarshalCustomSlice(getUnmarshalInfo(t), name) - } - if pointer { - return makeUnmarshalCustomPtr(getUnmarshalInfo(t), name) - } - return makeUnmarshalCustom(getUnmarshalInfo(t), name) - } else { - panic(fmt.Sprintf("custom type: type: %v, does not implement the proto.custom interface", t)) - } - } - - if isTime { - if pointer { - if slice { - return makeUnmarshalTimePtrSlice(getUnmarshalInfo(t), name) - } - return makeUnmarshalTimePtr(getUnmarshalInfo(t), name) - } - if slice { - return makeUnmarshalTimeSlice(getUnmarshalInfo(t), name) - } - return makeUnmarshalTime(getUnmarshalInfo(t), name) - } - - if isDuration { - if pointer { - if slice { - return makeUnmarshalDurationPtrSlice(getUnmarshalInfo(t), name) - } - return makeUnmarshalDurationPtr(getUnmarshalInfo(t), name) - } - if slice { - return makeUnmarshalDurationSlice(getUnmarshalInfo(t), name) - } - return makeUnmarshalDuration(getUnmarshalInfo(t), name) - } - - if isWktPointer { - switch t.Kind() { - case reflect.Float64: - if pointer { - if slice { - return makeStdDoubleValuePtrSliceUnmarshaler(getUnmarshalInfo(t), name) - } - return makeStdDoubleValuePtrUnmarshaler(getUnmarshalInfo(t), name) - } - if slice { - return makeStdDoubleValueSliceUnmarshaler(getUnmarshalInfo(t), name) - } - return makeStdDoubleValueUnmarshaler(getUnmarshalInfo(t), name) - case reflect.Float32: - if pointer { - if slice { - return makeStdFloatValuePtrSliceUnmarshaler(getUnmarshalInfo(t), name) - } - return makeStdFloatValuePtrUnmarshaler(getUnmarshalInfo(t), name) - } - if slice { - return makeStdFloatValueSliceUnmarshaler(getUnmarshalInfo(t), name) - } - return makeStdFloatValueUnmarshaler(getUnmarshalInfo(t), name) - case reflect.Int64: - if pointer { - if slice { - return makeStdInt64ValuePtrSliceUnmarshaler(getUnmarshalInfo(t), name) - } - return makeStdInt64ValuePtrUnmarshaler(getUnmarshalInfo(t), name) - } - if slice { - return makeStdInt64ValueSliceUnmarshaler(getUnmarshalInfo(t), name) - } - return makeStdInt64ValueUnmarshaler(getUnmarshalInfo(t), name) - case reflect.Uint64: - if pointer { - if slice { - return makeStdUInt64ValuePtrSliceUnmarshaler(getUnmarshalInfo(t), name) - } - return makeStdUInt64ValuePtrUnmarshaler(getUnmarshalInfo(t), name) - } - if slice { - return makeStdUInt64ValueSliceUnmarshaler(getUnmarshalInfo(t), name) - } - return makeStdUInt64ValueUnmarshaler(getUnmarshalInfo(t), name) - case reflect.Int32: - if pointer { - if slice { - return makeStdInt32ValuePtrSliceUnmarshaler(getUnmarshalInfo(t), name) - } - return makeStdInt32ValuePtrUnmarshaler(getUnmarshalInfo(t), name) - } - if slice { - return makeStdInt32ValueSliceUnmarshaler(getUnmarshalInfo(t), name) - } - return makeStdInt32ValueUnmarshaler(getUnmarshalInfo(t), name) - case reflect.Uint32: - if pointer { - if slice { - return makeStdUInt32ValuePtrSliceUnmarshaler(getUnmarshalInfo(t), name) - } - return makeStdUInt32ValuePtrUnmarshaler(getUnmarshalInfo(t), name) - } - if slice { - return makeStdUInt32ValueSliceUnmarshaler(getUnmarshalInfo(t), name) - } - return makeStdUInt32ValueUnmarshaler(getUnmarshalInfo(t), name) - case reflect.Bool: - if pointer { - if slice { - return makeStdBoolValuePtrSliceUnmarshaler(getUnmarshalInfo(t), name) - } - return makeStdBoolValuePtrUnmarshaler(getUnmarshalInfo(t), name) - } - if slice { - return makeStdBoolValueSliceUnmarshaler(getUnmarshalInfo(t), name) - } - return makeStdBoolValueUnmarshaler(getUnmarshalInfo(t), name) - case reflect.String: - if pointer { - if slice { - return makeStdStringValuePtrSliceUnmarshaler(getUnmarshalInfo(t), name) - } - return makeStdStringValuePtrUnmarshaler(getUnmarshalInfo(t), name) - } - if slice { - return makeStdStringValueSliceUnmarshaler(getUnmarshalInfo(t), name) - } - return makeStdStringValueUnmarshaler(getUnmarshalInfo(t), name) - case uint8SliceType: - if pointer { - if slice { - return makeStdBytesValuePtrSliceUnmarshaler(getUnmarshalInfo(t), name) - } - return makeStdBytesValuePtrUnmarshaler(getUnmarshalInfo(t), name) - } - if slice { - return makeStdBytesValueSliceUnmarshaler(getUnmarshalInfo(t), name) - } - return makeStdBytesValueUnmarshaler(getUnmarshalInfo(t), name) - default: - panic(fmt.Sprintf("unknown wktpointer type %#v", t)) - } - } - - // We'll never have both pointer and slice for basic types. - if pointer && slice && t.Kind() != reflect.Struct { - panic("both pointer and slice for basic type in " + t.Name()) - } - - switch t.Kind() { - case reflect.Bool: - if pointer { - return unmarshalBoolPtr - } - if slice { - return unmarshalBoolSlice - } - return unmarshalBoolValue - case reflect.Int32: - switch encoding { - case "fixed32": - if pointer { - return unmarshalFixedS32Ptr - } - if slice { - return unmarshalFixedS32Slice - } - return unmarshalFixedS32Value - case "varint": - // this could be int32 or enum - if pointer { - return unmarshalInt32Ptr - } - if slice { - return unmarshalInt32Slice - } - return unmarshalInt32Value - case "zigzag32": - if pointer { - return unmarshalSint32Ptr - } - if slice { - return unmarshalSint32Slice - } - return unmarshalSint32Value - } - case reflect.Int64: - switch encoding { - case "fixed64": - if pointer { - return unmarshalFixedS64Ptr - } - if slice { - return unmarshalFixedS64Slice - } - return unmarshalFixedS64Value - case "varint": - if pointer { - return unmarshalInt64Ptr - } - if slice { - return unmarshalInt64Slice - } - return unmarshalInt64Value - case "zigzag64": - if pointer { - return unmarshalSint64Ptr - } - if slice { - return unmarshalSint64Slice - } - return unmarshalSint64Value - } - case reflect.Uint32: - switch encoding { - case "fixed32": - if pointer { - return unmarshalFixed32Ptr - } - if slice { - return unmarshalFixed32Slice - } - return unmarshalFixed32Value - case "varint": - if pointer { - return unmarshalUint32Ptr - } - if slice { - return unmarshalUint32Slice - } - return unmarshalUint32Value - } - case reflect.Uint64: - switch encoding { - case "fixed64": - if pointer { - return unmarshalFixed64Ptr - } - if slice { - return unmarshalFixed64Slice - } - return unmarshalFixed64Value - case "varint": - if pointer { - return unmarshalUint64Ptr - } - if slice { - return unmarshalUint64Slice - } - return unmarshalUint64Value - } - case reflect.Float32: - if pointer { - return unmarshalFloat32Ptr - } - if slice { - return unmarshalFloat32Slice - } - return unmarshalFloat32Value - case reflect.Float64: - if pointer { - return unmarshalFloat64Ptr - } - if slice { - return unmarshalFloat64Slice - } - return unmarshalFloat64Value - case reflect.Map: - panic("map type in typeUnmarshaler in " + t.Name()) - case reflect.Slice: - if pointer { - panic("bad pointer in slice case in " + t.Name()) - } - if slice { - return unmarshalBytesSlice - } - return unmarshalBytesValue - case reflect.String: - if validateUTF8 { - if pointer { - return unmarshalUTF8StringPtr - } - if slice { - return unmarshalUTF8StringSlice - } - return unmarshalUTF8StringValue - } - if pointer { - return unmarshalStringPtr - } - if slice { - return unmarshalStringSlice - } - return unmarshalStringValue - case reflect.Struct: - // message or group field - if !pointer { - switch encoding { - case "bytes": - if slice { - return makeUnmarshalMessageSlice(getUnmarshalInfo(t), name) - } - return makeUnmarshalMessage(getUnmarshalInfo(t), name) - } - } - switch encoding { - case "bytes": - if slice { - return makeUnmarshalMessageSlicePtr(getUnmarshalInfo(t), name) - } - return makeUnmarshalMessagePtr(getUnmarshalInfo(t), name) - case "group": - if slice { - return makeUnmarshalGroupSlicePtr(getUnmarshalInfo(t), name) - } - return makeUnmarshalGroupPtr(getUnmarshalInfo(t), name) - } - } - panic(fmt.Sprintf("unmarshaler not found type:%s encoding:%s", t, encoding)) -} - -// Below are all the unmarshalers for individual fields of various types. - -func unmarshalInt64Value(b []byte, f pointer, w int) ([]byte, error) { - if w != WireVarint { - return b, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - v := int64(x) - *f.toInt64() = v - return b, nil -} - -func unmarshalInt64Ptr(b []byte, f pointer, w int) ([]byte, error) { - if w != WireVarint { - return b, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - v := int64(x) - *f.toInt64Ptr() = &v - return b, nil -} - -func unmarshalInt64Slice(b []byte, f pointer, w int) ([]byte, error) { - if w == WireBytes { // packed - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - res := b[x:] - b = b[:x] - for len(b) > 0 { - x, n = decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - v := int64(x) - s := f.toInt64Slice() - *s = append(*s, v) - } - return res, nil - } - if w != WireVarint { - return b, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - v := int64(x) - s := f.toInt64Slice() - *s = append(*s, v) - return b, nil -} - -func unmarshalSint64Value(b []byte, f pointer, w int) ([]byte, error) { - if w != WireVarint { - return b, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - v := int64(x>>1) ^ int64(x)<<63>>63 - *f.toInt64() = v - return b, nil -} - -func unmarshalSint64Ptr(b []byte, f pointer, w int) ([]byte, error) { - if w != WireVarint { - return b, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - v := int64(x>>1) ^ int64(x)<<63>>63 - *f.toInt64Ptr() = &v - return b, nil -} - -func unmarshalSint64Slice(b []byte, f pointer, w int) ([]byte, error) { - if w == WireBytes { // packed - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - res := b[x:] - b = b[:x] - for len(b) > 0 { - x, n = decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - v := int64(x>>1) ^ int64(x)<<63>>63 - s := f.toInt64Slice() - *s = append(*s, v) - } - return res, nil - } - if w != WireVarint { - return b, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - v := int64(x>>1) ^ int64(x)<<63>>63 - s := f.toInt64Slice() - *s = append(*s, v) - return b, nil -} - -func unmarshalUint64Value(b []byte, f pointer, w int) ([]byte, error) { - if w != WireVarint { - return b, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - v := uint64(x) - *f.toUint64() = v - return b, nil -} - -func unmarshalUint64Ptr(b []byte, f pointer, w int) ([]byte, error) { - if w != WireVarint { - return b, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - v := uint64(x) - *f.toUint64Ptr() = &v - return b, nil -} - -func unmarshalUint64Slice(b []byte, f pointer, w int) ([]byte, error) { - if w == WireBytes { // packed - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - res := b[x:] - b = b[:x] - for len(b) > 0 { - x, n = decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - v := uint64(x) - s := f.toUint64Slice() - *s = append(*s, v) - } - return res, nil - } - if w != WireVarint { - return b, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - v := uint64(x) - s := f.toUint64Slice() - *s = append(*s, v) - return b, nil -} - -func unmarshalInt32Value(b []byte, f pointer, w int) ([]byte, error) { - if w != WireVarint { - return b, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - v := int32(x) - *f.toInt32() = v - return b, nil -} - -func unmarshalInt32Ptr(b []byte, f pointer, w int) ([]byte, error) { - if w != WireVarint { - return b, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - v := int32(x) - f.setInt32Ptr(v) - return b, nil -} - -func unmarshalInt32Slice(b []byte, f pointer, w int) ([]byte, error) { - if w == WireBytes { // packed - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - res := b[x:] - b = b[:x] - for len(b) > 0 { - x, n = decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - v := int32(x) - f.appendInt32Slice(v) - } - return res, nil - } - if w != WireVarint { - return b, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - v := int32(x) - f.appendInt32Slice(v) - return b, nil -} - -func unmarshalSint32Value(b []byte, f pointer, w int) ([]byte, error) { - if w != WireVarint { - return b, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - v := int32(x>>1) ^ int32(x)<<31>>31 - *f.toInt32() = v - return b, nil -} - -func unmarshalSint32Ptr(b []byte, f pointer, w int) ([]byte, error) { - if w != WireVarint { - return b, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - v := int32(x>>1) ^ int32(x)<<31>>31 - f.setInt32Ptr(v) - return b, nil -} - -func unmarshalSint32Slice(b []byte, f pointer, w int) ([]byte, error) { - if w == WireBytes { // packed - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - res := b[x:] - b = b[:x] - for len(b) > 0 { - x, n = decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - v := int32(x>>1) ^ int32(x)<<31>>31 - f.appendInt32Slice(v) - } - return res, nil - } - if w != WireVarint { - return b, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - v := int32(x>>1) ^ int32(x)<<31>>31 - f.appendInt32Slice(v) - return b, nil -} - -func unmarshalUint32Value(b []byte, f pointer, w int) ([]byte, error) { - if w != WireVarint { - return b, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - v := uint32(x) - *f.toUint32() = v - return b, nil -} - -func unmarshalUint32Ptr(b []byte, f pointer, w int) ([]byte, error) { - if w != WireVarint { - return b, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - v := uint32(x) - *f.toUint32Ptr() = &v - return b, nil -} - -func unmarshalUint32Slice(b []byte, f pointer, w int) ([]byte, error) { - if w == WireBytes { // packed - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - res := b[x:] - b = b[:x] - for len(b) > 0 { - x, n = decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - v := uint32(x) - s := f.toUint32Slice() - *s = append(*s, v) - } - return res, nil - } - if w != WireVarint { - return b, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - v := uint32(x) - s := f.toUint32Slice() - *s = append(*s, v) - return b, nil -} - -func unmarshalFixed64Value(b []byte, f pointer, w int) ([]byte, error) { - if w != WireFixed64 { - return b, errInternalBadWireType - } - if len(b) < 8 { - return nil, io.ErrUnexpectedEOF - } - v := uint64(b[0]) | uint64(b[1])<<8 | uint64(b[2])<<16 | uint64(b[3])<<24 | uint64(b[4])<<32 | uint64(b[5])<<40 | uint64(b[6])<<48 | uint64(b[7])<<56 - *f.toUint64() = v - return b[8:], nil -} - -func unmarshalFixed64Ptr(b []byte, f pointer, w int) ([]byte, error) { - if w != WireFixed64 { - return b, errInternalBadWireType - } - if len(b) < 8 { - return nil, io.ErrUnexpectedEOF - } - v := uint64(b[0]) | uint64(b[1])<<8 | uint64(b[2])<<16 | uint64(b[3])<<24 | uint64(b[4])<<32 | uint64(b[5])<<40 | uint64(b[6])<<48 | uint64(b[7])<<56 - *f.toUint64Ptr() = &v - return b[8:], nil -} - -func unmarshalFixed64Slice(b []byte, f pointer, w int) ([]byte, error) { - if w == WireBytes { // packed - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - res := b[x:] - b = b[:x] - for len(b) > 0 { - if len(b) < 8 { - return nil, io.ErrUnexpectedEOF - } - v := uint64(b[0]) | uint64(b[1])<<8 | uint64(b[2])<<16 | uint64(b[3])<<24 | uint64(b[4])<<32 | uint64(b[5])<<40 | uint64(b[6])<<48 | uint64(b[7])<<56 - s := f.toUint64Slice() - *s = append(*s, v) - b = b[8:] - } - return res, nil - } - if w != WireFixed64 { - return b, errInternalBadWireType - } - if len(b) < 8 { - return nil, io.ErrUnexpectedEOF - } - v := uint64(b[0]) | uint64(b[1])<<8 | uint64(b[2])<<16 | uint64(b[3])<<24 | uint64(b[4])<<32 | uint64(b[5])<<40 | uint64(b[6])<<48 | uint64(b[7])<<56 - s := f.toUint64Slice() - *s = append(*s, v) - return b[8:], nil -} - -func unmarshalFixedS64Value(b []byte, f pointer, w int) ([]byte, error) { - if w != WireFixed64 { - return b, errInternalBadWireType - } - if len(b) < 8 { - return nil, io.ErrUnexpectedEOF - } - v := int64(b[0]) | int64(b[1])<<8 | int64(b[2])<<16 | int64(b[3])<<24 | int64(b[4])<<32 | int64(b[5])<<40 | int64(b[6])<<48 | int64(b[7])<<56 - *f.toInt64() = v - return b[8:], nil -} - -func unmarshalFixedS64Ptr(b []byte, f pointer, w int) ([]byte, error) { - if w != WireFixed64 { - return b, errInternalBadWireType - } - if len(b) < 8 { - return nil, io.ErrUnexpectedEOF - } - v := int64(b[0]) | int64(b[1])<<8 | int64(b[2])<<16 | int64(b[3])<<24 | int64(b[4])<<32 | int64(b[5])<<40 | int64(b[6])<<48 | int64(b[7])<<56 - *f.toInt64Ptr() = &v - return b[8:], nil -} - -func unmarshalFixedS64Slice(b []byte, f pointer, w int) ([]byte, error) { - if w == WireBytes { // packed - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - res := b[x:] - b = b[:x] - for len(b) > 0 { - if len(b) < 8 { - return nil, io.ErrUnexpectedEOF - } - v := int64(b[0]) | int64(b[1])<<8 | int64(b[2])<<16 | int64(b[3])<<24 | int64(b[4])<<32 | int64(b[5])<<40 | int64(b[6])<<48 | int64(b[7])<<56 - s := f.toInt64Slice() - *s = append(*s, v) - b = b[8:] - } - return res, nil - } - if w != WireFixed64 { - return b, errInternalBadWireType - } - if len(b) < 8 { - return nil, io.ErrUnexpectedEOF - } - v := int64(b[0]) | int64(b[1])<<8 | int64(b[2])<<16 | int64(b[3])<<24 | int64(b[4])<<32 | int64(b[5])<<40 | int64(b[6])<<48 | int64(b[7])<<56 - s := f.toInt64Slice() - *s = append(*s, v) - return b[8:], nil -} - -func unmarshalFixed32Value(b []byte, f pointer, w int) ([]byte, error) { - if w != WireFixed32 { - return b, errInternalBadWireType - } - if len(b) < 4 { - return nil, io.ErrUnexpectedEOF - } - v := uint32(b[0]) | uint32(b[1])<<8 | uint32(b[2])<<16 | uint32(b[3])<<24 - *f.toUint32() = v - return b[4:], nil -} - -func unmarshalFixed32Ptr(b []byte, f pointer, w int) ([]byte, error) { - if w != WireFixed32 { - return b, errInternalBadWireType - } - if len(b) < 4 { - return nil, io.ErrUnexpectedEOF - } - v := uint32(b[0]) | uint32(b[1])<<8 | uint32(b[2])<<16 | uint32(b[3])<<24 - *f.toUint32Ptr() = &v - return b[4:], nil -} - -func unmarshalFixed32Slice(b []byte, f pointer, w int) ([]byte, error) { - if w == WireBytes { // packed - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - res := b[x:] - b = b[:x] - for len(b) > 0 { - if len(b) < 4 { - return nil, io.ErrUnexpectedEOF - } - v := uint32(b[0]) | uint32(b[1])<<8 | uint32(b[2])<<16 | uint32(b[3])<<24 - s := f.toUint32Slice() - *s = append(*s, v) - b = b[4:] - } - return res, nil - } - if w != WireFixed32 { - return b, errInternalBadWireType - } - if len(b) < 4 { - return nil, io.ErrUnexpectedEOF - } - v := uint32(b[0]) | uint32(b[1])<<8 | uint32(b[2])<<16 | uint32(b[3])<<24 - s := f.toUint32Slice() - *s = append(*s, v) - return b[4:], nil -} - -func unmarshalFixedS32Value(b []byte, f pointer, w int) ([]byte, error) { - if w != WireFixed32 { - return b, errInternalBadWireType - } - if len(b) < 4 { - return nil, io.ErrUnexpectedEOF - } - v := int32(b[0]) | int32(b[1])<<8 | int32(b[2])<<16 | int32(b[3])<<24 - *f.toInt32() = v - return b[4:], nil -} - -func unmarshalFixedS32Ptr(b []byte, f pointer, w int) ([]byte, error) { - if w != WireFixed32 { - return b, errInternalBadWireType - } - if len(b) < 4 { - return nil, io.ErrUnexpectedEOF - } - v := int32(b[0]) | int32(b[1])<<8 | int32(b[2])<<16 | int32(b[3])<<24 - f.setInt32Ptr(v) - return b[4:], nil -} - -func unmarshalFixedS32Slice(b []byte, f pointer, w int) ([]byte, error) { - if w == WireBytes { // packed - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - res := b[x:] - b = b[:x] - for len(b) > 0 { - if len(b) < 4 { - return nil, io.ErrUnexpectedEOF - } - v := int32(b[0]) | int32(b[1])<<8 | int32(b[2])<<16 | int32(b[3])<<24 - f.appendInt32Slice(v) - b = b[4:] - } - return res, nil - } - if w != WireFixed32 { - return b, errInternalBadWireType - } - if len(b) < 4 { - return nil, io.ErrUnexpectedEOF - } - v := int32(b[0]) | int32(b[1])<<8 | int32(b[2])<<16 | int32(b[3])<<24 - f.appendInt32Slice(v) - return b[4:], nil -} - -func unmarshalBoolValue(b []byte, f pointer, w int) ([]byte, error) { - if w != WireVarint { - return b, errInternalBadWireType - } - // Note: any length varint is allowed, even though any sane - // encoder will use one byte. - // See https://github.com/golang/protobuf/issues/76 - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - // TODO: check if x>1? Tests seem to indicate no. - v := x != 0 - *f.toBool() = v - return b[n:], nil -} - -func unmarshalBoolPtr(b []byte, f pointer, w int) ([]byte, error) { - if w != WireVarint { - return b, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - v := x != 0 - *f.toBoolPtr() = &v - return b[n:], nil -} - -func unmarshalBoolSlice(b []byte, f pointer, w int) ([]byte, error) { - if w == WireBytes { // packed - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - res := b[x:] - b = b[:x] - for len(b) > 0 { - x, n = decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - v := x != 0 - s := f.toBoolSlice() - *s = append(*s, v) - b = b[n:] - } - return res, nil - } - if w != WireVarint { - return b, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - v := x != 0 - s := f.toBoolSlice() - *s = append(*s, v) - return b[n:], nil -} - -func unmarshalFloat64Value(b []byte, f pointer, w int) ([]byte, error) { - if w != WireFixed64 { - return b, errInternalBadWireType - } - if len(b) < 8 { - return nil, io.ErrUnexpectedEOF - } - v := math.Float64frombits(uint64(b[0]) | uint64(b[1])<<8 | uint64(b[2])<<16 | uint64(b[3])<<24 | uint64(b[4])<<32 | uint64(b[5])<<40 | uint64(b[6])<<48 | uint64(b[7])<<56) - *f.toFloat64() = v - return b[8:], nil -} - -func unmarshalFloat64Ptr(b []byte, f pointer, w int) ([]byte, error) { - if w != WireFixed64 { - return b, errInternalBadWireType - } - if len(b) < 8 { - return nil, io.ErrUnexpectedEOF - } - v := math.Float64frombits(uint64(b[0]) | uint64(b[1])<<8 | uint64(b[2])<<16 | uint64(b[3])<<24 | uint64(b[4])<<32 | uint64(b[5])<<40 | uint64(b[6])<<48 | uint64(b[7])<<56) - *f.toFloat64Ptr() = &v - return b[8:], nil -} - -func unmarshalFloat64Slice(b []byte, f pointer, w int) ([]byte, error) { - if w == WireBytes { // packed - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - res := b[x:] - b = b[:x] - for len(b) > 0 { - if len(b) < 8 { - return nil, io.ErrUnexpectedEOF - } - v := math.Float64frombits(uint64(b[0]) | uint64(b[1])<<8 | uint64(b[2])<<16 | uint64(b[3])<<24 | uint64(b[4])<<32 | uint64(b[5])<<40 | uint64(b[6])<<48 | uint64(b[7])<<56) - s := f.toFloat64Slice() - *s = append(*s, v) - b = b[8:] - } - return res, nil - } - if w != WireFixed64 { - return b, errInternalBadWireType - } - if len(b) < 8 { - return nil, io.ErrUnexpectedEOF - } - v := math.Float64frombits(uint64(b[0]) | uint64(b[1])<<8 | uint64(b[2])<<16 | uint64(b[3])<<24 | uint64(b[4])<<32 | uint64(b[5])<<40 | uint64(b[6])<<48 | uint64(b[7])<<56) - s := f.toFloat64Slice() - *s = append(*s, v) - return b[8:], nil -} - -func unmarshalFloat32Value(b []byte, f pointer, w int) ([]byte, error) { - if w != WireFixed32 { - return b, errInternalBadWireType - } - if len(b) < 4 { - return nil, io.ErrUnexpectedEOF - } - v := math.Float32frombits(uint32(b[0]) | uint32(b[1])<<8 | uint32(b[2])<<16 | uint32(b[3])<<24) - *f.toFloat32() = v - return b[4:], nil -} - -func unmarshalFloat32Ptr(b []byte, f pointer, w int) ([]byte, error) { - if w != WireFixed32 { - return b, errInternalBadWireType - } - if len(b) < 4 { - return nil, io.ErrUnexpectedEOF - } - v := math.Float32frombits(uint32(b[0]) | uint32(b[1])<<8 | uint32(b[2])<<16 | uint32(b[3])<<24) - *f.toFloat32Ptr() = &v - return b[4:], nil -} - -func unmarshalFloat32Slice(b []byte, f pointer, w int) ([]byte, error) { - if w == WireBytes { // packed - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - res := b[x:] - b = b[:x] - for len(b) > 0 { - if len(b) < 4 { - return nil, io.ErrUnexpectedEOF - } - v := math.Float32frombits(uint32(b[0]) | uint32(b[1])<<8 | uint32(b[2])<<16 | uint32(b[3])<<24) - s := f.toFloat32Slice() - *s = append(*s, v) - b = b[4:] - } - return res, nil - } - if w != WireFixed32 { - return b, errInternalBadWireType - } - if len(b) < 4 { - return nil, io.ErrUnexpectedEOF - } - v := math.Float32frombits(uint32(b[0]) | uint32(b[1])<<8 | uint32(b[2])<<16 | uint32(b[3])<<24) - s := f.toFloat32Slice() - *s = append(*s, v) - return b[4:], nil -} - -func unmarshalStringValue(b []byte, f pointer, w int) ([]byte, error) { - if w != WireBytes { - return b, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - v := string(b[:x]) - *f.toString() = v - return b[x:], nil -} - -func unmarshalStringPtr(b []byte, f pointer, w int) ([]byte, error) { - if w != WireBytes { - return b, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - v := string(b[:x]) - *f.toStringPtr() = &v - return b[x:], nil -} - -func unmarshalStringSlice(b []byte, f pointer, w int) ([]byte, error) { - if w != WireBytes { - return b, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - v := string(b[:x]) - s := f.toStringSlice() - *s = append(*s, v) - return b[x:], nil -} - -func unmarshalUTF8StringValue(b []byte, f pointer, w int) ([]byte, error) { - if w != WireBytes { - return b, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - v := string(b[:x]) - *f.toString() = v - if !utf8.ValidString(v) { - return b[x:], errInvalidUTF8 - } - return b[x:], nil -} - -func unmarshalUTF8StringPtr(b []byte, f pointer, w int) ([]byte, error) { - if w != WireBytes { - return b, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - v := string(b[:x]) - *f.toStringPtr() = &v - if !utf8.ValidString(v) { - return b[x:], errInvalidUTF8 - } - return b[x:], nil -} - -func unmarshalUTF8StringSlice(b []byte, f pointer, w int) ([]byte, error) { - if w != WireBytes { - return b, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - v := string(b[:x]) - s := f.toStringSlice() - *s = append(*s, v) - if !utf8.ValidString(v) { - return b[x:], errInvalidUTF8 - } - return b[x:], nil -} - -var emptyBuf [0]byte - -func unmarshalBytesValue(b []byte, f pointer, w int) ([]byte, error) { - if w != WireBytes { - return b, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - // The use of append here is a trick which avoids the zeroing - // that would be required if we used a make/copy pair. - // We append to emptyBuf instead of nil because we want - // a non-nil result even when the length is 0. - v := append(emptyBuf[:], b[:x]...) - *f.toBytes() = v - return b[x:], nil -} - -func unmarshalBytesSlice(b []byte, f pointer, w int) ([]byte, error) { - if w != WireBytes { - return b, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - v := append(emptyBuf[:], b[:x]...) - s := f.toBytesSlice() - *s = append(*s, v) - return b[x:], nil -} - -func makeUnmarshalMessagePtr(sub *unmarshalInfo, name string) unmarshaler { - return func(b []byte, f pointer, w int) ([]byte, error) { - if w != WireBytes { - return b, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - // First read the message field to see if something is there. - // The semantics of multiple submessages are weird. Instead of - // the last one winning (as it is for all other fields), multiple - // submessages are merged. - v := f.getPointer() - if v.isNil() { - v = valToPointer(reflect.New(sub.typ)) - f.setPointer(v) - } - err := sub.unmarshal(v, b[:x]) - if err != nil { - if r, ok := err.(*RequiredNotSetError); ok { - r.field = name + "." + r.field - } else { - return nil, err - } - } - return b[x:], err - } -} - -func makeUnmarshalMessageSlicePtr(sub *unmarshalInfo, name string) unmarshaler { - return func(b []byte, f pointer, w int) ([]byte, error) { - if w != WireBytes { - return b, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - v := valToPointer(reflect.New(sub.typ)) - err := sub.unmarshal(v, b[:x]) - if err != nil { - if r, ok := err.(*RequiredNotSetError); ok { - r.field = name + "." + r.field - } else { - return nil, err - } - } - f.appendPointer(v) - return b[x:], err - } -} - -func makeUnmarshalGroupPtr(sub *unmarshalInfo, name string) unmarshaler { - return func(b []byte, f pointer, w int) ([]byte, error) { - if w != WireStartGroup { - return b, errInternalBadWireType - } - x, y := findEndGroup(b) - if x < 0 { - return nil, io.ErrUnexpectedEOF - } - v := f.getPointer() - if v.isNil() { - v = valToPointer(reflect.New(sub.typ)) - f.setPointer(v) - } - err := sub.unmarshal(v, b[:x]) - if err != nil { - if r, ok := err.(*RequiredNotSetError); ok { - r.field = name + "." + r.field - } else { - return nil, err - } - } - return b[y:], err - } -} - -func makeUnmarshalGroupSlicePtr(sub *unmarshalInfo, name string) unmarshaler { - return func(b []byte, f pointer, w int) ([]byte, error) { - if w != WireStartGroup { - return b, errInternalBadWireType - } - x, y := findEndGroup(b) - if x < 0 { - return nil, io.ErrUnexpectedEOF - } - v := valToPointer(reflect.New(sub.typ)) - err := sub.unmarshal(v, b[:x]) - if err != nil { - if r, ok := err.(*RequiredNotSetError); ok { - r.field = name + "." + r.field - } else { - return nil, err - } - } - f.appendPointer(v) - return b[y:], err - } -} - -func makeUnmarshalMap(f *reflect.StructField) unmarshaler { - t := f.Type - kt := t.Key() - vt := t.Elem() - tagArray := strings.Split(f.Tag.Get("protobuf"), ",") - valTags := strings.Split(f.Tag.Get("protobuf_val"), ",") - for _, t := range tagArray { - if strings.HasPrefix(t, "customtype=") { - valTags = append(valTags, t) - } - if t == "stdtime" { - valTags = append(valTags, t) - } - if t == "stdduration" { - valTags = append(valTags, t) - } - if t == "wktptr" { - valTags = append(valTags, t) - } - } - unmarshalKey := typeUnmarshaler(kt, f.Tag.Get("protobuf_key")) - unmarshalVal := typeUnmarshaler(vt, strings.Join(valTags, ",")) - return func(b []byte, f pointer, w int) ([]byte, error) { - // The map entry is a submessage. Figure out how big it is. - if w != WireBytes { - return nil, fmt.Errorf("proto: bad wiretype for map field: got %d want %d", w, WireBytes) - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - r := b[x:] // unused data to return - b = b[:x] // data for map entry - - // Note: we could use #keys * #values ~= 200 functions - // to do map decoding without reflection. Probably not worth it. - // Maps will be somewhat slow. Oh well. - - // Read key and value from data. - var nerr nonFatal - k := reflect.New(kt) - v := reflect.New(vt) - for len(b) > 0 { - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - wire := int(x) & 7 - b = b[n:] - - var err error - switch x >> 3 { - case 1: - b, err = unmarshalKey(b, valToPointer(k), wire) - case 2: - b, err = unmarshalVal(b, valToPointer(v), wire) - default: - err = errInternalBadWireType // skip unknown tag - } - - if nerr.Merge(err) { - continue - } - if err != errInternalBadWireType { - return nil, err - } - - // Skip past unknown fields. - b, err = skipField(b, wire) - if err != nil { - return nil, err - } - } - - // Get map, allocate if needed. - m := f.asPointerTo(t).Elem() // an addressable map[K]T - if m.IsNil() { - m.Set(reflect.MakeMap(t)) - } - - // Insert into map. - m.SetMapIndex(k.Elem(), v.Elem()) - - return r, nerr.E - } -} - -// makeUnmarshalOneof makes an unmarshaler for oneof fields. -// for: -// message Msg { -// oneof F { -// int64 X = 1; -// float64 Y = 2; -// } -// } -// typ is the type of the concrete entry for a oneof case (e.g. Msg_X). -// ityp is the interface type of the oneof field (e.g. isMsg_F). -// unmarshal is the unmarshaler for the base type of the oneof case (e.g. int64). -// Note that this function will be called once for each case in the oneof. -func makeUnmarshalOneof(typ, ityp reflect.Type, unmarshal unmarshaler) unmarshaler { - sf := typ.Field(0) - field0 := toField(&sf) - return func(b []byte, f pointer, w int) ([]byte, error) { - // Allocate holder for value. - v := reflect.New(typ) - - // Unmarshal data into holder. - // We unmarshal into the first field of the holder object. - var err error - var nerr nonFatal - b, err = unmarshal(b, valToPointer(v).offset(field0), w) - if !nerr.Merge(err) { - return nil, err - } - - // Write pointer to holder into target field. - f.asPointerTo(ityp).Elem().Set(v) - - return b, nerr.E - } -} - -// Error used by decode internally. -var errInternalBadWireType = errors.New("proto: internal error: bad wiretype") - -// skipField skips past a field of type wire and returns the remaining bytes. -func skipField(b []byte, wire int) ([]byte, error) { - switch wire { - case WireVarint: - _, k := decodeVarint(b) - if k == 0 { - return b, io.ErrUnexpectedEOF - } - b = b[k:] - case WireFixed32: - if len(b) < 4 { - return b, io.ErrUnexpectedEOF - } - b = b[4:] - case WireFixed64: - if len(b) < 8 { - return b, io.ErrUnexpectedEOF - } - b = b[8:] - case WireBytes: - m, k := decodeVarint(b) - if k == 0 || uint64(len(b)-k) < m { - return b, io.ErrUnexpectedEOF - } - b = b[uint64(k)+m:] - case WireStartGroup: - _, i := findEndGroup(b) - if i == -1 { - return b, io.ErrUnexpectedEOF - } - b = b[i:] - default: - return b, fmt.Errorf("proto: can't skip unknown wire type %d", wire) - } - return b, nil -} - -// findEndGroup finds the index of the next EndGroup tag. -// Groups may be nested, so the "next" EndGroup tag is the first -// unpaired EndGroup. -// findEndGroup returns the indexes of the start and end of the EndGroup tag. -// Returns (-1,-1) if it can't find one. -func findEndGroup(b []byte) (int, int) { - depth := 1 - i := 0 - for { - x, n := decodeVarint(b[i:]) - if n == 0 { - return -1, -1 - } - j := i - i += n - switch x & 7 { - case WireVarint: - _, k := decodeVarint(b[i:]) - if k == 0 { - return -1, -1 - } - i += k - case WireFixed32: - if len(b)-4 < i { - return -1, -1 - } - i += 4 - case WireFixed64: - if len(b)-8 < i { - return -1, -1 - } - i += 8 - case WireBytes: - m, k := decodeVarint(b[i:]) - if k == 0 { - return -1, -1 - } - i += k - if uint64(len(b)-i) < m { - return -1, -1 - } - i += int(m) - case WireStartGroup: - depth++ - case WireEndGroup: - depth-- - if depth == 0 { - return j, i - } - default: - return -1, -1 - } - } -} - -// encodeVarint appends a varint-encoded integer to b and returns the result. -func encodeVarint(b []byte, x uint64) []byte { - for x >= 1<<7 { - b = append(b, byte(x&0x7f|0x80)) - x >>= 7 - } - return append(b, byte(x)) -} - -// decodeVarint reads a varint-encoded integer from b. -// Returns the decoded integer and the number of bytes read. -// If there is an error, it returns 0,0. -func decodeVarint(b []byte) (uint64, int) { - var x, y uint64 - if len(b) == 0 { - goto bad - } - x = uint64(b[0]) - if x < 0x80 { - return x, 1 - } - x -= 0x80 - - if len(b) <= 1 { - goto bad - } - y = uint64(b[1]) - x += y << 7 - if y < 0x80 { - return x, 2 - } - x -= 0x80 << 7 - - if len(b) <= 2 { - goto bad - } - y = uint64(b[2]) - x += y << 14 - if y < 0x80 { - return x, 3 - } - x -= 0x80 << 14 - - if len(b) <= 3 { - goto bad - } - y = uint64(b[3]) - x += y << 21 - if y < 0x80 { - return x, 4 - } - x -= 0x80 << 21 - - if len(b) <= 4 { - goto bad - } - y = uint64(b[4]) - x += y << 28 - if y < 0x80 { - return x, 5 - } - x -= 0x80 << 28 - - if len(b) <= 5 { - goto bad - } - y = uint64(b[5]) - x += y << 35 - if y < 0x80 { - return x, 6 - } - x -= 0x80 << 35 - - if len(b) <= 6 { - goto bad - } - y = uint64(b[6]) - x += y << 42 - if y < 0x80 { - return x, 7 - } - x -= 0x80 << 42 - - if len(b) <= 7 { - goto bad - } - y = uint64(b[7]) - x += y << 49 - if y < 0x80 { - return x, 8 - } - x -= 0x80 << 49 - - if len(b) <= 8 { - goto bad - } - y = uint64(b[8]) - x += y << 56 - if y < 0x80 { - return x, 9 - } - x -= 0x80 << 56 - - if len(b) <= 9 { - goto bad - } - y = uint64(b[9]) - x += y << 63 - if y < 2 { - return x, 10 - } - -bad: - return 0, 0 -} diff --git a/vendor/github.com/gogo/protobuf/proto/table_unmarshal_gogo.go b/vendor/github.com/gogo/protobuf/proto/table_unmarshal_gogo.go deleted file mode 100644 index 00d6c7ad9..000000000 --- a/vendor/github.com/gogo/protobuf/proto/table_unmarshal_gogo.go +++ /dev/null @@ -1,385 +0,0 @@ -// Protocol Buffers for Go with Gadgets -// -// Copyright (c) 2018, The GoGo Authors. All rights reserved. -// http://github.com/gogo/protobuf -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are -// met: -// -// * Redistributions of source code must retain the above copyright -// notice, this list of conditions and the following disclaimer. -// * Redistributions in binary form must reproduce the above -// copyright notice, this list of conditions and the following disclaimer -// in the documentation and/or other materials provided with the -// distribution. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -package proto - -import ( - "io" - "reflect" -) - -func makeUnmarshalMessage(sub *unmarshalInfo, name string) unmarshaler { - return func(b []byte, f pointer, w int) ([]byte, error) { - if w != WireBytes { - return nil, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - // First read the message field to see if something is there. - // The semantics of multiple submessages are weird. Instead of - // the last one winning (as it is for all other fields), multiple - // submessages are merged. - v := f // gogo: changed from v := f.getPointer() - if v.isNil() { - v = valToPointer(reflect.New(sub.typ)) - f.setPointer(v) - } - err := sub.unmarshal(v, b[:x]) - if err != nil { - if r, ok := err.(*RequiredNotSetError); ok { - r.field = name + "." + r.field - } else { - return nil, err - } - } - return b[x:], err - } -} - -func makeUnmarshalMessageSlice(sub *unmarshalInfo, name string) unmarshaler { - return func(b []byte, f pointer, w int) ([]byte, error) { - if w != WireBytes { - return nil, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - v := valToPointer(reflect.New(sub.typ)) - err := sub.unmarshal(v, b[:x]) - if err != nil { - if r, ok := err.(*RequiredNotSetError); ok { - r.field = name + "." + r.field - } else { - return nil, err - } - } - f.appendRef(v, sub.typ) // gogo: changed from f.appendPointer(v) - return b[x:], err - } -} - -func makeUnmarshalCustomPtr(sub *unmarshalInfo, name string) unmarshaler { - return func(b []byte, f pointer, w int) ([]byte, error) { - if w != WireBytes { - return nil, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - - s := f.asPointerTo(reflect.PtrTo(sub.typ)).Elem() - s.Set(reflect.New(sub.typ)) - m := s.Interface().(custom) - if err := m.Unmarshal(b[:x]); err != nil { - return nil, err - } - return b[x:], nil - } -} - -func makeUnmarshalCustomSlice(sub *unmarshalInfo, name string) unmarshaler { - return func(b []byte, f pointer, w int) ([]byte, error) { - if w != WireBytes { - return nil, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - m := reflect.New(sub.typ) - c := m.Interface().(custom) - if err := c.Unmarshal(b[:x]); err != nil { - return nil, err - } - v := valToPointer(m) - f.appendRef(v, sub.typ) - return b[x:], nil - } -} - -func makeUnmarshalCustom(sub *unmarshalInfo, name string) unmarshaler { - return func(b []byte, f pointer, w int) ([]byte, error) { - if w != WireBytes { - return nil, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - - m := f.asPointerTo(sub.typ).Interface().(custom) - if err := m.Unmarshal(b[:x]); err != nil { - return nil, err - } - return b[x:], nil - } -} - -func makeUnmarshalTime(sub *unmarshalInfo, name string) unmarshaler { - return func(b []byte, f pointer, w int) ([]byte, error) { - if w != WireBytes { - return nil, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - m := ×tamp{} - if err := Unmarshal(b[:x], m); err != nil { - return nil, err - } - t, err := timestampFromProto(m) - if err != nil { - return nil, err - } - s := f.asPointerTo(sub.typ).Elem() - s.Set(reflect.ValueOf(t)) - return b[x:], nil - } -} - -func makeUnmarshalTimePtr(sub *unmarshalInfo, name string) unmarshaler { - return func(b []byte, f pointer, w int) ([]byte, error) { - if w != WireBytes { - return nil, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - m := ×tamp{} - if err := Unmarshal(b[:x], m); err != nil { - return nil, err - } - t, err := timestampFromProto(m) - if err != nil { - return nil, err - } - s := f.asPointerTo(reflect.PtrTo(sub.typ)).Elem() - s.Set(reflect.ValueOf(&t)) - return b[x:], nil - } -} - -func makeUnmarshalTimePtrSlice(sub *unmarshalInfo, name string) unmarshaler { - return func(b []byte, f pointer, w int) ([]byte, error) { - if w != WireBytes { - return nil, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - m := ×tamp{} - if err := Unmarshal(b[:x], m); err != nil { - return nil, err - } - t, err := timestampFromProto(m) - if err != nil { - return nil, err - } - slice := f.getSlice(reflect.PtrTo(sub.typ)) - newSlice := reflect.Append(slice, reflect.ValueOf(&t)) - slice.Set(newSlice) - return b[x:], nil - } -} - -func makeUnmarshalTimeSlice(sub *unmarshalInfo, name string) unmarshaler { - return func(b []byte, f pointer, w int) ([]byte, error) { - if w != WireBytes { - return nil, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - m := ×tamp{} - if err := Unmarshal(b[:x], m); err != nil { - return nil, err - } - t, err := timestampFromProto(m) - if err != nil { - return nil, err - } - slice := f.getSlice(sub.typ) - newSlice := reflect.Append(slice, reflect.ValueOf(t)) - slice.Set(newSlice) - return b[x:], nil - } -} - -func makeUnmarshalDurationPtr(sub *unmarshalInfo, name string) unmarshaler { - return func(b []byte, f pointer, w int) ([]byte, error) { - if w != WireBytes { - return nil, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - m := &duration{} - if err := Unmarshal(b[:x], m); err != nil { - return nil, err - } - d, err := durationFromProto(m) - if err != nil { - return nil, err - } - s := f.asPointerTo(reflect.PtrTo(sub.typ)).Elem() - s.Set(reflect.ValueOf(&d)) - return b[x:], nil - } -} - -func makeUnmarshalDuration(sub *unmarshalInfo, name string) unmarshaler { - return func(b []byte, f pointer, w int) ([]byte, error) { - if w != WireBytes { - return nil, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - m := &duration{} - if err := Unmarshal(b[:x], m); err != nil { - return nil, err - } - d, err := durationFromProto(m) - if err != nil { - return nil, err - } - s := f.asPointerTo(sub.typ).Elem() - s.Set(reflect.ValueOf(d)) - return b[x:], nil - } -} - -func makeUnmarshalDurationPtrSlice(sub *unmarshalInfo, name string) unmarshaler { - return func(b []byte, f pointer, w int) ([]byte, error) { - if w != WireBytes { - return nil, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - m := &duration{} - if err := Unmarshal(b[:x], m); err != nil { - return nil, err - } - d, err := durationFromProto(m) - if err != nil { - return nil, err - } - slice := f.getSlice(reflect.PtrTo(sub.typ)) - newSlice := reflect.Append(slice, reflect.ValueOf(&d)) - slice.Set(newSlice) - return b[x:], nil - } -} - -func makeUnmarshalDurationSlice(sub *unmarshalInfo, name string) unmarshaler { - return func(b []byte, f pointer, w int) ([]byte, error) { - if w != WireBytes { - return nil, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - m := &duration{} - if err := Unmarshal(b[:x], m); err != nil { - return nil, err - } - d, err := durationFromProto(m) - if err != nil { - return nil, err - } - slice := f.getSlice(sub.typ) - newSlice := reflect.Append(slice, reflect.ValueOf(d)) - slice.Set(newSlice) - return b[x:], nil - } -} diff --git a/vendor/github.com/gogo/protobuf/proto/text.go b/vendor/github.com/gogo/protobuf/proto/text.go deleted file mode 100644 index 87416afe9..000000000 --- a/vendor/github.com/gogo/protobuf/proto/text.go +++ /dev/null @@ -1,930 +0,0 @@ -// Protocol Buffers for Go with Gadgets -// -// Copyright (c) 2013, The GoGo Authors. All rights reserved. -// http://github.com/gogo/protobuf -// -// Go support for Protocol Buffers - Google's data interchange format -// -// Copyright 2010 The Go Authors. All rights reserved. -// https://github.com/golang/protobuf -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are -// met: -// -// * Redistributions of source code must retain the above copyright -// notice, this list of conditions and the following disclaimer. -// * Redistributions in binary form must reproduce the above -// copyright notice, this list of conditions and the following disclaimer -// in the documentation and/or other materials provided with the -// distribution. -// * Neither the name of Google Inc. nor the names of its -// contributors may be used to endorse or promote products derived from -// this software without specific prior written permission. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -package proto - -// Functions for writing the text protocol buffer format. - -import ( - "bufio" - "bytes" - "encoding" - "errors" - "fmt" - "io" - "log" - "math" - "reflect" - "sort" - "strings" - "sync" - "time" -) - -var ( - newline = []byte("\n") - spaces = []byte(" ") - endBraceNewline = []byte("}\n") - backslashN = []byte{'\\', 'n'} - backslashR = []byte{'\\', 'r'} - backslashT = []byte{'\\', 't'} - backslashDQ = []byte{'\\', '"'} - backslashBS = []byte{'\\', '\\'} - posInf = []byte("inf") - negInf = []byte("-inf") - nan = []byte("nan") -) - -type writer interface { - io.Writer - WriteByte(byte) error -} - -// textWriter is an io.Writer that tracks its indentation level. -type textWriter struct { - ind int - complete bool // if the current position is a complete line - compact bool // whether to write out as a one-liner - w writer -} - -func (w *textWriter) WriteString(s string) (n int, err error) { - if !strings.Contains(s, "\n") { - if !w.compact && w.complete { - w.writeIndent() - } - w.complete = false - return io.WriteString(w.w, s) - } - // WriteString is typically called without newlines, so this - // codepath and its copy are rare. We copy to avoid - // duplicating all of Write's logic here. - return w.Write([]byte(s)) -} - -func (w *textWriter) Write(p []byte) (n int, err error) { - newlines := bytes.Count(p, newline) - if newlines == 0 { - if !w.compact && w.complete { - w.writeIndent() - } - n, err = w.w.Write(p) - w.complete = false - return n, err - } - - frags := bytes.SplitN(p, newline, newlines+1) - if w.compact { - for i, frag := range frags { - if i > 0 { - if err := w.w.WriteByte(' '); err != nil { - return n, err - } - n++ - } - nn, err := w.w.Write(frag) - n += nn - if err != nil { - return n, err - } - } - return n, nil - } - - for i, frag := range frags { - if w.complete { - w.writeIndent() - } - nn, err := w.w.Write(frag) - n += nn - if err != nil { - return n, err - } - if i+1 < len(frags) { - if err := w.w.WriteByte('\n'); err != nil { - return n, err - } - n++ - } - } - w.complete = len(frags[len(frags)-1]) == 0 - return n, nil -} - -func (w *textWriter) WriteByte(c byte) error { - if w.compact && c == '\n' { - c = ' ' - } - if !w.compact && w.complete { - w.writeIndent() - } - err := w.w.WriteByte(c) - w.complete = c == '\n' - return err -} - -func (w *textWriter) indent() { w.ind++ } - -func (w *textWriter) unindent() { - if w.ind == 0 { - log.Print("proto: textWriter unindented too far") - return - } - w.ind-- -} - -func writeName(w *textWriter, props *Properties) error { - if _, err := w.WriteString(props.OrigName); err != nil { - return err - } - if props.Wire != "group" { - return w.WriteByte(':') - } - return nil -} - -func requiresQuotes(u string) bool { - // When type URL contains any characters except [0-9A-Za-z./\-]*, it must be quoted. - for _, ch := range u { - switch { - case ch == '.' || ch == '/' || ch == '_': - continue - case '0' <= ch && ch <= '9': - continue - case 'A' <= ch && ch <= 'Z': - continue - case 'a' <= ch && ch <= 'z': - continue - default: - return true - } - } - return false -} - -// isAny reports whether sv is a google.protobuf.Any message -func isAny(sv reflect.Value) bool { - type wkt interface { - XXX_WellKnownType() string - } - t, ok := sv.Addr().Interface().(wkt) - return ok && t.XXX_WellKnownType() == "Any" -} - -// writeProto3Any writes an expanded google.protobuf.Any message. -// -// It returns (false, nil) if sv value can't be unmarshaled (e.g. because -// required messages are not linked in). -// -// It returns (true, error) when sv was written in expanded format or an error -// was encountered. -func (tm *TextMarshaler) writeProto3Any(w *textWriter, sv reflect.Value) (bool, error) { - turl := sv.FieldByName("TypeUrl") - val := sv.FieldByName("Value") - if !turl.IsValid() || !val.IsValid() { - return true, errors.New("proto: invalid google.protobuf.Any message") - } - - b, ok := val.Interface().([]byte) - if !ok { - return true, errors.New("proto: invalid google.protobuf.Any message") - } - - parts := strings.Split(turl.String(), "/") - mt := MessageType(parts[len(parts)-1]) - if mt == nil { - return false, nil - } - m := reflect.New(mt.Elem()) - if err := Unmarshal(b, m.Interface().(Message)); err != nil { - return false, nil - } - w.Write([]byte("[")) - u := turl.String() - if requiresQuotes(u) { - writeString(w, u) - } else { - w.Write([]byte(u)) - } - if w.compact { - w.Write([]byte("]:<")) - } else { - w.Write([]byte("]: <\n")) - w.ind++ - } - if err := tm.writeStruct(w, m.Elem()); err != nil { - return true, err - } - if w.compact { - w.Write([]byte("> ")) - } else { - w.ind-- - w.Write([]byte(">\n")) - } - return true, nil -} - -func (tm *TextMarshaler) writeStruct(w *textWriter, sv reflect.Value) error { - if tm.ExpandAny && isAny(sv) { - if canExpand, err := tm.writeProto3Any(w, sv); canExpand { - return err - } - } - st := sv.Type() - sprops := GetProperties(st) - for i := 0; i < sv.NumField(); i++ { - fv := sv.Field(i) - props := sprops.Prop[i] - name := st.Field(i).Name - - if name == "XXX_NoUnkeyedLiteral" { - continue - } - - if strings.HasPrefix(name, "XXX_") { - // There are two XXX_ fields: - // XXX_unrecognized []byte - // XXX_extensions map[int32]proto.Extension - // The first is handled here; - // the second is handled at the bottom of this function. - if name == "XXX_unrecognized" && !fv.IsNil() { - if err := writeUnknownStruct(w, fv.Interface().([]byte)); err != nil { - return err - } - } - continue - } - if fv.Kind() == reflect.Ptr && fv.IsNil() { - // Field not filled in. This could be an optional field or - // a required field that wasn't filled in. Either way, there - // isn't anything we can show for it. - continue - } - if fv.Kind() == reflect.Slice && fv.IsNil() { - // Repeated field that is empty, or a bytes field that is unused. - continue - } - - if props.Repeated && fv.Kind() == reflect.Slice { - // Repeated field. - for j := 0; j < fv.Len(); j++ { - if err := writeName(w, props); err != nil { - return err - } - if !w.compact { - if err := w.WriteByte(' '); err != nil { - return err - } - } - v := fv.Index(j) - if v.Kind() == reflect.Ptr && v.IsNil() { - // A nil message in a repeated field is not valid, - // but we can handle that more gracefully than panicking. - if _, err := w.Write([]byte("\n")); err != nil { - return err - } - continue - } - if len(props.Enum) > 0 { - if err := tm.writeEnum(w, v, props); err != nil { - return err - } - } else if err := tm.writeAny(w, v, props); err != nil { - return err - } - if err := w.WriteByte('\n'); err != nil { - return err - } - } - continue - } - if fv.Kind() == reflect.Map { - // Map fields are rendered as a repeated struct with key/value fields. - keys := fv.MapKeys() - sort.Sort(mapKeys(keys)) - for _, key := range keys { - val := fv.MapIndex(key) - if err := writeName(w, props); err != nil { - return err - } - if !w.compact { - if err := w.WriteByte(' '); err != nil { - return err - } - } - // open struct - if err := w.WriteByte('<'); err != nil { - return err - } - if !w.compact { - if err := w.WriteByte('\n'); err != nil { - return err - } - } - w.indent() - // key - if _, err := w.WriteString("key:"); err != nil { - return err - } - if !w.compact { - if err := w.WriteByte(' '); err != nil { - return err - } - } - if err := tm.writeAny(w, key, props.MapKeyProp); err != nil { - return err - } - if err := w.WriteByte('\n'); err != nil { - return err - } - // nil values aren't legal, but we can avoid panicking because of them. - if val.Kind() != reflect.Ptr || !val.IsNil() { - // value - if _, err := w.WriteString("value:"); err != nil { - return err - } - if !w.compact { - if err := w.WriteByte(' '); err != nil { - return err - } - } - if err := tm.writeAny(w, val, props.MapValProp); err != nil { - return err - } - if err := w.WriteByte('\n'); err != nil { - return err - } - } - // close struct - w.unindent() - if err := w.WriteByte('>'); err != nil { - return err - } - if err := w.WriteByte('\n'); err != nil { - return err - } - } - continue - } - if props.proto3 && fv.Kind() == reflect.Slice && fv.Len() == 0 { - // empty bytes field - continue - } - if props.proto3 && fv.Kind() != reflect.Ptr && fv.Kind() != reflect.Slice { - // proto3 non-repeated scalar field; skip if zero value - if isProto3Zero(fv) { - continue - } - } - - if fv.Kind() == reflect.Interface { - // Check if it is a oneof. - if st.Field(i).Tag.Get("protobuf_oneof") != "" { - // fv is nil, or holds a pointer to generated struct. - // That generated struct has exactly one field, - // which has a protobuf struct tag. - if fv.IsNil() { - continue - } - inner := fv.Elem().Elem() // interface -> *T -> T - tag := inner.Type().Field(0).Tag.Get("protobuf") - props = new(Properties) // Overwrite the outer props var, but not its pointee. - props.Parse(tag) - // Write the value in the oneof, not the oneof itself. - fv = inner.Field(0) - - // Special case to cope with malformed messages gracefully: - // If the value in the oneof is a nil pointer, don't panic - // in writeAny. - if fv.Kind() == reflect.Ptr && fv.IsNil() { - // Use errors.New so writeAny won't render quotes. - msg := errors.New("/* nil */") - fv = reflect.ValueOf(&msg).Elem() - } - } - } - - if err := writeName(w, props); err != nil { - return err - } - if !w.compact { - if err := w.WriteByte(' '); err != nil { - return err - } - } - - if len(props.Enum) > 0 { - if err := tm.writeEnum(w, fv, props); err != nil { - return err - } - } else if err := tm.writeAny(w, fv, props); err != nil { - return err - } - - if err := w.WriteByte('\n'); err != nil { - return err - } - } - - // Extensions (the XXX_extensions field). - pv := sv - if pv.CanAddr() { - pv = sv.Addr() - } else { - pv = reflect.New(sv.Type()) - pv.Elem().Set(sv) - } - if _, err := extendable(pv.Interface()); err == nil { - if err := tm.writeExtensions(w, pv); err != nil { - return err - } - } - - return nil -} - -var textMarshalerType = reflect.TypeOf((*encoding.TextMarshaler)(nil)).Elem() - -// writeAny writes an arbitrary field. -func (tm *TextMarshaler) writeAny(w *textWriter, v reflect.Value, props *Properties) error { - v = reflect.Indirect(v) - - if props != nil { - if len(props.CustomType) > 0 { - custom, ok := v.Interface().(Marshaler) - if ok { - data, err := custom.Marshal() - if err != nil { - return err - } - if err := writeString(w, string(data)); err != nil { - return err - } - return nil - } - } else if len(props.CastType) > 0 { - if _, ok := v.Interface().(interface { - String() string - }); ok { - switch v.Kind() { - case reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64, - reflect.Uint, reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64: - _, err := fmt.Fprintf(w, "%d", v.Interface()) - return err - } - } - } else if props.StdTime { - t, ok := v.Interface().(time.Time) - if !ok { - return fmt.Errorf("stdtime is not time.Time, but %T", v.Interface()) - } - tproto, err := timestampProto(t) - if err != nil { - return err - } - propsCopy := *props // Make a copy so that this is goroutine-safe - propsCopy.StdTime = false - err = tm.writeAny(w, reflect.ValueOf(tproto), &propsCopy) - return err - } else if props.StdDuration { - d, ok := v.Interface().(time.Duration) - if !ok { - return fmt.Errorf("stdtime is not time.Duration, but %T", v.Interface()) - } - dproto := durationProto(d) - propsCopy := *props // Make a copy so that this is goroutine-safe - propsCopy.StdDuration = false - err := tm.writeAny(w, reflect.ValueOf(dproto), &propsCopy) - return err - } - } - - // Floats have special cases. - if v.Kind() == reflect.Float32 || v.Kind() == reflect.Float64 { - x := v.Float() - var b []byte - switch { - case math.IsInf(x, 1): - b = posInf - case math.IsInf(x, -1): - b = negInf - case math.IsNaN(x): - b = nan - } - if b != nil { - _, err := w.Write(b) - return err - } - // Other values are handled below. - } - - // We don't attempt to serialise every possible value type; only those - // that can occur in protocol buffers. - switch v.Kind() { - case reflect.Slice: - // Should only be a []byte; repeated fields are handled in writeStruct. - if err := writeString(w, string(v.Bytes())); err != nil { - return err - } - case reflect.String: - if err := writeString(w, v.String()); err != nil { - return err - } - case reflect.Struct: - // Required/optional group/message. - var bra, ket byte = '<', '>' - if props != nil && props.Wire == "group" { - bra, ket = '{', '}' - } - if err := w.WriteByte(bra); err != nil { - return err - } - if !w.compact { - if err := w.WriteByte('\n'); err != nil { - return err - } - } - w.indent() - if v.CanAddr() { - // Calling v.Interface on a struct causes the reflect package to - // copy the entire struct. This is racy with the new Marshaler - // since we atomically update the XXX_sizecache. - // - // Thus, we retrieve a pointer to the struct if possible to avoid - // a race since v.Interface on the pointer doesn't copy the struct. - // - // If v is not addressable, then we are not worried about a race - // since it implies that the binary Marshaler cannot possibly be - // mutating this value. - v = v.Addr() - } - if v.Type().Implements(textMarshalerType) { - text, err := v.Interface().(encoding.TextMarshaler).MarshalText() - if err != nil { - return err - } - if _, err = w.Write(text); err != nil { - return err - } - } else { - if v.Kind() == reflect.Ptr { - v = v.Elem() - } - if err := tm.writeStruct(w, v); err != nil { - return err - } - } - w.unindent() - if err := w.WriteByte(ket); err != nil { - return err - } - default: - _, err := fmt.Fprint(w, v.Interface()) - return err - } - return nil -} - -// equivalent to C's isprint. -func isprint(c byte) bool { - return c >= 0x20 && c < 0x7f -} - -// writeString writes a string in the protocol buffer text format. -// It is similar to strconv.Quote except we don't use Go escape sequences, -// we treat the string as a byte sequence, and we use octal escapes. -// These differences are to maintain interoperability with the other -// languages' implementations of the text format. -func writeString(w *textWriter, s string) error { - // use WriteByte here to get any needed indent - if err := w.WriteByte('"'); err != nil { - return err - } - // Loop over the bytes, not the runes. - for i := 0; i < len(s); i++ { - var err error - // Divergence from C++: we don't escape apostrophes. - // There's no need to escape them, and the C++ parser - // copes with a naked apostrophe. - switch c := s[i]; c { - case '\n': - _, err = w.w.Write(backslashN) - case '\r': - _, err = w.w.Write(backslashR) - case '\t': - _, err = w.w.Write(backslashT) - case '"': - _, err = w.w.Write(backslashDQ) - case '\\': - _, err = w.w.Write(backslashBS) - default: - if isprint(c) { - err = w.w.WriteByte(c) - } else { - _, err = fmt.Fprintf(w.w, "\\%03o", c) - } - } - if err != nil { - return err - } - } - return w.WriteByte('"') -} - -func writeUnknownStruct(w *textWriter, data []byte) (err error) { - if !w.compact { - if _, err := fmt.Fprintf(w, "/* %d unknown bytes */\n", len(data)); err != nil { - return err - } - } - b := NewBuffer(data) - for b.index < len(b.buf) { - x, err := b.DecodeVarint() - if err != nil { - _, ferr := fmt.Fprintf(w, "/* %v */\n", err) - return ferr - } - wire, tag := x&7, x>>3 - if wire == WireEndGroup { - w.unindent() - if _, werr := w.Write(endBraceNewline); werr != nil { - return werr - } - continue - } - if _, ferr := fmt.Fprint(w, tag); ferr != nil { - return ferr - } - if wire != WireStartGroup { - if err = w.WriteByte(':'); err != nil { - return err - } - } - if !w.compact || wire == WireStartGroup { - if err = w.WriteByte(' '); err != nil { - return err - } - } - switch wire { - case WireBytes: - buf, e := b.DecodeRawBytes(false) - if e == nil { - _, err = fmt.Fprintf(w, "%q", buf) - } else { - _, err = fmt.Fprintf(w, "/* %v */", e) - } - case WireFixed32: - x, err = b.DecodeFixed32() - err = writeUnknownInt(w, x, err) - case WireFixed64: - x, err = b.DecodeFixed64() - err = writeUnknownInt(w, x, err) - case WireStartGroup: - err = w.WriteByte('{') - w.indent() - case WireVarint: - x, err = b.DecodeVarint() - err = writeUnknownInt(w, x, err) - default: - _, err = fmt.Fprintf(w, "/* unknown wire type %d */", wire) - } - if err != nil { - return err - } - if err := w.WriteByte('\n'); err != nil { - return err - } - } - return nil -} - -func writeUnknownInt(w *textWriter, x uint64, err error) error { - if err == nil { - _, err = fmt.Fprint(w, x) - } else { - _, err = fmt.Fprintf(w, "/* %v */", err) - } - return err -} - -type int32Slice []int32 - -func (s int32Slice) Len() int { return len(s) } -func (s int32Slice) Less(i, j int) bool { return s[i] < s[j] } -func (s int32Slice) Swap(i, j int) { s[i], s[j] = s[j], s[i] } - -// writeExtensions writes all the extensions in pv. -// pv is assumed to be a pointer to a protocol message struct that is extendable. -func (tm *TextMarshaler) writeExtensions(w *textWriter, pv reflect.Value) error { - emap := extensionMaps[pv.Type().Elem()] - e := pv.Interface().(Message) - - var m map[int32]Extension - var mu sync.Locker - if em, ok := e.(extensionsBytes); ok { - eb := em.GetExtensions() - var err error - m, err = BytesToExtensionsMap(*eb) - if err != nil { - return err - } - mu = notLocker{} - } else if _, ok := e.(extendableProto); ok { - ep, _ := extendable(e) - m, mu = ep.extensionsRead() - if m == nil { - return nil - } - } - - // Order the extensions by ID. - // This isn't strictly necessary, but it will give us - // canonical output, which will also make testing easier. - - mu.Lock() - ids := make([]int32, 0, len(m)) - for id := range m { - ids = append(ids, id) - } - sort.Sort(int32Slice(ids)) - mu.Unlock() - - for _, extNum := range ids { - ext := m[extNum] - var desc *ExtensionDesc - if emap != nil { - desc = emap[extNum] - } - if desc == nil { - // Unknown extension. - if err := writeUnknownStruct(w, ext.enc); err != nil { - return err - } - continue - } - - pb, err := GetExtension(e, desc) - if err != nil { - return fmt.Errorf("failed getting extension: %v", err) - } - - // Repeated extensions will appear as a slice. - if !desc.repeated() { - if err := tm.writeExtension(w, desc.Name, pb); err != nil { - return err - } - } else { - v := reflect.ValueOf(pb) - for i := 0; i < v.Len(); i++ { - if err := tm.writeExtension(w, desc.Name, v.Index(i).Interface()); err != nil { - return err - } - } - } - } - return nil -} - -func (tm *TextMarshaler) writeExtension(w *textWriter, name string, pb interface{}) error { - if _, err := fmt.Fprintf(w, "[%s]:", name); err != nil { - return err - } - if !w.compact { - if err := w.WriteByte(' '); err != nil { - return err - } - } - if err := tm.writeAny(w, reflect.ValueOf(pb), nil); err != nil { - return err - } - if err := w.WriteByte('\n'); err != nil { - return err - } - return nil -} - -func (w *textWriter) writeIndent() { - if !w.complete { - return - } - remain := w.ind * 2 - for remain > 0 { - n := remain - if n > len(spaces) { - n = len(spaces) - } - w.w.Write(spaces[:n]) - remain -= n - } - w.complete = false -} - -// TextMarshaler is a configurable text format marshaler. -type TextMarshaler struct { - Compact bool // use compact text format (one line). - ExpandAny bool // expand google.protobuf.Any messages of known types -} - -// Marshal writes a given protocol buffer in text format. -// The only errors returned are from w. -func (tm *TextMarshaler) Marshal(w io.Writer, pb Message) error { - val := reflect.ValueOf(pb) - if pb == nil || val.IsNil() { - w.Write([]byte("")) - return nil - } - var bw *bufio.Writer - ww, ok := w.(writer) - if !ok { - bw = bufio.NewWriter(w) - ww = bw - } - aw := &textWriter{ - w: ww, - complete: true, - compact: tm.Compact, - } - - if etm, ok := pb.(encoding.TextMarshaler); ok { - text, err := etm.MarshalText() - if err != nil { - return err - } - if _, err = aw.Write(text); err != nil { - return err - } - if bw != nil { - return bw.Flush() - } - return nil - } - // Dereference the received pointer so we don't have outer < and >. - v := reflect.Indirect(val) - if err := tm.writeStruct(aw, v); err != nil { - return err - } - if bw != nil { - return bw.Flush() - } - return nil -} - -// Text is the same as Marshal, but returns the string directly. -func (tm *TextMarshaler) Text(pb Message) string { - var buf bytes.Buffer - tm.Marshal(&buf, pb) - return buf.String() -} - -var ( - defaultTextMarshaler = TextMarshaler{} - compactTextMarshaler = TextMarshaler{Compact: true} -) - -// TODO: consider removing some of the Marshal functions below. - -// MarshalText writes a given protocol buffer in text format. -// The only errors returned are from w. -func MarshalText(w io.Writer, pb Message) error { return defaultTextMarshaler.Marshal(w, pb) } - -// MarshalTextString is the same as MarshalText, but returns the string directly. -func MarshalTextString(pb Message) string { return defaultTextMarshaler.Text(pb) } - -// CompactText writes a given protocol buffer in compact text format (one line). -func CompactText(w io.Writer, pb Message) error { return compactTextMarshaler.Marshal(w, pb) } - -// CompactTextString is the same as CompactText, but returns the string directly. -func CompactTextString(pb Message) string { return compactTextMarshaler.Text(pb) } diff --git a/vendor/github.com/gogo/protobuf/proto/text_gogo.go b/vendor/github.com/gogo/protobuf/proto/text_gogo.go deleted file mode 100644 index 1d6c6aa0e..000000000 --- a/vendor/github.com/gogo/protobuf/proto/text_gogo.go +++ /dev/null @@ -1,57 +0,0 @@ -// Protocol Buffers for Go with Gadgets -// -// Copyright (c) 2013, The GoGo Authors. All rights reserved. -// http://github.com/gogo/protobuf -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are -// met: -// -// * Redistributions of source code must retain the above copyright -// notice, this list of conditions and the following disclaimer. -// * Redistributions in binary form must reproduce the above -// copyright notice, this list of conditions and the following disclaimer -// in the documentation and/or other materials provided with the -// distribution. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -package proto - -import ( - "fmt" - "reflect" -) - -func (tm *TextMarshaler) writeEnum(w *textWriter, v reflect.Value, props *Properties) error { - m, ok := enumStringMaps[props.Enum] - if !ok { - if err := tm.writeAny(w, v, props); err != nil { - return err - } - } - key := int32(0) - if v.Kind() == reflect.Ptr { - key = int32(v.Elem().Int()) - } else { - key = int32(v.Int()) - } - s, ok := m[key] - if !ok { - if err := tm.writeAny(w, v, props); err != nil { - return err - } - } - _, err := fmt.Fprint(w, s) - return err -} diff --git a/vendor/github.com/gogo/protobuf/proto/text_parser.go b/vendor/github.com/gogo/protobuf/proto/text_parser.go deleted file mode 100644 index f85c0cc81..000000000 --- a/vendor/github.com/gogo/protobuf/proto/text_parser.go +++ /dev/null @@ -1,1018 +0,0 @@ -// Protocol Buffers for Go with Gadgets -// -// Copyright (c) 2013, The GoGo Authors. All rights reserved. -// http://github.com/gogo/protobuf -// -// Go support for Protocol Buffers - Google's data interchange format -// -// Copyright 2010 The Go Authors. All rights reserved. -// https://github.com/golang/protobuf -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are -// met: -// -// * Redistributions of source code must retain the above copyright -// notice, this list of conditions and the following disclaimer. -// * Redistributions in binary form must reproduce the above -// copyright notice, this list of conditions and the following disclaimer -// in the documentation and/or other materials provided with the -// distribution. -// * Neither the name of Google Inc. nor the names of its -// contributors may be used to endorse or promote products derived from -// this software without specific prior written permission. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -package proto - -// Functions for parsing the Text protocol buffer format. -// TODO: message sets. - -import ( - "encoding" - "errors" - "fmt" - "reflect" - "strconv" - "strings" - "time" - "unicode/utf8" -) - -// Error string emitted when deserializing Any and fields are already set -const anyRepeatedlyUnpacked = "Any message unpacked multiple times, or %q already set" - -type ParseError struct { - Message string - Line int // 1-based line number - Offset int // 0-based byte offset from start of input -} - -func (p *ParseError) Error() string { - if p.Line == 1 { - // show offset only for first line - return fmt.Sprintf("line 1.%d: %v", p.Offset, p.Message) - } - return fmt.Sprintf("line %d: %v", p.Line, p.Message) -} - -type token struct { - value string - err *ParseError - line int // line number - offset int // byte number from start of input, not start of line - unquoted string // the unquoted version of value, if it was a quoted string -} - -func (t *token) String() string { - if t.err == nil { - return fmt.Sprintf("%q (line=%d, offset=%d)", t.value, t.line, t.offset) - } - return fmt.Sprintf("parse error: %v", t.err) -} - -type textParser struct { - s string // remaining input - done bool // whether the parsing is finished (success or error) - backed bool // whether back() was called - offset, line int - cur token -} - -func newTextParser(s string) *textParser { - p := new(textParser) - p.s = s - p.line = 1 - p.cur.line = 1 - return p -} - -func (p *textParser) errorf(format string, a ...interface{}) *ParseError { - pe := &ParseError{fmt.Sprintf(format, a...), p.cur.line, p.cur.offset} - p.cur.err = pe - p.done = true - return pe -} - -// Numbers and identifiers are matched by [-+._A-Za-z0-9] -func isIdentOrNumberChar(c byte) bool { - switch { - case 'A' <= c && c <= 'Z', 'a' <= c && c <= 'z': - return true - case '0' <= c && c <= '9': - return true - } - switch c { - case '-', '+', '.', '_': - return true - } - return false -} - -func isWhitespace(c byte) bool { - switch c { - case ' ', '\t', '\n', '\r': - return true - } - return false -} - -func isQuote(c byte) bool { - switch c { - case '"', '\'': - return true - } - return false -} - -func (p *textParser) skipWhitespace() { - i := 0 - for i < len(p.s) && (isWhitespace(p.s[i]) || p.s[i] == '#') { - if p.s[i] == '#' { - // comment; skip to end of line or input - for i < len(p.s) && p.s[i] != '\n' { - i++ - } - if i == len(p.s) { - break - } - } - if p.s[i] == '\n' { - p.line++ - } - i++ - } - p.offset += i - p.s = p.s[i:len(p.s)] - if len(p.s) == 0 { - p.done = true - } -} - -func (p *textParser) advance() { - // Skip whitespace - p.skipWhitespace() - if p.done { - return - } - - // Start of non-whitespace - p.cur.err = nil - p.cur.offset, p.cur.line = p.offset, p.line - p.cur.unquoted = "" - switch p.s[0] { - case '<', '>', '{', '}', ':', '[', ']', ';', ',', '/': - // Single symbol - p.cur.value, p.s = p.s[0:1], p.s[1:len(p.s)] - case '"', '\'': - // Quoted string - i := 1 - for i < len(p.s) && p.s[i] != p.s[0] && p.s[i] != '\n' { - if p.s[i] == '\\' && i+1 < len(p.s) { - // skip escaped char - i++ - } - i++ - } - if i >= len(p.s) || p.s[i] != p.s[0] { - p.errorf("unmatched quote") - return - } - unq, err := unquoteC(p.s[1:i], rune(p.s[0])) - if err != nil { - p.errorf("invalid quoted string %s: %v", p.s[0:i+1], err) - return - } - p.cur.value, p.s = p.s[0:i+1], p.s[i+1:len(p.s)] - p.cur.unquoted = unq - default: - i := 0 - for i < len(p.s) && isIdentOrNumberChar(p.s[i]) { - i++ - } - if i == 0 { - p.errorf("unexpected byte %#x", p.s[0]) - return - } - p.cur.value, p.s = p.s[0:i], p.s[i:len(p.s)] - } - p.offset += len(p.cur.value) -} - -var ( - errBadUTF8 = errors.New("proto: bad UTF-8") -) - -func unquoteC(s string, quote rune) (string, error) { - // This is based on C++'s tokenizer.cc. - // Despite its name, this is *not* parsing C syntax. - // For instance, "\0" is an invalid quoted string. - - // Avoid allocation in trivial cases. - simple := true - for _, r := range s { - if r == '\\' || r == quote { - simple = false - break - } - } - if simple { - return s, nil - } - - buf := make([]byte, 0, 3*len(s)/2) - for len(s) > 0 { - r, n := utf8.DecodeRuneInString(s) - if r == utf8.RuneError && n == 1 { - return "", errBadUTF8 - } - s = s[n:] - if r != '\\' { - if r < utf8.RuneSelf { - buf = append(buf, byte(r)) - } else { - buf = append(buf, string(r)...) - } - continue - } - - ch, tail, err := unescape(s) - if err != nil { - return "", err - } - buf = append(buf, ch...) - s = tail - } - return string(buf), nil -} - -func unescape(s string) (ch string, tail string, err error) { - r, n := utf8.DecodeRuneInString(s) - if r == utf8.RuneError && n == 1 { - return "", "", errBadUTF8 - } - s = s[n:] - switch r { - case 'a': - return "\a", s, nil - case 'b': - return "\b", s, nil - case 'f': - return "\f", s, nil - case 'n': - return "\n", s, nil - case 'r': - return "\r", s, nil - case 't': - return "\t", s, nil - case 'v': - return "\v", s, nil - case '?': - return "?", s, nil // trigraph workaround - case '\'', '"', '\\': - return string(r), s, nil - case '0', '1', '2', '3', '4', '5', '6', '7': - if len(s) < 2 { - return "", "", fmt.Errorf(`\%c requires 2 following digits`, r) - } - ss := string(r) + s[:2] - s = s[2:] - i, err := strconv.ParseUint(ss, 8, 8) - if err != nil { - return "", "", fmt.Errorf(`\%s contains non-octal digits`, ss) - } - return string([]byte{byte(i)}), s, nil - case 'x', 'X', 'u', 'U': - var n int - switch r { - case 'x', 'X': - n = 2 - case 'u': - n = 4 - case 'U': - n = 8 - } - if len(s) < n { - return "", "", fmt.Errorf(`\%c requires %d following digits`, r, n) - } - ss := s[:n] - s = s[n:] - i, err := strconv.ParseUint(ss, 16, 64) - if err != nil { - return "", "", fmt.Errorf(`\%c%s contains non-hexadecimal digits`, r, ss) - } - if r == 'x' || r == 'X' { - return string([]byte{byte(i)}), s, nil - } - if i > utf8.MaxRune { - return "", "", fmt.Errorf(`\%c%s is not a valid Unicode code point`, r, ss) - } - return string(rune(i)), s, nil - } - return "", "", fmt.Errorf(`unknown escape \%c`, r) -} - -// Back off the parser by one token. Can only be done between calls to next(). -// It makes the next advance() a no-op. -func (p *textParser) back() { p.backed = true } - -// Advances the parser and returns the new current token. -func (p *textParser) next() *token { - if p.backed || p.done { - p.backed = false - return &p.cur - } - p.advance() - if p.done { - p.cur.value = "" - } else if len(p.cur.value) > 0 && isQuote(p.cur.value[0]) { - // Look for multiple quoted strings separated by whitespace, - // and concatenate them. - cat := p.cur - for { - p.skipWhitespace() - if p.done || !isQuote(p.s[0]) { - break - } - p.advance() - if p.cur.err != nil { - return &p.cur - } - cat.value += " " + p.cur.value - cat.unquoted += p.cur.unquoted - } - p.done = false // parser may have seen EOF, but we want to return cat - p.cur = cat - } - return &p.cur -} - -func (p *textParser) consumeToken(s string) error { - tok := p.next() - if tok.err != nil { - return tok.err - } - if tok.value != s { - p.back() - return p.errorf("expected %q, found %q", s, tok.value) - } - return nil -} - -// Return a RequiredNotSetError indicating which required field was not set. -func (p *textParser) missingRequiredFieldError(sv reflect.Value) *RequiredNotSetError { - st := sv.Type() - sprops := GetProperties(st) - for i := 0; i < st.NumField(); i++ { - if !isNil(sv.Field(i)) { - continue - } - - props := sprops.Prop[i] - if props.Required { - return &RequiredNotSetError{fmt.Sprintf("%v.%v", st, props.OrigName)} - } - } - return &RequiredNotSetError{fmt.Sprintf("%v.", st)} // should not happen -} - -// Returns the index in the struct for the named field, as well as the parsed tag properties. -func structFieldByName(sprops *StructProperties, name string) (int, *Properties, bool) { - i, ok := sprops.decoderOrigNames[name] - if ok { - return i, sprops.Prop[i], true - } - return -1, nil, false -} - -// Consume a ':' from the input stream (if the next token is a colon), -// returning an error if a colon is needed but not present. -func (p *textParser) checkForColon(props *Properties, typ reflect.Type) *ParseError { - tok := p.next() - if tok.err != nil { - return tok.err - } - if tok.value != ":" { - // Colon is optional when the field is a group or message. - needColon := true - switch props.Wire { - case "group": - needColon = false - case "bytes": - // A "bytes" field is either a message, a string, or a repeated field; - // those three become *T, *string and []T respectively, so we can check for - // this field being a pointer to a non-string. - if typ.Kind() == reflect.Ptr { - // *T or *string - if typ.Elem().Kind() == reflect.String { - break - } - } else if typ.Kind() == reflect.Slice { - // []T or []*T - if typ.Elem().Kind() != reflect.Ptr { - break - } - } else if typ.Kind() == reflect.String { - // The proto3 exception is for a string field, - // which requires a colon. - break - } - needColon = false - } - if needColon { - return p.errorf("expected ':', found %q", tok.value) - } - p.back() - } - return nil -} - -func (p *textParser) readStruct(sv reflect.Value, terminator string) error { - st := sv.Type() - sprops := GetProperties(st) - reqCount := sprops.reqCount - var reqFieldErr error - fieldSet := make(map[string]bool) - // A struct is a sequence of "name: value", terminated by one of - // '>' or '}', or the end of the input. A name may also be - // "[extension]" or "[type/url]". - // - // The whole struct can also be an expanded Any message, like: - // [type/url] < ... struct contents ... > - for { - tok := p.next() - if tok.err != nil { - return tok.err - } - if tok.value == terminator { - break - } - if tok.value == "[" { - // Looks like an extension or an Any. - // - // TODO: Check whether we need to handle - // namespace rooted names (e.g. ".something.Foo"). - extName, err := p.consumeExtName() - if err != nil { - return err - } - - if s := strings.LastIndex(extName, "/"); s >= 0 { - // If it contains a slash, it's an Any type URL. - messageName := extName[s+1:] - mt := MessageType(messageName) - if mt == nil { - return p.errorf("unrecognized message %q in google.protobuf.Any", messageName) - } - tok = p.next() - if tok.err != nil { - return tok.err - } - // consume an optional colon - if tok.value == ":" { - tok = p.next() - if tok.err != nil { - return tok.err - } - } - var terminator string - switch tok.value { - case "<": - terminator = ">" - case "{": - terminator = "}" - default: - return p.errorf("expected '{' or '<', found %q", tok.value) - } - v := reflect.New(mt.Elem()) - if pe := p.readStruct(v.Elem(), terminator); pe != nil { - return pe - } - b, err := Marshal(v.Interface().(Message)) - if err != nil { - return p.errorf("failed to marshal message of type %q: %v", messageName, err) - } - if fieldSet["type_url"] { - return p.errorf(anyRepeatedlyUnpacked, "type_url") - } - if fieldSet["value"] { - return p.errorf(anyRepeatedlyUnpacked, "value") - } - sv.FieldByName("TypeUrl").SetString(extName) - sv.FieldByName("Value").SetBytes(b) - fieldSet["type_url"] = true - fieldSet["value"] = true - continue - } - - var desc *ExtensionDesc - // This could be faster, but it's functional. - // TODO: Do something smarter than a linear scan. - for _, d := range RegisteredExtensions(reflect.New(st).Interface().(Message)) { - if d.Name == extName { - desc = d - break - } - } - if desc == nil { - return p.errorf("unrecognized extension %q", extName) - } - - props := &Properties{} - props.Parse(desc.Tag) - - typ := reflect.TypeOf(desc.ExtensionType) - if err := p.checkForColon(props, typ); err != nil { - return err - } - - rep := desc.repeated() - - // Read the extension structure, and set it in - // the value we're constructing. - var ext reflect.Value - if !rep { - ext = reflect.New(typ).Elem() - } else { - ext = reflect.New(typ.Elem()).Elem() - } - if err := p.readAny(ext, props); err != nil { - if _, ok := err.(*RequiredNotSetError); !ok { - return err - } - reqFieldErr = err - } - ep := sv.Addr().Interface().(Message) - if !rep { - SetExtension(ep, desc, ext.Interface()) - } else { - old, err := GetExtension(ep, desc) - var sl reflect.Value - if err == nil { - sl = reflect.ValueOf(old) // existing slice - } else { - sl = reflect.MakeSlice(typ, 0, 1) - } - sl = reflect.Append(sl, ext) - SetExtension(ep, desc, sl.Interface()) - } - if err := p.consumeOptionalSeparator(); err != nil { - return err - } - continue - } - - // This is a normal, non-extension field. - name := tok.value - var dst reflect.Value - fi, props, ok := structFieldByName(sprops, name) - if ok { - dst = sv.Field(fi) - } else if oop, ok := sprops.OneofTypes[name]; ok { - // It is a oneof. - props = oop.Prop - nv := reflect.New(oop.Type.Elem()) - dst = nv.Elem().Field(0) - field := sv.Field(oop.Field) - if !field.IsNil() { - return p.errorf("field '%s' would overwrite already parsed oneof '%s'", name, sv.Type().Field(oop.Field).Name) - } - field.Set(nv) - } - if !dst.IsValid() { - return p.errorf("unknown field name %q in %v", name, st) - } - - if dst.Kind() == reflect.Map { - // Consume any colon. - if err := p.checkForColon(props, dst.Type()); err != nil { - return err - } - - // Construct the map if it doesn't already exist. - if dst.IsNil() { - dst.Set(reflect.MakeMap(dst.Type())) - } - key := reflect.New(dst.Type().Key()).Elem() - val := reflect.New(dst.Type().Elem()).Elem() - - // The map entry should be this sequence of tokens: - // < key : KEY value : VALUE > - // However, implementations may omit key or value, and technically - // we should support them in any order. See b/28924776 for a time - // this went wrong. - - tok := p.next() - var terminator string - switch tok.value { - case "<": - terminator = ">" - case "{": - terminator = "}" - default: - return p.errorf("expected '{' or '<', found %q", tok.value) - } - for { - tok := p.next() - if tok.err != nil { - return tok.err - } - if tok.value == terminator { - break - } - switch tok.value { - case "key": - if err := p.consumeToken(":"); err != nil { - return err - } - if err := p.readAny(key, props.MapKeyProp); err != nil { - return err - } - if err := p.consumeOptionalSeparator(); err != nil { - return err - } - case "value": - if err := p.checkForColon(props.MapValProp, dst.Type().Elem()); err != nil { - return err - } - if err := p.readAny(val, props.MapValProp); err != nil { - return err - } - if err := p.consumeOptionalSeparator(); err != nil { - return err - } - default: - p.back() - return p.errorf(`expected "key", "value", or %q, found %q`, terminator, tok.value) - } - } - - dst.SetMapIndex(key, val) - continue - } - - // Check that it's not already set if it's not a repeated field. - if !props.Repeated && fieldSet[name] { - return p.errorf("non-repeated field %q was repeated", name) - } - - if err := p.checkForColon(props, dst.Type()); err != nil { - return err - } - - // Parse into the field. - fieldSet[name] = true - if err := p.readAny(dst, props); err != nil { - if _, ok := err.(*RequiredNotSetError); !ok { - return err - } - reqFieldErr = err - } - if props.Required { - reqCount-- - } - - if err := p.consumeOptionalSeparator(); err != nil { - return err - } - - } - - if reqCount > 0 { - return p.missingRequiredFieldError(sv) - } - return reqFieldErr -} - -// consumeExtName consumes extension name or expanded Any type URL and the -// following ']'. It returns the name or URL consumed. -func (p *textParser) consumeExtName() (string, error) { - tok := p.next() - if tok.err != nil { - return "", tok.err - } - - // If extension name or type url is quoted, it's a single token. - if len(tok.value) > 2 && isQuote(tok.value[0]) && tok.value[len(tok.value)-1] == tok.value[0] { - name, err := unquoteC(tok.value[1:len(tok.value)-1], rune(tok.value[0])) - if err != nil { - return "", err - } - return name, p.consumeToken("]") - } - - // Consume everything up to "]" - var parts []string - for tok.value != "]" { - parts = append(parts, tok.value) - tok = p.next() - if tok.err != nil { - return "", p.errorf("unrecognized type_url or extension name: %s", tok.err) - } - if p.done && tok.value != "]" { - return "", p.errorf("unclosed type_url or extension name") - } - } - return strings.Join(parts, ""), nil -} - -// consumeOptionalSeparator consumes an optional semicolon or comma. -// It is used in readStruct to provide backward compatibility. -func (p *textParser) consumeOptionalSeparator() error { - tok := p.next() - if tok.err != nil { - return tok.err - } - if tok.value != ";" && tok.value != "," { - p.back() - } - return nil -} - -func (p *textParser) readAny(v reflect.Value, props *Properties) error { - tok := p.next() - if tok.err != nil { - return tok.err - } - if tok.value == "" { - return p.errorf("unexpected EOF") - } - if len(props.CustomType) > 0 { - if props.Repeated { - t := reflect.TypeOf(v.Interface()) - if t.Kind() == reflect.Slice { - tc := reflect.TypeOf(new(Marshaler)) - ok := t.Elem().Implements(tc.Elem()) - if ok { - fv := v - flen := fv.Len() - if flen == fv.Cap() { - nav := reflect.MakeSlice(v.Type(), flen, 2*flen+1) - reflect.Copy(nav, fv) - fv.Set(nav) - } - fv.SetLen(flen + 1) - - // Read one. - p.back() - return p.readAny(fv.Index(flen), props) - } - } - } - if reflect.TypeOf(v.Interface()).Kind() == reflect.Ptr { - custom := reflect.New(props.ctype.Elem()).Interface().(Unmarshaler) - err := custom.Unmarshal([]byte(tok.unquoted)) - if err != nil { - return p.errorf("%v %v: %v", err, v.Type(), tok.value) - } - v.Set(reflect.ValueOf(custom)) - } else { - custom := reflect.New(reflect.TypeOf(v.Interface())).Interface().(Unmarshaler) - err := custom.Unmarshal([]byte(tok.unquoted)) - if err != nil { - return p.errorf("%v %v: %v", err, v.Type(), tok.value) - } - v.Set(reflect.Indirect(reflect.ValueOf(custom))) - } - return nil - } - if props.StdTime { - fv := v - p.back() - props.StdTime = false - tproto := ×tamp{} - err := p.readAny(reflect.ValueOf(tproto).Elem(), props) - props.StdTime = true - if err != nil { - return err - } - tim, err := timestampFromProto(tproto) - if err != nil { - return err - } - if props.Repeated { - t := reflect.TypeOf(v.Interface()) - if t.Kind() == reflect.Slice { - if t.Elem().Kind() == reflect.Ptr { - ts := fv.Interface().([]*time.Time) - ts = append(ts, &tim) - fv.Set(reflect.ValueOf(ts)) - return nil - } else { - ts := fv.Interface().([]time.Time) - ts = append(ts, tim) - fv.Set(reflect.ValueOf(ts)) - return nil - } - } - } - if reflect.TypeOf(v.Interface()).Kind() == reflect.Ptr { - v.Set(reflect.ValueOf(&tim)) - } else { - v.Set(reflect.Indirect(reflect.ValueOf(&tim))) - } - return nil - } - if props.StdDuration { - fv := v - p.back() - props.StdDuration = false - dproto := &duration{} - err := p.readAny(reflect.ValueOf(dproto).Elem(), props) - props.StdDuration = true - if err != nil { - return err - } - dur, err := durationFromProto(dproto) - if err != nil { - return err - } - if props.Repeated { - t := reflect.TypeOf(v.Interface()) - if t.Kind() == reflect.Slice { - if t.Elem().Kind() == reflect.Ptr { - ds := fv.Interface().([]*time.Duration) - ds = append(ds, &dur) - fv.Set(reflect.ValueOf(ds)) - return nil - } else { - ds := fv.Interface().([]time.Duration) - ds = append(ds, dur) - fv.Set(reflect.ValueOf(ds)) - return nil - } - } - } - if reflect.TypeOf(v.Interface()).Kind() == reflect.Ptr { - v.Set(reflect.ValueOf(&dur)) - } else { - v.Set(reflect.Indirect(reflect.ValueOf(&dur))) - } - return nil - } - switch fv := v; fv.Kind() { - case reflect.Slice: - at := v.Type() - if at.Elem().Kind() == reflect.Uint8 { - // Special case for []byte - if tok.value[0] != '"' && tok.value[0] != '\'' { - // Deliberately written out here, as the error after - // this switch statement would write "invalid []byte: ...", - // which is not as user-friendly. - return p.errorf("invalid string: %v", tok.value) - } - bytes := []byte(tok.unquoted) - fv.Set(reflect.ValueOf(bytes)) - return nil - } - // Repeated field. - if tok.value == "[" { - // Repeated field with list notation, like [1,2,3]. - for { - fv.Set(reflect.Append(fv, reflect.New(at.Elem()).Elem())) - err := p.readAny(fv.Index(fv.Len()-1), props) - if err != nil { - return err - } - ntok := p.next() - if ntok.err != nil { - return ntok.err - } - if ntok.value == "]" { - break - } - if ntok.value != "," { - return p.errorf("Expected ']' or ',' found %q", ntok.value) - } - } - return nil - } - // One value of the repeated field. - p.back() - fv.Set(reflect.Append(fv, reflect.New(at.Elem()).Elem())) - return p.readAny(fv.Index(fv.Len()-1), props) - case reflect.Bool: - // true/1/t/True or false/f/0/False. - switch tok.value { - case "true", "1", "t", "True": - fv.SetBool(true) - return nil - case "false", "0", "f", "False": - fv.SetBool(false) - return nil - } - case reflect.Float32, reflect.Float64: - v := tok.value - // Ignore 'f' for compatibility with output generated by C++, but don't - // remove 'f' when the value is "-inf" or "inf". - if strings.HasSuffix(v, "f") && tok.value != "-inf" && tok.value != "inf" { - v = v[:len(v)-1] - } - if f, err := strconv.ParseFloat(v, fv.Type().Bits()); err == nil { - fv.SetFloat(f) - return nil - } - case reflect.Int8: - if x, err := strconv.ParseInt(tok.value, 0, 8); err == nil { - fv.SetInt(x) - return nil - } - case reflect.Int16: - if x, err := strconv.ParseInt(tok.value, 0, 16); err == nil { - fv.SetInt(x) - return nil - } - case reflect.Int32: - if x, err := strconv.ParseInt(tok.value, 0, 32); err == nil { - fv.SetInt(x) - return nil - } - - if len(props.Enum) == 0 { - break - } - m, ok := enumValueMaps[props.Enum] - if !ok { - break - } - x, ok := m[tok.value] - if !ok { - break - } - fv.SetInt(int64(x)) - return nil - case reflect.Int64: - if x, err := strconv.ParseInt(tok.value, 0, 64); err == nil { - fv.SetInt(x) - return nil - } - - case reflect.Ptr: - // A basic field (indirected through pointer), or a repeated message/group - p.back() - fv.Set(reflect.New(fv.Type().Elem())) - return p.readAny(fv.Elem(), props) - case reflect.String: - if tok.value[0] == '"' || tok.value[0] == '\'' { - fv.SetString(tok.unquoted) - return nil - } - case reflect.Struct: - var terminator string - switch tok.value { - case "{": - terminator = "}" - case "<": - terminator = ">" - default: - return p.errorf("expected '{' or '<', found %q", tok.value) - } - // TODO: Handle nested messages which implement encoding.TextUnmarshaler. - return p.readStruct(fv, terminator) - case reflect.Uint8: - if x, err := strconv.ParseUint(tok.value, 0, 8); err == nil { - fv.SetUint(x) - return nil - } - case reflect.Uint16: - if x, err := strconv.ParseUint(tok.value, 0, 16); err == nil { - fv.SetUint(x) - return nil - } - case reflect.Uint32: - if x, err := strconv.ParseUint(tok.value, 0, 32); err == nil { - fv.SetUint(uint64(x)) - return nil - } - case reflect.Uint64: - if x, err := strconv.ParseUint(tok.value, 0, 64); err == nil { - fv.SetUint(x) - return nil - } - } - return p.errorf("invalid %v: %v", v.Type(), tok.value) -} - -// UnmarshalText reads a protocol buffer in Text format. UnmarshalText resets pb -// before starting to unmarshal, so any existing data in pb is always removed. -// If a required field is not set and no other error occurs, -// UnmarshalText returns *RequiredNotSetError. -func UnmarshalText(s string, pb Message) error { - if um, ok := pb.(encoding.TextUnmarshaler); ok { - return um.UnmarshalText([]byte(s)) - } - pb.Reset() - v := reflect.ValueOf(pb) - return newTextParser(s).readStruct(v.Elem(), "") -} diff --git a/vendor/github.com/gogo/protobuf/proto/timestamp.go b/vendor/github.com/gogo/protobuf/proto/timestamp.go deleted file mode 100644 index 9324f6542..000000000 --- a/vendor/github.com/gogo/protobuf/proto/timestamp.go +++ /dev/null @@ -1,113 +0,0 @@ -// Go support for Protocol Buffers - Google's data interchange format -// -// Copyright 2016 The Go Authors. All rights reserved. -// https://github.com/golang/protobuf -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are -// met: -// -// * Redistributions of source code must retain the above copyright -// notice, this list of conditions and the following disclaimer. -// * Redistributions in binary form must reproduce the above -// copyright notice, this list of conditions and the following disclaimer -// in the documentation and/or other materials provided with the -// distribution. -// * Neither the name of Google Inc. nor the names of its -// contributors may be used to endorse or promote products derived from -// this software without specific prior written permission. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -package proto - -// This file implements operations on google.protobuf.Timestamp. - -import ( - "errors" - "fmt" - "time" -) - -const ( - // Seconds field of the earliest valid Timestamp. - // This is time.Date(1, 1, 1, 0, 0, 0, 0, time.UTC).Unix(). - minValidSeconds = -62135596800 - // Seconds field just after the latest valid Timestamp. - // This is time.Date(10000, 1, 1, 0, 0, 0, 0, time.UTC).Unix(). - maxValidSeconds = 253402300800 -) - -// validateTimestamp determines whether a Timestamp is valid. -// A valid timestamp represents a time in the range -// [0001-01-01, 10000-01-01) and has a Nanos field -// in the range [0, 1e9). -// -// If the Timestamp is valid, validateTimestamp returns nil. -// Otherwise, it returns an error that describes -// the problem. -// -// Every valid Timestamp can be represented by a time.Time, but the converse is not true. -func validateTimestamp(ts *timestamp) error { - if ts == nil { - return errors.New("timestamp: nil Timestamp") - } - if ts.Seconds < minValidSeconds { - return fmt.Errorf("timestamp: %#v before 0001-01-01", ts) - } - if ts.Seconds >= maxValidSeconds { - return fmt.Errorf("timestamp: %#v after 10000-01-01", ts) - } - if ts.Nanos < 0 || ts.Nanos >= 1e9 { - return fmt.Errorf("timestamp: %#v: nanos not in range [0, 1e9)", ts) - } - return nil -} - -// TimestampFromProto converts a google.protobuf.Timestamp proto to a time.Time. -// It returns an error if the argument is invalid. -// -// Unlike most Go functions, if Timestamp returns an error, the first return value -// is not the zero time.Time. Instead, it is the value obtained from the -// time.Unix function when passed the contents of the Timestamp, in the UTC -// locale. This may or may not be a meaningful time; many invalid Timestamps -// do map to valid time.Times. -// -// A nil Timestamp returns an error. The first return value in that case is -// undefined. -func timestampFromProto(ts *timestamp) (time.Time, error) { - // Don't return the zero value on error, because corresponds to a valid - // timestamp. Instead return whatever time.Unix gives us. - var t time.Time - if ts == nil { - t = time.Unix(0, 0).UTC() // treat nil like the empty Timestamp - } else { - t = time.Unix(ts.Seconds, int64(ts.Nanos)).UTC() - } - return t, validateTimestamp(ts) -} - -// TimestampProto converts the time.Time to a google.protobuf.Timestamp proto. -// It returns an error if the resulting Timestamp is invalid. -func timestampProto(t time.Time) (*timestamp, error) { - seconds := t.Unix() - nanos := int32(t.Sub(time.Unix(seconds, 0))) - ts := ×tamp{ - Seconds: seconds, - Nanos: nanos, - } - if err := validateTimestamp(ts); err != nil { - return nil, err - } - return ts, nil -} diff --git a/vendor/github.com/gogo/protobuf/proto/timestamp_gogo.go b/vendor/github.com/gogo/protobuf/proto/timestamp_gogo.go deleted file mode 100644 index 38439fa99..000000000 --- a/vendor/github.com/gogo/protobuf/proto/timestamp_gogo.go +++ /dev/null @@ -1,49 +0,0 @@ -// Protocol Buffers for Go with Gadgets -// -// Copyright (c) 2016, The GoGo Authors. All rights reserved. -// http://github.com/gogo/protobuf -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are -// met: -// -// * Redistributions of source code must retain the above copyright -// notice, this list of conditions and the following disclaimer. -// * Redistributions in binary form must reproduce the above -// copyright notice, this list of conditions and the following disclaimer -// in the documentation and/or other materials provided with the -// distribution. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -package proto - -import ( - "reflect" - "time" -) - -var timeType = reflect.TypeOf((*time.Time)(nil)).Elem() - -type timestamp struct { - Seconds int64 `protobuf:"varint,1,opt,name=seconds,proto3" json:"seconds,omitempty"` - Nanos int32 `protobuf:"varint,2,opt,name=nanos,proto3" json:"nanos,omitempty"` -} - -func (m *timestamp) Reset() { *m = timestamp{} } -func (*timestamp) ProtoMessage() {} -func (*timestamp) String() string { return "timestamp" } - -func init() { - RegisterType((*timestamp)(nil), "gogo.protobuf.proto.timestamp") -} diff --git a/vendor/github.com/gogo/protobuf/proto/wrappers.go b/vendor/github.com/gogo/protobuf/proto/wrappers.go deleted file mode 100644 index b175d1b64..000000000 --- a/vendor/github.com/gogo/protobuf/proto/wrappers.go +++ /dev/null @@ -1,1888 +0,0 @@ -// Protocol Buffers for Go with Gadgets -// -// Copyright (c) 2018, The GoGo Authors. All rights reserved. -// http://github.com/gogo/protobuf -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are -// met: -// -// * Redistributions of source code must retain the above copyright -// notice, this list of conditions and the following disclaimer. -// * Redistributions in binary form must reproduce the above -// copyright notice, this list of conditions and the following disclaimer -// in the documentation and/or other materials provided with the -// distribution. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -package proto - -import ( - "io" - "reflect" -) - -func makeStdDoubleValueMarshaler(u *marshalInfo) (sizer, marshaler) { - return func(ptr pointer, tagsize int) int { - t := ptr.asPointerTo(u.typ).Interface().(*float64) - v := &float64Value{*t} - siz := Size(v) - return tagsize + SizeVarint(uint64(siz)) + siz - }, func(b []byte, ptr pointer, wiretag uint64, deterministic bool) ([]byte, error) { - t := ptr.asPointerTo(u.typ).Interface().(*float64) - v := &float64Value{*t} - buf, err := Marshal(v) - if err != nil { - return nil, err - } - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(len(buf))) - b = append(b, buf...) - return b, nil - } -} - -func makeStdDoubleValuePtrMarshaler(u *marshalInfo) (sizer, marshaler) { - return func(ptr pointer, tagsize int) int { - if ptr.isNil() { - return 0 - } - t := ptr.asPointerTo(reflect.PtrTo(u.typ)).Elem().Interface().(*float64) - v := &float64Value{*t} - siz := Size(v) - return tagsize + SizeVarint(uint64(siz)) + siz - }, func(b []byte, ptr pointer, wiretag uint64, deterministic bool) ([]byte, error) { - if ptr.isNil() { - return b, nil - } - t := ptr.asPointerTo(reflect.PtrTo(u.typ)).Elem().Interface().(*float64) - v := &float64Value{*t} - buf, err := Marshal(v) - if err != nil { - return nil, err - } - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(len(buf))) - b = append(b, buf...) - return b, nil - } -} - -func makeStdDoubleValueSliceMarshaler(u *marshalInfo) (sizer, marshaler) { - return func(ptr pointer, tagsize int) int { - s := ptr.getSlice(u.typ) - n := 0 - for i := 0; i < s.Len(); i++ { - elem := s.Index(i) - t := elem.Interface().(float64) - v := &float64Value{t} - siz := Size(v) - n += siz + SizeVarint(uint64(siz)) + tagsize - } - return n - }, - func(b []byte, ptr pointer, wiretag uint64, deterministic bool) ([]byte, error) { - s := ptr.getSlice(u.typ) - for i := 0; i < s.Len(); i++ { - elem := s.Index(i) - t := elem.Interface().(float64) - v := &float64Value{t} - siz := Size(v) - buf, err := Marshal(v) - if err != nil { - return nil, err - } - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(siz)) - b = append(b, buf...) - } - - return b, nil - } -} - -func makeStdDoubleValuePtrSliceMarshaler(u *marshalInfo) (sizer, marshaler) { - return func(ptr pointer, tagsize int) int { - s := ptr.getSlice(reflect.PtrTo(u.typ)) - n := 0 - for i := 0; i < s.Len(); i++ { - elem := s.Index(i) - t := elem.Interface().(*float64) - v := &float64Value{*t} - siz := Size(v) - n += siz + SizeVarint(uint64(siz)) + tagsize - } - return n - }, - func(b []byte, ptr pointer, wiretag uint64, deterministic bool) ([]byte, error) { - s := ptr.getSlice(reflect.PtrTo(u.typ)) - for i := 0; i < s.Len(); i++ { - elem := s.Index(i) - t := elem.Interface().(*float64) - v := &float64Value{*t} - siz := Size(v) - buf, err := Marshal(v) - if err != nil { - return nil, err - } - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(siz)) - b = append(b, buf...) - } - - return b, nil - } -} - -func makeStdDoubleValueUnmarshaler(sub *unmarshalInfo, name string) unmarshaler { - return func(b []byte, f pointer, w int) ([]byte, error) { - if w != WireBytes { - return nil, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - m := &float64Value{} - if err := Unmarshal(b[:x], m); err != nil { - return nil, err - } - s := f.asPointerTo(sub.typ).Elem() - s.Set(reflect.ValueOf(m.Value)) - return b[x:], nil - } -} - -func makeStdDoubleValuePtrUnmarshaler(sub *unmarshalInfo, name string) unmarshaler { - return func(b []byte, f pointer, w int) ([]byte, error) { - if w != WireBytes { - return nil, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - m := &float64Value{} - if err := Unmarshal(b[:x], m); err != nil { - return nil, err - } - s := f.asPointerTo(reflect.PtrTo(sub.typ)).Elem() - s.Set(reflect.ValueOf(&m.Value)) - return b[x:], nil - } -} - -func makeStdDoubleValuePtrSliceUnmarshaler(sub *unmarshalInfo, name string) unmarshaler { - return func(b []byte, f pointer, w int) ([]byte, error) { - if w != WireBytes { - return nil, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - m := &float64Value{} - if err := Unmarshal(b[:x], m); err != nil { - return nil, err - } - slice := f.getSlice(reflect.PtrTo(sub.typ)) - newSlice := reflect.Append(slice, reflect.ValueOf(&m.Value)) - slice.Set(newSlice) - return b[x:], nil - } -} - -func makeStdDoubleValueSliceUnmarshaler(sub *unmarshalInfo, name string) unmarshaler { - return func(b []byte, f pointer, w int) ([]byte, error) { - if w != WireBytes { - return nil, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - m := &float64Value{} - if err := Unmarshal(b[:x], m); err != nil { - return nil, err - } - slice := f.getSlice(sub.typ) - newSlice := reflect.Append(slice, reflect.ValueOf(m.Value)) - slice.Set(newSlice) - return b[x:], nil - } -} - -func makeStdFloatValueMarshaler(u *marshalInfo) (sizer, marshaler) { - return func(ptr pointer, tagsize int) int { - t := ptr.asPointerTo(u.typ).Interface().(*float32) - v := &float32Value{*t} - siz := Size(v) - return tagsize + SizeVarint(uint64(siz)) + siz - }, func(b []byte, ptr pointer, wiretag uint64, deterministic bool) ([]byte, error) { - t := ptr.asPointerTo(u.typ).Interface().(*float32) - v := &float32Value{*t} - buf, err := Marshal(v) - if err != nil { - return nil, err - } - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(len(buf))) - b = append(b, buf...) - return b, nil - } -} - -func makeStdFloatValuePtrMarshaler(u *marshalInfo) (sizer, marshaler) { - return func(ptr pointer, tagsize int) int { - if ptr.isNil() { - return 0 - } - t := ptr.asPointerTo(reflect.PtrTo(u.typ)).Elem().Interface().(*float32) - v := &float32Value{*t} - siz := Size(v) - return tagsize + SizeVarint(uint64(siz)) + siz - }, func(b []byte, ptr pointer, wiretag uint64, deterministic bool) ([]byte, error) { - if ptr.isNil() { - return b, nil - } - t := ptr.asPointerTo(reflect.PtrTo(u.typ)).Elem().Interface().(*float32) - v := &float32Value{*t} - buf, err := Marshal(v) - if err != nil { - return nil, err - } - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(len(buf))) - b = append(b, buf...) - return b, nil - } -} - -func makeStdFloatValueSliceMarshaler(u *marshalInfo) (sizer, marshaler) { - return func(ptr pointer, tagsize int) int { - s := ptr.getSlice(u.typ) - n := 0 - for i := 0; i < s.Len(); i++ { - elem := s.Index(i) - t := elem.Interface().(float32) - v := &float32Value{t} - siz := Size(v) - n += siz + SizeVarint(uint64(siz)) + tagsize - } - return n - }, - func(b []byte, ptr pointer, wiretag uint64, deterministic bool) ([]byte, error) { - s := ptr.getSlice(u.typ) - for i := 0; i < s.Len(); i++ { - elem := s.Index(i) - t := elem.Interface().(float32) - v := &float32Value{t} - siz := Size(v) - buf, err := Marshal(v) - if err != nil { - return nil, err - } - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(siz)) - b = append(b, buf...) - } - - return b, nil - } -} - -func makeStdFloatValuePtrSliceMarshaler(u *marshalInfo) (sizer, marshaler) { - return func(ptr pointer, tagsize int) int { - s := ptr.getSlice(reflect.PtrTo(u.typ)) - n := 0 - for i := 0; i < s.Len(); i++ { - elem := s.Index(i) - t := elem.Interface().(*float32) - v := &float32Value{*t} - siz := Size(v) - n += siz + SizeVarint(uint64(siz)) + tagsize - } - return n - }, - func(b []byte, ptr pointer, wiretag uint64, deterministic bool) ([]byte, error) { - s := ptr.getSlice(reflect.PtrTo(u.typ)) - for i := 0; i < s.Len(); i++ { - elem := s.Index(i) - t := elem.Interface().(*float32) - v := &float32Value{*t} - siz := Size(v) - buf, err := Marshal(v) - if err != nil { - return nil, err - } - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(siz)) - b = append(b, buf...) - } - - return b, nil - } -} - -func makeStdFloatValueUnmarshaler(sub *unmarshalInfo, name string) unmarshaler { - return func(b []byte, f pointer, w int) ([]byte, error) { - if w != WireBytes { - return nil, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - m := &float32Value{} - if err := Unmarshal(b[:x], m); err != nil { - return nil, err - } - s := f.asPointerTo(sub.typ).Elem() - s.Set(reflect.ValueOf(m.Value)) - return b[x:], nil - } -} - -func makeStdFloatValuePtrUnmarshaler(sub *unmarshalInfo, name string) unmarshaler { - return func(b []byte, f pointer, w int) ([]byte, error) { - if w != WireBytes { - return nil, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - m := &float32Value{} - if err := Unmarshal(b[:x], m); err != nil { - return nil, err - } - s := f.asPointerTo(reflect.PtrTo(sub.typ)).Elem() - s.Set(reflect.ValueOf(&m.Value)) - return b[x:], nil - } -} - -func makeStdFloatValuePtrSliceUnmarshaler(sub *unmarshalInfo, name string) unmarshaler { - return func(b []byte, f pointer, w int) ([]byte, error) { - if w != WireBytes { - return nil, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - m := &float32Value{} - if err := Unmarshal(b[:x], m); err != nil { - return nil, err - } - slice := f.getSlice(reflect.PtrTo(sub.typ)) - newSlice := reflect.Append(slice, reflect.ValueOf(&m.Value)) - slice.Set(newSlice) - return b[x:], nil - } -} - -func makeStdFloatValueSliceUnmarshaler(sub *unmarshalInfo, name string) unmarshaler { - return func(b []byte, f pointer, w int) ([]byte, error) { - if w != WireBytes { - return nil, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - m := &float32Value{} - if err := Unmarshal(b[:x], m); err != nil { - return nil, err - } - slice := f.getSlice(sub.typ) - newSlice := reflect.Append(slice, reflect.ValueOf(m.Value)) - slice.Set(newSlice) - return b[x:], nil - } -} - -func makeStdInt64ValueMarshaler(u *marshalInfo) (sizer, marshaler) { - return func(ptr pointer, tagsize int) int { - t := ptr.asPointerTo(u.typ).Interface().(*int64) - v := &int64Value{*t} - siz := Size(v) - return tagsize + SizeVarint(uint64(siz)) + siz - }, func(b []byte, ptr pointer, wiretag uint64, deterministic bool) ([]byte, error) { - t := ptr.asPointerTo(u.typ).Interface().(*int64) - v := &int64Value{*t} - buf, err := Marshal(v) - if err != nil { - return nil, err - } - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(len(buf))) - b = append(b, buf...) - return b, nil - } -} - -func makeStdInt64ValuePtrMarshaler(u *marshalInfo) (sizer, marshaler) { - return func(ptr pointer, tagsize int) int { - if ptr.isNil() { - return 0 - } - t := ptr.asPointerTo(reflect.PtrTo(u.typ)).Elem().Interface().(*int64) - v := &int64Value{*t} - siz := Size(v) - return tagsize + SizeVarint(uint64(siz)) + siz - }, func(b []byte, ptr pointer, wiretag uint64, deterministic bool) ([]byte, error) { - if ptr.isNil() { - return b, nil - } - t := ptr.asPointerTo(reflect.PtrTo(u.typ)).Elem().Interface().(*int64) - v := &int64Value{*t} - buf, err := Marshal(v) - if err != nil { - return nil, err - } - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(len(buf))) - b = append(b, buf...) - return b, nil - } -} - -func makeStdInt64ValueSliceMarshaler(u *marshalInfo) (sizer, marshaler) { - return func(ptr pointer, tagsize int) int { - s := ptr.getSlice(u.typ) - n := 0 - for i := 0; i < s.Len(); i++ { - elem := s.Index(i) - t := elem.Interface().(int64) - v := &int64Value{t} - siz := Size(v) - n += siz + SizeVarint(uint64(siz)) + tagsize - } - return n - }, - func(b []byte, ptr pointer, wiretag uint64, deterministic bool) ([]byte, error) { - s := ptr.getSlice(u.typ) - for i := 0; i < s.Len(); i++ { - elem := s.Index(i) - t := elem.Interface().(int64) - v := &int64Value{t} - siz := Size(v) - buf, err := Marshal(v) - if err != nil { - return nil, err - } - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(siz)) - b = append(b, buf...) - } - - return b, nil - } -} - -func makeStdInt64ValuePtrSliceMarshaler(u *marshalInfo) (sizer, marshaler) { - return func(ptr pointer, tagsize int) int { - s := ptr.getSlice(reflect.PtrTo(u.typ)) - n := 0 - for i := 0; i < s.Len(); i++ { - elem := s.Index(i) - t := elem.Interface().(*int64) - v := &int64Value{*t} - siz := Size(v) - n += siz + SizeVarint(uint64(siz)) + tagsize - } - return n - }, - func(b []byte, ptr pointer, wiretag uint64, deterministic bool) ([]byte, error) { - s := ptr.getSlice(reflect.PtrTo(u.typ)) - for i := 0; i < s.Len(); i++ { - elem := s.Index(i) - t := elem.Interface().(*int64) - v := &int64Value{*t} - siz := Size(v) - buf, err := Marshal(v) - if err != nil { - return nil, err - } - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(siz)) - b = append(b, buf...) - } - - return b, nil - } -} - -func makeStdInt64ValueUnmarshaler(sub *unmarshalInfo, name string) unmarshaler { - return func(b []byte, f pointer, w int) ([]byte, error) { - if w != WireBytes { - return nil, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - m := &int64Value{} - if err := Unmarshal(b[:x], m); err != nil { - return nil, err - } - s := f.asPointerTo(sub.typ).Elem() - s.Set(reflect.ValueOf(m.Value)) - return b[x:], nil - } -} - -func makeStdInt64ValuePtrUnmarshaler(sub *unmarshalInfo, name string) unmarshaler { - return func(b []byte, f pointer, w int) ([]byte, error) { - if w != WireBytes { - return nil, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - m := &int64Value{} - if err := Unmarshal(b[:x], m); err != nil { - return nil, err - } - s := f.asPointerTo(reflect.PtrTo(sub.typ)).Elem() - s.Set(reflect.ValueOf(&m.Value)) - return b[x:], nil - } -} - -func makeStdInt64ValuePtrSliceUnmarshaler(sub *unmarshalInfo, name string) unmarshaler { - return func(b []byte, f pointer, w int) ([]byte, error) { - if w != WireBytes { - return nil, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - m := &int64Value{} - if err := Unmarshal(b[:x], m); err != nil { - return nil, err - } - slice := f.getSlice(reflect.PtrTo(sub.typ)) - newSlice := reflect.Append(slice, reflect.ValueOf(&m.Value)) - slice.Set(newSlice) - return b[x:], nil - } -} - -func makeStdInt64ValueSliceUnmarshaler(sub *unmarshalInfo, name string) unmarshaler { - return func(b []byte, f pointer, w int) ([]byte, error) { - if w != WireBytes { - return nil, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - m := &int64Value{} - if err := Unmarshal(b[:x], m); err != nil { - return nil, err - } - slice := f.getSlice(sub.typ) - newSlice := reflect.Append(slice, reflect.ValueOf(m.Value)) - slice.Set(newSlice) - return b[x:], nil - } -} - -func makeStdUInt64ValueMarshaler(u *marshalInfo) (sizer, marshaler) { - return func(ptr pointer, tagsize int) int { - t := ptr.asPointerTo(u.typ).Interface().(*uint64) - v := &uint64Value{*t} - siz := Size(v) - return tagsize + SizeVarint(uint64(siz)) + siz - }, func(b []byte, ptr pointer, wiretag uint64, deterministic bool) ([]byte, error) { - t := ptr.asPointerTo(u.typ).Interface().(*uint64) - v := &uint64Value{*t} - buf, err := Marshal(v) - if err != nil { - return nil, err - } - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(len(buf))) - b = append(b, buf...) - return b, nil - } -} - -func makeStdUInt64ValuePtrMarshaler(u *marshalInfo) (sizer, marshaler) { - return func(ptr pointer, tagsize int) int { - if ptr.isNil() { - return 0 - } - t := ptr.asPointerTo(reflect.PtrTo(u.typ)).Elem().Interface().(*uint64) - v := &uint64Value{*t} - siz := Size(v) - return tagsize + SizeVarint(uint64(siz)) + siz - }, func(b []byte, ptr pointer, wiretag uint64, deterministic bool) ([]byte, error) { - if ptr.isNil() { - return b, nil - } - t := ptr.asPointerTo(reflect.PtrTo(u.typ)).Elem().Interface().(*uint64) - v := &uint64Value{*t} - buf, err := Marshal(v) - if err != nil { - return nil, err - } - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(len(buf))) - b = append(b, buf...) - return b, nil - } -} - -func makeStdUInt64ValueSliceMarshaler(u *marshalInfo) (sizer, marshaler) { - return func(ptr pointer, tagsize int) int { - s := ptr.getSlice(u.typ) - n := 0 - for i := 0; i < s.Len(); i++ { - elem := s.Index(i) - t := elem.Interface().(uint64) - v := &uint64Value{t} - siz := Size(v) - n += siz + SizeVarint(uint64(siz)) + tagsize - } - return n - }, - func(b []byte, ptr pointer, wiretag uint64, deterministic bool) ([]byte, error) { - s := ptr.getSlice(u.typ) - for i := 0; i < s.Len(); i++ { - elem := s.Index(i) - t := elem.Interface().(uint64) - v := &uint64Value{t} - siz := Size(v) - buf, err := Marshal(v) - if err != nil { - return nil, err - } - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(siz)) - b = append(b, buf...) - } - - return b, nil - } -} - -func makeStdUInt64ValuePtrSliceMarshaler(u *marshalInfo) (sizer, marshaler) { - return func(ptr pointer, tagsize int) int { - s := ptr.getSlice(reflect.PtrTo(u.typ)) - n := 0 - for i := 0; i < s.Len(); i++ { - elem := s.Index(i) - t := elem.Interface().(*uint64) - v := &uint64Value{*t} - siz := Size(v) - n += siz + SizeVarint(uint64(siz)) + tagsize - } - return n - }, - func(b []byte, ptr pointer, wiretag uint64, deterministic bool) ([]byte, error) { - s := ptr.getSlice(reflect.PtrTo(u.typ)) - for i := 0; i < s.Len(); i++ { - elem := s.Index(i) - t := elem.Interface().(*uint64) - v := &uint64Value{*t} - siz := Size(v) - buf, err := Marshal(v) - if err != nil { - return nil, err - } - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(siz)) - b = append(b, buf...) - } - - return b, nil - } -} - -func makeStdUInt64ValueUnmarshaler(sub *unmarshalInfo, name string) unmarshaler { - return func(b []byte, f pointer, w int) ([]byte, error) { - if w != WireBytes { - return nil, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - m := &uint64Value{} - if err := Unmarshal(b[:x], m); err != nil { - return nil, err - } - s := f.asPointerTo(sub.typ).Elem() - s.Set(reflect.ValueOf(m.Value)) - return b[x:], nil - } -} - -func makeStdUInt64ValuePtrUnmarshaler(sub *unmarshalInfo, name string) unmarshaler { - return func(b []byte, f pointer, w int) ([]byte, error) { - if w != WireBytes { - return nil, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - m := &uint64Value{} - if err := Unmarshal(b[:x], m); err != nil { - return nil, err - } - s := f.asPointerTo(reflect.PtrTo(sub.typ)).Elem() - s.Set(reflect.ValueOf(&m.Value)) - return b[x:], nil - } -} - -func makeStdUInt64ValuePtrSliceUnmarshaler(sub *unmarshalInfo, name string) unmarshaler { - return func(b []byte, f pointer, w int) ([]byte, error) { - if w != WireBytes { - return nil, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - m := &uint64Value{} - if err := Unmarshal(b[:x], m); err != nil { - return nil, err - } - slice := f.getSlice(reflect.PtrTo(sub.typ)) - newSlice := reflect.Append(slice, reflect.ValueOf(&m.Value)) - slice.Set(newSlice) - return b[x:], nil - } -} - -func makeStdUInt64ValueSliceUnmarshaler(sub *unmarshalInfo, name string) unmarshaler { - return func(b []byte, f pointer, w int) ([]byte, error) { - if w != WireBytes { - return nil, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - m := &uint64Value{} - if err := Unmarshal(b[:x], m); err != nil { - return nil, err - } - slice := f.getSlice(sub.typ) - newSlice := reflect.Append(slice, reflect.ValueOf(m.Value)) - slice.Set(newSlice) - return b[x:], nil - } -} - -func makeStdInt32ValueMarshaler(u *marshalInfo) (sizer, marshaler) { - return func(ptr pointer, tagsize int) int { - t := ptr.asPointerTo(u.typ).Interface().(*int32) - v := &int32Value{*t} - siz := Size(v) - return tagsize + SizeVarint(uint64(siz)) + siz - }, func(b []byte, ptr pointer, wiretag uint64, deterministic bool) ([]byte, error) { - t := ptr.asPointerTo(u.typ).Interface().(*int32) - v := &int32Value{*t} - buf, err := Marshal(v) - if err != nil { - return nil, err - } - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(len(buf))) - b = append(b, buf...) - return b, nil - } -} - -func makeStdInt32ValuePtrMarshaler(u *marshalInfo) (sizer, marshaler) { - return func(ptr pointer, tagsize int) int { - if ptr.isNil() { - return 0 - } - t := ptr.asPointerTo(reflect.PtrTo(u.typ)).Elem().Interface().(*int32) - v := &int32Value{*t} - siz := Size(v) - return tagsize + SizeVarint(uint64(siz)) + siz - }, func(b []byte, ptr pointer, wiretag uint64, deterministic bool) ([]byte, error) { - if ptr.isNil() { - return b, nil - } - t := ptr.asPointerTo(reflect.PtrTo(u.typ)).Elem().Interface().(*int32) - v := &int32Value{*t} - buf, err := Marshal(v) - if err != nil { - return nil, err - } - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(len(buf))) - b = append(b, buf...) - return b, nil - } -} - -func makeStdInt32ValueSliceMarshaler(u *marshalInfo) (sizer, marshaler) { - return func(ptr pointer, tagsize int) int { - s := ptr.getSlice(u.typ) - n := 0 - for i := 0; i < s.Len(); i++ { - elem := s.Index(i) - t := elem.Interface().(int32) - v := &int32Value{t} - siz := Size(v) - n += siz + SizeVarint(uint64(siz)) + tagsize - } - return n - }, - func(b []byte, ptr pointer, wiretag uint64, deterministic bool) ([]byte, error) { - s := ptr.getSlice(u.typ) - for i := 0; i < s.Len(); i++ { - elem := s.Index(i) - t := elem.Interface().(int32) - v := &int32Value{t} - siz := Size(v) - buf, err := Marshal(v) - if err != nil { - return nil, err - } - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(siz)) - b = append(b, buf...) - } - - return b, nil - } -} - -func makeStdInt32ValuePtrSliceMarshaler(u *marshalInfo) (sizer, marshaler) { - return func(ptr pointer, tagsize int) int { - s := ptr.getSlice(reflect.PtrTo(u.typ)) - n := 0 - for i := 0; i < s.Len(); i++ { - elem := s.Index(i) - t := elem.Interface().(*int32) - v := &int32Value{*t} - siz := Size(v) - n += siz + SizeVarint(uint64(siz)) + tagsize - } - return n - }, - func(b []byte, ptr pointer, wiretag uint64, deterministic bool) ([]byte, error) { - s := ptr.getSlice(reflect.PtrTo(u.typ)) - for i := 0; i < s.Len(); i++ { - elem := s.Index(i) - t := elem.Interface().(*int32) - v := &int32Value{*t} - siz := Size(v) - buf, err := Marshal(v) - if err != nil { - return nil, err - } - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(siz)) - b = append(b, buf...) - } - - return b, nil - } -} - -func makeStdInt32ValueUnmarshaler(sub *unmarshalInfo, name string) unmarshaler { - return func(b []byte, f pointer, w int) ([]byte, error) { - if w != WireBytes { - return nil, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - m := &int32Value{} - if err := Unmarshal(b[:x], m); err != nil { - return nil, err - } - s := f.asPointerTo(sub.typ).Elem() - s.Set(reflect.ValueOf(m.Value)) - return b[x:], nil - } -} - -func makeStdInt32ValuePtrUnmarshaler(sub *unmarshalInfo, name string) unmarshaler { - return func(b []byte, f pointer, w int) ([]byte, error) { - if w != WireBytes { - return nil, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - m := &int32Value{} - if err := Unmarshal(b[:x], m); err != nil { - return nil, err - } - s := f.asPointerTo(reflect.PtrTo(sub.typ)).Elem() - s.Set(reflect.ValueOf(&m.Value)) - return b[x:], nil - } -} - -func makeStdInt32ValuePtrSliceUnmarshaler(sub *unmarshalInfo, name string) unmarshaler { - return func(b []byte, f pointer, w int) ([]byte, error) { - if w != WireBytes { - return nil, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - m := &int32Value{} - if err := Unmarshal(b[:x], m); err != nil { - return nil, err - } - slice := f.getSlice(reflect.PtrTo(sub.typ)) - newSlice := reflect.Append(slice, reflect.ValueOf(&m.Value)) - slice.Set(newSlice) - return b[x:], nil - } -} - -func makeStdInt32ValueSliceUnmarshaler(sub *unmarshalInfo, name string) unmarshaler { - return func(b []byte, f pointer, w int) ([]byte, error) { - if w != WireBytes { - return nil, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - m := &int32Value{} - if err := Unmarshal(b[:x], m); err != nil { - return nil, err - } - slice := f.getSlice(sub.typ) - newSlice := reflect.Append(slice, reflect.ValueOf(m.Value)) - slice.Set(newSlice) - return b[x:], nil - } -} - -func makeStdUInt32ValueMarshaler(u *marshalInfo) (sizer, marshaler) { - return func(ptr pointer, tagsize int) int { - t := ptr.asPointerTo(u.typ).Interface().(*uint32) - v := &uint32Value{*t} - siz := Size(v) - return tagsize + SizeVarint(uint64(siz)) + siz - }, func(b []byte, ptr pointer, wiretag uint64, deterministic bool) ([]byte, error) { - t := ptr.asPointerTo(u.typ).Interface().(*uint32) - v := &uint32Value{*t} - buf, err := Marshal(v) - if err != nil { - return nil, err - } - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(len(buf))) - b = append(b, buf...) - return b, nil - } -} - -func makeStdUInt32ValuePtrMarshaler(u *marshalInfo) (sizer, marshaler) { - return func(ptr pointer, tagsize int) int { - if ptr.isNil() { - return 0 - } - t := ptr.asPointerTo(reflect.PtrTo(u.typ)).Elem().Interface().(*uint32) - v := &uint32Value{*t} - siz := Size(v) - return tagsize + SizeVarint(uint64(siz)) + siz - }, func(b []byte, ptr pointer, wiretag uint64, deterministic bool) ([]byte, error) { - if ptr.isNil() { - return b, nil - } - t := ptr.asPointerTo(reflect.PtrTo(u.typ)).Elem().Interface().(*uint32) - v := &uint32Value{*t} - buf, err := Marshal(v) - if err != nil { - return nil, err - } - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(len(buf))) - b = append(b, buf...) - return b, nil - } -} - -func makeStdUInt32ValueSliceMarshaler(u *marshalInfo) (sizer, marshaler) { - return func(ptr pointer, tagsize int) int { - s := ptr.getSlice(u.typ) - n := 0 - for i := 0; i < s.Len(); i++ { - elem := s.Index(i) - t := elem.Interface().(uint32) - v := &uint32Value{t} - siz := Size(v) - n += siz + SizeVarint(uint64(siz)) + tagsize - } - return n - }, - func(b []byte, ptr pointer, wiretag uint64, deterministic bool) ([]byte, error) { - s := ptr.getSlice(u.typ) - for i := 0; i < s.Len(); i++ { - elem := s.Index(i) - t := elem.Interface().(uint32) - v := &uint32Value{t} - siz := Size(v) - buf, err := Marshal(v) - if err != nil { - return nil, err - } - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(siz)) - b = append(b, buf...) - } - - return b, nil - } -} - -func makeStdUInt32ValuePtrSliceMarshaler(u *marshalInfo) (sizer, marshaler) { - return func(ptr pointer, tagsize int) int { - s := ptr.getSlice(reflect.PtrTo(u.typ)) - n := 0 - for i := 0; i < s.Len(); i++ { - elem := s.Index(i) - t := elem.Interface().(*uint32) - v := &uint32Value{*t} - siz := Size(v) - n += siz + SizeVarint(uint64(siz)) + tagsize - } - return n - }, - func(b []byte, ptr pointer, wiretag uint64, deterministic bool) ([]byte, error) { - s := ptr.getSlice(reflect.PtrTo(u.typ)) - for i := 0; i < s.Len(); i++ { - elem := s.Index(i) - t := elem.Interface().(*uint32) - v := &uint32Value{*t} - siz := Size(v) - buf, err := Marshal(v) - if err != nil { - return nil, err - } - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(siz)) - b = append(b, buf...) - } - - return b, nil - } -} - -func makeStdUInt32ValueUnmarshaler(sub *unmarshalInfo, name string) unmarshaler { - return func(b []byte, f pointer, w int) ([]byte, error) { - if w != WireBytes { - return nil, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - m := &uint32Value{} - if err := Unmarshal(b[:x], m); err != nil { - return nil, err - } - s := f.asPointerTo(sub.typ).Elem() - s.Set(reflect.ValueOf(m.Value)) - return b[x:], nil - } -} - -func makeStdUInt32ValuePtrUnmarshaler(sub *unmarshalInfo, name string) unmarshaler { - return func(b []byte, f pointer, w int) ([]byte, error) { - if w != WireBytes { - return nil, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - m := &uint32Value{} - if err := Unmarshal(b[:x], m); err != nil { - return nil, err - } - s := f.asPointerTo(reflect.PtrTo(sub.typ)).Elem() - s.Set(reflect.ValueOf(&m.Value)) - return b[x:], nil - } -} - -func makeStdUInt32ValuePtrSliceUnmarshaler(sub *unmarshalInfo, name string) unmarshaler { - return func(b []byte, f pointer, w int) ([]byte, error) { - if w != WireBytes { - return nil, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - m := &uint32Value{} - if err := Unmarshal(b[:x], m); err != nil { - return nil, err - } - slice := f.getSlice(reflect.PtrTo(sub.typ)) - newSlice := reflect.Append(slice, reflect.ValueOf(&m.Value)) - slice.Set(newSlice) - return b[x:], nil - } -} - -func makeStdUInt32ValueSliceUnmarshaler(sub *unmarshalInfo, name string) unmarshaler { - return func(b []byte, f pointer, w int) ([]byte, error) { - if w != WireBytes { - return nil, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - m := &uint32Value{} - if err := Unmarshal(b[:x], m); err != nil { - return nil, err - } - slice := f.getSlice(sub.typ) - newSlice := reflect.Append(slice, reflect.ValueOf(m.Value)) - slice.Set(newSlice) - return b[x:], nil - } -} - -func makeStdBoolValueMarshaler(u *marshalInfo) (sizer, marshaler) { - return func(ptr pointer, tagsize int) int { - t := ptr.asPointerTo(u.typ).Interface().(*bool) - v := &boolValue{*t} - siz := Size(v) - return tagsize + SizeVarint(uint64(siz)) + siz - }, func(b []byte, ptr pointer, wiretag uint64, deterministic bool) ([]byte, error) { - t := ptr.asPointerTo(u.typ).Interface().(*bool) - v := &boolValue{*t} - buf, err := Marshal(v) - if err != nil { - return nil, err - } - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(len(buf))) - b = append(b, buf...) - return b, nil - } -} - -func makeStdBoolValuePtrMarshaler(u *marshalInfo) (sizer, marshaler) { - return func(ptr pointer, tagsize int) int { - if ptr.isNil() { - return 0 - } - t := ptr.asPointerTo(reflect.PtrTo(u.typ)).Elem().Interface().(*bool) - v := &boolValue{*t} - siz := Size(v) - return tagsize + SizeVarint(uint64(siz)) + siz - }, func(b []byte, ptr pointer, wiretag uint64, deterministic bool) ([]byte, error) { - if ptr.isNil() { - return b, nil - } - t := ptr.asPointerTo(reflect.PtrTo(u.typ)).Elem().Interface().(*bool) - v := &boolValue{*t} - buf, err := Marshal(v) - if err != nil { - return nil, err - } - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(len(buf))) - b = append(b, buf...) - return b, nil - } -} - -func makeStdBoolValueSliceMarshaler(u *marshalInfo) (sizer, marshaler) { - return func(ptr pointer, tagsize int) int { - s := ptr.getSlice(u.typ) - n := 0 - for i := 0; i < s.Len(); i++ { - elem := s.Index(i) - t := elem.Interface().(bool) - v := &boolValue{t} - siz := Size(v) - n += siz + SizeVarint(uint64(siz)) + tagsize - } - return n - }, - func(b []byte, ptr pointer, wiretag uint64, deterministic bool) ([]byte, error) { - s := ptr.getSlice(u.typ) - for i := 0; i < s.Len(); i++ { - elem := s.Index(i) - t := elem.Interface().(bool) - v := &boolValue{t} - siz := Size(v) - buf, err := Marshal(v) - if err != nil { - return nil, err - } - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(siz)) - b = append(b, buf...) - } - - return b, nil - } -} - -func makeStdBoolValuePtrSliceMarshaler(u *marshalInfo) (sizer, marshaler) { - return func(ptr pointer, tagsize int) int { - s := ptr.getSlice(reflect.PtrTo(u.typ)) - n := 0 - for i := 0; i < s.Len(); i++ { - elem := s.Index(i) - t := elem.Interface().(*bool) - v := &boolValue{*t} - siz := Size(v) - n += siz + SizeVarint(uint64(siz)) + tagsize - } - return n - }, - func(b []byte, ptr pointer, wiretag uint64, deterministic bool) ([]byte, error) { - s := ptr.getSlice(reflect.PtrTo(u.typ)) - for i := 0; i < s.Len(); i++ { - elem := s.Index(i) - t := elem.Interface().(*bool) - v := &boolValue{*t} - siz := Size(v) - buf, err := Marshal(v) - if err != nil { - return nil, err - } - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(siz)) - b = append(b, buf...) - } - - return b, nil - } -} - -func makeStdBoolValueUnmarshaler(sub *unmarshalInfo, name string) unmarshaler { - return func(b []byte, f pointer, w int) ([]byte, error) { - if w != WireBytes { - return nil, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - m := &boolValue{} - if err := Unmarshal(b[:x], m); err != nil { - return nil, err - } - s := f.asPointerTo(sub.typ).Elem() - s.Set(reflect.ValueOf(m.Value)) - return b[x:], nil - } -} - -func makeStdBoolValuePtrUnmarshaler(sub *unmarshalInfo, name string) unmarshaler { - return func(b []byte, f pointer, w int) ([]byte, error) { - if w != WireBytes { - return nil, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - m := &boolValue{} - if err := Unmarshal(b[:x], m); err != nil { - return nil, err - } - s := f.asPointerTo(reflect.PtrTo(sub.typ)).Elem() - s.Set(reflect.ValueOf(&m.Value)) - return b[x:], nil - } -} - -func makeStdBoolValuePtrSliceUnmarshaler(sub *unmarshalInfo, name string) unmarshaler { - return func(b []byte, f pointer, w int) ([]byte, error) { - if w != WireBytes { - return nil, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - m := &boolValue{} - if err := Unmarshal(b[:x], m); err != nil { - return nil, err - } - slice := f.getSlice(reflect.PtrTo(sub.typ)) - newSlice := reflect.Append(slice, reflect.ValueOf(&m.Value)) - slice.Set(newSlice) - return b[x:], nil - } -} - -func makeStdBoolValueSliceUnmarshaler(sub *unmarshalInfo, name string) unmarshaler { - return func(b []byte, f pointer, w int) ([]byte, error) { - if w != WireBytes { - return nil, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - m := &boolValue{} - if err := Unmarshal(b[:x], m); err != nil { - return nil, err - } - slice := f.getSlice(sub.typ) - newSlice := reflect.Append(slice, reflect.ValueOf(m.Value)) - slice.Set(newSlice) - return b[x:], nil - } -} - -func makeStdStringValueMarshaler(u *marshalInfo) (sizer, marshaler) { - return func(ptr pointer, tagsize int) int { - t := ptr.asPointerTo(u.typ).Interface().(*string) - v := &stringValue{*t} - siz := Size(v) - return tagsize + SizeVarint(uint64(siz)) + siz - }, func(b []byte, ptr pointer, wiretag uint64, deterministic bool) ([]byte, error) { - t := ptr.asPointerTo(u.typ).Interface().(*string) - v := &stringValue{*t} - buf, err := Marshal(v) - if err != nil { - return nil, err - } - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(len(buf))) - b = append(b, buf...) - return b, nil - } -} - -func makeStdStringValuePtrMarshaler(u *marshalInfo) (sizer, marshaler) { - return func(ptr pointer, tagsize int) int { - if ptr.isNil() { - return 0 - } - t := ptr.asPointerTo(reflect.PtrTo(u.typ)).Elem().Interface().(*string) - v := &stringValue{*t} - siz := Size(v) - return tagsize + SizeVarint(uint64(siz)) + siz - }, func(b []byte, ptr pointer, wiretag uint64, deterministic bool) ([]byte, error) { - if ptr.isNil() { - return b, nil - } - t := ptr.asPointerTo(reflect.PtrTo(u.typ)).Elem().Interface().(*string) - v := &stringValue{*t} - buf, err := Marshal(v) - if err != nil { - return nil, err - } - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(len(buf))) - b = append(b, buf...) - return b, nil - } -} - -func makeStdStringValueSliceMarshaler(u *marshalInfo) (sizer, marshaler) { - return func(ptr pointer, tagsize int) int { - s := ptr.getSlice(u.typ) - n := 0 - for i := 0; i < s.Len(); i++ { - elem := s.Index(i) - t := elem.Interface().(string) - v := &stringValue{t} - siz := Size(v) - n += siz + SizeVarint(uint64(siz)) + tagsize - } - return n - }, - func(b []byte, ptr pointer, wiretag uint64, deterministic bool) ([]byte, error) { - s := ptr.getSlice(u.typ) - for i := 0; i < s.Len(); i++ { - elem := s.Index(i) - t := elem.Interface().(string) - v := &stringValue{t} - siz := Size(v) - buf, err := Marshal(v) - if err != nil { - return nil, err - } - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(siz)) - b = append(b, buf...) - } - - return b, nil - } -} - -func makeStdStringValuePtrSliceMarshaler(u *marshalInfo) (sizer, marshaler) { - return func(ptr pointer, tagsize int) int { - s := ptr.getSlice(reflect.PtrTo(u.typ)) - n := 0 - for i := 0; i < s.Len(); i++ { - elem := s.Index(i) - t := elem.Interface().(*string) - v := &stringValue{*t} - siz := Size(v) - n += siz + SizeVarint(uint64(siz)) + tagsize - } - return n - }, - func(b []byte, ptr pointer, wiretag uint64, deterministic bool) ([]byte, error) { - s := ptr.getSlice(reflect.PtrTo(u.typ)) - for i := 0; i < s.Len(); i++ { - elem := s.Index(i) - t := elem.Interface().(*string) - v := &stringValue{*t} - siz := Size(v) - buf, err := Marshal(v) - if err != nil { - return nil, err - } - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(siz)) - b = append(b, buf...) - } - - return b, nil - } -} - -func makeStdStringValueUnmarshaler(sub *unmarshalInfo, name string) unmarshaler { - return func(b []byte, f pointer, w int) ([]byte, error) { - if w != WireBytes { - return nil, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - m := &stringValue{} - if err := Unmarshal(b[:x], m); err != nil { - return nil, err - } - s := f.asPointerTo(sub.typ).Elem() - s.Set(reflect.ValueOf(m.Value)) - return b[x:], nil - } -} - -func makeStdStringValuePtrUnmarshaler(sub *unmarshalInfo, name string) unmarshaler { - return func(b []byte, f pointer, w int) ([]byte, error) { - if w != WireBytes { - return nil, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - m := &stringValue{} - if err := Unmarshal(b[:x], m); err != nil { - return nil, err - } - s := f.asPointerTo(reflect.PtrTo(sub.typ)).Elem() - s.Set(reflect.ValueOf(&m.Value)) - return b[x:], nil - } -} - -func makeStdStringValuePtrSliceUnmarshaler(sub *unmarshalInfo, name string) unmarshaler { - return func(b []byte, f pointer, w int) ([]byte, error) { - if w != WireBytes { - return nil, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - m := &stringValue{} - if err := Unmarshal(b[:x], m); err != nil { - return nil, err - } - slice := f.getSlice(reflect.PtrTo(sub.typ)) - newSlice := reflect.Append(slice, reflect.ValueOf(&m.Value)) - slice.Set(newSlice) - return b[x:], nil - } -} - -func makeStdStringValueSliceUnmarshaler(sub *unmarshalInfo, name string) unmarshaler { - return func(b []byte, f pointer, w int) ([]byte, error) { - if w != WireBytes { - return nil, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - m := &stringValue{} - if err := Unmarshal(b[:x], m); err != nil { - return nil, err - } - slice := f.getSlice(sub.typ) - newSlice := reflect.Append(slice, reflect.ValueOf(m.Value)) - slice.Set(newSlice) - return b[x:], nil - } -} - -func makeStdBytesValueMarshaler(u *marshalInfo) (sizer, marshaler) { - return func(ptr pointer, tagsize int) int { - t := ptr.asPointerTo(u.typ).Interface().(*[]byte) - v := &bytesValue{*t} - siz := Size(v) - return tagsize + SizeVarint(uint64(siz)) + siz - }, func(b []byte, ptr pointer, wiretag uint64, deterministic bool) ([]byte, error) { - t := ptr.asPointerTo(u.typ).Interface().(*[]byte) - v := &bytesValue{*t} - buf, err := Marshal(v) - if err != nil { - return nil, err - } - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(len(buf))) - b = append(b, buf...) - return b, nil - } -} - -func makeStdBytesValuePtrMarshaler(u *marshalInfo) (sizer, marshaler) { - return func(ptr pointer, tagsize int) int { - if ptr.isNil() { - return 0 - } - t := ptr.asPointerTo(reflect.PtrTo(u.typ)).Elem().Interface().(*[]byte) - v := &bytesValue{*t} - siz := Size(v) - return tagsize + SizeVarint(uint64(siz)) + siz - }, func(b []byte, ptr pointer, wiretag uint64, deterministic bool) ([]byte, error) { - if ptr.isNil() { - return b, nil - } - t := ptr.asPointerTo(reflect.PtrTo(u.typ)).Elem().Interface().(*[]byte) - v := &bytesValue{*t} - buf, err := Marshal(v) - if err != nil { - return nil, err - } - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(len(buf))) - b = append(b, buf...) - return b, nil - } -} - -func makeStdBytesValueSliceMarshaler(u *marshalInfo) (sizer, marshaler) { - return func(ptr pointer, tagsize int) int { - s := ptr.getSlice(u.typ) - n := 0 - for i := 0; i < s.Len(); i++ { - elem := s.Index(i) - t := elem.Interface().([]byte) - v := &bytesValue{t} - siz := Size(v) - n += siz + SizeVarint(uint64(siz)) + tagsize - } - return n - }, - func(b []byte, ptr pointer, wiretag uint64, deterministic bool) ([]byte, error) { - s := ptr.getSlice(u.typ) - for i := 0; i < s.Len(); i++ { - elem := s.Index(i) - t := elem.Interface().([]byte) - v := &bytesValue{t} - siz := Size(v) - buf, err := Marshal(v) - if err != nil { - return nil, err - } - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(siz)) - b = append(b, buf...) - } - - return b, nil - } -} - -func makeStdBytesValuePtrSliceMarshaler(u *marshalInfo) (sizer, marshaler) { - return func(ptr pointer, tagsize int) int { - s := ptr.getSlice(reflect.PtrTo(u.typ)) - n := 0 - for i := 0; i < s.Len(); i++ { - elem := s.Index(i) - t := elem.Interface().(*[]byte) - v := &bytesValue{*t} - siz := Size(v) - n += siz + SizeVarint(uint64(siz)) + tagsize - } - return n - }, - func(b []byte, ptr pointer, wiretag uint64, deterministic bool) ([]byte, error) { - s := ptr.getSlice(reflect.PtrTo(u.typ)) - for i := 0; i < s.Len(); i++ { - elem := s.Index(i) - t := elem.Interface().(*[]byte) - v := &bytesValue{*t} - siz := Size(v) - buf, err := Marshal(v) - if err != nil { - return nil, err - } - b = appendVarint(b, wiretag) - b = appendVarint(b, uint64(siz)) - b = append(b, buf...) - } - - return b, nil - } -} - -func makeStdBytesValueUnmarshaler(sub *unmarshalInfo, name string) unmarshaler { - return func(b []byte, f pointer, w int) ([]byte, error) { - if w != WireBytes { - return nil, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - m := &bytesValue{} - if err := Unmarshal(b[:x], m); err != nil { - return nil, err - } - s := f.asPointerTo(sub.typ).Elem() - s.Set(reflect.ValueOf(m.Value)) - return b[x:], nil - } -} - -func makeStdBytesValuePtrUnmarshaler(sub *unmarshalInfo, name string) unmarshaler { - return func(b []byte, f pointer, w int) ([]byte, error) { - if w != WireBytes { - return nil, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - m := &bytesValue{} - if err := Unmarshal(b[:x], m); err != nil { - return nil, err - } - s := f.asPointerTo(reflect.PtrTo(sub.typ)).Elem() - s.Set(reflect.ValueOf(&m.Value)) - return b[x:], nil - } -} - -func makeStdBytesValuePtrSliceUnmarshaler(sub *unmarshalInfo, name string) unmarshaler { - return func(b []byte, f pointer, w int) ([]byte, error) { - if w != WireBytes { - return nil, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - m := &bytesValue{} - if err := Unmarshal(b[:x], m); err != nil { - return nil, err - } - slice := f.getSlice(reflect.PtrTo(sub.typ)) - newSlice := reflect.Append(slice, reflect.ValueOf(&m.Value)) - slice.Set(newSlice) - return b[x:], nil - } -} - -func makeStdBytesValueSliceUnmarshaler(sub *unmarshalInfo, name string) unmarshaler { - return func(b []byte, f pointer, w int) ([]byte, error) { - if w != WireBytes { - return nil, errInternalBadWireType - } - x, n := decodeVarint(b) - if n == 0 { - return nil, io.ErrUnexpectedEOF - } - b = b[n:] - if x > uint64(len(b)) { - return nil, io.ErrUnexpectedEOF - } - m := &bytesValue{} - if err := Unmarshal(b[:x], m); err != nil { - return nil, err - } - slice := f.getSlice(sub.typ) - newSlice := reflect.Append(slice, reflect.ValueOf(m.Value)) - slice.Set(newSlice) - return b[x:], nil - } -} diff --git a/vendor/github.com/gogo/protobuf/proto/wrappers_gogo.go b/vendor/github.com/gogo/protobuf/proto/wrappers_gogo.go deleted file mode 100644 index c1cf7bf85..000000000 --- a/vendor/github.com/gogo/protobuf/proto/wrappers_gogo.go +++ /dev/null @@ -1,113 +0,0 @@ -// Protocol Buffers for Go with Gadgets -// -// Copyright (c) 2018, The GoGo Authors. All rights reserved. -// http://github.com/gogo/protobuf -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are -// met: -// -// * Redistributions of source code must retain the above copyright -// notice, this list of conditions and the following disclaimer. -// * Redistributions in binary form must reproduce the above -// copyright notice, this list of conditions and the following disclaimer -// in the documentation and/or other materials provided with the -// distribution. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -package proto - -type float64Value struct { - Value float64 `protobuf:"fixed64,1,opt,name=value,proto3" json:"value,omitempty"` -} - -func (m *float64Value) Reset() { *m = float64Value{} } -func (*float64Value) ProtoMessage() {} -func (*float64Value) String() string { return "float64" } - -type float32Value struct { - Value float32 `protobuf:"fixed32,1,opt,name=value,proto3" json:"value,omitempty"` -} - -func (m *float32Value) Reset() { *m = float32Value{} } -func (*float32Value) ProtoMessage() {} -func (*float32Value) String() string { return "float32" } - -type int64Value struct { - Value int64 `protobuf:"varint,1,opt,name=value,proto3" json:"value,omitempty"` -} - -func (m *int64Value) Reset() { *m = int64Value{} } -func (*int64Value) ProtoMessage() {} -func (*int64Value) String() string { return "int64" } - -type uint64Value struct { - Value uint64 `protobuf:"varint,1,opt,name=value,proto3" json:"value,omitempty"` -} - -func (m *uint64Value) Reset() { *m = uint64Value{} } -func (*uint64Value) ProtoMessage() {} -func (*uint64Value) String() string { return "uint64" } - -type int32Value struct { - Value int32 `protobuf:"varint,1,opt,name=value,proto3" json:"value,omitempty"` -} - -func (m *int32Value) Reset() { *m = int32Value{} } -func (*int32Value) ProtoMessage() {} -func (*int32Value) String() string { return "int32" } - -type uint32Value struct { - Value uint32 `protobuf:"varint,1,opt,name=value,proto3" json:"value,omitempty"` -} - -func (m *uint32Value) Reset() { *m = uint32Value{} } -func (*uint32Value) ProtoMessage() {} -func (*uint32Value) String() string { return "uint32" } - -type boolValue struct { - Value bool `protobuf:"varint,1,opt,name=value,proto3" json:"value,omitempty"` -} - -func (m *boolValue) Reset() { *m = boolValue{} } -func (*boolValue) ProtoMessage() {} -func (*boolValue) String() string { return "bool" } - -type stringValue struct { - Value string `protobuf:"bytes,1,opt,name=value,proto3" json:"value,omitempty"` -} - -func (m *stringValue) Reset() { *m = stringValue{} } -func (*stringValue) ProtoMessage() {} -func (*stringValue) String() string { return "string" } - -type bytesValue struct { - Value []byte `protobuf:"bytes,1,opt,name=value,proto3" json:"value,omitempty"` -} - -func (m *bytesValue) Reset() { *m = bytesValue{} } -func (*bytesValue) ProtoMessage() {} -func (*bytesValue) String() string { return "[]byte" } - -func init() { - RegisterType((*float64Value)(nil), "gogo.protobuf.proto.DoubleValue") - RegisterType((*float32Value)(nil), "gogo.protobuf.proto.FloatValue") - RegisterType((*int64Value)(nil), "gogo.protobuf.proto.Int64Value") - RegisterType((*uint64Value)(nil), "gogo.protobuf.proto.UInt64Value") - RegisterType((*int32Value)(nil), "gogo.protobuf.proto.Int32Value") - RegisterType((*uint32Value)(nil), "gogo.protobuf.proto.UInt32Value") - RegisterType((*boolValue)(nil), "gogo.protobuf.proto.BoolValue") - RegisterType((*stringValue)(nil), "gogo.protobuf.proto.StringValue") - RegisterType((*bytesValue)(nil), "gogo.protobuf.proto.BytesValue") -} diff --git a/vendor/github.com/gogo/protobuf/sortkeys/sortkeys.go b/vendor/github.com/gogo/protobuf/sortkeys/sortkeys.go deleted file mode 100644 index ceadde6a5..000000000 --- a/vendor/github.com/gogo/protobuf/sortkeys/sortkeys.go +++ /dev/null @@ -1,101 +0,0 @@ -// Protocol Buffers for Go with Gadgets -// -// Copyright (c) 2013, The GoGo Authors. All rights reserved. -// http://github.com/gogo/protobuf -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are -// met: -// -// * Redistributions of source code must retain the above copyright -// notice, this list of conditions and the following disclaimer. -// * Redistributions in binary form must reproduce the above -// copyright notice, this list of conditions and the following disclaimer -// in the documentation and/or other materials provided with the -// distribution. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -package sortkeys - -import ( - "sort" -) - -func Strings(l []string) { - sort.Strings(l) -} - -func Float64s(l []float64) { - sort.Float64s(l) -} - -func Float32s(l []float32) { - sort.Sort(Float32Slice(l)) -} - -func Int64s(l []int64) { - sort.Sort(Int64Slice(l)) -} - -func Int32s(l []int32) { - sort.Sort(Int32Slice(l)) -} - -func Uint64s(l []uint64) { - sort.Sort(Uint64Slice(l)) -} - -func Uint32s(l []uint32) { - sort.Sort(Uint32Slice(l)) -} - -func Bools(l []bool) { - sort.Sort(BoolSlice(l)) -} - -type BoolSlice []bool - -func (p BoolSlice) Len() int { return len(p) } -func (p BoolSlice) Less(i, j int) bool { return p[j] } -func (p BoolSlice) Swap(i, j int) { p[i], p[j] = p[j], p[i] } - -type Int64Slice []int64 - -func (p Int64Slice) Len() int { return len(p) } -func (p Int64Slice) Less(i, j int) bool { return p[i] < p[j] } -func (p Int64Slice) Swap(i, j int) { p[i], p[j] = p[j], p[i] } - -type Int32Slice []int32 - -func (p Int32Slice) Len() int { return len(p) } -func (p Int32Slice) Less(i, j int) bool { return p[i] < p[j] } -func (p Int32Slice) Swap(i, j int) { p[i], p[j] = p[j], p[i] } - -type Uint64Slice []uint64 - -func (p Uint64Slice) Len() int { return len(p) } -func (p Uint64Slice) Less(i, j int) bool { return p[i] < p[j] } -func (p Uint64Slice) Swap(i, j int) { p[i], p[j] = p[j], p[i] } - -type Uint32Slice []uint32 - -func (p Uint32Slice) Len() int { return len(p) } -func (p Uint32Slice) Less(i, j int) bool { return p[i] < p[j] } -func (p Uint32Slice) Swap(i, j int) { p[i], p[j] = p[j], p[i] } - -type Float32Slice []float32 - -func (p Float32Slice) Len() int { return len(p) } -func (p Float32Slice) Less(i, j int) bool { return p[i] < p[j] } -func (p Float32Slice) Swap(i, j int) { p[i], p[j] = p[j], p[i] } diff --git a/vendor/github.com/openshift/api/config/v1/types.go b/vendor/github.com/openshift/api/config/v1/types.go index 3e17ca0cc..e7106ef7a 100644 --- a/vendor/github.com/openshift/api/config/v1/types.go +++ b/vendor/github.com/openshift/api/config/v1/types.go @@ -284,7 +284,12 @@ type ClientConnectionOverrides struct { } // GenericControllerConfig provides information to configure a controller +// +// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). +// +openshift:compatibility-gen:level=1 type GenericControllerConfig struct { + metav1.TypeMeta `json:",inline"` + // servingInfo is the HTTP serving information for the controller's endpoints ServingInfo HTTPServingInfo `json:"servingInfo"` diff --git a/vendor/github.com/openshift/api/config/v1/types_apiserver.go b/vendor/github.com/openshift/api/config/v1/types_apiserver.go index 31d888185..7de714ebf 100644 --- a/vendor/github.com/openshift/api/config/v1/types_apiserver.go +++ b/vendor/github.com/openshift/api/config/v1/types_apiserver.go @@ -34,6 +34,7 @@ type APIServer struct { Status APIServerStatus `json:"status"` } +// +openshift:validation:FeatureGateAwareXValidation:featureGate=TLSAdherence,rule="has(oldSelf.tlsAdherence) ? has(self.tlsAdherence) : true",message="tlsAdherence may not be removed once set" type APIServerSpec struct { // servingCert is the TLS cert info for serving secure traffic. If not specified, operator managed certificates // will be used for serving secure traffic. @@ -62,6 +63,39 @@ type APIServerSpec struct { // The current default is the Intermediate profile. // +optional TLSSecurityProfile *TLSSecurityProfile `json:"tlsSecurityProfile,omitempty"` + // tlsAdherence controls if components in the cluster adhere to the TLS security profile + // configured on this APIServer resource. + // + // Valid values are "LegacyAdheringComponentsOnly" and "StrictAllComponents". + // + // When set to "LegacyAdheringComponentsOnly", components that already honor the + // cluster-wide TLS profile continue to do so. Components that do not already honor + // it continue to use their individual TLS configurations. + // + // When set to "StrictAllComponents", all components must honor the configured TLS + // profile unless they have a component-specific TLS configuration that overrides + // it. This mode is recommended for security-conscious deployments and is required + // for certain compliance frameworks. + // + // Note: Some components such as Kubelet and IngressController have their own + // dedicated TLS configuration mechanisms via KubeletConfig and IngressController + // CRs respectively. When these component-specific TLS configurations are set, + // they take precedence over the cluster-wide tlsSecurityProfile. When not set, + // these components fall back to the cluster-wide default. + // + // Components that encounter an unknown value for tlsAdherence should treat it + // as "StrictAllComponents" and log a warning to ensure forward compatibility + // while defaulting to the more secure behavior. + // + // This field is optional. + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // The current default is LegacyAdheringComponentsOnly. + // + // Once set, this field may be changed to a different value, but may not be removed. + // +openshift:enable:FeatureGate=TLSAdherence + // +optional + TLSAdherence TLSAdherencePolicy `json:"tlsAdherence,omitempty"` // audit specifies the settings for audit configuration to be applied to all OpenShift-provided // API servers in the cluster. // +optional @@ -175,7 +209,7 @@ type APIServerNamedServingCert struct { } // APIServerEncryption is used to encrypt sensitive resources on the cluster. -// +openshift:validation:FeatureGateAwareXValidation:featureGate=KMSEncryptionProvider,rule="has(self.type) && self.type == 'KMS' ? has(self.kms) : !has(self.kms)",message="kms config is required when encryption type is KMS, and forbidden otherwise" +// +openshift:validation:FeatureGateAwareXValidation:featureGate=KMSEncryption,rule="has(self.type) && self.type == 'KMS' ? has(self.kms) : !has(self.kms)",message="kms config is required when encryption type is KMS, and forbidden otherwise" // +union type APIServerEncryption struct { // type defines what encryption type should be used to encrypt resources at the datastore layer. @@ -204,14 +238,13 @@ type APIServerEncryption struct { // managing the lifecyle of the encryption keys outside of the control plane. // This allows integration with an external provider to manage the data encryption keys securely. // - // +openshift:enable:FeatureGate=KMSEncryptionProvider + // +openshift:enable:FeatureGate=KMSEncryption // +unionMember // +optional - KMS *KMSConfig `json:"kms,omitempty"` + KMS KMSPluginConfig `json:"kms,omitempty,omitzero"` } // +openshift:validation:FeatureGateAwareEnum:featureGate="",enum="";identity;aescbc;aesgcm -// +openshift:validation:FeatureGateAwareEnum:featureGate=KMSEncryptionProvider,enum="";identity;aescbc;aesgcm;KMS // +openshift:validation:FeatureGateAwareEnum:featureGate=KMSEncryption,enum="";identity;aescbc;aesgcm;KMS type EncryptionType string @@ -237,6 +270,35 @@ const ( type APIServerStatus struct { } +// TLSAdherencePolicy defines which components adhere to the TLS security profile. +// Implementors should use the ShouldHonorClusterTLSProfile helper function from library-go +// rather than checking these values directly. +// +kubebuilder:validation:Enum=LegacyAdheringComponentsOnly;StrictAllComponents +type TLSAdherencePolicy string + +const ( + // TLSAdherencePolicyNoOpinion represents an empty/unset value for tlsAdherence. + // This value cannot be explicitly set and is only present when the field is omitted. + // When the field is omitted, the cluster defaults to LegacyAdheringComponentsOnly + // behavior. Components should treat this the same as LegacyAdheringComponentsOnly. + TLSAdherencePolicyNoOpinion TLSAdherencePolicy = "" + + // TLSAdherencePolicyLegacyAdheringComponentsOnly maintains backward-compatible behavior. + // Components that already honor the cluster-wide TLS profile (such as kube-apiserver, + // openshift-apiserver, oauth-apiserver, and others) continue to do so. Components that do + // not already honor it continue to use their individual TLS configurations (e.g., + // IngressController.spec.tlsSecurityProfile, KubeletConfig.spec.tlsSecurityProfile, + // or component defaults). No additional components are required to start honoring the + // cluster-wide profile in this mode. + TLSAdherencePolicyLegacyAdheringComponentsOnly TLSAdherencePolicy = "LegacyAdheringComponentsOnly" + + // TLSAdherencePolicyStrictAllComponents means all components must honor the configured TLS + // profile unless they have a component-specific TLS configuration that overrides it. + // This mode is recommended for security-conscious deployments and is required + // for certain compliance frameworks. + TLSAdherencePolicyStrictAllComponents TLSAdherencePolicy = "StrictAllComponents" +) + // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object // Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). diff --git a/vendor/github.com/openshift/api/config/v1/types_authentication.go b/vendor/github.com/openshift/api/config/v1/types_authentication.go index e7433281f..348ee0401 100644 --- a/vendor/github.com/openshift/api/config/v1/types_authentication.go +++ b/vendor/github.com/openshift/api/config/v1/types_authentication.go @@ -5,7 +5,7 @@ import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" // +genclient // +genclient:nonNamespaced // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -// +openshift:validation:FeatureGateAwareXValidation:featureGate=ExternalOIDC;ExternalOIDCWithUIDAndExtraClaimMappings;ExternalOIDCWithUpstreamParity,rule="!has(self.spec.oidcProviders) || self.spec.oidcProviders.all(p, !has(p.oidcClients) || p.oidcClients.all(specC, self.status.oidcClients.exists(statusC, statusC.componentNamespace == specC.componentNamespace && statusC.componentName == specC.componentName) || (has(oldSelf.spec.oidcProviders) && oldSelf.spec.oidcProviders.exists(oldP, oldP.name == p.name && has(oldP.oidcClients) && oldP.oidcClients.exists(oldC, oldC.componentNamespace == specC.componentNamespace && oldC.componentName == specC.componentName)))))",message="all oidcClients in the oidcProviders must match their componentName and componentNamespace to either a previously configured oidcClient or they must exist in the status.oidcClients" +// +openshift:validation:FeatureGateAwareXValidation:featureGate=ExternalOIDC;ExternalOIDCWithUIDAndExtraClaimMappings;ExternalOIDCWithUpstreamParity;ExternalOIDCExternalClaimsSourcing,rule="!has(self.spec.oidcProviders) || self.spec.oidcProviders.all(p, !has(p.oidcClients) || p.oidcClients.all(specC, self.status.oidcClients.exists(statusC, statusC.componentNamespace == specC.componentNamespace && statusC.componentName == specC.componentName) || (has(oldSelf.spec.oidcProviders) && oldSelf.spec.oidcProviders.exists(oldP, oldP.name == p.name && has(oldP.oidcClients) && oldP.oidcClients.exists(oldC, oldC.componentNamespace == specC.componentNamespace && oldC.componentName == specC.componentName)))))",message="all oidcClients in the oidcProviders must match their componentName and componentNamespace to either a previously configured oidcClient or they must exist in the status.oidcClients" // Authentication specifies cluster-wide settings for authentication (like OAuth and // webhook token authenticators). The canonical name of an instance is `cluster`. @@ -91,6 +91,7 @@ type AuthenticationSpec struct { // +openshift:enable:FeatureGate=ExternalOIDC // +openshift:enable:FeatureGate=ExternalOIDCWithUIDAndExtraClaimMappings // +openshift:enable:FeatureGate=ExternalOIDCWithUpstreamParity + // +openshift:enable:FeatureGate=ExternalOIDCExternalClaimsSourcing // +optional OIDCProviders []OIDCProvider `json:"oidcProviders,omitempty"` } @@ -245,6 +246,36 @@ type OIDCProvider struct { // +optional // +openshift:enable:FeatureGate=ExternalOIDCWithUpstreamParity UserValidationRules []TokenUserValidationRule `json:"userValidationRules,omitempty"` + + // externalClaimsSources is an optional field that can be used to configure + // sources, external to the token provided in a request, in which claims + // should be fetched from and made available to the claim mapping process + // that is used to build the identity of a token holder. + // + // For example, fetching additional user metadata from an OIDC provider's UserInfo endpoint. + // + // When not specified, only claims present in the token itself will be available + // in the claim mapping process. + // + // When specified, at least one external claim source must be specified and no more than 5 + // sources may be specified. + // All external claim sources must have unique claim mappings. + // When an external source responds and resolves additional claims successfully, they will + // be made available as claims during the claim mapping process. + // Externally sourced claims with the same name as a claim existing within the token will + // overwrite the claim data from the token with the externally sourced information. + // If an external source does not respond, responds with an error, or the additional + // claim data cannot be resolved from the response successfully it will not be + // included in the claim data passed to the claim mapping process. + // + // +openshift:enable:FeatureGate=ExternalOIDCExternalClaimsSourcing + // + // +optional + // +kubebuilder:validation:MinItems=1 + // +kubebuilder:validation:MaxItems=5 + // +kubebuilder:validation:XValidation:rule="self.all(s, s.mappings.all(m, self.filter(s2, s2.mappings.exists(m2, m2.name == m.name)).size() == 1))",message="mapping names must be unique across all external claim sources." + // +listType=atomic + ExternalClaimsSources []ExternalClaimsSource `json:"externalClaimsSources,omitempty"` } // +kubebuilder:validation:MinLength=1 @@ -350,11 +381,35 @@ type TokenClaimMappings struct { } // TokenClaimMapping allows specifying a JWT token claim to be used when mapping claims from an authentication token to cluster identities. +// +openshift:validation:FeatureGateAwareXValidation:featureGate="",rule="has(self.claim)",message="claim is required" +// +openshift:validation:FeatureGateAwareXValidation:featureGate=ExternalOIDC,rule="has(self.claim)",message="claim is required" +// +openshift:validation:FeatureGateAwareXValidation:featureGate=ExternalOIDCWithUIDAndExtraClaimMappings,rule="has(self.claim)",message="claim is required" +// +openshift:validation:FeatureGateAwareXValidation:featureGate=ExternalOIDCWithUpstreamParity,rule="(size(self.?claim.orValue(\"\")) > 0) ? !has(self.expression) : true",message="expression must not be set if claim is specified and is not an empty string" type TokenClaimMapping struct { - // claim is a required field that configures the JWT token claim whose value is assigned to the cluster identity field associated with this mapping. + // claim is an optional field for specifying the JWT token claim that is used in the mapping. + // The value of this claim will be assigned to the field in which this mapping is associated. + // claim must not exceed 256 characters in length. + // When set to the empty string `""`, this means that no named claim should be used for the group mapping. + // claim is required when the ExternalOIDCWithUpstreamParity feature gate is not enabled. // - // +required + // +optional + // +kubebuilder:validation:MaxLength=256 Claim string `json:"claim"` + + // expression is an optional CEL expression used to derive + // group values from JWT claims. + // + // CEL expressions have access to the token claims through a CEL variable, 'claims'. + // + // expression must be at least 1 character and must not exceed 1024 characters in length . + // + // When specified, claim must not be set or be explicitly set to the empty string (`""`). + // + // +optional + // +openshift:enable:FeatureGate=ExternalOIDCWithUpstreamParity + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=1024 + Expression string `json:"expression,omitempty"` } // TokenClaimOrExpressionMapping allows specifying either a JWT token claim or CEL expression to be used when mapping claims from an authentication token to cluster identities. @@ -590,26 +645,46 @@ type OIDCClientReference struct { // +kubebuilder:validation:XValidation:rule="has(self.prefixPolicy) && self.prefixPolicy == 'Prefix' ? (has(self.prefix) && size(self.prefix.prefixString) > 0) : !has(self.prefix)",message="prefix must be set if prefixPolicy is 'Prefix', but must remain unset otherwise" // +union +// +openshift:validation:FeatureGateAwareXValidation:featureGate="",rule="has(self.claim)",message="claim is required" +// +openshift:validation:FeatureGateAwareXValidation:featureGate=ExternalOIDC,rule="has(self.claim)",message="claim is required" +// +openshift:validation:FeatureGateAwareXValidation:featureGate=ExternalOIDCWithUIDAndExtraClaimMappings,rule="has(self.claim)",message="claim is required" +// +openshift:validation:FeatureGateAwareXValidation:featureGate=ExternalOIDCWithUpstreamParity,rule="has(self.claim) ? !has(self.expression) : has(self.expression)",message="precisely one of claim or expression must be set" +// +openshift:validation:FeatureGateAwareXValidation:featureGate=ExternalOIDCWithUpstreamParity,rule="has(self.expression) && size(self.expression) > 0 ? !has(self.prefixPolicy) || self.prefixPolicy != 'Prefix' : true",message="prefixPolicy must not be set to 'Prefix' when expression is set" type UsernameClaimMapping struct { - // claim is a required field that configures the JWT token claim whose value is assigned to the cluster identity field associated with this mapping. + // claim is an optional field that configures the JWT token claim whose value is assigned to the cluster identity field associated with this mapping. + // claim is required when the ExternalOIDCWithUpstreamParity feature gate is not enabled. + // When the ExternalOIDCWithUpstreamParity feature gate is enabled, claim must not be set when expression is set. // // claim must not be an empty string ("") and must not exceed 256 characters. // - // +required + // +optional // +kubebuilder:validation:MinLength:=1 // +kubebuilder:validation:MaxLength:=256 - Claim string `json:"claim"` + Claim string `json:"claim,omitempty"` + + // expression is an optional CEL expression used to derive + // the username from JWT claims. + // + // CEL expressions have access to the token claims + // through a CEL variable, 'claims'. + // + // expression must be at least 1 character and must not exceed 1024 characters in length. + // expression must not be set when claim is set. + // + // +optional + // +openshift:enable:FeatureGate=ExternalOIDCWithUpstreamParity + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=1024 + Expression string `json:"expression,omitempty"` // prefixPolicy is an optional field that configures how a prefix should be applied to the value of the JWT claim specified in the 'claim' field. // // Allowed values are 'Prefix', 'NoPrefix', and omitted (not provided or an empty string). // // When set to 'Prefix', the value specified in the prefix field will be prepended to the value of the JWT claim. - // // The prefix field must be set when prefixPolicy is 'Prefix'. - // + // Must not be set to 'Prefix' when expression is set. // When set to 'NoPrefix', no prefix will be prepended to the value of the JWT claim. - // // When omitted, this means no opinion and the platform is left to choose any prefixes that are applied which is subject to change over time. // Currently, the platform prepends `{issuerURL}#` to the value of the JWT claim when the claim is not 'email'. // @@ -639,7 +714,7 @@ type UsernameClaimMapping struct { // +enum type UsernamePrefixPolicy string -var ( +const ( // NoOpinion let's the cluster assign prefixes. If the username claim is email, there is no prefix // If the username claim is anything else, it is prefixed by the issuerURL NoOpinion UsernamePrefixPolicy = "" @@ -665,12 +740,14 @@ type UsernamePrefix struct { // PrefixedClaimMapping configures a claim mapping // that allows for an optional prefix. +// +openshift:validation:FeatureGateAwareXValidation:featureGate=ExternalOIDCWithUpstreamParity,rule="has(self.expression) && size(self.expression) > 0 ? (!has(self.prefix) || size(self.prefix) == 0) : true",message="prefix must not be set to a non-empty value when expression is set" type PrefixedClaimMapping struct { TokenClaimMapping `json:",inline"` // prefix is an optional field that configures the prefix that will be applied to the cluster identity attribute during the process of mapping JWT claims to cluster identity attributes. // - // When omitted (""), no prefix is applied to the cluster identity attribute. + // When omitted or set to an empty string (""), no prefix is applied to the cluster identity attribute. + // Must not be set to a non-empty value when expression is set. // // Example: if `prefix` is set to "myoidc:" and the `claim` in JWT contains an array of strings "a", "b" and "c", the mapping will result in an array of string "myoidc:a", "myoidc:b" and "myoidc:c". // @@ -689,10 +766,10 @@ type TokenValidationRuleType string const ( // TokenValidationRuleTypeRequiredClaim indicates that the token must contain a specific claim. // Used as a value for TokenValidationRuleType. - TokenValidationRuleTypeRequiredClaim = "RequiredClaim" + TokenValidationRuleTypeRequiredClaim TokenValidationRuleType = "RequiredClaim" // TokenValidationRuleTypeCEL indicates that the token validation is defined via a CEL expression. // Used as a value for TokenValidationRuleType. - TokenValidationRuleTypeCEL = "CEL" + TokenValidationRuleTypeCEL TokenValidationRuleType = "CEL" ) // TokenClaimValidationRule represents a validation rule based on token claims. @@ -785,3 +862,355 @@ type TokenUserValidationRule struct { // +kubebuilder:validation:MaxLength=256 Message string `json:"message,omitempty"` } + +// ExternalClaimsSource provides the configuration for a single external claim source. +type ExternalClaimsSource struct { + // authentication is an optional field that configures how the apiserver authenticates with an external claims source. + // When not specified, anonymous authentication is used which means no 'Authorization' header + // is sent in the HTTP request to fetch the external claims. + // + // +optional + Authentication ExternalSourceAuthentication `json:"authentication,omitzero"` + + // tls is an optional field that configures the http client TLS + // settings when fetching external claims from this source. + // + // When omitted, system default TLS settings will be used + // for fetching claims from the external source. + // + // +optional + TLS ExternalSourceTLS `json:"tls,omitzero"` + + // url is a required configuration of the URL + // for which the external claims are located. + // + // +required + URL SourceURL `json:"url,omitzero"` + + // mappings is a required list of the claim + // and response handling expression pairs + // that produces the claims from the external source. + // mappings must have at least 1 entry and must not exceed 16 entries. + // Entries must have a unique name across all external claim sources. + // + // +required + // +listType=map + // +listMapKey=name + // +kubebuilder:validation:MinItems=1 + // +kubebuilder:validation:MaxItems=16 + Mappings []SourcedClaimMapping `json:"mappings,omitempty"` + + // predicates is an optional list of constraints in + // which claims should attempt to be fetched from this + // external source. + // + // When omitted, claims are always fetched + // from this external source. + // + // When specified, all predicates must evaluate to 'true' + // before claims are attempted to be fetched from this external source. + // predicates must have at least 1 entry and must not exceed 16 entries. + // Entries must have unique expressions. + // + // +optional + // +listType=map + // +listMapKey=expression + // +kubebuilder:validation:MinItems=1 + // +kubebuilder:validation:MaxItems=16 + Predicates []ExternalSourcePredicate `json:"predicates,omitempty"` +} + +// ExternalSourceAuthenticationType is the type of authentication that should be used +// when fetching claims from an external source. +// +// +enum +// +kubebuilder:validation:Enum=RequestProvidedToken;ClientCredential +type ExternalSourceAuthenticationType string + +const ( + // ExternalSourceAuthenticationTypeRequestProvidedToken is an ExternalSourceAuthenticationType + // that represents that the token being evaluated for authentication + // should be used for authenticating with the external claims source. + // This is useful for scenarios where a token has multiple audiences + // and scopes so that it can be used to access both the cluster and + // the UserInfo endpoint that contains additional information about the + // user not present in the token. + ExternalSourceAuthenticationTypeRequestProvidedToken ExternalSourceAuthenticationType = "RequestProvidedToken" + + // ExternalSourceAuthenticationTypeClientCredential is an ExternalSourceAuthenticationType + // that represents that the authenticator should use the OAuth2 + // client credentials grant flow to obtain an access token for + // authenticating with the external claims source. + // This is useful for scenarios such as fetching user information + // from Microsoft's Graph API where a separate client credential + // is needed to access the API. + ExternalSourceAuthenticationTypeClientCredential ExternalSourceAuthenticationType = "ClientCredential" +) + +// ExternalSourceAuthentication configures how the apiserver should attempt +// to authenticate with an external claims source. +// +// +kubebuilder:validation:XValidation:rule="self.type == 'ClientCredential' ? has(self.clientCredential) : !has(self.clientCredential)",message="clientCredential is required when type is ClientCredential, and forbidden otherwise" +type ExternalSourceAuthentication struct { + // type is a required field that sets the type of + // authentication method used by the authenticator + // when fetching external claims. + // + // Allowed values are 'RequestProvidedToken' and 'ClientCredential'. + // + // When set to 'RequestProvidedToken', the authenticator will + // use the token provided to the kube-apiserver as part of the + // request to authenticate with the external claims source. + // + // When set to 'ClientCredential', the authenticator will + // use the configured client-id, client-secret, and token endpoint + // to fetch an access token using the OAuth2 client credentials grant + // flow. The fetched access token will then be used to authenticate + // with the external claims source. + // + // +required + Type ExternalSourceAuthenticationType `json:"type,omitempty"` + + // clientCredential configures the client credentials + // and token endpoint to use to get an access token. + // clientCredential is required when type is 'ClientCredential', and forbidden otherwise. + // + // +optional + ClientCredential ClientCredentialConfig `json:"clientCredential,omitzero"` +} + +// ExternalSourceTLS configures the TLS options that the apiserver uses as a client +// when making a request to the external claim source. +type ExternalSourceTLS struct { + // certificateAuthority is a required reference to a ConfigMap in the openshift-config + // namespace that contains the CA certificate to use to validate TLS connections with the external claims source. + // The key "ca-bundle.crt" must be present in the referenced ConfigMap and must contain the CA certificate to be used + // to verify the external source's TLS certificate. + // + // +required + CertificateAuthority ExternalSourceCertificateAuthorityConfigMapReference `json:"certificateAuthority,omitzero"` +} + +// ClientCredentialConfig configures the client credentials and token endpoint +// to use to get an access token via the OAuth2 client credentials grant flow. +type ClientCredentialConfig struct { + // clientID is a required client identifier to use during the OAuth2 client credentials flow. + // clientID must be at least 1 character in length, must not exceed 256 characters in length, + // and must only contain printable ASCII characters. + // + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=256 + // +kubebuilder:validation:XValidation:rule="self.matches('^[[:print:]]+$')",message="clientID must only contain printable ASCII characters" + ClientID string `json:"clientID,omitempty"` + + // clientSecret is a required reference to a Secret in the openshift-config namespace to be used + // as the client secret during the OAuth2 client credentials flow. + // + // The key 'client-secret' is used to locate the client secret data in the Secret. + // + // +required + ClientSecret ClientSecretSecretReference `json:"clientSecret,omitzero"` + + // tokenEndpoint is a required URL to query for an access token using + // the client credential OAuth2 flow. + // tokenEndpoint must be at least 1 character in length and must not exceed 2048 characters in length. + // tokenEndpoint must be a valid HTTPS URL. + // tokenEndpoint must have a host and a path. + // tokenEndpoint must not contain query parameters, fragments, + // or user information (e.g., "user:password@host"). + // + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=2048 + // +kubebuilder:validation:XValidation:rule="isURL(self)",message="tokenEndpoint must be a valid HTTPS url" + // +kubebuilder:validation:XValidation:rule="isURL(self) && url(self).getScheme() == 'https'",message="tokenEndpoint must be a valid HTTPS url" + // +kubebuilder:validation:XValidation:rule="isURL(self) && url(self).getHost() != ''",message="tokenEndpoint must have a hostname" + // +kubebuilder:validation:XValidation:rule="isURL(self) && url(self).getEscapedPath() != ''",message="tokenEndpoint must have a path" + // +kubebuilder:validation:XValidation:rule="isURL(self) && url(self).getQuery() == {}",message="tokenEndpoint must not have query parameters" + // +kubebuilder:validation:XValidation:rule="isURL(self) && self.find('#(.+)$') == ''",message="tokenEndpoint must not have a fragment" + // +kubebuilder:validation:XValidation:rule="isURL(self) && !self.matches('^https://[^/]+@.+$')",message="tokenEndpoint must not have user info" + TokenEndpoint string `json:"tokenEndpoint,omitempty"` + + // scopes is an optional list of OAuth2 scopes to request when obtaining + // an access token. + // + // If not specified, the token endpoint's default scopes + // will be used. + // + // When specified, there must be at least 1 entry and must not exceed 16 entries. + // Each entry must be at least 1 character in length and must not exceed 256 characters in length. + // Each entry must only contain printable ASCII characters, excluding spaces, double quotes and backslashes. + // Entries must be unique. + // + // +optional + // +kubebuilder:validation:MinItems=1 + // +kubebuilder:validation:MaxItems=16 + // +listType=set + Scopes []OAuth2Scope `json:"scopes,omitempty"` + + // tls is an optional field that allows configuring the TLS + // settings used to interact with the identity provider + // as an OAuth2 client. + // + // When omitted, system default TLS settings will be used + // for the OAuth2 client. + // + // +optional + TLS ExternalSourceTLS `json:"tls,omitzero"` +} + +// OAuth2Scope is a string alias that represents an OAuth2 Scope as defined by https://datatracker.ietf.org/doc/html/rfc6749#appendix-A.4 +// Must be at least 1 character in length, must not exceed 256 characters in length and must only contain printable ASCII characters, excluding spaces, double quotes and backslashes. +// +// +kubebuilder:validation:XValidation:rule="self.matches('^[!#-[\\\\]-~]+$')",message="scopes must only contain printable ASCII characters excluding spaces, double quotes and backslashes" +// +kubebuilder:validation:MinLength=1 +// +kubebuilder:validation:MaxLength=256 +type OAuth2Scope string + +// SourceURL configures the options used to build the URL that is queried for external claims. +type SourceURL struct { + // hostname is a required hostname for which the external claims are located. + // + // It must be a valid DNS subdomain name as per RFC1123. + // + // This means that it must start and end with a lowercase alphanumeric character, + // must only consist of lowercase alphanumeric characters, '-', and '.'. + // hostname may optionally specify a port in the format ':{port}'. + // If a port is specified it must not exceed 65535. + // + // hostname must be at least 1 character in length. + // When specifying a port, hostname must not exceed 259 characters in length. + // When not specifying a port, hostname must not exceed 253 characters in length. + // + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=259 + // +kubebuilder:validation:XValidation:rule="isURL('https://'+self)",message="hostname must be a valid hostname" + // +kubebuilder:validation:XValidation:rule="!format.dns1123Subdomain().validate(self.split(':')[0]).hasValue()",message="hostname before port must start and end with a lowercase alphanumeric character, and must only contain lowercase alphanumeric characters, '-' or '.'" + // +kubebuilder:validation:XValidation:rule="self.split(':').size() > 1 ? int(self.split(':')[1]) <= 65535 : true",message="port must not exceed 65535" + Hostname string `json:"hostname,omitempty"` + + // pathExpression is a required CEL expression that returns a list + // of string values used to construct the URL path. + // Claims from the token used for the request to the kube-apiserver + // are made available via the `claims` variable. + // expression must be at least 1 character in length and must not exceed 1024 characters in length. + // + // Values in the returned list will be joined with the hostname using a forward slash + // (`/`) as a separator. Values in the returned list do not need to include the forward slash. + // If a forward slash is included in a returned value, it will be encoded as `%2F`. + // + // Example of a static path configuration: + // + // pathExpression: ['realms', 'k8s', 'protocol', 'openid-connect', 'userinfo'] + // + // The above example would resolve to the path: '/realms/k8s/protocol/openid-connect/userinfo' + // + // Example of a dynamic path configuration: + // + // pathExpression: "['admin', 'realms', 'k8s', 'users'] + [claims.sub] + ['groups']" + // + // Assuming 'claims.sub' is set to '12345', the above example would resolve to the path: '/admin/realms/k8s/users/12345/groups' + // + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=1024 + PathExpression string `json:"pathExpression,omitempty"` +} + +// SourcedClaimMapping configures the mapping behavior for a single external claim +// from the response the apiserver received from the external claim source. +type SourcedClaimMapping struct { + // name is a required name of the claim that + // will be produced and made available during + // the claim-to-identity mapping process. + // name must consist of only lowercase alpha characters and underscores ('_'). + // name must be at least 1 character and must not exceed 256 characters in length. + // + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=256 + // +kubebuilder:validation:XValidation:rule="self.matches('^[a-z_]+$')",message="name must consist of only lowercase alpha characters and underscores" + Name string `json:"name,omitempty"` + + // expression is a required CEL expression that + // will produce a value to be assigned to the claim. + // The full response body from the request to the + // external claim source is provided via the + // `response.body` variable. + // + // The contents of the `response.body` variable varies based on the response received + // from the external source. It is the responsibility of those configuring + // this expression to understand what is returned from the external source. + // + // expression must be at least 1 character and must not exceed 1024 characters in length. + // + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=1024 + Expression string `json:"expression,omitempty"` +} + +// ExternalSourcePredicate configures a singular condition +// that must return true before the external source is queried +// to retrieve external claims. +type ExternalSourcePredicate struct { + // expression is a required CEL expression that + // is used to determine whether or not an external + // source should be used to fetch external claims. + // + // The expression must return a boolean value, + // where true means that the source should be consulted + // and false means that it should not. + // + // Claims from the token used for the request to the kube-apiserver + // are made available via the `claims` variable. + // + // The contents of the `claims` variable varies based on the claims that are + // present in the token being validated. It is the responsibility of those configuring this + // field to understand what claims the identity provider includes when issuing tokens. + // + // expression must be at least 1 character and must not exceed 1024 characters in length. + // + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=1024 + Expression string `json:"expression,omitempty"` +} + +// ExternalSourceCertificateAuthorityConfigMapReference is a reference to a ConfigMap in the openshift-config +// namespace that should be used for configuring the certificate authority to be +// used when sourcing claims from external sources. +type ExternalSourceCertificateAuthorityConfigMapReference struct { + // name is the required name of the ConfigMap that exists in the openshift-config namespace. + // The key "ca-bundle.crt" must be present and must contain the CA certificate to be used + // to verify the external source's TLS certificate. + // + // It must be at least 1 character in length, must not exceed 253 characters in length, + // must start and end with a lowercase alphanumeric character, and must only contain + // lowercase alphanumeric characters, '-' or '.'. + // + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=253 + // +kubebuilder:validation:XValidation:rule="!format.dns1123Subdomain().validate(self).hasValue()",message="name must start and end with a lowercase alphanumeric character, and must only contain lowercase alphanumeric characters, '-' or '.'" + Name string `json:"name,omitempty"` +} + +// ClientSecretSecretReference is a reference to a Secret in the openshift-config +// namespace that should be used for configuring the client secret to be +// used when sourcing claims from external sources with the client credential authentication flow. +type ClientSecretSecretReference struct { + // name is the required name of the Secret that exists in the openshift-config namespace. + // + // It must be at least 1 character in length, must not exceed 253 characters in length, + // must start and end with a lowercase alphanumeric character, and must only contain + // lowercase alphanumeric characters, '-' or '.'. + // + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=253 + // +kubebuilder:validation:XValidation:rule="!format.dns1123Subdomain().validate(self).hasValue()",message="name must start and end with a lowercase alphanumeric character, and must only contain lowercase alphanumeric characters, '-' or '.'" + Name string `json:"name,omitempty"` +} diff --git a/vendor/github.com/openshift/api/config/v1/types_cluster_operator.go b/vendor/github.com/openshift/api/config/v1/types_cluster_operator.go index 832304038..e934e8355 100644 --- a/vendor/github.com/openshift/api/config/v1/types_cluster_operator.go +++ b/vendor/github.com/openshift/api/config/v1/types_cluster_operator.go @@ -160,8 +160,9 @@ const ( // is actively rolling out new code, propagating config changes (e.g, a version change), or otherwise // moving from one steady state to another. Operators should not report // Progressing when they are reconciling (without action) a previously known - // state. Operators should not report Progressing only because DaemonSets owned by them - // are adjusting to a new node from cluster scaleup or a node rebooting from cluster upgrade. + // state. Operators should not report Progressing only because resources owned by them, + // such as DaemonSets and Deployments, are adjusting to a new node from cluster scaleup + // or a node rebooting from cluster upgrade. // If the observed cluster state has changed and the component is // reacting to it (updated proxy configuration for instance), Progressing should become true // since it is moving from one steady state to another. diff --git a/vendor/github.com/openshift/api/config/v1/types_cluster_version.go b/vendor/github.com/openshift/api/config/v1/types_cluster_version.go index 5f36f693d..f8d45114a 100644 --- a/vendor/github.com/openshift/api/config/v1/types_cluster_version.go +++ b/vendor/github.com/openshift/api/config/v1/types_cluster_version.go @@ -283,6 +283,16 @@ type UpdateHistory struct { // ClusterID is string RFC4122 uuid. type ClusterID string +// UpdateMode defines how an update should be processed. +// +enum +// +kubebuilder:validation:Enum=Preflight +type UpdateMode string + +const ( + // UpdateModePreflight allows an update to be checked for compatibility without committing to updating the cluster. + UpdateModePreflight UpdateMode = "Preflight" +) + // ClusterVersionArchitecture enumerates valid cluster architectures. // +kubebuilder:validation:Enum="Multi";"" type ClusterVersionArchitecture string @@ -760,6 +770,22 @@ type Update struct { // +listMapKey=name // +optional AcceptRisks []AcceptRisk `json:"acceptRisks,omitempty"` + + // mode determines how an update should be processed. + // The only valid value is "Preflight". + // When omitted, the cluster performs a normal update by applying the specified version or image to the cluster. + // This is the standard update behavior. + // When set to "Preflight", the cluster runs compatibility checks against the target release without + // performing an actual update. Compatibility results, including any detected risks, are reported + // in status.conditionalUpdates and status.conditionalUpdateRisks alongside risks from the update + // recommendation service. + // This allows administrators to assess update readiness and address issues before committing to the update. + // Preflight mode is particularly useful for skip-level updates where upgrade compatibility needs to be + // verified across multiple minor versions. + // When mode is set to "Preflight", the same rules for version, image, and architecture apply as for normal updates. + // +openshift:enable:FeatureGate=ClusterUpdatePreflight + // +optional + Mode UpdateMode `json:"mode,omitempty"` } // AcceptRisk represents a risk that is considered acceptable. diff --git a/vendor/github.com/openshift/api/config/v1/types_dns.go b/vendor/github.com/openshift/api/config/v1/types_dns.go index 06eb75ccf..efbdc3ae5 100644 --- a/vendor/github.com/openshift/api/config/v1/types_dns.go +++ b/vendor/github.com/openshift/api/config/v1/types_dns.go @@ -134,7 +134,14 @@ type AWSDNSSpec struct { // privateZoneIAMRole contains the ARN of an IAM role that should be assumed when performing // operations on the cluster's private hosted zone specified in the cluster DNS config. // When left empty, no role should be assumed. - // +kubebuilder:validation:Pattern:=`^arn:(aws|aws-cn|aws-us-gov):iam::[0-9]{12}:role\/.