diff --git a/.github/actions/deploy-keptn-on-cluster/action.yml b/.github/actions/deploy-keptn-on-cluster/action.yml index 90c8a584d8..2be44c6781 100644 --- a/.github/actions/deploy-keptn-on-cluster/action.yml +++ b/.github/actions/deploy-keptn-on-cluster/action.yml @@ -30,7 +30,7 @@ runs: using: "composite" steps: - name: Set up Go 1.x - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5 + uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5 with: go-version: ${{ env.GO_VERSION }} cache: true @@ -64,7 +64,7 @@ runs: if: inputs.cert-manager-io-enabled == 'cert_manager_io_on' env: # renovate: datasource=github-releases depName=cert-manager/cert-manager - CERT_MANAGER_IO_VERSION: "v1.15.3" + CERT_MANAGER_IO_VERSION: "v1.16.1" shell: bash run: | kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/$CERT_MANAGER_IO_VERSION/cert-manager.yaml diff --git a/.github/scripts/.helm-tests/Openshift/result.yaml b/.github/scripts/.helm-tests/Openshift/result.yaml index e350efd652..0eb2e83cfb 100644 --- a/.github/scripts/.helm-tests/Openshift/result.yaml +++ b/.github/scripts/.helm-tests/Openshift/result.yaml @@ -136,7 +136,7 @@ kind: CustomResourceDefinition metadata: name: keptnapps.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -560,7 +560,7 @@ kind: CustomResourceDefinition metadata: name: keptnappcontexts.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' labels: app.kubernetes.io/part-of: keptn @@ -773,7 +773,7 @@ kind: CustomResourceDefinition metadata: name: keptnappcreationrequests.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -922,7 +922,7 @@ kind: CustomResourceDefinition metadata: name: keptnappversions.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -2587,7 +2587,7 @@ kind: CustomResourceDefinition metadata: name: keptnconfigs.options.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -2675,7 +2675,7 @@ kind: CustomResourceDefinition metadata: name: keptnevaluations.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -3386,7 +3386,7 @@ kind: CustomResourceDefinition metadata: name: keptnevaluationdefinitions.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -3753,7 +3753,7 @@ kind: CustomResourceDefinition metadata: name: keptntasks.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -4519,7 +4519,7 @@ kind: CustomResourceDefinition metadata: name: keptntaskdefinitions.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -4591,6 +4591,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic command: description: |- Entrypoint array. Not executed within a shell. @@ -4604,6 +4605,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic env: description: |- List of environment variables to set in the container. @@ -4639,10 +4641,13 @@ spec: description: The key to select. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its @@ -4702,10 +4707,13 @@ spec: be a valid secret key. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -4720,6 +4728,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map envFrom: description: |- List of sources to populate environment variables in the container. @@ -4736,10 +4747,13 @@ spec: description: The ConfigMap to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap must be defined @@ -4754,10 +4768,13 @@ spec: description: The Secret to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret must be defined @@ -4766,6 +4783,7 @@ spec: x-kubernetes-map-type: atomic type: object type: array + x-kubernetes-list-type: atomic image: description: |- Container image name. @@ -4806,6 +4824,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -4835,6 +4854,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -4855,6 +4875,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -4903,6 +4934,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -4932,6 +4964,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -4952,6 +4985,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -4996,6 +5040,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -5012,11 +5057,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -5050,6 +5095,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -5206,6 +5252,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -5222,11 +5269,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -5260,6 +5307,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -5373,11 +5421,9 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. @@ -5388,6 +5434,12 @@ spec: the Pod where this field is used. It makes that resource available inside a container. type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string required: - name type: object @@ -5454,6 +5506,30 @@ spec: 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. type: boolean + appArmorProfile: + description: |- + appArmorProfile is the AppArmor options to use by this container. If set, this profile + overrides the pod's appArmorProfile. + Note that this field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: |- + localhostProfile indicates a profile loaded on the node that should be used. + The profile must be preconfigured on the node to work. + Must match the loaded name of the profile. + Must be set if and only if type is "Localhost". + type: string + type: + description: |- + type indicates which kind of AppArmor profile will be applied. + Valid options are: + Localhost - a profile pre-loaded on the node. + RuntimeDefault - the container runtime's default profile. + Unconfined - no AppArmor enforcement. + type: string + required: + - type + type: object capabilities: description: |- The capabilities to add/drop when running containers. @@ -5467,6 +5543,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic drop: description: Removed capabilities items: @@ -5474,6 +5551,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic type: object privileged: description: |- @@ -5485,7 +5563,7 @@ spec: procMount: description: |- procMount denotes the type of proc mount to use for the containers. - The default is DefaultProcMount which uses the container runtime defaults for + The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. @@ -5567,7 +5645,6 @@ spec: type indicates which kind of seccomp profile will be applied. Valid options are: - Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. @@ -5631,6 +5708,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -5647,11 +5725,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -5685,6 +5763,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -5826,6 +5905,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - devicePath + x-kubernetes-list-type: map volumeMounts: description: |- Pod volumes to mount into the container's filesystem. @@ -5845,6 +5927,8 @@ spec: to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). type: string name: description: This must match the Name of a Volume. @@ -5854,6 +5938,25 @@ spec: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string subPath: description: |- Path within the volume from which the container's volume should be mounted. @@ -5871,6 +5974,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - mountPath + x-kubernetes-list-type: map workingDir: description: |- Container's working directory. @@ -5963,10 +6069,13 @@ spec: referenced object inside the same namespace. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -6300,6 +6409,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic command: description: |- Entrypoint array. Not executed within a shell. @@ -6313,6 +6423,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic env: description: |- List of environment variables to set in the container. @@ -6348,10 +6459,13 @@ spec: description: The key to select. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its @@ -6411,10 +6525,13 @@ spec: be a valid secret key. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -6429,6 +6546,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map envFrom: description: |- List of sources to populate environment variables in the container. @@ -6445,10 +6565,13 @@ spec: description: The ConfigMap to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap must be defined @@ -6463,10 +6586,13 @@ spec: description: The Secret to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret must be defined @@ -6475,6 +6601,7 @@ spec: x-kubernetes-map-type: atomic type: object type: array + x-kubernetes-list-type: atomic image: description: |- Container image name. @@ -6515,6 +6642,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -6544,6 +6672,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -6564,6 +6693,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -6612,6 +6752,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -6641,6 +6782,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -6661,6 +6803,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -6705,6 +6858,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -6721,11 +6875,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -6759,6 +6913,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -6915,6 +7070,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -6931,11 +7087,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -6969,6 +7125,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -7082,11 +7239,9 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. @@ -7097,6 +7252,12 @@ spec: the Pod where this field is used. It makes that resource available inside a container. type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string required: - name type: object @@ -7163,6 +7324,30 @@ spec: 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. type: boolean + appArmorProfile: + description: |- + appArmorProfile is the AppArmor options to use by this container. If set, this profile + overrides the pod's appArmorProfile. + Note that this field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: |- + localhostProfile indicates a profile loaded on the node that should be used. + The profile must be preconfigured on the node to work. + Must match the loaded name of the profile. + Must be set if and only if type is "Localhost". + type: string + type: + description: |- + type indicates which kind of AppArmor profile will be applied. + Valid options are: + Localhost - a profile pre-loaded on the node. + RuntimeDefault - the container runtime's default profile. + Unconfined - no AppArmor enforcement. + type: string + required: + - type + type: object capabilities: description: |- The capabilities to add/drop when running containers. @@ -7176,6 +7361,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic drop: description: Removed capabilities items: @@ -7183,6 +7369,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic type: object privileged: description: |- @@ -7194,7 +7381,7 @@ spec: procMount: description: |- procMount denotes the type of proc mount to use for the containers. - The default is DefaultProcMount which uses the container runtime defaults for + The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. @@ -7276,7 +7463,6 @@ spec: type indicates which kind of seccomp profile will be applied. Valid options are: - Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. @@ -7340,6 +7526,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -7356,11 +7543,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -7394,6 +7581,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -7535,6 +7723,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - devicePath + x-kubernetes-list-type: map volumeMounts: description: |- Pod volumes to mount into the container's filesystem. @@ -7554,6 +7745,8 @@ spec: to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). type: string name: description: This must match the Name of a Volume. @@ -7563,6 +7756,25 @@ spec: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string subPath: description: |- Path within the volume from which the container's volume should be mounted. @@ -7580,6 +7792,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - mountPath + x-kubernetes-list-type: map workingDir: description: |- Container's working directory. @@ -7746,10 +7961,13 @@ spec: referenced object inside the same namespace. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -7931,6 +8149,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic command: description: |- Entrypoint array. Not executed within a shell. @@ -7944,6 +8163,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic env: description: |- List of environment variables to set in the container. @@ -7979,10 +8199,13 @@ spec: description: The key to select. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its @@ -8042,10 +8265,13 @@ spec: be a valid secret key. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -8060,6 +8286,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map envFrom: description: |- List of sources to populate environment variables in the container. @@ -8076,10 +8305,13 @@ spec: description: The ConfigMap to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap must be defined @@ -8094,10 +8326,13 @@ spec: description: The Secret to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret must be defined @@ -8106,6 +8341,7 @@ spec: x-kubernetes-map-type: atomic type: object type: array + x-kubernetes-list-type: atomic image: description: |- Container image name. @@ -8146,6 +8382,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -8175,6 +8412,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -8195,6 +8433,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -8243,6 +8492,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -8272,6 +8522,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -8292,6 +8543,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -8336,6 +8598,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -8352,11 +8615,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -8390,6 +8653,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -8546,6 +8810,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -8562,11 +8827,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -8600,6 +8865,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -8713,11 +8979,9 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. @@ -8728,6 +8992,12 @@ spec: the Pod where this field is used. It makes that resource available inside a container. type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string required: - name type: object @@ -8794,6 +9064,30 @@ spec: 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. type: boolean + appArmorProfile: + description: |- + appArmorProfile is the AppArmor options to use by this container. If set, this profile + overrides the pod's appArmorProfile. + Note that this field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: |- + localhostProfile indicates a profile loaded on the node that should be used. + The profile must be preconfigured on the node to work. + Must match the loaded name of the profile. + Must be set if and only if type is "Localhost". + type: string + type: + description: |- + type indicates which kind of AppArmor profile will be applied. + Valid options are: + Localhost - a profile pre-loaded on the node. + RuntimeDefault - the container runtime's default profile. + Unconfined - no AppArmor enforcement. + type: string + required: + - type + type: object capabilities: description: |- The capabilities to add/drop when running containers. @@ -8807,6 +9101,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic drop: description: Removed capabilities items: @@ -8814,6 +9109,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic type: object privileged: description: |- @@ -8825,7 +9121,7 @@ spec: procMount: description: |- procMount denotes the type of proc mount to use for the containers. - The default is DefaultProcMount which uses the container runtime defaults for + The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. @@ -8907,7 +9203,6 @@ spec: type indicates which kind of seccomp profile will be applied. Valid options are: - Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. @@ -8971,6 +9266,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -8987,11 +9283,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -9025,6 +9321,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -9166,6 +9463,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - devicePath + x-kubernetes-list-type: map volumeMounts: description: |- Pod volumes to mount into the container's filesystem. @@ -9185,6 +9485,8 @@ spec: to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). type: string name: description: This must match the Name of a Volume. @@ -9194,6 +9496,25 @@ spec: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string subPath: description: |- Path within the volume from which the container's volume should be mounted. @@ -9211,6 +9532,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - mountPath + x-kubernetes-list-type: map workingDir: description: |- Container's working directory. @@ -9377,10 +9701,13 @@ spec: referenced object inside the same namespace. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -9516,7 +9843,7 @@ kind: CustomResourceDefinition metadata: name: keptnworkloads.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -10056,7 +10383,7 @@ kind: CustomResourceDefinition metadata: name: keptnworkloadversions.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -11069,7 +11396,7 @@ kind: CustomResourceDefinition metadata: name: analyses.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: metrics.keptn.sh @@ -11587,7 +11914,7 @@ kind: CustomResourceDefinition metadata: name: analysisdefinitions.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: metrics.keptn.sh @@ -12618,7 +12945,7 @@ kind: CustomResourceDefinition metadata: name: analysisvaluetemplates.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: metrics.keptn.sh @@ -12827,7 +13154,7 @@ kind: CustomResourceDefinition metadata: name: keptnmetrics.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: metrics.keptn.sh @@ -13540,7 +13867,7 @@ kind: CustomResourceDefinition metadata: name: keptnmetricsproviders.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: metrics.keptn.sh @@ -13604,7 +13931,6 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined @@ -13670,7 +13996,6 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined @@ -13730,7 +14055,6 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined @@ -13797,7 +14121,6 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined @@ -13844,15 +14167,6 @@ rules: - admissionregistration.k8s.io resources: - mutatingwebhookconfigurations - verbs: - - get - - list - - patch - - update - - watch -- apiGroups: - - admissionregistration.k8s.io - resources: - validatingwebhookconfigurations verbs: - get @@ -14083,42 +14397,6 @@ metadata: app.kubernetes.io/version: v1.1.1 helm.sh/chart: lifecycle-operator-0.4.1 rules: -- apiGroups: - - apps - resources: - - daemonsets - - deployments - - replicasets - - statefulsets - verbs: - - get - - list - - watch -- apiGroups: - - argoproj.io - resources: - - rollouts - verbs: - - get - - list - - watch -- apiGroups: - - batch - resources: - - jobs - verbs: - - create - - get - - list - - update - - watch -- apiGroups: - - batch - resources: - - jobs/status - verbs: - - get - - list - apiGroups: - "" resources: @@ -14164,8 +14442,8 @@ rules: verbs: - get - list - - watch - update + - watch - apiGroups: - "" resources: @@ -14173,120 +14451,45 @@ rules: verbs: - get - apiGroups: - - lifecycle.keptn.sh + - apps resources: - - keptnappcontexts + - daemonsets + - deployments + - replicasets + - statefulsets verbs: - get - list - watch - apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappcreationrequests - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappcreationrequests/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappcreationrequests/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh + - argoproj.io resources: - - keptnapps + - rollouts verbs: - - create - - delete - get - list - - patch - - update - watch - apiGroups: - - lifecycle.keptn.sh - resources: - - keptnapps/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnapps/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh + - batch resources: - - keptnappversion + - jobs verbs: - create - - delete - get - list - - patch - update - watch - apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappversion/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappversion/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh + - batch resources: - - keptnappversions + - jobs/status verbs: - - create - - delete - get - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappversions/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappversions/status - verbs: - - get - - patch - - update - apiGroups: - lifecycle.keptn.sh resources: + - keptnappcontexts - keptnevaluationdefinitions verbs: - get @@ -14295,111 +14498,15 @@ rules: - apiGroups: - lifecycle.keptn.sh resources: + - keptnappcreationrequests + - keptnapps + - keptnappversion + - keptnappversions - keptnevaluations - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnevaluations/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnevaluations/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - keptntaskdefinitions - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptntaskdefinitions/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptntaskdefinitions/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - keptntasks - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptntasks/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptntasks/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnworkloadversions - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnworkloadversions/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnworkloadversions/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - keptnworkloads + - keptnworkloadversions verbs: - create - delete @@ -14411,13 +14518,29 @@ rules: - apiGroups: - lifecycle.keptn.sh resources: + - keptnappcreationrequests/finalizers + - keptnapps/finalizers + - keptnappversion/finalizers + - keptnappversions/finalizers + - keptnevaluations/finalizers + - keptntaskdefinitions/finalizers + - keptntasks/finalizers - keptnworkloads/finalizers + - keptnworkloadversions/finalizers verbs: - update - apiGroups: - lifecycle.keptn.sh resources: + - keptnappcreationrequests/status + - keptnapps/status + - keptnappversion/status + - keptnappversions/status + - keptnevaluations/status + - keptntaskdefinitions/status + - keptntasks/status - keptnworkloads/status + - keptnworkloadversions/status verbs: - get - patch @@ -14508,12 +14631,14 @@ rules: - metrics.keptn.sh resources: - analyses/finalizers + - keptnmetrics/finalizers verbs: - update - apiGroups: - metrics.keptn.sh resources: - analyses/status + - keptnmetrics/status verbs: - get - patch @@ -14522,51 +14647,9 @@ rules: - metrics.keptn.sh resources: - analysisdefinitions - verbs: - - get - - list - - watch - - apiGroups: - - metrics.keptn.sh - resources: - analysisvaluetemplates - verbs: - - get - - list - - watch - - apiGroups: - - metrics.keptn.sh - resources: - keptnmetrics - verbs: - - get - - list - - watch - - apiGroups: - - metrics.keptn.sh - resources: - - keptnmetrics/finalizers - verbs: - - update - - apiGroups: - - metrics.keptn.sh - resources: - - keptnmetrics/status - verbs: - - get - - patch - - update - - apiGroups: - - metrics.keptn.sh - resources: - keptnmetricsproviders - verbs: - - get - - list - - watch - - apiGroups: - - metrics.keptn.sh - resources: - providers verbs: - get diff --git a/.github/scripts/.helm-tests/certificates-only/result.yaml b/.github/scripts/.helm-tests/certificates-only/result.yaml index 9b3cfdeb1b..48aa988f55 100644 --- a/.github/scripts/.helm-tests/certificates-only/result.yaml +++ b/.github/scripts/.helm-tests/certificates-only/result.yaml @@ -31,15 +31,6 @@ rules: - admissionregistration.k8s.io resources: - mutatingwebhookconfigurations - verbs: - - get - - list - - patch - - update - - watch -- apiGroups: - - admissionregistration.k8s.io - resources: - validatingwebhookconfigurations verbs: - get diff --git a/.github/scripts/.helm-tests/default/result.yaml b/.github/scripts/.helm-tests/default/result.yaml index 6e6b07b557..e857b78864 100644 --- a/.github/scripts/.helm-tests/default/result.yaml +++ b/.github/scripts/.helm-tests/default/result.yaml @@ -136,7 +136,7 @@ kind: CustomResourceDefinition metadata: name: keptnapps.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -560,7 +560,7 @@ kind: CustomResourceDefinition metadata: name: keptnappcontexts.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' labels: app.kubernetes.io/part-of: keptn @@ -773,7 +773,7 @@ kind: CustomResourceDefinition metadata: name: keptnappcreationrequests.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -922,7 +922,7 @@ kind: CustomResourceDefinition metadata: name: keptnappversions.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -2587,7 +2587,7 @@ kind: CustomResourceDefinition metadata: name: keptnconfigs.options.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -2675,7 +2675,7 @@ kind: CustomResourceDefinition metadata: name: keptnevaluations.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -3386,7 +3386,7 @@ kind: CustomResourceDefinition metadata: name: keptnevaluationdefinitions.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -3753,7 +3753,7 @@ kind: CustomResourceDefinition metadata: name: keptntasks.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -4519,7 +4519,7 @@ kind: CustomResourceDefinition metadata: name: keptntaskdefinitions.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -4591,6 +4591,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic command: description: |- Entrypoint array. Not executed within a shell. @@ -4604,6 +4605,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic env: description: |- List of environment variables to set in the container. @@ -4639,10 +4641,13 @@ spec: description: The key to select. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its @@ -4702,10 +4707,13 @@ spec: be a valid secret key. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -4720,6 +4728,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map envFrom: description: |- List of sources to populate environment variables in the container. @@ -4736,10 +4747,13 @@ spec: description: The ConfigMap to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap must be defined @@ -4754,10 +4768,13 @@ spec: description: The Secret to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret must be defined @@ -4766,6 +4783,7 @@ spec: x-kubernetes-map-type: atomic type: object type: array + x-kubernetes-list-type: atomic image: description: |- Container image name. @@ -4806,6 +4824,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -4835,6 +4854,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -4855,6 +4875,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -4903,6 +4934,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -4932,6 +4964,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -4952,6 +4985,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -4996,6 +5040,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -5012,11 +5057,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -5050,6 +5095,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -5206,6 +5252,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -5222,11 +5269,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -5260,6 +5307,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -5373,11 +5421,9 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. @@ -5388,6 +5434,12 @@ spec: the Pod where this field is used. It makes that resource available inside a container. type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string required: - name type: object @@ -5454,6 +5506,30 @@ spec: 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. type: boolean + appArmorProfile: + description: |- + appArmorProfile is the AppArmor options to use by this container. If set, this profile + overrides the pod's appArmorProfile. + Note that this field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: |- + localhostProfile indicates a profile loaded on the node that should be used. + The profile must be preconfigured on the node to work. + Must match the loaded name of the profile. + Must be set if and only if type is "Localhost". + type: string + type: + description: |- + type indicates which kind of AppArmor profile will be applied. + Valid options are: + Localhost - a profile pre-loaded on the node. + RuntimeDefault - the container runtime's default profile. + Unconfined - no AppArmor enforcement. + type: string + required: + - type + type: object capabilities: description: |- The capabilities to add/drop when running containers. @@ -5467,6 +5543,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic drop: description: Removed capabilities items: @@ -5474,6 +5551,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic type: object privileged: description: |- @@ -5485,7 +5563,7 @@ spec: procMount: description: |- procMount denotes the type of proc mount to use for the containers. - The default is DefaultProcMount which uses the container runtime defaults for + The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. @@ -5567,7 +5645,6 @@ spec: type indicates which kind of seccomp profile will be applied. Valid options are: - Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. @@ -5631,6 +5708,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -5647,11 +5725,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -5685,6 +5763,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -5826,6 +5905,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - devicePath + x-kubernetes-list-type: map volumeMounts: description: |- Pod volumes to mount into the container's filesystem. @@ -5845,6 +5927,8 @@ spec: to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). type: string name: description: This must match the Name of a Volume. @@ -5854,6 +5938,25 @@ spec: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string subPath: description: |- Path within the volume from which the container's volume should be mounted. @@ -5871,6 +5974,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - mountPath + x-kubernetes-list-type: map workingDir: description: |- Container's working directory. @@ -5963,10 +6069,13 @@ spec: referenced object inside the same namespace. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -6300,6 +6409,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic command: description: |- Entrypoint array. Not executed within a shell. @@ -6313,6 +6423,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic env: description: |- List of environment variables to set in the container. @@ -6348,10 +6459,13 @@ spec: description: The key to select. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its @@ -6411,10 +6525,13 @@ spec: be a valid secret key. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -6429,6 +6546,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map envFrom: description: |- List of sources to populate environment variables in the container. @@ -6445,10 +6565,13 @@ spec: description: The ConfigMap to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap must be defined @@ -6463,10 +6586,13 @@ spec: description: The Secret to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret must be defined @@ -6475,6 +6601,7 @@ spec: x-kubernetes-map-type: atomic type: object type: array + x-kubernetes-list-type: atomic image: description: |- Container image name. @@ -6515,6 +6642,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -6544,6 +6672,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -6564,6 +6693,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -6612,6 +6752,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -6641,6 +6782,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -6661,6 +6803,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -6705,6 +6858,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -6721,11 +6875,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -6759,6 +6913,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -6915,6 +7070,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -6931,11 +7087,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -6969,6 +7125,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -7082,11 +7239,9 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. @@ -7097,6 +7252,12 @@ spec: the Pod where this field is used. It makes that resource available inside a container. type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string required: - name type: object @@ -7163,6 +7324,30 @@ spec: 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. type: boolean + appArmorProfile: + description: |- + appArmorProfile is the AppArmor options to use by this container. If set, this profile + overrides the pod's appArmorProfile. + Note that this field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: |- + localhostProfile indicates a profile loaded on the node that should be used. + The profile must be preconfigured on the node to work. + Must match the loaded name of the profile. + Must be set if and only if type is "Localhost". + type: string + type: + description: |- + type indicates which kind of AppArmor profile will be applied. + Valid options are: + Localhost - a profile pre-loaded on the node. + RuntimeDefault - the container runtime's default profile. + Unconfined - no AppArmor enforcement. + type: string + required: + - type + type: object capabilities: description: |- The capabilities to add/drop when running containers. @@ -7176,6 +7361,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic drop: description: Removed capabilities items: @@ -7183,6 +7369,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic type: object privileged: description: |- @@ -7194,7 +7381,7 @@ spec: procMount: description: |- procMount denotes the type of proc mount to use for the containers. - The default is DefaultProcMount which uses the container runtime defaults for + The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. @@ -7276,7 +7463,6 @@ spec: type indicates which kind of seccomp profile will be applied. Valid options are: - Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. @@ -7340,6 +7526,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -7356,11 +7543,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -7394,6 +7581,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -7535,6 +7723,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - devicePath + x-kubernetes-list-type: map volumeMounts: description: |- Pod volumes to mount into the container's filesystem. @@ -7554,6 +7745,8 @@ spec: to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). type: string name: description: This must match the Name of a Volume. @@ -7563,6 +7756,25 @@ spec: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string subPath: description: |- Path within the volume from which the container's volume should be mounted. @@ -7580,6 +7792,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - mountPath + x-kubernetes-list-type: map workingDir: description: |- Container's working directory. @@ -7746,10 +7961,13 @@ spec: referenced object inside the same namespace. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -7931,6 +8149,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic command: description: |- Entrypoint array. Not executed within a shell. @@ -7944,6 +8163,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic env: description: |- List of environment variables to set in the container. @@ -7979,10 +8199,13 @@ spec: description: The key to select. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its @@ -8042,10 +8265,13 @@ spec: be a valid secret key. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -8060,6 +8286,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map envFrom: description: |- List of sources to populate environment variables in the container. @@ -8076,10 +8305,13 @@ spec: description: The ConfigMap to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap must be defined @@ -8094,10 +8326,13 @@ spec: description: The Secret to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret must be defined @@ -8106,6 +8341,7 @@ spec: x-kubernetes-map-type: atomic type: object type: array + x-kubernetes-list-type: atomic image: description: |- Container image name. @@ -8146,6 +8382,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -8175,6 +8412,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -8195,6 +8433,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -8243,6 +8492,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -8272,6 +8522,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -8292,6 +8543,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -8336,6 +8598,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -8352,11 +8615,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -8390,6 +8653,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -8546,6 +8810,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -8562,11 +8827,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -8600,6 +8865,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -8713,11 +8979,9 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. @@ -8728,6 +8992,12 @@ spec: the Pod where this field is used. It makes that resource available inside a container. type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string required: - name type: object @@ -8794,6 +9064,30 @@ spec: 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. type: boolean + appArmorProfile: + description: |- + appArmorProfile is the AppArmor options to use by this container. If set, this profile + overrides the pod's appArmorProfile. + Note that this field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: |- + localhostProfile indicates a profile loaded on the node that should be used. + The profile must be preconfigured on the node to work. + Must match the loaded name of the profile. + Must be set if and only if type is "Localhost". + type: string + type: + description: |- + type indicates which kind of AppArmor profile will be applied. + Valid options are: + Localhost - a profile pre-loaded on the node. + RuntimeDefault - the container runtime's default profile. + Unconfined - no AppArmor enforcement. + type: string + required: + - type + type: object capabilities: description: |- The capabilities to add/drop when running containers. @@ -8807,6 +9101,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic drop: description: Removed capabilities items: @@ -8814,6 +9109,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic type: object privileged: description: |- @@ -8825,7 +9121,7 @@ spec: procMount: description: |- procMount denotes the type of proc mount to use for the containers. - The default is DefaultProcMount which uses the container runtime defaults for + The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. @@ -8907,7 +9203,6 @@ spec: type indicates which kind of seccomp profile will be applied. Valid options are: - Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. @@ -8971,6 +9266,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -8987,11 +9283,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -9025,6 +9321,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -9166,6 +9463,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - devicePath + x-kubernetes-list-type: map volumeMounts: description: |- Pod volumes to mount into the container's filesystem. @@ -9185,6 +9485,8 @@ spec: to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). type: string name: description: This must match the Name of a Volume. @@ -9194,6 +9496,25 @@ spec: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string subPath: description: |- Path within the volume from which the container's volume should be mounted. @@ -9211,6 +9532,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - mountPath + x-kubernetes-list-type: map workingDir: description: |- Container's working directory. @@ -9377,10 +9701,13 @@ spec: referenced object inside the same namespace. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -9516,7 +9843,7 @@ kind: CustomResourceDefinition metadata: name: keptnworkloads.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -10056,7 +10383,7 @@ kind: CustomResourceDefinition metadata: name: keptnworkloadversions.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -11069,7 +11396,7 @@ kind: CustomResourceDefinition metadata: name: analyses.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: metrics.keptn.sh @@ -11587,7 +11914,7 @@ kind: CustomResourceDefinition metadata: name: analysisdefinitions.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: metrics.keptn.sh @@ -12618,7 +12945,7 @@ kind: CustomResourceDefinition metadata: name: analysisvaluetemplates.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: metrics.keptn.sh @@ -12827,7 +13154,7 @@ kind: CustomResourceDefinition metadata: name: keptnmetrics.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: metrics.keptn.sh @@ -13540,7 +13867,7 @@ kind: CustomResourceDefinition metadata: name: keptnmetricsproviders.