*$` + // + // The ARN must follow the format: arn::iam:::role/, where: + // is the AWS partition (aws, aws-cn, aws-us-gov, or aws-eusc), + // is a 12-digit numeric identifier for the AWS account, + // is the IAM role name. + // + // +openshift:validation:FeatureGateAwareXValidation:featureGate="",rule=`matches(self, '^arn:(aws|aws-cn|aws-us-gov):iam::[0-9]{12}:role/.*$')`,message=`privateZoneIAMRole must be a valid AWS IAM role ARN in the format: arn::iam:::role/` + // +openshift:validation:FeatureGateAwareXValidation:featureGate=AWSEuropeanSovereignCloudInstall,rule=`matches(self, '^arn:(aws|aws-cn|aws-us-gov|aws-eusc):iam::[0-9]{12}:role/.*$')`,message=`privateZoneIAMRole must be a valid AWS IAM role ARN in the format: arn::iam:::role/` // +optional PrivateZoneIAMRole string `json:"privateZoneIAMRole"` } diff --git a/vendor/github.com/openshift/api/config/v1/types_image.go b/vendor/github.com/openshift/api/config/v1/types_image.go index 82f46c8b6..96fa349a6 100644 --- a/vendor/github.com/openshift/api/config/v1/types_image.go +++ b/vendor/github.com/openshift/api/config/v1/types_image.go @@ -165,20 +165,50 @@ type RegistryLocation struct { // +kubebuilder:validation:XValidation:rule="has(self.blockedRegistries) ? !has(self.allowedRegistries) : true",message="Only one of blockedRegistries or allowedRegistries may be set" type RegistrySources struct { // insecureRegistries are registries which do not have a valid TLS certificates or only support HTTP connections. + // Each entry must be a valid registry scope in the format hostname[:port][/path], + // optionally prefixed with "*." for wildcard subdomains (e.g., "*.example.com"). + // The hostname must consist of valid DNS labels separated by dots, where each label + // contains only alphanumeric characters and hyphens and does not start or end with a hyphen. + // Entries must not be empty, must not include tags (e.g., ":latest") or digests (e.g., "@sha256:..."), + // and must be at most 256 characters in length. The list may contain at most 1024 entries. // +optional // +listType=atomic + // +kubebuilder:validation:MaxItems=1024 + // +kubebuilder:validation:items:MinLength=1 + // +kubebuilder:validation:items:MaxLength=256 + // +kubebuilder:validation:items:XValidation:rule="self.matches('^\\\\*(?:\\\\.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]))+$|^((?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])(?:(?:\\\\.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]))+)?(?::[0-9]+)?)(?:(?:/[a-z0-9]+(?:(?:(?:[._]|__|[-]*)[a-z0-9]+)+)?)+)?$')",message="each registry must be a valid hostname[:port][/path] or wildcard *.hostname format without tags or digests" InsecureRegistries []string `json:"insecureRegistries,omitempty"` // blockedRegistries cannot be used for image pull and push actions. All other registries are permitted. + // Each entry must be a valid registry scope in the format hostname[:port][/path], + // optionally prefixed with "*." for wildcard subdomains (e.g., "*.example.com"). + // The hostname must consist of valid DNS labels separated by dots, where each label + // contains only alphanumeric characters and hyphens and does not start or end with a hyphen. + // Entries must not be empty, must not include tags (e.g., ":latest") or digests (e.g., "@sha256:..."), + // and must be at most 256 characters in length. The list may contain at most 1024 entries. // // Only one of BlockedRegistries or AllowedRegistries may be set. // +optional // +listType=atomic + // +kubebuilder:validation:MaxItems=1024 + // +kubebuilder:validation:items:MinLength=1 + // +kubebuilder:validation:items:MaxLength=256 + // +kubebuilder:validation:items:XValidation:rule="self.matches('^\\\\*(?:\\\\.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]))+$|^((?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])(?:(?:\\\\.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]))+)?(?::[0-9]+)?)(?:(?:/[a-z0-9]+(?:(?:(?:[._]|__|[-]*)[a-z0-9]+)+)?)+)?$')",message="each registry must be a valid hostname[:port][/path] or wildcard *.hostname format without tags or digests" BlockedRegistries []string `json:"blockedRegistries,omitempty"` // allowedRegistries are the only registries permitted for image pull and push actions. All other registries are denied. + // Each entry must be a valid registry scope in the format hostname[:port][/path], + // optionally prefixed with "*." for wildcard subdomains (e.g., "*.example.com"). + // The hostname must consist of valid DNS labels separated by dots, where each label + // contains only alphanumeric characters and hyphens and does not start or end with a hyphen. + // Entries must not be empty, must not include tags (e.g., ":latest") or digests (e.g., "@sha256:..."), + // and must be at most 256 characters in length. The list may contain at most 1024 entries. // // Only one of BlockedRegistries or AllowedRegistries may be set. // +optional // +listType=atomic + // +kubebuilder:validation:MaxItems=1024 + // +kubebuilder:validation:items:MinLength=1 + // +kubebuilder:validation:items:MaxLength=256 + // +kubebuilder:validation:items:XValidation:rule="self.matches('^\\\\*(?:\\\\.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]))+$|^((?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])(?:(?:\\\\.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]))+)?(?::[0-9]+)?)(?:(?:/[a-z0-9]+(?:(?:(?:[._]|__|[-]*)[a-z0-9]+)+)?)+)?$')",message="each registry must be a valid hostname[:port][/path] or wildcard *.hostname format without tags or digests" AllowedRegistries []string `json:"allowedRegistries,omitempty"` // containerRuntimeSearchRegistries are registries that will be searched when pulling images that do not have fully qualified // domains in their pull specs. Registries will be searched in the order provided in the list. diff --git a/vendor/github.com/openshift/api/config/v1/types_infrastructure.go b/vendor/github.com/openshift/api/config/v1/types_infrastructure.go index 369ba1e7a..e7680899d 100644 --- a/vendor/github.com/openshift/api/config/v1/types_infrastructure.go +++ b/vendor/github.com/openshift/api/config/v1/types_infrastructure.go @@ -102,11 +102,11 @@ type InfrastructureStatus struct { // and the operators should not configure the operand for highly-available operation // The 'External' mode indicates that the control plane is hosted externally to the cluster and that // its components are not visible within the cluster. + // The 'HighlyAvailableArbiter' mode indicates that the control plane will consist of 2 control-plane nodes + // that run conventional services and 1 smaller sized arbiter node that runs a bare minimum of services to maintain quorum. // +kubebuilder:default=HighlyAvailable - // +openshift:validation:FeatureGateAwareEnum:featureGate="",enum=HighlyAvailable;SingleReplica;External - // +openshift:validation:FeatureGateAwareEnum:featureGate=HighlyAvailableArbiter,enum=HighlyAvailable;HighlyAvailableArbiter;SingleReplica;External - // +openshift:validation:FeatureGateAwareEnum:featureGate=DualReplica,enum=HighlyAvailable;SingleReplica;DualReplica;External - // +openshift:validation:FeatureGateAwareEnum:requiredFeatureGate=HighlyAvailableArbiter;DualReplica,enum=HighlyAvailable;HighlyAvailableArbiter;SingleReplica;DualReplica;External + // +openshift:validation:FeatureGateAwareEnum:featureGate="",enum=HighlyAvailable;HighlyAvailableArbiter;SingleReplica;External + // +openshift:validation:FeatureGateAwareEnum:featureGate=DualReplica,enum=HighlyAvailable;HighlyAvailableArbiter;SingleReplica;DualReplica;External // +optional ControlPlaneTopology TopologyMode `json:"controlPlaneTopology"` @@ -295,7 +295,8 @@ type ExternalPlatformSpec struct { // PlatformSpec holds the desired state specific to the underlying infrastructure provider // of the current cluster. Since these are used at spec-level for the underlying cluster, it // is supposed that only one of the spec structs is set. -// +kubebuilder:validation:XValidation:rule="!has(oldSelf.vsphere) && has(self.vsphere) ? size(self.vsphere.vcenters) < 2 : true",message="vcenters can have at most 1 item when configured post-install" +// +openshift:validation:FeatureGateAwareXValidation:featureGate="",rule="!has(oldSelf.vsphere) && has(self.vsphere) ? (has(self.vsphere.vcenters) && size(self.vsphere.vcenters) < 2) : true",message="vcenters can have at most 1 item when configured post-install" +// +openshift:validation:FeatureGateAwareXValidation:featureGate=VSphereMultiVCenterDay2,rule="oldSelf.?vsphere.vcenters.hasValue() ? self.?vsphere.vcenters.hasValue() : true",message="vcenters is required once set and cannot be removed" type PlatformSpec struct { // type is the underlying infrastructure provider for the cluster. This // value controls whether infrastructure automation such as service load @@ -787,7 +788,6 @@ type GCPPlatformStatus struct { // // +default={"dnsType": "PlatformDefault"} // +kubebuilder:default={"dnsType": "PlatformDefault"} - // +openshift:enable:FeatureGate=GCPClusterHostedDNSInstall // +optional // +nullable CloudLoadBalancerConfig *CloudLoadBalancerConfig `json:"cloudLoadBalancerConfig,omitempty"` @@ -1642,21 +1642,24 @@ type VSpherePlatformNodeNetworking struct { // use these fields for configuration. // +kubebuilder:validation:XValidation:rule="!has(oldSelf.apiServerInternalIPs) || has(self.apiServerInternalIPs)",message="apiServerInternalIPs list is required once set" // +kubebuilder:validation:XValidation:rule="!has(oldSelf.ingressIPs) || has(self.ingressIPs)",message="ingressIPs list is required once set" -// +kubebuilder:validation:XValidation:rule="!has(oldSelf.vcenters) && has(self.vcenters) ? size(self.vcenters) < 2 : true",message="vcenters can have at most 1 item when configured post-install" type VSpherePlatformSpec struct { // vcenters holds the connection details for services to communicate with vCenter. - // Currently, only a single vCenter is supported, but in tech preview 3 vCenters are supported. + // Up to 3 vCenters are supported. // Once the cluster has been installed, you are unable to change the current number of defined - // vCenters except in the case where the cluster has been upgraded from a version of OpenShift - // where the vsphere platform spec was not present. You may make modifications to the existing + // vCenters except when 1.) the cluster has been upgraded from a version of OpenShift + // where the vsphere platform spec was not present or 2.) in TechPreview you are able to add and + // remove vCenters but may not remove all vCenters. You may make modifications to the existing // vCenters that are defined in the vcenters list in order to match with any added or modified // failure domains. // --- // + If VCenters is not defined use the existing cloud-config configmap defined // + in openshift-config. - // +kubebuilder:validation:MinItems=0 + // +kubebuilder:validation:MinItems=1 // +kubebuilder:validation:MaxItems=3 - // +kubebuilder:validation:XValidation:rule="size(self) != size(oldSelf) ? size(oldSelf) == 0 && size(self) < 2 : true",message="vcenters cannot be added or removed once set" + // +openshift:validation:FeatureGateAwareXValidation:featureGate="",rule="size(self) != size(oldSelf) ? size(oldSelf) == 0 && size(self) < 2 : true",message="vcenters cannot be added or removed once set" + // +openshift:validation:FeatureGateAwareXValidation:featureGate=VSphereMultiVCenterDay2,rule="size(self) >= size(oldSelf) ? oldSelf.all(x, self.exists(y, y.server == x.server)) : true",message="Cannot add and remove vCenters at the same time" + // +openshift:validation:FeatureGateAwareXValidation:featureGate=VSphereMultiVCenterDay2,rule="size(self) < size(oldSelf) ? self.all(x, oldSelf.exists(y, y.server == x.server)) : true",message="Cannot add and remove vCenters at the same time" + // +kubebuilder:validation:XValidation:rule="self.all(x, self.exists_one(y, y.server == x.server))",message="vcenters must have unique server values" // +listType=atomic // +optional VCenters []VSpherePlatformVCenterSpec `json:"vcenters,omitempty"` diff --git a/vendor/github.com/openshift/api/config/v1/types_ingress.go b/vendor/github.com/openshift/api/config/v1/types_ingress.go index f70fe8f44..26e0ebf21 100644 --- a/vendor/github.com/openshift/api/config/v1/types_ingress.go +++ b/vendor/github.com/openshift/api/config/v1/types_ingress.go @@ -43,6 +43,7 @@ type IngressSpec struct { // default ingresscontroller domain will follow this pattern: "*.". // // Once set, changing domain is not currently supported. + // +kubebuilder:validation:XValidation:rule="self == oldSelf",message="domain is immutable once set" Domain string `json:"domain"` // appsDomain is an optional domain to use instead of the one specified diff --git a/vendor/github.com/openshift/api/config/v1/types_kmsencryption.go b/vendor/github.com/openshift/api/config/v1/types_kmsencryption.go index 3293204fa..6b58d9da4 100644 --- a/vendor/github.com/openshift/api/config/v1/types_kmsencryption.go +++ b/vendor/github.com/openshift/api/config/v1/types_kmsencryption.go @@ -1,55 +1,261 @@ package v1 -// KMSConfig defines the configuration for the KMS instance -// that will be used with KMSEncryptionProvider encryption -// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'AWS' ? has(self.aws) : !has(self.aws)",message="aws config is required when kms provider type is AWS, and forbidden otherwise" +// KMSPluginConfig defines the configuration for the KMS instance +// that will be used with KMS encryption +// +kubebuilder:validation:XValidation:rule="self.type == 'Vault' ? has(self.vault) : !has(self.vault)",message="vault config is required when kms provider type is Vault, and forbidden otherwise" // +union -type KMSConfig struct { +type KMSPluginConfig struct { // type defines the kind of platform for the KMS provider. - // Available provider types are AWS only. + // Allowed values are Vault. + // When set to Vault, the plugin connects to a HashiCorp Vault server for key management. // // +unionDiscriminator // +required Type KMSProviderType `json:"type"` - // aws defines the key config for using an AWS KMS instance - // for the encryption. The AWS KMS instance is managed + // vault defines the configuration for the Vault KMS plugin. + // The plugin connects to a Vault Enterprise server that is managed // by the user outside the purview of the control plane. + // This field must be set when type is Vault, and must be unset otherwise. // // +unionMember // +optional - AWS *AWSKMSConfig `json:"aws,omitempty"` + Vault VaultKMSPluginConfig `json:"vault,omitempty,omitzero"` + + // --- TOMBSTONE --- + // aws was a field that allowed configuring AWS KMS. + // It was never implemented and has been removed. + // The field name is reserved to prevent reuse. + // + // +optional + // AWS *AWSKMSConfig `json:"aws,omitempty"` } -// AWSKMSConfig defines the KMS config specific to AWS KMS provider -type AWSKMSConfig struct { - // keyARN specifies the Amazon Resource Name (ARN) of the AWS KMS key used for encryption. - // The value must adhere to the format `arn:aws:kms:::key/`, where: - // - `` is the AWS region consisting of lowercase letters and hyphens followed by a number. - // - `` is a 12-digit numeric identifier for the AWS account. - // - `` is a unique identifier for the KMS key, consisting of lowercase hexadecimal characters and hyphens. +// --- TOMBSTONE --- +// AWSKMSConfig was a type for AWS KMS configuration that was never implemented. +// The type name is reserved to prevent reuse. +// +// type AWSKMSConfig struct { +// KeyARN string `json:"keyARN"` +// Region string `json:"region"` +// } + +// KMSProviderType is a specific supported KMS provider +// +kubebuilder:validation:Enum=Vault +type KMSProviderType string + +const ( + // VaultKMSProvider represents a supported KMS provider for use with HashiCorp Vault + VaultKMSProvider KMSProviderType = "Vault" + + // --- TOMBSTONE --- + // AWSKMSProvider was a constant for AWS KMS support that was never implemented. + // The constant name is reserved to prevent reuse. + // + // AWSKMSProvider KMSProviderType = "AWS" +) + +// VaultSecretReference references a secret in the openshift-config namespace. +type VaultSecretReference struct { + // name is the metadata.name of the referenced secret in the openshift-config namespace. + // The name must be a valid DNS subdomain name: it must contain no more than 253 characters, + // contain only lowercase alphanumeric characters, '-' or '.', and start and end with an alphanumeric character. // - // +kubebuilder:validation:MaxLength=128 // +kubebuilder:validation:MinLength=1 - // +kubebuilder:validation:XValidation:rule="self.matches('^arn:aws:kms:[a-z0-9-]+:[0-9]{12}:key/[a-f0-9-]+$')",message="keyARN must follow the format `arn:aws:kms:::key/`. The account ID must be a 12 digit number and the region and key ID should consist only of lowercase hexadecimal characters and hyphens (-)." + // +kubebuilder:validation:MaxLength=253 + // +kubebuilder:validation:XValidation:rule="!format.dns1123Subdomain().validate(self).hasValue()",message="name must be a valid DNS subdomain name: contain no more than 253 characters, contain only lowercase alphanumeric characters, '-' or '.', and start and end with an alphanumeric character" // +required - KeyARN string `json:"keyARN"` - // region specifies the AWS region where the KMS instance exists, and follows the format - // `--`, e.g.: `us-east-1`. - // Only lowercase letters and hyphens followed by numbers are allowed. + Name string `json:"name,omitempty"` +} + +// VaultConfigMapReference references a ConfigMap in the openshift-config namespace. +type VaultConfigMapReference struct { + // name is the metadata.name of the referenced ConfigMap in the openshift-config namespace. + // The name must be a valid DNS subdomain name: it must contain no more than 253 characters, + // contain only lowercase alphanumeric characters, '-' or '.', and start and end with an alphanumeric character. // - // +kubebuilder:validation:MaxLength=64 // +kubebuilder:validation:MinLength=1 - // +kubebuilder:validation:XValidation:rule="self.matches('^[a-z0-9]+(-[a-z0-9]+)*$')",message="region must be a valid AWS region, consisting of lowercase characters, digits and hyphens (-) only." + // +kubebuilder:validation:MaxLength=253 + // +kubebuilder:validation:XValidation:rule="!format.dns1123Subdomain().validate(self).hasValue()",message="name must be a valid DNS subdomain name: contain no more than 253 characters, contain only lowercase alphanumeric characters, '-' or '.', and start and end with an alphanumeric character" // +required - Region string `json:"region"` + Name string `json:"name,omitempty"` } -// KMSProviderType is a specific supported KMS provider -// +kubebuilder:validation:Enum=AWS -type KMSProviderType string +// VaultAuthentication defines the authentication method used to authenticate with Vault. +// +kubebuilder:validation:XValidation:rule="self.type == 'AppRole' ? has(self.appRole) : !has(self.appRole)",message="appRole config is required when authentication type is AppRole, and forbidden otherwise" +// +union +type VaultAuthentication struct { + // type defines the authentication method used to authenticate with Vault. + // Allowed values are AppRole. + // When set to AppRole, the plugin uses AppRole credentials to authenticate with Vault. + // + // +unionDiscriminator + // +required + Type VaultAuthenticationType `json:"type,omitempty"` + + // appRole defines the configuration for AppRole authentication. + // This field must be set when type is AppRole, and must be unset otherwise. + // + // +unionMember + // +optional + AppRole VaultAppRoleAuthentication `json:"appRole,omitzero"` +} + +// VaultAuthenticationType defines the authentication method type for Vault. +// +kubebuilder:validation:Enum=AppRole +type VaultAuthenticationType string const ( - // AWSKMSProvider represents a supported KMS provider for use with AWS KMS - AWSKMSProvider KMSProviderType = "AWS" + // VaultAuthenticationTypeAppRole represents AppRole authentication method. + VaultAuthenticationTypeAppRole VaultAuthenticationType = "AppRole" ) + +// VaultAppRoleAuthentication defines the configuration for AppRole authentication with Vault. +type VaultAppRoleAuthentication struct { + // secret references a secret in the openshift-config namespace containing + // the AppRole credentials used to authenticate with Vault. + // The referenced Secret must contain two keys: "role-id" for the AppRole Role ID and "secret-id" for the AppRole Secret ID. + // + // +required + Secret VaultSecretReference `json:"secret,omitzero"` +} + +// VaultKMSPluginConfig defines the KMS plugin configuration specific to Vault KMS +type VaultKMSPluginConfig struct { + // kmsPluginImage specifies the container image for the HashiCorp Vault KMS plugin. + // + // The image must be a fully qualified OCI image pull spec with a SHA256 digest. + // The format is: host[:port][/namespace]/name@sha256: + // where the digest must be 64 characters long and consist only of lowercase hexadecimal characters, a-f and 0-9. + // The total length must be between 75 and 447 characters. + // + // Short names (e.g., "vault-plugin" or "hashicorp/vault-plugin") are not allowed. + // The registry hostname must be included and must contain at least one dot. + // Image tags (e.g., ":latest", ":v1.0.0") are not allowed. + // + // Consult the OpenShift documentation for compatible plugin versions with your cluster version, + // then obtain the image digest for that version from HashiCorp's container registry. + // + // For disconnected environments, mirror the plugin image to an accessible registry + // and reference the mirrored location with its digest. + // + // +kubebuilder:validation:MinLength=75 + // +kubebuilder:validation:MaxLength=447 + // +kubebuilder:validation:XValidation:rule=`(self.split('@').size() == 2 && self.split('@')[1].matches('^sha256:[a-f0-9]{64}$'))`,message="the OCI Image reference must end with a valid '@sha256:' suffix, where '' is 64 characters long" + // +kubebuilder:validation:XValidation:rule=`(self.split('@')[0].matches('^([a-zA-Z0-9-]+\\.)+[a-zA-Z0-9-]+(:[0-9]{2,5})?(/[a-zA-Z0-9-_.]+)+$'))`,message="the OCI Image name should follow the host[:port][/namespace]/name format, resembling a valid URL without the scheme. Short names are not allowed, the registry hostname must be included." + // +required + KMSPluginImage string `json:"kmsPluginImage,omitempty"` + + // vaultAddress specifies the address of the HashiCorp Vault instance. + // The value must be a valid HTTPS URL containing only scheme, host, and optional port. + // Paths, user info, query parameters, and fragments are not allowed. + // + // Format: https://hostname[:port] + // Example: https://vault.example.com:8200 + // + // The value must be between 1 and 512 characters. + // + // +kubebuilder:validation:XValidation:rule="isURL(self)",message="must be a valid URL" + // +kubebuilder:validation:XValidation:rule="isURL(self) && url(self).getScheme() == 'https'",message="must use the 'https' scheme" + // +kubebuilder:validation:XValidation:rule="isURL(self) && (url(self).getEscapedPath() == '' || url(self).getEscapedPath() == '/')",message="must not contain a path" + // +kubebuilder:validation:XValidation:rule="isURL(self) && url(self).getQuery() == {}",message="must not have a query" + // +kubebuilder:validation:XValidation:rule="self.find('#(.+)$') == ''",message="must not have a fragment" + // +kubebuilder:validation:XValidation:rule="self.find('@') == ''",message="must not have user info" + // +kubebuilder:validation:MaxLength=512 + // +kubebuilder:validation:MinLength=1 + // +required + VaultAddress string `json:"vaultAddress,omitempty"` + + // vaultNamespace specifies the Vault namespace where the Transit secrets engine is mounted. + // This is only applicable for Vault Enterprise installations. + // When this field is not set, no namespace is used. + // + // The value must be between 1 and 4096 characters. + // The namespace cannot end with a forward slash, cannot contain spaces, and cannot be one of the reserved strings: root, sys, audit, auth, cubbyhole, or identity. + // + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=4096 + // +kubebuilder:validation:XValidation:rule="!self.endsWith('/')",message="vaultNamespace cannot end with a forward slash" + // +kubebuilder:validation:XValidation:rule="!self.contains(' ')",message="vaultNamespace cannot contain spaces" + // +kubebuilder:validation:XValidation:rule="!(self in ['root', 'sys', 'audit', 'auth', 'cubbyhole', 'identity'])",message="vaultNamespace cannot be a reserved string (root, sys, audit, auth, cubbyhole, identity)" + // +optional + VaultNamespace string `json:"vaultNamespace,omitempty"` + + // tls contains the TLS configuration for connecting to the Vault server. + // When this field is not set, system default TLS settings are used. + // +optional + TLS VaultTLSConfig `json:"tls,omitzero"` + + // authentication defines the authentication method used to authenticate with Vault. + // + // +required + Authentication VaultAuthentication `json:"authentication,omitzero"` + + // transitMount specifies the mount path of the Vault Transit engine. + // + // The transit mount must be between 1 and 1024 characters, cannot start or + // end with a forward slash, cannot contain consecutive forward slashes, and + // must only contain RFC 3986 unreserved characters (alphanumeric, hyphen, + // period, underscore, tilde) and forward slashes as path separators. + // + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=1024 + // +kubebuilder:validation:XValidation:rule="!self.startsWith('/')",message="transitMount cannot start with a forward slash" + // +kubebuilder:validation:XValidation:rule="!self.endsWith('/')",message="transitMount cannot end with a forward slash" + // +kubebuilder:validation:XValidation:rule="!self.contains('//')",message="transitMount cannot contain consecutive forward slashes" + // +kubebuilder:validation:XValidation:rule="self.matches('^[a-zA-Z0-9._~/-]+$')",message="transitMount must only contain RFC 3986 unreserved characters (alphanumeric, hyphen, period, underscore, tilde) and forward slashes" + // +required + TransitMount string `json:"transitMount,omitempty"` + + // transitKey specifies the name of the encryption key in Vault's Transit engine. + // This key is used to encrypt and decrypt data. + // + // The transit key must be between 1 and 512 characters, cannot contain forward slashes, + // and must only contain alphanumeric characters, hyphens, periods, and underscores. + // + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=512 + // +kubebuilder:validation:XValidation:rule="!self.contains('/')",message="transitKey cannot contain forward slashes" + // +kubebuilder:validation:XValidation:rule="self.matches('^[a-zA-Z0-9._-]+$')",message="transitKey must only contain alphanumeric characters, hyphens, periods, and underscores" + // +required + TransitKey string `json:"transitKey,omitempty"` +} + +// VaultTLSConfig contains TLS configuration for connecting to Vault. +// +kubebuilder:validation:MinProperties=1 +type VaultTLSConfig struct { + // caBundle references a ConfigMap in the openshift-config namespace containing + // the CA certificate bundle used to verify the TLS connection to the Vault server. + // The referenced ConfigMap must contain the CA bundle in the key "ca-bundle.crt". + // When this field is not set, the system's trusted CA certificates are used. + // + // The namespace for the ConfigMap is openshift-config. + // + // Example ConfigMap: + // apiVersion: v1 + // kind: ConfigMap + // metadata: + // name: vault-ca-bundle + // namespace: openshift-config + // data: + // ca-bundle.crt: | + // -----BEGIN CERTIFICATE----- + // ... + // -----END CERTIFICATE----- + // + // +optional + CABundle VaultConfigMapReference `json:"caBundle,omitzero"` + + // serverName specifies the Server Name Indication (SNI) to use when connecting to Vault via TLS. + // This is useful when the Vault server's hostname doesn't match its TLS certificate. + // When this field is not set, the hostname from vaultAddress is used for SNI. + // + // The value must be a valid DNS hostname: it must contain no more than 253 characters, + // contain only lowercase alphanumeric characters, '-' or '.', and start and end with an alphanumeric character. + // + // +kubebuilder:validation:MaxLength=253 + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:XValidation:rule="!format.dns1123Subdomain().validate(self).hasValue()",message="serverName must be a valid DNS hostname: contain no more than 253 characters, contain only lowercase alphanumeric characters, '-' or '.', and start and end with an alphanumeric character" + // +optional + ServerName string `json:"serverName,omitempty"` +} diff --git a/vendor/github.com/openshift/api/config/v1/types_network.go b/vendor/github.com/openshift/api/config/v1/types_network.go index fb8ed2fff..5e2eb9337 100644 --- a/vendor/github.com/openshift/api/config/v1/types_network.go +++ b/vendor/github.com/openshift/api/config/v1/types_network.go @@ -86,6 +86,13 @@ type NetworkSpec struct { // // +optional NetworkDiagnostics NetworkDiagnostics `json:"networkDiagnostics"` + + // networkObservability is an optional field that configures network observability installation + // during cluster deployment (day-0). + // When omitted, unless this is a SNO cluster, network observability will be installed if not already present, after that, no action taken. + // +openshift:enable:FeatureGate=NetworkObservabilityInstall + // +optional + NetworkObservability NetworkObservabilitySpec `json:"networkObservability,omitempty,omitzero"` } // NetworkStatus is the current network configuration. @@ -304,3 +311,26 @@ type NetworkDiagnosticsTargetPlacement struct { // +listType=atomic Tolerations []corev1.Toleration `json:"tolerations"` } + +// NetworkObservabilityInstallationPolicy is an enumeration of the available network observability installation policies +// Valid values are "InstallAndEnable", "NoAction". +// +kubebuilder:validation:Enum=InstallAndEnable;NoAction +type NetworkObservabilityInstallationPolicy string + +const ( + // NetworkObservabilityInstallAndEnable means that network observability should be installed and enabled during cluster deployment + // Since this was explicitly set to install, if the user remove NetworkObservability, it will be installed again unless the value of InstallationPolicy is changed + NetworkObservabilityInstallAndEnable NetworkObservabilityInstallationPolicy = "InstallAndEnable" + // NetworkObservabilityNoAction means that nothing will be done regarding Network Observability + NetworkObservabilityNoAction NetworkObservabilityInstallationPolicy = "NoAction" +) + +// NetworkObservabilitySpec defines the configuration for network observability installation +type NetworkObservabilitySpec struct { + // installationPolicy controls whether network observability is installed during cluster deployment. + // Valid values are "InstallAndEnable" and "NoAction". + // When set to "InstallAndEnable", ensure that network observability will be installed and enabled on the cluster. If already installed, no action taken, but if it gets uninstalled, it will install it again. + // When set to "NoAction", nothing will be done regarding Network observability. + // +required + InstallationPolicy NetworkObservabilityInstallationPolicy `json:"installationPolicy,omitempty"` +} diff --git a/vendor/github.com/openshift/api/config/v1/types_tlssecurityprofile.go b/vendor/github.com/openshift/api/config/v1/types_tlssecurityprofile.go index 48657b089..2e9be97ae 100644 --- a/vendor/github.com/openshift/api/config/v1/types_tlssecurityprofile.go +++ b/vendor/github.com/openshift/api/config/v1/types_tlssecurityprofile.go @@ -7,10 +7,16 @@ type TLSSecurityProfile struct { // type is one of Old, Intermediate, Modern or Custom. Custom provides the // ability to specify individual TLS security profile parameters. // - // The profiles are based on version 5.7 of the Mozilla Server Side TLS - // configuration guidelines. The cipher lists consist of the configuration's - // "ciphersuites" followed by the Go-specific "ciphers" from the guidelines. - // See: https://ssl-config.mozilla.org/guidelines/5.7.json + // The cipher and groups lists in these profiles are based on version 5.8 of the + // Mozilla Server Side TLS configuration guidelines. + // See: https://ssl-config.mozilla.org/guidelines/5.8.json + // + // The groups are listed in suggested preference order, with the most preferred group first. + // Note that not all platform components honor the ordering: Go-based components use Go's + // internal preference order and treat this list as a filter of allowed groups rather than + // an ordered preference. + // Note that X25519MLKEM768 is a post-quantum hybrid group that is not + // FIPS-approved and should be ignored by components running in FIPS mode. // // The profiles are intent based, so they may change over time as new ciphers are // developed and existing ciphers are found to be insecure. Depending on @@ -23,6 +29,10 @@ type TLSSecurityProfile struct { // old is a TLS profile for use when services need to be accessed by very old // clients or libraries and should be used only as a last resort. // + // The supported groups list includes by default the following groups + // in suggested preference order (ordering may not be honored by all implementations): + // X25519MLKEM768, X25519, secp256r1, secp384r1. + // // This profile is equivalent to a Custom profile specified as: // minTLSVersion: VersionTLS10 // ciphers: @@ -39,11 +49,14 @@ type TLSSecurityProfile struct { // - ECDHE-RSA-AES128-SHA256 // - ECDHE-ECDSA-AES128-SHA // - ECDHE-RSA-AES128-SHA + // - ECDHE-ECDSA-AES256-SHA384 + // - ECDHE-RSA-AES256-SHA384 // - ECDHE-ECDSA-AES256-SHA // - ECDHE-RSA-AES256-SHA // - AES128-GCM-SHA256 // - AES256-GCM-SHA384 // - AES128-SHA256 + // - AES256-SHA256 // - AES128-SHA // - AES256-SHA // - DES-CBC3-SHA @@ -56,6 +69,10 @@ type TLSSecurityProfile struct { // legacy clients and want to remain highly secure while being compatible with // most clients currently in use. // + // The supported groups list includes by default the following groups + // in suggested preference order (ordering may not be honored by all implementations): + // X25519MLKEM768, X25519, secp256r1, secp384r1. + // // This profile is equivalent to a Custom profile specified as: // minTLSVersion: VersionTLS12 // ciphers: @@ -75,7 +92,9 @@ type TLSSecurityProfile struct { // modern is a TLS security profile for use with clients that support TLS 1.3 and // do not need backward compatibility for older clients. - // + // The supported groups list includes by default the following groups + // in suggested preference order (ordering may not be honored by all implementations): + // X25519MLKEM768, X25519, secp256r1, secp384r1. // This profile is equivalent to a Custom profile specified as: // minTLSVersion: VersionTLS13 // ciphers: @@ -88,8 +107,11 @@ type TLSSecurityProfile struct { Modern *ModernTLSProfile `json:"modern,omitempty"` // custom is a user-defined TLS security profile. Be extremely careful using a custom - // profile as invalid configurations can be catastrophic. An example custom profile - // looks like this: + // profile as invalid configurations can be catastrophic. + // + // The supported groups list for this profile is empty by default. + // + // An example custom profile looks like this: // // minTLSVersion: VersionTLS11 // ciphers: @@ -142,6 +164,33 @@ const ( TLSProfileCustomType TLSProfileType = "Custom" ) +// TLSGroup is a supported group identifier that can be used in TLSProfile.Groups. +// There is a one-to-one mapping between these names and the group IDs defined +// in Go's crypto/tls package based on IANA's "TLS Supported Groups" registry: +// https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8 +// Note that X25519MLKEM768 is a post-quantum hybrid group that is not +// FIPS-approved and should be ignored by components running in FIPS mode. +// +// +kubebuilder:validation:Enum=X25519;secp256r1;secp384r1;secp521r1;X25519MLKEM768;SecP256r1MLKEM768;SecP384r1MLKEM1024 +type TLSGroup string + +const ( + // TLSGroupX25519 represents X25519. + TLSGroupX25519 TLSGroup = "X25519" + // TLSGroupSecP256r1 represents P-256 (secp256r1). + TLSGroupSecP256r1 TLSGroup = "secp256r1" + // TLSGroupSecP384r1 represents P-384 (secp384r1). + TLSGroupSecP384r1 TLSGroup = "secp384r1" + // TLSGroupSecP521r1 represents P-521 (secp521r1). + TLSGroupSecP521r1 TLSGroup = "secp521r1" + // TLSGroupX25519MLKEM768 represents X25519MLKEM768. + TLSGroupX25519MLKEM768 TLSGroup = "X25519MLKEM768" + // TLSGroupSecP256r1MLKEM768 represents SecP256r1MLKEM768. + TLSGroupSecP256r1MLKEM768 TLSGroup = "SecP256r1MLKEM768" + // TLSGroupSecP384r1MLKEM1024 represents SecP384r1MLKEM1024. + TLSGroupSecP384r1MLKEM1024 TLSGroup = "SecP384r1MLKEM1024" +) + // TLSProfileSpec is the desired behavior of a TLSSecurityProfile. type TLSProfileSpec struct { // ciphers is used to specify the cipher algorithms that are negotiated @@ -155,6 +204,30 @@ type TLSProfileSpec struct { // and are always enabled when TLS 1.3 is negotiated. // +listType=atomic Ciphers []string `json:"ciphers"` + // groups is an optional, ordered field used to specify the supported groups (formerly known as + // elliptic curves) that are used during the TLS handshake. The order of the groups represents + // a suggested preference, with the most preferred group first. Note that not all platform + // components honor the ordering: Go-based components use Go's internal preference order and + // treat this list as a filter of allowed groups rather than an ordered preference. + // Operators may remove entries their operands do not support. + // + // When omitted, this means no opinion and the platform is left to choose reasonable defaults which are + // subject to change over time and may be different per platform component depending on the underlying TLS + // libraries they use. If specified, the list must contain at least one and at most 7 groups, + // and each group must be unique. + // + // For example, to use X25519 and secp256r1 (yaml): + // + // groups: + // - X25519 + // - secp256r1 + // + // +optional + // +listType=set + // +kubebuilder:validation:MaxItems=7 + // +kubebuilder:validation:MinItems=1 + // +openshift:enable:FeatureGate=TLSGroupPreferences + Groups []TLSGroup `json:"groups,omitempty"` // minTLSVersion is used to specify the minimal version of the TLS protocol // that is negotiated during the TLS handshake. For example, to use TLS // versions 1.1, 1.2 and 1.3 (yaml): @@ -187,16 +260,22 @@ const ( // TLSProfiles contains a map of TLSProfileType names to TLSProfileSpec. // -// These profiles are based on version 5.7 of the Mozilla Server Side TLS -// configuration guidelines. See: https://ssl-config.mozilla.org/guidelines/5.7.json +// The cipher and groups lists in these profiles are based on version 5.8 of the +// Mozilla Server Side TLS configuration guidelines. +// See: https://ssl-config.mozilla.org/guidelines/5.8.json // // Each Ciphers slice is the configuration's "ciphersuites" followed by the -// Go-specific "ciphers" from the guidelines JSON. +// "ciphers" from the guidelines JSON. +// +// Groups are listed in suggested preference order, though Go-based components may use +// their own internal ordering. TLSProfiles Old, Intermediate, Modern include by default +// the following groups: X25519MLKEM768, X25519, secp256r1, secp384r1 // // NOTE: The caller needs to make sure to check that these constants are valid // for their binary. Not all entries map to values for all binaries. In the case // of ties, the kube-apiserver wins. Do not fail, just be sure to include only -// valid entries and everything will be ok. +// valid entries and everything will be ok. In particular, X25519MLKEM768 is +// not FIPS-approved and must be omitted by components running in FIPS mode. var TLSProfiles = map[TLSProfileType]*TLSProfileSpec{ TLSProfileOldType: { Ciphers: []string{ @@ -213,15 +292,24 @@ var TLSProfiles = map[TLSProfileType]*TLSProfileSpec{ "ECDHE-RSA-AES128-SHA256", "ECDHE-ECDSA-AES128-SHA", "ECDHE-RSA-AES128-SHA", + "ECDHE-ECDSA-AES256-SHA384", + "ECDHE-RSA-AES256-SHA384", "ECDHE-ECDSA-AES256-SHA", "ECDHE-RSA-AES256-SHA", "AES128-GCM-SHA256", "AES256-GCM-SHA384", "AES128-SHA256", + "AES256-SHA256", "AES128-SHA", "AES256-SHA", "DES-CBC3-SHA", }, + Groups: []TLSGroup{ + TLSGroupX25519MLKEM768, + TLSGroupX25519, + TLSGroupSecP256r1, + TLSGroupSecP384r1, + }, MinTLSVersion: VersionTLS10, }, TLSProfileIntermediateType: { @@ -236,6 +324,12 @@ var TLSProfiles = map[TLSProfileType]*TLSProfileSpec{ "ECDHE-ECDSA-CHACHA20-POLY1305", "ECDHE-RSA-CHACHA20-POLY1305", }, + Groups: []TLSGroup{ + TLSGroupX25519MLKEM768, + TLSGroupX25519, + TLSGroupSecP256r1, + TLSGroupSecP384r1, + }, MinTLSVersion: VersionTLS12, }, TLSProfileModernType: { @@ -244,6 +338,12 @@ var TLSProfiles = map[TLSProfileType]*TLSProfileSpec{ "TLS_AES_256_GCM_SHA384", "TLS_CHACHA20_POLY1305_SHA256", }, + Groups: []TLSGroup{ + TLSGroupX25519MLKEM768, + TLSGroupX25519, + TLSGroupSecP256r1, + TLSGroupSecP384r1, + }, MinTLSVersion: VersionTLS13, }, } diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.deepcopy.go b/vendor/github.com/openshift/api/config/v1/zz_generated.deepcopy.go index 30b85b78e..13f1bc390 100644 --- a/vendor/github.com/openshift/api/config/v1/zz_generated.deepcopy.go +++ b/vendor/github.com/openshift/api/config/v1/zz_generated.deepcopy.go @@ -42,11 +42,7 @@ func (in *APIServer) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *APIServerEncryption) DeepCopyInto(out *APIServerEncryption) { *out = *in - if in.KMS != nil { - in, out := &in.KMS, &out.KMS - *out = new(KMSConfig) - (*in).DeepCopyInto(*out) - } + out.KMS = in.KMS return } @@ -148,7 +144,7 @@ func (in *APIServerSpec) DeepCopyInto(out *APIServerSpec) { *out = make([]string, len(*in)) copy(*out, *in) } - in.Encryption.DeepCopyInto(&out.Encryption) + out.Encryption = in.Encryption if in.TLSSecurityProfile != nil { in, out := &in.TLSSecurityProfile, &out.TLSSecurityProfile *out = new(TLSSecurityProfile) @@ -216,22 +212,6 @@ func (in *AWSIngressSpec) DeepCopy() *AWSIngressSpec { return out } -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *AWSKMSConfig) DeepCopyInto(out *AWSKMSConfig) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AWSKMSConfig. -func (in *AWSKMSConfig) DeepCopy() *AWSKMSConfig { - if in == nil { - return nil - } - out := new(AWSKMSConfig) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *AWSPlatformSpec) DeepCopyInto(out *AWSPlatformSpec) { *out = *in @@ -956,6 +936,45 @@ func (in *ClientConnectionOverrides) DeepCopy() *ClientConnectionOverrides { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ClientCredentialConfig) DeepCopyInto(out *ClientCredentialConfig) { + *out = *in + out.ClientSecret = in.ClientSecret + if in.Scopes != nil { + in, out := &in.Scopes, &out.Scopes + *out = make([]OAuth2Scope, len(*in)) + copy(*out, *in) + } + out.TLS = in.TLS + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClientCredentialConfig. +func (in *ClientCredentialConfig) DeepCopy() *ClientCredentialConfig { + if in == nil { + return nil + } + out := new(ClientCredentialConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ClientSecretSecretReference) DeepCopyInto(out *ClientSecretSecretReference) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClientSecretSecretReference. +func (in *ClientSecretSecretReference) DeepCopy() *ClientSecretSecretReference { + if in == nil { + return nil + } + out := new(ClientSecretSecretReference) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *CloudControllerManagerStatus) DeepCopyInto(out *CloudControllerManagerStatus) { *out = *in @@ -2103,6 +2122,35 @@ func (in *EtcdStorageConfig) DeepCopy() *EtcdStorageConfig { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ExternalClaimsSource) DeepCopyInto(out *ExternalClaimsSource) { + *out = *in + in.Authentication.DeepCopyInto(&out.Authentication) + out.TLS = in.TLS + out.URL = in.URL + if in.Mappings != nil { + in, out := &in.Mappings, &out.Mappings + *out = make([]SourcedClaimMapping, len(*in)) + copy(*out, *in) + } + if in.Predicates != nil { + in, out := &in.Predicates, &out.Predicates + *out = make([]ExternalSourcePredicate, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalClaimsSource. +func (in *ExternalClaimsSource) DeepCopy() *ExternalClaimsSource { + if in == nil { + return nil + } + out := new(ExternalClaimsSource) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ExternalIPConfig) DeepCopyInto(out *ExternalIPConfig) { *out = *in @@ -2188,6 +2236,72 @@ func (in *ExternalPlatformStatus) DeepCopy() *ExternalPlatformStatus { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ExternalSourceAuthentication) DeepCopyInto(out *ExternalSourceAuthentication) { + *out = *in + in.ClientCredential.DeepCopyInto(&out.ClientCredential) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalSourceAuthentication. +func (in *ExternalSourceAuthentication) DeepCopy() *ExternalSourceAuthentication { + if in == nil { + return nil + } + out := new(ExternalSourceAuthentication) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ExternalSourceCertificateAuthorityConfigMapReference) DeepCopyInto(out *ExternalSourceCertificateAuthorityConfigMapReference) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalSourceCertificateAuthorityConfigMapReference. +func (in *ExternalSourceCertificateAuthorityConfigMapReference) DeepCopy() *ExternalSourceCertificateAuthorityConfigMapReference { + if in == nil { + return nil + } + out := new(ExternalSourceCertificateAuthorityConfigMapReference) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ExternalSourcePredicate) DeepCopyInto(out *ExternalSourcePredicate) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalSourcePredicate. +func (in *ExternalSourcePredicate) DeepCopy() *ExternalSourcePredicate { + if in == nil { + return nil + } + out := new(ExternalSourcePredicate) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ExternalSourceTLS) DeepCopyInto(out *ExternalSourceTLS) { + *out = *in + out.CertificateAuthority = in.CertificateAuthority + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalSourceTLS. +func (in *ExternalSourceTLS) DeepCopy() *ExternalSourceTLS { + if in == nil { + return nil + } + out := new(ExternalSourceTLS) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ExtraMapping) DeepCopyInto(out *ExtraMapping) { *out = *in @@ -2560,6 +2674,7 @@ func (in *GenericAPIServerConfig) DeepCopy() *GenericAPIServerConfig { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *GenericControllerConfig) DeepCopyInto(out *GenericControllerConfig) { *out = *in + out.TypeMeta = in.TypeMeta in.ServingInfo.DeepCopyInto(&out.ServingInfo) out.LeaderElection = in.LeaderElection out.Authentication = in.Authentication @@ -3830,22 +3945,18 @@ func (in *IntermediateTLSProfile) DeepCopy() *IntermediateTLSProfile { } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *KMSConfig) DeepCopyInto(out *KMSConfig) { +func (in *KMSPluginConfig) DeepCopyInto(out *KMSPluginConfig) { *out = *in - if in.AWS != nil { - in, out := &in.AWS, &out.AWS - *out = new(AWSKMSConfig) - **out = **in - } + out.Vault = in.Vault return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KMSConfig. -func (in *KMSConfig) DeepCopy() *KMSConfig { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KMSPluginConfig. +func (in *KMSPluginConfig) DeepCopy() *KMSPluginConfig { if in == nil { return nil } - out := new(KMSConfig) + out := new(KMSPluginConfig) in.DeepCopyInto(out) return out } @@ -4283,6 +4394,22 @@ func (in *NetworkMigration) DeepCopy() *NetworkMigration { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NetworkObservabilitySpec) DeepCopyInto(out *NetworkObservabilitySpec) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkObservabilitySpec. +func (in *NetworkObservabilitySpec) DeepCopy() *NetworkObservabilitySpec { + if in == nil { + return nil + } + out := new(NetworkObservabilitySpec) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *NetworkSpec) DeepCopyInto(out *NetworkSpec) { *out = *in @@ -4302,6 +4429,7 @@ func (in *NetworkSpec) DeepCopyInto(out *NetworkSpec) { (*in).DeepCopyInto(*out) } in.NetworkDiagnostics.DeepCopyInto(&out.NetworkDiagnostics) + out.NetworkObservability = in.NetworkObservability return } @@ -4847,6 +4975,13 @@ func (in *OIDCProvider) DeepCopyInto(out *OIDCProvider) { *out = make([]TokenUserValidationRule, len(*in)) copy(*out, *in) } + if in.ExternalClaimsSources != nil { + in, out := &in.ExternalClaimsSources, &out.ExternalClaimsSources + *out = make([]ExternalClaimsSource, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } return } @@ -6187,6 +6322,38 @@ func (in *SignatureStore) DeepCopy() *SignatureStore { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SourceURL) DeepCopyInto(out *SourceURL) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SourceURL. +func (in *SourceURL) DeepCopy() *SourceURL { + if in == nil { + return nil + } + out := new(SourceURL) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SourcedClaimMapping) DeepCopyInto(out *SourcedClaimMapping) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SourcedClaimMapping. +func (in *SourcedClaimMapping) DeepCopy() *SourcedClaimMapping { + if in == nil { + return nil + } + out := new(SourcedClaimMapping) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *Storage) DeepCopyInto(out *Storage) { *out = *in @@ -6245,6 +6412,11 @@ func (in *TLSProfileSpec) DeepCopyInto(out *TLSProfileSpec) { *out = make([]string, len(*in)) copy(*out, *in) } + if in.Groups != nil { + in, out := &in.Groups, &out.Groups + *out = make([]TLSGroup, len(*in)) + copy(*out, *in) + } return } @@ -6901,6 +7073,107 @@ func (in *VSpherePlatformVCenterSpec) DeepCopy() *VSpherePlatformVCenterSpec { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *VaultAppRoleAuthentication) DeepCopyInto(out *VaultAppRoleAuthentication) { + *out = *in + out.Secret = in.Secret + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VaultAppRoleAuthentication. +func (in *VaultAppRoleAuthentication) DeepCopy() *VaultAppRoleAuthentication { + if in == nil { + return nil + } + out := new(VaultAppRoleAuthentication) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *VaultAuthentication) DeepCopyInto(out *VaultAuthentication) { + *out = *in + out.AppRole = in.AppRole + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VaultAuthentication. +func (in *VaultAuthentication) DeepCopy() *VaultAuthentication { + if in == nil { + return nil + } + out := new(VaultAuthentication) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *VaultConfigMapReference) DeepCopyInto(out *VaultConfigMapReference) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VaultConfigMapReference. +func (in *VaultConfigMapReference) DeepCopy() *VaultConfigMapReference { + if in == nil { + return nil + } + out := new(VaultConfigMapReference) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *VaultKMSPluginConfig) DeepCopyInto(out *VaultKMSPluginConfig) { + *out = *in + out.TLS = in.TLS + out.Authentication = in.Authentication + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VaultKMSPluginConfig. +func (in *VaultKMSPluginConfig) DeepCopy() *VaultKMSPluginConfig { + if in == nil { + return nil + } + out := new(VaultKMSPluginConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *VaultSecretReference) DeepCopyInto(out *VaultSecretReference) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VaultSecretReference. +func (in *VaultSecretReference) DeepCopy() *VaultSecretReference { + if in == nil { + return nil + } + out := new(VaultSecretReference) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *VaultTLSConfig) DeepCopyInto(out *VaultTLSConfig) { + *out = *in + out.CABundle = in.CABundle + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VaultTLSConfig. +func (in *VaultTLSConfig) DeepCopy() *VaultTLSConfig { + if in == nil { + return nil + } + out := new(VaultTLSConfig) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *WebhookTokenAuthenticator) DeepCopyInto(out *WebhookTokenAuthenticator) { *out = *in diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/config/v1/zz_generated.featuregated-crd-manifests.yaml index eb7c485e0..13635bff4 100644 --- a/vendor/github.com/openshift/api/config/v1/zz_generated.featuregated-crd-manifests.yaml +++ b/vendor/github.com/openshift/api/config/v1/zz_generated.featuregated-crd-manifests.yaml @@ -7,7 +7,8 @@ apiservers.config.openshift.io: Category: "" FeatureGates: - KMSEncryption - - KMSEncryptionProvider + - TLSAdherence + - TLSGroupPreferences FilenameOperatorName: config-operator FilenameOperatorOrdering: "01" FilenameRunLevel: "0000_10" @@ -31,6 +32,7 @@ authentications.config.openshift.io: Category: "" FeatureGates: - ExternalOIDC + - ExternalOIDCExternalClaimsSourcing - ExternalOIDCWithUIDAndExtraClaimMappings - ExternalOIDCWithUpstreamParity FilenameOperatorName: config-operator @@ -144,6 +146,7 @@ clusterversions.config.openshift.io: Category: "" FeatureGates: - ClusterUpdateAcceptRisks + - ClusterUpdatePreflight - ImageStreamImportMode - SignatureStores FilenameOperatorName: cluster-version-operator @@ -204,7 +207,8 @@ dnses.config.openshift.io: CRDName: dnses.config.openshift.io Capability: "" Category: "" - FeatureGates: [] + FeatureGates: + - AWSEuropeanSovereignCloudInstall FilenameOperatorName: config-operator FilenameOperatorOrdering: "01" FilenameRunLevel: "0000_10" @@ -370,13 +374,11 @@ infrastructures.config.openshift.io: - AzureDualStackInstall - DualReplica - DyanmicServiceEndpointIBMCloud - - GCPClusterHostedDNSInstall - - HighlyAvailableArbiter - - HighlyAvailableArbiter+DualReplica - NutanixMultiSubnets - OnPremDNSRecords - VSphereHostVMGroupZonal - VSphereMultiNetworks + - VSphereMultiVCenterDay2 FilenameOperatorName: config-operator FilenameOperatorOrdering: "01" FilenameRunLevel: "0000_10" @@ -443,7 +445,8 @@ networks.config.openshift.io: CRDName: networks.config.openshift.io Capability: "" Category: "" - FeatureGates: [] + FeatureGates: + - NetworkObservabilityInstall FilenameOperatorName: config-operator FilenameOperatorOrdering: "01" FilenameRunLevel: "0000_10" diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go index 69fb37c52..1e9c65bf8 100644 --- a/vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go @@ -137,7 +137,7 @@ func (GenericAPIServerConfig) SwaggerDoc() map[string]string { } var map_GenericControllerConfig = map[string]string{ - "": "GenericControllerConfig provides information to configure a controller", + "": "GenericControllerConfig provides information to configure a controller\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", "servingInfo": "servingInfo is the HTTP serving information for the controller's endpoints", "leaderElection": "leaderElection provides information to elect a leader. Only override this if you have a specific need", "authentication": "authentication allows configuration of authentication for the endpoints", @@ -319,6 +319,7 @@ var map_APIServerSpec = map[string]string{ "additionalCORSAllowedOrigins": "additionalCORSAllowedOrigins lists additional, user-defined regular expressions describing hosts for which the API server allows access using the CORS headers. This may be needed to access the API and the integrated OAuth server from JavaScript applications. The values are regular expressions that correspond to the Golang regular expression language.", "encryption": "encryption allows the configuration of encryption of resources at the datastore layer.", "tlsSecurityProfile": "tlsSecurityProfile specifies settings for TLS connections for externally exposed servers.\n\nWhen omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default is the Intermediate profile.", + "tlsAdherence": "tlsAdherence controls if components in the cluster adhere to the TLS security profile configured on this APIServer resource.\n\nValid values are \"LegacyAdheringComponentsOnly\" and \"StrictAllComponents\".\n\nWhen set to \"LegacyAdheringComponentsOnly\", components that already honor the cluster-wide TLS profile continue to do so. Components that do not already honor it continue to use their individual TLS configurations.\n\nWhen set to \"StrictAllComponents\", all components must honor the configured TLS profile unless they have a component-specific TLS configuration that overrides it. This mode is recommended for security-conscious deployments and is required for certain compliance frameworks.\n\nNote: Some components such as Kubelet and IngressController have their own dedicated TLS configuration mechanisms via KubeletConfig and IngressController CRs respectively. When these component-specific TLS configurations are set, they take precedence over the cluster-wide tlsSecurityProfile. When not set, these components fall back to the cluster-wide default.\n\nComponents that encounter an unknown value for tlsAdherence should treat it as \"StrictAllComponents\" and log a warning to ensure forward compatibility while defaulting to the more secure behavior.\n\nThis field is optional. When omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. The current default is LegacyAdheringComponentsOnly.\n\nOnce set, this field may be changed to a different value, but may not be removed.", "audit": "audit specifies the settings for audit configuration to be applied to all OpenShift-provided API servers in the cluster.", } @@ -387,6 +388,28 @@ func (AuthenticationStatus) SwaggerDoc() map[string]string { return map_AuthenticationStatus } +var map_ClientCredentialConfig = map[string]string{ + "": "ClientCredentialConfig configures the client credentials and token endpoint to use to get an access token via the OAuth2 client credentials grant flow.", + "clientID": "clientID is a required client identifier to use during the OAuth2 client credentials flow. clientID must be at least 1 character in length, must not exceed 256 characters in length, and must only contain printable ASCII characters.", + "clientSecret": "clientSecret is a required reference to a Secret in the openshift-config namespace to be used as the client secret during the OAuth2 client credentials flow.\n\nThe key 'client-secret' is used to locate the client secret data in the Secret.", + "tokenEndpoint": "tokenEndpoint is a required URL to query for an access token using the client credential OAuth2 flow. tokenEndpoint must be at least 1 character in length and must not exceed 2048 characters in length. tokenEndpoint must be a valid HTTPS URL. tokenEndpoint must have a host and a path. tokenEndpoint must not contain query parameters, fragments, or user information (e.g., \"user:password@host\").", + "scopes": "scopes is an optional list of OAuth2 scopes to request when obtaining an access token.\n\nIf not specified, the token endpoint's default scopes will be used.\n\nWhen specified, there must be at least 1 entry and must not exceed 16 entries. Each entry must be at least 1 character in length and must not exceed 256 characters in length. Each entry must only contain printable ASCII characters, excluding spaces, double quotes and backslashes. Entries must be unique.", + "tls": "tls is an optional field that allows configuring the TLS settings used to interact with the identity provider as an OAuth2 client.\n\nWhen omitted, system default TLS settings will be used for the OAuth2 client.", +} + +func (ClientCredentialConfig) SwaggerDoc() map[string]string { + return map_ClientCredentialConfig +} + +var map_ClientSecretSecretReference = map[string]string{ + "": "ClientSecretSecretReference is a reference to a Secret in the openshift-config namespace that should be used for configuring the client secret to be used when sourcing claims from external sources with the client credential authentication flow.", + "name": "name is the required name of the Secret that exists in the openshift-config namespace.\n\nIt must be at least 1 character in length, must not exceed 253 characters in length, must start and end with a lowercase alphanumeric character, and must only contain lowercase alphanumeric characters, '-' or '.'.", +} + +func (ClientSecretSecretReference) SwaggerDoc() map[string]string { + return map_ClientSecretSecretReference +} + var map_DeprecatedWebhookTokenAuthenticator = map[string]string{ "": "deprecatedWebhookTokenAuthenticator holds the necessary configuration options for a remote token authenticator. It's the same as WebhookTokenAuthenticator but it's missing the 'required' validation on KubeConfig field.", "kubeConfig": "kubeConfig contains kube config file data which describes how to access the remote webhook service. For further details, see: https://kubernetes.io/docs/reference/access-authn-authz/authentication/#webhook-token-authentication The key \"kubeConfig\" is used to locate the data. If the secret or expected key is not found, the webhook is not honored. If the specified kube config data is not valid, the webhook is not honored. The namespace for this secret is determined by the point of use.", @@ -396,6 +419,56 @@ func (DeprecatedWebhookTokenAuthenticator) SwaggerDoc() map[string]string { return map_DeprecatedWebhookTokenAuthenticator } +var map_ExternalClaimsSource = map[string]string{ + "": "ExternalClaimsSource provides the configuration for a single external claim source.", + "authentication": "authentication is an optional field that configures how the apiserver authenticates with an external claims source. When not specified, anonymous authentication is used which means no 'Authorization' header is sent in the HTTP request to fetch the external claims.", + "tls": "tls is an optional field that configures the http client TLS settings when fetching external claims from this source.\n\nWhen omitted, system default TLS settings will be used for fetching claims from the external source.", + "url": "url is a required configuration of the URL for which the external claims are located.", + "mappings": "mappings is a required list of the claim and response handling expression pairs that produces the claims from the external source. mappings must have at least 1 entry and must not exceed 16 entries. Entries must have a unique name across all external claim sources.", + "predicates": "predicates is an optional list of constraints in which claims should attempt to be fetched from this external source.\n\nWhen omitted, claims are always fetched from this external source.\n\nWhen specified, all predicates must evaluate to 'true' before claims are attempted to be fetched from this external source. predicates must have at least 1 entry and must not exceed 16 entries. Entries must have unique expressions.", +} + +func (ExternalClaimsSource) SwaggerDoc() map[string]string { + return map_ExternalClaimsSource +} + +var map_ExternalSourceAuthentication = map[string]string{ + "": "ExternalSourceAuthentication configures how the apiserver should attempt to authenticate with an external claims source.", + "type": "type is a required field that sets the type of authentication method used by the authenticator when fetching external claims.\n\nAllowed values are 'RequestProvidedToken' and 'ClientCredential'.\n\nWhen set to 'RequestProvidedToken', the authenticator will use the token provided to the kube-apiserver as part of the request to authenticate with the external claims source.\n\nWhen set to 'ClientCredential', the authenticator will use the configured client-id, client-secret, and token endpoint to fetch an access token using the OAuth2 client credentials grant flow. The fetched access token will then be used to authenticate with the external claims source.", + "clientCredential": "clientCredential configures the client credentials and token endpoint to use to get an access token. clientCredential is required when type is 'ClientCredential', and forbidden otherwise.", +} + +func (ExternalSourceAuthentication) SwaggerDoc() map[string]string { + return map_ExternalSourceAuthentication +} + +var map_ExternalSourceCertificateAuthorityConfigMapReference = map[string]string{ + "": "ExternalSourceCertificateAuthorityConfigMapReference is a reference to a ConfigMap in the openshift-config namespace that should be used for configuring the certificate authority to be used when sourcing claims from external sources.", + "name": "name is the required name of the ConfigMap that exists in the openshift-config namespace. The key \"ca-bundle.crt\" must be present and must contain the CA certificate to be used to verify the external source's TLS certificate.\n\nIt must be at least 1 character in length, must not exceed 253 characters in length, must start and end with a lowercase alphanumeric character, and must only contain lowercase alphanumeric characters, '-' or '.'.", +} + +func (ExternalSourceCertificateAuthorityConfigMapReference) SwaggerDoc() map[string]string { + return map_ExternalSourceCertificateAuthorityConfigMapReference +} + +var map_ExternalSourcePredicate = map[string]string{ + "": "ExternalSourcePredicate configures a singular condition that must return true before the external source is queried to retrieve external claims.", + "expression": "expression is a required CEL expression that is used to determine whether or not an external source should be used to fetch external claims.\n\nThe expression must return a boolean value, where true means that the source should be consulted and false means that it should not.\n\nClaims from the token used for the request to the kube-apiserver are made available via the `claims` variable.\n\nThe contents of the `claims` variable varies based on the claims that are present in the token being validated. It is the responsibility of those configuring this field to understand what claims the identity provider includes when issuing tokens.\n\nexpression must be at least 1 character and must not exceed 1024 characters in length.", +} + +func (ExternalSourcePredicate) SwaggerDoc() map[string]string { + return map_ExternalSourcePredicate +} + +var map_ExternalSourceTLS = map[string]string{ + "": "ExternalSourceTLS configures the TLS options that the apiserver uses as a client when making a request to the external claim source.", + "certificateAuthority": "certificateAuthority is a required reference to a ConfigMap in the openshift-config namespace that contains the CA certificate to use to validate TLS connections with the external claims source. The key \"ca-bundle.crt\" must be present in the referenced ConfigMap and must contain the CA certificate to be used to verify the external source's TLS certificate.", +} + +func (ExternalSourceTLS) SwaggerDoc() map[string]string { + return map_ExternalSourceTLS +} + var map_ExtraMapping = map[string]string{ "": "ExtraMapping allows specifying a key and CEL expression to evaluate the keys' value. It is used to create additional mappings and attributes added to a cluster identity from a provided authentication token.", "key": "key is a required field that specifies the string to use as the extra attribute key.\n\nkey must be a domain-prefix path (e.g 'example.org/foo'). key must not exceed 510 characters in length. key must contain the '/' character, separating the domain and path characters. key must not be empty.\n\nThe domain portion of the key (string of characters prior to the '/') must be a valid RFC1123 subdomain. It must not exceed 253 characters in length. It must start and end with an alphanumeric character. It must only contain lower case alphanumeric characters and '-' or '.'. It must not use the reserved domains, or be subdomains of, \"kubernetes.io\", \"k8s.io\", and \"openshift.io\".\n\nThe path portion of the key (string of characters after the '/') must not be empty and must consist of at least one alphanumeric character, percent-encoded octets, '-', '.', '_', '~', '!', '$', '&', ''', '(', ')', '*', '+', ',', ';', '=', and ':'. It must not exceed 256 characters in length.", @@ -444,12 +517,13 @@ func (OIDCClientStatus) SwaggerDoc() map[string]string { } var map_OIDCProvider = map[string]string{ - "name": "name is a required field that configures the unique human-readable identifier associated with the identity provider. It is used to distinguish between multiple identity providers and has no impact on token validation or authentication mechanics.\n\nname must not be an empty string (\"\").", - "issuer": "issuer is a required field that configures how the platform interacts with the identity provider and how tokens issued from the identity provider are evaluated by the Kubernetes API server.", - "oidcClients": "oidcClients is an optional field that configures how on-cluster, platform clients should request tokens from the identity provider. oidcClients must not exceed 20 entries and entries must have unique namespace/name pairs.", - "claimMappings": "claimMappings is a required field that configures the rules to be used by the Kubernetes API server for translating claims in a JWT token, issued by the identity provider, to a cluster identity.", - "claimValidationRules": "claimValidationRules is an optional field that configures the rules to be used by the Kubernetes API server for validating the claims in a JWT token issued by the identity provider.\n\nValidation rules are joined via an AND operation.", - "userValidationRules": "userValidationRules is an optional field that configures the set of rules used to validate the cluster user identity that was constructed via mapping token claims to user identity attributes. Rules are CEL expressions that must evaluate to 'true' for authentication to succeed. If any rule in the chain of rules evaluates to 'false', authentication will fail. When specified, at least one rule must be specified and no more than 64 rules may be specified.", + "name": "name is a required field that configures the unique human-readable identifier associated with the identity provider. It is used to distinguish between multiple identity providers and has no impact on token validation or authentication mechanics.\n\nname must not be an empty string (\"\").", + "issuer": "issuer is a required field that configures how the platform interacts with the identity provider and how tokens issued from the identity provider are evaluated by the Kubernetes API server.", + "oidcClients": "oidcClients is an optional field that configures how on-cluster, platform clients should request tokens from the identity provider. oidcClients must not exceed 20 entries and entries must have unique namespace/name pairs.", + "claimMappings": "claimMappings is a required field that configures the rules to be used by the Kubernetes API server for translating claims in a JWT token, issued by the identity provider, to a cluster identity.", + "claimValidationRules": "claimValidationRules is an optional field that configures the rules to be used by the Kubernetes API server for validating the claims in a JWT token issued by the identity provider.\n\nValidation rules are joined via an AND operation.", + "userValidationRules": "userValidationRules is an optional field that configures the set of rules used to validate the cluster user identity that was constructed via mapping token claims to user identity attributes. Rules are CEL expressions that must evaluate to 'true' for authentication to succeed. If any rule in the chain of rules evaluates to 'false', authentication will fail. When specified, at least one rule must be specified and no more than 64 rules may be specified.", + "externalClaimsSources": "externalClaimsSources is an optional field that can be used to configure sources, external to the token provided in a request, in which claims should be fetched from and made available to the claim mapping process that is used to build the identity of a token holder.\n\nFor example, fetching additional user metadata from an OIDC provider's UserInfo endpoint.\n\nWhen not specified, only claims present in the token itself will be available in the claim mapping process.\n\nWhen specified, at least one external claim source must be specified and no more than 5 sources may be specified. All external claim sources must have unique claim mappings. When an external source responds and resolves additional claims successfully, they will be made available as claims during the claim mapping process. Externally sourced claims with the same name as a claim existing within the token will overwrite the claim data from the token with the externally sourced information. If an external source does not respond, responds with an error, or the additional claim data cannot be resolved from the response successfully it will not be included in the claim data passed to the claim mapping process.", } func (OIDCProvider) SwaggerDoc() map[string]string { @@ -458,16 +532,37 @@ func (OIDCProvider) SwaggerDoc() map[string]string { var map_PrefixedClaimMapping = map[string]string{ "": "PrefixedClaimMapping configures a claim mapping that allows for an optional prefix.", - "prefix": "prefix is an optional field that configures the prefix that will be applied to the cluster identity attribute during the process of mapping JWT claims to cluster identity attributes.\n\nWhen omitted (\"\"), no prefix is applied to the cluster identity attribute.\n\nExample: if `prefix` is set to \"myoidc:\" and the `claim` in JWT contains an array of strings \"a\", \"b\" and \"c\", the mapping will result in an array of string \"myoidc:a\", \"myoidc:b\" and \"myoidc:c\".", + "prefix": "prefix is an optional field that configures the prefix that will be applied to the cluster identity attribute during the process of mapping JWT claims to cluster identity attributes.\n\nWhen omitted or set to an empty string (\"\"), no prefix is applied to the cluster identity attribute. Must not be set to a non-empty value when expression is set.\n\nExample: if `prefix` is set to \"myoidc:\" and the `claim` in JWT contains an array of strings \"a\", \"b\" and \"c\", the mapping will result in an array of string \"myoidc:a\", \"myoidc:b\" and \"myoidc:c\".", } func (PrefixedClaimMapping) SwaggerDoc() map[string]string { return map_PrefixedClaimMapping } +var map_SourceURL = map[string]string{ + "": "SourceURL configures the options used to build the URL that is queried for external claims.", + "hostname": "hostname is a required hostname for which the external claims are located.\n\nIt must be a valid DNS subdomain name as per RFC1123.\n\nThis means that it must start and end with a lowercase alphanumeric character, must only consist of lowercase alphanumeric characters, '-', and '.'. hostname may optionally specify a port in the format ':{port}'. If a port is specified it must not exceed 65535.\n\nhostname must be at least 1 character in length. When specifying a port, hostname must not exceed 259 characters in length. When not specifying a port, hostname must not exceed 253 characters in length.", + "pathExpression": "pathExpression is a required CEL expression that returns a list of string values used to construct the URL path. Claims from the token used for the request to the kube-apiserver are made available via the `claims` variable. expression must be at least 1 character in length and must not exceed 1024 characters in length.\n\nValues in the returned list will be joined with the hostname using a forward slash (`/`) as a separator. Values in the returned list do not need to include the forward slash. If a forward slash is included in a returned value, it will be encoded as `%2F`.\n\nExample of a static path configuration:\n\n pathExpression: ['realms', 'k8s', 'protocol', 'openid-connect', 'userinfo']\n\nThe above example would resolve to the path: '/realms/k8s/protocol/openid-connect/userinfo'\n\nExample of a dynamic path configuration:\n\n pathExpression: \"['admin', 'realms', 'k8s', 'users'] + [claims.sub] + ['groups']\"\n\nAssuming 'claims.sub' is set to '12345', the above example would resolve to the path: '/admin/realms/k8s/users/12345/groups'", +} + +func (SourceURL) SwaggerDoc() map[string]string { + return map_SourceURL +} + +var map_SourcedClaimMapping = map[string]string{ + "": "SourcedClaimMapping configures the mapping behavior for a single external claim from the response the apiserver received from the external claim source.", + "name": "name is a required name of the claim that will be produced and made available during the claim-to-identity mapping process. name must consist of only lowercase alpha characters and underscores ('_'). name must be at least 1 character and must not exceed 256 characters in length.", + "expression": "expression is a required CEL expression that will produce a value to be assigned to the claim. The full response body from the request to the external claim source is provided via the `response.body` variable.\n\nThe contents of the `response.body` variable varies based on the response received from the external source. It is the responsibility of those configuring this expression to understand what is returned from the external source.\n\nexpression must be at least 1 character and must not exceed 1024 characters in length.", +} + +func (SourcedClaimMapping) SwaggerDoc() map[string]string { + return map_SourcedClaimMapping +} + var map_TokenClaimMapping = map[string]string{ - "": "TokenClaimMapping allows specifying a JWT token claim to be used when mapping claims from an authentication token to cluster identities.", - "claim": "claim is a required field that configures the JWT token claim whose value is assigned to the cluster identity field associated with this mapping.", + "": "TokenClaimMapping allows specifying a JWT token claim to be used when mapping claims from an authentication token to cluster identities.", + "claim": "claim is an optional field for specifying the JWT token claim that is used in the mapping. The value of this claim will be assigned to the field in which this mapping is associated. claim must not exceed 256 characters in length. When set to the empty string `\"\"`, this means that no named claim should be used for the group mapping. claim is required when the ExternalOIDCWithUpstreamParity feature gate is not enabled.", + "expression": "expression is an optional CEL expression used to derive group values from JWT claims.\n\nCEL expressions have access to the token claims through a CEL variable, 'claims'.\n\nexpression must be at least 1 character and must not exceed 1024 characters in length .\n\nWhen specified, claim must not be set or be explicitly set to the empty string (`\"\"`).", } func (TokenClaimMapping) SwaggerDoc() map[string]string { @@ -546,8 +641,9 @@ func (TokenUserValidationRule) SwaggerDoc() map[string]string { } var map_UsernameClaimMapping = map[string]string{ - "claim": "claim is a required field that configures the JWT token claim whose value is assigned to the cluster identity field associated with this mapping.\n\nclaim must not be an empty string (\"\") and must not exceed 256 characters.", - "prefixPolicy": "prefixPolicy is an optional field that configures how a prefix should be applied to the value of the JWT claim specified in the 'claim' field.\n\nAllowed values are 'Prefix', 'NoPrefix', and omitted (not provided or an empty string).\n\nWhen set to 'Prefix', the value specified in the prefix field will be prepended to the value of the JWT claim.\n\nThe prefix field must be set when prefixPolicy is 'Prefix'.\n\nWhen set to 'NoPrefix', no prefix will be prepended to the value of the JWT claim.\n\nWhen omitted, this means no opinion and the platform is left to choose any prefixes that are applied which is subject to change over time. Currently, the platform prepends `{issuerURL}#` to the value of the JWT claim when the claim is not 'email'.\n\nAs an example, consider the following scenario:\n\n `prefix` is unset, `issuerURL` is set to `https://myoidc.tld`,\n the JWT claims include \"username\":\"userA\" and \"email\":\"userA@myoidc.tld\",\n and `claim` is set to:\n - \"username\": the mapped value will be \"https://myoidc.tld#userA\"\n - \"email\": the mapped value will be \"userA@myoidc.tld\"", + "claim": "claim is an optional field that configures the JWT token claim whose value is assigned to the cluster identity field associated with this mapping. claim is required when the ExternalOIDCWithUpstreamParity feature gate is not enabled. When the ExternalOIDCWithUpstreamParity feature gate is enabled, claim must not be set when expression is set.\n\nclaim must not be an empty string (\"\") and must not exceed 256 characters.", + "expression": "expression is an optional CEL expression used to derive the username from JWT claims.\n\nCEL expressions have access to the token claims through a CEL variable, 'claims'.\n\nexpression must be at least 1 character and must not exceed 1024 characters in length. expression must not be set when claim is set.", + "prefixPolicy": "prefixPolicy is an optional field that configures how a prefix should be applied to the value of the JWT claim specified in the 'claim' field.\n\nAllowed values are 'Prefix', 'NoPrefix', and omitted (not provided or an empty string).\n\nWhen set to 'Prefix', the value specified in the prefix field will be prepended to the value of the JWT claim. The prefix field must be set when prefixPolicy is 'Prefix'. Must not be set to 'Prefix' when expression is set. When set to 'NoPrefix', no prefix will be prepended to the value of the JWT claim. When omitted, this means no opinion and the platform is left to choose any prefixes that are applied which is subject to change over time. Currently, the platform prepends `{issuerURL}#` to the value of the JWT claim when the claim is not 'email'.\n\nAs an example, consider the following scenario:\n\n `prefix` is unset, `issuerURL` is set to `https://myoidc.tld`,\n the JWT claims include \"username\":\"userA\" and \"email\":\"userA@myoidc.tld\",\n and `claim` is set to:\n - \"username\": the mapped value will be \"https://myoidc.tld#userA\"\n - \"email\": the mapped value will be \"userA@myoidc.tld\"", "prefix": "prefix configures the prefix that should be prepended to the value of the JWT claim.\n\nprefix must be set when prefixPolicy is set to 'Prefix' and must be unset otherwise.", } @@ -915,6 +1011,7 @@ var map_Update = map[string]string{ "image": "image is a container image location that contains the update. image should be used when the desired version does not exist in availableUpdates or history. When image is set, architecture cannot be specified. If both version and image are set, the version extracted from the referenced image must match the specified version.", "force": "force allows an administrator to update to an image that has failed verification or upgradeable checks that are designed to keep your cluster safe. Only use this if: * you are testing unsigned release images in short-lived test clusters or * you are working around a known bug in the cluster-version\n operator and you have verified the authenticity of the provided\n image yourself.\nThe provided image will run with full administrative access to the cluster. Do not use this flag with images that come from unknown or potentially malicious sources.", "acceptRisks": "acceptRisks is an optional set of names of conditional update risks that are considered acceptable. A conditional update is performed only if all of its risks are acceptable. This list may contain entries that apply to current, previous or future updates. The entries therefore may not map directly to a risk in .status.conditionalUpdateRisks. acceptRisks must not contain more than 1000 entries. Entries in this list must be unique.", + "mode": "mode determines how an update should be processed. The only valid value is \"Preflight\". When omitted, the cluster performs a normal update by applying the specified version or image to the cluster. This is the standard update behavior. When set to \"Preflight\", the cluster runs compatibility checks against the target release without performing an actual update. Compatibility results, including any detected risks, are reported in status.conditionalUpdates and status.conditionalUpdateRisks alongside risks from the update recommendation service. This allows administrators to assess update readiness and address issues before committing to the update. Preflight mode is particularly useful for skip-level updates where upgrade compatibility needs to be verified across multiple minor versions. When mode is set to \"Preflight\", the same rules for version, image, and architecture apply as for normal updates.", } func (Update) SwaggerDoc() map[string]string { @@ -984,7 +1081,7 @@ func (ConsoleStatus) SwaggerDoc() map[string]string { var map_AWSDNSSpec = map[string]string{ "": "AWSDNSSpec contains DNS configuration specific to the Amazon Web Services cloud provider.", - "privateZoneIAMRole": "privateZoneIAMRole contains the ARN of an IAM role that should be assumed when performing operations on the cluster's private hosted zone specified in the cluster DNS config. When left empty, no role should be assumed.", + "privateZoneIAMRole": "privateZoneIAMRole contains the ARN of an IAM role that should be assumed when performing operations on the cluster's private hosted zone specified in the cluster DNS config. When left empty, no role should be assumed.\n\nThe ARN must follow the format: arn::iam:::role/, where: is the AWS partition (aws, aws-cn, aws-us-gov, or aws-eusc), is a 12-digit numeric identifier for the AWS account, is the IAM role name.", } func (AWSDNSSpec) SwaggerDoc() map[string]string { @@ -1161,9 +1258,9 @@ func (RegistryLocation) SwaggerDoc() map[string]string { var map_RegistrySources = map[string]string{ "": "RegistrySources holds cluster-wide information about how to handle the registries config.", - "insecureRegistries": "insecureRegistries are registries which do not have a valid TLS certificates or only support HTTP connections.", - "blockedRegistries": "blockedRegistries cannot be used for image pull and push actions. All other registries are permitted.\n\nOnly one of BlockedRegistries or AllowedRegistries may be set.", - "allowedRegistries": "allowedRegistries are the only registries permitted for image pull and push actions. All other registries are denied.\n\nOnly one of BlockedRegistries or AllowedRegistries may be set.", + "insecureRegistries": "insecureRegistries are registries which do not have a valid TLS certificates or only support HTTP connections. Each entry must be a valid registry scope in the format hostname[:port][/path], optionally prefixed with \"*.\" for wildcard subdomains (e.g., \"*.example.com\"). The hostname must consist of valid DNS labels separated by dots, where each label contains only alphanumeric characters and hyphens and does not start or end with a hyphen. Entries must not be empty, must not include tags (e.g., \":latest\") or digests (e.g., \"@sha256:...\"), and must be at most 256 characters in length. The list may contain at most 1024 entries.", + "blockedRegistries": "blockedRegistries cannot be used for image pull and push actions. All other registries are permitted. Each entry must be a valid registry scope in the format hostname[:port][/path], optionally prefixed with \"*.\" for wildcard subdomains (e.g., \"*.example.com\"). The hostname must consist of valid DNS labels separated by dots, where each label contains only alphanumeric characters and hyphens and does not start or end with a hyphen. Entries must not be empty, must not include tags (e.g., \":latest\") or digests (e.g., \"@sha256:...\"), and must be at most 256 characters in length. The list may contain at most 1024 entries.\n\nOnly one of BlockedRegistries or AllowedRegistries may be set.", + "allowedRegistries": "allowedRegistries are the only registries permitted for image pull and push actions. All other registries are denied. Each entry must be a valid registry scope in the format hostname[:port][/path], optionally prefixed with \"*.\" for wildcard subdomains (e.g., \"*.example.com\"). The hostname must consist of valid DNS labels separated by dots, where each label contains only alphanumeric characters and hyphens and does not start or end with a hyphen. Entries must not be empty, must not include tags (e.g., \":latest\") or digests (e.g., \"@sha256:...\"), and must be at most 256 characters in length. The list may contain at most 1024 entries.\n\nOnly one of BlockedRegistries or AllowedRegistries may be set.", "containerRuntimeSearchRegistries": "containerRuntimeSearchRegistries are registries that will be searched when pulling images that do not have fully qualified domains in their pull specs. Registries will be searched in the order provided in the list. Note: this search list only works with the container runtime, i.e CRI-O. Will NOT work with builds or imagestream imports.", } @@ -1750,7 +1847,7 @@ var map_InfrastructureStatus = map[string]string{ "etcdDiscoveryDomain": "etcdDiscoveryDomain is the domain used to fetch the SRV records for discovering etcd servers and clients. For more info: https://github.com/etcd-io/etcd/blob/329be66e8b3f9e2e6af83c123ff89297e49ebd15/Documentation/op-guide/clustering.md#dns-discovery deprecated: as of 4.7, this field is no longer set or honored. It will be removed in a future release.", "apiServerURL": "apiServerURL is a valid URI with scheme 'https', address and optionally a port (defaulting to 443). apiServerURL can be used by components like the web console to tell users where to find the Kubernetes API.", "apiServerInternalURI": "apiServerInternalURL is a valid URI with scheme 'https', address and optionally a port (defaulting to 443). apiServerInternalURL can be used by components like kubelets, to contact the Kubernetes API server using the infrastructure provider rather than Kubernetes networking.", - "controlPlaneTopology": "controlPlaneTopology expresses the expectations for operands that normally run on control nodes. The default is 'HighlyAvailable', which represents the behavior operators have in a \"normal\" cluster. The 'SingleReplica' mode will be used in single-node deployments and the operators should not configure the operand for highly-available operation The 'External' mode indicates that the control plane is hosted externally to the cluster and that its components are not visible within the cluster.", + "controlPlaneTopology": "controlPlaneTopology expresses the expectations for operands that normally run on control nodes. The default is 'HighlyAvailable', which represents the behavior operators have in a \"normal\" cluster. The 'SingleReplica' mode will be used in single-node deployments and the operators should not configure the operand for highly-available operation The 'External' mode indicates that the control plane is hosted externally to the cluster and that its components are not visible within the cluster. The 'HighlyAvailableArbiter' mode indicates that the control plane will consist of 2 control-plane nodes that run conventional services and 1 smaller sized arbiter node that runs a bare minimum of services to maintain quorum.", "infrastructureTopology": "infrastructureTopology expresses the expectations for infrastructure services that do not run on control plane nodes, usually indicated by a node selector for a `role` value other than `master`. The default is 'HighlyAvailable', which represents the behavior operators have in a \"normal\" cluster. The 'SingleReplica' mode will be used in single-node deployments and the operators should not configure the operand for highly-available operation NOTE: External topology mode is not applicable for this field.", "cpuPartitioning": "cpuPartitioning expresses if CPU partitioning is a currently enabled feature in the cluster. CPU Partitioning means that this cluster can support partitioning workloads to specific CPU Sets. Valid values are \"None\" and \"AllNodes\". When omitted, the default value is \"None\". The default value of \"None\" indicates that no nodes will be setup with CPU partitioning. The \"AllNodes\" value indicates that all nodes have been setup with CPU partitioning, and can then be further configured via the PerformanceProfile API.", } @@ -2078,7 +2175,7 @@ func (VSpherePlatformNodeNetworkingSpec) SwaggerDoc() map[string]string { var map_VSpherePlatformSpec = map[string]string{ "": "VSpherePlatformSpec holds the desired state of the vSphere infrastructure provider. In the future the cloud provider operator, storage operator and machine operator will use these fields for configuration.", - "vcenters": "vcenters holds the connection details for services to communicate with vCenter. Currently, only a single vCenter is supported, but in tech preview 3 vCenters are supported. Once the cluster has been installed, you are unable to change the current number of defined vCenters except in the case where the cluster has been upgraded from a version of OpenShift where the vsphere platform spec was not present. You may make modifications to the existing vCenters that are defined in the vcenters list in order to match with any added or modified failure domains.", + "vcenters": "vcenters holds the connection details for services to communicate with vCenter. Up to 3 vCenters are supported. Once the cluster has been installed, you are unable to change the current number of defined vCenters except when 1.) the cluster has been upgraded from a version of OpenShift where the vsphere platform spec was not present or 2.) in TechPreview you are able to add and remove vCenters but may not remove all vCenters. You may make modifications to the existing vCenters that are defined in the vcenters list in order to match with any added or modified failure domains.", "failureDomains": "failureDomains contains the definition of region, zone and the vCenter topology. If this is omitted failure domains (regions and zones) will not be used.", "nodeNetworking": "nodeNetworking contains the definition of internal and external network constraints for assigning the node's networking. If this field is omitted, networking defaults to the legacy address selection behavior which is to only support a single address and return the first one found.", "apiServerInternalIPs": "apiServerInternalIPs are the IP addresses to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. These are the IPs for a self-hosted load balancer in front of the API servers. In dual stack clusters this list contains two IP addresses, one from IPv4 family and one from IPv6. In single stack clusters a single IP address is expected. When omitted, values from the status.apiServerInternalIPs will be used. Once set, the list cannot be completely removed (but its second entry can).", @@ -2325,24 +2422,76 @@ func (Storage) SwaggerDoc() map[string]string { return map_Storage } -var map_AWSKMSConfig = map[string]string{ - "": "AWSKMSConfig defines the KMS config specific to AWS KMS provider", - "keyARN": "keyARN specifies the Amazon Resource Name (ARN) of the AWS KMS key used for encryption. The value must adhere to the format `arn:aws:kms:::key/`, where: - `` is the AWS region consisting of lowercase letters and hyphens followed by a number. - `` is a 12-digit numeric identifier for the AWS account. - `` is a unique identifier for the KMS key, consisting of lowercase hexadecimal characters and hyphens.", - "region": "region specifies the AWS region where the KMS instance exists, and follows the format `--`, e.g.: `us-east-1`. Only lowercase letters and hyphens followed by numbers are allowed.", +var map_KMSPluginConfig = map[string]string{ + "": "KMSPluginConfig defines the configuration for the KMS instance that will be used with KMS encryption", + "type": "type defines the kind of platform for the KMS provider. Allowed values are Vault. When set to Vault, the plugin connects to a HashiCorp Vault server for key management.", + "vault": "vault defines the configuration for the Vault KMS plugin. The plugin connects to a Vault Enterprise server that is managed by the user outside the purview of the control plane. This field must be set when type is Vault, and must be unset otherwise.", +} + +func (KMSPluginConfig) SwaggerDoc() map[string]string { + return map_KMSPluginConfig +} + +var map_VaultAppRoleAuthentication = map[string]string{ + "": "VaultAppRoleAuthentication defines the configuration for AppRole authentication with Vault.", + "secret": "secret references a secret in the openshift-config namespace containing the AppRole credentials used to authenticate with Vault. The referenced Secret must contain two keys: \"role-id\" for the AppRole Role ID and \"secret-id\" for the AppRole Secret ID.", +} + +func (VaultAppRoleAuthentication) SwaggerDoc() map[string]string { + return map_VaultAppRoleAuthentication +} + +var map_VaultAuthentication = map[string]string{ + "": "VaultAuthentication defines the authentication method used to authenticate with Vault.", + "type": "type defines the authentication method used to authenticate with Vault. Allowed values are AppRole. When set to AppRole, the plugin uses AppRole credentials to authenticate with Vault.", + "appRole": "appRole defines the configuration for AppRole authentication. This field must be set when type is AppRole, and must be unset otherwise.", +} + +func (VaultAuthentication) SwaggerDoc() map[string]string { + return map_VaultAuthentication +} + +var map_VaultConfigMapReference = map[string]string{ + "": "VaultConfigMapReference references a ConfigMap in the openshift-config namespace.", + "name": "name is the metadata.name of the referenced ConfigMap in the openshift-config namespace. The name must be a valid DNS subdomain name: it must contain no more than 253 characters, contain only lowercase alphanumeric characters, '-' or '.', and start and end with an alphanumeric character.", +} + +func (VaultConfigMapReference) SwaggerDoc() map[string]string { + return map_VaultConfigMapReference +} + +var map_VaultKMSPluginConfig = map[string]string{ + "": "VaultKMSPluginConfig defines the KMS plugin configuration specific to Vault KMS", + "kmsPluginImage": "kmsPluginImage specifies the container image for the HashiCorp Vault KMS plugin.\n\nThe image must be a fully qualified OCI image pull spec with a SHA256 digest. The format is: host[:port][/namespace]/name@sha256: where the digest must be 64 characters long and consist only of lowercase hexadecimal characters, a-f and 0-9. The total length must be between 75 and 447 characters.\n\nShort names (e.g., \"vault-plugin\" or \"hashicorp/vault-plugin\") are not allowed. The registry hostname must be included and must contain at least one dot. Image tags (e.g., \":latest\", \":v1.0.0\") are not allowed.\n\nConsult the OpenShift documentation for compatible plugin versions with your cluster version, then obtain the image digest for that version from HashiCorp's container registry.\n\nFor disconnected environments, mirror the plugin image to an accessible registry and reference the mirrored location with its digest.", + "vaultAddress": "vaultAddress specifies the address of the HashiCorp Vault instance. The value must be a valid HTTPS URL containing only scheme, host, and optional port. Paths, user info, query parameters, and fragments are not allowed.\n\nFormat: https://hostname[:port] Example: https://vault.example.com:8200\n\nThe value must be between 1 and 512 characters.", + "vaultNamespace": "vaultNamespace specifies the Vault namespace where the Transit secrets engine is mounted. This is only applicable for Vault Enterprise installations. When this field is not set, no namespace is used.\n\nThe value must be between 1 and 4096 characters. The namespace cannot end with a forward slash, cannot contain spaces, and cannot be one of the reserved strings: root, sys, audit, auth, cubbyhole, or identity.", + "tls": "tls contains the TLS configuration for connecting to the Vault server. When this field is not set, system default TLS settings are used.", + "authentication": "authentication defines the authentication method used to authenticate with Vault.", + "transitMount": "transitMount specifies the mount path of the Vault Transit engine.\n\nThe transit mount must be between 1 and 1024 characters, cannot start or end with a forward slash, cannot contain consecutive forward slashes, and must only contain RFC 3986 unreserved characters (alphanumeric, hyphen, period, underscore, tilde) and forward slashes as path separators.", + "transitKey": "transitKey specifies the name of the encryption key in Vault's Transit engine. This key is used to encrypt and decrypt data.\n\nThe transit key must be between 1 and 512 characters, cannot contain forward slashes, and must only contain alphanumeric characters, hyphens, periods, and underscores.", } -func (AWSKMSConfig) SwaggerDoc() map[string]string { - return map_AWSKMSConfig +func (VaultKMSPluginConfig) SwaggerDoc() map[string]string { + return map_VaultKMSPluginConfig } -var map_KMSConfig = map[string]string{ - "": "KMSConfig defines the configuration for the KMS instance that will be used with KMSEncryptionProvider encryption", - "type": "type defines the kind of platform for the KMS provider. Available provider types are AWS only.", - "aws": "aws defines the key config for using an AWS KMS instance for the encryption. The AWS KMS instance is managed by the user outside the purview of the control plane.", +var map_VaultSecretReference = map[string]string{ + "": "VaultSecretReference references a secret in the openshift-config namespace.", + "name": "name is the metadata.name of the referenced secret in the openshift-config namespace. The name must be a valid DNS subdomain name: it must contain no more than 253 characters, contain only lowercase alphanumeric characters, '-' or '.', and start and end with an alphanumeric character.", } -func (KMSConfig) SwaggerDoc() map[string]string { - return map_KMSConfig +func (VaultSecretReference) SwaggerDoc() map[string]string { + return map_VaultSecretReference +} + +var map_VaultTLSConfig = map[string]string{ + "": "VaultTLSConfig contains TLS configuration for connecting to Vault.", + "caBundle": "caBundle references a ConfigMap in the openshift-config namespace containing the CA certificate bundle used to verify the TLS connection to the Vault server. The referenced ConfigMap must contain the CA bundle in the key \"ca-bundle.crt\". When this field is not set, the system's trusted CA certificates are used.\n\nThe namespace for the ConfigMap is openshift-config.\n\nExample ConfigMap:\n apiVersion: v1\n kind: ConfigMap\n metadata:\n name: vault-ca-bundle\n namespace: openshift-config\n data:\n ca-bundle.crt: |", + "serverName": "serverName specifies the Server Name Indication (SNI) to use when connecting to Vault via TLS. This is useful when the Vault server's hostname doesn't match its TLS certificate. When this field is not set, the hostname from vaultAddress is used for SNI.\n\nThe value must be a valid DNS hostname: it must contain no more than 253 characters, contain only lowercase alphanumeric characters, '-' or '.', and start and end with an alphanumeric character.", +} + +func (VaultTLSConfig) SwaggerDoc() map[string]string { + return map_VaultTLSConfig } var map_ClusterNetworkEntry = map[string]string{ @@ -2455,6 +2604,15 @@ func (NetworkMigration) SwaggerDoc() map[string]string { return map_NetworkMigration } +var map_NetworkObservabilitySpec = map[string]string{ + "": "NetworkObservabilitySpec defines the configuration for network observability installation", + "installationPolicy": "installationPolicy controls whether network observability is installed during cluster deployment. Valid values are \"InstallAndEnable\" and \"NoAction\". When set to \"InstallAndEnable\", ensure that network observability will be installed and enabled on the cluster. If already installed, no action taken, but if it gets uninstalled, it will install it again. When set to \"NoAction\", nothing will be done regarding Network observability.", +} + +func (NetworkObservabilitySpec) SwaggerDoc() map[string]string { + return map_NetworkObservabilitySpec +} + var map_NetworkSpec = map[string]string{ "": "NetworkSpec is the desired network configuration. As a general rule, this SHOULD NOT be read directly. Instead, you should consume the NetworkStatus, as it indicates the currently deployed configuration. Currently, most spec fields are immutable after installation. Please view the individual ones for further details on each.", "clusterNetwork": "IP address pool to use for pod IPs. This field is immutable after installation.", @@ -2463,6 +2621,7 @@ var map_NetworkSpec = map[string]string{ "externalIP": "externalIP defines configuration for controllers that affect Service.ExternalIP. If nil, then ExternalIP is not allowed to be set.", "serviceNodePortRange": "The port range allowed for Services of type NodePort. If not specified, the default of 30000-32767 will be used. Such Services without a NodePort specified will have one automatically allocated from this range. This parameter can be updated after the cluster is installed.", "networkDiagnostics": "networkDiagnostics defines network diagnostics configuration.\n\nTakes precedence over spec.disableNetworkDiagnostics in network.operator.openshift.io. If networkDiagnostics is not specified or is empty, and the spec.disableNetworkDiagnostics flag in network.operator.openshift.io is set to true, the network diagnostics feature will be disabled.", + "networkObservability": "networkObservability is an optional field that configures network observability installation during cluster deployment (day-0). When omitted, unless this is a SNO cluster, network observability will be installed if not already present, after that, no action taken.", } func (NetworkSpec) SwaggerDoc() map[string]string { @@ -3005,6 +3164,7 @@ func (OldTLSProfile) SwaggerDoc() map[string]string { var map_TLSProfileSpec = map[string]string{ "": "TLSProfileSpec is the desired behavior of a TLSSecurityProfile.", "ciphers": "ciphers is used to specify the cipher algorithms that are negotiated during the TLS handshake. Operators may remove entries that their operands do not support. For example, to use only ECDHE-RSA-AES128-GCM-SHA256 (yaml):\n\n ciphers:\n - ECDHE-RSA-AES128-GCM-SHA256\n\nTLS 1.3 cipher suites (e.g. TLS_AES_128_GCM_SHA256) are not configurable and are always enabled when TLS 1.3 is negotiated.", + "groups": "groups is an optional, ordered field used to specify the supported groups (formerly known as elliptic curves) that are used during the TLS handshake. The order of the groups represents a suggested preference, with the most preferred group first. Note that not all platform components honor the ordering: Go-based components use Go's internal preference order and treat this list as a filter of allowed groups rather than an ordered preference. Operators may remove entries their operands do not support.\n\nWhen omitted, this means no opinion and the platform is left to choose reasonable defaults which are subject to change over time and may be different per platform component depending on the underlying TLS libraries they use. If specified, the list must contain at least one and at most 7 groups, and each group must be unique.\n\nFor example, to use X25519 and secp256r1 (yaml):\n\n groups:\n - X25519\n - secp256r1", "minTLSVersion": "minTLSVersion is used to specify the minimal version of the TLS protocol that is negotiated during the TLS handshake. For example, to use TLS versions 1.1, 1.2 and 1.3 (yaml):\n\n minTLSVersion: VersionTLS11", } @@ -3014,11 +3174,11 @@ func (TLSProfileSpec) SwaggerDoc() map[string]string { var map_TLSSecurityProfile = map[string]string{ "": "TLSSecurityProfile defines the schema for a TLS security profile. This object is used by operators to apply TLS security settings to operands.", - "type": "type is one of Old, Intermediate, Modern or Custom. Custom provides the ability to specify individual TLS security profile parameters.\n\nThe profiles are based on version 5.7 of the Mozilla Server Side TLS configuration guidelines. The cipher lists consist of the configuration's \"ciphersuites\" followed by the Go-specific \"ciphers\" from the guidelines. See: https://ssl-config.mozilla.org/guidelines/5.7.json\n\nThe profiles are intent based, so they may change over time as new ciphers are developed and existing ciphers are found to be insecure. Depending on precisely which ciphers are available to a process, the list may be reduced.", - "old": "old is a TLS profile for use when services need to be accessed by very old clients or libraries and should be used only as a last resort.\n\nThis profile is equivalent to a Custom profile specified as:\n minTLSVersion: VersionTLS10\n ciphers:\n - TLS_AES_128_GCM_SHA256\n - TLS_AES_256_GCM_SHA384\n - TLS_CHACHA20_POLY1305_SHA256\n - ECDHE-ECDSA-AES128-GCM-SHA256\n - ECDHE-RSA-AES128-GCM-SHA256\n - ECDHE-ECDSA-AES256-GCM-SHA384\n - ECDHE-RSA-AES256-GCM-SHA384\n - ECDHE-ECDSA-CHACHA20-POLY1305\n - ECDHE-RSA-CHACHA20-POLY1305\n - ECDHE-ECDSA-AES128-SHA256\n - ECDHE-RSA-AES128-SHA256\n - ECDHE-ECDSA-AES128-SHA\n - ECDHE-RSA-AES128-SHA\n - ECDHE-ECDSA-AES256-SHA\n - ECDHE-RSA-AES256-SHA\n - AES128-GCM-SHA256\n - AES256-GCM-SHA384\n - AES128-SHA256\n - AES128-SHA\n - AES256-SHA\n - DES-CBC3-SHA", - "intermediate": "intermediate is a TLS profile for use when you do not need compatibility with legacy clients and want to remain highly secure while being compatible with most clients currently in use.\n\nThis profile is equivalent to a Custom profile specified as:\n minTLSVersion: VersionTLS12\n ciphers:\n - TLS_AES_128_GCM_SHA256\n - TLS_AES_256_GCM_SHA384\n - TLS_CHACHA20_POLY1305_SHA256\n - ECDHE-ECDSA-AES128-GCM-SHA256\n - ECDHE-RSA-AES128-GCM-SHA256\n - ECDHE-ECDSA-AES256-GCM-SHA384\n - ECDHE-RSA-AES256-GCM-SHA384\n - ECDHE-ECDSA-CHACHA20-POLY1305\n - ECDHE-RSA-CHACHA20-POLY1305", - "modern": "modern is a TLS security profile for use with clients that support TLS 1.3 and do not need backward compatibility for older clients.\n\nThis profile is equivalent to a Custom profile specified as:\n minTLSVersion: VersionTLS13\n ciphers:\n - TLS_AES_128_GCM_SHA256\n - TLS_AES_256_GCM_SHA384\n - TLS_CHACHA20_POLY1305_SHA256", - "custom": "custom is a user-defined TLS security profile. Be extremely careful using a custom profile as invalid configurations can be catastrophic. An example custom profile looks like this:\n\n minTLSVersion: VersionTLS11\n ciphers:\n - ECDHE-ECDSA-CHACHA20-POLY1305\n - ECDHE-RSA-CHACHA20-POLY1305\n - ECDHE-RSA-AES128-GCM-SHA256\n - ECDHE-ECDSA-AES128-GCM-SHA256", + "type": "type is one of Old, Intermediate, Modern or Custom. Custom provides the ability to specify individual TLS security profile parameters.\n\nThe cipher and groups lists in these profiles are based on version 5.8 of the Mozilla Server Side TLS configuration guidelines. See: https://ssl-config.mozilla.org/guidelines/5.8.json\n\nThe groups are listed in suggested preference order, with the most preferred group first. Note that not all platform components honor the ordering: Go-based components use Go's internal preference order and treat this list as a filter of allowed groups rather than an ordered preference. Note that X25519MLKEM768 is a post-quantum hybrid group that is not FIPS-approved and should be ignored by components running in FIPS mode.\n\nThe profiles are intent based, so they may change over time as new ciphers are developed and existing ciphers are found to be insecure. Depending on precisely which ciphers are available to a process, the list may be reduced.", + "old": "old is a TLS profile for use when services need to be accessed by very old clients or libraries and should be used only as a last resort.\n\nThe supported groups list includes by default the following groups in suggested preference order (ordering may not be honored by all implementations): X25519MLKEM768, X25519, secp256r1, secp384r1.\n\nThis profile is equivalent to a Custom profile specified as:\n minTLSVersion: VersionTLS10\n ciphers:\n - TLS_AES_128_GCM_SHA256\n - TLS_AES_256_GCM_SHA384\n - TLS_CHACHA20_POLY1305_SHA256\n - ECDHE-ECDSA-AES128-GCM-SHA256\n - ECDHE-RSA-AES128-GCM-SHA256\n - ECDHE-ECDSA-AES256-GCM-SHA384\n - ECDHE-RSA-AES256-GCM-SHA384\n - ECDHE-ECDSA-CHACHA20-POLY1305\n - ECDHE-RSA-CHACHA20-POLY1305\n - ECDHE-ECDSA-AES128-SHA256\n - ECDHE-RSA-AES128-SHA256\n - ECDHE-ECDSA-AES128-SHA\n - ECDHE-RSA-AES128-SHA\n - ECDHE-ECDSA-AES256-SHA384\n - ECDHE-RSA-AES256-SHA384\n - ECDHE-ECDSA-AES256-SHA\n - ECDHE-RSA-AES256-SHA\n - AES128-GCM-SHA256\n - AES256-GCM-SHA384\n - AES128-SHA256\n - AES256-SHA256\n - AES128-SHA\n - AES256-SHA\n - DES-CBC3-SHA", + "intermediate": "intermediate is a TLS profile for use when you do not need compatibility with legacy clients and want to remain highly secure while being compatible with most clients currently in use.\n\nThe supported groups list includes by default the following groups in suggested preference order (ordering may not be honored by all implementations): X25519MLKEM768, X25519, secp256r1, secp384r1.\n\nThis profile is equivalent to a Custom profile specified as:\n minTLSVersion: VersionTLS12\n ciphers:\n - TLS_AES_128_GCM_SHA256\n - TLS_AES_256_GCM_SHA384\n - TLS_CHACHA20_POLY1305_SHA256\n - ECDHE-ECDSA-AES128-GCM-SHA256\n - ECDHE-RSA-AES128-GCM-SHA256\n - ECDHE-ECDSA-AES256-GCM-SHA384\n - ECDHE-RSA-AES256-GCM-SHA384\n - ECDHE-ECDSA-CHACHA20-POLY1305\n - ECDHE-RSA-CHACHA20-POLY1305", + "modern": "modern is a TLS security profile for use with clients that support TLS 1.3 and do not need backward compatibility for older clients. The supported groups list includes by default the following groups in suggested preference order (ordering may not be honored by all implementations): X25519MLKEM768, X25519, secp256r1, secp384r1. This profile is equivalent to a Custom profile specified as:\n minTLSVersion: VersionTLS13\n ciphers:\n - TLS_AES_128_GCM_SHA256\n - TLS_AES_256_GCM_SHA384\n - TLS_CHACHA20_POLY1305_SHA256", + "custom": "custom is a user-defined TLS security profile. Be extremely careful using a custom profile as invalid configurations can be catastrophic.\n\nThe supported groups list for this profile is empty by default.\n\nAn example custom profile looks like this:\n\n minTLSVersion: VersionTLS11\n ciphers:\n - ECDHE-ECDSA-CHACHA20-POLY1305\n - ECDHE-RSA-CHACHA20-POLY1305\n - ECDHE-RSA-AES128-GCM-SHA256\n - ECDHE-ECDSA-AES128-GCM-SHA256", } func (TLSSecurityProfile) SwaggerDoc() map[string]string { diff --git a/vendor/github.com/openshift/api/config/v1alpha1/register.go b/vendor/github.com/openshift/api/config/v1alpha1/register.go index c90962495..1d84b7107 100644 --- a/vendor/github.com/openshift/api/config/v1alpha1/register.go +++ b/vendor/github.com/openshift/api/config/v1alpha1/register.go @@ -36,12 +36,10 @@ func addKnownTypes(scheme *runtime.Scheme) error { &InsightsDataGatherList{}, &Backup{}, &BackupList{}, - &ImagePolicy{}, - &ImagePolicyList{}, - &ClusterImagePolicy{}, - &ClusterImagePolicyList{}, &CRIOCredentialProviderConfig{}, &CRIOCredentialProviderConfigList{}, + &PKI{}, + &PKIList{}, ) metav1.AddToGroupVersion(scheme, GroupVersion) return nil diff --git a/vendor/github.com/openshift/api/config/v1alpha1/types_cluster_image_policy.go b/vendor/github.com/openshift/api/config/v1alpha1/types_cluster_image_policy.go deleted file mode 100644 index e8d7603d7..000000000 --- a/vendor/github.com/openshift/api/config/v1alpha1/types_cluster_image_policy.go +++ /dev/null @@ -1,80 +0,0 @@ -package v1alpha1 - -import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - -// +genclient -// +genclient:nonNamespaced -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// ClusterImagePolicy holds cluster-wide configuration for image signature verification -// -// Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. -// +kubebuilder:object:root=true -// +kubebuilder:resource:path=clusterimagepolicies,scope=Cluster -// +kubebuilder:subresource:status -// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/1457 -// +openshift:file-pattern=cvoRunLevel=0000_10,operatorName=config-operator,operatorOrdering=01 -// +openshift:enable:FeatureGate=SigstoreImageVerification -// +openshift:compatibility-gen:level=4 -type ClusterImagePolicy struct { - metav1.TypeMeta `json:",inline"` - - // metadata is the standard object's metadata. - // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata - metav1.ObjectMeta `json:"metadata,omitempty"` - - // spec contains the configuration for the cluster image policy. - // +required - Spec ClusterImagePolicySpec `json:"spec"` - // status contains the observed state of the resource. - // +optional - Status ClusterImagePolicyStatus `json:"status,omitempty"` -} - -// CLusterImagePolicySpec is the specification of the ClusterImagePolicy custom resource. -type ClusterImagePolicySpec struct { - // scopes defines the list of image identities assigned to a policy. Each item refers to a scope in a registry implementing the "Docker Registry HTTP API V2". - // Scopes matching individual images are named Docker references in the fully expanded form, either using a tag or digest. For example, docker.io/library/busybox:latest (not busybox:latest). - // More general scopes are prefixes of individual-image scopes, and specify a repository (by omitting the tag or digest), a repository - // namespace, or a registry host (by only specifying the host name and possibly a port number) or a wildcard expression starting with `*.`, for matching all subdomains (not including a port number). - // Wildcards are only supported for subdomain matching, and may not be used in the middle of the host, i.e. *.example.com is a valid case, but example*.*.com is not. - // If multiple scopes match a given image, only the policy requirements for the most specific scope apply. The policy requirements for more general scopes are ignored. - // In addition to setting a policy appropriate for your own deployed applications, make sure that a policy on the OpenShift image repositories - // quay.io/openshift-release-dev/ocp-release, quay.io/openshift-release-dev/ocp-v4.0-art-dev (or on a more general scope) allows deployment of the OpenShift images required for cluster operation. - // If a scope is configured in both the ClusterImagePolicy and the ImagePolicy, or if the scope in ImagePolicy is nested under one of the scopes from the ClusterImagePolicy, only the policy from the ClusterImagePolicy will be applied. - // For additional details about the format, please refer to the document explaining the docker transport field, - // which can be found at: https://github.com/containers/image/blob/main/docs/containers-policy.json.5.md#docker - // +required - // +kubebuilder:validation:MaxItems=256 - // +listType=set - Scopes []ImageScope `json:"scopes"` - // policy contains configuration to allow scopes to be verified, and defines how - // images not matching the verification policy will be treated. - // +required - Policy ImageSigstoreVerificationPolicy `json:"policy"` -} - -// +k8s:deepcopy-gen=true -type ClusterImagePolicyStatus struct { - // conditions provide details on the status of this API Resource. - // +listType=map - // +listMapKey=type - // +optional - Conditions []metav1.Condition `json:"conditions,omitempty"` -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// ClusterImagePolicyList is a list of ClusterImagePolicy resources -// -// Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. -// +openshift:compatibility-gen:level=4 -type ClusterImagePolicyList struct { - metav1.TypeMeta `json:",inline"` - - // metadata is the standard list's metadata. - // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata - metav1.ListMeta `json:"metadata"` - - Items []ClusterImagePolicy `json:"items"` -} diff --git a/vendor/github.com/openshift/api/config/v1alpha1/types_cluster_monitoring.go b/vendor/github.com/openshift/api/config/v1alpha1/types_cluster_monitoring.go index 29bf8ba48..ca2f0216a 100644 --- a/vendor/github.com/openshift/api/config/v1alpha1/types_cluster_monitoring.go +++ b/vendor/github.com/openshift/api/config/v1alpha1/types_cluster_monitoring.go @@ -89,6 +89,19 @@ type ClusterMonitoringSpec struct { // The current default value is `DefaultConfig`. // +optional AlertmanagerConfig AlertmanagerConfig `json:"alertmanagerConfig,omitempty,omitzero"` + // prometheusConfig provides configuration options for the default platform Prometheus instance + // that runs in the `openshift-monitoring` namespace. This configuration applies only to the + // platform Prometheus instance; user-workload Prometheus instances are configured separately. + // + // This field allows you to customize how the platform Prometheus is deployed and operated, including: + // - Pod scheduling (node selectors, tolerations, topology spread constraints) + // - Resource allocation (CPU, memory requests/limits) + // - Retention policies (how long metrics are stored) + // - External integrations (remote write, additional alertmanagers) + // + // This field is optional. When omitted, the platform chooses reasonable defaults, which may change over time. + // +optional + PrometheusConfig PrometheusConfig `json:"prometheusConfig,omitempty,omitzero"` // metricsServerConfig is an optional field that can be used to configure the Kubernetes Metrics Server that runs in the openshift-monitoring namespace. // Specifically, it can configure how the Metrics Server instance is deployed, pod scheduling, its audit policy and log verbosity. // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. @@ -99,82 +112,77 @@ type ClusterMonitoringSpec struct { // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. // +optional PrometheusOperatorConfig PrometheusOperatorConfig `json:"prometheusOperatorConfig,omitempty,omitzero"` -} - -// UserDefinedMonitoring config for user-defined projects. -type UserDefinedMonitoring struct { - // mode defines the different configurations of UserDefinedMonitoring - // Valid values are Disabled and NamespaceIsolated - // Disabled disables monitoring for user-defined projects. This restricts the default monitoring stack, installed in the openshift-monitoring project, to monitor only platform namespaces, which prevents any custom monitoring configurations or resources from being applied to user-defined namespaces. - // NamespaceIsolated enables monitoring for user-defined projects with namespace-scoped tenancy. This ensures that metrics, alerts, and monitoring data are isolated at the namespace level. - // The current default value is `Disabled`. - // +required - // +kubebuilder:validation:Enum=Disabled;NamespaceIsolated - Mode UserDefinedMode `json:"mode"` -} - -// UserDefinedMode specifies mode for UserDefine Monitoring -// +enum -type UserDefinedMode string - -const ( - // UserDefinedDisabled disables monitoring for user-defined projects. This restricts the default monitoring stack, installed in the openshift-monitoring project, to monitor only platform namespaces, which prevents any custom monitoring configurations or resources from being applied to user-defined namespaces. - UserDefinedDisabled UserDefinedMode = "Disabled" - // UserDefinedNamespaceIsolated enables monitoring for user-defined projects with namespace-scoped tenancy. This ensures that metrics, alerts, and monitoring data are isolated at the namespace level. - UserDefinedNamespaceIsolated UserDefinedMode = "NamespaceIsolated" -) - -// alertmanagerConfig provides configuration options for the default Alertmanager instance -// that runs in the `openshift-monitoring` namespace. Use this configuration to control -// whether the default Alertmanager is deployed, how it logs, and how its pods are scheduled. -// +kubebuilder:validation:XValidation:rule="self.deploymentMode == 'CustomConfig' ? has(self.customConfig) : !has(self.customConfig)",message="customConfig is required when deploymentMode is CustomConfig, and forbidden otherwise" -type AlertmanagerConfig struct { - // deploymentMode determines whether the default Alertmanager instance should be deployed - // as part of the monitoring stack. - // Allowed values are Disabled, DefaultConfig, and CustomConfig. - // When set to Disabled, the Alertmanager instance will not be deployed. - // When set to DefaultConfig, the platform will deploy Alertmanager with default settings. - // When set to CustomConfig, the Alertmanager will be deployed with custom configuration. - // - // +unionDiscriminator - // +required - DeploymentMode AlertManagerDeployMode `json:"deploymentMode,omitempty"` - - // customConfig must be set when deploymentMode is CustomConfig, and must be unset otherwise. - // When set to CustomConfig, the Alertmanager will be deployed with custom configuration. + // prometheusOperatorAdmissionWebhookConfig is an optional field that can be used to configure the + // admission webhook component of Prometheus Operator that runs in the openshift-monitoring namespace. + // The admission webhook validates PrometheusRule and AlertmanagerConfig objects to ensure they are + // semantically valid, mutates PrometheusRule annotations, and converts AlertmanagerConfig objects + // between API versions. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. // +optional - CustomConfig AlertmanagerCustomConfig `json:"customConfig,omitempty,omitzero"` + PrometheusOperatorAdmissionWebhookConfig PrometheusOperatorAdmissionWebhookConfig `json:"prometheusOperatorAdmissionWebhookConfig,omitempty,omitzero"` + // openShiftStateMetricsConfig is an optional field that can be used to configure the openshift-state-metrics + // agent that runs in the openshift-monitoring namespace. The openshift-state-metrics agent generates metrics + // about the state of OpenShift-specific Kubernetes objects, such as routes, builds, and deployments. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // +optional + OpenShiftStateMetricsConfig OpenShiftStateMetricsConfig `json:"openShiftStateMetricsConfig,omitempty,omitzero"` + // telemeterClientConfig is an optional field that can be used to configure the Telemeter Client + // component that runs in the openshift-monitoring namespace. The Telemeter Client collects + // selected monitoring metrics and forwards them to Red Hat for telemetry purposes. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // When set, at least one field must be specified within telemeterClientConfig. + // +optional + TelemeterClientConfig TelemeterClientConfig `json:"telemeterClientConfig,omitempty,omitzero"` + // thanosQuerierConfig is an optional field that can be used to configure the Thanos Querier + // component that runs in the openshift-monitoring namespace. The Thanos Querier provides + // a global query view by aggregating and deduplicating metrics from multiple Prometheus instances. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The current default deploys the Thanos Querier on linux nodes with 5m CPU and 12Mi memory + // requests, and no custom tolerations or topology spread constraints. + // When set, at least one field must be specified within thanosQuerierConfig. + // +optional + ThanosQuerierConfig ThanosQuerierConfig `json:"thanosQuerierConfig,omitempty,omitzero"` + // nodeExporterConfig is an optional field that can be used to configure the node-exporter agent + // that runs as a DaemonSet in the openshift-monitoring namespace. The node-exporter agent collects + // hardware and OS-level metrics from every node in the cluster. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // +optional + NodeExporterConfig NodeExporterConfig `json:"nodeExporterConfig,omitempty,omitzero"` + // monitoringPluginConfig is an optional field that can be used to configure the monitoring plugin + // that runs as a dynamic plugin of the OpenShift web console. The monitoring plugin provides + // the monitoring UI in the OpenShift web console for visualizing metrics, alerts, and dashboards. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The current default deploys the monitoring-plugin as a single-replica Deployment + // on linux nodes with 10m CPU and 50Mi memory requests, and no custom tolerations + // or topology spread constraints. + // When set, at least one field must be specified within monitoringPluginConfig. + // +optional + MonitoringPluginConfig MonitoringPluginConfig `json:"monitoringPluginConfig,omitempty,omitzero"` + // kubeStateMetricsConfig is an optional field that can be used to configure the kube-state-metrics + // agent that runs in the openshift-monitoring namespace. kube-state-metrics generates metrics about + // the state of Kubernetes objects such as Deployments, Nodes, and Pods. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // +optional + KubeStateMetricsConfig KubeStateMetricsConfig `json:"kubeStateMetricsConfig,omitempty,omitzero"` } -// AlertmanagerCustomConfig represents the configuration for a custom Alertmanager deployment. -// alertmanagerCustomConfig provides configuration options for the default Alertmanager instance -// that runs in the `openshift-monitoring` namespace. Use this configuration to control -// whether the default Alertmanager is deployed, how it logs, and how its pods are scheduled. +// OpenShiftStateMetricsConfig provides configuration options for the openshift-state-metrics agent +// that runs in the `openshift-monitoring` namespace. The openshift-state-metrics agent generates +// metrics about the state of OpenShift-specific Kubernetes objects, such as routes, builds, and deployments. // +kubebuilder:validation:MinProperties=1 -type AlertmanagerCustomConfig struct { - // logLevel defines the verbosity of logs emitted by Alertmanager. - // This field allows users to control the amount and severity of logs generated, which can be useful - // for debugging issues or reducing noise in production environments. - // Allowed values are Error, Warn, Info, and Debug. - // When set to Error, only errors will be logged. - // When set to Warn, both warnings and errors will be logged. - // When set to Info, general information, warnings, and errors will all be logged. - // When set to Debug, detailed debugging information will be logged. - // When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. - // The current default value is `Info`. - // +optional - LogLevel LogLevel `json:"logLevel,omitempty"` - // nodeSelector defines the nodes on which the Pods are scheduled +type OpenShiftStateMetricsConfig struct { + // nodeSelector defines the nodes on which the Pods are scheduled. // nodeSelector is optional. // // When omitted, this means the user has no opinion and the platform is left // to choose reasonable defaults. These defaults are subject to change over time. // The current default value is `kubernetes.io/os: linux`. + // When specified, nodeSelector must contain at least 1 entry and must not contain more than 10 entries. // +optional // +kubebuilder:validation:MinProperties=1 // +kubebuilder:validation:MaxProperties=10 NodeSelector map[string]string `json:"nodeSelector,omitempty"` - // resources defines the compute resource requests and limits for the Alertmanager container. + // resources defines the compute resource requests and limits for the openshift-state-metrics container. // This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. // When not specified, defaults are used by the platform. Requests cannot exceed limits. // This field is optional. @@ -183,41 +191,20 @@ type AlertmanagerCustomConfig struct { // The current default values are: // resources: // - name: cpu - // request: 4m + // request: 1m // limit: null // - name: memory - // request: 40Mi + // request: 32Mi // limit: null - // Maximum length for this list is 10. + // Maximum length for this list is 5. // Minimum length for this list is 1. // Each resource name must be unique within this list. // +optional // +listType=map // +listMapKey=name - // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:MaxItems=5 // +kubebuilder:validation:MinItems=1 Resources []ContainerResource `json:"resources,omitempty"` - // secrets defines a list of secrets that need to be mounted into the Alertmanager. - // The secrets must reside within the same namespace as the Alertmanager object. - // They will be added as volumes named secret- and mounted at - // /etc/alertmanager/secrets/ within the 'alertmanager' container of - // the Alertmanager Pods. - // - // These secrets can be used to authenticate Alertmanager with endpoint receivers. - // For example, you can use secrets to: - // - Provide certificates for TLS authentication with receivers that require private CA certificates - // - Store credentials for Basic HTTP authentication with receivers that require password-based auth - // - Store any other authentication credentials needed by your alert receivers - // - // This field is optional. - // Maximum length for this list is 10. - // Minimum length for this list is 1. - // Entries in this list must be unique. - // +optional - // +kubebuilder:validation:MaxItems=10 - // +kubebuilder:validation:MinItems=1 - // +listType=set - Secrets []SecretName `json:"secrets,omitempty"` // tolerations defines tolerations for the pods. // tolerations is optional. // @@ -231,7 +218,7 @@ type AlertmanagerCustomConfig struct { // +listType=atomic // +optional Tolerations []v1.Toleration `json:"tolerations,omitempty"` - // topologySpreadConstraints defines rules for how Alertmanager Pods should be distributed + // topologySpreadConstraints defines rules for how openshift-state-metrics Pods should be distributed // across topology domains such as zones, nodes, or other user-defined labels. // topologySpreadConstraints is optional. // This helps improve high availability and resource efficiency by avoiding placing @@ -249,137 +236,2160 @@ type AlertmanagerCustomConfig struct { // +listMapKey=topologyKey // +listMapKey=whenUnsatisfiable // +optional - TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` - // volumeClaimTemplate Defines persistent storage for Alertmanager. Use this setting to - // configure the persistent volume claim, including storage class, volume - // size, and name. - // If omitted, the Pod uses ephemeral storage and alert data will not persist - // across restarts. - // This field is optional. + TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` +} + +// NodeExporterConfig provides configuration options for the node-exporter agent +// that runs as a DaemonSet in the `openshift-monitoring` namespace. The node-exporter agent collects +// hardware and OS-level metrics from every node in the cluster, including CPU, memory, disk, and +// network statistics. +// At least one field must be specified. +// +kubebuilder:validation:MinProperties=1 +type NodeExporterConfig struct { + // resources defines the compute resource requests and limits for the node-exporter container. + // This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. + // When not specified, defaults are used by the platform. Requests cannot exceed limits. + // This field is optional. + // More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + // This is a simplified API that maps to Kubernetes ResourceRequirements. + // The current default values are: + // resources: + // - name: cpu + // request: 8m + // limit: null + // - name: memory + // request: 32Mi + // limit: null + // --- + // maxItems is set to 5 to stay within the Kubernetes CRD CEL validation cost budget. + // See the MaxItems comment near the ContainerResource type definition for details. + // Minimum length for this list is 1. + // Each resource name must be unique within this list. + // +optional + // +listType=map + // +listMapKey=name + // +kubebuilder:validation:MaxItems=5 + // +kubebuilder:validation:MinItems=1 + Resources []ContainerResource `json:"resources,omitempty"` + + // --- TOMBSTONE --- + // nodeSelector was a field that defined the nodes on which the Pods are scheduled. + // It was removed because node-exporter runs as a DaemonSet on all nodes, + // and the CMO does not support this field. + // The field name "nodeSelector" and json tag are reserved to prevent reuse + // with a different backing type. + // + // +optional + // NodeSelector map[string]string `json:"nodeSelector,omitempty"` + + // --- TOMBSTONE --- + // tolerations was a field that defined tolerations for the pods. + // It was removed because node-exporter runs as a DaemonSet on all nodes, + // and the CMO does not support this field. + // The field name "tolerations" and json tag are reserved to prevent reuse + // with a different backing type. + // + // +optional + // Tolerations []v1.Toleration `json:"tolerations,omitempty"` + + // collectors configures which node-exporter metric collectors are enabled. + // collectors is optional. + // Each collector can be individually enabled or disabled. Some collectors may have + // additional configuration options. + // + // When omitted, this means no opinion and the platform is left to choose a reasonable + // default, which is subject to change over time. + // +optional + Collectors NodeExporterCollectorConfig `json:"collectors,omitempty,omitzero"` + // maxProcs sets the target number of CPUs on which the node-exporter process will run. + // maxProcs is optional. + // Use this setting to override the default value, which is set either to 4 or to the number + // of CPUs on the host, whichever is smaller. + // The default value is computed at runtime and set via the GOMAXPROCS environment variable before + // node-exporter is launched. + // If a kernel deadlock occurs or if performance degrades when reading from sysfs concurrently, + // you can change this value to 1, which limits node-exporter to running on one CPU. + // For nodes with a high CPU count, setting the limit to a low number saves resources by preventing + // Go routines from being scheduled to run on all CPUs. However, I/O performance degrades if the + // maxProcs value is set too low and there are many metrics to collect. + // The minimum value is 1 and the maximum value is 1024. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, + // which is subject to change over time. The current default is min(4, number of host CPUs). + // +optional + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=1024 + MaxProcs int32 `json:"maxProcs,omitempty"` + // ignoredNetworkDevices is a list of regular expression patterns that match network devices + // to be excluded from the relevant collector configuration such as netdev, netclass, and ethtool. + // ignoredNetworkDevices is optional. + // + // When omitted, the Cluster Monitoring Operator uses a predefined list of devices to be excluded + // to minimize the impact on memory usage. + // When set as an empty list, no devices are excluded. + // If you modify this setting, monitor the prometheus-k8s deployment closely for excessive memory usage. + // Maximum length for this list is 50. + // Each entry must be at least 1 character and at most 1024 characters long. + // +kubebuilder:validation:MaxItems=50 + // +kubebuilder:validation:MinItems=0 + // +listType=set + // +optional + IgnoredNetworkDevices *[]NodeExporterIgnoredNetworkDevice `json:"ignoredNetworkDevices,omitempty"` +} + +// NodeExporterIgnoredNetworkDevice is a string that is interpreted as a Go regular expression +// pattern by the controller to match network device names to exclude from node-exporter +// metric collection for collectors such as netdev, netclass, and ethtool. +// Invalid regular expressions will cause a controller-level error at runtime. +// Must be at least 1 character and at most 1024 characters. +// +kubebuilder:validation:MinLength=1 +// +kubebuilder:validation:MaxLength=1024 +type NodeExporterIgnoredNetworkDevice string + +// NodeExporterCollectorCollectionPolicy declares whether a node-exporter collector should collect metrics. +// Valid values are "Collect" and "DoNotCollect". +// +kubebuilder:validation:Enum=Collect;DoNotCollect +// +enum +type NodeExporterCollectorCollectionPolicy string + +const ( + // NodeExporterCollectorCollectionPolicyCollect means the collector is active and will produce metrics. + NodeExporterCollectorCollectionPolicyCollect NodeExporterCollectorCollectionPolicy = "Collect" + // NodeExporterCollectorCollectionPolicyDoNotCollect means the collector is inactive and will not produce metrics. + NodeExporterCollectorCollectionPolicyDoNotCollect NodeExporterCollectorCollectionPolicy = "DoNotCollect" +) + +// NodeExporterNetclassStatsGatherer identifies how the netclass collector gathers device statistics +// (for example via sysfs or netlink, as implemented in node_exporter). +// Valid values are "Sysfs" and "Netlink". +// +kubebuilder:validation:Enum=Sysfs;Netlink +// +enum +type NodeExporterNetclassStatsGatherer string + +const ( + // NodeExporterNetclassStatsGathererSysfs uses the sysfs-based implementation. + NodeExporterNetclassStatsGathererSysfs NodeExporterNetclassStatsGatherer = "Sysfs" + // NodeExporterNetclassStatsGathererNetlink uses the netlink-based implementation. + NodeExporterNetclassStatsGathererNetlink NodeExporterNetclassStatsGatherer = "Netlink" +) + +// NodeExporterCollectorConfig defines settings for individual collectors +// of the node-exporter agent. Each collector can be individually set to collect or not collect metrics. +// At least one collector must be specified. +// +kubebuilder:validation:MinProperties=1 +type NodeExporterCollectorConfig struct { + // cpuFreq configures the cpufreq collector, which collects CPU frequency statistics. + // cpuFreq is optional. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, + // which is subject to change over time. The current default is disabled. + // Consider enabling when you need to observe CPU frequency scaling; expect higher CPU usage on + // many-core nodes when collectionPolicy is Collect. + // +optional + CpuFreq NodeExporterCollectorCpufreqConfig `json:"cpuFreq,omitempty,omitzero"` + // tcpStat configures the tcpstat collector, which collects TCP connection statistics. + // tcpStat is optional. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, + // which is subject to change over time. The current default is disabled. + // Enable when debugging TCP connection behavior or capacity at the node level. + // +optional + TcpStat NodeExporterCollectorTcpStatConfig `json:"tcpStat,omitempty,omitzero"` + // ethtool configures the ethtool collector, which collects ethernet device statistics. + // ethtool is optional. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, + // which is subject to change over time. The current default is disabled. + // Enable when you need NIC driver-level ethtool metrics beyond generic netdev counters. + // +optional + Ethtool NodeExporterCollectorEthtoolConfig `json:"ethtool,omitempty,omitzero"` + // netDev configures the netdev collector, which collects network device statistics. + // netDev is optional. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, + // which is subject to change over time. The current default is enabled. + // Turn off if you must reduce per-interface metric cardinality on hosts with many virtual interfaces. + // +optional + NetDev NodeExporterCollectorNetDevConfig `json:"netDev,omitempty,omitzero"` + // netClass configures the netclass collector, which collects information about network devices. + // netClass is optional. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, + // which is subject to change over time. The current default is enabled with netlink mode active. + // Use statsGatherer when sysfs vs netlink implementation matters or when matching node_exporter tuning. + // +optional + NetClass NodeExporterCollectorNetClassConfig `json:"netClass,omitempty,omitzero"` + // buddyInfo configures the buddyinfo collector, which collects statistics about memory + // fragmentation from the node_buddyinfo_blocks metric. This metric collects data from /proc/buddyinfo. + // buddyInfo is optional. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, + // which is subject to change over time. The current default is disabled. + // Enable when investigating kernel memory fragmentation; typically for advanced troubleshooting only. + // +optional + BuddyInfo NodeExporterCollectorBuddyInfoConfig `json:"buddyInfo,omitempty,omitzero"` + // mountStats configures the mountstats collector, which collects statistics about NFS volume + // I/O activities. + // mountStats is optional. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, + // which is subject to change over time. The current default is disabled. + // Enabling this collector may produce metrics with high cardinality. If you enable this + // collector, closely monitor the prometheus-k8s deployment for excessive memory usage. + // Enable when you care about per-mount NFS client statistics. + // +optional + MountStats NodeExporterCollectorMountStatsConfig `json:"mountStats,omitempty,omitzero"` + // ksmd configures the ksmd collector, which collects statistics from the kernel same-page + // merger daemon. + // ksmd is optional. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, + // which is subject to change over time. The current default is disabled. + // Enable on nodes where KSM is in use and you want visibility into merging activity. + // +optional + Ksmd NodeExporterCollectorKSMDConfig `json:"ksmd,omitempty,omitzero"` + // processes configures the processes collector, which collects statistics from processes and + // threads running in the system. + // processes is optional. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, + // which is subject to change over time. The current default is disabled. + // Enable for process/thread-level insight; can be expensive on busy nodes. + // +optional + Processes NodeExporterCollectorProcessesConfig `json:"processes,omitempty,omitzero"` + // systemd configures the systemd collector, which collects statistics on the systemd daemon + // and its managed services. + // systemd is optional. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, + // which is subject to change over time. The current default is disabled. + // Enabling this collector with a long list of selected units may produce metrics with high + // cardinality. If you enable this collector, closely monitor the prometheus-k8s deployment + // for excessive memory usage. + // Enable when you need metrics for specific units; scope units carefully. + // +optional + Systemd NodeExporterCollectorSystemdConfig `json:"systemd,omitempty,omitzero"` + // softirqs configures the softirqs collector, which exposes detailed softirq statistics + // from /proc/softirqs. + // softirqs is optional. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, + // which is subject to change over time. The current default is disabled. + // Enable when you need visibility into kernel softirq processing across CPUs. + // +optional + Softirqs NodeExporterCollectorSoftirqsConfig `json:"softirqs,omitempty,omitzero"` +} + +// NodeExporterCollectorCpufreqConfig provides configuration for the cpufreq collector +// of the node-exporter agent. The cpufreq collector collects CPU frequency statistics. +// It is disabled by default. +type NodeExporterCollectorCpufreqConfig struct { + // collectionPolicy declares whether the cpufreq collector collects metrics. + // This field is required. + // Valid values are "Collect" and "DoNotCollect". + // When set to "Collect", the cpufreq collector is active and CPU frequency statistics are collected. + // When set to "DoNotCollect", the cpufreq collector is inactive. + // +required + CollectionPolicy NodeExporterCollectorCollectionPolicy `json:"collectionPolicy,omitempty"` +} + +// NodeExporterCollectorTcpStatConfig provides configuration for the tcpstat collector +// of the node-exporter agent. The tcpstat collector collects TCP connection statistics. +// It is disabled by default. +type NodeExporterCollectorTcpStatConfig struct { + // collectionPolicy declares whether the tcpstat collector collects metrics. + // This field is required. + // Valid values are "Collect" and "DoNotCollect". + // When set to "Collect", the tcpstat collector is active and TCP connection statistics are collected. + // When set to "DoNotCollect", the tcpstat collector is inactive. + // +required + CollectionPolicy NodeExporterCollectorCollectionPolicy `json:"collectionPolicy,omitempty"` +} + +// NodeExporterCollectorEthtoolConfig provides configuration for the ethtool collector +// of the node-exporter agent. The ethtool collector collects ethernet device statistics. +// It is disabled by default. +type NodeExporterCollectorEthtoolConfig struct { + // collectionPolicy declares whether the ethtool collector collects metrics. + // This field is required. + // Valid values are "Collect" and "DoNotCollect". + // When set to "Collect", the ethtool collector is active and ethernet device statistics are collected. + // When set to "DoNotCollect", the ethtool collector is inactive. + // +required + CollectionPolicy NodeExporterCollectorCollectionPolicy `json:"collectionPolicy,omitempty"` +} + +// NodeExporterCollectorNetDevConfig provides configuration for the netdev collector +// of the node-exporter agent. The netdev collector collects network device statistics +// such as bytes, packets, errors, and drops per device. +// It is enabled by default. +type NodeExporterCollectorNetDevConfig struct { + // collectionPolicy declares whether the netdev collector collects metrics. + // This field is required. + // Valid values are "Collect" and "DoNotCollect". + // When set to "Collect", the netdev collector is active and network device statistics are collected. + // When set to "DoNotCollect", the netdev collector is inactive and the corresponding metrics become unavailable. + // +required + CollectionPolicy NodeExporterCollectorCollectionPolicy `json:"collectionPolicy,omitempty"` +} + +// NodeExporterCollectorNetClassConfig provides configuration for the netclass collector +// of the node-exporter agent. The netclass collector collects information about network devices +// such as network speed, MTU, and carrier status. +// It is enabled by default. +// When collectionPolicy is DoNotCollect, the collect field must not be set. +// +kubebuilder:validation:XValidation:rule="has(self.collectionPolicy) && self.collectionPolicy == 'Collect' ? true : !has(self.collect)",message="collect is forbidden when collectionPolicy is not Collect" +// +union +type NodeExporterCollectorNetClassConfig struct { + // collectionPolicy declares whether the netclass collector collects metrics. + // This field is required. + // Valid values are "Collect" and "DoNotCollect". + // When set to "Collect", the netclass collector is active and network class information is collected. + // When set to "DoNotCollect", the netclass collector is inactive and the corresponding metrics become unavailable. + // When set to "DoNotCollect", the collect field must not be set. + // +unionDiscriminator + // +required + CollectionPolicy NodeExporterCollectorCollectionPolicy `json:"collectionPolicy,omitempty"` + // collect contains configuration options that apply only when the netclass collector is actively collecting metrics + // (i.e. when collectionPolicy is Collect). + // collect is optional and may be omitted even when collectionPolicy is Collect. + // collect may only be set when collectionPolicy is Collect. + // When set, at least one field must be specified within collect. + // +unionMember + // +optional + Collect NodeExporterCollectorNetClassCollectConfig `json:"collect,omitzero,omitempty"` +} + +// NodeExporterCollectorNetClassCollectConfig holds configuration options for the netclass collector +// when it is actively collecting metrics. At least one field must be specified. +// +kubebuilder:validation:MinProperties=1 +type NodeExporterCollectorNetClassCollectConfig struct { + // statsGatherer selects which implementation the netclass collector uses to gather statistics (sysfs or netlink). + // statsGatherer is optional. + // Valid values are "Sysfs" and "Netlink". + // When set to "Netlink", the netlink implementation is used; when set to "Sysfs", the sysfs implementation is used. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, + // which is subject to change over time. The current default is Netlink. + // +optional + StatsGatherer NodeExporterNetclassStatsGatherer `json:"statsGatherer,omitempty"` +} + +// NodeExporterCollectorBuddyInfoConfig provides configuration for the buddyinfo collector +// of the node-exporter agent. The buddyinfo collector collects statistics about memory fragmentation +// from the node_buddyinfo_blocks metric using data from /proc/buddyinfo. +// It is disabled by default. +type NodeExporterCollectorBuddyInfoConfig struct { + // collectionPolicy declares whether the buddyinfo collector collects metrics. + // This field is required. + // Valid values are "Collect" and "DoNotCollect". + // When set to "Collect", the buddyinfo collector is active and memory fragmentation statistics are collected. + // When set to "DoNotCollect", the buddyinfo collector is inactive. + // +required + CollectionPolicy NodeExporterCollectorCollectionPolicy `json:"collectionPolicy,omitempty"` +} + +// NodeExporterCollectorMountStatsConfig provides configuration for the mountstats collector +// of the node-exporter agent. The mountstats collector collects statistics about NFS volume I/O activities. +// It is disabled by default. +// Enabling this collector may produce metrics with high cardinality. If you enable this +// collector, closely monitor the prometheus-k8s deployment for excessive memory usage. +type NodeExporterCollectorMountStatsConfig struct { + // collectionPolicy declares whether the mountstats collector collects metrics. + // This field is required. + // Valid values are "Collect" and "DoNotCollect". + // When set to "Collect", the mountstats collector is active and NFS volume I/O statistics are collected. + // When set to "DoNotCollect", the mountstats collector is inactive. + // +required + CollectionPolicy NodeExporterCollectorCollectionPolicy `json:"collectionPolicy,omitempty"` +} + +// NodeExporterCollectorKSMDConfig provides configuration for the ksmd collector +// of the node-exporter agent. The ksmd collector collects statistics from the kernel +// same-page merger daemon. +// It is disabled by default. +type NodeExporterCollectorKSMDConfig struct { + // collectionPolicy declares whether the ksmd collector collects metrics. + // This field is required. + // Valid values are "Collect" and "DoNotCollect". + // When set to "Collect", the ksmd collector is active and kernel same-page merger statistics are collected. + // When set to "DoNotCollect", the ksmd collector is inactive. + // +required + CollectionPolicy NodeExporterCollectorCollectionPolicy `json:"collectionPolicy,omitempty"` +} + +// NodeExporterCollectorProcessesConfig provides configuration for the processes collector +// of the node-exporter agent. The processes collector collects statistics from processes and threads +// running in the system. +// It is disabled by default. +type NodeExporterCollectorProcessesConfig struct { + // collectionPolicy declares whether the processes collector collects metrics. + // This field is required. + // Valid values are "Collect" and "DoNotCollect". + // When set to "Collect", the processes collector is active and process/thread statistics are collected. + // When set to "DoNotCollect", the processes collector is inactive. + // +required + CollectionPolicy NodeExporterCollectorCollectionPolicy `json:"collectionPolicy,omitempty"` +} + +// NodeExporterCollectorSystemdConfig provides configuration for the systemd collector +// of the node-exporter agent. The systemd collector collects statistics on the systemd daemon +// and its managed services. +// It is disabled by default. +// Enabling this collector with a long list of selected units may produce metrics with high +// cardinality. If you enable this collector, closely monitor the prometheus-k8s deployment +// for excessive memory usage. +// When collectionPolicy is DoNotCollect, the collect field must not be set. +// +kubebuilder:validation:XValidation:rule="has(self.collectionPolicy) && self.collectionPolicy == 'Collect' ? true : !has(self.collect)",message="collect is forbidden when collectionPolicy is not Collect" +// +union +type NodeExporterCollectorSystemdConfig struct { + // collectionPolicy declares whether the systemd collector collects metrics. + // This field is required. + // Valid values are "Collect" and "DoNotCollect". + // When set to "Collect", the systemd collector is active and systemd unit statistics are collected. + // When set to "DoNotCollect", the systemd collector is inactive and the collect field must not be set. + // +unionDiscriminator + // +required + CollectionPolicy NodeExporterCollectorCollectionPolicy `json:"collectionPolicy,omitempty"` + // collect contains configuration options that apply only when the systemd collector is actively collecting metrics + // (i.e. when collectionPolicy is Collect). + // collect is optional and may be omitted even when collectionPolicy is Collect. + // collect may only be set when collectionPolicy is Collect. + // When set, at least one field must be specified within collect. + // +unionMember + // +optional + Collect NodeExporterCollectorSystemdCollectConfig `json:"collect,omitzero,omitempty"` +} + +// NodeExporterCollectorSystemdCollectConfig holds configuration options for the systemd collector +// when it is actively collecting metrics. At least one field must be specified. +// +kubebuilder:validation:MinProperties=1 +type NodeExporterCollectorSystemdCollectConfig struct { + // units is a list of regular expression patterns that match systemd units to be included + // by the systemd collector. + // units is optional. + // By default, the list is empty, so the collector exposes no metrics for systemd units. + // Each entry is a regular expression pattern and must be at least 1 character and at most 1024 characters. + // Maximum length for this list is 50. + // Minimum length for this list is 1. + // Entries in this list must be unique. + // +kubebuilder:validation:MaxItems=50 + // +kubebuilder:validation:MinItems=1 + // +listType=set + // +optional + Units []NodeExporterSystemdUnit `json:"units,omitempty"` +} + +// NodeExporterSystemdUnit is a string that is interpreted as a Go regular expression +// pattern by the controller to match systemd unit names. +// Invalid regular expressions will cause a controller-level error at runtime. +// Must be at least 1 character and at most 1024 characters. +// +kubebuilder:validation:MinLength=1 +// +kubebuilder:validation:MaxLength=1024 +type NodeExporterSystemdUnit string + +// NodeExporterCollectorSoftirqsConfig provides configuration for the softirqs collector +// of the node-exporter agent. The softirqs collector exposes detailed softirq statistics +// from /proc/softirqs. +// It is disabled by default. +type NodeExporterCollectorSoftirqsConfig struct { + // collectionPolicy declares whether the softirqs collector collects metrics. + // This field is required. + // Valid values are "Collect" and "DoNotCollect". + // When set to "Collect", the softirqs collector is active and softirq statistics are collected. + // When set to "DoNotCollect", the softirqs collector is inactive. + // +required + CollectionPolicy NodeExporterCollectorCollectionPolicy `json:"collectionPolicy,omitempty"` +} + +// MonitoringPluginConfig provides configuration options for the monitoring plugin +// that runs as a dynamic plugin of the OpenShift web console. +// The monitoring plugin provides the monitoring UI in the OpenShift web console +// for visualizing metrics, alerts, and dashboards. +// At least one field must be specified; an empty monitoringPluginConfig object is not allowed. +// +kubebuilder:validation:MinProperties=1 +type MonitoringPluginConfig struct { + // nodeSelector defines the nodes on which the Pods are scheduled. + // nodeSelector is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // The current default value is `kubernetes.io/os: linux`. + // When specified, nodeSelector must contain at least 1 entry and must not contain more than 10 entries. + // +optional + // +kubebuilder:validation:MinProperties=1 + // +kubebuilder:validation:MaxProperties=10 + NodeSelector map[string]string `json:"nodeSelector,omitempty"` + // resources defines the compute resource requests and limits for the monitoring-plugin container. + // This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. + // When not specified, defaults are used by the platform. Requests cannot exceed limits. + // This field is optional. + // More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + // This is a simplified API that maps to Kubernetes ResourceRequirements. + // The current default values are: + // resources: + // - name: cpu + // request: 10m + // - name: memory + // request: 50Mi + // + // When specified, resources must contain at least 1 entry and must not exceed 5 entries. + // +optional + // +listType=map + // +listMapKey=name + // +kubebuilder:validation:MaxItems=5 + // +kubebuilder:validation:MinItems=1 + Resources []ContainerResource `json:"resources,omitempty"` + // tolerations defines the tolerations required for the monitoring-plugin Pods. + // This field is optional. + // + // When omitted, the monitoring-plugin Pods will not have any tolerations, which + // means they will only be scheduled on nodes with no taints. + // When specified, tolerations must contain at least 1 entry and must not contain more than 10 entries. + // +optional + // +listType=atomic + // +kubebuilder:validation:MinItems=1 + // +kubebuilder:validation:MaxItems=10 + Tolerations []v1.Toleration `json:"tolerations,omitempty"` + // topologySpreadConstraints defines rules for how monitoring-plugin Pods should be distributed + // across topology domains such as zones, nodes, or other user-defined labels. + // topologySpreadConstraints is optional. + // This helps improve high availability and resource efficiency by avoiding placing + // too many replicas in the same failure domain. + // + // When omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. + // This field maps directly to the `topologySpreadConstraints` field in the Pod spec. + // Default is empty list. + // When specified, this list must contain at least 1 entry and must not exceed 10 entries. + // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:MinItems=1 + // +listType=map + // +listMapKey=topologyKey + // +listMapKey=whenUnsatisfiable + // +optional + TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` +} + +// UserDefinedMonitoring config for user-defined projects. +type UserDefinedMonitoring struct { + // mode defines the different configurations of UserDefinedMonitoring + // Valid values are Disabled and NamespaceIsolated + // Disabled disables monitoring for user-defined projects. This restricts the default monitoring stack, installed in the openshift-monitoring project, to monitor only platform namespaces, which prevents any custom monitoring configurations or resources from being applied to user-defined namespaces. + // NamespaceIsolated enables monitoring for user-defined projects with namespace-scoped tenancy. This ensures that metrics, alerts, and monitoring data are isolated at the namespace level. + // The current default value is `Disabled`. + // +required + // +kubebuilder:validation:Enum=Disabled;NamespaceIsolated + Mode UserDefinedMode `json:"mode"` +} + +// UserDefinedMode specifies mode for UserDefine Monitoring +// +enum +type UserDefinedMode string + +const ( + // UserDefinedDisabled disables monitoring for user-defined projects. This restricts the default monitoring stack, installed in the openshift-monitoring project, to monitor only platform namespaces, which prevents any custom monitoring configurations or resources from being applied to user-defined namespaces. + UserDefinedDisabled UserDefinedMode = "Disabled" + // UserDefinedNamespaceIsolated enables monitoring for user-defined projects with namespace-scoped tenancy. This ensures that metrics, alerts, and monitoring data are isolated at the namespace level. + UserDefinedNamespaceIsolated UserDefinedMode = "NamespaceIsolated" +) + +// alertmanagerConfig provides configuration options for the default Alertmanager instance +// that runs in the `openshift-monitoring` namespace. Use this configuration to control +// whether the default Alertmanager is deployed, how it logs, and how its pods are scheduled. +// +kubebuilder:validation:XValidation:rule="self.deploymentMode == 'CustomConfig' ? has(self.customConfig) : !has(self.customConfig)",message="customConfig is required when deploymentMode is CustomConfig, and forbidden otherwise" +type AlertmanagerConfig struct { + // deploymentMode determines whether the default Alertmanager instance should be deployed + // as part of the monitoring stack. + // Allowed values are Disabled, DefaultConfig, and CustomConfig. + // When set to Disabled, the Alertmanager instance will not be deployed. + // When set to DefaultConfig, the platform will deploy Alertmanager with default settings. + // When set to CustomConfig, the Alertmanager will be deployed with custom configuration. + // + // +unionDiscriminator + // +required + DeploymentMode AlertManagerDeployMode `json:"deploymentMode,omitempty"` + + // customConfig must be set when deploymentMode is CustomConfig, and must be unset otherwise. + // When set to CustomConfig, the Alertmanager will be deployed with custom configuration. + // +optional + CustomConfig AlertmanagerCustomConfig `json:"customConfig,omitempty,omitzero"` +} + +// UserAlertmanagerConfigSelection controls whether the platform Alertmanager selects +// AlertmanagerConfig resources from user-defined namespaces. +// +enum +type UserAlertmanagerConfigSelection string + +const ( + // UserAlertmanagerConfigSelectionSelectable enables user-defined namespaces to be selected + // for AlertmanagerConfig lookups on the platform Alertmanager. + UserAlertmanagerConfigSelectionSelectable UserAlertmanagerConfigSelection = "Selectable" + // UserAlertmanagerConfigSelectionNone disables user-defined namespaces from being selected + // for AlertmanagerConfig lookups on the platform Alertmanager. + UserAlertmanagerConfigSelectionNone UserAlertmanagerConfigSelection = "None" +) + +// AlertmanagerCustomConfig represents the configuration for a custom Alertmanager deployment. +// alertmanagerCustomConfig provides configuration options for the default Alertmanager instance +// that runs in the `openshift-monitoring` namespace. Use this configuration to control +// whether user-defined namespaces are selected for AlertmanagerConfig lookups, how it logs, +// and how its pods are scheduled. +// +kubebuilder:validation:MinProperties=1 +type AlertmanagerCustomConfig struct { + // userAlertmanagerConfigSelection is an optional field that controls whether user-defined + // namespaces can be selected for AlertmanagerConfig lookups on the platform Alertmanager + // instance in the `openshift-monitoring` namespace. + // Valid values are Selectable and None. + // When set to Selectable, the platform Alertmanager discovers AlertmanagerConfig resources + // in user-defined namespaces. This is equivalent to `enableUserAlertmanagerConfig: true` in + // the cluster-monitoring-config ConfigMap. + // When set to None, user-defined namespaces are not selected for AlertmanagerConfig lookups + // on the platform Alertmanager. This is equivalent to `enableUserAlertmanagerConfig: false` + // in the cluster-monitoring-config ConfigMap. + // This setting only applies when the user-workload monitoring Alertmanager is not enabled. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The current default value is `None`. + // +optional + // +kubebuilder:validation:Enum=Selectable;None + UserAlertmanagerConfigSelection UserAlertmanagerConfigSelection `json:"userAlertmanagerConfigSelection,omitempty"` + // logLevel defines the verbosity of logs emitted by Alertmanager. + // This field allows users to control the amount and severity of logs generated, which can be useful + // for debugging issues or reducing noise in production environments. + // Allowed values are Error, Warn, Info, and Debug. + // When set to Error, only errors will be logged. + // When set to Warn, both warnings and errors will be logged. + // When set to Info, general information, warnings, and errors will all be logged. + // When set to Debug, detailed debugging information will be logged. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. + // The current default value is `Info`. + // +optional + LogLevel LogLevel `json:"logLevel,omitempty"` + // nodeSelector defines the nodes on which the Pods are scheduled + // nodeSelector is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // The current default value is `kubernetes.io/os: linux`. + // +optional + // +kubebuilder:validation:MinProperties=1 + // +kubebuilder:validation:MaxProperties=10 + NodeSelector map[string]string `json:"nodeSelector,omitempty"` + // resources defines the compute resource requests and limits for the Alertmanager container. + // This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. + // When not specified, defaults are used by the platform. Requests cannot exceed limits. + // This field is optional. + // More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + // This is a simplified API that maps to Kubernetes ResourceRequirements. + // The current default values are: + // resources: + // - name: cpu + // request: 4m + // limit: null + // - name: memory + // request: 40Mi + // limit: null + // Maximum length for this list is 5. + // Minimum length for this list is 1. + // Each resource name must be unique within this list. + // +optional + // +listType=map + // +listMapKey=name + // +kubebuilder:validation:MaxItems=5 + // +kubebuilder:validation:MinItems=1 + Resources []ContainerResource `json:"resources,omitempty"` + // secrets defines a list of secrets that need to be mounted into the Alertmanager. + // The secrets must reside within the same namespace as the Alertmanager object. + // They will be added as volumes named secret- and mounted at + // /etc/alertmanager/secrets/ within the 'alertmanager' container of + // the Alertmanager Pods. + // + // These secrets can be used to authenticate Alertmanager with endpoint receivers. + // For example, you can use secrets to: + // - Provide certificates for TLS authentication with receivers that require private CA certificates + // - Store credentials for Basic HTTP authentication with receivers that require password-based auth + // - Store any other authentication credentials needed by your alert receivers + // + // This field is optional. + // Maximum length for this list is 10. + // Minimum length for this list is 1. + // Entries in this list must be unique. + // +optional + // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:MinItems=1 + // +listType=set + Secrets []SecretName `json:"secrets,omitempty"` + // tolerations defines tolerations for the pods. + // tolerations is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // Defaults are empty/unset. + // Maximum length for this list is 10. + // Minimum length for this list is 1. + // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:MinItems=1 + // +listType=atomic + // +optional + Tolerations []v1.Toleration `json:"tolerations,omitempty"` + // topologySpreadConstraints defines rules for how Alertmanager Pods should be distributed + // across topology domains such as zones, nodes, or other user-defined labels. + // topologySpreadConstraints is optional. + // This helps improve high availability and resource efficiency by avoiding placing + // too many replicas in the same failure domain. + // + // When omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. + // This field maps directly to the `topologySpreadConstraints` field in the Pod spec. + // Default is empty list. + // Maximum length for this list is 10. + // Minimum length for this list is 1. + // Entries must have unique topologyKey and whenUnsatisfiable pairs. + // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:MinItems=1 + // +listType=map + // +listMapKey=topologyKey + // +listMapKey=whenUnsatisfiable + // +optional + TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` + // volumeClaimTemplate defines persistent storage for Alertmanager. Use this setting to + // configure the persistent volume claim, including storage class and volume size. + // If omitted, the Pod uses ephemeral storage and alert data will not persist + // across restarts. + // +optional + VolumeClaimTemplate *v1.PersistentVolumeClaim `json:"volumeClaimTemplate,omitempty,omitzero"` +} + +// AlertManagerDeployMode defines the deployment state of the platform Alertmanager instance. +// +// Possible values: +// - "Disabled": The Alertmanager instance will not be deployed. +// - "DefaultConfig": The Alertmanager instance will be deployed with default settings. +// - "CustomConfig": The Alertmanager instance will be deployed with custom configuration. +// +kubebuilder:validation:Enum=Disabled;DefaultConfig;CustomConfig +type AlertManagerDeployMode string + +const ( + // AlertManagerModeDisabled means the Alertmanager instance will not be deployed. + AlertManagerDeployModeDisabled AlertManagerDeployMode = "Disabled" + // AlertManagerModeDefaultConfig means the Alertmanager instance will be deployed with default settings. + AlertManagerDeployModeDefaultConfig AlertManagerDeployMode = "DefaultConfig" + // AlertManagerModeCustomConfig means the Alertmanager instance will be deployed with custom configuration. + AlertManagerDeployModeCustomConfig AlertManagerDeployMode = "CustomConfig" +) + +// LogLevel defines the verbosity of logs emitted by Alertmanager. +// Valid values are Error, Warn, Info and Debug. +// +kubebuilder:validation:Enum=Error;Warn;Info;Debug +type LogLevel string + +const ( + // LogLevelError only errors will be logged. + LogLevelError LogLevel = "Error" + // LogLevelWarn, both warnings and errors will be logged. + LogLevelWarn LogLevel = "Warn" + // LogLevelInfo, general information, warnings, and errors will all be logged. + LogLevelInfo LogLevel = "Info" + // LogLevelDebug, detailed debugging information will be logged. + LogLevelDebug LogLevel = "Debug" +) + +// MaxItems on []ContainerResource fields is kept at 5 to stay within the +// Kubernetes CRD CEL validation cost budget (StaticEstimatedCRDCostLimit). +// The quantity() CEL function has a high fixed estimated cost per invocation, +// and the limit-vs-request comparison rule is costed per maxItems per location. +// With multiple structs in ClusterMonitoringSpec embedding []ContainerResource, +// maxItems > 5 causes the total estimated rule cost to exceed the budget. + +// ContainerResource defines a single resource requirement for a container. +// +kubebuilder:validation:XValidation:rule="has(self.request) || has(self.limit)",message="at least one of request or limit must be set" +// +kubebuilder:validation:XValidation:rule="!(has(self.request) && has(self.limit)) || quantity(self.limit).compareTo(quantity(self.request)) >= 0",message="limit must be greater than or equal to request" +type ContainerResource struct { + // name of the resource (e.g. "cpu", "memory", "hugepages-2Mi"). + // This field is required. + // name must consist only of alphanumeric characters, `-`, `_` and `.` and must start and end with an alphanumeric character. + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=253 + // +kubebuilder:validation:XValidation:rule="!format.qualifiedName().validate(self).hasValue()",message="name must consist only of alphanumeric characters, `-`, `_` and `.` and must start and end with an alphanumeric character" + Name string `json:"name,omitempty"` + + // request is the minimum amount of the resource required (e.g. "2Mi", "1Gi"). + // This field is optional. + // When limit is specified, request cannot be greater than limit. + // The value must be greater than 0 when specified. + // +optional + // +kubebuilder:validation:XIntOrString + // +kubebuilder:validation:MaxLength=20 + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:XValidation:rule="quantity(self).isGreaterThan(quantity('0'))",message="request must be a positive, non-zero quantity" + Request resource.Quantity `json:"request,omitempty"` + + // limit is the maximum amount of the resource allowed (e.g. "2Mi", "1Gi"). + // This field is optional. + // When request is specified, limit cannot be less than request. + // The value must be greater than 0 when specified. + // +optional + // +kubebuilder:validation:XIntOrString + // +kubebuilder:validation:MaxLength=20 + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:XValidation:rule="quantity(self).isGreaterThan(quantity('0'))",message="limit must be a positive, non-zero quantity" + Limit resource.Quantity `json:"limit,omitempty"` +} + +// SecretName is a type that represents the name of a Secret in the same namespace. +// It must be at most 253 characters in length. +// +kubebuilder:validation:XValidation:rule="!format.dns1123Subdomain().validate(self).hasValue()",message="a lowercase RFC 1123 subdomain must consist of lower case alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character." +// +kubebuilder:validation:MaxLength=63 +type SecretName string + +// MetricsServerConfig provides configuration options for the Metrics Server instance +// that runs in the `openshift-monitoring` namespace. Use this configuration to control +// how the Metrics Server instance is deployed, how it logs, and how its pods are scheduled. +// +kubebuilder:validation:MinProperties=1 +type MetricsServerConfig struct { + // audit defines the audit configuration used by the Metrics Server instance. + // audit is optional. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. + //The current default sets audit.profile to Metadata + // +optional + Audit Audit `json:"audit,omitempty,omitzero"` + // nodeSelector defines the nodes on which the Pods are scheduled + // nodeSelector is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // The current default value is `kubernetes.io/os: linux`. + // +optional + // +kubebuilder:validation:MinProperties=1 + // +kubebuilder:validation:MaxProperties=10 + NodeSelector map[string]string `json:"nodeSelector,omitempty"` + // tolerations defines tolerations for the pods. + // tolerations is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // Defaults are empty/unset. + // Maximum length for this list is 10. + // Minimum length for this list is 1. + // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:MinItems=1 + // +listType=atomic + // +optional + Tolerations []v1.Toleration `json:"tolerations,omitempty"` + // verbosity defines the verbosity of log messages for Metrics Server. + // Valid values are Errors, Info, Trace, TraceAll and omitted. + // When set to Errors, only critical messages and errors are logged. + // When set to Info, only basic information messages are logged. + // When set to Trace, information useful for general debugging is logged. + // When set to TraceAll, detailed information about metric scraping is logged. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. + // The current default value is `Errors` + // +optional + Verbosity VerbosityLevel `json:"verbosity,omitempty,omitzero"` + // resources defines the compute resource requests and limits for the Metrics Server container. + // This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. + // When not specified, defaults are used by the platform. Requests cannot exceed limits. + // This field is optional. + // More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + // This is a simplified API that maps to Kubernetes ResourceRequirements. + // The current default values are: + // resources: + // - name: cpu + // request: 4m + // limit: null + // - name: memory + // request: 40Mi + // limit: null + // Maximum length for this list is 5. + // Minimum length for this list is 1. + // Each resource name must be unique within this list. + // +optional + // +listType=map + // +listMapKey=name + // +kubebuilder:validation:MaxItems=5 + // +kubebuilder:validation:MinItems=1 + Resources []ContainerResource `json:"resources,omitempty"` + // topologySpreadConstraints defines rules for how Metrics Server Pods should be distributed + // across topology domains such as zones, nodes, or other user-defined labels. + // topologySpreadConstraints is optional. + // This helps improve high availability and resource efficiency by avoiding placing + // too many replicas in the same failure domain. + // + // When omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. + // This field maps directly to the `topologySpreadConstraints` field in the Pod spec. + // Default is empty list. + // Maximum length for this list is 10. + // Minimum length for this list is 1. + // Entries must have unique topologyKey and whenUnsatisfiable pairs. + // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:MinItems=1 + // +listType=map + // +listMapKey=topologyKey + // +listMapKey=whenUnsatisfiable + // +optional + TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` +} + +// PrometheusOperatorConfig provides configuration options for the Prometheus Operator instance +// Use this configuration to control how the Prometheus Operator instance is deployed, how it logs, and how its pods are scheduled. +// +kubebuilder:validation:MinProperties=1 +type PrometheusOperatorConfig struct { + // logLevel defines the verbosity of logs emitted by Prometheus Operator. + // This field allows users to control the amount and severity of logs generated, which can be useful + // for debugging issues or reducing noise in production environments. + // Allowed values are Error, Warn, Info, and Debug. + // When set to Error, only errors will be logged. + // When set to Warn, both warnings and errors will be logged. + // When set to Info, general information, warnings, and errors will all be logged. + // When set to Debug, detailed debugging information will be logged. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. + // The current default value is `Info`. + // +optional + LogLevel LogLevel `json:"logLevel,omitempty"` + // nodeSelector defines the nodes on which the Pods are scheduled + // nodeSelector is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // The current default value is `kubernetes.io/os: linux`. + // When specified, nodeSelector must contain at least 1 entry and must not contain more than 10 entries. + // +optional + // +kubebuilder:validation:MinProperties=1 + // +kubebuilder:validation:MaxProperties=10 + NodeSelector map[string]string `json:"nodeSelector,omitempty"` + // resources defines the compute resource requests and limits for the Prometheus Operator container. + // This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. + // When not specified, defaults are used by the platform. Requests cannot exceed limits. + // This field is optional. + // More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + // This is a simplified API that maps to Kubernetes ResourceRequirements. + // The current default values are: + // resources: + // - name: cpu + // request: 4m + // limit: null + // - name: memory + // request: 40Mi + // limit: null + // Maximum length for this list is 5. + // Minimum length for this list is 1. + // Each resource name must be unique within this list. + // +optional + // +listType=map + // +listMapKey=name + // +kubebuilder:validation:MaxItems=5 + // +kubebuilder:validation:MinItems=1 + Resources []ContainerResource `json:"resources,omitempty"` + // tolerations defines tolerations for the pods. + // tolerations is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // Defaults are empty/unset. + // Maximum length for this list is 10. + // Minimum length for this list is 1. + // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:MinItems=1 + // +listType=atomic + // +optional + Tolerations []v1.Toleration `json:"tolerations,omitempty"` + // topologySpreadConstraints defines rules for how Prometheus Operator Pods should be distributed + // across topology domains such as zones, nodes, or other user-defined labels. + // topologySpreadConstraints is optional. + // This helps improve high availability and resource efficiency by avoiding placing + // too many replicas in the same failure domain. + // + // When omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. + // This field maps directly to the `topologySpreadConstraints` field in the Pod spec. + // Default is empty list. + // Maximum length for this list is 10. + // Minimum length for this list is 1. + // Entries must have unique topologyKey and whenUnsatisfiable pairs. + // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:MinItems=1 + // +listType=map + // +listMapKey=topologyKey + // +listMapKey=whenUnsatisfiable + // +optional + TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` +} + +// PrometheusOperatorAdmissionWebhookConfig provides configuration options for the admission webhook +// component of Prometheus Operator that runs in the `openshift-monitoring` namespace. The admission +// webhook validates PrometheusRule and AlertmanagerConfig objects, mutates PrometheusRule annotations, +// and converts AlertmanagerConfig objects between API versions. +// +kubebuilder:validation:MinProperties=1 +type PrometheusOperatorAdmissionWebhookConfig struct { + // resources defines the compute resource requests and limits for the + // prometheus-operator-admission-webhook container. + // This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. + // When not specified, defaults are used by the platform. Requests cannot exceed limits. + // This field is optional. + // More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + // This is a simplified API that maps to Kubernetes ResourceRequirements. + // The current default values are: + // resources: + // - name: cpu + // request: 5m + // limit: null + // - name: memory + // request: 30Mi + // limit: null + // Maximum length for this list is 5. + // Minimum length for this list is 1. + // Each resource name must be unique within this list. + // +optional + // +listType=map + // +listMapKey=name + // +kubebuilder:validation:MaxItems=5 + // +kubebuilder:validation:MinItems=1 + Resources []ContainerResource `json:"resources,omitempty"` + // topologySpreadConstraints defines rules for how admission webhook Pods should be distributed + // across topology domains such as zones, nodes, or other user-defined labels. + // topologySpreadConstraints is optional. + // This helps improve high availability and resource efficiency by avoiding placing + // too many replicas in the same failure domain. + // + // When omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. + // This field maps directly to the `topologySpreadConstraints` field in the Pod spec. + // Default is empty list. + // Maximum length for this list is 10. + // Minimum length for this list is 1. + // Entries must have unique topologyKey and whenUnsatisfiable pairs. + // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:MinItems=1 + // +listType=map + // +listMapKey=topologyKey + // +listMapKey=whenUnsatisfiable + // +optional + TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` +} + +// PrometheusConfig provides configuration options for the Prometheus instance. +// Use this configuration to control +// Prometheus deployment, pod scheduling, resource allocation, retention policies, and external integrations. +// +kubebuilder:validation:MinProperties=1 +type PrometheusConfig struct { + // additionalAlertmanagerConfigs configures additional Alertmanager instances that receive alerts from + // the Prometheus component. This is useful for organizations that need to: + // - Send alerts to external monitoring systems (like PagerDuty, Slack, or custom webhooks) + // - Route different types of alerts to different teams or systems + // - Integrate with existing enterprise alerting infrastructure + // - Maintain separate alert routing for compliance or organizational requirements + // When omitted, no additional Alertmanager instances are configured (default behavior). + // When provided, at least one configuration must be specified (minimum 1, maximum 10 items). + // Entries must have unique names (name is the list key). + // +optional + // +kubebuilder:validation:MinItems=1 + // +kubebuilder:validation:MaxItems=10 + // +listType=map + // +listMapKey=name + AdditionalAlertmanagerConfigs []AdditionalAlertmanagerConfig `json:"additionalAlertmanagerConfigs,omitempty"` + // enforcedBodySizeLimitBytes enforces a body size limit (in bytes) for Prometheus scraped metrics. + // If a scraped target's body response is larger than the limit, the scrape will fail. + // This helps protect Prometheus from targets that return excessively large responses. + // The value is specified in bytes (e.g., 4194304 for 4MB, 1073741824 for 1GB). + // When omitted, the Cluster Monitoring Operator automatically calculates an appropriate + // limit based on cluster capacity. Set an explicit value to override the automatic calculation. + // Minimum value is 10240 (10kB). + // Maximum value is 1073741824 (1GB). + // +kubebuilder:validation:Minimum=10240 + // +kubebuilder:validation:Maximum=1073741824 + // +optional + EnforcedBodySizeLimitBytes int64 `json:"enforcedBodySizeLimitBytes,omitempty"` + // externalLabels defines labels to be attached to time series and alerts + // when communicating with external systems such as federation, remote storage, + // and Alertmanager. These labels are not stored with metrics on disk; they are + // only added when data leaves Prometheus (e.g., during federation queries, + // remote write, or alert notifications). + // At least 1 label must be specified when set, with a maximum of 50 labels allowed. + // Each label key must be unique within this list. + // When omitted, no external labels are applied. + // +optional + // +kubebuilder:validation:MinItems=1 + // +kubebuilder:validation:MaxItems=50 + // +listType=map + // +listMapKey=key + ExternalLabels []Label `json:"externalLabels,omitempty"` + // logLevel defines the verbosity of logs emitted by Prometheus. + // This field allows users to control the amount and severity of logs generated, which can be useful + // for debugging issues or reducing noise in production environments. + // Allowed values are Error, Warn, Info, and Debug. + // When set to Error, only errors will be logged. + // When set to Warn, both warnings and errors will be logged. + // When set to Info, general information, warnings, and errors will all be logged. + // When set to Debug, detailed debugging information will be logged. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. + // The current default value is `Info`. + // +optional + LogLevel LogLevel `json:"logLevel,omitempty"` + // nodeSelector defines the nodes on which the Pods are scheduled. + // nodeSelector is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // The current default value is `kubernetes.io/os: linux`. + // When specified, nodeSelector must contain at least one key-value pair (minimum of 1) + // and must not contain more than 10 entries. + // +optional + // +kubebuilder:validation:MinProperties=1 + // +kubebuilder:validation:MaxProperties=10 + NodeSelector map[string]string `json:"nodeSelector,omitempty"` + // queryLogFile specifies the file to which PromQL queries are logged. + // This setting can be either a filename, in which + // case the queries are saved to an `emptyDir` volume + // at `/var/log/prometheus`, or a full path to a location where + // an `emptyDir` volume will be mounted and the queries saved. + // Writing to `/dev/stderr`, `/dev/stdout` or `/dev/null` is supported, but + // writing to any other `/dev/` path is not supported. Relative paths are + // also not supported. + // By default, PromQL queries are not logged. + // Must be an absolute path starting with `/` or a simple filename without path separators. + // Must not contain consecutive slashes, end with a slash, or include '..' path traversal. + // Must contain only alphanumeric characters, '.', '_', '-', or '/'. + // Must be between 1 and 255 characters in length. + // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=255 + // +kubebuilder:validation:XValidation:rule="self.matches('^[a-zA-Z0-9._/-]+$')",message="must contain only alphanumeric characters, '.', '_', '-', or '/'" + // +kubebuilder:validation:XValidation:rule="self.startsWith('/') || !self.contains('/')",message="must be an absolute path starting with '/' or a simple filename without '/'" + // +kubebuilder:validation:XValidation:rule="!self.startsWith('/dev/') || self in ['/dev/stdout', '/dev/stderr', '/dev/null']",message="only /dev/stdout, /dev/stderr, and /dev/null are allowed as /dev/ paths" + // +kubebuilder:validation:XValidation:rule="!self.contains('//') && !self.endsWith('/') && !self.contains('..')",message="must not contain '//', end with '/', or contain '..'" + QueryLogFile string `json:"queryLogFile,omitempty"` + // remoteWrite defines the remote write configuration, including URL, authentication, and relabeling settings. + // Remote write allows Prometheus to send metrics it collects to external long-term storage systems. + // When omitted, no remote write endpoints are configured. + // When provided, at least one configuration must be specified (minimum 1, maximum 10 items). + // Entries must have unique names (name is the list key). + // +kubebuilder:validation:MinItems=1 + // +kubebuilder:validation:MaxItems=10 + // +listType=map + // +listMapKey=name + // +optional + RemoteWrite []RemoteWriteSpec `json:"remoteWrite,omitempty"` + // resources defines the compute resource requests and limits for the Prometheus container. + // This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. + // When not specified, defaults are used by the platform. Requests cannot exceed limits. + // This field is optional. + // More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + // This is a simplified API that maps to Kubernetes ResourceRequirements. + // The current default values are: + // resources: + // - name: cpu + // request: 4m + // limit: null + // - name: memory + // request: 40Mi + // limit: null + // Maximum length for this list is 5. + // Minimum length for this list is 1. + // Each resource name must be unique within this list. + // +optional + // +listType=map + // +listMapKey=name + // +kubebuilder:validation:MaxItems=5 + // +kubebuilder:validation:MinItems=1 + Resources []ContainerResource `json:"resources,omitempty"` + // retention configures how long Prometheus retains metrics data and how much storage it can use. + // When omitted, the platform chooses reasonable defaults (currently 15d retention, no size limit). + // +optional + Retention Retention `json:"retention,omitempty,omitzero"` + // tolerations defines tolerations for the pods. + // tolerations is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // Defaults are empty/unset. + // Maximum length for this list is 10 + // Minimum length for this list is 1 + // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:MinItems=1 + // +listType=atomic + // +optional + Tolerations []v1.Toleration `json:"tolerations,omitempty"` + // topologySpreadConstraints defines rules for how Prometheus Pods should be distributed + // across topology domains such as zones, nodes, or other user-defined labels. + // topologySpreadConstraints is optional. + // This helps improve high availability and resource efficiency by avoiding placing + // too many replicas in the same failure domain. + // + // When omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. + // This field maps directly to the `topologySpreadConstraints` field in the Pod spec. + // Default is empty list. + // Maximum length for this list is 10. + // Minimum length for this list is 1 + // Entries must have unique topologyKey and whenUnsatisfiable pairs. + // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:MinItems=1 + // +listType=map + // +listMapKey=topologyKey + // +listMapKey=whenUnsatisfiable + // +optional + TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` + // collectionProfile defines the metrics collection profile that Prometheus uses to collect + // metrics from the platform components. Supported values are `Full` or + // `Minimal`. In the `Full` profile (default), Prometheus collects all + // metrics that are exposed by the platform components. In the `Minimal` + // profile, Prometheus only collects metrics necessary for the default + // platform alerts, recording rules, telemetry and console dashboards. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The default value is `Full`. + // +optional + CollectionProfile CollectionProfile `json:"collectionProfile,omitempty"` + // volumeClaimTemplate defines persistent storage for Prometheus. Use this setting to + // configure the persistent volume claim, including storage class and volume size. + // If omitted, the Pod uses ephemeral storage and Prometheus data will not persist + // across restarts. + // +optional + VolumeClaimTemplate *v1.PersistentVolumeClaim `json:"volumeClaimTemplate,omitempty,omitzero"` +} + +// AlertmanagerScheme defines the URL scheme to use when communicating with Alertmanager instances. +// +kubebuilder:validation:Enum=HTTP;HTTPS +type AlertmanagerScheme string + +const ( + AlertmanagerSchemeHTTP AlertmanagerScheme = "HTTP" + AlertmanagerSchemeHTTPS AlertmanagerScheme = "HTTPS" +) + +// AdditionalAlertmanagerConfig represents configuration for additional Alertmanager instances. +// The `AdditionalAlertmanagerConfig` resource defines settings for how a +// component communicates with additional Alertmanager instances. +type AdditionalAlertmanagerConfig struct { + // name is a unique identifier for this Alertmanager configuration entry. + // The name must be a valid DNS subdomain (RFC 1123): lowercase alphanumeric characters, + // hyphens, or periods, and must start and end with an alphanumeric character. + // Minimum length is 1 character (empty string is invalid). + // Maximum length is 253 characters. + // +kubebuilder:validation:MaxLength=253 + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:XValidation:rule="!format.dns1123Subdomain().validate(self).hasValue()",message="a lowercase RFC 1123 subdomain must consist of lower case alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character." + // +required + Name string `json:"name,omitempty"` + // authorization configures the authentication method for Alertmanager connections. + // Supports bearer token authentication. When omitted, no authentication is used. + // +optional + Authorization AuthorizationConfig `json:"authorization,omitempty,omitzero"` + // pathPrefix defines an optional URL path prefix to prepend to the Alertmanager API endpoints. + // For example, if your Alertmanager is behind a reverse proxy at "/alertmanager/", + // set this to "/alertmanager" so requests go to "/alertmanager/api/v1/alerts" instead of "/api/v1/alerts". + // This is commonly needed when Alertmanager is deployed behind ingress controllers or load balancers. + // When no prefix is needed, omit this field; do not set it to "/" as that would produce paths with double slashes (e.g. "//api/v1/alerts"). + // Must start with "/", must not end with "/", and must not be exactly "/". + // Must not contain query strings ("?") or fragments ("#"). + // +kubebuilder:validation:MaxLength=255 + // +kubebuilder:validation:MinLength=2 + // +kubebuilder:validation:XValidation:rule="self.startsWith('/')",message="pathPrefix must start with '/'" + // +kubebuilder:validation:XValidation:rule="!self.endsWith('/')",message="pathPrefix must not end with '/'" + // +kubebuilder:validation:XValidation:rule="self != '/'",message="pathPrefix must not be '/' (would produce double slashes in request path); omit for no prefix" + // +kubebuilder:validation:XValidation:rule="!self.contains('?') && !self.contains('#')",message="pathPrefix must not contain '?' or '#'" + // +optional + PathPrefix string `json:"pathPrefix,omitempty"` + // scheme defines the URL scheme to use when communicating with Alertmanager + // instances. + // Possible values are `HTTP` or `HTTPS`. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The current default value is `HTTP`. + // +optional + Scheme AlertmanagerScheme `json:"scheme,omitempty"` + // staticConfigs is a list of statically configured Alertmanager endpoints in the form + // of `:`. Each entry must be a valid hostname, IPv4 address, or IPv6 address + // (in brackets) followed by a colon and a valid port number (1-65535). + // Examples: "alertmanager.example.com:9093", "192.168.1.100:9093", "[::1]:9093" + // At least one endpoint must be specified (minimum 1, maximum 10 endpoints). + // Each entry must be unique and non-empty (empty string is invalid). + // +kubebuilder:validation:MinItems=1 + // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:items:MinLength=1 + // +kubebuilder:validation:items:MaxLength=255 + // +kubebuilder:validation:items:XValidation:rule="isURL('http://' + self) && size(url('http://' + self).getHostname()) > 0 && size(url('http://' + self).getPort()) > 0 && int(url('http://' + self).getPort()) >= 1 && int(url('http://' + self).getPort()) <= 65535",message="must be a valid 'host:port' where host is a DNS name, IPv4, or IPv6 address (in brackets), and port is 1-65535" + // +listType=set + // +required + StaticConfigs []string `json:"staticConfigs,omitempty"` + // timeoutSeconds defines the timeout in seconds for requests to Alertmanager. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // Currently the default is 10 seconds. + // Minimum value is 1 second. + // Maximum value is 600 seconds (10 minutes). + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=600 + // +optional + TimeoutSeconds int32 `json:"timeoutSeconds,omitempty"` + // tlsConfig defines the TLS settings to use for Alertmanager connections. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // +optional + TLSConfig TLSConfig `json:"tlsConfig,omitempty,omitzero"` +} + +// Label represents a key/value pair for external labels. +type Label struct { + // key is the name of the label. + // Prometheus supports UTF-8 label names, so any valid UTF-8 string is allowed. + // Must be between 1 and 128 characters in length. + // +required + // +kubebuilder:validation:MaxLength=128 + // +kubebuilder:validation:MinLength=1 + Key string `json:"key,omitempty"` + // value is the value of the label. + // Must be between 1 and 128 characters in length. + // +required + // +kubebuilder:validation:MaxLength=128 + // +kubebuilder:validation:MinLength=1 + Value string `json:"value,omitempty"` +} + +// RemoteWriteSpec represents configuration for remote write endpoints. +type RemoteWriteSpec struct { + // url is the URL of the remote write endpoint. + // Must be a valid URL with http or https scheme and a non-empty hostname. + // Query parameters, fragments, and user information (e.g. user:password@host) are not allowed. + // Empty string is invalid. Must be between 1 and 2048 characters in length. + // +required + // +kubebuilder:validation:MaxLength=2048 + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:XValidation:rule="isURL(self)",message="must be a valid URL" + // +kubebuilder:validation:XValidation:rule="!isURL(self) || url(self).getScheme() == 'http' || url(self).getScheme() == 'https'",message="must use http or https scheme" + // +kubebuilder:validation:XValidation:rule="!isURL(self) || size(url(self).getHostname()) > 0",message="must have a non-empty hostname" + // +kubebuilder:validation:XValidation:rule="!isURL(self) || url(self).getQuery().size() == 0",message="query parameters are not allowed" + // +kubebuilder:validation:XValidation:rule="!self.matches('.*#.*')",message="fragments are not allowed" + // +kubebuilder:validation:XValidation:rule="!self.matches('.*@.*')",message="user information (e.g. user:password@host) is not allowed" + URL string `json:"url,omitempty"` + // name is a required identifier for this remote write configuration (name is the list key for the remoteWrite list). + // This name is used in metrics and logging to differentiate remote write queues. + // Must contain only alphanumeric characters, hyphens, and underscores. + // Must be between 1 and 63 characters in length. + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=63 + // +kubebuilder:validation:XValidation:rule="self.matches('^[a-zA-Z0-9_-]+$')",message="must contain only alphanumeric characters, hyphens, and underscores" + Name string `json:"name,omitempty"` + // authorization defines the authorization method for the remote write endpoint. + // When omitted, no authorization is performed. + // When set, type must be one of BearerToken, BasicAuth, OAuth2, SigV4, SafeAuthorization, or ServiceAccount; the corresponding nested config must be set (ServiceAccount has no config). + // +optional + AuthorizationConfig RemoteWriteAuthorization `json:"authorization,omitzero"` + // headers specifies the custom HTTP headers to be sent along with each remote write request. + // Sending custom headers makes the configuration of a proxy in between optional and helps the + // receiver recognize the given source better. + // Clients MAY allow users to send custom HTTP headers; they MUST NOT allow users to configure + // them in such a way as to send reserved headers. Headers set by Prometheus cannot be overwritten. + // When omitted, no custom headers are sent. + // Maximum of 50 headers can be specified. Each header name must be unique. + // Each header name must contain only alphanumeric characters, hyphens, and underscores, and must not be a reserved Prometheus header (Host, Authorization, Content-Encoding, Content-Type, X-Prometheus-Remote-Write-Version, User-Agent, Connection, Keep-Alive, Proxy-Authenticate, Proxy-Authorization, WWW-Authenticate). + // +optional + // +kubebuilder:validation:MinItems=0 + // +kubebuilder:validation:MaxItems=50 + // +kubebuilder:validation:items:XValidation:rule="self.name.matches('^[a-zA-Z0-9_-]+$')",message="header name must contain only alphanumeric characters, hyphens, and underscores" + // +kubebuilder:validation:items:XValidation:rule="!self.name.matches('(?i)^(host|authorization|content-encoding|content-type|x-prometheus-remote-write-version|user-agent|connection|keep-alive|proxy-authenticate|proxy-authorization|www-authenticate)$')",message="header name must not be a reserved Prometheus header (Host, Authorization, Content-Encoding, Content-Type, X-Prometheus-Remote-Write-Version, User-Agent, Connection, Keep-Alive, Proxy-Authenticate, Proxy-Authorization, WWW-Authenticate)" + // +listType=map + // +listMapKey=name + Headers []PrometheusRemoteWriteHeader `json:"headers,omitempty"` + // metadataConfig configures the sending of series metadata to remote storage. + // When omitted, no metadata is sent. + // When set to sendPolicy: Default, metadata is sent using platform-chosen defaults (e.g. send interval 30 seconds). + // When set to sendPolicy: Custom, metadata is sent using the settings in the custom field (e.g. custom.sendIntervalSeconds). + // +optional + MetadataConfig MetadataConfig `json:"metadataConfig,omitempty,omitzero"` + // proxyUrl defines an optional proxy URL. + // If the cluster-wide proxy is enabled, it replaces the proxyUrl setting. + // The cluster-wide proxy supports both HTTP and HTTPS proxies, with HTTPS taking precedence. + // When omitted, no proxy is used. + // Must be a valid URL with http or https scheme. + // Must be between 1 and 2048 characters in length. + // +optional + // +kubebuilder:validation:MaxLength=2048 + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:XValidation:rule="isURL(self) && (url(self).getScheme() == 'http' || url(self).getScheme() == 'https')",message="must be a valid URL with http or https scheme" + ProxyURL string `json:"proxyUrl,omitempty"` + // queueConfig allows tuning configuration for remote write queue parameters. + // When omitted, default queue configuration is used. + // +optional + QueueConfig QueueConfig `json:"queueConfig,omitempty,omitzero"` + // remoteTimeoutSeconds defines the timeout in seconds for requests to the remote write endpoint. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // Minimum value is 1 second. + // Maximum value is 600 seconds (10 minutes). + // +optional + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=600 + RemoteTimeoutSeconds int32 `json:"remoteTimeoutSeconds,omitempty"` + // exemplarsMode controls whether exemplars are sent via remote write. + // Valid values are "Send", "DoNotSend" and omitted. + // When set to "Send", Prometheus is configured to store a maximum of 100,000 exemplars in memory and send them with remote write. + // Note that this setting only applies to user-defined monitoring. It is not applicable to default in-cluster monitoring. + // When omitted or set to "DoNotSend", exemplars are not sent. + // +optional + ExemplarsMode ExemplarsMode `json:"exemplarsMode,omitempty"` + // tlsConfig defines TLS authentication settings for the remote write endpoint. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // +optional + TLSConfig TLSConfig `json:"tlsConfig,omitempty,omitzero"` + // writeRelabelConfigs is a list of relabeling rules to apply before sending data to the remote endpoint. + // When omitted, no relabeling is performed and all metrics are sent as-is. + // Minimum of 1 and maximum of 10 relabeling rules can be specified. + // Each rule must have a unique name. + // +optional + // +kubebuilder:validation:MinItems=1 + // +kubebuilder:validation:MaxItems=10 + // +listType=map + // +listMapKey=name + WriteRelabelConfigs []RelabelConfig `json:"writeRelabelConfigs,omitempty"` +} + +// PrometheusRemoteWriteHeader defines a custom HTTP header for remote write requests. +// The header name must not be one of the reserved headers set by Prometheus (Host, Authorization, Content-Encoding, Content-Type, X-Prometheus-Remote-Write-Version, User-Agent, Connection, Keep-Alive, Proxy-Authenticate, Proxy-Authorization, WWW-Authenticate). +// Header names must contain only case-insensitive alphanumeric characters, hyphens (-), and underscores (_); other characters (e.g. emoji) are rejected by validation. +// Validation is enforced on the Headers field in RemoteWriteSpec. +type PrometheusRemoteWriteHeader struct { + // name is the HTTP header name. Must not be a reserved header (see type documentation). + // Must contain only alphanumeric characters, hyphens, and underscores; invalid characters are rejected. Must be between 1 and 256 characters. + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=256 + Name string `json:"name,omitempty"` + // value is the HTTP header value. Must be at most 4096 characters. + // +required + // +kubebuilder:validation:MinLength=0 + // +kubebuilder:validation:MaxLength=4096 + Value *string `json:"value,omitempty"` +} + +// BasicAuth defines basic authentication settings for the remote write endpoint URL. +type BasicAuth struct { + // username defines the secret reference containing the username for basic authentication. + // The secret must exist in the openshift-monitoring namespace. + // +required + Username SecretKeySelector `json:"username,omitzero,omitempty"` + // password defines the secret reference containing the password for basic authentication. + // The secret must exist in the openshift-monitoring namespace. + // +required + Password SecretKeySelector `json:"password,omitzero,omitempty"` +} + +// RemoteWriteAuthorizationType defines the authorization method for remote write endpoints. +// +kubebuilder:validation:Enum=BearerToken;BasicAuth;OAuth2;SigV4;SafeAuthorization;ServiceAccount +type RemoteWriteAuthorizationType string + +const ( + // RemoteWriteAuthorizationTypeBearerToken indicates bearer token from a secret. + RemoteWriteAuthorizationTypeBearerToken RemoteWriteAuthorizationType = "BearerToken" + // RemoteWriteAuthorizationTypeBasicAuth indicates HTTP basic authentication. + RemoteWriteAuthorizationTypeBasicAuth RemoteWriteAuthorizationType = "BasicAuth" + // RemoteWriteAuthorizationTypeOAuth2 indicates OAuth2 client credentials. + RemoteWriteAuthorizationTypeOAuth2 RemoteWriteAuthorizationType = "OAuth2" + // RemoteWriteAuthorizationTypeSigV4 indicates AWS Signature Version 4. + RemoteWriteAuthorizationTypeSigV4 RemoteWriteAuthorizationType = "SigV4" + // RemoteWriteAuthorizationTypeSafeAuthorization indicates authorization from a secret (Prometheus SafeAuthorization pattern). + // The secret key contains the credentials (e.g. a Bearer token). Use the safeAuthorization field. + RemoteWriteAuthorizationTypeSafeAuthorization RemoteWriteAuthorizationType = "SafeAuthorization" + // RemoteWriteAuthorizationTypeServiceAccount indicates use of the pod's service account token for machine identity. + // No additional field is required; the operator configures the token path. + RemoteWriteAuthorizationTypeServiceAccount RemoteWriteAuthorizationType = "ServiceAccount" +) + +// RemoteWriteAuthorization defines the authorization method for a remote write endpoint. +// Exactly one of the nested configs must be set according to the type discriminator. +// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'BearerToken' ? has(self.bearerToken) : !has(self.bearerToken)",message="bearerToken is required when type is BearerToken, and forbidden otherwise" +// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'BasicAuth' ? has(self.basicAuth) : !has(self.basicAuth)",message="basicAuth is required when type is BasicAuth, and forbidden otherwise" +// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'OAuth2' ? has(self.oauth2) : !has(self.oauth2)",message="oauth2 is required when type is OAuth2, and forbidden otherwise" +// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'SigV4' ? has(self.sigv4) : !has(self.sigv4)",message="sigv4 is required when type is SigV4, and forbidden otherwise" +// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'SafeAuthorization' ? has(self.safeAuthorization) : !has(self.safeAuthorization)",message="safeAuthorization is required when type is SafeAuthorization, and forbidden otherwise" +// +union +type RemoteWriteAuthorization struct { + // type specifies the authorization method to use. + // Allowed values are BearerToken, BasicAuth, OAuth2, SigV4, SafeAuthorization, ServiceAccount. + // + // When set to BearerToken, the bearer token is read from a Secret referenced by the bearerToken field. + // + // When set to BasicAuth, HTTP basic authentication is used; the basicAuth field (username and password from Secrets) must be set. + // + // When set to OAuth2, OAuth2 client credentials flow is used; the oauth2 field (clientId, clientSecret, tokenUrl) must be set. + // + // When set to SigV4, AWS Signature Version 4 is used for authentication; the sigv4 field must be set. + // + // When set to SafeAuthorization, credentials are read from a single Secret key (Prometheus SafeAuthorization pattern). The secret key typically contains a Bearer token. Use the safeAuthorization field. + // + // When set to ServiceAccount, the pod's service account token is used for machine identity. No additional field is required; the operator configures the token path. + // +unionDiscriminator + // +required + Type RemoteWriteAuthorizationType `json:"type,omitempty"` + // safeAuthorization defines the secret reference containing the credentials for authentication (e.g. Bearer token). + // Required when type is "SafeAuthorization", and forbidden otherwise. Maps to Prometheus SafeAuthorization. The secret must exist in the openshift-monitoring namespace. + // +unionMember + // +optional + SafeAuthorization *v1.SecretKeySelector `json:"safeAuthorization,omitempty"` + // bearerToken defines the secret reference containing the bearer token. + // Required when type is "BearerToken", and forbidden otherwise. + // +unionMember + // +optional + BearerToken SecretKeySelector `json:"bearerToken,omitempty,omitzero"` + // basicAuth defines HTTP basic authentication credentials. + // Required when type is "BasicAuth", and forbidden otherwise. + // +unionMember + // +optional + BasicAuth BasicAuth `json:"basicAuth,omitempty,omitzero"` + // oauth2 defines OAuth2 client credentials authentication. + // Required when type is "OAuth2", and forbidden otherwise. + // +unionMember + // +optional + OAuth2 OAuth2 `json:"oauth2,omitempty,omitzero"` + // sigv4 defines AWS Signature Version 4 authentication. + // Required when type is "SigV4", and forbidden otherwise. + // +unionMember + // +optional + Sigv4 Sigv4 `json:"sigv4,omitempty,omitzero"` +} + +// MetadataConfigSendPolicy defines whether to send metadata with platform defaults or with custom settings. +// +kubebuilder:validation:Enum=Default;Custom +type MetadataConfigSendPolicy string + +const ( + // MetadataConfigSendPolicyDefault indicates metadata is sent using platform-chosen defaults (e.g. send interval 30 seconds). + MetadataConfigSendPolicyDefault MetadataConfigSendPolicy = "Default" + // MetadataConfigSendPolicyCustom indicates metadata is sent using the settings in the custom field. + MetadataConfigSendPolicyCustom MetadataConfigSendPolicy = "Custom" +) + +// MetadataConfig defines whether and how to send series metadata to remote write storage. +// +kubebuilder:validation:XValidation:rule="self.sendPolicy == 'Default' ? self.custom.sendIntervalSeconds == 0 : true",message="custom is forbidden when sendPolicy is Default" +type MetadataConfig struct { + // sendPolicy specifies whether to send metadata and how it is configured. + // Default: send metadata using platform-chosen defaults (e.g. send interval 30 seconds). + // Custom: send metadata using the settings in the custom field. + // +required + SendPolicy MetadataConfigSendPolicy `json:"sendPolicy,omitempty"` + // custom defines custom metadata send settings. Required when sendPolicy is Custom (must have at least one property), and forbidden when sendPolicy is Default. + // +optional + Custom MetadataConfigCustom `json:"custom,omitempty,omitzero"` +} + +// MetadataConfigCustom defines custom settings for sending series metadata when sendPolicy is Custom. +// At least one property must be set when sendPolicy is Custom (e.g. sendIntervalSeconds). +// +kubebuilder:validation:MinProperties=1 +type MetadataConfigCustom struct { + // sendIntervalSeconds is the interval in seconds at which metadata is sent. + // When omitted, the platform chooses a reasonable default (e.g. 30 seconds). + // Minimum value is 1 second. Maximum value is 86400 seconds (24 hours). + // +optional + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=86400 + SendIntervalSeconds int32 `json:"sendIntervalSeconds,omitempty"` +} + +// OAuth2 defines OAuth2 authentication settings for the remote write endpoint. +type OAuth2 struct { + // clientId defines the secret reference containing the OAuth2 client ID. + // The secret must exist in the openshift-monitoring namespace. + // +required + ClientID SecretKeySelector `json:"clientId,omitzero,omitempty"` + // clientSecret defines the secret reference containing the OAuth2 client secret. + // The secret must exist in the openshift-monitoring namespace. + // +required + ClientSecret SecretKeySelector `json:"clientSecret,omitzero,omitempty"` + // tokenUrl is the URL to fetch the token from. + // Must be a valid URL with http or https scheme. + // Must be between 1 and 2048 characters in length. + // +required + // +kubebuilder:validation:MaxLength=2048 + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:XValidation:rule="isURL(self)",message="must be a valid URL" + // +kubebuilder:validation:XValidation:rule="!isURL(self) || url(self).getScheme() == 'http' || url(self).getScheme() == 'https'",message="must use http or https scheme" + TokenURL string `json:"tokenUrl,omitempty"` + // scopes is a list of OAuth2 scopes to request. + // When omitted, no scopes are requested. + // Maximum of 20 scopes can be specified. + // Each scope must be between 1 and 256 characters. + // +optional + // +kubebuilder:validation:MinItems=0 + // +kubebuilder:validation:MaxItems=20 + // +kubebuilder:validation:items:MinLength=1 + // +kubebuilder:validation:items:MaxLength=256 + // +listType=atomic + Scopes []string `json:"scopes,omitempty"` + // endpointParams defines additional parameters to append to the token URL. + // When omitted, no additional parameters are sent. + // Maximum of 20 parameters can be specified. Entries must have unique names (name is the list key). + // +optional + // +kubebuilder:validation:MinItems=0 + // +kubebuilder:validation:MaxItems=20 + // +listType=map + // +listMapKey=name + EndpointParams []OAuth2EndpointParam `json:"endpointParams,omitempty"` +} + +// OAuth2EndpointParam defines a name/value parameter for the OAuth2 token URL. +type OAuth2EndpointParam struct { + // name is the parameter name. Must be between 1 and 256 characters. + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=256 + Name string `json:"name,omitempty"` + // value is the optional parameter value. When omitted, the query parameter is applied as ?name (no value). + // When set (including to the empty string), it is applied as ?name=value. Empty string may be used when the + // external system expects a parameter with an empty value (e.g. ?parameter=""). + // Must be between 0 and 2048 characters when present (aligned with common URL length recommendations). + // +optional + // +kubebuilder:validation:MinLength=0 + // +kubebuilder:validation:MaxLength=2048 + Value *string `json:"value,omitempty"` +} + +// QueueConfig allows tuning configuration for remote write queue parameters. +// Configure this when you need to control throughput, backpressure, or retry behavior—for example to avoid overloading the remote endpoint, to reduce memory usage, or to tune for high-cardinality workloads. Consider capacity, maxShards, and batchSendDeadlineSeconds for throughput; minBackoffMilliseconds and maxBackoffMilliseconds for retries; and rateLimitedAction when the remote returns HTTP 429. +// +kubebuilder:validation:MinProperties=1 +type QueueConfig struct { + // capacity is the number of samples to buffer per shard before we start dropping them. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The default value is 10000. + // Minimum value is 1. + // Maximum value is 1000000. + // +optional + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=1000000 + Capacity int32 `json:"capacity,omitempty"` + // maxShards is the maximum number of shards, i.e. amount of concurrency. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The default value is 200. + // Minimum value is 1. + // Maximum value is 10000. + // +optional + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=10000 + MaxShards int32 `json:"maxShards,omitempty"` + // minShards is the minimum number of shards, i.e. amount of concurrency. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The default value is 1. + // Minimum value is 1. + // Maximum value is 10000. + // +optional + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=10000 + MinShards int32 `json:"minShards,omitempty"` + // maxSamplesPerSend is the maximum number of samples per send. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The default value is 1000. + // Minimum value is 1. + // Maximum value is 100000. + // +optional + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=100000 + MaxSamplesPerSend int32 `json:"maxSamplesPerSend,omitempty"` + // batchSendDeadlineSeconds is the maximum time in seconds a sample will wait in buffer before being sent. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // Minimum value is 1 second. + // Maximum value is 3600 seconds (1 hour). + // +optional + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=3600 + BatchSendDeadlineSeconds int32 `json:"batchSendDeadlineSeconds,omitempty"` + // minBackoffMilliseconds is the minimum retry delay in milliseconds. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // Minimum value is 1 millisecond. + // Maximum value is 3600000 milliseconds (1 hour). + // +optional + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=3600000 + MinBackoffMilliseconds int32 `json:"minBackoffMilliseconds,omitempty"` + // maxBackoffMilliseconds is the maximum retry delay in milliseconds. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // Minimum value is 1 millisecond. + // Maximum value is 3600000 milliseconds (1 hour). + // +optional + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=3600000 + MaxBackoffMilliseconds int32 `json:"maxBackoffMilliseconds,omitempty"` + // rateLimitedAction controls what to do when the remote write endpoint returns HTTP 429 (Too Many Requests). + // When omitted, no retries are performed on rate limit responses. + // When set to "Retry", Prometheus will retry such requests using the backoff settings above. + // Valid value when set is "Retry". + // +optional + RateLimitedAction RateLimitedAction `json:"rateLimitedAction,omitempty"` +} + +// Sigv4 defines AWS Signature Version 4 authentication settings. +// At least one of region, accessKey/secretKey, profile, or roleArn must be set so the platform can perform authentication. +// +kubebuilder:validation:MinProperties=1 +type Sigv4 struct { + // region is the AWS region. + // When omitted, the region is derived from the environment or instance metadata. + // Must be between 1 and 128 characters. + // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=128 + Region string `json:"region,omitempty"` + // accessKey defines the secret reference containing the AWS access key ID. + // The secret must exist in the openshift-monitoring namespace. + // When omitted, the access key is derived from the environment or instance metadata. + // +optional + AccessKey SecretKeySelector `json:"accessKey,omitempty,omitzero"` + // secretKey defines the secret reference containing the AWS secret access key. + // The secret must exist in the openshift-monitoring namespace. + // When omitted, the secret key is derived from the environment or instance metadata. + // +optional + SecretKey SecretKeySelector `json:"secretKey,omitempty,omitzero"` + // profile is the named AWS profile used to authenticate. + // When omitted, the default profile is used. + // Must be between 1 and 128 characters. + // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=128 + Profile string `json:"profile,omitempty"` + // roleArn is the AWS Role ARN, an alternative to using AWS API keys. + // When omitted, API keys are used for authentication. + // Must be a valid AWS ARN format (e.g., "arn:aws:iam::123456789012:role/MyRole"). + // Must be between 1 and 512 characters. + // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=512 + // +kubebuilder:validation:XValidation:rule=`self.startsWith('arn:aws') && self.matches('^arn:aws(-[a-z]+)?:iam::[0-9]{12}:role/.+$')`,message="must be a valid AWS IAM role ARN (e.g., arn:aws:iam::123456789012:role/MyRole)" + RoleArn string `json:"roleArn,omitempty"` +} + +// RelabelConfig represents a relabeling rule. +type RelabelConfig struct { + // name is a unique identifier for this relabel configuration. + // Must contain only alphanumeric characters, hyphens, and underscores. + // Must be between 1 and 63 characters in length. + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=63 + // +kubebuilder:validation:XValidation:rule="self.matches('^[a-zA-Z0-9_-]+$')",message="must contain only alphanumeric characters, hyphens, and underscores" + Name string `json:"name,omitempty"` + + // sourceLabels specifies which label names to extract from each series for this relabeling rule. + // The values of these labels are joined together using the configured separator, + // and the resulting string is then matched against the regular expression. + // If a referenced label does not exist on a series, Prometheus substitutes an empty string. + // When omitted, the rule operates without extracting source labels (useful for actions like labelmap). + // Minimum of 1 and maximum of 10 source labels can be specified, each between 1 and 128 characters. + // Each entry must be unique. + // Label names beginning with "__" (two underscores) are reserved for internal Prometheus use and are not allowed. + // Label names SHOULD start with a letter (a-z, A-Z) or underscore (_), followed by zero or more letters, digits (0-9), or underscores for best compatibility. + // While Prometheus supports UTF-8 characters in label names (since v3.0.0), using the recommended character set + // ensures better compatibility with the wider ecosystem (tooling, third-party instrumentation, etc.). + // +optional + // +kubebuilder:validation:MinItems=1 + // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:items:MinLength=1 + // +kubebuilder:validation:items:MaxLength=128 + // +kubebuilder:validation:items:XValidation:rule="!self.startsWith('__')",message="label names beginning with '__' (two underscores) are reserved for internal Prometheus use and are not allowed" + // +listType=set + SourceLabels []string `json:"sourceLabels,omitempty"` + + // separator is the character sequence used to join source label values. + // Common examples: ";", ",", "::", "|||". + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The default value is ";". + // Must be between 1 and 5 characters in length when specified. + // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=5 + Separator string `json:"separator,omitempty"` + + // regex is the regular expression to match against the concatenated source label values. + // Must be a valid RE2 regular expression (https://github.com/google/re2/wiki/Syntax). + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The default value is "(.*)" to match everything. + // Must be between 1 and 1000 characters in length when specified. + // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=1000 + Regex string `json:"regex,omitempty"` + + // action defines the action to perform on the matched labels and its configuration. + // Exactly one action-specific configuration must be specified based on the action type. + // +required + Action RelabelActionConfig `json:"action,omitzero"` +} + +// RelabelActionConfig represents the action to perform and its configuration. +// Exactly one action-specific configuration must be specified based on the action type. +// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'Replace' ? has(self.replace) : !has(self.replace)",message="replace is required when type is Replace, and forbidden otherwise" +// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'HashMod' ? has(self.hashMod) : !has(self.hashMod)",message="hashMod is required when type is HashMod, and forbidden otherwise" +// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'Lowercase' ? has(self.lowercase) : !has(self.lowercase)",message="lowercase is required when type is Lowercase, and forbidden otherwise" +// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'Uppercase' ? has(self.uppercase) : !has(self.uppercase)",message="uppercase is required when type is Uppercase, and forbidden otherwise" +// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'KeepEqual' ? has(self.keepEqual) : !has(self.keepEqual)",message="keepEqual is required when type is KeepEqual, and forbidden otherwise" +// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'DropEqual' ? has(self.dropEqual) : !has(self.dropEqual)",message="dropEqual is required when type is DropEqual, and forbidden otherwise" +// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'LabelMap' ? has(self.labelMap) : !has(self.labelMap)",message="labelMap is required when type is LabelMap, and forbidden otherwise" +// +union +type RelabelActionConfig struct { + // type specifies the action to perform on the matched labels. + // Allowed values are Replace, Lowercase, Uppercase, Keep, Drop, KeepEqual, DropEqual, HashMod, LabelMap, LabelDrop, LabelKeep. + // + // When set to Replace, regex is matched against the concatenated source_labels; target_label is set to replacement with match group references (${1}, ${2}, ...) substituted. If regex does not match, no replacement takes place. + // + // When set to Lowercase, the concatenated source_labels are mapped to their lower case. Requires Prometheus >= v2.36.0. + // + // When set to Uppercase, the concatenated source_labels are mapped to their upper case. Requires Prometheus >= v2.36.0. + // + // When set to Keep, targets for which regex does not match the concatenated source_labels are dropped. + // + // When set to Drop, targets for which regex matches the concatenated source_labels are dropped. + // + // When set to KeepEqual, targets for which the concatenated source_labels do not match target_label are dropped. Requires Prometheus >= v2.41.0. + // + // When set to DropEqual, targets for which the concatenated source_labels do match target_label are dropped. Requires Prometheus >= v2.41.0. + // + // When set to HashMod, target_label is set to the modulus of a hash of the concatenated source_labels. + // + // When set to LabelMap, regex is matched against all source label names (not just source_labels); matching label values are copied to new names given by replacement with ${1}, ${2}, ... substituted. + // + // When set to LabelDrop, regex is matched against all label names; any label that matches is removed. + // + // When set to LabelKeep, regex is matched against all label names; any label that does not match is removed. + // +required + // +unionDiscriminator + Type RelabelAction `json:"type,omitempty"` + + // replace configures the Replace action. + // Required when type is Replace, and forbidden otherwise. + // +unionMember + // +optional + Replace ReplaceActionConfig `json:"replace,omitempty,omitzero"` + + // hashMod configures the HashMod action. + // Required when type is HashMod, and forbidden otherwise. + // +unionMember + // +optional + HashMod HashModActionConfig `json:"hashMod,omitempty,omitzero"` + + // labelMap configures the LabelMap action. + // Required when type is LabelMap, and forbidden otherwise. + // +unionMember + // +optional + LabelMap LabelMapActionConfig `json:"labelMap,omitempty,omitzero"` + + // lowercase configures the Lowercase action. + // Required when type is Lowercase, and forbidden otherwise. + // Requires Prometheus >= v2.36.0. + // +unionMember + // +optional + Lowercase LowercaseActionConfig `json:"lowercase,omitempty,omitzero"` + + // uppercase configures the Uppercase action. + // Required when type is Uppercase, and forbidden otherwise. + // Requires Prometheus >= v2.36.0. + // +unionMember + // +optional + Uppercase UppercaseActionConfig `json:"uppercase,omitempty,omitzero"` + + // keepEqual configures the KeepEqual action. + // Required when type is KeepEqual, and forbidden otherwise. + // Requires Prometheus >= v2.41.0. + // +unionMember + // +optional + KeepEqual KeepEqualActionConfig `json:"keepEqual,omitempty,omitzero"` + + // dropEqual configures the DropEqual action. + // Required when type is DropEqual, and forbidden otherwise. + // Requires Prometheus >= v2.41.0. + // +unionMember + // +optional + DropEqual DropEqualActionConfig `json:"dropEqual,omitempty,omitzero"` +} + +// ReplaceActionConfig configures the Replace action. +// Regex is matched against the concatenated source_labels; target_label is set to replacement with match group references (${1}, ${2}, ...) substituted. No replacement if regex does not match. +type ReplaceActionConfig struct { + // targetLabel is the label name where the replacement result is written. + // Must be between 1 and 128 characters in length. + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=128 + TargetLabel string `json:"targetLabel,omitempty"` + + // replacement is the value written to target_label when regex matches; match group references (${1}, ${2}, ...) are substituted. + // Required when using the Replace action so the intended behavior is explicit and the platform does not need to apply defaults. + // Use "$1" for the first capture group, "$2" for the second, etc. Use an empty string ("") to explicitly clear the target label value. + // Must be between 0 and 255 characters in length. + // +required + // +kubebuilder:validation:MinLength=0 + // +kubebuilder:validation:MaxLength=255 + Replacement *string `json:"replacement,omitempty"` +} + +// HashModActionConfig configures the HashMod action. +// target_label is set to the modulus of a hash of the concatenated source_labels (target = hash % modulus). +type HashModActionConfig struct { + // targetLabel is the label name where the hash modulus result is written. + // Must be between 1 and 128 characters in length. + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=128 + TargetLabel string `json:"targetLabel,omitempty"` + + // modulus is the divisor applied to the hash of the concatenated source label values (target = hash % modulus). + // Required when using the HashMod action so the intended behavior is explicit. + // Must be between 1 and 1000000. + // +required + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=1000000 + Modulus int64 `json:"modulus,omitempty"` +} + +// LowercaseActionConfig configures the Lowercase action. +// Maps the concatenated source_labels to their lower case and writes to target_label. +// Requires Prometheus >= v2.36.0. +type LowercaseActionConfig struct { + // targetLabel is the label name where the lower-cased value is written. + // Must be between 1 and 128 characters in length. + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=128 + TargetLabel string `json:"targetLabel,omitempty"` +} + +// UppercaseActionConfig configures the Uppercase action. +// Maps the concatenated source_labels to their upper case and writes to target_label. +// Requires Prometheus >= v2.36.0. +type UppercaseActionConfig struct { + // targetLabel is the label name where the upper-cased value is written. + // Must be between 1 and 128 characters in length. + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=128 + TargetLabel string `json:"targetLabel,omitempty"` +} + +// KeepEqualActionConfig configures the KeepEqual action. +// Drops targets for which the concatenated source_labels do not match the value of target_label. +// Requires Prometheus >= v2.41.0. +type KeepEqualActionConfig struct { + // targetLabel is the label name whose value is compared to the concatenated source_labels; targets that do not match are dropped. + // Must be between 1 and 128 characters in length. + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=128 + TargetLabel string `json:"targetLabel,omitempty"` +} + +// DropEqualActionConfig configures the DropEqual action. +// Drops targets for which the concatenated source_labels do match the value of target_label. +// Requires Prometheus >= v2.41.0. +type DropEqualActionConfig struct { + // targetLabel is the label name whose value is compared to the concatenated source_labels; targets that match are dropped. + // Must be between 1 and 128 characters in length. + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=128 + TargetLabel string `json:"targetLabel,omitempty"` +} + +// LabelMapActionConfig configures the LabelMap action. +// Regex is matched against all source label names (not just source_labels). Matching label values are copied to new label names given by replacement, with match group references (${1}, ${2}, ...) substituted. +type LabelMapActionConfig struct { + // replacement is the template for new label names; match group references (${1}, ${2}, ...) are substituted from the matched label name. + // Required when using the LabelMap action so the intended behavior is explicit and the platform does not need to apply defaults. + // Use "$1" for the first capture group, "$2" for the second, etc. + // Must be between 1 and 255 characters in length. Empty string is invalid as it would produce invalid label names. + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=255 + Replacement string `json:"replacement,omitempty"` +} + +// TLSConfig represents TLS configuration for Alertmanager connections. +// At least one TLS configuration option must be specified. +// For mutual TLS (mTLS), both cert and key must be specified together, or both omitted. +// +kubebuilder:validation:MinProperties=1 +// +kubebuilder:validation:XValidation:rule="(has(self.cert) && has(self.key)) || (!has(self.cert) && !has(self.key))",message="cert and key must both be specified together for mutual TLS, or both be omitted" +type TLSConfig struct { + // ca is an optional CA certificate to use for TLS connections. + // When omitted, the system's default CA bundle is used. + // +optional + CA SecretKeySelector `json:"ca,omitempty,omitzero"` + // cert is an optional client certificate to use for mutual TLS connections. + // When omitted, no client certificate is presented. + // +optional + Cert SecretKeySelector `json:"cert,omitempty,omitzero"` + // key is an optional client key to use for mutual TLS connections. + // When omitted, no client key is used. + // +optional + Key SecretKeySelector `json:"key,omitempty,omitzero"` + // serverName is an optional server name to use for TLS connections. + // When specified, must be a valid DNS subdomain as per RFC 1123. + // When omitted, the server name is derived from the URL. + // Must be between 1 and 253 characters in length. + // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=253 + // +kubebuilder:validation:XValidation:rule="!format.dns1123Subdomain().validate(self).hasValue()",message="must be a valid DNS subdomain (lowercase alphanumeric characters, '-' or '.', start and end with alphanumeric)" + ServerName string `json:"serverName,omitempty"` + // certificateVerification determines the policy for TLS certificate verification. + // Allowed values are "Verify" (performs certificate verification, secure) and "SkipVerify" (skips verification, insecure). + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The default value is "Verify". // +optional - VolumeClaimTemplate *v1.PersistentVolumeClaim `json:"volumeClaimTemplate,omitempty"` + CertificateVerification CertificateVerificationType `json:"certificateVerification,omitempty"` } -// AlertManagerDeployMode defines the deployment state of the platform Alertmanager instance. -// -// Possible values: -// - "Disabled": The Alertmanager instance will not be deployed. -// - "DefaultConfig": The Alertmanager instance will be deployed with default settings. -// - "CustomConfig": The Alertmanager instance will be deployed with custom configuration. -// +kubebuilder:validation:Enum=Disabled;DefaultConfig;CustomConfig -type AlertManagerDeployMode string +// CertificateVerificationType defines the TLS certificate verification policy. +// +kubebuilder:validation:Enum=Verify;SkipVerify +type CertificateVerificationType string const ( - // AlertManagerModeDisabled means the Alertmanager instance will not be deployed. - AlertManagerDeployModeDisabled AlertManagerDeployMode = "Disabled" - // AlertManagerModeDefaultConfig means the Alertmanager instance will be deployed with default settings. - AlertManagerDeployModeDefaultConfig AlertManagerDeployMode = "DefaultConfig" - // AlertManagerModeCustomConfig means the Alertmanager instance will be deployed with custom configuration. - AlertManagerDeployModeCustomConfig AlertManagerDeployMode = "CustomConfig" + // CertificateVerificationVerify performs certificate verification (secure, recommended). + CertificateVerificationVerify CertificateVerificationType = "Verify" + // CertificateVerificationSkipVerify skips certificate verification (insecure, use with caution). + CertificateVerificationSkipVerify CertificateVerificationType = "SkipVerify" ) -// logLevel defines the verbosity of logs emitted by Alertmanager. -// Valid values are Error, Warn, Info and Debug. -// +kubebuilder:validation:Enum=Error;Warn;Info;Debug -type LogLevel string +// AuthorizationType defines the type of authentication to use. +// +kubebuilder:validation:Enum=BearerToken +type AuthorizationType string const ( - // Error only errors will be logged. - LogLevelError LogLevel = "Error" - // Warn, both warnings and errors will be logged. - LogLevelWarn LogLevel = "Warn" - // Info, general information, warnings, and errors will all be logged. - LogLevelInfo LogLevel = "Info" - // Debug, detailed debugging information will be logged. - LogLevelDebug LogLevel = "Debug" + // AuthorizationTypeBearerToken indicates bearer token authentication. + AuthorizationTypeBearerToken AuthorizationType = "BearerToken" ) -// ContainerResource defines a single resource requirement for a container. -// +kubebuilder:validation:XValidation:rule="has(self.request) || has(self.limit)",message="at least one of request or limit must be set" -// +kubebuilder:validation:XValidation:rule="!(has(self.request) && has(self.limit)) || quantity(self.limit).compareTo(quantity(self.request)) >= 0",message="limit must be greater than or equal to request" -type ContainerResource struct { - // name of the resource (e.g. "cpu", "memory", "hugepages-2Mi"). - // This field is required. - // name must consist only of alphanumeric characters, `-`, `_` and `.` and must start and end with an alphanumeric character. +// AuthorizationConfig defines the authentication method for Alertmanager connections. +// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'BearerToken' ? has(self.bearerToken) : !has(self.bearerToken)",message="bearerToken is required when type is BearerToken" +// +union +type AuthorizationConfig struct { + // type specifies the authentication type to use. + // Valid value is "BearerToken" (bearer token authentication). + // When set to BearerToken, the bearerToken field must be specified. + // +unionDiscriminator + // +required + Type AuthorizationType `json:"type,omitempty"` + // bearerToken defines the secret reference containing the bearer token. + // Required when type is "BearerToken", and forbidden otherwise. + // The secret must exist in the openshift-monitoring namespace. + // +optional + BearerToken SecretKeySelector `json:"bearerToken,omitempty,omitzero"` +} + +// SecretKeySelector selects a key of a Secret in the `openshift-monitoring` namespace. +// +structType=atomic +type SecretKeySelector struct { + // name is the name of the secret in the `openshift-monitoring` namespace to select from. + // Must be a valid Kubernetes secret name (lowercase alphanumeric, '-' or '.', start/end with alphanumeric). + // Must be between 1 and 253 characters in length. // +required // +kubebuilder:validation:MinLength=1 // +kubebuilder:validation:MaxLength=253 - // +kubebuilder:validation:XValidation:rule="!format.qualifiedName().validate(self).hasValue()",message="name must consist only of alphanumeric characters, `-`, `_` and `.` and must start and end with an alphanumeric character" + // +kubebuilder:validation:XValidation:rule="!format.dns1123Subdomain().validate(self).hasValue()",message="must be a valid secret name (lowercase alphanumeric characters, '-' or '.', start and end with alphanumeric)" Name string `json:"name,omitempty"` - - // request is the minimum amount of the resource required (e.g. "2Mi", "1Gi"). - // This field is optional. - // When limit is specified, request cannot be greater than limit. - // +optional - // +kubebuilder:validation:XIntOrString - // +kubebuilder:validation:MaxLength=20 + // key is the key of the secret to select from. + // Must consist of alphanumeric characters, '-', '_', or '.'. + // Must be between 1 and 253 characters in length. + // +required // +kubebuilder:validation:MinLength=1 - // +kubebuilder:validation:XValidation:rule="isQuantity(self) && quantity(self).isGreaterThan(quantity('0'))",message="request must be a positive, non-zero quantity" - Request resource.Quantity `json:"request,omitempty"` + // +kubebuilder:validation:MaxLength=253 + // +kubebuilder:validation:XValidation:rule="self.matches('^[a-zA-Z0-9._-]+$')",message="must contain only alphanumeric characters, '-', '_', or '.'" + Key string `json:"key,omitempty"` +} - // limit is the maximum amount of the resource allowed (e.g. "2Mi", "1Gi"). - // This field is optional. - // When request is specified, limit cannot be less than request. - // The value must be greater than 0 when specified. +// Retention configures how long Prometheus retains metrics data and how much storage it can use. +// +kubebuilder:validation:MinProperties=1 +type Retention struct { + // TOMBSTONE: This field has been tombstoned in favor of the `duration` field. This tombstone will be dropped when promoting this API to v1. + // --- + // durationInDays specifies how many days Prometheus will retain metrics data. + // Prometheus automatically deletes data older than this duration. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The default value is 15. + // Minimum value is 1 day. + // Maximum value is 365 days (1 year). + // Former marker: kubebuilder:validation:Minimum=1 + // Former marker: kubebuilder:validation:Maximum=365 + // Former marker: optional + // DurationInDays int32 `json:"durationInDays,omitempty"` + + // TOMBSTONE: This field has been tombstoned in favor of the `size` field. This tombstone will be dropped when promoting this API to v1. + // --- + // sizeInGiB specifies the maximum storage size in gibibytes (GiB) that Prometheus + // can use for data blocks and the write-ahead log (WAL). + // When the limit is reached, Prometheus will delete oldest data first. + // When omitted, no size limit is enforced and Prometheus uses available PersistentVolume capacity. + // Minimum value is 1 GiB. + // Maximum value is 16384 GiB (16 TiB). + // Former marker: kubebuilder:validation:Minimum=1 + // Former marker: kubebuilder:validation:Maximum=16384 + // Former marker: optional + // SizeInGiB int32 `json:"sizeInGiB,omitempty"` + + // duration is an optional field that specifies how long Prometheus retains metrics data. + // Valid values are Prometheus-style duration strings with unit suffixes y, w, d, h, m, s, or ms + // (for example, "15d", "24h", or "5d1h30m"). Each unit value must be a positive integer. + // Composite durations must follow the fixed unit order y, w, d, h, m, s, ms. + // Must be at least 1 character and at most 64 characters. + // When set to "0", time-based retention is disabled. This is the only supported form for disabling + // time-based retention; other zero-duration representations such as "0d", "0h", or "0y" are rejected. + // Prometheus automatically deletes data older than this duration. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The current default value is `15d`. + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=64 + // +kubebuilder:validation:XValidation:rule=`self == "0" || self.matches('^([1-9][0-9]*y)?([1-9][0-9]*w)?([1-9][0-9]*d)?([1-9][0-9]*h)?([1-9][0-9]*m)?([1-9][0-9]*s)?([1-9][0-9]*ms)?$')`,message=`must be "0" to disable time-based retention, or a duration string with only positive unit values` // +optional - // +kubebuilder:validation:XIntOrString - // +kubebuilder:validation:MaxLength=20 + Duration string `json:"duration,omitempty"` + + // size is an optional field that specifies the maximum storage size that Prometheus + // can use for data blocks and the write-ahead log (WAL). + // Valid values are byte-size strings with an optional decimal prefix and a unit suffix B, KB, MB, GB, + // TB, EB, PB, or their binary equivalents KiB, MiB, GiB, TiB, EiB, PiB (for example, "500MiB", "10GiB"). + // The numeric value must be greater than zero. + // Must be at least 1 character and at most 32 characters. + // When set to "0", no size limit is enforced. This is the only supported form for disabling size-based + // retention; other zero-size representations such as "0B" or "0MiB" are rejected. + // When the limit is reached, Prometheus deletes oldest data first. + // When omitted, no size limit is enforced and Prometheus uses available PersistentVolume capacity. // +kubebuilder:validation:MinLength=1 - // +kubebuilder:validation:XValidation:rule="isQuantity(self) && quantity(self).isGreaterThan(quantity('0'))",message="limit must be a positive, non-zero quantity" - Limit resource.Quantity `json:"limit,omitempty"` + // +kubebuilder:validation:MaxLength=32 + // +kubebuilder:validation:XValidation:rule=`self == "0" || self.matches('^([1-9][0-9]*([.][0-9]+)?|[0-9]*[.][1-9][0-9]*)((K|M|G|T|E|P)i?)?B$')`,message=`must be "0" to disable size-based retention, or a positive byte-size string` + // +optional + Size string `json:"size,omitempty"` } -// SecretName is a type that represents the name of a Secret in the same namespace. -// It must be at most 253 characters in length. -// +kubebuilder:validation:XValidation:rule="!format.dns1123Subdomain().validate(self).hasValue()",message="a lowercase RFC 1123 subdomain must consist of lower case alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character." -// +kubebuilder:validation:MaxLength=63 -type SecretName string +// RelabelAction defines the action to perform in a relabeling rule. +// +kubebuilder:validation:Enum=Replace;Keep;Drop;HashMod;LabelMap;LabelDrop;LabelKeep;Lowercase;Uppercase;KeepEqual;DropEqual +type RelabelAction string -// MetricsServerConfig provides configuration options for the Metrics Server instance -// that runs in the `openshift-monitoring` namespace. Use this configuration to control -// how the Metrics Server instance is deployed, how it logs, and how its pods are scheduled. +const ( + // RelabelActionReplace: match regex against concatenated source_labels; set target_label to replacement with ${1}, ${2}, ... substituted. No replacement if regex does not match. + RelabelActionReplace RelabelAction = "Replace" + // RelabelActionLowercase: map the concatenated source_labels to their lower case. + RelabelActionLowercase RelabelAction = "Lowercase" + // RelabelActionUppercase: map the concatenated source_labels to their upper case. + RelabelActionUppercase RelabelAction = "Uppercase" + // RelabelActionKeep: drop targets for which regex does not match the concatenated source_labels. + RelabelActionKeep RelabelAction = "Keep" + // RelabelActionDrop: drop targets for which regex matches the concatenated source_labels. + RelabelActionDrop RelabelAction = "Drop" + // RelabelActionKeepEqual: drop targets for which the concatenated source_labels do not match target_label. + RelabelActionKeepEqual RelabelAction = "KeepEqual" + // RelabelActionDropEqual: drop targets for which the concatenated source_labels do match target_label. + RelabelActionDropEqual RelabelAction = "DropEqual" + // RelabelActionHashMod: set target_label to the modulus of a hash of the concatenated source_labels. + RelabelActionHashMod RelabelAction = "HashMod" + // RelabelActionLabelMap: match regex against all source label names; copy matching label values to new names given by replacement with ${1}, ${2}, ... substituted. + RelabelActionLabelMap RelabelAction = "LabelMap" + // RelabelActionLabelDrop: match regex against all label names; any label that matches is removed. + RelabelActionLabelDrop RelabelAction = "LabelDrop" + // RelabelActionLabelKeep: match regex against all label names; any label that does not match is removed. + RelabelActionLabelKeep RelabelAction = "LabelKeep" +) + +// CollectionProfile defines the metrics collection profile for Prometheus. +// +kubebuilder:validation:Enum=Full;Minimal +type CollectionProfile string + +const ( + // CollectionProfileFull means Prometheus collects all metrics that are exposed by the platform components. + CollectionProfileFull CollectionProfile = "Full" + // CollectionProfileMinimal means Prometheus only collects metrics necessary for the default + // platform alerts, recording rules, telemetry and console dashboards. + CollectionProfileMinimal CollectionProfile = "Minimal" +) + +// TelemeterClientConfig provides configuration options for the Telemeter Client component +// that runs in the `openshift-monitoring` namespace. The Telemeter Client collects selected +// monitoring metrics and forwards them to Red Hat for telemetry purposes. +// At least one field must be specified. // +kubebuilder:validation:MinProperties=1 -type MetricsServerConfig struct { - // audit defines the audit configuration used by the Metrics Server instance. - // audit is optional. - // When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. - //The current default sets audit.profile to Metadata - // +optional - Audit Audit `json:"audit,omitempty,omitzero"` - // nodeSelector defines the nodes on which the Pods are scheduled +type TelemeterClientConfig struct { + // nodeSelector defines the nodes on which the Pods are scheduled. // nodeSelector is optional. // // When omitted, this means the user has no opinion and the platform is left // to choose reasonable defaults. These defaults are subject to change over time. // The current default value is `kubernetes.io/os: linux`. + // When specified, nodeSelector must contain at least 1 entry and must not contain more than 10 entries. // +optional // +kubebuilder:validation:MinProperties=1 // +kubebuilder:validation:MaxProperties=10 NodeSelector map[string]string `json:"nodeSelector,omitempty"` - // tolerations defines tolerations for the pods. - // tolerations is optional. - // - // When omitted, this means the user has no opinion and the platform is left - // to choose reasonable defaults. These defaults are subject to change over time. - // Defaults are empty/unset. - // Maximum length for this list is 10. - // Minimum length for this list is 1. - // +kubebuilder:validation:MaxItems=10 - // +kubebuilder:validation:MinItems=1 - // +listType=atomic - // +optional - Tolerations []v1.Toleration `json:"tolerations,omitempty"` - // verbosity defines the verbosity of log messages for Metrics Server. - // Valid values are Errors, Info, Trace, TraceAll and omitted. - // When set to Errors, only critical messages and errors are logged. - // When set to Info, only basic information messages are logged. - // When set to Trace, information useful for general debugging is logged. - // When set to TraceAll, detailed information about metric scraping is logged. - // When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. - // The current default value is `Errors` - // +optional - Verbosity VerbosityLevel `json:"verbosity,omitempty,omitzero"` - // resources defines the compute resource requests and limits for the Metrics Server container. + // resources defines the compute resource requests and limits for the Telemeter Client container. // This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. // When not specified, defaults are used by the platform. Requests cannot exceed limits. // This field is optional. @@ -388,21 +2398,34 @@ type MetricsServerConfig struct { // The current default values are: // resources: // - name: cpu - // request: 4m + // request: 1m // limit: null // - name: memory // request: 40Mi // limit: null - // Maximum length for this list is 10. + // Maximum length for this list is 5. // Minimum length for this list is 1. // Each resource name must be unique within this list. // +optional // +listType=map // +listMapKey=name - // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:MaxItems=5 // +kubebuilder:validation:MinItems=1 Resources []ContainerResource `json:"resources,omitempty"` - // topologySpreadConstraints defines rules for how Metrics Server Pods should be distributed + // tolerations defines tolerations for the pods. + // tolerations is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // Defaults are empty/unset. + // Maximum length for this list is 10. + // Minimum length for this list is 1. + // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:MinItems=1 + // +listType=atomic + // +optional + Tolerations []v1.Toleration `json:"tolerations,omitempty"` + // topologySpreadConstraints defines rules for how Telemeter Client Pods should be distributed // across topology domains such as zones, nodes, or other user-defined labels. // topologySpreadConstraints is optional. // This helps improve high availability and resource efficiency by avoiding placing @@ -423,13 +2446,13 @@ type MetricsServerConfig struct { TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` } -// PrometheusOperatorConfig provides configuration options for the Prometheus Operator instance -// Use this configuration to control how the Prometheus Operator instance is deployed, how it logs, and how its pods are scheduled. +// ThanosQuerierConfig provides configuration options for the Thanos Querier component +// that runs in the `openshift-monitoring` namespace. +// At least one field must be specified; an empty thanosQuerierConfig object is not allowed. // +kubebuilder:validation:MinProperties=1 -type PrometheusOperatorConfig struct { - // logLevel defines the verbosity of logs emitted by Prometheus Operator. - // This field allows users to control the amount and severity of logs generated, which can be useful - // for debugging issues or reducing noise in production environments. +type ThanosQuerierConfig struct { + // logLevel defines the verbosity of logs emitted by Thanos Querier. + // logLevel is optional. // Allowed values are Error, Warn, Info, and Debug. // When set to Error, only errors will be logged. // When set to Warn, both warnings and errors will be logged. @@ -439,7 +2462,24 @@ type PrometheusOperatorConfig struct { // The current default value is `Info`. // +optional LogLevel LogLevel `json:"logLevel,omitempty"` - // nodeSelector defines the nodes on which the Pods are scheduled + // requestLogging configures request logging for Thanos Querier. + // requestLogging is optional. + // When provided, the policy field within is required. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. + // The current default behavior is to not log any requests. + // +optional + RequestLogging ThanosQuerierRequestLoggingConfig `json:"requestLogging,omitempty,omitzero"` + // crossOriginRequestPolicy configures the CORS (Cross-Origin Resource Sharing) policy + // for Thanos Querier's HTTP endpoints. + // crossOriginRequestPolicy is optional. + // Valid values are "AllowAll" and "DenyAll". + // When set to "AllowAll", CORS headers are added to responses, allowing cross-origin requests from any domain. + // When set to "DenyAll", no CORS headers are added and cross-origin requests are rejected by the browser. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. + // The current default value is "DenyAll". + // +optional + CrossOriginRequestPolicy CrossOriginRequestPolicy `json:"crossOriginRequestPolicy,omitempty"` + // nodeSelector defines the nodes on which the Pods are scheduled. // nodeSelector is optional. // // When omitted, this means the user has no opinion and the platform is left @@ -450,27 +2490,27 @@ type PrometheusOperatorConfig struct { // +kubebuilder:validation:MinProperties=1 // +kubebuilder:validation:MaxProperties=10 NodeSelector map[string]string `json:"nodeSelector,omitempty"` - // resources defines the compute resource requests and limits for the Prometheus Operator container. - // This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. - // When not specified, defaults are used by the platform. Requests cannot exceed limits. - // This field is optional. + // resources defines the compute resource requests and limits for the Thanos Querier container. + // resources is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // Requests cannot exceed limits. // More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ // This is a simplified API that maps to Kubernetes ResourceRequirements. // The current default values are: // resources: // - name: cpu - // request: 4m - // limit: null + // request: 5m // - name: memory - // request: 40Mi - // limit: null - // Maximum length for this list is 10. + // request: 12Mi + // Maximum length for this list is 5. // Minimum length for this list is 1. // Each resource name must be unique within this list. // +optional // +listType=map // +listMapKey=name - // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:MaxItems=5 // +kubebuilder:validation:MinItems=1 Resources []ContainerResource `json:"resources,omitempty"` // tolerations defines tolerations for the pods. @@ -486,7 +2526,7 @@ type PrometheusOperatorConfig struct { // +listType=atomic // +optional Tolerations []v1.Toleration `json:"tolerations,omitempty"` - // topologySpreadConstraints defines rules for how Prometheus Operator Pods should be distributed + // topologySpreadConstraints defines rules for how Thanos Querier Pods should be distributed // across topology domains such as zones, nodes, or other user-defined labels. // topologySpreadConstraints is optional. // This helps improve high availability and resource efficiency by avoiding placing @@ -494,7 +2534,7 @@ type PrometheusOperatorConfig struct { // // When omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. // This field maps directly to the `topologySpreadConstraints` field in the Pod spec. - // Default is empty list. + // Defaults are empty/unset. // Maximum length for this list is 10. // Minimum length for this list is 1. // Entries must have unique topologyKey and whenUnsatisfiable pairs. @@ -507,6 +2547,42 @@ type PrometheusOperatorConfig struct { TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` } +// ThanosQuerierRequestLoggingConfig configures request logging for Thanos Querier. +type ThanosQuerierRequestLoggingConfig struct { + // policy determines which HTTP and gRPC requests are logged by Thanos Querier. + // Valid values are "AllRequests" and "NoRequests". + // When set to "AllRequests", every request received by Thanos Querier is logged with method, path, and response status. + // The log level for request logs is derived from the logLevel field. + // When set to "NoRequests", request logging is turned off. + // +required + Policy RequestLoggingPolicy `json:"policy,omitempty"` +} + +// RequestLoggingPolicy controls which HTTP and gRPC requests are logged. +// Valid values are "AllRequests" and "NoRequests". +// +kubebuilder:validation:Enum=AllRequests;NoRequests +type RequestLoggingPolicy string + +const ( + // RequestLoggingPolicyAllRequests enables logging of all incoming requests. + RequestLoggingPolicyAllRequests RequestLoggingPolicy = "AllRequests" + // RequestLoggingPolicyNoRequests disables request logging. + RequestLoggingPolicyNoRequests RequestLoggingPolicy = "NoRequests" +) + +// CrossOriginRequestPolicy controls the CORS (Cross-Origin Resource Sharing) policy +// for Thanos Querier's HTTP endpoints. +// Valid values are "AllowAll" and "DenyAll". +// +kubebuilder:validation:Enum=AllowAll;DenyAll +type CrossOriginRequestPolicy string + +const ( + // CrossOriginRequestPolicyAllowAll sets CORS headers allowing requests from any origin. + CrossOriginRequestPolicyAllowAll CrossOriginRequestPolicy = "AllowAll" + // CrossOriginRequestPolicyDenyAll does not set CORS headers, rejecting cross-origin requests. + CrossOriginRequestPolicyDenyAll CrossOriginRequestPolicy = "DenyAll" +) + // AuditProfile defines the audit log level for the Metrics Server. // +kubebuilder:validation:Enum=None;Metadata;Request;RequestResponse type AuditProfile string @@ -537,6 +2613,27 @@ const ( VerbosityLevelTraceAll VerbosityLevel = "TraceAll" ) +// ExemplarsMode defines whether exemplars are sent via remote write. +// +kubebuilder:validation:Enum=Send;DoNotSend +type ExemplarsMode string + +const ( + // ExemplarsModeSend means exemplars are sent via remote write. + ExemplarsModeSend ExemplarsMode = "Send" + // ExemplarsModeDoNotSend means exemplars are not sent via remote write. + ExemplarsModeDoNotSend ExemplarsMode = "DoNotSend" +) + +// RateLimitedAction defines what to do when the remote write endpoint returns HTTP 429 (Too Many Requests). +// Omission of this field means do not retry. When set, the only valid value is Retry. +// +kubebuilder:validation:Enum=Retry +type RateLimitedAction string + +const ( + // RateLimitedActionRetry means requests will be retried on HTTP 429 responses. + RateLimitedActionRetry RateLimitedAction = "Retry" +) + // Audit profile configurations type Audit struct { // profile is a required field for configuring the audit log level of the Kubernetes Metrics Server. @@ -551,3 +2648,154 @@ type Audit struct { // +required Profile AuditProfile `json:"profile,omitempty"` } + +// KubeStateMetricsConfig provides configuration options for the kube-state-metrics agent +// that runs in the `openshift-monitoring` namespace. kube-state-metrics generates metrics +// about the state of Kubernetes objects such as Deployments, Nodes, and Pods. +// +kubebuilder:validation:MinProperties=1 +type KubeStateMetricsConfig struct { + // nodeSelector defines the nodes on which the Pods are scheduled. + // nodeSelector is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // The current default value is `kubernetes.io/os: linux`. + // When specified, nodeSelector must contain at least 1 entry and must not contain more than 10 entries. + // +optional + // +kubebuilder:validation:MinProperties=1 + // +kubebuilder:validation:MaxProperties=10 + NodeSelector map[string]string `json:"nodeSelector,omitempty"` + // resources defines the compute resource requests and limits for the kube-state-metrics container. + // This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. + // When not specified, defaults are used by the platform. Requests cannot exceed limits. + // This field is optional. + // More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + // This is a simplified API that maps to Kubernetes ResourceRequirements. + // The current default values are: + // resources: + // - name: cpu + // request: 4m + // limit: null + // - name: memory + // request: 40Mi + // limit: null + // Maximum length for this list is 5. + // Minimum length for this list is 1. + // Each resource name must be unique within this list. + // +optional + // +listType=map + // +listMapKey=name + // +kubebuilder:validation:MaxItems=5 + // +kubebuilder:validation:MinItems=1 + Resources []ContainerResource `json:"resources,omitempty"` + // tolerations defines tolerations for the pods. + // tolerations is optional. + // + // When omitted, no tolerations are applied. This default is subject to change over time. + // When specified, tolerations must contain at least 1 entry and must not contain more than 10 entries. + // Each toleration's operator, when specified, must be either "Exists" or "Equal". + // Each toleration's effect, when specified, must be one of "NoSchedule", "PreferNoSchedule", or "NoExecute". + // An empty or unset effect means match all effects. + // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:MinItems=1 + // +listType=atomic + // +kubebuilder:validation:XValidation:rule="self.all(t, !has(t.operator) || t.operator == 'Exists' || t.operator == 'Equal')",message="operator must be either Exists or Equal" + // +kubebuilder:validation:XValidation:rule="self.all(t, !has(t.effect) || t.effect == 'NoSchedule' || t.effect == 'PreferNoSchedule' || t.effect == 'NoExecute' || t.effect == '')",message="effect must be NoSchedule, PreferNoSchedule, NoExecute, or empty" + // +optional + Tolerations []v1.Toleration `json:"tolerations,omitempty"` + // topologySpreadConstraints defines rules for how kube-state-metrics Pods should be distributed + // across topology domains such as zones, nodes, or other user-defined labels. + // topologySpreadConstraints is optional. + // This helps improve high availability and resource efficiency by avoiding placing + // too many replicas in the same failure domain. + // + // This field maps directly to the `topologySpreadConstraints` field in the Pod spec. + // When omitted, no topology spread constraints are applied. This default is subject to change over time. + // When specified, topologySpreadConstraints must contain at least 1 entry and must not contain more than 10 entries. + // Entries must have unique topologyKey and whenUnsatisfiable pairs. + // Each entry's whenUnsatisfiable must be either "DoNotSchedule" or "ScheduleAnyway". + // Each entry's maxSkew must be at least 1. + // When minDomains is specified, it must be at least 1 and whenUnsatisfiable must be "DoNotSchedule". + // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:MinItems=1 + // +listType=map + // +listMapKey=topologyKey + // +listMapKey=whenUnsatisfiable + // +kubebuilder:validation:XValidation:rule="self.all(c, c.whenUnsatisfiable == 'DoNotSchedule' || c.whenUnsatisfiable == 'ScheduleAnyway')",message="whenUnsatisfiable must be either DoNotSchedule or ScheduleAnyway" + // +kubebuilder:validation:XValidation:rule="self.all(c, c.maxSkew >= 1)",message="maxSkew must be at least 1" + // +kubebuilder:validation:XValidation:rule="self.all(c, !has(c.minDomains) || c.minDomains >= 1)",message="minDomains must be at least 1" + // +kubebuilder:validation:XValidation:rule="self.all(c, !has(c.minDomains) || c.whenUnsatisfiable == 'DoNotSchedule')",message="minDomains can only be used when whenUnsatisfiable is DoNotSchedule" + // +optional + TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` + // additionalResourceLabels defines additional Kubernetes resource labels to expose as metrics + // in kube-state-metrics. + // Currently, only "Job" and "CronJob" resources are supported due to cardinality concerns. + // Each entry specifies a resource name and a list of Kubernetes label names to expose. + // Use "*" in the labels list to expose all labels for a given resource. + // additionalResourceLabels is optional. + // When omitted, no additional Kubernetes object labels are exposed as metrics + // by kube-state-metrics beyond its built-in metric labels (e.g. namespace, job_name). + // Use this field to opt in to exposing specific Kubernetes labels as metric labels + // for the supported resource types. + // Minimum length for this list is 1. + // Maximum length for this list is 2. + // Each resource name must be unique within this list. + // +optional + // +kubebuilder:validation:MaxItems=2 + // +kubebuilder:validation:MinItems=1 + // +listType=map + // +listMapKey=resource + AdditionalResourceLabels []KubeStateMetricsResourceLabels `json:"additionalResourceLabels,omitempty"` +} + +// KubeStateMetricsResourceName is the name of a Kubernetes resource whose labels can be exposed +// as metrics by kube-state-metrics. Currently, only "Job" and "CronJob" are supported +// due to cardinality concerns. +// Valid values are "Job" and "CronJob". +// +kubebuilder:validation:Enum=Job;CronJob +type KubeStateMetricsResourceName string + +const ( + // KubeStateMetricsResourceJob indicates the Kubernetes Job resource. + KubeStateMetricsResourceJob KubeStateMetricsResourceName = "Job" + // KubeStateMetricsResourceCronJob indicates the Kubernetes CronJob resource. + KubeStateMetricsResourceCronJob KubeStateMetricsResourceName = "CronJob" +) + +// KubeStateMetricsLabelName is the name of a Kubernetes label to expose as a metric +// via kube-state-metrics. Use "*" to expose all labels for a resource. +// Must be either the wildcard "*" or a valid Kubernetes label key. +// A valid label key has an optional DNS subdomain prefix followed by a "/" and a name segment, +// or just a name segment without a prefix. The name segment must be 63 characters or fewer, +// beginning and ending with an alphanumeric character, with dashes, underscores, dots, and +// alphanumerics in between. +// Must be at least 1 character and at most 253 characters in length. +// +kubebuilder:validation:MinLength=1 +// +kubebuilder:validation:MaxLength=253 +// +kubebuilder:validation:XValidation:rule="self == '*' || !format.qualifiedName().validate(self).hasValue()",message="must be a valid Kubernetes label key or the wildcard '*'" +type KubeStateMetricsLabelName string + +// KubeStateMetricsResourceLabels defines which Kubernetes labels to expose as metrics +// for a given resource type in kube-state-metrics. +type KubeStateMetricsResourceLabels struct { + // resource is the Kubernetes resource name whose labels should be exposed as metrics. + // Currently, only "Job" and "CronJob" are supported due to cardinality concerns. + // Valid values are "Job" and "CronJob". + // This field is required. + // +required + Resource KubeStateMetricsResourceName `json:"resource,omitempty"` + // labels is the list of Kubernetes label names to expose as metrics for this resource. + // Use "*" to expose all labels for the specified resource. + // When "*" is specified, it must be the only entry in the list; mixing "*" with + // specific label names is not allowed. + // This field is required. + // Each label name must be unique within this list. + // Minimum length for this list is 1. + // Maximum length for this list is 50. + // +required + // +kubebuilder:validation:MinItems=1 + // +kubebuilder:validation:MaxItems=50 + // +listType=set + // +kubebuilder:validation:XValidation:rule="!self.exists(l, l == '*') || self.size() == 1",message="when '*' is specified, no other labels may be listed" + Labels []KubeStateMetricsLabelName `json:"labels,omitempty"` +} diff --git a/vendor/github.com/openshift/api/config/v1alpha1/types_image_policy.go b/vendor/github.com/openshift/api/config/v1alpha1/types_image_policy.go deleted file mode 100644 index 977ca3dde..000000000 --- a/vendor/github.com/openshift/api/config/v1alpha1/types_image_policy.go +++ /dev/null @@ -1,289 +0,0 @@ -package v1alpha1 - -import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - -// +genclient -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// ImagePolicy holds namespace-wide configuration for image signature verification -// -// Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. -// +kubebuilder:object:root=true -// +kubebuilder:resource:path=imagepolicies,scope=Namespaced -// +kubebuilder:subresource:status -// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/1457 -// +openshift:file-pattern=cvoRunLevel=0000_10,operatorName=config-operator,operatorOrdering=01 -// +openshift:enable:FeatureGate=SigstoreImageVerification -// +openshift:compatibility-gen:level=4 -type ImagePolicy struct { - metav1.TypeMeta `json:",inline"` - - // metadata is the standard object's metadata. - // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata - metav1.ObjectMeta `json:"metadata,omitempty"` - - // spec holds user settable values for configuration - // +required - Spec ImagePolicySpec `json:"spec"` - // status contains the observed state of the resource. - // +optional - Status ImagePolicyStatus `json:"status,omitempty"` -} - -// ImagePolicySpec is the specification of the ImagePolicy CRD. -type ImagePolicySpec struct { - // scopes defines the list of image identities assigned to a policy. Each item refers to a scope in a registry implementing the "Docker Registry HTTP API V2". - // Scopes matching individual images are named Docker references in the fully expanded form, either using a tag or digest. For example, docker.io/library/busybox:latest (not busybox:latest). - // More general scopes are prefixes of individual-image scopes, and specify a repository (by omitting the tag or digest), a repository - // namespace, or a registry host (by only specifying the host name and possibly a port number) or a wildcard expression starting with `*.`, for matching all subdomains (not including a port number). - // Wildcards are only supported for subdomain matching, and may not be used in the middle of the host, i.e. *.example.com is a valid case, but example*.*.com is not. - // If multiple scopes match a given image, only the policy requirements for the most specific scope apply. The policy requirements for more general scopes are ignored. - // In addition to setting a policy appropriate for your own deployed applications, make sure that a policy on the OpenShift image repositories - // quay.io/openshift-release-dev/ocp-release, quay.io/openshift-release-dev/ocp-v4.0-art-dev (or on a more general scope) allows deployment of the OpenShift images required for cluster operation. - // If a scope is configured in both the ClusterImagePolicy and the ImagePolicy, or if the scope in ImagePolicy is nested under one of the scopes from the ClusterImagePolicy, only the policy from the ClusterImagePolicy will be applied. - // For additional details about the format, please refer to the document explaining the docker transport field, - // which can be found at: https://github.com/containers/image/blob/main/docs/containers-policy.json.5.md#docker - // +required - // +kubebuilder:validation:MaxItems=256 - // +listType=set - Scopes []ImageScope `json:"scopes"` - // policy contains configuration to allow scopes to be verified, and defines how - // images not matching the verification policy will be treated. - // +required - Policy ImageSigstoreVerificationPolicy `json:"policy"` -} - -// +kubebuilder:validation:XValidation:rule="size(self.split('/')[0].split('.')) == 1 ? self.split('/')[0].split('.')[0].split(':')[0] == 'localhost' : true",message="invalid image scope format, scope must contain a fully qualified domain name or 'localhost'" -// +kubebuilder:validation:XValidation:rule=`self.contains('*') ? self.matches('^\\*(?:\\.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]))+$') : true`,message="invalid image scope with wildcard, a wildcard can only be at the start of the domain and is only supported for subdomain matching, not path matching" -// +kubebuilder:validation:XValidation:rule=`!self.contains('*') ? self.matches('^((((?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])(?:\\.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]))+(?::[0-9]+)?)|(localhost(?::[0-9]+)?))(?:(?:/[a-z0-9]+(?:(?:(?:[._]|__|[-]*)[a-z0-9]+)+)?)+)?)(?::([\\w][\\w.-]{0,127}))?(?:@([A-Za-z][A-Za-z0-9]*(?:[-_+.][A-Za-z][A-Za-z0-9]*)*[:][[:xdigit:]]{32,}))?$') : true`,message="invalid repository namespace or image specification in the image scope" -// +kubebuilder:validation:MaxLength=512 -type ImageScope string - -// ImageSigstoreVerificationPolicy defines the verification policy for the items in the scopes list. -type ImageSigstoreVerificationPolicy struct { - // rootOfTrust specifies the root of trust for the policy. - // +required - RootOfTrust PolicyRootOfTrust `json:"rootOfTrust"` - // signedIdentity specifies what image identity the signature claims about the image. The required matchPolicy field specifies the approach used in the verification process to verify the identity in the signature and the actual image identity, the default matchPolicy is "MatchRepoDigestOrExact". - // +optional - SignedIdentity PolicyIdentity `json:"signedIdentity,omitempty"` -} - -// PolicyRootOfTrust defines the root of trust based on the selected policyType. -// +union -// +kubebuilder:validation:XValidation:rule="has(self.policyType) && self.policyType == 'PublicKey' ? has(self.publicKey) : !has(self.publicKey)",message="publicKey is required when policyType is PublicKey, and forbidden otherwise" -// +kubebuilder:validation:XValidation:rule="has(self.policyType) && self.policyType == 'FulcioCAWithRekor' ? has(self.fulcioCAWithRekor) : !has(self.fulcioCAWithRekor)",message="fulcioCAWithRekor is required when policyType is FulcioCAWithRekor, and forbidden otherwise" -// +openshift:validation:FeatureGateAwareXValidation:featureGate=SigstoreImageVerificationPKI,rule="has(self.policyType) && self.policyType == 'PKI' ? has(self.pki) : !has(self.pki)",message="pki is required when policyType is PKI, and forbidden otherwise" -type PolicyRootOfTrust struct { - // policyType serves as the union's discriminator. Users are required to assign a value to this field, choosing one of the policy types that define the root of trust. - // "PublicKey" indicates that the policy relies on a sigstore publicKey and may optionally use a Rekor verification. - // "FulcioCAWithRekor" indicates that the policy is based on the Fulcio certification and incorporates a Rekor verification. - // "PKI" indicates that the policy is based on the certificates from Bring Your Own Public Key Infrastructure (BYOPKI). This value is enabled by turning on the SigstoreImageVerificationPKI feature gate. - // +unionDiscriminator - // +required - PolicyType PolicyType `json:"policyType"` - // publicKey defines the root of trust based on a sigstore public key. - // +optional - PublicKey *ImagePolicyPublicKeyRootOfTrust `json:"publicKey,omitempty"` - // fulcioCAWithRekor defines the root of trust based on the Fulcio certificate and the Rekor public key. - // For more information about Fulcio and Rekor, please refer to the document at: - // https://github.com/sigstore/fulcio and https://github.com/sigstore/rekor - // +optional - FulcioCAWithRekor *ImagePolicyFulcioCAWithRekorRootOfTrust `json:"fulcioCAWithRekor,omitempty"` - // pki defines the root of trust based on Bring Your Own Public Key Infrastructure (BYOPKI) Root CA(s) and corresponding intermediate certificates. - // +optional - // +openshift:enable:FeatureGate=SigstoreImageVerificationPKI - PKI *ImagePolicyPKIRootOfTrust `json:"pki,omitempty"` -} - -// +openshift:validation:FeatureGateAwareEnum:featureGate="",enum=PublicKey;FulcioCAWithRekor -// +openshift:validation:FeatureGateAwareEnum:featureGate=SigstoreImageVerificationPKI,enum=PublicKey;FulcioCAWithRekor;PKI -type PolicyType string - -const ( - PublicKeyRootOfTrust PolicyType = "PublicKey" - FulcioCAWithRekorRootOfTrust PolicyType = "FulcioCAWithRekor" - PKIRootOfTrust PolicyType = "PKI" -) - -// ImagePolicyPublicKeyRootOfTrust defines the root of trust based on a sigstore public key. -type ImagePolicyPublicKeyRootOfTrust struct { - // keyData contains inline base64-encoded data for the PEM format public key. - // KeyData must be at most 8192 characters. - // +required - // +kubebuilder:validation:MaxLength=8192 - KeyData []byte `json:"keyData"` - // rekorKeyData contains inline base64-encoded data for the PEM format from the Rekor public key. - // rekorKeyData must be at most 8192 characters. - // +optional - // +kubebuilder:validation:MaxLength=8192 - RekorKeyData []byte `json:"rekorKeyData,omitempty"` -} - -// ImagePolicyFulcioCAWithRekorRootOfTrust defines the root of trust based on the Fulcio certificate and the Rekor public key. -type ImagePolicyFulcioCAWithRekorRootOfTrust struct { - // fulcioCAData contains inline base64-encoded data for the PEM format fulcio CA. - // fulcioCAData must be at most 8192 characters. - // +required - // +kubebuilder:validation:MaxLength=8192 - FulcioCAData []byte `json:"fulcioCAData"` - // rekorKeyData contains inline base64-encoded data for the PEM format from the Rekor public key. - // rekorKeyData must be at most 8192 characters. - // +required - // +kubebuilder:validation:MaxLength=8192 - RekorKeyData []byte `json:"rekorKeyData"` - // fulcioSubject specifies OIDC issuer and the email of the Fulcio authentication configuration. - // +required - FulcioSubject PolicyFulcioSubject `json:"fulcioSubject"` -} - -// PolicyFulcioSubject defines the OIDC issuer and the email of the Fulcio authentication configuration. -type PolicyFulcioSubject struct { - // oidcIssuer contains the expected OIDC issuer. It will be verified that the Fulcio-issued certificate contains a (Fulcio-defined) certificate extension pointing at this OIDC issuer URL. When Fulcio issues certificates, it includes a value based on an URL inside the client-provided ID token. - // Example: "https://expected.OIDC.issuer/" - // +required - // +kubebuilder:validation:XValidation:rule="isURL(self)",message="oidcIssuer must be a valid URL" - OIDCIssuer string `json:"oidcIssuer"` - // signedEmail holds the email address the the Fulcio certificate is issued for. - // Example: "expected-signing-user@example.com" - // +required - // +kubebuilder:validation:XValidation:rule=`self.matches('^\\S+@\\S+$')`,message="invalid email address" - SignedEmail string `json:"signedEmail"` -} - -// ImagePolicyPKIRootOfTrust defines the root of trust based on Root CA(s) and corresponding intermediate certificates. -type ImagePolicyPKIRootOfTrust struct { - // caRootsData contains base64-encoded data of a certificate bundle PEM file, which contains one or more CA roots in the PEM format. The total length of the data must not exceed 8192 characters. - // +required - // +kubebuilder:validation:MaxLength=8192 - // +kubebuilder:validation:XValidation:rule="string(self).startsWith('-----BEGIN CERTIFICATE-----')",message="the caRootsData must start with base64 encoding of '-----BEGIN CERTIFICATE-----'." - // +kubebuilder:validation:XValidation:rule="string(self).endsWith('-----END CERTIFICATE-----\\n') || string(self).endsWith('-----END CERTIFICATE-----')",message="the caRootsData must end with base64 encoding of '-----END CERTIFICATE-----'." - // +kubebuilder:validation:XValidation:rule="string(self).findAll('-----BEGIN CERTIFICATE-----').size() == string(self).findAll('-----END CERTIFICATE-----').size()",message="caRootsData must be base64 encoding of valid PEM format data contain the same number of '-----BEGIN CERTIFICATE-----' and '-----END CERTIFICATE-----' markers." - CertificateAuthorityRootsData []byte `json:"caRootsData"` - // caIntermediatesData contains base64-encoded data of a certificate bundle PEM file, which contains one or more intermediate certificates in the PEM format. The total length of the data must not exceed 8192 characters. - // caIntermediatesData requires caRootsData to be set. - // +optional - // +kubebuilder:validation:XValidation:rule="string(self).startsWith('-----BEGIN CERTIFICATE-----')",message="the caIntermediatesData must start with base64 encoding of '-----BEGIN CERTIFICATE-----'." - // +kubebuilder:validation:XValidation:rule="string(self).endsWith('-----END CERTIFICATE-----\\n') || string(self).endsWith('-----END CERTIFICATE-----')",message="the caIntermediatesData must end with base64 encoding of '-----END CERTIFICATE-----'." - // +kubebuilder:validation:XValidation:rule="string(self).findAll('-----BEGIN CERTIFICATE-----').size() == string(self).findAll('-----END CERTIFICATE-----').size()",message="caIntermediatesData must be base64 encoding of valid PEM format data contain the same number of '-----BEGIN CERTIFICATE-----' and '-----END CERTIFICATE-----' markers." - // +kubebuilder:validation:MaxLength=8192 - CertificateAuthorityIntermediatesData []byte `json:"caIntermediatesData,omitempty"` - - // pkiCertificateSubject defines the requirements imposed on the subject to which the certificate was issued. - // +required - PKICertificateSubject PKICertificateSubject `json:"pkiCertificateSubject"` -} - -// PKICertificateSubject defines the requirements imposed on the subject to which the certificate was issued. -// +kubebuilder:validation:XValidation:rule="has(self.email) || has(self.hostname)", message="at least one of email or hostname must be set in pkiCertificateSubject" -// +openshift:enable:FeatureGate=SigstoreImageVerificationPKI -type PKICertificateSubject struct { - // email specifies the expected email address imposed on the subject to which the certificate was issued, and must match the email address listed in the Subject Alternative Name (SAN) field of the certificate. - // The email should be a valid email address and at most 320 characters in length. - // +optional - // +kubebuilder:validation:MaxLength:=320 - // +kubebuilder:validation:XValidation:rule=`self.matches('^\\S+@\\S+$')`,message="invalid email address in pkiCertificateSubject" - Email string `json:"email,omitempty"` - // hostname specifies the expected hostname imposed on the subject to which the certificate was issued, and it must match the hostname listed in the Subject Alternative Name (SAN) DNS field of the certificate. - // The hostname should be a valid dns 1123 subdomain name, optionally prefixed by '*.', and at most 253 characters in length. - // It should consist only of lowercase alphanumeric characters, hyphens, periods and the optional preceding asterisk. - // +optional - // +kubebuilder:validation:MaxLength:=253 - // +kubebuilder:validation:XValidation:rule="self.startsWith('*.') ? !format.dns1123Subdomain().validate(self.replace('*.', '', 1)).hasValue() : !format.dns1123Subdomain().validate(self).hasValue()",message="hostname should be a valid dns 1123 subdomain name, optionally prefixed by '*.'. It should consist only of lowercase alphanumeric characters, hyphens, periods and the optional preceding asterisk." - Hostname string `json:"hostname,omitempty"` -} - -// PolicyIdentity defines image identity the signature claims about the image. When omitted, the default matchPolicy is "MatchRepoDigestOrExact". -// +kubebuilder:validation:XValidation:rule="(has(self.matchPolicy) && self.matchPolicy == 'ExactRepository') ? has(self.exactRepository) : !has(self.exactRepository)",message="exactRepository is required when matchPolicy is ExactRepository, and forbidden otherwise" -// +kubebuilder:validation:XValidation:rule="(has(self.matchPolicy) && self.matchPolicy == 'RemapIdentity') ? has(self.remapIdentity) : !has(self.remapIdentity)",message="remapIdentity is required when matchPolicy is RemapIdentity, and forbidden otherwise" -// +union -type PolicyIdentity struct { - // matchPolicy sets the type of matching to be used. - // Valid values are "MatchRepoDigestOrExact", "MatchRepository", "ExactRepository", "RemapIdentity". When omitted, the default value is "MatchRepoDigestOrExact". - // If set matchPolicy to ExactRepository, then the exactRepository must be specified. - // If set matchPolicy to RemapIdentity, then the remapIdentity must be specified. - // "MatchRepoDigestOrExact" means that the identity in the signature must be in the same repository as the image identity if the image identity is referenced by a digest. Otherwise, the identity in the signature must be the same as the image identity. - // "MatchRepository" means that the identity in the signature must be in the same repository as the image identity. - // "ExactRepository" means that the identity in the signature must be in the same repository as a specific identity specified by "repository". - // "RemapIdentity" means that the signature must be in the same as the remapped image identity. Remapped image identity is obtained by replacing the "prefix" with the specified “signedPrefix” if the the image identity matches the specified remapPrefix. - // +unionDiscriminator - // +required - MatchPolicy IdentityMatchPolicy `json:"matchPolicy"` - // exactRepository is required if matchPolicy is set to "ExactRepository". - // +optional - PolicyMatchExactRepository *PolicyMatchExactRepository `json:"exactRepository,omitempty"` - // remapIdentity is required if matchPolicy is set to "RemapIdentity". - // +optional - PolicyMatchRemapIdentity *PolicyMatchRemapIdentity `json:"remapIdentity,omitempty"` -} - -// +kubebuilder:validation:MaxLength=512 -// +kubebuilder:validation:XValidation:rule=`self.matches('.*:([\\w][\\w.-]{0,127})$')? self.matches('^(localhost:[0-9]+)$'): true`,message="invalid repository or prefix in the signedIdentity, should not include the tag or digest" -// +kubebuilder:validation:XValidation:rule=`self.matches('^(((?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])(?:\\.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]))+(?::[0-9]+)?)|(localhost(?::[0-9]+)?))(?:(?:/[a-z0-9]+(?:(?:(?:[._]|__|[-]*)[a-z0-9]+)+)?)+)?$')`,message="invalid repository or prefix in the signedIdentity" -type IdentityRepositoryPrefix string - -type PolicyMatchExactRepository struct { - // repository is the reference of the image identity to be matched. - // The value should be a repository name (by omitting the tag or digest) in a registry implementing the "Docker Registry HTTP API V2". For example, docker.io/library/busybox - // +required - Repository IdentityRepositoryPrefix `json:"repository"` -} - -type PolicyMatchRemapIdentity struct { - // prefix is the prefix of the image identity to be matched. - // If the image identity matches the specified prefix, that prefix is replaced by the specified “signedPrefix” (otherwise it is used as unchanged and no remapping takes place). - // This useful when verifying signatures for a mirror of some other repository namespace that preserves the vendor’s repository structure. - // The prefix and signedPrefix values can be either host[:port] values (matching exactly the same host[:port], string), repository namespaces, - // or repositories (i.e. they must not contain tags/digests), and match as prefixes of the fully expanded form. - // For example, docker.io/library/busybox (not busybox) to specify that single repository, or docker.io/library (not an empty string) to specify the parent namespace of docker.io/library/busybox. - // +required - Prefix IdentityRepositoryPrefix `json:"prefix"` - // signedPrefix is the prefix of the image identity to be matched in the signature. The format is the same as "prefix". The values can be either host[:port] values (matching exactly the same host[:port], string), repository namespaces, - // or repositories (i.e. they must not contain tags/digests), and match as prefixes of the fully expanded form. - // For example, docker.io/library/busybox (not busybox) to specify that single repository, or docker.io/library (not an empty string) to specify the parent namespace of docker.io/library/busybox. - // +required - SignedPrefix IdentityRepositoryPrefix `json:"signedPrefix"` -} - -// IdentityMatchPolicy defines the type of matching for "matchPolicy". -// +kubebuilder:validation:Enum=MatchRepoDigestOrExact;MatchRepository;ExactRepository;RemapIdentity -type IdentityMatchPolicy string - -const ( - IdentityMatchPolicyMatchRepoDigestOrExact IdentityMatchPolicy = "MatchRepoDigestOrExact" - IdentityMatchPolicyMatchRepository IdentityMatchPolicy = "MatchRepository" - IdentityMatchPolicyExactRepository IdentityMatchPolicy = "ExactRepository" - IdentityMatchPolicyRemapIdentity IdentityMatchPolicy = "RemapIdentity" -) - -// +k8s:deepcopy-gen=true -type ImagePolicyStatus struct { - // conditions provide details on the status of this API Resource. - // +listType=map - // +listMapKey=type - // +optional - Conditions []metav1.Condition `json:"conditions,omitempty"` -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// ImagePolicyList is a list of ImagePolicy resources -// -// Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. -// +openshift:compatibility-gen:level=4 -type ImagePolicyList struct { - metav1.TypeMeta `json:",inline"` - - // metadata is the standard list's metadata. - // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata - metav1.ListMeta `json:"metadata"` - - Items []ImagePolicy `json:"items"` -} - -const ( - // ImagePolicyPending indicates that the customer resource contains a policy that cannot take effect. It is either overwritten by a global policy or the image scope is not valid. - ImagePolicyPending = "Pending" - // ImagePolicyApplied indicates that the policy has been applied - ImagePolicyApplied = "Applied" -) diff --git a/vendor/github.com/openshift/api/config/v1alpha1/types_insights.go b/vendor/github.com/openshift/api/config/v1alpha1/types_insights.go index bef31b905..43546d03b 100644 --- a/vendor/github.com/openshift/api/config/v1alpha1/types_insights.go +++ b/vendor/github.com/openshift/api/config/v1alpha1/types_insights.go @@ -59,6 +59,7 @@ type GatherConfig struct { // "oc get insightsoperators.operator.openshift.io cluster -o json | jq '.status.gatherStatus.gatherers[].name'" // An example of disabling gatherers looks like this: `disabledGatherers: ["clusterconfig/machine_configs", "workloads/workload_info"]` // +kubebuilder:validation:MaxItems=100 + // +listType=atomic // +optional DisabledGatherers []DisabledGatherer `json:"disabledGatherers"` // storage is an optional field that allows user to define persistent storage for gathering jobs to store the Insights data archive. diff --git a/vendor/github.com/openshift/api/config/v1alpha1/types_pki.go b/vendor/github.com/openshift/api/config/v1alpha1/types_pki.go new file mode 100644 index 000000000..c5be8b5bc --- /dev/null +++ b/vendor/github.com/openshift/api/config/v1alpha1/types_pki.go @@ -0,0 +1,274 @@ +package v1alpha1 + +import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + +// PKI configures cryptographic parameters for certificates generated +// internally by OpenShift components. +// +// Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. +// +// +genclient +// +genclient:nonNamespaced +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +// +kubebuilder:object:root=true +// +kubebuilder:resource:path=pkis,scope=Cluster +// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/2645 +// +openshift:file-pattern=cvoRunLevel=0000_10,operatorName=config-operator,operatorOrdering=01 +// +openshift:enable:FeatureGate=ConfigurablePKI +// +openshift:compatibility-gen:level=4 +type PKI struct { + metav1.TypeMeta `json:",inline"` + + // metadata is the standard object's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + // +optional + metav1.ObjectMeta `json:"metadata,omitempty"` + + // spec holds user settable values for configuration + // +required + Spec PKISpec `json:"spec,omitzero"` +} + +// PKISpec holds the specification for PKI configuration. +type PKISpec struct { + // certificateManagement specifies how PKI configuration is managed for internally-generated certificates. + // This controls the certificate generation approach for all OpenShift components that create + // certificates internally, including certificate authorities, serving certificates, and client certificates. + // + // +required + CertificateManagement PKICertificateManagement `json:"certificateManagement,omitzero"` +} + +// PKICertificateManagement determines whether components use hardcoded defaults (Unmanaged), follow +// OpenShift best practices (Default), or use administrator-specified cryptographic parameters (Custom). +// This provides flexibility for organizations with specific compliance requirements or security policies +// while maintaining backwards compatibility for existing clusters. +// +// +kubebuilder:validation:XValidation:rule="self.mode == 'Custom' ? has(self.custom) : !has(self.custom)",message="custom is required when mode is Custom, and forbidden otherwise" +// +union +type PKICertificateManagement struct { + // mode determines how PKI configuration is managed. + // Valid values are "Unmanaged", "Default", and "Custom". + // + // When set to Unmanaged, components use their existing hardcoded certificate + // generation behavior, exactly as if this feature did not exist. Each component + // generates certificates using whatever parameters it was using before this + // feature. While most components use RSA 2048, some may use different + // parameters. Use of this mode might prevent upgrading to the next major + // OpenShift release. + // + // When set to Default, OpenShift-recommended best practices for certificate + // generation are applied. The specific parameters may evolve across OpenShift + // releases to adopt improved cryptographic standards. In the initial release, + // this matches Unmanaged behavior for each component. In future releases, this + // may adopt ECDSA or larger RSA keys based on industry best practices. + // Recommended for most customers who want to benefit from security improvements + // automatically. + // + // When set to Custom, the certificate management parameters can be set + // explicitly. Use the custom field to specify certificate generation parameters. + // + // +required + // +unionDiscriminator + Mode PKICertificateManagementMode `json:"mode,omitempty"` + + // custom contains administrator-specified cryptographic configuration. + // Use the defaults and category override fields + // to specify certificate generation parameters. + // Required when mode is Custom, and forbidden otherwise. + // + // +optional + // +unionMember + Custom CustomPKIPolicy `json:"custom,omitzero"` +} + +// CustomPKIPolicy contains administrator-specified cryptographic configuration. +// Administrators must specify defaults for all certificates and may optionally +// override specific categories of certificates. +// +// +kubebuilder:validation:MinProperties=1 +type CustomPKIPolicy struct { + PKIProfile `json:",inline"` +} + +// PKICertificateManagementMode specifies the mode for PKI certificate management. +// +// +kubebuilder:validation:Enum=Unmanaged;Default;Custom +type PKICertificateManagementMode string + +const ( + // PKICertificateManagementModeUnmanaged uses each component's existing hardcoded defaults. + // Most components currently use RSA 2048, but parameters may differ by component. + PKICertificateManagementModeUnmanaged PKICertificateManagementMode = "Unmanaged" + + // PKICertificateManagementModeDefault uses OpenShift-recommended best practices. + // Specific parameters may evolve across OpenShift releases. + PKICertificateManagementModeDefault PKICertificateManagementMode = "Default" + + // PKICertificateManagementModeCustom uses administrator-specified configuration. + PKICertificateManagementModeCustom PKICertificateManagementMode = "Custom" +) + +// PKIProfile defines the certificate generation parameters that OpenShift +// components use to create certificates. Category overrides take precedence +// over defaults. +type PKIProfile struct { + // defaults specifies the default certificate configuration that applies + // to all certificates unless overridden by a category override. + // + // +required + Defaults DefaultCertificateConfig `json:"defaults,omitzero"` + + // signerCertificates optionally overrides certificate parameters for + // certificate authority (CA) certificates that sign other certificates. + // When set, these parameters take precedence over defaults for all signer certificates. + // When omitted, the defaults are used for signer certificates. + // + // +optional + SignerCertificates CertificateConfig `json:"signerCertificates,omitempty,omitzero"` + + // servingCertificates optionally overrides certificate parameters for + // TLS server certificates used to serve HTTPS endpoints. + // When set, these parameters take precedence over defaults for all serving certificates. + // When omitted, the defaults are used for serving certificates. + // + // +optional + ServingCertificates CertificateConfig `json:"servingCertificates,omitempty,omitzero"` + + // clientCertificates optionally overrides certificate parameters for + // client authentication certificates used to authenticate to servers. + // When set, these parameters take precedence over defaults for all client certificates. + // When omitted, the defaults are used for client certificates. + // + // +optional + ClientCertificates CertificateConfig `json:"clientCertificates,omitempty,omitzero"` +} + +// DefaultCertificateConfig specifies the default certificate configuration +// parameters. All fields are required to ensure that defaults are fully +// specified for all certificates. +type DefaultCertificateConfig struct { + // key specifies the cryptographic parameters for the certificate's key pair. + // This field is required in defaults to ensure all certificates have a + // well-defined key configuration. + // +required + Key KeyConfig `json:"key,omitzero"` +} + +// CertificateConfig specifies configuration parameters for certificates. +// At least one property must be specified. +// +kubebuilder:validation:MinProperties=1 +type CertificateConfig struct { + // key specifies the cryptographic parameters for the certificate's key pair. + // Currently this is the only configurable parameter. When omitted in an + // overrides entry, the key configuration from defaults is used. + // +optional + Key KeyConfig `json:"key,omitzero"` +} + +// KeyConfig specifies cryptographic parameters for key generation. +// +// +kubebuilder:validation:XValidation:rule="has(self.algorithm) && self.algorithm == 'RSA' ? has(self.rsa) : !has(self.rsa)",message="rsa is required when algorithm is RSA, and forbidden otherwise" +// +kubebuilder:validation:XValidation:rule="has(self.algorithm) && self.algorithm == 'ECDSA' ? has(self.ecdsa) : !has(self.ecdsa)",message="ecdsa is required when algorithm is ECDSA, and forbidden otherwise" +// +union +type KeyConfig struct { + // algorithm specifies the key generation algorithm. + // Valid values are "RSA" and "ECDSA". + // + // When set to RSA, the rsa field must be specified and the generated key + // will be an RSA key with the configured key size. + // + // When set to ECDSA, the ecdsa field must be specified and the generated key + // will be an ECDSA key using the configured elliptic curve. + // + // +required + // +unionDiscriminator + Algorithm KeyAlgorithm `json:"algorithm,omitempty"` + + // rsa specifies RSA key parameters. + // Required when algorithm is RSA, and forbidden otherwise. + // +optional + // +unionMember + RSA RSAKeyConfig `json:"rsa,omitzero"` + + // ecdsa specifies ECDSA key parameters. + // Required when algorithm is ECDSA, and forbidden otherwise. + // +optional + // +unionMember + ECDSA ECDSAKeyConfig `json:"ecdsa,omitzero"` +} + +// RSAKeyConfig specifies parameters for RSA key generation. +type RSAKeyConfig struct { + // keySize specifies the size of RSA keys in bits. + // Valid values are multiples of 1024 from 2048 to 8192. + // +required + // +kubebuilder:validation:Minimum=2048 + // +kubebuilder:validation:Maximum=8192 + // +kubebuilder:validation:MultipleOf=1024 + KeySize int32 `json:"keySize,omitempty"` +} + +// ECDSAKeyConfig specifies parameters for ECDSA key generation. +type ECDSAKeyConfig struct { + // curve specifies the NIST elliptic curve for ECDSA keys. + // Valid values are "P256", "P384", and "P521". + // + // When set to P256, the NIST P-256 curve (also known as secp256r1) is used, + // providing 128-bit security. + // + // When set to P384, the NIST P-384 curve (also known as secp384r1) is used, + // providing 192-bit security. + // + // When set to P521, the NIST P-521 curve (also known as secp521r1) is used, + // providing 256-bit security. + // + // +required + Curve ECDSACurve `json:"curve,omitempty"` +} + +// KeyAlgorithm specifies the cryptographic algorithm used for key generation. +// +// +kubebuilder:validation:Enum=RSA;ECDSA +type KeyAlgorithm string + +const ( + // KeyAlgorithmRSA specifies the RSA (Rivest-Shamir-Adleman) algorithm for key generation. + KeyAlgorithmRSA KeyAlgorithm = "RSA" + + // KeyAlgorithmECDSA specifies the ECDSA (Elliptic Curve Digital Signature Algorithm) for key generation. + KeyAlgorithmECDSA KeyAlgorithm = "ECDSA" +) + +// ECDSACurve specifies the elliptic curve used for ECDSA key generation. +// +// +kubebuilder:validation:Enum=P256;P384;P521 +type ECDSACurve string + +const ( + // ECDSACurveP256 specifies the NIST P-256 curve (also known as secp256r1), providing 128-bit security. + ECDSACurveP256 ECDSACurve = "P256" + + // ECDSACurveP384 specifies the NIST P-384 curve (also known as secp384r1), providing 192-bit security. + ECDSACurveP384 ECDSACurve = "P384" + + // ECDSACurveP521 specifies the NIST P-521 curve (also known as secp521r1), providing 256-bit security. + ECDSACurveP521 ECDSACurve = "P521" +) + +// PKIList is a collection of PKI resources. +// +// Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. +// +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +// +openshift:compatibility-gen:level=4 +type PKIList struct { + metav1.TypeMeta `json:",inline"` + + // metadata is the standard list's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + metav1.ListMeta `json:"metadata,omitempty"` + + // items is a list of PKI resources + Items []PKI `json:"items"` +} diff --git a/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.deepcopy.go b/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.deepcopy.go index dc51326b9..7313338a3 100644 --- a/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.deepcopy.go +++ b/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.deepcopy.go @@ -11,6 +11,29 @@ import ( runtime "k8s.io/apimachinery/pkg/runtime" ) +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AdditionalAlertmanagerConfig) DeepCopyInto(out *AdditionalAlertmanagerConfig) { + *out = *in + out.Authorization = in.Authorization + if in.StaticConfigs != nil { + in, out := &in.StaticConfigs, &out.StaticConfigs + *out = make([]string, len(*in)) + copy(*out, *in) + } + out.TLSConfig = in.TLSConfig + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AdditionalAlertmanagerConfig. +func (in *AdditionalAlertmanagerConfig) DeepCopy() *AdditionalAlertmanagerConfig { + if in == nil { + return nil + } + out := new(AdditionalAlertmanagerConfig) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *AlertmanagerConfig) DeepCopyInto(out *AlertmanagerConfig) { *out = *in @@ -98,6 +121,23 @@ func (in *Audit) DeepCopy() *Audit { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AuthorizationConfig) DeepCopyInto(out *AuthorizationConfig) { + *out = *in + out.BearerToken = in.BearerToken + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthorizationConfig. +func (in *AuthorizationConfig) DeepCopy() *AuthorizationConfig { + if in == nil { + return nil + } + out := new(AuthorizationConfig) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *Backup) DeepCopyInto(out *Backup) { *out = *in @@ -192,6 +232,24 @@ func (in *BackupStatus) DeepCopy() *BackupStatus { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *BasicAuth) DeepCopyInto(out *BasicAuth) { + *out = *in + out.Username = in.Username + out.Password = in.Password + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BasicAuth. +func (in *BasicAuth) DeepCopy() *BasicAuth { + if in == nil { + return nil + } + out := new(BasicAuth) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *CRIOCredentialProviderConfig) DeepCopyInto(out *CRIOCredentialProviderConfig) { *out = *in @@ -302,107 +360,18 @@ func (in *CRIOCredentialProviderConfigStatus) DeepCopy() *CRIOCredentialProvider } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ClusterImagePolicy) DeepCopyInto(out *ClusterImagePolicy) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterImagePolicy. -func (in *ClusterImagePolicy) DeepCopy() *ClusterImagePolicy { - if in == nil { - return nil - } - out := new(ClusterImagePolicy) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *ClusterImagePolicy) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ClusterImagePolicyList) DeepCopyInto(out *ClusterImagePolicyList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]ClusterImagePolicy, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterImagePolicyList. -func (in *ClusterImagePolicyList) DeepCopy() *ClusterImagePolicyList { - if in == nil { - return nil - } - out := new(ClusterImagePolicyList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *ClusterImagePolicyList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ClusterImagePolicySpec) DeepCopyInto(out *ClusterImagePolicySpec) { - *out = *in - if in.Scopes != nil { - in, out := &in.Scopes, &out.Scopes - *out = make([]ImageScope, len(*in)) - copy(*out, *in) - } - in.Policy.DeepCopyInto(&out.Policy) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterImagePolicySpec. -func (in *ClusterImagePolicySpec) DeepCopy() *ClusterImagePolicySpec { - if in == nil { - return nil - } - out := new(ClusterImagePolicySpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ClusterImagePolicyStatus) DeepCopyInto(out *ClusterImagePolicyStatus) { +func (in *CertificateConfig) DeepCopyInto(out *CertificateConfig) { *out = *in - if in.Conditions != nil { - in, out := &in.Conditions, &out.Conditions - *out = make([]metav1.Condition, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } + out.Key = in.Key return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterImagePolicyStatus. -func (in *ClusterImagePolicyStatus) DeepCopy() *ClusterImagePolicyStatus { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateConfig. +func (in *CertificateConfig) DeepCopy() *CertificateConfig { if in == nil { return nil } - out := new(ClusterImagePolicyStatus) + out := new(CertificateConfig) in.DeepCopyInto(out) return out } @@ -473,8 +442,16 @@ func (in *ClusterMonitoringSpec) DeepCopyInto(out *ClusterMonitoringSpec) { *out = *in out.UserDefined = in.UserDefined in.AlertmanagerConfig.DeepCopyInto(&out.AlertmanagerConfig) + in.PrometheusConfig.DeepCopyInto(&out.PrometheusConfig) in.MetricsServerConfig.DeepCopyInto(&out.MetricsServerConfig) in.PrometheusOperatorConfig.DeepCopyInto(&out.PrometheusOperatorConfig) + in.PrometheusOperatorAdmissionWebhookConfig.DeepCopyInto(&out.PrometheusOperatorAdmissionWebhookConfig) + in.OpenShiftStateMetricsConfig.DeepCopyInto(&out.OpenShiftStateMetricsConfig) + in.TelemeterClientConfig.DeepCopyInto(&out.TelemeterClientConfig) + in.ThanosQuerierConfig.DeepCopyInto(&out.ThanosQuerierConfig) + in.NodeExporterConfig.DeepCopyInto(&out.NodeExporterConfig) + in.MonitoringPluginConfig.DeepCopyInto(&out.MonitoringPluginConfig) + in.KubeStateMetricsConfig.DeepCopyInto(&out.KubeStateMetricsConfig) return } @@ -523,248 +500,126 @@ func (in *ContainerResource) DeepCopy() *ContainerResource { } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *EtcdBackupSpec) DeepCopyInto(out *EtcdBackupSpec) { - *out = *in - in.RetentionPolicy.DeepCopyInto(&out.RetentionPolicy) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EtcdBackupSpec. -func (in *EtcdBackupSpec) DeepCopy() *EtcdBackupSpec { - if in == nil { - return nil - } - out := new(EtcdBackupSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *GatherConfig) DeepCopyInto(out *GatherConfig) { - *out = *in - if in.DisabledGatherers != nil { - in, out := &in.DisabledGatherers, &out.DisabledGatherers - *out = make([]DisabledGatherer, len(*in)) - copy(*out, *in) - } - if in.StorageSpec != nil { - in, out := &in.StorageSpec, &out.StorageSpec - *out = new(Storage) - (*in).DeepCopyInto(*out) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GatherConfig. -func (in *GatherConfig) DeepCopy() *GatherConfig { - if in == nil { - return nil - } - out := new(GatherConfig) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ImagePolicy) DeepCopyInto(out *ImagePolicy) { +func (in *CustomPKIPolicy) DeepCopyInto(out *CustomPKIPolicy) { *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) + out.PKIProfile = in.PKIProfile return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImagePolicy. -func (in *ImagePolicy) DeepCopy() *ImagePolicy { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CustomPKIPolicy. +func (in *CustomPKIPolicy) DeepCopy() *CustomPKIPolicy { if in == nil { return nil } - out := new(ImagePolicy) + out := new(CustomPKIPolicy) in.DeepCopyInto(out) return out } -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *ImagePolicy) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ImagePolicyFulcioCAWithRekorRootOfTrust) DeepCopyInto(out *ImagePolicyFulcioCAWithRekorRootOfTrust) { +func (in *DefaultCertificateConfig) DeepCopyInto(out *DefaultCertificateConfig) { *out = *in - if in.FulcioCAData != nil { - in, out := &in.FulcioCAData, &out.FulcioCAData - *out = make([]byte, len(*in)) - copy(*out, *in) - } - if in.RekorKeyData != nil { - in, out := &in.RekorKeyData, &out.RekorKeyData - *out = make([]byte, len(*in)) - copy(*out, *in) - } - out.FulcioSubject = in.FulcioSubject + out.Key = in.Key return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImagePolicyFulcioCAWithRekorRootOfTrust. -func (in *ImagePolicyFulcioCAWithRekorRootOfTrust) DeepCopy() *ImagePolicyFulcioCAWithRekorRootOfTrust { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DefaultCertificateConfig. +func (in *DefaultCertificateConfig) DeepCopy() *DefaultCertificateConfig { if in == nil { return nil } - out := new(ImagePolicyFulcioCAWithRekorRootOfTrust) + out := new(DefaultCertificateConfig) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ImagePolicyList) DeepCopyInto(out *ImagePolicyList) { +func (in *DropEqualActionConfig) DeepCopyInto(out *DropEqualActionConfig) { *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]ImagePolicy, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImagePolicyList. -func (in *ImagePolicyList) DeepCopy() *ImagePolicyList { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DropEqualActionConfig. +func (in *DropEqualActionConfig) DeepCopy() *DropEqualActionConfig { if in == nil { return nil } - out := new(ImagePolicyList) + out := new(DropEqualActionConfig) in.DeepCopyInto(out) return out } -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *ImagePolicyList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ImagePolicyPKIRootOfTrust) DeepCopyInto(out *ImagePolicyPKIRootOfTrust) { +func (in *ECDSAKeyConfig) DeepCopyInto(out *ECDSAKeyConfig) { *out = *in - if in.CertificateAuthorityRootsData != nil { - in, out := &in.CertificateAuthorityRootsData, &out.CertificateAuthorityRootsData - *out = make([]byte, len(*in)) - copy(*out, *in) - } - if in.CertificateAuthorityIntermediatesData != nil { - in, out := &in.CertificateAuthorityIntermediatesData, &out.CertificateAuthorityIntermediatesData - *out = make([]byte, len(*in)) - copy(*out, *in) - } - out.PKICertificateSubject = in.PKICertificateSubject return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImagePolicyPKIRootOfTrust. -func (in *ImagePolicyPKIRootOfTrust) DeepCopy() *ImagePolicyPKIRootOfTrust { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ECDSAKeyConfig. +func (in *ECDSAKeyConfig) DeepCopy() *ECDSAKeyConfig { if in == nil { return nil } - out := new(ImagePolicyPKIRootOfTrust) + out := new(ECDSAKeyConfig) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ImagePolicyPublicKeyRootOfTrust) DeepCopyInto(out *ImagePolicyPublicKeyRootOfTrust) { +func (in *EtcdBackupSpec) DeepCopyInto(out *EtcdBackupSpec) { *out = *in - if in.KeyData != nil { - in, out := &in.KeyData, &out.KeyData - *out = make([]byte, len(*in)) - copy(*out, *in) - } - if in.RekorKeyData != nil { - in, out := &in.RekorKeyData, &out.RekorKeyData - *out = make([]byte, len(*in)) - copy(*out, *in) - } + in.RetentionPolicy.DeepCopyInto(&out.RetentionPolicy) return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImagePolicyPublicKeyRootOfTrust. -func (in *ImagePolicyPublicKeyRootOfTrust) DeepCopy() *ImagePolicyPublicKeyRootOfTrust { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EtcdBackupSpec. +func (in *EtcdBackupSpec) DeepCopy() *EtcdBackupSpec { if in == nil { return nil } - out := new(ImagePolicyPublicKeyRootOfTrust) + out := new(EtcdBackupSpec) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ImagePolicySpec) DeepCopyInto(out *ImagePolicySpec) { +func (in *GatherConfig) DeepCopyInto(out *GatherConfig) { *out = *in - if in.Scopes != nil { - in, out := &in.Scopes, &out.Scopes - *out = make([]ImageScope, len(*in)) + if in.DisabledGatherers != nil { + in, out := &in.DisabledGatherers, &out.DisabledGatherers + *out = make([]DisabledGatherer, len(*in)) copy(*out, *in) } - in.Policy.DeepCopyInto(&out.Policy) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImagePolicySpec. -func (in *ImagePolicySpec) DeepCopy() *ImagePolicySpec { - if in == nil { - return nil - } - out := new(ImagePolicySpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ImagePolicyStatus) DeepCopyInto(out *ImagePolicyStatus) { - *out = *in - if in.Conditions != nil { - in, out := &in.Conditions, &out.Conditions - *out = make([]metav1.Condition, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } + if in.StorageSpec != nil { + in, out := &in.StorageSpec, &out.StorageSpec + *out = new(Storage) + (*in).DeepCopyInto(*out) } return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImagePolicyStatus. -func (in *ImagePolicyStatus) DeepCopy() *ImagePolicyStatus { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GatherConfig. +func (in *GatherConfig) DeepCopy() *GatherConfig { if in == nil { return nil } - out := new(ImagePolicyStatus) + out := new(GatherConfig) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ImageSigstoreVerificationPolicy) DeepCopyInto(out *ImageSigstoreVerificationPolicy) { +func (in *HashModActionConfig) DeepCopyInto(out *HashModActionConfig) { *out = *in - in.RootOfTrust.DeepCopyInto(&out.RootOfTrust) - in.SignedIdentity.DeepCopyInto(&out.SignedIdentity) return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImageSigstoreVerificationPolicy. -func (in *ImageSigstoreVerificationPolicy) DeepCopy() *ImageSigstoreVerificationPolicy { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HashModActionConfig. +func (in *HashModActionConfig) DeepCopy() *HashModActionConfig { if in == nil { return nil } - out := new(ImageSigstoreVerificationPolicy) + out := new(HashModActionConfig) in.DeepCopyInto(out) return out } @@ -864,9 +719,42 @@ func (in *InsightsDataGatherStatus) DeepCopy() *InsightsDataGatherStatus { } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *MetricsServerConfig) DeepCopyInto(out *MetricsServerConfig) { +func (in *KeepEqualActionConfig) DeepCopyInto(out *KeepEqualActionConfig) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeepEqualActionConfig. +func (in *KeepEqualActionConfig) DeepCopy() *KeepEqualActionConfig { + if in == nil { + return nil + } + out := new(KeepEqualActionConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *KeyConfig) DeepCopyInto(out *KeyConfig) { + *out = *in + out.RSA = in.RSA + out.ECDSA = in.ECDSA + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeyConfig. +func (in *KeyConfig) DeepCopy() *KeyConfig { + if in == nil { + return nil + } + out := new(KeyConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *KubeStateMetricsConfig) DeepCopyInto(out *KubeStateMetricsConfig) { *out = *in - out.Audit = in.Audit if in.NodeSelector != nil { in, out := &in.NodeSelector, &out.NodeSelector *out = make(map[string]string, len(*in)) @@ -874,13 +762,864 @@ func (in *MetricsServerConfig) DeepCopyInto(out *MetricsServerConfig) { (*out)[key] = val } } - if in.Tolerations != nil { - in, out := &in.Tolerations, &out.Tolerations + if in.Resources != nil { + in, out := &in.Resources, &out.Resources + *out = make([]ContainerResource, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Tolerations != nil { + in, out := &in.Tolerations, &out.Tolerations + *out = make([]v1.Toleration, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.TopologySpreadConstraints != nil { + in, out := &in.TopologySpreadConstraints, &out.TopologySpreadConstraints + *out = make([]v1.TopologySpreadConstraint, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.AdditionalResourceLabels != nil { + in, out := &in.AdditionalResourceLabels, &out.AdditionalResourceLabels + *out = make([]KubeStateMetricsResourceLabels, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubeStateMetricsConfig. +func (in *KubeStateMetricsConfig) DeepCopy() *KubeStateMetricsConfig { + if in == nil { + return nil + } + out := new(KubeStateMetricsConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *KubeStateMetricsResourceLabels) DeepCopyInto(out *KubeStateMetricsResourceLabels) { + *out = *in + if in.Labels != nil { + in, out := &in.Labels, &out.Labels + *out = make([]KubeStateMetricsLabelName, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubeStateMetricsResourceLabels. +func (in *KubeStateMetricsResourceLabels) DeepCopy() *KubeStateMetricsResourceLabels { + if in == nil { + return nil + } + out := new(KubeStateMetricsResourceLabels) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Label) DeepCopyInto(out *Label) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Label. +func (in *Label) DeepCopy() *Label { + if in == nil { + return nil + } + out := new(Label) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *LabelMapActionConfig) DeepCopyInto(out *LabelMapActionConfig) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LabelMapActionConfig. +func (in *LabelMapActionConfig) DeepCopy() *LabelMapActionConfig { + if in == nil { + return nil + } + out := new(LabelMapActionConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *LowercaseActionConfig) DeepCopyInto(out *LowercaseActionConfig) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LowercaseActionConfig. +func (in *LowercaseActionConfig) DeepCopy() *LowercaseActionConfig { + if in == nil { + return nil + } + out := new(LowercaseActionConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MetadataConfig) DeepCopyInto(out *MetadataConfig) { + *out = *in + out.Custom = in.Custom + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MetadataConfig. +func (in *MetadataConfig) DeepCopy() *MetadataConfig { + if in == nil { + return nil + } + out := new(MetadataConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MetadataConfigCustom) DeepCopyInto(out *MetadataConfigCustom) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MetadataConfigCustom. +func (in *MetadataConfigCustom) DeepCopy() *MetadataConfigCustom { + if in == nil { + return nil + } + out := new(MetadataConfigCustom) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MetricsServerConfig) DeepCopyInto(out *MetricsServerConfig) { + *out = *in + out.Audit = in.Audit + if in.NodeSelector != nil { + in, out := &in.NodeSelector, &out.NodeSelector + *out = make(map[string]string, len(*in)) + for key, val := range *in { + (*out)[key] = val + } + } + if in.Tolerations != nil { + in, out := &in.Tolerations, &out.Tolerations + *out = make([]v1.Toleration, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Resources != nil { + in, out := &in.Resources, &out.Resources + *out = make([]ContainerResource, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.TopologySpreadConstraints != nil { + in, out := &in.TopologySpreadConstraints, &out.TopologySpreadConstraints + *out = make([]v1.TopologySpreadConstraint, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MetricsServerConfig. +func (in *MetricsServerConfig) DeepCopy() *MetricsServerConfig { + if in == nil { + return nil + } + out := new(MetricsServerConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MonitoringPluginConfig) DeepCopyInto(out *MonitoringPluginConfig) { + *out = *in + if in.NodeSelector != nil { + in, out := &in.NodeSelector, &out.NodeSelector + *out = make(map[string]string, len(*in)) + for key, val := range *in { + (*out)[key] = val + } + } + if in.Resources != nil { + in, out := &in.Resources, &out.Resources + *out = make([]ContainerResource, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Tolerations != nil { + in, out := &in.Tolerations, &out.Tolerations + *out = make([]v1.Toleration, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.TopologySpreadConstraints != nil { + in, out := &in.TopologySpreadConstraints, &out.TopologySpreadConstraints + *out = make([]v1.TopologySpreadConstraint, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MonitoringPluginConfig. +func (in *MonitoringPluginConfig) DeepCopy() *MonitoringPluginConfig { + if in == nil { + return nil + } + out := new(MonitoringPluginConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NodeExporterCollectorBuddyInfoConfig) DeepCopyInto(out *NodeExporterCollectorBuddyInfoConfig) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeExporterCollectorBuddyInfoConfig. +func (in *NodeExporterCollectorBuddyInfoConfig) DeepCopy() *NodeExporterCollectorBuddyInfoConfig { + if in == nil { + return nil + } + out := new(NodeExporterCollectorBuddyInfoConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NodeExporterCollectorConfig) DeepCopyInto(out *NodeExporterCollectorConfig) { + *out = *in + out.CpuFreq = in.CpuFreq + out.TcpStat = in.TcpStat + out.Ethtool = in.Ethtool + out.NetDev = in.NetDev + out.NetClass = in.NetClass + out.BuddyInfo = in.BuddyInfo + out.MountStats = in.MountStats + out.Ksmd = in.Ksmd + out.Processes = in.Processes + in.Systemd.DeepCopyInto(&out.Systemd) + out.Softirqs = in.Softirqs + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeExporterCollectorConfig. +func (in *NodeExporterCollectorConfig) DeepCopy() *NodeExporterCollectorConfig { + if in == nil { + return nil + } + out := new(NodeExporterCollectorConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NodeExporterCollectorCpufreqConfig) DeepCopyInto(out *NodeExporterCollectorCpufreqConfig) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeExporterCollectorCpufreqConfig. +func (in *NodeExporterCollectorCpufreqConfig) DeepCopy() *NodeExporterCollectorCpufreqConfig { + if in == nil { + return nil + } + out := new(NodeExporterCollectorCpufreqConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NodeExporterCollectorEthtoolConfig) DeepCopyInto(out *NodeExporterCollectorEthtoolConfig) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeExporterCollectorEthtoolConfig. +func (in *NodeExporterCollectorEthtoolConfig) DeepCopy() *NodeExporterCollectorEthtoolConfig { + if in == nil { + return nil + } + out := new(NodeExporterCollectorEthtoolConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NodeExporterCollectorKSMDConfig) DeepCopyInto(out *NodeExporterCollectorKSMDConfig) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeExporterCollectorKSMDConfig. +func (in *NodeExporterCollectorKSMDConfig) DeepCopy() *NodeExporterCollectorKSMDConfig { + if in == nil { + return nil + } + out := new(NodeExporterCollectorKSMDConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NodeExporterCollectorMountStatsConfig) DeepCopyInto(out *NodeExporterCollectorMountStatsConfig) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeExporterCollectorMountStatsConfig. +func (in *NodeExporterCollectorMountStatsConfig) DeepCopy() *NodeExporterCollectorMountStatsConfig { + if in == nil { + return nil + } + out := new(NodeExporterCollectorMountStatsConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NodeExporterCollectorNetClassCollectConfig) DeepCopyInto(out *NodeExporterCollectorNetClassCollectConfig) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeExporterCollectorNetClassCollectConfig. +func (in *NodeExporterCollectorNetClassCollectConfig) DeepCopy() *NodeExporterCollectorNetClassCollectConfig { + if in == nil { + return nil + } + out := new(NodeExporterCollectorNetClassCollectConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NodeExporterCollectorNetClassConfig) DeepCopyInto(out *NodeExporterCollectorNetClassConfig) { + *out = *in + out.Collect = in.Collect + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeExporterCollectorNetClassConfig. +func (in *NodeExporterCollectorNetClassConfig) DeepCopy() *NodeExporterCollectorNetClassConfig { + if in == nil { + return nil + } + out := new(NodeExporterCollectorNetClassConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NodeExporterCollectorNetDevConfig) DeepCopyInto(out *NodeExporterCollectorNetDevConfig) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeExporterCollectorNetDevConfig. +func (in *NodeExporterCollectorNetDevConfig) DeepCopy() *NodeExporterCollectorNetDevConfig { + if in == nil { + return nil + } + out := new(NodeExporterCollectorNetDevConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NodeExporterCollectorProcessesConfig) DeepCopyInto(out *NodeExporterCollectorProcessesConfig) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeExporterCollectorProcessesConfig. +func (in *NodeExporterCollectorProcessesConfig) DeepCopy() *NodeExporterCollectorProcessesConfig { + if in == nil { + return nil + } + out := new(NodeExporterCollectorProcessesConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NodeExporterCollectorSoftirqsConfig) DeepCopyInto(out *NodeExporterCollectorSoftirqsConfig) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeExporterCollectorSoftirqsConfig. +func (in *NodeExporterCollectorSoftirqsConfig) DeepCopy() *NodeExporterCollectorSoftirqsConfig { + if in == nil { + return nil + } + out := new(NodeExporterCollectorSoftirqsConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NodeExporterCollectorSystemdCollectConfig) DeepCopyInto(out *NodeExporterCollectorSystemdCollectConfig) { + *out = *in + if in.Units != nil { + in, out := &in.Units, &out.Units + *out = make([]NodeExporterSystemdUnit, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeExporterCollectorSystemdCollectConfig. +func (in *NodeExporterCollectorSystemdCollectConfig) DeepCopy() *NodeExporterCollectorSystemdCollectConfig { + if in == nil { + return nil + } + out := new(NodeExporterCollectorSystemdCollectConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NodeExporterCollectorSystemdConfig) DeepCopyInto(out *NodeExporterCollectorSystemdConfig) { + *out = *in + in.Collect.DeepCopyInto(&out.Collect) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeExporterCollectorSystemdConfig. +func (in *NodeExporterCollectorSystemdConfig) DeepCopy() *NodeExporterCollectorSystemdConfig { + if in == nil { + return nil + } + out := new(NodeExporterCollectorSystemdConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NodeExporterCollectorTcpStatConfig) DeepCopyInto(out *NodeExporterCollectorTcpStatConfig) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeExporterCollectorTcpStatConfig. +func (in *NodeExporterCollectorTcpStatConfig) DeepCopy() *NodeExporterCollectorTcpStatConfig { + if in == nil { + return nil + } + out := new(NodeExporterCollectorTcpStatConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NodeExporterConfig) DeepCopyInto(out *NodeExporterConfig) { + *out = *in + if in.Resources != nil { + in, out := &in.Resources, &out.Resources + *out = make([]ContainerResource, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + in.Collectors.DeepCopyInto(&out.Collectors) + if in.IgnoredNetworkDevices != nil { + in, out := &in.IgnoredNetworkDevices, &out.IgnoredNetworkDevices + *out = new([]NodeExporterIgnoredNetworkDevice) + if **in != nil { + in, out := *in, *out + *out = make([]NodeExporterIgnoredNetworkDevice, len(*in)) + copy(*out, *in) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeExporterConfig. +func (in *NodeExporterConfig) DeepCopy() *NodeExporterConfig { + if in == nil { + return nil + } + out := new(NodeExporterConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OAuth2) DeepCopyInto(out *OAuth2) { + *out = *in + out.ClientID = in.ClientID + out.ClientSecret = in.ClientSecret + if in.Scopes != nil { + in, out := &in.Scopes, &out.Scopes + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.EndpointParams != nil { + in, out := &in.EndpointParams, &out.EndpointParams + *out = make([]OAuth2EndpointParam, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OAuth2. +func (in *OAuth2) DeepCopy() *OAuth2 { + if in == nil { + return nil + } + out := new(OAuth2) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OAuth2EndpointParam) DeepCopyInto(out *OAuth2EndpointParam) { + *out = *in + if in.Value != nil { + in, out := &in.Value, &out.Value + *out = new(string) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OAuth2EndpointParam. +func (in *OAuth2EndpointParam) DeepCopy() *OAuth2EndpointParam { + if in == nil { + return nil + } + out := new(OAuth2EndpointParam) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OpenShiftStateMetricsConfig) DeepCopyInto(out *OpenShiftStateMetricsConfig) { + *out = *in + if in.NodeSelector != nil { + in, out := &in.NodeSelector, &out.NodeSelector + *out = make(map[string]string, len(*in)) + for key, val := range *in { + (*out)[key] = val + } + } + if in.Resources != nil { + in, out := &in.Resources, &out.Resources + *out = make([]ContainerResource, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Tolerations != nil { + in, out := &in.Tolerations, &out.Tolerations + *out = make([]v1.Toleration, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.TopologySpreadConstraints != nil { + in, out := &in.TopologySpreadConstraints, &out.TopologySpreadConstraints + *out = make([]v1.TopologySpreadConstraint, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OpenShiftStateMetricsConfig. +func (in *OpenShiftStateMetricsConfig) DeepCopy() *OpenShiftStateMetricsConfig { + if in == nil { + return nil + } + out := new(OpenShiftStateMetricsConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PKI) DeepCopyInto(out *PKI) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + out.Spec = in.Spec + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PKI. +func (in *PKI) DeepCopy() *PKI { + if in == nil { + return nil + } + out := new(PKI) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *PKI) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PKICertificateManagement) DeepCopyInto(out *PKICertificateManagement) { + *out = *in + out.Custom = in.Custom + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PKICertificateManagement. +func (in *PKICertificateManagement) DeepCopy() *PKICertificateManagement { + if in == nil { + return nil + } + out := new(PKICertificateManagement) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PKIList) DeepCopyInto(out *PKIList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]PKI, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PKIList. +func (in *PKIList) DeepCopy() *PKIList { + if in == nil { + return nil + } + out := new(PKIList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *PKIList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PKIProfile) DeepCopyInto(out *PKIProfile) { + *out = *in + out.Defaults = in.Defaults + out.SignerCertificates = in.SignerCertificates + out.ServingCertificates = in.ServingCertificates + out.ClientCertificates = in.ClientCertificates + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PKIProfile. +func (in *PKIProfile) DeepCopy() *PKIProfile { + if in == nil { + return nil + } + out := new(PKIProfile) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PKISpec) DeepCopyInto(out *PKISpec) { + *out = *in + out.CertificateManagement = in.CertificateManagement + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PKISpec. +func (in *PKISpec) DeepCopy() *PKISpec { + if in == nil { + return nil + } + out := new(PKISpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PersistentVolumeClaimReference) DeepCopyInto(out *PersistentVolumeClaimReference) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PersistentVolumeClaimReference. +func (in *PersistentVolumeClaimReference) DeepCopy() *PersistentVolumeClaimReference { + if in == nil { + return nil + } + out := new(PersistentVolumeClaimReference) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PersistentVolumeConfig) DeepCopyInto(out *PersistentVolumeConfig) { + *out = *in + out.Claim = in.Claim + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PersistentVolumeConfig. +func (in *PersistentVolumeConfig) DeepCopy() *PersistentVolumeConfig { + if in == nil { + return nil + } + out := new(PersistentVolumeConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PrometheusConfig) DeepCopyInto(out *PrometheusConfig) { + *out = *in + if in.AdditionalAlertmanagerConfigs != nil { + in, out := &in.AdditionalAlertmanagerConfigs, &out.AdditionalAlertmanagerConfigs + *out = make([]AdditionalAlertmanagerConfig, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.ExternalLabels != nil { + in, out := &in.ExternalLabels, &out.ExternalLabels + *out = make([]Label, len(*in)) + copy(*out, *in) + } + if in.NodeSelector != nil { + in, out := &in.NodeSelector, &out.NodeSelector + *out = make(map[string]string, len(*in)) + for key, val := range *in { + (*out)[key] = val + } + } + if in.RemoteWrite != nil { + in, out := &in.RemoteWrite, &out.RemoteWrite + *out = make([]RemoteWriteSpec, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Resources != nil { + in, out := &in.Resources, &out.Resources + *out = make([]ContainerResource, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + out.Retention = in.Retention + if in.Tolerations != nil { + in, out := &in.Tolerations, &out.Tolerations *out = make([]v1.Toleration, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } } + if in.TopologySpreadConstraints != nil { + in, out := &in.TopologySpreadConstraints, &out.TopologySpreadConstraints + *out = make([]v1.TopologySpreadConstraint, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.VolumeClaimTemplate != nil { + in, out := &in.VolumeClaimTemplate, &out.VolumeClaimTemplate + *out = new(v1.PersistentVolumeClaim) + (*in).DeepCopyInto(*out) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PrometheusConfig. +func (in *PrometheusConfig) DeepCopy() *PrometheusConfig { + if in == nil { + return nil + } + out := new(PrometheusConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PrometheusOperatorAdmissionWebhookConfig) DeepCopyInto(out *PrometheusOperatorAdmissionWebhookConfig) { + *out = *in + if in.Resources != nil { + in, out := &in.Resources, &out.Resources + *out = make([]ContainerResource, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.TopologySpreadConstraints != nil { + in, out := &in.TopologySpreadConstraints, &out.TopologySpreadConstraints + *out = make([]v1.TopologySpreadConstraint, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PrometheusOperatorAdmissionWebhookConfig. +func (in *PrometheusOperatorAdmissionWebhookConfig) DeepCopy() *PrometheusOperatorAdmissionWebhookConfig { + if in == nil { + return nil + } + out := new(PrometheusOperatorAdmissionWebhookConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PrometheusOperatorConfig) DeepCopyInto(out *PrometheusOperatorConfig) { + *out = *in + if in.NodeSelector != nil { + in, out := &in.NodeSelector, &out.NodeSelector + *out = make(map[string]string, len(*in)) + for key, val := range *in { + (*out)[key] = val + } + } if in.Resources != nil { in, out := &in.Resources, &out.Resources *out = make([]ContainerResource, len(*in)) @@ -888,6 +1627,13 @@ func (in *MetricsServerConfig) DeepCopyInto(out *MetricsServerConfig) { (*in)[i].DeepCopyInto(&(*out)[i]) } } + if in.Tolerations != nil { + in, out := &in.Tolerations, &out.Tolerations + *out = make([]v1.Toleration, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } if in.TopologySpreadConstraints != nil { in, out := &in.TopologySpreadConstraints, &out.TopologySpreadConstraints *out = make([]v1.TopologySpreadConstraint, len(*in)) @@ -898,210 +1644,206 @@ func (in *MetricsServerConfig) DeepCopyInto(out *MetricsServerConfig) { return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MetricsServerConfig. -func (in *MetricsServerConfig) DeepCopy() *MetricsServerConfig { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PrometheusOperatorConfig. +func (in *PrometheusOperatorConfig) DeepCopy() *PrometheusOperatorConfig { if in == nil { return nil } - out := new(MetricsServerConfig) + out := new(PrometheusOperatorConfig) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PKICertificateSubject) DeepCopyInto(out *PKICertificateSubject) { +func (in *PrometheusRemoteWriteHeader) DeepCopyInto(out *PrometheusRemoteWriteHeader) { *out = *in + if in.Value != nil { + in, out := &in.Value, &out.Value + *out = new(string) + **out = **in + } return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PKICertificateSubject. -func (in *PKICertificateSubject) DeepCopy() *PKICertificateSubject { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PrometheusRemoteWriteHeader. +func (in *PrometheusRemoteWriteHeader) DeepCopy() *PrometheusRemoteWriteHeader { if in == nil { return nil } - out := new(PKICertificateSubject) + out := new(PrometheusRemoteWriteHeader) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PersistentVolumeClaimReference) DeepCopyInto(out *PersistentVolumeClaimReference) { +func (in *QueueConfig) DeepCopyInto(out *QueueConfig) { *out = *in return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PersistentVolumeClaimReference. -func (in *PersistentVolumeClaimReference) DeepCopy() *PersistentVolumeClaimReference { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new QueueConfig. +func (in *QueueConfig) DeepCopy() *QueueConfig { if in == nil { return nil } - out := new(PersistentVolumeClaimReference) + out := new(QueueConfig) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PersistentVolumeConfig) DeepCopyInto(out *PersistentVolumeConfig) { +func (in *RSAKeyConfig) DeepCopyInto(out *RSAKeyConfig) { *out = *in - out.Claim = in.Claim return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PersistentVolumeConfig. -func (in *PersistentVolumeConfig) DeepCopy() *PersistentVolumeConfig { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RSAKeyConfig. +func (in *RSAKeyConfig) DeepCopy() *RSAKeyConfig { if in == nil { return nil } - out := new(PersistentVolumeConfig) + out := new(RSAKeyConfig) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PolicyFulcioSubject) DeepCopyInto(out *PolicyFulcioSubject) { +func (in *RelabelActionConfig) DeepCopyInto(out *RelabelActionConfig) { *out = *in + in.Replace.DeepCopyInto(&out.Replace) + out.HashMod = in.HashMod + out.LabelMap = in.LabelMap + out.Lowercase = in.Lowercase + out.Uppercase = in.Uppercase + out.KeepEqual = in.KeepEqual + out.DropEqual = in.DropEqual return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyFulcioSubject. -func (in *PolicyFulcioSubject) DeepCopy() *PolicyFulcioSubject { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RelabelActionConfig. +func (in *RelabelActionConfig) DeepCopy() *RelabelActionConfig { if in == nil { return nil } - out := new(PolicyFulcioSubject) + out := new(RelabelActionConfig) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PolicyIdentity) DeepCopyInto(out *PolicyIdentity) { +func (in *RelabelConfig) DeepCopyInto(out *RelabelConfig) { *out = *in - if in.PolicyMatchExactRepository != nil { - in, out := &in.PolicyMatchExactRepository, &out.PolicyMatchExactRepository - *out = new(PolicyMatchExactRepository) - **out = **in - } - if in.PolicyMatchRemapIdentity != nil { - in, out := &in.PolicyMatchRemapIdentity, &out.PolicyMatchRemapIdentity - *out = new(PolicyMatchRemapIdentity) - **out = **in + if in.SourceLabels != nil { + in, out := &in.SourceLabels, &out.SourceLabels + *out = make([]string, len(*in)) + copy(*out, *in) } + in.Action.DeepCopyInto(&out.Action) return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyIdentity. -func (in *PolicyIdentity) DeepCopy() *PolicyIdentity { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RelabelConfig. +func (in *RelabelConfig) DeepCopy() *RelabelConfig { if in == nil { return nil } - out := new(PolicyIdentity) + out := new(RelabelConfig) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PolicyMatchExactRepository) DeepCopyInto(out *PolicyMatchExactRepository) { +func (in *RemoteWriteAuthorization) DeepCopyInto(out *RemoteWriteAuthorization) { *out = *in + if in.SafeAuthorization != nil { + in, out := &in.SafeAuthorization, &out.SafeAuthorization + *out = new(v1.SecretKeySelector) + (*in).DeepCopyInto(*out) + } + out.BearerToken = in.BearerToken + out.BasicAuth = in.BasicAuth + in.OAuth2.DeepCopyInto(&out.OAuth2) + out.Sigv4 = in.Sigv4 return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyMatchExactRepository. -func (in *PolicyMatchExactRepository) DeepCopy() *PolicyMatchExactRepository { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RemoteWriteAuthorization. +func (in *RemoteWriteAuthorization) DeepCopy() *RemoteWriteAuthorization { if in == nil { return nil } - out := new(PolicyMatchExactRepository) + out := new(RemoteWriteAuthorization) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PolicyMatchRemapIdentity) DeepCopyInto(out *PolicyMatchRemapIdentity) { +func (in *RemoteWriteSpec) DeepCopyInto(out *RemoteWriteSpec) { *out = *in + in.AuthorizationConfig.DeepCopyInto(&out.AuthorizationConfig) + if in.Headers != nil { + in, out := &in.Headers, &out.Headers + *out = make([]PrometheusRemoteWriteHeader, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + out.MetadataConfig = in.MetadataConfig + out.QueueConfig = in.QueueConfig + out.TLSConfig = in.TLSConfig + if in.WriteRelabelConfigs != nil { + in, out := &in.WriteRelabelConfigs, &out.WriteRelabelConfigs + *out = make([]RelabelConfig, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyMatchRemapIdentity. -func (in *PolicyMatchRemapIdentity) DeepCopy() *PolicyMatchRemapIdentity { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RemoteWriteSpec. +func (in *RemoteWriteSpec) DeepCopy() *RemoteWriteSpec { if in == nil { return nil } - out := new(PolicyMatchRemapIdentity) + out := new(RemoteWriteSpec) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PolicyRootOfTrust) DeepCopyInto(out *PolicyRootOfTrust) { +func (in *ReplaceActionConfig) DeepCopyInto(out *ReplaceActionConfig) { *out = *in - if in.PublicKey != nil { - in, out := &in.PublicKey, &out.PublicKey - *out = new(ImagePolicyPublicKeyRootOfTrust) - (*in).DeepCopyInto(*out) - } - if in.FulcioCAWithRekor != nil { - in, out := &in.FulcioCAWithRekor, &out.FulcioCAWithRekor - *out = new(ImagePolicyFulcioCAWithRekorRootOfTrust) - (*in).DeepCopyInto(*out) - } - if in.PKI != nil { - in, out := &in.PKI, &out.PKI - *out = new(ImagePolicyPKIRootOfTrust) - (*in).DeepCopyInto(*out) + if in.Replacement != nil { + in, out := &in.Replacement, &out.Replacement + *out = new(string) + **out = **in } return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyRootOfTrust. -func (in *PolicyRootOfTrust) DeepCopy() *PolicyRootOfTrust { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ReplaceActionConfig. +func (in *ReplaceActionConfig) DeepCopy() *ReplaceActionConfig { if in == nil { return nil } - out := new(PolicyRootOfTrust) + out := new(ReplaceActionConfig) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PrometheusOperatorConfig) DeepCopyInto(out *PrometheusOperatorConfig) { +func (in *Retention) DeepCopyInto(out *Retention) { *out = *in - if in.NodeSelector != nil { - in, out := &in.NodeSelector, &out.NodeSelector - *out = make(map[string]string, len(*in)) - for key, val := range *in { - (*out)[key] = val - } - } - if in.Resources != nil { - in, out := &in.Resources, &out.Resources - *out = make([]ContainerResource, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.Tolerations != nil { - in, out := &in.Tolerations, &out.Tolerations - *out = make([]v1.Toleration, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.TopologySpreadConstraints != nil { - in, out := &in.TopologySpreadConstraints, &out.TopologySpreadConstraints - *out = make([]v1.TopologySpreadConstraint, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PrometheusOperatorConfig. -func (in *PrometheusOperatorConfig) DeepCopy() *PrometheusOperatorConfig { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Retention. +func (in *Retention) DeepCopy() *Retention { if in == nil { return nil } - out := new(PrometheusOperatorConfig) + out := new(Retention) in.DeepCopyInto(out) return out } @@ -1164,6 +1906,40 @@ func (in *RetentionSizeConfig) DeepCopy() *RetentionSizeConfig { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SecretKeySelector) DeepCopyInto(out *SecretKeySelector) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretKeySelector. +func (in *SecretKeySelector) DeepCopy() *SecretKeySelector { + if in == nil { + return nil + } + out := new(SecretKeySelector) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Sigv4) DeepCopyInto(out *Sigv4) { + *out = *in + out.AccessKey = in.AccessKey + out.SecretKey = in.SecretKey + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Sigv4. +func (in *Sigv4) DeepCopy() *Sigv4 { + if in == nil { + return nil + } + out := new(Sigv4) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *Storage) DeepCopyInto(out *Storage) { *out = *in @@ -1185,6 +1961,146 @@ func (in *Storage) DeepCopy() *Storage { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TLSConfig) DeepCopyInto(out *TLSConfig) { + *out = *in + out.CA = in.CA + out.Cert = in.Cert + out.Key = in.Key + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TLSConfig. +func (in *TLSConfig) DeepCopy() *TLSConfig { + if in == nil { + return nil + } + out := new(TLSConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TelemeterClientConfig) DeepCopyInto(out *TelemeterClientConfig) { + *out = *in + if in.NodeSelector != nil { + in, out := &in.NodeSelector, &out.NodeSelector + *out = make(map[string]string, len(*in)) + for key, val := range *in { + (*out)[key] = val + } + } + if in.Resources != nil { + in, out := &in.Resources, &out.Resources + *out = make([]ContainerResource, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Tolerations != nil { + in, out := &in.Tolerations, &out.Tolerations + *out = make([]v1.Toleration, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.TopologySpreadConstraints != nil { + in, out := &in.TopologySpreadConstraints, &out.TopologySpreadConstraints + *out = make([]v1.TopologySpreadConstraint, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TelemeterClientConfig. +func (in *TelemeterClientConfig) DeepCopy() *TelemeterClientConfig { + if in == nil { + return nil + } + out := new(TelemeterClientConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ThanosQuerierConfig) DeepCopyInto(out *ThanosQuerierConfig) { + *out = *in + out.RequestLogging = in.RequestLogging + if in.NodeSelector != nil { + in, out := &in.NodeSelector, &out.NodeSelector + *out = make(map[string]string, len(*in)) + for key, val := range *in { + (*out)[key] = val + } + } + if in.Resources != nil { + in, out := &in.Resources, &out.Resources + *out = make([]ContainerResource, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Tolerations != nil { + in, out := &in.Tolerations, &out.Tolerations + *out = make([]v1.Toleration, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.TopologySpreadConstraints != nil { + in, out := &in.TopologySpreadConstraints, &out.TopologySpreadConstraints + *out = make([]v1.TopologySpreadConstraint, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ThanosQuerierConfig. +func (in *ThanosQuerierConfig) DeepCopy() *ThanosQuerierConfig { + if in == nil { + return nil + } + out := new(ThanosQuerierConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ThanosQuerierRequestLoggingConfig) DeepCopyInto(out *ThanosQuerierRequestLoggingConfig) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ThanosQuerierRequestLoggingConfig. +func (in *ThanosQuerierRequestLoggingConfig) DeepCopy() *ThanosQuerierRequestLoggingConfig { + if in == nil { + return nil + } + out := new(ThanosQuerierRequestLoggingConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *UppercaseActionConfig) DeepCopyInto(out *UppercaseActionConfig) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UppercaseActionConfig. +func (in *UppercaseActionConfig) DeepCopy() *UppercaseActionConfig { + if in == nil { + return nil + } + out := new(UppercaseActionConfig) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *UserDefinedMonitoring) DeepCopyInto(out *UserDefinedMonitoring) { *out = *in diff --git a/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.featuregated-crd-manifests.yaml index 14091b587..b2a124193 100644 --- a/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.featuregated-crd-manifests.yaml +++ b/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.featuregated-crd-manifests.yaml @@ -44,30 +44,6 @@ criocredentialproviderconfigs.config.openshift.io: - CRIOCredentialProviderConfig Version: v1alpha1 -clusterimagepolicies.config.openshift.io: - Annotations: {} - ApprovedPRNumber: https://github.com/openshift/api/pull/1457 - CRDName: clusterimagepolicies.config.openshift.io - Capability: "" - Category: "" - FeatureGates: - - SigstoreImageVerification - - SigstoreImageVerificationPKI - FilenameOperatorName: config-operator - FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_10" - GroupName: config.openshift.io - HasStatus: true - KindName: ClusterImagePolicy - Labels: {} - PluralName: clusterimagepolicies - PrinterColumns: [] - Scope: Cluster - ShortNames: null - TopLevelFeatureGates: - - SigstoreImageVerification - Version: v1alpha1 - clustermonitorings.config.openshift.io: Annotations: description: Cluster Monitoring Operators configuration API @@ -92,50 +68,49 @@ clustermonitorings.config.openshift.io: - ClusterMonitoringConfig Version: v1alpha1 -imagepolicies.config.openshift.io: +insightsdatagathers.config.openshift.io: Annotations: {} - ApprovedPRNumber: https://github.com/openshift/api/pull/1457 - CRDName: imagepolicies.config.openshift.io - Capability: "" + ApprovedPRNumber: https://github.com/openshift/api/pull/1245 + CRDName: insightsdatagathers.config.openshift.io + Capability: Insights Category: "" FeatureGates: - - SigstoreImageVerification - - SigstoreImageVerificationPKI + - InsightsConfig FilenameOperatorName: config-operator FilenameOperatorOrdering: "01" FilenameRunLevel: "0000_10" GroupName: config.openshift.io HasStatus: true - KindName: ImagePolicy + KindName: InsightsDataGather Labels: {} - PluralName: imagepolicies + PluralName: insightsdatagathers PrinterColumns: [] - Scope: Namespaced + Scope: Cluster ShortNames: null TopLevelFeatureGates: - - SigstoreImageVerification + - InsightsConfig Version: v1alpha1 -insightsdatagathers.config.openshift.io: +pkis.config.openshift.io: Annotations: {} - ApprovedPRNumber: https://github.com/openshift/api/pull/1245 - CRDName: insightsdatagathers.config.openshift.io - Capability: Insights + ApprovedPRNumber: https://github.com/openshift/api/pull/2645 + CRDName: pkis.config.openshift.io + Capability: "" Category: "" FeatureGates: - - InsightsConfig + - ConfigurablePKI FilenameOperatorName: config-operator FilenameOperatorOrdering: "01" FilenameRunLevel: "0000_10" GroupName: config.openshift.io - HasStatus: true - KindName: InsightsDataGather + HasStatus: false + KindName: PKI Labels: {} - PluralName: insightsdatagathers + PluralName: pkis PrinterColumns: [] Scope: Cluster ShortNames: null TopLevelFeatureGates: - - InsightsConfig + - ConfigurablePKI Version: v1alpha1 diff --git a/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.swagger_doc_generated.go index c060ce874..2194d79de 100644 --- a/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.swagger_doc_generated.go @@ -80,42 +80,19 @@ func (RetentionSizeConfig) SwaggerDoc() map[string]string { return map_RetentionSizeConfig } -var map_ClusterImagePolicy = map[string]string{ - "": "ClusterImagePolicy holds cluster-wide configuration for image signature verification\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.", - "metadata": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", - "spec": "spec contains the configuration for the cluster image policy.", - "status": "status contains the observed state of the resource.", +var map_AdditionalAlertmanagerConfig = map[string]string{ + "": "AdditionalAlertmanagerConfig represents configuration for additional Alertmanager instances. The `AdditionalAlertmanagerConfig` resource defines settings for how a component communicates with additional Alertmanager instances.", + "name": "name is a unique identifier for this Alertmanager configuration entry. The name must be a valid DNS subdomain (RFC 1123): lowercase alphanumeric characters, hyphens, or periods, and must start and end with an alphanumeric character. Minimum length is 1 character (empty string is invalid). Maximum length is 253 characters.", + "authorization": "authorization configures the authentication method for Alertmanager connections. Supports bearer token authentication. When omitted, no authentication is used.", + "pathPrefix": "pathPrefix defines an optional URL path prefix to prepend to the Alertmanager API endpoints. For example, if your Alertmanager is behind a reverse proxy at \"/alertmanager/\", set this to \"/alertmanager\" so requests go to \"/alertmanager/api/v1/alerts\" instead of \"/api/v1/alerts\". This is commonly needed when Alertmanager is deployed behind ingress controllers or load balancers. When no prefix is needed, omit this field; do not set it to \"/\" as that would produce paths with double slashes (e.g. \"//api/v1/alerts\"). Must start with \"/\", must not end with \"/\", and must not be exactly \"/\". Must not contain query strings (\"?\") or fragments (\"#\").", + "scheme": "scheme defines the URL scheme to use when communicating with Alertmanager instances. Possible values are `HTTP` or `HTTPS`. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default value is `HTTP`.", + "staticConfigs": "staticConfigs is a list of statically configured Alertmanager endpoints in the form of `:`. Each entry must be a valid hostname, IPv4 address, or IPv6 address (in brackets) followed by a colon and a valid port number (1-65535). Examples: \"alertmanager.example.com:9093\", \"192.168.1.100:9093\", \"[::1]:9093\" At least one endpoint must be specified (minimum 1, maximum 10 endpoints). Each entry must be unique and non-empty (empty string is invalid).", + "timeoutSeconds": "timeoutSeconds defines the timeout in seconds for requests to Alertmanager. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. Currently the default is 10 seconds. Minimum value is 1 second. Maximum value is 600 seconds (10 minutes).", + "tlsConfig": "tlsConfig defines the TLS settings to use for Alertmanager connections. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time.", } -func (ClusterImagePolicy) SwaggerDoc() map[string]string { - return map_ClusterImagePolicy -} - -var map_ClusterImagePolicyList = map[string]string{ - "": "ClusterImagePolicyList is a list of ClusterImagePolicy resources\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.", - "metadata": "metadata is the standard list's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", -} - -func (ClusterImagePolicyList) SwaggerDoc() map[string]string { - return map_ClusterImagePolicyList -} - -var map_ClusterImagePolicySpec = map[string]string{ - "": "CLusterImagePolicySpec is the specification of the ClusterImagePolicy custom resource.", - "scopes": "scopes defines the list of image identities assigned to a policy. Each item refers to a scope in a registry implementing the \"Docker Registry HTTP API V2\". Scopes matching individual images are named Docker references in the fully expanded form, either using a tag or digest. For example, docker.io/library/busybox:latest (not busybox:latest). More general scopes are prefixes of individual-image scopes, and specify a repository (by omitting the tag or digest), a repository namespace, or a registry host (by only specifying the host name and possibly a port number) or a wildcard expression starting with `*.`, for matching all subdomains (not including a port number). Wildcards are only supported for subdomain matching, and may not be used in the middle of the host, i.e. *.example.com is a valid case, but example*.*.com is not. If multiple scopes match a given image, only the policy requirements for the most specific scope apply. The policy requirements for more general scopes are ignored. In addition to setting a policy appropriate for your own deployed applications, make sure that a policy on the OpenShift image repositories quay.io/openshift-release-dev/ocp-release, quay.io/openshift-release-dev/ocp-v4.0-art-dev (or on a more general scope) allows deployment of the OpenShift images required for cluster operation. If a scope is configured in both the ClusterImagePolicy and the ImagePolicy, or if the scope in ImagePolicy is nested under one of the scopes from the ClusterImagePolicy, only the policy from the ClusterImagePolicy will be applied. For additional details about the format, please refer to the document explaining the docker transport field, which can be found at: https://github.com/containers/image/blob/main/docs/containers-policy.json.5.md#docker", - "policy": "policy contains configuration to allow scopes to be verified, and defines how images not matching the verification policy will be treated.", -} - -func (ClusterImagePolicySpec) SwaggerDoc() map[string]string { - return map_ClusterImagePolicySpec -} - -var map_ClusterImagePolicyStatus = map[string]string{ - "conditions": "conditions provide details on the status of this API Resource.", -} - -func (ClusterImagePolicyStatus) SwaggerDoc() map[string]string { - return map_ClusterImagePolicyStatus +func (AdditionalAlertmanagerConfig) SwaggerDoc() map[string]string { + return map_AdditionalAlertmanagerConfig } var map_AlertmanagerConfig = map[string]string{ @@ -129,14 +106,15 @@ func (AlertmanagerConfig) SwaggerDoc() map[string]string { } var map_AlertmanagerCustomConfig = map[string]string{ - "": "AlertmanagerCustomConfig represents the configuration for a custom Alertmanager deployment. alertmanagerCustomConfig provides configuration options for the default Alertmanager instance that runs in the `openshift-monitoring` namespace. Use this configuration to control whether the default Alertmanager is deployed, how it logs, and how its pods are scheduled.", - "logLevel": "logLevel defines the verbosity of logs emitted by Alertmanager. This field allows users to control the amount and severity of logs generated, which can be useful for debugging issues or reducing noise in production environments. Allowed values are Error, Warn, Info, and Debug. When set to Error, only errors will be logged. When set to Warn, both warnings and errors will be logged. When set to Info, general information, warnings, and errors will all be logged. When set to Debug, detailed debugging information will be logged. When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. The current default value is `Info`.", - "nodeSelector": "nodeSelector defines the nodes on which the Pods are scheduled nodeSelector is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. The current default value is `kubernetes.io/os: linux`.", - "resources": "resources defines the compute resource requests and limits for the Alertmanager container. This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. When not specified, defaults are used by the platform. Requests cannot exceed limits. This field is optional. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ This is a simplified API that maps to Kubernetes ResourceRequirements. The current default values are:\n resources:\n - name: cpu\n request: 4m\n limit: null\n - name: memory\n request: 40Mi\n limit: null\nMaximum length for this list is 10. Minimum length for this list is 1. Each resource name must be unique within this list.", - "secrets": "secrets defines a list of secrets that need to be mounted into the Alertmanager. The secrets must reside within the same namespace as the Alertmanager object. They will be added as volumes named secret- and mounted at /etc/alertmanager/secrets/ within the 'alertmanager' container of the Alertmanager Pods.\n\nThese secrets can be used to authenticate Alertmanager with endpoint receivers. For example, you can use secrets to: - Provide certificates for TLS authentication with receivers that require private CA certificates - Store credentials for Basic HTTP authentication with receivers that require password-based auth - Store any other authentication credentials needed by your alert receivers\n\nThis field is optional. Maximum length for this list is 10. Minimum length for this list is 1. Entries in this list must be unique.", - "tolerations": "tolerations defines tolerations for the pods. tolerations is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. Defaults are empty/unset. Maximum length for this list is 10. Minimum length for this list is 1.", - "topologySpreadConstraints": "topologySpreadConstraints defines rules for how Alertmanager Pods should be distributed across topology domains such as zones, nodes, or other user-defined labels. topologySpreadConstraints is optional. This helps improve high availability and resource efficiency by avoiding placing too many replicas in the same failure domain.\n\nWhen omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. This field maps directly to the `topologySpreadConstraints` field in the Pod spec. Default is empty list. Maximum length for this list is 10. Minimum length for this list is 1. Entries must have unique topologyKey and whenUnsatisfiable pairs.", - "volumeClaimTemplate": "volumeClaimTemplate Defines persistent storage for Alertmanager. Use this setting to configure the persistent volume claim, including storage class, volume size, and name. If omitted, the Pod uses ephemeral storage and alert data will not persist across restarts. This field is optional.", + "": "AlertmanagerCustomConfig represents the configuration for a custom Alertmanager deployment. alertmanagerCustomConfig provides configuration options for the default Alertmanager instance that runs in the `openshift-monitoring` namespace. Use this configuration to control whether user-defined namespaces are selected for AlertmanagerConfig lookups, how it logs, and how its pods are scheduled.", + "userAlertmanagerConfigSelection": "userAlertmanagerConfigSelection is an optional field that controls whether user-defined namespaces can be selected for AlertmanagerConfig lookups on the platform Alertmanager instance in the `openshift-monitoring` namespace. Valid values are Selectable and None. When set to Selectable, the platform Alertmanager discovers AlertmanagerConfig resources in user-defined namespaces. This is equivalent to `enableUserAlertmanagerConfig: true` in the cluster-monitoring-config ConfigMap. When set to None, user-defined namespaces are not selected for AlertmanagerConfig lookups on the platform Alertmanager. This is equivalent to `enableUserAlertmanagerConfig: false` in the cluster-monitoring-config ConfigMap. This setting only applies when the user-workload monitoring Alertmanager is not enabled. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default value is `None`.", + "logLevel": "logLevel defines the verbosity of logs emitted by Alertmanager. This field allows users to control the amount and severity of logs generated, which can be useful for debugging issues or reducing noise in production environments. Allowed values are Error, Warn, Info, and Debug. When set to Error, only errors will be logged. When set to Warn, both warnings and errors will be logged. When set to Info, general information, warnings, and errors will all be logged. When set to Debug, detailed debugging information will be logged. When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. The current default value is `Info`.", + "nodeSelector": "nodeSelector defines the nodes on which the Pods are scheduled nodeSelector is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. The current default value is `kubernetes.io/os: linux`.", + "resources": "resources defines the compute resource requests and limits for the Alertmanager container. This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. When not specified, defaults are used by the platform. Requests cannot exceed limits. This field is optional. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ This is a simplified API that maps to Kubernetes ResourceRequirements. The current default values are:\n resources:\n - name: cpu\n request: 4m\n limit: null\n - name: memory\n request: 40Mi\n limit: null\nMaximum length for this list is 5. Minimum length for this list is 1. Each resource name must be unique within this list.", + "secrets": "secrets defines a list of secrets that need to be mounted into the Alertmanager. The secrets must reside within the same namespace as the Alertmanager object. They will be added as volumes named secret- and mounted at /etc/alertmanager/secrets/ within the 'alertmanager' container of the Alertmanager Pods.