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: metrics.keptn.sh @@ -13604,7 +13931,6 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined @@ -13670,7 +13996,6 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined @@ -13730,7 +14055,6 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined @@ -13797,7 +14121,6 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined @@ -13844,15 +14167,6 @@ rules: - admissionregistration.k8s.io resources: - mutatingwebhookconfigurations - verbs: - - get - - list - - patch - - update - - watch -- apiGroups: - - admissionregistration.k8s.io - resources: - validatingwebhookconfigurations verbs: - get @@ -14083,42 +14397,6 @@ metadata: app.kubernetes.io/version: v1.1.1 helm.sh/chart: lifecycle-operator-0.4.1 rules: -- apiGroups: - - apps - resources: - - daemonsets - - deployments - - replicasets - - statefulsets - verbs: - - get - - list - - watch -- apiGroups: - - argoproj.io - resources: - - rollouts - verbs: - - get - - list - - watch -- apiGroups: - - batch - resources: - - jobs - verbs: - - create - - get - - list - - update - - watch -- apiGroups: - - batch - resources: - - jobs/status - verbs: - - get - - list - apiGroups: - "" resources: @@ -14164,8 +14442,8 @@ rules: verbs: - get - list - - watch - update + - watch - apiGroups: - "" resources: @@ -14173,120 +14451,45 @@ rules: verbs: - get - apiGroups: - - lifecycle.keptn.sh + - apps resources: - - keptnappcontexts + - daemonsets + - deployments + - replicasets + - statefulsets verbs: - get - list - watch - apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappcreationrequests - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappcreationrequests/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappcreationrequests/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh + - argoproj.io resources: - - keptnapps + - rollouts verbs: - - create - - delete - get - list - - patch - - update - watch - apiGroups: - - lifecycle.keptn.sh - resources: - - keptnapps/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnapps/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh + - batch resources: - - keptnappversion + - jobs verbs: - create - - delete - get - list - - patch - update - watch - apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappversion/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappversion/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh + - batch resources: - - keptnappversions + - jobs/status verbs: - - create - - delete - get - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappversions/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappversions/status - verbs: - - get - - patch - - update - apiGroups: - lifecycle.keptn.sh resources: + - keptnappcontexts - keptnevaluationdefinitions verbs: - get @@ -14295,111 +14498,15 @@ rules: - apiGroups: - lifecycle.keptn.sh resources: + - keptnappcreationrequests + - keptnapps + - keptnappversion + - keptnappversions - keptnevaluations - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnevaluations/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnevaluations/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - keptntaskdefinitions - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptntaskdefinitions/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptntaskdefinitions/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - keptntasks - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptntasks/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptntasks/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnworkloadversions - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnworkloadversions/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnworkloadversions/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - keptnworkloads + - keptnworkloadversions verbs: - create - delete @@ -14411,13 +14518,29 @@ rules: - apiGroups: - lifecycle.keptn.sh resources: + - keptnappcreationrequests/finalizers + - keptnapps/finalizers + - keptnappversion/finalizers + - keptnappversions/finalizers + - keptnevaluations/finalizers + - keptntaskdefinitions/finalizers + - keptntasks/finalizers - keptnworkloads/finalizers + - keptnworkloadversions/finalizers verbs: - update - apiGroups: - lifecycle.keptn.sh resources: + - keptnappcreationrequests/status + - keptnapps/status + - keptnappversion/status + - keptnappversions/status + - keptnevaluations/status + - keptntaskdefinitions/status + - keptntasks/status - keptnworkloads/status + - keptnworkloadversions/status verbs: - get - patch @@ -14508,12 +14631,14 @@ rules: - metrics.keptn.sh resources: - analyses/finalizers + - keptnmetrics/finalizers verbs: - update - apiGroups: - metrics.keptn.sh resources: - analyses/status + - keptnmetrics/status verbs: - get - patch @@ -14522,51 +14647,9 @@ rules: - metrics.keptn.sh resources: - analysisdefinitions - verbs: - - get - - list - - watch - - apiGroups: - - metrics.keptn.sh - resources: - analysisvaluetemplates - verbs: - - get - - list - - watch - - apiGroups: - - metrics.keptn.sh - resources: - keptnmetrics - verbs: - - get - - list - - watch - - apiGroups: - - metrics.keptn.sh - resources: - - keptnmetrics/finalizers - verbs: - - update - - apiGroups: - - metrics.keptn.sh - resources: - - keptnmetrics/status - verbs: - - get - - patch - - update - - apiGroups: - - metrics.keptn.sh - resources: - keptnmetricsproviders - verbs: - - get - - list - - watch - - apiGroups: - - metrics.keptn.sh - resources: - providers verbs: - get diff --git a/.github/scripts/.helm-tests/lifecycle-only/result.yaml b/.github/scripts/.helm-tests/lifecycle-only/result.yaml index f748667063..2668135d6e 100644 --- a/.github/scripts/.helm-tests/lifecycle-only/result.yaml +++ b/.github/scripts/.helm-tests/lifecycle-only/result.yaml @@ -82,7 +82,7 @@ kind: CustomResourceDefinition metadata: name: keptnapps.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -506,7 +506,7 @@ kind: CustomResourceDefinition metadata: name: keptnappcontexts.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' labels: app.kubernetes.io/part-of: keptn @@ -719,7 +719,7 @@ kind: CustomResourceDefinition metadata: name: keptnappcreationrequests.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -868,7 +868,7 @@ kind: CustomResourceDefinition metadata: name: keptnappversions.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -2533,7 +2533,7 @@ kind: CustomResourceDefinition metadata: name: keptnconfigs.options.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -2621,7 +2621,7 @@ kind: CustomResourceDefinition metadata: name: keptnevaluations.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -3332,7 +3332,7 @@ kind: CustomResourceDefinition metadata: name: keptnevaluationdefinitions.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -3699,7 +3699,7 @@ kind: CustomResourceDefinition metadata: name: keptntasks.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -4465,7 +4465,7 @@ kind: CustomResourceDefinition metadata: name: keptntaskdefinitions.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -4537,6 +4537,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic command: description: |- Entrypoint array. Not executed within a shell. @@ -4550,6 +4551,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic env: description: |- List of environment variables to set in the container. @@ -4585,10 +4587,13 @@ spec: description: The key to select. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its @@ -4648,10 +4653,13 @@ spec: be a valid secret key. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -4666,6 +4674,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map envFrom: description: |- List of sources to populate environment variables in the container. @@ -4682,10 +4693,13 @@ spec: description: The ConfigMap to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap must be defined @@ -4700,10 +4714,13 @@ spec: description: The Secret to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret must be defined @@ -4712,6 +4729,7 @@ spec: x-kubernetes-map-type: atomic type: object type: array + x-kubernetes-list-type: atomic image: description: |- Container image name. @@ -4752,6 +4770,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -4781,6 +4800,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -4801,6 +4821,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -4849,6 +4880,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -4878,6 +4910,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -4898,6 +4931,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -4942,6 +4986,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -4958,11 +5003,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -4996,6 +5041,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -5152,6 +5198,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -5168,11 +5215,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -5206,6 +5253,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -5319,11 +5367,9 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. @@ -5334,6 +5380,12 @@ spec: the Pod where this field is used. It makes that resource available inside a container. type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string required: - name type: object @@ -5400,6 +5452,30 @@ spec: 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. type: boolean + appArmorProfile: + description: |- + appArmorProfile is the AppArmor options to use by this container. If set, this profile + overrides the pod's appArmorProfile. + Note that this field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: |- + localhostProfile indicates a profile loaded on the node that should be used. + The profile must be preconfigured on the node to work. + Must match the loaded name of the profile. + Must be set if and only if type is "Localhost". + type: string + type: + description: |- + type indicates which kind of AppArmor profile will be applied. + Valid options are: + Localhost - a profile pre-loaded on the node. + RuntimeDefault - the container runtime's default profile. + Unconfined - no AppArmor enforcement. + type: string + required: + - type + type: object capabilities: description: |- The capabilities to add/drop when running containers. @@ -5413,6 +5489,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic drop: description: Removed capabilities items: @@ -5420,6 +5497,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic type: object privileged: description: |- @@ -5431,7 +5509,7 @@ spec: procMount: description: |- procMount denotes the type of proc mount to use for the containers. - The default is DefaultProcMount which uses the container runtime defaults for + The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. @@ -5513,7 +5591,6 @@ spec: type indicates which kind of seccomp profile will be applied. Valid options are: - Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. @@ -5577,6 +5654,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -5593,11 +5671,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -5631,6 +5709,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -5772,6 +5851,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - devicePath + x-kubernetes-list-type: map volumeMounts: description: |- Pod volumes to mount into the container's filesystem. @@ -5791,6 +5873,8 @@ spec: to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). type: string name: description: This must match the Name of a Volume. @@ -5800,6 +5884,25 @@ spec: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string subPath: description: |- Path within the volume from which the container's volume should be mounted. @@ -5817,6 +5920,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - mountPath + x-kubernetes-list-type: map workingDir: description: |- Container's working directory. @@ -5909,10 +6015,13 @@ spec: referenced object inside the same namespace. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -6246,6 +6355,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic command: description: |- Entrypoint array. Not executed within a shell. @@ -6259,6 +6369,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic env: description: |- List of environment variables to set in the container. @@ -6294,10 +6405,13 @@ spec: description: The key to select. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its @@ -6357,10 +6471,13 @@ spec: be a valid secret key. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -6375,6 +6492,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map envFrom: description: |- List of sources to populate environment variables in the container. @@ -6391,10 +6511,13 @@ spec: description: The ConfigMap to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap must be defined @@ -6409,10 +6532,13 @@ spec: description: The Secret to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret must be defined @@ -6421,6 +6547,7 @@ spec: x-kubernetes-map-type: atomic type: object type: array + x-kubernetes-list-type: atomic image: description: |- Container image name. @@ -6461,6 +6588,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -6490,6 +6618,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -6510,6 +6639,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -6558,6 +6698,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -6587,6 +6728,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -6607,6 +6749,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -6651,6 +6804,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -6667,11 +6821,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -6705,6 +6859,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -6861,6 +7016,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -6877,11 +7033,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -6915,6 +7071,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -7028,11 +7185,9 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. @@ -7043,6 +7198,12 @@ spec: the Pod where this field is used. It makes that resource available inside a container. type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string required: - name type: object @@ -7109,6 +7270,30 @@ spec: 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. type: boolean + appArmorProfile: + description: |- + appArmorProfile is the AppArmor options to use by this container. If set, this profile + overrides the pod's appArmorProfile. + Note that this field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: |- + localhostProfile indicates a profile loaded on the node that should be used. + The profile must be preconfigured on the node to work. + Must match the loaded name of the profile. + Must be set if and only if type is "Localhost". + type: string + type: + description: |- + type indicates which kind of AppArmor profile will be applied. + Valid options are: + Localhost - a profile pre-loaded on the node. + RuntimeDefault - the container runtime's default profile. + Unconfined - no AppArmor enforcement. + type: string + required: + - type + type: object capabilities: description: |- The capabilities to add/drop when running containers. @@ -7122,6 +7307,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic drop: description: Removed capabilities items: @@ -7129,6 +7315,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic type: object privileged: description: |- @@ -7140,7 +7327,7 @@ spec: procMount: description: |- procMount denotes the type of proc mount to use for the containers. - The default is DefaultProcMount which uses the container runtime defaults for + The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. @@ -7222,7 +7409,6 @@ spec: type indicates which kind of seccomp profile will be applied. Valid options are: - Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. @@ -7286,6 +7472,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -7302,11 +7489,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -7340,6 +7527,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -7481,6 +7669,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - devicePath + x-kubernetes-list-type: map volumeMounts: description: |- Pod volumes to mount into the container's filesystem. @@ -7500,6 +7691,8 @@ spec: to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). type: string name: description: This must match the Name of a Volume. @@ -7509,6 +7702,25 @@ spec: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string subPath: description: |- Path within the volume from which the container's volume should be mounted. @@ -7526,6 +7738,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - mountPath + x-kubernetes-list-type: map workingDir: description: |- Container's working directory. @@ -7692,10 +7907,13 @@ spec: referenced object inside the same namespace. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -7877,6 +8095,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic command: description: |- Entrypoint array. Not executed within a shell. @@ -7890,6 +8109,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic env: description: |- List of environment variables to set in the container. @@ -7925,10 +8145,13 @@ spec: description: The key to select. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its @@ -7988,10 +8211,13 @@ spec: be a valid secret key. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -8006,6 +8232,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map envFrom: description: |- List of sources to populate environment variables in the container. @@ -8022,10 +8251,13 @@ spec: description: The ConfigMap to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap must be defined @@ -8040,10 +8272,13 @@ spec: description: The Secret to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret must be defined @@ -8052,6 +8287,7 @@ spec: x-kubernetes-map-type: atomic type: object type: array + x-kubernetes-list-type: atomic image: description: |- Container image name. @@ -8092,6 +8328,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -8121,6 +8358,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -8141,6 +8379,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -8189,6 +8438,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -8218,6 +8468,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -8238,6 +8489,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -8282,6 +8544,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -8298,11 +8561,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -8336,6 +8599,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -8492,6 +8756,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -8508,11 +8773,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -8546,6 +8811,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -8659,11 +8925,9 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. @@ -8674,6 +8938,12 @@ spec: the Pod where this field is used. It makes that resource available inside a container. type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string required: - name type: object @@ -8740,6 +9010,30 @@ spec: 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. type: boolean + appArmorProfile: + description: |- + appArmorProfile is the AppArmor options to use by this container. If set, this profile + overrides the pod's appArmorProfile. + Note that this field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: |- + localhostProfile indicates a profile loaded on the node that should be used. + The profile must be preconfigured on the node to work. + Must match the loaded name of the profile. + Must be set if and only if type is "Localhost". + type: string + type: + description: |- + type indicates which kind of AppArmor profile will be applied. + Valid options are: + Localhost - a profile pre-loaded on the node. + RuntimeDefault - the container runtime's default profile. + Unconfined - no AppArmor enforcement. + type: string + required: + - type + type: object capabilities: description: |- The capabilities to add/drop when running containers. @@ -8753,6 +9047,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic drop: description: Removed capabilities items: @@ -8760,6 +9055,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic type: object privileged: description: |- @@ -8771,7 +9067,7 @@ spec: procMount: description: |- procMount denotes the type of proc mount to use for the containers. - The default is DefaultProcMount which uses the container runtime defaults for + The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. @@ -8853,7 +9149,6 @@ spec: type indicates which kind of seccomp profile will be applied. Valid options are: - Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. @@ -8917,6 +9212,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -8933,11 +9229,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -8971,6 +9267,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -9112,6 +9409,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - devicePath + x-kubernetes-list-type: map volumeMounts: description: |- Pod volumes to mount into the container's filesystem. @@ -9131,6 +9431,8 @@ spec: to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). type: string name: description: This must match the Name of a Volume. @@ -9140,6 +9442,25 @@ spec: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string subPath: description: |- Path within the volume from which the container's volume should be mounted. @@ -9157,6 +9478,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - mountPath + x-kubernetes-list-type: map workingDir: description: |- Container's working directory. @@ -9323,10 +9647,13 @@ spec: referenced object inside the same namespace. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -9462,7 +9789,7 @@ kind: CustomResourceDefinition metadata: name: keptnworkloads.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -10002,7 +10329,7 @@ kind: CustomResourceDefinition metadata: name: keptnworkloadversions.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -11213,42 +11540,6 @@ metadata: app.kubernetes.io/version: v1.1.1 helm.sh/chart: lifecycle-operator-0.4.1 rules: -- apiGroups: - - apps - resources: - - daemonsets - - deployments - - replicasets - - statefulsets - verbs: - - get - - list - - watch -- apiGroups: - - argoproj.io - resources: - - rollouts - verbs: - - get - - list - - watch -- apiGroups: - - batch - resources: - - jobs - verbs: - - create - - get - - list - - update - - watch -- apiGroups: - - batch - resources: - - jobs/status - verbs: - - get - - list - apiGroups: - "" resources: @@ -11294,8 +11585,8 @@ rules: verbs: - get - list - - watch - update + - watch - apiGroups: - "" resources: @@ -11303,120 +11594,45 @@ rules: verbs: - get - apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappcontexts - verbs: - - get - - list - - watch -- apiGroups: - - lifecycle.keptn.sh + - apps resources: - - keptnappcreationrequests + - daemonsets + - deployments + - replicasets + - statefulsets verbs: - - create - - delete - get - list - - patch - - update - watch - apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappcreationrequests/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappcreationrequests/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh + - argoproj.io resources: - - keptnapps + - rollouts verbs: - - create - - delete - get - list - - patch - - update - watch - apiGroups: - - lifecycle.keptn.sh - resources: - - keptnapps/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnapps/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh + - batch resources: - - keptnappversion + - jobs verbs: - create - - delete - get - list - - patch - update - watch - apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappversion/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappversion/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh + - batch resources: - - keptnappversions + - jobs/status verbs: - - create - - delete - get - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappversions/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappversions/status - verbs: - - get - - patch - - update - apiGroups: - lifecycle.keptn.sh resources: + - keptnappcontexts - keptnevaluationdefinitions verbs: - get @@ -11425,111 +11641,15 @@ rules: - apiGroups: - lifecycle.keptn.sh resources: + - keptnappcreationrequests + - keptnapps + - keptnappversion + - keptnappversions - keptnevaluations - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnevaluations/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnevaluations/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - keptntaskdefinitions - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptntaskdefinitions/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptntaskdefinitions/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - keptntasks - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptntasks/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptntasks/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnworkloadversions - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnworkloadversions/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnworkloadversions/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - keptnworkloads + - keptnworkloadversions verbs: - create - delete @@ -11541,13 +11661,29 @@ rules: - apiGroups: - lifecycle.keptn.sh resources: + - keptnappcreationrequests/finalizers + - keptnapps/finalizers + - keptnappversion/finalizers + - keptnappversions/finalizers + - keptnevaluations/finalizers + - keptntaskdefinitions/finalizers + - keptntasks/finalizers - keptnworkloads/finalizers + - keptnworkloadversions/finalizers verbs: - update - apiGroups: - lifecycle.keptn.sh resources: + - keptnappcreationrequests/status + - keptnapps/status + - keptnappversion/status + - keptnappversions/status + - keptnevaluations/status + - keptntaskdefinitions/status + - keptntasks/status - keptnworkloads/status + - keptnworkloadversions/status verbs: - get - patch @@ -11941,7 +12077,7 @@ spec: value: cluster.local - name: CERT_MANAGER_ENABLED value: "false" - image: ghcr.io/busybox:1.35 + image: ghcr.io/busybox:1.37 imagePullPolicy: Always name: lifecycle-operator ports: diff --git a/.github/scripts/.helm-tests/lifecycle-with-certs/result.yaml b/.github/scripts/.helm-tests/lifecycle-with-certs/result.yaml index 42e29a57b9..e2df6ee08f 100644 --- a/.github/scripts/.helm-tests/lifecycle-with-certs/result.yaml +++ b/.github/scripts/.helm-tests/lifecycle-with-certs/result.yaml @@ -97,7 +97,7 @@ kind: CustomResourceDefinition metadata: name: keptnapps.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -521,7 +521,7 @@ kind: CustomResourceDefinition metadata: name: keptnappcontexts.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' labels: app.kubernetes.io/part-of: keptn @@ -734,7 +734,7 @@ kind: CustomResourceDefinition metadata: name: keptnappcreationrequests.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -883,7 +883,7 @@ kind: CustomResourceDefinition metadata: name: keptnappversions.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -2548,7 +2548,7 @@ kind: CustomResourceDefinition metadata: name: keptnconfigs.options.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -2636,7 +2636,7 @@ kind: CustomResourceDefinition metadata: name: keptnevaluations.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -3347,7 +3347,7 @@ kind: CustomResourceDefinition metadata: name: keptnevaluationdefinitions.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -3714,7 +3714,7 @@ kind: CustomResourceDefinition metadata: name: keptntasks.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -4480,7 +4480,7 @@ kind: CustomResourceDefinition metadata: name: keptntaskdefinitions.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -4552,6 +4552,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic command: description: |- Entrypoint array. Not executed within a shell. @@ -4565,6 +4566,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic env: description: |- List of environment variables to set in the container. @@ -4600,10 +4602,13 @@ spec: description: The key to select. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its @@ -4663,10 +4668,13 @@ spec: be a valid secret key. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -4681,6 +4689,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map envFrom: description: |- List of sources to populate environment variables in the container. @@ -4697,10 +4708,13 @@ spec: description: The ConfigMap to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap must be defined @@ -4715,10 +4729,13 @@ spec: description: The Secret to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret must be defined @@ -4727,6 +4744,7 @@ spec: x-kubernetes-map-type: atomic type: object type: array + x-kubernetes-list-type: atomic image: description: |- Container image name. @@ -4767,6 +4785,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -4796,6 +4815,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -4816,6 +4836,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -4864,6 +4895,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -4893,6 +4925,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -4913,6 +4946,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -4957,6 +5001,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -4973,11 +5018,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -5011,6 +5056,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -5167,6 +5213,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -5183,11 +5230,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -5221,6 +5268,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -5334,11 +5382,9 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. @@ -5349,6 +5395,12 @@ spec: the Pod where this field is used. It makes that resource available inside a container. type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string required: - name type: object @@ -5415,6 +5467,30 @@ spec: 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. type: boolean + appArmorProfile: + description: |- + appArmorProfile is the AppArmor options to use by this container. If set, this profile + overrides the pod's appArmorProfile. + Note that this field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: |- + localhostProfile indicates a profile loaded on the node that should be used. + The profile must be preconfigured on the node to work. + Must match the loaded name of the profile. + Must be set if and only if type is "Localhost". + type: string + type: + description: |- + type indicates which kind of AppArmor profile will be applied. + Valid options are: + Localhost - a profile pre-loaded on the node. + RuntimeDefault - the container runtime's default profile. + Unconfined - no AppArmor enforcement. + type: string + required: + - type + type: object capabilities: description: |- The capabilities to add/drop when running containers. @@ -5428,6 +5504,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic drop: description: Removed capabilities items: @@ -5435,6 +5512,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic type: object privileged: description: |- @@ -5446,7 +5524,7 @@ spec: procMount: description: |- procMount denotes the type of proc mount to use for the containers. - The default is DefaultProcMount which uses the container runtime defaults for + The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. @@ -5528,7 +5606,6 @@ spec: type indicates which kind of seccomp profile will be applied. Valid options are: - Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. @@ -5592,6 +5669,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -5608,11 +5686,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -5646,6 +5724,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -5787,6 +5866,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - devicePath + x-kubernetes-list-type: map volumeMounts: description: |- Pod volumes to mount into the container's filesystem. @@ -5806,6 +5888,8 @@ spec: to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). type: string name: description: This must match the Name of a Volume. @@ -5815,6 +5899,25 @@ spec: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string subPath: description: |- Path within the volume from which the container's volume should be mounted. @@ -5832,6 +5935,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - mountPath + x-kubernetes-list-type: map workingDir: description: |- Container's working directory. @@ -5924,10 +6030,13 @@ spec: referenced object inside the same namespace. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -6261,6 +6370,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic command: description: |- Entrypoint array. Not executed within a shell. @@ -6274,6 +6384,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic env: description: |- List of environment variables to set in the container. @@ -6309,10 +6420,13 @@ spec: description: The key to select. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its @@ -6372,10 +6486,13 @@ spec: be a valid secret key. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -6390,6 +6507,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map envFrom: description: |- List of sources to populate environment variables in the container. @@ -6406,10 +6526,13 @@ spec: description: The ConfigMap to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap must be defined @@ -6424,10 +6547,13 @@ spec: description: The Secret to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret must be defined @@ -6436,6 +6562,7 @@ spec: x-kubernetes-map-type: atomic type: object type: array + x-kubernetes-list-type: atomic image: description: |- Container image name. @@ -6476,6 +6603,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -6505,6 +6633,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -6525,6 +6654,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -6573,6 +6713,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -6602,6 +6743,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -6622,6 +6764,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -6666,6 +6819,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -6682,11 +6836,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -6720,6 +6874,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -6876,6 +7031,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -6892,11 +7048,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -6930,6 +7086,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -7043,11 +7200,9 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. @@ -7058,6 +7213,12 @@ spec: the Pod where this field is used. It makes that resource available inside a container. type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string required: - name type: object @@ -7124,6 +7285,30 @@ spec: 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. type: boolean + appArmorProfile: + description: |- + appArmorProfile is the AppArmor options to use by this container. If set, this profile + overrides the pod's appArmorProfile. + Note that this field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: |- + localhostProfile indicates a profile loaded on the node that should be used. + The profile must be preconfigured on the node to work. + Must match the loaded name of the profile. + Must be set if and only if type is "Localhost". + type: string + type: + description: |- + type indicates which kind of AppArmor profile will be applied. + Valid options are: + Localhost - a profile pre-loaded on the node. + RuntimeDefault - the container runtime's default profile. + Unconfined - no AppArmor enforcement. + type: string + required: + - type + type: object capabilities: description: |- The capabilities to add/drop when running containers. @@ -7137,6 +7322,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic drop: description: Removed capabilities items: @@ -7144,6 +7330,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic type: object privileged: description: |- @@ -7155,7 +7342,7 @@ spec: procMount: description: |- procMount denotes the type of proc mount to use for the containers. - The default is DefaultProcMount which uses the container runtime defaults for + The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. @@ -7237,7 +7424,6 @@ spec: type indicates which kind of seccomp profile will be applied. Valid options are: - Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. @@ -7301,6 +7487,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -7317,11 +7504,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -7355,6 +7542,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -7496,6 +7684,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - devicePath + x-kubernetes-list-type: map volumeMounts: description: |- Pod volumes to mount into the container's filesystem. @@ -7515,6 +7706,8 @@ spec: to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). type: string name: description: This must match the Name of a Volume. @@ -7524,6 +7717,25 @@ spec: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string subPath: description: |- Path within the volume from which the container's volume should be mounted. @@ -7541,6 +7753,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - mountPath + x-kubernetes-list-type: map workingDir: description: |- Container's working directory. @@ -7707,10 +7922,13 @@ spec: referenced object inside the same namespace. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -7892,6 +8110,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic command: description: |- Entrypoint array. Not executed within a shell. @@ -7905,6 +8124,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic env: description: |- List of environment variables to set in the container. @@ -7940,10 +8160,13 @@ spec: description: The key to select. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its @@ -8003,10 +8226,13 @@ spec: be a valid secret key. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -8021,6 +8247,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map envFrom: description: |- List of sources to populate environment variables in the container. @@ -8037,10 +8266,13 @@ spec: description: The ConfigMap to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap must be defined @@ -8055,10 +8287,13 @@ spec: description: The Secret to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret must be defined @@ -8067,6 +8302,7 @@ spec: x-kubernetes-map-type: atomic type: object type: array + x-kubernetes-list-type: atomic image: description: |- Container image name. @@ -8107,6 +8343,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -8136,6 +8373,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -8156,6 +8394,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -8204,6 +8453,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -8233,6 +8483,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -8253,6 +8504,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -8297,6 +8559,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -8313,11 +8576,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -8351,6 +8614,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -8507,6 +8771,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -8523,11 +8788,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -8561,6 +8826,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -8674,11 +8940,9 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. @@ -8689,6 +8953,12 @@ spec: the Pod where this field is used. It makes that resource available inside a container. type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string required: - name type: object @@ -8755,6 +9025,30 @@ spec: 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. type: boolean + appArmorProfile: + description: |- + appArmorProfile is the AppArmor options to use by this container. If set, this profile + overrides the pod's appArmorProfile. + Note that this field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: |- + localhostProfile indicates a profile loaded on the node that should be used. + The profile must be preconfigured on the node to work. + Must match the loaded name of the profile. + Must be set if and only if type is "Localhost". + type: string + type: + description: |- + type indicates which kind of AppArmor profile will be applied. + Valid options are: + Localhost - a profile pre-loaded on the node. + RuntimeDefault - the container runtime's default profile. + Unconfined - no AppArmor enforcement. + type: string + required: + - type + type: object capabilities: description: |- The capabilities to add/drop when running containers. @@ -8768,6 +9062,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic drop: description: Removed capabilities items: @@ -8775,6 +9070,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic type: object privileged: description: |- @@ -8786,7 +9082,7 @@ spec: procMount: description: |- procMount denotes the type of proc mount to use for the containers. - The default is DefaultProcMount which uses the container runtime defaults for + The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. @@ -8868,7 +9164,6 @@ spec: type indicates which kind of seccomp profile will be applied. Valid options are: - Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. @@ -8932,6 +9227,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -8948,11 +9244,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -8986,6 +9282,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -9127,6 +9424,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - devicePath + x-kubernetes-list-type: map volumeMounts: description: |- Pod volumes to mount into the container's filesystem. @@ -9146,6 +9446,8 @@ spec: to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). type: string name: description: This must match the Name of a Volume. @@ -9155,6 +9457,25 @@ spec: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string subPath: description: |- Path within the volume from which the container's volume should be mounted. @@ -9172,6 +9493,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - mountPath + x-kubernetes-list-type: map workingDir: description: |- Container's working directory. @@ -9338,10 +9662,13 @@ spec: referenced object inside the same namespace. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -9477,7 +9804,7 @@ kind: CustomResourceDefinition metadata: name: keptnworkloads.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -10017,7 +10344,7 @@ kind: CustomResourceDefinition metadata: name: keptnworkloadversions.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -11041,15 +11368,6 @@ rules: - admissionregistration.k8s.io resources: - mutatingwebhookconfigurations - verbs: - - get - - list - - patch - - update - - watch -- apiGroups: - - admissionregistration.k8s.io - resources: - validatingwebhookconfigurations verbs: - get @@ -11280,42 +11598,6 @@ metadata: app.kubernetes.io/version: v1.1.1 helm.sh/chart: lifecycle-operator-0.4.1 rules: -- apiGroups: - - apps - resources: - - daemonsets - - deployments - - replicasets - - statefulsets - verbs: - - get - - list - - watch -- apiGroups: - - argoproj.io - resources: - - rollouts - verbs: - - get - - list - - watch -- apiGroups: - - batch - resources: - - jobs - verbs: - - create - - get - - list - - update - - watch -- apiGroups: - - batch - resources: - - jobs/status - verbs: - - get - - list - apiGroups: - "" resources: @@ -11361,8 +11643,8 @@ rules: verbs: - get - list - - watch - update + - watch - apiGroups: - "" resources: @@ -11370,120 +11652,45 @@ rules: verbs: - get - apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappcontexts - verbs: - - get - - list - - watch -- apiGroups: - - lifecycle.keptn.sh + - apps resources: - - keptnappcreationrequests + - daemonsets + - deployments + - replicasets + - statefulsets verbs: - - create - - delete - get - list - - patch - - update - watch - apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappcreationrequests/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappcreationrequests/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh + - argoproj.io resources: - - keptnapps + - rollouts verbs: - - create - - delete - get - list - - patch - - update - watch - apiGroups: - - lifecycle.keptn.sh - resources: - - keptnapps/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnapps/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh + - batch resources: - - keptnappversion + - jobs verbs: - create - - delete - get - list - - patch - update - watch - apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappversion/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappversion/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh + - batch resources: - - keptnappversions + - jobs/status verbs: - - create - - delete - get - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappversions/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappversions/status - verbs: - - get - - patch - - update - apiGroups: - lifecycle.keptn.sh resources: + - keptnappcontexts - keptnevaluationdefinitions verbs: - get @@ -11492,111 +11699,15 @@ rules: - apiGroups: - lifecycle.keptn.sh resources: + - keptnappcreationrequests + - keptnapps + - keptnappversion + - keptnappversions - keptnevaluations - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnevaluations/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnevaluations/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - keptntaskdefinitions - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptntaskdefinitions/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptntaskdefinitions/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - keptntasks - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptntasks/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptntasks/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnworkloadversions - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnworkloadversions/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnworkloadversions/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - keptnworkloads + - keptnworkloadversions verbs: - create - delete @@ -11608,13 +11719,29 @@ rules: - apiGroups: - lifecycle.keptn.sh resources: + - keptnappcreationrequests/finalizers + - keptnapps/finalizers + - keptnappversion/finalizers + - keptnappversions/finalizers + - keptnevaluations/finalizers + - keptntaskdefinitions/finalizers + - keptntasks/finalizers - keptnworkloads/finalizers + - keptnworkloadversions/finalizers verbs: - update - apiGroups: - lifecycle.keptn.sh resources: + - keptnappcreationrequests/status + - keptnapps/status + - keptnappversion/status + - keptnappversions/status + - keptnevaluations/status + - keptntaskdefinitions/status + - keptntasks/status - keptnworkloads/status + - keptnworkloadversions/status verbs: - get - patch diff --git a/.github/scripts/.helm-tests/local-global-precedence/result.yaml b/.github/scripts/.helm-tests/local-global-precedence/result.yaml index ceffb73ab7..5af4e65a7b 100644 --- a/.github/scripts/.helm-tests/local-global-precedence/result.yaml +++ b/.github/scripts/.helm-tests/local-global-precedence/result.yaml @@ -177,7 +177,7 @@ kind: CustomResourceDefinition metadata: name: keptnapps.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 caAnnotation1: hi globalAnnotation1: test1 globalAnnotation2: test2 @@ -607,7 +607,7 @@ kind: CustomResourceDefinition metadata: name: keptnappcontexts.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' globalAnnotation1: test1 globalAnnotation2: test2 @@ -825,7 +825,7 @@ kind: CustomResourceDefinition metadata: name: keptnappcreationrequests.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 caAnnotation1: hi globalAnnotation1: test1 globalAnnotation2: test2 @@ -980,7 +980,7 @@ kind: CustomResourceDefinition metadata: name: keptnappversions.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 caAnnotation1: hi globalAnnotation1: test1 globalAnnotation2: test2 @@ -2651,7 +2651,7 @@ kind: CustomResourceDefinition metadata: name: keptnconfigs.options.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 caAnnotation1: hi globalAnnotation1: test1 globalAnnotation2: test2 @@ -2745,7 +2745,7 @@ kind: CustomResourceDefinition metadata: name: keptnevaluations.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 caAnnotation1: hi globalAnnotation1: test1 globalAnnotation2: test2 @@ -3462,7 +3462,7 @@ kind: CustomResourceDefinition metadata: name: keptnevaluationdefinitions.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 caAnnotation1: hi globalAnnotation1: test1 globalAnnotation2: test2 @@ -3835,7 +3835,7 @@ kind: CustomResourceDefinition metadata: name: keptntasks.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 caAnnotation1: hi globalAnnotation1: test1 globalAnnotation2: test2 @@ -4607,7 +4607,7 @@ kind: CustomResourceDefinition metadata: name: keptntaskdefinitions.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 caAnnotation1: hi globalAnnotation1: test1 globalAnnotation2: test2 @@ -4685,6 +4685,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic command: description: |- Entrypoint array. Not executed within a shell. @@ -4698,6 +4699,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic env: description: |- List of environment variables to set in the container. @@ -4733,10 +4735,13 @@ spec: description: The key to select. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its @@ -4796,10 +4801,13 @@ spec: be a valid secret key. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -4814,6 +4822,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map envFrom: description: |- List of sources to populate environment variables in the container. @@ -4830,10 +4841,13 @@ spec: description: The ConfigMap to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap must be defined @@ -4848,10 +4862,13 @@ spec: description: The Secret to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret must be defined @@ -4860,6 +4877,7 @@ spec: x-kubernetes-map-type: atomic type: object type: array + x-kubernetes-list-type: atomic image: description: |- Container image name. @@ -4900,6 +4918,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -4929,6 +4948,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -4949,6 +4969,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -4997,6 +5028,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -5026,6 +5058,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -5046,6 +5079,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -5090,6 +5134,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -5106,11 +5151,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -5144,6 +5189,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -5300,6 +5346,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -5316,11 +5363,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -5354,6 +5401,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -5467,11 +5515,9 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. @@ -5482,6 +5528,12 @@ spec: the Pod where this field is used. It makes that resource available inside a container. type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string required: - name type: object @@ -5548,6 +5600,30 @@ spec: 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. type: boolean + appArmorProfile: + description: |- + appArmorProfile is the AppArmor options to use by this container. If set, this profile + overrides the pod's appArmorProfile. + Note that this field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: |- + localhostProfile indicates a profile loaded on the node that should be used. + The profile must be preconfigured on the node to work. + Must match the loaded name of the profile. + Must be set if and only if type is "Localhost". + type: string + type: + description: |- + type indicates which kind of AppArmor profile will be applied. + Valid options are: + Localhost - a profile pre-loaded on the node. + RuntimeDefault - the container runtime's default profile. + Unconfined - no AppArmor enforcement. + type: string + required: + - type + type: object capabilities: description: |- The capabilities to add/drop when running containers. @@ -5561,6 +5637,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic drop: description: Removed capabilities items: @@ -5568,6 +5645,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic type: object privileged: description: |- @@ -5579,7 +5657,7 @@ spec: procMount: description: |- procMount denotes the type of proc mount to use for the containers. - The default is DefaultProcMount which uses the container runtime defaults for + The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. @@ -5661,7 +5739,6 @@ spec: type indicates which kind of seccomp profile will be applied. Valid options are: - Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. @@ -5725,6 +5802,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -5741,11 +5819,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -5779,6 +5857,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -5920,6 +5999,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - devicePath + x-kubernetes-list-type: map volumeMounts: description: |- Pod volumes to mount into the container's filesystem. @@ -5939,6 +6021,8 @@ spec: to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). type: string name: description: This must match the Name of a Volume. @@ -5948,6 +6032,25 @@ spec: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string subPath: description: |- Path within the volume from which the container's volume should be mounted. @@ -5965,6 +6068,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - mountPath + x-kubernetes-list-type: map workingDir: description: |- Container's working directory. @@ -6057,10 +6163,13 @@ spec: referenced object inside the same namespace. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -6394,6 +6503,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic command: description: |- Entrypoint array. Not executed within a shell. @@ -6407,6 +6517,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic env: description: |- List of environment variables to set in the container. @@ -6442,10 +6553,13 @@ spec: description: The key to select. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its @@ -6505,10 +6619,13 @@ spec: be a valid secret key. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -6523,6 +6640,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map envFrom: description: |- List of sources to populate environment variables in the container. @@ -6539,10 +6659,13 @@ spec: description: The ConfigMap to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap must be defined @@ -6557,10 +6680,13 @@ spec: description: The Secret to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret must be defined @@ -6569,6 +6695,7 @@ spec: x-kubernetes-map-type: atomic type: object type: array + x-kubernetes-list-type: atomic image: description: |- Container image name. @@ -6609,6 +6736,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -6638,6 +6766,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -6658,6 +6787,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -6706,6 +6846,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -6735,6 +6876,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -6755,6 +6897,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -6799,6 +6952,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -6815,11 +6969,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -6853,6 +7007,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -7009,6 +7164,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -7025,11 +7181,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -7063,6 +7219,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -7176,11 +7333,9 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. @@ -7191,6 +7346,12 @@ spec: the Pod where this field is used. It makes that resource available inside a container. type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string required: - name type: object @@ -7257,6 +7418,30 @@ spec: 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. type: boolean + appArmorProfile: + description: |- + appArmorProfile is the AppArmor options to use by this container. If set, this profile + overrides the pod's appArmorProfile. + Note that this field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: |- + localhostProfile indicates a profile loaded on the node that should be used. + The profile must be preconfigured on the node to work. + Must match the loaded name of the profile. + Must be set if and only if type is "Localhost". + type: string + type: + description: |- + type indicates which kind of AppArmor profile will be applied. + Valid options are: + Localhost - a profile pre-loaded on the node. + RuntimeDefault - the container runtime's default profile. + Unconfined - no AppArmor enforcement. + type: string + required: + - type + type: object capabilities: description: |- The capabilities to add/drop when running containers. @@ -7270,6 +7455,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic drop: description: Removed capabilities items: @@ -7277,6 +7463,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic type: object privileged: description: |- @@ -7288,7 +7475,7 @@ spec: procMount: description: |- procMount denotes the type of proc mount to use for the containers. - The default is DefaultProcMount which uses the container runtime defaults for + The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. @@ -7370,7 +7557,6 @@ spec: type indicates which kind of seccomp profile will be applied. Valid options are: - Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. @@ -7434,6 +7620,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -7450,11 +7637,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -7488,6 +7675,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -7629,6 +7817,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - devicePath + x-kubernetes-list-type: map volumeMounts: description: |- Pod volumes to mount into the container's filesystem. @@ -7648,6 +7839,8 @@ spec: to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). type: string name: description: This must match the Name of a Volume. @@ -7657,6 +7850,25 @@ spec: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string subPath: description: |- Path within the volume from which the container's volume should be mounted. @@ -7674,6 +7886,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - mountPath + x-kubernetes-list-type: map workingDir: description: |- Container's working directory. @@ -7840,10 +8055,13 @@ spec: referenced object inside the same namespace. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -8025,6 +8243,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic command: description: |- Entrypoint array. Not executed within a shell. @@ -8038,6 +8257,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic env: description: |- List of environment variables to set in the container. @@ -8073,10 +8293,13 @@ spec: description: The key to select. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its @@ -8136,10 +8359,13 @@ spec: be a valid secret key. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -8154,6 +8380,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map envFrom: description: |- List of sources to populate environment variables in the container. @@ -8170,10 +8399,13 @@ spec: description: The ConfigMap to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap must be defined @@ -8188,10 +8420,13 @@ spec: description: The Secret to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret must be defined @@ -8200,6 +8435,7 @@ spec: x-kubernetes-map-type: atomic type: object type: array + x-kubernetes-list-type: atomic image: description: |- Container image name. @@ -8240,6 +8476,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -8269,6 +8506,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -8289,6 +8527,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -8337,6 +8586,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -8366,6 +8616,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -8386,6 +8637,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -8430,6 +8692,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -8446,11 +8709,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -8484,6 +8747,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -8640,6 +8904,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -8656,11 +8921,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -8694,6 +8959,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -8807,11 +9073,9 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. @@ -8822,6 +9086,12 @@ spec: the Pod where this field is used. It makes that resource available inside a container. type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string required: - name type: object @@ -8888,6 +9158,30 @@ spec: 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. type: boolean + appArmorProfile: + description: |- + appArmorProfile is the AppArmor options to use by this container. If set, this profile + overrides the pod's appArmorProfile. + Note that this field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: |- + localhostProfile indicates a profile loaded on the node that should be used. + The profile must be preconfigured on the node to work. + Must match the loaded name of the profile. + Must be set if and only if type is "Localhost". + type: string + type: + description: |- + type indicates which kind of AppArmor profile will be applied. + Valid options are: + Localhost - a profile pre-loaded on the node. + RuntimeDefault - the container runtime's default profile. + Unconfined - no AppArmor enforcement. + type: string + required: + - type + type: object capabilities: description: |- The capabilities to add/drop when running containers. @@ -8901,6 +9195,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic drop: description: Removed capabilities items: @@ -8908,6 +9203,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic type: object privileged: description: |- @@ -8919,7 +9215,7 @@ spec: procMount: description: |- procMount denotes the type of proc mount to use for the containers. - The default is DefaultProcMount which uses the container runtime defaults for + The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. @@ -9001,7 +9297,6 @@ spec: type indicates which kind of seccomp profile will be applied. Valid options are: - Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. @@ -9065,6 +9360,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -9081,11 +9377,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -9119,6 +9415,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -9260,6 +9557,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - devicePath + x-kubernetes-list-type: map volumeMounts: description: |- Pod volumes to mount into the container's filesystem. @@ -9279,6 +9579,8 @@ spec: to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). type: string name: description: This must match the Name of a Volume. @@ -9288,6 +9590,25 @@ spec: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string subPath: description: |- Path within the volume from which the container's volume should be mounted. @@ -9305,6 +9626,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - mountPath + x-kubernetes-list-type: map workingDir: description: |- Container's working directory. @@ -9471,10 +9795,13 @@ spec: referenced object inside the same namespace. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -9610,7 +9937,7 @@ kind: CustomResourceDefinition metadata: name: keptnworkloads.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 caAnnotation1: hi globalAnnotation1: test1 globalAnnotation2: test2 @@ -10156,7 +10483,7 @@ kind: CustomResourceDefinition metadata: name: keptnworkloadversions.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 caAnnotation1: hi globalAnnotation1: test1 globalAnnotation2: test2 @@ -11175,7 +11502,7 @@ kind: CustomResourceDefinition metadata: name: analyses.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 caAnnotation1: hi globalAnnotation1: test1 globalAnnotation2: test2 @@ -11699,7 +12026,7 @@ kind: CustomResourceDefinition metadata: name: analysisdefinitions.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 caAnnotation1: hi globalAnnotation1: test1 globalAnnotation2: test2 @@ -12736,7 +13063,7 @@ kind: CustomResourceDefinition metadata: name: analysisvaluetemplates.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 caAnnotation1: hi globalAnnotation1: test1 globalAnnotation2: test2 @@ -12951,7 +13278,7 @@ kind: CustomResourceDefinition metadata: name: keptnmetrics.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 caAnnotation1: hi globalAnnotation1: test1 globalAnnotation2: test2 @@ -13670,7 +13997,7 @@ kind: CustomResourceDefinition metadata: name: keptnmetricsproviders.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 caAnnotation1: hi globalAnnotation1: test1 globalAnnotation2: test2 @@ -13740,7 +14067,6 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined @@ -13806,7 +14132,6 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined @@ -13866,7 +14191,6 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined @@ -13933,7 +14257,6 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined @@ -13986,15 +14309,6 @@ rules: - admissionregistration.k8s.io resources: - mutatingwebhookconfigurations - verbs: - - get - - list - - patch - - update - - watch -- apiGroups: - - admissionregistration.k8s.io - resources: - validatingwebhookconfigurations verbs: - get @@ -14237,42 +14551,6 @@ metadata: globalLabel2: test2 helm.sh/chart: lifecycle-operator-0.4.1 rules: -- apiGroups: - - apps - resources: - - daemonsets - - deployments - - replicasets - - statefulsets - verbs: - - get - - list - - watch -- apiGroups: - - argoproj.io - resources: - - rollouts - verbs: - - get - - list - - watch -- apiGroups: - - batch - resources: - - jobs - verbs: - - create - - get - - list - - update - - watch -- apiGroups: - - batch - resources: - - jobs/status - verbs: - - get - - list - apiGroups: - "" resources: @@ -14318,8 +14596,8 @@ rules: verbs: - get - list - - watch - update + - watch - apiGroups: - "" resources: @@ -14327,120 +14605,45 @@ rules: verbs: - get - apiGroups: - - lifecycle.keptn.sh + - apps resources: - - keptnappcontexts + - daemonsets + - deployments + - replicasets + - statefulsets verbs: - get - list - watch - apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappcreationrequests - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappcreationrequests/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappcreationrequests/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh + - argoproj.io resources: - - keptnapps + - rollouts verbs: - - create - - delete - get - list - - patch - - update - watch - apiGroups: - - lifecycle.keptn.sh - resources: - - keptnapps/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnapps/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh + - batch resources: - - keptnappversion + - jobs verbs: - create - - delete - get - list - - patch - update - watch - apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappversion/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappversion/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh + - batch resources: - - keptnappversions + - jobs/status verbs: - - create - - delete - get - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappversions/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappversions/status - verbs: - - get - - patch - - update - apiGroups: - lifecycle.keptn.sh resources: + - keptnappcontexts - keptnevaluationdefinitions verbs: - get @@ -14449,111 +14652,15 @@ rules: - apiGroups: - lifecycle.keptn.sh resources: + - keptnappcreationrequests + - keptnapps + - keptnappversion + - keptnappversions - keptnevaluations - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnevaluations/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnevaluations/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - keptntaskdefinitions - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptntaskdefinitions/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptntaskdefinitions/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - keptntasks - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptntasks/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptntasks/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnworkloadversions - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnworkloadversions/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnworkloadversions/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - keptnworkloads + - keptnworkloadversions verbs: - create - delete @@ -14565,13 +14672,29 @@ rules: - apiGroups: - lifecycle.keptn.sh resources: + - keptnappcreationrequests/finalizers + - keptnapps/finalizers + - keptnappversion/finalizers + - keptnappversions/finalizers + - keptnevaluations/finalizers + - keptntaskdefinitions/finalizers + - keptntasks/finalizers - keptnworkloads/finalizers + - keptnworkloadversions/finalizers verbs: - update - apiGroups: - lifecycle.keptn.sh resources: + - keptnappcreationrequests/status + - keptnapps/status + - keptnappversion/status + - keptnappversions/status + - keptnevaluations/status + - keptntaskdefinitions/status + - keptntasks/status - keptnworkloads/status + - keptnworkloadversions/status verbs: - get - patch @@ -14674,12 +14797,14 @@ rules: - metrics.keptn.sh resources: - analyses/finalizers + - keptnmetrics/finalizers verbs: - update - apiGroups: - metrics.keptn.sh resources: - analyses/status + - keptnmetrics/status verbs: - get - patch @@ -14688,51 +14813,9 @@ rules: - metrics.keptn.sh resources: - analysisdefinitions - verbs: - - get - - list - - watch - - apiGroups: - - metrics.keptn.sh - resources: - analysisvaluetemplates - verbs: - - get - - list - - watch - - apiGroups: - - metrics.keptn.sh - resources: - keptnmetrics - verbs: - - get - - list - - watch - - apiGroups: - - metrics.keptn.sh - resources: - - keptnmetrics/finalizers - verbs: - - update - - apiGroups: - - metrics.keptn.sh - resources: - - keptnmetrics/status - verbs: - - get - - patch - - update - - apiGroups: - - metrics.keptn.sh - resources: - keptnmetricsproviders - verbs: - - get - - list - - watch - - apiGroups: - - metrics.keptn.sh - resources: - providers verbs: - get diff --git a/.github/scripts/.helm-tests/metrics-only-with-apiservice-disabled/result.yaml b/.github/scripts/.helm-tests/metrics-only-with-apiservice-disabled/result.yaml index 8de7db5937..b86decd77c 100644 --- a/.github/scripts/.helm-tests/metrics-only-with-apiservice-disabled/result.yaml +++ b/.github/scripts/.helm-tests/metrics-only-with-apiservice-disabled/result.yaml @@ -44,7 +44,7 @@ kind: CustomResourceDefinition metadata: name: analyses.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: metrics.keptn.sh @@ -562,7 +562,7 @@ kind: CustomResourceDefinition metadata: name: analysisdefinitions.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: metrics.keptn.sh @@ -1593,7 +1593,7 @@ kind: CustomResourceDefinition metadata: name: analysisvaluetemplates.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: metrics.keptn.sh @@ -1802,7 +1802,7 @@ kind: CustomResourceDefinition metadata: name: keptnmetrics.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: metrics.keptn.sh @@ -2515,7 +2515,7 @@ kind: CustomResourceDefinition metadata: name: keptnmetricsproviders.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: metrics.keptn.sh @@ -2579,7 +2579,6 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined @@ -2645,7 +2644,6 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined @@ -2705,7 +2703,6 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined @@ -2772,7 +2769,6 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined @@ -2845,12 +2841,14 @@ rules: - metrics.keptn.sh resources: - analyses/finalizers + - keptnmetrics/finalizers verbs: - update - apiGroups: - metrics.keptn.sh resources: - analyses/status + - keptnmetrics/status verbs: - get - patch @@ -2859,51 +2857,9 @@ rules: - metrics.keptn.sh resources: - analysisdefinitions - verbs: - - get - - list - - watch - - apiGroups: - - metrics.keptn.sh - resources: - analysisvaluetemplates - verbs: - - get - - list - - watch - - apiGroups: - - metrics.keptn.sh - resources: - keptnmetrics - verbs: - - get - - list - - watch - - apiGroups: - - metrics.keptn.sh - resources: - - keptnmetrics/finalizers - verbs: - - update - - apiGroups: - - metrics.keptn.sh - resources: - - keptnmetrics/status - verbs: - - get - - patch - - update - - apiGroups: - - metrics.keptn.sh - resources: - keptnmetricsproviders - verbs: - - get - - list - - watch - - apiGroups: - - metrics.keptn.sh - resources: - providers verbs: - get diff --git a/.github/scripts/.helm-tests/metrics-only/result.yaml b/.github/scripts/.helm-tests/metrics-only/result.yaml index 0063042a31..310d4ae0ad 100644 --- a/.github/scripts/.helm-tests/metrics-only/result.yaml +++ b/.github/scripts/.helm-tests/metrics-only/result.yaml @@ -44,7 +44,7 @@ kind: CustomResourceDefinition metadata: name: analyses.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: metrics.keptn.sh @@ -562,7 +562,7 @@ kind: CustomResourceDefinition metadata: name: analysisdefinitions.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: metrics.keptn.sh @@ -1593,7 +1593,7 @@ kind: CustomResourceDefinition metadata: name: analysisvaluetemplates.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: metrics.keptn.sh @@ -1802,7 +1802,7 @@ kind: CustomResourceDefinition metadata: name: keptnmetrics.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: metrics.keptn.sh @@ -2515,7 +2515,7 @@ kind: CustomResourceDefinition metadata: name: keptnmetricsproviders.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: metrics.keptn.sh @@ -2579,7 +2579,6 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined @@ -2645,7 +2644,6 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined @@ -2705,7 +2703,6 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined @@ -2772,7 +2769,6 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined @@ -2845,12 +2841,14 @@ rules: - metrics.keptn.sh resources: - analyses/finalizers + - keptnmetrics/finalizers verbs: - update - apiGroups: - metrics.keptn.sh resources: - analyses/status + - keptnmetrics/status verbs: - get - patch @@ -2859,51 +2857,9 @@ rules: - metrics.keptn.sh resources: - analysisdefinitions - verbs: - - get - - list - - watch - - apiGroups: - - metrics.keptn.sh - resources: - analysisvaluetemplates - verbs: - - get - - list - - watch - - apiGroups: - - metrics.keptn.sh - resources: - keptnmetrics - verbs: - - get - - list - - watch - - apiGroups: - - metrics.keptn.sh - resources: - - keptnmetrics/finalizers - verbs: - - update - - apiGroups: - - metrics.keptn.sh - resources: - - keptnmetrics/status - verbs: - - get - - patch - - update - - apiGroups: - - metrics.keptn.sh - resources: - keptnmetricsproviders - verbs: - - get - - list - - watch - - apiGroups: - - metrics.keptn.sh - resources: - providers verbs: - get diff --git a/.github/scripts/.helm-tests/metrics-with-certs/result.yaml b/.github/scripts/.helm-tests/metrics-with-certs/result.yaml index fe75fffde2..c5fc30ca86 100644 --- a/.github/scripts/.helm-tests/metrics-with-certs/result.yaml +++ b/.github/scripts/.helm-tests/metrics-with-certs/result.yaml @@ -59,7 +59,7 @@ kind: CustomResourceDefinition metadata: name: analyses.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: metrics.keptn.sh @@ -577,7 +577,7 @@ kind: CustomResourceDefinition metadata: name: analysisdefinitions.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: metrics.keptn.sh @@ -1608,7 +1608,7 @@ kind: CustomResourceDefinition metadata: name: analysisvaluetemplates.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: metrics.keptn.sh @@ -1817,7 +1817,7 @@ kind: CustomResourceDefinition metadata: name: keptnmetrics.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: metrics.keptn.sh @@ -2530,7 +2530,7 @@ kind: CustomResourceDefinition metadata: name: keptnmetricsproviders.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: metrics.keptn.sh @@ -2594,7 +2594,6 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined @@ -2660,7 +2659,6 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined @@ -2720,7 +2718,6 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined @@ -2787,7 +2784,6 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined @@ -2834,15 +2830,6 @@ rules: - admissionregistration.k8s.io resources: - mutatingwebhookconfigurations - verbs: - - get - - list - - patch - - update - - watch -- apiGroups: - - admissionregistration.k8s.io - resources: - validatingwebhookconfigurations verbs: - get @@ -2912,12 +2899,14 @@ rules: - metrics.keptn.sh resources: - analyses/finalizers + - keptnmetrics/finalizers verbs: - update - apiGroups: - metrics.keptn.sh resources: - analyses/status + - keptnmetrics/status verbs: - get - patch @@ -2926,51 +2915,9 @@ rules: - metrics.keptn.sh resources: - analysisdefinitions - verbs: - - get - - list - - watch - - apiGroups: - - metrics.keptn.sh - resources: - analysisvaluetemplates - verbs: - - get - - list - - watch - - apiGroups: - - metrics.keptn.sh - resources: - keptnmetrics - verbs: - - get - - list - - watch - - apiGroups: - - metrics.keptn.sh - resources: - - keptnmetrics/finalizers - verbs: - - update - - apiGroups: - - metrics.keptn.sh - resources: - - keptnmetrics/status - verbs: - - get - - patch - - update - - apiGroups: - - metrics.keptn.sh - resources: - keptnmetricsproviders - verbs: - - get - - list - - watch - - apiGroups: - - metrics.keptn.sh - resources: - providers verbs: - get diff --git a/.github/workflows/CI.yaml b/.github/workflows/CI.yaml index 245caa42dd..41ee2d4d44 100644 --- a/.github/workflows/CI.yaml +++ b/.github/workflows/CI.yaml @@ -43,7 +43,7 @@ jobs: steps: - name: Check out code - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Extract branch name id: extract_branch @@ -91,10 +91,10 @@ jobs: folder: "keptn-cert-manager/" steps: - name: Check out code - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Set up Go 1.x - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5 + uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5 with: go-version: ${{ env.GO_VERSION }} cache: true @@ -140,11 +140,11 @@ jobs: folder: "keptn-cert-manager/" steps: - name: Check out code - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Cache build tools id: cache-build-tools - uses: actions/cache@3624ceb22c1c5a301c8db4169662070a689d9ea8 # v4 + uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4 with: path: ./${{ matrix.config.folder }}bin key: build-tools-${{ github.ref_name }} @@ -292,10 +292,10 @@ jobs: runs-on: ubuntu-24.04 steps: - name: Check out keptn repo - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Check out helm-charts repo - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: repository: 'keptn/lifecycle-toolkit-charts' path: ./helm-charts-repository diff --git a/.github/workflows/component-test.yml b/.github/workflows/component-test.yml index 38e1de5463..4fc3f4c86f 100644 --- a/.github/workflows/component-test.yml +++ b/.github/workflows/component-test.yml @@ -19,10 +19,10 @@ jobs: runs-on: ubuntu-24.04 steps: - name: Check out code - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Set up Go 1.x - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5 + uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5 with: go-version: ${{ env.GO_VERSION }} cache: true diff --git a/.github/workflows/e2e-test.yml b/.github/workflows/e2e-test.yml index 55592dec9e..b2c198f8c0 100644 --- a/.github/workflows/e2e-test.yml +++ b/.github/workflows/e2e-test.yml @@ -29,7 +29,7 @@ jobs: folder: "scheduler/" steps: - name: Check out code - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Setup cluster uses: ./.github/actions/deploy-keptn-on-cluster diff --git a/.github/workflows/golangci-lint.yml b/.github/workflows/golangci-lint.yml index 57655fdd63..d37a8534bd 100644 --- a/.github/workflows/golangci-lint.yml +++ b/.github/workflows/golangci-lint.yml @@ -41,9 +41,9 @@ jobs: folder: "keptn-cert-manager/" steps: - name: Check out code - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5 + - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5 with: go-version: ${{ env.GO_VERSION }} check-latest: true diff --git a/.github/workflows/htmltest.yaml b/.github/workflows/htmltest.yaml index fda4dd0c14..c6e9c1544a 100644 --- a/.github/workflows/htmltest.yaml +++ b/.github/workflows/htmltest.yaml @@ -25,13 +25,13 @@ jobs: # Steps represent a sequence of tasks that will be executed as part of the job steps: # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it - - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: submodules: true fetch-depth: 0 - name: Cache HTMLTest packages - uses: actions/cache@3624ceb22c1c5a301c8db4169662070a689d9ea8 # v4 + uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4 with: path: | tmp/.htmltest diff --git a/.github/workflows/integration-test-component.yml b/.github/workflows/integration-test-component.yml index 3807eabc21..b5b97d9563 100644 --- a/.github/workflows/integration-test-component.yml +++ b/.github/workflows/integration-test-component.yml @@ -26,7 +26,7 @@ jobs: runs-on: ubuntu-24.04 steps: - name: Check out code - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Setup cluster uses: ./.github/actions/deploy-keptn-on-cluster diff --git a/.github/workflows/integration-test.yml b/.github/workflows/integration-test.yml index e253fa7ff5..8c2d048e4c 100644 --- a/.github/workflows/integration-test.yml +++ b/.github/workflows/integration-test.yml @@ -30,7 +30,7 @@ jobs: runs-on: ubuntu-24.04 steps: - name: Check out code - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Setup cluster uses: ./.github/actions/deploy-keptn-on-cluster diff --git a/.github/workflows/load-test.yml b/.github/workflows/load-test.yml index 6a52e62bfa..206bc84281 100644 --- a/.github/workflows/load-test.yml +++ b/.github/workflows/load-test.yml @@ -24,11 +24,11 @@ jobs: runs-on: ubuntu-24.04 steps: - name: Check out code - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Cache build tools id: cache-build-tools - uses: actions/cache@3624ceb22c1c5a301c8db4169662070a689d9ea8 # v4 + uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4 with: path: /usr/local/bin/kube-burner key: kube-burner-${{ env.KUBE_BURNER_VERSION }} diff --git a/.github/workflows/markdown-checks.yaml b/.github/workflows/markdown-checks.yaml index e25ec67348..c513c79c24 100644 --- a/.github/workflows/markdown-checks.yaml +++ b/.github/workflows/markdown-checks.yaml @@ -32,7 +32,7 @@ jobs: markdown-link-check: runs-on: ubuntu-24.04 steps: - - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - uses: gaurav-nelson/github-action-markdown-link-check@5c5dfc0ac2e225883c0e5f03a85311ec2830d368 # v1 with: config-file: '.github/mlc_config.json' @@ -45,7 +45,7 @@ jobs: runs-on: ubuntu-24.04 steps: - name: Check out code - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Run TOC