\n\nThese secrets can be used to authenticate Alertmanager with endpoint receivers. For example, you can use secrets to: - Provide certificates for TLS authentication with receivers that require private CA certificates - Store credentials for Basic HTTP authentication with receivers that require password-based auth - Store any other authentication credentials needed by your alert receivers\n\nThis field is optional. Maximum length for this list is 10. Minimum length for this list is 1. Entries in this list must be unique.", + "tolerations": "tolerations defines tolerations for the pods. tolerations is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. Defaults are empty/unset. Maximum length for this list is 10. Minimum length for this list is 1.", + "topologySpreadConstraints": "topologySpreadConstraints defines rules for how Alertmanager Pods should be distributed across topology domains such as zones, nodes, or other user-defined labels. topologySpreadConstraints is optional. This helps improve high availability and resource efficiency by avoiding placing too many replicas in the same failure domain.\n\nWhen omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. This field maps directly to the `topologySpreadConstraints` field in the Pod spec. Default is empty list. Maximum length for this list is 10. Minimum length for this list is 1. Entries must have unique topologyKey and whenUnsatisfiable pairs.", + "volumeClaimTemplate": "volumeClaimTemplate defines persistent storage for Alertmanager. Use this setting to configure the persistent volume claim, including storage class and volume size. If omitted, the Pod uses ephemeral storage and alert data will not persist across restarts.", } func (AlertmanagerCustomConfig) SwaggerDoc() map[string]string { @@ -152,6 +130,26 @@ func (Audit) SwaggerDoc() map[string]string { return map_Audit } +var map_AuthorizationConfig = map[string]string{ + "": "AuthorizationConfig defines the authentication method for Alertmanager connections.", + "type": "type specifies the authentication type to use. Valid value is \"BearerToken\" (bearer token authentication). When set to BearerToken, the bearerToken field must be specified.", + "bearerToken": "bearerToken defines the secret reference containing the bearer token. Required when type is \"BearerToken\", and forbidden otherwise. The secret must exist in the openshift-monitoring namespace.", +} + +func (AuthorizationConfig) SwaggerDoc() map[string]string { + return map_AuthorizationConfig +} + +var map_BasicAuth = map[string]string{ + "": "BasicAuth defines basic authentication settings for the remote write endpoint URL.", + "username": "username defines the secret reference containing the username for basic authentication. The secret must exist in the openshift-monitoring namespace.", + "password": "password defines the secret reference containing the password for basic authentication. The secret must exist in the openshift-monitoring namespace.", +} + +func (BasicAuth) SwaggerDoc() map[string]string { + return map_BasicAuth +} + var map_ClusterMonitoring = map[string]string{ "": "ClusterMonitoring is the Custom Resource object which holds the current status of Cluster Monitoring Operator. CMO is a central component of the monitoring stack.\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. ClusterMonitoring is the Schema for the Cluster Monitoring Operators API", "metadata": "metadata is the standard object metadata.", @@ -177,8 +175,16 @@ var map_ClusterMonitoringSpec = map[string]string{ "": "ClusterMonitoringSpec defines the desired state of Cluster Monitoring Operator", "userDefined": "userDefined set the deployment mode for user-defined monitoring in addition to the default platform monitoring. userDefined is optional. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default value is `Disabled`.", "alertmanagerConfig": "alertmanagerConfig allows users to configure how the default Alertmanager instance should be deployed in the `openshift-monitoring` namespace. alertmanagerConfig is optional. When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. The current default value is `DefaultConfig`.", + "prometheusConfig": "prometheusConfig provides configuration options for the default platform Prometheus instance that runs in the `openshift-monitoring` namespace. This configuration applies only to the platform Prometheus instance; user-workload Prometheus instances are configured separately.\n\nThis field allows you to customize how the platform Prometheus is deployed and operated, including:\n - Pod scheduling (node selectors, tolerations, topology spread constraints)\n - Resource allocation (CPU, memory requests/limits)\n - Retention policies (how long metrics are stored)\n - External integrations (remote write, additional alertmanagers)\n\nThis field is optional. When omitted, the platform chooses reasonable defaults, which may change over time.", "metricsServerConfig": "metricsServerConfig is an optional field that can be used to configure the Kubernetes Metrics Server that runs in the openshift-monitoring namespace. Specifically, it can configure how the Metrics Server instance is deployed, pod scheduling, its audit policy and log verbosity. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time.", "prometheusOperatorConfig": "prometheusOperatorConfig is an optional field that can be used to configure the Prometheus Operator component. Specifically, it can configure how the Prometheus Operator instance is deployed, pod scheduling, and resource allocation. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time.", + "prometheusOperatorAdmissionWebhookConfig": "prometheusOperatorAdmissionWebhookConfig is an optional field that can be used to configure the admission webhook component of Prometheus Operator that runs in the openshift-monitoring namespace. The admission webhook validates PrometheusRule and AlertmanagerConfig objects to ensure they are semantically valid, mutates PrometheusRule annotations, and converts AlertmanagerConfig objects between API versions. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time.", + "openShiftStateMetricsConfig": "openShiftStateMetricsConfig is an optional field that can be used to configure the openshift-state-metrics agent that runs in the openshift-monitoring namespace. The openshift-state-metrics agent generates metrics about the state of OpenShift-specific Kubernetes objects, such as routes, builds, and deployments. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time.", + "telemeterClientConfig": "telemeterClientConfig is an optional field that can be used to configure the Telemeter Client component that runs in the openshift-monitoring namespace. The Telemeter Client collects selected monitoring metrics and forwards them to Red Hat for telemetry purposes. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. When set, at least one field must be specified within telemeterClientConfig.", + "thanosQuerierConfig": "thanosQuerierConfig is an optional field that can be used to configure the Thanos Querier component that runs in the openshift-monitoring namespace. The Thanos Querier provides a global query view by aggregating and deduplicating metrics from multiple Prometheus instances. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default deploys the Thanos Querier on linux nodes with 5m CPU and 12Mi memory requests, and no custom tolerations or topology spread constraints. When set, at least one field must be specified within thanosQuerierConfig.", + "nodeExporterConfig": "nodeExporterConfig is an optional field that can be used to configure the node-exporter agent that runs as a DaemonSet in the openshift-monitoring namespace. The node-exporter agent collects hardware and OS-level metrics from every node in the cluster. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time.", + "monitoringPluginConfig": "monitoringPluginConfig is an optional field that can be used to configure the monitoring plugin that runs as a dynamic plugin of the OpenShift web console. The monitoring plugin provides the monitoring UI in the OpenShift web console for visualizing metrics, alerts, and dashboards. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default deploys the monitoring-plugin as a single-replica Deployment on linux nodes with 10m CPU and 50Mi memory requests, and no custom tolerations or topology spread constraints. When set, at least one field must be specified within monitoringPluginConfig.", + "kubeStateMetricsConfig": "kubeStateMetricsConfig is an optional field that can be used to configure the kube-state-metrics agent that runs in the openshift-monitoring namespace. kube-state-metrics generates metrics about the state of Kubernetes objects such as Deployments, Nodes, and Pods. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time.", } func (ClusterMonitoringSpec) SwaggerDoc() map[string]string { @@ -196,7 +202,7 @@ func (ClusterMonitoringStatus) SwaggerDoc() map[string]string { var map_ContainerResource = map[string]string{ "": "ContainerResource defines a single resource requirement for a container.", "name": "name of the resource (e.g. \"cpu\", \"memory\", \"hugepages-2Mi\"). This field is required. name must consist only of alphanumeric characters, `-`, `_` and `.` and must start and end with an alphanumeric character.", - "request": "request is the minimum amount of the resource required (e.g. \"2Mi\", \"1Gi\"). This field is optional. When limit is specified, request cannot be greater than limit.", + "request": "request is the minimum amount of the resource required (e.g. \"2Mi\", \"1Gi\"). This field is optional. When limit is specified, request cannot be greater than limit. The value must be greater than 0 when specified.", "limit": "limit is the maximum amount of the resource allowed (e.g. \"2Mi\", \"1Gi\"). This field is optional. When request is specified, limit cannot be less than request. The value must be greater than 0 when specified.", } @@ -204,13 +210,111 @@ func (ContainerResource) SwaggerDoc() map[string]string { return map_ContainerResource } +var map_DropEqualActionConfig = map[string]string{ + "": "DropEqualActionConfig configures the DropEqual action. Drops targets for which the concatenated source_labels do match the value of target_label. Requires Prometheus >= v2.41.0.", + "targetLabel": "targetLabel is the label name whose value is compared to the concatenated source_labels; targets that match are dropped. Must be between 1 and 128 characters in length.", +} + +func (DropEqualActionConfig) SwaggerDoc() map[string]string { + return map_DropEqualActionConfig +} + +var map_HashModActionConfig = map[string]string{ + "": "HashModActionConfig configures the HashMod action. target_label is set to the modulus of a hash of the concatenated source_labels (target = hash % modulus).", + "targetLabel": "targetLabel is the label name where the hash modulus result is written. Must be between 1 and 128 characters in length.", + "modulus": "modulus is the divisor applied to the hash of the concatenated source label values (target = hash % modulus). Required when using the HashMod action so the intended behavior is explicit. Must be between 1 and 1000000.", +} + +func (HashModActionConfig) SwaggerDoc() map[string]string { + return map_HashModActionConfig +} + +var map_KeepEqualActionConfig = map[string]string{ + "": "KeepEqualActionConfig configures the KeepEqual action. Drops targets for which the concatenated source_labels do not match the value of target_label. Requires Prometheus >= v2.41.0.", + "targetLabel": "targetLabel is the label name whose value is compared to the concatenated source_labels; targets that do not match are dropped. Must be between 1 and 128 characters in length.", +} + +func (KeepEqualActionConfig) SwaggerDoc() map[string]string { + return map_KeepEqualActionConfig +} + +var map_KubeStateMetricsConfig = map[string]string{ + "": "KubeStateMetricsConfig provides configuration options for the kube-state-metrics agent that runs in the `openshift-monitoring` namespace. kube-state-metrics generates metrics about the state of Kubernetes objects such as Deployments, Nodes, and Pods.", + "nodeSelector": "nodeSelector defines the nodes on which the Pods are scheduled. nodeSelector is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. The current default value is `kubernetes.io/os: linux`. When specified, nodeSelector must contain at least 1 entry and must not contain more than 10 entries.", + "resources": "resources defines the compute resource requests and limits for the kube-state-metrics container. This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. When not specified, defaults are used by the platform. Requests cannot exceed limits. This field is optional. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ This is a simplified API that maps to Kubernetes ResourceRequirements. The current default values are:\n resources:\n - name: cpu\n request: 4m\n limit: null\n - name: memory\n request: 40Mi\n limit: null\nMaximum length for this list is 5. Minimum length for this list is 1. Each resource name must be unique within this list.", + "tolerations": "tolerations defines tolerations for the pods. tolerations is optional.\n\nWhen omitted, no tolerations are applied. This default is subject to change over time. When specified, tolerations must contain at least 1 entry and must not contain more than 10 entries. Each toleration's operator, when specified, must be either \"Exists\" or \"Equal\". Each toleration's effect, when specified, must be one of \"NoSchedule\", \"PreferNoSchedule\", or \"NoExecute\". An empty or unset effect means match all effects.", + "topologySpreadConstraints": "topologySpreadConstraints defines rules for how kube-state-metrics Pods should be distributed across topology domains such as zones, nodes, or other user-defined labels. topologySpreadConstraints is optional. This helps improve high availability and resource efficiency by avoiding placing too many replicas in the same failure domain.\n\nThis field maps directly to the `topologySpreadConstraints` field in the Pod spec. When omitted, no topology spread constraints are applied. This default is subject to change over time. When specified, topologySpreadConstraints must contain at least 1 entry and must not contain more than 10 entries. Entries must have unique topologyKey and whenUnsatisfiable pairs. Each entry's whenUnsatisfiable must be either \"DoNotSchedule\" or \"ScheduleAnyway\". Each entry's maxSkew must be at least 1. When minDomains is specified, it must be at least 1 and whenUnsatisfiable must be \"DoNotSchedule\".", + "additionalResourceLabels": "additionalResourceLabels defines additional Kubernetes resource labels to expose as metrics in kube-state-metrics. Currently, only \"Job\" and \"CronJob\" resources are supported due to cardinality concerns. Each entry specifies a resource name and a list of Kubernetes label names to expose. Use \"*\" in the labels list to expose all labels for a given resource. additionalResourceLabels is optional. When omitted, no additional Kubernetes object labels are exposed as metrics by kube-state-metrics beyond its built-in metric labels (e.g. namespace, job_name). Use this field to opt in to exposing specific Kubernetes labels as metric labels for the supported resource types. Minimum length for this list is 1. Maximum length for this list is 2. Each resource name must be unique within this list.", +} + +func (KubeStateMetricsConfig) SwaggerDoc() map[string]string { + return map_KubeStateMetricsConfig +} + +var map_KubeStateMetricsResourceLabels = map[string]string{ + "": "KubeStateMetricsResourceLabels defines which Kubernetes labels to expose as metrics for a given resource type in kube-state-metrics.", + "resource": "resource is the Kubernetes resource name whose labels should be exposed as metrics. Currently, only \"Job\" and \"CronJob\" are supported due to cardinality concerns. Valid values are \"Job\" and \"CronJob\". This field is required.", + "labels": "labels is the list of Kubernetes label names to expose as metrics for this resource. Use \"*\" to expose all labels for the specified resource. When \"*\" is specified, it must be the only entry in the list; mixing \"*\" with specific label names is not allowed. This field is required. Each label name must be unique within this list. Minimum length for this list is 1. Maximum length for this list is 50.", +} + +func (KubeStateMetricsResourceLabels) SwaggerDoc() map[string]string { + return map_KubeStateMetricsResourceLabels +} + +var map_Label = map[string]string{ + "": "Label represents a key/value pair for external labels.", + "key": "key is the name of the label. Prometheus supports UTF-8 label names, so any valid UTF-8 string is allowed. Must be between 1 and 128 characters in length.", + "value": "value is the value of the label. Must be between 1 and 128 characters in length.", +} + +func (Label) SwaggerDoc() map[string]string { + return map_Label +} + +var map_LabelMapActionConfig = map[string]string{ + "": "LabelMapActionConfig configures the LabelMap action. Regex is matched against all source label names (not just source_labels). Matching label values are copied to new label names given by replacement, with match group references (${1}, ${2}, ...) substituted.", + "replacement": "replacement is the template for new label names; match group references (${1}, ${2}, ...) are substituted from the matched label name. Required when using the LabelMap action so the intended behavior is explicit and the platform does not need to apply defaults. Use \"$1\" for the first capture group, \"$2\" for the second, etc. Must be between 1 and 255 characters in length. Empty string is invalid as it would produce invalid label names.", +} + +func (LabelMapActionConfig) SwaggerDoc() map[string]string { + return map_LabelMapActionConfig +} + +var map_LowercaseActionConfig = map[string]string{ + "": "LowercaseActionConfig configures the Lowercase action. Maps the concatenated source_labels to their lower case and writes to target_label. Requires Prometheus >= v2.36.0.", + "targetLabel": "targetLabel is the label name where the lower-cased value is written. Must be between 1 and 128 characters in length.", +} + +func (LowercaseActionConfig) SwaggerDoc() map[string]string { + return map_LowercaseActionConfig +} + +var map_MetadataConfig = map[string]string{ + "": "MetadataConfig defines whether and how to send series metadata to remote write storage.", + "sendPolicy": "sendPolicy specifies whether to send metadata and how it is configured. Default: send metadata using platform-chosen defaults (e.g. send interval 30 seconds). Custom: send metadata using the settings in the custom field.", + "custom": "custom defines custom metadata send settings. Required when sendPolicy is Custom (must have at least one property), and forbidden when sendPolicy is Default.", +} + +func (MetadataConfig) SwaggerDoc() map[string]string { + return map_MetadataConfig +} + +var map_MetadataConfigCustom = map[string]string{ + "": "MetadataConfigCustom defines custom settings for sending series metadata when sendPolicy is Custom. At least one property must be set when sendPolicy is Custom (e.g. sendIntervalSeconds).", + "sendIntervalSeconds": "sendIntervalSeconds is the interval in seconds at which metadata is sent. When omitted, the platform chooses a reasonable default (e.g. 30 seconds). Minimum value is 1 second. Maximum value is 86400 seconds (24 hours).", +} + +func (MetadataConfigCustom) SwaggerDoc() map[string]string { + return map_MetadataConfigCustom +} + var map_MetricsServerConfig = map[string]string{ "": "MetricsServerConfig provides configuration options for the Metrics Server instance that runs in the `openshift-monitoring` namespace. Use this configuration to control how the Metrics Server instance is deployed, how it logs, and how its pods are scheduled.", "audit": "audit defines the audit configuration used by the Metrics Server instance. audit is optional. When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. The current default sets audit.profile to Metadata", "nodeSelector": "nodeSelector defines the nodes on which the Pods are scheduled nodeSelector is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. The current default value is `kubernetes.io/os: linux`.", "tolerations": "tolerations defines tolerations for the pods. tolerations is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. Defaults are empty/unset. Maximum length for this list is 10. Minimum length for this list is 1.", "verbosity": "verbosity defines the verbosity of log messages for Metrics Server. Valid values are Errors, Info, Trace, TraceAll and omitted. When set to Errors, only critical messages and errors are logged. When set to Info, only basic information messages are logged. When set to Trace, information useful for general debugging is logged. When set to TraceAll, detailed information about metric scraping is logged. When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. The current default value is `Errors`", - "resources": "resources defines the compute resource requests and limits for the Metrics Server container. This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. When not specified, defaults are used by the platform. Requests cannot exceed limits. This field is optional. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ This is a simplified API that maps to Kubernetes ResourceRequirements. The current default values are:\n resources:\n - name: cpu\n request: 4m\n limit: null\n - name: memory\n request: 40Mi\n limit: null\nMaximum length for this list is 10. Minimum length for this list is 1. Each resource name must be unique within this list.", + "resources": "resources defines the compute resource requests and limits for the Metrics Server container. This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. When not specified, defaults are used by the platform. Requests cannot exceed limits. This field is optional. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ This is a simplified API that maps to Kubernetes ResourceRequirements. The current default values are:\n resources:\n - name: cpu\n request: 4m\n limit: null\n - name: memory\n request: 40Mi\n limit: null\nMaximum length for this list is 5. Minimum length for this list is 1. Each resource name must be unique within this list.", "topologySpreadConstraints": "topologySpreadConstraints defines rules for how Metrics Server Pods should be distributed across topology domains such as zones, nodes, or other user-defined labels. topologySpreadConstraints is optional. This helps improve high availability and resource efficiency by avoiding placing too many replicas in the same failure domain.\n\nWhen omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. This field maps directly to the `topologySpreadConstraints` field in the Pod spec. Default is empty list. Maximum length for this list is 10. Minimum length for this list is 1. Entries must have unique topologyKey and whenUnsatisfiable pairs.", } @@ -218,11 +322,239 @@ func (MetricsServerConfig) SwaggerDoc() map[string]string { return map_MetricsServerConfig } +var map_MonitoringPluginConfig = map[string]string{ + "": "MonitoringPluginConfig provides configuration options for the monitoring plugin that runs as a dynamic plugin of the OpenShift web console. The monitoring plugin provides the monitoring UI in the OpenShift web console for visualizing metrics, alerts, and dashboards. At least one field must be specified; an empty monitoringPluginConfig object is not allowed.", + "nodeSelector": "nodeSelector defines the nodes on which the Pods are scheduled. nodeSelector is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. The current default value is `kubernetes.io/os: linux`. When specified, nodeSelector must contain at least 1 entry and must not contain more than 10 entries.", + "resources": "resources defines the compute resource requests and limits for the monitoring-plugin container. This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. When not specified, defaults are used by the platform. Requests cannot exceed limits. This field is optional. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ This is a simplified API that maps to Kubernetes ResourceRequirements. The current default values are:\n resources:\n - name: cpu\n request: 10m\n - name: memory\n request: 50Mi\n\nWhen specified, resources must contain at least 1 entry and must not exceed 5 entries.", + "tolerations": "tolerations defines the tolerations required for the monitoring-plugin Pods. This field is optional.\n\nWhen omitted, the monitoring-plugin Pods will not have any tolerations, which means they will only be scheduled on nodes with no taints. When specified, tolerations must contain at least 1 entry and must not contain more than 10 entries.", + "topologySpreadConstraints": "topologySpreadConstraints defines rules for how monitoring-plugin Pods should be distributed across topology domains such as zones, nodes, or other user-defined labels. topologySpreadConstraints is optional. This helps improve high availability and resource efficiency by avoiding placing too many replicas in the same failure domain.\n\nWhen omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. This field maps directly to the `topologySpreadConstraints` field in the Pod spec. Default is empty list. When specified, this list must contain at least 1 entry and must not exceed 10 entries.", +} + +func (MonitoringPluginConfig) SwaggerDoc() map[string]string { + return map_MonitoringPluginConfig +} + +var map_NodeExporterCollectorBuddyInfoConfig = map[string]string{ + "": "NodeExporterCollectorBuddyInfoConfig provides configuration for the buddyinfo collector of the node-exporter agent. The buddyinfo collector collects statistics about memory fragmentation from the node_buddyinfo_blocks metric using data from /proc/buddyinfo. It is disabled by default.", + "collectionPolicy": "collectionPolicy declares whether the buddyinfo collector collects metrics. This field is required. Valid values are \"Collect\" and \"DoNotCollect\". When set to \"Collect\", the buddyinfo collector is active and memory fragmentation statistics are collected. When set to \"DoNotCollect\", the buddyinfo collector is inactive.", +} + +func (NodeExporterCollectorBuddyInfoConfig) SwaggerDoc() map[string]string { + return map_NodeExporterCollectorBuddyInfoConfig +} + +var map_NodeExporterCollectorConfig = map[string]string{ + "": "NodeExporterCollectorConfig defines settings for individual collectors of the node-exporter agent. Each collector can be individually set to collect or not collect metrics. At least one collector must be specified.", + "cpuFreq": "cpuFreq configures the cpufreq collector, which collects CPU frequency statistics. cpuFreq is optional. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default is disabled. Consider enabling when you need to observe CPU frequency scaling; expect higher CPU usage on many-core nodes when collectionPolicy is Collect.", + "tcpStat": "tcpStat configures the tcpstat collector, which collects TCP connection statistics. tcpStat is optional. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default is disabled. Enable when debugging TCP connection behavior or capacity at the node level.", + "ethtool": "ethtool configures the ethtool collector, which collects ethernet device statistics. ethtool is optional. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default is disabled. Enable when you need NIC driver-level ethtool metrics beyond generic netdev counters.", + "netDev": "netDev configures the netdev collector, which collects network device statistics. netDev is optional. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default is enabled. Turn off if you must reduce per-interface metric cardinality on hosts with many virtual interfaces.", + "netClass": "netClass configures the netclass collector, which collects information about network devices. netClass is optional. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default is enabled with netlink mode active. Use statsGatherer when sysfs vs netlink implementation matters or when matching node_exporter tuning.", + "buddyInfo": "buddyInfo configures the buddyinfo collector, which collects statistics about memory fragmentation from the node_buddyinfo_blocks metric. This metric collects data from /proc/buddyinfo. buddyInfo is optional. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default is disabled. Enable when investigating kernel memory fragmentation; typically for advanced troubleshooting only.", + "mountStats": "mountStats configures the mountstats collector, which collects statistics about NFS volume I/O activities. mountStats is optional. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default is disabled. Enabling this collector may produce metrics with high cardinality. If you enable this collector, closely monitor the prometheus-k8s deployment for excessive memory usage. Enable when you care about per-mount NFS client statistics.", + "ksmd": "ksmd configures the ksmd collector, which collects statistics from the kernel same-page merger daemon. ksmd is optional. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default is disabled. Enable on nodes where KSM is in use and you want visibility into merging activity.", + "processes": "processes configures the processes collector, which collects statistics from processes and threads running in the system. processes is optional. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default is disabled. Enable for process/thread-level insight; can be expensive on busy nodes.", + "systemd": "systemd configures the systemd collector, which collects statistics on the systemd daemon and its managed services. systemd is optional. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default is disabled. Enabling this collector with a long list of selected units may produce metrics with high cardinality. If you enable this collector, closely monitor the prometheus-k8s deployment for excessive memory usage. Enable when you need metrics for specific units; scope units carefully.", + "softirqs": "softirqs configures the softirqs collector, which exposes detailed softirq statistics from /proc/softirqs. softirqs is optional. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default is disabled. Enable when you need visibility into kernel softirq processing across CPUs.", +} + +func (NodeExporterCollectorConfig) SwaggerDoc() map[string]string { + return map_NodeExporterCollectorConfig +} + +var map_NodeExporterCollectorCpufreqConfig = map[string]string{ + "": "NodeExporterCollectorCpufreqConfig provides configuration for the cpufreq collector of the node-exporter agent. The cpufreq collector collects CPU frequency statistics. It is disabled by default.", + "collectionPolicy": "collectionPolicy declares whether the cpufreq collector collects metrics. This field is required. Valid values are \"Collect\" and \"DoNotCollect\". When set to \"Collect\", the cpufreq collector is active and CPU frequency statistics are collected. When set to \"DoNotCollect\", the cpufreq collector is inactive.", +} + +func (NodeExporterCollectorCpufreqConfig) SwaggerDoc() map[string]string { + return map_NodeExporterCollectorCpufreqConfig +} + +var map_NodeExporterCollectorEthtoolConfig = map[string]string{ + "": "NodeExporterCollectorEthtoolConfig provides configuration for the ethtool collector of the node-exporter agent. The ethtool collector collects ethernet device statistics. It is disabled by default.", + "collectionPolicy": "collectionPolicy declares whether the ethtool collector collects metrics. This field is required. Valid values are \"Collect\" and \"DoNotCollect\". When set to \"Collect\", the ethtool collector is active and ethernet device statistics are collected. When set to \"DoNotCollect\", the ethtool collector is inactive.", +} + +func (NodeExporterCollectorEthtoolConfig) SwaggerDoc() map[string]string { + return map_NodeExporterCollectorEthtoolConfig +} + +var map_NodeExporterCollectorKSMDConfig = map[string]string{ + "": "NodeExporterCollectorKSMDConfig provides configuration for the ksmd collector of the node-exporter agent. The ksmd collector collects statistics from the kernel same-page merger daemon. It is disabled by default.", + "collectionPolicy": "collectionPolicy declares whether the ksmd collector collects metrics. This field is required. Valid values are \"Collect\" and \"DoNotCollect\". When set to \"Collect\", the ksmd collector is active and kernel same-page merger statistics are collected. When set to \"DoNotCollect\", the ksmd collector is inactive.", +} + +func (NodeExporterCollectorKSMDConfig) SwaggerDoc() map[string]string { + return map_NodeExporterCollectorKSMDConfig +} + +var map_NodeExporterCollectorMountStatsConfig = map[string]string{ + "": "NodeExporterCollectorMountStatsConfig provides configuration for the mountstats collector of the node-exporter agent. The mountstats collector collects statistics about NFS volume I/O activities. It is disabled by default. Enabling this collector may produce metrics with high cardinality. If you enable this collector, closely monitor the prometheus-k8s deployment for excessive memory usage.", + "collectionPolicy": "collectionPolicy declares whether the mountstats collector collects metrics. This field is required. Valid values are \"Collect\" and \"DoNotCollect\". When set to \"Collect\", the mountstats collector is active and NFS volume I/O statistics are collected. When set to \"DoNotCollect\", the mountstats collector is inactive.", +} + +func (NodeExporterCollectorMountStatsConfig) SwaggerDoc() map[string]string { + return map_NodeExporterCollectorMountStatsConfig +} + +var map_NodeExporterCollectorNetClassCollectConfig = map[string]string{ + "": "NodeExporterCollectorNetClassCollectConfig holds configuration options for the netclass collector when it is actively collecting metrics. At least one field must be specified.", + "statsGatherer": "statsGatherer selects which implementation the netclass collector uses to gather statistics (sysfs or netlink). statsGatherer is optional. Valid values are \"Sysfs\" and \"Netlink\". When set to \"Netlink\", the netlink implementation is used; when set to \"Sysfs\", the sysfs implementation is used. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default is Netlink.", +} + +func (NodeExporterCollectorNetClassCollectConfig) SwaggerDoc() map[string]string { + return map_NodeExporterCollectorNetClassCollectConfig +} + +var map_NodeExporterCollectorNetClassConfig = map[string]string{ + "": "NodeExporterCollectorNetClassConfig provides configuration for the netclass collector of the node-exporter agent. The netclass collector collects information about network devices such as network speed, MTU, and carrier status. It is enabled by default. When collectionPolicy is DoNotCollect, the collect field must not be set.", + "collectionPolicy": "collectionPolicy declares whether the netclass collector collects metrics. This field is required. Valid values are \"Collect\" and \"DoNotCollect\". When set to \"Collect\", the netclass collector is active and network class information is collected. When set to \"DoNotCollect\", the netclass collector is inactive and the corresponding metrics become unavailable. When set to \"DoNotCollect\", the collect field must not be set.", + "collect": "collect contains configuration options that apply only when the netclass collector is actively collecting metrics (i.e. when collectionPolicy is Collect). collect is optional and may be omitted even when collectionPolicy is Collect. collect may only be set when collectionPolicy is Collect. When set, at least one field must be specified within collect.", +} + +func (NodeExporterCollectorNetClassConfig) SwaggerDoc() map[string]string { + return map_NodeExporterCollectorNetClassConfig +} + +var map_NodeExporterCollectorNetDevConfig = map[string]string{ + "": "NodeExporterCollectorNetDevConfig provides configuration for the netdev collector of the node-exporter agent. The netdev collector collects network device statistics such as bytes, packets, errors, and drops per device. It is enabled by default.", + "collectionPolicy": "collectionPolicy declares whether the netdev collector collects metrics. This field is required. Valid values are \"Collect\" and \"DoNotCollect\". When set to \"Collect\", the netdev collector is active and network device statistics are collected. When set to \"DoNotCollect\", the netdev collector is inactive and the corresponding metrics become unavailable.", +} + +func (NodeExporterCollectorNetDevConfig) SwaggerDoc() map[string]string { + return map_NodeExporterCollectorNetDevConfig +} + +var map_NodeExporterCollectorProcessesConfig = map[string]string{ + "": "NodeExporterCollectorProcessesConfig provides configuration for the processes collector of the node-exporter agent. The processes collector collects statistics from processes and threads running in the system. It is disabled by default.", + "collectionPolicy": "collectionPolicy declares whether the processes collector collects metrics. This field is required. Valid values are \"Collect\" and \"DoNotCollect\". When set to \"Collect\", the processes collector is active and process/thread statistics are collected. When set to \"DoNotCollect\", the processes collector is inactive.", +} + +func (NodeExporterCollectorProcessesConfig) SwaggerDoc() map[string]string { + return map_NodeExporterCollectorProcessesConfig +} + +var map_NodeExporterCollectorSoftirqsConfig = map[string]string{ + "": "NodeExporterCollectorSoftirqsConfig provides configuration for the softirqs collector of the node-exporter agent. The softirqs collector exposes detailed softirq statistics from /proc/softirqs. It is disabled by default.", + "collectionPolicy": "collectionPolicy declares whether the softirqs collector collects metrics. This field is required. Valid values are \"Collect\" and \"DoNotCollect\". When set to \"Collect\", the softirqs collector is active and softirq statistics are collected. When set to \"DoNotCollect\", the softirqs collector is inactive.", +} + +func (NodeExporterCollectorSoftirqsConfig) SwaggerDoc() map[string]string { + return map_NodeExporterCollectorSoftirqsConfig +} + +var map_NodeExporterCollectorSystemdCollectConfig = map[string]string{ + "": "NodeExporterCollectorSystemdCollectConfig holds configuration options for the systemd collector when it is actively collecting metrics. At least one field must be specified.", + "units": "units is a list of regular expression patterns that match systemd units to be included by the systemd collector. units is optional. By default, the list is empty, so the collector exposes no metrics for systemd units. Each entry is a regular expression pattern and must be at least 1 character and at most 1024 characters. Maximum length for this list is 50. Minimum length for this list is 1. Entries in this list must be unique.", +} + +func (NodeExporterCollectorSystemdCollectConfig) SwaggerDoc() map[string]string { + return map_NodeExporterCollectorSystemdCollectConfig +} + +var map_NodeExporterCollectorSystemdConfig = map[string]string{ + "": "NodeExporterCollectorSystemdConfig provides configuration for the systemd collector of the node-exporter agent. The systemd collector collects statistics on the systemd daemon and its managed services. It is disabled by default. Enabling this collector with a long list of selected units may produce metrics with high cardinality. If you enable this collector, closely monitor the prometheus-k8s deployment for excessive memory usage. When collectionPolicy is DoNotCollect, the collect field must not be set.", + "collectionPolicy": "collectionPolicy declares whether the systemd collector collects metrics. This field is required. Valid values are \"Collect\" and \"DoNotCollect\". When set to \"Collect\", the systemd collector is active and systemd unit statistics are collected. When set to \"DoNotCollect\", the systemd collector is inactive and the collect field must not be set.", + "collect": "collect contains configuration options that apply only when the systemd collector is actively collecting metrics (i.e. when collectionPolicy is Collect). collect is optional and may be omitted even when collectionPolicy is Collect. collect may only be set when collectionPolicy is Collect. When set, at least one field must be specified within collect.", +} + +func (NodeExporterCollectorSystemdConfig) SwaggerDoc() map[string]string { + return map_NodeExporterCollectorSystemdConfig +} + +var map_NodeExporterCollectorTcpStatConfig = map[string]string{ + "": "NodeExporterCollectorTcpStatConfig provides configuration for the tcpstat collector of the node-exporter agent. The tcpstat collector collects TCP connection statistics. It is disabled by default.", + "collectionPolicy": "collectionPolicy declares whether the tcpstat collector collects metrics. This field is required. Valid values are \"Collect\" and \"DoNotCollect\". When set to \"Collect\", the tcpstat collector is active and TCP connection statistics are collected. When set to \"DoNotCollect\", the tcpstat collector is inactive.", +} + +func (NodeExporterCollectorTcpStatConfig) SwaggerDoc() map[string]string { + return map_NodeExporterCollectorTcpStatConfig +} + +var map_NodeExporterConfig = map[string]string{ + "": "NodeExporterConfig provides configuration options for the node-exporter agent that runs as a DaemonSet in the `openshift-monitoring` namespace. The node-exporter agent collects hardware and OS-level metrics from every node in the cluster, including CPU, memory, disk, and network statistics. At least one field must be specified.", + "resources": "resources defines the compute resource requests and limits for the node-exporter container. This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. When not specified, defaults are used by the platform. Requests cannot exceed limits. This field is optional. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ This is a simplified API that maps to Kubernetes ResourceRequirements. The current default values are:\n resources:\n - name: cpu\n request: 8m\n limit: null\n - name: memory\n request: 32Mi\n limit: null", + "collectors": "collectors configures which node-exporter metric collectors are enabled. collectors is optional. Each collector can be individually enabled or disabled. Some collectors may have additional configuration options.\n\nWhen omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time.", + "maxProcs": "maxProcs sets the target number of CPUs on which the node-exporter process will run. maxProcs is optional. Use this setting to override the default value, which is set either to 4 or to the number of CPUs on the host, whichever is smaller. The default value is computed at runtime and set via the GOMAXPROCS environment variable before node-exporter is launched. If a kernel deadlock occurs or if performance degrades when reading from sysfs concurrently, you can change this value to 1, which limits node-exporter to running on one CPU. For nodes with a high CPU count, setting the limit to a low number saves resources by preventing Go routines from being scheduled to run on all CPUs. However, I/O performance degrades if the maxProcs value is set too low and there are many metrics to collect. The minimum value is 1 and the maximum value is 1024. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default is min(4, number of host CPUs).", + "ignoredNetworkDevices": "ignoredNetworkDevices is a list of regular expression patterns that match network devices to be excluded from the relevant collector configuration such as netdev, netclass, and ethtool. ignoredNetworkDevices is optional.\n\nWhen omitted, the Cluster Monitoring Operator uses a predefined list of devices to be excluded to minimize the impact on memory usage. When set as an empty list, no devices are excluded. If you modify this setting, monitor the prometheus-k8s deployment closely for excessive memory usage. Maximum length for this list is 50. Each entry must be at least 1 character and at most 1024 characters long.", +} + +func (NodeExporterConfig) SwaggerDoc() map[string]string { + return map_NodeExporterConfig +} + +var map_OAuth2 = map[string]string{ + "": "OAuth2 defines OAuth2 authentication settings for the remote write endpoint.", + "clientId": "clientId defines the secret reference containing the OAuth2 client ID. The secret must exist in the openshift-monitoring namespace.", + "clientSecret": "clientSecret defines the secret reference containing the OAuth2 client secret. The secret must exist in the openshift-monitoring namespace.", + "tokenUrl": "tokenUrl is the URL to fetch the token from. Must be a valid URL with http or https scheme. Must be between 1 and 2048 characters in length.", + "scopes": "scopes is a list of OAuth2 scopes to request. When omitted, no scopes are requested. Maximum of 20 scopes can be specified. Each scope must be between 1 and 256 characters.", + "endpointParams": "endpointParams defines additional parameters to append to the token URL. When omitted, no additional parameters are sent. Maximum of 20 parameters can be specified. Entries must have unique names (name is the list key).", +} + +func (OAuth2) SwaggerDoc() map[string]string { + return map_OAuth2 +} + +var map_OAuth2EndpointParam = map[string]string{ + "": "OAuth2EndpointParam defines a name/value parameter for the OAuth2 token URL.", + "name": "name is the parameter name. Must be between 1 and 256 characters.", + "value": "value is the optional parameter value. When omitted, the query parameter is applied as ?name (no value). When set (including to the empty string), it is applied as ?name=value. Empty string may be used when the external system expects a parameter with an empty value (e.g. ?parameter=\"\"). Must be between 0 and 2048 characters when present (aligned with common URL length recommendations).", +} + +func (OAuth2EndpointParam) SwaggerDoc() map[string]string { + return map_OAuth2EndpointParam +} + +var map_OpenShiftStateMetricsConfig = map[string]string{ + "": "OpenShiftStateMetricsConfig provides configuration options for the openshift-state-metrics agent that runs in the `openshift-monitoring` namespace. The openshift-state-metrics agent generates metrics about the state of OpenShift-specific Kubernetes objects, such as routes, builds, and deployments.", + "nodeSelector": "nodeSelector defines the nodes on which the Pods are scheduled. nodeSelector is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. The current default value is `kubernetes.io/os: linux`. When specified, nodeSelector must contain at least 1 entry and must not contain more than 10 entries.", + "resources": "resources defines the compute resource requests and limits for the openshift-state-metrics container. This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. When not specified, defaults are used by the platform. Requests cannot exceed limits. This field is optional. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ This is a simplified API that maps to Kubernetes ResourceRequirements. The current default values are:\n resources:\n - name: cpu\n request: 1m\n limit: null\n - name: memory\n request: 32Mi\n limit: null\nMaximum length for this list is 5. Minimum length for this list is 1. Each resource name must be unique within this list.", + "tolerations": "tolerations defines tolerations for the pods. tolerations is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. Defaults are empty/unset. Maximum length for this list is 10. Minimum length for this list is 1.", + "topologySpreadConstraints": "topologySpreadConstraints defines rules for how openshift-state-metrics Pods should be distributed across topology domains such as zones, nodes, or other user-defined labels. topologySpreadConstraints is optional. This helps improve high availability and resource efficiency by avoiding placing too many replicas in the same failure domain.\n\nWhen omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. This field maps directly to the `topologySpreadConstraints` field in the Pod spec. Default is empty list. Maximum length for this list is 10. Minimum length for this list is 1. Entries must have unique topologyKey and whenUnsatisfiable pairs.", +} + +func (OpenShiftStateMetricsConfig) SwaggerDoc() map[string]string { + return map_OpenShiftStateMetricsConfig +} + +var map_PrometheusConfig = map[string]string{ + "": "PrometheusConfig provides configuration options for the Prometheus instance. Use this configuration to control Prometheus deployment, pod scheduling, resource allocation, retention policies, and external integrations.", + "additionalAlertmanagerConfigs": "additionalAlertmanagerConfigs configures additional Alertmanager instances that receive alerts from the Prometheus component. This is useful for organizations that need to:\n - Send alerts to external monitoring systems (like PagerDuty, Slack, or custom webhooks)\n - Route different types of alerts to different teams or systems\n - Integrate with existing enterprise alerting infrastructure\n - Maintain separate alert routing for compliance or organizational requirements\nWhen omitted, no additional Alertmanager instances are configured (default behavior). When provided, at least one configuration must be specified (minimum 1, maximum 10 items). Entries must have unique names (name is the list key).", + "enforcedBodySizeLimitBytes": "enforcedBodySizeLimitBytes enforces a body size limit (in bytes) for Prometheus scraped metrics. If a scraped target's body response is larger than the limit, the scrape will fail. This helps protect Prometheus from targets that return excessively large responses. The value is specified in bytes (e.g., 4194304 for 4MB, 1073741824 for 1GB). When omitted, the Cluster Monitoring Operator automatically calculates an appropriate limit based on cluster capacity. Set an explicit value to override the automatic calculation. Minimum value is 10240 (10kB). Maximum value is 1073741824 (1GB).", + "externalLabels": "externalLabels defines labels to be attached to time series and alerts when communicating with external systems such as federation, remote storage, and Alertmanager. These labels are not stored with metrics on disk; they are only added when data leaves Prometheus (e.g., during federation queries, remote write, or alert notifications). At least 1 label must be specified when set, with a maximum of 50 labels allowed. Each label key must be unique within this list. When omitted, no external labels are applied.", + "logLevel": "logLevel defines the verbosity of logs emitted by Prometheus. This field allows users to control the amount and severity of logs generated, which can be useful for debugging issues or reducing noise in production environments. Allowed values are Error, Warn, Info, and Debug. When set to Error, only errors will be logged. When set to Warn, both warnings and errors will be logged. When set to Info, general information, warnings, and errors will all be logged. When set to Debug, detailed debugging information will be logged. When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. The current default value is `Info`.", + "nodeSelector": "nodeSelector defines the nodes on which the Pods are scheduled. nodeSelector is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. The current default value is `kubernetes.io/os: linux`. When specified, nodeSelector must contain at least one key-value pair (minimum of 1) and must not contain more than 10 entries.", + "queryLogFile": "queryLogFile specifies the file to which PromQL queries are logged. This setting can be either a filename, in which case the queries are saved to an `emptyDir` volume at `/var/log/prometheus`, or a full path to a location where an `emptyDir` volume will be mounted and the queries saved. Writing to `/dev/stderr`, `/dev/stdout` or `/dev/null` is supported, but writing to any other `/dev/` path is not supported. Relative paths are also not supported. By default, PromQL queries are not logged. Must be an absolute path starting with `/` or a simple filename without path separators. Must not contain consecutive slashes, end with a slash, or include '..' path traversal. Must contain only alphanumeric characters, '.', '_', '-', or '/'. Must be between 1 and 255 characters in length.", + "remoteWrite": "remoteWrite defines the remote write configuration, including URL, authentication, and relabeling settings. Remote write allows Prometheus to send metrics it collects to external long-term storage systems. When omitted, no remote write endpoints are configured. When provided, at least one configuration must be specified (minimum 1, maximum 10 items). Entries must have unique names (name is the list key).", + "resources": "resources defines the compute resource requests and limits for the Prometheus container. This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. When not specified, defaults are used by the platform. Requests cannot exceed limits. This field is optional. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ This is a simplified API that maps to Kubernetes ResourceRequirements. The current default values are:\n resources:\n - name: cpu\n request: 4m\n limit: null\n - name: memory\n request: 40Mi\n limit: null\nMaximum length for this list is 5. Minimum length for this list is 1. Each resource name must be unique within this list.", + "retention": "retention configures how long Prometheus retains metrics data and how much storage it can use. When omitted, the platform chooses reasonable defaults (currently 15d retention, no size limit).", + "tolerations": "tolerations defines tolerations for the pods. tolerations is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. Defaults are empty/unset. Maximum length for this list is 10 Minimum length for this list is 1", + "topologySpreadConstraints": "topologySpreadConstraints defines rules for how Prometheus Pods should be distributed across topology domains such as zones, nodes, or other user-defined labels. topologySpreadConstraints is optional. This helps improve high availability and resource efficiency by avoiding placing too many replicas in the same failure domain.\n\nWhen omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. This field maps directly to the `topologySpreadConstraints` field in the Pod spec. Default is empty list. Maximum length for this list is 10. Minimum length for this list is 1 Entries must have unique topologyKey and whenUnsatisfiable pairs.", + "collectionProfile": "collectionProfile defines the metrics collection profile that Prometheus uses to collect metrics from the platform components. Supported values are `Full` or `Minimal`. In the `Full` profile (default), Prometheus collects all metrics that are exposed by the platform components. In the `Minimal` profile, Prometheus only collects metrics necessary for the default platform alerts, recording rules, telemetry and console dashboards. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The default value is `Full`.", + "volumeClaimTemplate": "volumeClaimTemplate defines persistent storage for Prometheus. Use this setting to configure the persistent volume claim, including storage class and volume size. If omitted, the Pod uses ephemeral storage and Prometheus data will not persist across restarts.", +} + +func (PrometheusConfig) SwaggerDoc() map[string]string { + return map_PrometheusConfig +} + +var map_PrometheusOperatorAdmissionWebhookConfig = map[string]string{ + "": "PrometheusOperatorAdmissionWebhookConfig provides configuration options for the admission webhook component of Prometheus Operator that runs in the `openshift-monitoring` namespace. The admission webhook validates PrometheusRule and AlertmanagerConfig objects, mutates PrometheusRule annotations, and converts AlertmanagerConfig objects between API versions.", + "resources": "resources defines the compute resource requests and limits for the prometheus-operator-admission-webhook container. This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. When not specified, defaults are used by the platform. Requests cannot exceed limits. This field is optional. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ This is a simplified API that maps to Kubernetes ResourceRequirements. The current default values are:\n resources:\n - name: cpu\n request: 5m\n limit: null\n - name: memory\n request: 30Mi\n limit: null\nMaximum length for this list is 5. Minimum length for this list is 1. Each resource name must be unique within this list.", + "topologySpreadConstraints": "topologySpreadConstraints defines rules for how admission webhook Pods should be distributed across topology domains such as zones, nodes, or other user-defined labels. topologySpreadConstraints is optional. This helps improve high availability and resource efficiency by avoiding placing too many replicas in the same failure domain.\n\nWhen omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. This field maps directly to the `topologySpreadConstraints` field in the Pod spec. Default is empty list. Maximum length for this list is 10. Minimum length for this list is 1. Entries must have unique topologyKey and whenUnsatisfiable pairs.", +} + +func (PrometheusOperatorAdmissionWebhookConfig) SwaggerDoc() map[string]string { + return map_PrometheusOperatorAdmissionWebhookConfig +} + var map_PrometheusOperatorConfig = map[string]string{ "": "PrometheusOperatorConfig provides configuration options for the Prometheus Operator instance Use this configuration to control how the Prometheus Operator instance is deployed, how it logs, and how its pods are scheduled.", "logLevel": "logLevel defines the verbosity of logs emitted by Prometheus Operator. This field allows users to control the amount and severity of logs generated, which can be useful for debugging issues or reducing noise in production environments. Allowed values are Error, Warn, Info, and Debug. When set to Error, only errors will be logged. When set to Warn, both warnings and errors will be logged. When set to Info, general information, warnings, and errors will all be logged. When set to Debug, detailed debugging information will be logged. When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. The current default value is `Info`.", "nodeSelector": "nodeSelector defines the nodes on which the Pods are scheduled nodeSelector is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. The current default value is `kubernetes.io/os: linux`. When specified, nodeSelector must contain at least 1 entry and must not contain more than 10 entries.", - "resources": "resources defines the compute resource requests and limits for the Prometheus Operator container. This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. When not specified, defaults are used by the platform. Requests cannot exceed limits. This field is optional. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ This is a simplified API that maps to Kubernetes ResourceRequirements. The current default values are:\n resources:\n - name: cpu\n request: 4m\n limit: null\n - name: memory\n request: 40Mi\n limit: null\nMaximum length for this list is 10. Minimum length for this list is 1. Each resource name must be unique within this list.", + "resources": "resources defines the compute resource requests and limits for the Prometheus Operator container. This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. When not specified, defaults are used by the platform. Requests cannot exceed limits. This field is optional. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ This is a simplified API that maps to Kubernetes ResourceRequirements. The current default values are:\n resources:\n - name: cpu\n request: 4m\n limit: null\n - name: memory\n request: 40Mi\n limit: null\nMaximum length for this list is 5. Minimum length for this list is 1. Each resource name must be unique within this list.", "tolerations": "tolerations defines tolerations for the pods. tolerations is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. Defaults are empty/unset. Maximum length for this list is 10. Minimum length for this list is 1.", "topologySpreadConstraints": "topologySpreadConstraints defines rules for how Prometheus Operator Pods should be distributed across topology domains such as zones, nodes, or other user-defined labels. topologySpreadConstraints is optional. This helps improve high availability and resource efficiency by avoiding placing too many replicas in the same failure domain.\n\nWhen omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. This field maps directly to the `topologySpreadConstraints` field in the Pod spec. Default is empty list. Maximum length for this list is 10. Minimum length for this list is 1. Entries must have unique topologyKey and whenUnsatisfiable pairs.", } @@ -231,191 +563,240 @@ func (PrometheusOperatorConfig) SwaggerDoc() map[string]string { return map_PrometheusOperatorConfig } -var map_UserDefinedMonitoring = map[string]string{ - "": "UserDefinedMonitoring config for user-defined projects.", - "mode": "mode defines the different configurations of UserDefinedMonitoring Valid values are Disabled and NamespaceIsolated Disabled disables monitoring for user-defined projects. This restricts the default monitoring stack, installed in the openshift-monitoring project, to monitor only platform namespaces, which prevents any custom monitoring configurations or resources from being applied to user-defined namespaces. NamespaceIsolated enables monitoring for user-defined projects with namespace-scoped tenancy. This ensures that metrics, alerts, and monitoring data are isolated at the namespace level. The current default value is `Disabled`.", +var map_PrometheusRemoteWriteHeader = map[string]string{ + "": "PrometheusRemoteWriteHeader defines a custom HTTP header for remote write requests. The header name must not be one of the reserved headers set by Prometheus (Host, Authorization, Content-Encoding, Content-Type, X-Prometheus-Remote-Write-Version, User-Agent, Connection, Keep-Alive, Proxy-Authenticate, Proxy-Authorization, WWW-Authenticate). Header names must contain only case-insensitive alphanumeric characters, hyphens (-), and underscores (_); other characters (e.g. emoji) are rejected by validation. Validation is enforced on the Headers field in RemoteWriteSpec.", + "name": "name is the HTTP header name. Must not be a reserved header (see type documentation). Must contain only alphanumeric characters, hyphens, and underscores; invalid characters are rejected. Must be between 1 and 256 characters.", + "value": "value is the HTTP header value. Must be at most 4096 characters.", } -func (UserDefinedMonitoring) SwaggerDoc() map[string]string { - return map_UserDefinedMonitoring +func (PrometheusRemoteWriteHeader) SwaggerDoc() map[string]string { + return map_PrometheusRemoteWriteHeader } -var map_CRIOCredentialProviderConfig = map[string]string{ - "": "CRIOCredentialProviderConfig holds cluster-wide singleton resource configurations for CRI-O credential provider, the name of this instance is \"cluster\". CRI-O credential provider is a binary shipped with CRI-O that provides a way to obtain container image pull credentials from external sources. For example, it can be used to fetch mirror registry credentials from secrets resources in the cluster within the same namespace the pod will be running in. CRIOCredentialProviderConfig configuration specifies the pod image sources registries that should trigger the CRI-O credential provider execution, which will resolve the CRI-O mirror configurations and obtain the necessary credentials for pod creation. Note: Configuration changes will only take effect after the kubelet restarts, which is automatically managed by the cluster during rollout.\n\nThe resource is a singleton named \"cluster\".\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.", - "metadata": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", - "spec": "spec defines the desired configuration of the CRI-O Credential Provider. This field is required and must be provided when creating the resource.", - "status": "status represents the current state of the CRIOCredentialProviderConfig. When omitted or nil, it indicates that the status has not yet been set by the controller. The controller will populate this field with validation conditions and operational state.", +var map_QueueConfig = map[string]string{ + "": "QueueConfig allows tuning configuration for remote write queue parameters. Configure this when you need to control throughput, backpressure, or retry behavior—for example to avoid overloading the remote endpoint, to reduce memory usage, or to tune for high-cardinality workloads. Consider capacity, maxShards, and batchSendDeadlineSeconds for throughput; minBackoffMilliseconds and maxBackoffMilliseconds for retries; and rateLimitedAction when the remote returns HTTP 429.", + "capacity": "capacity is the number of samples to buffer per shard before we start dropping them. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The default value is 10000. Minimum value is 1. Maximum value is 1000000.", + "maxShards": "maxShards is the maximum number of shards, i.e. amount of concurrency. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The default value is 200. Minimum value is 1. Maximum value is 10000.", + "minShards": "minShards is the minimum number of shards, i.e. amount of concurrency. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The default value is 1. Minimum value is 1. Maximum value is 10000.", + "maxSamplesPerSend": "maxSamplesPerSend is the maximum number of samples per send. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The default value is 1000. Minimum value is 1. Maximum value is 100000.", + "batchSendDeadlineSeconds": "batchSendDeadlineSeconds is the maximum time in seconds a sample will wait in buffer before being sent. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. Minimum value is 1 second. Maximum value is 3600 seconds (1 hour).", + "minBackoffMilliseconds": "minBackoffMilliseconds is the minimum retry delay in milliseconds. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. Minimum value is 1 millisecond. Maximum value is 3600000 milliseconds (1 hour).", + "maxBackoffMilliseconds": "maxBackoffMilliseconds is the maximum retry delay in milliseconds. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. Minimum value is 1 millisecond. Maximum value is 3600000 milliseconds (1 hour).", + "rateLimitedAction": "rateLimitedAction controls what to do when the remote write endpoint returns HTTP 429 (Too Many Requests). When omitted, no retries are performed on rate limit responses. When set to \"Retry\", Prometheus will retry such requests using the backoff settings above. Valid value when set is \"Retry\".", } -func (CRIOCredentialProviderConfig) SwaggerDoc() map[string]string { - return map_CRIOCredentialProviderConfig +func (QueueConfig) SwaggerDoc() map[string]string { + return map_QueueConfig } -var map_CRIOCredentialProviderConfigList = map[string]string{ - "": "CRIOCredentialProviderConfigList contains a list of CRIOCredentialProviderConfig resources\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.", - "metadata": "metadata is the standard list's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", +var map_RelabelActionConfig = map[string]string{ + "": "RelabelActionConfig represents the action to perform and its configuration. Exactly one action-specific configuration must be specified based on the action type.", + "type": "type specifies the action to perform on the matched labels. Allowed values are Replace, Lowercase, Uppercase, Keep, Drop, KeepEqual, DropEqual, HashMod, LabelMap, LabelDrop, LabelKeep.\n\nWhen set to Replace, regex is matched against the concatenated source_labels; target_label is set to replacement with match group references (${1}, ${2}, ...) substituted. If regex does not match, no replacement takes place.\n\nWhen set to Lowercase, the concatenated source_labels are mapped to their lower case. Requires Prometheus >= v2.36.0.\n\nWhen set to Uppercase, the concatenated source_labels are mapped to their upper case. Requires Prometheus >= v2.36.0.\n\nWhen set to Keep, targets for which regex does not match the concatenated source_labels are dropped.\n\nWhen set to Drop, targets for which regex matches the concatenated source_labels are dropped.\n\nWhen set to KeepEqual, targets for which the concatenated source_labels do not match target_label are dropped. Requires Prometheus >= v2.41.0.\n\nWhen set to DropEqual, targets for which the concatenated source_labels do match target_label are dropped. Requires Prometheus >= v2.41.0.\n\nWhen set to HashMod, target_label is set to the modulus of a hash of the concatenated source_labels.\n\nWhen set to LabelMap, regex is matched against all source label names (not just source_labels); matching label values are copied to new names given by replacement with ${1}, ${2}, ... substituted.\n\nWhen set to LabelDrop, regex is matched against all label names; any label that matches is removed.\n\nWhen set to LabelKeep, regex is matched against all label names; any label that does not match is removed.", + "replace": "replace configures the Replace action. Required when type is Replace, and forbidden otherwise.", + "hashMod": "hashMod configures the HashMod action. Required when type is HashMod, and forbidden otherwise.", + "labelMap": "labelMap configures the LabelMap action. Required when type is LabelMap, and forbidden otherwise.", + "lowercase": "lowercase configures the Lowercase action. Required when type is Lowercase, and forbidden otherwise. Requires Prometheus >= v2.36.0.", + "uppercase": "uppercase configures the Uppercase action. Required when type is Uppercase, and forbidden otherwise. Requires Prometheus >= v2.36.0.", + "keepEqual": "keepEqual configures the KeepEqual action. Required when type is KeepEqual, and forbidden otherwise. Requires Prometheus >= v2.41.0.", + "dropEqual": "dropEqual configures the DropEqual action. Required when type is DropEqual, and forbidden otherwise. Requires Prometheus >= v2.41.0.", } -func (CRIOCredentialProviderConfigList) SwaggerDoc() map[string]string { - return map_CRIOCredentialProviderConfigList +func (RelabelActionConfig) SwaggerDoc() map[string]string { + return map_RelabelActionConfig } -var map_CRIOCredentialProviderConfigSpec = map[string]string{ - "": "CRIOCredentialProviderConfigSpec defines the desired configuration of the CRI-O Credential Provider.", - "matchImages": "matchImages is a list of string patterns used to determine whether the CRI-O credential provider should be invoked for a given image. This list is passed to the kubelet CredentialProviderConfig, and if any pattern matches the requested image, CRI-O credential provider will be invoked to obtain credentials for pulling that image or its mirrors. Depending on the platform, the CRI-O credential provider may be installed alongside an existing platform specific provider. Conflicts between the existing platform specific provider image match configuration and this list will be handled by the following precedence rule: credentials from built-in kubelet providers (e.g., ECR, GCR, ACR) take precedence over those from the CRIOCredentialProviderConfig when both match the same image. To avoid uncertainty, it is recommended to avoid configuring your private image patterns to overlap with existing platform specific provider config(e.g., the entries from https://github.com/openshift/machine-config-operator/blob/main/templates/common/aws/files/etc-kubernetes-credential-providers-ecr-credential-provider.yaml). You can check the resource's Status conditions to see if any entries were ignored due to exact matches with known built-in provider patterns.\n\nThis field is optional, the items of the list must contain between 1 and 50 entries. The list is treated as a set, so duplicate entries are not allowed.\n\nFor more details, see: https://kubernetes.io/docs/tasks/administer-cluster/kubelet-credential-provider/ https://github.com/cri-o/crio-credential-provider#architecture\n\nEach entry in matchImages is a pattern which can optionally contain a port and a path. Each entry must be no longer than 512 characters. Wildcards ('*') are supported for full subdomain labels, such as '*.k8s.io' or 'k8s.*.io', and for top-level domains, such as 'k8s.*' (which matches 'k8s.io' or 'k8s.net'). A global wildcard '*' (matching any domain) is not allowed. Wildcards may replace an entire hostname label (e.g., *.example.com), but they cannot appear within a label (e.g., f*oo.example.com) and are not allowed in the port or path. For example, 'example.*.com' is valid, but 'exa*mple.*.com' is not. Each wildcard matches only a single domain label, so '*.io' does **not** match '*.k8s.io'.\n\nA match exists between an image and a matchImage when all of the below are true: Both contain the same number of domain parts and each part matches. The URL path of an matchImages must be a prefix of the target image URL path. If the matchImages contains a port, then the port must match in the image as well.\n\nExample values of matchImages: - 123456789.dkr.ecr.us-east-1.amazonaws.com - *.azurecr.io - gcr.io - *.*.registry.io - registry.io:8080/path", +var map_RelabelConfig = map[string]string{ + "": "RelabelConfig represents a relabeling rule.", + "name": "name is a unique identifier for this relabel configuration. Must contain only alphanumeric characters, hyphens, and underscores. Must be between 1 and 63 characters in length.", + "sourceLabels": "sourceLabels specifies which label names to extract from each series for this relabeling rule. The values of these labels are joined together using the configured separator, and the resulting string is then matched against the regular expression. If a referenced label does not exist on a series, Prometheus substitutes an empty string. When omitted, the rule operates without extracting source labels (useful for actions like labelmap). Minimum of 1 and maximum of 10 source labels can be specified, each between 1 and 128 characters. Each entry must be unique. Label names beginning with \"__\" (two underscores) are reserved for internal Prometheus use and are not allowed. Label names SHOULD start with a letter (a-z, A-Z) or underscore (_), followed by zero or more letters, digits (0-9), or underscores for best compatibility. While Prometheus supports UTF-8 characters in label names (since v3.0.0), using the recommended character set ensures better compatibility with the wider ecosystem (tooling, third-party instrumentation, etc.).", + "separator": "separator is the character sequence used to join source label values. Common examples: \";\", \",\", \"::\", \"|||\". When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The default value is \";\". Must be between 1 and 5 characters in length when specified.", + "regex": "regex is the regular expression to match against the concatenated source label values. Must be a valid RE2 regular expression (https://github.com/google/re2/wiki/Syntax). When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The default value is \"(.*)\" to match everything. Must be between 1 and 1000 characters in length when specified.", + "action": "action defines the action to perform on the matched labels and its configuration. Exactly one action-specific configuration must be specified based on the action type.", } -func (CRIOCredentialProviderConfigSpec) SwaggerDoc() map[string]string { - return map_CRIOCredentialProviderConfigSpec +func (RelabelConfig) SwaggerDoc() map[string]string { + return map_RelabelConfig } -var map_CRIOCredentialProviderConfigStatus = map[string]string{ - "": "CRIOCredentialProviderConfigStatus defines the observed state of CRIOCredentialProviderConfig", - "conditions": "conditions represent the latest available observations of the configuration state. When omitted, it indicates that no conditions have been reported yet. The maximum number of conditions is 16. Conditions are stored as a map keyed by condition type, ensuring uniqueness.\n\nExpected condition types include: \"Validated\": indicates whether the matchImages configuration is valid", +var map_RemoteWriteAuthorization = map[string]string{ + "": "RemoteWriteAuthorization defines the authorization method for a remote write endpoint. Exactly one of the nested configs must be set according to the type discriminator.", + "type": "type specifies the authorization method to use. Allowed values are BearerToken, BasicAuth, OAuth2, SigV4, SafeAuthorization, ServiceAccount.\n\nWhen set to BearerToken, the bearer token is read from a Secret referenced by the bearerToken field.\n\nWhen set to BasicAuth, HTTP basic authentication is used; the basicAuth field (username and password from Secrets) must be set.\n\nWhen set to OAuth2, OAuth2 client credentials flow is used; the oauth2 field (clientId, clientSecret, tokenUrl) must be set.\n\nWhen set to SigV4, AWS Signature Version 4 is used for authentication; the sigv4 field must be set.\n\nWhen set to SafeAuthorization, credentials are read from a single Secret key (Prometheus SafeAuthorization pattern). The secret key typically contains a Bearer token. Use the safeAuthorization field.\n\nWhen set to ServiceAccount, the pod's service account token is used for machine identity. No additional field is required; the operator configures the token path.", + "safeAuthorization": "safeAuthorization defines the secret reference containing the credentials for authentication (e.g. Bearer token). Required when type is \"SafeAuthorization\", and forbidden otherwise. Maps to Prometheus SafeAuthorization. The secret must exist in the openshift-monitoring namespace.", + "bearerToken": "bearerToken defines the secret reference containing the bearer token. Required when type is \"BearerToken\", and forbidden otherwise.", + "basicAuth": "basicAuth defines HTTP basic authentication credentials. Required when type is \"BasicAuth\", and forbidden otherwise.", + "oauth2": "oauth2 defines OAuth2 client credentials authentication. Required when type is \"OAuth2\", and forbidden otherwise.", + "sigv4": "sigv4 defines AWS Signature Version 4 authentication. Required when type is \"SigV4\", and forbidden otherwise.", } -func (CRIOCredentialProviderConfigStatus) SwaggerDoc() map[string]string { - return map_CRIOCredentialProviderConfigStatus +func (RemoteWriteAuthorization) SwaggerDoc() map[string]string { + return map_RemoteWriteAuthorization } -var map_ImagePolicy = map[string]string{ - "": "ImagePolicy holds namespace-wide configuration for image signature verification\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.", - "metadata": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", - "spec": "spec holds user settable values for configuration", - "status": "status contains the observed state of the resource.", +var map_RemoteWriteSpec = map[string]string{ + "": "RemoteWriteSpec represents configuration for remote write endpoints.", + "url": "url is the URL of the remote write endpoint. Must be a valid URL with http or https scheme and a non-empty hostname. Query parameters, fragments, and user information (e.g. user:password@host) are not allowed. Empty string is invalid. Must be between 1 and 2048 characters in length.", + "name": "name is a required identifier for this remote write configuration (name is the list key for the remoteWrite list). This name is used in metrics and logging to differentiate remote write queues. Must contain only alphanumeric characters, hyphens, and underscores. Must be between 1 and 63 characters in length.", + "authorization": "authorization defines the authorization method for the remote write endpoint. When omitted, no authorization is performed. When set, type must be one of BearerToken, BasicAuth, OAuth2, SigV4, SafeAuthorization, or ServiceAccount; the corresponding nested config must be set (ServiceAccount has no config).", + "headers": "headers specifies the custom HTTP headers to be sent along with each remote write request. Sending custom headers makes the configuration of a proxy in between optional and helps the receiver recognize the given source better. Clients MAY allow users to send custom HTTP headers; they MUST NOT allow users to configure them in such a way as to send reserved headers. Headers set by Prometheus cannot be overwritten. When omitted, no custom headers are sent. Maximum of 50 headers can be specified. Each header name must be unique. Each header name must contain only alphanumeric characters, hyphens, and underscores, and must not be a reserved Prometheus header (Host, Authorization, Content-Encoding, Content-Type, X-Prometheus-Remote-Write-Version, User-Agent, Connection, Keep-Alive, Proxy-Authenticate, Proxy-Authorization, WWW-Authenticate).", + "metadataConfig": "metadataConfig configures the sending of series metadata to remote storage. When omitted, no metadata is sent. When set to sendPolicy: Default, metadata is sent using platform-chosen defaults (e.g. send interval 30 seconds). When set to sendPolicy: Custom, metadata is sent using the settings in the custom field (e.g. custom.sendIntervalSeconds).", + "proxyUrl": "proxyUrl defines an optional proxy URL. If the cluster-wide proxy is enabled, it replaces the proxyUrl setting. The cluster-wide proxy supports both HTTP and HTTPS proxies, with HTTPS taking precedence. When omitted, no proxy is used. Must be a valid URL with http or https scheme. Must be between 1 and 2048 characters in length.", + "queueConfig": "queueConfig allows tuning configuration for remote write queue parameters. When omitted, default queue configuration is used.", + "remoteTimeoutSeconds": "remoteTimeoutSeconds defines the timeout in seconds for requests to the remote write endpoint. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. Minimum value is 1 second. Maximum value is 600 seconds (10 minutes).", + "exemplarsMode": "exemplarsMode controls whether exemplars are sent via remote write. Valid values are \"Send\", \"DoNotSend\" and omitted. When set to \"Send\", Prometheus is configured to store a maximum of 100,000 exemplars in memory and send them with remote write. Note that this setting only applies to user-defined monitoring. It is not applicable to default in-cluster monitoring. When omitted or set to \"DoNotSend\", exemplars are not sent.", + "tlsConfig": "tlsConfig defines TLS authentication settings for the remote write endpoint. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time.", + "writeRelabelConfigs": "writeRelabelConfigs is a list of relabeling rules to apply before sending data to the remote endpoint. When omitted, no relabeling is performed and all metrics are sent as-is. Minimum of 1 and maximum of 10 relabeling rules can be specified. Each rule must have a unique name.", } -func (ImagePolicy) SwaggerDoc() map[string]string { - return map_ImagePolicy +func (RemoteWriteSpec) SwaggerDoc() map[string]string { + return map_RemoteWriteSpec } -var map_ImagePolicyFulcioCAWithRekorRootOfTrust = map[string]string{ - "": "ImagePolicyFulcioCAWithRekorRootOfTrust defines the root of trust based on the Fulcio certificate and the Rekor public key.", - "fulcioCAData": "fulcioCAData contains inline base64-encoded data for the PEM format fulcio CA. fulcioCAData must be at most 8192 characters.", - "rekorKeyData": "rekorKeyData contains inline base64-encoded data for the PEM format from the Rekor public key. rekorKeyData must be at most 8192 characters.", - "fulcioSubject": "fulcioSubject specifies OIDC issuer and the email of the Fulcio authentication configuration.", +var map_ReplaceActionConfig = map[string]string{ + "": "ReplaceActionConfig configures the Replace action. Regex is matched against the concatenated source_labels; target_label is set to replacement with match group references (${1}, ${2}, ...) substituted. No replacement if regex does not match.", + "targetLabel": "targetLabel is the label name where the replacement result is written. Must be between 1 and 128 characters in length.", + "replacement": "replacement is the value written to target_label when regex matches; match group references (${1}, ${2}, ...) are substituted. Required when using the Replace action so the intended behavior is explicit and the platform does not need to apply defaults. Use \"$1\" for the first capture group, \"$2\" for the second, etc. Use an empty string (\"\") to explicitly clear the target label value. Must be between 0 and 255 characters in length.", } -func (ImagePolicyFulcioCAWithRekorRootOfTrust) SwaggerDoc() map[string]string { - return map_ImagePolicyFulcioCAWithRekorRootOfTrust +func (ReplaceActionConfig) SwaggerDoc() map[string]string { + return map_ReplaceActionConfig } -var map_ImagePolicyList = map[string]string{ - "": "ImagePolicyList is a list of ImagePolicy resources\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.", - "metadata": "metadata is the standard list's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", +var map_Retention = map[string]string{ + "": "Retention configures how long Prometheus retains metrics data and how much storage it can use.", + "duration": "duration is an optional field that specifies how long Prometheus retains metrics data. Valid values are Prometheus-style duration strings with unit suffixes y, w, d, h, m, s, or ms (for example, \"15d\", \"24h\", or \"5d1h30m\"). Each unit value must be a positive integer. Composite durations must follow the fixed unit order y, w, d, h, m, s, ms. Must be at least 1 character and at most 64 characters. When set to \"0\", time-based retention is disabled. This is the only supported form for disabling time-based retention; other zero-duration representations such as \"0d\", \"0h\", or \"0y\" are rejected. Prometheus automatically deletes data older than this duration. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default value is `15d`.", + "size": "size is an optional field that specifies the maximum storage size that Prometheus can use for data blocks and the write-ahead log (WAL). Valid values are byte-size strings with an optional decimal prefix and a unit suffix B, KB, MB, GB, TB, EB, PB, or their binary equivalents KiB, MiB, GiB, TiB, EiB, PiB (for example, \"500MiB\", \"10GiB\"). The numeric value must be greater than zero. Must be at least 1 character and at most 32 characters. When set to \"0\", no size limit is enforced. This is the only supported form for disabling size-based retention; other zero-size representations such as \"0B\" or \"0MiB\" are rejected. When the limit is reached, Prometheus deletes oldest data first. When omitted, no size limit is enforced and Prometheus uses available PersistentVolume capacity.", } -func (ImagePolicyList) SwaggerDoc() map[string]string { - return map_ImagePolicyList +func (Retention) SwaggerDoc() map[string]string { + return map_Retention } -var map_ImagePolicyPKIRootOfTrust = map[string]string{ - "": "ImagePolicyPKIRootOfTrust defines the root of trust based on Root CA(s) and corresponding intermediate certificates.", - "caRootsData": "caRootsData contains base64-encoded data of a certificate bundle PEM file, which contains one or more CA roots in the PEM format. The total length of the data must not exceed 8192 characters. ", - "caIntermediatesData": "caIntermediatesData contains base64-encoded data of a certificate bundle PEM file, which contains one or more intermediate certificates in the PEM format. The total length of the data must not exceed 8192 characters. caIntermediatesData requires caRootsData to be set. ", - "pkiCertificateSubject": "pkiCertificateSubject defines the requirements imposed on the subject to which the certificate was issued.", +var map_SecretKeySelector = map[string]string{ + "": "SecretKeySelector selects a key of a Secret in the `openshift-monitoring` namespace.", + "name": "name is the name of the secret in the `openshift-monitoring` namespace to select from. Must be a valid Kubernetes secret name (lowercase alphanumeric, '-' or '.', start/end with alphanumeric). Must be between 1 and 253 characters in length.", + "key": "key is the key of the secret to select from. Must consist of alphanumeric characters, '-', '_', or '.'. Must be between 1 and 253 characters in length.", } -func (ImagePolicyPKIRootOfTrust) SwaggerDoc() map[string]string { - return map_ImagePolicyPKIRootOfTrust +func (SecretKeySelector) SwaggerDoc() map[string]string { + return map_SecretKeySelector } -var map_ImagePolicyPublicKeyRootOfTrust = map[string]string{ - "": "ImagePolicyPublicKeyRootOfTrust defines the root of trust based on a sigstore public key.", - "keyData": "keyData contains inline base64-encoded data for the PEM format public key. KeyData must be at most 8192 characters.", - "rekorKeyData": "rekorKeyData contains inline base64-encoded data for the PEM format from the Rekor public key. rekorKeyData must be at most 8192 characters.", +var map_Sigv4 = map[string]string{ + "": "Sigv4 defines AWS Signature Version 4 authentication settings. At least one of region, accessKey/secretKey, profile, or roleArn must be set so the platform can perform authentication.", + "region": "region is the AWS region. When omitted, the region is derived from the environment or instance metadata. Must be between 1 and 128 characters.", + "accessKey": "accessKey defines the secret reference containing the AWS access key ID. The secret must exist in the openshift-monitoring namespace. When omitted, the access key is derived from the environment or instance metadata.", + "secretKey": "secretKey defines the secret reference containing the AWS secret access key. The secret must exist in the openshift-monitoring namespace. When omitted, the secret key is derived from the environment or instance metadata.", + "profile": "profile is the named AWS profile used to authenticate. When omitted, the default profile is used. Must be between 1 and 128 characters.", + "roleArn": "roleArn is the AWS Role ARN, an alternative to using AWS API keys. When omitted, API keys are used for authentication. Must be a valid AWS ARN format (e.g., \"arn:aws:iam::123456789012:role/MyRole\"). Must be between 1 and 512 characters.", } -func (ImagePolicyPublicKeyRootOfTrust) SwaggerDoc() map[string]string { - return map_ImagePolicyPublicKeyRootOfTrust +func (Sigv4) SwaggerDoc() map[string]string { + return map_Sigv4 } -var map_ImagePolicySpec = map[string]string{ - "": "ImagePolicySpec is the specification of the ImagePolicy CRD.", - "scopes": "scopes defines the list of image identities assigned to a policy. Each item refers to a scope in a registry implementing the \"Docker Registry HTTP API V2\". Scopes matching individual images are named Docker references in the fully expanded form, either using a tag or digest. For example, docker.io/library/busybox:latest (not busybox:latest). More general scopes are prefixes of individual-image scopes, and specify a repository (by omitting the tag or digest), a repository namespace, or a registry host (by only specifying the host name and possibly a port number) or a wildcard expression starting with `*.`, for matching all subdomains (not including a port number). Wildcards are only supported for subdomain matching, and may not be used in the middle of the host, i.e. *.example.com is a valid case, but example*.*.com is not. If multiple scopes match a given image, only the policy requirements for the most specific scope apply. The policy requirements for more general scopes are ignored. In addition to setting a policy appropriate for your own deployed applications, make sure that a policy on the OpenShift image repositories quay.io/openshift-release-dev/ocp-release, quay.io/openshift-release-dev/ocp-v4.0-art-dev (or on a more general scope) allows deployment of the OpenShift images required for cluster operation. If a scope is configured in both the ClusterImagePolicy and the ImagePolicy, or if the scope in ImagePolicy is nested under one of the scopes from the ClusterImagePolicy, only the policy from the ClusterImagePolicy will be applied. For additional details about the format, please refer to the document explaining the docker transport field, which can be found at: https://github.com/containers/image/blob/main/docs/containers-policy.json.5.md#docker", - "policy": "policy contains configuration to allow scopes to be verified, and defines how images not matching the verification policy will be treated.", +var map_TLSConfig = map[string]string{ + "": "TLSConfig represents TLS configuration for Alertmanager connections. At least one TLS configuration option must be specified. For mutual TLS (mTLS), both cert and key must be specified together, or both omitted.", + "ca": "ca is an optional CA certificate to use for TLS connections. When omitted, the system's default CA bundle is used.", + "cert": "cert is an optional client certificate to use for mutual TLS connections. When omitted, no client certificate is presented.", + "key": "key is an optional client key to use for mutual TLS connections. When omitted, no client key is used.", + "serverName": "serverName is an optional server name to use for TLS connections. When specified, must be a valid DNS subdomain as per RFC 1123. When omitted, the server name is derived from the URL. Must be between 1 and 253 characters in length.", + "certificateVerification": "certificateVerification determines the policy for TLS certificate verification. Allowed values are \"Verify\" (performs certificate verification, secure) and \"SkipVerify\" (skips verification, insecure). When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The default value is \"Verify\".", } -func (ImagePolicySpec) SwaggerDoc() map[string]string { - return map_ImagePolicySpec +func (TLSConfig) SwaggerDoc() map[string]string { + return map_TLSConfig } -var map_ImagePolicyStatus = map[string]string{ - "conditions": "conditions provide details on the status of this API Resource.", +var map_TelemeterClientConfig = map[string]string{ + "": "TelemeterClientConfig provides configuration options for the Telemeter Client component that runs in the `openshift-monitoring` namespace. The Telemeter Client collects selected monitoring metrics and forwards them to Red Hat for telemetry purposes. At least one field must be specified.", + "nodeSelector": "nodeSelector defines the nodes on which the Pods are scheduled. nodeSelector is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. The current default value is `kubernetes.io/os: linux`. When specified, nodeSelector must contain at least 1 entry and must not contain more than 10 entries.", + "resources": "resources defines the compute resource requests and limits for the Telemeter Client container. This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. When not specified, defaults are used by the platform. Requests cannot exceed limits. This field is optional. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ This is a simplified API that maps to Kubernetes ResourceRequirements. The current default values are:\n resources:\n - name: cpu\n request: 1m\n limit: null\n - name: memory\n request: 40Mi\n limit: null\nMaximum length for this list is 5. Minimum length for this list is 1. Each resource name must be unique within this list.", + "tolerations": "tolerations defines tolerations for the pods. tolerations is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. Defaults are empty/unset. Maximum length for this list is 10. Minimum length for this list is 1.", + "topologySpreadConstraints": "topologySpreadConstraints defines rules for how Telemeter Client Pods should be distributed across topology domains such as zones, nodes, or other user-defined labels. topologySpreadConstraints is optional. This helps improve high availability and resource efficiency by avoiding placing too many replicas in the same failure domain.\n\nWhen omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. This field maps directly to the `topologySpreadConstraints` field in the Pod spec. Default is empty list. Maximum length for this list is 10. Minimum length for this list is 1. Entries must have unique topologyKey and whenUnsatisfiable pairs.", } -func (ImagePolicyStatus) SwaggerDoc() map[string]string { - return map_ImagePolicyStatus +func (TelemeterClientConfig) SwaggerDoc() map[string]string { + return map_TelemeterClientConfig } -var map_ImageSigstoreVerificationPolicy = map[string]string{ - "": "ImageSigstoreVerificationPolicy defines the verification policy for the items in the scopes list.", - "rootOfTrust": "rootOfTrust specifies the root of trust for the policy.", - "signedIdentity": "signedIdentity specifies what image identity the signature claims about the image. The required matchPolicy field specifies the approach used in the verification process to verify the identity in the signature and the actual image identity, the default matchPolicy is \"MatchRepoDigestOrExact\".", +var map_ThanosQuerierConfig = map[string]string{ + "": "ThanosQuerierConfig provides configuration options for the Thanos Querier component that runs in the `openshift-monitoring` namespace. At least one field must be specified; an empty thanosQuerierConfig object is not allowed.", + "logLevel": "logLevel defines the verbosity of logs emitted by Thanos Querier. logLevel is optional. Allowed values are Error, Warn, Info, and Debug. When set to Error, only errors will be logged. When set to Warn, both warnings and errors will be logged. When set to Info, general information, warnings, and errors will all be logged. When set to Debug, detailed debugging information will be logged. When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. The current default value is `Info`.", + "requestLogging": "requestLogging configures request logging for Thanos Querier. requestLogging is optional. When provided, the policy field within is required. When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. The current default behavior is to not log any requests.", + "crossOriginRequestPolicy": "crossOriginRequestPolicy configures the CORS (Cross-Origin Resource Sharing) policy for Thanos Querier's HTTP endpoints. crossOriginRequestPolicy is optional. Valid values are \"AllowAll\" and \"DenyAll\". When set to \"AllowAll\", CORS headers are added to responses, allowing cross-origin requests from any domain. When set to \"DenyAll\", no CORS headers are added and cross-origin requests are rejected by the browser. When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. The current default value is \"DenyAll\".", + "nodeSelector": "nodeSelector defines the nodes on which the Pods are scheduled. nodeSelector is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. The current default value is `kubernetes.io/os: linux`. When specified, nodeSelector must contain at least 1 entry and must not contain more than 10 entries.", + "resources": "resources defines the compute resource requests and limits for the Thanos Querier container. resources is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. Requests cannot exceed limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ This is a simplified API that maps to Kubernetes ResourceRequirements. The current default values are:\n resources:\n - name: cpu\n request: 5m\n - name: memory\n request: 12Mi\nMaximum length for this list is 5. Minimum length for this list is 1. Each resource name must be unique within this list.", + "tolerations": "tolerations defines tolerations for the pods. tolerations is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. Defaults are empty/unset. Maximum length for this list is 10. Minimum length for this list is 1.", + "topologySpreadConstraints": "topologySpreadConstraints defines rules for how Thanos Querier Pods should be distributed across topology domains such as zones, nodes, or other user-defined labels. topologySpreadConstraints is optional. This helps improve high availability and resource efficiency by avoiding placing too many replicas in the same failure domain.\n\nWhen omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. This field maps directly to the `topologySpreadConstraints` field in the Pod spec. Defaults are empty/unset. Maximum length for this list is 10. Minimum length for this list is 1. Entries must have unique topologyKey and whenUnsatisfiable pairs.", } -func (ImageSigstoreVerificationPolicy) SwaggerDoc() map[string]string { - return map_ImageSigstoreVerificationPolicy +func (ThanosQuerierConfig) SwaggerDoc() map[string]string { + return map_ThanosQuerierConfig } -var map_PKICertificateSubject = map[string]string{ - "": "PKICertificateSubject defines the requirements imposed on the subject to which the certificate was issued.", - "email": "email specifies the expected email address imposed on the subject to which the certificate was issued, and must match the email address listed in the Subject Alternative Name (SAN) field of the certificate. The email should be a valid email address and at most 320 characters in length.", - "hostname": "hostname specifies the expected hostname imposed on the subject to which the certificate was issued, and it must match the hostname listed in the Subject Alternative Name (SAN) DNS field of the certificate. The hostname should be a valid dns 1123 subdomain name, optionally prefixed by '*.', and at most 253 characters in length. It should consist only of lowercase alphanumeric characters, hyphens, periods and the optional preceding asterisk.", +var map_ThanosQuerierRequestLoggingConfig = map[string]string{ + "": "ThanosQuerierRequestLoggingConfig configures request logging for Thanos Querier.", + "policy": "policy determines which HTTP and gRPC requests are logged by Thanos Querier. Valid values are \"AllRequests\" and \"NoRequests\". When set to \"AllRequests\", every request received by Thanos Querier is logged with method, path, and response status. The log level for request logs is derived from the logLevel field. When set to \"NoRequests\", request logging is turned off.", } -func (PKICertificateSubject) SwaggerDoc() map[string]string { - return map_PKICertificateSubject +func (ThanosQuerierRequestLoggingConfig) SwaggerDoc() map[string]string { + return map_ThanosQuerierRequestLoggingConfig } -var map_PolicyFulcioSubject = map[string]string{ - "": "PolicyFulcioSubject defines the OIDC issuer and the email of the Fulcio authentication configuration.", - "oidcIssuer": "oidcIssuer contains the expected OIDC issuer. It will be verified that the Fulcio-issued certificate contains a (Fulcio-defined) certificate extension pointing at this OIDC issuer URL. When Fulcio issues certificates, it includes a value based on an URL inside the client-provided ID token. Example: \"https://expected.OIDC.issuer/\"", - "signedEmail": "signedEmail holds the email address the the Fulcio certificate is issued for. Example: \"expected-signing-user@example.com\"", +var map_UppercaseActionConfig = map[string]string{ + "": "UppercaseActionConfig configures the Uppercase action. Maps the concatenated source_labels to their upper case and writes to target_label. Requires Prometheus >= v2.36.0.", + "targetLabel": "targetLabel is the label name where the upper-cased value is written. Must be between 1 and 128 characters in length.", } -func (PolicyFulcioSubject) SwaggerDoc() map[string]string { - return map_PolicyFulcioSubject +func (UppercaseActionConfig) SwaggerDoc() map[string]string { + return map_UppercaseActionConfig } -var map_PolicyIdentity = map[string]string{ - "": "PolicyIdentity defines image identity the signature claims about the image. When omitted, the default matchPolicy is \"MatchRepoDigestOrExact\".", - "matchPolicy": "matchPolicy sets the type of matching to be used. Valid values are \"MatchRepoDigestOrExact\", \"MatchRepository\", \"ExactRepository\", \"RemapIdentity\". When omitted, the default value is \"MatchRepoDigestOrExact\". If set matchPolicy to ExactRepository, then the exactRepository must be specified. If set matchPolicy to RemapIdentity, then the remapIdentity must be specified. \"MatchRepoDigestOrExact\" means that the identity in the signature must be in the same repository as the image identity if the image identity is referenced by a digest. Otherwise, the identity in the signature must be the same as the image identity. \"MatchRepository\" means that the identity in the signature must be in the same repository as the image identity. \"ExactRepository\" means that the identity in the signature must be in the same repository as a specific identity specified by \"repository\". \"RemapIdentity\" means that the signature must be in the same as the remapped image identity. Remapped image identity is obtained by replacing the \"prefix\" with the specified “signedPrefix” if the the image identity matches the specified remapPrefix.", - "exactRepository": "exactRepository is required if matchPolicy is set to \"ExactRepository\".", - "remapIdentity": "remapIdentity is required if matchPolicy is set to \"RemapIdentity\".", +var map_UserDefinedMonitoring = map[string]string{ + "": "UserDefinedMonitoring config for user-defined projects.", + "mode": "mode defines the different configurations of UserDefinedMonitoring Valid values are Disabled and NamespaceIsolated Disabled disables monitoring for user-defined projects. This restricts the default monitoring stack, installed in the openshift-monitoring project, to monitor only platform namespaces, which prevents any custom monitoring configurations or resources from being applied to user-defined namespaces. NamespaceIsolated enables monitoring for user-defined projects with namespace-scoped tenancy. This ensures that metrics, alerts, and monitoring data are isolated at the namespace level. The current default value is `Disabled`.", } -func (PolicyIdentity) SwaggerDoc() map[string]string { - return map_PolicyIdentity +func (UserDefinedMonitoring) SwaggerDoc() map[string]string { + return map_UserDefinedMonitoring } -var map_PolicyMatchExactRepository = map[string]string{ - "repository": "repository is the reference of the image identity to be matched. The value should be a repository name (by omitting the tag or digest) in a registry implementing the \"Docker Registry HTTP API V2\". For example, docker.io/library/busybox", +var map_CRIOCredentialProviderConfig = map[string]string{ + "": "CRIOCredentialProviderConfig holds cluster-wide singleton resource configurations for CRI-O credential provider, the name of this instance is \"cluster\". CRI-O credential provider is a binary shipped with CRI-O that provides a way to obtain container image pull credentials from external sources. For example, it can be used to fetch mirror registry credentials from secrets resources in the cluster within the same namespace the pod will be running in. CRIOCredentialProviderConfig configuration specifies the pod image sources registries that should trigger the CRI-O credential provider execution, which will resolve the CRI-O mirror configurations and obtain the necessary credentials for pod creation. Note: Configuration changes will only take effect after the kubelet restarts, which is automatically managed by the cluster during rollout.\n\nThe resource is a singleton named \"cluster\".\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.", + "metadata": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", + "spec": "spec defines the desired configuration of the CRI-O Credential Provider. This field is required and must be provided when creating the resource.", + "status": "status represents the current state of the CRIOCredentialProviderConfig. When omitted or nil, it indicates that the status has not yet been set by the controller. The controller will populate this field with validation conditions and operational state.", } -func (PolicyMatchExactRepository) SwaggerDoc() map[string]string { - return map_PolicyMatchExactRepository +func (CRIOCredentialProviderConfig) SwaggerDoc() map[string]string { + return map_CRIOCredentialProviderConfig } -var map_PolicyMatchRemapIdentity = map[string]string{ - "prefix": "prefix is the prefix of the image identity to be matched. If the image identity matches the specified prefix, that prefix is replaced by the specified “signedPrefix” (otherwise it is used as unchanged and no remapping takes place). This useful when verifying signatures for a mirror of some other repository namespace that preserves the vendor’s repository structure. The prefix and signedPrefix values can be either host[:port] values (matching exactly the same host[:port], string), repository namespaces, or repositories (i.e. they must not contain tags/digests), and match as prefixes of the fully expanded form. For example, docker.io/library/busybox (not busybox) to specify that single repository, or docker.io/library (not an empty string) to specify the parent namespace of docker.io/library/busybox.", - "signedPrefix": "signedPrefix is the prefix of the image identity to be matched in the signature. The format is the same as \"prefix\". The values can be either host[:port] values (matching exactly the same host[:port], string), repository namespaces, or repositories (i.e. they must not contain tags/digests), and match as prefixes of the fully expanded form. For example, docker.io/library/busybox (not busybox) to specify that single repository, or docker.io/library (not an empty string) to specify the parent namespace of docker.io/library/busybox.", +var map_CRIOCredentialProviderConfigList = map[string]string{ + "": "CRIOCredentialProviderConfigList contains a list of CRIOCredentialProviderConfig resources\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.", + "metadata": "metadata is the standard list's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", +} + +func (CRIOCredentialProviderConfigList) SwaggerDoc() map[string]string { + return map_CRIOCredentialProviderConfigList +} + +var map_CRIOCredentialProviderConfigSpec = map[string]string{ + "": "CRIOCredentialProviderConfigSpec defines the desired configuration of the CRI-O Credential Provider.", + "matchImages": "matchImages is a list of string patterns used to determine whether the CRI-O credential provider should be invoked for a given image. This list is passed to the kubelet CredentialProviderConfig, and if any pattern matches the requested image, CRI-O credential provider will be invoked to obtain credentials for pulling that image or its mirrors. Depending on the platform, the CRI-O credential provider may be installed alongside an existing platform specific provider. Conflicts between the existing platform specific provider image match configuration and this list will be handled by the following precedence rule: credentials from built-in kubelet providers (e.g., ECR, GCR, ACR) take precedence over those from the CRIOCredentialProviderConfig when both match the same image. To avoid uncertainty, it is recommended to avoid configuring your private image patterns to overlap with existing platform specific provider config(e.g., the entries from https://github.com/openshift/machine-config-operator/blob/main/templates/common/aws/files/etc-kubernetes-credential-providers-ecr-credential-provider.yaml). You can check the resource's Status conditions to see if any entries were ignored due to exact matches with known built-in provider patterns.\n\nThis field is optional, the items of the list must contain between 1 and 50 entries. The list is treated as a set, so duplicate entries are not allowed.\n\nFor more details, see: https://kubernetes.io/docs/tasks/administer-cluster/kubelet-credential-provider/ https://github.com/cri-o/crio-credential-provider#architecture\n\nEach entry in matchImages is a pattern which can optionally contain a port and a path. Each entry must be no longer than 512 characters. Wildcards ('*') are supported for full subdomain labels, such as '*.k8s.io' or 'k8s.*.io', and for top-level domains, such as 'k8s.*' (which matches 'k8s.io' or 'k8s.net'). A global wildcard '*' (matching any domain) is not allowed. Wildcards may replace an entire hostname label (e.g., *.example.com), but they cannot appear within a label (e.g., f*oo.example.com) and are not allowed in the port or path. For example, 'example.*.com' is valid, but 'exa*mple.*.com' is not. Each wildcard matches only a single domain label, so '*.io' does **not** match '*.k8s.io'.\n\nA match exists between an image and a matchImage when all of the below are true: Both contain the same number of domain parts and each part matches. The URL path of an matchImages must be a prefix of the target image URL path. If the matchImages contains a port, then the port must match in the image as well.\n\nExample values of matchImages: - 123456789.dkr.ecr.us-east-1.amazonaws.com - *.azurecr.io - gcr.io - *.*.registry.io - registry.io:8080/path", } -func (PolicyMatchRemapIdentity) SwaggerDoc() map[string]string { - return map_PolicyMatchRemapIdentity +func (CRIOCredentialProviderConfigSpec) SwaggerDoc() map[string]string { + return map_CRIOCredentialProviderConfigSpec } -var map_PolicyRootOfTrust = map[string]string{ - "": "PolicyRootOfTrust defines the root of trust based on the selected policyType.", - "policyType": "policyType serves as the union's discriminator. Users are required to assign a value to this field, choosing one of the policy types that define the root of trust. \"PublicKey\" indicates that the policy relies on a sigstore publicKey and may optionally use a Rekor verification. \"FulcioCAWithRekor\" indicates that the policy is based on the Fulcio certification and incorporates a Rekor verification. \"PKI\" indicates that the policy is based on the certificates from Bring Your Own Public Key Infrastructure (BYOPKI). This value is enabled by turning on the SigstoreImageVerificationPKI feature gate.", - "publicKey": "publicKey defines the root of trust based on a sigstore public key.", - "fulcioCAWithRekor": "fulcioCAWithRekor defines the root of trust based on the Fulcio certificate and the Rekor public key. For more information about Fulcio and Rekor, please refer to the document at: https://github.com/sigstore/fulcio and https://github.com/sigstore/rekor", - "pki": "pki defines the root of trust based on Bring Your Own Public Key Infrastructure (BYOPKI) Root CA(s) and corresponding intermediate certificates.", +var map_CRIOCredentialProviderConfigStatus = map[string]string{ + "": "CRIOCredentialProviderConfigStatus defines the observed state of CRIOCredentialProviderConfig", + "conditions": "conditions represent the latest available observations of the configuration state. When omitted, it indicates that no conditions have been reported yet. The maximum number of conditions is 16. Conditions are stored as a map keyed by condition type, ensuring uniqueness.\n\nExpected condition types include: \"Validated\": indicates whether the matchImages configuration is valid", } -func (PolicyRootOfTrust) SwaggerDoc() map[string]string { - return map_PolicyRootOfTrust +func (CRIOCredentialProviderConfigStatus) SwaggerDoc() map[string]string { + return map_CRIOCredentialProviderConfigStatus } var map_GatherConfig = map[string]string{ @@ -486,4 +867,110 @@ func (Storage) SwaggerDoc() map[string]string { return map_Storage } +var map_CertificateConfig = map[string]string{ + "": "CertificateConfig specifies configuration parameters for certificates. At least one property must be specified.", + "key": "key specifies the cryptographic parameters for the certificate's key pair. Currently this is the only configurable parameter. When omitted in an overrides entry, the key configuration from defaults is used.", +} + +func (CertificateConfig) SwaggerDoc() map[string]string { + return map_CertificateConfig +} + +var map_CustomPKIPolicy = map[string]string{ + "": "CustomPKIPolicy contains administrator-specified cryptographic configuration. Administrators must specify defaults for all certificates and may optionally override specific categories of certificates.", +} + +func (CustomPKIPolicy) SwaggerDoc() map[string]string { + return map_CustomPKIPolicy +} + +var map_DefaultCertificateConfig = map[string]string{ + "": "DefaultCertificateConfig specifies the default certificate configuration parameters. All fields are required to ensure that defaults are fully specified for all certificates.", + "key": "key specifies the cryptographic parameters for the certificate's key pair. This field is required in defaults to ensure all certificates have a well-defined key configuration.", +} + +func (DefaultCertificateConfig) SwaggerDoc() map[string]string { + return map_DefaultCertificateConfig +} + +var map_ECDSAKeyConfig = map[string]string{ + "": "ECDSAKeyConfig specifies parameters for ECDSA key generation.", + "curve": "curve specifies the NIST elliptic curve for ECDSA keys. Valid values are \"P256\", \"P384\", and \"P521\".\n\nWhen set to P256, the NIST P-256 curve (also known as secp256r1) is used, providing 128-bit security.\n\nWhen set to P384, the NIST P-384 curve (also known as secp384r1) is used, providing 192-bit security.\n\nWhen set to P521, the NIST P-521 curve (also known as secp521r1) is used, providing 256-bit security.", +} + +func (ECDSAKeyConfig) SwaggerDoc() map[string]string { + return map_ECDSAKeyConfig +} + +var map_KeyConfig = map[string]string{ + "": "KeyConfig specifies cryptographic parameters for key generation.", + "algorithm": "algorithm specifies the key generation algorithm. Valid values are \"RSA\" and \"ECDSA\".\n\nWhen set to RSA, the rsa field must be specified and the generated key will be an RSA key with the configured key size.\n\nWhen set to ECDSA, the ecdsa field must be specified and the generated key will be an ECDSA key using the configured elliptic curve.", + "rsa": "rsa specifies RSA key parameters. Required when algorithm is RSA, and forbidden otherwise.", + "ecdsa": "ecdsa specifies ECDSA key parameters. Required when algorithm is ECDSA, and forbidden otherwise.", +} + +func (KeyConfig) SwaggerDoc() map[string]string { + return map_KeyConfig +} + +var map_PKI = map[string]string{ + "": "PKI configures cryptographic parameters for certificates generated internally by OpenShift components.\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.", + "metadata": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", + "spec": "spec holds user settable values for configuration", +} + +func (PKI) SwaggerDoc() map[string]string { + return map_PKI +} + +var map_PKICertificateManagement = map[string]string{ + "": "PKICertificateManagement determines whether components use hardcoded defaults (Unmanaged), follow OpenShift best practices (Default), or use administrator-specified cryptographic parameters (Custom). This provides flexibility for organizations with specific compliance requirements or security policies while maintaining backwards compatibility for existing clusters.", + "mode": "mode determines how PKI configuration is managed. Valid values are \"Unmanaged\", \"Default\", and \"Custom\".\n\nWhen set to Unmanaged, components use their existing hardcoded certificate generation behavior, exactly as if this feature did not exist. Each component generates certificates using whatever parameters it was using before this feature. While most components use RSA 2048, some may use different parameters. Use of this mode might prevent upgrading to the next major OpenShift release.\n\nWhen set to Default, OpenShift-recommended best practices for certificate generation are applied. The specific parameters may evolve across OpenShift releases to adopt improved cryptographic standards. In the initial release, this matches Unmanaged behavior for each component. In future releases, this may adopt ECDSA or larger RSA keys based on industry best practices. Recommended for most customers who want to benefit from security improvements automatically.\n\nWhen set to Custom, the certificate management parameters can be set explicitly. Use the custom field to specify certificate generation parameters.", + "custom": "custom contains administrator-specified cryptographic configuration. Use the defaults and category override fields to specify certificate generation parameters. Required when mode is Custom, and forbidden otherwise.", +} + +func (PKICertificateManagement) SwaggerDoc() map[string]string { + return map_PKICertificateManagement +} + +var map_PKIList = map[string]string{ + "": "PKIList is a collection of PKI resources.\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.", + "metadata": "metadata is the standard list's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", + "items": "items is a list of PKI resources", +} + +func (PKIList) SwaggerDoc() map[string]string { + return map_PKIList +} + +var map_PKIProfile = map[string]string{ + "": "PKIProfile defines the certificate generation parameters that OpenShift components use to create certificates. Category overrides take precedence over defaults.", + "defaults": "defaults specifies the default certificate configuration that applies to all certificates unless overridden by a category override.", + "signerCertificates": "signerCertificates optionally overrides certificate parameters for certificate authority (CA) certificates that sign other certificates. When set, these parameters take precedence over defaults for all signer certificates. When omitted, the defaults are used for signer certificates.", + "servingCertificates": "servingCertificates optionally overrides certificate parameters for TLS server certificates used to serve HTTPS endpoints. When set, these parameters take precedence over defaults for all serving certificates. When omitted, the defaults are used for serving certificates.", + "clientCertificates": "clientCertificates optionally overrides certificate parameters for client authentication certificates used to authenticate to servers. When set, these parameters take precedence over defaults for all client certificates. When omitted, the defaults are used for client certificates.", +} + +func (PKIProfile) SwaggerDoc() map[string]string { + return map_PKIProfile +} + +var map_PKISpec = map[string]string{ + "": "PKISpec holds the specification for PKI configuration.", + "certificateManagement": "certificateManagement specifies how PKI configuration is managed for internally-generated certificates. This controls the certificate generation approach for all OpenShift components that create certificates internally, including certificate authorities, serving certificates, and client certificates.", +} + +func (PKISpec) SwaggerDoc() map[string]string { + return map_PKISpec +} + +var map_RSAKeyConfig = map[string]string{ + "": "RSAKeyConfig specifies parameters for RSA key generation.", + "keySize": "keySize specifies the size of RSA keys in bits. Valid values are multiples of 1024 from 2048 to 8192.", +} + +func (RSAKeyConfig) SwaggerDoc() map[string]string { + return map_RSAKeyConfig +} + // AUTO-GENERATED FUNCTIONS END HERE diff --git a/vendor/github.com/openshift/api/image/v1/generated.pb.go b/vendor/github.com/openshift/api/image/v1/generated.pb.go index ac776ad64..c10c09b3c 100644 --- a/vendor/github.com/openshift/api/image/v1/generated.pb.go +++ b/vendor/github.com/openshift/api/image/v1/generated.pb.go @@ -7,1315 +7,92 @@ import ( fmt "fmt" io "io" + "sort" - proto "github.com/gogo/protobuf/proto" - github_com_gogo_protobuf_sortkeys "github.com/gogo/protobuf/sortkeys" k8s_io_api_core_v1 "k8s.io/api/core/v1" v11 "k8s.io/api/core/v1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - math "math" math_bits "math/bits" reflect "reflect" strings "strings" ) -// Reference imports to suppress errors if they are not otherwise used. -var _ = proto.Marshal -var _ = fmt.Errorf -var _ = math.Inf +func (m *DockerImageReference) Reset() { *m = DockerImageReference{} } -// This is a compile-time assertion to ensure that this generated file -// is compatible with the proto package it is being compiled against. -// A compilation error at this line likely means your copy of the -// proto package needs to be updated. -const _ = proto.GoGoProtoPackageIsVersion3 // please upgrade the proto package +func (m *Image) Reset() { *m = Image{} } -func (m *DockerImageReference) Reset() { *m = DockerImageReference{} } -func (*DockerImageReference) ProtoMessage() {} -func (*DockerImageReference) Descriptor() ([]byte, []int) { - return fileDescriptor_650a0b34f65fde60, []int{0} -} -func (m *DockerImageReference) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *DockerImageReference) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil -} -func (m *DockerImageReference) XXX_Merge(src proto.Message) { - xxx_messageInfo_DockerImageReference.Merge(m, src) -} -func (m *DockerImageReference) XXX_Size() int { - return m.Size() -} -func (m *DockerImageReference) XXX_DiscardUnknown() { - xxx_messageInfo_DockerImageReference.DiscardUnknown(m) -} - -var xxx_messageInfo_DockerImageReference proto.InternalMessageInfo - -func (m *Image) Reset() { *m = Image{} } -func (*Image) ProtoMessage() {} -func (*Image) Descriptor() ([]byte, []int) { - return fileDescriptor_650a0b34f65fde60, []int{1} -} -func (m *Image) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *Image) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil -} -func (m *Image) XXX_Merge(src proto.Message) { - xxx_messageInfo_Image.Merge(m, src) -} -func (m *Image) XXX_Size() int { - return m.Size() -} -func (m *Image) XXX_DiscardUnknown() { - xxx_messageInfo_Image.DiscardUnknown(m) -} - -var xxx_messageInfo_Image proto.InternalMessageInfo - -func (m *ImageBlobReferences) Reset() { *m = ImageBlobReferences{} } -func (*ImageBlobReferences) ProtoMessage() {} -func (*ImageBlobReferences) Descriptor() ([]byte, []int) { - return fileDescriptor_650a0b34f65fde60, []int{2} -} -func (m *ImageBlobReferences) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *ImageBlobReferences) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil -} -func (m *ImageBlobReferences) XXX_Merge(src proto.Message) { - xxx_messageInfo_ImageBlobReferences.Merge(m, src) -} -func (m *ImageBlobReferences) XXX_Size() int { - return m.Size() -} -func (m *ImageBlobReferences) XXX_DiscardUnknown() { - xxx_messageInfo_ImageBlobReferences.DiscardUnknown(m) -} - -var xxx_messageInfo_ImageBlobReferences proto.InternalMessageInfo - -func (m *ImageImportSpec) Reset() { *m = ImageImportSpec{} } -func (*ImageImportSpec) ProtoMessage() {} -func (*ImageImportSpec) Descriptor() ([]byte, []int) { - return fileDescriptor_650a0b34f65fde60, []int{3} -} -func (m *ImageImportSpec) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *ImageImportSpec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil -} -func (m *ImageImportSpec) XXX_Merge(src proto.Message) { - xxx_messageInfo_ImageImportSpec.Merge(m, src) -} -func (m *ImageImportSpec) XXX_Size() int { - return m.Size() -} -func (m *ImageImportSpec) XXX_DiscardUnknown() { - xxx_messageInfo_ImageImportSpec.DiscardUnknown(m) -} - -var xxx_messageInfo_ImageImportSpec proto.InternalMessageInfo - -func (m *ImageImportStatus) Reset() { *m = ImageImportStatus{} } -func (*ImageImportStatus) ProtoMessage() {} -func (*ImageImportStatus) Descriptor() ([]byte, []int) { - return fileDescriptor_650a0b34f65fde60, []int{4} -} -func (m *ImageImportStatus) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *ImageImportStatus) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil -} -func (m *ImageImportStatus) XXX_Merge(src proto.Message) { - xxx_messageInfo_ImageImportStatus.Merge(m, src) -} -func (m *ImageImportStatus) XXX_Size() int { - return m.Size() -} -func (m *ImageImportStatus) XXX_DiscardUnknown() { - xxx_messageInfo_ImageImportStatus.DiscardUnknown(m) -} - -var xxx_messageInfo_ImageImportStatus proto.InternalMessageInfo - -func (m *ImageLayer) Reset() { *m = ImageLayer{} } -func (*ImageLayer) ProtoMessage() {} -func (*ImageLayer) Descriptor() ([]byte, []int) { - return fileDescriptor_650a0b34f65fde60, []int{5} -} -func (m *ImageLayer) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *ImageLayer) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil -} -func (m *ImageLayer) XXX_Merge(src proto.Message) { - xxx_messageInfo_ImageLayer.Merge(m, src) -} -func (m *ImageLayer) XXX_Size() int { - return m.Size() -} -func (m *ImageLayer) XXX_DiscardUnknown() { - xxx_messageInfo_ImageLayer.DiscardUnknown(m) -} - -var xxx_messageInfo_ImageLayer proto.InternalMessageInfo - -func (m *ImageLayerData) Reset() { *m = ImageLayerData{} } -func (*ImageLayerData) ProtoMessage() {} -func (*ImageLayerData) Descriptor() ([]byte, []int) { - return fileDescriptor_650a0b34f65fde60, []int{6} -} -func (m *ImageLayerData) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *ImageLayerData) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil -} -func (m *ImageLayerData) XXX_Merge(src proto.Message) { - xxx_messageInfo_ImageLayerData.Merge(m, src) -} -func (m *ImageLayerData) XXX_Size() int { - return m.Size() -} -func (m *ImageLayerData) XXX_DiscardUnknown() { - xxx_messageInfo_ImageLayerData.DiscardUnknown(m) -} - -var xxx_messageInfo_ImageLayerData proto.InternalMessageInfo - -func (m *ImageList) Reset() { *m = ImageList{} } -func (*ImageList) ProtoMessage() {} -func (*ImageList) Descriptor() ([]byte, []int) { - return fileDescriptor_650a0b34f65fde60, []int{7} -} -func (m *ImageList) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *ImageList) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil -} -func (m *ImageList) XXX_Merge(src proto.Message) { - xxx_messageInfo_ImageList.Merge(m, src) -} -func (m *ImageList) XXX_Size() int { - return m.Size() -} -func (m *ImageList) XXX_DiscardUnknown() { - xxx_messageInfo_ImageList.DiscardUnknown(m) -} - -var xxx_messageInfo_ImageList proto.InternalMessageInfo - -func (m *ImageLookupPolicy) Reset() { *m = ImageLookupPolicy{} } -func (*ImageLookupPolicy) ProtoMessage() {} -func (*ImageLookupPolicy) Descriptor() ([]byte, []int) { - return fileDescriptor_650a0b34f65fde60, []int{8} -} -func (m *ImageLookupPolicy) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *ImageLookupPolicy) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil -} -func (m *ImageLookupPolicy) XXX_Merge(src proto.Message) { - xxx_messageInfo_ImageLookupPolicy.Merge(m, src) -} -func (m *ImageLookupPolicy) XXX_Size() int { - return m.Size() -} -func (m *ImageLookupPolicy) XXX_DiscardUnknown() { - xxx_messageInfo_ImageLookupPolicy.DiscardUnknown(m) -} - -var xxx_messageInfo_ImageLookupPolicy proto.InternalMessageInfo - -func (m *ImageManifest) Reset() { *m = ImageManifest{} } -func (*ImageManifest) ProtoMessage() {} -func (*ImageManifest) Descriptor() ([]byte, []int) { - return fileDescriptor_650a0b34f65fde60, []int{9} -} -func (m *ImageManifest) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *ImageManifest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil -} -func (m *ImageManifest) XXX_Merge(src proto.Message) { - xxx_messageInfo_ImageManifest.Merge(m, src) -} -func (m *ImageManifest) XXX_Size() int { - return m.Size() -} -func (m *ImageManifest) XXX_DiscardUnknown() { - xxx_messageInfo_ImageManifest.DiscardUnknown(m) -} - -var xxx_messageInfo_ImageManifest proto.InternalMessageInfo - -func (m *ImageSignature) Reset() { *m = ImageSignature{} } -func (*ImageSignature) ProtoMessage() {} -func (*ImageSignature) Descriptor() ([]byte, []int) { - return fileDescriptor_650a0b34f65fde60, []int{10} -} -func (m *ImageSignature) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *ImageSignature) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil -} -func (m *ImageSignature) XXX_Merge(src proto.Message) { - xxx_messageInfo_ImageSignature.Merge(m, src) -} -func (m *ImageSignature) XXX_Size() int { - return m.Size() -} -func (m *ImageSignature) XXX_DiscardUnknown() { - xxx_messageInfo_ImageSignature.DiscardUnknown(m) -} - -var xxx_messageInfo_ImageSignature proto.InternalMessageInfo - -func (m *ImageStream) Reset() { *m = ImageStream{} } -func (*ImageStream) ProtoMessage() {} -func (*ImageStream) Descriptor() ([]byte, []int) { - return fileDescriptor_650a0b34f65fde60, []int{11} -} -func (m *ImageStream) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *ImageStream) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil -} -func (m *ImageStream) XXX_Merge(src proto.Message) { - xxx_messageInfo_ImageStream.Merge(m, src) -} -func (m *ImageStream) XXX_Size() int { - return m.Size() -} -func (m *ImageStream) XXX_DiscardUnknown() { - xxx_messageInfo_ImageStream.DiscardUnknown(m) -} - -var xxx_messageInfo_ImageStream proto.InternalMessageInfo - -func (m *ImageStreamImage) Reset() { *m = ImageStreamImage{} } -func (*ImageStreamImage) ProtoMessage() {} -func (*ImageStreamImage) Descriptor() ([]byte, []int) { - return fileDescriptor_650a0b34f65fde60, []int{12} -} -func (m *ImageStreamImage) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *ImageStreamImage) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil -} -func (m *ImageStreamImage) XXX_Merge(src proto.Message) { - xxx_messageInfo_ImageStreamImage.Merge(m, src) -} -func (m *ImageStreamImage) XXX_Size() int { - return m.Size() -} -func (m *ImageStreamImage) XXX_DiscardUnknown() { - xxx_messageInfo_ImageStreamImage.DiscardUnknown(m) -} - -var xxx_messageInfo_ImageStreamImage proto.InternalMessageInfo - -func (m *ImageStreamImport) Reset() { *m = ImageStreamImport{} } -func (*ImageStreamImport) ProtoMessage() {} -func (*ImageStreamImport) Descriptor() ([]byte, []int) { - return fileDescriptor_650a0b34f65fde60, []int{13} -} -func (m *ImageStreamImport) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *ImageStreamImport) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil -} -func (m *ImageStreamImport) XXX_Merge(src proto.Message) { - xxx_messageInfo_ImageStreamImport.Merge(m, src) -} -func (m *ImageStreamImport) XXX_Size() int { - return m.Size() -} -func (m *ImageStreamImport) XXX_DiscardUnknown() { - xxx_messageInfo_ImageStreamImport.DiscardUnknown(m) -} - -var xxx_messageInfo_ImageStreamImport proto.InternalMessageInfo - -func (m *ImageStreamImportSpec) Reset() { *m = ImageStreamImportSpec{} } -func (*ImageStreamImportSpec) ProtoMessage() {} -func (*ImageStreamImportSpec) Descriptor() ([]byte, []int) { - return fileDescriptor_650a0b34f65fde60, []int{14} -} -func (m *ImageStreamImportSpec) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *ImageStreamImportSpec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil -} -func (m *ImageStreamImportSpec) XXX_Merge(src proto.Message) { - xxx_messageInfo_ImageStreamImportSpec.Merge(m, src) -} -func (m *ImageStreamImportSpec) XXX_Size() int { - return m.Size() -} -func (m *ImageStreamImportSpec) XXX_DiscardUnknown() { - xxx_messageInfo_ImageStreamImportSpec.DiscardUnknown(m) -} - -var xxx_messageInfo_ImageStreamImportSpec proto.InternalMessageInfo - -func (m *ImageStreamImportStatus) Reset() { *m = ImageStreamImportStatus{} } -func (*ImageStreamImportStatus) ProtoMessage() {} -func (*ImageStreamImportStatus) Descriptor() ([]byte, []int) { - return fileDescriptor_650a0b34f65fde60, []int{15} -} -func (m *ImageStreamImportStatus) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *ImageStreamImportStatus) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil -} -func (m *ImageStreamImportStatus) XXX_Merge(src proto.Message) { - xxx_messageInfo_ImageStreamImportStatus.Merge(m, src) -} -func (m *ImageStreamImportStatus) XXX_Size() int { - return m.Size() -} -func (m *ImageStreamImportStatus) XXX_DiscardUnknown() { - xxx_messageInfo_ImageStreamImportStatus.DiscardUnknown(m) -} - -var xxx_messageInfo_ImageStreamImportStatus proto.InternalMessageInfo - -func (m *ImageStreamLayers) Reset() { *m = ImageStreamLayers{} } -func (*ImageStreamLayers) ProtoMessage() {} -func (*ImageStreamLayers) Descriptor() ([]byte, []int) { - return fileDescriptor_650a0b34f65fde60, []int{16} -} -func (m *ImageStreamLayers) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *ImageStreamLayers) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil -} -func (m *ImageStreamLayers) XXX_Merge(src proto.Message) { - xxx_messageInfo_ImageStreamLayers.Merge(m, src) -} -func (m *ImageStreamLayers) XXX_Size() int { - return m.Size() -} -func (m *ImageStreamLayers) XXX_DiscardUnknown() { - xxx_messageInfo_ImageStreamLayers.DiscardUnknown(m) -} - -var xxx_messageInfo_ImageStreamLayers proto.InternalMessageInfo - -func (m *ImageStreamList) Reset() { *m = ImageStreamList{} } -func (*ImageStreamList) ProtoMessage() {} -func (*ImageStreamList) Descriptor() ([]byte, []int) { - return fileDescriptor_650a0b34f65fde60, []int{17} -} -func (m *ImageStreamList) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *ImageStreamList) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil -} -func (m *ImageStreamList) XXX_Merge(src proto.Message) { - xxx_messageInfo_ImageStreamList.Merge(m, src) -} -func (m *ImageStreamList) XXX_Size() int { - return m.Size() -} -func (m *ImageStreamList) XXX_DiscardUnknown() { - xxx_messageInfo_ImageStreamList.DiscardUnknown(m) -} +func (m *ImageBlobReferences) Reset() { *m = ImageBlobReferences{} } -var xxx_messageInfo_ImageStreamList proto.InternalMessageInfo +func (m *ImageImportSpec) Reset() { *m = ImageImportSpec{} } -func (m *ImageStreamMapping) Reset() { *m = ImageStreamMapping{} } -func (*ImageStreamMapping) ProtoMessage() {} -func (*ImageStreamMapping) Descriptor() ([]byte, []int) { - return fileDescriptor_650a0b34f65fde60, []int{18} -} -func (m *ImageStreamMapping) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *ImageStreamMapping) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil -} -func (m *ImageStreamMapping) XXX_Merge(src proto.Message) { - xxx_messageInfo_ImageStreamMapping.Merge(m, src) -} -func (m *ImageStreamMapping) XXX_Size() int { - return m.Size() -} -func (m *ImageStreamMapping) XXX_DiscardUnknown() { - xxx_messageInfo_ImageStreamMapping.DiscardUnknown(m) -} +func (m *ImageImportStatus) Reset() { *m = ImageImportStatus{} } -var xxx_messageInfo_ImageStreamMapping proto.InternalMessageInfo +func (m *ImageLayer) Reset() { *m = ImageLayer{} } -func (m *ImageStreamSpec) Reset() { *m = ImageStreamSpec{} } -func (*ImageStreamSpec) ProtoMessage() {} -func (*ImageStreamSpec) Descriptor() ([]byte, []int) { - return fileDescriptor_650a0b34f65fde60, []int{19} -} -func (m *ImageStreamSpec) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *ImageStreamSpec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil -} -func (m *ImageStreamSpec) XXX_Merge(src proto.Message) { - xxx_messageInfo_ImageStreamSpec.Merge(m, src) -} -func (m *ImageStreamSpec) XXX_Size() int { - return m.Size() -} -func (m *ImageStreamSpec) XXX_DiscardUnknown() { - xxx_messageInfo_ImageStreamSpec.DiscardUnknown(m) -} +func (m *ImageLayerData) Reset() { *m = ImageLayerData{} } -var xxx_messageInfo_ImageStreamSpec proto.InternalMessageInfo +func (m *ImageList) Reset() { *m = ImageList{} } -func (m *ImageStreamStatus) Reset() { *m = ImageStreamStatus{} } -func (*ImageStreamStatus) ProtoMessage() {} -func (*ImageStreamStatus) Descriptor() ([]byte, []int) { - return fileDescriptor_650a0b34f65fde60, []int{20} -} -func (m *ImageStreamStatus) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *ImageStreamStatus) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil -} -func (m *ImageStreamStatus) XXX_Merge(src proto.Message) { - xxx_messageInfo_ImageStreamStatus.Merge(m, src) -} -func (m *ImageStreamStatus) XXX_Size() int { - return m.Size() -} -func (m *ImageStreamStatus) XXX_DiscardUnknown() { - xxx_messageInfo_ImageStreamStatus.DiscardUnknown(m) -} +func (m *ImageLookupPolicy) Reset() { *m = ImageLookupPolicy{} } -var xxx_messageInfo_ImageStreamStatus proto.InternalMessageInfo +func (m *ImageManifest) Reset() { *m = ImageManifest{} } -func (m *ImageStreamTag) Reset() { *m = ImageStreamTag{} } -func (*ImageStreamTag) ProtoMessage() {} -func (*ImageStreamTag) Descriptor() ([]byte, []int) { - return fileDescriptor_650a0b34f65fde60, []int{21} -} -func (m *ImageStreamTag) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *ImageStreamTag) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil -} -func (m *ImageStreamTag) XXX_Merge(src proto.Message) { - xxx_messageInfo_ImageStreamTag.Merge(m, src) -} -func (m *ImageStreamTag) XXX_Size() int { - return m.Size() -} -func (m *ImageStreamTag) XXX_DiscardUnknown() { - xxx_messageInfo_ImageStreamTag.DiscardUnknown(m) -} +func (m *ImageSignature) Reset() { *m = ImageSignature{} } -var xxx_messageInfo_ImageStreamTag proto.InternalMessageInfo +func (m *ImageStream) Reset() { *m = ImageStream{} } -func (m *ImageStreamTagList) Reset() { *m = ImageStreamTagList{} } -func (*ImageStreamTagList) ProtoMessage() {} -func (*ImageStreamTagList) Descriptor() ([]byte, []int) { - return fileDescriptor_650a0b34f65fde60, []int{22} -} -func (m *ImageStreamTagList) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *ImageStreamTagList) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil -} -func (m *ImageStreamTagList) XXX_Merge(src proto.Message) { - xxx_messageInfo_ImageStreamTagList.Merge(m, src) -} -func (m *ImageStreamTagList) XXX_Size() int { - return m.Size() -} -func (m *ImageStreamTagList) XXX_DiscardUnknown() { - xxx_messageInfo_ImageStreamTagList.DiscardUnknown(m) -} +func (m *ImageStreamImage) Reset() { *m = ImageStreamImage{} } -var xxx_messageInfo_ImageStreamTagList proto.InternalMessageInfo +func (m *ImageStreamImport) Reset() { *m = ImageStreamImport{} } -func (m *ImageTag) Reset() { *m = ImageTag{} } -func (*ImageTag) ProtoMessage() {} -func (*ImageTag) Descriptor() ([]byte, []int) { - return fileDescriptor_650a0b34f65fde60, []int{23} -} -func (m *ImageTag) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *ImageTag) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil -} -func (m *ImageTag) XXX_Merge(src proto.Message) { - xxx_messageInfo_ImageTag.Merge(m, src) -} -func (m *ImageTag) XXX_Size() int { - return m.Size() -} -func (m *ImageTag) XXX_DiscardUnknown() { - xxx_messageInfo_ImageTag.DiscardUnknown(m) -} +func (m *ImageStreamImportSpec) Reset() { *m = ImageStreamImportSpec{} } -var xxx_messageInfo_ImageTag proto.InternalMessageInfo +func (m *ImageStreamImportStatus) Reset() { *m = ImageStreamImportStatus{} } -func (m *ImageTagList) Reset() { *m = ImageTagList{} } -func (*ImageTagList) ProtoMessage() {} -func (*ImageTagList) Descriptor() ([]byte, []int) { - return fileDescriptor_650a0b34f65fde60, []int{24} -} -func (m *ImageTagList) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *ImageTagList) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil -} -func (m *ImageTagList) XXX_Merge(src proto.Message) { - xxx_messageInfo_ImageTagList.Merge(m, src) -} -func (m *ImageTagList) XXX_Size() int { - return m.Size() -} -func (m *ImageTagList) XXX_DiscardUnknown() { - xxx_messageInfo_ImageTagList.DiscardUnknown(m) -} +func (m *ImageStreamLayers) Reset() { *m = ImageStreamLayers{} } -var xxx_messageInfo_ImageTagList proto.InternalMessageInfo +func (m *ImageStreamList) Reset() { *m = ImageStreamList{} } -func (m *NamedTagEventList) Reset() { *m = NamedTagEventList{} } -func (*NamedTagEventList) ProtoMessage() {} -func (*NamedTagEventList) Descriptor() ([]byte, []int) { - return fileDescriptor_650a0b34f65fde60, []int{25} -} -func (m *NamedTagEventList) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *NamedTagEventList) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil -} -func (m *NamedTagEventList) XXX_Merge(src proto.Message) { - xxx_messageInfo_NamedTagEventList.Merge(m, src) -} -func (m *NamedTagEventList) XXX_Size() int { - return m.Size() -} -func (m *NamedTagEventList) XXX_DiscardUnknown() { - xxx_messageInfo_NamedTagEventList.DiscardUnknown(m) -} +func (m *ImageStreamMapping) Reset() { *m = ImageStreamMapping{} } -var xxx_messageInfo_NamedTagEventList proto.InternalMessageInfo +func (m *ImageStreamSpec) Reset() { *m = ImageStreamSpec{} } -func (m *RepositoryImportSpec) Reset() { *m = RepositoryImportSpec{} } -func (*RepositoryImportSpec) ProtoMessage() {} -func (*RepositoryImportSpec) Descriptor() ([]byte, []int) { - return fileDescriptor_650a0b34f65fde60, []int{26} -} -func (m *RepositoryImportSpec) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *RepositoryImportSpec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil -} -func (m *RepositoryImportSpec) XXX_Merge(src proto.Message) { - xxx_messageInfo_RepositoryImportSpec.Merge(m, src) -} -func (m *RepositoryImportSpec) XXX_Size() int { - return m.Size() -} -func (m *RepositoryImportSpec) XXX_DiscardUnknown() { - xxx_messageInfo_RepositoryImportSpec.DiscardUnknown(m) -} +func (m *ImageStreamStatus) Reset() { *m = ImageStreamStatus{} } -var xxx_messageInfo_RepositoryImportSpec proto.InternalMessageInfo +func (m *ImageStreamTag) Reset() { *m = ImageStreamTag{} } -func (m *RepositoryImportStatus) Reset() { *m = RepositoryImportStatus{} } -func (*RepositoryImportStatus) ProtoMessage() {} -func (*RepositoryImportStatus) Descriptor() ([]byte, []int) { - return fileDescriptor_650a0b34f65fde60, []int{27} -} -func (m *RepositoryImportStatus) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *RepositoryImportStatus) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil -} -func (m *RepositoryImportStatus) XXX_Merge(src proto.Message) { - xxx_messageInfo_RepositoryImportStatus.Merge(m, src) -} -func (m *RepositoryImportStatus) XXX_Size() int { - return m.Size() -} -func (m *RepositoryImportStatus) XXX_DiscardUnknown() { - xxx_messageInfo_RepositoryImportStatus.DiscardUnknown(m) -} - -var xxx_messageInfo_RepositoryImportStatus proto.InternalMessageInfo +func (m *ImageStreamTagList) Reset() { *m = ImageStreamTagList{} } -func (m *SecretList) Reset() { *m = SecretList{} } -func (*SecretList) ProtoMessage() {} -func (*SecretList) Descriptor() ([]byte, []int) { - return fileDescriptor_650a0b34f65fde60, []int{28} -} -func (m *SecretList) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *SecretList) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil -} -func (m *SecretList) XXX_Merge(src proto.Message) { - xxx_messageInfo_SecretList.Merge(m, src) -} -func (m *SecretList) XXX_Size() int { - return m.Size() -} -func (m *SecretList) XXX_DiscardUnknown() { - xxx_messageInfo_SecretList.DiscardUnknown(m) -} +func (m *ImageTag) Reset() { *m = ImageTag{} } -var xxx_messageInfo_SecretList proto.InternalMessageInfo +func (m *ImageTagList) Reset() { *m = ImageTagList{} } -func (m *SignatureCondition) Reset() { *m = SignatureCondition{} } -func (*SignatureCondition) ProtoMessage() {} -func (*SignatureCondition) Descriptor() ([]byte, []int) { - return fileDescriptor_650a0b34f65fde60, []int{29} -} -func (m *SignatureCondition) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *SignatureCondition) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil -} -func (m *SignatureCondition) XXX_Merge(src proto.Message) { - xxx_messageInfo_SignatureCondition.Merge(m, src) -} -func (m *SignatureCondition) XXX_Size() int { - return m.Size() -} -func (m *SignatureCondition) XXX_DiscardUnknown() { - xxx_messageInfo_SignatureCondition.DiscardUnknown(m) -} +func (m *NamedTagEventList) Reset() { *m = NamedTagEventList{} } -var xxx_messageInfo_SignatureCondition proto.InternalMessageInfo +func (m *RepositoryImportSpec) Reset() { *m = RepositoryImportSpec{} } -func (m *SignatureGenericEntity) Reset() { *m = SignatureGenericEntity{} } -func (*SignatureGenericEntity) ProtoMessage() {} -func (*SignatureGenericEntity) Descriptor() ([]byte, []int) { - return fileDescriptor_650a0b34f65fde60, []int{30} -} -func (m *SignatureGenericEntity) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *SignatureGenericEntity) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil -} -func (m *SignatureGenericEntity) XXX_Merge(src proto.Message) { - xxx_messageInfo_SignatureGenericEntity.Merge(m, src) -} -func (m *SignatureGenericEntity) XXX_Size() int { - return m.Size() -} -func (m *SignatureGenericEntity) XXX_DiscardUnknown() { - xxx_messageInfo_SignatureGenericEntity.DiscardUnknown(m) -} - -var xxx_messageInfo_SignatureGenericEntity proto.InternalMessageInfo - -func (m *SignatureIssuer) Reset() { *m = SignatureIssuer{} } -func (*SignatureIssuer) ProtoMessage() {} -func (*SignatureIssuer) Descriptor() ([]byte, []int) { - return fileDescriptor_650a0b34f65fde60, []int{31} -} -func (m *SignatureIssuer) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *SignatureIssuer) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil -} -func (m *SignatureIssuer) XXX_Merge(src proto.Message) { - xxx_messageInfo_SignatureIssuer.Merge(m, src) -} -func (m *SignatureIssuer) XXX_Size() int { - return m.Size() -} -func (m *SignatureIssuer) XXX_DiscardUnknown() { - xxx_messageInfo_SignatureIssuer.DiscardUnknown(m) -} - -var xxx_messageInfo_SignatureIssuer proto.InternalMessageInfo - -func (m *SignatureSubject) Reset() { *m = SignatureSubject{} } -func (*SignatureSubject) ProtoMessage() {} -func (*SignatureSubject) Descriptor() ([]byte, []int) { - return fileDescriptor_650a0b34f65fde60, []int{32} -} -func (m *SignatureSubject) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *SignatureSubject) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil -} -func (m *SignatureSubject) XXX_Merge(src proto.Message) { - xxx_messageInfo_SignatureSubject.Merge(m, src) -} -func (m *SignatureSubject) XXX_Size() int { - return m.Size() -} -func (m *SignatureSubject) XXX_DiscardUnknown() { - xxx_messageInfo_SignatureSubject.DiscardUnknown(m) -} +func (m *RepositoryImportStatus) Reset() { *m = RepositoryImportStatus{} } -var xxx_messageInfo_SignatureSubject proto.InternalMessageInfo +func (m *SecretList) Reset() { *m = SecretList{} } -func (m *TagEvent) Reset() { *m = TagEvent{} } -func (*TagEvent) ProtoMessage() {} -func (*TagEvent) Descriptor() ([]byte, []int) { - return fileDescriptor_650a0b34f65fde60, []int{33} -} -func (m *TagEvent) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *TagEvent) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil -} -func (m *TagEvent) XXX_Merge(src proto.Message) { - xxx_messageInfo_TagEvent.Merge(m, src) -} -func (m *TagEvent) XXX_Size() int { - return m.Size() -} -func (m *TagEvent) XXX_DiscardUnknown() { - xxx_messageInfo_TagEvent.DiscardUnknown(m) -} +func (m *SignatureCondition) Reset() { *m = SignatureCondition{} } -var xxx_messageInfo_TagEvent proto.InternalMessageInfo +func (m *SignatureGenericEntity) Reset() { *m = SignatureGenericEntity{} } -func (m *TagEventCondition) Reset() { *m = TagEventCondition{} } -func (*TagEventCondition) ProtoMessage() {} -func (*TagEventCondition) Descriptor() ([]byte, []int) { - return fileDescriptor_650a0b34f65fde60, []int{34} -} -func (m *TagEventCondition) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *TagEventCondition) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil -} -func (m *TagEventCondition) XXX_Merge(src proto.Message) { - xxx_messageInfo_TagEventCondition.Merge(m, src) -} -func (m *TagEventCondition) XXX_Size() int { - return m.Size() -} -func (m *TagEventCondition) XXX_DiscardUnknown() { - xxx_messageInfo_TagEventCondition.DiscardUnknown(m) -} +func (m *SignatureIssuer) Reset() { *m = SignatureIssuer{} } -var xxx_messageInfo_TagEventCondition proto.InternalMessageInfo +func (m *SignatureSubject) Reset() { *m = SignatureSubject{} } -func (m *TagImportPolicy) Reset() { *m = TagImportPolicy{} } -func (*TagImportPolicy) ProtoMessage() {} -func (*TagImportPolicy) Descriptor() ([]byte, []int) { - return fileDescriptor_650a0b34f65fde60, []int{35} -} -func (m *TagImportPolicy) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *TagImportPolicy) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil -} -func (m *TagImportPolicy) XXX_Merge(src proto.Message) { - xxx_messageInfo_TagImportPolicy.Merge(m, src) -} -func (m *TagImportPolicy) XXX_Size() int { - return m.Size() -} -func (m *TagImportPolicy) XXX_DiscardUnknown() { - xxx_messageInfo_TagImportPolicy.DiscardUnknown(m) -} +func (m *TagEvent) Reset() { *m = TagEvent{} } -var xxx_messageInfo_TagImportPolicy proto.InternalMessageInfo +func (m *TagEventCondition) Reset() { *m = TagEventCondition{} } -func (m *TagReference) Reset() { *m = TagReference{} } -func (*TagReference) ProtoMessage() {} -func (*TagReference) Descriptor() ([]byte, []int) { - return fileDescriptor_650a0b34f65fde60, []int{36} -} -func (m *TagReference) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *TagReference) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil -} -func (m *TagReference) XXX_Merge(src proto.Message) { - xxx_messageInfo_TagReference.Merge(m, src) -} -func (m *TagReference) XXX_Size() int { - return m.Size() -} -func (m *TagReference) XXX_DiscardUnknown() { - xxx_messageInfo_TagReference.DiscardUnknown(m) -} +func (m *TagImportPolicy) Reset() { *m = TagImportPolicy{} } -var xxx_messageInfo_TagReference proto.InternalMessageInfo +func (m *TagReference) Reset() { *m = TagReference{} } -func (m *TagReferencePolicy) Reset() { *m = TagReferencePolicy{} } -func (*TagReferencePolicy) ProtoMessage() {} -func (*TagReferencePolicy) Descriptor() ([]byte, []int) { - return fileDescriptor_650a0b34f65fde60, []int{37} -} -func (m *TagReferencePolicy) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *TagReferencePolicy) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil -} -func (m *TagReferencePolicy) XXX_Merge(src proto.Message) { - xxx_messageInfo_TagReferencePolicy.Merge(m, src) -} -func (m *TagReferencePolicy) XXX_Size() int { - return m.Size() -} -func (m *TagReferencePolicy) XXX_DiscardUnknown() { - xxx_messageInfo_TagReferencePolicy.DiscardUnknown(m) -} - -var xxx_messageInfo_TagReferencePolicy proto.InternalMessageInfo - -func init() { - proto.RegisterType((*DockerImageReference)(nil), "github.com.openshift.api.image.v1.DockerImageReference") - proto.RegisterType((*Image)(nil), "github.com.openshift.api.image.v1.Image") - proto.RegisterType((*ImageBlobReferences)(nil), "github.com.openshift.api.image.v1.ImageBlobReferences") - proto.RegisterType((*ImageImportSpec)(nil), "github.com.openshift.api.image.v1.ImageImportSpec") - proto.RegisterType((*ImageImportStatus)(nil), "github.com.openshift.api.image.v1.ImageImportStatus") - proto.RegisterType((*ImageLayer)(nil), "github.com.openshift.api.image.v1.ImageLayer") - proto.RegisterType((*ImageLayerData)(nil), "github.com.openshift.api.image.v1.ImageLayerData") - proto.RegisterType((*ImageList)(nil), "github.com.openshift.api.image.v1.ImageList") - proto.RegisterType((*ImageLookupPolicy)(nil), "github.com.openshift.api.image.v1.ImageLookupPolicy") - proto.RegisterType((*ImageManifest)(nil), "github.com.openshift.api.image.v1.ImageManifest") - proto.RegisterType((*ImageSignature)(nil), "github.com.openshift.api.image.v1.ImageSignature") - proto.RegisterMapType((map[string]string)(nil), "github.com.openshift.api.image.v1.ImageSignature.SignedClaimsEntry") - proto.RegisterType((*ImageStream)(nil), "github.com.openshift.api.image.v1.ImageStream") - proto.RegisterType((*ImageStreamImage)(nil), "github.com.openshift.api.image.v1.ImageStreamImage") - proto.RegisterType((*ImageStreamImport)(nil), "github.com.openshift.api.image.v1.ImageStreamImport") - proto.RegisterType((*ImageStreamImportSpec)(nil), "github.com.openshift.api.image.v1.ImageStreamImportSpec") - proto.RegisterType((*ImageStreamImportStatus)(nil), "github.com.openshift.api.image.v1.ImageStreamImportStatus") - proto.RegisterType((*ImageStreamLayers)(nil), "github.com.openshift.api.image.v1.ImageStreamLayers") - proto.RegisterMapType((map[string]ImageLayerData)(nil), "github.com.openshift.api.image.v1.ImageStreamLayers.BlobsEntry") - proto.RegisterMapType((map[string]ImageBlobReferences)(nil), "github.com.openshift.api.image.v1.ImageStreamLayers.ImagesEntry") - proto.RegisterType((*ImageStreamList)(nil), "github.com.openshift.api.image.v1.ImageStreamList") - proto.RegisterType((*ImageStreamMapping)(nil), "github.com.openshift.api.image.v1.ImageStreamMapping") - proto.RegisterType((*ImageStreamSpec)(nil), "github.com.openshift.api.image.v1.ImageStreamSpec") - proto.RegisterType((*ImageStreamStatus)(nil), "github.com.openshift.api.image.v1.ImageStreamStatus") - proto.RegisterType((*ImageStreamTag)(nil), "github.com.openshift.api.image.v1.ImageStreamTag") - proto.RegisterType((*ImageStreamTagList)(nil), "github.com.openshift.api.image.v1.ImageStreamTagList") - proto.RegisterType((*ImageTag)(nil), "github.com.openshift.api.image.v1.ImageTag") - proto.RegisterType((*ImageTagList)(nil), "github.com.openshift.api.image.v1.ImageTagList") - proto.RegisterType((*NamedTagEventList)(nil), "github.com.openshift.api.image.v1.NamedTagEventList") - proto.RegisterType((*RepositoryImportSpec)(nil), "github.com.openshift.api.image.v1.RepositoryImportSpec") - proto.RegisterType((*RepositoryImportStatus)(nil), "github.com.openshift.api.image.v1.RepositoryImportStatus") - proto.RegisterType((*SecretList)(nil), "github.com.openshift.api.image.v1.SecretList") - proto.RegisterType((*SignatureCondition)(nil), "github.com.openshift.api.image.v1.SignatureCondition") - proto.RegisterType((*SignatureGenericEntity)(nil), "github.com.openshift.api.image.v1.SignatureGenericEntity") - proto.RegisterType((*SignatureIssuer)(nil), "github.com.openshift.api.image.v1.SignatureIssuer") - proto.RegisterType((*SignatureSubject)(nil), "github.com.openshift.api.image.v1.SignatureSubject") - proto.RegisterType((*TagEvent)(nil), "github.com.openshift.api.image.v1.TagEvent") - proto.RegisterType((*TagEventCondition)(nil), "github.com.openshift.api.image.v1.TagEventCondition") - proto.RegisterType((*TagImportPolicy)(nil), "github.com.openshift.api.image.v1.TagImportPolicy") - proto.RegisterType((*TagReference)(nil), "github.com.openshift.api.image.v1.TagReference") - proto.RegisterMapType((map[string]string)(nil), "github.com.openshift.api.image.v1.TagReference.AnnotationsEntry") - proto.RegisterType((*TagReferencePolicy)(nil), "github.com.openshift.api.image.v1.TagReferencePolicy") -} - -func init() { - proto.RegisterFile("github.com/openshift/api/image/v1/generated.proto", fileDescriptor_650a0b34f65fde60) -} - -var fileDescriptor_650a0b34f65fde60 = []byte{ - // 2691 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xd4, 0x5a, 0x4d, 0x6c, 0x1b, 0xc7, - 0x15, 0xf6, 0xf2, 0x4f, 0xd4, 0x13, 0x25, 0x59, 0x63, 0xcb, 0x61, 0x68, 0x47, 0x92, 0xd7, 0xb5, - 0xe1, 0x34, 0x0e, 0x19, 0xa9, 0x4e, 0x2a, 0xbb, 0x40, 0x1d, 0xd3, 0x74, 0x0d, 0xb6, 0x62, 0xac, - 0x8c, 0x58, 0xa3, 0x35, 0x5c, 0xa0, 0xab, 0xe5, 0x68, 0xb5, 0x15, 0xb9, 0xcb, 0xee, 0x2e, 0x95, - 0xc8, 0x68, 0x81, 0xa2, 0x28, 0x82, 0x1c, 0x7a, 0x68, 0xcf, 0x39, 0x16, 0x41, 0x51, 0x14, 0xe8, - 0xa5, 0x68, 0xd0, 0x53, 0x2f, 0x4d, 0x01, 0xa3, 0xa7, 0x20, 0xe8, 0x21, 0x97, 0x0a, 0xb1, 0xda, - 0x73, 0x6f, 0xbd, 0xf8, 0x54, 0xcc, 0xcf, 0xfe, 0x72, 0x29, 0xed, 0xaa, 0x16, 0xdb, 0xdc, 0xc8, - 0x79, 0xef, 0x7d, 0x6f, 0xe6, 0xbd, 0x37, 0xef, 0xbd, 0x99, 0x59, 0x58, 0xd6, 0x74, 0x67, 0x7b, - 0xb0, 0x59, 0x55, 0xcd, 0x5e, 0xcd, 0xec, 0x13, 0xc3, 0xde, 0xd6, 0xb7, 0x9c, 0x9a, 0xd2, 0xd7, - 0x6b, 0x7a, 0x4f, 0xd1, 0x48, 0x6d, 0x77, 0xb9, 0xa6, 0x11, 0x83, 0x58, 0x8a, 0x43, 0x3a, 0xd5, - 0xbe, 0x65, 0x3a, 0x26, 0xba, 0xe8, 0x8b, 0x54, 0x3d, 0x91, 0xaa, 0xd2, 0xd7, 0xab, 0x4c, 0xa4, - 0xba, 0xbb, 0x5c, 0x79, 0x35, 0x80, 0xaa, 0x99, 0x9a, 0x59, 0x63, 0x92, 0x9b, 0x83, 0x2d, 0xf6, - 0x8f, 0xfd, 0x61, 0xbf, 0x38, 0x62, 0x45, 0xde, 0x59, 0xb5, 0xab, 0xba, 0xc9, 0xd4, 0xaa, 0xa6, - 0x15, 0xa7, 0xb5, 0x72, 0xdd, 0xe7, 0xe9, 0x29, 0xea, 0xb6, 0x6e, 0x10, 0x6b, 0xaf, 0xd6, 0xdf, - 0xd1, 0xe8, 0x80, 0x5d, 0xeb, 0x11, 0x47, 0x89, 0x93, 0xaa, 0x8d, 0x92, 0xb2, 0x06, 0x86, 0xa3, - 0xf7, 0xc8, 0x90, 0xc0, 0x1b, 0x47, 0x09, 0xd8, 0xea, 0x36, 0xe9, 0x29, 0x51, 0x39, 0xf9, 0x53, - 0x09, 0xce, 0x36, 0x4c, 0x75, 0x87, 0x58, 0x4d, 0x6a, 0x04, 0x4c, 0xb6, 0x88, 0x45, 0x0c, 0x95, - 0xa0, 0x6b, 0x50, 0xb4, 0x88, 0xa6, 0xdb, 0x8e, 0xb5, 0x57, 0x96, 0x96, 0xa4, 0xab, 0x93, 0xf5, - 0xd3, 0x4f, 0xf6, 0x17, 0x4f, 0x1d, 0xec, 0x2f, 0x16, 0xb1, 0x18, 0xc7, 0x1e, 0x07, 0xaa, 0xc1, - 0xa4, 0xa1, 0xf4, 0x88, 0xdd, 0x57, 0x54, 0x52, 0xce, 0x30, 0xf6, 0x39, 0xc1, 0x3e, 0xf9, 0x96, - 0x4b, 0xc0, 0x3e, 0x0f, 0x5a, 0x82, 0x1c, 0xfd, 0x53, 0xce, 0x32, 0xde, 0x92, 0xe0, 0xcd, 0x51, - 0x5e, 0xcc, 0x28, 0xe8, 0x25, 0xc8, 0x3a, 0x8a, 0x56, 0xce, 0x31, 0x86, 0x29, 0xc1, 0x90, 0x6d, - 0x2b, 0x1a, 0xa6, 0xe3, 0xa8, 0x02, 0x19, 0xbd, 0x51, 0xce, 0x33, 0x2a, 0x08, 0x6a, 0xa6, 0xd9, - 0xc0, 0x19, 0xbd, 0x21, 0xff, 0xad, 0x08, 0x79, 0xb6, 0x1c, 0xf4, 0x7d, 0x28, 0x52, 0x13, 0x77, - 0x14, 0x47, 0x61, 0xab, 0x98, 0x5a, 0x79, 0xad, 0xca, 0x2d, 0x55, 0x0d, 0x5a, 0xaa, 0xda, 0xdf, - 0xd1, 0xe8, 0x80, 0x5d, 0xa5, 0xdc, 0xd5, 0xdd, 0xe5, 0xea, 0xfd, 0xcd, 0x1f, 0x10, 0xd5, 0x69, - 0x11, 0x47, 0xa9, 0x23, 0x81, 0x0e, 0xfe, 0x18, 0xf6, 0x50, 0xd1, 0x3a, 0x9c, 0xed, 0xc4, 0xd8, - 0x4f, 0x18, 0xe1, 0x82, 0x90, 0x8d, 0xb5, 0x31, 0x8e, 0x95, 0x44, 0x3f, 0x82, 0x33, 0x81, 0xf1, - 0x96, 0x3b, 0xfd, 0x2c, 0x9b, 0xfe, 0xab, 0x23, 0xa7, 0x2f, 0x1c, 0x5d, 0xc5, 0xca, 0x3b, 0x77, - 0xdf, 0x75, 0x88, 0x61, 0xeb, 0xa6, 0x51, 0x3f, 0x2f, 0xf4, 0x9f, 0x69, 0x0c, 0x23, 0xe2, 0x38, - 0x35, 0x68, 0x13, 0x2a, 0x31, 0xc3, 0x0f, 0x88, 0x45, 0xf1, 0x84, 0x37, 0x64, 0x81, 0x5a, 0x69, - 0x8c, 0xe4, 0xc4, 0x87, 0xa0, 0xa0, 0x56, 0x78, 0x85, 0x8a, 0xa1, 0x6f, 0x11, 0xdb, 0x11, 0xce, - 0x8c, 0x9d, 0xb2, 0x60, 0xc1, 0x71, 0x72, 0x68, 0x17, 0xe6, 0x02, 0xc3, 0x6b, 0xca, 0x1e, 0xb1, - 0xec, 0x72, 0x61, 0x29, 0xcb, 0xcc, 0x75, 0xe4, 0xa6, 0xaf, 0xfa, 0x52, 0xf5, 0x17, 0x85, 0xee, - 0xb9, 0x46, 0x14, 0x0f, 0x0f, 0xab, 0x40, 0x04, 0xc0, 0xd6, 0x35, 0x43, 0x71, 0x06, 0x16, 0xb1, - 0xcb, 0x13, 0x4c, 0xe1, 0x72, 0x52, 0x85, 0x1b, 0xae, 0xa4, 0x1f, 0x5f, 0xde, 0x90, 0x8d, 0x03, - 0xc0, 0xe8, 0x3e, 0xcc, 0x07, 0x74, 0xfb, 0x4c, 0xe5, 0xe2, 0x52, 0xf6, 0x6a, 0xa9, 0xfe, 0xe2, - 0xc1, 0xfe, 0xe2, 0x7c, 0x23, 0x8e, 0x01, 0xc7, 0xcb, 0xa1, 0x6d, 0xb8, 0x10, 0x63, 0xc6, 0x16, - 0xe9, 0xe8, 0x4a, 0x7b, 0xaf, 0x4f, 0xca, 0x93, 0xcc, 0x0f, 0x5f, 0x12, 0xd3, 0xba, 0xd0, 0x38, - 0x84, 0x17, 0x1f, 0x8a, 0x84, 0xee, 0x85, 0x3c, 0x73, 0xc7, 0x34, 0xb6, 0x74, 0xad, 0x0c, 0x0c, - 0x3e, 0xce, 0xd4, 0x9c, 0x01, 0x0f, 0xcb, 0xa0, 0x9f, 0x4a, 0xa1, 0x6d, 0xe6, 0x6a, 0xb2, 0xcb, - 0x53, 0xcc, 0xea, 0xaf, 0x25, 0xb5, 0xba, 0x2b, 0x18, 0xbb, 0x31, 0x3d, 0x54, 0x1c, 0xab, 0x4b, - 0xfe, 0x58, 0x82, 0x33, 0x6c, 0xa8, 0xde, 0x35, 0x37, 0xbd, 0xfd, 0x6a, 0xa3, 0x55, 0x28, 0x31, - 0x2d, 0x2d, 0xdd, 0xb6, 0x75, 0x43, 0x63, 0x3b, 0xb5, 0x58, 0x3f, 0x2b, 0x34, 0x94, 0x9a, 0x01, - 0x1a, 0x0e, 0x71, 0x22, 0x19, 0x0a, 0x5d, 0x1e, 0xae, 0xd2, 0x52, 0x96, 0x26, 0xb2, 0x83, 0xfd, - 0xc5, 0x82, 0x08, 0x38, 0x41, 0xa1, 0x3c, 0x2a, 0x37, 0x1c, 0x4f, 0x29, 0x8c, 0x47, 0x58, 0x4a, - 0x50, 0xd0, 0x2b, 0x30, 0xd9, 0xf3, 0x4c, 0x92, 0x63, 0x50, 0xd3, 0x34, 0xf5, 0xfa, 0x2b, 0xf2, - 0xe9, 0xf2, 0x5f, 0xb2, 0x30, 0xcb, 0xe6, 0xd4, 0xec, 0xf5, 0x4d, 0xcb, 0xd9, 0xe8, 0x13, 0x15, - 0xdd, 0x85, 0xdc, 0x96, 0x65, 0xf6, 0x44, 0x8e, 0xbc, 0x14, 0x48, 0x32, 0x55, 0x5a, 0xd8, 0xfc, - 0x8c, 0xe8, 0x2d, 0xdb, 0xcf, 0xd9, 0xdf, 0xb0, 0xcc, 0x1e, 0x66, 0xe2, 0xe8, 0x4d, 0xc8, 0x38, - 0x26, 0x9b, 0xe7, 0xd4, 0xca, 0xd5, 0x38, 0x90, 0x35, 0x53, 0x55, 0xba, 0x51, 0xa4, 0x02, 0x4d, - 0xdd, 0x6d, 0x13, 0x67, 0x1c, 0x13, 0x75, 0xa9, 0x2d, 0xe9, 0xb4, 0xd6, 0xcd, 0xae, 0xae, 0xee, - 0x89, 0xac, 0xb7, 0x92, 0xc0, 0xbf, 0x6d, 0x45, 0x6b, 0x06, 0x24, 0x83, 0xf6, 0xf7, 0x47, 0x71, - 0x08, 0x1d, 0xbd, 0x0b, 0xb3, 0x96, 0x3b, 0x0d, 0xa1, 0x30, 0xcf, 0x14, 0xbe, 0x9e, 0x4c, 0x21, - 0x0e, 0x0b, 0xd7, 0x5f, 0x10, 0x3a, 0x67, 0x23, 0x04, 0x1c, 0x55, 0x83, 0x6e, 0xc3, 0xac, 0x6e, - 0xa8, 0xdd, 0x41, 0xc7, 0x4f, 0x7f, 0x39, 0x16, 0x36, 0x1e, 0x44, 0x33, 0x4c, 0xc6, 0x51, 0x7e, - 0xf9, 0x77, 0x19, 0x98, 0x0b, 0xfa, 0xd1, 0x51, 0x9c, 0x81, 0x8d, 0xda, 0x50, 0xb0, 0xd9, 0x2f, - 0xe1, 0xcb, 0x6b, 0xc9, 0xea, 0x1d, 0x97, 0xae, 0xcf, 0x08, 0xed, 0x05, 0xfe, 0x1f, 0x0b, 0x2c, - 0xd4, 0x84, 0x3c, 0x5b, 0xb7, 0xe7, 0xdb, 0x84, 0xfb, 0xad, 0x3e, 0x79, 0xb0, 0xbf, 0xc8, 0x6b, - 0x31, 0xe6, 0x08, 0x6e, 0x5d, 0xcf, 0x8e, 0xa8, 0xeb, 0xdf, 0x8d, 0x86, 0x72, 0x1a, 0x6d, 0x5e, - 0xcf, 0x11, 0x1b, 0xf8, 0xef, 0x49, 0x00, 0x7e, 0xfe, 0xf6, 0x5a, 0x10, 0x69, 0x64, 0x0b, 0x72, - 0x19, 0x72, 0xb6, 0xfe, 0x98, 0x2f, 0x3a, 0xeb, 0x83, 0x33, 0xf1, 0x0d, 0xfd, 0x31, 0xc1, 0x8c, - 0x4c, 0x9b, 0x9f, 0x9e, 0x97, 0x3c, 0xb3, 0xe1, 0xe6, 0xc7, 0xcf, 0x94, 0x3e, 0x8f, 0xdc, 0x81, - 0x19, 0x7f, 0x1e, 0x0d, 0x5a, 0x75, 0x2f, 0x0a, 0x4d, 0x12, 0xd3, 0x34, 0x7d, 0xa4, 0x96, 0x4c, - 0x02, 0x2d, 0x7f, 0x94, 0x60, 0x92, 0xab, 0xd1, 0x6d, 0x07, 0x3d, 0x1a, 0xea, 0x84, 0xaa, 0xc9, - 0x22, 0x83, 0x4a, 0xb3, 0x3e, 0xc8, 0xeb, 0xff, 0xdc, 0x91, 0x40, 0x17, 0xd4, 0x82, 0xbc, 0xee, - 0x90, 0x9e, 0x5d, 0xce, 0xa4, 0xf4, 0xd8, 0xb4, 0x00, 0xcd, 0x37, 0xa9, 0x38, 0xe6, 0x28, 0xf2, - 0xaa, 0x88, 0xec, 0x35, 0xd3, 0xdc, 0x19, 0xf4, 0xc5, 0x96, 0xb9, 0x04, 0xf9, 0x2e, 0x4d, 0x1f, - 0x22, 0xbf, 0x7a, 0x92, 0x2c, 0xa7, 0x60, 0x4e, 0x93, 0x7f, 0x95, 0x81, 0xe9, 0x70, 0x77, 0x70, - 0x05, 0x0a, 0x1d, 0x5d, 0xa3, 0x1b, 0x8c, 0x3b, 0xda, 0x0b, 0xf1, 0x06, 0x1b, 0xc5, 0x82, 0x9a, - 0xda, 0xbe, 0x34, 0xed, 0xbb, 0xb1, 0x45, 0xdd, 0xc4, 0xa6, 0x95, 0xf5, 0xd3, 0x4e, 0x2b, 0x40, - 0xc3, 0x21, 0x4e, 0x2a, 0xa9, 0x58, 0xea, 0xb6, 0xee, 0x10, 0x95, 0x56, 0x64, 0xd1, 0x55, 0x79, - 0x92, 0xb7, 0x03, 0x34, 0x1c, 0xe2, 0xa4, 0x5d, 0xaf, 0x69, 0x47, 0xbb, 0xde, 0xfb, 0x1b, 0x38, - 0x63, 0xda, 0xe8, 0x65, 0x98, 0xd8, 0x55, 0x2c, 0x5d, 0x31, 0x9c, 0x72, 0x81, 0x31, 0xcc, 0x0a, - 0x86, 0x89, 0x07, 0x7c, 0x18, 0xbb, 0x74, 0xf9, 0xf7, 0x05, 0x11, 0x81, 0x5e, 0x57, 0x30, 0x86, - 0x4e, 0x79, 0x09, 0x72, 0x8e, 0x6f, 0x5b, 0x6f, 0xbf, 0x31, 0xb3, 0x32, 0x0a, 0xba, 0x0c, 0x13, - 0xaa, 0x69, 0x38, 0xc4, 0x70, 0x98, 0x31, 0x4b, 0xf5, 0x29, 0x3a, 0xfb, 0x3b, 0x7c, 0x08, 0xbb, - 0x34, 0xa4, 0x03, 0xa8, 0xa6, 0xd1, 0xd1, 0x1d, 0xdd, 0x34, 0xdc, 0x1c, 0x91, 0x24, 0x61, 0x7b, - 0x8b, 0xbd, 0xe3, 0x4a, 0xfb, 0x33, 0xf6, 0x86, 0x6c, 0x1c, 0x00, 0x47, 0x5f, 0x83, 0x69, 0x26, - 0xde, 0xec, 0x10, 0xc3, 0xd1, 0x9d, 0x3d, 0x61, 0xfa, 0x79, 0x21, 0xc6, 0x43, 0xcd, 0x25, 0xe2, - 0x30, 0x2f, 0xfa, 0x31, 0x94, 0x68, 0x1b, 0x47, 0x3a, 0x77, 0xba, 0x8a, 0xde, 0x73, 0x5b, 0xd2, - 0x3b, 0xa9, 0x3b, 0x44, 0x36, 0x71, 0x17, 0xe5, 0xae, 0xe1, 0x58, 0x81, 0xe2, 0x16, 0x24, 0xe1, - 0x90, 0x3a, 0xf4, 0x36, 0x4c, 0xa8, 0x16, 0xa1, 0x67, 0xbd, 0xf2, 0x04, 0x73, 0xe8, 0x97, 0x93, - 0x39, 0xb4, 0xad, 0xf7, 0x88, 0xb0, 0x3c, 0x17, 0xc7, 0x2e, 0x0e, 0x4d, 0x22, 0xba, 0x6d, 0x0f, - 0x48, 0xa7, 0xbe, 0x57, 0x2e, 0x26, 0xae, 0xcc, 0xde, 0x42, 0x9a, 0x54, 0xd6, 0xaa, 0x97, 0x68, - 0x12, 0x69, 0x0a, 0x1c, 0xec, 0x21, 0xa2, 0xef, 0xb9, 0xe8, 0x6d, 0x93, 0xf5, 0xa0, 0x53, 0x2b, - 0x5f, 0x49, 0x83, 0xbe, 0x31, 0x60, 0x51, 0x17, 0x84, 0x6f, 0x9b, 0xd8, 0x83, 0xac, 0xdc, 0x82, - 0xb9, 0x21, 0x43, 0xa2, 0xd3, 0x90, 0xdd, 0x21, 0xe2, 0x84, 0x8b, 0xe9, 0x4f, 0x74, 0x16, 0xf2, - 0xbb, 0x4a, 0x77, 0x20, 0xe2, 0x14, 0xf3, 0x3f, 0x37, 0x33, 0xab, 0x12, 0xcd, 0x2d, 0x53, 0xdc, - 0x33, 0x8e, 0x45, 0x94, 0xde, 0x18, 0xb6, 0x4c, 0x1b, 0x72, 0x76, 0x9f, 0xa8, 0xa2, 0xea, 0xae, - 0x24, 0x8e, 0x1c, 0x36, 0x3f, 0xda, 0xd8, 0xf9, 0xdb, 0x8c, 0xfe, 0xc3, 0x0c, 0x0d, 0x3d, 0xf2, - 0x5a, 0x04, 0xde, 0x5d, 0x5d, 0x4f, 0x89, 0x7b, 0x68, 0xab, 0x20, 0xff, 0x59, 0x82, 0xd3, 0x01, - 0xee, 0x71, 0x9d, 0xc3, 0x5b, 0xc7, 0xed, 0x50, 0xfc, 0x0a, 0x14, 0xe8, 0x52, 0xe4, 0x3f, 0xb8, - 0xcd, 0x95, 0xbb, 0x0a, 0xda, 0x62, 0x8d, 0x61, 0x19, 0x0f, 0x43, 0x1e, 0x5f, 0x4d, 0xe7, 0x19, - 0xbf, 0xa1, 0x8f, 0xf5, 0xfb, 0x66, 0xc4, 0xef, 0x37, 0x8f, 0x85, 0x7e, 0xb8, 0xf7, 0x7f, 0x96, - 0x81, 0xf9, 0xd8, 0x19, 0xd1, 0x3a, 0xcc, 0x7b, 0x6f, 0x66, 0xb9, 0xa2, 0x8f, 0xc0, 0x79, 0xb0, - 0xa0, 0x22, 0x0d, 0xc0, 0x22, 0x7d, 0xd3, 0xd6, 0x1d, 0xd3, 0xda, 0x13, 0x76, 0xf8, 0x6a, 0x82, - 0x99, 0x62, 0x4f, 0x28, 0x60, 0x86, 0x19, 0x6a, 0x68, 0x9f, 0x82, 0x03, 0xd0, 0xe8, 0x21, 0x9d, - 0x90, 0xa2, 0x11, 0x6a, 0x8e, 0x6c, 0x9a, 0xed, 0x15, 0xc4, 0xf7, 0x17, 0x41, 0x91, 0xb0, 0x40, - 0x94, 0x3f, 0xca, 0xc0, 0x0b, 0x23, 0x4c, 0x87, 0x70, 0xc8, 0x10, 0xb4, 0x0f, 0x4b, 0xe5, 0x06, - 0x7e, 0x00, 0x8c, 0x18, 0x4d, 0x8f, 0x31, 0xda, 0x8d, 0xe3, 0x18, 0x4d, 0x78, 0xf7, 0x10, 0xb3, - 0x3d, 0x8a, 0x98, 0xed, 0x7a, 0x4a, 0xb3, 0x45, 0xe2, 0x27, 0x62, 0xb8, 0x0f, 0x73, 0xa1, 0x7d, - 0x27, 0x6e, 0x5a, 0x4e, 0x7e, 0xdf, 0x75, 0x20, 0xbf, 0xd9, 0x35, 0x37, 0xdd, 0x06, 0xf6, 0x56, - 0x3a, 0x9f, 0xf0, 0x69, 0x56, 0xeb, 0x14, 0x81, 0x17, 0x68, 0x2f, 0xab, 0xb0, 0x31, 0xcc, 0xc1, - 0xd1, 0x76, 0xc4, 0x76, 0x6f, 0x1e, 0x4b, 0x0d, 0x37, 0x19, 0xd7, 0x33, 0xc2, 0x8e, 0x95, 0x1d, - 0x00, 0x7f, 0x36, 0x31, 0x55, 0xee, 0x5e, 0xb0, 0xca, 0xa5, 0xb8, 0xb6, 0xf2, 0x8e, 0x2c, 0x81, - 0xc2, 0x58, 0xf9, 0xa1, 0xa8, 0x8b, 0x23, 0xb5, 0xad, 0x85, 0xb5, 0xbd, 0x91, 0x38, 0x39, 0x87, - 0x2e, 0x5a, 0x82, 0xb5, 0xf8, 0x63, 0x49, 0x5c, 0x62, 0x08, 0xcb, 0x9c, 0xfc, 0x11, 0x67, 0x23, - 0x7c, 0xc4, 0x49, 0xbb, 0x6b, 0xe3, 0x0f, 0x3a, 0xff, 0x94, 0x00, 0x05, 0xb8, 0x5a, 0x4a, 0xbf, - 0xaf, 0x1b, 0xda, 0x17, 0xae, 0x5c, 0x1e, 0x71, 0xa8, 0x97, 0x7f, 0x93, 0x09, 0x79, 0x8b, 0xd5, - 0x03, 0x03, 0x4a, 0xdd, 0xc0, 0xf1, 0x2e, 0x6d, 0x2f, 0x12, 0x3c, 0x1a, 0xfa, 0xed, 0x70, 0x70, - 0x14, 0x87, 0xf0, 0xd1, 0x46, 0xe8, 0x1a, 0xd5, 0x4f, 0x6e, 0xe2, 0x58, 0xf8, 0x92, 0x80, 0x98, - 0x6f, 0xc4, 0x31, 0xe1, 0x78, 0x59, 0xf4, 0x36, 0xe4, 0x1c, 0x45, 0x73, 0x63, 0xa2, 0x96, 0xf2, - 0xd6, 0x28, 0x70, 0x08, 0x52, 0x34, 0x1b, 0x33, 0x28, 0xf9, 0xd7, 0xe1, 0xce, 0x43, 0x14, 0x8d, - 0x13, 0x99, 0x3d, 0x81, 0xf3, 0xfd, 0xc1, 0x66, 0x57, 0x57, 0x63, 0xa5, 0x84, 0x37, 0x2f, 0x09, - 0xe8, 0xf3, 0xeb, 0xa3, 0x59, 0xf1, 0x61, 0x38, 0xe8, 0x41, 0xc8, 0x48, 0x49, 0x3c, 0xfc, 0x96, - 0xd2, 0x23, 0x9d, 0xb6, 0xa2, 0xdd, 0xdd, 0x25, 0x86, 0x43, 0xf7, 0x62, 0xac, 0xa5, 0x3e, 0xc8, - 0xb9, 0xa7, 0x58, 0x66, 0xa9, 0xb6, 0x32, 0x8e, 0x8d, 0xf3, 0x4d, 0x1e, 0xe9, 0x7c, 0xdb, 0xa4, - 0x76, 0xf8, 0x44, 0xe8, 0xae, 0x6b, 0x05, 0x40, 0xbc, 0xc7, 0xe9, 0xa6, 0x21, 0xee, 0x0f, 0x3c, - 0xed, 0xf7, 0x3c, 0x0a, 0x0e, 0x70, 0x0d, 0x6d, 0x9b, 0xc2, 0x09, 0x6f, 0x9b, 0xed, 0x98, 0xc3, - 0xf6, 0xf5, 0x64, 0xcb, 0x66, 0xde, 0x4b, 0x7e, 0xd6, 0xf6, 0x52, 0x52, 0xfe, 0xb9, 0x74, 0xf0, - 0x7f, 0x0d, 0xa7, 0xd6, 0xb6, 0xa2, 0x8d, 0xa1, 0x48, 0x3c, 0x08, 0x17, 0x89, 0xe5, 0x74, 0x45, - 0xa2, 0xad, 0x68, 0x23, 0xea, 0xc4, 0xe7, 0x19, 0x28, 0x32, 0xc6, 0xf1, 0x04, 0x79, 0x2b, 0x74, - 0x0a, 0x49, 0x1d, 0xe5, 0xc5, 0xc8, 0xc1, 0xe3, 0x3b, 0xc7, 0x38, 0x70, 0x0e, 0xa7, 0x00, 0x38, - 0xec, 0x5e, 0x3a, 0xf7, 0xdf, 0xde, 0x4b, 0xcb, 0x7f, 0x92, 0xa0, 0xe4, 0x9a, 0x78, 0x0c, 0x91, - 0xb2, 0x1e, 0x8e, 0x94, 0x57, 0x92, 0xce, 0x7c, 0x74, 0x8c, 0xfc, 0x4b, 0x82, 0xb9, 0x21, 0xab, - 0xb9, 0x95, 0x59, 0x1a, 0x71, 0xdd, 0x7e, 0x8c, 0x69, 0xb8, 0xf0, 0xf1, 0xd3, 0x88, 0x24, 0x8c, - 0xec, 0xc9, 0x25, 0x0c, 0xf9, 0xfd, 0x2c, 0x9c, 0x8d, 0x3b, 0xf5, 0x3d, 0xaf, 0xd7, 0xac, 0xe8, - 0x5b, 0x54, 0x66, 0xdc, 0x6f, 0x51, 0xb9, 0xff, 0xd9, 0x5b, 0x54, 0x36, 0xe5, 0x5b, 0xd4, 0xfb, - 0x19, 0x38, 0x17, 0x7f, 0x96, 0x3c, 0xa1, 0x07, 0x29, 0xff, 0x14, 0x9a, 0x79, 0xfe, 0xa7, 0x50, - 0x74, 0x13, 0x66, 0x94, 0x0e, 0x0f, 0x33, 0xa5, 0x4b, 0x3b, 0x0e, 0x16, 0xc7, 0x93, 0x75, 0x74, - 0xb0, 0xbf, 0x38, 0x73, 0x3b, 0x44, 0xc1, 0x11, 0x4e, 0xf9, 0xb7, 0x12, 0xc0, 0x06, 0x51, 0x2d, - 0xe2, 0x8c, 0x21, 0x8b, 0xdc, 0x0a, 0x6f, 0xdf, 0x4a, 0x5c, 0xa8, 0xf3, 0xc9, 0x8c, 0x48, 0x1a, - 0x9f, 0x66, 0x01, 0x0d, 0xdf, 0x8b, 0xa3, 0x9b, 0xe2, 0xae, 0x9e, 0xa7, 0x8d, 0x2b, 0xc1, 0xbb, - 0xfa, 0x67, 0xfb, 0x8b, 0xe7, 0x86, 0x25, 0x02, 0xb7, 0xf8, 0x6b, 0x9e, 0xc3, 0xf9, 0x4d, 0xff, - 0xf5, 0xb0, 0x0b, 0x9f, 0xed, 0x2f, 0xc6, 0x7c, 0x37, 0x55, 0xf5, 0x90, 0x22, 0x8e, 0xd6, 0x60, - 0xba, 0xab, 0xd8, 0xce, 0xba, 0x65, 0x6e, 0x92, 0xb6, 0x2e, 0xbe, 0x18, 0x4a, 0x77, 0x97, 0xed, - 0xdd, 0xd6, 0xaf, 0x05, 0x81, 0x70, 0x18, 0x17, 0xed, 0x02, 0xa2, 0x03, 0x6d, 0x4b, 0x31, 0x6c, - 0xbe, 0x24, 0xaa, 0x2d, 0x97, 0x5a, 0x5b, 0x45, 0x68, 0x43, 0x6b, 0x43, 0x68, 0x38, 0x46, 0x03, - 0xba, 0x02, 0x05, 0x8b, 0x28, 0xb6, 0x69, 0x88, 0xb7, 0x05, 0x2f, 0x26, 0x31, 0x1b, 0xc5, 0x82, - 0x8a, 0x5e, 0x86, 0x89, 0x1e, 0xb1, 0x6d, 0x5a, 0xec, 0x22, 0xcf, 0x3b, 0x2d, 0x3e, 0x8c, 0x5d, - 0xba, 0xfc, 0x9e, 0x04, 0xbe, 0x8b, 0x58, 0x1f, 0xa9, 0xab, 0x77, 0xf9, 0x9b, 0xc4, 0x2a, 0x94, - 0x4c, 0x4b, 0x53, 0x0c, 0xfd, 0x31, 0x6f, 0x3a, 0xa5, 0xf0, 0xd3, 0xd3, 0xfd, 0x00, 0x0d, 0x87, - 0x38, 0x69, 0xb3, 0xaa, 0x9a, 0xbd, 0x9e, 0x69, 0xd0, 0x1a, 0x23, 0x5c, 0x1b, 0xc8, 0xd0, 0x2e, - 0x05, 0x07, 0xb8, 0xe4, 0x0f, 0x25, 0x98, 0x8d, 0xdc, 0xfe, 0xa3, 0x5f, 0x4a, 0x70, 0xce, 0x8e, - 0x9d, 0x9c, 0xd8, 0x1f, 0x37, 0xd2, 0x5c, 0xfa, 0x87, 0x00, 0xea, 0x0b, 0x62, 0x3e, 0x23, 0x56, - 0x8f, 0x47, 0x28, 0x96, 0xff, 0x2e, 0xc1, 0xe9, 0xe8, 0x3b, 0xc2, 0xff, 0xe3, 0x44, 0xd1, 0xeb, - 0x30, 0xc5, 0x4f, 0x5a, 0xdf, 0x22, 0x7b, 0xcd, 0x86, 0xf0, 0xc2, 0x19, 0x01, 0x36, 0xb5, 0xee, - 0x93, 0x70, 0x90, 0x4f, 0xfe, 0x79, 0x06, 0x8a, 0x6e, 0x7d, 0x45, 0xdf, 0xf6, 0xdf, 0x85, 0xa4, - 0xd4, 0xd1, 0xed, 0x05, 0xdd, 0xd0, 0xdb, 0xd0, 0xf3, 0xff, 0x10, 0xee, 0x92, 0xdb, 0xdc, 0xf1, - 0x83, 0x68, 0xfc, 0xcd, 0x43, 0xf8, 0x0c, 0x95, 0x4b, 0x72, 0x86, 0x92, 0x3f, 0xc8, 0xc2, 0xdc, - 0x50, 0xbb, 0x81, 0x6e, 0x84, 0x72, 0xde, 0xe5, 0x48, 0xce, 0x9b, 0x1f, 0x12, 0x38, 0xb1, 0x94, - 0x17, 0x9f, 0x89, 0xb2, 0x63, 0xcc, 0x44, 0xb9, 0xa4, 0x99, 0x28, 0x7f, 0x78, 0x26, 0x8a, 0x78, - 0xa7, 0x90, 0xc8, 0x3b, 0x1f, 0x49, 0x30, 0x1b, 0x69, 0xa0, 0xd0, 0x35, 0x28, 0xea, 0x86, 0x4d, - 0xd4, 0x81, 0x45, 0xc4, 0xf3, 0x81, 0x57, 0x15, 0x9b, 0x62, 0x1c, 0x7b, 0x1c, 0xa8, 0x06, 0x93, - 0xb6, 0xba, 0x4d, 0x3a, 0x83, 0x2e, 0xe9, 0x30, 0x8f, 0x14, 0xfd, 0xa7, 0xfc, 0x0d, 0x97, 0x80, - 0x7d, 0x1e, 0xd4, 0x00, 0xe0, 0xbd, 0x58, 0xcb, 0xec, 0xb8, 0xe1, 0xe6, 0x7e, 0xff, 0x06, 0x4d, - 0x8f, 0xf2, 0x6c, 0x7f, 0x71, 0xc6, 0xff, 0xc7, 0xfc, 0x1f, 0x90, 0x93, 0xff, 0x9d, 0x83, 0x52, - 0xb0, 0x11, 0x4b, 0xf0, 0x85, 0xc9, 0x3b, 0x30, 0xa5, 0x18, 0x86, 0xe9, 0x28, 0xbc, 0x5b, 0xce, - 0x24, 0xbe, 0x15, 0x0e, 0xea, 0xa9, 0xde, 0xf6, 0x21, 0xf8, 0xad, 0xb0, 0x97, 0x11, 0x02, 0x14, - 0x1c, 0xd4, 0x84, 0x6e, 0x8b, 0x16, 0x39, 0x9b, 0xbc, 0x45, 0x2e, 0x46, 0xda, 0xe3, 0x1a, 0x4c, - 0x7a, 0x9d, 0xa4, 0xf8, 0x78, 0xc9, 0xb3, 0xb2, 0xbf, 0xb5, 0x7d, 0x1e, 0x54, 0x0d, 0x05, 0x43, - 0x9e, 0x05, 0xc3, 0xcc, 0x21, 0x57, 0x1d, 0xd1, 0xfe, 0xbb, 0x30, 0xee, 0xfe, 0x7b, 0x62, 0x2c, - 0xfd, 0x77, 0xe5, 0xeb, 0x70, 0x3a, 0xea, 0xc1, 0x54, 0xef, 0xd2, 0xeb, 0x80, 0x86, 0xf5, 0x1f, - 0xd5, 0xc2, 0x0d, 0x4b, 0xf8, 0xf9, 0xac, 0x7e, 0xef, 0xc9, 0xd3, 0x85, 0x53, 0x9f, 0x3c, 0x5d, - 0x38, 0xf5, 0xd9, 0xd3, 0x85, 0x53, 0x3f, 0x39, 0x58, 0x90, 0x9e, 0x1c, 0x2c, 0x48, 0x9f, 0x1c, - 0x2c, 0x48, 0x9f, 0x1d, 0x2c, 0x48, 0x9f, 0x1f, 0x2c, 0x48, 0xbf, 0xf8, 0xc7, 0xc2, 0xa9, 0x87, - 0x17, 0x8f, 0xfc, 0x06, 0xff, 0x3f, 0x01, 0x00, 0x00, 0xff, 0xff, 0xd0, 0xa8, 0x38, 0xe0, 0xa7, - 0x2f, 0x00, 0x00, -} +func (m *TagReferencePolicy) Reset() { *m = TagReferencePolicy{} } func (m *DockerImageReference) Marshal() (dAtA []byte, err error) { size := m.Size() @@ -1936,7 +713,7 @@ func (m *ImageSignature) MarshalToSizedBuffer(dAtA []byte) (int, error) { for k := range m.SignedClaims { keysForSignedClaims = append(keysForSignedClaims, string(k)) } - github_com_gogo_protobuf_sortkeys.Strings(keysForSignedClaims) + sort.Strings(keysForSignedClaims) for iNdEx := len(keysForSignedClaims) - 1; iNdEx >= 0; iNdEx-- { v := m.SignedClaims[string(keysForSignedClaims[iNdEx])] baseI := i @@ -2291,7 +1068,7 @@ func (m *ImageStreamLayers) MarshalToSizedBuffer(dAtA []byte) (int, error) { for k := range m.Images { keysForImages = append(keysForImages, string(k)) } - github_com_gogo_protobuf_sortkeys.Strings(keysForImages) + sort.Strings(keysForImages) for iNdEx := len(keysForImages) - 1; iNdEx >= 0; iNdEx-- { v := m.Images[string(keysForImages[iNdEx])] baseI := i @@ -2320,7 +1097,7 @@ func (m *ImageStreamLayers) MarshalToSizedBuffer(dAtA []byte) (int, error) { for k := range m.Blobs { keysForBlobs = append(keysForBlobs, string(k)) } - github_com_gogo_protobuf_sortkeys.Strings(keysForBlobs) + sort.Strings(keysForBlobs) for iNdEx := len(keysForBlobs) - 1; iNdEx >= 0; iNdEx-- { v := m.Blobs[string(keysForBlobs[iNdEx])] baseI := i @@ -3399,7 +2176,7 @@ func (m *TagReference) MarshalToSizedBuffer(dAtA []byte) (int, error) { for k := range m.Annotations { keysForAnnotations = append(keysForAnnotations, string(k)) } - github_com_gogo_protobuf_sortkeys.Strings(keysForAnnotations) + sort.Strings(keysForAnnotations) for iNdEx := len(keysForAnnotations) - 1; iNdEx >= 0; iNdEx-- { v := m.Annotations[string(keysForAnnotations[iNdEx])] baseI := i @@ -4393,7 +3170,7 @@ func (this *ImageSignature) String() string { for k := range this.SignedClaims { keysForSignedClaims = append(keysForSignedClaims, k) } - github_com_gogo_protobuf_sortkeys.Strings(keysForSignedClaims) + sort.Strings(keysForSignedClaims) mapStringForSignedClaims := "map[string]string{" for _, k := range keysForSignedClaims { mapStringForSignedClaims += fmt.Sprintf("%v: %v,", k, this.SignedClaims[k]) @@ -4490,7 +3267,7 @@ func (this *ImageStreamLayers) String() string { for k := range this.Blobs { keysForBlobs = append(keysForBlobs, k) } - github_com_gogo_protobuf_sortkeys.Strings(keysForBlobs) + sort.Strings(keysForBlobs) mapStringForBlobs := "map[string]ImageLayerData{" for _, k := range keysForBlobs { mapStringForBlobs += fmt.Sprintf("%v: %v,", k, this.Blobs[k]) @@ -4500,7 +3277,7 @@ func (this *ImageStreamLayers) String() string { for k := range this.Images { keysForImages = append(keysForImages, k) } - github_com_gogo_protobuf_sortkeys.Strings(keysForImages) + sort.Strings(keysForImages) mapStringForImages := "map[string]ImageBlobReferences{" for _, k := range keysForImages { mapStringForImages += fmt.Sprintf("%v: %v,", k, this.Images[k]) @@ -4804,7 +3581,7 @@ func (this *TagReference) String() string { for k := range this.Annotations { keysForAnnotations = append(keysForAnnotations, k) } - github_com_gogo_protobuf_sortkeys.Strings(keysForAnnotations) + sort.Strings(keysForAnnotations) mapStringForAnnotations := "map[string]string{" for _, k := range keysForAnnotations { mapStringForAnnotations += fmt.Sprintf("%v: %v,", k, this.Annotations[k]) diff --git a/vendor/github.com/openshift/api/image/v1/generated.protomessage.pb.go b/vendor/github.com/openshift/api/image/v1/generated.protomessage.pb.go new file mode 100644 index 000000000..68da6c960 --- /dev/null +++ b/vendor/github.com/openshift/api/image/v1/generated.protomessage.pb.go @@ -0,0 +1,82 @@ +//go:build kubernetes_protomessage_one_more_release +// +build kubernetes_protomessage_one_more_release + +// Code generated by go-to-protobuf. DO NOT EDIT. + +package v1 + +func (*DockerImageReference) ProtoMessage() {} + +func (*Image) ProtoMessage() {} + +func (*ImageBlobReferences) ProtoMessage() {} + +func (*ImageImportSpec) ProtoMessage() {} + +func (*ImageImportStatus) ProtoMessage() {} + +func (*ImageLayer) ProtoMessage() {} + +func (*ImageLayerData) ProtoMessage() {} + +func (*ImageList) ProtoMessage() {} + +func (*ImageLookupPolicy) ProtoMessage() {} + +func (*ImageManifest) ProtoMessage() {} + +func (*ImageSignature) ProtoMessage() {} + +func (*ImageStream) ProtoMessage() {} + +func (*ImageStreamImage) ProtoMessage() {} + +func (*ImageStreamImport) ProtoMessage() {} + +func (*ImageStreamImportSpec) ProtoMessage() {} + +func (*ImageStreamImportStatus) ProtoMessage() {} + +func (*ImageStreamLayers) ProtoMessage() {} + +func (*ImageStreamList) ProtoMessage() {} + +func (*ImageStreamMapping) ProtoMessage() {} + +func (*ImageStreamSpec) ProtoMessage() {} + +func (*ImageStreamStatus) ProtoMessage() {} + +func (*ImageStreamTag) ProtoMessage() {} + +func (*ImageStreamTagList) ProtoMessage() {} + +func (*ImageTag) ProtoMessage() {} + +func (*ImageTagList) ProtoMessage() {} + +func (*NamedTagEventList) ProtoMessage() {} + +func (*RepositoryImportSpec) ProtoMessage() {} + +func (*RepositoryImportStatus) ProtoMessage() {} + +func (*SecretList) ProtoMessage() {} + +func (*SignatureCondition) ProtoMessage() {} + +func (*SignatureGenericEntity) ProtoMessage() {} + +func (*SignatureIssuer) ProtoMessage() {} + +func (*SignatureSubject) ProtoMessage() {} + +func (*TagEvent) ProtoMessage() {} + +func (*TagEventCondition) ProtoMessage() {} + +func (*TagImportPolicy) ProtoMessage() {} + +func (*TagReference) ProtoMessage() {} + +func (*TagReferencePolicy) ProtoMessage() {} diff --git a/vendor/github.com/openshift/api/security/v1/generated.pb.go b/vendor/github.com/openshift/api/security/v1/generated.pb.go index e28b59584..608d2f010 100644 --- a/vendor/github.com/openshift/api/security/v1/generated.pb.go +++ b/vendor/github.com/openshift/api/security/v1/generated.pb.go @@ -8,705 +8,55 @@ import ( io "io" - proto "github.com/gogo/protobuf/proto" k8s_io_api_core_v1 "k8s.io/api/core/v1" v11 "k8s.io/api/core/v1" - math "math" math_bits "math/bits" reflect "reflect" strings "strings" ) -// Reference imports to suppress errors if they are not otherwise used. -var _ = proto.Marshal -var _ = fmt.Errorf -var _ = math.Inf +func (m *AllowedFlexVolume) Reset() { *m = AllowedFlexVolume{} } -// This is a compile-time assertion to ensure that this generated file -// is compatible with the proto package it is being compiled against. -// A compilation error at this line likely means your copy of the -// proto package needs to be updated. -const _ = proto.GoGoProtoPackageIsVersion3 // please upgrade the proto package +func (m *FSGroupStrategyOptions) Reset() { *m = FSGroupStrategyOptions{} } -func (m *AllowedFlexVolume) Reset() { *m = AllowedFlexVolume{} } -func (*AllowedFlexVolume) ProtoMessage() {} -func (*AllowedFlexVolume) Descriptor() ([]byte, []int) { - return fileDescriptor_af65d9655aa67551, []int{0} -} -func (m *AllowedFlexVolume) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *AllowedFlexVolume) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil -} -func (m *AllowedFlexVolume) XXX_Merge(src proto.Message) { - xxx_messageInfo_AllowedFlexVolume.Merge(m, src) -} -func (m *AllowedFlexVolume) XXX_Size() int { - return m.Size() -} -func (m *AllowedFlexVolume) XXX_DiscardUnknown() { - xxx_messageInfo_AllowedFlexVolume.DiscardUnknown(m) -} - -var xxx_messageInfo_AllowedFlexVolume proto.InternalMessageInfo - -func (m *FSGroupStrategyOptions) Reset() { *m = FSGroupStrategyOptions{} } -func (*FSGroupStrategyOptions) ProtoMessage() {} -func (*FSGroupStrategyOptions) Descriptor() ([]byte, []int) { - return fileDescriptor_af65d9655aa67551, []int{1} -} -func (m *FSGroupStrategyOptions) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *FSGroupStrategyOptions) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil -} -func (m *FSGroupStrategyOptions) XXX_Merge(src proto.Message) { - xxx_messageInfo_FSGroupStrategyOptions.Merge(m, src) -} -func (m *FSGroupStrategyOptions) XXX_Size() int { - return m.Size() -} -func (m *FSGroupStrategyOptions) XXX_DiscardUnknown() { - xxx_messageInfo_FSGroupStrategyOptions.DiscardUnknown(m) -} - -var xxx_messageInfo_FSGroupStrategyOptions proto.InternalMessageInfo - -func (m *IDRange) Reset() { *m = IDRange{} } -func (*IDRange) ProtoMessage() {} -func (*IDRange) Descriptor() ([]byte, []int) { - return fileDescriptor_af65d9655aa67551, []int{2} -} -func (m *IDRange) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *IDRange) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil -} -func (m *IDRange) XXX_Merge(src proto.Message) { - xxx_messageInfo_IDRange.Merge(m, src) -} -func (m *IDRange) XXX_Size() int { - return m.Size() -} -func (m *IDRange) XXX_DiscardUnknown() { - xxx_messageInfo_IDRange.DiscardUnknown(m) -} +func (m *IDRange) Reset() { *m = IDRange{} } -var xxx_messageInfo_IDRange proto.InternalMessageInfo +func (m *PodSecurityPolicyReview) Reset() { *m = PodSecurityPolicyReview{} } -func (m *PodSecurityPolicyReview) Reset() { *m = PodSecurityPolicyReview{} } -func (*PodSecurityPolicyReview) ProtoMessage() {} -func (*PodSecurityPolicyReview) Descriptor() ([]byte, []int) { - return fileDescriptor_af65d9655aa67551, []int{3} -} -func (m *PodSecurityPolicyReview) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *PodSecurityPolicyReview) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil -} -func (m *PodSecurityPolicyReview) XXX_Merge(src proto.Message) { - xxx_messageInfo_PodSecurityPolicyReview.Merge(m, src) -} -func (m *PodSecurityPolicyReview) XXX_Size() int { - return m.Size() -} -func (m *PodSecurityPolicyReview) XXX_DiscardUnknown() { - xxx_messageInfo_PodSecurityPolicyReview.DiscardUnknown(m) -} - -var xxx_messageInfo_PodSecurityPolicyReview proto.InternalMessageInfo +func (m *PodSecurityPolicyReviewSpec) Reset() { *m = PodSecurityPolicyReviewSpec{} } -func (m *PodSecurityPolicyReviewSpec) Reset() { *m = PodSecurityPolicyReviewSpec{} } -func (*PodSecurityPolicyReviewSpec) ProtoMessage() {} -func (*PodSecurityPolicyReviewSpec) Descriptor() ([]byte, []int) { - return fileDescriptor_af65d9655aa67551, []int{4} -} -func (m *PodSecurityPolicyReviewSpec) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *PodSecurityPolicyReviewSpec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil -} -func (m *PodSecurityPolicyReviewSpec) XXX_Merge(src proto.Message) { - xxx_messageInfo_PodSecurityPolicyReviewSpec.Merge(m, src) -} -func (m *PodSecurityPolicyReviewSpec) XXX_Size() int { - return m.Size() -} -func (m *PodSecurityPolicyReviewSpec) XXX_DiscardUnknown() { - xxx_messageInfo_PodSecurityPolicyReviewSpec.DiscardUnknown(m) -} +func (m *PodSecurityPolicyReviewStatus) Reset() { *m = PodSecurityPolicyReviewStatus{} } -var xxx_messageInfo_PodSecurityPolicyReviewSpec proto.InternalMessageInfo - -func (m *PodSecurityPolicyReviewStatus) Reset() { *m = PodSecurityPolicyReviewStatus{} } -func (*PodSecurityPolicyReviewStatus) ProtoMessage() {} -func (*PodSecurityPolicyReviewStatus) Descriptor() ([]byte, []int) { - return fileDescriptor_af65d9655aa67551, []int{5} -} -func (m *PodSecurityPolicyReviewStatus) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *PodSecurityPolicyReviewStatus) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil -} -func (m *PodSecurityPolicyReviewStatus) XXX_Merge(src proto.Message) { - xxx_messageInfo_PodSecurityPolicyReviewStatus.Merge(m, src) -} -func (m *PodSecurityPolicyReviewStatus) XXX_Size() int { - return m.Size() -} -func (m *PodSecurityPolicyReviewStatus) XXX_DiscardUnknown() { - xxx_messageInfo_PodSecurityPolicyReviewStatus.DiscardUnknown(m) -} - -var xxx_messageInfo_PodSecurityPolicyReviewStatus proto.InternalMessageInfo - -func (m *PodSecurityPolicySelfSubjectReview) Reset() { *m = PodSecurityPolicySelfSubjectReview{} } -func (*PodSecurityPolicySelfSubjectReview) ProtoMessage() {} -func (*PodSecurityPolicySelfSubjectReview) Descriptor() ([]byte, []int) { - return fileDescriptor_af65d9655aa67551, []int{6} -} -func (m *PodSecurityPolicySelfSubjectReview) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *PodSecurityPolicySelfSubjectReview) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil -} -func (m *PodSecurityPolicySelfSubjectReview) XXX_Merge(src proto.Message) { - xxx_messageInfo_PodSecurityPolicySelfSubjectReview.Merge(m, src) -} -func (m *PodSecurityPolicySelfSubjectReview) XXX_Size() int { - return m.Size() -} -func (m *PodSecurityPolicySelfSubjectReview) XXX_DiscardUnknown() { - xxx_messageInfo_PodSecurityPolicySelfSubjectReview.DiscardUnknown(m) -} - -var xxx_messageInfo_PodSecurityPolicySelfSubjectReview proto.InternalMessageInfo +func (m *PodSecurityPolicySelfSubjectReview) Reset() { *m = PodSecurityPolicySelfSubjectReview{} } func (m *PodSecurityPolicySelfSubjectReviewSpec) Reset() { *m = PodSecurityPolicySelfSubjectReviewSpec{} } -func (*PodSecurityPolicySelfSubjectReviewSpec) ProtoMessage() {} -func (*PodSecurityPolicySelfSubjectReviewSpec) Descriptor() ([]byte, []int) { - return fileDescriptor_af65d9655aa67551, []int{7} -} -func (m *PodSecurityPolicySelfSubjectReviewSpec) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *PodSecurityPolicySelfSubjectReviewSpec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil -} -func (m *PodSecurityPolicySelfSubjectReviewSpec) XXX_Merge(src proto.Message) { - xxx_messageInfo_PodSecurityPolicySelfSubjectReviewSpec.Merge(m, src) -} -func (m *PodSecurityPolicySelfSubjectReviewSpec) XXX_Size() int { - return m.Size() -} -func (m *PodSecurityPolicySelfSubjectReviewSpec) XXX_DiscardUnknown() { - xxx_messageInfo_PodSecurityPolicySelfSubjectReviewSpec.DiscardUnknown(m) -} - -var xxx_messageInfo_PodSecurityPolicySelfSubjectReviewSpec proto.InternalMessageInfo - -func (m *PodSecurityPolicySubjectReview) Reset() { *m = PodSecurityPolicySubjectReview{} } -func (*PodSecurityPolicySubjectReview) ProtoMessage() {} -func (*PodSecurityPolicySubjectReview) Descriptor() ([]byte, []int) { - return fileDescriptor_af65d9655aa67551, []int{8} -} -func (m *PodSecurityPolicySubjectReview) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *PodSecurityPolicySubjectReview) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil -} -func (m *PodSecurityPolicySubjectReview) XXX_Merge(src proto.Message) { - xxx_messageInfo_PodSecurityPolicySubjectReview.Merge(m, src) -} -func (m *PodSecurityPolicySubjectReview) XXX_Size() int { - return m.Size() -} -func (m *PodSecurityPolicySubjectReview) XXX_DiscardUnknown() { - xxx_messageInfo_PodSecurityPolicySubjectReview.DiscardUnknown(m) -} - -var xxx_messageInfo_PodSecurityPolicySubjectReview proto.InternalMessageInfo - -func (m *PodSecurityPolicySubjectReviewSpec) Reset() { *m = PodSecurityPolicySubjectReviewSpec{} } -func (*PodSecurityPolicySubjectReviewSpec) ProtoMessage() {} -func (*PodSecurityPolicySubjectReviewSpec) Descriptor() ([]byte, []int) { - return fileDescriptor_af65d9655aa67551, []int{9} -} -func (m *PodSecurityPolicySubjectReviewSpec) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *PodSecurityPolicySubjectReviewSpec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil -} -func (m *PodSecurityPolicySubjectReviewSpec) XXX_Merge(src proto.Message) { - xxx_messageInfo_PodSecurityPolicySubjectReviewSpec.Merge(m, src) -} -func (m *PodSecurityPolicySubjectReviewSpec) XXX_Size() int { - return m.Size() -} -func (m *PodSecurityPolicySubjectReviewSpec) XXX_DiscardUnknown() { - xxx_messageInfo_PodSecurityPolicySubjectReviewSpec.DiscardUnknown(m) -} -var xxx_messageInfo_PodSecurityPolicySubjectReviewSpec proto.InternalMessageInfo +func (m *PodSecurityPolicySubjectReview) Reset() { *m = PodSecurityPolicySubjectReview{} } -func (m *PodSecurityPolicySubjectReviewStatus) Reset() { *m = PodSecurityPolicySubjectReviewStatus{} } -func (*PodSecurityPolicySubjectReviewStatus) ProtoMessage() {} -func (*PodSecurityPolicySubjectReviewStatus) Descriptor() ([]byte, []int) { - return fileDescriptor_af65d9655aa67551, []int{10} -} -func (m *PodSecurityPolicySubjectReviewStatus) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *PodSecurityPolicySubjectReviewStatus) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil -} -func (m *PodSecurityPolicySubjectReviewStatus) XXX_Merge(src proto.Message) { - xxx_messageInfo_PodSecurityPolicySubjectReviewStatus.Merge(m, src) -} -func (m *PodSecurityPolicySubjectReviewStatus) XXX_Size() int { - return m.Size() -} -func (m *PodSecurityPolicySubjectReviewStatus) XXX_DiscardUnknown() { - xxx_messageInfo_PodSecurityPolicySubjectReviewStatus.DiscardUnknown(m) -} +func (m *PodSecurityPolicySubjectReviewSpec) Reset() { *m = PodSecurityPolicySubjectReviewSpec{} } -var xxx_messageInfo_PodSecurityPolicySubjectReviewStatus proto.InternalMessageInfo +func (m *PodSecurityPolicySubjectReviewStatus) Reset() { *m = PodSecurityPolicySubjectReviewStatus{} } -func (m *RangeAllocation) Reset() { *m = RangeAllocation{} } -func (*RangeAllocation) ProtoMessage() {} -func (*RangeAllocation) Descriptor() ([]byte, []int) { - return fileDescriptor_af65d9655aa67551, []int{11} -} -func (m *RangeAllocation) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *RangeAllocation) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil -} -func (m *RangeAllocation) XXX_Merge(src proto.Message) { - xxx_messageInfo_RangeAllocation.Merge(m, src) -} -func (m *RangeAllocation) XXX_Size() int { - return m.Size() -} -func (m *RangeAllocation) XXX_DiscardUnknown() { - xxx_messageInfo_RangeAllocation.DiscardUnknown(m) -} +func (m *RangeAllocation) Reset() { *m = RangeAllocation{} } -var xxx_messageInfo_RangeAllocation proto.InternalMessageInfo - -func (m *RangeAllocationList) Reset() { *m = RangeAllocationList{} } -func (*RangeAllocationList) ProtoMessage() {} -func (*RangeAllocationList) Descriptor() ([]byte, []int) { - return fileDescriptor_af65d9655aa67551, []int{12} -} -func (m *RangeAllocationList) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *RangeAllocationList) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil -} -func (m *RangeAllocationList) XXX_Merge(src proto.Message) { - xxx_messageInfo_RangeAllocationList.Merge(m, src) -} -func (m *RangeAllocationList) XXX_Size() int { - return m.Size() -} -func (m *RangeAllocationList) XXX_DiscardUnknown() { - xxx_messageInfo_RangeAllocationList.DiscardUnknown(m) -} +func (m *RangeAllocationList) Reset() { *m = RangeAllocationList{} } -var xxx_messageInfo_RangeAllocationList proto.InternalMessageInfo +func (m *RunAsUserStrategyOptions) Reset() { *m = RunAsUserStrategyOptions{} } -func (m *RunAsUserStrategyOptions) Reset() { *m = RunAsUserStrategyOptions{} } -func (*RunAsUserStrategyOptions) ProtoMessage() {} -func (*RunAsUserStrategyOptions) Descriptor() ([]byte, []int) { - return fileDescriptor_af65d9655aa67551, []int{13} -} -func (m *RunAsUserStrategyOptions) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *RunAsUserStrategyOptions) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil -} -func (m *RunAsUserStrategyOptions) XXX_Merge(src proto.Message) { - xxx_messageInfo_RunAsUserStrategyOptions.Merge(m, src) -} -func (m *RunAsUserStrategyOptions) XXX_Size() int { - return m.Size() -} -func (m *RunAsUserStrategyOptions) XXX_DiscardUnknown() { - xxx_messageInfo_RunAsUserStrategyOptions.DiscardUnknown(m) -} +func (m *SELinuxContextStrategyOptions) Reset() { *m = SELinuxContextStrategyOptions{} } -var xxx_messageInfo_RunAsUserStrategyOptions proto.InternalMessageInfo +func (m *SecurityContextConstraints) Reset() { *m = SecurityContextConstraints{} } -func (m *SELinuxContextStrategyOptions) Reset() { *m = SELinuxContextStrategyOptions{} } -func (*SELinuxContextStrategyOptions) ProtoMessage() {} -func (*SELinuxContextStrategyOptions) Descriptor() ([]byte, []int) { - return fileDescriptor_af65d9655aa67551, []int{14} -} -func (m *SELinuxContextStrategyOptions) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *SELinuxContextStrategyOptions) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil -} -func (m *SELinuxContextStrategyOptions) XXX_Merge(src proto.Message) { - xxx_messageInfo_SELinuxContextStrategyOptions.Merge(m, src) -} -func (m *SELinuxContextStrategyOptions) XXX_Size() int { - return m.Size() -} -func (m *SELinuxContextStrategyOptions) XXX_DiscardUnknown() { - xxx_messageInfo_SELinuxContextStrategyOptions.DiscardUnknown(m) -} - -var xxx_messageInfo_SELinuxContextStrategyOptions proto.InternalMessageInfo - -func (m *SecurityContextConstraints) Reset() { *m = SecurityContextConstraints{} } -func (*SecurityContextConstraints) ProtoMessage() {} -func (*SecurityContextConstraints) Descriptor() ([]byte, []int) { - return fileDescriptor_af65d9655aa67551, []int{15} -} -func (m *SecurityContextConstraints) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *SecurityContextConstraints) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil -} -func (m *SecurityContextConstraints) XXX_Merge(src proto.Message) { - xxx_messageInfo_SecurityContextConstraints.Merge(m, src) -} -func (m *SecurityContextConstraints) XXX_Size() int { - return m.Size() -} -func (m *SecurityContextConstraints) XXX_DiscardUnknown() { - xxx_messageInfo_SecurityContextConstraints.DiscardUnknown(m) -} - -var xxx_messageInfo_SecurityContextConstraints proto.InternalMessageInfo - -func (m *SecurityContextConstraintsList) Reset() { *m = SecurityContextConstraintsList{} } -func (*SecurityContextConstraintsList) ProtoMessage() {} -func (*SecurityContextConstraintsList) Descriptor() ([]byte, []int) { - return fileDescriptor_af65d9655aa67551, []int{16} -} -func (m *SecurityContextConstraintsList) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *SecurityContextConstraintsList) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil -} -func (m *SecurityContextConstraintsList) XXX_Merge(src proto.Message) { - xxx_messageInfo_SecurityContextConstraintsList.Merge(m, src) -} -func (m *SecurityContextConstraintsList) XXX_Size() int { - return m.Size() -} -func (m *SecurityContextConstraintsList) XXX_DiscardUnknown() { - xxx_messageInfo_SecurityContextConstraintsList.DiscardUnknown(m) -} - -var xxx_messageInfo_SecurityContextConstraintsList proto.InternalMessageInfo +func (m *SecurityContextConstraintsList) Reset() { *m = SecurityContextConstraintsList{} } func (m *ServiceAccountPodSecurityPolicyReviewStatus) Reset() { *m = ServiceAccountPodSecurityPolicyReviewStatus{} } -func (*ServiceAccountPodSecurityPolicyReviewStatus) ProtoMessage() {} -func (*ServiceAccountPodSecurityPolicyReviewStatus) Descriptor() ([]byte, []int) { - return fileDescriptor_af65d9655aa67551, []int{17} -} -func (m *ServiceAccountPodSecurityPolicyReviewStatus) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *ServiceAccountPodSecurityPolicyReviewStatus) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil -} -func (m *ServiceAccountPodSecurityPolicyReviewStatus) XXX_Merge(src proto.Message) { - xxx_messageInfo_ServiceAccountPodSecurityPolicyReviewStatus.Merge(m, src) -} -func (m *ServiceAccountPodSecurityPolicyReviewStatus) XXX_Size() int { - return m.Size() -} -func (m *ServiceAccountPodSecurityPolicyReviewStatus) XXX_DiscardUnknown() { - xxx_messageInfo_ServiceAccountPodSecurityPolicyReviewStatus.DiscardUnknown(m) -} - -var xxx_messageInfo_ServiceAccountPodSecurityPolicyReviewStatus proto.InternalMessageInfo - -func (m *SupplementalGroupsStrategyOptions) Reset() { *m = SupplementalGroupsStrategyOptions{} } -func (*SupplementalGroupsStrategyOptions) ProtoMessage() {} -func (*SupplementalGroupsStrategyOptions) Descriptor() ([]byte, []int) { - return fileDescriptor_af65d9655aa67551, []int{18} -} -func (m *SupplementalGroupsStrategyOptions) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *SupplementalGroupsStrategyOptions) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil -} -func (m *SupplementalGroupsStrategyOptions) XXX_Merge(src proto.Message) { - xxx_messageInfo_SupplementalGroupsStrategyOptions.Merge(m, src) -} -func (m *SupplementalGroupsStrategyOptions) XXX_Size() int { - return m.Size() -} -func (m *SupplementalGroupsStrategyOptions) XXX_DiscardUnknown() { - xxx_messageInfo_SupplementalGroupsStrategyOptions.DiscardUnknown(m) -} -var xxx_messageInfo_SupplementalGroupsStrategyOptions proto.InternalMessageInfo - -func init() { - proto.RegisterType((*AllowedFlexVolume)(nil), "github.com.openshift.api.security.v1.AllowedFlexVolume") - proto.RegisterType((*FSGroupStrategyOptions)(nil), "github.com.openshift.api.security.v1.FSGroupStrategyOptions") - proto.RegisterType((*IDRange)(nil), "github.com.openshift.api.security.v1.IDRange") - proto.RegisterType((*PodSecurityPolicyReview)(nil), "github.com.openshift.api.security.v1.PodSecurityPolicyReview") - proto.RegisterType((*PodSecurityPolicyReviewSpec)(nil), "github.com.openshift.api.security.v1.PodSecurityPolicyReviewSpec") - proto.RegisterType((*PodSecurityPolicyReviewStatus)(nil), "github.com.openshift.api.security.v1.PodSecurityPolicyReviewStatus") - proto.RegisterType((*PodSecurityPolicySelfSubjectReview)(nil), "github.com.openshift.api.security.v1.PodSecurityPolicySelfSubjectReview") - proto.RegisterType((*PodSecurityPolicySelfSubjectReviewSpec)(nil), "github.com.openshift.api.security.v1.PodSecurityPolicySelfSubjectReviewSpec") - proto.RegisterType((*PodSecurityPolicySubjectReview)(nil), "github.com.openshift.api.security.v1.PodSecurityPolicySubjectReview") - proto.RegisterType((*PodSecurityPolicySubjectReviewSpec)(nil), "github.com.openshift.api.security.v1.PodSecurityPolicySubjectReviewSpec") - proto.RegisterType((*PodSecurityPolicySubjectReviewStatus)(nil), "github.com.openshift.api.security.v1.PodSecurityPolicySubjectReviewStatus") - proto.RegisterType((*RangeAllocation)(nil), "github.com.openshift.api.security.v1.RangeAllocation") - proto.RegisterType((*RangeAllocationList)(nil), "github.com.openshift.api.security.v1.RangeAllocationList") - proto.RegisterType((*RunAsUserStrategyOptions)(nil), "github.com.openshift.api.security.v1.RunAsUserStrategyOptions") - proto.RegisterType((*SELinuxContextStrategyOptions)(nil), "github.com.openshift.api.security.v1.SELinuxContextStrategyOptions") - proto.RegisterType((*SecurityContextConstraints)(nil), "github.com.openshift.api.security.v1.SecurityContextConstraints") - proto.RegisterType((*SecurityContextConstraintsList)(nil), "github.com.openshift.api.security.v1.SecurityContextConstraintsList") - proto.RegisterType((*ServiceAccountPodSecurityPolicyReviewStatus)(nil), "github.com.openshift.api.security.v1.ServiceAccountPodSecurityPolicyReviewStatus") - proto.RegisterType((*SupplementalGroupsStrategyOptions)(nil), "github.com.openshift.api.security.v1.SupplementalGroupsStrategyOptions") -} - -func init() { - proto.RegisterFile("github.com/openshift/api/security/v1/generated.proto", fileDescriptor_af65d9655aa67551) -} - -var fileDescriptor_af65d9655aa67551 = []byte{ - // 1803 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xcc, 0x59, 0xcd, 0x6f, 0x1b, 0xc7, - 0x15, 0xd7, 0x8a, 0xfa, 0xe2, 0x48, 0x96, 0xe4, 0x91, 0x2c, 0x4f, 0xd4, 0x98, 0x54, 0xd7, 0x6e, - 0x60, 0xb4, 0xcd, 0x32, 0x36, 0xd2, 0xc6, 0x45, 0x1a, 0x23, 0x5c, 0x31, 0x72, 0x14, 0xc8, 0x31, - 0x33, 0x8c, 0x82, 0x22, 0x08, 0x8a, 0x8c, 0x96, 0x43, 0x7a, 0xac, 0xe5, 0xee, 0x76, 0x67, 0x56, - 0x16, 0xd1, 0x4b, 0x81, 0xfe, 0x03, 0x05, 0x7a, 0xef, 0xb9, 0xfd, 0x07, 0x7a, 0x29, 0xda, 0x5e, - 0x0d, 0xb4, 0x45, 0x73, 0x2a, 0x72, 0x22, 0x6a, 0x16, 0xbd, 0xf4, 0xda, 0x9b, 0x0f, 0x45, 0x31, - 0xc3, 0xe1, 0xc7, 0x2e, 0x77, 0xe9, 0x4d, 0x6a, 0x0b, 0xbd, 0x69, 0xdf, 0xc7, 0xef, 0xfd, 0xde, - 0xcc, 0xbc, 0x37, 0x6f, 0x28, 0xf0, 0x66, 0x9b, 0x89, 0x87, 0xd1, 0x89, 0xe5, 0xf8, 0x9d, 0x8a, - 0x1f, 0x50, 0x8f, 0x3f, 0x64, 0x2d, 0x51, 0x21, 0x01, 0xab, 0x70, 0xea, 0x44, 0x21, 0x13, 0xdd, - 0xca, 0xd9, 0xad, 0x4a, 0x9b, 0x7a, 0x34, 0x24, 0x82, 0x36, 0xad, 0x20, 0xf4, 0x85, 0x0f, 0x6f, - 0x8c, 0xbd, 0xac, 0x91, 0x97, 0x45, 0x02, 0x66, 0x0d, 0xbd, 0xac, 0xb3, 0x5b, 0xbb, 0xaf, 0x4f, - 0x60, 0xb7, 0xfd, 0xb6, 0x5f, 0x51, 0xce, 0x27, 0x51, 0x4b, 0x7d, 0xa9, 0x0f, 0xf5, 0xd7, 0x00, - 0x74, 0xd7, 0x3c, 0xbd, 0xc3, 0x2d, 0xe6, 0xab, 0xe0, 0x8e, 0x1f, 0xd2, 0x94, 0xc0, 0xbb, 0x6f, - 0x8e, 0x6d, 0x3a, 0xc4, 0x79, 0xc8, 0x3c, 0x1a, 0x76, 0x2b, 0xc1, 0x69, 0x5b, 0x0a, 0x78, 0xa5, - 0x43, 0x05, 0x49, 0xf3, 0xfa, 0x7e, 0x96, 0x57, 0x18, 0x79, 0x82, 0x75, 0x68, 0x85, 0x3b, 0x0f, - 0x69, 0x87, 0x24, 0xfd, 0xcc, 0xb7, 0xc1, 0xe5, 0xaa, 0xeb, 0xfa, 0x8f, 0x69, 0xf3, 0xc0, 0xa5, - 0xe7, 0x9f, 0xf8, 0x6e, 0xd4, 0xa1, 0xf0, 0x35, 0xb0, 0xd4, 0x0c, 0xd9, 0x19, 0x0d, 0x91, 0xb1, - 0x67, 0xdc, 0x2c, 0xda, 0xeb, 0x4f, 0x7a, 0xe5, 0xb9, 0x7e, 0xaf, 0xbc, 0x54, 0x53, 0x52, 0xac, - 0xb5, 0xe6, 0xaf, 0x0d, 0xb0, 0x73, 0xd0, 0xb8, 0x17, 0xfa, 0x51, 0xd0, 0x10, 0x12, 0xb5, 0xdd, - 0x7d, 0x10, 0x08, 0xe6, 0x7b, 0x1c, 0xbe, 0x05, 0x16, 0x44, 0x37, 0xa0, 0x1a, 0xe0, 0xba, 0x06, - 0x58, 0xf8, 0xb8, 0x1b, 0xd0, 0x67, 0xbd, 0xf2, 0x56, 0xc2, 0x4b, 0x8a, 0xb1, 0x72, 0x80, 0xc7, - 0x60, 0x29, 0x24, 0x5e, 0x9b, 0x72, 0x34, 0xbf, 0x57, 0xb8, 0xb9, 0x7a, 0xfb, 0x75, 0x2b, 0xcf, - 0x46, 0x58, 0x87, 0x35, 0x2c, 0xbd, 0xc6, 0x54, 0xd5, 0x27, 0xc7, 0x1a, 0xcc, 0xbc, 0x07, 0x96, - 0xb5, 0x09, 0xbc, 0x06, 0x0a, 0x1d, 0xe6, 0x29, 0x66, 0x05, 0x7b, 0x55, 0xdb, 0x17, 0xee, 0x33, - 0x0f, 0x4b, 0xb9, 0x52, 0x93, 0x73, 0x34, 0x9f, 0x50, 0x93, 0x73, 0x2c, 0xe5, 0xe6, 0x5f, 0xe6, - 0xc1, 0xd5, 0xba, 0xdf, 0x6c, 0xe8, 0xd8, 0x75, 0xdf, 0x65, 0x4e, 0x17, 0xd3, 0x33, 0x46, 0x1f, - 0xc3, 0xcf, 0xc1, 0x8a, 0xdc, 0x9f, 0x26, 0x11, 0x04, 0x15, 0xf6, 0x8c, 0x9b, 0xab, 0xb7, 0xdf, - 0xb0, 0x06, 0xfb, 0x62, 0x4d, 0xee, 0x8b, 0x15, 0x9c, 0xb6, 0xa5, 0x80, 0x5b, 0xd2, 0x5a, 0xb2, - 0x7f, 0x70, 0xf2, 0x88, 0x3a, 0xe2, 0x3e, 0x15, 0xc4, 0x86, 0x3a, 0x22, 0x18, 0xcb, 0xf0, 0x08, - 0x15, 0x3a, 0x60, 0x81, 0x07, 0xd4, 0x51, 0xe4, 0x57, 0x6f, 0x57, 0xf3, 0xad, 0x4d, 0x06, 0xdd, - 0x46, 0x40, 0x1d, 0x7b, 0x6d, 0xb8, 0x33, 0xf2, 0x0b, 0x2b, 0x70, 0x78, 0x0a, 0x96, 0xb8, 0x20, - 0x22, 0xe2, 0x6a, 0x11, 0x56, 0x6f, 0xef, 0xff, 0x6f, 0x61, 0x14, 0xd4, 0x78, 0x63, 0x06, 0xdf, - 0x58, 0x87, 0x30, 0x7f, 0x67, 0x80, 0x6f, 0xcc, 0x20, 0x08, 0x3f, 0x02, 0x2b, 0x82, 0x76, 0x02, - 0x97, 0x08, 0xaa, 0xb3, 0xbe, 0x3e, 0xb1, 0xa6, 0x96, 0xac, 0x22, 0x1d, 0xfc, 0x63, 0x6d, 0xa6, - 0xf2, 0xda, 0xd4, 0xe1, 0x56, 0x86, 0x52, 0x3c, 0x82, 0x81, 0x87, 0x60, 0x8b, 0xd3, 0xf0, 0x8c, - 0x39, 0xb4, 0xea, 0x38, 0x7e, 0xe4, 0x89, 0x0f, 0x49, 0x47, 0x9f, 0xb7, 0xa2, 0x7d, 0xb5, 0xdf, - 0x2b, 0x6f, 0x35, 0xa6, 0xd5, 0x38, 0xcd, 0xc7, 0xfc, 0x93, 0x01, 0xae, 0xcd, 0xcc, 0x1b, 0xfe, - 0xc6, 0x00, 0x3b, 0x64, 0x50, 0x61, 0x71, 0x54, 0x8e, 0x0c, 0x75, 0xc0, 0x3f, 0xca, 0xb7, 0xba, - 0x71, 0xe7, 0xd9, 0x6b, 0x5d, 0xd2, 0xc9, 0xef, 0x54, 0x53, 0x03, 0xe3, 0x0c, 0x42, 0xe6, 0xbf, - 0xe6, 0x81, 0x39, 0x85, 0xdc, 0xa0, 0x6e, 0xab, 0x11, 0xa9, 0xc3, 0x78, 0x61, 0xc7, 0xdc, 0x8b, - 0x1d, 0xf3, 0xa3, 0xaf, 0x79, 0xfe, 0xa6, 0x98, 0x67, 0x9e, 0xf8, 0x30, 0x71, 0xe2, 0x3f, 0xf8, - 0xba, 0x11, 0x63, 0xd1, 0x66, 0x1f, 0xfc, 0x9f, 0x82, 0xd7, 0xf2, 0x31, 0x7e, 0x09, 0x25, 0x60, - 0xf6, 0xe7, 0x41, 0x69, 0x36, 0xfb, 0x0b, 0xd8, 0xe5, 0x47, 0xb1, 0x5d, 0x7e, 0xff, 0x85, 0xac, - 0xf9, 0xff, 0xd3, 0x0e, 0xff, 0xde, 0x48, 0x2b, 0xa7, 0x0b, 0xd8, 0x5e, 0xb8, 0x07, 0x16, 0x22, - 0x4e, 0x43, 0x95, 0x6b, 0x71, 0xbc, 0x1e, 0xc7, 0x9c, 0x86, 0x58, 0x69, 0xa0, 0x09, 0x96, 0xda, - 0xf2, 0x06, 0xe6, 0xa8, 0xa0, 0xda, 0x1e, 0x90, 0xfc, 0xd5, 0x9d, 0xcc, 0xb1, 0xd6, 0x98, 0xff, - 0x36, 0xc0, 0x8d, 0x3c, 0x0b, 0x00, 0xeb, 0xa0, 0xa8, 0x3b, 0x8a, 0xdd, 0x9d, 0x95, 0xc2, 0x03, - 0xed, 0xda, 0xa2, 0x21, 0xf5, 0x1c, 0x6a, 0x5f, 0xea, 0xf7, 0xca, 0xc5, 0xea, 0xd0, 0x13, 0x8f, - 0x41, 0xe4, 0x04, 0x12, 0x52, 0xc2, 0x7d, 0x4f, 0xa7, 0x30, 0xbe, 0xd6, 0x95, 0x14, 0x6b, 0x6d, - 0x6c, 0xed, 0x0a, 0x2f, 0xa6, 0x34, 0x7e, 0x6b, 0x80, 0x0d, 0x35, 0x28, 0x48, 0x62, 0x0e, 0x91, - 0xe3, 0x4c, 0xac, 0x16, 0x8c, 0x97, 0x52, 0x0b, 0xd7, 0xc1, 0xa2, 0x9a, 0x54, 0x74, 0xbe, 0x97, - 0xb4, 0xf1, 0xa2, 0x62, 0x82, 0x07, 0x3a, 0xf8, 0x2a, 0x58, 0x18, 0x95, 0xe3, 0x9a, 0xbd, 0x22, - 0xb7, 0xb4, 0x46, 0x04, 0xc1, 0x4a, 0x6a, 0xfe, 0xd5, 0x00, 0x5b, 0x09, 0xe2, 0x47, 0x8c, 0x0b, - 0xf8, 0xd9, 0x14, 0x79, 0x2b, 0x1f, 0x79, 0xe9, 0xad, 0xa8, 0x8f, 0x96, 0x6b, 0x28, 0x99, 0x20, - 0xfe, 0x29, 0x58, 0x64, 0x82, 0x76, 0x86, 0xe3, 0xda, 0xf7, 0xf2, 0xd5, 0x55, 0x82, 0xe7, 0x38, - 0xdf, 0x43, 0x89, 0x85, 0x07, 0x90, 0xe6, 0xdf, 0x0c, 0x80, 0x70, 0xe4, 0x55, 0xb9, 0x3c, 0xb8, - 0xc9, 0x09, 0xf3, 0x07, 0xb1, 0x09, 0xf3, 0x5b, 0x89, 0x09, 0xf3, 0xca, 0x94, 0xdf, 0xc4, 0x8c, - 0xf9, 0x0a, 0x28, 0x44, 0xac, 0xa9, 0x47, 0xbc, 0x65, 0x39, 0xde, 0x1d, 0x1f, 0xd6, 0xb0, 0x94, - 0xc1, 0x5b, 0x60, 0x35, 0x62, 0x4d, 0x45, 0xef, 0x3e, 0xf3, 0xd4, 0x4a, 0x17, 0xec, 0x8d, 0x7e, - 0xaf, 0xbc, 0x7a, 0xac, 0xe7, 0x47, 0x39, 0x28, 0x4e, 0xda, 0xc4, 0x5c, 0xc8, 0x39, 0x5a, 0x48, - 0x71, 0x21, 0xe7, 0x78, 0xd2, 0xc6, 0xfc, 0xa3, 0x01, 0xae, 0x35, 0xde, 0x3b, 0x62, 0x5e, 0x74, - 0xbe, 0xef, 0x7b, 0x82, 0x9e, 0x8b, 0x64, 0x76, 0x77, 0x63, 0xd9, 0x7d, 0x3b, 0x91, 0xdd, 0x6e, - 0xba, 0xf3, 0x44, 0x8a, 0x3f, 0x06, 0xeb, 0x9c, 0x2a, 0x1b, 0x8d, 0xa8, 0xfb, 0x9e, 0x99, 0x56, - 0x1e, 0x1a, 0x4d, 0x5b, 0xda, 0xb0, 0xdf, 0x2b, 0xaf, 0xc7, 0x65, 0x38, 0x81, 0x66, 0xfe, 0xe7, - 0x32, 0xd8, 0x1d, 0x36, 0x06, 0xcd, 0x62, 0xdf, 0xf7, 0xb8, 0x08, 0x09, 0xf3, 0x04, 0xbf, 0x80, - 0x82, 0xb9, 0x09, 0x56, 0x82, 0x90, 0xf9, 0x32, 0xbe, 0x4a, 0x6d, 0xd1, 0x5e, 0x93, 0x27, 0xb4, - 0xae, 0x65, 0x78, 0xa4, 0x85, 0x9f, 0x01, 0xa4, 0x1a, 0x4b, 0x3d, 0x64, 0x67, 0xcc, 0xa5, 0x6d, - 0xda, 0x94, 0x84, 0x89, 0x24, 0xa0, 0xf6, 0x77, 0xc5, 0xde, 0xd3, 0x91, 0x50, 0x35, 0xc3, 0x0e, - 0x67, 0x22, 0x40, 0x0e, 0x76, 0x9a, 0xb4, 0x45, 0x22, 0x57, 0x54, 0x9b, 0xcd, 0x7d, 0x12, 0x90, - 0x13, 0xe6, 0x32, 0xc1, 0x28, 0x47, 0x0b, 0xaa, 0xb1, 0xbe, 0x2d, 0xe7, 0xb0, 0x5a, 0xaa, 0xc5, - 0xb3, 0x5e, 0xf9, 0xda, 0xf4, 0x83, 0xd0, 0x1a, 0x99, 0x74, 0x71, 0x06, 0x34, 0xec, 0x02, 0x14, - 0xd2, 0x9f, 0x44, 0x2c, 0xa4, 0xcd, 0x5a, 0xe8, 0x07, 0xb1, 0xb0, 0x8b, 0x2a, 0xec, 0x3b, 0x32, - 0x1d, 0x9c, 0x61, 0xf3, 0xfc, 0xc0, 0x99, 0xf0, 0xf0, 0x11, 0xd8, 0xd2, 0x6d, 0x3a, 0x16, 0x75, - 0x49, 0x45, 0xbd, 0x23, 0x87, 0xe7, 0xea, 0xb4, 0xfa, 0xf9, 0x01, 0xd3, 0x40, 0x47, 0x3b, 0xf7, - 0xbe, 0xcf, 0x45, 0x8d, 0x85, 0x83, 0xd7, 0x69, 0xdd, 0x8d, 0xda, 0xcc, 0x43, 0xcb, 0x29, 0x3b, - 0x97, 0x62, 0x87, 0x33, 0x11, 0x60, 0x05, 0x2c, 0x9f, 0xa9, 0x6f, 0x8e, 0x56, 0x14, 0xfb, 0x2b, - 0xfd, 0x5e, 0x79, 0x79, 0x60, 0x22, 0x19, 0x2f, 0x1d, 0x34, 0x54, 0x41, 0x0d, 0xad, 0xe0, 0xcf, - 0x0d, 0x00, 0x49, 0xf2, 0xb1, 0xcc, 0xd1, 0x15, 0xd5, 0xf8, 0xde, 0xca, 0xd7, 0xf8, 0xa6, 0x1e, - 0xdb, 0xf6, 0xae, 0x4e, 0x01, 0x4e, 0xa9, 0x38, 0x4e, 0x09, 0x07, 0x6b, 0x60, 0x73, 0x94, 0xd2, - 0x87, 0x54, 0x3c, 0xf6, 0xc3, 0x53, 0x54, 0x54, 0x8b, 0x81, 0x34, 0xd2, 0x66, 0x35, 0xa1, 0xc7, - 0x53, 0x1e, 0xf0, 0x2e, 0x58, 0x1f, 0xc9, 0xea, 0x7e, 0x28, 0x38, 0x02, 0x0a, 0x63, 0x47, 0x63, - 0xac, 0x57, 0x63, 0x5a, 0x9c, 0xb0, 0x86, 0x77, 0xc0, 0xda, 0x58, 0x72, 0x58, 0x43, 0xab, 0xca, - 0x7b, 0x5b, 0x7b, 0xaf, 0x55, 0x27, 0x74, 0x38, 0x66, 0x19, 0xf3, 0x3c, 0xac, 0xef, 0xa3, 0xb5, - 0x0c, 0xcf, 0xc3, 0xfa, 0x3e, 0x8e, 0x59, 0xc2, 0xcf, 0x01, 0x94, 0xb3, 0x8b, 0x7a, 0x79, 0x05, - 0xc4, 0xa1, 0x47, 0xf4, 0x8c, 0xba, 0x68, 0x57, 0x75, 0xc8, 0x37, 0x86, 0xab, 0x78, 0x3c, 0x65, - 0xf1, 0xac, 0x57, 0x86, 0x71, 0x89, 0xda, 0xd6, 0x14, 0x2c, 0xd8, 0x01, 0xe5, 0x61, 0xc5, 0xc5, - 0xea, 0xfd, 0x3d, 0xee, 0x10, 0x57, 0xdd, 0x54, 0x68, 0x47, 0xd1, 0xbd, 0xde, 0xef, 0x95, 0xcb, - 0xb5, 0xd9, 0xa6, 0xf8, 0x79, 0x58, 0xf0, 0x47, 0xc9, 0xce, 0x34, 0x11, 0xe7, 0xaa, 0x8a, 0xf3, - 0xea, 0x74, 0x57, 0x9a, 0x08, 0x90, 0xe9, 0x2d, 0x8f, 0xea, 0xb0, 0x63, 0xeb, 0xee, 0x8c, 0x2e, - 0x7d, 0x95, 0xb7, 0xfc, 0xcc, 0xcb, 0x69, 0x7c, 0x48, 0xe2, 0x66, 0x38, 0x11, 0x12, 0xfa, 0xa0, - 0x18, 0x0e, 0xaf, 0x61, 0xb4, 0xae, 0xe2, 0xdf, 0xcd, 0x39, 0x1f, 0x64, 0xdc, 0xfa, 0xf6, 0x65, - 0x1d, 0xba, 0x38, 0xb2, 0xc0, 0xe3, 0x18, 0xf0, 0x97, 0x06, 0x80, 0x3c, 0x0a, 0x02, 0x97, 0x76, - 0xa8, 0x27, 0x88, 0x3b, 0x18, 0x68, 0xd1, 0x86, 0x0a, 0x7d, 0x2f, 0x67, 0xea, 0x53, 0xfe, 0x49, - 0x0e, 0xa3, 0x8a, 0x9d, 0x36, 0xc5, 0x29, 0xe1, 0x61, 0x1b, 0x2c, 0xb7, 0xb8, 0xfa, 0x1b, 0x6d, - 0x2a, 0x26, 0x3f, 0xcc, 0xc7, 0x24, 0xfd, 0xa7, 0x35, 0x7b, 0x43, 0x87, 0x5f, 0xd6, 0x7a, 0x3c, - 0x44, 0x87, 0x9f, 0x80, 0x9d, 0x90, 0x92, 0xe6, 0x03, 0xcf, 0xed, 0x62, 0xdf, 0x17, 0x07, 0xcc, - 0xa5, 0xbc, 0xcb, 0x05, 0xed, 0xa0, 0xcb, 0xea, 0x34, 0x8d, 0x7e, 0x17, 0xc0, 0xa9, 0x56, 0x38, - 0xc3, 0x1b, 0x96, 0xc1, 0xa2, 0x2c, 0x16, 0x8e, 0xa0, 0xea, 0x93, 0x45, 0x39, 0xa8, 0xc9, 0xf5, - 0xe6, 0x78, 0x20, 0x9f, 0x78, 0x4d, 0x6c, 0x65, 0xbd, 0x26, 0xe0, 0x3b, 0x60, 0x83, 0x53, 0xc7, - 0xf1, 0x3b, 0x41, 0x3d, 0xf4, 0x5b, 0x12, 0x1c, 0x6d, 0x2b, 0xe3, 0xad, 0x7e, 0xaf, 0xbc, 0xd1, - 0x88, 0xab, 0x70, 0xd2, 0x16, 0x1e, 0x81, 0x6d, 0xdd, 0x0c, 0x8f, 0x3d, 0x4e, 0x5a, 0xb4, 0xd1, - 0xe5, 0x8e, 0x70, 0x39, 0x42, 0x0a, 0x03, 0xf5, 0x7b, 0xe5, 0xed, 0x6a, 0x8a, 0x1e, 0xa7, 0x7a, - 0xc1, 0x77, 0xc1, 0x66, 0xcb, 0x0f, 0x4f, 0x58, 0xb3, 0x49, 0xbd, 0x21, 0xd2, 0x2b, 0x0a, 0x69, - 0x5b, 0x36, 0xd0, 0x83, 0x84, 0x0e, 0x4f, 0x59, 0x9b, 0xff, 0x34, 0x40, 0x29, 0x7b, 0x00, 0xba, - 0x80, 0xc1, 0x9b, 0xc6, 0x07, 0xef, 0x77, 0xf3, 0xfe, 0x8c, 0x94, 0x45, 0x39, 0x63, 0x06, 0xff, - 0xd5, 0x3c, 0xf8, 0xce, 0x57, 0xf8, 0xed, 0x09, 0xfe, 0xd9, 0x00, 0x37, 0x82, 0x1c, 0x8f, 0x46, - 0xbd, 0x22, 0x2f, 0xf2, 0x1d, 0xfe, 0x5d, 0x9d, 0x40, 0xae, 0x47, 0x2b, 0xce, 0xc5, 0x52, 0xbe, - 0xa4, 0x3d, 0xd2, 0xa1, 0xc9, 0x97, 0xb4, 0xbc, 0x37, 0xb0, 0xd2, 0x98, 0x7f, 0x30, 0xc0, 0x37, - 0x9f, 0xdb, 0x33, 0xa0, 0x1d, 0x9b, 0xe7, 0xad, 0xc4, 0x3c, 0x5f, 0xca, 0x06, 0x78, 0xe9, 0x3f, - 0x8d, 0xdb, 0x1f, 0x3c, 0x79, 0x5a, 0x9a, 0xfb, 0xe2, 0x69, 0x69, 0xee, 0xcb, 0xa7, 0xa5, 0xb9, - 0x9f, 0xf5, 0x4b, 0xc6, 0x93, 0x7e, 0xc9, 0xf8, 0xa2, 0x5f, 0x32, 0xbe, 0xec, 0x97, 0x8c, 0xbf, - 0xf7, 0x4b, 0xc6, 0x2f, 0xfe, 0x51, 0x9a, 0xfb, 0xf4, 0x46, 0x9e, 0xff, 0xa2, 0xfc, 0x37, 0x00, - 0x00, 0xff, 0xff, 0xb7, 0xb2, 0xaf, 0x36, 0x6c, 0x19, 0x00, 0x00, -} +func (m *SupplementalGroupsStrategyOptions) Reset() { *m = SupplementalGroupsStrategyOptions{} } func (m *AllowedFlexVolume) Marshal() (dAtA []byte, err error) { size := m.Size() diff --git a/vendor/github.com/openshift/api/security/v1/generated.proto b/vendor/github.com/openshift/api/security/v1/generated.proto index 933de5450..bb8a37fc0 100644 --- a/vendor/github.com/openshift/api/security/v1/generated.proto +++ b/vendor/github.com/openshift/api/security/v1/generated.proto @@ -246,7 +246,7 @@ message SecurityContextConstraints { optional bool allowPrivilegedContainer = 3; // defaultAddCapabilities is the default set of capabilities that will be added to the container - // unless the pod spec specifically drops the capability. You may not list a capabiility in both + // unless the pod spec specifically drops the capability. You may not list a capability in both // DefaultAddCapabilities and RequiredDropCapabilities. // +nullable // +listType=atomic @@ -302,7 +302,6 @@ message SecurityContextConstraints { // When "AllowHostLevel" is set, a pod author may set `hostUsers` to either `true` or `false`. // When "RequirePodLevel" is set, a pod author must set `hostUsers` to `false`. // When omitted, the default value is "AllowHostLevel". - // +openshift:enable:FeatureGate=UserNamespacesPodSecurityStandards // +kubebuilder:validation:Enum="AllowHostLevel";"RequirePodLevel" // +kubebuilder:default:="AllowHostLevel" // +default="AllowHostLevel" @@ -358,7 +357,7 @@ message SecurityContextConstraints { // seccompProfiles lists the allowed profiles that may be set for the pod or // container's seccomp annotations. An unset (nil) or empty value means that no profiles may - // be specifid by the pod or container. The wildcard '*' may be used to allow all profiles. When + // be specified by the pod or container. The wildcard '*' may be used to allow all profiles. When // used to generate a value for a pod the first non-wildcard profile will be used as // the default. // +nullable diff --git a/vendor/github.com/openshift/api/security/v1/generated.protomessage.pb.go b/vendor/github.com/openshift/api/security/v1/generated.protomessage.pb.go new file mode 100644 index 000000000..de536ddeb --- /dev/null +++ b/vendor/github.com/openshift/api/security/v1/generated.protomessage.pb.go @@ -0,0 +1,44 @@ +//go:build kubernetes_protomessage_one_more_release +// +build kubernetes_protomessage_one_more_release + +// Code generated by go-to-protobuf. DO NOT EDIT. + +package v1 + +func (*AllowedFlexVolume) ProtoMessage() {} + +func (*FSGroupStrategyOptions) ProtoMessage() {} + +func (*IDRange) ProtoMessage() {} + +func (*PodSecurityPolicyReview) ProtoMessage() {} + +func (*PodSecurityPolicyReviewSpec) ProtoMessage() {} + +func (*PodSecurityPolicyReviewStatus) ProtoMessage() {} + +func (*PodSecurityPolicySelfSubjectReview) ProtoMessage() {} + +func (*PodSecurityPolicySelfSubjectReviewSpec) ProtoMessage() {} + +func (*PodSecurityPolicySubjectReview) ProtoMessage() {} + +func (*PodSecurityPolicySubjectReviewSpec) ProtoMessage() {} + +func (*PodSecurityPolicySubjectReviewStatus) ProtoMessage() {} + +func (*RangeAllocation) ProtoMessage() {} + +func (*RangeAllocationList) ProtoMessage() {} + +func (*RunAsUserStrategyOptions) ProtoMessage() {} + +func (*SELinuxContextStrategyOptions) ProtoMessage() {} + +func (*SecurityContextConstraints) ProtoMessage() {} + +func (*SecurityContextConstraintsList) ProtoMessage() {} + +func (*ServiceAccountPodSecurityPolicyReviewStatus) ProtoMessage() {} + +func (*SupplementalGroupsStrategyOptions) ProtoMessage() {} diff --git a/vendor/github.com/openshift/api/security/v1/types.go b/vendor/github.com/openshift/api/security/v1/types.go index fb491480d..a87590213 100644 --- a/vendor/github.com/openshift/api/security/v1/types.go +++ b/vendor/github.com/openshift/api/security/v1/types.go @@ -57,7 +57,7 @@ type SecurityContextConstraints struct { // allowPrivilegedContainer determines if a container can request to be run as privileged. AllowPrivilegedContainer bool `json:"allowPrivilegedContainer" protobuf:"varint,3,opt,name=allowPrivilegedContainer"` // defaultAddCapabilities is the default set of capabilities that will be added to the container - // unless the pod spec specifically drops the capability. You may not list a capabiility in both + // unless the pod spec specifically drops the capability. You may not list a capability in both // DefaultAddCapabilities and RequiredDropCapabilities. // +nullable // +listType=atomic @@ -103,7 +103,6 @@ type SecurityContextConstraints struct { // When "AllowHostLevel" is set, a pod author may set `hostUsers` to either `true` or `false`. // When "RequirePodLevel" is set, a pod author must set `hostUsers` to `false`. // When omitted, the default value is "AllowHostLevel". - // +openshift:enable:FeatureGate=UserNamespacesPodSecurityStandards // +kubebuilder:validation:Enum="AllowHostLevel";"RequirePodLevel" // +kubebuilder:default:="AllowHostLevel" // +default="AllowHostLevel" @@ -151,7 +150,7 @@ type SecurityContextConstraints struct { // seccompProfiles lists the allowed profiles that may be set for the pod or // container's seccomp annotations. An unset (nil) or empty value means that no profiles may - // be specifid by the pod or container. The wildcard '*' may be used to allow all profiles. When + // be specified by the pod or container. The wildcard '*' may be used to allow all profiles. When // used to generate a value for a pod the first non-wildcard profile will be used as // the default. // +nullable diff --git a/vendor/github.com/openshift/api/security/v1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/security/v1/zz_generated.featuregated-crd-manifests.yaml index 178c97078..86f78058a 100644 --- a/vendor/github.com/openshift/api/security/v1/zz_generated.featuregated-crd-manifests.yaml +++ b/vendor/github.com/openshift/api/security/v1/zz_generated.featuregated-crd-manifests.yaml @@ -5,8 +5,7 @@ securitycontextconstraints.security.openshift.io: CRDName: securitycontextconstraints.security.openshift.io Capability: "" Category: "" - FeatureGates: - - UserNamespacesPodSecurityStandards + FeatureGates: [] FilenameOperatorName: config-operator FilenameOperatorOrdering: "01" FilenameRunLevel: "0000_03" diff --git a/vendor/github.com/openshift/api/security/v1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/security/v1/zz_generated.swagger_doc_generated.go index 29cddf7e6..67882a66e 100644 --- a/vendor/github.com/openshift/api/security/v1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/security/v1/zz_generated.swagger_doc_generated.go @@ -171,7 +171,7 @@ var map_SecurityContextConstraints = map[string]string{ "metadata": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", "priority": "priority influences the sort order of SCCs when evaluating which SCCs to try first for a given pod request based on access in the Users and Groups fields. The higher the int, the higher priority. An unset value is considered a 0 priority. If scores for multiple SCCs are equal they will be sorted from most restrictive to least restrictive. If both priorities and restrictions are equal the SCCs will be sorted by name.", "allowPrivilegedContainer": "allowPrivilegedContainer determines if a container can request to be run as privileged.", - "defaultAddCapabilities": "defaultAddCapabilities is the default set of capabilities that will be added to the container unless the pod spec specifically drops the capability. You may not list a capabiility in both DefaultAddCapabilities and RequiredDropCapabilities.", + "defaultAddCapabilities": "defaultAddCapabilities is the default set of capabilities that will be added to the container unless the pod spec specifically drops the capability. You may not list a capability in both DefaultAddCapabilities and RequiredDropCapabilities.", "requiredDropCapabilities": "requiredDropCapabilities are the capabilities that will be dropped from the container. These are required to be dropped and cannot be added.", "allowedCapabilities": "allowedCapabilities is a list of capabilities that can be requested to add to the container. Capabilities in this field maybe added at the pod author's discretion. You must not list a capability in both AllowedCapabilities and RequiredDropCapabilities. To allow all capabilities you may use '*'.", "allowHostDirVolumePlugin": "allowHostDirVolumePlugin determines if the policy allow containers to use the HostDir volume plugin", @@ -191,7 +191,7 @@ var map_SecurityContextConstraints = map[string]string{ "readOnlyRootFilesystem": "readOnlyRootFilesystem when set to true will force containers to run with a read only root file system. If the container specifically requests to run with a non-read only root file system the SCC should deny the pod. If set to false the container may run with a read only root file system if it wishes but it will not be forced to.", "users": "The users who have permissions to use this security context constraints", "groups": "The groups that have permission to use this security context constraints", - "seccompProfiles": "seccompProfiles lists the allowed profiles that may be set for the pod or container's seccomp annotations. An unset (nil) or empty value means that no profiles may be specifid by the pod or container.\tThe wildcard '*' may be used to allow all profiles. When used to generate a value for a pod the first non-wildcard profile will be used as the default.", + "seccompProfiles": "seccompProfiles lists the allowed profiles that may be set for the pod or container's seccomp annotations. An unset (nil) or empty value means that no profiles may be specified by the pod or container.\tThe wildcard '*' may be used to allow all profiles. When used to generate a value for a pod the first non-wildcard profile will be used as the default.", "allowedUnsafeSysctls": "allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none. Each entry is either a plain sysctl name or ends in \"*\" in which case it is considered as a prefix of allowed sysctls. Single * means all unsafe sysctls are allowed. Kubelet has to whitelist all allowed unsafe sysctls explicitly to avoid rejection.\n\nExamples: e.g. \"foo/*\" allows \"foo/bar\", \"foo/baz\", etc. e.g. \"foo.*\" allows \"foo.bar\", \"foo.baz\", etc.", "forbiddenSysctls": "forbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none. Each entry is either a plain sysctl name or ends in \"*\" in which case it is considered as a prefix of forbidden sysctls. Single * means all sysctls are forbidden.\n\nExamples: e.g. \"foo/*\" forbids \"foo/bar\", \"foo/baz\", etc. e.g. \"foo.*\" forbids \"foo.bar\", \"foo.baz\", etc.", } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/acceptrisk.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/acceptrisk.go index dba8a77ed..09f56804c 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/acceptrisk.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/acceptrisk.go @@ -4,7 +4,11 @@ package v1 // AcceptRiskApplyConfiguration represents a declarative configuration of the AcceptRisk type for use // with apply. +// +// AcceptRisk represents a risk that is considered acceptable. type AcceptRiskApplyConfiguration struct { + // name is the name of the acceptable risk. + // It must be a non-empty string and must not exceed 256 characters. Name *string `json:"name,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/alibabacloudplatformstatus.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/alibabacloudplatformstatus.go index e763d14f6..9a3e53e19 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/alibabacloudplatformstatus.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/alibabacloudplatformstatus.go @@ -4,10 +4,15 @@ package v1 // AlibabaCloudPlatformStatusApplyConfiguration represents a declarative configuration of the AlibabaCloudPlatformStatus type for use // with apply. +// +// AlibabaCloudPlatformStatus holds the current status of the Alibaba Cloud infrastructure provider. type AlibabaCloudPlatformStatusApplyConfiguration struct { - Region *string `json:"region,omitempty"` - ResourceGroupID *string `json:"resourceGroupID,omitempty"` - ResourceTags []AlibabaCloudResourceTagApplyConfiguration `json:"resourceTags,omitempty"` + // region specifies the region for Alibaba Cloud resources created for the cluster. + Region *string `json:"region,omitempty"` + // resourceGroupID is the ID of the resource group for the cluster. + ResourceGroupID *string `json:"resourceGroupID,omitempty"` + // resourceTags is a list of additional tags to apply to Alibaba Cloud resources created for the cluster. + ResourceTags []AlibabaCloudResourceTagApplyConfiguration `json:"resourceTags,omitempty"` } // AlibabaCloudPlatformStatusApplyConfiguration constructs a declarative configuration of the AlibabaCloudPlatformStatus type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/alibabacloudresourcetag.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/alibabacloudresourcetag.go index 38fef6d50..179408726 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/alibabacloudresourcetag.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/alibabacloudresourcetag.go @@ -4,8 +4,12 @@ package v1 // AlibabaCloudResourceTagApplyConfiguration represents a declarative configuration of the AlibabaCloudResourceTag type for use // with apply. +// +// AlibabaCloudResourceTag is the set of tags to add to apply to resources. type AlibabaCloudResourceTagApplyConfiguration struct { - Key *string `json:"key,omitempty"` + // key is the key of the tag. + Key *string `json:"key,omitempty"` + // value is the value of the tag. Value *string `json:"value,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/apiserver.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/apiserver.go index df593a666..7189ef617 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/apiserver.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/apiserver.go @@ -13,11 +13,21 @@ import ( // APIServerApplyConfiguration represents a declarative configuration of the APIServer type for use // with apply. +// +// APIServer holds configuration (like serving certificates, client CA and CORS domains) +// shared by all API servers in the system, among them especially kube-apiserver +// and openshift-apiserver. The canonical name of an instance is 'cluster'. +// +// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). type APIServerApplyConfiguration struct { - metav1.TypeMetaApplyConfiguration `json:",inline"` + metav1.TypeMetaApplyConfiguration `json:",inline"` + // metadata is the standard object's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata *metav1.ObjectMetaApplyConfiguration `json:"metadata,omitempty"` - Spec *APIServerSpecApplyConfiguration `json:"spec,omitempty"` - Status *configv1.APIServerStatus `json:"status,omitempty"` + // spec holds user settable values for configuration + Spec *APIServerSpecApplyConfiguration `json:"spec,omitempty"` + // status holds observed values from the cluster. They may not be overridden. + Status *configv1.APIServerStatus `json:"status,omitempty"` } // APIServer constructs a declarative configuration of the APIServer type for use with @@ -30,6 +40,26 @@ func APIServer(name string) *APIServerApplyConfiguration { return b } +// ExtractAPIServerFrom extracts the applied configuration owned by fieldManager from +// aPIServer for the specified subresource. Pass an empty string for subresource to extract +// the main resource. Common subresources include "status", "scale", etc. +// aPIServer must be a unmodified APIServer API object that was retrieved from the Kubernetes API. +// ExtractAPIServerFrom provides a way to perform a extract/modify-in-place/apply workflow. +// Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously +// applied if another fieldManager has updated or force applied any of the previously applied fields. +func ExtractAPIServerFrom(aPIServer *configv1.APIServer, fieldManager string, subresource string) (*APIServerApplyConfiguration, error) { + b := &APIServerApplyConfiguration{} + err := managedfields.ExtractInto(aPIServer, internal.Parser().Type("com.github.openshift.api.config.v1.APIServer"), fieldManager, b, subresource) + if err != nil { + return nil, err + } + b.WithName(aPIServer.Name) + + b.WithKind("APIServer") + b.WithAPIVersion("config.openshift.io/v1") + return b, nil +} + // ExtractAPIServer extracts the applied configuration owned by fieldManager from // aPIServer. If no managedFields are found in aPIServer for fieldManager, a // APIServerApplyConfiguration is returned with only the Name, Namespace (if applicable), @@ -40,30 +70,16 @@ func APIServer(name string) *APIServerApplyConfiguration { // ExtractAPIServer provides a way to perform a extract/modify-in-place/apply workflow. // Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously // applied if another fieldManager has updated or force applied any of the previously applied fields. -// Experimental! func ExtractAPIServer(aPIServer *configv1.APIServer, fieldManager string) (*APIServerApplyConfiguration, error) { - return extractAPIServer(aPIServer, fieldManager, "") + return ExtractAPIServerFrom(aPIServer, fieldManager, "") } -// ExtractAPIServerStatus is the same as ExtractAPIServer except -// that it extracts the status subresource applied configuration. -// Experimental! +// ExtractAPIServerStatus extracts the applied configuration owned by fieldManager from +// aPIServer for the status subresource. func ExtractAPIServerStatus(aPIServer *configv1.APIServer, fieldManager string) (*APIServerApplyConfiguration, error) { - return extractAPIServer(aPIServer, fieldManager, "status") + return ExtractAPIServerFrom(aPIServer, fieldManager, "status") } -func extractAPIServer(aPIServer *configv1.APIServer, fieldManager string, subresource string) (*APIServerApplyConfiguration, error) { - b := &APIServerApplyConfiguration{} - err := managedfields.ExtractInto(aPIServer, internal.Parser().Type("com.github.openshift.api.config.v1.APIServer"), fieldManager, b, subresource) - if err != nil { - return nil, err - } - b.WithName(aPIServer.Name) - - b.WithKind("APIServer") - b.WithAPIVersion("config.openshift.io/v1") - return b, nil -} func (b APIServerApplyConfiguration) IsApplyConfiguration() {} // WithKind sets the Kind field in the declarative configuration to the given value diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/apiserverencryption.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/apiserverencryption.go index 06b34856c..5a9af0cb2 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/apiserverencryption.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/apiserverencryption.go @@ -8,9 +8,31 @@ import ( // APIServerEncryptionApplyConfiguration represents a declarative configuration of the APIServerEncryption type for use // with apply. +// +// APIServerEncryption is used to encrypt sensitive resources on the cluster. type APIServerEncryptionApplyConfiguration struct { - Type *configv1.EncryptionType `json:"type,omitempty"` - KMS *KMSConfigApplyConfiguration `json:"kms,omitempty"` + // type defines what encryption type should be used to encrypt resources at the datastore layer. + // When this field is unset (i.e. when it is set to the empty string), identity is implied. + // The behavior of unset can and will change over time. Even if encryption is enabled by default, + // the meaning of unset may change to a different encryption type based on changes in best practices. + // + // When encryption is enabled, all sensitive resources shipped with the platform are encrypted. + // This list of sensitive resources can and will change over time. The current authoritative list is: + // + // 1. secrets + // 2. configmaps + // 3. routes.route.openshift.io + // 4. oauthaccesstokens.oauth.openshift.io + // 5. oauthauthorizetokens.oauth.openshift.io + Type *configv1.EncryptionType `json:"type,omitempty"` + // kms defines the configuration for the external KMS instance that manages the encryption keys, + // when KMS encryption is enabled sensitive resources will be encrypted using keys managed by an + // externally configured KMS instance. + // + // The Key Management Service (KMS) instance provides symmetric encryption and is responsible for + // managing the lifecyle of the encryption keys outside of the control plane. + // This allows integration with an external provider to manage the data encryption keys securely. + KMS *KMSPluginConfigApplyConfiguration `json:"kms,omitempty"` } // APIServerEncryptionApplyConfiguration constructs a declarative configuration of the APIServerEncryption type for use with @@ -30,7 +52,7 @@ func (b *APIServerEncryptionApplyConfiguration) WithType(value configv1.Encrypti // WithKMS sets the KMS field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the KMS field is set to the value of the last call. -func (b *APIServerEncryptionApplyConfiguration) WithKMS(value *KMSConfigApplyConfiguration) *APIServerEncryptionApplyConfiguration { +func (b *APIServerEncryptionApplyConfiguration) WithKMS(value *KMSPluginConfigApplyConfiguration) *APIServerEncryptionApplyConfiguration { b.KMS = value return b } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/apiservernamedservingcert.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/apiservernamedservingcert.go index ae1f76215..385ad9563 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/apiservernamedservingcert.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/apiservernamedservingcert.go @@ -4,8 +4,17 @@ package v1 // APIServerNamedServingCertApplyConfiguration represents a declarative configuration of the APIServerNamedServingCert type for use // with apply. +// +// APIServerNamedServingCert maps a server DNS name, as understood by a client, to a certificate. type APIServerNamedServingCertApplyConfiguration struct { - Names []string `json:"names,omitempty"` + // names is a optional list of explicit DNS names (leading wildcards allowed) that should use this certificate to + // serve secure traffic. If no names are provided, the implicit names will be extracted from the certificates. + // Exact names trump over wildcard names. Explicit names defined here trump over extracted implicit names. + Names []string `json:"names,omitempty"` + // servingCertificate references a kubernetes.io/tls type secret containing the TLS cert info for serving secure traffic. + // The secret must exist in the openshift-config namespace and contain the following required fields: + // - Secret.Data["tls.key"] - TLS private key. + // - Secret.Data["tls.crt"] - TLS certificate. ServingCertificate *SecretNameReferenceApplyConfiguration `json:"servingCertificate,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/apiserverservingcerts.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/apiserverservingcerts.go index 963bea305..4972c3c94 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/apiserverservingcerts.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/apiserverservingcerts.go @@ -5,6 +5,9 @@ package v1 // APIServerServingCertsApplyConfiguration represents a declarative configuration of the APIServerServingCerts type for use // with apply. type APIServerServingCertsApplyConfiguration struct { + // namedCertificates references secrets containing the TLS cert info for serving secure traffic to specific hostnames. + // If no named certificates are provided, or no named certificates match the server name as understood by a client, + // the defaultServingCertificate will be used. NamedCertificates []APIServerNamedServingCertApplyConfiguration `json:"namedCertificates,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/apiserverspec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/apiserverspec.go index 58f4b0eec..42392a353 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/apiserverspec.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/apiserverspec.go @@ -2,15 +2,68 @@ package v1 +import ( + configv1 "github.com/openshift/api/config/v1" +) + // APIServerSpecApplyConfiguration represents a declarative configuration of the APIServerSpec type for use // with apply. type APIServerSpecApplyConfiguration struct { - ServingCerts *APIServerServingCertsApplyConfiguration `json:"servingCerts,omitempty"` - ClientCA *ConfigMapNameReferenceApplyConfiguration `json:"clientCA,omitempty"` - AdditionalCORSAllowedOrigins []string `json:"additionalCORSAllowedOrigins,omitempty"` - Encryption *APIServerEncryptionApplyConfiguration `json:"encryption,omitempty"` - TLSSecurityProfile *TLSSecurityProfileApplyConfiguration `json:"tlsSecurityProfile,omitempty"` - Audit *AuditApplyConfiguration `json:"audit,omitempty"` + // servingCert is the TLS cert info for serving secure traffic. If not specified, operator managed certificates + // will be used for serving secure traffic. + ServingCerts *APIServerServingCertsApplyConfiguration `json:"servingCerts,omitempty"` + // clientCA references a ConfigMap containing a certificate bundle for the signers that will be recognized for + // incoming client certificates in addition to the operator managed signers. If this is empty, then only operator managed signers are valid. + // You usually only have to set this if you have your own PKI you wish to honor client certificates from. + // The ConfigMap must exist in the openshift-config namespace and contain the following required fields: + // - ConfigMap.Data["ca-bundle.crt"] - CA bundle. + ClientCA *ConfigMapNameReferenceApplyConfiguration `json:"clientCA,omitempty"` + // additionalCORSAllowedOrigins lists additional, user-defined regular expressions describing hosts for which the + // API server allows access using the CORS headers. This may be needed to access the API and the integrated OAuth + // server from JavaScript applications. + // The values are regular expressions that correspond to the Golang regular expression language. + AdditionalCORSAllowedOrigins []string `json:"additionalCORSAllowedOrigins,omitempty"` + // encryption allows the configuration of encryption of resources at the datastore layer. + Encryption *APIServerEncryptionApplyConfiguration `json:"encryption,omitempty"` + // tlsSecurityProfile specifies settings for TLS connections for externally exposed servers. + // + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The current default is the Intermediate profile. + TLSSecurityProfile *TLSSecurityProfileApplyConfiguration `json:"tlsSecurityProfile,omitempty"` + // tlsAdherence controls if components in the cluster adhere to the TLS security profile + // configured on this APIServer resource. + // + // Valid values are "LegacyAdheringComponentsOnly" and "StrictAllComponents". + // + // When set to "LegacyAdheringComponentsOnly", components that already honor the + // cluster-wide TLS profile continue to do so. Components that do not already honor + // it continue to use their individual TLS configurations. + // + // When set to "StrictAllComponents", all components must honor the configured TLS + // profile unless they have a component-specific TLS configuration that overrides + // it. This mode is recommended for security-conscious deployments and is required + // for certain compliance frameworks. + // + // Note: Some components such as Kubelet and IngressController have their own + // dedicated TLS configuration mechanisms via KubeletConfig and IngressController + // CRs respectively. When these component-specific TLS configurations are set, + // they take precedence over the cluster-wide tlsSecurityProfile. When not set, + // these components fall back to the cluster-wide default. + // + // Components that encounter an unknown value for tlsAdherence should treat it + // as "StrictAllComponents" and log a warning to ensure forward compatibility + // while defaulting to the more secure behavior. + // + // This field is optional. + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // The current default is LegacyAdheringComponentsOnly. + // + // Once set, this field may be changed to a different value, but may not be removed. + TLSAdherence *configv1.TLSAdherencePolicy `json:"tlsAdherence,omitempty"` + // audit specifies the settings for audit configuration to be applied to all OpenShift-provided + // API servers in the cluster. + Audit *AuditApplyConfiguration `json:"audit,omitempty"` } // APIServerSpecApplyConfiguration constructs a declarative configuration of the APIServerSpec type for use with @@ -61,6 +114,14 @@ func (b *APIServerSpecApplyConfiguration) WithTLSSecurityProfile(value *TLSSecur return b } +// WithTLSAdherence sets the TLSAdherence field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the TLSAdherence field is set to the value of the last call. +func (b *APIServerSpecApplyConfiguration) WithTLSAdherence(value configv1.TLSAdherencePolicy) *APIServerSpecApplyConfiguration { + b.TLSAdherence = &value + return b +} + // WithAudit sets the Audit field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the Audit field is set to the value of the last call. diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/audit.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/audit.go index a07c9788c..a5483d5c7 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/audit.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/audit.go @@ -9,7 +9,31 @@ import ( // AuditApplyConfiguration represents a declarative configuration of the Audit type for use // with apply. type AuditApplyConfiguration struct { - Profile *configv1.AuditProfileType `json:"profile,omitempty"` + // profile specifies the name of the desired top-level audit profile to be applied to all requests + // sent to any of the OpenShift-provided API servers in the cluster (kube-apiserver, + // openshift-apiserver and oauth-apiserver), with the exception of those requests that match + // one or more of the customRules. + // + // The following profiles are provided: + // - Default: default policy which means MetaData level logging with the exception of events + // (not logged at all), oauthaccesstokens and oauthauthorizetokens (both logged at RequestBody + // level). + // - WriteRequestBodies: like 'Default', but logs request and response HTTP payloads for + // write requests (create, update, patch). + // - AllRequestBodies: like 'WriteRequestBodies', but also logs request and response + // HTTP payloads for read requests (get, list). + // - None: no requests are logged at all, not even oauthaccesstokens and oauthauthorizetokens. + // + // Warning: It is not recommended to disable audit logging by using the `None` profile unless you + // are fully aware of the risks of not logging data that can be beneficial when troubleshooting issues. + // If you disable audit logging and a support situation arises, you might need to enable audit logging + // and reproduce the issue in order to troubleshoot properly. + // + // If unset, the 'Default' profile is used as the default. + Profile *configv1.AuditProfileType `json:"profile,omitempty"` + // customRules specify profiles per group. These profile take precedence over the + // top-level profile field if they apply. They are evaluation from top to bottom and + // the first one that matches, applies. CustomRules []AuditCustomRuleApplyConfiguration `json:"customRules,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/auditcustomrule.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/auditcustomrule.go index 33a696d77..f029288aa 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/auditcustomrule.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/auditcustomrule.go @@ -8,8 +8,24 @@ import ( // AuditCustomRuleApplyConfiguration represents a declarative configuration of the AuditCustomRule type for use // with apply. +// +// AuditCustomRule describes a custom rule for an audit profile that takes precedence over +// the top-level profile. type AuditCustomRuleApplyConfiguration struct { - Group *string `json:"group,omitempty"` + // group is a name of group a request user must be member of in order to this profile to apply. + Group *string `json:"group,omitempty"` + // profile specifies the name of the desired audit policy configuration to be deployed to + // all OpenShift-provided API servers in the cluster. + // + // The following profiles are provided: + // - Default: the existing default policy. + // - WriteRequestBodies: like 'Default', but logs request and response HTTP payloads for + // write requests (create, update, patch). + // - AllRequestBodies: like 'WriteRequestBodies', but also logs request and response + // HTTP payloads for read requests (get, list). + // - None: no requests are logged at all, not even oauthaccesstokens and oauthauthorizetokens. + // + // If unset, the 'Default' profile is used as the default. Profile *configv1.AuditProfileType `json:"profile,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/authentication.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/authentication.go index 39d260e54..f407d372c 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/authentication.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/authentication.go @@ -13,11 +13,20 @@ import ( // AuthenticationApplyConfiguration represents a declarative configuration of the Authentication type for use // with apply. +// +// Authentication specifies cluster-wide settings for authentication (like OAuth and +// webhook token authenticators). The canonical name of an instance is `cluster`. +// +// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). type AuthenticationApplyConfiguration struct { - metav1.TypeMetaApplyConfiguration `json:",inline"` + metav1.TypeMetaApplyConfiguration `json:",inline"` + // metadata is the standard object's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata *metav1.ObjectMetaApplyConfiguration `json:"metadata,omitempty"` - Spec *AuthenticationSpecApplyConfiguration `json:"spec,omitempty"` - Status *AuthenticationStatusApplyConfiguration `json:"status,omitempty"` + // spec holds user settable values for configuration + Spec *AuthenticationSpecApplyConfiguration `json:"spec,omitempty"` + // status holds observed values from the cluster. They may not be overridden. + Status *AuthenticationStatusApplyConfiguration `json:"status,omitempty"` } // Authentication constructs a declarative configuration of the Authentication type for use with @@ -30,6 +39,26 @@ func Authentication(name string) *AuthenticationApplyConfiguration { return b } +// ExtractAuthenticationFrom extracts the applied configuration owned by fieldManager from +// authentication for the specified subresource. Pass an empty string for subresource to extract +// the main resource. Common subresources include "status", "scale", etc. +// authentication must be a unmodified Authentication API object that was retrieved from the Kubernetes API. +// ExtractAuthenticationFrom provides a way to perform a extract/modify-in-place/apply workflow. +// Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously +// applied if another fieldManager has updated or force applied any of the previously applied fields. +func ExtractAuthenticationFrom(authentication *configv1.Authentication, fieldManager string, subresource string) (*AuthenticationApplyConfiguration, error) { + b := &AuthenticationApplyConfiguration{} + err := managedfields.ExtractInto(authentication, internal.Parser().Type("com.github.openshift.api.config.v1.Authentication"), fieldManager, b, subresource) + if err != nil { + return nil, err + } + b.WithName(authentication.Name) + + b.WithKind("Authentication") + b.WithAPIVersion("config.openshift.io/v1") + return b, nil +} + // ExtractAuthentication extracts the applied configuration owned by fieldManager from // authentication. If no managedFields are found in authentication for fieldManager, a // AuthenticationApplyConfiguration is returned with only the Name, Namespace (if applicable), @@ -40,30 +69,16 @@ func Authentication(name string) *AuthenticationApplyConfiguration { // ExtractAuthentication provides a way to perform a extract/modify-in-place/apply workflow. // Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously // applied if another fieldManager has updated or force applied any of the previously applied fields. -// Experimental! func ExtractAuthentication(authentication *configv1.Authentication, fieldManager string) (*AuthenticationApplyConfiguration, error) { - return extractAuthentication(authentication, fieldManager, "") + return ExtractAuthenticationFrom(authentication, fieldManager, "") } -// ExtractAuthenticationStatus is the same as ExtractAuthentication except -// that it extracts the status subresource applied configuration. -// Experimental! +// ExtractAuthenticationStatus extracts the applied configuration owned by fieldManager from +// authentication for the status subresource. func ExtractAuthenticationStatus(authentication *configv1.Authentication, fieldManager string) (*AuthenticationApplyConfiguration, error) { - return extractAuthentication(authentication, fieldManager, "status") + return ExtractAuthenticationFrom(authentication, fieldManager, "status") } -func extractAuthentication(authentication *configv1.Authentication, fieldManager string, subresource string) (*AuthenticationApplyConfiguration, error) { - b := &AuthenticationApplyConfiguration{} - err := managedfields.ExtractInto(authentication, internal.Parser().Type("com.github.openshift.api.config.v1.Authentication"), fieldManager, b, subresource) - if err != nil { - return nil, err - } - b.WithName(authentication.Name) - - b.WithKind("Authentication") - b.WithAPIVersion("config.openshift.io/v1") - return b, nil -} func (b AuthenticationApplyConfiguration) IsApplyConfiguration() {} // WithKind sets the Kind field in the declarative configuration to the given value diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/authenticationspec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/authenticationspec.go index b2ac36278..3653cf676 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/authenticationspec.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/authenticationspec.go @@ -9,12 +9,46 @@ import ( // AuthenticationSpecApplyConfiguration represents a declarative configuration of the AuthenticationSpec type for use // with apply. type AuthenticationSpecApplyConfiguration struct { - Type *configv1.AuthenticationType `json:"type,omitempty"` - OAuthMetadata *ConfigMapNameReferenceApplyConfiguration `json:"oauthMetadata,omitempty"` + // type identifies the cluster managed, user facing authentication mode in use. + // Specifically, it manages the component that responds to login attempts. + // The default is IntegratedOAuth. + Type *configv1.AuthenticationType `json:"type,omitempty"` + // oauthMetadata contains the discovery endpoint data for OAuth 2.0 + // Authorization Server Metadata for an external OAuth server. + // This discovery document can be viewed from its served location: + // oc get --raw '/.well-known/oauth-authorization-server' + // For further details, see the IETF Draft: + // https://tools.ietf.org/html/draft-ietf-oauth-discovery-04#section-2 + // If oauthMetadata.name is non-empty, this value has precedence + // over any metadata reference stored in status. + // The key "oauthMetadata" is used to locate the data. + // If specified and the config map or expected key is not found, no metadata is served. + // If the specified metadata is not valid, no metadata is served. + // The namespace for this config map is openshift-config. + OAuthMetadata *ConfigMapNameReferenceApplyConfiguration `json:"oauthMetadata,omitempty"` + // webhookTokenAuthenticators is DEPRECATED, setting it has no effect. WebhookTokenAuthenticators []DeprecatedWebhookTokenAuthenticatorApplyConfiguration `json:"webhookTokenAuthenticators,omitempty"` - WebhookTokenAuthenticator *WebhookTokenAuthenticatorApplyConfiguration `json:"webhookTokenAuthenticator,omitempty"` - ServiceAccountIssuer *string `json:"serviceAccountIssuer,omitempty"` - OIDCProviders []OIDCProviderApplyConfiguration `json:"oidcProviders,omitempty"` + // webhookTokenAuthenticator configures a remote token reviewer. + // These remote authentication webhooks can be used to verify bearer tokens + // via the tokenreviews.authentication.k8s.io REST API. This is required to + // honor bearer tokens that are provisioned by an external authentication service. + // + // Can only be set if "Type" is set to "None". + WebhookTokenAuthenticator *WebhookTokenAuthenticatorApplyConfiguration `json:"webhookTokenAuthenticator,omitempty"` + // serviceAccountIssuer is the identifier of the bound service account token + // issuer. + // The default is https://kubernetes.default.svc + // WARNING: Updating this field will not result in immediate invalidation of all bound tokens with the + // previous issuer value. Instead, the tokens issued by previous service account issuer will continue to + // be trusted for a time period chosen by the platform (currently set to 24h). + // This time period is subject to change over time. + // This allows internal components to transition to use new service account issuer without service distruption. + ServiceAccountIssuer *string `json:"serviceAccountIssuer,omitempty"` + // oidcProviders are OIDC identity providers that can issue tokens for this cluster + // Can only be set if "Type" is set to "OIDC". + // + // At most one provider can be configured. + OIDCProviders []OIDCProviderApplyConfiguration `json:"oidcProviders,omitempty"` } // AuthenticationSpecApplyConfiguration constructs a declarative configuration of the AuthenticationSpec type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/authenticationstatus.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/authenticationstatus.go index 1539f164b..e8ae75aea 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/authenticationstatus.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/authenticationstatus.go @@ -5,8 +5,22 @@ package v1 // AuthenticationStatusApplyConfiguration represents a declarative configuration of the AuthenticationStatus type for use // with apply. type AuthenticationStatusApplyConfiguration struct { + // integratedOAuthMetadata contains the discovery endpoint data for OAuth 2.0 + // Authorization Server Metadata for the in-cluster integrated OAuth server. + // This discovery document can be viewed from its served location: + // oc get --raw '/.well-known/oauth-authorization-server' + // For further details, see the IETF Draft: + // https://tools.ietf.org/html/draft-ietf-oauth-discovery-04#section-2 + // This contains the observed value based on cluster state. + // An explicitly set value in spec.oauthMetadata has precedence over this field. + // This field has no meaning if authentication spec.type is not set to IntegratedOAuth. + // The key "oauthMetadata" is used to locate the data. + // If the config map or expected key is not found, no metadata is served. + // If the specified metadata is not valid, no metadata is served. + // The namespace for this config map is openshift-config-managed. IntegratedOAuthMetadata *ConfigMapNameReferenceApplyConfiguration `json:"integratedOAuthMetadata,omitempty"` - OIDCClients []OIDCClientStatusApplyConfiguration `json:"oidcClients,omitempty"` + // oidcClients is where participating operators place the current OIDC client status for OIDC clients that can be customized by the cluster-admin. + OIDCClients []OIDCClientStatusApplyConfiguration `json:"oidcClients,omitempty"` } // AuthenticationStatusApplyConfiguration constructs a declarative configuration of the AuthenticationStatus type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/awsdnsspec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/awsdnsspec.go index 8ad662e23..457cb43ac 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/awsdnsspec.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/awsdnsspec.go @@ -4,7 +4,17 @@ package v1 // AWSDNSSpecApplyConfiguration represents a declarative configuration of the AWSDNSSpec type for use // with apply. +// +// AWSDNSSpec contains DNS configuration specific to the Amazon Web Services cloud provider. type AWSDNSSpecApplyConfiguration struct { + // privateZoneIAMRole contains the ARN of an IAM role that should be assumed when performing + // operations on the cluster's private hosted zone specified in the cluster DNS config. + // When left empty, no role should be assumed. + // + // The ARN must follow the format: arn::iam:::role/, where: + // is the AWS partition (aws, aws-cn, aws-us-gov, or aws-eusc), + // is a 12-digit numeric identifier for the AWS account, + // is the IAM role name. PrivateZoneIAMRole *string `json:"privateZoneIAMRole,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/awsingressspec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/awsingressspec.go index e67e67111..8b36891a5 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/awsingressspec.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/awsingressspec.go @@ -8,7 +8,25 @@ import ( // AWSIngressSpecApplyConfiguration represents a declarative configuration of the AWSIngressSpec type for use // with apply. +// +// AWSIngressSpec holds the desired state of the Ingress for Amazon Web Services infrastructure provider. +// This only includes fields that can be modified in the cluster. type AWSIngressSpecApplyConfiguration struct { + // type allows user to set a load balancer type. + // When this field is set the default ingresscontroller will get created using the specified LBType. + // If this field is not set then the default ingress controller of LBType Classic will be created. + // Valid values are: + // + // * "Classic": A Classic Load Balancer that makes routing decisions at either + // the transport layer (TCP/SSL) or the application layer (HTTP/HTTPS). See + // the following for additional details: + // + // https://docs.aws.amazon.com/AmazonECS/latest/developerguide/load-balancer-types.html#clb + // + // * "NLB": A Network Load Balancer that makes routing decisions at the + // transport layer (TCP/SSL). See the following for additional details: + // + // https://docs.aws.amazon.com/AmazonECS/latest/developerguide/load-balancer-types.html#nlb Type *configv1.AWSLBType `json:"type,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/awskmsconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/awskmsconfig.go deleted file mode 100644 index d09f6cbf6..000000000 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/awskmsconfig.go +++ /dev/null @@ -1,32 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1 - -// AWSKMSConfigApplyConfiguration represents a declarative configuration of the AWSKMSConfig type for use -// with apply. -type AWSKMSConfigApplyConfiguration struct { - KeyARN *string `json:"keyARN,omitempty"` - Region *string `json:"region,omitempty"` -} - -// AWSKMSConfigApplyConfiguration constructs a declarative configuration of the AWSKMSConfig type for use with -// apply. -func AWSKMSConfig() *AWSKMSConfigApplyConfiguration { - return &AWSKMSConfigApplyConfiguration{} -} - -// WithKeyARN sets the KeyARN field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the KeyARN field is set to the value of the last call. -func (b *AWSKMSConfigApplyConfiguration) WithKeyARN(value string) *AWSKMSConfigApplyConfiguration { - b.KeyARN = &value - return b -} - -// WithRegion sets the Region field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Region field is set to the value of the last call. -func (b *AWSKMSConfigApplyConfiguration) WithRegion(value string) *AWSKMSConfigApplyConfiguration { - b.Region = &value - return b -} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/awsplatformspec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/awsplatformspec.go index 85361e7a2..710a769f9 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/awsplatformspec.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/awsplatformspec.go @@ -4,7 +4,13 @@ package v1 // AWSPlatformSpecApplyConfiguration represents a declarative configuration of the AWSPlatformSpec type for use // with apply. +// +// AWSPlatformSpec holds the desired state of the Amazon Web Services infrastructure provider. +// This only includes fields that can be modified in the cluster. type AWSPlatformSpecApplyConfiguration struct { + // serviceEndpoints list contains custom endpoints which will override default + // service endpoint of AWS Services. + // There must be only one ServiceEndpoint for a service. ServiceEndpoints []AWSServiceEndpointApplyConfiguration `json:"serviceEndpoints,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/awsplatformstatus.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/awsplatformstatus.go index 53d86d2fd..33007c210 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/awsplatformstatus.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/awsplatformstatus.go @@ -8,12 +8,32 @@ import ( // AWSPlatformStatusApplyConfiguration represents a declarative configuration of the AWSPlatformStatus type for use // with apply. +// +// AWSPlatformStatus holds the current status of the Amazon Web Services infrastructure provider. type AWSPlatformStatusApplyConfiguration struct { - Region *string `json:"region,omitempty"` - ServiceEndpoints []AWSServiceEndpointApplyConfiguration `json:"serviceEndpoints,omitempty"` - ResourceTags []AWSResourceTagApplyConfiguration `json:"resourceTags,omitempty"` + // region holds the default AWS region for new AWS resources created by the cluster. + Region *string `json:"region,omitempty"` + // serviceEndpoints list contains custom endpoints which will override default + // service endpoint of AWS Services. + // There must be only one ServiceEndpoint for a service. + ServiceEndpoints []AWSServiceEndpointApplyConfiguration `json:"serviceEndpoints,omitempty"` + // resourceTags is a list of additional tags to apply to AWS resources created for the cluster. + // See https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html for information on tagging AWS resources. + // AWS supports a maximum of 50 tags per resource. OpenShift reserves 25 tags for its use, leaving 25 tags + // available for the user. + ResourceTags []AWSResourceTagApplyConfiguration `json:"resourceTags,omitempty"` + // cloudLoadBalancerConfig holds configuration related to DNS and cloud + // load balancers. It allows configuration of in-cluster DNS as an alternative + // to the platform default DNS implementation. + // When using the ClusterHosted DNS type, Load Balancer IP addresses + // must be provided for the API and internal API load balancers as well as the + // ingress load balancer. CloudLoadBalancerConfig *CloudLoadBalancerConfigApplyConfiguration `json:"cloudLoadBalancerConfig,omitempty"` - IPFamily *configv1.IPFamilyType `json:"ipFamily,omitempty"` + // ipFamily specifies the IP protocol family that should be used for AWS + // network resources. This controls whether AWS resources are created with + // IPv4-only, or dual-stack networking with IPv4 or IPv6 as the primary + // protocol family. + IPFamily *configv1.IPFamilyType `json:"ipFamily,omitempty"` } // AWSPlatformStatusApplyConfiguration constructs a declarative configuration of the AWSPlatformStatus type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/awsresourcetag.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/awsresourcetag.go index 766157a07..d602bdeae 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/awsresourcetag.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/awsresourcetag.go @@ -4,8 +4,18 @@ package v1 // AWSResourceTagApplyConfiguration represents a declarative configuration of the AWSResourceTag type for use // with apply. +// +// AWSResourceTag is a tag to apply to AWS resources created for the cluster. type AWSResourceTagApplyConfiguration struct { - Key *string `json:"key,omitempty"` + // key sets the key of the AWS resource tag key-value pair. Key is required when defining an AWS resource tag. + // Key should consist of between 1 and 128 characters, and may + // contain only the set of alphanumeric characters, space (' '), '_', '.', '/', '=', '+', '-', ':', and '@'. + Key *string `json:"key,omitempty"` + // value sets the value of the AWS resource tag key-value pair. Value is required when defining an AWS resource tag. + // Value should consist of between 1 and 256 characters, and may + // contain only the set of alphanumeric characters, space (' '), '_', '.', '/', '=', '+', '-', ':', and '@'. + // Some AWS service do not support empty values. Since tags are added to resources in many services, the + // length of the tag value must meet the requirements of all services. Value *string `json:"value,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/awsserviceendpoint.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/awsserviceendpoint.go index 5d4f38882..cde2d5cbf 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/awsserviceendpoint.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/awsserviceendpoint.go @@ -4,9 +4,18 @@ package v1 // AWSServiceEndpointApplyConfiguration represents a declarative configuration of the AWSServiceEndpoint type for use // with apply. +// +// AWSServiceEndpoint store the configuration of a custom url to +// override existing defaults of AWS Services. type AWSServiceEndpointApplyConfiguration struct { + // name is the name of the AWS service. + // The list of all the service names can be found at https://docs.aws.amazon.com/general/latest/gr/aws-service-information.html + // This must be provided and cannot be empty. Name *string `json:"name,omitempty"` - URL *string `json:"url,omitempty"` + // url is fully qualified URI with scheme https, that overrides the default generated + // endpoint for a client. + // This must be provided and cannot be empty. + URL *string `json:"url,omitempty"` } // AWSServiceEndpointApplyConfiguration constructs a declarative configuration of the AWSServiceEndpoint type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/azureplatformstatus.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/azureplatformstatus.go index 774641c82..a3cf6c97c 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/azureplatformstatus.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/azureplatformstatus.go @@ -8,14 +8,37 @@ import ( // AzurePlatformStatusApplyConfiguration represents a declarative configuration of the AzurePlatformStatus type for use // with apply. +// +// AzurePlatformStatus holds the current status of the Azure infrastructure provider. type AzurePlatformStatusApplyConfiguration struct { - ResourceGroupName *string `json:"resourceGroupName,omitempty"` - NetworkResourceGroupName *string `json:"networkResourceGroupName,omitempty"` - CloudName *configv1.AzureCloudEnvironment `json:"cloudName,omitempty"` - ARMEndpoint *string `json:"armEndpoint,omitempty"` - ResourceTags []AzureResourceTagApplyConfiguration `json:"resourceTags,omitempty"` - CloudLoadBalancerConfig *CloudLoadBalancerConfigApplyConfiguration `json:"cloudLoadBalancerConfig,omitempty"` - IPFamily *configv1.IPFamilyType `json:"ipFamily,omitempty"` + // resourceGroupName is the Resource Group for new Azure resources created for the cluster. + ResourceGroupName *string `json:"resourceGroupName,omitempty"` + // networkResourceGroupName is the Resource Group for network resources like the Virtual Network and Subnets used by the cluster. + // If empty, the value is same as ResourceGroupName. + NetworkResourceGroupName *string `json:"networkResourceGroupName,omitempty"` + // cloudName is the name of the Azure cloud environment which can be used to configure the Azure SDK + // with the appropriate Azure API endpoints. + // If empty, the value is equal to `AzurePublicCloud`. + CloudName *configv1.AzureCloudEnvironment `json:"cloudName,omitempty"` + // armEndpoint specifies a URL to use for resource management in non-soverign clouds such as Azure Stack. + ARMEndpoint *string `json:"armEndpoint,omitempty"` + // resourceTags is a list of additional tags to apply to Azure resources created for the cluster. + // See https://docs.microsoft.com/en-us/rest/api/resources/tags for information on tagging Azure resources. + // Due to limitations on Automation, Content Delivery Network, DNS Azure resources, a maximum of 15 tags + // may be applied. OpenShift reserves 5 tags for internal use, allowing 10 tags for user configuration. + ResourceTags []AzureResourceTagApplyConfiguration `json:"resourceTags,omitempty"` + // cloudLoadBalancerConfig holds configuration related to DNS and cloud + // load balancers. It allows configuration of in-cluster DNS as an alternative + // to the platform default DNS implementation. + // When using the ClusterHosted DNS type, Load Balancer IP addresses + // must be provided for the API and internal API load balancers as well as the + // ingress load balancer. + CloudLoadBalancerConfig *CloudLoadBalancerConfigApplyConfiguration `json:"cloudLoadBalancerConfig,omitempty"` + // ipFamily specifies the IP protocol family that should be used for Azure + // network resources. This controls whether Azure resources are created with + // IPv4-only, or dual-stack networking with IPv4 or IPv6 as the primary + // protocol family. + IPFamily *configv1.IPFamilyType `json:"ipFamily,omitempty"` } // AzurePlatformStatusApplyConfiguration constructs a declarative configuration of the AzurePlatformStatus type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/azureresourcetag.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/azureresourcetag.go index 980d2a168..6a170ace0 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/azureresourcetag.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/azureresourcetag.go @@ -4,8 +4,15 @@ package v1 // AzureResourceTagApplyConfiguration represents a declarative configuration of the AzureResourceTag type for use // with apply. +// +// AzureResourceTag is a tag to apply to Azure resources created for the cluster. type AzureResourceTagApplyConfiguration struct { - Key *string `json:"key,omitempty"` + // key is the key part of the tag. A tag key can have a maximum of 128 characters and cannot be empty. Key + // must begin with a letter, end with a letter, number or underscore, and must contain only alphanumeric + // characters and the following special characters `_ . -`. + Key *string `json:"key,omitempty"` + // value is the value part of the tag. A tag value can have a maximum of 256 characters and cannot be empty. Value + // must contain only alphanumeric characters and the following special characters `_ + , - . / : ; < = > ? @`. Value *string `json:"value,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/baremetalplatformloadbalancer.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/baremetalplatformloadbalancer.go index 4a7405ad8..feef004d0 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/baremetalplatformloadbalancer.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/baremetalplatformloadbalancer.go @@ -8,7 +8,18 @@ import ( // BareMetalPlatformLoadBalancerApplyConfiguration represents a declarative configuration of the BareMetalPlatformLoadBalancer type for use // with apply. +// +// BareMetalPlatformLoadBalancer defines the load balancer used by the cluster on BareMetal platform. type BareMetalPlatformLoadBalancerApplyConfiguration struct { + // type defines the type of load balancer used by the cluster on BareMetal platform + // which can be a user-managed or openshift-managed load balancer + // that is to be used for the OpenShift API and Ingress endpoints. + // When set to OpenShiftManagedDefault the static pods in charge of API and Ingress traffic load-balancing + // defined in the machine config operator will be deployed. + // When set to UserManaged these static pods will not be deployed and it is expected that + // the load balancer is configured out of band by the deployer. + // When omitted, this means no opinion and the platform is left to choose a reasonable default. + // The default value is OpenShiftManagedDefault. Type *configv1.PlatformLoadBalancerType `json:"type,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/baremetalplatformspec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/baremetalplatformspec.go index 81d808775..bb3e073e7 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/baremetalplatformspec.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/baremetalplatformspec.go @@ -8,10 +8,33 @@ import ( // BareMetalPlatformSpecApplyConfiguration represents a declarative configuration of the BareMetalPlatformSpec type for use // with apply. +// +// BareMetalPlatformSpec holds the desired state of the BareMetal infrastructure provider. +// This only includes fields that can be modified in the cluster. type BareMetalPlatformSpecApplyConfiguration struct { - APIServerInternalIPs []configv1.IP `json:"apiServerInternalIPs,omitempty"` - IngressIPs []configv1.IP `json:"ingressIPs,omitempty"` - MachineNetworks []configv1.CIDR `json:"machineNetworks,omitempty"` + // apiServerInternalIPs are the IP addresses to contact the Kubernetes API + // server that can be used by components inside the cluster, like kubelets + // using the infrastructure rather than Kubernetes networking. These are the + // IPs for a self-hosted load balancer in front of the API servers. + // In dual stack clusters this list contains two IP addresses, one from IPv4 + // family and one from IPv6. + // In single stack clusters a single IP address is expected. + // When omitted, values from the status.apiServerInternalIPs will be used. + // Once set, the list cannot be completely removed (but its second entry can). + APIServerInternalIPs []configv1.IP `json:"apiServerInternalIPs,omitempty"` + // ingressIPs are the external IPs which route to the default ingress + // controller. The IPs are suitable targets of a wildcard DNS record used to + // resolve default route host names. + // In dual stack clusters this list contains two IP addresses, one from IPv4 + // family and one from IPv6. + // In single stack clusters a single IP address is expected. + // When omitted, values from the status.ingressIPs will be used. + // Once set, the list cannot be completely removed (but its second entry can). + IngressIPs []configv1.IP `json:"ingressIPs,omitempty"` + // machineNetworks are IP networks used to connect all the OpenShift cluster + // nodes. Each network is provided in the CIDR format and should be IPv4 or IPv6, + // for example "10.0.0.0/8" or "fd00::/8". + MachineNetworks []configv1.CIDR `json:"machineNetworks,omitempty"` } // BareMetalPlatformSpecApplyConfiguration constructs a declarative configuration of the BareMetalPlatformSpec type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/baremetalplatformstatus.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/baremetalplatformstatus.go index 315dc309c..1f6dd6df6 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/baremetalplatformstatus.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/baremetalplatformstatus.go @@ -8,15 +8,58 @@ import ( // BareMetalPlatformStatusApplyConfiguration represents a declarative configuration of the BareMetalPlatformStatus type for use // with apply. +// +// BareMetalPlatformStatus holds the current status of the BareMetal infrastructure provider. +// For more information about the network architecture used with the BareMetal platform type, see: +// https://github.com/openshift/installer/blob/master/docs/design/baremetal/networking-infrastructure.md type BareMetalPlatformStatusApplyConfiguration struct { - APIServerInternalIP *string `json:"apiServerInternalIP,omitempty"` - APIServerInternalIPs []string `json:"apiServerInternalIPs,omitempty"` - IngressIP *string `json:"ingressIP,omitempty"` - IngressIPs []string `json:"ingressIPs,omitempty"` - NodeDNSIP *string `json:"nodeDNSIP,omitempty"` - LoadBalancer *BareMetalPlatformLoadBalancerApplyConfiguration `json:"loadBalancer,omitempty"` - DNSRecordsType *configv1.DNSRecordsType `json:"dnsRecordsType,omitempty"` - MachineNetworks []configv1.CIDR `json:"machineNetworks,omitempty"` + // apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used + // by components inside the cluster, like kubelets using the infrastructure rather + // than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI + // points to. It is the IP for a self-hosted load balancer in front of the API servers. + // + // Deprecated: Use APIServerInternalIPs instead. + APIServerInternalIP *string `json:"apiServerInternalIP,omitempty"` + // apiServerInternalIPs are the IP addresses to contact the Kubernetes API + // server that can be used by components inside the cluster, like kubelets + // using the infrastructure rather than Kubernetes networking. These are the + // IPs for a self-hosted load balancer in front of the API servers. In dual + // stack clusters this list contains two IPs otherwise only one. + APIServerInternalIPs []string `json:"apiServerInternalIPs,omitempty"` + // ingressIP is an external IP which routes to the default ingress controller. + // The IP is a suitable target of a wildcard DNS record used to resolve default route host names. + // + // Deprecated: Use IngressIPs instead. + IngressIP *string `json:"ingressIP,omitempty"` + // ingressIPs are the external IPs which route to the default ingress + // controller. The IPs are suitable targets of a wildcard DNS record used to + // resolve default route host names. In dual stack clusters this list + // contains two IPs otherwise only one. + IngressIPs []string `json:"ingressIPs,omitempty"` + // nodeDNSIP is the IP address for the internal DNS used by the + // nodes. Unlike the one managed by the DNS operator, `NodeDNSIP` + // provides name resolution for the nodes themselves. There is no DNS-as-a-service for + // BareMetal deployments. In order to minimize necessary changes to the + // datacenter DNS, a DNS service is hosted as a static pod to serve those hostnames + // to the nodes in the cluster. + NodeDNSIP *string `json:"nodeDNSIP,omitempty"` + // loadBalancer defines how the load balancer used by the cluster is configured. + LoadBalancer *BareMetalPlatformLoadBalancerApplyConfiguration `json:"loadBalancer,omitempty"` + // dnsRecordsType determines whether records for api, api-int, and ingress + // are provided by the internal DNS service or externally. + // Allowed values are `Internal`, `External`, and omitted. + // When set to `Internal`, records are provided by the internal infrastructure and + // no additional user configuration is required for the cluster to function. + // When set to `External`, records are not provided by the internal infrastructure + // and must be configured by the user on a DNS server outside the cluster. + // Cluster nodes must use this external server for their upstream DNS requests. + // This value may only be set when loadBalancer.type is set to UserManaged. + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // The current default is `Internal`. + DNSRecordsType *configv1.DNSRecordsType `json:"dnsRecordsType,omitempty"` + // machineNetworks are IP networks used to connect all the OpenShift cluster nodes. + MachineNetworks []configv1.CIDR `json:"machineNetworks,omitempty"` } // BareMetalPlatformStatusApplyConfiguration constructs a declarative configuration of the BareMetalPlatformStatus type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/basicauthidentityprovider.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/basicauthidentityprovider.go index 88f30314d..68b7cb106 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/basicauthidentityprovider.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/basicauthidentityprovider.go @@ -4,7 +4,10 @@ package v1 // BasicAuthIdentityProviderApplyConfiguration represents a declarative configuration of the BasicAuthIdentityProvider type for use // with apply. +// +// BasicAuthPasswordIdentityProvider provides identities for users authenticating using HTTP basic auth credentials type BasicAuthIdentityProviderApplyConfiguration struct { + // OAuthRemoteConnectionInfo contains information about how to connect to the external basic auth server OAuthRemoteConnectionInfoApplyConfiguration `json:",inline"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/build.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/build.go index 606505281..f44c227ac 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/build.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/build.go @@ -13,10 +13,20 @@ import ( // BuildApplyConfiguration represents a declarative configuration of the Build type for use // with apply. +// +// Build configures the behavior of OpenShift builds for the entire cluster. +// This includes default settings that can be overridden in BuildConfig objects, and overrides which are applied to all builds. +// +// The canonical name is "cluster" +// +// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). type BuildApplyConfiguration struct { - metav1.TypeMetaApplyConfiguration `json:",inline"` + metav1.TypeMetaApplyConfiguration `json:",inline"` + // metadata is the standard object's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata *metav1.ObjectMetaApplyConfiguration `json:"metadata,omitempty"` - Spec *BuildSpecApplyConfiguration `json:"spec,omitempty"` + // spec holds user-settable values for the build controller configuration + Spec *BuildSpecApplyConfiguration `json:"spec,omitempty"` } // Build constructs a declarative configuration of the Build type for use with @@ -29,29 +39,14 @@ func Build(name string) *BuildApplyConfiguration { return b } -// ExtractBuild extracts the applied configuration owned by fieldManager from -// build. If no managedFields are found in build for fieldManager, a -// BuildApplyConfiguration is returned with only the Name, Namespace (if applicable), -// APIVersion and Kind populated. It is possible that no managed fields were found for because other -// field managers have taken ownership of all the fields previously owned by fieldManager, or because -// the fieldManager never owned fields any fields. +// ExtractBuildFrom extracts the applied configuration owned by fieldManager from +// build for the specified subresource. Pass an empty string for subresource to extract +// the main resource. Common subresources include "status", "scale", etc. // build must be a unmodified Build API object that was retrieved from the Kubernetes API. -// ExtractBuild provides a way to perform a extract/modify-in-place/apply workflow. +// ExtractBuildFrom provides a way to perform a extract/modify-in-place/apply workflow. // Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously // applied if another fieldManager has updated or force applied any of the previously applied fields. -// Experimental! -func ExtractBuild(build *configv1.Build, fieldManager string) (*BuildApplyConfiguration, error) { - return extractBuild(build, fieldManager, "") -} - -// ExtractBuildStatus is the same as ExtractBuild except -// that it extracts the status subresource applied configuration. -// Experimental! -func ExtractBuildStatus(build *configv1.Build, fieldManager string) (*BuildApplyConfiguration, error) { - return extractBuild(build, fieldManager, "status") -} - -func extractBuild(build *configv1.Build, fieldManager string, subresource string) (*BuildApplyConfiguration, error) { +func ExtractBuildFrom(build *configv1.Build, fieldManager string, subresource string) (*BuildApplyConfiguration, error) { b := &BuildApplyConfiguration{} err := managedfields.ExtractInto(build, internal.Parser().Type("com.github.openshift.api.config.v1.Build"), fieldManager, b, subresource) if err != nil { @@ -63,6 +58,21 @@ func extractBuild(build *configv1.Build, fieldManager string, subresource string b.WithAPIVersion("config.openshift.io/v1") return b, nil } + +// ExtractBuild extracts the applied configuration owned by fieldManager from +// build. If no managedFields are found in build for fieldManager, a +// BuildApplyConfiguration is returned with only the Name, Namespace (if applicable), +// APIVersion and Kind populated. It is possible that no managed fields were found for because other +// field managers have taken ownership of all the fields previously owned by fieldManager, or because +// the fieldManager never owned fields any fields. +// build must be a unmodified Build API object that was retrieved from the Kubernetes API. +// ExtractBuild provides a way to perform a extract/modify-in-place/apply workflow. +// Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously +// applied if another fieldManager has updated or force applied any of the previously applied fields. +func ExtractBuild(build *configv1.Build, fieldManager string) (*BuildApplyConfiguration, error) { + return ExtractBuildFrom(build, fieldManager, "") +} + func (b BuildApplyConfiguration) IsApplyConfiguration() {} // WithKind sets the Kind field in the declarative configuration to the given value diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/builddefaults.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/builddefaults.go index ece924419..33fa94f14 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/builddefaults.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/builddefaults.go @@ -9,11 +9,26 @@ import ( // BuildDefaultsApplyConfiguration represents a declarative configuration of the BuildDefaults type for use // with apply. type BuildDefaultsApplyConfiguration struct { - DefaultProxy *ProxySpecApplyConfiguration `json:"defaultProxy,omitempty"` - GitProxy *ProxySpecApplyConfiguration `json:"gitProxy,omitempty"` - Env []corev1.EnvVar `json:"env,omitempty"` - ImageLabels []ImageLabelApplyConfiguration `json:"imageLabels,omitempty"` - Resources *corev1.ResourceRequirements `json:"resources,omitempty"` + // defaultProxy contains the default proxy settings for all build operations, including image pull/push + // and source download. + // + // Values can be overrode by setting the `HTTP_PROXY`, `HTTPS_PROXY`, and `NO_PROXY` environment variables + // in the build config's strategy. + DefaultProxy *ProxySpecApplyConfiguration `json:"defaultProxy,omitempty"` + // gitProxy contains the proxy settings for git operations only. If set, this will override + // any Proxy settings for all git commands, such as git clone. + // + // Values that are not set here will be inherited from DefaultProxy. + GitProxy *ProxySpecApplyConfiguration `json:"gitProxy,omitempty"` + // env is a set of default environment variables that will be applied to the + // build if the specified variables do not exist on the build + Env []corev1.EnvVar `json:"env,omitempty"` + // imageLabels is a list of docker labels that are applied to the resulting image. + // User can override a default label by providing a label with the same name in their + // Build/BuildConfig. + ImageLabels []ImageLabelApplyConfiguration `json:"imageLabels,omitempty"` + // resources defines resource requirements to execute the build. + Resources *corev1.ResourceRequirements `json:"resources,omitempty"` } // BuildDefaultsApplyConfiguration constructs a declarative configuration of the BuildDefaults type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/buildoverrides.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/buildoverrides.go index 948bc9e8a..669d5e02c 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/buildoverrides.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/buildoverrides.go @@ -9,10 +9,20 @@ import ( // BuildOverridesApplyConfiguration represents a declarative configuration of the BuildOverrides type for use // with apply. type BuildOverridesApplyConfiguration struct { - ImageLabels []ImageLabelApplyConfiguration `json:"imageLabels,omitempty"` - NodeSelector map[string]string `json:"nodeSelector,omitempty"` - Tolerations []corev1.Toleration `json:"tolerations,omitempty"` - ForcePull *bool `json:"forcePull,omitempty"` + // imageLabels is a list of docker labels that are applied to the resulting image. + // If user provided a label in their Build/BuildConfig with the same name as one in this + // list, the user's label will be overwritten. + ImageLabels []ImageLabelApplyConfiguration `json:"imageLabels,omitempty"` + // nodeSelector is a selector which must be true for the build pod to fit on a node + NodeSelector map[string]string `json:"nodeSelector,omitempty"` + // tolerations is a list of Tolerations that will override any existing + // tolerations set on a build pod. + Tolerations []corev1.Toleration `json:"tolerations,omitempty"` + // forcePull overrides, if set, the equivalent value in the builds, + // i.e. false disables force pull for all builds, + // true enables force pull for all builds, + // independently of what each build specifies itself + ForcePull *bool `json:"forcePull,omitempty"` } // BuildOverridesApplyConfiguration constructs a declarative configuration of the BuildOverrides type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/buildspec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/buildspec.go index 1b8cb7054..e30fd76f1 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/buildspec.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/buildspec.go @@ -5,9 +5,17 @@ package v1 // BuildSpecApplyConfiguration represents a declarative configuration of the BuildSpec type for use // with apply. type BuildSpecApplyConfiguration struct { + // additionalTrustedCA is a reference to a ConfigMap containing additional CAs that + // should be trusted for image pushes and pulls during builds. + // The namespace for this config map is openshift-config. + // + // DEPRECATED: Additional CAs for image pull and push should be set on + // image.config.openshift.io/cluster instead. AdditionalTrustedCA *ConfigMapNameReferenceApplyConfiguration `json:"additionalTrustedCA,omitempty"` - BuildDefaults *BuildDefaultsApplyConfiguration `json:"buildDefaults,omitempty"` - BuildOverrides *BuildOverridesApplyConfiguration `json:"buildOverrides,omitempty"` + // buildDefaults controls the default information for Builds + BuildDefaults *BuildDefaultsApplyConfiguration `json:"buildDefaults,omitempty"` + // buildOverrides controls override settings for builds + BuildOverrides *BuildOverridesApplyConfiguration `json:"buildOverrides,omitempty"` } // BuildSpecApplyConfiguration constructs a declarative configuration of the BuildSpec type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/clientcredentialconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/clientcredentialconfig.go new file mode 100644 index 000000000..c23f4d530 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/clientcredentialconfig.go @@ -0,0 +1,98 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +import ( + configv1 "github.com/openshift/api/config/v1" +) + +// ClientCredentialConfigApplyConfiguration represents a declarative configuration of the ClientCredentialConfig type for use +// with apply. +// +// ClientCredentialConfig configures the client credentials and token endpoint +// to use to get an access token via the OAuth2 client credentials grant flow. +type ClientCredentialConfigApplyConfiguration struct { + // clientID is a required client identifier to use during the OAuth2 client credentials flow. + // clientID must be at least 1 character in length, must not exceed 256 characters in length, + // and must only contain printable ASCII characters. + ClientID *string `json:"clientID,omitempty"` + // clientSecret is a required reference to a Secret in the openshift-config namespace to be used + // as the client secret during the OAuth2 client credentials flow. + // + // The key 'client-secret' is used to locate the client secret data in the Secret. + ClientSecret *ClientSecretSecretReferenceApplyConfiguration `json:"clientSecret,omitempty"` + // tokenEndpoint is a required URL to query for an access token using + // the client credential OAuth2 flow. + // tokenEndpoint must be at least 1 character in length and must not exceed 2048 characters in length. + // tokenEndpoint must be a valid HTTPS URL. + // tokenEndpoint must have a host and a path. + // tokenEndpoint must not contain query parameters, fragments, + // or user information (e.g., "user:password@host"). + TokenEndpoint *string `json:"tokenEndpoint,omitempty"` + // scopes is an optional list of OAuth2 scopes to request when obtaining + // an access token. + // + // If not specified, the token endpoint's default scopes + // will be used. + // + // When specified, there must be at least 1 entry and must not exceed 16 entries. + // Each entry must be at least 1 character in length and must not exceed 256 characters in length. + // Each entry must only contain printable ASCII characters, excluding spaces, double quotes and backslashes. + // Entries must be unique. + Scopes []configv1.OAuth2Scope `json:"scopes,omitempty"` + // tls is an optional field that allows configuring the TLS + // settings used to interact with the identity provider + // as an OAuth2 client. + // + // When omitted, system default TLS settings will be used + // for the OAuth2 client. + TLS *ExternalSourceTLSApplyConfiguration `json:"tls,omitempty"` +} + +// ClientCredentialConfigApplyConfiguration constructs a declarative configuration of the ClientCredentialConfig type for use with +// apply. +func ClientCredentialConfig() *ClientCredentialConfigApplyConfiguration { + return &ClientCredentialConfigApplyConfiguration{} +} + +// WithClientID sets the ClientID field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the ClientID field is set to the value of the last call. +func (b *ClientCredentialConfigApplyConfiguration) WithClientID(value string) *ClientCredentialConfigApplyConfiguration { + b.ClientID = &value + return b +} + +// WithClientSecret sets the ClientSecret field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the ClientSecret field is set to the value of the last call. +func (b *ClientCredentialConfigApplyConfiguration) WithClientSecret(value *ClientSecretSecretReferenceApplyConfiguration) *ClientCredentialConfigApplyConfiguration { + b.ClientSecret = value + return b +} + +// WithTokenEndpoint sets the TokenEndpoint field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the TokenEndpoint field is set to the value of the last call. +func (b *ClientCredentialConfigApplyConfiguration) WithTokenEndpoint(value string) *ClientCredentialConfigApplyConfiguration { + b.TokenEndpoint = &value + return b +} + +// WithScopes adds the given value to the Scopes field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Scopes field. +func (b *ClientCredentialConfigApplyConfiguration) WithScopes(values ...configv1.OAuth2Scope) *ClientCredentialConfigApplyConfiguration { + for i := range values { + b.Scopes = append(b.Scopes, values[i]) + } + return b +} + +// WithTLS sets the TLS field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the TLS field is set to the value of the last call. +func (b *ClientCredentialConfigApplyConfiguration) WithTLS(value *ExternalSourceTLSApplyConfiguration) *ClientCredentialConfigApplyConfiguration { + b.TLS = value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/clientsecretsecretreference.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/clientsecretsecretreference.go new file mode 100644 index 000000000..5b2a8fe03 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/clientsecretsecretreference.go @@ -0,0 +1,32 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +// ClientSecretSecretReferenceApplyConfiguration represents a declarative configuration of the ClientSecretSecretReference type for use +// with apply. +// +// ClientSecretSecretReference is a reference to a Secret in the openshift-config +// namespace that should be used for configuring the client secret to be +// used when sourcing claims from external sources with the client credential authentication flow. +type ClientSecretSecretReferenceApplyConfiguration struct { + // name is the required name of the Secret that exists in the openshift-config namespace. + // + // It must be at least 1 character in length, must not exceed 253 characters in length, + // must start and end with a lowercase alphanumeric character, and must only contain + // lowercase alphanumeric characters, '-' or '.'. + Name *string `json:"name,omitempty"` +} + +// ClientSecretSecretReferenceApplyConfiguration constructs a declarative configuration of the ClientSecretSecretReference type for use with +// apply. +func ClientSecretSecretReference() *ClientSecretSecretReferenceApplyConfiguration { + return &ClientSecretSecretReferenceApplyConfiguration{} +} + +// WithName sets the Name field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Name field is set to the value of the last call. +func (b *ClientSecretSecretReferenceApplyConfiguration) WithName(value string) *ClientSecretSecretReferenceApplyConfiguration { + b.Name = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/cloudcontrollermanagerstatus.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/cloudcontrollermanagerstatus.go index 79850b75e..efc48bab6 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/cloudcontrollermanagerstatus.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/cloudcontrollermanagerstatus.go @@ -8,7 +8,18 @@ import ( // CloudControllerManagerStatusApplyConfiguration represents a declarative configuration of the CloudControllerManagerStatus type for use // with apply. +// +// CloudControllerManagerStatus holds the state of Cloud Controller Manager (a.k.a. CCM or CPI) related settings type CloudControllerManagerStatusApplyConfiguration struct { + // state determines whether or not an external Cloud Controller Manager is expected to + // be installed within the cluster. + // https://kubernetes.io/docs/tasks/administer-cluster/running-cloud-controller/#running-cloud-controller-manager + // + // Valid values are "External", "None" and omitted. + // When set to "External", new nodes will be tainted as uninitialized when created, + // preventing them from running workloads until they are initialized by the cloud controller manager. + // When omitted or set to "None", new nodes will be not tainted + // and no extra initialization from the cloud controller manager is expected. State *configv1.CloudControllerManagerState `json:"state,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/cloudloadbalancerconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/cloudloadbalancerconfig.go index d73faf3f2..e4677d197 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/cloudloadbalancerconfig.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/cloudloadbalancerconfig.go @@ -8,8 +8,27 @@ import ( // CloudLoadBalancerConfigApplyConfiguration represents a declarative configuration of the CloudLoadBalancerConfig type for use // with apply. +// +// CloudLoadBalancerConfig contains an union discriminator indicating the type of DNS +// solution in use within the cluster. When the DNSType is `ClusterHosted`, the cloud's +// Load Balancer configuration needs to be provided so that the DNS solution hosted +// within the cluster can be configured with those values. type CloudLoadBalancerConfigApplyConfiguration struct { - DNSType *configv1.DNSType `json:"dnsType,omitempty"` + // dnsType indicates the type of DNS solution in use within the cluster. Its default value of + // `PlatformDefault` indicates that the cluster's DNS is the default provided by the cloud platform. + // It can be set to `ClusterHosted` to bypass the configuration of the cloud default DNS. In this mode, + // the cluster needs to provide a self-hosted DNS solution for the cluster's installation to succeed. + // The cluster's use of the cloud's Load Balancers is unaffected by this setting. + // The value is immutable after it has been set at install time. + // Currently, there is no way for the customer to add additional DNS entries into the cluster hosted DNS. + // Enabling this functionality allows the user to start their own DNS solution outside the cluster after + // installation is complete. The customer would be responsible for configuring this custom DNS solution, + // and it can be run in addition to the in-cluster DNS solution. + DNSType *configv1.DNSType `json:"dnsType,omitempty"` + // clusterHosted holds the IP addresses of API, API-Int and Ingress Load + // Balancers on Cloud Platforms. The DNS solution hosted within the cluster + // use these IP addresses to provide resolution for API, API-Int and Ingress + // services. ClusterHosted *CloudLoadBalancerIPsApplyConfiguration `json:"clusterHosted,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/cloudloadbalancerips.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/cloudloadbalancerips.go index ce7f25850..1ac93beee 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/cloudloadbalancerips.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/cloudloadbalancerips.go @@ -8,9 +8,27 @@ import ( // CloudLoadBalancerIPsApplyConfiguration represents a declarative configuration of the CloudLoadBalancerIPs type for use // with apply. +// +// CloudLoadBalancerIPs contains the Load Balancer IPs for the cloud's API, +// API-Int and Ingress Load balancers. They will be populated as soon as the +// respective Load Balancers have been configured. These values are utilized +// to configure the DNS solution hosted within the cluster. type CloudLoadBalancerIPsApplyConfiguration struct { - APIIntLoadBalancerIPs []configv1.IP `json:"apiIntLoadBalancerIPs,omitempty"` - APILoadBalancerIPs []configv1.IP `json:"apiLoadBalancerIPs,omitempty"` + // apiIntLoadBalancerIPs holds Load Balancer IPs for the internal API service. + // These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + // Entries in the apiIntLoadBalancerIPs must be unique. + // A maximum of 16 IP addresses are permitted. + APIIntLoadBalancerIPs []configv1.IP `json:"apiIntLoadBalancerIPs,omitempty"` + // apiLoadBalancerIPs holds Load Balancer IPs for the API service. + // These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + // Could be empty for private clusters. + // Entries in the apiLoadBalancerIPs must be unique. + // A maximum of 16 IP addresses are permitted. + APILoadBalancerIPs []configv1.IP `json:"apiLoadBalancerIPs,omitempty"` + // ingressLoadBalancerIPs holds IPs for Ingress Load Balancers. + // These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + // Entries in the ingressLoadBalancerIPs must be unique. + // A maximum of 16 IP addresses are permitted. IngressLoadBalancerIPs []configv1.IP `json:"ingressLoadBalancerIPs,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/clustercondition.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/clustercondition.go index d71c182cf..fddf4243d 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/clustercondition.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/clustercondition.go @@ -4,8 +4,16 @@ package v1 // ClusterConditionApplyConfiguration represents a declarative configuration of the ClusterCondition type for use // with apply. +// +// ClusterCondition is a union of typed cluster conditions. The 'type' +// property determines which of the type-specific properties are relevant. +// When evaluated on a cluster, the condition may match, not match, or +// fail to evaluate. type ClusterConditionApplyConfiguration struct { - Type *string `json:"type,omitempty"` + // type represents the cluster-condition type. This defines + // the members and semantics of any additional properties. + Type *string `json:"type,omitempty"` + // promql represents a cluster condition based on PromQL. PromQL *PromQLClusterConditionApplyConfiguration `json:"promql,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/clusterimagepolicy.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/clusterimagepolicy.go index eb722c572..82e34d112 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/clusterimagepolicy.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/clusterimagepolicy.go @@ -13,11 +13,19 @@ import ( // ClusterImagePolicyApplyConfiguration represents a declarative configuration of the ClusterImagePolicy type for use // with apply. +// +// # ClusterImagePolicy holds cluster-wide configuration for image signature verification +// +// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). type ClusterImagePolicyApplyConfiguration struct { - metav1.TypeMetaApplyConfiguration `json:",inline"` + metav1.TypeMetaApplyConfiguration `json:",inline"` + // metadata is the standard object's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata *metav1.ObjectMetaApplyConfiguration `json:"metadata,omitempty"` - Spec *ClusterImagePolicySpecApplyConfiguration `json:"spec,omitempty"` - Status *ClusterImagePolicyStatusApplyConfiguration `json:"status,omitempty"` + // spec contains the configuration for the cluster image policy. + Spec *ClusterImagePolicySpecApplyConfiguration `json:"spec,omitempty"` + // status contains the observed state of the resource. + Status *ClusterImagePolicyStatusApplyConfiguration `json:"status,omitempty"` } // ClusterImagePolicy constructs a declarative configuration of the ClusterImagePolicy type for use with @@ -30,6 +38,26 @@ func ClusterImagePolicy(name string) *ClusterImagePolicyApplyConfiguration { return b } +// ExtractClusterImagePolicyFrom extracts the applied configuration owned by fieldManager from +// clusterImagePolicy for the specified subresource. Pass an empty string for subresource to extract +// the main resource. Common subresources include "status", "scale", etc. +// clusterImagePolicy must be a unmodified ClusterImagePolicy API object that was retrieved from the Kubernetes API. +// ExtractClusterImagePolicyFrom provides a way to perform a extract/modify-in-place/apply workflow. +// Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously +// applied if another fieldManager has updated or force applied any of the previously applied fields. +func ExtractClusterImagePolicyFrom(clusterImagePolicy *configv1.ClusterImagePolicy, fieldManager string, subresource string) (*ClusterImagePolicyApplyConfiguration, error) { + b := &ClusterImagePolicyApplyConfiguration{} + err := managedfields.ExtractInto(clusterImagePolicy, internal.Parser().Type("com.github.openshift.api.config.v1.ClusterImagePolicy"), fieldManager, b, subresource) + if err != nil { + return nil, err + } + b.WithName(clusterImagePolicy.Name) + + b.WithKind("ClusterImagePolicy") + b.WithAPIVersion("config.openshift.io/v1") + return b, nil +} + // ExtractClusterImagePolicy extracts the applied configuration owned by fieldManager from // clusterImagePolicy. If no managedFields are found in clusterImagePolicy for fieldManager, a // ClusterImagePolicyApplyConfiguration is returned with only the Name, Namespace (if applicable), @@ -40,30 +68,16 @@ func ClusterImagePolicy(name string) *ClusterImagePolicyApplyConfiguration { // ExtractClusterImagePolicy provides a way to perform a extract/modify-in-place/apply workflow. // Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously // applied if another fieldManager has updated or force applied any of the previously applied fields. -// Experimental! func ExtractClusterImagePolicy(clusterImagePolicy *configv1.ClusterImagePolicy, fieldManager string) (*ClusterImagePolicyApplyConfiguration, error) { - return extractClusterImagePolicy(clusterImagePolicy, fieldManager, "") + return ExtractClusterImagePolicyFrom(clusterImagePolicy, fieldManager, "") } -// ExtractClusterImagePolicyStatus is the same as ExtractClusterImagePolicy except -// that it extracts the status subresource applied configuration. -// Experimental! +// ExtractClusterImagePolicyStatus extracts the applied configuration owned by fieldManager from +// clusterImagePolicy for the status subresource. func ExtractClusterImagePolicyStatus(clusterImagePolicy *configv1.ClusterImagePolicy, fieldManager string) (*ClusterImagePolicyApplyConfiguration, error) { - return extractClusterImagePolicy(clusterImagePolicy, fieldManager, "status") + return ExtractClusterImagePolicyFrom(clusterImagePolicy, fieldManager, "status") } -func extractClusterImagePolicy(clusterImagePolicy *configv1.ClusterImagePolicy, fieldManager string, subresource string) (*ClusterImagePolicyApplyConfiguration, error) { - b := &ClusterImagePolicyApplyConfiguration{} - err := managedfields.ExtractInto(clusterImagePolicy, internal.Parser().Type("com.github.openshift.api.config.v1.ClusterImagePolicy"), fieldManager, b, subresource) - if err != nil { - return nil, err - } - b.WithName(clusterImagePolicy.Name) - - b.WithKind("ClusterImagePolicy") - b.WithAPIVersion("config.openshift.io/v1") - return b, nil -} func (b ClusterImagePolicyApplyConfiguration) IsApplyConfiguration() {} // WithKind sets the Kind field in the declarative configuration to the given value diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/clusterimagepolicyspec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/clusterimagepolicyspec.go index 8cee680f2..fc0abdc0b 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/clusterimagepolicyspec.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/clusterimagepolicyspec.go @@ -8,8 +8,23 @@ import ( // ClusterImagePolicySpecApplyConfiguration represents a declarative configuration of the ClusterImagePolicySpec type for use // with apply. +// +// CLusterImagePolicySpec is the specification of the ClusterImagePolicy custom resource. type ClusterImagePolicySpecApplyConfiguration struct { - Scopes []configv1.ImageScope `json:"scopes,omitempty"` + // scopes is a required field that defines the list of image identities assigned to a policy. Each item refers to a scope in a registry implementing the "Docker Registry HTTP API V2". + // Scopes matching individual images are named Docker references in the fully expanded form, either using a tag or digest. For example, docker.io/library/busybox:latest (not busybox:latest). + // More general scopes are prefixes of individual-image scopes, and specify a repository (by omitting the tag or digest), a repository + // namespace, or a registry host (by only specifying the host name and possibly a port number) or a wildcard expression starting with `*.`, for matching all subdomains (not including a port number). + // Wildcards are only supported for subdomain matching, and may not be used in the middle of the host, i.e. *.example.com is a valid case, but example*.*.com is not. + // This support no more than 256 scopes in one object. If multiple scopes match a given image, only the policy requirements for the most specific scope apply. The policy requirements for more general scopes are ignored. + // In addition to setting a policy appropriate for your own deployed applications, make sure that a policy on the OpenShift image repositories + // quay.io/openshift-release-dev/ocp-release, quay.io/openshift-release-dev/ocp-v4.0-art-dev (or on a more general scope) allows deployment of the OpenShift images required for cluster operation. + // If a scope is configured in both the ClusterImagePolicy and the ImagePolicy, or if the scope in ImagePolicy is nested under one of the scopes from the ClusterImagePolicy, only the policy from the ClusterImagePolicy will be applied. + // For additional details about the format, please refer to the document explaining the docker transport field, + // which can be found at: https://github.com/containers/image/blob/main/docs/containers-policy.json.5.md#docker + Scopes []configv1.ImageScope `json:"scopes,omitempty"` + // policy is a required field that contains configuration to allow scopes to be verified, and defines how + // images not matching the verification policy will be treated. Policy *ImageSigstoreVerificationPolicyApplyConfiguration `json:"policy,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/clusterimagepolicystatus.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/clusterimagepolicystatus.go index f508f7091..abcfa5ea8 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/clusterimagepolicystatus.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/clusterimagepolicystatus.go @@ -9,6 +9,7 @@ import ( // ClusterImagePolicyStatusApplyConfiguration represents a declarative configuration of the ClusterImagePolicyStatus type for use // with apply. type ClusterImagePolicyStatusApplyConfiguration struct { + // conditions provide details on the status of this API Resource. Conditions []metav1.ConditionApplyConfiguration `json:"conditions,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/clusternetworkentry.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/clusternetworkentry.go index ac180f893..790ab500f 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/clusternetworkentry.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/clusternetworkentry.go @@ -4,8 +4,14 @@ package v1 // ClusterNetworkEntryApplyConfiguration represents a declarative configuration of the ClusterNetworkEntry type for use // with apply. +// +// ClusterNetworkEntry is a contiguous block of IP addresses from which pod IPs +// are allocated. type ClusterNetworkEntryApplyConfiguration struct { - CIDR *string `json:"cidr,omitempty"` + // The complete block for pod IPs. + CIDR *string `json:"cidr,omitempty"` + // The size (prefix) of block to allocate to each node. If this + // field is not used by the plugin, it can be left unset. HostPrefix *uint32 `json:"hostPrefix,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/clusteroperator.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/clusteroperator.go index 66f1d1988..d0adae3dc 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/clusteroperator.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/clusteroperator.go @@ -13,11 +13,21 @@ import ( // ClusterOperatorApplyConfiguration represents a declarative configuration of the ClusterOperator type for use // with apply. +// +// ClusterOperator holds the status of a core or optional OpenShift component +// managed by the Cluster Version Operator (CVO). This object is used by +// operators to convey their state to the rest of the cluster. +// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). type ClusterOperatorApplyConfiguration struct { - metav1.TypeMetaApplyConfiguration `json:",inline"` + metav1.TypeMetaApplyConfiguration `json:",inline"` + // metadata is the standard object's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata *metav1.ObjectMetaApplyConfiguration `json:"metadata,omitempty"` - Spec *configv1.ClusterOperatorSpec `json:"spec,omitempty"` - Status *ClusterOperatorStatusApplyConfiguration `json:"status,omitempty"` + // spec holds configuration that could apply to any operator. + Spec *configv1.ClusterOperatorSpec `json:"spec,omitempty"` + // status holds the information about the state of an operator. It is consistent with status information across + // the Kubernetes ecosystem. + Status *ClusterOperatorStatusApplyConfiguration `json:"status,omitempty"` } // ClusterOperator constructs a declarative configuration of the ClusterOperator type for use with @@ -30,6 +40,26 @@ func ClusterOperator(name string) *ClusterOperatorApplyConfiguration { return b } +// ExtractClusterOperatorFrom extracts the applied configuration owned by fieldManager from +// clusterOperator for the specified subresource. Pass an empty string for subresource to extract +// the main resource. Common subresources include "status", "scale", etc. +// clusterOperator must be a unmodified ClusterOperator API object that was retrieved from the Kubernetes API. +// ExtractClusterOperatorFrom provides a way to perform a extract/modify-in-place/apply workflow. +// Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously +// applied if another fieldManager has updated or force applied any of the previously applied fields. +func ExtractClusterOperatorFrom(clusterOperator *configv1.ClusterOperator, fieldManager string, subresource string) (*ClusterOperatorApplyConfiguration, error) { + b := &ClusterOperatorApplyConfiguration{} + err := managedfields.ExtractInto(clusterOperator, internal.Parser().Type("com.github.openshift.api.config.v1.ClusterOperator"), fieldManager, b, subresource) + if err != nil { + return nil, err + } + b.WithName(clusterOperator.Name) + + b.WithKind("ClusterOperator") + b.WithAPIVersion("config.openshift.io/v1") + return b, nil +} + // ExtractClusterOperator extracts the applied configuration owned by fieldManager from // clusterOperator. If no managedFields are found in clusterOperator for fieldManager, a // ClusterOperatorApplyConfiguration is returned with only the Name, Namespace (if applicable), @@ -40,30 +70,16 @@ func ClusterOperator(name string) *ClusterOperatorApplyConfiguration { // ExtractClusterOperator provides a way to perform a extract/modify-in-place/apply workflow. // Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously // applied if another fieldManager has updated or force applied any of the previously applied fields. -// Experimental! func ExtractClusterOperator(clusterOperator *configv1.ClusterOperator, fieldManager string) (*ClusterOperatorApplyConfiguration, error) { - return extractClusterOperator(clusterOperator, fieldManager, "") + return ExtractClusterOperatorFrom(clusterOperator, fieldManager, "") } -// ExtractClusterOperatorStatus is the same as ExtractClusterOperator except -// that it extracts the status subresource applied configuration. -// Experimental! +// ExtractClusterOperatorStatus extracts the applied configuration owned by fieldManager from +// clusterOperator for the status subresource. func ExtractClusterOperatorStatus(clusterOperator *configv1.ClusterOperator, fieldManager string) (*ClusterOperatorApplyConfiguration, error) { - return extractClusterOperator(clusterOperator, fieldManager, "status") + return ExtractClusterOperatorFrom(clusterOperator, fieldManager, "status") } -func extractClusterOperator(clusterOperator *configv1.ClusterOperator, fieldManager string, subresource string) (*ClusterOperatorApplyConfiguration, error) { - b := &ClusterOperatorApplyConfiguration{} - err := managedfields.ExtractInto(clusterOperator, internal.Parser().Type("com.github.openshift.api.config.v1.ClusterOperator"), fieldManager, b, subresource) - if err != nil { - return nil, err - } - b.WithName(clusterOperator.Name) - - b.WithKind("ClusterOperator") - b.WithAPIVersion("config.openshift.io/v1") - return b, nil -} func (b ClusterOperatorApplyConfiguration) IsApplyConfiguration() {} // WithKind sets the Kind field in the declarative configuration to the given value diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/clusteroperatorstatus.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/clusteroperatorstatus.go index d5a198965..48e739690 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/clusteroperatorstatus.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/clusteroperatorstatus.go @@ -8,11 +8,23 @@ import ( // ClusterOperatorStatusApplyConfiguration represents a declarative configuration of the ClusterOperatorStatus type for use // with apply. +// +// ClusterOperatorStatus provides information about the status of the operator. type ClusterOperatorStatusApplyConfiguration struct { - Conditions []ClusterOperatorStatusConditionApplyConfiguration `json:"conditions,omitempty"` - Versions []OperandVersionApplyConfiguration `json:"versions,omitempty"` - RelatedObjects []ObjectReferenceApplyConfiguration `json:"relatedObjects,omitempty"` - Extension *runtime.RawExtension `json:"extension,omitempty"` + // conditions describes the state of the operator's managed and monitored components. + Conditions []ClusterOperatorStatusConditionApplyConfiguration `json:"conditions,omitempty"` + // versions is a slice of operator and operand version tuples. Operators which manage multiple operands will have multiple + // operand entries in the array. Available operators must report the version of the operator itself with the name "operator". + // An operator reports a new "operator" version when it has rolled out the new version to all of its operands. + Versions []OperandVersionApplyConfiguration `json:"versions,omitempty"` + // relatedObjects is a list of objects that are "interesting" or related to this operator. Common uses are: + // 1. the detailed resource driving the operator + // 2. operator namespaces + // 3. operand namespaces + RelatedObjects []ObjectReferenceApplyConfiguration `json:"relatedObjects,omitempty"` + // extension contains any additional status information specific to the + // operator which owns this status object. + Extension *runtime.RawExtension `json:"extension,omitempty"` } // ClusterOperatorStatusApplyConfiguration constructs a declarative configuration of the ClusterOperatorStatus type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/clusteroperatorstatuscondition.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/clusteroperatorstatuscondition.go index 3e58daa81..f7ac19e2b 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/clusteroperatorstatuscondition.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/clusteroperatorstatuscondition.go @@ -9,12 +9,22 @@ import ( // ClusterOperatorStatusConditionApplyConfiguration represents a declarative configuration of the ClusterOperatorStatusCondition type for use // with apply. +// +// ClusterOperatorStatusCondition represents the state of the operator's +// managed and monitored components. type ClusterOperatorStatusConditionApplyConfiguration struct { - Type *configv1.ClusterStatusConditionType `json:"type,omitempty"` - Status *configv1.ConditionStatus `json:"status,omitempty"` - LastTransitionTime *metav1.Time `json:"lastTransitionTime,omitempty"` - Reason *string `json:"reason,omitempty"` - Message *string `json:"message,omitempty"` + // type specifies the aspect reported by this condition. + Type *configv1.ClusterStatusConditionType `json:"type,omitempty"` + // status of the condition, one of True, False, Unknown. + Status *configv1.ConditionStatus `json:"status,omitempty"` + // lastTransitionTime is the time of the last update to the current status property. + LastTransitionTime *metav1.Time `json:"lastTransitionTime,omitempty"` + // reason is the CamelCase reason for the condition's current status. + Reason *string `json:"reason,omitempty"` + // message provides additional information about the current condition. + // This is only to be consumed by humans. It may contain Line Feed + // characters (U+000A), which should be rendered as new lines. + Message *string `json:"message,omitempty"` } // ClusterOperatorStatusConditionApplyConfiguration constructs a declarative configuration of the ClusterOperatorStatusCondition type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/clusterversion.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/clusterversion.go index b85a770ed..5cfcb7ea1 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/clusterversion.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/clusterversion.go @@ -13,11 +13,22 @@ import ( // ClusterVersionApplyConfiguration represents a declarative configuration of the ClusterVersion type for use // with apply. +// +// ClusterVersion is the configuration for the ClusterVersionOperator. This is where +// parameters related to automatic updates can be set. +// +// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). type ClusterVersionApplyConfiguration struct { - metav1.TypeMetaApplyConfiguration `json:",inline"` + metav1.TypeMetaApplyConfiguration `json:",inline"` + // metadata is the standard object's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata *metav1.ObjectMetaApplyConfiguration `json:"metadata,omitempty"` - Spec *ClusterVersionSpecApplyConfiguration `json:"spec,omitempty"` - Status *ClusterVersionStatusApplyConfiguration `json:"status,omitempty"` + // spec is the desired state of the cluster version - the operator will work + // to ensure that the desired version is applied to the cluster. + Spec *ClusterVersionSpecApplyConfiguration `json:"spec,omitempty"` + // status contains information about the available updates and any in-progress + // updates. + Status *ClusterVersionStatusApplyConfiguration `json:"status,omitempty"` } // ClusterVersion constructs a declarative configuration of the ClusterVersion type for use with @@ -30,6 +41,26 @@ func ClusterVersion(name string) *ClusterVersionApplyConfiguration { return b } +// ExtractClusterVersionFrom extracts the applied configuration owned by fieldManager from +// clusterVersion for the specified subresource. Pass an empty string for subresource to extract +// the main resource. Common subresources include "status", "scale", etc. +// clusterVersion must be a unmodified ClusterVersion API object that was retrieved from the Kubernetes API. +// ExtractClusterVersionFrom provides a way to perform a extract/modify-in-place/apply workflow. +// Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously +// applied if another fieldManager has updated or force applied any of the previously applied fields. +func ExtractClusterVersionFrom(clusterVersion *configv1.ClusterVersion, fieldManager string, subresource string) (*ClusterVersionApplyConfiguration, error) { + b := &ClusterVersionApplyConfiguration{} + err := managedfields.ExtractInto(clusterVersion, internal.Parser().Type("com.github.openshift.api.config.v1.ClusterVersion"), fieldManager, b, subresource) + if err != nil { + return nil, err + } + b.WithName(clusterVersion.Name) + + b.WithKind("ClusterVersion") + b.WithAPIVersion("config.openshift.io/v1") + return b, nil +} + // ExtractClusterVersion extracts the applied configuration owned by fieldManager from // clusterVersion. If no managedFields are found in clusterVersion for fieldManager, a // ClusterVersionApplyConfiguration is returned with only the Name, Namespace (if applicable), @@ -40,30 +71,16 @@ func ClusterVersion(name string) *ClusterVersionApplyConfiguration { // ExtractClusterVersion provides a way to perform a extract/modify-in-place/apply workflow. // Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously // applied if another fieldManager has updated or force applied any of the previously applied fields. -// Experimental! func ExtractClusterVersion(clusterVersion *configv1.ClusterVersion, fieldManager string) (*ClusterVersionApplyConfiguration, error) { - return extractClusterVersion(clusterVersion, fieldManager, "") + return ExtractClusterVersionFrom(clusterVersion, fieldManager, "") } -// ExtractClusterVersionStatus is the same as ExtractClusterVersion except -// that it extracts the status subresource applied configuration. -// Experimental! +// ExtractClusterVersionStatus extracts the applied configuration owned by fieldManager from +// clusterVersion for the status subresource. func ExtractClusterVersionStatus(clusterVersion *configv1.ClusterVersion, fieldManager string) (*ClusterVersionApplyConfiguration, error) { - return extractClusterVersion(clusterVersion, fieldManager, "status") + return ExtractClusterVersionFrom(clusterVersion, fieldManager, "status") } -func extractClusterVersion(clusterVersion *configv1.ClusterVersion, fieldManager string, subresource string) (*ClusterVersionApplyConfiguration, error) { - b := &ClusterVersionApplyConfiguration{} - err := managedfields.ExtractInto(clusterVersion, internal.Parser().Type("com.github.openshift.api.config.v1.ClusterVersion"), fieldManager, b, subresource) - if err != nil { - return nil, err - } - b.WithName(clusterVersion.Name) - - b.WithKind("ClusterVersion") - b.WithAPIVersion("config.openshift.io/v1") - return b, nil -} func (b ClusterVersionApplyConfiguration) IsApplyConfiguration() {} // WithKind sets the Kind field in the declarative configuration to the given value diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/clusterversioncapabilitiesspec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/clusterversioncapabilitiesspec.go index feb03e3c3..ba8a408f2 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/clusterversioncapabilitiesspec.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/clusterversioncapabilitiesspec.go @@ -8,9 +8,20 @@ import ( // ClusterVersionCapabilitiesSpecApplyConfiguration represents a declarative configuration of the ClusterVersionCapabilitiesSpec type for use // with apply. +// +// ClusterVersionCapabilitiesSpec selects the managed set of +// optional, core cluster components. type ClusterVersionCapabilitiesSpecApplyConfiguration struct { - BaselineCapabilitySet *configv1.ClusterVersionCapabilitySet `json:"baselineCapabilitySet,omitempty"` - AdditionalEnabledCapabilities []configv1.ClusterVersionCapability `json:"additionalEnabledCapabilities,omitempty"` + // baselineCapabilitySet selects an initial set of + // optional capabilities to enable, which can be extended via + // additionalEnabledCapabilities. If unset, the cluster will + // choose a default, and the default may change over time. + // The current default is vCurrent. + BaselineCapabilitySet *configv1.ClusterVersionCapabilitySet `json:"baselineCapabilitySet,omitempty"` + // additionalEnabledCapabilities extends the set of managed + // capabilities beyond the baseline defined in + // baselineCapabilitySet. The default is an empty set. + AdditionalEnabledCapabilities []configv1.ClusterVersionCapability `json:"additionalEnabledCapabilities,omitempty"` } // ClusterVersionCapabilitiesSpecApplyConfiguration constructs a declarative configuration of the ClusterVersionCapabilitiesSpec type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/clusterversioncapabilitiesstatus.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/clusterversioncapabilitiesstatus.go index 2a8807fe2..6198d46c7 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/clusterversioncapabilitiesstatus.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/clusterversioncapabilitiesstatus.go @@ -8,9 +8,14 @@ import ( // ClusterVersionCapabilitiesStatusApplyConfiguration represents a declarative configuration of the ClusterVersionCapabilitiesStatus type for use // with apply. +// +// ClusterVersionCapabilitiesStatus describes the state of optional, +// core cluster components. type ClusterVersionCapabilitiesStatusApplyConfiguration struct { + // enabledCapabilities lists all the capabilities that are currently managed. EnabledCapabilities []configv1.ClusterVersionCapability `json:"enabledCapabilities,omitempty"` - KnownCapabilities []configv1.ClusterVersionCapability `json:"knownCapabilities,omitempty"` + // knownCapabilities lists all the capabilities known to the current cluster. + KnownCapabilities []configv1.ClusterVersionCapability `json:"knownCapabilities,omitempty"` } // ClusterVersionCapabilitiesStatusApplyConfiguration constructs a declarative configuration of the ClusterVersionCapabilitiesStatus type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/clusterversionspec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/clusterversionspec.go index 926f29557..bb8e4f50d 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/clusterversionspec.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/clusterversionspec.go @@ -8,14 +8,66 @@ import ( // ClusterVersionSpecApplyConfiguration represents a declarative configuration of the ClusterVersionSpec type for use // with apply. +// +// ClusterVersionSpec is the desired version state of the cluster. It includes +// the version the cluster should be at, how the cluster is identified, and +// where the cluster should look for version updates. type ClusterVersionSpecApplyConfiguration struct { - ClusterID *configv1.ClusterID `json:"clusterID,omitempty"` - DesiredUpdate *UpdateApplyConfiguration `json:"desiredUpdate,omitempty"` - Upstream *configv1.URL `json:"upstream,omitempty"` - Channel *string `json:"channel,omitempty"` - Capabilities *ClusterVersionCapabilitiesSpecApplyConfiguration `json:"capabilities,omitempty"` - SignatureStores []SignatureStoreApplyConfiguration `json:"signatureStores,omitempty"` - Overrides []ComponentOverrideApplyConfiguration `json:"overrides,omitempty"` + // clusterID uniquely identifies this cluster. This is expected to be + // an RFC4122 UUID value (xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx in + // hexadecimal values). This is a required field. + ClusterID *configv1.ClusterID `json:"clusterID,omitempty"` + // desiredUpdate is an optional field that indicates the desired value of + // the cluster version. Setting this value will trigger an upgrade (if + // the current version does not match the desired version). The set of + // recommended update values is listed as part of available updates in + // status, and setting values outside that range may cause the upgrade + // to fail. + // + // Some of the fields are inter-related with restrictions and meanings described here. + // 1. image is specified, version is specified, architecture is specified. API validation error. + // 2. image is specified, version is specified, architecture is not specified. The version extracted from the referenced image must match the specified version. + // 3. image is specified, version is not specified, architecture is specified. API validation error. + // 4. image is specified, version is not specified, architecture is not specified. image is used. + // 5. image is not specified, version is specified, architecture is specified. version and desired architecture are used to select an image. + // 6. image is not specified, version is specified, architecture is not specified. version and current architecture are used to select an image. + // 7. image is not specified, version is not specified, architecture is specified. API validation error. + // 8. image is not specified, version is not specified, architecture is not specified. API validation error. + // + // If an upgrade fails the operator will halt and report status + // about the failing component. Setting the desired update value back to + // the previous version will cause a rollback to be attempted if the + // previous version is within the current minor version. Not all + // rollbacks will succeed, and some may unrecoverably break the + // cluster. + DesiredUpdate *UpdateApplyConfiguration `json:"desiredUpdate,omitempty"` + // upstream may be used to specify the preferred update server. By default + // it will use the appropriate update server for the cluster and region. + Upstream *configv1.URL `json:"upstream,omitempty"` + // channel is an identifier for explicitly requesting a non-default set + // of updates to be applied to this cluster. The default channel will + // contain stable updates that are appropriate for production clusters. + Channel *string `json:"channel,omitempty"` + // capabilities configures the installation of optional, core + // cluster components. A null value here is identical to an + // empty object; see the child properties for default semantics. + Capabilities *ClusterVersionCapabilitiesSpecApplyConfiguration `json:"capabilities,omitempty"` + // signatureStores contains the upstream URIs to verify release signatures and optional + // reference to a config map by name containing the PEM-encoded CA bundle. + // + // By default, CVO will use existing signature stores if this property is empty. + // The CVO will check the release signatures in the local ConfigMaps first. It will search for a valid signature + // in these stores in parallel only when local ConfigMaps did not include a valid signature. + // Validation will fail if none of the signature stores reply with valid signature before timeout. + // Setting signatureStores will replace the default signature stores with custom signature stores. + // Default stores can be used with custom signature stores by adding them manually. + // + // A maximum of 32 signature stores may be configured. + SignatureStores []SignatureStoreApplyConfiguration `json:"signatureStores,omitempty"` + // overrides is list of overides for components that are managed by + // cluster version operator. Marking a component unmanaged will prevent + // the operator from creating or updating the object. + Overrides []ComponentOverrideApplyConfiguration `json:"overrides,omitempty"` } // ClusterVersionSpecApplyConfiguration constructs a declarative configuration of the ClusterVersionSpec type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/clusterversionstatus.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/clusterversionstatus.go index 4d44643d4..3d68af9ea 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/clusterversionstatus.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/clusterversionstatus.go @@ -4,16 +4,63 @@ package v1 // ClusterVersionStatusApplyConfiguration represents a declarative configuration of the ClusterVersionStatus type for use // with apply. +// +// ClusterVersionStatus reports the status of the cluster versioning, +// including any upgrades that are in progress. The current field will +// be set to whichever version the cluster is reconciling to, and the +// conditions array will report whether the update succeeded, is in +// progress, or is failing. type ClusterVersionStatusApplyConfiguration struct { - Desired *ReleaseApplyConfiguration `json:"desired,omitempty"` - History []UpdateHistoryApplyConfiguration `json:"history,omitempty"` - ObservedGeneration *int64 `json:"observedGeneration,omitempty"` - VersionHash *string `json:"versionHash,omitempty"` - Capabilities *ClusterVersionCapabilitiesStatusApplyConfiguration `json:"capabilities,omitempty"` - Conditions []ClusterOperatorStatusConditionApplyConfiguration `json:"conditions,omitempty"` - AvailableUpdates []ReleaseApplyConfiguration `json:"availableUpdates,omitempty"` - ConditionalUpdates []ConditionalUpdateApplyConfiguration `json:"conditionalUpdates,omitempty"` - ConditionalUpdateRisks []ConditionalUpdateRiskApplyConfiguration `json:"conditionalUpdateRisks,omitempty"` + // desired is the version that the cluster is reconciling towards. + // If the cluster is not yet fully initialized desired will be set + // with the information available, which may be an image or a tag. + Desired *ReleaseApplyConfiguration `json:"desired,omitempty"` + // history contains a list of the most recent versions applied to the cluster. + // This value may be empty during cluster startup, and then will be updated + // when a new update is being applied. The newest update is first in the + // list and it is ordered by recency. Updates in the history have state + // Completed if the rollout completed - if an update was failing or halfway + // applied the state will be Partial. Only a limited amount of update history + // is preserved. + History []UpdateHistoryApplyConfiguration `json:"history,omitempty"` + // observedGeneration reports which version of the spec is being synced. + // If this value is not equal to metadata.generation, then the desired + // and conditions fields may represent a previous version. + ObservedGeneration *int64 `json:"observedGeneration,omitempty"` + // versionHash is a fingerprint of the content that the cluster will be + // updated with. It is used by the operator to avoid unnecessary work + // and is for internal use only. + VersionHash *string `json:"versionHash,omitempty"` + // capabilities describes the state of optional, core cluster components. + Capabilities *ClusterVersionCapabilitiesStatusApplyConfiguration `json:"capabilities,omitempty"` + // conditions provides information about the cluster version. The condition + // "Available" is set to true if the desiredUpdate has been reached. The + // condition "Progressing" is set to true if an update is being applied. + // The condition "Degraded" is set to true if an update is currently blocked + // by a temporary or permanent error. Conditions are only valid for the + // current desiredUpdate when metadata.generation is equal to + // status.generation. + Conditions []ClusterOperatorStatusConditionApplyConfiguration `json:"conditions,omitempty"` + // availableUpdates contains updates recommended for this + // cluster. Updates which appear in conditionalUpdates but not in + // availableUpdates may expose this cluster to known issues. This list + // may be empty if no updates are recommended, if the update service + // is unavailable, or if an invalid channel has been specified. + AvailableUpdates []ReleaseApplyConfiguration `json:"availableUpdates,omitempty"` + // conditionalUpdates contains the list of updates that may be + // recommended for this cluster if it meets specific required + // conditions. Consumers interested in the set of updates that are + // actually recommended for this cluster should use + // availableUpdates. This list may be empty if no updates are + // recommended, if the update service is unavailable, or if an empty + // or invalid channel has been specified. + ConditionalUpdates []ConditionalUpdateApplyConfiguration `json:"conditionalUpdates,omitempty"` + // conditionalUpdateRisks contains the list of risks associated with conditionalUpdates. + // When performing a conditional update, all its associated risks will be compared with the set of accepted risks in the spec.desiredUpdate.acceptRisks field. + // If all risks for a conditional update are included in the spec.desiredUpdate.acceptRisks set, the conditional update can proceed, otherwise it is blocked. + // The risk names in the list must be unique. + // conditionalUpdateRisks must not contain more than 500 entries. + ConditionalUpdateRisks []ConditionalUpdateRiskApplyConfiguration `json:"conditionalUpdateRisks,omitempty"` } // ClusterVersionStatusApplyConfiguration constructs a declarative configuration of the ClusterVersionStatus type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/componentoverride.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/componentoverride.go index e87332d89..b304cd6b4 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/componentoverride.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/componentoverride.go @@ -4,12 +4,23 @@ package v1 // ComponentOverrideApplyConfiguration represents a declarative configuration of the ComponentOverride type for use // with apply. +// +// ComponentOverride allows overriding cluster version operator's behavior +// for a component. type ComponentOverrideApplyConfiguration struct { - Kind *string `json:"kind,omitempty"` - Group *string `json:"group,omitempty"` + // kind indentifies which object to override. + Kind *string `json:"kind,omitempty"` + // group identifies the API group that the kind is in. + Group *string `json:"group,omitempty"` + // namespace is the component's namespace. If the resource is cluster + // scoped, the namespace should be empty. Namespace *string `json:"namespace,omitempty"` - Name *string `json:"name,omitempty"` - Unmanaged *bool `json:"unmanaged,omitempty"` + // name is the component's name. + Name *string `json:"name,omitempty"` + // unmanaged controls if cluster version operator should stop managing the + // resources in this cluster. + // Default: false + Unmanaged *bool `json:"unmanaged,omitempty"` } // ComponentOverrideApplyConfiguration constructs a declarative configuration of the ComponentOverride type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/componentroutespec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/componentroutespec.go index beebd2b02..f4e383844 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/componentroutespec.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/componentroutespec.go @@ -8,10 +8,25 @@ import ( // ComponentRouteSpecApplyConfiguration represents a declarative configuration of the ComponentRouteSpec type for use // with apply. +// +// ComponentRouteSpec allows for configuration of a route's hostname and serving certificate. type ComponentRouteSpecApplyConfiguration struct { - Namespace *string `json:"namespace,omitempty"` - Name *string `json:"name,omitempty"` - Hostname *configv1.Hostname `json:"hostname,omitempty"` + // namespace is the namespace of the route to customize. + // + // The namespace and name of this componentRoute must match a corresponding + // entry in the list of status.componentRoutes if the route is to be customized. + Namespace *string `json:"namespace,omitempty"` + // name is the logical name of the route to customize. + // + // The namespace and name of this componentRoute must match a corresponding + // entry in the list of status.componentRoutes if the route is to be customized. + Name *string `json:"name,omitempty"` + // hostname is the hostname that should be used by the route. + Hostname *configv1.Hostname `json:"hostname,omitempty"` + // servingCertKeyPairSecret is a reference to a secret of type `kubernetes.io/tls` in the openshift-config namespace. + // The serving cert/key pair must match and will be used by the operator to fulfill the intent of serving with this name. + // If the custom hostname uses the default routing suffix of the cluster, + // the Secret specification for a serving certificate will not be needed. ServingCertKeyPairSecret *SecretNameReferenceApplyConfiguration `json:"servingCertKeyPairSecret,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/componentroutestatus.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/componentroutestatus.go index ae9553882..6d364d906 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/componentroutestatus.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/componentroutestatus.go @@ -9,14 +9,43 @@ import ( // ComponentRouteStatusApplyConfiguration represents a declarative configuration of the ComponentRouteStatus type for use // with apply. +// +// ComponentRouteStatus contains information allowing configuration of a route's hostname and serving certificate. type ComponentRouteStatusApplyConfiguration struct { - Namespace *string `json:"namespace,omitempty"` - Name *string `json:"name,omitempty"` - DefaultHostname *configv1.Hostname `json:"defaultHostname,omitempty"` - ConsumingUsers []configv1.ConsumingUser `json:"consumingUsers,omitempty"` - CurrentHostnames []configv1.Hostname `json:"currentHostnames,omitempty"` - Conditions []metav1.ConditionApplyConfiguration `json:"conditions,omitempty"` - RelatedObjects []ObjectReferenceApplyConfiguration `json:"relatedObjects,omitempty"` + // namespace is the namespace of the route to customize. It must be a real namespace. Using an actual namespace + // ensures that no two components will conflict and the same component can be installed multiple times. + // + // The namespace and name of this componentRoute must match a corresponding + // entry in the list of spec.componentRoutes if the route is to be customized. + Namespace *string `json:"namespace,omitempty"` + // name is the logical name of the route to customize. It does not have to be the actual name of a route resource + // but it cannot be renamed. + // + // The namespace and name of this componentRoute must match a corresponding + // entry in the list of spec.componentRoutes if the route is to be customized. + Name *string `json:"name,omitempty"` + // defaultHostname is the hostname of this route prior to customization. + DefaultHostname *configv1.Hostname `json:"defaultHostname,omitempty"` + // consumingUsers is a slice of ServiceAccounts that need to have read permission on the servingCertKeyPairSecret secret. + ConsumingUsers []configv1.ConsumingUser `json:"consumingUsers,omitempty"` + // currentHostnames is the list of current names used by the route. Typically, this list should consist of a single + // hostname, but if multiple hostnames are supported by the route the operator may write multiple entries to this list. + CurrentHostnames []configv1.Hostname `json:"currentHostnames,omitempty"` + // conditions are used to communicate the state of the componentRoutes entry. + // + // Supported conditions include Available, Degraded and Progressing. + // + // If available is true, the content served by the route can be accessed by users. This includes cases + // where a default may continue to serve content while the customized route specified by the cluster-admin + // is being configured. + // + // If Degraded is true, that means something has gone wrong trying to handle the componentRoutes entry. + // The currentHostnames field may or may not be in effect. + // + // If Progressing is true, that means the component is taking some action related to the componentRoutes entry. + Conditions []metav1.ConditionApplyConfiguration `json:"conditions,omitempty"` + // relatedObjects is a list of resources which are useful when debugging or inspecting how spec.componentRoutes is applied. + RelatedObjects []ObjectReferenceApplyConfiguration `json:"relatedObjects,omitempty"` } // ComponentRouteStatusApplyConfiguration constructs a declarative configuration of the ComponentRouteStatus type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/conditionalupdate.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/conditionalupdate.go index 8bffb192c..a771436b6 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/conditionalupdate.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/conditionalupdate.go @@ -8,11 +8,30 @@ import ( // ConditionalUpdateApplyConfiguration represents a declarative configuration of the ConditionalUpdate type for use // with apply. +// +// ConditionalUpdate represents an update which is recommended to some +// clusters on the version the current cluster is reconciling, but which +// may not be recommended for the current cluster. type ConditionalUpdateApplyConfiguration struct { - Release *ReleaseApplyConfiguration `json:"release,omitempty"` - RiskNames []string `json:"riskNames,omitempty"` - Risks []ConditionalUpdateRiskApplyConfiguration `json:"risks,omitempty"` - Conditions []metav1.ConditionApplyConfiguration `json:"conditions,omitempty"` + // release is the target of the update. + Release *ReleaseApplyConfiguration `json:"release,omitempty"` + // riskNames represents the set of the names of conditionalUpdateRisks that are relevant to this update for some clusters. + // The Applies condition of each conditionalUpdateRisks entry declares if that risk applies to this cluster. + // A conditional update is accepted only if each of its risks either does not apply to the cluster or is considered acceptable by the cluster administrator. + // The latter means that the risk names are included in value of the spec.desiredUpdate.acceptRisks field. + // Entries must be unique and must not exceed 256 characters. + // riskNames must not contain more than 500 entries. + RiskNames []string `json:"riskNames,omitempty"` + // risks represents the range of issues associated with + // updating to the target release. The cluster-version + // operator will evaluate all entries, and only recommend the + // update if there is at least one entry and all entries + // recommend the update. + Risks []ConditionalUpdateRiskApplyConfiguration `json:"risks,omitempty"` + // conditions represents the observations of the conditional update's + // current status. Known types are: + // * Recommended, for whether the update is recommended for the current cluster. + Conditions []metav1.ConditionApplyConfiguration `json:"conditions,omitempty"` } // ConditionalUpdateApplyConfiguration constructs a declarative configuration of the ConditionalUpdate type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/conditionalupdaterisk.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/conditionalupdaterisk.go index fdfc14ebf..faf72ba82 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/conditionalupdaterisk.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/conditionalupdaterisk.go @@ -8,11 +8,34 @@ import ( // ConditionalUpdateRiskApplyConfiguration represents a declarative configuration of the ConditionalUpdateRisk type for use // with apply. +// +// ConditionalUpdateRisk represents a reason and cluster-state +// for not recommending a conditional update. type ConditionalUpdateRiskApplyConfiguration struct { - Conditions []metav1.ConditionApplyConfiguration `json:"conditions,omitempty"` - URL *string `json:"url,omitempty"` - Name *string `json:"name,omitempty"` - Message *string `json:"message,omitempty"` + // conditions represents the observations of the conditional update + // risk's current status. Known types are: + // * Applies, for whether the risk applies to the current cluster. + // The condition's types in the list must be unique. + // conditions must not contain more than one entry. + Conditions []metav1.ConditionApplyConfiguration `json:"conditions,omitempty"` + // url contains information about this risk. + URL *string `json:"url,omitempty"` + // name is the CamelCase reason for not recommending a + // conditional update, in the event that matchingRules match the + // cluster state. + Name *string `json:"name,omitempty"` + // message provides additional information about the risk of + // updating, in the event that matchingRules match the cluster + // state. This is only to be consumed by humans. It may + // contain Line Feed characters (U+000A), which should be + // rendered as new lines. + Message *string `json:"message,omitempty"` + // matchingRules is a slice of conditions for deciding which + // clusters match the risk and which do not. The slice is + // ordered by decreasing precedence. The cluster-version + // operator will walk the slice in order, and stop after the + // first it can successfully evaluate. If no condition can be + // successfully evaluated, the update will not be recommended. MatchingRules []ClusterConditionApplyConfiguration `json:"matchingRules,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/configmapfilereference.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/configmapfilereference.go index 3c70be2c1..fd04f126c 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/configmapfilereference.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/configmapfilereference.go @@ -4,9 +4,13 @@ package v1 // ConfigMapFileReferenceApplyConfiguration represents a declarative configuration of the ConfigMapFileReference type for use // with apply. +// +// ConfigMapFileReference references a config map in a specific namespace. +// The namespace must be specified at the point of use. type ConfigMapFileReferenceApplyConfiguration struct { Name *string `json:"name,omitempty"` - Key *string `json:"key,omitempty"` + // key allows pointing to a specific key/value inside of the configmap. This is useful for logical file references. + Key *string `json:"key,omitempty"` } // ConfigMapFileReferenceApplyConfiguration constructs a declarative configuration of the ConfigMapFileReference type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/configmapnamereference.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/configmapnamereference.go index 8236ba123..4c67ee7f9 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/configmapnamereference.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/configmapnamereference.go @@ -4,7 +4,11 @@ package v1 // ConfigMapNameReferenceApplyConfiguration represents a declarative configuration of the ConfigMapNameReference type for use // with apply. +// +// ConfigMapNameReference references a config map in a specific namespace. +// The namespace must be specified at the point of use. type ConfigMapNameReferenceApplyConfiguration struct { + // name is the metadata.name of the referenced config map Name *string `json:"name,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/console.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/console.go index e4d496e1a..09039257c 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/console.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/console.go @@ -13,11 +13,21 @@ import ( // ConsoleApplyConfiguration represents a declarative configuration of the Console type for use // with apply. +// +// Console holds cluster-wide configuration for the web console, including the +// logout URL, and reports the public URL of the console. The canonical name is +// `cluster`. +// +// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). type ConsoleApplyConfiguration struct { - metav1.TypeMetaApplyConfiguration `json:",inline"` + metav1.TypeMetaApplyConfiguration `json:",inline"` + // metadata is the standard object's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata *metav1.ObjectMetaApplyConfiguration `json:"metadata,omitempty"` - Spec *ConsoleSpecApplyConfiguration `json:"spec,omitempty"` - Status *ConsoleStatusApplyConfiguration `json:"status,omitempty"` + // spec holds user settable values for configuration + Spec *ConsoleSpecApplyConfiguration `json:"spec,omitempty"` + // status holds observed values from the cluster. They may not be overridden. + Status *ConsoleStatusApplyConfiguration `json:"status,omitempty"` } // Console constructs a declarative configuration of the Console type for use with @@ -30,6 +40,26 @@ func Console(name string) *ConsoleApplyConfiguration { return b } +// ExtractConsoleFrom extracts the applied configuration owned by fieldManager from +// console for the specified subresource. Pass an empty string for subresource to extract +// the main resource. Common subresources include "status", "scale", etc. +// console must be a unmodified Console API object that was retrieved from the Kubernetes API. +// ExtractConsoleFrom provides a way to perform a extract/modify-in-place/apply workflow. +// Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously +// applied if another fieldManager has updated or force applied any of the previously applied fields. +func ExtractConsoleFrom(console *configv1.Console, fieldManager string, subresource string) (*ConsoleApplyConfiguration, error) { + b := &ConsoleApplyConfiguration{} + err := managedfields.ExtractInto(console, internal.Parser().Type("com.github.openshift.api.config.v1.Console"), fieldManager, b, subresource) + if err != nil { + return nil, err + } + b.WithName(console.Name) + + b.WithKind("Console") + b.WithAPIVersion("config.openshift.io/v1") + return b, nil +} + // ExtractConsole extracts the applied configuration owned by fieldManager from // console. If no managedFields are found in console for fieldManager, a // ConsoleApplyConfiguration is returned with only the Name, Namespace (if applicable), @@ -40,30 +70,16 @@ func Console(name string) *ConsoleApplyConfiguration { // ExtractConsole provides a way to perform a extract/modify-in-place/apply workflow. // Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously // applied if another fieldManager has updated or force applied any of the previously applied fields. -// Experimental! func ExtractConsole(console *configv1.Console, fieldManager string) (*ConsoleApplyConfiguration, error) { - return extractConsole(console, fieldManager, "") + return ExtractConsoleFrom(console, fieldManager, "") } -// ExtractConsoleStatus is the same as ExtractConsole except -// that it extracts the status subresource applied configuration. -// Experimental! +// ExtractConsoleStatus extracts the applied configuration owned by fieldManager from +// console for the status subresource. func ExtractConsoleStatus(console *configv1.Console, fieldManager string) (*ConsoleApplyConfiguration, error) { - return extractConsole(console, fieldManager, "status") + return ExtractConsoleFrom(console, fieldManager, "status") } -func extractConsole(console *configv1.Console, fieldManager string, subresource string) (*ConsoleApplyConfiguration, error) { - b := &ConsoleApplyConfiguration{} - err := managedfields.ExtractInto(console, internal.Parser().Type("com.github.openshift.api.config.v1.Console"), fieldManager, b, subresource) - if err != nil { - return nil, err - } - b.WithName(console.Name) - - b.WithKind("Console") - b.WithAPIVersion("config.openshift.io/v1") - return b, nil -} func (b ConsoleApplyConfiguration) IsApplyConfiguration() {} // WithKind sets the Kind field in the declarative configuration to the given value diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/consoleauthentication.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/consoleauthentication.go index cdc3aa732..a1d5c9e00 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/consoleauthentication.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/consoleauthentication.go @@ -4,7 +4,19 @@ package v1 // ConsoleAuthenticationApplyConfiguration represents a declarative configuration of the ConsoleAuthentication type for use // with apply. +// +// ConsoleAuthentication defines a list of optional configuration for console authentication. type ConsoleAuthenticationApplyConfiguration struct { + // An optional, absolute URL to redirect web browsers to after logging out of + // the console. If not specified, it will redirect to the default login page. + // This is required when using an identity provider that supports single + // sign-on (SSO) such as: + // - OpenID (Keycloak, Azure) + // - RequestHeader (GSSAPI, SSPI, SAML) + // - OAuth (GitHub, GitLab, Google) + // Logging out of the console will destroy the user's token. The logoutRedirect + // provides the user the option to perform single logout (SLO) through the identity + // provider to destroy their single sign-on session. LogoutRedirect *string `json:"logoutRedirect,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/consolespec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/consolespec.go index 0ce163b2b..6760392ae 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/consolespec.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/consolespec.go @@ -4,6 +4,8 @@ package v1 // ConsoleSpecApplyConfiguration represents a declarative configuration of the ConsoleSpec type for use // with apply. +// +// ConsoleSpec is the specification of the desired behavior of the Console. type ConsoleSpecApplyConfiguration struct { Authentication *ConsoleAuthenticationApplyConfiguration `json:"authentication,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/consolestatus.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/consolestatus.go index f1336def3..cbc5a9496 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/consolestatus.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/consolestatus.go @@ -4,7 +4,11 @@ package v1 // ConsoleStatusApplyConfiguration represents a declarative configuration of the ConsoleStatus type for use // with apply. +// +// ConsoleStatus defines the observed status of the Console. type ConsoleStatusApplyConfiguration struct { + // The URL for the console. This will be derived from the host for the route that + // is created for the console. ConsoleURL *string `json:"consoleURL,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/custom.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/custom.go index 77234d0df..0de7826f9 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/custom.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/custom.go @@ -4,7 +4,15 @@ package v1 // CustomApplyConfiguration represents a declarative configuration of the Custom type for use // with apply. +// +// Custom provides the custom configuration of gatherers type CustomApplyConfiguration struct { + // configs is a required list of gatherers configurations that can be used to enable or disable specific gatherers. + // It may not exceed 100 items and each gatherer can be present only once. + // It is possible to disable an entire set of gatherers while allowing a specific function within that set. + // The particular gatherers IDs can be found at https://github.com/openshift/insights-operator/blob/master/docs/gathered-data.md. + // Run the following command to get the names of last active gatherers: + // "oc get insightsoperators.operator.openshift.io cluster -o json | jq '.status.gatherStatus.gatherers[].name'" Configs []GathererConfigApplyConfiguration `json:"configs,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/customfeaturegates.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/customfeaturegates.go index 7cd70c7ee..84d6febb5 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/customfeaturegates.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/customfeaturegates.go @@ -9,7 +9,9 @@ import ( // CustomFeatureGatesApplyConfiguration represents a declarative configuration of the CustomFeatureGates type for use // with apply. type CustomFeatureGatesApplyConfiguration struct { - Enabled []configv1.FeatureGateName `json:"enabled,omitempty"` + // enabled is a list of all feature gates that you want to force on + Enabled []configv1.FeatureGateName `json:"enabled,omitempty"` + // disabled is a list of all feature gates that you want to force off Disabled []configv1.FeatureGateName `json:"disabled,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/customtlsprofile.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/customtlsprofile.go index ae03671cd..7b682ef20 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/customtlsprofile.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/customtlsprofile.go @@ -8,6 +8,9 @@ import ( // CustomTLSProfileApplyConfiguration represents a declarative configuration of the CustomTLSProfile type for use // with apply. +// +// CustomTLSProfile is a user-defined TLS security profile. Be extremely careful +// using a custom TLS profile as invalid configurations can be catastrophic. type CustomTLSProfileApplyConfiguration struct { TLSProfileSpecApplyConfiguration `json:",inline"` } @@ -28,6 +31,16 @@ func (b *CustomTLSProfileApplyConfiguration) WithCiphers(values ...string) *Cust return b } +// WithGroups adds the given value to the Groups field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Groups field. +func (b *CustomTLSProfileApplyConfiguration) WithGroups(values ...configv1.TLSGroup) *CustomTLSProfileApplyConfiguration { + for i := range values { + b.TLSProfileSpecApplyConfiguration.Groups = append(b.TLSProfileSpecApplyConfiguration.Groups, values[i]) + } + return b +} + // WithMinTLSVersion sets the MinTLSVersion field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the MinTLSVersion field is set to the value of the last call. diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/deprecatedwebhooktokenauthenticator.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/deprecatedwebhooktokenauthenticator.go index 20742aec9..0efc32680 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/deprecatedwebhooktokenauthenticator.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/deprecatedwebhooktokenauthenticator.go @@ -4,7 +4,17 @@ package v1 // DeprecatedWebhookTokenAuthenticatorApplyConfiguration represents a declarative configuration of the DeprecatedWebhookTokenAuthenticator type for use // with apply. +// +// deprecatedWebhookTokenAuthenticator holds the necessary configuration options for a remote token authenticator. +// It's the same as WebhookTokenAuthenticator but it's missing the 'required' validation on KubeConfig field. type DeprecatedWebhookTokenAuthenticatorApplyConfiguration struct { + // kubeConfig contains kube config file data which describes how to access the remote webhook service. + // For further details, see: + // https://kubernetes.io/docs/reference/access-authn-authz/authentication/#webhook-token-authentication + // The key "kubeConfig" is used to locate the data. + // If the secret or expected key is not found, the webhook is not honored. + // If the specified kube config data is not valid, the webhook is not honored. + // The namespace for this secret is determined by the point of use. KubeConfig *SecretNameReferenceApplyConfiguration `json:"kubeConfig,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/dns.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/dns.go index 2ff9dc857..18e5d1483 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/dns.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/dns.go @@ -13,11 +13,19 @@ import ( // DNSApplyConfiguration represents a declarative configuration of the DNS type for use // with apply. +// +// DNS holds cluster-wide information about DNS. The canonical name is `cluster` +// +// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). type DNSApplyConfiguration struct { - metav1.TypeMetaApplyConfiguration `json:",inline"` + metav1.TypeMetaApplyConfiguration `json:",inline"` + // metadata is the standard object's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata *metav1.ObjectMetaApplyConfiguration `json:"metadata,omitempty"` - Spec *DNSSpecApplyConfiguration `json:"spec,omitempty"` - Status *configv1.DNSStatus `json:"status,omitempty"` + // spec holds user settable values for configuration + Spec *DNSSpecApplyConfiguration `json:"spec,omitempty"` + // status holds observed values from the cluster. They may not be overridden. + Status *configv1.DNSStatus `json:"status,omitempty"` } // DNS constructs a declarative configuration of the DNS type for use with @@ -30,6 +38,26 @@ func DNS(name string) *DNSApplyConfiguration { return b } +// ExtractDNSFrom extracts the applied configuration owned by fieldManager from +// dNS for the specified subresource. Pass an empty string for subresource to extract +// the main resource. Common subresources include "status", "scale", etc. +// dNS must be a unmodified DNS API object that was retrieved from the Kubernetes API. +// ExtractDNSFrom provides a way to perform a extract/modify-in-place/apply workflow. +// Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously +// applied if another fieldManager has updated or force applied any of the previously applied fields. +func ExtractDNSFrom(dNS *configv1.DNS, fieldManager string, subresource string) (*DNSApplyConfiguration, error) { + b := &DNSApplyConfiguration{} + err := managedfields.ExtractInto(dNS, internal.Parser().Type("com.github.openshift.api.config.v1.DNS"), fieldManager, b, subresource) + if err != nil { + return nil, err + } + b.WithName(dNS.Name) + + b.WithKind("DNS") + b.WithAPIVersion("config.openshift.io/v1") + return b, nil +} + // ExtractDNS extracts the applied configuration owned by fieldManager from // dNS. If no managedFields are found in dNS for fieldManager, a // DNSApplyConfiguration is returned with only the Name, Namespace (if applicable), @@ -40,30 +68,16 @@ func DNS(name string) *DNSApplyConfiguration { // ExtractDNS provides a way to perform a extract/modify-in-place/apply workflow. // Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously // applied if another fieldManager has updated or force applied any of the previously applied fields. -// Experimental! func ExtractDNS(dNS *configv1.DNS, fieldManager string) (*DNSApplyConfiguration, error) { - return extractDNS(dNS, fieldManager, "") + return ExtractDNSFrom(dNS, fieldManager, "") } -// ExtractDNSStatus is the same as ExtractDNS except -// that it extracts the status subresource applied configuration. -// Experimental! +// ExtractDNSStatus extracts the applied configuration owned by fieldManager from +// dNS for the status subresource. func ExtractDNSStatus(dNS *configv1.DNS, fieldManager string) (*DNSApplyConfiguration, error) { - return extractDNS(dNS, fieldManager, "status") + return ExtractDNSFrom(dNS, fieldManager, "status") } -func extractDNS(dNS *configv1.DNS, fieldManager string, subresource string) (*DNSApplyConfiguration, error) { - b := &DNSApplyConfiguration{} - err := managedfields.ExtractInto(dNS, internal.Parser().Type("com.github.openshift.api.config.v1.DNS"), fieldManager, b, subresource) - if err != nil { - return nil, err - } - b.WithName(dNS.Name) - - b.WithKind("DNS") - b.WithAPIVersion("config.openshift.io/v1") - return b, nil -} func (b DNSApplyConfiguration) IsApplyConfiguration() {} // WithKind sets the Kind field in the declarative configuration to the given value diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/dnsplatformspec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/dnsplatformspec.go index 46bf616b2..d77bcf2c3 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/dnsplatformspec.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/dnsplatformspec.go @@ -8,9 +8,18 @@ import ( // DNSPlatformSpecApplyConfiguration represents a declarative configuration of the DNSPlatformSpec type for use // with apply. +// +// DNSPlatformSpec holds cloud-provider-specific configuration +// for DNS administration. type DNSPlatformSpecApplyConfiguration struct { - Type *configv1.PlatformType `json:"type,omitempty"` - AWS *AWSDNSSpecApplyConfiguration `json:"aws,omitempty"` + // type is the underlying infrastructure provider for the cluster. + // Allowed values: "", "AWS". + // + // Individual components may not support all platforms, + // and must handle unrecognized platforms with best-effort defaults. + Type *configv1.PlatformType `json:"type,omitempty"` + // aws contains DNS configuration specific to the Amazon Web Services cloud provider. + AWS *AWSDNSSpecApplyConfiguration `json:"aws,omitempty"` } // DNSPlatformSpecApplyConfiguration constructs a declarative configuration of the DNSPlatformSpec type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/dnsspec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/dnsspec.go index fbc8b60e7..efb839645 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/dnsspec.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/dnsspec.go @@ -5,10 +5,33 @@ package v1 // DNSSpecApplyConfiguration represents a declarative configuration of the DNSSpec type for use // with apply. type DNSSpecApplyConfiguration struct { - BaseDomain *string `json:"baseDomain,omitempty"` - PublicZone *DNSZoneApplyConfiguration `json:"publicZone,omitempty"` - PrivateZone *DNSZoneApplyConfiguration `json:"privateZone,omitempty"` - Platform *DNSPlatformSpecApplyConfiguration `json:"platform,omitempty"` + // baseDomain is the base domain of the cluster. All managed DNS records will + // be sub-domains of this base. + // + // For example, given the base domain `openshift.example.com`, an API server + // DNS record may be created for `cluster-api.openshift.example.com`. + // + // Once set, this field cannot be changed. + BaseDomain *string `json:"baseDomain,omitempty"` + // publicZone is the location where all the DNS records that are publicly accessible to + // the internet exist. + // + // If this field is nil, no public records should be created. + // + // Once set, this field cannot be changed. + PublicZone *DNSZoneApplyConfiguration `json:"publicZone,omitempty"` + // privateZone is the location where all the DNS records that are only available internally + // to the cluster exist. + // + // If this field is nil, no private records should be created. + // + // Once set, this field cannot be changed. + PrivateZone *DNSZoneApplyConfiguration `json:"privateZone,omitempty"` + // platform holds configuration specific to the underlying + // infrastructure provider for DNS. + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + Platform *DNSPlatformSpecApplyConfiguration `json:"platform,omitempty"` } // DNSSpecApplyConfiguration constructs a declarative configuration of the DNSSpec type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/dnszone.