generation run: | @@ -72,10 +72,10 @@ jobs: runs-on: ubuntu-24.04 steps: - name: Check out code - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Set up Go 1.x - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5 + uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5 with: go-version: ${{ env.GO_VERSION }} check-latest: true diff --git a/.github/workflows/release-examples.yml b/.github/workflows/release-examples.yml index aadc2094b6..4034040197 100644 --- a/.github/workflows/release-examples.yml +++ b/.github/workflows/release-examples.yml @@ -26,10 +26,10 @@ jobs: runs-on: ubuntu-24.04 steps: - name: Checkout - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Checkout examples repo - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: repository: keptn-sandbox/lifecycle-toolkit-examples path: ${{ inputs.examples_dir }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index cca92c2782..fc9d7c8740 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -38,7 +38,7 @@ jobs: BUILD_TIME: ${{ steps.get_datetime.outputs.BUILD_TIME }} steps: - name: Checkout - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Extract branch name id: extract_branch @@ -148,7 +148,7 @@ jobs: DOCKER_BUILD_RECORD_UPLOAD: "false" steps: - name: Checkout - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: submodules: recursive diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 69ee2a360a..7f65ec0251 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -33,7 +33,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: persist-credentials: false @@ -68,6 +68,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@f779452ac5af1c261dce0346a8f964149f49322b # v3.26.13 + uses: github/codeql-action/upload-sarif@662472033e021d55d94146f66f6058822b0b39fd # v3.27.0 with: sarif_file: results.sarif diff --git a/.github/workflows/security-scans.yml b/.github/workflows/security-scans.yml index ea101ac83b..444d67168a 100644 --- a/.github/workflows/security-scans.yml +++ b/.github/workflows/security-scans.yml @@ -99,14 +99,14 @@ jobs: steps: - name: Set up Go if: matrix.tool == 'kubeconform' - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5 + uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5 with: go-version: ${{ env.GO_VERSION }} check-latest: true cache: false - name: Check out code - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: fetch-depth: 0 submodules: 'true' @@ -224,7 +224,7 @@ jobs: - "certificate-operator" steps: - name: Check out code - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: fetch-depth: 0 submodules: 'true' @@ -242,7 +242,7 @@ jobs: - name: Trivy image scan scheduler if: matrix.image == 'scheduler' - uses: aquasecurity/trivy-action@5681af892cd0f4997658e2bacc62bd0a894cf564 # 0.27.0 + uses: aquasecurity/trivy-action@915b19bbe73b92a6cf82a1bc12b087c9a19a5fe2 # 0.28.0 with: input: "images/${{ matrix.image }}-image.tar" severity: 'CRITICAL,HIGH' @@ -251,7 +251,7 @@ jobs: - name: Trivy image scan if: matrix.image != 'scheduler' - uses: aquasecurity/trivy-action@5681af892cd0f4997658e2bacc62bd0a894cf564 # 0.27.0 + uses: aquasecurity/trivy-action@915b19bbe73b92a6cf82a1bc12b087c9a19a5fe2 # 0.28.0 with: input: "images/${{ matrix.image }}-image.tar" severity: 'CRITICAL,HIGH' @@ -270,14 +270,14 @@ jobs: - "keptn-cert-manager" steps: - name: Set up Go 1.x - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5 + uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5 with: cache-dependency-path: ${{ matrix.artifact }}/go.sum go-version: ${{ env.GO_VERSION }} check-latest: true - name: Checkout Code - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Install govulncheck run: go install golang.org/x/vuln/cmd/govulncheck@latest diff --git a/.github/workflows/spell-checker.yml b/.github/workflows/spell-checker.yml index 4196ffafad..e2ccf51fa9 100644 --- a/.github/workflows/spell-checker.yml +++ b/.github/workflows/spell-checker.yml @@ -29,7 +29,7 @@ jobs: steps: - name: check-spelling id: spelling - uses: check-spelling/check-spelling@00c989c97749eb0cb2d256bdc55ac61b0096c6d3 # v0.0.22 + uses: check-spelling/check-spelling@2c9e4a85102fa9b6df3cb8bb5a8dc8bdc2fb2fea # v0.0.23 with: suppress_push_for_open_pull_request: ${{ github.actor != 'dependabot[bot]' && github.actor != 'renovate[bot]' && 1 }} checkout: true diff --git a/.github/workflows/validate-helm-chart.yml b/.github/workflows/validate-helm-chart.yml index 4d63a4f027..b156ef8f40 100644 --- a/.github/workflows/validate-helm-chart.yml +++ b/.github/workflows/validate-helm-chart.yml @@ -36,10 +36,10 @@ jobs: path: keptn-cert-manager/chart steps: - name: Check out code - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Set up Node - uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4 + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0 with: node-version: 16 @@ -73,7 +73,7 @@ jobs: runs-on: ubuntu-24.04 steps: - name: Check out code - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Check if Helm template is up to date run: make helm-test diff --git a/.github/workflows/yaml-checks.yaml b/.github/workflows/yaml-checks.yaml index 6601224486..501ac5d1a0 100644 --- a/.github/workflows/yaml-checks.yaml +++ b/.github/workflows/yaml-checks.yaml @@ -27,7 +27,7 @@ jobs: yamllint: runs-on: ubuntu-24.04 steps: - - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Lint YAML files run: make yamllint diff --git a/Makefile b/Makefile index df765e3b60..38ccf9dea3 100644 --- a/Makefile +++ b/Makefile @@ -1,7 +1,7 @@ # Image URL to use all building/pushing image targets # renovate: datasource=github-tags depName=kubernetes-sigs/kustomize -KUSTOMIZE_VERSION?=v5.4.3 +KUSTOMIZE_VERSION?=v5.5.0 CHART_APPVERSION ?= v2.2.0 # x-release-please-version # renovate: datasource=docker depName=cytopia/yamllint diff --git a/docs/Makefile b/docs/Makefile index 689f21bcbd..2779218c2a 100644 --- a/docs/Makefile +++ b/docs/Makefile @@ -1,7 +1,7 @@ ROOT_DIR := $(dir $(realpath $(lastword $(MAKEFILE_LIST)))) # renovate: datasource=docker depName=squidfunk/mkdocs-material -MKDOCS_DOCKER_IMAGE_VERSION=9.5.40 +MKDOCS_DOCKER_IMAGE_VERSION=9.5.42 MKDOCS_DOCKER_IMAGE=squidfunk/mkdocs-material INTERACTIVE:=$(shell [ -t 0 ] && echo 1) diff --git a/docs/docs/components/lifecycle-operator/keptn-apps.md b/docs/docs/components/lifecycle-operator/keptn-apps.md index f61c84ce02..9bccb1f513 100644 --- a/docs/docs/components/lifecycle-operator/keptn-apps.md +++ b/docs/docs/components/lifecycle-operator/keptn-apps.md @@ -137,3 +137,13 @@ annotation/label is populated: (in other words, neither the `keptn.sh/app` or `app.kubernetes.io/part-of` annotation/label is populated), one `KeptnApp` resource is created automatically for each workload. + +> **Note**: Keptn application discovery determines the name of the `KeptnWorkload` + by concatenating the values of the `app.kubernetes.io/name` (or `keptn.sh/workload`) + and `app.kubernetes.io/part-of` (or `keptn.sh/app`) annotations. + This means that when only workload and version annotations/labels are provided — without + the `keptn.sh/app` or `app.kubernetes.io/part-of` annotation — Keptn creates a `KeptnApp` + resource for each `KeptnWorkload`. + Consequently, observability traces will capture individual `KeptnWorkload` + resources, but they will not represent the combined workloads that make up the complete + deployed application. diff --git a/docs/docs/getting-started/assets/install01.png b/docs/docs/getting-started/assets/install01.png index a793d6a16e..71a96bb347 100644 Binary files a/docs/docs/getting-started/assets/install01.png and b/docs/docs/getting-started/assets/install01.png differ diff --git a/docs/docs/getting-started/observability.md b/docs/docs/getting-started/observability.md index a66e8e5eac..ab5a541069 100644 --- a/docs/docs/getting-started/observability.md +++ b/docs/docs/getting-started/observability.md @@ -277,9 +277,10 @@ So let's install new Observability components to help us: - [Cert manager](https://cert-manager.io): Jaeger requires cert-manager - [Jaeger](https://jaegertracing.io): Store and view DORA deployment traces +- [OpenTelemetry collector](https://opentelemetry.io/docs/collector/): Scrape metrics from the above DORA metrics endpoint + & forward to Prometheus. + In this guide, we will use the OTel collector that comes bundled with the Jaeger `allInOne` image. - [Prometheus](https://prometheus.io): Store DORA metrics -- [OpenTelemetry collector](https://opentelemetry.io/docs/collector/): - Scrape metrics from the above DORA metrics endpoint & forward to Prometheus - [Grafana](https://grafana.com) (and some prebuilt dashboards): Visualise the data ![add observability](./assets/install01.png) diff --git a/docs/docs/guides/integrate.md b/docs/docs/guides/integrate.md index e13c587bbe..237dfdaacb 100644 --- a/docs/docs/guides/integrate.md +++ b/docs/docs/guides/integrate.md @@ -135,6 +135,10 @@ annotation/label is populated: and your observability output traces the individual `Keptnworkload` resources but not the combined workloads that constitute your deployed application. +> **Note**: Keptn application discovery concatenates the values of the `app.kubernetes.io/name` (or +`keptn.sh/workload`) and `app.kubernetes.io/part-of` (or `keptn.sh/app`) annotation to determine the +name of the `KeptnWorkload`. + See [Keptn Applications and Keptn Workloads](../components/lifecycle-operator/keptn-apps.md) for architectural information about how `KeptnApp` and `KeptnWorkloads` diff --git a/examples/Makefile b/examples/Makefile index 069ac0049e..34d4e0cb65 100644 --- a/examples/Makefile +++ b/examples/Makefile @@ -1,5 +1,5 @@ # renovate: datasource=github-tags depName=jaegertracing/jaeger-operator -JAEGER_VERSION ?= v1.60.1 +JAEGER_VERSION ?= v1.62.0 TOOLKIT_NAMESPACE ?= keptn-system PODTATO_NAMESPACE ?= podtato-kubectl GRAFANA_PORT_FORWARD ?= 3000 diff --git a/examples/support/argo/Makefile b/examples/support/argo/Makefile index 94d2d6165b..38b6656b18 100644 --- a/examples/support/argo/Makefile +++ b/examples/support/argo/Makefile @@ -2,7 +2,7 @@ LFC_NAMESPACE ?= keptn-system PODTATO_NAMESPACE ?= podtato-kubectl ARGO_NAMESPACE ?= argocd # renovate: datasource=github-tags depName=argoproj/argo-cd -ARGO_VERSION ?= v2.12.4 +ARGO_VERSION ?= v2.12.6 ARGO_SECRET = $(shell kubectl -n ${ARGO_NAMESPACE} get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d; echo) .PHONY: install diff --git a/examples/support/metrics/deployment.yaml b/examples/support/metrics/deployment.yaml index cddcd8d4be..2b9e4d7e47 100644 --- a/examples/support/metrics/deployment.yaml +++ b/examples/support/metrics/deployment.yaml @@ -23,7 +23,7 @@ spec: terminationGracePeriodSeconds: 5 containers: - name: server - image: ghcr.io/podtato-head/entry:0.2.8 + image: ghcr.io/podtato-head/entry:0.3.0 imagePullPolicy: Always resources: limits: diff --git a/examples/support/observability/Makefile b/examples/support/observability/Makefile index 337bbae881..85df04220c 100644 --- a/examples/support/observability/Makefile +++ b/examples/support/observability/Makefile @@ -1,5 +1,5 @@ # renovate: datasource=github-tags depName=jaegertracing/jaeger-operator -JAEGER_VERSION ?= v1.60.1 +JAEGER_VERSION ?= v1.62.0 TOOLKIT_NAMESPACE ?= keptn-system PODTATO_NAMESPACE ?= podtato-kubectl GRAFANA_PORT_FORWARD ?= 3000 diff --git a/examples/support/observability/assets/podtatohead-deployment-evaluation/manifest.yaml b/examples/support/observability/assets/podtatohead-deployment-evaluation/manifest.yaml index 6d1de2c491..0d71810b41 100644 --- a/examples/support/observability/assets/podtatohead-deployment-evaluation/manifest.yaml +++ b/examples/support/observability/assets/podtatohead-deployment-evaluation/manifest.yaml @@ -33,7 +33,7 @@ spec: command: ['sh', '-c', 'sleep 30'] containers: - name: server - image: ghcr.io/podtato-head/entry:0.2.8 + image: ghcr.io/podtato-head/entry:0.3.0 imagePullPolicy: Always ports: - containerPort: 9000 @@ -86,7 +86,7 @@ spec: terminationGracePeriodSeconds: 5 containers: - name: server - image: ghcr.io/podtato-head/hat:0.2.8 + image: ghcr.io/podtato-head/hat:0.3.0 imagePullPolicy: Always ports: - containerPort: 9000 @@ -135,7 +135,7 @@ spec: terminationGracePeriodSeconds: 5 containers: - name: server - image: ghcr.io/podtato-head/left-leg:0.2.8 + image: ghcr.io/podtato-head/left-leg:0.3.0 imagePullPolicy: Always ports: - containerPort: 9000 @@ -184,7 +184,7 @@ spec: terminationGracePeriodSeconds: 5 containers: - name: server - image: ghcr.io/podtato-head/left-arm:0.2.8 + image: ghcr.io/podtato-head/left-arm:0.3.0 imagePullPolicy: Always ports: - containerPort: 9000 @@ -233,7 +233,7 @@ spec: terminationGracePeriodSeconds: 5 containers: - name: server - image: ghcr.io/podtato-head/right-leg:0.2.8 + image: ghcr.io/podtato-head/right-leg:0.3.0 imagePullPolicy: Always ports: - containerPort: 9000 @@ -282,7 +282,7 @@ spec: terminationGracePeriodSeconds: 5 containers: - name: server - image: ghcr.io/podtato-head/right-arm:0.2.8 + image: ghcr.io/podtato-head/right-arm:0.3.0 imagePullPolicy: Always ports: - containerPort: 9000 diff --git a/examples/support/observability/config/otel-collector.yaml b/examples/support/observability/config/otel-collector.yaml index 84fbc7b627..d2b59916a7 100644 --- a/examples/support/observability/config/otel-collector.yaml +++ b/examples/support/observability/config/otel-collector.yaml @@ -33,7 +33,7 @@ data: insecure: true prometheus: endpoint: 0.0.0.0:8889 - logging: + debug: service: extensions: [health_check] @@ -46,7 +46,7 @@ data: metrics: receivers: [otlp,prometheus] processors: [] - exporters: [prometheus, logging] + exporters: [prometheus, debug] --- apiVersion: v1 kind: Service @@ -104,7 +104,7 @@ spec: env: - name: GOGC value: "80" - image: otel/opentelemetry-collector:0.108.0 + image: otel/opentelemetry-collector:0.112.0 name: otel-collector resources: limits: diff --git a/keptn-cert-manager/Makefile b/keptn-cert-manager/Makefile index 729abbb1b0..1f35a2dc06 100644 --- a/keptn-cert-manager/Makefile +++ b/keptn-cert-manager/Makefile @@ -120,7 +120,7 @@ ENVTEST ?= $(LOCALBIN)/setup-envtest ## Tool Versions # renovate: datasource=github-tags depName=kubernetes-sigs/kustomize -KUSTOMIZE_VERSION?=v5.4.3 +KUSTOMIZE_VERSION?=v5.5.0 # renovate: datasource=github-releases depName=kubernetes-sigs/controller-tools CONTROLLER_TOOLS_VERSION?=v0.16.5 diff --git a/keptn-cert-manager/chart/templates/certificate-operator-rbac.yaml b/keptn-cert-manager/chart/templates/certificate-operator-rbac.yaml index d5d99c92c2..1e1e067567 100644 --- a/keptn-cert-manager/chart/templates/certificate-operator-rbac.yaml +++ b/keptn-cert-manager/chart/templates/certificate-operator-rbac.yaml @@ -44,15 +44,6 @@ rules: - admissionregistration.k8s.io resources: - mutatingwebhookconfigurations - verbs: - - get - - list - - patch - - update - - watch -- apiGroups: - - admissionregistration.k8s.io - resources: - validatingwebhookconfigurations verbs: - get diff --git a/keptn-cert-manager/config/rbac/role.yaml b/keptn-cert-manager/config/rbac/role.yaml index 9321894d7d..be9e903b12 100644 --- a/keptn-cert-manager/config/rbac/role.yaml +++ b/keptn-cert-manager/config/rbac/role.yaml @@ -8,15 +8,6 @@ rules: - admissionregistration.k8s.io resources: - mutatingwebhookconfigurations - verbs: - - get - - list - - patch - - update - - watch -- apiGroups: - - admissionregistration.k8s.io - resources: - validatingwebhookconfigurations verbs: - get diff --git a/keptn-cert-manager/controllers/keptnwebhookcontroller/webhook_cert_controller_test.go b/keptn-cert-manager/controllers/keptnwebhookcontroller/webhook_cert_controller_test.go index 5dae2e1454..23990f44a8 100644 --- a/keptn-cert-manager/controllers/keptnwebhookcontroller/webhook_cert_controller_test.go +++ b/keptn-cert-manager/controllers/keptnwebhookcontroller/webhook_cert_controller_test.go @@ -216,7 +216,7 @@ func TestReconcile(t *testing.T) { // crd 3 should not have a webhook conversion err = fakeClient.Get(context.TODO(), client.ObjectKey{Name: crd3.Name}, actualCrd) require.NoError(t, err) - assert.Empty(t, actualCrd.Spec.Conversion.Webhook) + require.Nil(t, actualCrd.Spec.Conversion) }) t.Run(`update crd and webhooks successfully with up-to-date secret`, func(t *testing.T) { @@ -272,7 +272,7 @@ func TestReconcile(t *testing.T) { // crd 3 should not have a webhook conversion err = fakeClient.Get(context.TODO(), client.ObjectKey{Name: crd3.Name}, actualCrd) require.NoError(t, err) - assert.Empty(t, actualCrd.Spec.Conversion.Webhook) + require.Nil(t, actualCrd.Spec.Conversion) }) // Generation must not be skipped because webhook startup routine listens for the secret diff --git a/keptn-cert-manager/go.mod b/keptn-cert-manager/go.mod index 9372e9b266..e168ea017d 100644 --- a/keptn-cert-manager/go.mod +++ b/keptn-cert-manager/go.mod @@ -8,71 +8,71 @@ require ( github.com/pkg/errors v0.9.1 github.com/spf13/afero v1.11.0 github.com/stretchr/testify v1.9.0 - k8s.io/api v0.29.9 - k8s.io/apiextensions-apiserver v0.29.9 - k8s.io/apimachinery v0.29.9 - k8s.io/client-go v0.29.9 - sigs.k8s.io/controller-runtime v0.16.6 + k8s.io/api v0.31.2 + k8s.io/apiextensions-apiserver v0.31.2 + k8s.io/apimachinery v0.31.2 + k8s.io/client-go v0.31.2 + sigs.k8s.io/controller-runtime v0.19.1 ) require ( github.com/beorn7/perks v1.0.1 // indirect - github.com/cespare/xxhash/v2 v2.2.0 // indirect - github.com/davecgh/go-spew v1.1.1 // indirect + github.com/cespare/xxhash/v2 v2.3.0 // indirect + github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect github.com/emicklei/go-restful/v3 v3.11.0 // indirect github.com/evanphx/json-patch v5.6.0+incompatible // indirect - github.com/evanphx/json-patch/v5 v5.6.0 // indirect + github.com/evanphx/json-patch/v5 v5.9.0 // indirect github.com/fsnotify/fsnotify v1.7.0 // indirect - github.com/go-logr/zapr v1.2.4 // indirect + github.com/fxamacker/cbor/v2 v2.7.0 // indirect + github.com/go-logr/zapr v1.3.0 // indirect github.com/go-openapi/jsonpointer v0.19.6 // indirect github.com/go-openapi/jsonreference v0.20.2 // indirect - github.com/go-openapi/swag v0.22.3 // indirect + github.com/go-openapi/swag v0.22.4 // indirect github.com/gogo/protobuf v1.3.2 // indirect github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect github.com/golang/protobuf v1.5.4 // indirect github.com/google/gnostic-models v0.6.8 // indirect github.com/google/go-cmp v0.6.0 // indirect github.com/google/gofuzz v1.2.0 // indirect - github.com/google/uuid v1.4.0 // indirect + github.com/google/uuid v1.6.0 // indirect github.com/imdario/mergo v0.3.13 // indirect github.com/josharian/intern v1.0.0 // indirect github.com/json-iterator/go v1.1.12 // indirect github.com/mailru/easyjson v0.7.7 // indirect - github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect github.com/modern-go/reflect2 v1.0.2 // indirect github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect - github.com/pmezard/go-difflib v1.0.0 // indirect - github.com/prometheus/client_golang v1.16.0 // indirect - github.com/prometheus/client_model v0.4.0 // indirect - github.com/prometheus/common v0.44.0 // indirect - github.com/prometheus/procfs v0.10.1 // indirect + github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect + github.com/prometheus/client_golang v1.19.1 // indirect + github.com/prometheus/client_model v0.6.1 // indirect + github.com/prometheus/common v0.55.0 // indirect + github.com/prometheus/procfs v0.15.1 // indirect github.com/spf13/pflag v1.0.5 // indirect + github.com/x448/float16 v0.8.4 // indirect go.uber.org/multierr v1.11.0 // indirect - go.uber.org/zap v1.25.0 // indirect - golang.org/x/exp v0.0.0-20220722155223-a9213eeb770e // indirect - golang.org/x/net v0.25.0 // indirect - golang.org/x/oauth2 v0.15.0 // indirect + go.uber.org/zap v1.26.0 // indirect + golang.org/x/exp v0.0.0-20230515195305-f3d0a9c9a5cc // indirect + golang.org/x/net v0.26.0 // indirect + golang.org/x/oauth2 v0.21.0 // indirect golang.org/x/sys v0.26.0 // indirect golang.org/x/term v0.25.0 // indirect golang.org/x/text v0.19.0 // indirect golang.org/x/time v0.5.0 // indirect gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect - google.golang.org/appengine v1.6.7 // indirect - google.golang.org/protobuf v1.33.0 // indirect + google.golang.org/protobuf v1.34.2 // indirect + gopkg.in/evanphx/json-patch.v4 v4.12.0 // indirect gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect - k8s.io/component-base v0.29.9 // indirect - k8s.io/klog/v2 v2.110.1 // indirect - k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 // indirect - k8s.io/utils v0.0.0-20230726121419-3b25d923346b // indirect + k8s.io/klog/v2 v2.130.1 // indirect + k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 // indirect + k8s.io/utils v0.0.0-20240711033017-18e509b52bc8 // indirect sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect - sigs.k8s.io/yaml v1.3.0 // indirect + sigs.k8s.io/yaml v1.4.0 // indirect ) replace ( golang.org/x/net => golang.org/x/net v0.30.0 - google.golang.org/protobuf => google.golang.org/protobuf v1.34.2 + google.golang.org/protobuf => google.golang.org/protobuf v1.35.1 ) diff --git a/keptn-cert-manager/go.sum b/keptn-cert-manager/go.sum index 83d487bae8..3b66bfca04 100644 --- a/keptn-cert-manager/go.sum +++ b/keptn-cert-manager/go.sum @@ -1,42 +1,39 @@ -github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA= -github.com/benbjohnson/clock v1.3.0 h1:ip6w0uFQkncKQ979AypyG0ER7mqUSBdKLOgAle/AT8A= -github.com/benbjohnson/clock v1.3.