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/dnszone.go index 39ef2776e..c637c6efb 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/dnszone.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/dnszone.go @@ -4,8 +4,25 @@ package v1 // DNSZoneApplyConfiguration represents a declarative configuration of the DNSZone type for use // with apply. +// +// DNSZone is used to define a DNS hosted zone. +// A zone can be identified by an ID or tags. type DNSZoneApplyConfiguration struct { - ID *string `json:"id,omitempty"` + // id is the identifier that can be used to find the DNS hosted zone. + // + // on AWS zone can be fetched using `ID` as id in [1] + // on Azure zone can be fetched using `ID` as a pre-determined name in [2], + // on GCP zone can be fetched using `ID` as a pre-determined name in [3]. + // + // [1]: https://docs.aws.amazon.com/cli/latest/reference/route53/get-hosted-zone.html#options + // [2]: https://docs.microsoft.com/en-us/cli/azure/network/dns/zone?view=azure-cli-latest#az-network-dns-zone-show + // [3]: https://cloud.google.com/dns/docs/reference/v1/managedZones/get + ID *string `json:"id,omitempty"` + // tags can be used to query the DNS hosted zone. + // + // on AWS, resourcegroupstaggingapi [1] can be used to fetch a zone using `Tags` as tag-filters, + // + // [1]: https://docs.aws.amazon.com/cli/latest/reference/resourcegroupstaggingapi/get-resources.html#options Tags map[string]string `json:"tags,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/equinixmetalplatformstatus.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/equinixmetalplatformstatus.go index 8e17df603..e39fcf9d0 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/equinixmetalplatformstatus.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/equinixmetalplatformstatus.go @@ -4,9 +4,17 @@ package v1 // EquinixMetalPlatformStatusApplyConfiguration represents a declarative configuration of the EquinixMetalPlatformStatus type for use // with apply. +// +// EquinixMetalPlatformStatus holds the current status of the Equinix Metal infrastructure provider. type EquinixMetalPlatformStatusApplyConfiguration struct { + // apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used + // by components inside the cluster, like kubelets using the infrastructure rather + // than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI + // points to. It is the IP for a self-hosted load balancer in front of the API servers. APIServerInternalIP *string `json:"apiServerInternalIP,omitempty"` - IngressIP *string `json:"ingressIP,omitempty"` + // ingressIP is an external IP which routes to the default ingress controller. + // The IP is a suitable target of a wildcard DNS record used to resolve default route host names. + IngressIP *string `json:"ingressIP,omitempty"` } // EquinixMetalPlatformStatusApplyConfiguration constructs a declarative configuration of the EquinixMetalPlatformStatus type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/externalclaimssource.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/externalclaimssource.go new file mode 100644 index 000000000..143544e7c --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/externalclaimssource.go @@ -0,0 +1,97 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +// ExternalClaimsSourceApplyConfiguration represents a declarative configuration of the ExternalClaimsSource type for use +// with apply. +// +// ExternalClaimsSource provides the configuration for a single external claim source. +type ExternalClaimsSourceApplyConfiguration struct { + // authentication is an optional field that configures how the apiserver authenticates with an external claims source. + // When not specified, anonymous authentication is used which means no 'Authorization' header + // is sent in the HTTP request to fetch the external claims. + Authentication *ExternalSourceAuthenticationApplyConfiguration `json:"authentication,omitempty"` + // tls is an optional field that configures the http client TLS + // settings when fetching external claims from this source. + // + // When omitted, system default TLS settings will be used + // for fetching claims from the external source. + TLS *ExternalSourceTLSApplyConfiguration `json:"tls,omitempty"` + // url is a required configuration of the URL + // for which the external claims are located. + URL *SourceURLApplyConfiguration `json:"url,omitempty"` + // mappings is a required list of the claim + // and response handling expression pairs + // that produces the claims from the external source. + // mappings must have at least 1 entry and must not exceed 16 entries. + // Entries must have a unique name across all external claim sources. + Mappings []SourcedClaimMappingApplyConfiguration `json:"mappings,omitempty"` + // predicates is an optional list of constraints in + // which claims should attempt to be fetched from this + // external source. + // + // When omitted, claims are always fetched + // from this external source. + // + // When specified, all predicates must evaluate to 'true' + // before claims are attempted to be fetched from this external source. + // predicates must have at least 1 entry and must not exceed 16 entries. + // Entries must have unique expressions. + Predicates []ExternalSourcePredicateApplyConfiguration `json:"predicates,omitempty"` +} + +// ExternalClaimsSourceApplyConfiguration constructs a declarative configuration of the ExternalClaimsSource type for use with +// apply. +func ExternalClaimsSource() *ExternalClaimsSourceApplyConfiguration { + return &ExternalClaimsSourceApplyConfiguration{} +} + +// WithAuthentication sets the Authentication field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Authentication field is set to the value of the last call. +func (b *ExternalClaimsSourceApplyConfiguration) WithAuthentication(value *ExternalSourceAuthenticationApplyConfiguration) *ExternalClaimsSourceApplyConfiguration { + b.Authentication = value + return b +} + +// WithTLS sets the TLS field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the TLS field is set to the value of the last call. +func (b *ExternalClaimsSourceApplyConfiguration) WithTLS(value *ExternalSourceTLSApplyConfiguration) *ExternalClaimsSourceApplyConfiguration { + b.TLS = value + return b +} + +// WithURL sets the URL field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the URL field is set to the value of the last call. +func (b *ExternalClaimsSourceApplyConfiguration) WithURL(value *SourceURLApplyConfiguration) *ExternalClaimsSourceApplyConfiguration { + b.URL = value + return b +} + +// WithMappings adds the given value to the Mappings field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Mappings field. +func (b *ExternalClaimsSourceApplyConfiguration) WithMappings(values ...*SourcedClaimMappingApplyConfiguration) *ExternalClaimsSourceApplyConfiguration { + for i := range values { + if values[i] == nil { + panic("nil value passed to WithMappings") + } + b.Mappings = append(b.Mappings, *values[i]) + } + return b +} + +// WithPredicates adds the given value to the Predicates field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Predicates field. +func (b *ExternalClaimsSourceApplyConfiguration) WithPredicates(values ...*ExternalSourcePredicateApplyConfiguration) *ExternalClaimsSourceApplyConfiguration { + for i := range values { + if values[i] == nil { + panic("nil value passed to WithPredicates") + } + b.Predicates = append(b.Predicates, *values[i]) + } + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/externalipconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/externalipconfig.go index d3b9c1746..e2dc0ddef 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/externalipconfig.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/externalipconfig.go @@ -4,9 +4,21 @@ package v1 // ExternalIPConfigApplyConfiguration represents a declarative configuration of the ExternalIPConfig type for use // with apply. +// +// ExternalIPConfig specifies some IP blocks relevant for the ExternalIP field +// of a Service resource. type ExternalIPConfigApplyConfiguration struct { - Policy *ExternalIPPolicyApplyConfiguration `json:"policy,omitempty"` - AutoAssignCIDRs []string `json:"autoAssignCIDRs,omitempty"` + // policy is a set of restrictions applied to the ExternalIP field. + // If nil or empty, then ExternalIP is not allowed to be set. + Policy *ExternalIPPolicyApplyConfiguration `json:"policy,omitempty"` + // autoAssignCIDRs is a list of CIDRs from which to automatically assign + // Service.ExternalIP. These are assigned when the service is of type + // LoadBalancer. In general, this is only useful for bare-metal clusters. + // In Openshift 3.x, this was misleadingly called "IngressIPs". + // Automatically assigned External IPs are not affected by any + // ExternalIPPolicy rules. + // Currently, only one entry may be provided. + AutoAssignCIDRs []string `json:"autoAssignCIDRs,omitempty"` } // ExternalIPConfigApplyConfiguration constructs a declarative configuration of the ExternalIPConfig type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/externalippolicy.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/externalippolicy.go index 269d934b9..ae29697ff 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/externalippolicy.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/externalippolicy.go @@ -4,8 +4,15 @@ package v1 // ExternalIPPolicyApplyConfiguration represents a declarative configuration of the ExternalIPPolicy type for use // with apply. +// +// ExternalIPPolicy configures exactly which IPs are allowed for the ExternalIP +// field in a Service. If the zero struct is supplied, then none are permitted. +// The policy controller always allows automatically assigned external IPs. type ExternalIPPolicyApplyConfiguration struct { - AllowedCIDRs []string `json:"allowedCIDRs,omitempty"` + // allowedCIDRs is the list of allowed CIDRs. + AllowedCIDRs []string `json:"allowedCIDRs,omitempty"` + // rejectedCIDRs is the list of disallowed CIDRs. These take precedence + // over allowedCIDRs. RejectedCIDRs []string `json:"rejectedCIDRs,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/externalplatformspec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/externalplatformspec.go index d7640e142..1d48611bd 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/externalplatformspec.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/externalplatformspec.go @@ -4,7 +4,11 @@ package v1 // ExternalPlatformSpecApplyConfiguration represents a declarative configuration of the ExternalPlatformSpec type for use // with apply. +// +// ExternalPlatformSpec holds the desired state for the generic External infrastructure provider. type ExternalPlatformSpecApplyConfiguration struct { + // platformName holds the arbitrary string representing the infrastructure provider name, expected to be set at the installation time. + // This field is solely for informational and reporting purposes and is not expected to be used for decision-making. PlatformName *string `json:"platformName,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/externalplatformstatus.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/externalplatformstatus.go index 65f8f2b10..f9b6e4c79 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/externalplatformstatus.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/externalplatformstatus.go @@ -4,7 +4,12 @@ package v1 // ExternalPlatformStatusApplyConfiguration represents a declarative configuration of the ExternalPlatformStatus type for use // with apply. +// +// ExternalPlatformStatus holds the current status of the generic External infrastructure provider. type ExternalPlatformStatusApplyConfiguration struct { + // cloudControllerManager contains settings specific to the external Cloud Controller Manager (a.k.a. CCM or CPI). + // When omitted, new nodes will be not tainted + // and no extra initialization from the cloud controller manager is expected. CloudControllerManager *CloudControllerManagerStatusApplyConfiguration `json:"cloudControllerManager,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/externalsourceauthentication.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/externalsourceauthentication.go new file mode 100644 index 000000000..a2deb822e --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/externalsourceauthentication.go @@ -0,0 +1,57 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +import ( + configv1 "github.com/openshift/api/config/v1" +) + +// ExternalSourceAuthenticationApplyConfiguration represents a declarative configuration of the ExternalSourceAuthentication type for use +// with apply. +// +// ExternalSourceAuthentication configures how the apiserver should attempt +// to authenticate with an external claims source. +type ExternalSourceAuthenticationApplyConfiguration struct { + // type is a required field that sets the type of + // authentication method used by the authenticator + // when fetching external claims. + // + // Allowed values are 'RequestProvidedToken' and 'ClientCredential'. + // + // When set to 'RequestProvidedToken', the authenticator will + // use the token provided to the kube-apiserver as part of the + // request to authenticate with the external claims source. + // + // When set to 'ClientCredential', the authenticator will + // use the configured client-id, client-secret, and token endpoint + // to fetch an access token using the OAuth2 client credentials grant + // flow. The fetched access token will then be used to authenticate + // with the external claims source. + Type *configv1.ExternalSourceAuthenticationType `json:"type,omitempty"` + // clientCredential configures the client credentials + // and token endpoint to use to get an access token. + // clientCredential is required when type is 'ClientCredential', and forbidden otherwise. + ClientCredential *ClientCredentialConfigApplyConfiguration `json:"clientCredential,omitempty"` +} + +// ExternalSourceAuthenticationApplyConfiguration constructs a declarative configuration of the ExternalSourceAuthentication type for use with +// apply. +func ExternalSourceAuthentication() *ExternalSourceAuthenticationApplyConfiguration { + return &ExternalSourceAuthenticationApplyConfiguration{} +} + +// WithType sets the Type field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Type field is set to the value of the last call. +func (b *ExternalSourceAuthenticationApplyConfiguration) WithType(value configv1.ExternalSourceAuthenticationType) *ExternalSourceAuthenticationApplyConfiguration { + b.Type = &value + return b +} + +// WithClientCredential sets the ClientCredential field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the ClientCredential field is set to the value of the last call. +func (b *ExternalSourceAuthenticationApplyConfiguration) WithClientCredential(value *ClientCredentialConfigApplyConfiguration) *ExternalSourceAuthenticationApplyConfiguration { + b.ClientCredential = value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/externalsourcecertificateauthorityconfigmapreference.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/externalsourcecertificateauthorityconfigmapreference.go new file mode 100644 index 000000000..f1fb64e74 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/externalsourcecertificateauthorityconfigmapreference.go @@ -0,0 +1,34 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +// ExternalSourceCertificateAuthorityConfigMapReferenceApplyConfiguration represents a declarative configuration of the ExternalSourceCertificateAuthorityConfigMapReference type for use +// with apply. +// +// ExternalSourceCertificateAuthorityConfigMapReference is a reference to a ConfigMap in the openshift-config +// namespace that should be used for configuring the certificate authority to be +// used when sourcing claims from external sources. +type ExternalSourceCertificateAuthorityConfigMapReferenceApplyConfiguration struct { + // name is the required name of the ConfigMap that exists in the openshift-config namespace. + // The key "ca-bundle.crt" must be present and must contain the CA certificate to be used + // to verify the external source's TLS certificate. + // + // It must be at least 1 character in length, must not exceed 253 characters in length, + // must start and end with a lowercase alphanumeric character, and must only contain + // lowercase alphanumeric characters, '-' or '.'. + Name *string `json:"name,omitempty"` +} + +// ExternalSourceCertificateAuthorityConfigMapReferenceApplyConfiguration constructs a declarative configuration of the ExternalSourceCertificateAuthorityConfigMapReference type for use with +// apply. +func ExternalSourceCertificateAuthorityConfigMapReference() *ExternalSourceCertificateAuthorityConfigMapReferenceApplyConfiguration { + return &ExternalSourceCertificateAuthorityConfigMapReferenceApplyConfiguration{} +} + +// WithName sets the Name field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Name field is set to the value of the last call. +func (b *ExternalSourceCertificateAuthorityConfigMapReferenceApplyConfiguration) WithName(value string) *ExternalSourceCertificateAuthorityConfigMapReferenceApplyConfiguration { + b.Name = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/externalsourcepredicate.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/externalsourcepredicate.go new file mode 100644 index 000000000..ade172dee --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/externalsourcepredicate.go @@ -0,0 +1,43 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +// ExternalSourcePredicateApplyConfiguration represents a declarative configuration of the ExternalSourcePredicate type for use +// with apply. +// +// ExternalSourcePredicate configures a singular condition +// that must return true before the external source is queried +// to retrieve external claims. +type ExternalSourcePredicateApplyConfiguration struct { + // expression is a required CEL expression that + // is used to determine whether or not an external + // source should be used to fetch external claims. + // + // The expression must return a boolean value, + // where true means that the source should be consulted + // and false means that it should not. + // + // Claims from the token used for the request to the kube-apiserver + // are made available via the `claims` variable. + // + // The contents of the `claims` variable varies based on the claims that are + // present in the token being validated. It is the responsibility of those configuring this + // field to understand what claims the identity provider includes when issuing tokens. + // + // expression must be at least 1 character and must not exceed 1024 characters in length. + Expression *string `json:"expression,omitempty"` +} + +// ExternalSourcePredicateApplyConfiguration constructs a declarative configuration of the ExternalSourcePredicate type for use with +// apply. +func ExternalSourcePredicate() *ExternalSourcePredicateApplyConfiguration { + return &ExternalSourcePredicateApplyConfiguration{} +} + +// WithExpression sets the Expression field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Expression field is set to the value of the last call. +func (b *ExternalSourcePredicateApplyConfiguration) WithExpression(value string) *ExternalSourcePredicateApplyConfiguration { + b.Expression = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/externalsourcetls.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/externalsourcetls.go new file mode 100644 index 000000000..a0b84ad6d --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/externalsourcetls.go @@ -0,0 +1,30 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +// ExternalSourceTLSApplyConfiguration represents a declarative configuration of the ExternalSourceTLS type for use +// with apply. +// +// ExternalSourceTLS configures the TLS options that the apiserver uses as a client +// when making a request to the external claim source. +type ExternalSourceTLSApplyConfiguration struct { + // certificateAuthority is a required reference to a ConfigMap in the openshift-config + // namespace that contains the CA certificate to use to validate TLS connections with the external claims source. + // The key "ca-bundle.crt" must be present in the referenced ConfigMap and must contain the CA certificate to be used + // to verify the external source's TLS certificate. + CertificateAuthority *ExternalSourceCertificateAuthorityConfigMapReferenceApplyConfiguration `json:"certificateAuthority,omitempty"` +} + +// ExternalSourceTLSApplyConfiguration constructs a declarative configuration of the ExternalSourceTLS type for use with +// apply. +func ExternalSourceTLS() *ExternalSourceTLSApplyConfiguration { + return &ExternalSourceTLSApplyConfiguration{} +} + +// WithCertificateAuthority sets the CertificateAuthority field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the CertificateAuthority field is set to the value of the last call. +func (b *ExternalSourceTLSApplyConfiguration) WithCertificateAuthority(value *ExternalSourceCertificateAuthorityConfigMapReferenceApplyConfiguration) *ExternalSourceTLSApplyConfiguration { + b.CertificateAuthority = value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/extramapping.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/extramapping.go index 4100ed7ed..46fa7c46c 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/extramapping.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/extramapping.go @@ -4,8 +4,38 @@ package v1 // ExtraMappingApplyConfiguration represents a declarative configuration of the ExtraMapping type for use // with apply. +// +// ExtraMapping allows specifying a key and CEL expression to evaluate the keys' value. +// It is used to create additional mappings and attributes added to a cluster identity from a provided authentication token. type ExtraMappingApplyConfiguration struct { - Key *string `json:"key,omitempty"` + // key is a required field that specifies the string to use as the extra attribute key. + // + // key must be a domain-prefix path (e.g 'example.org/foo'). + // key must not exceed 510 characters in length. + // key must contain the '/' character, separating the domain and path characters. + // key must not be empty. + // + // The domain portion of the key (string of characters prior to the '/') must be a valid RFC1123 subdomain. + // It must not exceed 253 characters in length. + // It must start and end with an alphanumeric character. + // It must only contain lower case alphanumeric characters and '-' or '.'. + // It must not use the reserved domains, or be subdomains of, "kubernetes.io", "k8s.io", and "openshift.io". + // + // The path portion of the key (string of characters after the '/') must not be empty and must consist of at least one alphanumeric character, percent-encoded octets, '-', '.', '_', '~', '!', '$', '&', ”', '(', ')', '*', '+', ',', ';', '=', and ':'. + // It must not exceed 256 characters in length. + Key *string `json:"key,omitempty"` + // valueExpression is a required field to specify the CEL expression to extract the extra attribute value from a JWT token's claims. + // valueExpression must produce a string or string array value. + // "", [], and null are treated as the extra mapping not being present. + // Empty string values within an array are filtered out. + // + // CEL expressions have access to the token claims through a CEL variable, 'claims'. + // 'claims' is a map of claim names to claim values. + // For example, the 'sub' claim value can be accessed as 'claims.sub'. + // Nested claims can be accessed using dot notation ('claims.foo.bar'). + // + // valueExpression must not exceed 1024 characters in length. + // valueExpression must not be empty. ValueExpression *string `json:"valueExpression,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/featuregate.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/featuregate.go index 2ec8b3af4..a32c2bbee 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/featuregate.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/featuregate.go @@ -13,11 +13,19 @@ import ( // FeatureGateApplyConfiguration represents a declarative configuration of the FeatureGate type for use // with apply. +// +// Feature holds cluster-wide information about feature gates. The canonical name is `cluster` +// +// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). type FeatureGateApplyConfiguration struct { - metav1.TypeMetaApplyConfiguration `json:",inline"` + metav1.TypeMetaApplyConfiguration `json:",inline"` + // metadata is the standard object's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata *metav1.ObjectMetaApplyConfiguration `json:"metadata,omitempty"` - Spec *FeatureGateSpecApplyConfiguration `json:"spec,omitempty"` - Status *FeatureGateStatusApplyConfiguration `json:"status,omitempty"` + // spec holds user settable values for configuration + Spec *FeatureGateSpecApplyConfiguration `json:"spec,omitempty"` + // status holds observed values from the cluster. They may not be overridden. + Status *FeatureGateStatusApplyConfiguration `json:"status,omitempty"` } // FeatureGate constructs a declarative configuration of the FeatureGate type for use with @@ -30,6 +38,26 @@ func FeatureGate(name string) *FeatureGateApplyConfiguration { return b } +// ExtractFeatureGateFrom extracts the applied configuration owned by fieldManager from +// featureGate for the specified subresource. Pass an empty string for subresource to extract +// the main resource. Common subresources include "status", "scale", etc. +// featureGate must be a unmodified FeatureGate API object that was retrieved from the Kubernetes API. +// ExtractFeatureGateFrom provides a way to perform a extract/modify-in-place/apply workflow. +// Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously +// applied if another fieldManager has updated or force applied any of the previously applied fields. +func ExtractFeatureGateFrom(featureGate *configv1.FeatureGate, fieldManager string, subresource string) (*FeatureGateApplyConfiguration, error) { + b := &FeatureGateApplyConfiguration{} + err := managedfields.ExtractInto(featureGate, internal.Parser().Type("com.github.openshift.api.config.v1.FeatureGate"), fieldManager, b, subresource) + if err != nil { + return nil, err + } + b.WithName(featureGate.Name) + + b.WithKind("FeatureGate") + b.WithAPIVersion("config.openshift.io/v1") + return b, nil +} + // ExtractFeatureGate extracts the applied configuration owned by fieldManager from // featureGate. If no managedFields are found in featureGate for fieldManager, a // FeatureGateApplyConfiguration is returned with only the Name, Namespace (if applicable), @@ -40,30 +68,16 @@ func FeatureGate(name string) *FeatureGateApplyConfiguration { // ExtractFeatureGate provides a way to perform a extract/modify-in-place/apply workflow. // Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously // applied if another fieldManager has updated or force applied any of the previously applied fields. -// Experimental! func ExtractFeatureGate(featureGate *configv1.FeatureGate, fieldManager string) (*FeatureGateApplyConfiguration, error) { - return extractFeatureGate(featureGate, fieldManager, "") + return ExtractFeatureGateFrom(featureGate, fieldManager, "") } -// ExtractFeatureGateStatus is the same as ExtractFeatureGate except -// that it extracts the status subresource applied configuration. -// Experimental! +// ExtractFeatureGateStatus extracts the applied configuration owned by fieldManager from +// featureGate for the status subresource. func ExtractFeatureGateStatus(featureGate *configv1.FeatureGate, fieldManager string) (*FeatureGateApplyConfiguration, error) { - return extractFeatureGate(featureGate, fieldManager, "status") + return ExtractFeatureGateFrom(featureGate, fieldManager, "status") } -func extractFeatureGate(featureGate *configv1.FeatureGate, fieldManager string, subresource string) (*FeatureGateApplyConfiguration, error) { - b := &FeatureGateApplyConfiguration{} - err := managedfields.ExtractInto(featureGate, internal.Parser().Type("com.github.openshift.api.config.v1.FeatureGate"), fieldManager, b, subresource) - if err != nil { - return nil, err - } - b.WithName(featureGate.Name) - - b.WithKind("FeatureGate") - b.WithAPIVersion("config.openshift.io/v1") - return b, nil -} func (b FeatureGateApplyConfiguration) IsApplyConfiguration() {} // WithKind sets the Kind field in the declarative configuration to the given value diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/featuregateattributes.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/featuregateattributes.go index 7884ec287..9a800ca4a 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/featuregateattributes.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/featuregateattributes.go @@ -9,6 +9,7 @@ import ( // FeatureGateAttributesApplyConfiguration represents a declarative configuration of the FeatureGateAttributes type for use // with apply. type FeatureGateAttributesApplyConfiguration struct { + // name is the name of the FeatureGate. Name *configv1.FeatureGateName `json:"name,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/featuregatedetails.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/featuregatedetails.go index c451f74df..3aa4b84e6 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/featuregatedetails.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/featuregatedetails.go @@ -5,8 +5,11 @@ package v1 // FeatureGateDetailsApplyConfiguration represents a declarative configuration of the FeatureGateDetails type for use // with apply. type FeatureGateDetailsApplyConfiguration struct { - Version *string `json:"version,omitempty"` - Enabled []FeatureGateAttributesApplyConfiguration `json:"enabled,omitempty"` + // version matches the version provided by the ClusterVersion and in the ClusterOperator.Status.Versions field. + Version *string `json:"version,omitempty"` + // enabled is a list of all feature gates that are enabled in the cluster for the named version. + Enabled []FeatureGateAttributesApplyConfiguration `json:"enabled,omitempty"` + // disabled is a list of all feature gates that are disabled in the cluster for the named version. Disabled []FeatureGateAttributesApplyConfiguration `json:"disabled,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/featuregateselection.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/featuregateselection.go index b79d3f883..a5225476d 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/featuregateselection.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/featuregateselection.go @@ -9,7 +9,12 @@ import ( // FeatureGateSelectionApplyConfiguration represents a declarative configuration of the FeatureGateSelection type for use // with apply. type FeatureGateSelectionApplyConfiguration struct { - FeatureSet *configv1.FeatureSet `json:"featureSet,omitempty"` + // featureSet changes the list of features in the cluster. The default is empty. Be very careful adjusting this setting. + // Turning on or off features may cause irreversible changes in your cluster which cannot be undone. + FeatureSet *configv1.FeatureSet `json:"featureSet,omitempty"` + // customNoUpgrade allows the enabling or disabling of any feature. Turning this feature set on IS NOT SUPPORTED, CANNOT BE UNDONE, and PREVENTS UPGRADES. + // Because of its nature, this setting cannot be validated. If you have any typos or accidentally apply invalid combinations + // your cluster may fail in an unrecoverable way. featureSet must equal "CustomNoUpgrade" must be set to use this field. CustomNoUpgrade *CustomFeatureGatesApplyConfiguration `json:"customNoUpgrade,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/featuregatestatus.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/featuregatestatus.go index 705c3d0cf..ca90fe317 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/featuregatestatus.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/featuregatestatus.go @@ -9,7 +9,17 @@ import ( // FeatureGateStatusApplyConfiguration represents a declarative configuration of the FeatureGateStatus type for use // with apply. type FeatureGateStatusApplyConfiguration struct { - Conditions []metav1.ConditionApplyConfiguration `json:"conditions,omitempty"` + // conditions represent the observations of the current state. + // Known .status.conditions.type are: "DeterminationDegraded" + Conditions []metav1.ConditionApplyConfiguration `json:"conditions,omitempty"` + // featureGates contains a list of enabled and disabled featureGates that are keyed by payloadVersion. + // Operators other than the CVO and cluster-config-operator, must read the .status.featureGates, locate + // the version they are managing, find the enabled/disabled featuregates and make the operand and operator match. + // The enabled/disabled values for a particular version may change during the life of the cluster as various + // .spec.featureSet values are selected. + // Operators may choose to restart their processes to pick up these changes, but remembering past enable/disable + // lists is beyond the scope of this API and is the responsibility of individual operators. + // Only featureGates with .version in the ClusterVersion.status will be present in this list. FeatureGates []FeatureGateDetailsApplyConfiguration `json:"featureGates,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/gatherconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/gatherconfig.go index eaa796519..8013512a5 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/gatherconfig.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/gatherconfig.go @@ -8,10 +8,21 @@ import ( // GatherConfigApplyConfiguration represents a declarative configuration of the GatherConfig type for use // with apply. +// +// GatherConfig provides data gathering configuration options. type GatherConfigApplyConfiguration struct { - DataPolicy []configv1.DataPolicyOption `json:"dataPolicy,omitempty"` - Gatherers *GatherersApplyConfiguration `json:"gatherers,omitempty"` - Storage *StorageApplyConfiguration `json:"storage,omitempty"` + // dataPolicy is an optional list of DataPolicyOptions that allows user to enable additional obfuscation of the Insights archive data. + // It may not exceed 2 items and must not contain duplicates. + // Valid values are ObfuscateNetworking and WorkloadNames. + // When set to ObfuscateNetworking the IP addresses and the cluster domain name are obfuscated. + // When set to WorkloadNames, the gathered data about cluster resources will not contain the workload names for your deployments. Resources UIDs will be used instead. + // When omitted no obfuscation is applied. + DataPolicy []configv1.DataPolicyOption `json:"dataPolicy,omitempty"` + // gatherers is a required field that specifies the configuration of the gatherers. + Gatherers *GatherersApplyConfiguration `json:"gatherers,omitempty"` + // storage is an optional field that allows user to define persistent storage for gathering jobs to store the Insights data archive. + // If omitted, the gathering job will use ephemeral storage. + Storage *StorageApplyConfiguration `json:"storage,omitempty"` } // GatherConfigApplyConfiguration constructs a declarative configuration of the GatherConfig type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/gathererconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/gathererconfig.go index caa8b79d0..d63c4d4f0 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/gathererconfig.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/gathererconfig.go @@ -8,8 +8,21 @@ import ( // GathererConfigApplyConfiguration represents a declarative configuration of the GathererConfig type for use // with apply. +// +// GathererConfig allows to configure specific gatherers type GathererConfigApplyConfiguration struct { - Name *string `json:"name,omitempty"` + // name is the required name of a specific gatherer. + // It may not exceed 256 characters. + // The format for a gatherer name is: {gatherer}/{function} where the function is optional. + // Gatherer consists of a lowercase letters only that may include underscores (_). + // Function consists of a lowercase letters only that may include underscores (_) and is separated from the gatherer by a forward slash (/). + // The particular gatherers can be found at https://github.com/openshift/insights-operator/blob/master/docs/gathered-data.md. + // Run the following command to get the names of last active gatherers: + // "oc get insightsoperators.operator.openshift.io cluster -o json | jq '.status.gatherStatus.gatherers[].name'" + Name *string `json:"name,omitempty"` + // state is a required field that allows you to configure specific gatherer. Valid values are "Enabled" and "Disabled". + // When set to Enabled the gatherer will run. + // When set to Disabled the gatherer will not run. State *configv1.GathererState `json:"state,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/gatherers.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/gatherers.go index 32469f512..06ee2cf6a 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/gatherers.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/gatherers.go @@ -8,8 +8,18 @@ import ( // GatherersApplyConfiguration represents a declarative configuration of the Gatherers type for use // with apply. +// +// Gatherers specifies the configuration of the gatherers type GatherersApplyConfiguration struct { - Mode *configv1.GatheringMode `json:"mode,omitempty"` + // mode is a required field that specifies the mode for gatherers. Allowed values are All, None, and Custom. + // When set to All, all gatherers will run and gather data. + // When set to None, all gatherers will be disabled and no data will be gathered. + // When set to Custom, the custom configuration from the custom field will be applied. + Mode *configv1.GatheringMode `json:"mode,omitempty"` + // custom provides gathering configuration. + // It is required when mode is Custom, and forbidden otherwise. + // Custom configuration allows user to disable only a subset of gatherers. + // Gatherers that are not explicitly disabled in custom configuration will run. Custom *CustomApplyConfiguration `json:"custom,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/gcpplatformstatus.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/gcpplatformstatus.go index 9c28888cf..bf4c761d1 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/gcpplatformstatus.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/gcpplatformstatus.go @@ -4,11 +4,28 @@ package v1 // GCPPlatformStatusApplyConfiguration represents a declarative configuration of the GCPPlatformStatus type for use // with apply. +// +// GCPPlatformStatus holds the current status of the Google Cloud Platform infrastructure provider. type GCPPlatformStatusApplyConfiguration struct { - ProjectID *string `json:"projectID,omitempty"` - Region *string `json:"region,omitempty"` - ResourceLabels []GCPResourceLabelApplyConfiguration `json:"resourceLabels,omitempty"` - ResourceTags []GCPResourceTagApplyConfiguration `json:"resourceTags,omitempty"` + // resourceGroupName is the Project ID for new GCP resources created for the cluster. + ProjectID *string `json:"projectID,omitempty"` + // region holds the region for new GCP resources created for the cluster. + Region *string `json:"region,omitempty"` + // resourceLabels is a list of additional labels to apply to GCP resources created for the cluster. + // See https://cloud.google.com/compute/docs/labeling-resources for information on labeling GCP resources. + // GCP supports a maximum of 64 labels per resource. OpenShift reserves 32 labels for internal use, + // allowing 32 labels for user configuration. + ResourceLabels []GCPResourceLabelApplyConfiguration `json:"resourceLabels,omitempty"` + // resourceTags is a list of additional tags to apply to GCP resources created for the cluster. + // See https://cloud.google.com/resource-manager/docs/tags/tags-overview for information on + // tagging GCP resources. GCP supports a maximum of 50 tags per resource. + ResourceTags []GCPResourceTagApplyConfiguration `json:"resourceTags,omitempty"` + // cloudLoadBalancerConfig holds configuration related to DNS and cloud + // load balancers. It allows configuration of in-cluster DNS as an alternative + // to the platform default DNS implementation. + // When using the ClusterHosted DNS type, Load Balancer IP addresses + // must be provided for the API and internal API load balancers as well as the + // ingress load balancer. CloudLoadBalancerConfig *CloudLoadBalancerConfigApplyConfiguration `json:"cloudLoadBalancerConfig,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/gcpresourcelabel.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/gcpresourcelabel.go index 5d408e45e..1c2f5b570 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/gcpresourcelabel.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/gcpresourcelabel.go @@ -4,8 +4,16 @@ package v1 // GCPResourceLabelApplyConfiguration represents a declarative configuration of the GCPResourceLabel type for use // with apply. +// +// GCPResourceLabel is a label to apply to GCP resources created for the cluster. type GCPResourceLabelApplyConfiguration struct { - Key *string `json:"key,omitempty"` + // key is the key part of the label. A label key can have a maximum of 63 characters and cannot be empty. + // Label key must begin with a lowercase letter, and must contain only lowercase letters, numeric characters, + // and the following special characters `_-`. Label key must not have the reserved prefixes `kubernetes-io` + // and `openshift-io`. + Key *string `json:"key,omitempty"` + // value is the value part of the label. A label value can have a maximum of 63 characters and cannot be empty. + // Value must contain only lowercase letters, numeric characters, and the following special characters `_-`. Value *string `json:"value,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/gcpresourcetag.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/gcpresourcetag.go index 8f22d3a54..7652b2886 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/gcpresourcetag.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/gcpresourcetag.go @@ -4,10 +4,25 @@ package v1 // GCPResourceTagApplyConfiguration represents a declarative configuration of the GCPResourceTag type for use // with apply. +// +// GCPResourceTag is a tag to apply to GCP resources created for the cluster. type GCPResourceTagApplyConfiguration struct { + // parentID is the ID of the hierarchical resource where the tags are defined, + // e.g. at the Organization or the Project level. To find the Organization or Project ID refer to the following pages: + // https://cloud.google.com/resource-manager/docs/creating-managing-organization#retrieving_your_organization_id, + // https://cloud.google.com/resource-manager/docs/creating-managing-projects#identifying_projects. + // An OrganizationID must consist of decimal numbers, and cannot have leading zeroes. + // A ProjectID must be 6 to 30 characters in length, can only contain lowercase letters, numbers, + // and hyphens, and must start with a letter, and cannot end with a hyphen. ParentID *string `json:"parentID,omitempty"` - Key *string `json:"key,omitempty"` - Value *string `json:"value,omitempty"` + // key is the key part of the tag. A tag key can have a maximum of 63 characters and cannot be empty. + // Tag key must begin and end with an alphanumeric character, and must contain only uppercase, lowercase + // alphanumeric characters, and the following special characters `._-`. + Key *string `json:"key,omitempty"` + // value is the value part of the tag. A tag value can have a maximum of 63 characters and cannot be empty. + // Tag value must begin and end with an alphanumeric character, and must contain only uppercase, lowercase + // alphanumeric characters, and the following special characters `_-.@%=+:,*#&(){}[]` and spaces. + Value *string `json:"value,omitempty"` } // GCPResourceTagApplyConfiguration constructs a declarative configuration of the GCPResourceTag type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/githubidentityprovider.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/githubidentityprovider.go index c797463d3..4d91aa734 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/githubidentityprovider.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/githubidentityprovider.go @@ -4,13 +4,33 @@ package v1 // GitHubIdentityProviderApplyConfiguration represents a declarative configuration of the GitHubIdentityProvider type for use // with apply. +// +// GitHubIdentityProvider provides identities for users authenticating using GitHub credentials type GitHubIdentityProviderApplyConfiguration struct { - ClientID *string `json:"clientID,omitempty"` - ClientSecret *SecretNameReferenceApplyConfiguration `json:"clientSecret,omitempty"` - Organizations []string `json:"organizations,omitempty"` - Teams []string `json:"teams,omitempty"` - Hostname *string `json:"hostname,omitempty"` - CA *ConfigMapNameReferenceApplyConfiguration `json:"ca,omitempty"` + // clientID is the oauth client ID + ClientID *string `json:"clientID,omitempty"` + // clientSecret is a required reference to the secret by name containing the oauth client secret. + // The key "clientSecret" is used to locate the data. + // If the secret or expected key is not found, the identity provider is not honored. + // The namespace for this secret is openshift-config. + ClientSecret *SecretNameReferenceApplyConfiguration `json:"clientSecret,omitempty"` + // organizations optionally restricts which organizations are allowed to log in + Organizations []string `json:"organizations,omitempty"` + // teams optionally restricts which teams are allowed to log in. Format is /. + Teams []string `json:"teams,omitempty"` + // hostname is the optional domain (e.g. "mycompany.com") for use with a hosted instance of + // GitHub Enterprise. + // It must match the GitHub Enterprise settings value configured at /setup/settings#hostname. + Hostname *string `json:"hostname,omitempty"` + // ca is an optional reference to a config map by name containing the PEM-encoded CA bundle. + // It is used as a trust anchor to validate the TLS certificate presented by the remote server. + // The key "ca.crt" is used to locate the data. + // If specified and the config map or expected key is not found, the identity provider is not honored. + // If the specified ca data is not valid, the identity provider is not honored. + // If empty, the default system roots are used. + // This can only be configured when hostname is set to a non-empty value. + // The namespace for this config map is openshift-config. + CA *ConfigMapNameReferenceApplyConfiguration `json:"ca,omitempty"` } // GitHubIdentityProviderApplyConfiguration constructs a declarative configuration of the GitHubIdentityProvider type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/gitlabidentityprovider.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/gitlabidentityprovider.go index e6a542e1c..8faa741ae 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/gitlabidentityprovider.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/gitlabidentityprovider.go @@ -4,11 +4,26 @@ package v1 // GitLabIdentityProviderApplyConfiguration represents a declarative configuration of the GitLabIdentityProvider type for use // with apply. +// +// GitLabIdentityProvider provides identities for users authenticating using GitLab credentials type GitLabIdentityProviderApplyConfiguration struct { - ClientID *string `json:"clientID,omitempty"` - ClientSecret *SecretNameReferenceApplyConfiguration `json:"clientSecret,omitempty"` - URL *string `json:"url,omitempty"` - CA *ConfigMapNameReferenceApplyConfiguration `json:"ca,omitempty"` + // clientID is the oauth client ID + ClientID *string `json:"clientID,omitempty"` + // clientSecret is a required reference to the secret by name containing the oauth client secret. + // The key "clientSecret" is used to locate the data. + // If the secret or expected key is not found, the identity provider is not honored. + // The namespace for this secret is openshift-config. + ClientSecret *SecretNameReferenceApplyConfiguration `json:"clientSecret,omitempty"` + // url is the oauth server base URL + URL *string `json:"url,omitempty"` + // ca is an optional reference to a config map by name containing the PEM-encoded CA bundle. + // It is used as a trust anchor to validate the TLS certificate presented by the remote server. + // The key "ca.crt" is used to locate the data. + // If specified and the config map or expected key is not found, the identity provider is not honored. + // If the specified ca data is not valid, the identity provider is not honored. + // If empty, the default system roots are used. + // The namespace for this config map is openshift-config. + CA *ConfigMapNameReferenceApplyConfiguration `json:"ca,omitempty"` } // GitLabIdentityProviderApplyConfiguration constructs a declarative configuration of the GitLabIdentityProvider type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/googleidentityprovider.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/googleidentityprovider.go index d82868069..f6d6a381d 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/googleidentityprovider.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/googleidentityprovider.go @@ -4,10 +4,18 @@ package v1 // GoogleIdentityProviderApplyConfiguration represents a declarative configuration of the GoogleIdentityProvider type for use // with apply. +// +// GoogleIdentityProvider provides identities for users authenticating using Google credentials type GoogleIdentityProviderApplyConfiguration struct { - ClientID *string `json:"clientID,omitempty"` + // clientID is the oauth client ID + ClientID *string `json:"clientID,omitempty"` + // clientSecret is a required reference to the secret by name containing the oauth client secret. + // The key "clientSecret" is used to locate the data. + // If the secret or expected key is not found, the identity provider is not honored. + // The namespace for this secret is openshift-config. ClientSecret *SecretNameReferenceApplyConfiguration `json:"clientSecret,omitempty"` - HostedDomain *string `json:"hostedDomain,omitempty"` + // hostedDomain is the optional Google App domain (e.g. "mycompany.com") to restrict logins to + HostedDomain *string `json:"hostedDomain,omitempty"` } // GoogleIdentityProviderApplyConfiguration constructs a declarative configuration of the GoogleIdentityProvider type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/htpasswdidentityprovider.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/htpasswdidentityprovider.go index f5c689bbe..8ebbe1602 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/htpasswdidentityprovider.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/htpasswdidentityprovider.go @@ -4,7 +4,14 @@ package v1 // HTPasswdIdentityProviderApplyConfiguration represents a declarative configuration of the HTPasswdIdentityProvider type for use // with apply. +// +// HTPasswdPasswordIdentityProvider provides identities for users authenticating using htpasswd credentials type HTPasswdIdentityProviderApplyConfiguration struct { + // fileData is a required reference to a secret by name containing the data to use as the htpasswd file. + // The key "htpasswd" is used to locate the data. + // If the secret or expected key is not found, the identity provider is not honored. + // If the specified htpasswd data is not valid, the identity provider is not honored. + // The namespace for this secret is openshift-config. FileData *SecretNameReferenceApplyConfiguration `json:"fileData,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/hubsource.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/hubsource.go index 333802bfe..dbe7b9c8d 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/hubsource.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/hubsource.go @@ -4,9 +4,13 @@ package v1 // HubSourceApplyConfiguration represents a declarative configuration of the HubSource type for use // with apply. +// +// HubSource is used to specify the hub source and its configuration type HubSourceApplyConfiguration struct { - Name *string `json:"name,omitempty"` - Disabled *bool `json:"disabled,omitempty"` + // name is the name of one of the default hub sources + Name *string `json:"name,omitempty"` + // disabled is used to disable a default hub source on cluster + Disabled *bool `json:"disabled,omitempty"` } // HubSourceApplyConfiguration constructs a declarative configuration of the HubSource type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/hubsourcestatus.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/hubsourcestatus.go index 1688b1ce4..539e70b4e 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/hubsourcestatus.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/hubsourcestatus.go @@ -4,10 +4,15 @@ package v1 // HubSourceStatusApplyConfiguration represents a declarative configuration of the HubSourceStatus type for use // with apply. +// +// HubSourceStatus is used to reflect the current state of applying the +// configuration to a default source type HubSourceStatusApplyConfiguration struct { *HubSourceApplyConfiguration `json:"HubSource,omitempty"` - Status *string `json:"status,omitempty"` - Message *string `json:"message,omitempty"` + // status indicates success or failure in applying the configuration + Status *string `json:"status,omitempty"` + // message provides more information regarding failures + Message *string `json:"message,omitempty"` } // HubSourceStatusApplyConfiguration constructs a declarative configuration of the HubSourceStatus type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/ibmcloudplatformspec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/ibmcloudplatformspec.go index 7e0a8326d..43fa282c6 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/ibmcloudplatformspec.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/ibmcloudplatformspec.go @@ -4,7 +4,17 @@ package v1 // IBMCloudPlatformSpecApplyConfiguration represents a declarative configuration of the IBMCloudPlatformSpec type for use // with apply. +// +// IBMCloudPlatformSpec holds the desired state of the IBMCloud infrastructure provider. +// This only includes fields that can be modified in the cluster. type IBMCloudPlatformSpecApplyConfiguration struct { + // serviceEndpoints is a list of custom endpoints which will override the default + // service endpoints of an IBM service. These endpoints are used by components + // within the cluster when trying to reach the IBM Cloud Services that have been + // overridden. The CCCMO reads in the IBMCloudPlatformSpec and validates each + // endpoint is resolvable. Once validated, the cloud config and IBMCloudPlatformStatus + // are updated to reflect the same custom endpoints. + // A maximum of 13 service endpoints overrides are supported. ServiceEndpoints []IBMCloudServiceEndpointApplyConfiguration `json:"serviceEndpoints,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/ibmcloudplatformstatus.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/ibmcloudplatformstatus.go index 48c17c9cb..a3fd567bb 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/ibmcloudplatformstatus.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/ibmcloudplatformstatus.go @@ -8,13 +8,28 @@ import ( // IBMCloudPlatformStatusApplyConfiguration represents a declarative configuration of the IBMCloudPlatformStatus type for use // with apply. +// +// IBMCloudPlatformStatus holds the current status of the IBMCloud infrastructure provider. type IBMCloudPlatformStatusApplyConfiguration struct { - Location *string `json:"location,omitempty"` - ResourceGroupName *string `json:"resourceGroupName,omitempty"` - ProviderType *configv1.IBMCloudProviderType `json:"providerType,omitempty"` - CISInstanceCRN *string `json:"cisInstanceCRN,omitempty"` - DNSInstanceCRN *string `json:"dnsInstanceCRN,omitempty"` - ServiceEndpoints []IBMCloudServiceEndpointApplyConfiguration `json:"serviceEndpoints,omitempty"` + // location is where the cluster has been deployed + Location *string `json:"location,omitempty"` + // resourceGroupName is the Resource Group for new IBMCloud resources created for the cluster. + ResourceGroupName *string `json:"resourceGroupName,omitempty"` + // providerType indicates the type of cluster that was created + ProviderType *configv1.IBMCloudProviderType `json:"providerType,omitempty"` + // cisInstanceCRN is the CRN of the Cloud Internet Services instance managing + // the DNS zone for the cluster's base domain + CISInstanceCRN *string `json:"cisInstanceCRN,omitempty"` + // dnsInstanceCRN is the CRN of the DNS Services instance managing the DNS zone + // for the cluster's base domain + DNSInstanceCRN *string `json:"dnsInstanceCRN,omitempty"` + // serviceEndpoints is a list of custom endpoints which will override the default + // service endpoints of an IBM service. These endpoints are used by components + // within the cluster when trying to reach the IBM Cloud Services that have been + // overridden. The CCCMO reads in the IBMCloudPlatformSpec and validates each + // endpoint is resolvable. Once validated, the cloud config and IBMCloudPlatformStatus + // are updated to reflect the same custom endpoints. + ServiceEndpoints []IBMCloudServiceEndpointApplyConfiguration `json:"serviceEndpoints,omitempty"` } // IBMCloudPlatformStatusApplyConfiguration constructs a declarative configuration of the IBMCloudPlatformStatus type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/ibmcloudserviceendpoint.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/ibmcloudserviceendpoint.go index daec88ba5..825d9b6cb 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/ibmcloudserviceendpoint.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/ibmcloudserviceendpoint.go @@ -8,9 +8,22 @@ import ( // IBMCloudServiceEndpointApplyConfiguration represents a declarative configuration of the IBMCloudServiceEndpoint type for use // with apply. +// +// IBMCloudServiceEndpoint stores the configuration of a custom url to +// override existing defaults of IBM Cloud Services. type IBMCloudServiceEndpointApplyConfiguration struct { + // name is the name of the IBM Cloud service. + // Possible values are: CIS, COS, COSConfig, DNSServices, GlobalCatalog, GlobalSearch, GlobalTagging, HyperProtect, IAM, KeyProtect, ResourceController, ResourceManager, or VPC. + // For example, the IBM Cloud Private IAM service could be configured with the + // service `name` of `IAM` and `url` of `https://private.iam.cloud.ibm.com` + // Whereas the IBM Cloud Private VPC service for US South (Dallas) could be configured + // with the service `name` of `VPC` and `url` of `https://us.south.private.iaas.cloud.ibm.com` Name *configv1.IBMCloudServiceName `json:"name,omitempty"` - URL *string `json:"url,omitempty"` + // url is fully qualified URI with scheme https, that overrides the default generated + // endpoint for a client. + // This must be provided and cannot be empty. The path must follow the pattern + // /v[0,9]+ or /api/v[0,9]+ + URL *string `json:"url,omitempty"` } // IBMCloudServiceEndpointApplyConfiguration constructs a declarative configuration of the IBMCloudServiceEndpoint type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/identityprovider.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/identityprovider.go index 4e726d085..7dc10c3e9 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/identityprovider.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/identityprovider.go @@ -8,8 +8,16 @@ import ( // IdentityProviderApplyConfiguration represents a declarative configuration of the IdentityProvider type for use // with apply. +// +// IdentityProvider provides identities for users authenticating using credentials type IdentityProviderApplyConfiguration struct { - Name *string `json:"name,omitempty"` + // name is used to qualify the identities returned by this provider. + // - It MUST be unique and not shared by any other identity provider used + // - It MUST be a valid path segment: name cannot equal "." or ".." or contain "/" or "%" or ":" + // Ref: https://godoc.org/github.com/openshift/origin/pkg/user/apis/user/validation#ValidateIdentityProviderName + Name *string `json:"name,omitempty"` + // mappingMethod determines how identities from this provider are mapped to users + // Defaults to "claim" MappingMethod *configv1.MappingMethodType `json:"mappingMethod,omitempty"` IdentityProviderConfigApplyConfiguration `json:",inline"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/identityproviderconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/identityproviderconfig.go index 1ff6d99a7..f0bcdab70 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/identityproviderconfig.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/identityproviderconfig.go @@ -8,16 +8,28 @@ import ( // IdentityProviderConfigApplyConfiguration represents a declarative configuration of the IdentityProviderConfig type for use // with apply. +// +// IdentityProviderConfig contains configuration for using a specific identity provider type IdentityProviderConfigApplyConfiguration struct { - Type *configv1.IdentityProviderType `json:"type,omitempty"` - BasicAuth *BasicAuthIdentityProviderApplyConfiguration `json:"basicAuth,omitempty"` - GitHub *GitHubIdentityProviderApplyConfiguration `json:"github,omitempty"` - GitLab *GitLabIdentityProviderApplyConfiguration `json:"gitlab,omitempty"` - Google *GoogleIdentityProviderApplyConfiguration `json:"google,omitempty"` - HTPasswd *HTPasswdIdentityProviderApplyConfiguration `json:"htpasswd,omitempty"` - Keystone *KeystoneIdentityProviderApplyConfiguration `json:"keystone,omitempty"` - LDAP *LDAPIdentityProviderApplyConfiguration `json:"ldap,omitempty"` - OpenID *OpenIDIdentityProviderApplyConfiguration `json:"openID,omitempty"` + // type identifies the identity provider type for this entry. + Type *configv1.IdentityProviderType `json:"type,omitempty"` + // basicAuth contains configuration options for the BasicAuth IdP + BasicAuth *BasicAuthIdentityProviderApplyConfiguration `json:"basicAuth,omitempty"` + // github enables user authentication using GitHub credentials + GitHub *GitHubIdentityProviderApplyConfiguration `json:"github,omitempty"` + // gitlab enables user authentication using GitLab credentials + GitLab *GitLabIdentityProviderApplyConfiguration `json:"gitlab,omitempty"` + // google enables user authentication using Google credentials + Google *GoogleIdentityProviderApplyConfiguration `json:"google,omitempty"` + // htpasswd enables user authentication using an HTPasswd file to validate credentials + HTPasswd *HTPasswdIdentityProviderApplyConfiguration `json:"htpasswd,omitempty"` + // keystone enables user authentication using keystone password credentials + Keystone *KeystoneIdentityProviderApplyConfiguration `json:"keystone,omitempty"` + // ldap enables user authentication using LDAP credentials + LDAP *LDAPIdentityProviderApplyConfiguration `json:"ldap,omitempty"` + // openID enables user authentication using OpenID credentials + OpenID *OpenIDIdentityProviderApplyConfiguration `json:"openID,omitempty"` + // requestHeader enables user authentication using request header credentials RequestHeader *RequestHeaderIdentityProviderApplyConfiguration `json:"requestHeader,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/image.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/image.go index 666ef86eb..7007b836b 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/image.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/image.go @@ -13,11 +13,24 @@ import ( // ImageApplyConfiguration represents a declarative configuration of the Image type for use // with apply. +// +// Image governs policies related to imagestream imports and runtime configuration +// for external registries. It allows cluster admins to configure which registries +// OpenShift is allowed to import images from, extra CA trust bundles for external +// registries, and policies to block or allow registry hostnames. +// When exposing OpenShift's image registry to the public, this also lets cluster +// admins specify the external hostname. +// +// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). type ImageApplyConfiguration struct { - metav1.TypeMetaApplyConfiguration `json:",inline"` + metav1.TypeMetaApplyConfiguration `json:",inline"` + // metadata is the standard object's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata *metav1.ObjectMetaApplyConfiguration `json:"metadata,omitempty"` - Spec *ImageSpecApplyConfiguration `json:"spec,omitempty"` - Status *ImageStatusApplyConfiguration `json:"status,omitempty"` + // spec holds user settable values for configuration + Spec *ImageSpecApplyConfiguration `json:"spec,omitempty"` + // status holds observed values from the cluster. They may not be overridden. + Status *ImageStatusApplyConfiguration `json:"status,omitempty"` } // Image constructs a declarative configuration of the Image type for use with @@ -30,6 +43,26 @@ func Image(name string) *ImageApplyConfiguration { return b } +// ExtractImageFrom extracts the applied configuration owned by fieldManager from +// image for the specified subresource. Pass an empty string for subresource to extract +// the main resource. Common subresources include "status", "scale", etc. +// image must be a unmodified Image API object that was retrieved from the Kubernetes API. +// ExtractImageFrom provides a way to perform a extract/modify-in-place/apply workflow. +// Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously +// applied if another fieldManager has updated or force applied any of the previously applied fields. +func ExtractImageFrom(image *configv1.Image, fieldManager string, subresource string) (*ImageApplyConfiguration, error) { + b := &ImageApplyConfiguration{} + err := managedfields.ExtractInto(image, internal.Parser().Type("com.github.openshift.api.config.v1.Image"), fieldManager, b, subresource) + if err != nil { + return nil, err + } + b.WithName(image.Name) + + b.WithKind("Image") + b.WithAPIVersion("config.openshift.io/v1") + return b, nil +} + // ExtractImage extracts the applied configuration owned by fieldManager from // image. If no managedFields are found in image for fieldManager, a // ImageApplyConfiguration is returned with only the Name, Namespace (if applicable), @@ -40,30 +73,16 @@ func Image(name string) *ImageApplyConfiguration { // ExtractImage provides a way to perform a extract/modify-in-place/apply workflow. // Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously // applied if another fieldManager has updated or force applied any of the previously applied fields. -// Experimental! func ExtractImage(image *configv1.Image, fieldManager string) (*ImageApplyConfiguration, error) { - return extractImage(image, fieldManager, "") + return ExtractImageFrom(image, fieldManager, "") } -// ExtractImageStatus is the same as ExtractImage except -// that it extracts the status subresource applied configuration. -// Experimental! +// ExtractImageStatus extracts the applied configuration owned by fieldManager from +// image for the status subresource. func ExtractImageStatus(image *configv1.Image, fieldManager string) (*ImageApplyConfiguration, error) { - return extractImage(image, fieldManager, "status") + return ExtractImageFrom(image, fieldManager, "status") } -func extractImage(image *configv1.Image, fieldManager string, subresource string) (*ImageApplyConfiguration, error) { - b := &ImageApplyConfiguration{} - err := managedfields.ExtractInto(image, internal.Parser().Type("com.github.openshift.api.config.v1.Image"), fieldManager, b, subresource) - if err != nil { - return nil, err - } - b.WithName(image.Name) - - b.WithKind("Image") - b.WithAPIVersion("config.openshift.io/v1") - return b, nil -} func (b ImageApplyConfiguration) IsApplyConfiguration() {} // WithKind sets the Kind field in the declarative configuration to the given value diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagecontentpolicy.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagecontentpolicy.go index 4235d2f51..8dfc184b0 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagecontentpolicy.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagecontentpolicy.go @@ -13,10 +13,18 @@ import ( // ImageContentPolicyApplyConfiguration represents a declarative configuration of the ImageContentPolicy type for use // with apply. +// +// ImageContentPolicy holds cluster-wide information about how to handle registry mirror rules. +// When multiple policies are defined, the outcome of the behavior is defined on each field. +// +// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). type ImageContentPolicyApplyConfiguration struct { - metav1.TypeMetaApplyConfiguration `json:",inline"` + metav1.TypeMetaApplyConfiguration `json:",inline"` + // metadata is the standard object's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata *metav1.ObjectMetaApplyConfiguration `json:"metadata,omitempty"` - Spec *ImageContentPolicySpecApplyConfiguration `json:"spec,omitempty"` + // spec holds user settable values for configuration + Spec *ImageContentPolicySpecApplyConfiguration `json:"spec,omitempty"` } // ImageContentPolicy constructs a declarative configuration of the ImageContentPolicy type for use with @@ -29,29 +37,14 @@ func ImageContentPolicy(name string) *ImageContentPolicyApplyConfiguration { return b } -// ExtractImageContentPolicy extracts the applied configuration owned by fieldManager from -// imageContentPolicy. If no managedFields are found in imageContentPolicy for fieldManager, a -// ImageContentPolicyApplyConfiguration is returned with only the Name, Namespace (if applicable), -// APIVersion and Kind populated. It is possible that no managed fields were found for because other -// field managers have taken ownership of all the fields previously owned by fieldManager, or because -// the fieldManager never owned fields any fields. +// ExtractImageContentPolicyFrom extracts the applied configuration owned by fieldManager from +// imageContentPolicy for the specified subresource. Pass an empty string for subresource to extract +// the main resource. Common subresources include "status", "scale", etc. // imageContentPolicy must be a unmodified ImageContentPolicy API object that was retrieved from the Kubernetes API. -// ExtractImageContentPolicy provides a way to perform a extract/modify-in-place/apply workflow. +// ExtractImageContentPolicyFrom provides a way to perform a extract/modify-in-place/apply workflow. // Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously // applied if another fieldManager has updated or force applied any of the previously applied fields. -// Experimental! -func ExtractImageContentPolicy(imageContentPolicy *configv1.ImageContentPolicy, fieldManager string) (*ImageContentPolicyApplyConfiguration, error) { - return extractImageContentPolicy(imageContentPolicy, fieldManager, "") -} - -// ExtractImageContentPolicyStatus is the same as ExtractImageContentPolicy except -// that it extracts the status subresource applied configuration. -// Experimental! -func ExtractImageContentPolicyStatus(imageContentPolicy *configv1.ImageContentPolicy, fieldManager string) (*ImageContentPolicyApplyConfiguration, error) { - return extractImageContentPolicy(imageContentPolicy, fieldManager, "status") -} - -func extractImageContentPolicy(imageContentPolicy *configv1.ImageContentPolicy, fieldManager string, subresource string) (*ImageContentPolicyApplyConfiguration, error) { +func ExtractImageContentPolicyFrom(imageContentPolicy *configv1.ImageContentPolicy, fieldManager string, subresource string) (*ImageContentPolicyApplyConfiguration, error) { b := &ImageContentPolicyApplyConfiguration{} err := managedfields.ExtractInto(imageContentPolicy, internal.Parser().Type("com.github.openshift.api.config.v1.ImageContentPolicy"), fieldManager, b, subresource) if err != nil { @@ -63,6 +56,21 @@ func extractImageContentPolicy(imageContentPolicy *configv1.ImageContentPolicy, b.WithAPIVersion("config.openshift.io/v1") return b, nil } + +// ExtractImageContentPolicy extracts the applied configuration owned by fieldManager from +// imageContentPolicy. If no managedFields are found in imageContentPolicy for fieldManager, a +// ImageContentPolicyApplyConfiguration is returned with only the Name, Namespace (if applicable), +// APIVersion and Kind populated. It is possible that no managed fields were found for because other +// field managers have taken ownership of all the fields previously owned by fieldManager, or because +// the fieldManager never owned fields any fields. +// imageContentPolicy must be a unmodified ImageContentPolicy API object that was retrieved from the Kubernetes API. +// ExtractImageContentPolicy provides a way to perform a extract/modify-in-place/apply workflow. +// Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously +// applied if another fieldManager has updated or force applied any of the previously applied fields. +func ExtractImageContentPolicy(imageContentPolicy *configv1.ImageContentPolicy, fieldManager string) (*ImageContentPolicyApplyConfiguration, error) { + return ExtractImageContentPolicyFrom(imageContentPolicy, fieldManager, "") +} + func (b ImageContentPolicyApplyConfiguration) IsApplyConfiguration() {} // WithKind sets the Kind field in the declarative configuration to the given value diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagecontentpolicyspec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagecontentpolicyspec.go index ea674157c..35a082408 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagecontentpolicyspec.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagecontentpolicyspec.go @@ -4,7 +4,27 @@ package v1 // ImageContentPolicySpecApplyConfiguration represents a declarative configuration of the ImageContentPolicySpec type for use // with apply. +// +// ImageContentPolicySpec is the specification of the ImageContentPolicy CRD. type ImageContentPolicySpecApplyConfiguration struct { + // repositoryDigestMirrors allows images referenced by image digests in pods to be + // pulled from alternative mirrored repository locations. The image pull specification + // provided to the pod will be compared to the source locations described in RepositoryDigestMirrors + // and the image may be pulled down from any of the mirrors in the list instead of the + // specified repository allowing administrators to choose a potentially faster mirror. + // To pull image from mirrors by tags, should set the "allowMirrorByTags". + // + // Each “source” repository is treated independently; configurations for different “source” + // repositories don’t interact. + // + // If the "mirrors" is not specified, the image will continue to be pulled from the specified + // repository in the pull spec. + // + // When multiple policies are defined for the same “source” repository, the sets of defined + // mirrors will be merged together, preserving the relative order of the mirrors, if possible. + // For example, if policy A has mirrors `a, b, c` and policy B has mirrors `c, d, e`, the + // mirrors will be used in the order `a, b, c, d, e`. If the orders of mirror entries conflict + // (e.g. `a, b` vs. `b, a`) the configuration is not rejected but the resulting order is unspecified. RepositoryDigestMirrors []RepositoryDigestMirrorsApplyConfiguration `json:"repositoryDigestMirrors,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagedigestmirrors.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagedigestmirrors.go index d6c57cb7f..367135ed1 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagedigestmirrors.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagedigestmirrors.go @@ -8,9 +8,42 @@ import ( // ImageDigestMirrorsApplyConfiguration represents a declarative configuration of the ImageDigestMirrors type for use // with apply. +// +// ImageDigestMirrors holds cluster-wide information about how to handle mirrors in the registries config. type ImageDigestMirrorsApplyConfiguration struct { - Source *string `json:"source,omitempty"` - Mirrors []configv1.ImageMirror `json:"mirrors,omitempty"` + // source matches the repository that users refer to, e.g. in image pull specifications. Setting source to a registry hostname + // e.g. docker.io. quay.io, or registry.redhat.io, will match the image pull specification of corressponding registry. + // "source" uses one of the following formats: + // host[:port] + // host[:port]/namespace[/namespace…] + // host[:port]/namespace[/namespace…]/repo + // [*.]host + // for more information about the format, see the document about the location field: + // https://github.com/containers/image/blob/main/docs/containers-registries.conf.5.md#choosing-a-registry-toml-table + Source *string `json:"source,omitempty"` + // mirrors is zero or more locations that may also contain the same images. No mirror will be configured if not specified. + // Images can be pulled from these mirrors only if they are referenced by their digests. + // The mirrored location is obtained by replacing the part of the input reference that + // matches source by the mirrors entry, e.g. for registry.redhat.io/product/repo reference, + // a (source, mirror) pair *.redhat.io, mirror.local/redhat causes a mirror.local/redhat/product/repo + // repository to be used. + // The order of mirrors in this list is treated as the user's desired priority, while source + // is by default considered lower priority than all mirrors. + // If no mirror is specified or all image pulls from the mirror list fail, the image will continue to be + // pulled from the repository in the pull spec unless explicitly prohibited by "mirrorSourcePolicy" + // Other cluster configuration, including (but not limited to) other imageDigestMirrors objects, + // may impact the exact order mirrors are contacted in, or some mirrors may be contacted + // in parallel, so this should be considered a preference rather than a guarantee of ordering. + // "mirrors" uses one of the following formats: + // host[:port] + // host[:port]/namespace[/namespace…] + // host[:port]/namespace[/namespace…]/repo + // for more information about the format, see the document about the location field: + // https://github.com/containers/image/blob/main/docs/containers-registries.conf.5.md#choosing-a-registry-toml-table + Mirrors []configv1.ImageMirror `json:"mirrors,omitempty"` + // mirrorSourcePolicy defines the fallback policy if fails to pull image from the mirrors. + // If unset, the image will continue to be pulled from the the repository in the pull spec. + // sourcePolicy is valid configuration only when one or more mirrors are in the mirror list. MirrorSourcePolicy *configv1.MirrorSourcePolicy `json:"mirrorSourcePolicy,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagedigestmirrorset.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagedigestmirrorset.go index 1e4bb2857..e811970ae 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagedigestmirrorset.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagedigestmirrorset.go @@ -13,11 +13,20 @@ import ( // ImageDigestMirrorSetApplyConfiguration represents a declarative configuration of the ImageDigestMirrorSet type for use // with apply. +// +// ImageDigestMirrorSet holds cluster-wide information about how to handle registry mirror rules on using digest pull specification. +// When multiple policies are defined, the outcome of the behavior is defined on each field. +// +// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). type ImageDigestMirrorSetApplyConfiguration struct { - metav1.TypeMetaApplyConfiguration `json:",inline"` + metav1.TypeMetaApplyConfiguration `json:",inline"` + // metadata is the standard object's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata *metav1.ObjectMetaApplyConfiguration `json:"metadata,omitempty"` - Spec *ImageDigestMirrorSetSpecApplyConfiguration `json:"spec,omitempty"` - Status *configv1.ImageDigestMirrorSetStatus `json:"status,omitempty"` + // spec holds user settable values for configuration + Spec *ImageDigestMirrorSetSpecApplyConfiguration `json:"spec,omitempty"` + // status contains the observed state of the resource. + Status *configv1.ImageDigestMirrorSetStatus `json:"status,omitempty"` } // ImageDigestMirrorSet constructs a declarative configuration of the ImageDigestMirrorSet type for use with @@ -30,6 +39,26 @@ func ImageDigestMirrorSet(name string) *ImageDigestMirrorSetApplyConfiguration { return b } +// ExtractImageDigestMirrorSetFrom extracts the applied configuration owned by fieldManager from +// imageDigestMirrorSet for the specified subresource. Pass an empty string for subresource to extract +// the main resource. Common subresources include "status", "scale", etc. +// imageDigestMirrorSet must be a unmodified ImageDigestMirrorSet API object that was retrieved from the Kubernetes API. +// ExtractImageDigestMirrorSetFrom provides a way to perform a extract/modify-in-place/apply workflow. +// Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously +// applied if another fieldManager has updated or force applied any of the previously applied fields. +func ExtractImageDigestMirrorSetFrom(imageDigestMirrorSet *configv1.ImageDigestMirrorSet, fieldManager string, subresource string) (*ImageDigestMirrorSetApplyConfiguration, error) { + b := &ImageDigestMirrorSetApplyConfiguration{} + err := managedfields.ExtractInto(imageDigestMirrorSet, internal.Parser().Type("com.github.openshift.api.config.v1.ImageDigestMirrorSet"), fieldManager, b, subresource) + if err != nil { + return nil, err + } + b.WithName(imageDigestMirrorSet.Name) + + b.WithKind("ImageDigestMirrorSet") + b.WithAPIVersion("config.openshift.io/v1") + return b, nil +} + // ExtractImageDigestMirrorSet extracts the applied configuration owned by fieldManager from // imageDigestMirrorSet. If no managedFields are found in imageDigestMirrorSet for fieldManager, a // ImageDigestMirrorSetApplyConfiguration is returned with only the Name, Namespace (if applicable), @@ -40,30 +69,16 @@ func ImageDigestMirrorSet(name string) *ImageDigestMirrorSetApplyConfiguration { // ExtractImageDigestMirrorSet provides a way to perform a extract/modify-in-place/apply workflow. // Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously // applied if another fieldManager has updated or force applied any of the previously applied fields. -// Experimental! func ExtractImageDigestMirrorSet(imageDigestMirrorSet *configv1.ImageDigestMirrorSet, fieldManager string) (*ImageDigestMirrorSetApplyConfiguration, error) { - return extractImageDigestMirrorSet(imageDigestMirrorSet, fieldManager, "") + return ExtractImageDigestMirrorSetFrom(imageDigestMirrorSet, fieldManager, "") } -// ExtractImageDigestMirrorSetStatus is the same as ExtractImageDigestMirrorSet except -// that it extracts the status subresource applied configuration. -// Experimental! +// ExtractImageDigestMirrorSetStatus extracts the applied configuration owned by fieldManager from +// imageDigestMirrorSet for the status subresource. func ExtractImageDigestMirrorSetStatus(imageDigestMirrorSet *configv1.ImageDigestMirrorSet, fieldManager string) (*ImageDigestMirrorSetApplyConfiguration, error) { - return extractImageDigestMirrorSet(imageDigestMirrorSet, fieldManager, "status") + return ExtractImageDigestMirrorSetFrom(imageDigestMirrorSet, fieldManager, "status") } -func extractImageDigestMirrorSet(imageDigestMirrorSet *configv1.ImageDigestMirrorSet, fieldManager string, subresource string) (*ImageDigestMirrorSetApplyConfiguration, error) { - b := &ImageDigestMirrorSetApplyConfiguration{} - err := managedfields.ExtractInto(imageDigestMirrorSet, internal.Parser().Type("com.github.openshift.api.config.v1.ImageDigestMirrorSet"), fieldManager, b, subresource) - if err != nil { - return nil, err - } - b.WithName(imageDigestMirrorSet.Name) - - b.WithKind("ImageDigestMirrorSet") - b.WithAPIVersion("config.openshift.io/v1") - return b, nil -} func (b ImageDigestMirrorSetApplyConfiguration) IsApplyConfiguration() {} // WithKind sets the Kind field in the declarative configuration to the given value diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagedigestmirrorsetspec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagedigestmirrorsetspec.go index fbb9d48ca..298071a6b 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagedigestmirrorsetspec.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagedigestmirrorsetspec.go @@ -4,7 +4,34 @@ package v1 // ImageDigestMirrorSetSpecApplyConfiguration represents a declarative configuration of the ImageDigestMirrorSetSpec type for use // with apply. +// +// ImageDigestMirrorSetSpec is the specification of the ImageDigestMirrorSet CRD. type ImageDigestMirrorSetSpecApplyConfiguration struct { + // imageDigestMirrors allows images referenced by image digests in pods to be + // pulled from alternative mirrored repository locations. The image pull specification + // provided to the pod will be compared to the source locations described in imageDigestMirrors + // and the image may be pulled down from any of the mirrors in the list instead of the + // specified repository allowing administrators to choose a potentially faster mirror. + // To use mirrors to pull images using tag specification, users should configure + // a list of mirrors using "ImageTagMirrorSet" CRD. + // + // If the image pull specification matches the repository of "source" in multiple imagedigestmirrorset objects, + // only the objects which define the most specific namespace match will be used. + // For example, if there are objects using quay.io/libpod and quay.io/libpod/busybox as + // the "source", only the objects using quay.io/libpod/busybox are going to apply + // for pull specification quay.io/libpod/busybox. + // Each “source” repository is treated independently; configurations for different “source” + // repositories don’t interact. + // + // If the "mirrors" is not specified, the image will continue to be pulled from the specified + // repository in the pull spec. + // + // When multiple policies are defined for the same “source” repository, the sets of defined + // mirrors will be merged together, preserving the relative order of the mirrors, if possible. + // For example, if policy A has mirrors `a, b, c` and policy B has mirrors `c, d, e`, the + // mirrors will be used in the order `a, b, c, d, e`. If the orders of mirror entries conflict + // (e.g. `a, b` vs. `b, a`) the configuration is not rejected but the resulting order is unspecified. + // Users who want to use a specific order of mirrors, should configure them into one list of mirrors using the expected order. ImageDigestMirrors []ImageDigestMirrorsApplyConfiguration `json:"imageDigestMirrors,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagelabel.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagelabel.go index 1d1910547..6f970d19c 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagelabel.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagelabel.go @@ -5,7 +5,9 @@ package v1 // ImageLabelApplyConfiguration represents a declarative configuration of the ImageLabel type for use // with apply. type ImageLabelApplyConfiguration struct { - Name *string `json:"name,omitempty"` + // name defines the name of the label. It must have non-zero length. + Name *string `json:"name,omitempty"` + // value defines the literal value of the label. Value *string `json:"value,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagepolicy.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagepolicy.go index 6ae64c679..87162e7b3 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagepolicy.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagepolicy.go @@ -13,11 +13,19 @@ import ( // ImagePolicyApplyConfiguration represents a declarative configuration of the ImagePolicy type for use // with apply. +// +// # ImagePolicy holds namespace-wide configuration for image signature verification +// +// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). type ImagePolicyApplyConfiguration struct { - metav1.TypeMetaApplyConfiguration `json:",inline"` + metav1.TypeMetaApplyConfiguration `json:",inline"` + // metadata is the standard object's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata *metav1.ObjectMetaApplyConfiguration `json:"metadata,omitempty"` - Spec *ImagePolicySpecApplyConfiguration `json:"spec,omitempty"` - Status *ImagePolicyStatusApplyConfiguration `json:"status,omitempty"` + // spec holds user settable values for configuration + Spec *ImagePolicySpecApplyConfiguration `json:"spec,omitempty"` + // status contains the observed state of the resource. + Status *ImagePolicyStatusApplyConfiguration `json:"status,omitempty"` } // ImagePolicy constructs a declarative configuration of the ImagePolicy type for use with @@ -31,6 +39,27 @@ func ImagePolicy(name, namespace string) *ImagePolicyApplyConfiguration { return b } +// ExtractImagePolicyFrom extracts the applied configuration owned by fieldManager from +// imagePolicy for the specified subresource. Pass an empty string for subresource to extract +// the main resource. Common subresources include "status", "scale", etc. +// imagePolicy must be a unmodified ImagePolicy API object that was retrieved from the Kubernetes API. +// ExtractImagePolicyFrom provides a way to perform a extract/modify-in-place/apply workflow. +// Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously +// applied if another fieldManager has updated or force applied any of the previously applied fields. +func ExtractImagePolicyFrom(imagePolicy *configv1.ImagePolicy, fieldManager string, subresource string) (*ImagePolicyApplyConfiguration, error) { + b := &ImagePolicyApplyConfiguration{} + err := managedfields.ExtractInto(imagePolicy, internal.Parser().Type("com.github.openshift.api.config.v1.ImagePolicy"), fieldManager, b, subresource) + if err != nil { + return nil, err + } + b.WithName(imagePolicy.Name) + b.WithNamespace(imagePolicy.Namespace) + + b.WithKind("ImagePolicy") + b.WithAPIVersion("config.openshift.io/v1") + return b, nil +} + // ExtractImagePolicy extracts the applied configuration owned by fieldManager from // imagePolicy. If no managedFields are found in imagePolicy for fieldManager, a // ImagePolicyApplyConfiguration is returned with only the Name, Namespace (if applicable), @@ -41,31 +70,16 @@ func ImagePolicy(name, namespace string) *ImagePolicyApplyConfiguration { // ExtractImagePolicy provides a way to perform a extract/modify-in-place/apply workflow. // Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously // applied if another fieldManager has updated or force applied any of the previously applied fields. -// Experimental! func ExtractImagePolicy(imagePolicy *configv1.ImagePolicy, fieldManager string) (*ImagePolicyApplyConfiguration, error) { - return extractImagePolicy(imagePolicy, fieldManager, "") + return ExtractImagePolicyFrom(imagePolicy, fieldManager, "") } -// ExtractImagePolicyStatus is the same as ExtractImagePolicy except -// that it extracts the status subresource applied configuration. -// Experimental! +// ExtractImagePolicyStatus extracts the applied configuration owned by fieldManager from +// imagePolicy for the status subresource. func ExtractImagePolicyStatus(imagePolicy *configv1.ImagePolicy, fieldManager string) (*ImagePolicyApplyConfiguration, error) { - return extractImagePolicy(imagePolicy, fieldManager, "status") + return ExtractImagePolicyFrom(imagePolicy, fieldManager, "status") } -func extractImagePolicy(imagePolicy *configv1.ImagePolicy, fieldManager string, subresource string) (*ImagePolicyApplyConfiguration, error) { - b := &ImagePolicyApplyConfiguration{} - err := managedfields.ExtractInto(imagePolicy, internal.Parser().Type("com.github.openshift.api.config.v1.ImagePolicy"), fieldManager, b, subresource) - if err != nil { - return nil, err - } - b.WithName(imagePolicy.Name) - b.WithNamespace(imagePolicy.Namespace) - - b.WithKind("ImagePolicy") - b.WithAPIVersion("config.openshift.io/v1") - return b, nil -} func (b ImagePolicyApplyConfiguration) IsApplyConfiguration() {} // WithKind sets the Kind field in the declarative configuration to the given value diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagepolicyfulciocawithrekorrootoftrust.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagepolicyfulciocawithrekorrootoftrust.go index a4c831fca..6baec09e7 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagepolicyfulciocawithrekorrootoftrust.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagepolicyfulciocawithrekorrootoftrust.go @@ -4,9 +4,16 @@ package v1 // ImagePolicyFulcioCAWithRekorRootOfTrustApplyConfiguration represents a declarative configuration of the ImagePolicyFulcioCAWithRekorRootOfTrust type for use // with apply. +// +// ImagePolicyFulcioCAWithRekorRootOfTrust defines the root of trust based on the Fulcio certificate and the Rekor public key. type ImagePolicyFulcioCAWithRekorRootOfTrustApplyConfiguration struct { - FulcioCAData []byte `json:"fulcioCAData,omitempty"` - RekorKeyData []byte `json:"rekorKeyData,omitempty"` + // fulcioCAData is a required field contains inline base64-encoded data for the PEM format fulcio CA. + // fulcioCAData must be at most 8192 characters. + FulcioCAData []byte `json:"fulcioCAData,omitempty"` + // rekorKeyData is a required field contains inline base64-encoded data for the PEM format from the Rekor public key. + // rekorKeyData must be at most 8192 characters. + RekorKeyData []byte `json:"rekorKeyData,omitempty"` + // fulcioSubject is a required field specifies OIDC issuer and the email of the Fulcio authentication configuration. FulcioSubject *PolicyFulcioSubjectApplyConfiguration `json:"fulcioSubject,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagepolicypkirootoftrust.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagepolicypkirootoftrust.go index 9a0c257b7..71b17fd0a 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagepolicypkirootoftrust.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagepolicypkirootoftrust.go @@ -4,10 +4,16 @@ package v1 // ImagePolicyPKIRootOfTrustApplyConfiguration represents a declarative configuration of the ImagePolicyPKIRootOfTrust type for use // with apply. +// +// ImagePolicyPKIRootOfTrust defines the root of trust based on Root CA(s) and corresponding intermediate certificates. type ImagePolicyPKIRootOfTrustApplyConfiguration struct { - CertificateAuthorityRootsData []byte `json:"caRootsData,omitempty"` - CertificateAuthorityIntermediatesData []byte `json:"caIntermediatesData,omitempty"` - PKICertificateSubject *PKICertificateSubjectApplyConfiguration `json:"pkiCertificateSubject,omitempty"` + // caRootsData contains base64-encoded data of a certificate bundle PEM file, which contains one or more CA roots in the PEM format. The total length of the data must not exceed 8192 characters. + CertificateAuthorityRootsData []byte `json:"caRootsData,omitempty"` + // caIntermediatesData contains base64-encoded data of a certificate bundle PEM file, which contains one or more intermediate certificates in the PEM format. The total length of the data must not exceed 8192 characters. + // caIntermediatesData requires caRootsData to be set. + CertificateAuthorityIntermediatesData []byte `json:"caIntermediatesData,omitempty"` + // pkiCertificateSubject defines the requirements imposed on the subject to which the certificate was issued. + PKICertificateSubject *PKICertificateSubjectApplyConfiguration `json:"pkiCertificateSubject,omitempty"` } // ImagePolicyPKIRootOfTrustApplyConfiguration constructs a declarative configuration of the ImagePolicyPKIRootOfTrust type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagepolicypublickeyrootoftrust.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagepolicypublickeyrootoftrust.go index a14457309..d7fa7f790 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagepolicypublickeyrootoftrust.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagepolicypublickeyrootoftrust.go @@ -4,8 +4,14 @@ package v1 // ImagePolicyPublicKeyRootOfTrustApplyConfiguration represents a declarative configuration of the ImagePolicyPublicKeyRootOfTrust type for use // with apply. +// +// ImagePolicyPublicKeyRootOfTrust defines the root of trust based on a sigstore public key. type ImagePolicyPublicKeyRootOfTrustApplyConfiguration struct { - KeyData []byte `json:"keyData,omitempty"` + // keyData is a required field contains inline base64-encoded data for the PEM format public key. + // keyData must be at most 8192 characters. + KeyData []byte `json:"keyData,omitempty"` + // rekorKeyData is an optional field contains inline base64-encoded data for the PEM format from the Rekor public key. + // rekorKeyData must be at most 8192 characters. RekorKeyData []byte `json:"rekorKeyData,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagepolicyspec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagepolicyspec.go index 321196469..64f972bd6 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagepolicyspec.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagepolicyspec.go @@ -8,8 +8,23 @@ import ( // ImagePolicySpecApplyConfiguration represents a declarative configuration of the ImagePolicySpec type for use // with apply. +// +// ImagePolicySpec is the specification of the ImagePolicy CRD. type ImagePolicySpecApplyConfiguration struct { - Scopes []configv1.ImageScope `json:"scopes,omitempty"` + // scopes is a required field that defines the list of image identities assigned to a policy. Each item refers to a scope in a registry implementing the "Docker Registry HTTP API V2". + // Scopes matching individual images are named Docker references in the fully expanded form, either using a tag or digest. For example, docker.io/library/busybox:latest (not busybox:latest). + // More general scopes are prefixes of individual-image scopes, and specify a repository (by omitting the tag or digest), a repository + // namespace, or a registry host (by only specifying the host name and possibly a port number) or a wildcard expression starting with `*.`, for matching all subdomains (not including a port number). + // Wildcards are only supported for subdomain matching, and may not be used in the middle of the host, i.e. *.example.com is a valid case, but example*.*.com is not. + // This support no more than 256 scopes in one object. If multiple scopes match a given image, only the policy requirements for the most specific scope apply. The policy requirements for more general scopes are ignored. + // In addition to setting a policy appropriate for your own deployed applications, make sure that a policy on the OpenShift image repositories + // quay.io/openshift-release-dev/ocp-release, quay.io/openshift-release-dev/ocp-v4.0-art-dev (or on a more general scope) allows deployment of the OpenShift images required for cluster operation. + // If a scope is configured in both the ClusterImagePolicy and the ImagePolicy, or if the scope in ImagePolicy is nested under one of the scopes from the ClusterImagePolicy, only the policy from the ClusterImagePolicy will be applied. + // For additional details about the format, please refer to the document explaining the docker transport field, + // which can be found at: https://github.com/containers/image/blob/main/docs/containers-policy.json.5.md#docker + Scopes []configv1.ImageScope `json:"scopes,omitempty"` + // policy is a required field that contains configuration to allow scopes to be verified, and defines how + // images not matching the verification policy will be treated. Policy *ImageSigstoreVerificationPolicyApplyConfiguration `json:"policy,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagepolicystatus.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagepolicystatus.go index aebb2698c..560eccb34 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagepolicystatus.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagepolicystatus.go @@ -9,6 +9,8 @@ import ( // ImagePolicyStatusApplyConfiguration represents a declarative configuration of the ImagePolicyStatus type for use // with apply. type ImagePolicyStatusApplyConfiguration struct { + // conditions provide details on the status of this API Resource. + // condition type 'Pending' indicates that the customer resource contains a policy that cannot take effect. It is either overwritten by a global policy or the image scope is not valid. Conditions []metav1.ConditionApplyConfiguration `json:"conditions,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagesigstoreverificationpolicy.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagesigstoreverificationpolicy.go index 6f0d5d2e7..c4fd11c68 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagesigstoreverificationpolicy.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagesigstoreverificationpolicy.go @@ -4,9 +4,15 @@ package v1 // ImageSigstoreVerificationPolicyApplyConfiguration represents a declarative configuration of the ImageSigstoreVerificationPolicy type for use // with apply. +// +// ImageSigstoreVerificationPolicy defines the verification policy for the items in the scopes list. type ImageSigstoreVerificationPolicyApplyConfiguration struct { - RootOfTrust *PolicyRootOfTrustApplyConfiguration `json:"rootOfTrust,omitempty"` - SignedIdentity *PolicyIdentityApplyConfiguration `json:"signedIdentity,omitempty"` + // rootOfTrust is a required field that defines the root of trust for verifying image signatures during retrieval. + // This allows image consumers to specify policyType and corresponding configuration of the policy, matching how the policy was generated. + RootOfTrust *PolicyRootOfTrustApplyConfiguration `json:"rootOfTrust,omitempty"` + // signedIdentity is an optional field specifies what image identity the signature claims about the image. This is useful when the image identity in the signature differs from the original image spec, such as when mirror registry is configured for the image scope, the signature from the mirror registry contains the image identity of the mirror instead of the original scope. + // The required matchPolicy field specifies the approach used in the verification process to verify the identity in the signature and the actual image identity, the default matchPolicy is "MatchRepoDigestOrExact". + SignedIdentity *PolicyIdentityApplyConfiguration `json:"signedIdentity,omitempty"` } // ImageSigstoreVerificationPolicyApplyConfiguration constructs a declarative configuration of the ImageSigstoreVerificationPolicy type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagespec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagespec.go index 2c3bf2687..401fa0f85 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagespec.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagespec.go @@ -9,11 +9,40 @@ import ( // ImageSpecApplyConfiguration represents a declarative configuration of the ImageSpec type for use // with apply. type ImageSpecApplyConfiguration struct { - AllowedRegistriesForImport []RegistryLocationApplyConfiguration `json:"allowedRegistriesForImport,omitempty"` - ExternalRegistryHostnames []string `json:"externalRegistryHostnames,omitempty"` - AdditionalTrustedCA *ConfigMapNameReferenceApplyConfiguration `json:"additionalTrustedCA,omitempty"` - RegistrySources *RegistrySourcesApplyConfiguration `json:"registrySources,omitempty"` - ImageStreamImportMode *configv1.ImportModeType `json:"imageStreamImportMode,omitempty"` + // allowedRegistriesForImport limits the container image registries that normal users may import + // images from. Set this list to the registries that you trust to contain valid Docker + // images and that you want applications to be able to import from. Users with + // permission to create Images or ImageStreamMappings via the API are not affected by + // this policy - typically only administrators or system integrations will have those + // permissions. + AllowedRegistriesForImport []RegistryLocationApplyConfiguration `json:"allowedRegistriesForImport,omitempty"` + // externalRegistryHostnames provides the hostnames for the default external image + // registry. The external hostname should be set only when the image registry + // is exposed externally. The first value is used in 'publicDockerImageRepository' + // field in ImageStreams. The value must be in "hostname[:port]" format. + ExternalRegistryHostnames []string `json:"externalRegistryHostnames,omitempty"` + // additionalTrustedCA is a reference to a ConfigMap containing additional CAs that + // should be trusted during imagestream import, pod image pull, build image pull, and + // imageregistry pullthrough. + // The namespace for this config map is openshift-config. + AdditionalTrustedCA *ConfigMapNameReferenceApplyConfiguration `json:"additionalTrustedCA,omitempty"` + // registrySources contains configuration that determines how the container runtime + // should treat individual registries when accessing images for builds+pods. (e.g. + // whether or not to allow insecure access). It does not contain configuration for the + // internal cluster registry. + RegistrySources *RegistrySourcesApplyConfiguration `json:"registrySources,omitempty"` + // imageStreamImportMode controls the import mode behaviour of imagestreams. + // It can be set to `Legacy` or `PreserveOriginal` or the empty string. If this value + // is specified, this setting is applied to all newly created imagestreams which do not have the + // value set. `Legacy` indicates that the legacy behaviour should be used. + // For manifest lists, the legacy behaviour will discard the manifest list and import a single + // sub-manifest. In this case, the platform is chosen in the following order of priority: + // 1. tag annotations; 2. control plane arch/os; 3. linux/amd64; 4. the first manifest in the list. + // `PreserveOriginal` indicates that the original manifest will be preserved. For manifest lists, + // the manifest list and all its sub-manifests will be imported. When empty, the behaviour will be + // decided based on the payload type advertised by the ClusterVersion status, i.e single arch payload + // implies the import mode is Legacy and multi payload implies PreserveOriginal. + ImageStreamImportMode *configv1.ImportModeType `json:"imageStreamImportMode,omitempty"` } // ImageSpecApplyConfiguration constructs a declarative configuration of the ImageSpec type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagestatus.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagestatus.go index cbf8a208a..df2a4d53e 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagestatus.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagestatus.go @@ -9,9 +9,27 @@ import ( // ImageStatusApplyConfiguration represents a declarative configuration of the ImageStatus type for use // with apply. type ImageStatusApplyConfiguration struct { - InternalRegistryHostname *string `json:"internalRegistryHostname,omitempty"` - ExternalRegistryHostnames []string `json:"externalRegistryHostnames,omitempty"` - ImageStreamImportMode *configv1.ImportModeType `json:"imageStreamImportMode,omitempty"` + // internalRegistryHostname sets the hostname for the default internal image + // registry. The value must be in "hostname[:port]" format. + // This value is set by the image registry operator which controls the internal registry + // hostname. + InternalRegistryHostname *string `json:"internalRegistryHostname,omitempty"` + // externalRegistryHostnames provides the hostnames for the default external image + // registry. The external hostname should be set only when the image registry + // is exposed externally. The first value is used in 'publicDockerImageRepository' + // field in ImageStreams. The value must be in "hostname[:port]" format. + ExternalRegistryHostnames []string `json:"externalRegistryHostnames,omitempty"` + // imageStreamImportMode controls the import mode behaviour of imagestreams. It can be + // `Legacy` or `PreserveOriginal`. `Legacy` indicates that the legacy behaviour should be used. + // For manifest lists, the legacy behaviour will discard the manifest list and import a single + // sub-manifest. In this case, the platform is chosen in the following order of priority: + // 1. tag annotations; 2. control plane arch/os; 3. linux/amd64; 4. the first manifest in the list. + // `PreserveOriginal` indicates that the original manifest will be preserved. For manifest lists, + // the manifest list and all its sub-manifests will be imported. This value will be reconciled based + // on either the spec value or if no spec value is specified, the image registry operator would look + // at the ClusterVersion status to determine the payload type and set the import mode accordingly, + // i.e single arch payload implies the import mode is Legacy and multi payload implies PreserveOriginal. + ImageStreamImportMode *configv1.ImportModeType `json:"imageStreamImportMode,omitempty"` } // ImageStatusApplyConfiguration constructs a declarative configuration of the ImageStatus type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagetagmirrors.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagetagmirrors.go index e0baa99fc..3ee7f2592 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagetagmirrors.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagetagmirrors.go @@ -8,9 +8,44 @@ import ( // ImageTagMirrorsApplyConfiguration represents a declarative configuration of the ImageTagMirrors type for use // with apply. +// +// ImageTagMirrors holds cluster-wide information about how to handle mirrors in the registries config. type ImageTagMirrorsApplyConfiguration struct { - Source *string `json:"source,omitempty"` - Mirrors []configv1.ImageMirror `json:"mirrors,omitempty"` + // source matches the repository that users refer to, e.g. in image pull specifications. Setting source to a registry hostname + // e.g. docker.io. quay.io, or registry.redhat.io, will match the image pull specification of corressponding registry. + // "source" uses one of the following formats: + // host[:port] + // host[:port]/namespace[/namespace…] + // host[:port]/namespace[/namespace…]/repo + // [*.]host + // for more information about the format, see the document about the location field: + // https://github.com/containers/image/blob/main/docs/containers-registries.conf.5.md#choosing-a-registry-toml-table + Source *string `json:"source,omitempty"` + // mirrors is zero or more locations that may also contain the same images. No mirror will be configured if not specified. + // Images can be pulled from these mirrors only if they are referenced by their tags. + // The mirrored location is obtained by replacing the part of the input reference that + // matches source by the mirrors entry, e.g. for registry.redhat.io/product/repo reference, + // a (source, mirror) pair *.redhat.io, mirror.local/redhat causes a mirror.local/redhat/product/repo + // repository to be used. + // Pulling images by tag can potentially yield different images, depending on which endpoint we pull from. + // Configuring a list of mirrors using "ImageDigestMirrorSet" CRD and forcing digest-pulls for mirrors avoids that issue. + // The order of mirrors in this list is treated as the user's desired priority, while source + // is by default considered lower priority than all mirrors. + // If no mirror is specified or all image pulls from the mirror list fail, the image will continue to be + // pulled from the repository in the pull spec unless explicitly prohibited by "mirrorSourcePolicy". + // Other cluster configuration, including (but not limited to) other imageTagMirrors objects, + // may impact the exact order mirrors are contacted in, or some mirrors may be contacted + // in parallel, so this should be considered a preference rather than a guarantee of ordering. + // "mirrors" uses one of the following formats: + // host[:port] + // host[:port]/namespace[/namespace…] + // host[:port]/namespace[/namespace…]/repo + // for more information about the format, see the document about the location field: + // https://github.com/containers/image/blob/main/docs/containers-registries.conf.5.md#choosing-a-registry-toml-table + Mirrors []configv1.ImageMirror `json:"mirrors,omitempty"` + // mirrorSourcePolicy defines the fallback policy if fails to pull image from the mirrors. + // If unset, the image will continue to be pulled from the repository in the pull spec. + // sourcePolicy is valid configuration only when one or more mirrors are in the mirror list. MirrorSourcePolicy *configv1.MirrorSourcePolicy `json:"mirrorSourcePolicy,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagetagmirrorset.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagetagmirrorset.go index 3a7328112..6c7a72b06 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagetagmirrorset.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagetagmirrorset.go @@ -13,11 +13,20 @@ import ( // ImageTagMirrorSetApplyConfiguration represents a declarative configuration of the ImageTagMirrorSet type for use // with apply. +// +// ImageTagMirrorSet holds cluster-wide information about how to handle registry mirror rules on using tag pull specification. +// When multiple policies are defined, the outcome of the behavior is defined on each field. +// +// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). type ImageTagMirrorSetApplyConfiguration struct { - metav1.TypeMetaApplyConfiguration `json:",inline"` + metav1.TypeMetaApplyConfiguration `json:",inline"` + // metadata is the standard object's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata *metav1.ObjectMetaApplyConfiguration `json:"metadata,omitempty"` - Spec *ImageTagMirrorSetSpecApplyConfiguration `json:"spec,omitempty"` - Status *configv1.ImageTagMirrorSetStatus `json:"status,omitempty"` + // spec holds user settable values for configuration + Spec *ImageTagMirrorSetSpecApplyConfiguration `json:"spec,omitempty"` + // status contains the observed state of the resource. + Status *configv1.ImageTagMirrorSetStatus `json:"status,omitempty"` } // ImageTagMirrorSet constructs a declarative configuration of the ImageTagMirrorSet type for use with @@ -30,6 +39,26 @@ func ImageTagMirrorSet(name string) *ImageTagMirrorSetApplyConfiguration { return b } +// ExtractImageTagMirrorSetFrom extracts the applied configuration owned by fieldManager from +// imageTagMirrorSet for the specified subresource. Pass an empty string for subresource to extract +// the main resource. Common subresources include "status", "scale", etc. +// imageTagMirrorSet must be a unmodified ImageTagMirrorSet API object that was retrieved from the Kubernetes API. +// ExtractImageTagMirrorSetFrom provides a way to perform a extract/modify-in-place/apply workflow. +// Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously +// applied if another fieldManager has updated or force applied any of the previously applied fields. +func ExtractImageTagMirrorSetFrom(imageTagMirrorSet *configv1.ImageTagMirrorSet, fieldManager string, subresource string) (*ImageTagMirrorSetApplyConfiguration, error) { + b := &ImageTagMirrorSetApplyConfiguration{} + err := managedfields.ExtractInto(imageTagMirrorSet, internal.Parser().Type("com.github.openshift.api.config.v1.ImageTagMirrorSet"), fieldManager, b, subresource) + if err != nil { + return nil, err + } + b.WithName(imageTagMirrorSet.Name) + + b.WithKind("ImageTagMirrorSet") + b.WithAPIVersion("config.openshift.io/v1") + return b, nil +} + // ExtractImageTagMirrorSet extracts the applied configuration owned by fieldManager from // imageTagMirrorSet. If no managedFields are found in imageTagMirrorSet for fieldManager, a // ImageTagMirrorSetApplyConfiguration is returned with only the Name, Namespace (if applicable), @@ -40,30 +69,16 @@ func ImageTagMirrorSet(name string) *ImageTagMirrorSetApplyConfiguration { // ExtractImageTagMirrorSet provides a way to perform a extract/modify-in-place/apply workflow. // Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously // applied if another fieldManager has updated or force applied any of the previously applied fields. -// Experimental! func ExtractImageTagMirrorSet(imageTagMirrorSet *configv1.ImageTagMirrorSet, fieldManager string) (*ImageTagMirrorSetApplyConfiguration, error) { - return extractImageTagMirrorSet(imageTagMirrorSet, fieldManager, "") + return ExtractImageTagMirrorSetFrom(imageTagMirrorSet, fieldManager, "") } -// ExtractImageTagMirrorSetStatus is the same as ExtractImageTagMirrorSet except -// that it extracts the status subresource applied configuration. -// Experimental! +// ExtractImageTagMirrorSetStatus extracts the applied configuration owned by fieldManager from +// imageTagMirrorSet for the status subresource. func ExtractImageTagMirrorSetStatus(imageTagMirrorSet *configv1.ImageTagMirrorSet, fieldManager string) (*ImageTagMirrorSetApplyConfiguration, error) { - return extractImageTagMirrorSet(imageTagMirrorSet, fieldManager, "status") + return ExtractImageTagMirrorSetFrom(imageTagMirrorSet, fieldManager, "status") } -func extractImageTagMirrorSet(imageTagMirrorSet *configv1.ImageTagMirrorSet, fieldManager string, subresource string) (*ImageTagMirrorSetApplyConfiguration, error) { - b := &ImageTagMirrorSetApplyConfiguration{} - err := managedfields.ExtractInto(imageTagMirrorSet, internal.Parser().Type("com.github.openshift.api.config.v1.ImageTagMirrorSet"), fieldManager, b, subresource) - if err != nil { - return nil, err - } - b.WithName(imageTagMirrorSet.Name) - - b.WithKind("ImageTagMirrorSet") - b.WithAPIVersion("config.openshift.io/v1") - return b, nil -} func (b ImageTagMirrorSetApplyConfiguration) IsApplyConfiguration() {} // WithKind sets the Kind field in the declarative configuration to the given value diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagetagmirrorsetspec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagetagmirrorsetspec.go index ca59c3871..0642d9ede 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagetagmirrorsetspec.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagetagmirrorsetspec.go @@ -4,7 +4,34 @@ package v1 // ImageTagMirrorSetSpecApplyConfiguration represents a declarative configuration of the ImageTagMirrorSetSpec type for use // with apply. +// +// ImageTagMirrorSetSpec is the specification of the ImageTagMirrorSet CRD. type ImageTagMirrorSetSpecApplyConfiguration struct { + // imageTagMirrors allows images referenced by image tags in pods to be + // pulled from alternative mirrored repository locations. The image pull specification + // provided to the pod will be compared to the source locations described in imageTagMirrors + // and the image may be pulled down from any of the mirrors in the list instead of the + // specified repository allowing administrators to choose a potentially faster mirror. + // To use mirrors to pull images using digest specification only, users should configure + // a list of mirrors using "ImageDigestMirrorSet" CRD. + // + // If the image pull specification matches the repository of "source" in multiple imagetagmirrorset objects, + // only the objects which define the most specific namespace match will be used. + // For example, if there are objects using quay.io/libpod and quay.io/libpod/busybox as + // the "source", only the objects using quay.io/libpod/busybox are going to apply + // for pull specification quay.io/libpod/busybox. + // Each “source” repository is treated independently; configurations for different “source” + // repositories don’t interact. + // + // If the "mirrors" is not specified, the image will continue to be pulled from the specified + // repository in the pull spec. + // + // When multiple policies are defined for the same “source” repository, the sets of defined + // mirrors will be merged together, preserving the relative order of the mirrors, if possible. + // For example, if policy A has mirrors `a, b, c` and policy B has mirrors `c, d, e`, the + // mirrors will be used in the order `a, b, c, d, e`. If the orders of mirror entries conflict + // (e.g. `a, b` vs. `b, a`) the configuration is not rejected but the resulting order is unspecified. + // Users who want to use a deterministic order of mirrors, should configure them into one list of mirrors using the expected order. ImageTagMirrors []ImageTagMirrorsApplyConfiguration `json:"imageTagMirrors,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/infrastructure.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/infrastructure.go index b98a22948..98e5a1b16 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/infrastructure.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/infrastructure.go @@ -13,11 +13,19 @@ import ( // InfrastructureApplyConfiguration represents a declarative configuration of the Infrastructure type for use // with apply. +// +// Infrastructure holds cluster-wide information about Infrastructure. The canonical name is `cluster` +// +// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). type InfrastructureApplyConfiguration struct { - metav1.TypeMetaApplyConfiguration `json:",inline"` + metav1.TypeMetaApplyConfiguration `json:",inline"` + // metadata is the standard object's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata *metav1.ObjectMetaApplyConfiguration `json:"metadata,omitempty"` - Spec *InfrastructureSpecApplyConfiguration `json:"spec,omitempty"` - Status *InfrastructureStatusApplyConfiguration `json:"status,omitempty"` + // spec holds user settable values for configuration + Spec *InfrastructureSpecApplyConfiguration `json:"spec,omitempty"` + // status holds observed values from the cluster. They may not be overridden. + Status *InfrastructureStatusApplyConfiguration `json:"status,omitempty"` } // Infrastructure constructs a declarative configuration of the Infrastructure type for use with @@ -30,6 +38,26 @@ func Infrastructure(name string) *InfrastructureApplyConfiguration { return b } +// ExtractInfrastructureFrom extracts the applied configuration owned by fieldManager from +// infrastructure for the specified subresource. Pass an empty string for subresource to extract +// the main resource. Common subresources include "status", "scale", etc. +// infrastructure must be a unmodified Infrastructure API object that was retrieved from the Kubernetes API. +// ExtractInfrastructureFrom provides a way to perform a extract/modify-in-place/apply workflow. +// Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously +// applied if another fieldManager has updated or force applied any of the previously applied fields. +func ExtractInfrastructureFrom(infrastructure *configv1.Infrastructure, fieldManager string, subresource string) (*InfrastructureApplyConfiguration, error) { + b := &InfrastructureApplyConfiguration{} + err := managedfields.ExtractInto(infrastructure, internal.Parser().Type("com.github.openshift.api.config.v1.Infrastructure"), fieldManager, b, subresource) + if err != nil { + return nil, err + } + b.WithName(infrastructure.Name) + + b.WithKind("Infrastructure") + b.WithAPIVersion("config.openshift.io/v1") + return b, nil +} + // ExtractInfrastructure extracts the applied configuration owned by fieldManager from // infrastructure. If no managedFields are found in infrastructure for fieldManager, a // InfrastructureApplyConfiguration is returned with only the Name, Namespace (if applicable), @@ -40,30 +68,16 @@ func Infrastructure(name string) *InfrastructureApplyConfiguration { // ExtractInfrastructure provides a way to perform a extract/modify-in-place/apply workflow. // Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously // applied if another fieldManager has updated or force applied any of the previously applied fields. -// Experimental! func ExtractInfrastructure(infrastructure *configv1.Infrastructure, fieldManager string) (*InfrastructureApplyConfiguration, error) { - return extractInfrastructure(infrastructure, fieldManager, "") + return ExtractInfrastructureFrom(infrastructure, fieldManager, "") } -// ExtractInfrastructureStatus is the same as ExtractInfrastructure except -// that it extracts the status subresource applied configuration. -// Experimental! +// ExtractInfrastructureStatus extracts the applied configuration owned by fieldManager from +// infrastructure for the status subresource. func ExtractInfrastructureStatus(infrastructure *configv1.Infrastructure, fieldManager string) (*InfrastructureApplyConfiguration, error) { - return extractInfrastructure(infrastructure, fieldManager, "status") + return ExtractInfrastructureFrom(infrastructure, fieldManager, "status") } -func extractInfrastructure(infrastructure *configv1.Infrastructure, fieldManager string, subresource string) (*InfrastructureApplyConfiguration, error) { - b := &InfrastructureApplyConfiguration{} - err := managedfields.ExtractInto(infrastructure, internal.Parser().Type("com.github.openshift.api.config.v1.Infrastructure"), fieldManager, b, subresource) - if err != nil { - return nil, err - } - b.WithName(infrastructure.Name) - - b.WithKind("Infrastructure") - b.WithAPIVersion("config.openshift.io/v1") - return b, nil -} func (b InfrastructureApplyConfiguration) IsApplyConfiguration() {} // WithKind sets the Kind field in the declarative configuration to the given value diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/infrastructurespec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/infrastructurespec.go index 83dccde29..e48e1368b 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/infrastructurespec.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/infrastructurespec.go @@ -4,9 +4,25 @@ package v1 // InfrastructureSpecApplyConfiguration represents a declarative configuration of the InfrastructureSpec type for use // with apply. +// +// InfrastructureSpec contains settings that apply to the cluster infrastructure. type InfrastructureSpecApplyConfiguration struct { - CloudConfig *ConfigMapFileReferenceApplyConfiguration `json:"cloudConfig,omitempty"` - PlatformSpec *PlatformSpecApplyConfiguration `json:"platformSpec,omitempty"` + // cloudConfig is a reference to a ConfigMap containing the cloud provider configuration file. + // This configuration file is used to configure the Kubernetes cloud provider integration + // when using the built-in cloud provider integration or the external cloud controller manager. + // The namespace for this config map is openshift-config. + // + // cloudConfig should only be consumed by the kube_cloud_config controller. + // The controller is responsible for using the user configuration in the spec + // for various platforms and combining that with the user provided ConfigMap in this field + // to create a stitched kube cloud config. + // The controller generates a ConfigMap `kube-cloud-config` in `openshift-config-managed` namespace + // with the kube cloud config is stored in `cloud.conf` key. + // All the clients are expected to use the generated ConfigMap only. + CloudConfig *ConfigMapFileReferenceApplyConfiguration `json:"cloudConfig,omitempty"` + // platformSpec holds desired information specific to the underlying + // infrastructure provider. + PlatformSpec *PlatformSpecApplyConfiguration `json:"platformSpec,omitempty"` } // InfrastructureSpecApplyConfiguration constructs a declarative configuration of the InfrastructureSpec type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/infrastructurestatus.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/infrastructurestatus.go index 5b5d8288c..c01827c11 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/infrastructurestatus.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/infrastructurestatus.go @@ -8,16 +8,58 @@ import ( // InfrastructureStatusApplyConfiguration represents a declarative configuration of the InfrastructureStatus type for use // with apply. +// +// InfrastructureStatus describes the infrastructure the cluster is leveraging. type InfrastructureStatusApplyConfiguration struct { - InfrastructureName *string `json:"infrastructureName,omitempty"` - Platform *configv1.PlatformType `json:"platform,omitempty"` - PlatformStatus *PlatformStatusApplyConfiguration `json:"platformStatus,omitempty"` - EtcdDiscoveryDomain *string `json:"etcdDiscoveryDomain,omitempty"` - APIServerURL *string `json:"apiServerURL,omitempty"` - APIServerInternalURL *string `json:"apiServerInternalURI,omitempty"` - ControlPlaneTopology *configv1.TopologyMode `json:"controlPlaneTopology,omitempty"` - InfrastructureTopology *configv1.TopologyMode `json:"infrastructureTopology,omitempty"` - CPUPartitioning *configv1.CPUPartitioningMode `json:"cpuPartitioning,omitempty"` + // infrastructureName uniquely identifies a cluster with a human friendly name. + // Once set it should not be changed. Must be of max length 27 and must have only + // alphanumeric or hyphen characters. + InfrastructureName *string `json:"infrastructureName,omitempty"` + // platform is the underlying infrastructure provider for the cluster. + // + // Deprecated: Use platformStatus.type instead. + Platform *configv1.PlatformType `json:"platform,omitempty"` + // platformStatus holds status information specific to the underlying + // infrastructure provider. + PlatformStatus *PlatformStatusApplyConfiguration `json:"platformStatus,omitempty"` + // etcdDiscoveryDomain is the domain used to fetch the SRV records for discovering + // etcd servers and clients. + // For more info: https://github.com/etcd-io/etcd/blob/329be66e8b3f9e2e6af83c123ff89297e49ebd15/Documentation/op-guide/clustering.md#dns-discovery + // deprecated: as of 4.7, this field is no longer set or honored. It will be removed in a future release. + EtcdDiscoveryDomain *string `json:"etcdDiscoveryDomain,omitempty"` + // apiServerURL is a valid URI with scheme 'https', address and + // optionally a port (defaulting to 443). apiServerURL can be used by components like the web console + // to tell users where to find the Kubernetes API. + APIServerURL *string `json:"apiServerURL,omitempty"` + // apiServerInternalURL is a valid URI with scheme 'https', + // address and optionally a port (defaulting to 443). apiServerInternalURL can be used by components + // like kubelets, to contact the Kubernetes API server using the + // infrastructure provider rather than Kubernetes networking. + APIServerInternalURL *string `json:"apiServerInternalURI,omitempty"` + // controlPlaneTopology expresses the expectations for operands that normally run on control nodes. + // The default is 'HighlyAvailable', which represents the behavior operators have in a "normal" cluster. + // The 'SingleReplica' mode will be used in single-node deployments + // and the operators should not configure the operand for highly-available operation + // The 'External' mode indicates that the control plane is hosted externally to the cluster and that + // its components are not visible within the cluster. + // The 'HighlyAvailableArbiter' mode indicates that the control plane will consist of 2 control-plane nodes + // that run conventional services and 1 smaller sized arbiter node that runs a bare minimum of services to maintain quorum. + ControlPlaneTopology *configv1.TopologyMode `json:"controlPlaneTopology,omitempty"` + // infrastructureTopology expresses the expectations for infrastructure services that do not run on control + // plane nodes, usually indicated by a node selector for a `role` value + // other than `master`. + // The default is 'HighlyAvailable', which represents the behavior operators have in a "normal" cluster. + // The 'SingleReplica' mode will be used in single-node deployments + // and the operators should not configure the operand for highly-available operation + // NOTE: External topology mode is not applicable for this field. + InfrastructureTopology *configv1.TopologyMode `json:"infrastructureTopology,omitempty"` + // cpuPartitioning expresses if CPU partitioning is a currently enabled feature in the cluster. + // CPU Partitioning means that this cluster can support partitioning workloads to specific CPU Sets. + // Valid values are "None" and "AllNodes". When omitted, the default value is "None". + // The default value of "None" indicates that no nodes will be setup with CPU partitioning. + // The "AllNodes" value indicates that all nodes have been setup with CPU partitioning, + // and can then be further configured via the PerformanceProfile API. + CPUPartitioning *configv1.CPUPartitioningMode `json:"cpuPartitioning,omitempty"` } // InfrastructureStatusApplyConfiguration constructs a declarative configuration of the InfrastructureStatus type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/ingress.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/ingress.go index b1680f352..af5121aa3 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/ingress.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/ingress.go @@ -13,11 +13,20 @@ import ( // IngressApplyConfiguration represents a declarative configuration of the Ingress type for use // with apply. +// +// Ingress holds cluster-wide information about ingress, including the default ingress domain +// used for routes. The canonical name is `cluster`. +// +// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). type IngressApplyConfiguration struct { - metav1.TypeMetaApplyConfiguration `json:",inline"` + metav1.TypeMetaApplyConfiguration `json:",inline"` + // metadata is the standard object's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata *metav1.ObjectMetaApplyConfiguration `json:"metadata,omitempty"` - Spec *IngressSpecApplyConfiguration `json:"spec,omitempty"` - Status *IngressStatusApplyConfiguration `json:"status,omitempty"` + // spec holds user settable values for configuration + Spec *IngressSpecApplyConfiguration `json:"spec,omitempty"` + // status holds observed values from the cluster. They may not be overridden. + Status *IngressStatusApplyConfiguration `json:"status,omitempty"` } // Ingress constructs a declarative configuration of the Ingress type for use with @@ -30,6 +39,26 @@ func Ingress(name string) *IngressApplyConfiguration { return b } +// ExtractIngressFrom extracts the applied configuration owned by fieldManager from +// ingress for the specified subresource. Pass an empty string for subresource to extract +// the main resource. Common subresources include "status", "scale", etc. +// ingress must be a unmodified Ingress API object that was retrieved from the Kubernetes API. +// ExtractIngressFrom provides a way to perform a extract/modify-in-place/apply workflow. +// Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously +// applied if another fieldManager has updated or force applied any of the previously applied fields. +func ExtractIngressFrom(ingress *configv1.Ingress, fieldManager string, subresource string) (*IngressApplyConfiguration, error) { + b := &IngressApplyConfiguration{} + err := managedfields.ExtractInto(ingress, internal.Parser().Type("com.github.openshift.api.config.v1.Ingress"), fieldManager, b, subresource) + if err != nil { + return nil, err + } + b.WithName(ingress.Name) + + b.WithKind("Ingress") + b.WithAPIVersion("config.openshift.io/v1") + return b, nil +} + // ExtractIngress extracts the applied configuration owned by fieldManager from // ingress. If no managedFields are found in ingress for fieldManager, a // IngressApplyConfiguration is returned with only the Name, Namespace (if applicable), @@ -40,30 +69,16 @@ func Ingress(name string) *IngressApplyConfiguration { // ExtractIngress provides a way to perform a extract/modify-in-place/apply workflow. // Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously // applied if another fieldManager has updated or force applied any of the previously applied fields. -// Experimental! func ExtractIngress(ingress *configv1.Ingress, fieldManager string) (*IngressApplyConfiguration, error) { - return extractIngress(ingress, fieldManager, "") + return ExtractIngressFrom(ingress, fieldManager, "") } -// ExtractIngressStatus is the same as ExtractIngress except -// that it extracts the status subresource applied configuration. -// Experimental! +// ExtractIngressStatus extracts the applied configuration owned by fieldManager from +// ingress for the status subresource. func ExtractIngressStatus(ingress *configv1.Ingress, fieldManager string) (*IngressApplyConfiguration, error) { - return extractIngress(ingress, fieldManager, "status") + return ExtractIngressFrom(ingress, fieldManager, "status") } -func extractIngress(ingress *configv1.Ingress, fieldManager string, subresource string) (*IngressApplyConfiguration, error) { - b := &IngressApplyConfiguration{} - err := managedfields.ExtractInto(ingress, internal.Parser().Type("com.github.openshift.api.config.v1.Ingress"), fieldManager, b, subresource) - if err != nil { - return nil, err - } - b.WithName(ingress.Name) - - b.WithKind("Ingress") - b.WithAPIVersion("config.openshift.io/v1") - return b, nil -} func (b IngressApplyConfiguration) IsApplyConfiguration() {} // WithKind sets the Kind field in the declarative configuration to the given value diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/ingressplatformspec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/ingressplatformspec.go index ed5c26531..7d42ec243 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/ingressplatformspec.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/ingressplatformspec.go @@ -8,9 +8,19 @@ import ( // IngressPlatformSpecApplyConfiguration represents a declarative configuration of the IngressPlatformSpec type for use // with apply. +// +// IngressPlatformSpec holds the desired state of Ingress specific to the underlying infrastructure provider +// of the current cluster. Since these are used at spec-level for the underlying cluster, it +// is supposed that only one of the spec structs is set. type IngressPlatformSpecApplyConfiguration struct { - Type *configv1.PlatformType `json:"type,omitempty"` - AWS *AWSIngressSpecApplyConfiguration `json:"aws,omitempty"` + // type is the underlying infrastructure provider for the cluster. + // Allowed values are "AWS", "Azure", "BareMetal", "GCP", "Libvirt", + // "OpenStack", "VSphere", "oVirt", "KubeVirt", "EquinixMetal", "PowerVS", + // "AlibabaCloud", "Nutanix" and "None". Individual components may not support all platforms, + // and must handle unrecognized platforms as None if they do not support that platform. + Type *configv1.PlatformType `json:"type,omitempty"` + // aws contains settings specific to the Amazon Web Services infrastructure provider. + AWS *AWSIngressSpecApplyConfiguration `json:"aws,omitempty"` } // IngressPlatformSpecApplyConfiguration constructs a declarative configuration of the IngressPlatformSpec type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/ingressspec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/ingressspec.go index a9b09512c..ed804bd00 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/ingressspec.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/ingressspec.go @@ -5,11 +5,58 @@ package v1 // IngressSpecApplyConfiguration represents a declarative configuration of the IngressSpec type for use // with apply. type IngressSpecApplyConfiguration struct { - Domain *string `json:"domain,omitempty"` - AppsDomain *string `json:"appsDomain,omitempty"` - ComponentRoutes []ComponentRouteSpecApplyConfiguration `json:"componentRoutes,omitempty"` + // domain is used to generate a default host name for a route when the + // route's host name is empty. The generated host name will follow this + // pattern: "..". + // + // It is also used as the default wildcard domain suffix for ingress. The + // default ingresscontroller domain will follow this pattern: "*.". + // + // Once set, changing domain is not currently supported. + Domain *string `json:"domain,omitempty"` + // appsDomain is an optional domain to use instead of the one specified + // in the domain field when a Route is created without specifying an explicit + // host. If appsDomain is nonempty, this value is used to generate default + // host values for Route. Unlike domain, appsDomain may be modified after + // installation. + // This assumes a new ingresscontroller has been setup with a wildcard + // certificate. + AppsDomain *string `json:"appsDomain,omitempty"` + // componentRoutes is an optional list of routes that are managed by OpenShift components + // that a cluster-admin is able to configure the hostname and serving certificate for. + // The namespace and name of each route in this list should match an existing entry in the + // status.componentRoutes list. + // + // To determine the set of configurable Routes, look at namespace and name of entries in the + // .status.componentRoutes list, where participating operators write the status of + // configurable routes. + ComponentRoutes []ComponentRouteSpecApplyConfiguration `json:"componentRoutes,omitempty"` + // requiredHSTSPolicies specifies HSTS policies that are required to be set on newly created or updated routes + // matching the domainPattern/s and namespaceSelector/s that are specified in the policy. + // Each requiredHSTSPolicy must have at least a domainPattern and a maxAge to validate a route HSTS Policy route + // annotation, and affect route admission. + // + // A candidate route is checked for HSTS Policies if it has the HSTS Policy route annotation: + // "haproxy.router.openshift.io/hsts_header" + // E.g. haproxy.router.openshift.io/hsts_header: max-age=31536000;preload;includeSubDomains + // + // - For each candidate route, if it matches a requiredHSTSPolicy domainPattern and optional namespaceSelector, + // then the maxAge, preloadPolicy, and includeSubdomainsPolicy must be valid to be admitted. Otherwise, the route + // is rejected. + // - The first match, by domainPattern and optional namespaceSelector, in the ordering of the RequiredHSTSPolicies + // determines the route's admission status. + // - If the candidate route doesn't match any requiredHSTSPolicy domainPattern and optional namespaceSelector, + // then it may use any HSTS Policy annotation. + // + // The HSTS policy configuration may be changed after routes have already been created. An update to a previously + // admitted route may then fail if the updated route does not conform to the updated HSTS policy configuration. + // However, changing the HSTS policy configuration will not cause a route that is already admitted to stop working. + // + // Note that if there are no RequiredHSTSPolicies, any HSTS Policy annotation on the route is valid. RequiredHSTSPolicies []RequiredHSTSPolicyApplyConfiguration `json:"requiredHSTSPolicies,omitempty"` - LoadBalancer *LoadBalancerApplyConfiguration `json:"loadBalancer,omitempty"` + // loadBalancer contains the load balancer details in general which are not only specific to the underlying infrastructure + // provider of the current cluster and are required for Ingress Controller to work on OpenShift. + LoadBalancer *LoadBalancerApplyConfiguration `json:"loadBalancer,omitempty"` } // IngressSpecApplyConfiguration constructs a declarative configuration of the IngressSpec type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/ingressstatus.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/ingressstatus.go index 792bcd755..f9bf00a41 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/ingressstatus.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/ingressstatus.go @@ -9,8 +9,22 @@ import ( // IngressStatusApplyConfiguration represents a declarative configuration of the IngressStatus type for use // with apply. type IngressStatusApplyConfiguration struct { - ComponentRoutes []ComponentRouteStatusApplyConfiguration `json:"componentRoutes,omitempty"` - DefaultPlacement *configv1.DefaultPlacement `json:"defaultPlacement,omitempty"` + // componentRoutes is where participating operators place the current route status for routes whose + // hostnames and serving certificates can be customized by the cluster-admin. + ComponentRoutes []ComponentRouteStatusApplyConfiguration `json:"componentRoutes,omitempty"` + // defaultPlacement is set at installation time to control which + // nodes will host the ingress router pods by default. The options are + // control-plane nodes or worker nodes. + // + // This field works by dictating how the Cluster Ingress Operator will + // consider unset replicas and nodePlacement fields in IngressController + // resources when creating the corresponding Deployments. + // + // See the documentation for the IngressController replicas and nodePlacement + // fields for more information. + // + // When omitted, the default value is Workers + DefaultPlacement *configv1.DefaultPlacement `json:"defaultPlacement,omitempty"` } // IngressStatusApplyConfiguration constructs a declarative configuration of the IngressStatus type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/insightsdatagather.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/insightsdatagather.go index 829a4071a..4ad9a53ed 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/insightsdatagather.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/insightsdatagather.go @@ -13,10 +13,17 @@ import ( // InsightsDataGatherApplyConfiguration represents a declarative configuration of the InsightsDataGather type for use // with apply. +// +// InsightsDataGather provides data gather configuration options for the Insights Operator. +// +// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). type InsightsDataGatherApplyConfiguration struct { - metav1.TypeMetaApplyConfiguration `json:",inline"` + metav1.TypeMetaApplyConfiguration `json:",inline"` + // metadata is the standard object's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata *metav1.ObjectMetaApplyConfiguration `json:"metadata,omitempty"` - Spec *InsightsDataGatherSpecApplyConfiguration `json:"spec,omitempty"` + // spec holds user settable values for configuration + Spec *InsightsDataGatherSpecApplyConfiguration `json:"spec,omitempty"` } // InsightsDataGather constructs a declarative configuration of the InsightsDataGather type for use with @@ -29,29 +36,14 @@ func InsightsDataGather(name string) *InsightsDataGatherApplyConfiguration { return b } -// ExtractInsightsDataGather extracts the applied configuration owned by fieldManager from -// insightsDataGather. If no managedFields are found in insightsDataGather for fieldManager, a -// InsightsDataGatherApplyConfiguration is returned with only the Name, Namespace (if applicable), -// APIVersion and Kind populated. It is possible that no managed fields were found for because other -// field managers have taken ownership of all the fields previously owned by fieldManager, or because -// the fieldManager never owned fields any fields. +// ExtractInsightsDataGatherFrom extracts the applied configuration owned by fieldManager from +// insightsDataGather for the specified subresource. Pass an empty string for subresource to extract +// the main resource. Common subresources include "status", "scale", etc. // insightsDataGather must be a unmodified InsightsDataGather API object that was retrieved from the Kubernetes API. -// ExtractInsightsDataGather provides a way to perform a extract/modify-in-place/apply workflow. +// ExtractInsightsDataGatherFrom provides a way to perform a extract/modify-in-place/apply workflow. // Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously // applied if another fieldManager has updated or force applied any of the previously applied fields. -// Experimental! -func ExtractInsightsDataGather(insightsDataGather *configv1.InsightsDataGather, fieldManager string) (*InsightsDataGatherApplyConfiguration, error) { - return extractInsightsDataGather(insightsDataGather, fieldManager, "") -} - -// ExtractInsightsDataGatherStatus is the same as ExtractInsightsDataGather except -// that it extracts the status subresource applied configuration. -// Experimental! -func ExtractInsightsDataGatherStatus(insightsDataGather *configv1.InsightsDataGather, fieldManager string) (*InsightsDataGatherApplyConfiguration, error) { - return extractInsightsDataGather(insightsDataGather, fieldManager, "status") -} - -func extractInsightsDataGather(insightsDataGather *configv1.InsightsDataGather, fieldManager string, subresource string) (*InsightsDataGatherApplyConfiguration, error) { +func ExtractInsightsDataGatherFrom(insightsDataGather *configv1.InsightsDataGather, fieldManager string, subresource string) (*InsightsDataGatherApplyConfiguration, error) { b := &InsightsDataGatherApplyConfiguration{} err := managedfields.ExtractInto(insightsDataGather, internal.Parser().Type("com.github.openshift.api.config.v1.InsightsDataGather"), fieldManager, b, subresource) if err != nil { @@ -63,6 +55,21 @@ func extractInsightsDataGather(insightsDataGather *configv1.InsightsDataGather, b.WithAPIVersion("config.openshift.io/v1") return b, nil } + +// ExtractInsightsDataGather extracts the applied configuration owned by fieldManager from +// insightsDataGather. If no managedFields are found in insightsDataGather for fieldManager, a +// InsightsDataGatherApplyConfiguration is returned with only the Name, Namespace (if applicable), +// APIVersion and Kind populated. It is possible that no managed fields were found for because other +// field managers have taken ownership of all the fields previously owned by fieldManager, or because +// the fieldManager never owned fields any fields. +// insightsDataGather must be a unmodified InsightsDataGather API object that was retrieved from the Kubernetes API. +// ExtractInsightsDataGather provides a way to perform a extract/modify-in-place/apply workflow. +// Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously +// applied if another fieldManager has updated or force applied any of the previously applied fields. +func ExtractInsightsDataGather(insightsDataGather *configv1.InsightsDataGather, fieldManager string) (*InsightsDataGatherApplyConfiguration, error) { + return ExtractInsightsDataGatherFrom(insightsDataGather, fieldManager, "") +} + func (b InsightsDataGatherApplyConfiguration) IsApplyConfiguration() {} // WithKind sets the Kind field in the declarative configuration to the given value diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/insightsdatagatherspec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/insightsdatagatherspec.go index 4be6d441a..0d3bc710a 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/insightsdatagatherspec.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/insightsdatagatherspec.go @@ -4,7 +4,10 @@ package v1 // InsightsDataGatherSpecApplyConfiguration represents a declarative configuration of the InsightsDataGatherSpec type for use // with apply. +// +// InsightsDataGatherSpec contains the configuration for the data gathering. type InsightsDataGatherSpecApplyConfiguration struct { + // gatherConfig is a required spec attribute that includes all the configuration options related to gathering of the Insights data and its uploading to the ingress. GatherConfig *GatherConfigApplyConfiguration `json:"gatherConfig,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/keystoneidentityprovider.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/keystoneidentityprovider.go index abbb9ef15..a1c62e0e1 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/keystoneidentityprovider.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/keystoneidentityprovider.go @@ -4,9 +4,13 @@ package v1 // KeystoneIdentityProviderApplyConfiguration represents a declarative configuration of the KeystoneIdentityProvider type for use // with apply. +// +// KeystonePasswordIdentityProvider provides identities for users authenticating using keystone password credentials type KeystoneIdentityProviderApplyConfiguration struct { + // OAuthRemoteConnectionInfo contains information about how to connect to the keystone server OAuthRemoteConnectionInfoApplyConfiguration `json:",inline"` - DomainName *string `json:"domainName,omitempty"` + // domainName is required for keystone v3 + DomainName *string `json:"domainName,omitempty"` } // KeystoneIdentityProviderApplyConfiguration constructs a declarative configuration of the KeystoneIdentityProvider type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/kmsconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/kmsconfig.go deleted file mode 100644 index 564619f41..000000000 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/kmsconfig.go +++ /dev/null @@ -1,36 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1 - -import ( - configv1 "github.com/openshift/api/config/v1" -) - -// KMSConfigApplyConfiguration represents a declarative configuration of the KMSConfig type for use -// with apply. -type KMSConfigApplyConfiguration struct { - Type *configv1.KMSProviderType `json:"type,omitempty"` - AWS *AWSKMSConfigApplyConfiguration `json:"aws,omitempty"` -} - -// KMSConfigApplyConfiguration constructs a declarative configuration of the KMSConfig type for use with -// apply. -func KMSConfig() *KMSConfigApplyConfiguration { - return &KMSConfigApplyConfiguration{} -} - -// WithType sets the Type field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Type field is set to the value of the last call. -func (b *KMSConfigApplyConfiguration) WithType(value configv1.KMSProviderType) *KMSConfigApplyConfiguration { - b.Type = &value - return b -} - -// WithAWS sets the AWS field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the AWS field is set to the value of the last call. -func (b *KMSConfigApplyConfiguration) WithAWS(value *AWSKMSConfigApplyConfiguration) *KMSConfigApplyConfiguration { - b.AWS = value - return b -} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/kmspluginconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/kmspluginconfig.go new file mode 100644 index 000000000..fc266edc4 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/kmspluginconfig.go @@ -0,0 +1,46 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +import ( + configv1 "github.com/openshift/api/config/v1" +) + +// KMSPluginConfigApplyConfiguration represents a declarative configuration of the KMSPluginConfig type for use +// with apply. +// +// KMSPluginConfig defines the configuration for the KMS instance +// that will be used with KMS encryption +type KMSPluginConfigApplyConfiguration struct { + // type defines the kind of platform for the KMS provider. + // Allowed values are Vault. + // When set to Vault, the plugin connects to a HashiCorp Vault server for key management. + Type *configv1.KMSProviderType `json:"type,omitempty"` + // vault defines the configuration for the Vault KMS plugin. + // The plugin connects to a Vault Enterprise server that is managed + // by the user outside the purview of the control plane. + // This field must be set when type is Vault, and must be unset otherwise. + Vault *VaultKMSPluginConfigApplyConfiguration `json:"vault,omitempty"` +} + +// KMSPluginConfigApplyConfiguration constructs a declarative configuration of the KMSPluginConfig type for use with +// apply. +func KMSPluginConfig() *KMSPluginConfigApplyConfiguration { + return &KMSPluginConfigApplyConfiguration{} +} + +// WithType sets the Type field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Type field is set to the value of the last call. +func (b *KMSPluginConfigApplyConfiguration) WithType(value configv1.KMSProviderType) *KMSPluginConfigApplyConfiguration { + b.Type = &value + return b +} + +// WithVault sets the Vault field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Vault field is set to the value of the last call. +func (b *KMSPluginConfigApplyConfiguration) WithVault(value *VaultKMSPluginConfigApplyConfiguration) *KMSPluginConfigApplyConfiguration { + b.Vault = value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/kubevirtplatformstatus.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/kubevirtplatformstatus.go index 3d136c53b..ca4614297 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/kubevirtplatformstatus.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/kubevirtplatformstatus.go @@ -4,9 +4,17 @@ package v1 // KubevirtPlatformStatusApplyConfiguration represents a declarative configuration of the KubevirtPlatformStatus type for use // with apply. +// +// KubevirtPlatformStatus holds the current status of the kubevirt infrastructure provider. type KubevirtPlatformStatusApplyConfiguration struct { + // apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used + // by components inside the cluster, like kubelets using the infrastructure rather + // than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI + // points to. It is the IP for a self-hosted load balancer in front of the API servers. APIServerInternalIP *string `json:"apiServerInternalIP,omitempty"` - IngressIP *string `json:"ingressIP,omitempty"` + // ingressIP is an external IP which routes to the default ingress controller. + // The IP is a suitable target of a wildcard DNS record used to resolve default route host names. + IngressIP *string `json:"ingressIP,omitempty"` } // KubevirtPlatformStatusApplyConfiguration constructs a declarative configuration of the KubevirtPlatformStatus type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/ldapattributemapping.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/ldapattributemapping.go index b618065ce..29c14570e 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/ldapattributemapping.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/ldapattributemapping.go @@ -4,11 +4,24 @@ package v1 // LDAPAttributeMappingApplyConfiguration represents a declarative configuration of the LDAPAttributeMapping type for use // with apply. +// +// LDAPAttributeMapping maps LDAP attributes to OpenShift identity fields type LDAPAttributeMappingApplyConfiguration struct { - ID []string `json:"id,omitempty"` + // id is the list of attributes whose values should be used as the user ID. Required. + // First non-empty attribute is used. At least one attribute is required. If none of the listed + // attribute have a value, authentication fails. + // LDAP standard identity attribute is "dn" + ID []string `json:"id,omitempty"` + // preferredUsername is the list of attributes whose values should be used as the preferred username. + // LDAP standard login attribute is "uid" PreferredUsername []string `json:"preferredUsername,omitempty"` - Name []string `json:"name,omitempty"` - Email []string `json:"email,omitempty"` + // name is the list of attributes whose values should be used as the display name. Optional. + // If unspecified, no display name is set for the identity + // LDAP standard display name attribute is "cn" + Name []string `json:"name,omitempty"` + // email is the list of attributes whose values should be used as the email address. Optional. + // If unspecified, no email is set for the identity + Email []string `json:"email,omitempty"` } // LDAPAttributeMappingApplyConfiguration constructs a declarative configuration of the LDAPAttributeMapping type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/ldapidentityprovider.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/ldapidentityprovider.go index 90bdfe34c..cd45699e7 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/ldapidentityprovider.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/ldapidentityprovider.go @@ -4,13 +4,37 @@ package v1 // LDAPIdentityProviderApplyConfiguration represents a declarative configuration of the LDAPIdentityProvider type for use // with apply. +// +// LDAPPasswordIdentityProvider provides identities for users authenticating using LDAP credentials type LDAPIdentityProviderApplyConfiguration struct { - URL *string `json:"url,omitempty"` - BindDN *string `json:"bindDN,omitempty"` - BindPassword *SecretNameReferenceApplyConfiguration `json:"bindPassword,omitempty"` - Insecure *bool `json:"insecure,omitempty"` - CA *ConfigMapNameReferenceApplyConfiguration `json:"ca,omitempty"` - Attributes *LDAPAttributeMappingApplyConfiguration `json:"attributes,omitempty"` + // url is an RFC 2255 URL which specifies the LDAP search parameters to use. + // The syntax of the URL is: + // ldap://host:port/basedn?attribute?scope?filter + URL *string `json:"url,omitempty"` + // bindDN is an optional DN to bind with during the search phase. + BindDN *string `json:"bindDN,omitempty"` + // bindPassword is an optional reference to a secret by name + // containing a password to bind with during the search phase. + // The key "bindPassword" is used to locate the data. + // If specified and the secret or expected key is not found, the identity provider is not honored. + // The namespace for this secret is openshift-config. + BindPassword *SecretNameReferenceApplyConfiguration `json:"bindPassword,omitempty"` + // insecure, if true, indicates the connection should not use TLS + // WARNING: Should not be set to `true` with the URL scheme "ldaps://" as "ldaps://" URLs always + // attempt to connect using TLS, even when `insecure` is set to `true` + // When `true`, "ldap://" URLS connect insecurely. When `false`, "ldap://" URLs are upgraded to + // a TLS connection using StartTLS as specified in https://tools.ietf.org/html/rfc2830. + Insecure *bool `json:"insecure,omitempty"` + // ca is an optional reference to a config map by name containing the PEM-encoded CA bundle. + // It is used as a trust anchor to validate the TLS certificate presented by the remote server. + // The key "ca.crt" is used to locate the data. + // If specified and the config map or expected key is not found, the identity provider is not honored. + // If the specified ca data is not valid, the identity provider is not honored. + // If empty, the default system roots are used. + // The namespace for this config map is openshift-config. + CA *ConfigMapNameReferenceApplyConfiguration `json:"ca,omitempty"` + // attributes maps LDAP attributes to identities + Attributes *LDAPAttributeMappingApplyConfiguration `json:"attributes,omitempty"` } // LDAPIdentityProviderApplyConfiguration constructs a declarative configuration of the LDAPIdentityProvider type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/loadbalancer.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/loadbalancer.go index 0dfc67c8f..060777387 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/loadbalancer.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/loadbalancer.go @@ -5,6 +5,10 @@ package v1 // LoadBalancerApplyConfiguration represents a declarative configuration of the LoadBalancer type for use // with apply. type LoadBalancerApplyConfiguration struct { + // platform holds configuration specific to the underlying + // infrastructure provider for the ingress load balancers. + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. Platform *IngressPlatformSpecApplyConfiguration `json:"platform,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/maxagepolicy.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/maxagepolicy.go index faa8e1dd5..027b5d38d 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/maxagepolicy.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/maxagepolicy.go @@ -4,8 +4,16 @@ package v1 // MaxAgePolicyApplyConfiguration represents a declarative configuration of the MaxAgePolicy type for use // with apply. +// +// MaxAgePolicy contains a numeric range for specifying a compliant HSTS max-age for the enclosing RequiredHSTSPolicy type MaxAgePolicyApplyConfiguration struct { - LargestMaxAge *int32 `json:"largestMaxAge,omitempty"` + // The largest allowed value (in seconds) of the RequiredHSTSPolicy max-age + // This value can be left unspecified, in which case no upper limit is enforced. + LargestMaxAge *int32 `json:"largestMaxAge,omitempty"` + // The smallest allowed value (in seconds) of the RequiredHSTSPolicy max-age + // Setting max-age=0 allows the deletion of an existing HSTS header from a host. This is a necessary + // tool for administrators to quickly correct mistakes. + // This value can be left unspecified, in which case no lower limit is enforced. SmallestMaxAge *int32 `json:"smallestMaxAge,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/mtumigration.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/mtumigration.go index 9db99100e..fc3229da6 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/mtumigration.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/mtumigration.go @@ -4,8 +4,12 @@ package v1 // MTUMigrationApplyConfiguration represents a declarative configuration of the MTUMigration type for use // with apply. +// +// MTUMigration contains infomation about MTU migration. type MTUMigrationApplyConfiguration struct { + // network contains MTU migration configuration for the default network. Network *MTUMigrationValuesApplyConfiguration `json:"network,omitempty"` + // machine contains MTU migration configuration for the machine's uplink. Machine *MTUMigrationValuesApplyConfiguration `json:"machine,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/mtumigrationvalues.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/mtumigrationvalues.go index 8d346f25f..f9c51c216 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/mtumigrationvalues.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/mtumigrationvalues.go @@ -4,8 +4,12 @@ package v1 // MTUMigrationValuesApplyConfiguration represents a declarative configuration of the MTUMigrationValues type for use // with apply. +// +// MTUMigrationValues contains the values for a MTU migration. type MTUMigrationValuesApplyConfiguration struct { - To *uint32 `json:"to,omitempty"` + // to is the MTU to migrate to. + To *uint32 `json:"to,omitempty"` + // from is the MTU to migrate from. From *uint32 `json:"from,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/network.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/network.go index 3502e6954..4394aa2e5 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/network.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/network.go @@ -13,11 +13,23 @@ import ( // NetworkApplyConfiguration represents a declarative configuration of the Network type for use // with apply. +// +// Network holds cluster-wide information about Network. The canonical name is `cluster`. It is used to configure the desired network configuration, such as: IP address pools for services/pod IPs, network plugin, etc. +// Please view network.spec for an explanation on what applies when configuring this resource. +// +// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). type NetworkApplyConfiguration struct { - metav1.TypeMetaApplyConfiguration `json:",inline"` + metav1.TypeMetaApplyConfiguration `json:",inline"` + // metadata is the standard object's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata *metav1.ObjectMetaApplyConfiguration `json:"metadata,omitempty"` - Spec *NetworkSpecApplyConfiguration `json:"spec,omitempty"` - Status *NetworkStatusApplyConfiguration `json:"status,omitempty"` + // spec holds user settable values for configuration. + // As a general rule, this SHOULD NOT be read directly. Instead, you should + // consume the NetworkStatus, as it indicates the currently deployed configuration. + // Currently, most spec fields are immutable after installation. Please view the individual ones for further details on each. + Spec *NetworkSpecApplyConfiguration `json:"spec,omitempty"` + // status holds observed values from the cluster. They may not be overridden. + Status *NetworkStatusApplyConfiguration `json:"status,omitempty"` } // Network constructs a declarative configuration of the Network type for use with @@ -30,6 +42,26 @@ func Network(name string) *NetworkApplyConfiguration { return b } +// ExtractNetworkFrom extracts the applied configuration owned by fieldManager from +// network for the specified subresource. Pass an empty string for subresource to extract +// the main resource. Common subresources include "status", "scale", etc. +// network must be a unmodified Network API object that was retrieved from the Kubernetes API. +// ExtractNetworkFrom provides a way to perform a extract/modify-in-place/apply workflow. +// Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously +// applied if another fieldManager has updated or force applied any of the previously applied fields. +func ExtractNetworkFrom(network *configv1.Network, fieldManager string, subresource string) (*NetworkApplyConfiguration, error) { + b := &NetworkApplyConfiguration{} + err := managedfields.ExtractInto(network, internal.Parser().Type("com.github.openshift.api.config.v1.Network"), fieldManager, b, subresource) + if err != nil { + return nil, err + } + b.WithName(network.Name) + + b.WithKind("Network") + b.WithAPIVersion("config.openshift.io/v1") + return b, nil +} + // ExtractNetwork extracts the applied configuration owned by fieldManager from // network. If no managedFields are found in network for fieldManager, a // NetworkApplyConfiguration is returned with only the Name, Namespace (if applicable), @@ -40,30 +72,16 @@ func Network(name string) *NetworkApplyConfiguration { // ExtractNetwork provides a way to perform a extract/modify-in-place/apply workflow. // Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously // applied if another fieldManager has updated or force applied any of the previously applied fields. -// Experimental! func ExtractNetwork(network *configv1.Network, fieldManager string) (*NetworkApplyConfiguration, error) { - return extractNetwork(network, fieldManager, "") + return ExtractNetworkFrom(network, fieldManager, "") } -// ExtractNetworkStatus is the same as ExtractNetwork except -// that it extracts the status subresource applied configuration. -// Experimental! +// ExtractNetworkStatus extracts the applied configuration owned by fieldManager from +// network for the status subresource. func ExtractNetworkStatus(network *configv1.Network, fieldManager string) (*NetworkApplyConfiguration, error) { - return extractNetwork(network, fieldManager, "status") + return ExtractNetworkFrom(network, fieldManager, "status") } -func extractNetwork(network *configv1.Network, fieldManager string, subresource string) (*NetworkApplyConfiguration, error) { - b := &NetworkApplyConfiguration{} - err := managedfields.ExtractInto(network, internal.Parser().Type("com.github.openshift.api.config.v1.Network"), fieldManager, b, subresource) - if err != nil { - return nil, err - } - b.WithName(network.Name) - - b.WithKind("Network") - b.WithAPIVersion("config.openshift.io/v1") - return b, nil -} func (b NetworkApplyConfiguration) IsApplyConfiguration() {} // WithKind sets the Kind field in the declarative configuration to the given value diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/networkdiagnostics.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/networkdiagnostics.go index a2624dc5b..3e8db03d5 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/networkdiagnostics.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/networkdiagnostics.go @@ -8,9 +8,22 @@ import ( // NetworkDiagnosticsApplyConfiguration represents a declarative configuration of the NetworkDiagnostics type for use // with apply. +// +// NetworkDiagnostics defines network diagnostics configuration type NetworkDiagnosticsApplyConfiguration struct { - Mode *configv1.NetworkDiagnosticsMode `json:"mode,omitempty"` + // mode controls the network diagnostics mode + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // The current default is All. + Mode *configv1.NetworkDiagnosticsMode `json:"mode,omitempty"` + // sourcePlacement controls the scheduling of network diagnostics source deployment + // + // See NetworkDiagnosticsSourcePlacement for more details about default values. SourcePlacement *NetworkDiagnosticsSourcePlacementApplyConfiguration `json:"sourcePlacement,omitempty"` + // targetPlacement controls the scheduling of network diagnostics target daemonset + // + // See NetworkDiagnosticsTargetPlacement for more details about default values. TargetPlacement *NetworkDiagnosticsTargetPlacementApplyConfiguration `json:"targetPlacement,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/networkdiagnosticssourceplacement.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/networkdiagnosticssourceplacement.go index a1960ba9f..9b21cd5e7 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/networkdiagnosticssourceplacement.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/networkdiagnosticssourceplacement.go @@ -8,9 +8,21 @@ import ( // NetworkDiagnosticsSourcePlacementApplyConfiguration represents a declarative configuration of the NetworkDiagnosticsSourcePlacement type for use // with apply. +// +// NetworkDiagnosticsSourcePlacement defines node scheduling configuration network diagnostics source components type NetworkDiagnosticsSourcePlacementApplyConfiguration struct { - NodeSelector map[string]string `json:"nodeSelector,omitempty"` - Tolerations []corev1.Toleration `json:"tolerations,omitempty"` + // nodeSelector is the node selector applied to network diagnostics components + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // The current default is `kubernetes.io/os: linux`. + NodeSelector map[string]string `json:"nodeSelector,omitempty"` + // tolerations is a list of tolerations applied to network diagnostics components + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // The current default is an empty list. + Tolerations []corev1.Toleration `json:"tolerations,omitempty"` } // NetworkDiagnosticsSourcePlacementApplyConfiguration constructs a declarative configuration of the NetworkDiagnosticsSourcePlacement type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/networkdiagnosticstargetplacement.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/networkdiagnosticstargetplacement.go index ba0dbab8a..f6bd8fb82 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/networkdiagnosticstargetplacement.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/networkdiagnosticstargetplacement.go @@ -8,9 +8,21 @@ import ( // NetworkDiagnosticsTargetPlacementApplyConfiguration represents a declarative configuration of the NetworkDiagnosticsTargetPlacement type for use // with apply. +// +// NetworkDiagnosticsTargetPlacement defines node scheduling configuration network diagnostics target components type NetworkDiagnosticsTargetPlacementApplyConfiguration struct { - NodeSelector map[string]string `json:"nodeSelector,omitempty"` - Tolerations []corev1.Toleration `json:"tolerations,omitempty"` + // nodeSelector is the node selector applied to network diagnostics components + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // The current default is `kubernetes.io/os: linux`. + NodeSelector map[string]string `json:"nodeSelector,omitempty"` + // tolerations is a list of tolerations applied to network diagnostics components + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // The current default is `- operator: "Exists"` which means that all taints are tolerated. + Tolerations []corev1.Toleration `json:"tolerations,omitempty"` } // NetworkDiagnosticsTargetPlacementApplyConfiguration constructs a declarative configuration of the NetworkDiagnosticsTargetPlacement type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/networkmigration.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/networkmigration.go index 9c8294746..d6fffb597 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/networkmigration.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/networkmigration.go @@ -4,9 +4,15 @@ package v1 // NetworkMigrationApplyConfiguration represents a declarative configuration of the NetworkMigration type for use // with apply. +// +// NetworkMigration represents the network migration status. type NetworkMigrationApplyConfiguration struct { - NetworkType *string `json:"networkType,omitempty"` - MTU *MTUMigrationApplyConfiguration `json:"mtu,omitempty"` + // networkType is the target plugin that is being deployed. + // DEPRECATED: network type migration is no longer supported, + // so this should always be unset. + NetworkType *string `json:"networkType,omitempty"` + // mtu is the MTU configuration that is being deployed. + MTU *MTUMigrationApplyConfiguration `json:"mtu,omitempty"` } // NetworkMigrationApplyConfiguration constructs a declarative configuration of the NetworkMigration type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/networkobservabilityspec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/networkobservabilityspec.go new file mode 100644 index 000000000..1ccd98076 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/networkobservabilityspec.go @@ -0,0 +1,33 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +import ( + configv1 "github.com/openshift/api/config/v1" +) + +// NetworkObservabilitySpecApplyConfiguration represents a declarative configuration of the NetworkObservabilitySpec type for use +// with apply. +// +// NetworkObservabilitySpec defines the configuration for network observability installation +type NetworkObservabilitySpecApplyConfiguration struct { + // installationPolicy controls whether network observability is installed during cluster deployment. + // Valid values are "InstallAndEnable" and "NoAction". + // When set to "InstallAndEnable", ensure that network observability will be installed and enabled on the cluster. If already installed, no action taken, but if it gets uninstalled, it will install it again. + // When set to "NoAction", nothing will be done regarding Network observability. + InstallationPolicy *configv1.NetworkObservabilityInstallationPolicy `json:"installationPolicy,omitempty"` +} + +// NetworkObservabilitySpecApplyConfiguration constructs a declarative configuration of the NetworkObservabilitySpec type for use with +// apply. +func NetworkObservabilitySpec() *NetworkObservabilitySpecApplyConfiguration { + return &NetworkObservabilitySpecApplyConfiguration{} +} + +// WithInstallationPolicy sets the InstallationPolicy field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the InstallationPolicy field is set to the value of the last call. +func (b *NetworkObservabilitySpecApplyConfiguration) WithInstallationPolicy(value configv1.NetworkObservabilityInstallationPolicy) *NetworkObservabilitySpecApplyConfiguration { + b.InstallationPolicy = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/networkspec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/networkspec.go index d4e970e34..27e7480ec 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/networkspec.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/networkspec.go @@ -4,13 +4,48 @@ package v1 // NetworkSpecApplyConfiguration represents a declarative configuration of the NetworkSpec type for use // with apply. +// +// NetworkSpec is the desired network configuration. +// As a general rule, this SHOULD NOT be read directly. Instead, you should +// consume the NetworkStatus, as it indicates the currently deployed configuration. +// Currently, most spec fields are immutable after installation. Please view the individual ones for further details on each. type NetworkSpecApplyConfiguration struct { - ClusterNetwork []ClusterNetworkEntryApplyConfiguration `json:"clusterNetwork,omitempty"` - ServiceNetwork []string `json:"serviceNetwork,omitempty"` - NetworkType *string `json:"networkType,omitempty"` - ExternalIP *ExternalIPConfigApplyConfiguration `json:"externalIP,omitempty"` - ServiceNodePortRange *string `json:"serviceNodePortRange,omitempty"` - NetworkDiagnostics *NetworkDiagnosticsApplyConfiguration `json:"networkDiagnostics,omitempty"` + // IP address pool to use for pod IPs. + // This field is immutable after installation. + ClusterNetwork []ClusterNetworkEntryApplyConfiguration `json:"clusterNetwork,omitempty"` + // IP address pool for services. + // Currently, we only support a single entry here. + // This field is immutable after installation. + ServiceNetwork []string `json:"serviceNetwork,omitempty"` + // networkType is the plugin that is to be deployed (e.g. OVNKubernetes). + // This should match a value that the cluster-network-operator understands, + // or else no networking will be installed. + // Currently supported values are: + // - OVNKubernetes + // This field is immutable after installation. + NetworkType *string `json:"networkType,omitempty"` + // externalIP defines configuration for controllers that + // affect Service.ExternalIP. If nil, then ExternalIP is + // not allowed to be set. + ExternalIP *ExternalIPConfigApplyConfiguration `json:"externalIP,omitempty"` + // The port range allowed for Services of type NodePort. + // If not specified, the default of 30000-32767 will be used. + // Such Services without a NodePort specified will have one + // automatically allocated from this range. + // This parameter can be updated after the cluster is + // installed. + ServiceNodePortRange *string `json:"serviceNodePortRange,omitempty"` + // networkDiagnostics defines network diagnostics configuration. + // + // Takes precedence over spec.disableNetworkDiagnostics in network.operator.openshift.io. + // If networkDiagnostics is not specified or is empty, + // and the spec.disableNetworkDiagnostics flag in network.operator.openshift.io is set to true, + // the network diagnostics feature will be disabled. + NetworkDiagnostics *NetworkDiagnosticsApplyConfiguration `json:"networkDiagnostics,omitempty"` + // networkObservability is an optional field that configures network observability installation + // during cluster deployment (day-0). + // When omitted, unless this is a SNO cluster, network observability will be installed if not already present, after that, no action taken. + NetworkObservability *NetworkObservabilitySpecApplyConfiguration `json:"networkObservability,omitempty"` } // NetworkSpecApplyConfiguration constructs a declarative configuration of the NetworkSpec type for use with @@ -73,3 +108,11 @@ func (b *NetworkSpecApplyConfiguration) WithNetworkDiagnostics(value *NetworkDia b.NetworkDiagnostics = value return b } + +// WithNetworkObservability sets the NetworkObservability field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the NetworkObservability field is set to the value of the last call. +func (b *NetworkSpecApplyConfiguration) WithNetworkObservability(value *NetworkObservabilitySpecApplyConfiguration) *NetworkSpecApplyConfiguration { + b.NetworkObservability = value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/networkstatus.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/networkstatus.go index de3697ed7..43a1533c1 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/networkstatus.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/networkstatus.go @@ -8,13 +8,23 @@ import ( // NetworkStatusApplyConfiguration represents a declarative configuration of the NetworkStatus type for use // with apply. +// +// NetworkStatus is the current network configuration. type NetworkStatusApplyConfiguration struct { - ClusterNetwork []ClusterNetworkEntryApplyConfiguration `json:"clusterNetwork,omitempty"` - ServiceNetwork []string `json:"serviceNetwork,omitempty"` - NetworkType *string `json:"networkType,omitempty"` - ClusterNetworkMTU *int `json:"clusterNetworkMTU,omitempty"` - Migration *NetworkMigrationApplyConfiguration `json:"migration,omitempty"` - Conditions []metav1.ConditionApplyConfiguration `json:"conditions,omitempty"` + // IP address pool to use for pod IPs. + ClusterNetwork []ClusterNetworkEntryApplyConfiguration `json:"clusterNetwork,omitempty"` + // IP address pool for services. + // Currently, we only support a single entry here. + ServiceNetwork []string `json:"serviceNetwork,omitempty"` + // networkType is the plugin that is deployed (e.g. OVNKubernetes). + NetworkType *string `json:"networkType,omitempty"` + // clusterNetworkMTU is the MTU for inter-pod networking. + ClusterNetworkMTU *int `json:"clusterNetworkMTU,omitempty"` + // migration contains the cluster network migration configuration. + Migration *NetworkMigrationApplyConfiguration `json:"migration,omitempty"` + // conditions represents the observations of a network.config current state. + // Known .status.conditions.type are: "NetworkDiagnosticsAvailable" + Conditions []metav1.ConditionApplyConfiguration `json:"conditions,omitempty"` } // NetworkStatusApplyConfiguration constructs a declarative configuration of the NetworkStatus type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/node.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/node.go index c66357229..973b721a0 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/node.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/node.go @@ -13,11 +13,19 @@ import ( // NodeApplyConfiguration represents a declarative configuration of the Node type for use // with apply. +// +// Node holds cluster-wide information about node specific features. +// +// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). type NodeApplyConfiguration struct { - metav1.TypeMetaApplyConfiguration `json:",inline"` + metav1.TypeMetaApplyConfiguration `json:",inline"` + // metadata is the standard object's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata *metav1.ObjectMetaApplyConfiguration `json:"metadata,omitempty"` - Spec *NodeSpecApplyConfiguration `json:"spec,omitempty"` - Status *NodeStatusApplyConfiguration `json:"status,omitempty"` + // spec holds user settable values for configuration + Spec *NodeSpecApplyConfiguration `json:"spec,omitempty"` + // status holds observed values. + Status *NodeStatusApplyConfiguration `json:"status,omitempty"` } // Node constructs a declarative configuration of the Node type for use with @@ -30,6 +38,26 @@ func Node(name string) *NodeApplyConfiguration { return b } +// ExtractNodeFrom extracts the applied configuration owned by fieldManager from +// node for the specified subresource. Pass an empty string for subresource to extract +// the main resource. Common subresources include "status", "scale", etc. +// node must be a unmodified Node API object that was retrieved from the Kubernetes API. +// ExtractNodeFrom provides a way to perform a extract/modify-in-place/apply workflow. +// Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously +// applied if another fieldManager has updated or force applied any of the previously applied fields. +func ExtractNodeFrom(node *configv1.Node, fieldManager string, subresource string) (*NodeApplyConfiguration, error) { + b := &NodeApplyConfiguration{} + err := managedfields.ExtractInto(node, internal.Parser().Type("com.github.openshift.api.config.v1.Node"), fieldManager, b, subresource) + if err != nil { + return nil, err + } + b.WithName(node.Name) + + b.WithKind("Node") + b.WithAPIVersion("config.openshift.io/v1") + return b, nil +} + // ExtractNode extracts the applied configuration owned by fieldManager from // node. If no managedFields are found in node for fieldManager, a // NodeApplyConfiguration is returned with only the Name, Namespace (if applicable), @@ -40,30 +68,16 @@ func Node(name string) *NodeApplyConfiguration { // ExtractNode provides a way to perform a extract/modify-in-place/apply workflow. // Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously // applied if another fieldManager has updated or force applied any of the previously applied fields. -// Experimental! func ExtractNode(node *configv1.Node, fieldManager string) (*NodeApplyConfiguration, error) { - return extractNode(node, fieldManager, "") + return ExtractNodeFrom(node, fieldManager, "") } -// ExtractNodeStatus is the same as ExtractNode except -// that it extracts the status subresource applied configuration. -// Experimental! +// ExtractNodeStatus extracts the applied configuration owned by fieldManager from +// node for the status subresource. func ExtractNodeStatus(node *configv1.Node, fieldManager string) (*NodeApplyConfiguration, error) { - return extractNode(node, fieldManager, "status") + return ExtractNodeFrom(node, fieldManager, "status") } -func extractNode(node *configv1.Node, fieldManager string, subresource string) (*NodeApplyConfiguration, error) { - b := &NodeApplyConfiguration{} - err := managedfields.ExtractInto(node, internal.Parser().Type("com.github.openshift.api.config.v1.Node"), fieldManager, b, subresource) - if err != nil { - return nil, err - } - b.WithName(node.Name) - - b.WithKind("Node") - b.WithAPIVersion("config.openshift.io/v1") - return b, nil -} func (b NodeApplyConfiguration) IsApplyConfiguration() {} // WithKind sets the Kind field in the declarative configuration to the given value diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/nodespec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/nodespec.go index a0732e78a..33b70402d 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/nodespec.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/nodespec.go @@ -9,9 +9,25 @@ import ( // NodeSpecApplyConfiguration represents a declarative configuration of the NodeSpec type for use // with apply. type NodeSpecApplyConfiguration struct { - CgroupMode *configv1.CgroupMode `json:"cgroupMode,omitempty"` - WorkerLatencyProfile *configv1.WorkerLatencyProfileType `json:"workerLatencyProfile,omitempty"` - MinimumKubeletVersion *string `json:"minimumKubeletVersion,omitempty"` + // cgroupMode determines the cgroups version on the node + CgroupMode *configv1.CgroupMode `json:"cgroupMode,omitempty"` + // workerLatencyProfile determins the how fast the kubelet is updating + // the status and corresponding reaction of the cluster + WorkerLatencyProfile *configv1.WorkerLatencyProfileType `json:"workerLatencyProfile,omitempty"` + // minimumKubeletVersion is the lowest version of a kubelet that can join the cluster. + // Specifically, the apiserver will deny most authorization requests of kubelets that are older + // than the specified version, only allowing the kubelet to get and update its node object, and perform + // subjectaccessreviews. + // This means any kubelet that attempts to join the cluster will not be able to run any assigned workloads, + // and will eventually be marked as not ready. + // Its max length is 8, so maximum version allowed is either "9.999.99" or "99.99.99". + // Since the kubelet reports the version of the kubernetes release, not Openshift, this field references + // the underlying kubernetes version this version of Openshift is based off of. + // In other words: if an admin wishes to ensure no nodes run an older version than Openshift 4.17, then + // they should set the minimumKubeletVersion to 1.30.0. + // When comparing versions, the kubelet's version is stripped of any contents outside of major.minor.patch version. + // Thus, a kubelet with version "1.0.0-ec.0" will be compatible with minimumKubeletVersion "1.0.0" or earlier. + MinimumKubeletVersion *string `json:"minimumKubeletVersion,omitempty"` } // NodeSpecApplyConfiguration constructs a declarative configuration of the NodeSpec type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/nodestatus.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/nodestatus.go index ee6ebd99e..009495ca5 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/nodestatus.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/nodestatus.go @@ -9,6 +9,7 @@ import ( // NodeStatusApplyConfiguration represents a declarative configuration of the NodeStatus type for use // with apply. type NodeStatusApplyConfiguration struct { + // conditions contain the details and the current state of the nodes.config object Conditions []metav1.ConditionApplyConfiguration `json:"conditions,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/nutanixfailuredomain.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/nutanixfailuredomain.go index 31d77a83e..98f175f55 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/nutanixfailuredomain.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/nutanixfailuredomain.go @@ -4,9 +4,23 @@ package v1 // NutanixFailureDomainApplyConfiguration represents a declarative configuration of the NutanixFailureDomain type for use // with apply. +// +// NutanixFailureDomain configures failure domain information for the Nutanix platform. type NutanixFailureDomainApplyConfiguration struct { - Name *string `json:"name,omitempty"` - Cluster *NutanixResourceIdentifierApplyConfiguration `json:"cluster,omitempty"` + // name defines the unique name of a failure domain. + // Name is required and must be at most 64 characters in length. + // It must consist of only lower case alphanumeric characters and hyphens (-). + // It must start and end with an alphanumeric character. + // This value is arbitrary and is used to identify the failure domain within the platform. + Name *string `json:"name,omitempty"` + // cluster is to identify the cluster (the Prism Element under management of the Prism Central), + // in which the Machine's VM will be created. The cluster identifier (uuid or name) can be obtained + // from the Prism Central console or using the prism_central API. + Cluster *NutanixResourceIdentifierApplyConfiguration `json:"cluster,omitempty"` + // subnets holds a list of identifiers (one or more) of the cluster's network subnets + // If the feature gate NutanixMultiSubnets is enabled, up to 32 subnets may be configured. + // for the Machine's VM to connect to. The subnet identifiers (uuid or name) can be + // obtained from the Prism Central console or using the prism_central API. Subnets []NutanixResourceIdentifierApplyConfiguration `json:"subnets,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/nutanixplatformloadbalancer.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/nutanixplatformloadbalancer.go index 84d3b7ade..6f90a6fe0 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/nutanixplatformloadbalancer.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/nutanixplatformloadbalancer.go @@ -8,7 +8,18 @@ import ( // NutanixPlatformLoadBalancerApplyConfiguration represents a declarative configuration of the NutanixPlatformLoadBalancer type for use // with apply. +// +// NutanixPlatformLoadBalancer defines the load balancer used by the cluster on Nutanix platform. type NutanixPlatformLoadBalancerApplyConfiguration struct { + // type defines the type of load balancer used by the cluster on Nutanix platform + // which can be a user-managed or openshift-managed load balancer + // that is to be used for the OpenShift API and Ingress endpoints. + // When set to OpenShiftManagedDefault the static pods in charge of API and Ingress traffic load-balancing + // defined in the machine config operator will be deployed. + // When set to UserManaged these static pods will not be deployed and it is expected that + // the load balancer is configured out of band by the deployer. + // When omitted, this means no opinion and the platform is left to choose a reasonable default. + // The default value is OpenShiftManagedDefault. Type *configv1.PlatformLoadBalancerType `json:"type,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/nutanixplatformspec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/nutanixplatformspec.go index 8f7cb9842..f23258e50 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/nutanixplatformspec.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/nutanixplatformspec.go @@ -4,10 +4,25 @@ package v1 // NutanixPlatformSpecApplyConfiguration represents a declarative configuration of the NutanixPlatformSpec type for use // with apply. +// +// NutanixPlatformSpec holds the desired state of the Nutanix infrastructure provider. +// This only includes fields that can be modified in the cluster. type NutanixPlatformSpecApplyConfiguration struct { - PrismCentral *NutanixPrismEndpointApplyConfiguration `json:"prismCentral,omitempty"` - PrismElements []NutanixPrismElementEndpointApplyConfiguration `json:"prismElements,omitempty"` - FailureDomains []NutanixFailureDomainApplyConfiguration `json:"failureDomains,omitempty"` + // prismCentral holds the endpoint address and port to access the Nutanix Prism Central. + // When a cluster-wide proxy is installed, by default, this endpoint will be accessed via the proxy. + // Should you wish for communication with this endpoint not to be proxied, please add the endpoint to the + // proxy spec.noProxy list. + PrismCentral *NutanixPrismEndpointApplyConfiguration `json:"prismCentral,omitempty"` + // prismElements holds one or more endpoint address and port data to access the Nutanix + // Prism Elements (clusters) of the Nutanix Prism Central. Currently we only support one + // Prism Element (cluster) for an OpenShift cluster, where all the Nutanix resources (VMs, subnets, volumes, etc.) + // used in the OpenShift cluster are located. In the future, we may support Nutanix resources (VMs, etc.) + // spread over multiple Prism Elements (clusters) of the Prism Central. + PrismElements []NutanixPrismElementEndpointApplyConfiguration `json:"prismElements,omitempty"` + // failureDomains configures failure domains information for the Nutanix platform. + // When set, the failure domains defined here may be used to spread Machines across + // prism element clusters to improve fault tolerance of the cluster. + FailureDomains []NutanixFailureDomainApplyConfiguration `json:"failureDomains,omitempty"` } // NutanixPlatformSpecApplyConfiguration constructs a declarative configuration of the NutanixPlatformSpec type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/nutanixplatformstatus.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/nutanixplatformstatus.go index 5c61ef980..ea9c150d7 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/nutanixplatformstatus.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/nutanixplatformstatus.go @@ -8,13 +8,47 @@ import ( // NutanixPlatformStatusApplyConfiguration represents a declarative configuration of the NutanixPlatformStatus type for use // with apply. +// +// NutanixPlatformStatus holds the current status of the Nutanix infrastructure provider. type NutanixPlatformStatusApplyConfiguration struct { - APIServerInternalIP *string `json:"apiServerInternalIP,omitempty"` - APIServerInternalIPs []string `json:"apiServerInternalIPs,omitempty"` - IngressIP *string `json:"ingressIP,omitempty"` - IngressIPs []string `json:"ingressIPs,omitempty"` - LoadBalancer *NutanixPlatformLoadBalancerApplyConfiguration `json:"loadBalancer,omitempty"` - DNSRecordsType *configv1.DNSRecordsType `json:"dnsRecordsType,omitempty"` + // apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used + // by components inside the cluster, like kubelets using the infrastructure rather + // than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI + // points to. It is the IP for a self-hosted load balancer in front of the API servers. + // + // Deprecated: Use APIServerInternalIPs instead. + APIServerInternalIP *string `json:"apiServerInternalIP,omitempty"` + // apiServerInternalIPs are the IP addresses to contact the Kubernetes API + // server that can be used by components inside the cluster, like kubelets + // using the infrastructure rather than Kubernetes networking. These are the + // IPs for a self-hosted load balancer in front of the API servers. In dual + // stack clusters this list contains two IPs otherwise only one. + APIServerInternalIPs []string `json:"apiServerInternalIPs,omitempty"` + // ingressIP is an external IP which routes to the default ingress controller. + // The IP is a suitable target of a wildcard DNS record used to resolve default route host names. + // + // Deprecated: Use IngressIPs instead. + IngressIP *string `json:"ingressIP,omitempty"` + // ingressIPs are the external IPs which route to the default ingress + // controller. The IPs are suitable targets of a wildcard DNS record used to + // resolve default route host names. In dual stack clusters this list + // contains two IPs otherwise only one. + IngressIPs []string `json:"ingressIPs,omitempty"` + // loadBalancer defines how the load balancer used by the cluster is configured. + LoadBalancer *NutanixPlatformLoadBalancerApplyConfiguration `json:"loadBalancer,omitempty"` + // dnsRecordsType determines whether records for api, api-int, and ingress + // are provided by the internal DNS service or externally. + // Allowed values are `Internal`, `External`, and omitted. + // When set to `Internal`, records are provided by the internal infrastructure and + // no additional user configuration is required for the cluster to function. + // When set to `External`, records are not provided by the internal infrastructure + // and must be configured by the user on a DNS server outside the cluster. + // Cluster nodes must use this external server for their upstream DNS requests. + // This value may only be set when loadBalancer.type is set to UserManaged. + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // The current default is `Internal`. + DNSRecordsType *configv1.DNSRecordsType `json:"dnsRecordsType,omitempty"` } // NutanixPlatformStatusApplyConfiguration constructs a declarative configuration of the NutanixPlatformStatus type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/nutanixprismelementendpoint.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/nutanixprismelementendpoint.go index 2e59ff235..82fd902fd 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/nutanixprismelementendpoint.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/nutanixprismelementendpoint.go @@ -4,8 +4,16 @@ package v1 // NutanixPrismElementEndpointApplyConfiguration represents a declarative configuration of the NutanixPrismElementEndpoint type for use // with apply. +// +// NutanixPrismElementEndpoint holds the name and endpoint data for a Prism Element (cluster) type NutanixPrismElementEndpointApplyConfiguration struct { - Name *string `json:"name,omitempty"` + // name is the name of the Prism Element (cluster). This value will correspond with + // the cluster field configured on other resources (eg Machines, PVCs, etc). + Name *string `json:"name,omitempty"` + // endpoint holds the endpoint address and port data of the Prism Element (cluster). + // When a cluster-wide proxy is installed, by default, this endpoint will be accessed via the proxy. + // Should you wish for communication with this endpoint not to be proxied, please add the endpoint to the + // proxy spec.noProxy list. Endpoint *NutanixPrismEndpointApplyConfiguration `json:"endpoint,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/nutanixprismendpoint.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/nutanixprismendpoint.go index 8012c2cb2..8df7c656d 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/nutanixprismendpoint.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/nutanixprismendpoint.go @@ -4,9 +4,13 @@ package v1 // NutanixPrismEndpointApplyConfiguration represents a declarative configuration of the NutanixPrismEndpoint type for use // with apply. +// +// NutanixPrismEndpoint holds the endpoint address and port to access the Nutanix Prism Central or Element (cluster) type NutanixPrismEndpointApplyConfiguration struct { + // address is the endpoint address (DNS name or IP address) of the Nutanix Prism Central or Element (cluster) Address *string `json:"address,omitempty"` - Port *int32 `json:"port,omitempty"` + // port is the port number to access the Nutanix Prism Central or Element (cluster) + Port *int32 `json:"port,omitempty"` } // NutanixPrismEndpointApplyConfiguration constructs a declarative configuration of the NutanixPrismEndpoint type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/nutanixresourceidentifier.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/nutanixresourceidentifier.go index 5e9b095d8..35ac7b08f 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/nutanixresourceidentifier.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/nutanixresourceidentifier.go @@ -8,10 +8,15 @@ import ( // NutanixResourceIdentifierApplyConfiguration represents a declarative configuration of the NutanixResourceIdentifier type for use // with apply. +// +// NutanixResourceIdentifier holds the identity of a Nutanix PC resource (cluster, image, subnet, etc.) type NutanixResourceIdentifierApplyConfiguration struct { + // type is the identifier type to use for this resource. Type *configv1.NutanixIdentifierType `json:"type,omitempty"` - UUID *string `json:"uuid,omitempty"` - Name *string `json:"name,omitempty"` + // uuid is the UUID of the resource in the PC. It cannot be empty if the type is UUID. + UUID *string `json:"uuid,omitempty"` + // name is the resource name in the PC. It cannot be empty if the type is Name. + Name *string `json:"name,omitempty"` } // NutanixResourceIdentifierApplyConfiguration constructs a declarative configuration of the NutanixResourceIdentifier type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/oauth.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/oauth.go index 37725fb7c..05ca60505 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/oauth.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/oauth.go @@ -13,11 +13,21 @@ import ( // OAuthApplyConfiguration represents a declarative configuration of the OAuth type for use // with apply. +// +// OAuth holds cluster-wide information about OAuth. The canonical name is `cluster`. +// It is used to configure the integrated OAuth server. +// This configuration is only honored when the top level Authentication config has type set to IntegratedOAuth. +// +// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). type OAuthApplyConfiguration struct { - metav1.TypeMetaApplyConfiguration `json:",inline"` + metav1.TypeMetaApplyConfiguration `json:",inline"` + // metadata is the standard object's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata *metav1.ObjectMetaApplyConfiguration `json:"metadata,omitempty"` - Spec *OAuthSpecApplyConfiguration `json:"spec,omitempty"` - Status *configv1.OAuthStatus `json:"status,omitempty"` + // spec holds user settable values for configuration + Spec *OAuthSpecApplyConfiguration `json:"spec,omitempty"` + // status holds observed values from the cluster. They may not be overridden. + Status *configv1.OAuthStatus `json:"status,omitempty"` } // OAuth constructs a declarative configuration of the OAuth type for use with @@ -30,6 +40,26 @@ func OAuth(name string) *OAuthApplyConfiguration { return b } +// ExtractOAuthFrom extracts the applied configuration owned by fieldManager from +// oAuth for the specified subresource. Pass an empty string for subresource to extract +// the main resource. Common subresources include "status", "scale", etc. +// oAuth must be a unmodified OAuth API object that was retrieved from the Kubernetes API. +// ExtractOAuthFrom provides a way to perform a extract/modify-in-place/apply workflow. +// Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously +// applied if another fieldManager has updated or force applied any of the previously applied fields. +func ExtractOAuthFrom(oAuth *configv1.OAuth, fieldManager string, subresource string) (*OAuthApplyConfiguration, error) { + b := &OAuthApplyConfiguration{} + err := managedfields.ExtractInto(oAuth, internal.Parser().Type("com.github.openshift.api.config.v1.OAuth"), fieldManager, b, subresource) + if err != nil { + return nil, err + } + b.WithName(oAuth.Name) + + b.WithKind("OAuth") + b.WithAPIVersion("config.openshift.io/v1") + return b, nil +} + // ExtractOAuth extracts the applied configuration owned by fieldManager from // oAuth. If no managedFields are found in oAuth for fieldManager, a // OAuthApplyConfiguration is returned with only the Name, Namespace (if applicable), @@ -40,30 +70,16 @@ func OAuth(name string) *OAuthApplyConfiguration { // ExtractOAuth provides a way to perform a extract/modify-in-place/apply workflow. // Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously // applied if another fieldManager has updated or force applied any of the previously applied fields. -// Experimental! func ExtractOAuth(oAuth *configv1.OAuth, fieldManager string) (*OAuthApplyConfiguration, error) { - return extractOAuth(oAuth, fieldManager, "") + return ExtractOAuthFrom(oAuth, fieldManager, "") } -// ExtractOAuthStatus is the same as ExtractOAuth except -// that it extracts the status subresource applied configuration. -// Experimental! +// ExtractOAuthStatus extracts the applied configuration owned by fieldManager from +// oAuth for the status subresource. func ExtractOAuthStatus(oAuth *configv1.OAuth, fieldManager string) (*OAuthApplyConfiguration, error) { - return extractOAuth(oAuth, fieldManager, "status") + return ExtractOAuthFrom(oAuth, fieldManager, "status") } -func extractOAuth(oAuth *configv1.OAuth, fieldManager string, subresource string) (*OAuthApplyConfiguration, error) { - b := &OAuthApplyConfiguration{} - err := managedfields.ExtractInto(oAuth, internal.Parser().Type("com.github.openshift.api.config.v1.OAuth"), fieldManager, b, subresource) - if err != nil { - return nil, err - } - b.WithName(oAuth.Name) - - b.WithKind("OAuth") - b.WithAPIVersion("config.openshift.io/v1") - return b, nil -} func (b OAuthApplyConfiguration) IsApplyConfiguration() {} // WithKind sets the Kind field in the declarative configuration to the given value diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/oauthremoteconnectioninfo.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/oauthremoteconnectioninfo.go index 3b348819d..7d5270309 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/oauthremoteconnectioninfo.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/oauthremoteconnectioninfo.go @@ -4,11 +4,33 @@ package v1 // OAuthRemoteConnectionInfoApplyConfiguration represents a declarative configuration of the OAuthRemoteConnectionInfo type for use // with apply. +// +// OAuthRemoteConnectionInfo holds information necessary for establishing a remote connection type OAuthRemoteConnectionInfoApplyConfiguration struct { - URL *string `json:"url,omitempty"` - CA *ConfigMapNameReferenceApplyConfiguration `json:"ca,omitempty"` - TLSClientCert *SecretNameReferenceApplyConfiguration `json:"tlsClientCert,omitempty"` - TLSClientKey *SecretNameReferenceApplyConfiguration `json:"tlsClientKey,omitempty"` + // url is the remote URL to connect to + URL *string `json:"url,omitempty"` + // ca is an optional reference to a config map by name containing the PEM-encoded CA bundle. + // It is used as a trust anchor to validate the TLS certificate presented by the remote server. + // The key "ca.crt" is used to locate the data. + // If specified and the config map or expected key is not found, the identity provider is not honored. + // If the specified ca data is not valid, the identity provider is not honored. + // If empty, the default system roots are used. + // The namespace for this config map is openshift-config. + CA *ConfigMapNameReferenceApplyConfiguration `json:"ca,omitempty"` + // tlsClientCert is an optional reference to a secret by name that contains the + // PEM-encoded TLS client certificate to present when connecting to the server. + // The key "tls.crt" is used to locate the data. + // If specified and the secret or expected key is not found, the identity provider is not honored. + // If the specified certificate data is not valid, the identity provider is not honored. + // The namespace for this secret is openshift-config. + TLSClientCert *SecretNameReferenceApplyConfiguration `json:"tlsClientCert,omitempty"` + // tlsClientKey is an optional reference to a secret by name that contains the + // PEM-encoded TLS private key for the client certificate referenced in tlsClientCert. + // The key "tls.key" is used to locate the data. + // If specified and the secret or expected key is not found, the identity provider is not honored. + // If the specified certificate data is not valid, the identity provider is not honored. + // The namespace for this secret is openshift-config. + TLSClientKey *SecretNameReferenceApplyConfiguration `json:"tlsClientKey,omitempty"` } // OAuthRemoteConnectionInfoApplyConfiguration constructs a declarative configuration of the OAuthRemoteConnectionInfo type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/oauthspec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/oauthspec.go index 5eacc05cb..1ea678273 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/oauthspec.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/oauthspec.go @@ -4,10 +4,16 @@ package v1 // OAuthSpecApplyConfiguration represents a declarative configuration of the OAuthSpec type for use // with apply. +// +// OAuthSpec contains desired cluster auth configuration type OAuthSpecApplyConfiguration struct { + // identityProviders is an ordered list of ways for a user to identify themselves. + // When this list is empty, no identities are provisioned for users. IdentityProviders []IdentityProviderApplyConfiguration `json:"identityProviders,omitempty"` - TokenConfig *TokenConfigApplyConfiguration `json:"tokenConfig,omitempty"` - Templates *OAuthTemplatesApplyConfiguration `json:"templates,omitempty"` + // tokenConfig contains options for authorization and access tokens + TokenConfig *TokenConfigApplyConfiguration `json:"tokenConfig,omitempty"` + // templates allow you to customize pages like the login page. + Templates *OAuthTemplatesApplyConfiguration `json:"templates,omitempty"` } // OAuthSpecApplyConfiguration constructs a declarative configuration of the OAuthSpec type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/oauthtemplates.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/oauthtemplates.go index 98bc5a0db..85ec763fc 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/oauthtemplates.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/oauthtemplates.go @@ -4,10 +4,32 @@ package v1 // OAuthTemplatesApplyConfiguration represents a declarative configuration of the OAuthTemplates type for use // with apply. +// +// OAuthTemplates allow for customization of pages like the login page type OAuthTemplatesApplyConfiguration struct { - Login *SecretNameReferenceApplyConfiguration `json:"login,omitempty"` + // login is the name of a secret that specifies a go template to use to render the login page. + // The key "login.html" is used to locate the template data. + // If specified and the secret or expected key is not found, the default login page is used. + // If the specified template is not valid, the default login page is used. + // If unspecified, the default login page is used. + // The namespace for this secret is openshift-config. + Login *SecretNameReferenceApplyConfiguration `json:"login,omitempty"` + // providerSelection is the name of a secret that specifies a go template to use to render + // the provider selection page. + // The key "providers.html" is used to locate the template data. + // If specified and the secret or expected key is not found, the default provider selection page is used. + // If the specified template is not valid, the default provider selection page is used. + // If unspecified, the default provider selection page is used. + // The namespace for this secret is openshift-config. ProviderSelection *SecretNameReferenceApplyConfiguration `json:"providerSelection,omitempty"` - Error *SecretNameReferenceApplyConfiguration `json:"error,omitempty"` + // error is the name of a secret that specifies a go template to use to render error pages + // during the authentication or grant flow. + // The key "errors.html" is used to locate the template data. + // If specified and the secret or expected key is not found, the default error page is used. + // If the specified template is not valid, the default error page is used. + // If unspecified, the default error page is used. + // The namespace for this secret is openshift-config. + Error *SecretNameReferenceApplyConfiguration `json:"error,omitempty"` } // OAuthTemplatesApplyConfiguration constructs a declarative configuration of the OAuthTemplates type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/objectreference.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/objectreference.go index dfbc465e7..96ce2cb96 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/objectreference.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/objectreference.go @@ -4,11 +4,17 @@ package v1 // ObjectReferenceApplyConfiguration represents a declarative configuration of the ObjectReference type for use // with apply. +// +// ObjectReference contains enough information to let you inspect or modify the referred object. type ObjectReferenceApplyConfiguration struct { - Group *string `json:"group,omitempty"` - Resource *string `json:"resource,omitempty"` + // group of the referent. + Group *string `json:"group,omitempty"` + // resource of the referent. + Resource *string `json:"resource,omitempty"` + // namespace of the referent. Namespace *string `json:"namespace,omitempty"` - Name *string `json:"name,omitempty"` + // name of the referent. + Name *string `json:"name,omitempty"` } // ObjectReferenceApplyConfiguration constructs a declarative configuration of the ObjectReference type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/oidcclientconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/oidcclientconfig.go index 65fa3dd46..a3d4e7471 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/oidcclientconfig.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/oidcclientconfig.go @@ -4,12 +4,41 @@ package v1 // OIDCClientConfigApplyConfiguration represents a declarative configuration of the OIDCClientConfig type for use // with apply. +// +// OIDCClientConfig configures how platform clients interact with identity providers as an authentication method. type OIDCClientConfigApplyConfiguration struct { - ComponentName *string `json:"componentName,omitempty"` - ComponentNamespace *string `json:"componentNamespace,omitempty"` - ClientID *string `json:"clientID,omitempty"` - ClientSecret *SecretNameReferenceApplyConfiguration `json:"clientSecret,omitempty"` - ExtraScopes []string `json:"extraScopes,omitempty"` + // componentName is a required field that specifies the name of the platform component being configured to use the identity provider as an authentication mode. + // + // It is used in combination with componentNamespace as a unique identifier. + // + // componentName must not be an empty string ("") and must not exceed 256 characters in length. + ComponentName *string `json:"componentName,omitempty"` + // componentNamespace is a required field that specifies the namespace in which the platform component being configured to use the identity provider as an authentication mode is running. + // + // It is used in combination with componentName as a unique identifier. + // + // componentNamespace must not be an empty string ("") and must not exceed 63 characters in length. + ComponentNamespace *string `json:"componentNamespace,omitempty"` + // clientID is a required field that configures the client identifier, from the identity provider, that the platform component uses for authentication requests made to the identity provider. + // The identity provider must accept this identifier for platform components to be able to use the identity provider as an authentication mode. + // + // clientID must not be an empty string (""). + ClientID *string `json:"clientID,omitempty"` + // clientSecret is an optional field that configures the client secret used by the platform component when making authentication requests to the identity provider. + // + // When not specified, no client secret will be used when making authentication requests to the identity provider. + // + // When specified, clientSecret references a Secret in the 'openshift-config' namespace that contains the client secret in the 'clientSecret' key of the '.data' field. + // + // The client secret will be used when making authentication requests to the identity provider. + // + // Public clients do not require a client secret but private clients do require a client secret to work with the identity provider. + ClientSecret *SecretNameReferenceApplyConfiguration `json:"clientSecret,omitempty"` + // extraScopes is an optional field that configures the extra scopes that should be requested by the platform component when making authentication requests to the identity provider. + // This is useful if you have configured claim mappings that requires specific scopes to be requested beyond the standard OIDC scopes. + // + // When omitted, no additional scopes are requested. + ExtraScopes []string `json:"extraScopes,omitempty"` } // OIDCClientConfigApplyConfiguration constructs a declarative configuration of the OIDCClientConfig type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/oidcclientreference.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/oidcclientreference.go index 5109305b2..f99461c40 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/oidcclientreference.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/oidcclientreference.go @@ -4,10 +4,22 @@ package v1 // OIDCClientReferenceApplyConfiguration represents a declarative configuration of the OIDCClientReference type for use // with apply. +// +// OIDCClientReference is a reference to a platform component +// client configuration. type OIDCClientReferenceApplyConfiguration struct { + // oidcProviderName is a required reference to the 'name' of the identity provider configured in 'oidcProviders' that this client is associated with. + // + // oidcProviderName must not be an empty string (""). OIDCProviderName *string `json:"oidcProviderName,omitempty"` - IssuerURL *string `json:"issuerURL,omitempty"` - ClientID *string `json:"clientID,omitempty"` + // issuerURL is a required field that specifies the URL of the identity provider that this client is configured to make requests against. + // + // issuerURL must use the 'https' scheme. + IssuerURL *string `json:"issuerURL,omitempty"` + // clientID is a required field that specifies the client identifier, from the identity provider, that the platform component is using for authentication requests made to the identity provider. + // + // clientID must not be empty. + ClientID *string `json:"clientID,omitempty"` } // OIDCClientReferenceApplyConfiguration constructs a declarative configuration of the OIDCClientReference type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/oidcclientstatus.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/oidcclientstatus.go index 5d365a87e..24b7cedb7 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/oidcclientstatus.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/oidcclientstatus.go @@ -9,12 +9,38 @@ import ( // OIDCClientStatusApplyConfiguration represents a declarative configuration of the OIDCClientStatus type for use // with apply. +// +// OIDCClientStatus represents the current state +// of platform components and how they interact with +// the configured identity providers. type OIDCClientStatusApplyConfiguration struct { - ComponentName *string `json:"componentName,omitempty"` - ComponentNamespace *string `json:"componentNamespace,omitempty"` + // componentName is a required field that specifies the name of the platform component using the identity provider as an authentication mode. + // It is used in combination with componentNamespace as a unique identifier. + // + // componentName must not be an empty string ("") and must not exceed 256 characters in length. + ComponentName *string `json:"componentName,omitempty"` + // componentNamespace is a required field that specifies the namespace in which the platform component using the identity provider as an authentication mode is running. + // + // It is used in combination with componentName as a unique identifier. + // + // componentNamespace must not be an empty string ("") and must not exceed 63 characters in length. + ComponentNamespace *string `json:"componentNamespace,omitempty"` + // currentOIDCClients is an optional list of clients that the component is currently using. + // + // Entries must have unique issuerURL/clientID pairs. CurrentOIDCClients []OIDCClientReferenceApplyConfiguration `json:"currentOIDCClients,omitempty"` - ConsumingUsers []configv1.ConsumingUser `json:"consumingUsers,omitempty"` - Conditions []metav1.ConditionApplyConfiguration `json:"conditions,omitempty"` + // consumingUsers is an optional list of ServiceAccounts requiring read permissions on the `clientSecret` secret. + // + // consumingUsers must not exceed 5 entries. + ConsumingUsers []configv1.ConsumingUser `json:"consumingUsers,omitempty"` + // conditions are used to communicate the state of the `oidcClients` entry. + // + // Supported conditions include Available, Degraded and Progressing. + // + // If Available is true, the component is successfully using the configured client. + // If Degraded is true, that means something has gone wrong trying to handle the client configuration. + // If Progressing is true, that means the component is taking some action related to the `oidcClients` entry. + Conditions []metav1.ConditionApplyConfiguration `json:"conditions,omitempty"` } // OIDCClientStatusApplyConfiguration constructs a declarative configuration of the OIDCClientStatus type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/oidcprovider.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/oidcprovider.go index 4f5aec3a5..4fb1c97eb 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/oidcprovider.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/oidcprovider.go @@ -5,12 +5,48 @@ package v1 // OIDCProviderApplyConfiguration represents a declarative configuration of the OIDCProvider type for use // with apply. type OIDCProviderApplyConfiguration struct { - Name *string `json:"name,omitempty"` - Issuer *TokenIssuerApplyConfiguration `json:"issuer,omitempty"` - OIDCClients []OIDCClientConfigApplyConfiguration `json:"oidcClients,omitempty"` - ClaimMappings *TokenClaimMappingsApplyConfiguration `json:"claimMappings,omitempty"` + // name is a required field that configures the unique human-readable identifier associated with the identity provider. + // It is used to distinguish between multiple identity providers and has no impact on token validation or authentication mechanics. + // + // name must not be an empty string (""). + Name *string `json:"name,omitempty"` + // issuer is a required field that configures how the platform interacts with the identity provider and how tokens issued from the identity provider are evaluated by the Kubernetes API server. + Issuer *TokenIssuerApplyConfiguration `json:"issuer,omitempty"` + // oidcClients is an optional field that configures how on-cluster, platform clients should request tokens from the identity provider. + // oidcClients must not exceed 20 entries and entries must have unique namespace/name pairs. + OIDCClients []OIDCClientConfigApplyConfiguration `json:"oidcClients,omitempty"` + // claimMappings is a required field that configures the rules to be used by the Kubernetes API server for translating claims in a JWT token, issued by the identity provider, to a cluster identity. + ClaimMappings *TokenClaimMappingsApplyConfiguration `json:"claimMappings,omitempty"` + // claimValidationRules is an optional field that configures the rules to be used by the Kubernetes API server for validating the claims in a JWT token issued by the identity provider. + // + // Validation rules are joined via an AND operation. ClaimValidationRules []TokenClaimValidationRuleApplyConfiguration `json:"claimValidationRules,omitempty"` - UserValidationRules []TokenUserValidationRuleApplyConfiguration `json:"userValidationRules,omitempty"` + // userValidationRules is an optional field that configures the set of rules used to validate the cluster user identity that was constructed via mapping token claims to user identity attributes. + // Rules are CEL expressions that must evaluate to 'true' for authentication to succeed. + // If any rule in the chain of rules evaluates to 'false', authentication will fail. + // When specified, at least one rule must be specified and no more than 64 rules may be specified. + UserValidationRules []TokenUserValidationRuleApplyConfiguration `json:"userValidationRules,omitempty"` + // externalClaimsSources is an optional field that can be used to configure + // sources, external to the token provided in a request, in which claims + // should be fetched from and made available to the claim mapping process + // that is used to build the identity of a token holder. + // + // For example, fetching additional user metadata from an OIDC provider's UserInfo endpoint. + // + // When not specified, only claims present in the token itself will be available + // in the claim mapping process. + // + // When specified, at least one external claim source must be specified and no more than 5 + // sources may be specified. + // All external claim sources must have unique claim mappings. + // When an external source responds and resolves additional claims successfully, they will + // be made available as claims during the claim mapping process. + // Externally sourced claims with the same name as a claim existing within the token will + // overwrite the claim data from the token with the externally sourced information. + // If an external source does not respond, responds with an error, or the additional + // claim data cannot be resolved from the response successfully it will not be + // included in the claim data passed to the claim mapping process. + ExternalClaimsSources []ExternalClaimsSourceApplyConfiguration `json:"externalClaimsSources,omitempty"` } // OIDCProviderApplyConfiguration constructs a declarative configuration of the OIDCProvider type for use with @@ -81,3 +117,16 @@ func (b *OIDCProviderApplyConfiguration) WithUserValidationRules(values ...*Toke } return b } + +// WithExternalClaimsSources adds the given value to the ExternalClaimsSources field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the ExternalClaimsSources field. +func (b *OIDCProviderApplyConfiguration) WithExternalClaimsSources(values ...*ExternalClaimsSourceApplyConfiguration) *OIDCProviderApplyConfiguration { + for i := range values { + if values[i] == nil { + panic("nil value passed to WithExternalClaimsSources") + } + b.ExternalClaimsSources = append(b.ExternalClaimsSources, *values[i]) + } + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/openidclaims.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/openidclaims.go index 8f11192c5..b1edbc525 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/openidclaims.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/openidclaims.go @@ -8,11 +8,22 @@ import ( // OpenIDClaimsApplyConfiguration represents a declarative configuration of the OpenIDClaims type for use // with apply. +// +// OpenIDClaims contains a list of OpenID claims to use when authenticating with an OpenID identity provider type OpenIDClaimsApplyConfiguration struct { - PreferredUsername []string `json:"preferredUsername,omitempty"` - Name []string `json:"name,omitempty"` - Email []string `json:"email,omitempty"` - Groups []configv1.OpenIDClaim `json:"groups,omitempty"` + // preferredUsername is the list of claims whose values should be used as the preferred username. + // If unspecified, the preferred username is determined from the value of the sub claim + PreferredUsername []string `json:"preferredUsername,omitempty"` + // name is the list of claims whose values should be used as the display name. Optional. + // If unspecified, no display name is set for the identity + Name []string `json:"name,omitempty"` + // email is the list of claims whose values should be used as the email address. Optional. + // If unspecified, no email is set for the identity + Email []string `json:"email,omitempty"` + // groups is the list of claims value of which should be used to synchronize groups + // from the OIDC provider to OpenShift for the user. + // If multiple claims are specified, the first one with a non-empty value is used. + Groups []configv1.OpenIDClaim `json:"groups,omitempty"` } // OpenIDClaimsApplyConfiguration constructs a declarative configuration of the OpenIDClaims type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/openididentityprovider.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/openididentityprovider.go index 9372178cf..83029b444 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/openididentityprovider.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/openididentityprovider.go @@ -4,14 +4,33 @@ package v1 // OpenIDIdentityProviderApplyConfiguration represents a declarative configuration of the OpenIDIdentityProvider type for use // with apply. +// +// OpenIDIdentityProvider provides identities for users authenticating using OpenID credentials type OpenIDIdentityProviderApplyConfiguration struct { - ClientID *string `json:"clientID,omitempty"` - ClientSecret *SecretNameReferenceApplyConfiguration `json:"clientSecret,omitempty"` - CA *ConfigMapNameReferenceApplyConfiguration `json:"ca,omitempty"` - ExtraScopes []string `json:"extraScopes,omitempty"` - ExtraAuthorizeParameters map[string]string `json:"extraAuthorizeParameters,omitempty"` - Issuer *string `json:"issuer,omitempty"` - Claims *OpenIDClaimsApplyConfiguration `json:"claims,omitempty"` + // clientID is the oauth client ID + ClientID *string `json:"clientID,omitempty"` + // clientSecret is a required reference to the secret by name containing the oauth client secret. + // The key "clientSecret" is used to locate the data. + // If the secret or expected key is not found, the identity provider is not honored. + // The namespace for this secret is openshift-config. + ClientSecret *SecretNameReferenceApplyConfiguration `json:"clientSecret,omitempty"` + // ca is an optional reference to a config map by name containing the PEM-encoded CA bundle. + // It is used as a trust anchor to validate the TLS certificate presented by the remote server. + // The key "ca.crt" is used to locate the data. + // If specified and the config map or expected key is not found, the identity provider is not honored. + // If the specified ca data is not valid, the identity provider is not honored. + // If empty, the default system roots are used. + // The namespace for this config map is openshift-config. + CA *ConfigMapNameReferenceApplyConfiguration `json:"ca,omitempty"` + // extraScopes are any scopes to request in addition to the standard "openid" scope. + ExtraScopes []string `json:"extraScopes,omitempty"` + // extraAuthorizeParameters are any custom parameters to add to the authorize request. + ExtraAuthorizeParameters map[string]string `json:"extraAuthorizeParameters,omitempty"` + // issuer is the URL that the OpenID Provider asserts as its Issuer Identifier. + // It must use the https scheme with no query or fragment component. + Issuer *string `json:"issuer,omitempty"` + // claims mappings + Claims *OpenIDClaimsApplyConfiguration `json:"claims,omitempty"` } // OpenIDIdentityProviderApplyConfiguration constructs a declarative configuration of the OpenIDIdentityProvider type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/openstackplatformloadbalancer.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/openstackplatformloadbalancer.go index f65d682d5..bec239f9b 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/openstackplatformloadbalancer.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/openstackplatformloadbalancer.go @@ -8,7 +8,18 @@ import ( // OpenStackPlatformLoadBalancerApplyConfiguration represents a declarative configuration of the OpenStackPlatformLoadBalancer type for use // with apply. +// +// OpenStackPlatformLoadBalancer defines the load balancer used by the cluster on OpenStack platform. type OpenStackPlatformLoadBalancerApplyConfiguration struct { + // type defines the type of load balancer used by the cluster on OpenStack platform + // which can be a user-managed or openshift-managed load balancer + // that is to be used for the OpenShift API and Ingress endpoints. + // When set to OpenShiftManagedDefault the static pods in charge of API and Ingress traffic load-balancing + // defined in the machine config operator will be deployed. + // When set to UserManaged these static pods will not be deployed and it is expected that + // the load balancer is configured out of band by the deployer. + // When omitted, this means no opinion and the platform is left to choose a reasonable default. + // The default value is OpenShiftManagedDefault. Type *configv1.PlatformLoadBalancerType `json:"type,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/openstackplatformspec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/openstackplatformspec.go index af43c8330..863d1b0ea 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/openstackplatformspec.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/openstackplatformspec.go @@ -8,10 +8,33 @@ import ( // OpenStackPlatformSpecApplyConfiguration represents a declarative configuration of the OpenStackPlatformSpec type for use // with apply. +// +// OpenStackPlatformSpec holds the desired state of the OpenStack infrastructure provider. +// This only includes fields that can be modified in the cluster. type OpenStackPlatformSpecApplyConfiguration struct { - APIServerInternalIPs []configv1.IP `json:"apiServerInternalIPs,omitempty"` - IngressIPs []configv1.IP `json:"ingressIPs,omitempty"` - MachineNetworks []configv1.CIDR `json:"machineNetworks,omitempty"` + // apiServerInternalIPs are the IP addresses to contact the Kubernetes API + // server that can be used by components inside the cluster, like kubelets + // using the infrastructure rather than Kubernetes networking. These are the + // IPs for a self-hosted load balancer in front of the API servers. + // In dual stack clusters this list contains two IP addresses, one from IPv4 + // family and one from IPv6. + // In single stack clusters a single IP address is expected. + // When omitted, values from the status.apiServerInternalIPs will be used. + // Once set, the list cannot be completely removed (but its second entry can). + APIServerInternalIPs []configv1.IP `json:"apiServerInternalIPs,omitempty"` + // ingressIPs are the external IPs which route to the default ingress + // controller. The IPs are suitable targets of a wildcard DNS record used to + // resolve default route host names. + // In dual stack clusters this list contains two IP addresses, one from IPv4 + // family and one from IPv6. + // In single stack clusters a single IP address is expected. + // When omitted, values from the status.ingressIPs will be used. + // Once set, the list cannot be completely removed (but its second entry can). + IngressIPs []configv1.IP `json:"ingressIPs,omitempty"` + // machineNetworks are IP networks used to connect all the OpenShift cluster + // nodes. Each network is provided in the CIDR format and should be IPv4 or IPv6, + // for example "10.0.0.0/8" or "fd00::/8". + MachineNetworks []configv1.CIDR `json:"machineNetworks,omitempty"` } // OpenStackPlatformSpecApplyConfiguration constructs a declarative configuration of the OpenStackPlatformSpec type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/openstackplatformstatus.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/openstackplatformstatus.go index 405276948..7ecab5117 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/openstackplatformstatus.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/openstackplatformstatus.go @@ -8,16 +8,59 @@ import ( // OpenStackPlatformStatusApplyConfiguration represents a declarative configuration of the OpenStackPlatformStatus type for use // with apply. +// +// OpenStackPlatformStatus holds the current status of the OpenStack infrastructure provider. type OpenStackPlatformStatusApplyConfiguration struct { - APIServerInternalIP *string `json:"apiServerInternalIP,omitempty"` - APIServerInternalIPs []string `json:"apiServerInternalIPs,omitempty"` - CloudName *string `json:"cloudName,omitempty"` - IngressIP *string `json:"ingressIP,omitempty"` - IngressIPs []string `json:"ingressIPs,omitempty"` - NodeDNSIP *string `json:"nodeDNSIP,omitempty"` - LoadBalancer *OpenStackPlatformLoadBalancerApplyConfiguration `json:"loadBalancer,omitempty"` - DNSRecordsType *configv1.DNSRecordsType `json:"dnsRecordsType,omitempty"` - MachineNetworks []configv1.CIDR `json:"machineNetworks,omitempty"` + // apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used + // by components inside the cluster, like kubelets using the infrastructure rather + // than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI + // points to. It is the IP for a self-hosted load balancer in front of the API servers. + // + // Deprecated: Use APIServerInternalIPs instead. + APIServerInternalIP *string `json:"apiServerInternalIP,omitempty"` + // apiServerInternalIPs are the IP addresses to contact the Kubernetes API + // server that can be used by components inside the cluster, like kubelets + // using the infrastructure rather than Kubernetes networking. These are the + // IPs for a self-hosted load balancer in front of the API servers. In dual + // stack clusters this list contains two IPs otherwise only one. + APIServerInternalIPs []string `json:"apiServerInternalIPs,omitempty"` + // cloudName is the name of the desired OpenStack cloud in the + // client configuration file (`clouds.yaml`). + CloudName *string `json:"cloudName,omitempty"` + // ingressIP is an external IP which routes to the default ingress controller. + // The IP is a suitable target of a wildcard DNS record used to resolve default route host names. + // + // Deprecated: Use IngressIPs instead. + IngressIP *string `json:"ingressIP,omitempty"` + // ingressIPs are the external IPs which route to the default ingress + // controller. The IPs are suitable targets of a wildcard DNS record used to + // resolve default route host names. In dual stack clusters this list + // contains two IPs otherwise only one. + IngressIPs []string `json:"ingressIPs,omitempty"` + // nodeDNSIP is the IP address for the internal DNS used by the + // nodes. Unlike the one managed by the DNS operator, `NodeDNSIP` + // provides name resolution for the nodes themselves. There is no DNS-as-a-service for + // OpenStack deployments. In order to minimize necessary changes to the + // datacenter DNS, a DNS service is hosted as a static pod to serve those hostnames + // to the nodes in the cluster. + NodeDNSIP *string `json:"nodeDNSIP,omitempty"` + // loadBalancer defines how the load balancer used by the cluster is configured. + LoadBalancer *OpenStackPlatformLoadBalancerApplyConfiguration `json:"loadBalancer,omitempty"` + // dnsRecordsType determines whether records for api, api-int, and ingress + // are provided by the internal DNS service or externally. + // Allowed values are `Internal`, `External`, and omitted. + // When set to `Internal`, records are provided by the internal infrastructure and + // no additional user configuration is required for the cluster to function. + // When set to `External`, records are not provided by the internal infrastructure + // and must be configured by the user on a DNS server outside the cluster. + // Cluster nodes must use this external server for their upstream DNS requests. + // This value may only be set when loadBalancer.type is set to UserManaged. + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // The current default is `Internal`. + DNSRecordsType *configv1.DNSRecordsType `json:"dnsRecordsType,omitempty"` + // machineNetworks are IP networks used to connect all the OpenShift cluster nodes. + MachineNetworks []configv1.CIDR `json:"machineNetworks,omitempty"` } // OpenStackPlatformStatusApplyConfiguration constructs a declarative configuration of the OpenStackPlatformStatus type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/operandversion.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/operandversion.go index 6c4336d6e..67d5c56c1 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/operandversion.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/operandversion.go @@ -5,7 +5,11 @@ package v1 // OperandVersionApplyConfiguration represents a declarative configuration of the OperandVersion type for use // with apply. type OperandVersionApplyConfiguration struct { - Name *string `json:"name,omitempty"` + // name is the name of the particular operand this version is for. It usually matches container images, not operators. + Name *string `json:"name,omitempty"` + // version indicates which version of a particular operand is currently being managed. It must always match the Available + // operand. If 1.0.0 is Available, then this must indicate 1.0.0 even if the operator is trying to rollout + // 1.1.0 Version *string `json:"version,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/operatorhub.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/operatorhub.go index 0dbba79c4..5f86f3b57 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/operatorhub.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/operatorhub.go @@ -13,8 +13,16 @@ import ( // OperatorHubApplyConfiguration represents a declarative configuration of the OperatorHub type for use // with apply. +// +// OperatorHub is the Schema for the operatorhubs API. It can be used to change +// the state of the default hub sources for OperatorHub on the cluster from +// enabled to disabled and vice versa. +// +// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). type OperatorHubApplyConfiguration struct { - metav1.TypeMetaApplyConfiguration `json:",inline"` + metav1.TypeMetaApplyConfiguration `json:",inline"` + // metadata is the standard object's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata *metav1.ObjectMetaApplyConfiguration `json:"metadata,omitempty"` Spec *OperatorHubSpecApplyConfiguration `json:"spec,omitempty"` Status *OperatorHubStatusApplyConfiguration `json:"status,omitempty"` @@ -30,6 +38,26 @@ func OperatorHub(name string) *OperatorHubApplyConfiguration { return b } +// ExtractOperatorHubFrom extracts the applied configuration owned by fieldManager from +// operatorHub for the specified subresource. Pass an empty string for subresource to extract +// the main resource. Common subresources include "status", "scale", etc. +// operatorHub must be a unmodified OperatorHub API object that was retrieved from the Kubernetes API. +// ExtractOperatorHubFrom provides a way to perform a extract/modify-in-place/apply workflow. +// Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously +// applied if another fieldManager has updated or force applied any of the previously applied fields. +func ExtractOperatorHubFrom(operatorHub *configv1.OperatorHub, fieldManager string, subresource string) (*OperatorHubApplyConfiguration, error) { + b := &OperatorHubApplyConfiguration{} + err := managedfields.ExtractInto(operatorHub, internal.Parser().Type("com.github.openshift.api.config.v1.OperatorHub"), fieldManager, b, subresource) + if err != nil { + return nil, err + } + b.WithName(operatorHub.Name) + + b.WithKind("OperatorHub") + b.WithAPIVersion("config.openshift.io/v1") + return b, nil +} + // ExtractOperatorHub extracts the applied configuration owned by fieldManager from // operatorHub. If no managedFields are found in operatorHub for fieldManager, a // OperatorHubApplyConfiguration is returned with only the Name, Namespace (if applicable), @@ -40,30 +68,16 @@ func OperatorHub(name string) *OperatorHubApplyConfiguration { // ExtractOperatorHub provides a way to perform a extract/modify-in-place/apply workflow. // Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously // applied if another fieldManager has updated or force applied any of the previously applied fields. -// Experimental! func ExtractOperatorHub(operatorHub *configv1.OperatorHub, fieldManager string) (*OperatorHubApplyConfiguration, error) { - return extractOperatorHub(operatorHub, fieldManager, "") + return ExtractOperatorHubFrom(operatorHub, fieldManager, "") } -// ExtractOperatorHubStatus is the same as ExtractOperatorHub except -// that it extracts the status subresource applied configuration. -// Experimental! +// ExtractOperatorHubStatus extracts the applied configuration owned by fieldManager from +// operatorHub for the status subresource. func ExtractOperatorHubStatus(operatorHub *configv1.OperatorHub, fieldManager string) (*OperatorHubApplyConfiguration, error) { - return extractOperatorHub(operatorHub, fieldManager, "status") + return ExtractOperatorHubFrom(operatorHub, fieldManager, "status") } -func extractOperatorHub(operatorHub *configv1.OperatorHub, fieldManager string, subresource string) (*OperatorHubApplyConfiguration, error) { - b := &OperatorHubApplyConfiguration{} - err := managedfields.ExtractInto(operatorHub, internal.Parser().Type("com.github.openshift.api.config.v1.OperatorHub"), fieldManager, b, subresource) - if err != nil { - return nil, err - } - b.WithName(operatorHub.Name) - - b.WithKind("OperatorHub") - b.WithAPIVersion("config.openshift.io/v1") - return b, nil -} func (b OperatorHubApplyConfiguration) IsApplyConfiguration() {} // WithKind sets the Kind field in the declarative configuration to the given value diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/operatorhubspec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/operatorhubspec.go index 56179c4cf..dac0696c5 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/operatorhubspec.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/operatorhubspec.go @@ -4,9 +4,22 @@ package v1 // OperatorHubSpecApplyConfiguration represents a declarative configuration of the OperatorHubSpec type for use // with apply. +// +// OperatorHubSpec defines the desired state of OperatorHub type OperatorHubSpecApplyConfiguration struct { - DisableAllDefaultSources *bool `json:"disableAllDefaultSources,omitempty"` - Sources []HubSourceApplyConfiguration `json:"sources,omitempty"` + // disableAllDefaultSources allows you to disable all the default hub + // sources. If this is true, a specific entry in sources can be used to + // enable a default source. If this is false, a specific entry in + // sources can be used to disable or enable a default source. + DisableAllDefaultSources *bool `json:"disableAllDefaultSources,omitempty"` + // sources is the list of default hub sources and their configuration. + // If the list is empty, it implies that the default hub sources are + // enabled on the cluster unless disableAllDefaultSources is true. + // If disableAllDefaultSources is true and sources is not empty, + // the configuration present in sources will take precedence. The list of + // default hub sources and their current state will always be reflected in + // the status block. + Sources []HubSourceApplyConfiguration `json:"sources,omitempty"` } // OperatorHubSpecApplyConfiguration constructs a declarative configuration of the OperatorHubSpec type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/operatorhubstatus.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/operatorhubstatus.go index 7e7cda1ac..26c8fc500 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/operatorhubstatus.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/operatorhubstatus.go @@ -4,7 +4,12 @@ package v1 // OperatorHubStatusApplyConfiguration represents a declarative configuration of the OperatorHubStatus type for use // with apply. +// +// OperatorHubStatus defines the observed state of OperatorHub. The current +// state of the default hub sources will always be reflected here. type OperatorHubStatusApplyConfiguration struct { + // sources encapsulates the result of applying the configuration for each + // hub source Sources []HubSourceStatusApplyConfiguration `json:"sources,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/ovirtplatformloadbalancer.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/ovirtplatformloadbalancer.go index e81d48044..9b8aa08dd 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/ovirtplatformloadbalancer.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/ovirtplatformloadbalancer.go @@ -8,7 +8,18 @@ import ( // OvirtPlatformLoadBalancerApplyConfiguration represents a declarative configuration of the OvirtPlatformLoadBalancer type for use // with apply. +// +// OvirtPlatformLoadBalancer defines the load balancer used by the cluster on Ovirt platform. type OvirtPlatformLoadBalancerApplyConfiguration struct { + // type defines the type of load balancer used by the cluster on Ovirt platform + // which can be a user-managed or openshift-managed load balancer + // that is to be used for the OpenShift API and Ingress endpoints. + // When set to OpenShiftManagedDefault the static pods in charge of API and Ingress traffic load-balancing + // defined in the machine config operator will be deployed. + // When set to UserManaged these static pods will not be deployed and it is expected that + // the load balancer is configured out of band by the deployer. + // When omitted, this means no opinion and the platform is left to choose a reasonable default. + // The default value is OpenShiftManagedDefault. Type *configv1.PlatformLoadBalancerType `json:"type,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/ovirtplatformstatus.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/ovirtplatformstatus.go index dab2c7a10..ba4603729 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/ovirtplatformstatus.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/ovirtplatformstatus.go @@ -8,14 +8,49 @@ import ( // OvirtPlatformStatusApplyConfiguration represents a declarative configuration of the OvirtPlatformStatus type for use // with apply. +// +// OvirtPlatformStatus holds the current status of the oVirt infrastructure provider. type OvirtPlatformStatusApplyConfiguration struct { - APIServerInternalIP *string `json:"apiServerInternalIP,omitempty"` - APIServerInternalIPs []string `json:"apiServerInternalIPs,omitempty"` - IngressIP *string `json:"ingressIP,omitempty"` - IngressIPs []string `json:"ingressIPs,omitempty"` - NodeDNSIP *string `json:"nodeDNSIP,omitempty"` - LoadBalancer *OvirtPlatformLoadBalancerApplyConfiguration `json:"loadBalancer,omitempty"` - DNSRecordsType *configv1.DNSRecordsType `json:"dnsRecordsType,omitempty"` + // apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used + // by components inside the cluster, like kubelets using the infrastructure rather + // than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI + // points to. It is the IP for a self-hosted load balancer in front of the API servers. + // + // Deprecated: Use APIServerInternalIPs instead. + APIServerInternalIP *string `json:"apiServerInternalIP,omitempty"` + // apiServerInternalIPs are the IP addresses to contact the Kubernetes API + // server that can be used by components inside the cluster, like kubelets + // using the infrastructure rather than Kubernetes networking. These are the + // IPs for a self-hosted load balancer in front of the API servers. In dual + // stack clusters this list contains two IPs otherwise only one. + APIServerInternalIPs []string `json:"apiServerInternalIPs,omitempty"` + // ingressIP is an external IP which routes to the default ingress controller. + // The IP is a suitable target of a wildcard DNS record used to resolve default route host names. + // + // Deprecated: Use IngressIPs instead. + IngressIP *string `json:"ingressIP,omitempty"` + // ingressIPs are the external IPs which route to the default ingress + // controller. The IPs are suitable targets of a wildcard DNS record used to + // resolve default route host names. In dual stack clusters this list + // contains two IPs otherwise only one. + IngressIPs []string `json:"ingressIPs,omitempty"` + // deprecated: as of 4.6, this field is no longer set or honored. It will be removed in a future release. + NodeDNSIP *string `json:"nodeDNSIP,omitempty"` + // loadBalancer defines how the load balancer used by the cluster is configured. + LoadBalancer *OvirtPlatformLoadBalancerApplyConfiguration `json:"loadBalancer,omitempty"` + // dnsRecordsType determines whether records for api, api-int, and ingress + // are provided by the internal DNS service or externally. + // Allowed values are `Internal`, `External`, and omitted. + // When set to `Internal`, records are provided by the internal infrastructure and + // no additional user configuration is required for the cluster to function. + // When set to `External`, records are not provided by the internal infrastructure + // and must be configured by the user on a DNS server outside the cluster. + // Cluster nodes must use this external server for their upstream DNS requests. + // This value may only be set when loadBalancer.type is set to UserManaged. + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // The current default is `Internal`. + DNSRecordsType *configv1.DNSRecordsType `json:"dnsRecordsType,omitempty"` } // OvirtPlatformStatusApplyConfiguration constructs a declarative configuration of the OvirtPlatformStatus type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/persistentvolumeclaimreference.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/persistentvolumeclaimreference.go index 49daf4bc2..9a557f2dd 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/persistentvolumeclaimreference.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/persistentvolumeclaimreference.go @@ -4,7 +4,12 @@ package v1 // PersistentVolumeClaimReferenceApplyConfiguration represents a declarative configuration of the PersistentVolumeClaimReference type for use // with apply. +// +// PersistentVolumeClaimReference is a reference to a PersistentVolumeClaim. type PersistentVolumeClaimReferenceApplyConfiguration struct { + // name is the name of the PersistentVolumeClaim that will be used to store the Insights data archive. + // It is a string that follows the DNS1123 subdomain format. + // It must be at most 253 characters in length, and must consist only of lower case alphanumeric characters, '-' and '.', and must start and end with an alphanumeric character. Name *string `json:"name,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/persistentvolumeconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/persistentvolumeconfig.go index c62fdbcf9..ce5e58a99 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/persistentvolumeconfig.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/persistentvolumeconfig.go @@ -4,9 +4,17 @@ package v1 // PersistentVolumeConfigApplyConfiguration represents a declarative configuration of the PersistentVolumeConfig type for use // with apply. +// +// PersistentVolumeConfig provides configuration options for PersistentVolume storage. type PersistentVolumeConfigApplyConfiguration struct { - Claim *PersistentVolumeClaimReferenceApplyConfiguration `json:"claim,omitempty"` - MountPath *string `json:"mountPath,omitempty"` + // claim is a required field that specifies the configuration of the PersistentVolumeClaim that will be used to store the Insights data archive. + // The PersistentVolumeClaim must be created in the openshift-insights namespace. + Claim *PersistentVolumeClaimReferenceApplyConfiguration `json:"claim,omitempty"` + // mountPath is an optional field specifying the directory where the PVC will be mounted inside the Insights data gathering Pod. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The current default mount path is /var/lib/insights-operator + // The path may not exceed 1024 characters and must not contain a colon. + MountPath *string `json:"mountPath,omitempty"` } // PersistentVolumeConfigApplyConfiguration constructs a declarative configuration of the PersistentVolumeConfig type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/pkicertificatesubject.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/pkicertificatesubject.go index 70181700b..63fd15879 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/pkicertificatesubject.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/pkicertificatesubject.go @@ -4,8 +4,15 @@ package v1 // PKICertificateSubjectApplyConfiguration represents a declarative configuration of the PKICertificateSubject type for use // with apply. +// +// PKICertificateSubject defines the requirements imposed on the subject to which the certificate was issued. type PKICertificateSubjectApplyConfiguration struct { - Email *string `json:"email,omitempty"` + // email specifies the expected email address imposed on the subject to which the certificate was issued, and must match the email address listed in the Subject Alternative Name (SAN) field of the certificate. + // The email must be a valid email address and at most 320 characters in length. + Email *string `json:"email,omitempty"` + // hostname specifies the expected hostname imposed on the subject to which the certificate was issued, and it must match the hostname listed in the Subject Alternative Name (SAN) DNS field of the certificate. + // The hostname must be a valid dns 1123 subdomain name, optionally prefixed by '*.', and at most 253 characters in length. + // It must consist only of lowercase alphanumeric characters, hyphens, periods and the optional preceding asterisk. Hostname *string `json:"hostname,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/platformspec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/platformspec.go index 54ae2fcd3..5034ec734 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/platformspec.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/platformspec.go @@ -8,22 +8,50 @@ import ( // PlatformSpecApplyConfiguration represents a declarative configuration of the PlatformSpec type for use // with apply. +// +// PlatformSpec holds the desired state specific to the underlying infrastructure provider +// of the current cluster. Since these are used at spec-level for the underlying cluster, it +// is supposed that only one of the spec structs is set. type PlatformSpecApplyConfiguration struct { - Type *configv1.PlatformType `json:"type,omitempty"` - AWS *AWSPlatformSpecApplyConfiguration `json:"aws,omitempty"` - Azure *configv1.AzurePlatformSpec `json:"azure,omitempty"` - GCP *configv1.GCPPlatformSpec `json:"gcp,omitempty"` - BareMetal *BareMetalPlatformSpecApplyConfiguration `json:"baremetal,omitempty"` - OpenStack *OpenStackPlatformSpecApplyConfiguration `json:"openstack,omitempty"` - Ovirt *configv1.OvirtPlatformSpec `json:"ovirt,omitempty"` - VSphere *VSpherePlatformSpecApplyConfiguration `json:"vsphere,omitempty"` - IBMCloud *IBMCloudPlatformSpecApplyConfiguration `json:"ibmcloud,omitempty"` - Kubevirt *configv1.KubevirtPlatformSpec `json:"kubevirt,omitempty"` - EquinixMetal *configv1.EquinixMetalPlatformSpec `json:"equinixMetal,omitempty"` - PowerVS *PowerVSPlatformSpecApplyConfiguration `json:"powervs,omitempty"` - AlibabaCloud *configv1.AlibabaCloudPlatformSpec `json:"alibabaCloud,omitempty"` - Nutanix *NutanixPlatformSpecApplyConfiguration `json:"nutanix,omitempty"` - External *ExternalPlatformSpecApplyConfiguration `json:"external,omitempty"` + // type is the underlying infrastructure provider for the cluster. This + // value controls whether infrastructure automation such as service load + // balancers, dynamic volume provisioning, machine creation and deletion, and + // other integrations are enabled. If None, no infrastructure automation is + // enabled. Allowed values are "AWS", "Azure", "BareMetal", "GCP", "Libvirt", + // "OpenStack", "VSphere", "oVirt", "IBMCloud", "KubeVirt", "EquinixMetal", + // "PowerVS", "AlibabaCloud", "Nutanix", "External", and "None". Individual + // components may not support all platforms, and must handle unrecognized + // platforms as None if they do not support that platform. + Type *configv1.PlatformType `json:"type,omitempty"` + // aws contains settings specific to the Amazon Web Services infrastructure provider. + AWS *AWSPlatformSpecApplyConfiguration `json:"aws,omitempty"` + // azure contains settings specific to the Azure infrastructure provider. + Azure *configv1.AzurePlatformSpec `json:"azure,omitempty"` + // gcp contains settings specific to the Google Cloud Platform infrastructure provider. + GCP *configv1.GCPPlatformSpec `json:"gcp,omitempty"` + // baremetal contains settings specific to the BareMetal platform. + BareMetal *BareMetalPlatformSpecApplyConfiguration `json:"baremetal,omitempty"` + // openstack contains settings specific to the OpenStack infrastructure provider. + OpenStack *OpenStackPlatformSpecApplyConfiguration `json:"openstack,omitempty"` + // ovirt contains settings specific to the oVirt infrastructure provider. + Ovirt *configv1.OvirtPlatformSpec `json:"ovirt,omitempty"` + // vsphere contains settings specific to the VSphere infrastructure provider. + VSphere *VSpherePlatformSpecApplyConfiguration `json:"vsphere,omitempty"` + // ibmcloud contains settings specific to the IBMCloud infrastructure provider. + IBMCloud *IBMCloudPlatformSpecApplyConfiguration `json:"ibmcloud,omitempty"` + // kubevirt contains settings specific to the kubevirt infrastructure provider. + Kubevirt *configv1.KubevirtPlatformSpec `json:"kubevirt,omitempty"` + // equinixMetal contains settings specific to the Equinix Metal infrastructure provider. + EquinixMetal *configv1.EquinixMetalPlatformSpec `json:"equinixMetal,omitempty"` + // powervs contains settings specific to the IBM Power Systems Virtual Servers infrastructure provider. + PowerVS *PowerVSPlatformSpecApplyConfiguration `json:"powervs,omitempty"` + // alibabaCloud contains settings specific to the Alibaba Cloud infrastructure provider. + AlibabaCloud *configv1.AlibabaCloudPlatformSpec `json:"alibabaCloud,omitempty"` + // nutanix contains settings specific to the Nutanix infrastructure provider. + Nutanix *NutanixPlatformSpecApplyConfiguration `json:"nutanix,omitempty"` + // ExternalPlatformType represents generic infrastructure provider. + // Platform-specific components should be supplemented separately. + External *ExternalPlatformSpecApplyConfiguration `json:"external,omitempty"` } // PlatformSpecApplyConfiguration constructs a declarative configuration of the PlatformSpec type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/platformstatus.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/platformstatus.go index e470ebd96..a24f6d207 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/platformstatus.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/platformstatus.go @@ -8,22 +8,51 @@ import ( // PlatformStatusApplyConfiguration represents a declarative configuration of the PlatformStatus type for use // with apply. +// +// PlatformStatus holds the current status specific to the underlying infrastructure provider +// of the current cluster. Since these are used at status-level for the underlying cluster, it +// is supposed that only one of the status structs is set. type PlatformStatusApplyConfiguration struct { - Type *configv1.PlatformType `json:"type,omitempty"` - AWS *AWSPlatformStatusApplyConfiguration `json:"aws,omitempty"` - Azure *AzurePlatformStatusApplyConfiguration `json:"azure,omitempty"` - GCP *GCPPlatformStatusApplyConfiguration `json:"gcp,omitempty"` - BareMetal *BareMetalPlatformStatusApplyConfiguration `json:"baremetal,omitempty"` - OpenStack *OpenStackPlatformStatusApplyConfiguration `json:"openstack,omitempty"` - Ovirt *OvirtPlatformStatusApplyConfiguration `json:"ovirt,omitempty"` - VSphere *VSpherePlatformStatusApplyConfiguration `json:"vsphere,omitempty"` - IBMCloud *IBMCloudPlatformStatusApplyConfiguration `json:"ibmcloud,omitempty"` - Kubevirt *KubevirtPlatformStatusApplyConfiguration `json:"kubevirt,omitempty"` + // type is the underlying infrastructure provider for the cluster. This + // value controls whether infrastructure automation such as service load + // balancers, dynamic volume provisioning, machine creation and deletion, and + // other integrations are enabled. If None, no infrastructure automation is + // enabled. Allowed values are "AWS", "Azure", "BareMetal", "GCP", "Libvirt", + // "OpenStack", "VSphere", "oVirt", "EquinixMetal", "PowerVS", "AlibabaCloud", "Nutanix" and "None". + // Individual components may not support all platforms, and must handle + // unrecognized platforms as None if they do not support that platform. + // + // This value will be synced with to the `status.platform` and `status.platformStatus.type`. + // Currently this value cannot be changed once set. + Type *configv1.PlatformType `json:"type,omitempty"` + // aws contains settings specific to the Amazon Web Services infrastructure provider. + AWS *AWSPlatformStatusApplyConfiguration `json:"aws,omitempty"` + // azure contains settings specific to the Azure infrastructure provider. + Azure *AzurePlatformStatusApplyConfiguration `json:"azure,omitempty"` + // gcp contains settings specific to the Google Cloud Platform infrastructure provider. + GCP *GCPPlatformStatusApplyConfiguration `json:"gcp,omitempty"` + // baremetal contains settings specific to the BareMetal platform. + BareMetal *BareMetalPlatformStatusApplyConfiguration `json:"baremetal,omitempty"` + // openstack contains settings specific to the OpenStack infrastructure provider. + OpenStack *OpenStackPlatformStatusApplyConfiguration `json:"openstack,omitempty"` + // ovirt contains settings specific to the oVirt infrastructure provider. + Ovirt *OvirtPlatformStatusApplyConfiguration `json:"ovirt,omitempty"` + // vsphere contains settings specific to the VSphere infrastructure provider. + VSphere *VSpherePlatformStatusApplyConfiguration `json:"vsphere,omitempty"` + // ibmcloud contains settings specific to the IBMCloud infrastructure provider. + IBMCloud *IBMCloudPlatformStatusApplyConfiguration `json:"ibmcloud,omitempty"` + // kubevirt contains settings specific to the kubevirt infrastructure provider. + Kubevirt *KubevirtPlatformStatusApplyConfiguration `json:"kubevirt,omitempty"` + // equinixMetal contains settings specific to the Equinix Metal infrastructure provider. EquinixMetal *EquinixMetalPlatformStatusApplyConfiguration `json:"equinixMetal,omitempty"` - PowerVS *PowerVSPlatformStatusApplyConfiguration `json:"powervs,omitempty"` + // powervs contains settings specific to the Power Systems Virtual Servers infrastructure provider. + PowerVS *PowerVSPlatformStatusApplyConfiguration `json:"powervs,omitempty"` + // alibabaCloud contains settings specific to the Alibaba Cloud infrastructure provider. AlibabaCloud *AlibabaCloudPlatformStatusApplyConfiguration `json:"alibabaCloud,omitempty"` - Nutanix *NutanixPlatformStatusApplyConfiguration `json:"nutanix,omitempty"` - External *ExternalPlatformStatusApplyConfiguration `json:"external,omitempty"` + // nutanix contains settings specific to the Nutanix infrastructure provider. + Nutanix *NutanixPlatformStatusApplyConfiguration `json:"nutanix,omitempty"` + // external contains settings specific to the generic External infrastructure provider. + External *ExternalPlatformStatusApplyConfiguration `json:"external,omitempty"` } // PlatformStatusApplyConfiguration constructs a declarative configuration of the PlatformStatus type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/policyfulciosubject.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/policyfulciosubject.go index 7f61d420c..d47722610 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/policyfulciosubject.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/policyfulciosubject.go @@ -4,8 +4,17 @@ package v1 // PolicyFulcioSubjectApplyConfiguration represents a declarative configuration of the PolicyFulcioSubject type for use // with apply. +// +// PolicyFulcioSubject defines the OIDC issuer and the email of the Fulcio authentication configuration. type PolicyFulcioSubjectApplyConfiguration struct { - OIDCIssuer *string `json:"oidcIssuer,omitempty"` + // oidcIssuer is a required filed contains the expected OIDC issuer. The oidcIssuer must be a valid URL and at most 2048 characters in length. + // It will be verified that the Fulcio-issued certificate contains a (Fulcio-defined) certificate extension pointing at this OIDC issuer URL. + // When Fulcio issues certificates, it includes a value based on an URL inside the client-provided ID token. + // Example: "https://expected.OIDC.issuer/" + OIDCIssuer *string `json:"oidcIssuer,omitempty"` + // signedEmail is a required field holds the email address that the Fulcio certificate is issued for. + // The signedEmail must be a valid email address and at most 320 characters in length. + // Example: "expected-signing-user@example.com" SignedEmail *string `json:"signedEmail,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/policyidentity.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/policyidentity.go index 0e4e46be6..9c5728218 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/policyidentity.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/policyidentity.go @@ -8,10 +8,22 @@ import ( // PolicyIdentityApplyConfiguration represents a declarative configuration of the PolicyIdentity type for use // with apply. +// +// PolicyIdentity defines image identity the signature claims about the image. When omitted, the default matchPolicy is "MatchRepoDigestOrExact". type PolicyIdentityApplyConfiguration struct { - MatchPolicy *configv1.IdentityMatchPolicy `json:"matchPolicy,omitempty"` + // matchPolicy is a required filed specifies matching strategy to verify the image identity in the signature against the image scope. + // Allowed values are "MatchRepoDigestOrExact", "MatchRepository", "ExactRepository", "RemapIdentity". When omitted, the default value is "MatchRepoDigestOrExact". + // When set to "MatchRepoDigestOrExact", the identity in the signature must be in the same repository as the image identity if the image identity is referenced by a digest. Otherwise, the identity in the signature must be the same as the image identity. + // When set to "MatchRepository", the identity in the signature must be in the same repository as the image identity. + // When set to "ExactRepository", the exactRepository must be specified. The identity in the signature must be in the same repository as a specific identity specified by "repository". + // When set to "RemapIdentity", the remapIdentity must be specified. The signature must be in the same as the remapped image identity. Remapped image identity is obtained by replacing the "prefix" with the specified “signedPrefix” if the the image identity matches the specified remapPrefix. + MatchPolicy *configv1.IdentityMatchPolicy `json:"matchPolicy,omitempty"` + // exactRepository specifies the repository that must be exactly matched by the identity in the signature. + // exactRepository is required if matchPolicy is set to "ExactRepository". It is used to verify that the signature claims an identity matching this exact repository, rather than the original image identity. PolicyMatchExactRepository *PolicyMatchExactRepositoryApplyConfiguration `json:"exactRepository,omitempty"` - PolicyMatchRemapIdentity *PolicyMatchRemapIdentityApplyConfiguration `json:"remapIdentity,omitempty"` + // remapIdentity specifies the prefix remapping rule for verifying image identity. + // remapIdentity is required if matchPolicy is set to "RemapIdentity". It is used to verify that the signature claims a different registry/repository prefix than the original image. + PolicyMatchRemapIdentity *PolicyMatchRemapIdentityApplyConfiguration `json:"remapIdentity,omitempty"` } // PolicyIdentityApplyConfiguration constructs a declarative configuration of the PolicyIdentity type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/policymatchexactrepository.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/policymatchexactrepository.go index 3b4fcbd9c..2b988ad4c 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/policymatchexactrepository.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/policymatchexactrepository.go @@ -9,6 +9,9 @@ import ( // PolicyMatchExactRepositoryApplyConfiguration represents a declarative configuration of the PolicyMatchExactRepository type for use // with apply. type PolicyMatchExactRepositoryApplyConfiguration struct { + // repository is the reference of the image identity to be matched. + // repository is required if matchPolicy is set to "ExactRepository". + // The value should be a repository name (by omitting the tag or digest) in a registry implementing the "Docker Registry HTTP API V2". For example, docker.io/library/busybox Repository *configv1.IdentityRepositoryPrefix `json:"repository,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/policymatchremapidentity.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/policymatchremapidentity.go index 3cf5ccf68..a12763447 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/policymatchremapidentity.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/policymatchremapidentity.go @@ -9,7 +9,18 @@ import ( // PolicyMatchRemapIdentityApplyConfiguration represents a declarative configuration of the PolicyMatchRemapIdentity type for use // with apply. type PolicyMatchRemapIdentityApplyConfiguration struct { - Prefix *configv1.IdentityRepositoryPrefix `json:"prefix,omitempty"` + // prefix is required if matchPolicy is set to "RemapIdentity". + // prefix is the prefix of the image identity to be matched. + // If the image identity matches the specified prefix, that prefix is replaced by the specified “signedPrefix” (otherwise it is used as unchanged and no remapping takes place). + // This is useful when verifying signatures for a mirror of some other repository namespace that preserves the vendor’s repository structure. + // The prefix and signedPrefix values can be either host[:port] values (matching exactly the same host[:port], string), repository namespaces, + // or repositories (i.e. they must not contain tags/digests), and match as prefixes of the fully expanded form. + // For example, docker.io/library/busybox (not busybox) to specify that single repository, or docker.io/library (not an empty string) to specify the parent namespace of docker.io/library/busybox. + Prefix *configv1.IdentityRepositoryPrefix `json:"prefix,omitempty"` + // signedPrefix is required if matchPolicy is set to "RemapIdentity". + // signedPrefix is the prefix of the image identity to be matched in the signature. The format is the same as "prefix". The values can be either host[:port] values (matching exactly the same host[:port], string), repository namespaces, + // or repositories (i.e. they must not contain tags/digests), and match as prefixes of the fully expanded form. + // For example, docker.io/library/busybox (not busybox) to specify that single repository, or docker.io/library (not an empty string) to specify the parent namespace of docker.io/library/busybox. SignedPrefix *configv1.IdentityRepositoryPrefix `json:"signedPrefix,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/policyrootoftrust.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/policyrootoftrust.go index 6b3e46f47..78463deb6 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/policyrootoftrust.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/policyrootoftrust.go @@ -8,11 +8,26 @@ import ( // PolicyRootOfTrustApplyConfiguration represents a declarative configuration of the PolicyRootOfTrust type for use // with apply. +// +// PolicyRootOfTrust defines the root of trust based on the selected policyType. type PolicyRootOfTrustApplyConfiguration struct { - PolicyType *configv1.PolicyType `json:"policyType,omitempty"` - PublicKey *ImagePolicyPublicKeyRootOfTrustApplyConfiguration `json:"publicKey,omitempty"` + // policyType is a required field specifies the type of the policy for verification. This field must correspond to how the policy was generated. + // Allowed values are "PublicKey", "FulcioCAWithRekor", and "PKI". + // When set to "PublicKey", the policy relies on a sigstore publicKey and may optionally use a Rekor verification. + // When set to "FulcioCAWithRekor", the policy is based on the Fulcio certification and incorporates a Rekor verification. + // When set to "PKI", the policy is based on the certificates from Bring Your Own Public Key Infrastructure (BYOPKI). + PolicyType *configv1.PolicyType `json:"policyType,omitempty"` + // publicKey defines the root of trust configuration based on a sigstore public key. Optionally include a Rekor public key for Rekor verification. + // publicKey is required when policyType is PublicKey, and forbidden otherwise. + PublicKey *ImagePolicyPublicKeyRootOfTrustApplyConfiguration `json:"publicKey,omitempty"` + // fulcioCAWithRekor defines the root of trust configuration based on the Fulcio certificate and the Rekor public key. + // fulcioCAWithRekor is required when policyType is FulcioCAWithRekor, and forbidden otherwise + // For more information about Fulcio and Rekor, please refer to the document at: + // https://github.com/sigstore/fulcio and https://github.com/sigstore/rekor FulcioCAWithRekor *ImagePolicyFulcioCAWithRekorRootOfTrustApplyConfiguration `json:"fulcioCAWithRekor,omitempty"` - PKI *ImagePolicyPKIRootOfTrustApplyConfiguration `json:"pki,omitempty"` + // pki defines the root of trust configuration based on Bring Your Own Public Key Infrastructure (BYOPKI) Root CA(s) and corresponding intermediate certificates. + // pki is required when policyType is PKI, and forbidden otherwise. + PKI *ImagePolicyPKIRootOfTrustApplyConfiguration `json:"pki,omitempty"` } // PolicyRootOfTrustApplyConfiguration constructs a declarative configuration of the PolicyRootOfTrust type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/powervsplatformspec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/powervsplatformspec.go index db3c3d1d9..3ec6312ba 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/powervsplatformspec.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/powervsplatformspec.go @@ -4,7 +4,12 @@ package v1 // PowerVSPlatformSpecApplyConfiguration represents a declarative configuration of the PowerVSPlatformSpec type for use // with apply. +// +// PowerVSPlatformSpec holds the desired state of the IBM Power Systems Virtual Servers infrastructure provider. +// This only includes fields that can be modified in the cluster. type PowerVSPlatformSpecApplyConfiguration struct { + // serviceEndpoints is a list of custom endpoints which will override the default + // service endpoints of a Power VS service. ServiceEndpoints []PowerVSServiceEndpointApplyConfiguration `json:"serviceEndpoints,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/powervsplatformstatus.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/powervsplatformstatus.go index f40099f16..8d6b0b3ad 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/powervsplatformstatus.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/powervsplatformstatus.go @@ -4,13 +4,29 @@ package v1 // PowerVSPlatformStatusApplyConfiguration represents a declarative configuration of the PowerVSPlatformStatus type for use // with apply. +// +// PowerVSPlatformStatus holds the current status of the IBM Power Systems Virtual Servers infrastrucutre provider. type PowerVSPlatformStatusApplyConfiguration struct { - Region *string `json:"region,omitempty"` - Zone *string `json:"zone,omitempty"` - ResourceGroup *string `json:"resourceGroup,omitempty"` + // region holds the default Power VS region for new Power VS resources created by the cluster. + Region *string `json:"region,omitempty"` + // zone holds the default zone for the new Power VS resources created by the cluster. + // Note: Currently only single-zone OCP clusters are supported + Zone *string `json:"zone,omitempty"` + // resourceGroup is the resource group name for new IBMCloud resources created for a cluster. + // The resource group specified here will be used by cluster-image-registry-operator to set up a COS Instance in IBMCloud for the cluster registry. + // More about resource groups can be found here: https://cloud.ibm.com/docs/account?topic=account-rgs. + // When omitted, the image registry operator won't be able to configure storage, + // which results in the image registry cluster operator not being in an available state. + ResourceGroup *string `json:"resourceGroup,omitempty"` + // serviceEndpoints is a list of custom endpoints which will override the default + // service endpoints of a Power VS service. ServiceEndpoints []PowerVSServiceEndpointApplyConfiguration `json:"serviceEndpoints,omitempty"` - CISInstanceCRN *string `json:"cisInstanceCRN,omitempty"` - DNSInstanceCRN *string `json:"dnsInstanceCRN,omitempty"` + // cisInstanceCRN is the CRN of the Cloud Internet Services instance managing + // the DNS zone for the cluster's base domain + CISInstanceCRN *string `json:"cisInstanceCRN,omitempty"` + // dnsInstanceCRN is the CRN of the DNS Services instance managing the DNS zone + // for the cluster's base domain + DNSInstanceCRN *string `json:"dnsInstanceCRN,omitempty"` } // PowerVSPlatformStatusApplyConfiguration constructs a declarative configuration of the PowerVSPlatformStatus type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/powervsserviceendpoint.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/powervsserviceendpoint.go index 8fd231a2a..e2b1fac87 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/powervsserviceendpoint.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/powervsserviceendpoint.go @@ -4,9 +4,20 @@ package v1 // PowerVSServiceEndpointApplyConfiguration represents a declarative configuration of the PowerVSServiceEndpoint type for use // with apply. +// +// PowervsServiceEndpoint stores the configuration of a custom url to +// override existing defaults of PowerVS Services. type PowerVSServiceEndpointApplyConfiguration struct { + // name is the name of the Power VS service. + // Few of the services are + // IAM - https://cloud.ibm.com/apidocs/iam-identity-token-api + // ResourceController - https://cloud.ibm.com/apidocs/resource-controller/resource-controller + // Power Cloud - https://cloud.ibm.com/apidocs/power-cloud Name *string `json:"name,omitempty"` - URL *string `json:"url,omitempty"` + // url is fully qualified URI with scheme https, that overrides the default generated + // endpoint for a client. + // This must be provided and cannot be empty. + URL *string `json:"url,omitempty"` } // PowerVSServiceEndpointApplyConfiguration constructs a declarative configuration of the PowerVSServiceEndpoint type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/prefixedclaimmapping.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/prefixedclaimmapping.go index 245520433..08ebf26a8 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/prefixedclaimmapping.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/prefixedclaimmapping.go @@ -4,9 +4,18 @@ package v1 // PrefixedClaimMappingApplyConfiguration represents a declarative configuration of the PrefixedClaimMapping type for use // with apply. +// +// PrefixedClaimMapping configures a claim mapping +// that allows for an optional prefix. type PrefixedClaimMappingApplyConfiguration struct { TokenClaimMappingApplyConfiguration `json:",inline"` - Prefix *string `json:"prefix,omitempty"` + // prefix is an optional field that configures the prefix that will be applied to the cluster identity attribute during the process of mapping JWT claims to cluster identity attributes. + // + // When omitted or set to an empty string (""), no prefix is applied to the cluster identity attribute. + // Must not be set to a non-empty value when expression is set. + // + // Example: if `prefix` is set to "myoidc:" and the `claim` in JWT contains an array of strings "a", "b" and "c", the mapping will result in an array of string "myoidc:a", "myoidc:b" and "myoidc:c". + Prefix *string `json:"prefix,omitempty"` } // PrefixedClaimMappingApplyConfiguration constructs a declarative configuration of the PrefixedClaimMapping type for use with @@ -23,6 +32,14 @@ func (b *PrefixedClaimMappingApplyConfiguration) WithClaim(value string) *Prefix return b } +// WithExpression sets the Expression field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Expression field is set to the value of the last call. +func (b *PrefixedClaimMappingApplyConfiguration) WithExpression(value string) *PrefixedClaimMappingApplyConfiguration { + b.TokenClaimMappingApplyConfiguration.Expression = &value + return b +} + // WithPrefix sets the Prefix field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the Prefix field is set to the value of the last call. diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/profilecustomizations.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/profilecustomizations.go index c2392bab9..034c96924 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/profilecustomizations.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/profilecustomizations.go @@ -8,7 +8,17 @@ import ( // ProfileCustomizationsApplyConfiguration represents a declarative configuration of the ProfileCustomizations type for use // with apply. +// +// ProfileCustomizations contains various parameters for modifying the default behavior of certain profiles type ProfileCustomizationsApplyConfiguration struct { + // dynamicResourceAllocation allows to enable or disable dynamic resource allocation within the scheduler. + // Dynamic resource allocation is an API for requesting and sharing resources between pods and containers inside a pod. + // Third-party resource drivers are responsible for tracking and allocating resources. + // Different kinds of resources support arbitrary parameters for defining requirements and initialization. + // Valid values are Enabled, Disabled and omitted. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, + // which is subject to change over time. + // The current default is Disabled. DynamicResourceAllocation *configv1.DRAEnablement `json:"dynamicResourceAllocation,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/project.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/project.go index e9b7c2c6b..5bcc3a26e 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/project.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/project.go @@ -13,11 +13,19 @@ import ( // ProjectApplyConfiguration represents a declarative configuration of the Project type for use // with apply. +// +// Project holds cluster-wide information about Project. The canonical name is `cluster` +// +// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). type ProjectApplyConfiguration struct { - metav1.TypeMetaApplyConfiguration `json:",inline"` + metav1.TypeMetaApplyConfiguration `json:",inline"` + // metadata is the standard object's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata *metav1.ObjectMetaApplyConfiguration `json:"metadata,omitempty"` - Spec *ProjectSpecApplyConfiguration `json:"spec,omitempty"` - Status *configv1.ProjectStatus `json:"status,omitempty"` + // spec holds user settable values for configuration + Spec *ProjectSpecApplyConfiguration `json:"spec,omitempty"` + // status holds observed values from the cluster. They may not be overridden. + Status *configv1.ProjectStatus `json:"status,omitempty"` } // Project constructs a declarative configuration of the Project type for use with @@ -30,6 +38,26 @@ func Project(name string) *ProjectApplyConfiguration { return b } +// ExtractProjectFrom extracts the applied configuration owned by fieldManager from +// project for the specified subresource. Pass an empty string for subresource to extract +// the main resource. Common subresources include "status", "scale", etc. +// project must be a unmodified Project API object that was retrieved from the Kubernetes API. +// ExtractProjectFrom provides a way to perform a extract/modify-in-place/apply workflow. +// Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously +// applied if another fieldManager has updated or force applied any of the previously applied fields. +func ExtractProjectFrom(project *configv1.Project, fieldManager string, subresource string) (*ProjectApplyConfiguration, error) { + b := &ProjectApplyConfiguration{} + err := managedfields.ExtractInto(project, internal.Parser().Type("com.github.openshift.api.config.v1.Project"), fieldManager, b, subresource) + if err != nil { + return nil, err + } + b.WithName(project.Name) + + b.WithKind("Project") + b.WithAPIVersion("config.openshift.io/v1") + return b, nil +} + // ExtractProject extracts the applied configuration owned by fieldManager from // project. If no managedFields are found in project for fieldManager, a // ProjectApplyConfiguration is returned with only the Name, Namespace (if applicable), @@ -40,30 +68,16 @@ func Project(name string) *ProjectApplyConfiguration { // ExtractProject provides a way to perform a extract/modify-in-place/apply workflow. // Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously // applied if another fieldManager has updated or force applied any of the previously applied fields. -// Experimental! func ExtractProject(project *configv1.Project, fieldManager string) (*ProjectApplyConfiguration, error) { - return extractProject(project, fieldManager, "") + return ExtractProjectFrom(project, fieldManager, "") } -// ExtractProjectStatus is the same as ExtractProject except -// that it extracts the status subresource applied configuration. -// Experimental! +// ExtractProjectStatus extracts the applied configuration owned by fieldManager from +// project for the status subresource. func ExtractProjectStatus(project *configv1.Project, fieldManager string) (*ProjectApplyConfiguration, error) { - return extractProject(project, fieldManager, "status") + return ExtractProjectFrom(project, fieldManager, "status") } -func extractProject(project *configv1.Project, fieldManager string, subresource string) (*ProjectApplyConfiguration, error) { - b := &ProjectApplyConfiguration{} - err := managedfields.ExtractInto(project, internal.Parser().Type("com.github.openshift.api.config.v1.Project"), fieldManager, b, subresource) - if err != nil { - return nil, err - } - b.WithName(project.Name) - - b.WithKind("Project") - b.WithAPIVersion("config.openshift.io/v1") - return b, nil -} func (b ProjectApplyConfiguration) IsApplyConfiguration() {} // WithKind sets the Kind field in the declarative configuration to the given value diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/projectspec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/projectspec.go index 417be90be..bb1ba8535 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/projectspec.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/projectspec.go @@ -4,8 +4,14 @@ package v1 // ProjectSpecApplyConfiguration represents a declarative configuration of the ProjectSpec type for use // with apply. +// +// ProjectSpec holds the project creation configuration. type ProjectSpecApplyConfiguration struct { - ProjectRequestMessage *string `json:"projectRequestMessage,omitempty"` + // projectRequestMessage is the string presented to a user if they are unable to request a project via the projectrequest api endpoint + ProjectRequestMessage *string `json:"projectRequestMessage,omitempty"` + // projectRequestTemplate is the template to use for creating projects in response to projectrequest. + // This must point to a template in 'openshift-config' namespace. It is optional. + // If it is not specified, a default template is used. ProjectRequestTemplate *TemplateReferenceApplyConfiguration `json:"projectRequestTemplate,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/promqlclustercondition.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/promqlclustercondition.go index e3f40e4f9..fcb66c6fd 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/promqlclustercondition.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/promqlclustercondition.go @@ -4,7 +4,14 @@ package v1 // PromQLClusterConditionApplyConfiguration represents a declarative configuration of the PromQLClusterCondition type for use // with apply. +// +// PromQLClusterCondition represents a cluster condition based on PromQL. type PromQLClusterConditionApplyConfiguration struct { + // promql is a PromQL query classifying clusters. This query + // query should return a 1 in the match case and a 0 in the + // does-not-match case. Queries which return no time + // series, or which return values besides 0 or 1, are + // evaluation failures. PromQL *string `json:"promql,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/proxy.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/proxy.go index 7992e28f2..155de1eaf 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/proxy.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/proxy.go @@ -13,11 +13,19 @@ import ( // ProxyApplyConfiguration represents a declarative configuration of the Proxy type for use // with apply. +// +// Proxy holds cluster-wide information on how to configure default proxies for the cluster. The canonical name is `cluster` +// +// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). type ProxyApplyConfiguration struct { - metav1.TypeMetaApplyConfiguration `json:",inline"` + metav1.TypeMetaApplyConfiguration `json:",inline"` + // metadata is the standard object's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata *metav1.ObjectMetaApplyConfiguration `json:"metadata,omitempty"` - Spec *ProxySpecApplyConfiguration `json:"spec,omitempty"` - Status *ProxyStatusApplyConfiguration `json:"status,omitempty"` + // spec holds user-settable values for the proxy configuration + Spec *ProxySpecApplyConfiguration `json:"spec,omitempty"` + // status holds observed values from the cluster. They may not be overridden. + Status *ProxyStatusApplyConfiguration `json:"status,omitempty"` } // Proxy constructs a declarative configuration of the Proxy type for use with @@ -30,6 +38,26 @@ func Proxy(name string) *ProxyApplyConfiguration { return b } +// ExtractProxyFrom extracts the applied configuration owned by fieldManager from +// proxy for the specified subresource. Pass an empty string for subresource to extract +// the main resource. Common subresources include "status", "scale", etc. +// proxy must be a unmodified Proxy API object that was retrieved from the Kubernetes API. +// ExtractProxyFrom provides a way to perform a extract/modify-in-place/apply workflow. +// Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously +// applied if another fieldManager has updated or force applied any of the previously applied fields. +func ExtractProxyFrom(proxy *configv1.Proxy, fieldManager string, subresource string) (*ProxyApplyConfiguration, error) { + b := &ProxyApplyConfiguration{} + err := managedfields.ExtractInto(proxy, internal.Parser().Type("com.github.openshift.api.config.v1.Proxy"), fieldManager, b, subresource) + if err != nil { + return nil, err + } + b.WithName(proxy.Name) + + b.WithKind("Proxy") + b.WithAPIVersion("config.openshift.io/v1") + return b, nil +} + // ExtractProxy extracts the applied configuration owned by fieldManager from // proxy. If no managedFields are found in proxy for fieldManager, a // ProxyApplyConfiguration is returned with only the Name, Namespace (if applicable), @@ -40,30 +68,16 @@ func Proxy(name string) *ProxyApplyConfiguration { // ExtractProxy provides a way to perform a extract/modify-in-place/apply workflow. // Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously // applied if another fieldManager has updated or force applied any of the previously applied fields. -// Experimental! func ExtractProxy(proxy *configv1.Proxy, fieldManager string) (*ProxyApplyConfiguration, error) { - return extractProxy(proxy, fieldManager, "") + return ExtractProxyFrom(proxy, fieldManager, "") } -// ExtractProxyStatus is the same as ExtractProxy except -// that it extracts the status subresource applied configuration. -// Experimental! +// ExtractProxyStatus extracts the applied configuration owned by fieldManager from +// proxy for the status subresource. func ExtractProxyStatus(proxy *configv1.Proxy, fieldManager string) (*ProxyApplyConfiguration, error) { - return extractProxy(proxy, fieldManager, "status") + return ExtractProxyFrom(proxy, fieldManager, "status") } -func extractProxy(proxy *configv1.Proxy, fieldManager string, subresource string) (*ProxyApplyConfiguration, error) { - b := &ProxyApplyConfiguration{} - err := managedfields.ExtractInto(proxy, internal.Parser().Type("com.github.openshift.api.config.v1.Proxy"), fieldManager, b, subresource) - if err != nil { - return nil, err - } - b.WithName(proxy.Name) - - b.WithKind("Proxy") - b.WithAPIVersion("config.openshift.io/v1") - return b, nil -} func (b ProxyApplyConfiguration) IsApplyConfiguration() {} // WithKind sets the Kind field in the declarative configuration to the given value diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/proxyspec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/proxyspec.go index bd2cf6657..6ddce630f 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/proxyspec.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/proxyspec.go @@ -4,12 +4,42 @@ package v1 // ProxySpecApplyConfiguration represents a declarative configuration of the ProxySpec type for use // with apply. +// +// ProxySpec contains cluster proxy creation configuration. type ProxySpecApplyConfiguration struct { - HTTPProxy *string `json:"httpProxy,omitempty"` - HTTPSProxy *string `json:"httpsProxy,omitempty"` - NoProxy *string `json:"noProxy,omitempty"` - ReadinessEndpoints []string `json:"readinessEndpoints,omitempty"` - TrustedCA *ConfigMapNameReferenceApplyConfiguration `json:"trustedCA,omitempty"` + // httpProxy is the URL of the proxy for HTTP requests. Empty means unset and will not result in an env var. + HTTPProxy *string `json:"httpProxy,omitempty"` + // httpsProxy is the URL of the proxy for HTTPS requests. Empty means unset and will not result in an env var. + HTTPSProxy *string `json:"httpsProxy,omitempty"` + // noProxy is a comma-separated list of hostnames and/or CIDRs and/or IPs for which the proxy should not be used. + // Empty means unset and will not result in an env var. + NoProxy *string `json:"noProxy,omitempty"` + // readinessEndpoints is a list of endpoints used to verify readiness of the proxy. + ReadinessEndpoints []string `json:"readinessEndpoints,omitempty"` + // trustedCA is a reference to a ConfigMap containing a CA certificate bundle. + // The trustedCA field should only be consumed by a proxy validator. The + // validator is responsible for reading the certificate bundle from the required + // key "ca-bundle.crt", merging it with the system default trust bundle, + // and writing the merged trust bundle to a ConfigMap named "trusted-ca-bundle" + // in the "openshift-config-managed" namespace. Clients that expect to make + // proxy connections must use the trusted-ca-bundle for all HTTPS requests to + // the proxy, and may use the trusted-ca-bundle for non-proxy HTTPS requests as + // well. + // + // The namespace for the ConfigMap referenced by trustedCA is + // "openshift-config". Here is an example ConfigMap (in yaml): + // + // apiVersion: v1 + // kind: ConfigMap + // metadata: + // name: user-ca-bundle + // namespace: openshift-config + // data: + // ca-bundle.crt: | + // -----BEGIN CERTIFICATE----- + // Custom CA certificate bundle. + // -----END CERTIFICATE----- + TrustedCA *ConfigMapNameReferenceApplyConfiguration `json:"trustedCA,omitempty"` } // ProxySpecApplyConfiguration constructs a declarative configuration of the ProxySpec type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/proxystatus.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/proxystatus.go index 784afdff6..7b6b58ff4 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/proxystatus.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/proxystatus.go @@ -4,10 +4,15 @@ package v1 // ProxyStatusApplyConfiguration represents a declarative configuration of the ProxyStatus type for use // with apply. +// +// ProxyStatus shows current known state of the cluster proxy. type ProxyStatusApplyConfiguration struct { - HTTPProxy *string `json:"httpProxy,omitempty"` + // httpProxy is the URL of the proxy for HTTP requests. + HTTPProxy *string `json:"httpProxy,omitempty"` + // httpsProxy is the URL of the proxy for HTTPS requests. HTTPSProxy *string `json:"httpsProxy,omitempty"` - NoProxy *string `json:"noProxy,omitempty"` + // noProxy is a comma-separated list of hostnames and/or CIDRs for which the proxy should not be used. + NoProxy *string `json:"noProxy,omitempty"` } // ProxyStatusApplyConfiguration constructs a declarative configuration of the ProxyStatus type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/registrylocation.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/registrylocation.go index d4aaa4e1e..1994631dd 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/registrylocation.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/registrylocation.go @@ -4,9 +4,17 @@ package v1 // RegistryLocationApplyConfiguration represents a declarative configuration of the RegistryLocation type for use // with apply. +// +// RegistryLocation contains a location of the registry specified by the registry domain +// name. The domain name might include wildcards, like '*' or '??'. type RegistryLocationApplyConfiguration struct { + // domainName specifies a domain name for the registry + // In case the registry use non-standard (80 or 443) port, the port should be included + // in the domain name as well. DomainName *string `json:"domainName,omitempty"` - Insecure *bool `json:"insecure,omitempty"` + // insecure indicates whether the registry is secure (https) or insecure (http) + // By default (if not specified) the registry is assumed as secure. + Insecure *bool `json:"insecure,omitempty"` } // RegistryLocationApplyConfiguration constructs a declarative configuration of the RegistryLocation type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/registrysources.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/registrysources.go index a92592f30..9fd5335da 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/registrysources.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/registrysources.go @@ -4,10 +4,40 @@ package v1 // RegistrySourcesApplyConfiguration represents a declarative configuration of the RegistrySources type for use // with apply. +// +// RegistrySources holds cluster-wide information about how to handle the registries config. type RegistrySourcesApplyConfiguration struct { - InsecureRegistries []string `json:"insecureRegistries,omitempty"` - BlockedRegistries []string `json:"blockedRegistries,omitempty"` - AllowedRegistries []string `json:"allowedRegistries,omitempty"` + // insecureRegistries are registries which do not have a valid TLS certificates or only support HTTP connections. + // Each entry must be a valid registry scope in the format hostname[:port][/path], + // optionally prefixed with "*." for wildcard subdomains (e.g., "*.example.com"). + // The hostname must consist of valid DNS labels separated by dots, where each label + // contains only alphanumeric characters and hyphens and does not start or end with a hyphen. + // Entries must not be empty, must not include tags (e.g., ":latest") or digests (e.g., "@sha256:..."), + // and must be at most 256 characters in length. The list may contain at most 1024 entries. + InsecureRegistries []string `json:"insecureRegistries,omitempty"` + // blockedRegistries cannot be used for image pull and push actions. All other registries are permitted. + // Each entry must be a valid registry scope in the format hostname[:port][/path], + // optionally prefixed with "*." for wildcard subdomains (e.g., "*.example.com"). + // The hostname must consist of valid DNS labels separated by dots, where each label + // contains only alphanumeric characters and hyphens and does not start or end with a hyphen. + // Entries must not be empty, must not include tags (e.g., ":latest") or digests (e.g., "@sha256:..."), + // and must be at most 256 characters in length. The list may contain at most 1024 entries. + // + // Only one of BlockedRegistries or AllowedRegistries may be set. + BlockedRegistries []string `json:"blockedRegistries,omitempty"` + // allowedRegistries are the only registries permitted for image pull and push actions. All other registries are denied. + // Each entry must be a valid registry scope in the format hostname[:port][/path], + // optionally prefixed with "*." for wildcard subdomains (e.g., "*.example.com"). + // The hostname must consist of valid DNS labels separated by dots, where each label + // contains only alphanumeric characters and hyphens and does not start or end with a hyphen. + // Entries must not be empty, must not include tags (e.g., ":latest") or digests (e.g., "@sha256:..."), + // and must be at most 256 characters in length. The list may contain at most 1024 entries. + // + // Only one of BlockedRegistries or AllowedRegistries may be set. + AllowedRegistries []string `json:"allowedRegistries,omitempty"` + // containerRuntimeSearchRegistries are registries that will be searched when pulling images that do not have fully qualified + // domains in their pull specs. Registries will be searched in the order provided in the list. + // Note: this search list only works with the container runtime, i.e CRI-O. Will NOT work with builds or imagestream imports. ContainerRuntimeSearchRegistries []string `json:"containerRuntimeSearchRegistries,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/release.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/release.go index c8275fcde..488e486b8 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/release.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/release.go @@ -8,12 +8,31 @@ import ( // ReleaseApplyConfiguration represents a declarative configuration of the Release type for use // with apply. +// +// Release represents an OpenShift release image and associated metadata. type ReleaseApplyConfiguration struct { + // architecture is an optional field that indicates the + // value of the cluster architecture. In this context cluster + // architecture means either a single architecture or a multi + // architecture. + // Valid values are 'Multi' and empty. Architecture *configv1.ClusterVersionArchitecture `json:"architecture,omitempty"` - Version *string `json:"version,omitempty"` - Image *string `json:"image,omitempty"` - URL *configv1.URL `json:"url,omitempty"` - Channels []string `json:"channels,omitempty"` + // version is a semantic version identifying the update version. When this + // field is part of spec, version is optional if image is specified. + Version *string `json:"version,omitempty"` + // image is a container image location that contains the update. When this + // field is part of spec, image is optional if version is specified and the + // availableUpdates field contains a matching version. + Image *string `json:"image,omitempty"` + // url contains information about this release. This URL is set by + // the 'url' metadata property on a release or the metadata returned by + // the update API and should be displayed as a link in user + // interfaces. The URL field may not be set for test or nightly + // releases. + URL *configv1.URL `json:"url,omitempty"` + // channels is the set of Cincinnati channels to which the release + // currently belongs. + Channels []string `json:"channels,omitempty"` } // ReleaseApplyConfiguration constructs a declarative configuration of the Release type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/repositorydigestmirrors.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/repositorydigestmirrors.go index 96f724095..8a211863b 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/repositorydigestmirrors.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/repositorydigestmirrors.go @@ -8,10 +8,24 @@ import ( // RepositoryDigestMirrorsApplyConfiguration represents a declarative configuration of the RepositoryDigestMirrors type for use // with apply. +// +// RepositoryDigestMirrors holds cluster-wide information about how to handle mirrors in the registries config. type RepositoryDigestMirrorsApplyConfiguration struct { - Source *string `json:"source,omitempty"` - AllowMirrorByTags *bool `json:"allowMirrorByTags,omitempty"` - Mirrors []configv1.Mirror `json:"mirrors,omitempty"` + // source is the repository that users refer to, e.g. in image pull specifications. + Source *string `json:"source,omitempty"` + // allowMirrorByTags if true, the mirrors can be used to pull the images that are referenced by their tags. Default is false, the mirrors only work when pulling the images that are referenced by their digests. + // Pulling images by tag can potentially yield different images, depending on which endpoint + // we pull from. Forcing digest-pulls for mirrors avoids that issue. + AllowMirrorByTags *bool `json:"allowMirrorByTags,omitempty"` + // mirrors is zero or more repositories that may also contain the same images. + // If the "mirrors" is not specified, the image will continue to be pulled from the specified + // repository in the pull spec. No mirror will be configured. + // The order of mirrors in this list is treated as the user's desired priority, while source + // is by default considered lower priority than all mirrors. Other cluster configuration, + // including (but not limited to) other repositoryDigestMirrors objects, + // may impact the exact order mirrors are contacted in, or some mirrors may be contacted + // in parallel, so this should be considered a preference rather than a guarantee of ordering. + Mirrors []configv1.Mirror `json:"mirrors,omitempty"` } // RepositoryDigestMirrorsApplyConfiguration constructs a declarative configuration of the RepositoryDigestMirrors type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/requestheaderidentityprovider.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/requestheaderidentityprovider.go index 2911473d0..674bf56e1 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/requestheaderidentityprovider.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/requestheaderidentityprovider.go @@ -4,15 +4,45 @@ package v1 // RequestHeaderIdentityProviderApplyConfiguration represents a declarative configuration of the RequestHeaderIdentityProvider type for use // with apply. +// +// RequestHeaderIdentityProvider provides identities for users authenticating using request header credentials type RequestHeaderIdentityProviderApplyConfiguration struct { - LoginURL *string `json:"loginURL,omitempty"` - ChallengeURL *string `json:"challengeURL,omitempty"` - ClientCA *ConfigMapNameReferenceApplyConfiguration `json:"ca,omitempty"` - ClientCommonNames []string `json:"clientCommonNames,omitempty"` - Headers []string `json:"headers,omitempty"` - PreferredUsernameHeaders []string `json:"preferredUsernameHeaders,omitempty"` - NameHeaders []string `json:"nameHeaders,omitempty"` - EmailHeaders []string `json:"emailHeaders,omitempty"` + // loginURL is a URL to redirect unauthenticated /authorize requests to + // Unauthenticated requests from OAuth clients which expect interactive logins will be redirected here + // ${url} is replaced with the current URL, escaped to be safe in a query parameter + // https://www.example.com/sso-login?then=${url} + // ${query} is replaced with the current query string + // https://www.example.com/auth-proxy/oauth/authorize?${query} + // Required when login is set to true. + LoginURL *string `json:"loginURL,omitempty"` + // challengeURL is a URL to redirect unauthenticated /authorize requests to + // Unauthenticated requests from OAuth clients which expect WWW-Authenticate challenges will be + // redirected here. + // ${url} is replaced with the current URL, escaped to be safe in a query parameter + // https://www.example.com/sso-login?then=${url} + // ${query} is replaced with the current query string + // https://www.example.com/auth-proxy/oauth/authorize?${query} + // Required when challenge is set to true. + ChallengeURL *string `json:"challengeURL,omitempty"` + // ca is a required reference to a config map by name containing the PEM-encoded CA bundle. + // It is used as a trust anchor to validate the TLS certificate presented by the remote server. + // Specifically, it allows verification of incoming requests to prevent header spoofing. + // The key "ca.crt" is used to locate the data. + // If the config map or expected key is not found, the identity provider is not honored. + // If the specified ca data is not valid, the identity provider is not honored. + // The namespace for this config map is openshift-config. + ClientCA *ConfigMapNameReferenceApplyConfiguration `json:"ca,omitempty"` + // clientCommonNames is an optional list of common names to require a match from. If empty, any + // client certificate validated against the clientCA bundle is considered authoritative. + ClientCommonNames []string `json:"clientCommonNames,omitempty"` + // headers is the set of headers to check for identity information + Headers []string `json:"headers,omitempty"` + // preferredUsernameHeaders is the set of headers to check for the preferred username + PreferredUsernameHeaders []string `json:"preferredUsernameHeaders,omitempty"` + // nameHeaders is the set of headers to check for the display name + NameHeaders []string `json:"nameHeaders,omitempty"` + // emailHeaders is the set of headers to check for the email address + EmailHeaders []string `json:"emailHeaders,omitempty"` } // RequestHeaderIdentityProviderApplyConfiguration constructs a declarative configuration of the RequestHeaderIdentityProvider type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/requiredhstspolicy.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/requiredhstspolicy.go index c68466123..e78614500 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/requiredhstspolicy.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/requiredhstspolicy.go @@ -10,11 +10,34 @@ import ( // RequiredHSTSPolicyApplyConfiguration represents a declarative configuration of the RequiredHSTSPolicy type for use // with apply. type RequiredHSTSPolicyApplyConfiguration struct { - NamespaceSelector *metav1.LabelSelectorApplyConfiguration `json:"namespaceSelector,omitempty"` - DomainPatterns []string `json:"domainPatterns,omitempty"` - MaxAge *MaxAgePolicyApplyConfiguration `json:"maxAge,omitempty"` - PreloadPolicy *configv1.PreloadPolicy `json:"preloadPolicy,omitempty"` - IncludeSubDomainsPolicy *configv1.IncludeSubDomainsPolicy `json:"includeSubDomainsPolicy,omitempty"` + // namespaceSelector specifies a label selector such that the policy applies only to those routes that + // are in namespaces with labels that match the selector, and are in one of the DomainPatterns. + // Defaults to the empty LabelSelector, which matches everything. + NamespaceSelector *metav1.LabelSelectorApplyConfiguration `json:"namespaceSelector,omitempty"` + // domainPatterns is a list of domains for which the desired HSTS annotations are required. + // If domainPatterns is specified and a route is created with a spec.host matching one of the domains, + // the route must specify the HSTS Policy components described in the matching RequiredHSTSPolicy. + // + // The use of wildcards is allowed like this: *.foo.com matches everything under foo.com. + // foo.com only matches foo.com, so to cover foo.com and everything under it, you must specify *both*. + DomainPatterns []string `json:"domainPatterns,omitempty"` + // maxAge is the delta time range in seconds during which hosts are regarded as HSTS hosts. + // If set to 0, it negates the effect, and hosts are removed as HSTS hosts. + // If set to 0 and includeSubdomains is specified, all subdomains of the host are also removed as HSTS hosts. + // maxAge is a time-to-live value, and if this policy is not refreshed on a client, the HSTS + // policy will eventually expire on that client. + MaxAge *MaxAgePolicyApplyConfiguration `json:"maxAge,omitempty"` + // preloadPolicy directs the client to include hosts in its host preload list so that + // it never needs to do an initial load to get the HSTS header (note that this is not defined + // in RFC 6797 and is therefore client implementation-dependent). + PreloadPolicy *configv1.PreloadPolicy `json:"preloadPolicy,omitempty"` + // includeSubDomainsPolicy means the HSTS Policy should apply to any subdomains of the host's + // domain name. Thus, for the host bar.foo.com, if includeSubDomainsPolicy was set to RequireIncludeSubDomains: + // - the host app.bar.foo.com would inherit the HSTS Policy of bar.foo.com + // - the host bar.foo.com would inherit the HSTS Policy of bar.foo.com + // - the host foo.com would NOT inherit the HSTS Policy of bar.foo.com + // - the host def.foo.com would NOT inherit the HSTS Policy of bar.foo.com + IncludeSubDomainsPolicy *configv1.IncludeSubDomainsPolicy `json:"includeSubDomainsPolicy,omitempty"` } // RequiredHSTSPolicyApplyConfiguration constructs a declarative configuration of the RequiredHSTSPolicy type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/scheduler.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/scheduler.go index 2f04f83ed..3e6a19393 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/scheduler.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/scheduler.go @@ -13,11 +13,20 @@ import ( // SchedulerApplyConfiguration represents a declarative configuration of the Scheduler type for use // with apply. +// +// Scheduler holds cluster-wide config information to run the Kubernetes Scheduler +// and influence its placement decisions. The canonical name for this config is `cluster`. +// +// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). type SchedulerApplyConfiguration struct { - metav1.TypeMetaApplyConfiguration `json:",inline"` + metav1.TypeMetaApplyConfiguration `json:",inline"` + // metadata is the standard object's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata *metav1.ObjectMetaApplyConfiguration `json:"metadata,omitempty"` - Spec *SchedulerSpecApplyConfiguration `json:"spec,omitempty"` - Status *configv1.SchedulerStatus `json:"status,omitempty"` + // spec holds user settable values for configuration + Spec *SchedulerSpecApplyConfiguration `json:"spec,omitempty"` + // status holds observed values from the cluster. They may not be overridden. + Status *configv1.SchedulerStatus `json:"status,omitempty"` } // Scheduler constructs a declarative configuration of the Scheduler type for use with @@ -30,6 +39,26 @@ func Scheduler(name string) *SchedulerApplyConfiguration { return b } +// ExtractSchedulerFrom extracts the applied configuration owned by fieldManager from +// scheduler for the specified subresource. Pass an empty string for subresource to extract +// the main resource. Common subresources include "status", "scale", etc. +// scheduler must be a unmodified Scheduler API object that was retrieved from the Kubernetes API. +// ExtractSchedulerFrom provides a way to perform a extract/modify-in-place/apply workflow. +// Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously +// applied if another fieldManager has updated or force applied any of the previously applied fields. +func ExtractSchedulerFrom(scheduler *configv1.Scheduler, fieldManager string, subresource string) (*SchedulerApplyConfiguration, error) { + b := &SchedulerApplyConfiguration{} + err := managedfields.ExtractInto(scheduler, internal.Parser().Type("com.github.openshift.api.config.v1.Scheduler"), fieldManager, b, subresource) + if err != nil { + return nil, err + } + b.WithName(scheduler.Name) + + b.WithKind("Scheduler") + b.WithAPIVersion("config.openshift.io/v1") + return b, nil +} + // ExtractScheduler extracts the applied configuration owned by fieldManager from // scheduler. If no managedFields are found in scheduler for fieldManager, a // SchedulerApplyConfiguration is returned with only the Name, Namespace (if applicable), @@ -40,30 +69,16 @@ func Scheduler(name string) *SchedulerApplyConfiguration { // ExtractScheduler provides a way to perform a extract/modify-in-place/apply workflow. // Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously // applied if another fieldManager has updated or force applied any of the previously applied fields. -// Experimental! func ExtractScheduler(scheduler *configv1.Scheduler, fieldManager string) (*SchedulerApplyConfiguration, error) { - return extractScheduler(scheduler, fieldManager, "") + return ExtractSchedulerFrom(scheduler, fieldManager, "") } -// ExtractSchedulerStatus is the same as ExtractScheduler except -// that it extracts the status subresource applied configuration. -// Experimental! +// ExtractSchedulerStatus extracts the applied configuration owned by fieldManager from +// scheduler for the status subresource. func ExtractSchedulerStatus(scheduler *configv1.Scheduler, fieldManager string) (*SchedulerApplyConfiguration, error) { - return extractScheduler(scheduler, fieldManager, "status") + return ExtractSchedulerFrom(scheduler, fieldManager, "status") } -func extractScheduler(scheduler *configv1.Scheduler, fieldManager string, subresource string) (*SchedulerApplyConfiguration, error) { - b := &SchedulerApplyConfiguration{} - err := managedfields.ExtractInto(scheduler, internal.Parser().Type("com.github.openshift.api.config.v1.Scheduler"), fieldManager, b, subresource) - if err != nil { - return nil, err - } - b.WithName(scheduler.Name) - - b.WithKind("Scheduler") - b.WithAPIVersion("config.openshift.io/v1") - return b, nil -} func (b SchedulerApplyConfiguration) IsApplyConfiguration() {} // WithKind sets the Kind field in the declarative configuration to the given value diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/schedulerspec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/schedulerspec.go index 2160ab2ff..64d0aab07 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/schedulerspec.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/schedulerspec.go @@ -9,11 +9,52 @@ import ( // SchedulerSpecApplyConfiguration represents a declarative configuration of the SchedulerSpec type for use // with apply. type SchedulerSpecApplyConfiguration struct { - Policy *ConfigMapNameReferenceApplyConfiguration `json:"policy,omitempty"` - Profile *configv1.SchedulerProfile `json:"profile,omitempty"` - ProfileCustomizations *ProfileCustomizationsApplyConfiguration `json:"profileCustomizations,omitempty"` - DefaultNodeSelector *string `json:"defaultNodeSelector,omitempty"` - MastersSchedulable *bool `json:"mastersSchedulable,omitempty"` + // DEPRECATED: the scheduler Policy API has been deprecated and will be removed in a future release. + // policy is a reference to a ConfigMap containing scheduler policy which has + // user specified predicates and priorities. If this ConfigMap is not available + // scheduler will default to use DefaultAlgorithmProvider. + // The namespace for this configmap is openshift-config. + Policy *ConfigMapNameReferenceApplyConfiguration `json:"policy,omitempty"` + // profile sets which scheduling profile should be set in order to configure scheduling + // decisions for new pods. + // + // Valid values are "LowNodeUtilization", "HighNodeUtilization", "NoScoring" + // Defaults to "LowNodeUtilization" + Profile *configv1.SchedulerProfile `json:"profile,omitempty"` + // profileCustomizations contains configuration for modifying the default behavior of existing scheduler profiles. + // Deprecated: no longer needed, since DRA is GA starting with 4.21, and + // is enabled by' default in the cluster, this field will be removed in 4.24. + ProfileCustomizations *ProfileCustomizationsApplyConfiguration `json:"profileCustomizations,omitempty"` + // defaultNodeSelector helps set the cluster-wide default node selector to + // restrict pod placement to specific nodes. This is applied to the pods + // created in all namespaces and creates an intersection with any existing + // nodeSelectors already set on a pod, additionally constraining that pod's selector. + // For example, + // defaultNodeSelector: "type=user-node,region=east" would set nodeSelector + // field in pod spec to "type=user-node,region=east" to all pods created + // in all namespaces. Namespaces having project-wide node selectors won't be + // impacted even if this field is set. This adds an annotation section to + // the namespace. + // For example, if a new namespace is created with + // node-selector='type=user-node,region=east', + // the annotation openshift.io/node-selector: type=user-node,region=east + // gets added to the project. When the openshift.io/node-selector annotation + // is set on the project the value is used in preference to the value we are setting + // for defaultNodeSelector field. + // For instance, + // openshift.io/node-selector: "type=user-node,region=west" means + // that the default of "type=user-node,region=east" set in defaultNodeSelector + // would not be applied. + DefaultNodeSelector *string `json:"defaultNodeSelector,omitempty"` + // mastersSchedulable allows masters nodes to be schedulable. When this flag is + // turned on, all the master nodes in the cluster will be made schedulable, + // so that workload pods can run on them. The default value for this field is false, + // meaning none of the master nodes are schedulable. + // Important Note: Once the workload pods start running on the master nodes, + // extreme care must be taken to ensure that cluster-critical control plane components + // are not impacted. + // Please turn on this field after doing due diligence. + MastersSchedulable *bool `json:"mastersSchedulable,omitempty"` } // SchedulerSpecApplyConfiguration constructs a declarative configuration of the SchedulerSpec type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/secretnamereference.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/secretnamereference.go index 692056c6b..110052b0c 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/secretnamereference.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/secretnamereference.go @@ -4,7 +4,11 @@ package v1 // SecretNameReferenceApplyConfiguration represents a declarative configuration of the SecretNameReference type for use // with apply. +// +// SecretNameReference references a secret in a specific namespace. +// The namespace must be specified at the point of use. type SecretNameReferenceApplyConfiguration struct { + // name is the metadata.name of the referenced secret Name *string `json:"name,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/signaturestore.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/signaturestore.go index 918f13df6..cb2e6a2f2 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/signaturestore.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/signaturestore.go @@ -4,9 +4,21 @@ package v1 // SignatureStoreApplyConfiguration represents a declarative configuration of the SignatureStore type for use // with apply. +// +// SignatureStore represents the URL of custom Signature Store type SignatureStoreApplyConfiguration struct { - URL *string `json:"url,omitempty"` - CA *ConfigMapNameReferenceApplyConfiguration `json:"ca,omitempty"` + // url contains the upstream custom signature store URL. + // url should be a valid absolute http/https URI of an upstream signature store as per rfc1738. + // This must be provided and cannot be empty. + URL *string `json:"url,omitempty"` + // ca is an optional reference to a config map by name containing the PEM-encoded CA bundle. + // It is used as a trust anchor to validate the TLS certificate presented by the remote server. + // The key "ca.crt" is used to locate the data. + // If specified and the config map or expected key is not found, the signature store is not honored. + // If the specified ca data is not valid, the signature store is not honored. + // If empty, we fall back to the CA configured via Proxy, which is appended to the default system roots. + // The namespace for this config map is openshift-config. + CA *ConfigMapNameReferenceApplyConfiguration `json:"ca,omitempty"` } // SignatureStoreApplyConfiguration constructs a declarative configuration of the SignatureStore type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/sourcedclaimmapping.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/sourcedclaimmapping.go new file mode 100644 index 000000000..92c4dc24f --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/sourcedclaimmapping.go @@ -0,0 +1,51 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +// SourcedClaimMappingApplyConfiguration represents a declarative configuration of the SourcedClaimMapping type for use +// with apply. +// +// SourcedClaimMapping configures the mapping behavior for a single external claim +// from the response the apiserver received from the external claim source. +type SourcedClaimMappingApplyConfiguration struct { + // name is a required name of the claim that + // will be produced and made available during + // the claim-to-identity mapping process. + // name must consist of only lowercase alpha characters and underscores ('_'). + // name must be at least 1 character and must not exceed 256 characters in length. + Name *string `json:"name,omitempty"` + // expression is a required CEL expression that + // will produce a value to be assigned to the claim. + // The full response body from the request to the + // external claim source is provided via the + // `response.body` variable. + // + // The contents of the `response.body` variable varies based on the response received + // from the external source. It is the responsibility of those configuring + // this expression to understand what is returned from the external source. + // + // expression must be at least 1 character and must not exceed 1024 characters in length. + Expression *string `json:"expression,omitempty"` +} + +// SourcedClaimMappingApplyConfiguration constructs a declarative configuration of the SourcedClaimMapping type for use with +// apply. +func SourcedClaimMapping() *SourcedClaimMappingApplyConfiguration { + return &SourcedClaimMappingApplyConfiguration{} +} + +// WithName sets the Name field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Name field is set to the value of the last call. +func (b *SourcedClaimMappingApplyConfiguration) WithName(value string) *SourcedClaimMappingApplyConfiguration { + b.Name = &value + return b +} + +// WithExpression sets the Expression field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Expression field is set to the value of the last call. +func (b *SourcedClaimMappingApplyConfiguration) WithExpression(value string) *SourcedClaimMappingApplyConfiguration { + b.Expression = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/sourceurl.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/sourceurl.go new file mode 100644 index 000000000..b94a89f39 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/sourceurl.go @@ -0,0 +1,67 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +// SourceURLApplyConfiguration represents a declarative configuration of the SourceURL type for use +// with apply. +// +// SourceURL configures the options used to build the URL that is queried for external claims. +type SourceURLApplyConfiguration struct { + // hostname is a required hostname for which the external claims are located. + // + // It must be a valid DNS subdomain name as per RFC1123. + // + // This means that it must start and end with a lowercase alphanumeric character, + // must only consist of lowercase alphanumeric characters, '-', and '.'. + // hostname may optionally specify a port in the format ':{port}'. + // If a port is specified it must not exceed 65535. + // + // hostname must be at least 1 character in length. + // When specifying a port, hostname must not exceed 259 characters in length. + // When not specifying a port, hostname must not exceed 253 characters in length. + Hostname *string `json:"hostname,omitempty"` + // pathExpression is a required CEL expression that returns a list + // of string values used to construct the URL path. + // Claims from the token used for the request to the kube-apiserver + // are made available via the `claims` variable. + // expression must be at least 1 character in length and must not exceed 1024 characters in length. + // + // Values in the returned list will be joined with the hostname using a forward slash + // (`/`) as a separator. Values in the returned list do not need to include the forward slash. + // If a forward slash is included in a returned value, it will be encoded as `%2F`. + // + // Example of a static path configuration: + // + // pathExpression: ['realms', 'k8s', 'protocol', 'openid-connect', 'userinfo'] + // + // The above example would resolve to the path: '/realms/k8s/protocol/openid-connect/userinfo' + // + // Example of a dynamic path configuration: + // + // pathExpression: "['admin', 'realms', 'k8s', 'users'] + [claims.sub] + ['groups']" + // + // Assuming 'claims.sub' is set to '12345', the above example would resolve to the path: '/admin/realms/k8s/users/12345/groups' + PathExpression *string `json:"pathExpression,omitempty"` +} + +// SourceURLApplyConfiguration constructs a declarative configuration of the SourceURL type for use with +// apply. +func SourceURL() *SourceURLApplyConfiguration { + return &SourceURLApplyConfiguration{} +} + +// WithHostname sets the Hostname field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Hostname field is set to the value of the last call. +func (b *SourceURLApplyConfiguration) WithHostname(value string) *SourceURLApplyConfiguration { + b.Hostname = &value + return b +} + +// WithPathExpression sets the PathExpression field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the PathExpression field is set to the value of the last call. +func (b *SourceURLApplyConfiguration) WithPathExpression(value string) *SourceURLApplyConfiguration { + b.PathExpression = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/storage.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/storage.go index 405df6c13..c55fd9ef5 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/storage.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/storage.go @@ -8,8 +8,18 @@ import ( // StorageApplyConfiguration represents a declarative configuration of the Storage type for use // with apply. +// +// Storage provides persistent storage configuration options for gathering jobs. +// If the type is set to PersistentVolume, then the PersistentVolume must be defined. +// If the type is set to Ephemeral, then the PersistentVolume must not be defined. type StorageApplyConfiguration struct { - Type *configv1.StorageType `json:"type,omitempty"` + // type is a required field that specifies the type of storage that will be used to store the Insights data archive. + // Valid values are "PersistentVolume" and "Ephemeral". + // When set to Ephemeral, the Insights data archive is stored in the ephemeral storage of the gathering job. + // When set to PersistentVolume, the Insights data archive is stored in the PersistentVolume that is defined by the persistentVolume field. + Type *configv1.StorageType `json:"type,omitempty"` + // persistentVolume is an optional field that specifies the PersistentVolume that will be used to store the Insights data archive. + // The PersistentVolume must be created in the openshift-insights namespace. PersistentVolume *PersistentVolumeConfigApplyConfiguration `json:"persistentVolume,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/templatereference.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/templatereference.go index 30112046a..be63642b6 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/templatereference.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/templatereference.go @@ -4,7 +4,11 @@ package v1 // TemplateReferenceApplyConfiguration represents a declarative configuration of the TemplateReference type for use // with apply. +// +// TemplateReference references a template in a specific namespace. +// The namespace must be specified at the point of use. type TemplateReferenceApplyConfiguration struct { + // name is the metadata.name of the referenced project request template Name *string `json:"name,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/tlsprofilespec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/tlsprofilespec.go index 43590d0ef..cbefaf516 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/tlsprofilespec.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/tlsprofilespec.go @@ -8,8 +8,42 @@ import ( // TLSProfileSpecApplyConfiguration represents a declarative configuration of the TLSProfileSpec type for use // with apply. +// +// TLSProfileSpec is the desired behavior of a TLSSecurityProfile. type TLSProfileSpecApplyConfiguration struct { - Ciphers []string `json:"ciphers,omitempty"` + // ciphers is used to specify the cipher algorithms that are negotiated + // during the TLS handshake. Operators may remove entries that their operands + // do not support. For example, to use only ECDHE-RSA-AES128-GCM-SHA256 (yaml): + // + // ciphers: + // - ECDHE-RSA-AES128-GCM-SHA256 + // + // TLS 1.3 cipher suites (e.g. TLS_AES_128_GCM_SHA256) are not configurable + // and are always enabled when TLS 1.3 is negotiated. + Ciphers []string `json:"ciphers,omitempty"` + // groups is an optional, ordered field used to specify the supported groups (formerly known as + // elliptic curves) that are used during the TLS handshake. The order of the groups represents + // a suggested preference, with the most preferred group first. Note that not all platform + // components honor the ordering: Go-based components use Go's internal preference order and + // treat this list as a filter of allowed groups rather than an ordered preference. + // Operators may remove entries their operands do not support. + // + // When omitted, this means no opinion and the platform is left to choose reasonable defaults which are + // subject to change over time and may be different per platform component depending on the underlying TLS + // libraries they use. If specified, the list must contain at least one and at most 7 groups, + // and each group must be unique. + // + // For example, to use X25519 and secp256r1 (yaml): + // + // groups: + // - X25519 + // - secp256r1 + Groups []configv1.TLSGroup `json:"groups,omitempty"` + // minTLSVersion is used to specify the minimal version of the TLS protocol + // that is negotiated during the TLS handshake. For example, to use TLS + // versions 1.1, 1.2 and 1.3 (yaml): + // + // minTLSVersion: VersionTLS11 MinTLSVersion *configv1.TLSProtocolVersion `json:"minTLSVersion,omitempty"` } @@ -29,6 +63,16 @@ func (b *TLSProfileSpecApplyConfiguration) WithCiphers(values ...string) *TLSPro return b } +// WithGroups adds the given value to the Groups field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Groups field. +func (b *TLSProfileSpecApplyConfiguration) WithGroups(values ...configv1.TLSGroup) *TLSProfileSpecApplyConfiguration { + for i := range values { + b.Groups = append(b.Groups, values[i]) + } + return b +} + // WithMinTLSVersion sets the MinTLSVersion field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the MinTLSVersion field is set to the value of the last call. diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/tlssecurityprofile.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/tlssecurityprofile.go index e5806e33c..eab7cd452 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/tlssecurityprofile.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/tlssecurityprofile.go @@ -8,12 +8,110 @@ import ( // TLSSecurityProfileApplyConfiguration represents a declarative configuration of the TLSSecurityProfile type for use // with apply. +// +// TLSSecurityProfile defines the schema for a TLS security profile. This object +// is used by operators to apply TLS security settings to operands. type TLSSecurityProfileApplyConfiguration struct { - Type *configv1.TLSProfileType `json:"type,omitempty"` - Old *configv1.OldTLSProfile `json:"old,omitempty"` - Intermediate *configv1.IntermediateTLSProfile `json:"intermediate,omitempty"` - Modern *configv1.ModernTLSProfile `json:"modern,omitempty"` - Custom *CustomTLSProfileApplyConfiguration `json:"custom,omitempty"` + // type is one of Old, Intermediate, Modern or Custom. Custom provides the + // ability to specify individual TLS security profile parameters. + // + // The cipher and groups lists in these profiles are based on version 5.8 of the + // Mozilla Server Side TLS configuration guidelines. + // See: https://ssl-config.mozilla.org/guidelines/5.8.json + // + // The groups are listed in suggested preference order, with the most preferred group first. + // Note that not all platform components honor the ordering: Go-based components use Go's + // internal preference order and treat this list as a filter of allowed groups rather than + // an ordered preference. + // Note that X25519MLKEM768 is a post-quantum hybrid group that is not + // FIPS-approved and should be ignored by components running in FIPS mode. + // + // The profiles are intent based, so they may change over time as new ciphers are + // developed and existing ciphers are found to be insecure. Depending on + // precisely which ciphers are available to a process, the list may be reduced. + Type *configv1.TLSProfileType `json:"type,omitempty"` + // old is a TLS profile for use when services need to be accessed by very old + // clients or libraries and should be used only as a last resort. + // + // The supported groups list includes by default the following groups + // in suggested preference order (ordering may not be honored by all implementations): + // X25519MLKEM768, X25519, secp256r1, secp384r1. + // + // This profile is equivalent to a Custom profile specified as: + // minTLSVersion: VersionTLS10 + // ciphers: + // - TLS_AES_128_GCM_SHA256 + // - TLS_AES_256_GCM_SHA384 + // - TLS_CHACHA20_POLY1305_SHA256 + // - ECDHE-ECDSA-AES128-GCM-SHA256 + // - ECDHE-RSA-AES128-GCM-SHA256 + // - ECDHE-ECDSA-AES256-GCM-SHA384 + // - ECDHE-RSA-AES256-GCM-SHA384 + // - ECDHE-ECDSA-CHACHA20-POLY1305 + // - ECDHE-RSA-CHACHA20-POLY1305 + // - ECDHE-ECDSA-AES128-SHA256 + // - ECDHE-RSA-AES128-SHA256 + // - ECDHE-ECDSA-AES128-SHA + // - ECDHE-RSA-AES128-SHA + // - ECDHE-ECDSA-AES256-SHA384 + // - ECDHE-RSA-AES256-SHA384 + // - ECDHE-ECDSA-AES256-SHA + // - ECDHE-RSA-AES256-SHA + // - AES128-GCM-SHA256 + // - AES256-GCM-SHA384 + // - AES128-SHA256 + // - AES256-SHA256 + // - AES128-SHA + // - AES256-SHA + // - DES-CBC3-SHA + Old *configv1.OldTLSProfile `json:"old,omitempty"` + // intermediate is a TLS profile for use when you do not need compatibility with + // legacy clients and want to remain highly secure while being compatible with + // most clients currently in use. + // + // The supported groups list includes by default the following groups + // in suggested preference order (ordering may not be honored by all implementations): + // X25519MLKEM768, X25519, secp256r1, secp384r1. + // + // This profile is equivalent to a Custom profile specified as: + // minTLSVersion: VersionTLS12 + // ciphers: + // - TLS_AES_128_GCM_SHA256 + // - TLS_AES_256_GCM_SHA384 + // - TLS_CHACHA20_POLY1305_SHA256 + // - ECDHE-ECDSA-AES128-GCM-SHA256 + // - ECDHE-RSA-AES128-GCM-SHA256 + // - ECDHE-ECDSA-AES256-GCM-SHA384 + // - ECDHE-RSA-AES256-GCM-SHA384 + // - ECDHE-ECDSA-CHACHA20-POLY1305 + // - ECDHE-RSA-CHACHA20-POLY1305 + Intermediate *configv1.IntermediateTLSProfile `json:"intermediate,omitempty"` + // modern is a TLS security profile for use with clients that support TLS 1.3 and + // do not need backward compatibility for older clients. + // The supported groups list includes by default the following groups + // in suggested preference order (ordering may not be honored by all implementations): + // X25519MLKEM768, X25519, secp256r1, secp384r1. + // This profile is equivalent to a Custom profile specified as: + // minTLSVersion: VersionTLS13 + // ciphers: + // - TLS_AES_128_GCM_SHA256 + // - TLS_AES_256_GCM_SHA384 + // - TLS_CHACHA20_POLY1305_SHA256 + Modern *configv1.ModernTLSProfile `json:"modern,omitempty"` + // custom is a user-defined TLS security profile. Be extremely careful using a custom + // profile as invalid configurations can be catastrophic. + // + // The supported groups list for this profile is empty by default. + // + // An example custom profile looks like this: + // + // minTLSVersion: VersionTLS11 + // ciphers: + // - ECDHE-ECDSA-CHACHA20-POLY1305 + // - ECDHE-RSA-CHACHA20-POLY1305 + // - ECDHE-RSA-AES128-GCM-SHA256 + // - ECDHE-ECDSA-AES128-GCM-SHA256 + Custom *CustomTLSProfileApplyConfiguration `json:"custom,omitempty"` } // TLSSecurityProfileApplyConfiguration constructs a declarative configuration of the TLSSecurityProfile type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/tokenclaimmapping.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/tokenclaimmapping.go index dbd509f06..bedd170ae 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/tokenclaimmapping.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/tokenclaimmapping.go @@ -4,8 +4,24 @@ package v1 // TokenClaimMappingApplyConfiguration represents a declarative configuration of the TokenClaimMapping type for use // with apply. +// +// TokenClaimMapping allows specifying a JWT token claim to be used when mapping claims from an authentication token to cluster identities. type TokenClaimMappingApplyConfiguration struct { + // claim is an optional field for specifying the JWT token claim that is used in the mapping. + // The value of this claim will be assigned to the field in which this mapping is associated. + // claim must not exceed 256 characters in length. + // When set to the empty string `""`, this means that no named claim should be used for the group mapping. + // claim is required when the ExternalOIDCWithUpstreamParity feature gate is not enabled. Claim *string `json:"claim,omitempty"` + // expression is an optional CEL expression used to derive + // group values from JWT claims. + // + // CEL expressions have access to the token claims through a CEL variable, 'claims'. + // + // expression must be at least 1 character and must not exceed 1024 characters in length . + // + // When specified, claim must not be set or be explicitly set to the empty string (`""`). + Expression *string `json:"expression,omitempty"` } // TokenClaimMappingApplyConfiguration constructs a declarative configuration of the TokenClaimMapping type for use with @@ -21,3 +37,11 @@ func (b *TokenClaimMappingApplyConfiguration) WithClaim(value string) *TokenClai b.Claim = &value return b } + +// WithExpression sets the Expression field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Expression field is set to the value of the last call. +func (b *TokenClaimMappingApplyConfiguration) WithExpression(value string) *TokenClaimMappingApplyConfiguration { + b.Expression = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/tokenclaimmappings.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/tokenclaimmappings.go index c748c3111..bb704d34f 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/tokenclaimmappings.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/tokenclaimmappings.go @@ -5,10 +5,29 @@ package v1 // TokenClaimMappingsApplyConfiguration represents a declarative configuration of the TokenClaimMappings type for use // with apply. type TokenClaimMappingsApplyConfiguration struct { - Username *UsernameClaimMappingApplyConfiguration `json:"username,omitempty"` - Groups *PrefixedClaimMappingApplyConfiguration `json:"groups,omitempty"` - UID *TokenClaimOrExpressionMappingApplyConfiguration `json:"uid,omitempty"` - Extra []ExtraMappingApplyConfiguration `json:"extra,omitempty"` + // username is a required field that configures how the username of a cluster identity should be constructed from the claims in a JWT token issued by the identity provider. + Username *UsernameClaimMappingApplyConfiguration `json:"username,omitempty"` + // groups is an optional field that configures how the groups of a cluster identity should be constructed from the claims in a JWT token issued by the identity provider. + // + // When referencing a claim, if the claim is present in the JWT token, its value must be a list of groups separated by a comma (','). + // + // For example - '"example"' and '"exampleOne", "exampleTwo", "exampleThree"' are valid claim values. + Groups *PrefixedClaimMappingApplyConfiguration `json:"groups,omitempty"` + // uid is an optional field for configuring the claim mapping used to construct the uid for the cluster identity. + // + // When using uid.claim to specify the claim it must be a single string value. + // When using uid.expression the expression must result in a single string value. + // + // When omitted, this means the user has no opinion and the platform is left to choose a default, which is subject to change over time. + // + // The current default is to use the 'sub' claim. + UID *TokenClaimOrExpressionMappingApplyConfiguration `json:"uid,omitempty"` + // extra is an optional field for configuring the mappings used to construct the extra attribute for the cluster identity. + // When omitted, no extra attributes will be present on the cluster identity. + // + // key values for extra mappings must be unique. + // A maximum of 32 extra attribute mappings may be provided. + Extra []ExtraMappingApplyConfiguration `json:"extra,omitempty"` } // TokenClaimMappingsApplyConfiguration constructs a declarative configuration of the TokenClaimMappings type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/tokenclaimorexpressionmapping.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/tokenclaimorexpressionmapping.go index 6aab9e0b5..e4f62674d 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/tokenclaimorexpressionmapping.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/tokenclaimorexpressionmapping.go @@ -4,8 +4,26 @@ package v1 // TokenClaimOrExpressionMappingApplyConfiguration represents a declarative configuration of the TokenClaimOrExpressionMapping type for use // with apply. +// +// TokenClaimOrExpressionMapping allows specifying either a JWT token claim or CEL expression to be used when mapping claims from an authentication token to cluster identities. type TokenClaimOrExpressionMappingApplyConfiguration struct { - Claim *string `json:"claim,omitempty"` + // claim is an optional field for specifying the JWT token claim that is used in the mapping. + // The value of this claim will be assigned to the field in which this mapping is associated. + // + // Precisely one of claim or expression must be set. + // claim must not be specified when expression is set. + // When specified, claim must be at least 1 character in length and must not exceed 256 characters in length. + Claim *string `json:"claim,omitempty"` + // expression is an optional field for specifying a CEL expression that produces a string value from JWT token claims. + // + // CEL expressions have access to the token claims through a CEL variable, 'claims'. + // 'claims' is a map of claim names to claim values. + // For example, the 'sub' claim value can be accessed as 'claims.sub'. + // Nested claims can be accessed using dot notation ('claims.foo.bar'). + // + // Precisely one of claim or expression must be set. + // expression must not be specified when claim is set. + // When specified, expression must be at least 1 character in length and must not exceed 1024 characters in length. Expression *string `json:"expression,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/tokenclaimvalidationcelrule.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/tokenclaimvalidationcelrule.go index 8dda73db1..72df2376c 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/tokenclaimvalidationcelrule.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/tokenclaimvalidationcelrule.go @@ -5,8 +5,13 @@ package v1 // TokenClaimValidationCELRuleApplyConfiguration represents a declarative configuration of the TokenClaimValidationCELRule type for use // with apply. type TokenClaimValidationCELRuleApplyConfiguration struct { + // expression is a CEL expression evaluated against token claims. + // expression is required, must be at least 1 character in length and must not exceed 1024 characters. + // The expression must return a boolean value where 'true' signals a valid token and 'false' an invalid one. Expression *string `json:"expression,omitempty"` - Message *string `json:"message,omitempty"` + // message is a required human-readable message to be logged by the Kubernetes API server if the CEL expression defined in 'expression' fails. + // message must be at least 1 character in length and must not exceed 256 characters. + Message *string `json:"message,omitempty"` } // TokenClaimValidationCELRuleApplyConfiguration constructs a declarative configuration of the TokenClaimValidationCELRule type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/tokenclaimvalidationrule.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/tokenclaimvalidationrule.go index c8b0c6005..53a70c17a 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/tokenclaimvalidationrule.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/tokenclaimvalidationrule.go @@ -8,10 +8,26 @@ import ( // TokenClaimValidationRuleApplyConfiguration represents a declarative configuration of the TokenClaimValidationRule type for use // with apply. +// +// TokenClaimValidationRule represents a validation rule based on token claims. +// If type is RequiredClaim, requiredClaim must be set. +// If Type is CEL, CEL must be set and RequiredClaim must be omitted. type TokenClaimValidationRuleApplyConfiguration struct { - Type *configv1.TokenValidationRuleType `json:"type,omitempty"` - RequiredClaim *TokenRequiredClaimApplyConfiguration `json:"requiredClaim,omitempty"` - CEL *TokenClaimValidationCELRuleApplyConfiguration `json:"cel,omitempty"` + // type is an optional field that configures the type of the validation rule. + // + // Allowed values are "RequiredClaim" and "CEL". + // + // When set to 'RequiredClaim', the Kubernetes API server will be configured to validate that the incoming JWT contains the required claim and that its value matches the required value. + // + // When set to 'CEL', the Kubernetes API server will be configured to validate the incoming JWT against the configured CEL expression. + Type *configv1.TokenValidationRuleType `json:"type,omitempty"` + // requiredClaim allows configuring a required claim name and its expected value. + // This field is required when `type` is set to RequiredClaim, and must be omitted when `type` is set to any other value. + // The Kubernetes API server uses this field to validate if an incoming JWT is valid for this identity provider. + RequiredClaim *TokenRequiredClaimApplyConfiguration `json:"requiredClaim,omitempty"` + // cel holds the CEL expression and message for validation. + // Must be set when Type is "CEL", and forbidden otherwise. + CEL *TokenClaimValidationCELRuleApplyConfiguration `json:"cel,omitempty"` } // TokenClaimValidationRuleApplyConfiguration constructs a declarative configuration of the TokenClaimValidationRule type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/tokenconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/tokenconfig.go index e1b6c4b51..fffc18a98 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/tokenconfig.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/tokenconfig.go @@ -8,10 +8,27 @@ import ( // TokenConfigApplyConfiguration represents a declarative configuration of the TokenConfig type for use // with apply. +// +// TokenConfig holds the necessary configuration options for authorization and access tokens type TokenConfigApplyConfiguration struct { - AccessTokenMaxAgeSeconds *int32 `json:"accessTokenMaxAgeSeconds,omitempty"` - AccessTokenInactivityTimeoutSeconds *int32 `json:"accessTokenInactivityTimeoutSeconds,omitempty"` - AccessTokenInactivityTimeout *metav1.Duration `json:"accessTokenInactivityTimeout,omitempty"` + // accessTokenMaxAgeSeconds defines the maximum age of access tokens + AccessTokenMaxAgeSeconds *int32 `json:"accessTokenMaxAgeSeconds,omitempty"` + // accessTokenInactivityTimeoutSeconds - DEPRECATED: setting this field has no effect. + AccessTokenInactivityTimeoutSeconds *int32 `json:"accessTokenInactivityTimeoutSeconds,omitempty"` + // accessTokenInactivityTimeout defines the token inactivity timeout + // for tokens granted by any client. + // The value represents the maximum amount of time that can occur between + // consecutive uses of the token. Tokens become invalid if they are not + // used within this temporal window. The user will need to acquire a new + // token to regain access once a token times out. Takes valid time + // duration string such as "5m", "1.5h" or "2h45m". The minimum allowed + // value for duration is 300s (5 minutes). If the timeout is configured + // per client, then that value takes precedence. If the timeout value is + // not specified and the client does not override the value, then tokens + // are valid until their lifetime. + // + // WARNING: existing tokens' timeout will not be affected (lowered) by changing this value + AccessTokenInactivityTimeout *metav1.Duration `json:"accessTokenInactivityTimeout,omitempty"` } // TokenConfigApplyConfiguration constructs a declarative configuration of the TokenConfig type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/tokenissuer.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/tokenissuer.go index 4c971d292..0675a9b3a 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/tokenissuer.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/tokenissuer.go @@ -9,10 +9,31 @@ import ( // TokenIssuerApplyConfiguration represents a declarative configuration of the TokenIssuer type for use // with apply. type TokenIssuerApplyConfiguration struct { - URL *string `json:"issuerURL,omitempty"` - Audiences []configv1.TokenAudience `json:"audiences,omitempty"` + // issuerURL is a required field that configures the URL used to issue tokens by the identity provider. + // The Kubernetes API server determines how authentication tokens should be handled by matching the 'iss' claim in the JWT to the issuerURL of configured identity providers. + // + // Must be at least 1 character and must not exceed 512 characters in length. + // Must be a valid URL that uses the 'https' scheme and does not contain a query, fragment or user. + URL *string `json:"issuerURL,omitempty"` + // audiences is a required field that configures the acceptable audiences the JWT token, issued by the identity provider, must be issued to. + // At least one of the entries must match the 'aud' claim in the JWT token. + // + // audiences must contain at least one entry and must not exceed ten entries. + Audiences []configv1.TokenAudience `json:"audiences,omitempty"` + // issuerCertificateAuthority is an optional field that configures the certificate authority, used by the Kubernetes API server, to validate the connection to the identity provider when fetching discovery information. + // + // When not specified, the system trust is used. + // + // When specified, it must reference a ConfigMap in the openshift-config namespace containing the PEM-encoded CA certificates under the 'ca-bundle.crt' key in the data field of the ConfigMap. CertificateAuthority *ConfigMapNameReferenceApplyConfiguration `json:"issuerCertificateAuthority,omitempty"` - DiscoveryURL *string `json:"discoveryURL,omitempty"` + // discoveryURL is an optional field that, if specified, overrides the default discovery endpoint used to retrieve OIDC configuration metadata. + // By default, the discovery URL is derived from `issuerURL` as "{issuerURL}/.well-known/openid-configuration". + // + // The discoveryURL must be a valid absolute HTTPS URL. + // It must not contain query parameters, user information, or fragments. + // Additionally, it must differ from the value of `issuerURL` (ignoring trailing slashes). + // The discoveryURL value must be at least 1 character long and no longer than 2048 characters. + DiscoveryURL *string `json:"discoveryURL,omitempty"` } // TokenIssuerApplyConfiguration constructs a declarative configuration of the TokenIssuer type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/tokenrequiredclaim.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/tokenrequiredclaim.go index 6dec5b2a1..1e1003d94 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/tokenrequiredclaim.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/tokenrequiredclaim.go @@ -5,7 +5,15 @@ package v1 // TokenRequiredClaimApplyConfiguration represents a declarative configuration of the TokenRequiredClaim type for use // with apply. type TokenRequiredClaimApplyConfiguration struct { - Claim *string `json:"claim,omitempty"` + // claim is a required field that configures the name of the required claim. + // When taken from the JWT claims, claim must be a string value. + // + // claim must not be an empty string (""). + Claim *string `json:"claim,omitempty"` + // requiredValue is a required field that configures the value that 'claim' must have when taken from the incoming JWT claims. + // If the value in the JWT claims does not match, the token will be rejected for authentication. + // + // requiredValue must not be an empty string (""). RequiredValue *string `json:"requiredValue,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/tokenuservalidationrule.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/tokenuservalidationrule.go index 2aae5f3fe..9e0a2bdc0 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/tokenuservalidationrule.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/tokenuservalidationrule.go @@ -4,9 +4,20 @@ package v1 // TokenUserValidationRuleApplyConfiguration represents a declarative configuration of the TokenUserValidationRule type for use // with apply. +// +// TokenUserValidationRule provides a CEL-based rule used to validate a token subject. +// Each rule contains a CEL expression that is evaluated against the token’s claims. type TokenUserValidationRuleApplyConfiguration struct { + // expression is a required CEL expression that performs a validation on cluster user identity attributes like username, groups, etc. + // + // The expression must evaluate to a boolean value. + // When the expression evaluates to 'true', the cluster user identity is considered valid. + // When the expression evaluates to 'false', the cluster user identity is not considered valid. + // expression must be at least 1 character in length and must not exceed 1024 characters. Expression *string `json:"expression,omitempty"` - Message *string `json:"message,omitempty"` + // message is a required human-readable message to be logged by the Kubernetes API server if the CEL expression defined in 'expression' fails. + // message must be at least 1 character in length and must not exceed 256 characters. + Message *string `json:"message,omitempty"` } // TokenUserValidationRuleApplyConfiguration constructs a declarative configuration of the TokenUserValidationRule type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/update.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/update.go index d20e3ca42..db1128deb 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/update.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/update.go @@ -8,12 +8,58 @@ import ( // UpdateApplyConfiguration represents a declarative configuration of the Update type for use // with apply. +// +// Update represents an administrator update request. type UpdateApplyConfiguration struct { + // architecture is an optional field that indicates the desired + // value of the cluster architecture. In this context cluster + // architecture means either a single architecture or a multi + // architecture. architecture can only be set to Multi thereby + // only allowing updates from single to multi architecture. If + // architecture is set, image cannot be set and version must be + // set. + // Valid values are 'Multi' and empty. Architecture *configv1.ClusterVersionArchitecture `json:"architecture,omitempty"` - Version *string `json:"version,omitempty"` - Image *string `json:"image,omitempty"` - Force *bool `json:"force,omitempty"` - AcceptRisks []AcceptRiskApplyConfiguration `json:"acceptRisks,omitempty"` + // version is a semantic version identifying the update version. + // version is required if architecture is specified. + // If both version and image are set, the version extracted from the referenced image must match the specified version. + Version *string `json:"version,omitempty"` + // image is a container image location that contains the update. + // image should be used when the desired version does not exist in availableUpdates or history. + // When image is set, architecture cannot be specified. + // If both version and image are set, the version extracted from the referenced image must match the specified version. + Image *string `json:"image,omitempty"` + // force allows an administrator to update to an image that has failed + // verification or upgradeable checks that are designed to keep your + // cluster safe. Only use this if: + // * you are testing unsigned release images in short-lived test clusters or + // * you are working around a known bug in the cluster-version + // operator and you have verified the authenticity of the provided + // image yourself. + // The provided image will run with full administrative access + // to the cluster. Do not use this flag with images that come from unknown + // or potentially malicious sources. + Force *bool `json:"force,omitempty"` + // acceptRisks is an optional set of names of conditional update risks that are considered acceptable. + // A conditional update is performed only if all of its risks are acceptable. + // This list may contain entries that apply to current, previous or future updates. + // The entries therefore may not map directly to a risk in .status.conditionalUpdateRisks. + // acceptRisks must not contain more than 1000 entries. + // Entries in this list must be unique. + AcceptRisks []AcceptRiskApplyConfiguration `json:"acceptRisks,omitempty"` + // mode determines how an update should be processed. + // The only valid value is "Preflight". + // When omitted, the cluster performs a normal update by applying the specified version or image to the cluster. + // This is the standard update behavior. + // When set to "Preflight", the cluster runs compatibility checks against the target release without + // performing an actual update. Compatibility results, including any detected risks, are reported + // in status.conditionalUpdates and status.conditionalUpdateRisks alongside risks from the update + // recommendation service. + // This allows administrators to assess update readiness and address issues before committing to the update. + // Preflight mode is particularly useful for skip-level updates where upgrade compatibility needs to be + // verified across multiple minor versions. + // When mode is set to "Preflight", the same rules for version, image, and architecture apply as for normal updates. + Mode *configv1.UpdateMode `json:"mode,omitempty"` } // UpdateApplyConfiguration constructs a declarative configuration of the Update type for use with @@ -66,3 +112,11 @@ func (b *UpdateApplyConfiguration) WithAcceptRisks(values ...*AcceptRiskApplyCon } return b } + +// WithMode sets the Mode field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Mode field is set to the value of the last call. +func (b *UpdateApplyConfiguration) WithMode(value configv1.UpdateMode) *UpdateApplyConfiguration { + b.Mode = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/updatehistory.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/updatehistory.go index b7998eb61..6e5f4e98e 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/updatehistory.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/updatehistory.go @@ -9,14 +9,39 @@ import ( // UpdateHistoryApplyConfiguration represents a declarative configuration of the UpdateHistory type for use // with apply. +// +// UpdateHistory is a single attempted update to the cluster. type UpdateHistoryApplyConfiguration struct { - State *configv1.UpdateState `json:"state,omitempty"` - StartedTime *metav1.Time `json:"startedTime,omitempty"` - CompletionTime *metav1.Time `json:"completionTime,omitempty"` - Version *string `json:"version,omitempty"` - Image *string `json:"image,omitempty"` - Verified *bool `json:"verified,omitempty"` - AcceptedRisks *string `json:"acceptedRisks,omitempty"` + // state reflects whether the update was fully applied. The Partial state + // indicates the update is not fully applied, while the Completed state + // indicates the update was successfully rolled out at least once (all + // parts of the update successfully applied). + State *configv1.UpdateState `json:"state,omitempty"` + // startedTime is the time at which the update was started. + StartedTime *metav1.Time `json:"startedTime,omitempty"` + // completionTime, if set, is when the update was fully applied. The update + // that is currently being applied will have a null completion time. + // Completion time will always be set for entries that are not the current + // update (usually to the started time of the next update). + CompletionTime *metav1.Time `json:"completionTime,omitempty"` + // version is a semantic version identifying the update version. If the + // requested image does not define a version, or if a failure occurs + // retrieving the image, this value may be empty. + Version *string `json:"version,omitempty"` + // image is a container image location that contains the update. This value + // is always populated. + Image *string `json:"image,omitempty"` + // verified indicates whether the provided update was properly verified + // before it was installed. If this is false the cluster may not be trusted. + // Verified does not cover upgradeable checks that depend on the cluster + // state at the time when the update target was accepted. + Verified *bool `json:"verified,omitempty"` + // acceptedRisks records risks which were accepted to initiate the update. + // For example, it may mention an Upgradeable=False or missing signature + // that was overridden via desiredUpdate.force, or an update that was + // initiated despite not being in the availableUpdates set of recommended + // update targets. + AcceptedRisks *string `json:"acceptedRisks,omitempty"` } // UpdateHistoryApplyConfiguration constructs a declarative configuration of the UpdateHistory type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/usernameclaimmapping.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/usernameclaimmapping.go index 2045ee503..8676ae891 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/usernameclaimmapping.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/usernameclaimmapping.go @@ -9,9 +9,44 @@ import ( // UsernameClaimMappingApplyConfiguration represents a declarative configuration of the UsernameClaimMapping type for use // with apply. type UsernameClaimMappingApplyConfiguration struct { - Claim *string `json:"claim,omitempty"` - PrefixPolicy *configv1.UsernamePrefixPolicy `json:"prefixPolicy,omitempty"` - Prefix *UsernamePrefixApplyConfiguration `json:"prefix,omitempty"` + // claim is an optional field that configures the JWT token claim whose value is assigned to the cluster identity field associated with this mapping. + // claim is required when the ExternalOIDCWithUpstreamParity feature gate is not enabled. + // When the ExternalOIDCWithUpstreamParity feature gate is enabled, claim must not be set when expression is set. + // + // claim must not be an empty string ("") and must not exceed 256 characters. + Claim *string `json:"claim,omitempty"` + // expression is an optional CEL expression used to derive + // the username from JWT claims. + // + // CEL expressions have access to the token claims + // through a CEL variable, 'claims'. + // + // expression must be at least 1 character and must not exceed 1024 characters in length. + // expression must not be set when claim is set. + Expression *string `json:"expression,omitempty"` + // prefixPolicy is an optional field that configures how a prefix should be applied to the value of the JWT claim specified in the 'claim' field. + // + // Allowed values are 'Prefix', 'NoPrefix', and omitted (not provided or an empty string). + // + // When set to 'Prefix', the value specified in the prefix field will be prepended to the value of the JWT claim. + // The prefix field must be set when prefixPolicy is 'Prefix'. + // Must not be set to 'Prefix' when expression is set. + // When set to 'NoPrefix', no prefix will be prepended to the value of the JWT claim. + // When omitted, this means no opinion and the platform is left to choose any prefixes that are applied which is subject to change over time. + // Currently, the platform prepends `{issuerURL}#` to the value of the JWT claim when the claim is not 'email'. + // + // As an example, consider the following scenario: + // + // `prefix` is unset, `issuerURL` is set to `https://myoidc.tld`, + // the JWT claims include "username":"userA" and "email":"userA@myoidc.tld", + // and `claim` is set to: + // - "username": the mapped value will be "https://myoidc.tld#userA" + // - "email": the mapped value will be "userA@myoidc.tld" + PrefixPolicy *configv1.UsernamePrefixPolicy `json:"prefixPolicy,omitempty"` + // prefix configures the prefix that should be prepended to the value of the JWT claim. + // + // prefix must be set when prefixPolicy is set to 'Prefix' and must be unset otherwise. + Prefix *UsernamePrefixApplyConfiguration `json:"prefix,omitempty"` } // UsernameClaimMappingApplyConfiguration constructs a declarative configuration of the UsernameClaimMapping type for use with @@ -28,6 +63,14 @@ func (b *UsernameClaimMappingApplyConfiguration) WithClaim(value string) *Userna return b } +// WithExpression sets the Expression field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Expression field is set to the value of the last call. +func (b *UsernameClaimMappingApplyConfiguration) WithExpression(value string) *UsernameClaimMappingApplyConfiguration { + b.Expression = &value + return b +} + // WithPrefixPolicy sets the PrefixPolicy field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the PrefixPolicy field is set to the value of the last call. diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/usernameprefix.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/usernameprefix.go index 03720723b..e05bf0087 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/usernameprefix.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/usernameprefix.go @@ -4,7 +4,13 @@ package v1 // UsernamePrefixApplyConfiguration represents a declarative configuration of the UsernamePrefix type for use // with apply. +// +// UsernamePrefix configures the string that should +// be used as a prefix for username claim mappings. type UsernamePrefixApplyConfiguration struct { + // prefixString is a required field that configures the prefix that will be applied to cluster identity username attribute during the process of mapping JWT claims to cluster identity attributes. + // + // prefixString must not be an empty string (""). PrefixString *string `json:"prefixString,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vaultapproleauthentication.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vaultapproleauthentication.go new file mode 100644 index 000000000..9119cbe19 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vaultapproleauthentication.go @@ -0,0 +1,28 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +// VaultAppRoleAuthenticationApplyConfiguration represents a declarative configuration of the VaultAppRoleAuthentication type for use +// with apply. +// +// VaultAppRoleAuthentication defines the configuration for AppRole authentication with Vault. +type VaultAppRoleAuthenticationApplyConfiguration struct { + // secret references a secret in the openshift-config namespace containing + // the AppRole credentials used to authenticate with Vault. + // The referenced Secret must contain two keys: "role-id" for the AppRole Role ID and "secret-id" for the AppRole Secret ID. + Secret *VaultSecretReferenceApplyConfiguration `json:"secret,omitempty"` +} + +// VaultAppRoleAuthenticationApplyConfiguration constructs a declarative configuration of the VaultAppRoleAuthentication type for use with +// apply. +func VaultAppRoleAuthentication() *VaultAppRoleAuthenticationApplyConfiguration { + return &VaultAppRoleAuthenticationApplyConfiguration{} +} + +// WithSecret sets the Secret field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Secret field is set to the value of the last call. +func (b *VaultAppRoleAuthenticationApplyConfiguration) WithSecret(value *VaultSecretReferenceApplyConfiguration) *VaultAppRoleAuthenticationApplyConfiguration { + b.Secret = value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vaultauthentication.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vaultauthentication.go new file mode 100644 index 000000000..466bbc797 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vaultauthentication.go @@ -0,0 +1,43 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +import ( + configv1 "github.com/openshift/api/config/v1" +) + +// VaultAuthenticationApplyConfiguration represents a declarative configuration of the VaultAuthentication type for use +// with apply. +// +// VaultAuthentication defines the authentication method used to authenticate with Vault. +type VaultAuthenticationApplyConfiguration struct { + // type defines the authentication method used to authenticate with Vault. + // Allowed values are AppRole. + // When set to AppRole, the plugin uses AppRole credentials to authenticate with Vault. + Type *configv1.VaultAuthenticationType `json:"type,omitempty"` + // appRole defines the configuration for AppRole authentication. + // This field must be set when type is AppRole, and must be unset otherwise. + AppRole *VaultAppRoleAuthenticationApplyConfiguration `json:"appRole,omitempty"` +} + +// VaultAuthenticationApplyConfiguration constructs a declarative configuration of the VaultAuthentication type for use with +// apply. +func VaultAuthentication() *VaultAuthenticationApplyConfiguration { + return &VaultAuthenticationApplyConfiguration{} +} + +// WithType sets the Type field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Type field is set to the value of the last call. +func (b *VaultAuthenticationApplyConfiguration) WithType(value configv1.VaultAuthenticationType) *VaultAuthenticationApplyConfiguration { + b.Type = &value + return b +} + +// WithAppRole sets the AppRole field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the AppRole field is set to the value of the last call. +func (b *VaultAuthenticationApplyConfiguration) WithAppRole(value *VaultAppRoleAuthenticationApplyConfiguration) *VaultAuthenticationApplyConfiguration { + b.AppRole = value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vaultconfigmapreference.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vaultconfigmapreference.go new file mode 100644 index 000000000..cb0e46af8 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vaultconfigmapreference.go @@ -0,0 +1,28 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +// VaultConfigMapReferenceApplyConfiguration represents a declarative configuration of the VaultConfigMapReference type for use +// with apply. +// +// VaultConfigMapReference references a ConfigMap in the openshift-config namespace. +type VaultConfigMapReferenceApplyConfiguration struct { + // name is the metadata.name of the referenced ConfigMap in the openshift-config namespace. + // The name must be a valid DNS subdomain name: it must contain no more than 253 characters, + // contain only lowercase alphanumeric characters, '-' or '.', and start and end with an alphanumeric character. + Name *string `json:"name,omitempty"` +} + +// VaultConfigMapReferenceApplyConfiguration constructs a declarative configuration of the VaultConfigMapReference type for use with +// apply. +func VaultConfigMapReference() *VaultConfigMapReferenceApplyConfiguration { + return &VaultConfigMapReferenceApplyConfiguration{} +} + +// WithName sets the Name field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Name field is set to the value of the last call. +func (b *VaultConfigMapReferenceApplyConfiguration) WithName(value string) *VaultConfigMapReferenceApplyConfiguration { + b.Name = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vaultkmspluginconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vaultkmspluginconfig.go new file mode 100644 index 000000000..736095a27 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vaultkmspluginconfig.go @@ -0,0 +1,123 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +// VaultKMSPluginConfigApplyConfiguration represents a declarative configuration of the VaultKMSPluginConfig type for use +// with apply. +// +// VaultKMSPluginConfig defines the KMS plugin configuration specific to Vault KMS +type VaultKMSPluginConfigApplyConfiguration struct { + // kmsPluginImage specifies the container image for the HashiCorp Vault KMS plugin. + // + // The image must be a fully qualified OCI image pull spec with a SHA256 digest. + // The format is: host[:port][/namespace]/name@sha256: + // where the digest must be 64 characters long and consist only of lowercase hexadecimal characters, a-f and 0-9. + // The total length must be between 75 and 447 characters. + // + // Short names (e.g., "vault-plugin" or "hashicorp/vault-plugin") are not allowed. + // The registry hostname must be included and must contain at least one dot. + // Image tags (e.g., ":latest", ":v1.0.0") are not allowed. + // + // Consult the OpenShift documentation for compatible plugin versions with your cluster version, + // then obtain the image digest for that version from HashiCorp's container registry. + // + // For disconnected environments, mirror the plugin image to an accessible registry + // and reference the mirrored location with its digest. + KMSPluginImage *string `json:"kmsPluginImage,omitempty"` + // vaultAddress specifies the address of the HashiCorp Vault instance. + // The value must be a valid HTTPS URL containing only scheme, host, and optional port. + // Paths, user info, query parameters, and fragments are not allowed. + // + // Format: https://hostname[:port] + // Example: https://vault.example.com:8200 + // + // The value must be between 1 and 512 characters. + VaultAddress *string `json:"vaultAddress,omitempty"` + // vaultNamespace specifies the Vault namespace where the Transit secrets engine is mounted. + // This is only applicable for Vault Enterprise installations. + // When this field is not set, no namespace is used. + // + // The value must be between 1 and 4096 characters. + // The namespace cannot end with a forward slash, cannot contain spaces, and cannot be one of the reserved strings: root, sys, audit, auth, cubbyhole, or identity. + VaultNamespace *string `json:"vaultNamespace,omitempty"` + // tls contains the TLS configuration for connecting to the Vault server. + // When this field is not set, system default TLS settings are used. + TLS *VaultTLSConfigApplyConfiguration `json:"tls,omitempty"` + // authentication defines the authentication method used to authenticate with Vault. + Authentication *VaultAuthenticationApplyConfiguration `json:"authentication,omitempty"` + // transitMount specifies the mount path of the Vault Transit engine. + // + // The transit mount must be between 1 and 1024 characters, cannot start or + // end with a forward slash, cannot contain consecutive forward slashes, and + // must only contain RFC 3986 unreserved characters (alphanumeric, hyphen, + // period, underscore, tilde) and forward slashes as path separators. + TransitMount *string `json:"transitMount,omitempty"` + // transitKey specifies the name of the encryption key in Vault's Transit engine. + // This key is used to encrypt and decrypt data. + // + // The transit key must be between 1 and 512 characters, cannot contain forward slashes, + // and must only contain alphanumeric characters, hyphens, periods, and underscores. + TransitKey *string `json:"transitKey,omitempty"` +} + +// VaultKMSPluginConfigApplyConfiguration constructs a declarative configuration of the VaultKMSPluginConfig type for use with +// apply. +func VaultKMSPluginConfig() *VaultKMSPluginConfigApplyConfiguration { + return &VaultKMSPluginConfigApplyConfiguration{} +} + +// WithKMSPluginImage sets the KMSPluginImage field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the KMSPluginImage field is set to the value of the last call. +func (b *VaultKMSPluginConfigApplyConfiguration) WithKMSPluginImage(value string) *VaultKMSPluginConfigApplyConfiguration { + b.KMSPluginImage = &value + return b +} + +// WithVaultAddress sets the VaultAddress field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the VaultAddress field is set to the value of the last call. +func (b *VaultKMSPluginConfigApplyConfiguration) WithVaultAddress(value string) *VaultKMSPluginConfigApplyConfiguration { + b.VaultAddress = &value + return b +} + +// WithVaultNamespace sets the VaultNamespace field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the VaultNamespace field is set to the value of the last call. +func (b *VaultKMSPluginConfigApplyConfiguration) WithVaultNamespace(value string) *VaultKMSPluginConfigApplyConfiguration { + b.VaultNamespace = &value + return b +} + +// WithTLS sets the TLS field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the TLS field is set to the value of the last call. +func (b *VaultKMSPluginConfigApplyConfiguration) WithTLS(value *VaultTLSConfigApplyConfiguration) *VaultKMSPluginConfigApplyConfiguration { + b.TLS = value + return b +} + +// WithAuthentication sets the Authentication field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Authentication field is set to the value of the last call. +func (b *VaultKMSPluginConfigApplyConfiguration) WithAuthentication(value *VaultAuthenticationApplyConfiguration) *VaultKMSPluginConfigApplyConfiguration { + b.Authentication = value + return b +} + +// WithTransitMount sets the TransitMount field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the TransitMount field is set to the value of the last call. +func (b *VaultKMSPluginConfigApplyConfiguration) WithTransitMount(value string) *VaultKMSPluginConfigApplyConfiguration { + b.TransitMount = &value + return b +} + +// WithTransitKey sets the TransitKey field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the TransitKey field is set to the value of the last call. +func (b *VaultKMSPluginConfigApplyConfiguration) WithTransitKey(value string) *VaultKMSPluginConfigApplyConfiguration { + b.TransitKey = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vaultsecretreference.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vaultsecretreference.go new file mode 100644 index 000000000..5918611ed --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vaultsecretreference.go @@ -0,0 +1,28 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +// VaultSecretReferenceApplyConfiguration represents a declarative configuration of the VaultSecretReference type for use +// with apply. +// +// VaultSecretReference references a secret in the openshift-config namespace. +type VaultSecretReferenceApplyConfiguration struct { + // name is the metadata.name of the referenced secret in the openshift-config namespace. + // The name must be a valid DNS subdomain name: it must contain no more than 253 characters, + // contain only lowercase alphanumeric characters, '-' or '.', and start and end with an alphanumeric character. + Name *string `json:"name,omitempty"` +} + +// VaultSecretReferenceApplyConfiguration constructs a declarative configuration of the VaultSecretReference type for use with +// apply. +func VaultSecretReference() *VaultSecretReferenceApplyConfiguration { + return &VaultSecretReferenceApplyConfiguration{} +} + +// WithName sets the Name field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Name field is set to the value of the last call. +func (b *VaultSecretReferenceApplyConfiguration) WithName(value string) *VaultSecretReferenceApplyConfiguration { + b.Name = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vaulttlsconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vaulttlsconfig.go new file mode 100644 index 000000000..04bf8c3bf --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vaulttlsconfig.go @@ -0,0 +1,58 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +// VaultTLSConfigApplyConfiguration represents a declarative configuration of the VaultTLSConfig type for use +// with apply. +// +// VaultTLSConfig contains TLS configuration for connecting to Vault. +type VaultTLSConfigApplyConfiguration struct { + // caBundle references a ConfigMap in the openshift-config namespace containing + // the CA certificate bundle used to verify the TLS connection to the Vault server. + // The referenced ConfigMap must contain the CA bundle in the key "ca-bundle.crt". + // When this field is not set, the system's trusted CA certificates are used. + // + // The namespace for the ConfigMap is openshift-config. + // + // Example ConfigMap: + // apiVersion: v1 + // kind: ConfigMap + // metadata: + // name: vault-ca-bundle + // namespace: openshift-config + // data: + // ca-bundle.crt: | + // -----BEGIN CERTIFICATE----- + // ... + // -----END CERTIFICATE----- + CABundle *VaultConfigMapReferenceApplyConfiguration `json:"caBundle,omitempty"` + // serverName specifies the Server Name Indication (SNI) to use when connecting to Vault via TLS. + // This is useful when the Vault server's hostname doesn't match its TLS certificate. + // When this field is not set, the hostname from vaultAddress is used for SNI. + // + // The value must be a valid DNS hostname: it must contain no more than 253 characters, + // contain only lowercase alphanumeric characters, '-' or '.', and start and end with an alphanumeric character. + ServerName *string `json:"serverName,omitempty"` +} + +// VaultTLSConfigApplyConfiguration constructs a declarative configuration of the VaultTLSConfig type for use with +// apply. +func VaultTLSConfig() *VaultTLSConfigApplyConfiguration { + return &VaultTLSConfigApplyConfiguration{} +} + +// WithCABundle sets the CABundle field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the CABundle field is set to the value of the last call. +func (b *VaultTLSConfigApplyConfiguration) WithCABundle(value *VaultConfigMapReferenceApplyConfiguration) *VaultTLSConfigApplyConfiguration { + b.CABundle = value + return b +} + +// WithServerName sets the ServerName field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the ServerName field is set to the value of the last call. +func (b *VaultTLSConfigApplyConfiguration) WithServerName(value string) *VaultTLSConfigApplyConfiguration { + b.ServerName = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vspherefailuredomainhostgroup.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vspherefailuredomainhostgroup.go index f590263a1..651fb4e5e 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vspherefailuredomainhostgroup.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vspherefailuredomainhostgroup.go @@ -4,9 +4,22 @@ package v1 // VSphereFailureDomainHostGroupApplyConfiguration represents a declarative configuration of the VSphereFailureDomainHostGroup type for use // with apply. +// +// VSphereFailureDomainHostGroup holds the vmGroup and the hostGroup names in vCenter +// corresponds to a vm-host group of type Virtual Machine and Host respectively. Is also +// contains the vmHostRule which is an affinity vm-host rule in vCenter. type VSphereFailureDomainHostGroupApplyConfiguration struct { - VMGroup *string `json:"vmGroup,omitempty"` - HostGroup *string `json:"hostGroup,omitempty"` + // vmGroup is the name of the vm-host group of type virtual machine within vCenter for this failure domain. + // vmGroup is limited to 80 characters. + // This field is required when the VSphereFailureDomain ZoneType is HostGroup + VMGroup *string `json:"vmGroup,omitempty"` + // hostGroup is the name of the vm-host group of type host within vCenter for this failure domain. + // hostGroup is limited to 80 characters. + // This field is required when the VSphereFailureDomain ZoneType is HostGroup + HostGroup *string `json:"hostGroup,omitempty"` + // vmHostRule is the name of the affinity vm-host rule within vCenter for this failure domain. + // vmHostRule is limited to 80 characters. + // This field is required when the VSphereFailureDomain ZoneType is HostGroup VMHostRule *string `json:"vmHostRule,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vspherefailuredomainregionaffinity.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vspherefailuredomainregionaffinity.go index bf923d829..83f1253c3 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vspherefailuredomainregionaffinity.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vspherefailuredomainregionaffinity.go @@ -8,7 +8,14 @@ import ( // VSphereFailureDomainRegionAffinityApplyConfiguration represents a declarative configuration of the VSphereFailureDomainRegionAffinity type for use // with apply. +// +// VSphereFailureDomainRegionAffinity contains the region type which is the string representation of the +// VSphereFailureDomainRegionType with available options of Datacenter and ComputeCluster. type VSphereFailureDomainRegionAffinityApplyConfiguration struct { + // type determines the vSphere object type for a region within this failure domain. + // Available types are Datacenter and ComputeCluster. + // When set to Datacenter, this means the vCenter Datacenter defined is the region. + // When set to ComputeCluster, this means the vCenter cluster defined is the region. Type *configv1.VSphereFailureDomainRegionType `json:"type,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vspherefailuredomainzoneaffinity.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vspherefailuredomainzoneaffinity.go index 5bbbe9556..1cbb05bed 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vspherefailuredomainzoneaffinity.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vspherefailuredomainzoneaffinity.go @@ -8,8 +8,21 @@ import ( // VSphereFailureDomainZoneAffinityApplyConfiguration represents a declarative configuration of the VSphereFailureDomainZoneAffinity type for use // with apply. +// +// VSphereFailureDomainZoneAffinity contains the vCenter cluster vm-host group (virtual machine and host types) +// and the vm-host affinity rule that together creates an affinity configuration for vm-host based zonal. +// This configuration within vCenter creates the required association between a failure domain, virtual machines +// and ESXi hosts to create a vm-host based zone. type VSphereFailureDomainZoneAffinityApplyConfiguration struct { - Type *configv1.VSphereFailureDomainZoneType `json:"type,omitempty"` + // type determines the vSphere object type for a zone within this failure domain. + // Available types are ComputeCluster and HostGroup. + // When set to ComputeCluster, this means the vCenter cluster defined is the zone. + // When set to HostGroup, hostGroup must be configured with hostGroup, vmGroup and vmHostRule and + // this means the zone is defined by the grouping of those fields. + Type *configv1.VSphereFailureDomainZoneType `json:"type,omitempty"` + // hostGroup holds the vmGroup and the hostGroup names in vCenter + // corresponds to a vm-host group of type Virtual Machine and Host respectively. Is also + // contains the vmHostRule which is an affinity vm-host rule in vCenter. HostGroup *VSphereFailureDomainHostGroupApplyConfiguration `json:"hostGroup,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vsphereplatformfailuredomainspec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vsphereplatformfailuredomainspec.go index aeb238882..4f3d37e0f 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vsphereplatformfailuredomainspec.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vsphereplatformfailuredomainspec.go @@ -4,14 +4,34 @@ package v1 // VSpherePlatformFailureDomainSpecApplyConfiguration represents a declarative configuration of the VSpherePlatformFailureDomainSpec type for use // with apply. +// +// VSpherePlatformFailureDomainSpec holds the region and zone failure domain and the vCenter topology of that failure domain. type VSpherePlatformFailureDomainSpecApplyConfiguration struct { - Name *string `json:"name,omitempty"` - Region *string `json:"region,omitempty"` - Zone *string `json:"zone,omitempty"` + // name defines the arbitrary but unique name + // of a failure domain. + Name *string `json:"name,omitempty"` + // region defines the name of a region tag that will + // be attached to a vCenter datacenter. The tag + // category in vCenter must be named openshift-region. + Region *string `json:"region,omitempty"` + // zone defines the name of a zone tag that will + // be attached to a vCenter cluster. The tag + // category in vCenter must be named openshift-zone. + Zone *string `json:"zone,omitempty"` + // regionAffinity holds the type of region, Datacenter or ComputeCluster. + // When set to Datacenter, this means the region is a vCenter Datacenter as defined in topology. + // When set to ComputeCluster, this means the region is a vCenter Cluster as defined in topology. RegionAffinity *VSphereFailureDomainRegionAffinityApplyConfiguration `json:"regionAffinity,omitempty"` - ZoneAffinity *VSphereFailureDomainZoneAffinityApplyConfiguration `json:"zoneAffinity,omitempty"` - Server *string `json:"server,omitempty"` - Topology *VSpherePlatformTopologyApplyConfiguration `json:"topology,omitempty"` + // zoneAffinity holds the type of the zone and the hostGroup which + // vmGroup and the hostGroup names in vCenter corresponds to + // a vm-host group of type Virtual Machine and Host respectively. Is also + // contains the vmHostRule which is an affinity vm-host rule in vCenter. + ZoneAffinity *VSphereFailureDomainZoneAffinityApplyConfiguration `json:"zoneAffinity,omitempty"` + // server is the fully-qualified domain name or the IP address of the vCenter server. + // --- + Server *string `json:"server,omitempty"` + // topology describes a given failure domain using vSphere constructs + Topology *VSpherePlatformTopologyApplyConfiguration `json:"topology,omitempty"` } // VSpherePlatformFailureDomainSpecApplyConfiguration constructs a declarative configuration of the VSpherePlatformFailureDomainSpec type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vsphereplatformloadbalancer.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vsphereplatformloadbalancer.go index 9eb2f57aa..be5b90e62 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vsphereplatformloadbalancer.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vsphereplatformloadbalancer.go @@ -8,7 +8,18 @@ import ( // VSpherePlatformLoadBalancerApplyConfiguration represents a declarative configuration of the VSpherePlatformLoadBalancer type for use // with apply. +// +// VSpherePlatformLoadBalancer defines the load balancer used by the cluster on VSphere platform. type VSpherePlatformLoadBalancerApplyConfiguration struct { + // type defines the type of load balancer used by the cluster on VSphere platform + // which can be a user-managed or openshift-managed load balancer + // that is to be used for the OpenShift API and Ingress endpoints. + // When set to OpenShiftManagedDefault the static pods in charge of API and Ingress traffic load-balancing + // defined in the machine config operator will be deployed. + // When set to UserManaged these static pods will not be deployed and it is expected that + // the load balancer is configured out of band by the deployer. + // When omitted, this means no opinion and the platform is left to choose a reasonable default. + // The default value is OpenShiftManagedDefault. Type *configv1.PlatformLoadBalancerType `json:"type,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vsphereplatformnodenetworking.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vsphereplatformnodenetworking.go index f83a0c50a..8926b249a 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vsphereplatformnodenetworking.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vsphereplatformnodenetworking.go @@ -4,8 +4,12 @@ package v1 // VSpherePlatformNodeNetworkingApplyConfiguration represents a declarative configuration of the VSpherePlatformNodeNetworking type for use // with apply. +// +// VSpherePlatformNodeNetworking holds the external and internal node networking spec. type VSpherePlatformNodeNetworkingApplyConfiguration struct { + // external represents the network configuration of the node that is externally routable. External *VSpherePlatformNodeNetworkingSpecApplyConfiguration `json:"external,omitempty"` + // internal represents the network configuration of the node that is routable only within the cluster. Internal *VSpherePlatformNodeNetworkingSpecApplyConfiguration `json:"internal,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vsphereplatformnodenetworkingspec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vsphereplatformnodenetworkingspec.go index 670448d3c..e90950493 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vsphereplatformnodenetworkingspec.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vsphereplatformnodenetworkingspec.go @@ -4,9 +4,27 @@ package v1 // VSpherePlatformNodeNetworkingSpecApplyConfiguration represents a declarative configuration of the VSpherePlatformNodeNetworkingSpec type for use // with apply. +// +// VSpherePlatformNodeNetworkingSpec holds the network CIDR(s) and port group name for +// including and excluding IP ranges in the cloud provider. +// This would be used for example when multiple network adapters are attached to +// a guest to help determine which IP address the cloud config manager should use +// for the external and internal node networking. type VSpherePlatformNodeNetworkingSpecApplyConfiguration struct { - NetworkSubnetCIDR []string `json:"networkSubnetCidr,omitempty"` - Network *string `json:"network,omitempty"` + // networkSubnetCidr IP address on VirtualMachine's network interfaces included in the fields' CIDRs + // that will be used in respective status.addresses fields. + // --- + NetworkSubnetCIDR []string `json:"networkSubnetCidr,omitempty"` + // network VirtualMachine's VM Network names that will be used to when searching + // for status.addresses fields. Note that if internal.networkSubnetCIDR and + // external.networkSubnetCIDR are not set, then the vNIC associated to this network must + // only have a single IP address assigned to it. + // The available networks (port groups) can be listed using + // `govc ls 'network/*'` + Network *string `json:"network,omitempty"` + // excludeNetworkSubnetCidr IP addresses in subnet ranges will be excluded when selecting + // the IP address from the VirtualMachine's VM for use in the status.addresses fields. + // --- ExcludeNetworkSubnetCIDR []string `json:"excludeNetworkSubnetCidr,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vsphereplatformspec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vsphereplatformspec.go index d0d191331..4f31602e5 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vsphereplatformspec.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vsphereplatformspec.go @@ -8,13 +8,53 @@ import ( // VSpherePlatformSpecApplyConfiguration represents a declarative configuration of the VSpherePlatformSpec type for use // with apply. +// +// VSpherePlatformSpec holds the desired state of the vSphere infrastructure provider. +// In the future the cloud provider operator, storage operator and machine operator will +// use these fields for configuration. type VSpherePlatformSpecApplyConfiguration struct { - VCenters []VSpherePlatformVCenterSpecApplyConfiguration `json:"vcenters,omitempty"` - FailureDomains []VSpherePlatformFailureDomainSpecApplyConfiguration `json:"failureDomains,omitempty"` - NodeNetworking *VSpherePlatformNodeNetworkingApplyConfiguration `json:"nodeNetworking,omitempty"` - APIServerInternalIPs []configv1.IP `json:"apiServerInternalIPs,omitempty"` - IngressIPs []configv1.IP `json:"ingressIPs,omitempty"` - MachineNetworks []configv1.CIDR `json:"machineNetworks,omitempty"` + // vcenters holds the connection details for services to communicate with vCenter. + // Up to 3 vCenters are supported. + // Once the cluster has been installed, you are unable to change the current number of defined + // vCenters except when 1.) the cluster has been upgraded from a version of OpenShift + // where the vsphere platform spec was not present or 2.) in TechPreview you are able to add and + // remove vCenters but may not remove all vCenters. You may make modifications to the existing + // vCenters that are defined in the vcenters list in order to match with any added or modified + // failure domains. + // --- + VCenters []VSpherePlatformVCenterSpecApplyConfiguration `json:"vcenters,omitempty"` + // failureDomains contains the definition of region, zone and the vCenter topology. + // If this is omitted failure domains (regions and zones) will not be used. + FailureDomains []VSpherePlatformFailureDomainSpecApplyConfiguration `json:"failureDomains,omitempty"` + // nodeNetworking contains the definition of internal and external network constraints for + // assigning the node's networking. + // If this field is omitted, networking defaults to the legacy + // address selection behavior which is to only support a single address and + // return the first one found. + NodeNetworking *VSpherePlatformNodeNetworkingApplyConfiguration `json:"nodeNetworking,omitempty"` + // apiServerInternalIPs are the IP addresses to contact the Kubernetes API + // server that can be used by components inside the cluster, like kubelets + // using the infrastructure rather than Kubernetes networking. These are the + // IPs for a self-hosted load balancer in front of the API servers. + // In dual stack clusters this list contains two IP addresses, one from IPv4 + // family and one from IPv6. + // In single stack clusters a single IP address is expected. + // When omitted, values from the status.apiServerInternalIPs will be used. + // Once set, the list cannot be completely removed (but its second entry can). + APIServerInternalIPs []configv1.IP `json:"apiServerInternalIPs,omitempty"` + // ingressIPs are the external IPs which route to the default ingress + // controller. The IPs are suitable targets of a wildcard DNS record used to + // resolve default route host names. + // In dual stack clusters this list contains two IP addresses, one from IPv4 + // family and one from IPv6. + // In single stack clusters a single IP address is expected. + // When omitted, values from the status.ingressIPs will be used. + // Once set, the list cannot be completely removed (but its second entry can). + IngressIPs []configv1.IP `json:"ingressIPs,omitempty"` + // machineNetworks are IP networks used to connect all the OpenShift cluster + // nodes. Each network is provided in the CIDR format and should be IPv4 or IPv6, + // for example "10.0.0.0/8" or "fd00::/8". + MachineNetworks []configv1.CIDR `json:"machineNetworks,omitempty"` } // VSpherePlatformSpecApplyConfiguration constructs a declarative configuration of the VSpherePlatformSpec type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vsphereplatformstatus.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vsphereplatformstatus.go index a3cfc9b1c..6d7ca4e85 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vsphereplatformstatus.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vsphereplatformstatus.go @@ -8,15 +8,56 @@ import ( // VSpherePlatformStatusApplyConfiguration represents a declarative configuration of the VSpherePlatformStatus type for use // with apply. +// +// VSpherePlatformStatus holds the current status of the vSphere infrastructure provider. type VSpherePlatformStatusApplyConfiguration struct { - APIServerInternalIP *string `json:"apiServerInternalIP,omitempty"` - APIServerInternalIPs []string `json:"apiServerInternalIPs,omitempty"` - IngressIP *string `json:"ingressIP,omitempty"` - IngressIPs []string `json:"ingressIPs,omitempty"` - NodeDNSIP *string `json:"nodeDNSIP,omitempty"` - LoadBalancer *VSpherePlatformLoadBalancerApplyConfiguration `json:"loadBalancer,omitempty"` - DNSRecordsType *configv1.DNSRecordsType `json:"dnsRecordsType,omitempty"` - MachineNetworks []configv1.CIDR `json:"machineNetworks,omitempty"` + // apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used + // by components inside the cluster, like kubelets using the infrastructure rather + // than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI + // points to. It is the IP for a self-hosted load balancer in front of the API servers. + // + // Deprecated: Use APIServerInternalIPs instead. + APIServerInternalIP *string `json:"apiServerInternalIP,omitempty"` + // apiServerInternalIPs are the IP addresses to contact the Kubernetes API + // server that can be used by components inside the cluster, like kubelets + // using the infrastructure rather than Kubernetes networking. These are the + // IPs for a self-hosted load balancer in front of the API servers. In dual + // stack clusters this list contains two IPs otherwise only one. + APIServerInternalIPs []string `json:"apiServerInternalIPs,omitempty"` + // ingressIP is an external IP which routes to the default ingress controller. + // The IP is a suitable target of a wildcard DNS record used to resolve default route host names. + // + // Deprecated: Use IngressIPs instead. + IngressIP *string `json:"ingressIP,omitempty"` + // ingressIPs are the external IPs which route to the default ingress + // controller. The IPs are suitable targets of a wildcard DNS record used to + // resolve default route host names. In dual stack clusters this list + // contains two IPs otherwise only one. + IngressIPs []string `json:"ingressIPs,omitempty"` + // nodeDNSIP is the IP address for the internal DNS used by the + // nodes. Unlike the one managed by the DNS operator, `NodeDNSIP` + // provides name resolution for the nodes themselves. There is no DNS-as-a-service for + // vSphere deployments. In order to minimize necessary changes to the + // datacenter DNS, a DNS service is hosted as a static pod to serve those hostnames + // to the nodes in the cluster. + NodeDNSIP *string `json:"nodeDNSIP,omitempty"` + // loadBalancer defines how the load balancer used by the cluster is configured. + LoadBalancer *VSpherePlatformLoadBalancerApplyConfiguration `json:"loadBalancer,omitempty"` + // dnsRecordsType determines whether records for api, api-int, and ingress + // are provided by the internal DNS service or externally. + // Allowed values are `Internal`, `External`, and omitted. + // When set to `Internal`, records are provided by the internal infrastructure and + // no additional user configuration is required for the cluster to function. + // When set to `External`, records are not provided by the internal infrastructure + // and must be configured by the user on a DNS server outside the cluster. + // Cluster nodes must use this external server for their upstream DNS requests. + // This value may only be set when loadBalancer.type is set to UserManaged. + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // The current default is `Internal`. + DNSRecordsType *configv1.DNSRecordsType `json:"dnsRecordsType,omitempty"` + // machineNetworks are IP networks used to connect all the OpenShift cluster nodes. + MachineNetworks []configv1.CIDR `json:"machineNetworks,omitempty"` } // VSpherePlatformStatusApplyConfiguration constructs a declarative configuration of the VSpherePlatformStatus type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vsphereplatformtopology.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vsphereplatformtopology.go index a3036a5cf..411f55207 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vsphereplatformtopology.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vsphereplatformtopology.go @@ -4,14 +4,51 @@ package v1 // VSpherePlatformTopologyApplyConfiguration represents a declarative configuration of the VSpherePlatformTopology type for use // with apply. +// +// VSpherePlatformTopology holds the required and optional vCenter objects - datacenter, +// computeCluster, networks, datastore and resourcePool - to provision virtual machines. type VSpherePlatformTopologyApplyConfiguration struct { - Datacenter *string `json:"datacenter,omitempty"` - ComputeCluster *string `json:"computeCluster,omitempty"` - Networks []string `json:"networks,omitempty"` - Datastore *string `json:"datastore,omitempty"` - ResourcePool *string `json:"resourcePool,omitempty"` - Folder *string `json:"folder,omitempty"` - Template *string `json:"template,omitempty"` + // datacenter is the name of vCenter datacenter in which virtual machines will be located. + // The maximum length of the datacenter name is 80 characters. + Datacenter *string `json:"datacenter,omitempty"` + // computeCluster the absolute path of the vCenter cluster + // in which virtual machine will be located. + // The absolute path is of the form //host/. + // The maximum length of the path is 2048 characters. + ComputeCluster *string `json:"computeCluster,omitempty"` + // networks is the list of port group network names within this failure domain. + // If feature gate VSphereMultiNetworks is enabled, up to 10 network adapters may be defined. + // 10 is the maximum number of virtual network devices which may be attached to a VM as defined by: + // https://configmax.esp.vmware.com/guest?vmwareproduct=vSphere&release=vSphere%208.0&categories=1-0 + // The available networks (port groups) can be listed using + // `govc ls 'network/*'` + // Networks should be in the form of an absolute path: + // //network/. + Networks []string `json:"networks,omitempty"` + // datastore is the absolute path of the datastore in which the + // virtual machine is located. + // The absolute path is of the form //datastore/ + // The maximum length of the path is 2048 characters. + Datastore *string `json:"datastore,omitempty"` + // resourcePool is the absolute path of the resource pool where virtual machines will be + // created. The absolute path is of the form //host//Resources/. + // The maximum length of the path is 2048 characters. + ResourcePool *string `json:"resourcePool,omitempty"` + // folder is the absolute path of the folder where + // virtual machines are located. The absolute path + // is of the form //vm/. + // The maximum length of the path is 2048 characters. + Folder *string `json:"folder,omitempty"` + // template is the full inventory path of the virtual machine or template + // that will be cloned when creating new machines in this failure domain. + // The maximum length of the path is 2048 characters. + // + // When omitted, the template will be calculated by the control plane + // machineset operator based on the region and zone defined in + // VSpherePlatformFailureDomainSpec. + // For example, for zone=zonea, region=region1, and infrastructure name=test, + // the template path would be calculated as //vm/test-rhcos-region1-zonea. + Template *string `json:"template,omitempty"` } // VSpherePlatformTopologyApplyConfiguration constructs a declarative configuration of the VSpherePlatformTopology type for use with diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vsphereplatformvcenterspec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vsphereplatformvcenterspec.go index ff6527618..6a05ec6b6 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vsphereplatformvcenterspec.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vsphereplatformvcenterspec.go @@ -4,9 +4,24 @@ package v1 // VSpherePlatformVCenterSpecApplyConfiguration represents a declarative configuration of the VSpherePlatformVCenterSpec type for use // with apply. +// +// VSpherePlatformVCenterSpec stores the vCenter connection fields. +// This is used by the vSphere CCM. type VSpherePlatformVCenterSpecApplyConfiguration struct { - Server *string `json:"server,omitempty"` - Port *int32 `json:"port,omitempty"` + // server is the fully-qualified domain name or the IP address of the vCenter server. + // --- + Server *string `json:"server,omitempty"` + // port is the TCP port that will be used to communicate to + // the vCenter endpoint. + // When omitted, this means the user has no opinion and + // it is up to the platform to choose a sensible default, + // which is subject to change over time. + Port *int32 `json:"port,omitempty"` + // The vCenter Datacenters in which the RHCOS + // vm guests are located. This field will + // be used by the Cloud Controller Manager. + // Each datacenter listed here should be used within + // a topology. Datacenters []string `json:"datacenters,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/webhooktokenauthenticator.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/webhooktokenauthenticator.go index 4ed9e2d2d..24caa55d8 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/webhooktokenauthenticator.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/webhooktokenauthenticator.go @@ -4,7 +4,20 @@ package v1 // WebhookTokenAuthenticatorApplyConfiguration represents a declarative configuration of the WebhookTokenAuthenticator type for use // with apply. +// +// webhookTokenAuthenticator holds the necessary configuration options for a remote token authenticator type WebhookTokenAuthenticatorApplyConfiguration struct { + // kubeConfig references a secret that contains kube config file data which + // describes how to access the remote webhook service. + // The namespace for the referenced secret is openshift-config. + // + // For further details, see: + // + // https://kubernetes.io/docs/reference/access-authn-authz/authentication/#webhook-token-authentication + // + // The key "kubeConfig" is used to locate the data. + // If the secret or expected key is not found, the webhook is not honored. + // If the specified kube config data is not valid, the webhook is not honored. KubeConfig *SecretNameReferenceApplyConfiguration `json:"kubeConfig,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/internal/internal.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/internal/internal.go index 65906b80c..10bf2d9bd 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/internal/internal.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/internal/internal.go @@ -23,92 +23,80 @@ func Parser() *typed.Parser { var parserOnce sync.Once var parser *typed.Parser var schemaYAML = typed.YAMLObject(`types: -- name: com.github.openshift.api.config.v1.APIServer +- name: Condition.v1.meta.apis.pkg.apimachinery.k8s.io map: fields: - - name: apiVersion + - name: lastTransitionTime type: - scalar: string - - name: kind + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io + - name: message type: scalar: string - - name: metadata + default: "" + - name: observedGeneration type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta - default: {} - - name: spec + scalar: numeric + - name: reason type: - namedType: com.github.openshift.api.config.v1.APIServerSpec - default: {} + scalar: string + default: "" - name: status type: - namedType: com.github.openshift.api.config.v1.APIServerStatus - default: {} -- name: com.github.openshift.api.config.v1.APIServerEncryption - map: - fields: - - name: kms - type: - namedType: com.github.openshift.api.config.v1.KMSConfig + scalar: string + default: "" - name: type type: scalar: string - unions: - - discriminator: type - fields: - - fieldName: kms - discriminatorValue: KMS -- name: com.github.openshift.api.config.v1.APIServerNamedServingCert + default: "" +- name: ConfigMapKeySelector.v1.core.api.k8s.io map: fields: - - name: names + - name: key type: - list: - elementType: - scalar: string - elementRelationship: atomic - - name: servingCertificate + scalar: string + default: "" + - name: name type: - namedType: com.github.openshift.api.config.v1.SecretNameReference - default: {} -- name: com.github.openshift.api.config.v1.APIServerServingCerts + scalar: string + default: "" + - name: optional + type: + scalar: boolean + elementRelationship: atomic +- name: Duration.v1.meta.apis.pkg.apimachinery.k8s.io + scalar: string +- name: EnvVar.v1.core.api.k8s.io map: fields: - - name: namedCertificates + - name: name type: - list: - elementType: - namedType: com.github.openshift.api.config.v1.APIServerNamedServingCert - elementRelationship: atomic -- name: com.github.openshift.api.config.v1.APIServerSpec + scalar: string + default: "" + - name: value + type: + scalar: string + - name: valueFrom + type: + namedType: EnvVarSource.v1.core.api.k8s.io +- name: EnvVarSource.v1.core.api.k8s.io map: fields: - - name: additionalCORSAllowedOrigins - type: - list: - elementType: - scalar: string - elementRelationship: atomic - - name: audit + - name: configMapKeyRef type: - namedType: com.github.openshift.api.config.v1.Audit - default: {} - - name: clientCA + namedType: ConfigMapKeySelector.v1.core.api.k8s.io + - name: fieldRef type: - namedType: com.github.openshift.api.config.v1.ConfigMapNameReference - default: {} - - name: encryption + namedType: ObjectFieldSelector.v1.core.api.k8s.io + - name: fileKeyRef type: - namedType: com.github.openshift.api.config.v1.APIServerEncryption - default: {} - - name: servingCerts + namedType: FileKeySelector.v1.core.api.k8s.io + - name: resourceFieldRef type: - namedType: com.github.openshift.api.config.v1.APIServerServingCerts - default: {} - - name: tlsSecurityProfile + namedType: ResourceFieldSelector.v1.core.api.k8s.io + - name: secretKeyRef type: - namedType: com.github.openshift.api.config.v1.TLSSecurityProfile -- name: com.github.openshift.api.config.v1.APIServerStatus + namedType: SecretKeySelector.v1.core.api.k8s.io +- name: FieldsV1.v1.meta.apis.pkg.apimachinery.k8s.io map: elementType: scalar: untyped @@ -120,180 +108,748 @@ var schemaYAML = typed.YAMLObject(`types: elementType: namedType: __untyped_deduced_ elementRelationship: separable -- name: com.github.openshift.api.config.v1.AWSDNSSpec +- name: FileKeySelector.v1.core.api.k8s.io map: fields: - - name: privateZoneIAMRole + - name: key type: scalar: string default: "" -- name: com.github.openshift.api.config.v1.AWSIngressSpec - map: - fields: - - name: type + - name: optional type: - scalar: string - default: "" - unions: - - discriminator: type -- name: com.github.openshift.api.config.v1.AWSKMSConfig - map: - fields: - - name: keyARN + scalar: boolean + default: false + - name: path type: scalar: string default: "" - - name: region + - name: volumeName type: scalar: string default: "" -- name: com.github.openshift.api.config.v1.AWSPlatformSpec + elementRelationship: atomic +- name: LabelSelector.v1.meta.apis.pkg.apimachinery.k8s.io map: fields: - - name: serviceEndpoints + - name: matchExpressions type: list: elementType: - namedType: com.github.openshift.api.config.v1.AWSServiceEndpoint + namedType: LabelSelectorRequirement.v1.meta.apis.pkg.apimachinery.k8s.io elementRelationship: atomic -- name: com.github.openshift.api.config.v1.AWSPlatformStatus + - name: matchLabels + type: + map: + elementType: + scalar: string + elementRelationship: atomic +- name: LabelSelectorRequirement.v1.meta.apis.pkg.apimachinery.k8s.io map: fields: - - name: cloudLoadBalancerConfig - type: - namedType: com.github.openshift.api.config.v1.CloudLoadBalancerConfig - default: - dnsType: PlatformDefault - - name: ipFamily + - name: key type: scalar: string - default: IPv4 - - name: region + default: "" + - name: operator type: scalar: string default: "" - - name: resourceTags - type: - list: - elementType: - namedType: com.github.openshift.api.config.v1.AWSResourceTag - elementRelationship: atomic - - name: serviceEndpoints + - name: values type: list: elementType: - namedType: com.github.openshift.api.config.v1.AWSServiceEndpoint + scalar: string elementRelationship: atomic -- name: com.github.openshift.api.config.v1.AWSResourceTag +- name: ManagedFieldsEntry.v1.meta.apis.pkg.apimachinery.k8s.io map: fields: - - name: key + - name: apiVersion type: scalar: string - default: "" - - name: value + - name: fieldsType type: scalar: string - default: "" -- name: com.github.openshift.api.config.v1.AWSServiceEndpoint - map: - fields: - - name: name + - name: fieldsV1 + type: + namedType: FieldsV1.v1.meta.apis.pkg.apimachinery.k8s.io + - name: manager type: scalar: string - default: "" - - name: url + - name: operation type: scalar: string - default: "" -- name: com.github.openshift.api.config.v1.AcceptRisk - map: - fields: - - name: name + - name: subresource type: scalar: string -- name: com.github.openshift.api.config.v1.AlibabaCloudPlatformSpec - map: - elementType: - scalar: untyped - list: - elementType: - namedType: __untyped_atomic_ - elementRelationship: atomic - map: - elementType: - namedType: __untyped_deduced_ - elementRelationship: separable -- name: com.github.openshift.api.config.v1.AlibabaCloudPlatformStatus + - name: time + type: + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io +- name: ModifyVolumeStatus.v1.core.api.k8s.io map: fields: - - name: region + - name: status type: scalar: string default: "" - - name: resourceGroupID + - name: targetVolumeAttributesClassName type: scalar: string - - name: resourceTags - type: - list: - elementType: - namedType: com.github.openshift.api.config.v1.AlibabaCloudResourceTag - elementRelationship: associative - keys: - - key -- name: com.github.openshift.api.config.v1.AlibabaCloudResourceTag +- name: ObjectFieldSelector.v1.core.api.k8s.io map: fields: - - name: key + - name: apiVersion type: scalar: string - default: "" - - name: value + - name: fieldPath type: scalar: string default: "" -- name: com.github.openshift.api.config.v1.Audit + elementRelationship: atomic +- name: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io map: fields: - - name: customRules + - name: annotations + type: + map: + elementType: + scalar: string + - name: creationTimestamp + type: + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io + - name: deletionGracePeriodSeconds + type: + scalar: numeric + - name: deletionTimestamp + type: + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io + - name: finalizers type: list: elementType: - namedType: com.github.openshift.api.config.v1.AuditCustomRule + scalar: string elementRelationship: associative - keys: - - group - - name: profile + - name: generateName type: scalar: string -- name: com.github.openshift.api.config.v1.AuditCustomRule - map: - fields: - - name: group + - name: generation type: - scalar: string - default: "" - - name: profile + scalar: numeric + - name: labels type: - scalar: string - default: "" -- name: com.github.openshift.api.config.v1.Authentication - map: - fields: - - name: apiVersion + map: + elementType: + scalar: string + - name: managedFields type: - scalar: string - - name: kind + list: + elementType: + namedType: ManagedFieldsEntry.v1.meta.apis.pkg.apimachinery.k8s.io + elementRelationship: atomic + - name: name type: scalar: string - - name: metadata + - name: namespace type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta - default: {} - - name: spec + scalar: string + - name: ownerReferences type: - namedType: com.github.openshift.api.config.v1.AuthenticationSpec + list: + elementType: + namedType: OwnerReference.v1.meta.apis.pkg.apimachinery.k8s.io + elementRelationship: associative + keys: + - uid + - name: resourceVersion + type: + scalar: string + - name: selfLink + type: + scalar: string + - name: uid + type: + scalar: string +- name: OwnerReference.v1.meta.apis.pkg.apimachinery.k8s.io + map: + fields: + - name: apiVersion + type: + scalar: string + default: "" + - name: blockOwnerDeletion + type: + scalar: boolean + - name: controller + type: + scalar: boolean + - name: kind + type: + scalar: string + default: "" + - name: name + type: + scalar: string + default: "" + - name: uid + type: + scalar: string + default: "" + elementRelationship: atomic +- name: PersistentVolumeClaim.v1.core.api.k8s.io + map: + fields: + - name: apiVersion + type: + scalar: string + - name: kind + type: + scalar: string + - name: metadata + type: + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io + default: {} + - name: spec + type: + namedType: PersistentVolumeClaimSpec.v1.core.api.k8s.io + default: {} + - name: status + type: + namedType: PersistentVolumeClaimStatus.v1.core.api.k8s.io + default: {} +- name: PersistentVolumeClaimCondition.v1.core.api.k8s.io + map: + fields: + - name: lastProbeTime + type: + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io + - name: lastTransitionTime + type: + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io + - name: message + type: + scalar: string + - name: reason + type: + scalar: string + - name: status + type: + scalar: string + default: "" + - name: type + type: + scalar: string + default: "" +- name: PersistentVolumeClaimSpec.v1.core.api.k8s.io + map: + fields: + - name: accessModes + type: + list: + elementType: + scalar: string + elementRelationship: atomic + - name: dataSource + type: + namedType: TypedLocalObjectReference.v1.core.api.k8s.io + - name: dataSourceRef + type: + namedType: TypedObjectReference.v1.core.api.k8s.io + - name: resources + type: + namedType: VolumeResourceRequirements.v1.core.api.k8s.io + default: {} + - name: selector + type: + namedType: LabelSelector.v1.meta.apis.pkg.apimachinery.k8s.io + - name: storageClassName + type: + scalar: string + - name: volumeAttributesClassName + type: + scalar: string + - name: volumeMode + type: + scalar: string + - name: volumeName + type: + scalar: string +- name: PersistentVolumeClaimStatus.v1.core.api.k8s.io + map: + fields: + - name: accessModes + type: + list: + elementType: + scalar: string + elementRelationship: atomic + - name: allocatedResourceStatuses + type: + map: + elementType: + scalar: string + elementRelationship: separable + - name: allocatedResources + type: + map: + elementType: + namedType: Quantity.resource.api.pkg.apimachinery.k8s.io + - name: capacity + type: + map: + elementType: + namedType: Quantity.resource.api.pkg.apimachinery.k8s.io + - name: conditions + type: + list: + elementType: + namedType: PersistentVolumeClaimCondition.v1.core.api.k8s.io + elementRelationship: associative + keys: + - type + - name: currentVolumeAttributesClassName + type: + scalar: string + - name: modifyVolumeStatus + type: + namedType: ModifyVolumeStatus.v1.core.api.k8s.io + - name: phase + type: + scalar: string +- name: Quantity.resource.api.pkg.apimachinery.k8s.io + scalar: string +- name: RawExtension.runtime.pkg.apimachinery.k8s.io + map: + elementType: + scalar: untyped + list: + elementType: + namedType: __untyped_atomic_ + elementRelationship: atomic + map: + elementType: + namedType: __untyped_deduced_ + elementRelationship: separable +- name: ResourceClaim.v1.core.api.k8s.io + map: + fields: + - name: name + type: + scalar: string + default: "" + - name: request + type: + scalar: string +- name: ResourceFieldSelector.v1.core.api.k8s.io + map: + fields: + - name: containerName + type: + scalar: string + - name: divisor + type: + namedType: Quantity.resource.api.pkg.apimachinery.k8s.io + - name: resource + type: + scalar: string + default: "" + elementRelationship: atomic +- name: ResourceRequirements.v1.core.api.k8s.io + map: + fields: + - name: claims + type: + list: + elementType: + namedType: ResourceClaim.v1.core.api.k8s.io + elementRelationship: associative + keys: + - name + - name: limits + type: + map: + elementType: + namedType: Quantity.resource.api.pkg.apimachinery.k8s.io + - name: requests + type: + map: + elementType: + namedType: Quantity.resource.api.pkg.apimachinery.k8s.io +- name: SecretKeySelector.v1.core.api.k8s.io + map: + fields: + - name: key + type: + scalar: string + default: "" + - name: name + type: + scalar: string + default: "" + - name: optional + type: + scalar: boolean + elementRelationship: atomic +- name: Time.v1.meta.apis.pkg.apimachinery.k8s.io + scalar: untyped +- name: Toleration.v1.core.api.k8s.io + map: + fields: + - name: effect + type: + scalar: string + - name: key + type: + scalar: string + - name: operator + type: + scalar: string + - name: tolerationSeconds + type: + scalar: numeric + - name: value + type: + scalar: string +- name: TopologySpreadConstraint.v1.core.api.k8s.io + map: + fields: + - name: labelSelector + type: + namedType: LabelSelector.v1.meta.apis.pkg.apimachinery.k8s.io + - name: matchLabelKeys + type: + list: + elementType: + scalar: string + elementRelationship: atomic + - name: maxSkew + type: + scalar: numeric + default: 0 + - name: minDomains + type: + scalar: numeric + - name: nodeAffinityPolicy + type: + scalar: string + - name: nodeTaintsPolicy + type: + scalar: string + - name: topologyKey + type: + scalar: string + default: "" + - name: whenUnsatisfiable + type: + scalar: string + default: "" +- name: TypedLocalObjectReference.v1.core.api.k8s.io + map: + fields: + - name: apiGroup + type: + scalar: string + - name: kind + type: + scalar: string + default: "" + - name: name + type: + scalar: string + default: "" + elementRelationship: atomic +- name: TypedObjectReference.v1.core.api.k8s.io + map: + fields: + - name: apiGroup + type: + scalar: string + - name: kind + type: + scalar: string + default: "" + - name: name + type: + scalar: string + default: "" + - name: namespace + type: + scalar: string +- name: VolumeResourceRequirements.v1.core.api.k8s.io + map: + fields: + - name: limits + type: + map: + elementType: + namedType: Quantity.resource.api.pkg.apimachinery.k8s.io + - name: requests + type: + map: + elementType: + namedType: Quantity.resource.api.pkg.apimachinery.k8s.io +- name: com.github.openshift.api.config.v1.APIServer + map: + fields: + - name: apiVersion + type: + scalar: string + - name: kind + type: + scalar: string + - name: metadata + type: + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io + default: {} + - name: spec + type: + namedType: com.github.openshift.api.config.v1.APIServerSpec + default: {} + - name: status + type: + namedType: com.github.openshift.api.config.v1.APIServerStatus + default: {} +- name: com.github.openshift.api.config.v1.APIServerEncryption + map: + fields: + - name: kms + type: + namedType: com.github.openshift.api.config.v1.KMSPluginConfig + default: {} + - name: type + type: + scalar: string + unions: + - discriminator: type + fields: + - fieldName: kms + discriminatorValue: KMS +- name: com.github.openshift.api.config.v1.APIServerNamedServingCert + map: + fields: + - name: names + type: + list: + elementType: + scalar: string + elementRelationship: atomic + - name: servingCertificate + type: + namedType: com.github.openshift.api.config.v1.SecretNameReference + default: {} +- name: com.github.openshift.api.config.v1.APIServerServingCerts + map: + fields: + - name: namedCertificates + type: + list: + elementType: + namedType: com.github.openshift.api.config.v1.APIServerNamedServingCert + elementRelationship: atomic +- name: com.github.openshift.api.config.v1.APIServerSpec + map: + fields: + - name: additionalCORSAllowedOrigins + type: + list: + elementType: + scalar: string + elementRelationship: atomic + - name: audit + type: + namedType: com.github.openshift.api.config.v1.Audit + default: {} + - name: clientCA + type: + namedType: com.github.openshift.api.config.v1.ConfigMapNameReference + default: {} + - name: encryption + type: + namedType: com.github.openshift.api.config.v1.APIServerEncryption + default: {} + - name: servingCerts + type: + namedType: com.github.openshift.api.config.v1.APIServerServingCerts + default: {} + - name: tlsAdherence + type: + scalar: string + - name: tlsSecurityProfile + type: + namedType: com.github.openshift.api.config.v1.TLSSecurityProfile +- name: com.github.openshift.api.config.v1.APIServerStatus + map: + elementType: + scalar: untyped + list: + elementType: + namedType: __untyped_atomic_ + elementRelationship: atomic + map: + elementType: + namedType: __untyped_deduced_ + elementRelationship: separable +- name: com.github.openshift.api.config.v1.AWSDNSSpec + map: + fields: + - name: privateZoneIAMRole + type: + scalar: string + default: "" +- name: com.github.openshift.api.config.v1.AWSIngressSpec + map: + fields: + - name: type + type: + scalar: string + default: "" + unions: + - discriminator: type +- name: com.github.openshift.api.config.v1.AWSPlatformSpec + map: + fields: + - name: serviceEndpoints + type: + list: + elementType: + namedType: com.github.openshift.api.config.v1.AWSServiceEndpoint + elementRelationship: atomic +- name: com.github.openshift.api.config.v1.AWSPlatformStatus + map: + fields: + - name: cloudLoadBalancerConfig + type: + namedType: com.github.openshift.api.config.v1.CloudLoadBalancerConfig + default: + dnsType: PlatformDefault + - name: ipFamily + type: + scalar: string + default: IPv4 + - name: region + type: + scalar: string + default: "" + - name: resourceTags + type: + list: + elementType: + namedType: com.github.openshift.api.config.v1.AWSResourceTag + elementRelationship: atomic + - name: serviceEndpoints + type: + list: + elementType: + namedType: com.github.openshift.api.config.v1.AWSServiceEndpoint + elementRelationship: atomic +- name: com.github.openshift.api.config.v1.AWSResourceTag + map: + fields: + - name: key + type: + scalar: string + default: "" + - name: value + type: + scalar: string + default: "" +- name: com.github.openshift.api.config.v1.AWSServiceEndpoint + map: + fields: + - name: name + type: + scalar: string + default: "" + - name: url + type: + scalar: string + default: "" +- name: com.github.openshift.api.config.v1.AcceptRisk + map: + fields: + - name: name + type: + scalar: string +- name: com.github.openshift.api.config.v1.AlibabaCloudPlatformSpec + map: + elementType: + scalar: untyped + list: + elementType: + namedType: __untyped_atomic_ + elementRelationship: atomic + map: + elementType: + namedType: __untyped_deduced_ + elementRelationship: separable +- name: com.github.openshift.api.config.v1.AlibabaCloudPlatformStatus + map: + fields: + - name: region + type: + scalar: string + default: "" + - name: resourceGroupID + type: + scalar: string + - name: resourceTags + type: + list: + elementType: + namedType: com.github.openshift.api.config.v1.AlibabaCloudResourceTag + elementRelationship: associative + keys: + - key +- name: com.github.openshift.api.config.v1.AlibabaCloudResourceTag + map: + fields: + - name: key + type: + scalar: string + default: "" + - name: value + type: + scalar: string + default: "" +- name: com.github.openshift.api.config.v1.Audit + map: + fields: + - name: customRules + type: + list: + elementType: + namedType: com.github.openshift.api.config.v1.AuditCustomRule + elementRelationship: associative + keys: + - group + - name: profile + type: + scalar: string +- name: com.github.openshift.api.config.v1.AuditCustomRule + map: + fields: + - name: group + type: + scalar: string + default: "" + - name: profile + type: + scalar: string + default: "" +- name: com.github.openshift.api.config.v1.Authentication + map: + fields: + - name: apiVersion + type: + scalar: string + - name: kind + type: + scalar: string + - name: metadata + type: + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io + default: {} + - name: spec + type: + namedType: com.github.openshift.api.config.v1.AuthenticationSpec default: {} - name: status type: @@ -499,7 +1055,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -515,7 +1071,7 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.api.core.v1.EnvVar + namedType: EnvVar.v1.core.api.k8s.io elementRelationship: atomic - name: gitProxy type: @@ -528,7 +1084,7 @@ var schemaYAML = typed.YAMLObject(`types: elementRelationship: atomic - name: resources type: - namedType: io.k8s.api.core.v1.ResourceRequirements + namedType: ResourceRequirements.v1.core.api.k8s.io default: {} - name: com.github.openshift.api.config.v1.BuildOverrides map: @@ -551,7 +1107,7 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.api.core.v1.Toleration + namedType: Toleration.v1.core.api.k8s.io elementRelationship: atomic - name: com.github.openshift.api.config.v1.BuildSpec map: @@ -568,6 +1124,35 @@ var schemaYAML = typed.YAMLObject(`types: type: namedType: com.github.openshift.api.config.v1.BuildOverrides default: {} +- name: com.github.openshift.api.config.v1.ClientCredentialConfig + map: + fields: + - name: clientID + type: + scalar: string + - name: clientSecret + type: + namedType: com.github.openshift.api.config.v1.ClientSecretSecretReference + default: {} + - name: scopes + type: + list: + elementType: + scalar: string + elementRelationship: associative + - name: tls + type: + namedType: com.github.openshift.api.config.v1.ExternalSourceTLS + default: {} + - name: tokenEndpoint + type: + scalar: string +- name: com.github.openshift.api.config.v1.ClientSecretSecretReference + map: + fields: + - name: name + type: + scalar: string - name: com.github.openshift.api.config.v1.CloudControllerManagerStatus map: fields: @@ -632,7 +1217,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -662,7 +1247,7 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Condition + namedType: Condition.v1.meta.apis.pkg.apimachinery.k8s.io elementRelationship: associative keys: - type @@ -687,7 +1272,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -722,7 +1307,7 @@ var schemaYAML = typed.YAMLObject(`types: - type - name: extension type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: relatedObjects type: list: @@ -740,7 +1325,7 @@ var schemaYAML = typed.YAMLObject(`types: fields: - name: lastTransitionTime type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io - name: message type: scalar: string @@ -766,7 +1351,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -943,7 +1528,7 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Condition + namedType: Condition.v1.meta.apis.pkg.apimachinery.k8s.io elementRelationship: associative keys: - type @@ -984,7 +1569,7 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Condition + namedType: Condition.v1.meta.apis.pkg.apimachinery.k8s.io elementRelationship: associative keys: - type @@ -1013,7 +1598,7 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Condition + namedType: Condition.v1.meta.apis.pkg.apimachinery.k8s.io elementRelationship: associative keys: - type @@ -1063,7 +1648,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -1143,7 +1728,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -1236,6 +1821,37 @@ var schemaYAML = typed.YAMLObject(`types: - name: ingressIP type: scalar: string +- name: com.github.openshift.api.config.v1.ExternalClaimsSource + map: + fields: + - name: authentication + type: + namedType: com.github.openshift.api.config.v1.ExternalSourceAuthentication + default: {} + - name: mappings + type: + list: + elementType: + namedType: com.github.openshift.api.config.v1.SourcedClaimMapping + elementRelationship: associative + keys: + - name + - name: predicates + type: + list: + elementType: + namedType: com.github.openshift.api.config.v1.ExternalSourcePredicate + elementRelationship: associative + keys: + - expression + - name: tls + type: + namedType: com.github.openshift.api.config.v1.ExternalSourceTLS + default: {} + - name: url + type: + namedType: com.github.openshift.api.config.v1.SourceURL + default: {} - name: com.github.openshift.api.config.v1.ExternalIPConfig map: fields: @@ -1277,6 +1893,35 @@ var schemaYAML = typed.YAMLObject(`types: type: namedType: com.github.openshift.api.config.v1.CloudControllerManagerStatus default: {} +- name: com.github.openshift.api.config.v1.ExternalSourceAuthentication + map: + fields: + - name: clientCredential + type: + namedType: com.github.openshift.api.config.v1.ClientCredentialConfig + default: {} + - name: type + type: + scalar: string +- name: com.github.openshift.api.config.v1.ExternalSourceCertificateAuthorityConfigMapReference + map: + fields: + - name: name + type: + scalar: string +- name: com.github.openshift.api.config.v1.ExternalSourcePredicate + map: + fields: + - name: expression + type: + scalar: string +- name: com.github.openshift.api.config.v1.ExternalSourceTLS + map: + fields: + - name: certificateAuthority + type: + namedType: com.github.openshift.api.config.v1.ExternalSourceCertificateAuthorityConfigMapReference + default: {} - name: com.github.openshift.api.config.v1.ExtraMapping map: fields: @@ -1299,7 +1944,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -1356,7 +2001,7 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Condition + namedType: Condition.v1.meta.apis.pkg.apimachinery.k8s.io elementRelationship: associative keys: - type @@ -1671,7 +2316,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -1692,7 +2337,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -1720,7 +2365,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -1788,7 +2433,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -1853,7 +2498,7 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Condition + namedType: Condition.v1.meta.apis.pkg.apimachinery.k8s.io elementRelationship: associative keys: - type @@ -1920,7 +2565,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -1978,7 +2623,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -2046,7 +2691,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -2127,7 +2772,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -2152,21 +2797,22 @@ var schemaYAML = typed.YAMLObject(`types: elementType: namedType: __untyped_deduced_ elementRelationship: separable -- name: com.github.openshift.api.config.v1.KMSConfig +- name: com.github.openshift.api.config.v1.KMSPluginConfig map: fields: - - name: aws - type: - namedType: com.github.openshift.api.config.v1.AWSKMSConfig - name: type type: scalar: string default: "" + - name: vault + type: + namedType: com.github.openshift.api.config.v1.VaultKMSPluginConfig + default: {} unions: - discriminator: type fields: - - fieldName: aws - discriminatorValue: AWS + - fieldName: vault + discriminatorValue: Vault - name: com.github.openshift.api.config.v1.KeystoneIdentityProvider map: fields: @@ -2322,7 +2968,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -2359,7 +3005,7 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.api.core.v1.Toleration + namedType: Toleration.v1.core.api.k8s.io elementRelationship: atomic - name: com.github.openshift.api.config.v1.NetworkDiagnosticsTargetPlacement map: @@ -2373,7 +3019,7 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.api.core.v1.Toleration + namedType: Toleration.v1.core.api.k8s.io elementRelationship: atomic - name: com.github.openshift.api.config.v1.NetworkMigration map: @@ -2384,6 +3030,12 @@ var schemaYAML = typed.YAMLObject(`types: - name: networkType type: scalar: string +- name: com.github.openshift.api.config.v1.NetworkObservabilitySpec + map: + fields: + - name: installationPolicy + type: + scalar: string - name: com.github.openshift.api.config.v1.NetworkSpec map: fields: @@ -2400,6 +3052,10 @@ var schemaYAML = typed.YAMLObject(`types: type: namedType: com.github.openshift.api.config.v1.NetworkDiagnostics default: {} + - name: networkObservability + type: + namedType: com.github.openshift.api.config.v1.NetworkObservabilitySpec + default: {} - name: networkType type: scalar: string @@ -2429,7 +3085,7 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Condition + namedType: Condition.v1.meta.apis.pkg.apimachinery.k8s.io elementRelationship: associative keys: - type @@ -2456,7 +3112,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -2486,7 +3142,7 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Condition + namedType: Condition.v1.meta.apis.pkg.apimachinery.k8s.io elementRelationship: associative keys: - type @@ -2621,7 +3277,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -2730,7 +3386,7 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Condition + namedType: Condition.v1.meta.apis.pkg.apimachinery.k8s.io elementRelationship: associative keys: - type @@ -2762,6 +3418,12 @@ var schemaYAML = typed.YAMLObject(`types: elementType: namedType: com.github.openshift.api.config.v1.TokenClaimValidationRule elementRelationship: atomic + - name: externalClaimsSources + type: + list: + elementType: + namedType: com.github.openshift.api.config.v1.ExternalClaimsSource + elementRelationship: atomic - name: issuer type: namedType: com.github.openshift.api.config.v1.TokenIssuer @@ -2971,7 +3633,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -3310,6 +3972,9 @@ var schemaYAML = typed.YAMLObject(`types: type: scalar: string default: "" + - name: expression + type: + scalar: string - name: prefix type: scalar: string @@ -3332,7 +3997,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -3383,7 +4048,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -3566,7 +4231,7 @@ var schemaYAML = typed.YAMLObject(`types: default: {} - name: namespaceSelector type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector + namedType: LabelSelector.v1.meta.apis.pkg.apimachinery.k8s.io - name: preloadPolicy type: scalar: string @@ -3581,7 +4246,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -3642,6 +4307,24 @@ var schemaYAML = typed.YAMLObject(`types: type: scalar: string default: "" +- name: com.github.openshift.api.config.v1.SourceURL + map: + fields: + - name: hostname + type: + scalar: string + - name: pathExpression + type: + scalar: string +- name: com.github.openshift.api.config.v1.SourcedClaimMapping + map: + fields: + - name: expression + type: + scalar: string + - name: name + type: + scalar: string - name: com.github.openshift.api.config.v1.Storage map: fields: @@ -3753,7 +4436,7 @@ var schemaYAML = typed.YAMLObject(`types: fields: - name: accessTokenInactivityTimeout type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Duration + namedType: Duration.v1.meta.apis.pkg.apimachinery.k8s.io - name: accessTokenInactivityTimeoutSeconds type: scalar: numeric @@ -3823,6 +4506,9 @@ var schemaYAML = typed.YAMLObject(`types: type: scalar: string default: "" + - name: mode + type: + scalar: string - name: version type: scalar: string @@ -3835,14 +4521,14 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: completionTime type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io - name: image type: scalar: string default: "" - name: startedTime type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io - name: state type: scalar: string @@ -3861,7 +4547,9 @@ var schemaYAML = typed.YAMLObject(`types: - name: claim type: scalar: string - default: "" + - name: expression + type: + scalar: string - name: prefix type: namedType: com.github.openshift.api.config.v1.UsernamePrefix @@ -3874,6 +4562,8 @@ var schemaYAML = typed.YAMLObject(`types: fields: - fieldName: claim discriminatorValue: Claim + - fieldName: expression + discriminatorValue: Expression - fieldName: prefix discriminatorValue: Prefix - name: com.github.openshift.api.config.v1.UsernamePrefix @@ -4112,6 +4802,76 @@ var schemaYAML = typed.YAMLObject(`types: type: scalar: string default: "" +- name: com.github.openshift.api.config.v1.VaultAppRoleAuthentication + map: + fields: + - name: secret + type: + namedType: com.github.openshift.api.config.v1.VaultSecretReference + default: {} +- name: com.github.openshift.api.config.v1.VaultAuthentication + map: + fields: + - name: appRole + type: + namedType: com.github.openshift.api.config.v1.VaultAppRoleAuthentication + default: {} + - name: type + type: + scalar: string + unions: + - discriminator: type + fields: + - fieldName: appRole + discriminatorValue: AppRole +- name: com.github.openshift.api.config.v1.VaultConfigMapReference + map: + fields: + - name: name + type: + scalar: string +- name: com.github.openshift.api.config.v1.VaultKMSPluginConfig + map: + fields: + - name: authentication + type: + namedType: com.github.openshift.api.config.v1.VaultAuthentication + default: {} + - name: kmsPluginImage + type: + scalar: string + - name: tls + type: + namedType: com.github.openshift.api.config.v1.VaultTLSConfig + default: {} + - name: transitKey + type: + scalar: string + - name: transitMount + type: + scalar: string + - name: vaultAddress + type: + scalar: string + - name: vaultNamespace + type: + scalar: string +- name: com.github.openshift.api.config.v1.VaultSecretReference + map: + fields: + - name: name + type: + scalar: string +- name: com.github.openshift.api.config.v1.VaultTLSConfig + map: + fields: + - name: caBundle + type: + namedType: com.github.openshift.api.config.v1.VaultConfigMapReference + default: {} + - name: serverName + type: + scalar: string - name: com.github.openshift.api.config.v1.WebhookTokenAuthenticator map: fields: @@ -4119,6 +4879,35 @@ var schemaYAML = typed.YAMLObject(`types: type: namedType: com.github.openshift.api.config.v1.SecretNameReference default: {} +- name: com.github.openshift.api.config.v1alpha1.AdditionalAlertmanagerConfig + map: + fields: + - name: authorization + type: + namedType: com.github.openshift.api.config.v1alpha1.AuthorizationConfig + default: {} + - name: name + type: + scalar: string + - name: pathPrefix + type: + scalar: string + - name: scheme + type: + scalar: string + - name: staticConfigs + type: + list: + elementType: + scalar: string + elementRelationship: associative + - name: timeoutSeconds + type: + scalar: numeric + - name: tlsConfig + type: + namedType: com.github.openshift.api.config.v1alpha1.TLSConfig + default: {} - name: com.github.openshift.api.config.v1alpha1.AlertmanagerConfig map: fields: @@ -4158,26 +4947,44 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.api.core.v1.Toleration + namedType: Toleration.v1.core.api.k8s.io elementRelationship: atomic - name: topologySpreadConstraints type: list: elementType: - namedType: io.k8s.api.core.v1.TopologySpreadConstraint + namedType: TopologySpreadConstraint.v1.core.api.k8s.io elementRelationship: associative keys: - topologyKey - whenUnsatisfiable + - name: userAlertmanagerConfigSelection + type: + scalar: string - name: volumeClaimTemplate type: - namedType: io.k8s.api.core.v1.PersistentVolumeClaim + namedType: PersistentVolumeClaim.v1.core.api.k8s.io - name: com.github.openshift.api.config.v1alpha1.Audit map: fields: - name: profile type: scalar: string +- name: com.github.openshift.api.config.v1alpha1.AuthorizationConfig + map: + fields: + - name: bearerToken + type: + namedType: com.github.openshift.api.config.v1alpha1.SecretKeySelector + default: {} + - name: type + type: + scalar: string + unions: + - discriminator: type + fields: + - fieldName: bearerToken + discriminatorValue: BearerToken - name: com.github.openshift.api.config.v1alpha1.Backup map: fields: @@ -4189,7 +4996,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -4218,6 +5025,17 @@ var schemaYAML = typed.YAMLObject(`types: elementType: namedType: __untyped_deduced_ elementRelationship: separable +- name: com.github.openshift.api.config.v1alpha1.BasicAuth + map: + fields: + - name: password + type: + namedType: com.github.openshift.api.config.v1alpha1.SecretKeySelector + default: {} + - name: username + type: + namedType: com.github.openshift.api.config.v1alpha1.SecretKeySelector + default: {} - name: com.github.openshift.api.config.v1alpha1.CRIOCredentialProviderConfig map: fields: @@ -4229,7 +5047,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -4254,55 +5072,17 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Condition + namedType: Condition.v1.meta.apis.pkg.apimachinery.k8s.io elementRelationship: associative keys: - type -- name: com.github.openshift.api.config.v1alpha1.ClusterImagePolicy - map: - fields: - - name: apiVersion - type: - scalar: string - - name: kind - type: - scalar: string - - name: metadata - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta - default: {} - - name: spec - type: - namedType: com.github.openshift.api.config.v1alpha1.ClusterImagePolicySpec - default: {} - - name: status - type: - namedType: com.github.openshift.api.config.v1alpha1.ClusterImagePolicyStatus - default: {} -- name: com.github.openshift.api.config.v1alpha1.ClusterImagePolicySpec +- name: com.github.openshift.api.config.v1alpha1.CertificateConfig map: fields: - - name: policy + - name: key type: - namedType: com.github.openshift.api.config.v1alpha1.ImageSigstoreVerificationPolicy + namedType: com.github.openshift.api.config.v1alpha1.KeyConfig default: {} - - name: scopes - type: - list: - elementType: - scalar: string - elementRelationship: associative -- name: com.github.openshift.api.config.v1alpha1.ClusterImagePolicyStatus - map: - fields: - - name: conditions - type: - list: - elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Condition - elementRelationship: associative - keys: - - type - name: com.github.openshift.api.config.v1alpha1.ClusterMonitoring map: fields: @@ -4314,7 +5094,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -4329,16 +5109,44 @@ var schemaYAML = typed.YAMLObject(`types: fields: - name: alertmanagerConfig type: - namedType: com.github.openshift.api.config.v1alpha1.AlertmanagerConfig + namedType: com.github.openshift.api.config.v1alpha1.AlertmanagerConfig + default: {} + - name: metricsServerConfig + type: + namedType: com.github.openshift.api.config.v1alpha1.MetricsServerConfig + default: {} + - name: monitoringPluginConfig + type: + namedType: com.github.openshift.api.config.v1alpha1.MonitoringPluginConfig + default: {} + - name: nodeExporterConfig + type: + namedType: com.github.openshift.api.config.v1alpha1.NodeExporterConfig + default: {} + - name: openShiftStateMetricsConfig + type: + namedType: com.github.openshift.api.config.v1alpha1.OpenShiftStateMetricsConfig + default: {} + - name: prometheusConfig + type: + namedType: com.github.openshift.api.config.v1alpha1.PrometheusConfig default: {} - - name: metricsServerConfig + - name: prometheusOperatorAdmissionWebhookConfig type: - namedType: com.github.openshift.api.config.v1alpha1.MetricsServerConfig + namedType: com.github.openshift.api.config.v1alpha1.PrometheusOperatorAdmissionWebhookConfig default: {} - name: prometheusOperatorConfig type: namedType: com.github.openshift.api.config.v1alpha1.PrometheusOperatorConfig default: {} + - name: telemeterClientConfig + type: + namedType: com.github.openshift.api.config.v1alpha1.TelemeterClientConfig + default: {} + - name: thanosQuerierConfig + type: + namedType: com.github.openshift.api.config.v1alpha1.ThanosQuerierConfig + default: {} - name: userDefined type: namedType: com.github.openshift.api.config.v1alpha1.UserDefinedMonitoring @@ -4360,13 +5168,51 @@ var schemaYAML = typed.YAMLObject(`types: fields: - name: limit type: - namedType: io.k8s.apimachinery.pkg.api.resource.Quantity + namedType: Quantity.resource.api.pkg.apimachinery.k8s.io - name: name type: scalar: string - name: request type: - namedType: io.k8s.apimachinery.pkg.api.resource.Quantity + namedType: Quantity.resource.api.pkg.apimachinery.k8s.io +- name: com.github.openshift.api.config.v1alpha1.CustomPKIPolicy + map: + fields: + - name: clientCertificates + type: + namedType: com.github.openshift.api.config.v1alpha1.CertificateConfig + default: {} + - name: defaults + type: + namedType: com.github.openshift.api.config.v1alpha1.DefaultCertificateConfig + default: {} + - name: servingCertificates + type: + namedType: com.github.openshift.api.config.v1alpha1.CertificateConfig + default: {} + - name: signerCertificates + type: + namedType: com.github.openshift.api.config.v1alpha1.CertificateConfig + default: {} +- name: com.github.openshift.api.config.v1alpha1.DefaultCertificateConfig + map: + fields: + - name: key + type: + namedType: com.github.openshift.api.config.v1alpha1.KeyConfig + default: {} +- name: com.github.openshift.api.config.v1alpha1.DropEqualActionConfig + map: + fields: + - name: targetLabel + type: + scalar: string +- name: com.github.openshift.api.config.v1alpha1.ECDSAKeyConfig + map: + fields: + - name: curve + type: + scalar: string - name: com.github.openshift.api.config.v1alpha1.EtcdBackupSpec map: fields: @@ -4401,7 +5247,16 @@ var schemaYAML = typed.YAMLObject(`types: - name: storage type: namedType: com.github.openshift.api.config.v1alpha1.Storage -- name: com.github.openshift.api.config.v1alpha1.ImagePolicy +- name: com.github.openshift.api.config.v1alpha1.HashModActionConfig + map: + fields: + - name: modulus + type: + scalar: numeric + - name: targetLabel + type: + scalar: string +- name: com.github.openshift.api.config.v1alpha1.InsightsDataGather map: fields: - name: apiVersion @@ -4412,126 +5267,99 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: - namedType: com.github.openshift.api.config.v1alpha1.ImagePolicySpec + namedType: com.github.openshift.api.config.v1alpha1.InsightsDataGatherSpec default: {} - name: status type: - namedType: com.github.openshift.api.config.v1alpha1.ImagePolicyStatus + namedType: com.github.openshift.api.config.v1alpha1.InsightsDataGatherStatus default: {} -- name: com.github.openshift.api.config.v1alpha1.ImagePolicyFulcioCAWithRekorRootOfTrust +- name: com.github.openshift.api.config.v1alpha1.InsightsDataGatherSpec map: fields: - - name: fulcioCAData - type: - scalar: string - - name: fulcioSubject + - name: gatherConfig type: - namedType: com.github.openshift.api.config.v1alpha1.PolicyFulcioSubject + namedType: com.github.openshift.api.config.v1alpha1.GatherConfig default: {} - - name: rekorKeyData +- name: com.github.openshift.api.config.v1alpha1.InsightsDataGatherStatus + map: + elementType: + scalar: untyped + list: + elementType: + namedType: __untyped_atomic_ + elementRelationship: atomic + map: + elementType: + namedType: __untyped_deduced_ + elementRelationship: separable +- name: com.github.openshift.api.config.v1alpha1.KeepEqualActionConfig + map: + fields: + - name: targetLabel type: scalar: string -- name: com.github.openshift.api.config.v1alpha1.ImagePolicyPKIRootOfTrust +- name: com.github.openshift.api.config.v1alpha1.KeyConfig map: fields: - - name: caIntermediatesData + - name: algorithm type: scalar: string - - name: caRootsData + - name: ecdsa type: - scalar: string - - name: pkiCertificateSubject + namedType: com.github.openshift.api.config.v1alpha1.ECDSAKeyConfig + default: {} + - name: rsa type: - namedType: com.github.openshift.api.config.v1alpha1.PKICertificateSubject + namedType: com.github.openshift.api.config.v1alpha1.RSAKeyConfig default: {} -- name: com.github.openshift.api.config.v1alpha1.ImagePolicyPublicKeyRootOfTrust + unions: + - discriminator: algorithm + fields: + - fieldName: ecdsa + discriminatorValue: ECDSA + - fieldName: rsa + discriminatorValue: RSA +- name: com.github.openshift.api.config.v1alpha1.Label map: fields: - - name: keyData + - name: key type: scalar: string - - name: rekorKeyData + - name: value type: scalar: string -- name: com.github.openshift.api.config.v1alpha1.ImagePolicySpec +- name: com.github.openshift.api.config.v1alpha1.LabelMapActionConfig map: fields: - - name: policy - type: - namedType: com.github.openshift.api.config.v1alpha1.ImageSigstoreVerificationPolicy - default: {} - - name: scopes + - name: replacement type: - list: - elementType: - scalar: string - elementRelationship: associative -- name: com.github.openshift.api.config.v1alpha1.ImagePolicyStatus + scalar: string +- name: com.github.openshift.api.config.v1alpha1.LowercaseActionConfig map: fields: - - name: conditions + - name: targetLabel type: - list: - elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Condition - elementRelationship: associative - keys: - - type -- name: com.github.openshift.api.config.v1alpha1.ImageSigstoreVerificationPolicy + scalar: string +- name: com.github.openshift.api.config.v1alpha1.MetadataConfig map: fields: - - name: rootOfTrust - type: - namedType: com.github.openshift.api.config.v1alpha1.PolicyRootOfTrust - default: {} - - name: signedIdentity + - name: custom type: - namedType: com.github.openshift.api.config.v1alpha1.PolicyIdentity + namedType: com.github.openshift.api.config.v1alpha1.MetadataConfigCustom default: {} -- name: com.github.openshift.api.config.v1alpha1.InsightsDataGather - map: - fields: - - name: apiVersion - type: - scalar: string - - name: kind + - name: sendPolicy type: scalar: string - - name: metadata - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta - default: {} - - name: spec - type: - namedType: com.github.openshift.api.config.v1alpha1.InsightsDataGatherSpec - default: {} - - name: status - type: - namedType: com.github.openshift.api.config.v1alpha1.InsightsDataGatherStatus - default: {} -- name: com.github.openshift.api.config.v1alpha1.InsightsDataGatherSpec +- name: com.github.openshift.api.config.v1alpha1.MetadataConfigCustom map: fields: - - name: gatherConfig + - name: sendIntervalSeconds type: - namedType: com.github.openshift.api.config.v1alpha1.GatherConfig - default: {} -- name: com.github.openshift.api.config.v1alpha1.InsightsDataGatherStatus - map: - elementType: - scalar: untyped - list: - elementType: - namedType: __untyped_atomic_ - elementRelationship: atomic - map: - elementType: - namedType: __untyped_deduced_ - elementRelationship: separable + scalar: numeric - name: com.github.openshift.api.config.v1alpha1.MetricsServerConfig map: fields: @@ -4556,13 +5384,13 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.api.core.v1.Toleration + namedType: Toleration.v1.core.api.k8s.io elementRelationship: atomic - name: topologySpreadConstraints type: list: elementType: - namedType: io.k8s.api.core.v1.TopologySpreadConstraint + namedType: TopologySpreadConstraint.v1.core.api.k8s.io elementRelationship: associative keys: - topologyKey @@ -4570,240 +5398,276 @@ var schemaYAML = typed.YAMLObject(`types: - name: verbosity type: scalar: string -- name: com.github.openshift.api.config.v1alpha1.PKICertificateSubject +- name: com.github.openshift.api.config.v1alpha1.MonitoringPluginConfig map: fields: - - name: email + - name: nodeSelector type: - scalar: string - - name: hostname + map: + elementType: + scalar: string + - name: resources type: - scalar: string -- name: com.github.openshift.api.config.v1alpha1.PersistentVolumeClaimReference + list: + elementType: + namedType: com.github.openshift.api.config.v1alpha1.ContainerResource + elementRelationship: associative + keys: + - name + - name: tolerations + type: + list: + elementType: + namedType: Toleration.v1.core.api.k8s.io + elementRelationship: atomic + - name: topologySpreadConstraints + type: + list: + elementType: + namedType: TopologySpreadConstraint.v1.core.api.k8s.io + elementRelationship: associative + keys: + - topologyKey + - whenUnsatisfiable +- name: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorBuddyInfoConfig map: fields: - - name: name + - name: collectionPolicy type: scalar: string - default: "" -- name: com.github.openshift.api.config.v1alpha1.PersistentVolumeConfig +- name: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorConfig map: fields: - - name: claim + - name: buddyInfo type: - namedType: com.github.openshift.api.config.v1alpha1.PersistentVolumeClaimReference + namedType: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorBuddyInfoConfig default: {} - - name: mountPath + - name: cpuFreq type: - scalar: string -- name: com.github.openshift.api.config.v1alpha1.PolicyFulcioSubject - map: - fields: - - name: oidcIssuer + namedType: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorCpufreqConfig + default: {} + - name: ethtool type: - scalar: string - default: "" - - name: signedEmail + namedType: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorEthtoolConfig + default: {} + - name: ksmd type: - scalar: string - default: "" -- name: com.github.openshift.api.config.v1alpha1.PolicyIdentity - map: - fields: - - name: exactRepository + namedType: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorKSMDConfig + default: {} + - name: mountStats type: - namedType: com.github.openshift.api.config.v1alpha1.PolicyMatchExactRepository - - name: matchPolicy + namedType: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorMountStatsConfig + default: {} + - name: netClass type: - scalar: string - default: "" - - name: remapIdentity + namedType: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorNetClassConfig + default: {} + - name: netDev type: - namedType: com.github.openshift.api.config.v1alpha1.PolicyMatchRemapIdentity - unions: - - discriminator: matchPolicy - fields: - - fieldName: exactRepository - discriminatorValue: PolicyMatchExactRepository - - fieldName: remapIdentity - discriminatorValue: PolicyMatchRemapIdentity -- name: com.github.openshift.api.config.v1alpha1.PolicyMatchExactRepository + namedType: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorNetDevConfig + default: {} + - name: processes + type: + namedType: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorProcessesConfig + default: {} + - name: softirqs + type: + namedType: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorSoftirqsConfig + default: {} + - name: systemd + type: + namedType: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorSystemdConfig + default: {} + - name: tcpStat + type: + namedType: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorTcpStatConfig + default: {} +- name: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorCpufreqConfig map: fields: - - name: repository + - name: collectionPolicy type: scalar: string - default: "" -- name: com.github.openshift.api.config.v1alpha1.PolicyMatchRemapIdentity +- name: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorEthtoolConfig map: fields: - - name: prefix + - name: collectionPolicy type: scalar: string - default: "" - - name: signedPrefix +- name: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorKSMDConfig + map: + fields: + - name: collectionPolicy type: scalar: string - default: "" -- name: com.github.openshift.api.config.v1alpha1.PolicyRootOfTrust +- name: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorMountStatsConfig map: fields: - - name: fulcioCAWithRekor - type: - namedType: com.github.openshift.api.config.v1alpha1.ImagePolicyFulcioCAWithRekorRootOfTrust - - name: pki - type: - namedType: com.github.openshift.api.config.v1alpha1.ImagePolicyPKIRootOfTrust - - name: policyType + - name: collectionPolicy type: scalar: string - default: "" - - name: publicKey - type: - namedType: com.github.openshift.api.config.v1alpha1.ImagePolicyPublicKeyRootOfTrust - unions: - - discriminator: policyType - fields: - - fieldName: fulcioCAWithRekor - discriminatorValue: FulcioCAWithRekor - - fieldName: pki - discriminatorValue: PKI - - fieldName: publicKey - discriminatorValue: PublicKey -- name: com.github.openshift.api.config.v1alpha1.PrometheusOperatorConfig +- name: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorNetClassCollectConfig map: fields: - - name: logLevel + - name: statsGatherer type: scalar: string - - name: nodeSelector - type: - map: - elementType: - scalar: string - - name: resources - type: - list: - elementType: - namedType: com.github.openshift.api.config.v1alpha1.ContainerResource - elementRelationship: associative - keys: - - name - - name: tolerations - type: - list: - elementType: - namedType: io.k8s.api.core.v1.Toleration - elementRelationship: atomic - - name: topologySpreadConstraints +- name: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorNetClassConfig + map: + fields: + - name: collect type: - list: - elementType: - namedType: io.k8s.api.core.v1.TopologySpreadConstraint - elementRelationship: associative - keys: - - topologyKey - - whenUnsatisfiable -- name: com.github.openshift.api.config.v1alpha1.RetentionNumberConfig + namedType: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorNetClassCollectConfig + default: {} + - name: collectionPolicy + type: + scalar: string + unions: + - discriminator: collectionPolicy + fields: + - fieldName: collect + discriminatorValue: Collect +- name: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorNetDevConfig map: fields: - - name: maxNumberOfBackups + - name: collectionPolicy type: - scalar: numeric - default: 0 -- name: com.github.openshift.api.config.v1alpha1.RetentionPolicy + scalar: string +- name: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorProcessesConfig map: fields: - - name: retentionNumber - type: - namedType: com.github.openshift.api.config.v1alpha1.RetentionNumberConfig - - name: retentionSize + - name: collectionPolicy type: - namedType: com.github.openshift.api.config.v1alpha1.RetentionSizeConfig - - name: retentionType + scalar: string +- name: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorSoftirqsConfig + map: + fields: + - name: collectionPolicy type: scalar: string - default: "" - unions: - - discriminator: retentionType - fields: - - fieldName: retentionNumber - discriminatorValue: RetentionNumber - - fieldName: retentionSize - discriminatorValue: RetentionSize -- name: com.github.openshift.api.config.v1alpha1.RetentionSizeConfig +- name: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorSystemdCollectConfig map: fields: - - name: maxSizeOfBackupsGb + - name: units type: - scalar: numeric - default: 0 -- name: com.github.openshift.api.config.v1alpha1.Storage + list: + elementType: + scalar: string + elementRelationship: associative +- name: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorSystemdConfig map: fields: - - name: persistentVolume + - name: collect type: - namedType: com.github.openshift.api.config.v1alpha1.PersistentVolumeConfig - - name: type + namedType: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorSystemdCollectConfig + default: {} + - name: collectionPolicy type: scalar: string - default: "" -- name: com.github.openshift.api.config.v1alpha1.UserDefinedMonitoring + unions: + - discriminator: collectionPolicy + fields: + - fieldName: collect + discriminatorValue: Collect +- name: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorTcpStatConfig map: fields: - - name: mode + - name: collectionPolicy type: scalar: string - default: "" -- name: com.github.openshift.api.config.v1alpha2.Custom +- name: com.github.openshift.api.config.v1alpha1.NodeExporterConfig map: fields: - - name: configs + - name: collectors + type: + namedType: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorConfig + default: {} + - name: ignoredNetworkDevices type: list: elementType: - namedType: com.github.openshift.api.config.v1alpha2.GathererConfig + scalar: string + elementRelationship: associative + - name: maxProcs + type: + scalar: numeric + - name: resources + type: + list: + elementType: + namedType: com.github.openshift.api.config.v1alpha1.ContainerResource elementRelationship: associative keys: - name -- name: com.github.openshift.api.config.v1alpha2.GatherConfig +- name: com.github.openshift.api.config.v1alpha1.OAuth2 map: fields: - - name: dataPolicy + - name: clientId + type: + namedType: com.github.openshift.api.config.v1alpha1.SecretKeySelector + default: {} + - name: clientSecret + type: + namedType: com.github.openshift.api.config.v1alpha1.SecretKeySelector + default: {} + - name: endpointParams + type: + list: + elementType: + namedType: com.github.openshift.api.config.v1alpha1.OAuth2EndpointParam + elementRelationship: associative + keys: + - name + - name: scopes type: list: elementType: scalar: string elementRelationship: atomic - - name: gatherers - type: - namedType: com.github.openshift.api.config.v1alpha2.Gatherers - default: {} - - name: storage + - name: tokenUrl type: - namedType: com.github.openshift.api.config.v1alpha2.Storage -- name: com.github.openshift.api.config.v1alpha2.GathererConfig + scalar: string +- name: com.github.openshift.api.config.v1alpha1.OAuth2EndpointParam map: fields: - name: name type: scalar: string - default: "" - - name: state + - name: value type: scalar: string - default: "" -- name: com.github.openshift.api.config.v1alpha2.Gatherers +- name: com.github.openshift.api.config.v1alpha1.OpenShiftStateMetricsConfig map: fields: - - name: custom + - name: nodeSelector type: - namedType: com.github.openshift.api.config.v1alpha2.Custom - - name: mode + map: + elementType: + scalar: string + - name: resources type: - scalar: string - default: "" -- name: com.github.openshift.api.config.v1alpha2.InsightsDataGather + list: + elementType: + namedType: com.github.openshift.api.config.v1alpha1.ContainerResource + elementRelationship: associative + keys: + - name + - name: tolerations + type: + list: + elementType: + namedType: Toleration.v1.core.api.k8s.io + elementRelationship: atomic + - name: topologySpreadConstraints + type: + list: + elementType: + namedType: TopologySpreadConstraint.v1.core.api.k8s.io + elementRelationship: associative + keys: + - topologyKey + - whenUnsatisfiable +- name: com.github.openshift.api.config.v1alpha1.PKI map: fields: - name: apiVersion @@ -4814,614 +5678,663 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: - namedType: com.github.openshift.api.config.v1alpha2.InsightsDataGatherSpec + namedType: com.github.openshift.api.config.v1alpha1.PKISpec default: {} - - name: status +- name: com.github.openshift.api.config.v1alpha1.PKICertificateManagement + map: + fields: + - name: custom type: - namedType: com.github.openshift.api.config.v1alpha2.InsightsDataGatherStatus + namedType: com.github.openshift.api.config.v1alpha1.CustomPKIPolicy default: {} -- name: com.github.openshift.api.config.v1alpha2.InsightsDataGatherSpec + - name: mode + type: + scalar: string + unions: + - discriminator: mode + fields: + - fieldName: custom + discriminatorValue: Custom +- name: com.github.openshift.api.config.v1alpha1.PKISpec map: fields: - - name: gatherConfig + - name: certificateManagement type: - namedType: com.github.openshift.api.config.v1alpha2.GatherConfig + namedType: com.github.openshift.api.config.v1alpha1.PKICertificateManagement default: {} -- name: com.github.openshift.api.config.v1alpha2.InsightsDataGatherStatus - map: - elementType: - scalar: untyped - list: - elementType: - namedType: __untyped_atomic_ - elementRelationship: atomic - map: - elementType: - namedType: __untyped_deduced_ - elementRelationship: separable -- name: com.github.openshift.api.config.v1alpha2.PersistentVolumeClaimReference +- name: com.github.openshift.api.config.v1alpha1.PersistentVolumeClaimReference map: fields: - name: name type: scalar: string default: "" -- name: com.github.openshift.api.config.v1alpha2.PersistentVolumeConfig +- name: com.github.openshift.api.config.v1alpha1.PersistentVolumeConfig map: fields: - name: claim type: - namedType: com.github.openshift.api.config.v1alpha2.PersistentVolumeClaimReference + namedType: com.github.openshift.api.config.v1alpha1.PersistentVolumeClaimReference default: {} - name: mountPath type: scalar: string -- name: com.github.openshift.api.config.v1alpha2.Storage +- name: com.github.openshift.api.config.v1alpha1.PrometheusConfig map: fields: - - name: persistentVolume + - name: additionalAlertmanagerConfigs type: - namedType: com.github.openshift.api.config.v1alpha2.PersistentVolumeConfig - - name: type + list: + elementType: + namedType: com.github.openshift.api.config.v1alpha1.AdditionalAlertmanagerConfig + elementRelationship: associative + keys: + - name + - name: collectionProfile type: scalar: string - default: "" -- name: io.k8s.api.core.v1.ConfigMapKeySelector + - name: enforcedBodySizeLimitBytes + type: + scalar: numeric + - name: externalLabels + type: + list: + elementType: + namedType: com.github.openshift.api.config.v1alpha1.Label + elementRelationship: associative + keys: + - key + - name: logLevel + type: + scalar: string + - name: nodeSelector + type: + map: + elementType: + scalar: string + - name: queryLogFile + type: + scalar: string + - name: remoteWrite + type: + list: + elementType: + namedType: com.github.openshift.api.config.v1alpha1.RemoteWriteSpec + elementRelationship: associative + keys: + - name + - name: resources + type: + list: + elementType: + namedType: com.github.openshift.api.config.v1alpha1.ContainerResource + elementRelationship: associative + keys: + - name + - name: retention + type: + namedType: com.github.openshift.api.config.v1alpha1.Retention + default: {} + - name: tolerations + type: + list: + elementType: + namedType: Toleration.v1.core.api.k8s.io + elementRelationship: atomic + - name: topologySpreadConstraints + type: + list: + elementType: + namedType: TopologySpreadConstraint.v1.core.api.k8s.io + elementRelationship: associative + keys: + - topologyKey + - whenUnsatisfiable + - name: volumeClaimTemplate + type: + namedType: PersistentVolumeClaim.v1.core.api.k8s.io +- name: com.github.openshift.api.config.v1alpha1.PrometheusOperatorAdmissionWebhookConfig map: fields: - - name: key + - name: resources type: - scalar: string - default: "" - - name: name + list: + elementType: + namedType: com.github.openshift.api.config.v1alpha1.ContainerResource + elementRelationship: associative + keys: + - name + - name: topologySpreadConstraints + type: + list: + elementType: + namedType: TopologySpreadConstraint.v1.core.api.k8s.io + elementRelationship: associative + keys: + - topologyKey + - whenUnsatisfiable +- name: com.github.openshift.api.config.v1alpha1.PrometheusOperatorConfig + map: + fields: + - name: logLevel type: scalar: string - default: "" - - name: optional + - name: nodeSelector type: - scalar: boolean - elementRelationship: atomic -- name: io.k8s.api.core.v1.EnvVar + map: + elementType: + scalar: string + - name: resources + type: + list: + elementType: + namedType: com.github.openshift.api.config.v1alpha1.ContainerResource + elementRelationship: associative + keys: + - name + - name: tolerations + type: + list: + elementType: + namedType: Toleration.v1.core.api.k8s.io + elementRelationship: atomic + - name: topologySpreadConstraints + type: + list: + elementType: + namedType: TopologySpreadConstraint.v1.core.api.k8s.io + elementRelationship: associative + keys: + - topologyKey + - whenUnsatisfiable +- name: com.github.openshift.api.config.v1alpha1.PrometheusRemoteWriteHeader map: fields: - name: name type: scalar: string - default: "" - name: value type: scalar: string - - name: valueFrom - type: - namedType: io.k8s.api.core.v1.EnvVarSource -- name: io.k8s.api.core.v1.EnvVarSource +- name: com.github.openshift.api.config.v1alpha1.QueueConfig map: fields: - - name: configMapKeyRef - type: - namedType: io.k8s.api.core.v1.ConfigMapKeySelector - - name: fieldRef - type: - namedType: io.k8s.api.core.v1.ObjectFieldSelector - - name: fileKeyRef - type: - namedType: io.k8s.api.core.v1.FileKeySelector - - name: resourceFieldRef + - name: batchSendDeadlineSeconds type: - namedType: io.k8s.api.core.v1.ResourceFieldSelector - - name: secretKeyRef + scalar: numeric + - name: capacity type: - namedType: io.k8s.api.core.v1.SecretKeySelector -- name: io.k8s.api.core.v1.FileKeySelector - map: - fields: - - name: key + scalar: numeric + - name: maxBackoffMilliseconds type: - scalar: string - default: "" - - name: optional + scalar: numeric + - name: maxSamplesPerSend type: - scalar: boolean - default: false - - name: path + scalar: numeric + - name: maxShards type: - scalar: string - default: "" - - name: volumeName + scalar: numeric + - name: minBackoffMilliseconds type: - scalar: string - default: "" - elementRelationship: atomic -- name: io.k8s.api.core.v1.ModifyVolumeStatus - map: - fields: - - name: status + scalar: numeric + - name: minShards type: - scalar: string - default: "" - - name: targetVolumeAttributesClassName + scalar: numeric + - name: rateLimitedAction type: scalar: string -- name: io.k8s.api.core.v1.ObjectFieldSelector +- name: com.github.openshift.api.config.v1alpha1.RSAKeyConfig map: fields: - - name: apiVersion - type: - scalar: string - - name: fieldPath + - name: keySize type: - scalar: string - default: "" - elementRelationship: atomic -- name: io.k8s.api.core.v1.PersistentVolumeClaim + scalar: numeric +- name: com.github.openshift.api.config.v1alpha1.RelabelActionConfig map: fields: - - name: apiVersion - type: - scalar: string - - name: kind + - name: dropEqual type: - scalar: string - - name: metadata + namedType: com.github.openshift.api.config.v1alpha1.DropEqualActionConfig + default: {} + - name: hashMod type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: com.github.openshift.api.config.v1alpha1.HashModActionConfig default: {} - - name: spec + - name: keepEqual type: - namedType: io.k8s.api.core.v1.PersistentVolumeClaimSpec + namedType: com.github.openshift.api.config.v1alpha1.KeepEqualActionConfig default: {} - - name: status + - name: labelMap type: - namedType: io.k8s.api.core.v1.PersistentVolumeClaimStatus + namedType: com.github.openshift.api.config.v1alpha1.LabelMapActionConfig default: {} -- name: io.k8s.api.core.v1.PersistentVolumeClaimCondition - map: - fields: - - name: lastProbeTime + - name: lowercase type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time - - name: lastTransitionTime + namedType: com.github.openshift.api.config.v1alpha1.LowercaseActionConfig + default: {} + - name: replace type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time - - name: message + namedType: com.github.openshift.api.config.v1alpha1.ReplaceActionConfig + default: {} + - name: type type: scalar: string - - name: reason + - name: uppercase + type: + namedType: com.github.openshift.api.config.v1alpha1.UppercaseActionConfig + default: {} + unions: + - discriminator: type + fields: + - fieldName: dropEqual + discriminatorValue: DropEqual + - fieldName: hashMod + discriminatorValue: HashMod + - fieldName: keepEqual + discriminatorValue: KeepEqual + - fieldName: labelMap + discriminatorValue: LabelMap + - fieldName: lowercase + discriminatorValue: Lowercase + - fieldName: replace + discriminatorValue: Replace + - fieldName: uppercase + discriminatorValue: Uppercase +- name: com.github.openshift.api.config.v1alpha1.RelabelConfig + map: + fields: + - name: action + type: + namedType: com.github.openshift.api.config.v1alpha1.RelabelActionConfig + default: {} + - name: name type: scalar: string - - name: status + - name: regex type: scalar: string - default: "" - - name: type + - name: separator type: scalar: string - default: "" -- name: io.k8s.api.core.v1.PersistentVolumeClaimSpec - map: - fields: - - name: accessModes + - name: sourceLabels type: list: elementType: scalar: string - elementRelationship: atomic - - name: dataSource - type: - namedType: io.k8s.api.core.v1.TypedLocalObjectReference - - name: dataSourceRef - type: - namedType: io.k8s.api.core.v1.TypedObjectReference - - name: resources + elementRelationship: associative +- name: com.github.openshift.api.config.v1alpha1.RemoteWriteAuthorization + map: + fields: + - name: basicAuth type: - namedType: io.k8s.api.core.v1.VolumeResourceRequirements + namedType: com.github.openshift.api.config.v1alpha1.BasicAuth default: {} - - name: selector + - name: bearerToken type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector - - name: storageClassName + namedType: com.github.openshift.api.config.v1alpha1.SecretKeySelector + default: {} + - name: oauth2 type: - scalar: string - - name: volumeAttributesClassName + namedType: com.github.openshift.api.config.v1alpha1.OAuth2 + default: {} + - name: safeAuthorization type: - scalar: string - - name: volumeMode + namedType: SecretKeySelector.v1.core.api.k8s.io + - name: sigv4 type: - scalar: string - - name: volumeName + namedType: com.github.openshift.api.config.v1alpha1.Sigv4 + default: {} + - name: type type: scalar: string -- name: io.k8s.api.core.v1.PersistentVolumeClaimStatus + unions: + - discriminator: type + fields: + - fieldName: basicAuth + discriminatorValue: BasicAuth + - fieldName: bearerToken + discriminatorValue: BearerToken + - fieldName: oauth2 + discriminatorValue: OAuth2 + - fieldName: safeAuthorization + discriminatorValue: SafeAuthorization + - fieldName: sigv4 + discriminatorValue: Sigv4 +- name: com.github.openshift.api.config.v1alpha1.RemoteWriteSpec map: fields: - - name: accessModes + - name: authorization type: - list: - elementType: - scalar: string - elementRelationship: atomic - - name: allocatedResourceStatuses - type: - map: - elementType: - scalar: string - elementRelationship: separable - - name: allocatedResources - type: - map: - elementType: - namedType: io.k8s.apimachinery.pkg.api.resource.Quantity - - name: capacity + namedType: com.github.openshift.api.config.v1alpha1.RemoteWriteAuthorization + default: {} + - name: exemplarsMode type: - map: - elementType: - namedType: io.k8s.apimachinery.pkg.api.resource.Quantity - - name: conditions + scalar: string + - name: headers type: list: elementType: - namedType: io.k8s.api.core.v1.PersistentVolumeClaimCondition + namedType: com.github.openshift.api.config.v1alpha1.PrometheusRemoteWriteHeader elementRelationship: associative keys: - - type - - name: currentVolumeAttributesClassName - type: - scalar: string - - name: modifyVolumeStatus - type: - namedType: io.k8s.api.core.v1.ModifyVolumeStatus - - name: phase + - name + - name: metadataConfig type: - scalar: string -- name: io.k8s.api.core.v1.ResourceClaim - map: - fields: + namedType: com.github.openshift.api.config.v1alpha1.MetadataConfig + default: {} - name: name type: scalar: string - default: "" - - name: request + - name: proxyUrl type: scalar: string -- name: io.k8s.api.core.v1.ResourceFieldSelector - map: - fields: - - name: containerName + - name: queueConfig type: - scalar: string - - name: divisor + namedType: com.github.openshift.api.config.v1alpha1.QueueConfig + default: {} + - name: remoteTimeoutSeconds type: - namedType: io.k8s.apimachinery.pkg.api.resource.Quantity - - name: resource + scalar: numeric + - name: tlsConfig + type: + namedType: com.github.openshift.api.config.v1alpha1.TLSConfig + default: {} + - name: url type: scalar: string - default: "" - elementRelationship: atomic -- name: io.k8s.api.core.v1.ResourceRequirements - map: - fields: - - name: claims + - name: writeRelabelConfigs type: list: elementType: - namedType: io.k8s.api.core.v1.ResourceClaim + namedType: com.github.openshift.api.config.v1alpha1.RelabelConfig elementRelationship: associative keys: - name - - name: limits - type: - map: - elementType: - namedType: io.k8s.apimachinery.pkg.api.resource.Quantity - - name: requests - type: - map: - elementType: - namedType: io.k8s.apimachinery.pkg.api.resource.Quantity -- name: io.k8s.api.core.v1.SecretKeySelector +- name: com.github.openshift.api.config.v1alpha1.ReplaceActionConfig map: fields: - - name: key + - name: replacement type: scalar: string - default: "" - - name: name + - name: targetLabel type: scalar: string - default: "" - - name: optional - type: - scalar: boolean - elementRelationship: atomic -- name: io.k8s.api.core.v1.Toleration +- name: com.github.openshift.api.config.v1alpha1.Retention map: fields: - - name: effect - type: - scalar: string - - name: key - type: - scalar: string - - name: operator - type: - scalar: string - - name: tolerationSeconds + - name: durationInDays type: scalar: numeric - - name: value + - name: sizeInGiB type: - scalar: string -- name: io.k8s.api.core.v1.TopologySpreadConstraint + scalar: numeric +- name: com.github.openshift.api.config.v1alpha1.RetentionNumberConfig map: fields: - - name: labelSelector - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector - - name: matchLabelKeys - type: - list: - elementType: - scalar: string - elementRelationship: atomic - - name: maxSkew + - name: maxNumberOfBackups type: scalar: numeric default: 0 - - name: minDomains - type: - scalar: numeric - - name: nodeAffinityPolicy - type: - scalar: string - - name: nodeTaintsPolicy - type: - scalar: string - - name: topologyKey - type: - scalar: string - default: "" - - name: whenUnsatisfiable - type: - scalar: string - default: "" -- name: io.k8s.api.core.v1.TypedLocalObjectReference - map: - fields: - - name: apiGroup - type: - scalar: string - - name: kind - type: - scalar: string - default: "" - - name: name - type: - scalar: string - default: "" - elementRelationship: atomic -- name: io.k8s.api.core.v1.TypedObjectReference +- name: com.github.openshift.api.config.v1alpha1.RetentionPolicy map: fields: - - name: apiGroup + - name: retentionNumber type: - scalar: string - - name: kind + namedType: com.github.openshift.api.config.v1alpha1.RetentionNumberConfig + - name: retentionSize type: - scalar: string - default: "" - - name: name + namedType: com.github.openshift.api.config.v1alpha1.RetentionSizeConfig + - name: retentionType type: scalar: string default: "" - - name: namespace - type: - scalar: string -- name: io.k8s.api.core.v1.VolumeResourceRequirements + unions: + - discriminator: retentionType + fields: + - fieldName: retentionNumber + discriminatorValue: RetentionNumber + - fieldName: retentionSize + discriminatorValue: RetentionSize +- name: com.github.openshift.api.config.v1alpha1.RetentionSizeConfig map: fields: - - name: limits - type: - map: - elementType: - namedType: io.k8s.apimachinery.pkg.api.resource.Quantity - - name: requests + - name: maxSizeOfBackupsGb type: - map: - elementType: - namedType: io.k8s.apimachinery.pkg.api.resource.Quantity -- name: io.k8s.apimachinery.pkg.api.resource.Quantity - scalar: untyped -- name: io.k8s.apimachinery.pkg.apis.meta.v1.Condition + scalar: numeric + default: 0 +- name: com.github.openshift.api.config.v1alpha1.SecretKeySelector map: fields: - - name: lastTransitionTime + - name: key type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time - - name: message + scalar: string + - name: name type: scalar: string - default: "" - - name: observedGeneration + elementRelationship: atomic +- name: com.github.openshift.api.config.v1alpha1.Sigv4 + map: + fields: + - name: accessKey type: - scalar: numeric - - name: reason + namedType: com.github.openshift.api.config.v1alpha1.SecretKeySelector + default: {} + - name: profile type: scalar: string - default: "" - - name: status + - name: region type: scalar: string - default: "" - - name: type + - name: roleArn type: scalar: string - default: "" -- name: io.k8s.apimachinery.pkg.apis.meta.v1.Duration - scalar: string -- name: io.k8s.apimachinery.pkg.apis.meta.v1.FieldsV1 - map: - elementType: - scalar: untyped - list: - elementType: - namedType: __untyped_atomic_ - elementRelationship: atomic - map: - elementType: - namedType: __untyped_deduced_ - elementRelationship: separable -- name: io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector - map: - fields: - - name: matchExpressions - type: - list: - elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelectorRequirement - elementRelationship: atomic - - name: matchLabels + - name: secretKey type: - map: - elementType: - scalar: string - elementRelationship: atomic -- name: io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelectorRequirement + namedType: com.github.openshift.api.config.v1alpha1.SecretKeySelector + default: {} +- name: com.github.openshift.api.config.v1alpha1.Storage map: fields: - - name: key + - name: persistentVolume type: - scalar: string - default: "" - - name: operator + namedType: com.github.openshift.api.config.v1alpha1.PersistentVolumeConfig + - name: type type: scalar: string default: "" - - name: values - type: - list: - elementType: - scalar: string - elementRelationship: atomic -- name: io.k8s.apimachinery.pkg.apis.meta.v1.ManagedFieldsEntry +- name: com.github.openshift.api.config.v1alpha1.TLSConfig map: fields: - - name: apiVersion - type: - scalar: string - - name: fieldsType + - name: ca type: - scalar: string - - name: fieldsV1 + namedType: com.github.openshift.api.config.v1alpha1.SecretKeySelector + default: {} + - name: cert type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.FieldsV1 - - name: manager + namedType: com.github.openshift.api.config.v1alpha1.SecretKeySelector + default: {} + - name: certificateVerification type: scalar: string - - name: operation + - name: key type: - scalar: string - - name: subresource + namedType: com.github.openshift.api.config.v1alpha1.SecretKeySelector + default: {} + - name: serverName type: scalar: string - - name: time - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time -- name: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta +- name: com.github.openshift.api.config.v1alpha1.TelemeterClientConfig map: fields: - - name: annotations + - name: nodeSelector type: map: elementType: scalar: string - - name: creationTimestamp - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time - - name: deletionGracePeriodSeconds + - name: resources type: - scalar: numeric - - name: deletionTimestamp + list: + elementType: + namedType: com.github.openshift.api.config.v1alpha1.ContainerResource + elementRelationship: associative + keys: + - name + - name: tolerations type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time - - name: finalizers + list: + elementType: + namedType: Toleration.v1.core.api.k8s.io + elementRelationship: atomic + - name: topologySpreadConstraints type: list: elementType: - scalar: string + namedType: TopologySpreadConstraint.v1.core.api.k8s.io elementRelationship: associative - - name: generateName + keys: + - topologyKey + - whenUnsatisfiable +- name: com.github.openshift.api.config.v1alpha1.ThanosQuerierConfig + map: + fields: + - name: crossOriginRequestPolicy type: scalar: string - - name: generation + - name: logLevel type: - scalar: numeric - - name: labels + scalar: string + - name: nodeSelector type: map: elementType: scalar: string - - name: managedFields + - name: requestLogging + type: + namedType: com.github.openshift.api.config.v1alpha1.ThanosQuerierRequestLoggingConfig + default: {} + - name: resources + type: + list: + elementType: + namedType: com.github.openshift.api.config.v1alpha1.ContainerResource + elementRelationship: associative + keys: + - name + - name: tolerations type: list: elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ManagedFieldsEntry + namedType: Toleration.v1.core.api.k8s.io elementRelationship: atomic - - name: name + - name: topologySpreadConstraints + type: + list: + elementType: + namedType: TopologySpreadConstraint.v1.core.api.k8s.io + elementRelationship: associative + keys: + - topologyKey + - whenUnsatisfiable +- name: com.github.openshift.api.config.v1alpha1.ThanosQuerierRequestLoggingConfig + map: + fields: + - name: policy type: scalar: string - - name: namespace +- name: com.github.openshift.api.config.v1alpha1.UppercaseActionConfig + map: + fields: + - name: targetLabel type: scalar: string - - name: ownerReferences +- name: com.github.openshift.api.config.v1alpha1.UserDefinedMonitoring + map: + fields: + - name: mode + type: + scalar: string + default: "" +- name: com.github.openshift.api.config.v1alpha2.Custom + map: + fields: + - name: configs type: list: elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.OwnerReference + namedType: com.github.openshift.api.config.v1alpha2.GathererConfig elementRelationship: associative keys: - - uid - - name: resourceVersion + - name +- name: com.github.openshift.api.config.v1alpha2.GatherConfig + map: + fields: + - name: dataPolicy type: - scalar: string - - name: selfLink + list: + elementType: + scalar: string + elementRelationship: atomic + - name: gatherers type: - scalar: string - - name: uid + namedType: com.github.openshift.api.config.v1alpha2.Gatherers + default: {} + - name: storage type: - scalar: string -- name: io.k8s.apimachinery.pkg.apis.meta.v1.OwnerReference + namedType: com.github.openshift.api.config.v1alpha2.Storage +- name: com.github.openshift.api.config.v1alpha2.GathererConfig map: fields: - - name: apiVersion + - name: name type: scalar: string default: "" - - name: blockOwnerDeletion + - name: state type: - scalar: boolean - - name: controller + scalar: string + default: "" +- name: com.github.openshift.api.config.v1alpha2.Gatherers + map: + fields: + - name: custom type: - scalar: boolean - - name: kind + namedType: com.github.openshift.api.config.v1alpha2.Custom + - name: mode type: scalar: string default: "" - - name: name +- name: com.github.openshift.api.config.v1alpha2.InsightsDataGather + map: + fields: + - name: apiVersion type: scalar: string - default: "" - - name: uid + - name: kind type: scalar: string - default: "" - elementRelationship: atomic -- name: io.k8s.apimachinery.pkg.apis.meta.v1.Time - scalar: untyped -- name: io.k8s.apimachinery.pkg.runtime.RawExtension + - name: metadata + type: + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io + default: {} + - name: spec + type: + namedType: com.github.openshift.api.config.v1alpha2.InsightsDataGatherSpec + default: {} + - name: status + type: + namedType: com.github.openshift.api.config.v1alpha2.InsightsDataGatherStatus + default: {} +- name: com.github.openshift.api.config.v1alpha2.InsightsDataGatherSpec + map: + fields: + - name: gatherConfig + type: + namedType: com.github.openshift.api.config.v1alpha2.GatherConfig + default: {} +- name: com.github.openshift.api.config.v1alpha2.InsightsDataGatherStatus map: elementType: scalar: untyped @@ -5433,6 +6346,33 @@ var schemaYAML = typed.YAMLObject(`types: elementType: namedType: __untyped_deduced_ elementRelationship: separable +- name: com.github.openshift.api.config.v1alpha2.PersistentVolumeClaimReference + map: + fields: + - name: name + type: + scalar: string + default: "" +- name: com.github.openshift.api.config.v1alpha2.PersistentVolumeConfig + map: + fields: + - name: claim + type: + namedType: com.github.openshift.api.config.v1alpha2.PersistentVolumeClaimReference + default: {} + - name: mountPath + type: + scalar: string +- name: com.github.openshift.api.config.v1alpha2.Storage + map: + fields: + - name: persistentVolume + type: + namedType: com.github.openshift.api.config.v1alpha2.PersistentVolumeConfig + - name: type + type: + scalar: string + default: "" - name: __untyped_atomic_ scalar: untyped list: diff --git a/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/image.go b/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/image.go index de981e8dd..5dea79f63 100644 --- a/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/image.go +++ b/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/image.go @@ -14,19 +14,44 @@ import ( // ImageApplyConfiguration represents a declarative configuration of the Image type for use // with apply. +// +// Image is an immutable representation of a container image and its metadata at a point in time. +// Images are named by taking a hash of their contents (metadata and content) and any change +// in format, content, or metadata results in a new name. The images resource is primarily +// for use by cluster administrators and integrations like the cluster image registry - end +// users, instead, access images via the imagestreamtags or imagestreamimages resources. While +// image metadata is stored in the API, any integration that implements the container image +// registry API must provide its own storage for the raw manifest data, image config, and +// layer contents. +// +// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). type ImageApplyConfiguration struct { - metav1.TypeMetaApplyConfiguration `json:",inline"` + metav1.TypeMetaApplyConfiguration `json:",inline"` + // metadata is the standard object's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata *metav1.ObjectMetaApplyConfiguration `json:"metadata,omitempty"` - DockerImageReference *string `json:"dockerImageReference,omitempty"` - DockerImageMetadata *runtime.RawExtension `json:"dockerImageMetadata,omitempty"` - DockerImageMetadataVersion *string `json:"dockerImageMetadataVersion,omitempty"` - DockerImageManifest *string `json:"dockerImageManifest,omitempty"` - DockerImageLayers []ImageLayerApplyConfiguration `json:"dockerImageLayers,omitempty"` - Signatures []ImageSignatureApplyConfiguration `json:"signatures,omitempty"` - DockerImageSignatures [][]byte `json:"dockerImageSignatures,omitempty"` - DockerImageManifestMediaType *string `json:"dockerImageManifestMediaType,omitempty"` - DockerImageConfig *string `json:"dockerImageConfig,omitempty"` - DockerImageManifests []ImageManifestApplyConfiguration `json:"dockerImageManifests,omitempty"` + // dockerImageReference is the string that can be used to pull this image. + DockerImageReference *string `json:"dockerImageReference,omitempty"` + // dockerImageMetadata contains metadata about this image + DockerImageMetadata *runtime.RawExtension `json:"dockerImageMetadata,omitempty"` + // dockerImageMetadataVersion conveys the version of the object, which if empty defaults to "1.0" + DockerImageMetadataVersion *string `json:"dockerImageMetadataVersion,omitempty"` + // dockerImageManifest is the raw JSON of the manifest + DockerImageManifest *string `json:"dockerImageManifest,omitempty"` + // dockerImageLayers represents the layers in the image. May not be set if the image does not define that data or if the image represents a manifest list. + DockerImageLayers []ImageLayerApplyConfiguration `json:"dockerImageLayers,omitempty"` + // signatures holds all signatures of the image. + Signatures []ImageSignatureApplyConfiguration `json:"signatures,omitempty"` + // dockerImageSignatures provides the signatures as opaque blobs. This is a part of manifest schema v1. + DockerImageSignatures [][]byte `json:"dockerImageSignatures,omitempty"` + // dockerImageManifestMediaType specifies the mediaType of manifest. This is a part of manifest schema v2. + DockerImageManifestMediaType *string `json:"dockerImageManifestMediaType,omitempty"` + // dockerImageConfig is a JSON blob that the runtime uses to set up the container. This is a part of manifest schema v2. + // Will not be set when the image represents a manifest list. + DockerImageConfig *string `json:"dockerImageConfig,omitempty"` + // dockerImageManifests holds information about sub-manifests when the image represents a manifest list. + // When this field is present, no DockerImageLayers should be specified. + DockerImageManifests []ImageManifestApplyConfiguration `json:"dockerImageManifests,omitempty"` } // Image constructs a declarative configuration of the Image type for use with @@ -39,29 +64,14 @@ func Image(name string) *ImageApplyConfiguration { return b } -// ExtractImage extracts the applied configuration owned by fieldManager from -// image. If no managedFields are found in image for fieldManager, a -// ImageApplyConfiguration is returned with only the Name, Namespace (if applicable), -// APIVersion and Kind populated. It is possible that no managed fields were found for because other -// field managers have taken ownership of all the fields previously owned by fieldManager, or because -// the fieldManager never owned fields any fields. +// ExtractImageFrom extracts the applied configuration owned by fieldManager from +// image for the specified subresource. Pass an empty string for subresource to extract +// the main resource. Common subresources include "status", "scale", etc. // image must be a unmodified Image API object that was retrieved from the Kubernetes API. -// ExtractImage provides a way to perform a extract/modify-in-place/apply workflow. +// ExtractImageFrom provides a way to perform a extract/modify-in-place/apply workflow. // Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously // applied if another fieldManager has updated or force applied any of the previously applied fields. -// Experimental! -func ExtractImage(image *imagev1.Image, fieldManager string) (*ImageApplyConfiguration, error) { - return extractImage(image, fieldManager, "") -} - -// ExtractImageStatus is the same as ExtractImage except -// that it extracts the status subresource applied configuration. -// Experimental! -func ExtractImageStatus(image *imagev1.Image, fieldManager string) (*ImageApplyConfiguration, error) { - return extractImage(image, fieldManager, "status") -} - -func extractImage(image *imagev1.Image, fieldManager string, subresource string) (*ImageApplyConfiguration, error) { +func ExtractImageFrom(image *imagev1.Image, fieldManager string, subresource string) (*ImageApplyConfiguration, error) { b := &ImageApplyConfiguration{} err := managedfields.ExtractInto(image, internal.Parser().Type("com.github.openshift.api.image.v1.Image"), fieldManager, b, subresource) if err != nil { @@ -73,6 +83,21 @@ func extractImage(image *imagev1.Image, fieldManager string, subresource string) b.WithAPIVersion("image.openshift.io/v1") return b, nil } + +// ExtractImage extracts the applied configuration owned by fieldManager from +// image. If no managedFields are found in image for fieldManager, a +// ImageApplyConfiguration is returned with only the Name, Namespace (if applicable), +// APIVersion and Kind populated. It is possible that no managed fields were found for because other +// field managers have taken ownership of all the fields previously owned by fieldManager, or because +// the fieldManager never owned fields any fields. +// image must be a unmodified Image API object that was retrieved from the Kubernetes API. +// ExtractImage provides a way to perform a extract/modify-in-place/apply workflow. +// Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously +// applied if another fieldManager has updated or force applied any of the previously applied fields. +func ExtractImage(image *imagev1.Image, fieldManager string) (*ImageApplyConfiguration, error) { + return ExtractImageFrom(image, fieldManager, "") +} + func (b ImageApplyConfiguration) IsApplyConfiguration() {} // WithKind sets the Kind field in the declarative configuration to the given value diff --git a/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/imagelayer.go b/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/imagelayer.go index 09dc0f931..680723f44 100644 --- a/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/imagelayer.go +++ b/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/imagelayer.go @@ -4,9 +4,14 @@ package v1 // ImageLayerApplyConfiguration represents a declarative configuration of the ImageLayer type for use // with apply. +// +// ImageLayer represents a single layer of the image. Some images may have multiple layers. Some may have none. type ImageLayerApplyConfiguration struct { - Name *string `json:"name,omitempty"` - LayerSize *int64 `json:"size,omitempty"` + // name of the layer as defined by the underlying store. + Name *string `json:"name,omitempty"` + // size of the layer in bytes as defined by the underlying store. + LayerSize *int64 `json:"size,omitempty"` + // mediaType of the referenced object. MediaType *string `json:"mediaType,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/imagelookuppolicy.go b/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/imagelookuppolicy.go index ecc95d10b..1a5e45656 100644 --- a/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/imagelookuppolicy.go +++ b/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/imagelookuppolicy.go @@ -4,7 +4,15 @@ package v1 // ImageLookupPolicyApplyConfiguration represents a declarative configuration of the ImageLookupPolicy type for use // with apply. +// +// ImageLookupPolicy describes how an image stream can be used to override the image references +// used by pods, builds, and other resources in a namespace. type ImageLookupPolicyApplyConfiguration struct { + // local will change the docker short image references (like "mysql" or + // "php:latest") on objects in this namespace to the image ID whenever they match + // this image stream, instead of reaching out to a remote registry. The name will + // be fully qualified to an image ID if found. The tag's referencePolicy is taken + // into account on the replaced value. Only works within the current namespace. Local *bool `json:"local,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/imagemanifest.go b/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/imagemanifest.go index 5368f96a6..f1368387b 100644 --- a/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/imagemanifest.go +++ b/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/imagemanifest.go @@ -4,13 +4,24 @@ package v1 // ImageManifestApplyConfiguration represents a declarative configuration of the ImageManifest type for use // with apply. +// +// ImageManifest represents sub-manifests of a manifest list. The Digest field points to a regular +// Image object. type ImageManifestApplyConfiguration struct { - Digest *string `json:"digest,omitempty"` - MediaType *string `json:"mediaType,omitempty"` - ManifestSize *int64 `json:"manifestSize,omitempty"` + // digest is the unique identifier for the manifest. It refers to an Image object. + Digest *string `json:"digest,omitempty"` + // mediaType defines the type of the manifest, possible values are application/vnd.oci.image.manifest.v1+json, + // application/vnd.docker.distribution.manifest.v2+json or application/vnd.docker.distribution.manifest.v1+json. + MediaType *string `json:"mediaType,omitempty"` + // manifestSize represents the size of the raw object contents, in bytes. + ManifestSize *int64 `json:"manifestSize,omitempty"` + // architecture specifies the supported CPU architecture, for example `amd64` or `ppc64le`. Architecture *string `json:"architecture,omitempty"` - OS *string `json:"os,omitempty"` - Variant *string `json:"variant,omitempty"` + // os specifies the operating system, for example `linux`. + OS *string `json:"os,omitempty"` + // variant is an optional field repreenting a variant of the CPU, for example v6 to specify a particular CPU + // variant of the ARM CPU. + Variant *string `json:"variant,omitempty"` } // ImageManifestApplyConfiguration constructs a declarative configuration of the ImageManifest type for use with diff --git a/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/imagesignature.go b/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/imagesignature.go index 56df91994..9ba0d8fcf 100644 --- a/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/imagesignature.go +++ b/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/imagesignature.go @@ -10,17 +10,38 @@ import ( // ImageSignatureApplyConfiguration represents a declarative configuration of the ImageSignature type for use // with apply. +// +// ImageSignature holds a signature of an image. It allows to verify image identity and possibly other claims +// as long as the signature is trusted. Based on this information it is possible to restrict runnable images +// to those matching cluster-wide policy. +// Mandatory fields should be parsed by clients doing image verification. The others are parsed from +// signature's content by the server. They serve just an informative purpose. +// +// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). type ImageSignatureApplyConfiguration struct { - metav1.TypeMetaApplyConfiguration `json:",inline"` + metav1.TypeMetaApplyConfiguration `json:",inline"` + // metadata is the standard object's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata *metav1.ObjectMetaApplyConfiguration `json:"metadata,omitempty"` - Type *string `json:"type,omitempty"` - Content []byte `json:"content,omitempty"` - Conditions []SignatureConditionApplyConfiguration `json:"conditions,omitempty"` - ImageIdentity *string `json:"imageIdentity,omitempty"` - SignedClaims map[string]string `json:"signedClaims,omitempty"` - Created *apismetav1.Time `json:"created,omitempty"` - IssuedBy *SignatureIssuerApplyConfiguration `json:"issuedBy,omitempty"` - IssuedTo *SignatureSubjectApplyConfiguration `json:"issuedTo,omitempty"` + // Required: Describes a type of stored blob. + Type *string `json:"type,omitempty"` + // Required: An opaque binary string which is an image's signature. + Content []byte `json:"content,omitempty"` + // conditions represent the latest available observations of a signature's current state. + Conditions []SignatureConditionApplyConfiguration `json:"conditions,omitempty"` + // A human readable string representing image's identity. It could be a product name and version, or an + // image pull spec (e.g. "registry.access.redhat.com/rhel7/rhel:7.2"). + ImageIdentity *string `json:"imageIdentity,omitempty"` + // Contains claims from the signature. + SignedClaims map[string]string `json:"signedClaims,omitempty"` + // If specified, it is the time of signature's creation. + Created *apismetav1.Time `json:"created,omitempty"` + // If specified, it holds information about an issuer of signing certificate or key (a person or entity + // who signed the signing certificate or key). + IssuedBy *SignatureIssuerApplyConfiguration `json:"issuedBy,omitempty"` + // If specified, it holds information about a subject of signing certificate or key (a person or entity + // who signed the image). + IssuedTo *SignatureSubjectApplyConfiguration `json:"issuedTo,omitempty"` } // ImageSignature constructs a declarative configuration of the ImageSignature type for use with @@ -32,6 +53,7 @@ func ImageSignature(name string) *ImageSignatureApplyConfiguration { b.WithAPIVersion("image.openshift.io/v1") return b } + func (b ImageSignatureApplyConfiguration) IsApplyConfiguration() {} // WithKind sets the Kind field in the declarative configuration to the given value diff --git a/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/imagestream.go b/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/imagestream.go index fec216b4f..48d3321df 100644 --- a/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/imagestream.go +++ b/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/imagestream.go @@ -13,11 +13,32 @@ import ( // ImageStreamApplyConfiguration represents a declarative configuration of the ImageStream type for use // with apply. +// +// An ImageStream stores a mapping of tags to images, metadata overrides that are applied +// when images are tagged in a stream, and an optional reference to a container image +// repository on a registry. Users typically update the spec.tags field to point to external +// images which are imported from container registries using credentials in your namespace +// with the pull secret type, or to existing image stream tags and images which are +// immediately accessible for tagging or pulling. The history of images applied to a tag +// is visible in the status.tags field and any user who can view an image stream is allowed +// to tag that image into their own image streams. Access to pull images from the integrated +// registry is granted by having the "get imagestreams/layers" permission on a given image +// stream. Users may remove a tag by deleting the imagestreamtag resource, which causes both +// spec and status for that tag to be removed. Image stream history is retained until an +// administrator runs the prune operation, which removes references that are no longer in +// use. To preserve a historical image, ensure there is a tag in spec pointing to that image +// by its digest. +// +// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). type ImageStreamApplyConfiguration struct { - metav1.TypeMetaApplyConfiguration `json:",inline"` + metav1.TypeMetaApplyConfiguration `json:",inline"` + // metadata is the standard object's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata *metav1.ObjectMetaApplyConfiguration `json:"metadata,omitempty"` - Spec *ImageStreamSpecApplyConfiguration `json:"spec,omitempty"` - Status *ImageStreamStatusApplyConfiguration `json:"status,omitempty"` + // spec describes the desired state of this stream + Spec *ImageStreamSpecApplyConfiguration `json:"spec,omitempty"` + // status describes the current state of this stream + Status *ImageStreamStatusApplyConfiguration `json:"status,omitempty"` } // ImageStream constructs a declarative configuration of the ImageStream type for use with @@ -31,6 +52,27 @@ func ImageStream(name, namespace string) *ImageStreamApplyConfiguration { return b } +// ExtractImageStreamFrom extracts the applied configuration owned by fieldManager from +// imageStream for the specified subresource. Pass an empty string for subresource to extract +// the main resource. Common subresources include "status", "scale", etc. +// imageStream must be a unmodified ImageStream API object that was retrieved from the Kubernetes API. +// ExtractImageStreamFrom provides a way to perform a extract/modify-in-place/apply workflow. +// Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously +// applied if another fieldManager has updated or force applied any of the previously applied fields. +func ExtractImageStreamFrom(imageStream *imagev1.ImageStream, fieldManager string, subresource string) (*ImageStreamApplyConfiguration, error) { + b := &ImageStreamApplyConfiguration{} + err := managedfields.ExtractInto(imageStream, internal.Parser().Type("com.github.openshift.api.image.v1.ImageStream"), fieldManager, b, subresource) + if err != nil { + return nil, err + } + b.WithName(imageStream.Name) + b.WithNamespace(imageStream.Namespace) + + b.WithKind("ImageStream") + b.WithAPIVersion("image.openshift.io/v1") + return b, nil +} + // ExtractImageStream extracts the applied configuration owned by fieldManager from // imageStream. If no managedFields are found in imageStream for fieldManager, a // ImageStreamApplyConfiguration is returned with only the Name, Namespace (if applicable), @@ -41,31 +83,28 @@ func ImageStream(name, namespace string) *ImageStreamApplyConfiguration { // ExtractImageStream provides a way to perform a extract/modify-in-place/apply workflow. // Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously // applied if another fieldManager has updated or force applied any of the previously applied fields. -// Experimental! func ExtractImageStream(imageStream *imagev1.ImageStream, fieldManager string) (*ImageStreamApplyConfiguration, error) { - return extractImageStream(imageStream, fieldManager, "") + return ExtractImageStreamFrom(imageStream, fieldManager, "") } -// ExtractImageStreamStatus is the same as ExtractImageStream except -// that it extracts the status subresource applied configuration. -// Experimental! -func ExtractImageStreamStatus(imageStream *imagev1.ImageStream, fieldManager string) (*ImageStreamApplyConfiguration, error) { - return extractImageStream(imageStream, fieldManager, "status") +// ExtractImageStreamLayers extracts the applied configuration owned by fieldManager from +// imageStream for the layers subresource. +func ExtractImageStreamLayers(imageStream *imagev1.ImageStream, fieldManager string) (*ImageStreamApplyConfiguration, error) { + return ExtractImageStreamFrom(imageStream, fieldManager, "layers") } -func extractImageStream(imageStream *imagev1.ImageStream, fieldManager string, subresource string) (*ImageStreamApplyConfiguration, error) { - b := &ImageStreamApplyConfiguration{} - err := managedfields.ExtractInto(imageStream, internal.Parser().Type("com.github.openshift.api.image.v1.ImageStream"), fieldManager, b, subresource) - if err != nil { - return nil, err - } - b.WithName(imageStream.Name) - b.WithNamespace(imageStream.Namespace) +// ExtractImageStreamSecrets extracts the applied configuration owned by fieldManager from +// imageStream for the secrets subresource. +func ExtractImageStreamSecrets(imageStream *imagev1.ImageStream, fieldManager string) (*ImageStreamApplyConfiguration, error) { + return ExtractImageStreamFrom(imageStream, fieldManager, "secrets") +} - b.WithKind("ImageStream") - b.WithAPIVersion("image.openshift.io/v1") - return b, nil +// ExtractImageStreamStatus extracts the applied configuration owned by fieldManager from +// imageStream for the status subresource. +func ExtractImageStreamStatus(imageStream *imagev1.ImageStream, fieldManager string) (*ImageStreamApplyConfiguration, error) { + return ExtractImageStreamFrom(imageStream, fieldManager, "status") } + func (b ImageStreamApplyConfiguration) IsApplyConfiguration() {} // WithKind sets the Kind field in the declarative configuration to the given value diff --git a/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/imagestreammapping.go b/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/imagestreammapping.go index 518c9ef02..e7f1150b9 100644 --- a/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/imagestreammapping.go +++ b/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/imagestreammapping.go @@ -13,11 +13,26 @@ import ( // ImageStreamMappingApplyConfiguration represents a declarative configuration of the ImageStreamMapping type for use // with apply. +// +// ImageStreamMapping represents a mapping from a single image stream tag to a container +// image as well as the reference to the container image stream the image came from. This +// resource is used by privileged integrators to create an image resource and to associate +// it with an image stream in the status tags field. Creating an ImageStreamMapping will +// allow any user who can view the image stream to tag or pull that image, so only create +// mappings where the user has proven they have access to the image contents directly. +// The only operation supported for this resource is create and the metadata name and +// namespace should be set to the image stream containing the tag that should be updated. +// +// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). type ImageStreamMappingApplyConfiguration struct { - metav1.TypeMetaApplyConfiguration `json:",inline"` + metav1.TypeMetaApplyConfiguration `json:",inline"` + // metadata is the standard object's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata *metav1.ObjectMetaApplyConfiguration `json:"metadata,omitempty"` - Image *ImageApplyConfiguration `json:"image,omitempty"` - Tag *string `json:"tag,omitempty"` + // image is a container image. + Image *ImageApplyConfiguration `json:"image,omitempty"` + // tag is a string value this image can be located with inside the stream. + Tag *string `json:"tag,omitempty"` } // ImageStreamMapping constructs a declarative configuration of the ImageStreamMapping type for use with @@ -31,29 +46,14 @@ func ImageStreamMapping(name, namespace string) *ImageStreamMappingApplyConfigur return b } -// ExtractImageStreamMapping extracts the applied configuration owned by fieldManager from -// imageStreamMapping. If no managedFields are found in imageStreamMapping for fieldManager, a -// ImageStreamMappingApplyConfiguration is returned with only the Name, Namespace (if applicable), -// APIVersion and Kind populated. It is possible that no managed fields were found for because other -// field managers have taken ownership of all the fields previously owned by fieldManager, or because -// the fieldManager never owned fields any fields. +// ExtractImageStreamMappingFrom extracts the applied configuration owned by fieldManager from +// imageStreamMapping for the specified subresource. Pass an empty string for subresource to extract +// the main resource. Common subresources include "status", "scale", etc. // imageStreamMapping must be a unmodified ImageStreamMapping API object that was retrieved from the Kubernetes API. -// ExtractImageStreamMapping provides a way to perform a extract/modify-in-place/apply workflow. +// ExtractImageStreamMappingFrom provides a way to perform a extract/modify-in-place/apply workflow. // Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously // applied if another fieldManager has updated or force applied any of the previously applied fields. -// Experimental! -func ExtractImageStreamMapping(imageStreamMapping *imagev1.ImageStreamMapping, fieldManager string) (*ImageStreamMappingApplyConfiguration, error) { - return extractImageStreamMapping(imageStreamMapping, fieldManager, "") -} - -// ExtractImageStreamMappingStatus is the same as ExtractImageStreamMapping except -// that it extracts the status subresource applied configuration. -// Experimental! -func ExtractImageStreamMappingStatus(imageStreamMapping *imagev1.ImageStreamMapping, fieldManager string) (*ImageStreamMappingApplyConfiguration, error) { - return extractImageStreamMapping(imageStreamMapping, fieldManager, "status") -} - -func extractImageStreamMapping(imageStreamMapping *imagev1.ImageStreamMapping, fieldManager string, subresource string) (*ImageStreamMappingApplyConfiguration, error) { +func ExtractImageStreamMappingFrom(imageStreamMapping *imagev1.ImageStreamMapping, fieldManager string, subresource string) (*ImageStreamMappingApplyConfiguration, error) { b := &ImageStreamMappingApplyConfiguration{} err := managedfields.ExtractInto(imageStreamMapping, internal.Parser().Type("com.github.openshift.api.image.v1.ImageStreamMapping"), fieldManager, b, subresource) if err != nil { @@ -66,6 +66,21 @@ func extractImageStreamMapping(imageStreamMapping *imagev1.ImageStreamMapping, f b.WithAPIVersion("image.openshift.io/v1") return b, nil } + +// ExtractImageStreamMapping extracts the applied configuration owned by fieldManager from +// imageStreamMapping. If no managedFields are found in imageStreamMapping for fieldManager, a +// ImageStreamMappingApplyConfiguration is returned with only the Name, Namespace (if applicable), +// APIVersion and Kind populated. It is possible that no managed fields were found for because other +// field managers have taken ownership of all the fields previously owned by fieldManager, or because +// the fieldManager never owned fields any fields. +// imageStreamMapping must be a unmodified ImageStreamMapping API object that was retrieved from the Kubernetes API. +// ExtractImageStreamMapping provides a way to perform a extract/modify-in-place/apply workflow. +// Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously +// applied if another fieldManager has updated or force applied any of the previously applied fields. +func ExtractImageStreamMapping(imageStreamMapping *imagev1.ImageStreamMapping, fieldManager string) (*ImageStreamMappingApplyConfiguration, error) { + return ExtractImageStreamMappingFrom(imageStreamMapping, fieldManager, "") +} + func (b ImageStreamMappingApplyConfiguration) IsApplyConfiguration() {} // WithKind sets the Kind field in the declarative configuration to the given value diff --git a/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/imagestreamspec.go b/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/imagestreamspec.go index 09d777f17..15b58c823 100644 --- a/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/imagestreamspec.go +++ b/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/imagestreamspec.go @@ -4,10 +4,17 @@ package v1 // ImageStreamSpecApplyConfiguration represents a declarative configuration of the ImageStreamSpec type for use // with apply. +// +// ImageStreamSpec represents options for ImageStreams. type ImageStreamSpecApplyConfiguration struct { - LookupPolicy *ImageLookupPolicyApplyConfiguration `json:"lookupPolicy,omitempty"` - DockerImageRepository *string `json:"dockerImageRepository,omitempty"` - Tags []TagReferenceApplyConfiguration `json:"tags,omitempty"` + // lookupPolicy controls how other resources reference images within this namespace. + LookupPolicy *ImageLookupPolicyApplyConfiguration `json:"lookupPolicy,omitempty"` + // dockerImageRepository is optional, if specified this stream is backed by a container repository on this server + // Deprecated: This field is deprecated as of v3.7 and will be removed in a future release. + // Specify the source for the tags to be imported in each tag via the spec.tags.from reference instead. + DockerImageRepository *string `json:"dockerImageRepository,omitempty"` + // tags map arbitrary string values to specific image locators + Tags []TagReferenceApplyConfiguration `json:"tags,omitempty"` } // ImageStreamSpecApplyConfiguration constructs a declarative configuration of the ImageStreamSpec type for use with diff --git a/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/imagestreamstatus.go b/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/imagestreamstatus.go index e2ab24aa8..2e372b095 100644 --- a/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/imagestreamstatus.go +++ b/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/imagestreamstatus.go @@ -4,10 +4,19 @@ package v1 // ImageStreamStatusApplyConfiguration represents a declarative configuration of the ImageStreamStatus type for use // with apply. +// +// ImageStreamStatus contains information about the state of this image stream. type ImageStreamStatusApplyConfiguration struct { - DockerImageRepository *string `json:"dockerImageRepository,omitempty"` - PublicDockerImageRepository *string `json:"publicDockerImageRepository,omitempty"` - Tags []NamedTagEventListApplyConfiguration `json:"tags,omitempty"` + // dockerImageRepository represents the effective location this stream may be accessed at. + // May be empty until the server determines where the repository is located + DockerImageRepository *string `json:"dockerImageRepository,omitempty"` + // publicDockerImageRepository represents the public location from where the image can + // be pulled outside the cluster. This field may be empty if the administrator + // has not exposed the integrated registry externally. + PublicDockerImageRepository *string `json:"publicDockerImageRepository,omitempty"` + // tags are a historical record of images associated with each tag. The first entry in the + // TagEvent array is the currently tagged image. + Tags []NamedTagEventListApplyConfiguration `json:"tags,omitempty"` } // ImageStreamStatusApplyConfiguration constructs a declarative configuration of the ImageStreamStatus type for use with diff --git a/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/namedtageventlist.go b/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/namedtageventlist.go index 92b096aad..85e641850 100644 --- a/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/namedtageventlist.go +++ b/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/namedtageventlist.go @@ -4,9 +4,14 @@ package v1 // NamedTagEventListApplyConfiguration represents a declarative configuration of the NamedTagEventList type for use // with apply. +// +// NamedTagEventList relates a tag to its image history. type NamedTagEventListApplyConfiguration struct { - Tag *string `json:"tag,omitempty"` - Items []TagEventApplyConfiguration `json:"items,omitempty"` + // tag is the tag for which the history is recorded + Tag *string `json:"tag,omitempty"` + // Standard object's metadata. + Items []TagEventApplyConfiguration `json:"items,omitempty"` + // conditions is an array of conditions that apply to the tag event list. Conditions []TagEventConditionApplyConfiguration `json:"conditions,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/signaturecondition.go b/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/signaturecondition.go index 232bf7bf9..f7caa9b62 100644 --- a/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/signaturecondition.go +++ b/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/signaturecondition.go @@ -10,13 +10,21 @@ import ( // SignatureConditionApplyConfiguration represents a declarative configuration of the SignatureCondition type for use // with apply. +// +// SignatureCondition describes an image signature condition of particular kind at particular probe time. type SignatureConditionApplyConfiguration struct { - Type *imagev1.SignatureConditionType `json:"type,omitempty"` - Status *corev1.ConditionStatus `json:"status,omitempty"` - LastProbeTime *metav1.Time `json:"lastProbeTime,omitempty"` - LastTransitionTime *metav1.Time `json:"lastTransitionTime,omitempty"` - Reason *string `json:"reason,omitempty"` - Message *string `json:"message,omitempty"` + // type of signature condition, Complete or Failed. + Type *imagev1.SignatureConditionType `json:"type,omitempty"` + // status of the condition, one of True, False, Unknown. + Status *corev1.ConditionStatus `json:"status,omitempty"` + // Last time the condition was checked. + LastProbeTime *metav1.Time `json:"lastProbeTime,omitempty"` + // Last time the condition transit from one status to another. + LastTransitionTime *metav1.Time `json:"lastTransitionTime,omitempty"` + // (brief) reason for the condition's last transition. + Reason *string `json:"reason,omitempty"` + // Human readable message indicating details about last transition. + Message *string `json:"message,omitempty"` } // SignatureConditionApplyConfiguration constructs a declarative configuration of the SignatureCondition type for use with diff --git a/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/signaturegenericentity.go b/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/signaturegenericentity.go index 1e40e2ab1..45a5c383e 100644 --- a/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/signaturegenericentity.go +++ b/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/signaturegenericentity.go @@ -4,9 +4,14 @@ package v1 // SignatureGenericEntityApplyConfiguration represents a declarative configuration of the SignatureGenericEntity type for use // with apply. +// +// SignatureGenericEntity holds a generic information about a person or entity who is an issuer or a subject +// of signing certificate or key. type SignatureGenericEntityApplyConfiguration struct { + // organization name. Organization *string `json:"organization,omitempty"` - CommonName *string `json:"commonName,omitempty"` + // Common name (e.g. openshift-signing-service). + CommonName *string `json:"commonName,omitempty"` } // SignatureGenericEntityApplyConfiguration constructs a declarative configuration of the SignatureGenericEntity type for use with diff --git a/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/signatureissuer.go b/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/signatureissuer.go index 68564dd5f..45d9e3c47 100644 --- a/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/signatureissuer.go +++ b/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/signatureissuer.go @@ -4,6 +4,8 @@ package v1 // SignatureIssuerApplyConfiguration represents a declarative configuration of the SignatureIssuer type for use // with apply. +// +// SignatureIssuer holds information about an issuer of signing certificate or key. type SignatureIssuerApplyConfiguration struct { SignatureGenericEntityApplyConfiguration `json:",inline"` } diff --git a/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/signaturesubject.go b/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/signaturesubject.go index bc15e4f37..055786d7a 100644 --- a/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/signaturesubject.go +++ b/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/signaturesubject.go @@ -4,9 +4,14 @@ package v1 // SignatureSubjectApplyConfiguration represents a declarative configuration of the SignatureSubject type for use // with apply. +// +// SignatureSubject holds information about a person or entity who created the signature. type SignatureSubjectApplyConfiguration struct { SignatureGenericEntityApplyConfiguration `json:",inline"` - PublicKeyID *string `json:"publicKeyID,omitempty"` + // If present, it is a human readable key id of public key belonging to the subject used to verify image + // signature. It should contain at least 64 lowest bits of public key's fingerprint (e.g. + // 0x685ebe62bf278440). + PublicKeyID *string `json:"publicKeyID,omitempty"` } // SignatureSubjectApplyConfiguration constructs a declarative configuration of the SignatureSubject type for use with diff --git a/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/tagevent.go b/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/tagevent.go index d123e74cb..695756e59 100644 --- a/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/tagevent.go +++ b/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/tagevent.go @@ -8,11 +8,17 @@ import ( // TagEventApplyConfiguration represents a declarative configuration of the TagEvent type for use // with apply. +// +// TagEvent is used by ImageStreamStatus to keep a historical record of images associated with a tag. type TagEventApplyConfiguration struct { - Created *metav1.Time `json:"created,omitempty"` - DockerImageReference *string `json:"dockerImageReference,omitempty"` - Image *string `json:"image,omitempty"` - Generation *int64 `json:"generation,omitempty"` + // created holds the time the TagEvent was created + Created *metav1.Time `json:"created,omitempty"` + // dockerImageReference is the string that can be used to pull this image + DockerImageReference *string `json:"dockerImageReference,omitempty"` + // image is the image + Image *string `json:"image,omitempty"` + // generation is the spec tag generation that resulted in this tag being updated + Generation *int64 `json:"generation,omitempty"` } // TagEventApplyConfiguration constructs a declarative configuration of the TagEvent type for use with diff --git a/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/tageventcondition.go b/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/tageventcondition.go index ba6193fc3..e77f02ea2 100644 --- a/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/tageventcondition.go +++ b/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/tageventcondition.go @@ -10,13 +10,21 @@ import ( // TagEventConditionApplyConfiguration represents a declarative configuration of the TagEventCondition type for use // with apply. +// +// TagEventCondition contains condition information for a tag event. type TagEventConditionApplyConfiguration struct { - Type *imagev1.TagEventConditionType `json:"type,omitempty"` - Status *corev1.ConditionStatus `json:"status,omitempty"` - LastTransitionTime *metav1.Time `json:"lastTransitionTime,omitempty"` - Reason *string `json:"reason,omitempty"` - Message *string `json:"message,omitempty"` - Generation *int64 `json:"generation,omitempty"` + // type of tag event condition, currently only ImportSuccess + Type *imagev1.TagEventConditionType `json:"type,omitempty"` + // status of the condition, one of True, False, Unknown. + Status *corev1.ConditionStatus `json:"status,omitempty"` + // lastTransitionTime is the time the condition transitioned from one status to another. + LastTransitionTime *metav1.Time `json:"lastTransitionTime,omitempty"` + // reason is a brief machine readable explanation for the condition's last transition. + Reason *string `json:"reason,omitempty"` + // message is a human readable description of the details about last transition, complementing reason. + Message *string `json:"message,omitempty"` + // generation is the spec tag generation that this status corresponds to + Generation *int64 `json:"generation,omitempty"` } // TagEventConditionApplyConfiguration constructs a declarative configuration of the TagEventCondition type for use with diff --git a/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/tagimportpolicy.go b/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/tagimportpolicy.go index 996690343..1a38b33ab 100644 --- a/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/tagimportpolicy.go +++ b/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/tagimportpolicy.go @@ -8,9 +8,14 @@ import ( // TagImportPolicyApplyConfiguration represents a declarative configuration of the TagImportPolicy type for use // with apply. +// +// TagImportPolicy controls how images related to this tag will be imported. type TagImportPolicyApplyConfiguration struct { - Insecure *bool `json:"insecure,omitempty"` - Scheduled *bool `json:"scheduled,omitempty"` + // insecure is true if the server may bypass certificate verification or connect directly over HTTP during image import. + Insecure *bool `json:"insecure,omitempty"` + // scheduled indicates to the server that this tag should be periodically checked to ensure it is up to date, and imported + Scheduled *bool `json:"scheduled,omitempty"` + // importMode describes how to import an image manifest. ImportMode *imagev1.ImportModeType `json:"importMode,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/tagreference.go b/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/tagreference.go index 648f30e31..c6710e6d9 100644 --- a/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/tagreference.go +++ b/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/tagreference.go @@ -8,13 +8,31 @@ import ( // TagReferenceApplyConfiguration represents a declarative configuration of the TagReference type for use // with apply. +// +// TagReference specifies optional annotations for images using this tag and an optional reference to an ImageStreamTag, ImageStreamImage, or DockerImage this tag should track. type TagReferenceApplyConfiguration struct { - Name *string `json:"name,omitempty"` - Annotations map[string]string `json:"annotations,omitempty"` - From *corev1.ObjectReference `json:"from,omitempty"` - Reference *bool `json:"reference,omitempty"` - Generation *int64 `json:"generation,omitempty"` - ImportPolicy *TagImportPolicyApplyConfiguration `json:"importPolicy,omitempty"` + // name of the tag + Name *string `json:"name,omitempty"` + // Optional; if specified, annotations that are applied to images retrieved via ImageStreamTags. + Annotations map[string]string `json:"annotations,omitempty"` + // Optional; if specified, a reference to another image that this tag should point to. Valid values + // are ImageStreamTag, ImageStreamImage, and DockerImage. ImageStreamTag references + // can only reference a tag within this same ImageStream. + From *corev1.ObjectReference `json:"from,omitempty"` + // reference states if the tag will be imported. Default value is false, which means the tag will + // be imported. + Reference *bool `json:"reference,omitempty"` + // generation is a counter that tracks mutations to the spec tag (user intent). When a tag reference + // is changed the generation is set to match the current stream generation (which is incremented every + // time spec is changed). Other processes in the system like the image importer observe that the + // generation of spec tag is newer than the generation recorded in the status and use that as a trigger + // to import the newest remote tag. To trigger a new import, clients may set this value to zero which + // will reset the generation to the latest stream generation. Legacy clients will send this value as + // nil which will be merged with the current tag generation. + Generation *int64 `json:"generation,omitempty"` + // importPolicy is information that controls how images may be imported by the server. + ImportPolicy *TagImportPolicyApplyConfiguration `json:"importPolicy,omitempty"` + // referencePolicy defines how other components should consume the image. ReferencePolicy *TagReferencePolicyApplyConfiguration `json:"referencePolicy,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/tagreferencepolicy.go b/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/tagreferencepolicy.go index d010d3ac0..c27def906 100644 --- a/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/tagreferencepolicy.go +++ b/vendor/github.com/openshift/client-go/image/applyconfigurations/image/v1/tagreferencepolicy.go @@ -8,7 +8,19 @@ import ( // TagReferencePolicyApplyConfiguration represents a declarative configuration of the TagReferencePolicy type for use // with apply. +// +// TagReferencePolicy describes how pull-specs for images in this image stream tag are generated when +// image change triggers in deployment configs or builds are resolved. This allows the image stream +// author to control how images are accessed. type TagReferencePolicyApplyConfiguration struct { + // type determines how the image pull spec should be transformed when the image stream tag is used in + // deployment config triggers or new builds. The default value is `Source`, indicating the original + // location of the image should be used (if imported). The user may also specify `Local`, indicating + // that the pull spec should point to the integrated container image registry and leverage the registry's + // ability to proxy the pull to an upstream registry. `Local` allows the credentials used to pull this + // image to be managed from the image stream's namespace, so others on the platform can access a remote + // image but have no access to the remote secret. It also allows the image layers to be mirrored into + // the local registry which the images can still be pulled even if the upstream registry is unavailable. Type *imagev1.TagReferencePolicyType `json:"type,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/image/applyconfigurations/internal/internal.go b/vendor/github.com/openshift/client-go/image/applyconfigurations/internal/internal.go index d03b7da44..574479273 100644 --- a/vendor/github.com/openshift/client-go/image/applyconfigurations/internal/internal.go +++ b/vendor/github.com/openshift/client-go/image/applyconfigurations/internal/internal.go @@ -23,6 +23,170 @@ func Parser() *typed.Parser { var parserOnce sync.Once var parser *typed.Parser var schemaYAML = typed.YAMLObject(`types: +- name: FieldsV1.v1.meta.apis.pkg.apimachinery.k8s.io + map: + elementType: + scalar: untyped + list: + elementType: + namedType: __untyped_atomic_ + elementRelationship: atomic + map: + elementType: + namedType: __untyped_deduced_ + elementRelationship: separable +- name: ManagedFieldsEntry.v1.meta.apis.pkg.apimachinery.k8s.io + map: + fields: + - name: apiVersion + type: + scalar: string + - name: fieldsType + type: + scalar: string + - name: fieldsV1 + type: + namedType: FieldsV1.v1.meta.apis.pkg.apimachinery.k8s.io + - name: manager + type: + scalar: string + - name: operation + type: + scalar: string + - name: subresource + type: + scalar: string + - name: time + type: + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io +- name: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io + map: + fields: + - name: annotations + type: + map: + elementType: + scalar: string + - name: creationTimestamp + type: + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io + - name: deletionGracePeriodSeconds + type: + scalar: numeric + - name: deletionTimestamp + type: + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io + - name: finalizers + type: + list: + elementType: + scalar: string + elementRelationship: associative + - name: generateName + type: + scalar: string + - name: generation + type: + scalar: numeric + - name: labels + type: + map: + elementType: + scalar: string + - name: managedFields + type: + list: + elementType: + namedType: ManagedFieldsEntry.v1.meta.apis.pkg.apimachinery.k8s.io + elementRelationship: atomic + - name: name + type: + scalar: string + - name: namespace + type: + scalar: string + - name: ownerReferences + type: + list: + elementType: + namedType: OwnerReference.v1.meta.apis.pkg.apimachinery.k8s.io + elementRelationship: associative + keys: + - uid + - name: resourceVersion + type: + scalar: string + - name: selfLink + type: + scalar: string + - name: uid + type: + scalar: string +- name: ObjectReference.v1.core.api.k8s.io + map: + fields: + - name: apiVersion + type: + scalar: string + - name: fieldPath + type: + scalar: string + - name: kind + type: + scalar: string + - name: name + type: + scalar: string + - name: namespace + type: + scalar: string + - name: resourceVersion + type: + scalar: string + - name: uid + type: + scalar: string + elementRelationship: atomic +- name: OwnerReference.v1.meta.apis.pkg.apimachinery.k8s.io + map: + fields: + - name: apiVersion + type: + scalar: string + default: "" + - name: blockOwnerDeletion + type: + scalar: boolean + - name: controller + type: + scalar: boolean + - name: kind + type: + scalar: string + default: "" + - name: name + type: + scalar: string + default: "" + - name: uid + type: + scalar: string + default: "" + elementRelationship: atomic +- name: RawExtension.runtime.pkg.apimachinery.k8s.io + map: + elementType: + scalar: untyped + list: + elementType: + namedType: __untyped_atomic_ + elementRelationship: atomic + map: + elementType: + namedType: __untyped_deduced_ + elementRelationship: separable +- name: Time.v1.meta.apis.pkg.apimachinery.k8s.io + scalar: untyped - name: com.github.openshift.api.image.v1.Image map: fields: @@ -52,7 +216,7 @@ var schemaYAML = typed.YAMLObject(`types: elementRelationship: atomic - name: dockerImageMetadata type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: dockerImageMetadataVersion type: scalar: string @@ -70,7 +234,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: signatures type: @@ -147,7 +311,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: created type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io - name: imageIdentity type: scalar: string @@ -162,7 +326,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: signedClaims type: @@ -184,7 +348,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -209,7 +373,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: tag type: @@ -275,10 +439,10 @@ var schemaYAML = typed.YAMLObject(`types: fields: - name: lastProbeTime type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io - name: lastTransitionTime type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io - name: message type: scalar: string @@ -320,7 +484,7 @@ var schemaYAML = typed.YAMLObject(`types: fields: - name: created type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io - name: dockerImageReference type: scalar: string @@ -342,7 +506,7 @@ var schemaYAML = typed.YAMLObject(`types: default: 0 - name: lastTransitionTime type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io - name: message type: scalar: string @@ -379,7 +543,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: from type: - namedType: io.k8s.api.core.v1.ObjectReference + namedType: ObjectReference.v1.core.api.k8s.io - name: generation type: scalar: numeric @@ -405,170 +569,6 @@ var schemaYAML = typed.YAMLObject(`types: type: scalar: string default: "" -- name: io.k8s.api.core.v1.ObjectReference - map: - fields: - - name: apiVersion - type: - scalar: string - - name: fieldPath - type: - scalar: string - - name: kind - type: - scalar: string - - name: name - type: - scalar: string - - name: namespace - type: - scalar: string - - name: resourceVersion - type: - scalar: string - - name: uid - type: - scalar: string - elementRelationship: atomic -- name: io.k8s.apimachinery.pkg.apis.meta.v1.FieldsV1 - map: - elementType: - scalar: untyped - list: - elementType: - namedType: __untyped_atomic_ - elementRelationship: atomic - map: - elementType: - namedType: __untyped_deduced_ - elementRelationship: separable -- name: io.k8s.apimachinery.pkg.apis.meta.v1.ManagedFieldsEntry - map: - fields: - - name: apiVersion - type: - scalar: string - - name: fieldsType - type: - scalar: string - - name: fieldsV1 - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.FieldsV1 - - name: manager - type: - scalar: string - - name: operation - type: - scalar: string - - name: subresource - type: - scalar: string - - name: time - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time -- name: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta - map: - fields: - - name: annotations - type: - map: - elementType: - scalar: string - - name: creationTimestamp - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time - - name: deletionGracePeriodSeconds - type: - scalar: numeric - - name: deletionTimestamp - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time - - name: finalizers - type: - list: - elementType: - scalar: string - elementRelationship: associative - - name: generateName - type: - scalar: string - - name: generation - type: - scalar: numeric - - name: labels - type: - map: - elementType: - scalar: string - - name: managedFields - type: - list: - elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ManagedFieldsEntry - elementRelationship: atomic - - name: name - type: - scalar: string - - name: namespace - type: - scalar: string - - name: ownerReferences - type: - list: - elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.OwnerReference - elementRelationship: associative - keys: - - uid - - name: resourceVersion - type: - scalar: string - - name: selfLink - type: - scalar: string - - name: uid - type: - scalar: string -- name: io.k8s.apimachinery.pkg.apis.meta.v1.OwnerReference - map: - fields: - - name: apiVersion - type: - scalar: string - default: "" - - name: blockOwnerDeletion - type: - scalar: boolean - - name: controller - type: - scalar: boolean - - name: kind - type: - scalar: string - default: "" - - name: name - type: - scalar: string - default: "" - - name: uid - type: - scalar: string - default: "" - elementRelationship: atomic -- name: io.k8s.apimachinery.pkg.apis.meta.v1.Time - scalar: untyped -- name: io.k8s.apimachinery.pkg.runtime.RawExtension - map: - elementType: - scalar: untyped - list: - elementType: - namedType: __untyped_atomic_ - elementRelationship: atomic - map: - elementType: - namedType: __untyped_deduced_ - elementRelationship: separable - name: __untyped_atomic_ scalar: untyped list: diff --git a/vendor/modules.txt b/vendor/modules.txt index ef75dee4a..f5e09e295 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -168,10 +168,6 @@ github.com/go-openapi/swag/yamlutils # github.com/go-task/slim-sprig/v3 v3.0.0 ## explicit; go 1.20 github.com/go-task/slim-sprig/v3 -# github.com/gogo/protobuf v1.3.2 -## explicit; go 1.15 -github.com/gogo/protobuf/proto -github.com/gogo/protobuf/sortkeys # github.com/google/btree v1.1.3 ## explicit; go 1.18 github.com/google/btree @@ -288,8 +284,8 @@ github.com/opencontainers/go-digest # github.com/opencontainers/runc v1.4.2 ## explicit; go 1.24.0 github.com/opencontainers/runc/libcontainer/devices -# github.com/openshift/api v0.0.0-20260213204242-d34f11c515b3 -## explicit; go 1.24.0 +# github.com/openshift/api v0.0.0-20260612153628-992ec954f8b3 +## explicit; go 1.25.0 github.com/openshift/api/config/v1 github.com/openshift/api/config/v1alpha1 github.com/openshift/api/config/v1alpha2 @@ -297,8 +293,8 @@ github.com/openshift/api/image/docker10 github.com/openshift/api/image/dockerpre012 github.com/openshift/api/image/v1 github.com/openshift/api/security/v1 -# github.com/openshift/client-go v0.0.0-20260213141500-06efc6dce93b -## explicit; go 1.24.0 +# github.com/openshift/client-go v0.0.0-20260603140539-6892dc3e1ffc +## explicit; go 1.25.0 github.com/openshift/client-go/config/applyconfigurations/config/v1 github.com/openshift/client-go/config/applyconfigurations/internal github.com/openshift/client-go/config/clientset/versioned/scheme