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA= github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= -github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44= -github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= +github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs= +github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM= +github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/emicklei/go-restful/v3 v3.11.0 h1:rAQeMHw1c7zTmncogyy8VvRZwtkmkZ4FxERmMY4rD+g= github.com/emicklei/go-restful/v3 v3.11.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= github.com/evanphx/json-patch v5.6.0+incompatible h1:jBYDEEiFBPxA0v50tFdvOzQQTCvpL6mnFh5mB2/l16U= github.com/evanphx/json-patch v5.6.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= -github.com/evanphx/json-patch/v5 v5.6.0 h1:b91NhWfaz02IuVxO9faSllyAtNXHMPkC5J8sJCLunww= -github.com/evanphx/json-patch/v5 v5.6.0/go.mod h1:G79N1coSVB93tBe7j6PhzjmR3/2VvlbKOFpnXhI9Bw4= +github.com/evanphx/json-patch/v5 v5.9.0 h1:kcBlZQbplgElYIlo/n1hJbls2z/1awpXxpRi0/FOJfg= +github.com/evanphx/json-patch/v5 v5.9.0/go.mod h1:VNkHZ/282BpEyt/tObQO8s5CMPmYYq14uClGH4abBuQ= github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nosvA= github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM= -github.com/go-logr/logr v1.2.4/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-logr/logr v1.3.0/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= +github.com/fxamacker/cbor/v2 v2.7.0 h1:iM5WgngdRBanHcxugY4JySA0nk1wZorNOpTgCMedv5E= +github.com/fxamacker/cbor/v2 v2.7.0/go.mod h1:pxXPTn3joSm21Gbwsv0w9OSA2y1HFR9qXEeXQVeNoDQ= github.com/go-logr/logr v1.4.2 h1:6pFjapn8bFcIbiKo3XT4j/BhANplGihG6tvd+8rYgrY= github.com/go-logr/logr v1.4.2/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= -github.com/go-logr/zapr v1.2.4 h1:QHVo+6stLbfJmYGkQ7uGHUCu5hnAFAj6mDe6Ea0SeOo= -github.com/go-logr/zapr v1.2.4/go.mod h1:FyHWQIzQORZ0QVE1BtVHv3cKtNLuXsbNLtpuhNapBOA= +github.com/go-logr/zapr v1.3.0 h1:XGdV8XW8zdwFiwOA2Dryh1gj2KRQyOOoNmBy4EplIcQ= +github.com/go-logr/zapr v1.3.0/go.mod h1:YKepepNBd1u/oyhd/yQmtjVXmm9uML4IXUgMOwR8/Gg= github.com/go-openapi/jsonpointer v0.19.6 h1:eCs3fxoIi3Wh6vtgmLTOjdhSpiqphQ+DaPn38N2ZdrE= github.com/go-openapi/jsonpointer v0.19.6/go.mod h1:osyAmYz/mB/C3I+WsTTSgw1ONzaLJoLCyoi6/zppojs= github.com/go-openapi/jsonreference v0.20.2 h1:3sVjiK66+uXK/6oQ8xgcRKcFgQ5KXa2KvnJRumpMGbE= github.com/go-openapi/jsonreference v0.20.2/go.mod h1:Bl1zwGIM8/wsvqjsOQLJ/SH+En5Ap4rVB5KVcIDZG2k= -github.com/go-openapi/swag v0.22.3 h1:yMBqmnQ0gyZvEb/+KzuWZOXgllrXT4SADYbvDaXHv/g= github.com/go-openapi/swag v0.22.3/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= -github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI= -github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572/go.mod h1:9Pwr4B2jHnOSGXyyzV8ROjYa2ojvAY6HCGYYfMoC3Ls= +github.com/go-openapi/swag v0.22.4 h1:QLMzNJnMGPRNDCbySlcj1x01tzU8/9LTTL9hZZZogBU= +github.com/go-openapi/swag v0.22.4/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= +github.com/go-task/slim-sprig/v3 v3.0.0 h1:sUs3vkvUymDpBKi3qH1YSqBQk9+9D/8M2mN1vB6EwHI= +github.com/go-task/slim-sprig/v3 v3.0.0/go.mod h1:W848ghGpv3Qj3dhTPRyJypKRiqCdHZiAzKg9hl15HA8= github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE= github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= -github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek= github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps= github.com/google/gnostic-models v0.6.8 h1:yo/ABAfM5IMRsS1VnXjTBvUb61tFIHozhlYvRgGre9I= @@ -47,13 +44,12 @@ github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeN github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0= github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1 h1:K6RDEckDVWvDI9JAJYCmNdQXq6neHJOYx3V6jnqNEec= -github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= -github.com/google/uuid v1.4.0 h1:MtMxsa51/r9yyhkyLsVeVt0B+BGQZzpQiTQ4eHZ8bc4= -github.com/google/uuid v1.4.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/google/pprof v0.0.0-20240525223248-4bfdf5a9a2af h1:kmjWCqn2qkEml422C2Rrd27c3VGxi6a/6HNq8QmHRKM= +github.com/google/pprof v0.0.0-20240525223248-4bfdf5a9a2af/go.mod h1:K1liHPHnj73Fdn/EKuT8nrFqBihUSKXoLYU0BuatOYo= +github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= +github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/imdario/mergo v0.3.13 h1:lFzP57bqS/wsqKssCGmtLAb8A0wKjLGrve2q3PPVcBk= github.com/imdario/mergo v0.3.13/go.mod h1:4lJ1jqUDcsbIECGy0RUJAXNIhg+6ocWgb1ALK2O4oXg= -github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI= github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY= github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y= github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM= @@ -62,7 +58,6 @@ github.com/kelseyhightower/envconfig v1.4.0 h1:Im6hONhd3pLkfDFsbRgu68RDNkGF1r3dv github.com/kelseyhightower/envconfig v1.4.0/go.mod h1:cccZRl6mQpaq41TPp5QxidR+Sa3axMbJDNb//FQX6Gg= github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= -github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= @@ -72,8 +67,6 @@ github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0= github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= -github.com/matttproud/golang_protobuf_extensions v1.0.4 h1:mmDVorXM7PCGKw94cs5zkfA9PSy5pEvNWRP0ET0TIVo= -github.com/matttproud/golang_protobuf_extensions v1.0.4/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4= github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= @@ -81,25 +74,25 @@ github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9G github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= -github.com/onsi/ginkgo/v2 v2.13.0 h1:0jY9lJquiL8fcf3M4LAXN5aMlS/b2BV86HFFPCPMgE4= -github.com/onsi/ginkgo/v2 v2.13.0/go.mod h1:TE309ZR8s5FsKKpuB1YAQYBzCaAfUgatB/xlT/ETL/o= -github.com/onsi/gomega v1.29.0 h1:KIA/t2t5UBzoirT4H9tsML45GEbo3ouUnBHsCfD2tVg= -github.com/onsi/gomega v1.29.0/go.mod h1:9sxs+SwGrKI0+PWe4Fxa9tFQQBG5xSsSbMXOI8PPpoQ= -github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/onsi/ginkgo/v2 v2.19.0 h1:9Cnnf7UHo57Hy3k6/m5k3dRfGTMXGvxhHFvkDTCTpvA= +github.com/onsi/ginkgo/v2 v2.19.0/go.mod h1:rlwLi9PilAFJ8jCg9UE1QP6VBpd6/xj3SRC0d6TU0To= +github.com/onsi/gomega v1.33.1 h1:dsYjIxxSR755MDmKVsaFQTE22ChNBcuuTWgkUDSubOk= +github.com/onsi/gomega v1.33.1/go.mod h1:U4R44UsT+9eLIaYRB2a5qajjtQYn0hauxvRm16AVYg0= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= -github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/prometheus/client_golang v1.16.0 h1:yk/hx9hDbrGHovbci4BY+pRMfSuuat626eFsHb7tmT8= -github.com/prometheus/client_golang v1.16.0/go.mod h1:Zsulrv/L9oM40tJ7T815tM89lFEugiJ9HzIqaAx4LKc= -github.com/prometheus/client_model v0.4.0 h1:5lQXD3cAg1OXBf4Wq03gTrXHeaV0TQvGfUooCfx1yqY= -github.com/prometheus/client_model v0.4.0/go.mod h1:oMQmHW1/JoDwqLtg57MGgP/Fb1CJEYF2imWWhWtMkYU= -github.com/prometheus/common v0.44.0 h1:+5BrQJwiBB9xsMygAB3TNvpQKOwlkc25LbISbrdOOfY= -github.com/prometheus/common v0.44.0/go.mod h1:ofAIvZbQ1e/nugmZGz4/qCb9Ap1VoSTIO7x0VV9VvuY= -github.com/prometheus/procfs v0.10.1 h1:kYK1Va/YMlutzCGazswoHKo//tZVlFpKYh+PymziUAg= -github.com/prometheus/procfs v0.10.1/go.mod h1:nwNm2aOCAYw8uTR/9bWRREkZFxAUcWzPHWJq+XBB/FM= -github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ= -github.com/rogpeppe/go-internal v1.10.0/go.mod h1:UQnix2H7Ngw/k4C5ijL5+65zddjncjaFoBhdsK/akog= +github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U= +github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/prometheus/client_golang v1.19.1 h1:wZWJDwK+NameRJuPGDhlnFgx8e8HN3XHQeLaYJFJBOE= +github.com/prometheus/client_golang v1.19.1/go.mod h1:mP78NwGzrVks5S2H6ab8+ZZGJLZUq1hoULYBAYBw1Ho= +github.com/prometheus/client_model v0.6.1 h1:ZKSh/rekM+n3CeS952MLRAdFwIKqeY8b62p8ais2e9E= +github.com/prometheus/client_model v0.6.1/go.mod h1:OrxVMOVHjw3lKMa8+x6HeMGkHMQyHDk9E3jmP2AmGiY= +github.com/prometheus/common v0.55.0 h1:KEi6DK7lXW/m7Ig5i47x0vRzuBsHuvJdi5ee6Y3G1dc= +github.com/prometheus/common v0.55.0/go.mod h1:2SECS4xJG1kd8XF9IcM1gMX6510RAEL65zxzNImwdc8= +github.com/prometheus/procfs v0.15.1 h1:YagwOFzUgYfKKHX6Dr+sHT7km/hxC76UB0learggepc= +github.com/prometheus/procfs v0.15.1/go.mod h1:fB45yRUv8NstnjriLhBQLuOUt+WW4BsoGhij/e3PBqk= +github.com/rogpeppe/go-internal v1.12.0 h1:exVL4IDcn6na9z1rAb56Vxr+CgyK3nn3O+epU5NdKM8= +github.com/rogpeppe/go-internal v1.12.0/go.mod h1:E+RYuTGaKKdloAfM02xzb0FW3Paa99yedzYV+kq4uf4= github.com/spf13/afero v1.11.0 h1:WJQKhtpdm3v2IzqG8VMqrr6Rf3UYpEF239Jy9wNepM8= github.com/spf13/afero v1.11.0/go.mod h1:GH9Y3pIexgf1MTIWtNGyogA5MwRIDXGUr+hbWNoBjkY= github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= @@ -108,48 +101,40 @@ github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+ github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= -github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg= github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= +github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM= +github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= -go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= -go.uber.org/goleak v1.1.11/go.mod h1:cwTWslyiVhfpKIDGSZEM2HlOvcqm+tG4zioyIeLoqMQ= -go.uber.org/goleak v1.2.1 h1:NBol2c7O1ZokfZ0LEU9K6Whx/KnwvepVetCUhtKja4A= -go.uber.org/goleak v1.2.1/go.mod h1:qlT2yGI9QafXHhZZLxlSuNsMw3FFLxBr+tBRlmO1xH4= -go.uber.org/multierr v1.6.0/go.mod h1:cdWPpRnG4AhwMwsgIHip0KRBQjJy5kYEpYjJxpXp9iU= +go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto= +go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE= go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0= go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y= -go.uber.org/zap v1.24.0/go.mod h1:2kMP+WWQ8aoFoedH3T2sq6iJ2yDWpHbP0f6MQbS9Gkg= -go.uber.org/zap v1.25.0 h1:4Hvk6GtkucQ790dqmj7l1eEnRdKm3k3ZUrUMS2d5+5c= -go.uber.org/zap v1.25.0/go.mod h1:JIAUzQIH94IC4fOJQm7gMmBJP5k7wQfdcnYdPoEXJYk= +go.uber.org/zap v1.26.0 h1:sI7k6L95XOKS281NhVKOFCUNIvv9e0w4BF8N3u+tCRo= +go.uber.org/zap v1.26.0/go.mod h1:dtElttAiwGvoJ/vj4IwHBS/gXsEu/pZ50mUIRWuG0so= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.28.0/go.mod h1:rmgy+3RHxRZMyY0jjAJShp2zgEdOqj2AO7U0pYmeQ7U= -golang.org/x/exp v0.0.0-20220722155223-a9213eeb770e h1:+WEEuIdZHnUeJJmEUjyYC2gfUMj69yZXw17EnHg/otA= -golang.org/x/exp v0.0.0-20220722155223-a9213eeb770e/go.mod h1:Kr81I6Kryrl9sr8s2FK3vxD90NdsKWRuOIl2O4CvYbA= -golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= +golang.org/x/exp v0.0.0-20230515195305-f3d0a9c9a5cc h1:mCRnTeVUjcrhlRmO0VK8a6k6Rrf6TF9htwo2pJVSjIU= +golang.org/x/exp v0.0.0-20230515195305-f3d0a9c9a5cc/go.mod h1:V1LtkGg67GoY2N1AnLN78QLrzxkLyJw7RJb1gzOOz9w= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= golang.org/x/mod v0.12.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/mod v0.15.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= golang.org/x/mod v0.17.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= golang.org/x/net v0.30.0 h1:AcW1SDZMkb8IpzCdQUaIq2sP4sZ4zw+55h6ynffypl4= golang.org/x/net v0.30.0/go.mod h1:2wGyMJ5iFasEhkwi13ChkO/t1ECNC4X4eBKkVFyYFlU= -golang.org/x/oauth2 v0.15.0 h1:s8pnnxNVzjWyrvYdFUQq5llS1PX2zhPXmccZv99h7uQ= -golang.org/x/oauth2 v0.15.0/go.mod h1:q48ptWNTY5XWf+JNten23lcvHpLJ0ZSxF5ttTHKVCAM= -golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/oauth2 v0.21.0 h1:tsimM75w1tF/uws5rbeHzIWxEqElMehnc+iW793zsZs= +golang.org/x/oauth2 v0.21.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.3.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y= golang.org/x/sync v0.6.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= @@ -157,7 +142,6 @@ golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sync v0.8.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= @@ -169,7 +153,6 @@ golang.org/x/telemetry v0.0.0-20240228155512-f48c80bd79b2/go.mod h1:TeRTkGYfJXct golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.25.0 h1:WtHI/ltw4NvSUig5KARz9h521QvRC8RmF/cuYqifU24= golang.org/x/term v0.25.0/go.mod h1:RPyXicDX+6vLxogjjRxjgD2TKtmAO6NZBsBRfrOLu7M= -golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= golang.org/x/text v0.19.0 h1:kTxAhCbGbxhK0IwgSKiMO5awPoDQ0RpfiVYBfK860YM= @@ -177,11 +160,9 @@ golang.org/x/text v0.19.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY= golang.org/x/time v0.5.0 h1:o7cqy6amK/52YcAKIPlM3a+Fpj35zvRj2TP+e1xFSfk= golang.org/x/time v0.5.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= golang.org/x/tools v0.13.0/go.mod h1:HvlwmtVNQAhOuCjW7xxvovg8wbNq7LwfXh/k7wXUl58= golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d h1:vU5i/LfpvrRCpgM/VPfJLg5KjxD3E+hfT1SH+d9zLwg= @@ -192,14 +173,13 @@ golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8T golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= gomodules.xyz/jsonpatch/v2 v2.4.0 h1:Ci3iUJyx9UeRx7CeFN8ARgGbkESwJK+KB9lLcWxY/Zw= gomodules.xyz/jsonpatch/v2 v2.4.0/go.mod h1:AH3dM2RI6uoBZxn3LVrfvJ3E0/9dG4cSrbuBJT4moAY= -google.golang.org/appengine v1.6.7 h1:FZR1q0exgwxzPzp/aF+VccGrSfxfPpkBqjIIEq3ru6c= -google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= -google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg= -google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw= +google.golang.org/protobuf v1.35.1 h1:m3LfL6/Ca+fqnjnlqQXNpFPABW1UD7mjh8KO2mKFytA= +google.golang.org/protobuf v1.35.1/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= +gopkg.in/evanphx/json-patch.v4 v4.12.0 h1:n6jtcsulIzXPJaxegRbvFNNrZDjbij7ny3gmSPG+6V4= +gopkg.in/evanphx/json-patch.v4 v4.12.0/go.mod h1:p8EYWUEYMpynmqDbY58zCKCFZw8pRWMG4EsWvDvM72M= gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= @@ -209,27 +189,25 @@ gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C gopkg.in/yaml.v3 v3.0.0/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -k8s.io/api v0.29.9 h1:FwdflpNsfMUYUOblMZNWJ4K/q0OSL5A4jGa0iOgcJco= -k8s.io/api v0.29.9/go.mod h1:fNhmzRfKaSEHCmczA/jRx6CiDKhYOnFLJBERMJAXEk8= -k8s.io/apiextensions-apiserver v0.29.9 h1:EB6RK06kFJjbzBwU1YiVznxrcgBE0hhDWt6EQQIcOy4= -k8s.io/apiextensions-apiserver v0.29.9/go.mod h1:jcaHG6R/bB1iU6XzC1DMhB1x2ktTJLt2KKpg6B65Z2c= -k8s.io/apimachinery v0.29.9 h1:YZ8HUid1TzQVz94cnNlsQjLdH0VoAhWSqz7t0q6B12A= -k8s.io/apimachinery v0.29.9/go.mod h1:i3FJVwhvSp/6n8Fl4K97PJEP8C+MM+aoDq4+ZJBf70Y= -k8s.io/client-go v0.29.9 h1:4f/Wz6li3rEyIPFj32XAQMtOGMM1tg7KQi1oeS6ibPg= -k8s.io/client-go v0.29.9/go.mod h1:2N1drQEZ5yiYrWVaE2Un8JiISUhl47D8pyZlYLszke4= -k8s.io/component-base v0.29.9 h1:lPENvp3CCwdeMEWGjiTfn5b287qQYuK7gX32OBOovmA= -k8s.io/component-base v0.29.9/go.mod h1:NGDa6Ih0EdcLA2G4K2ZYySoiB+2Tn+rmSqPyudCPgDY= -k8s.io/klog/v2 v2.110.1 h1:U/Af64HJf7FcwMcXyKm2RPM22WZzyR7OSpYj5tg3cL0= -k8s.io/klog/v2 v2.110.1/go.mod h1:YGtd1984u+GgbuZ7e08/yBuAfKLSO0+uR1Fhi6ExXjo= -k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 h1:aVUu9fTY98ivBPKR9Y5w/AuzbMm96cd3YHRTU83I780= -k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00/go.mod h1:AsvuZPBlUDVuCdzJ87iajxtXuR9oktsTctW/R9wwouA= -k8s.io/utils v0.0.0-20230726121419-3b25d923346b h1:sgn3ZU783SCgtaSJjpcVVlRqd6GSnlTLKgpAAttJvpI= -k8s.io/utils v0.0.0-20230726121419-3b25d923346b/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= -sigs.k8s.io/controller-runtime v0.16.6 h1:FiXwTuFF5ZJKmozfP2Z0j7dh6kmxP4Ou1KLfxgKKC3I= -sigs.k8s.io/controller-runtime v0.16.6/go.mod h1:+dQzkZxnylD0u49e0a+7AR+vlibEBaThmPca7lTyUsI= +k8s.io/api v0.31.2 h1:3wLBbL5Uom/8Zy98GRPXpJ254nEFpl+hwndmk9RwmL0= +k8s.io/api v0.31.2/go.mod h1:bWmGvrGPssSK1ljmLzd3pwCQ9MgoTsRCuK35u6SygUk= +k8s.io/apiextensions-apiserver v0.31.2 h1:W8EwUb8+WXBLu56ser5IudT2cOho0gAKeTOnywBLxd0= +k8s.io/apiextensions-apiserver v0.31.2/go.mod h1:i+Geh+nGCJEGiCGR3MlBDkS7koHIIKWVfWeRFiOsUcM= +k8s.io/apimachinery v0.31.2 h1:i4vUt2hPK56W6mlT7Ry+AO8eEsyxMD1U44NR22CLTYw= +k8s.io/apimachinery v0.31.2/go.mod h1:rsPdaZJfTfLsNJSQzNHQvYoTmxhoOEofxtOsF3rtsMo= +k8s.io/client-go v0.31.2 h1:Y2F4dxU5d3AQj+ybwSMqQnpZH9F30//1ObxOKlTI9yc= +k8s.io/client-go v0.31.2/go.mod h1:NPa74jSVR/+eez2dFsEIHNa+3o09vtNaWwWwb1qSxSs= +k8s.io/klog/v2 v2.130.1 h1:n9Xl7H1Xvksem4KFG4PYbdQCQxqc/tTUyrgXaOhHSzk= +k8s.io/klog/v2 v2.130.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= +k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 h1:BZqlfIlq5YbRMFko6/PM7FjZpUb45WallggurYhKGag= +k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340/go.mod h1:yD4MZYeKMBwQKVht279WycxKyM84kkAx2DPrTXaeb98= +k8s.io/utils v0.0.0-20240711033017-18e509b52bc8 h1:pUdcCO1Lk/tbT5ztQWOBi5HBgbBP1J8+AsQnQCKsi8A= +k8s.io/utils v0.0.0-20240711033017-18e509b52bc8/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +sigs.k8s.io/controller-runtime v0.19.1 h1:Son+Q40+Be3QWb+niBXAg2vFiYWolDjjRfO8hn/cxOk= +sigs.k8s.io/controller-runtime v0.19.1/go.mod h1:iRmWllt8IlaLjvTTDLhRBXIEtkCK6hwVBJJsYS9Ajf4= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= sigs.k8s.io/structured-merge-diff/v4 v4.4.1 h1:150L+0vs/8DA78h1u02ooW1/fFq/Lwr+sGiqlzvrtq4= sigs.k8s.io/structured-merge-diff/v4 v4.4.1/go.mod h1:N8hJocpFajUSSeSJ9bOZ77VzejKZaXsTtZo4/u7Io08= -sigs.k8s.io/yaml v1.3.0 h1:a2VclLzOGrwOHDiV8EfBGhvjHvP46CtW5j6POvhYGGo= -sigs.k8s.io/yaml v1.3.0/go.mod h1:GeOyir5tyXNByN85N/dRIT9es5UQNerPYEKK56eTBm8= +sigs.k8s.io/yaml v1.4.0 h1:Mk1wCc2gy/F0THH0TAp1QYyJNzRm2KCLy3o5ASXVI5E= +sigs.k8s.io/yaml v1.4.0/go.mod h1:Ejl7/uTz7PSA4eKMyQCUTnhZYNmLIl+5c2lQPGR2BPY= diff --git a/lifecycle-operator/Makefile b/lifecycle-operator/Makefile index 0b0315cf74..6d055d8165 100644 --- a/lifecycle-operator/Makefile +++ b/lifecycle-operator/Makefile @@ -25,7 +25,7 @@ ENVTEST_K8S_VERSION=1.27.1 ## Tool Versions # renovate: datasource=github-tags depName=kubernetes-sigs/kustomize -KUSTOMIZE_VERSION?=v5.4.3 +KUSTOMIZE_VERSION?=v5.5.0 # renovate: datasource=github-releases depName=kubernetes-sigs/controller-tools CONTROLLER_TOOLS_VERSION?=v0.16.5 diff --git a/lifecycle-operator/chart/templates/keptnapp-crd.yaml b/lifecycle-operator/chart/templates/keptnapp-crd.yaml index d86bc604c6..562f8d730b 100644 --- a/lifecycle-operator/chart/templates/keptnapp-crd.yaml +++ b/lifecycle-operator/chart/templates/keptnapp-crd.yaml @@ -3,7 +3,7 @@ kind: CustomResourceDefinition metadata: name: keptnapps.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 {{- with .Values.global.caInjectionAnnotations }} {{- toYaml . | nindent 4 }} {{- end }} diff --git a/lifecycle-operator/chart/templates/keptnappcontext-crd.yaml b/lifecycle-operator/chart/templates/keptnappcontext-crd.yaml index 7601a8490d..d28c225e18 100644 --- a/lifecycle-operator/chart/templates/keptnappcontext-crd.yaml +++ b/lifecycle-operator/chart/templates/keptnappcontext-crd.yaml @@ -3,7 +3,7 @@ kind: CustomResourceDefinition metadata: name: keptnappcontexts.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 cert-manager.io/inject-ca-from: '{{ .Release.Namespace }}/keptn-certs' {{- include "common.annotations" ( dict "context" . ) }} labels: diff --git a/lifecycle-operator/chart/templates/keptnappcreationrequest-crd.yaml b/lifecycle-operator/chart/templates/keptnappcreationrequest-crd.yaml index dea7602e7e..d219f73254 100644 --- a/lifecycle-operator/chart/templates/keptnappcreationrequest-crd.yaml +++ b/lifecycle-operator/chart/templates/keptnappcreationrequest-crd.yaml @@ -3,7 +3,7 @@ kind: CustomResourceDefinition metadata: name: keptnappcreationrequests.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 {{- with .Values.global.caInjectionAnnotations }} {{- toYaml . | nindent 4 }} {{- end }} diff --git a/lifecycle-operator/chart/templates/keptnappversion-crd.yaml b/lifecycle-operator/chart/templates/keptnappversion-crd.yaml index 33ccf08a07..e4935aae3e 100644 --- a/lifecycle-operator/chart/templates/keptnappversion-crd.yaml +++ b/lifecycle-operator/chart/templates/keptnappversion-crd.yaml @@ -3,7 +3,7 @@ kind: CustomResourceDefinition metadata: name: keptnappversions.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 {{- with .Values.global.caInjectionAnnotations }} {{- toYaml . | nindent 4 }} {{- end }} diff --git a/lifecycle-operator/chart/templates/keptnconfig-crd.yaml b/lifecycle-operator/chart/templates/keptnconfig-crd.yaml index 1978a0b7a6..dd54b70e93 100644 --- a/lifecycle-operator/chart/templates/keptnconfig-crd.yaml +++ b/lifecycle-operator/chart/templates/keptnconfig-crd.yaml @@ -3,7 +3,7 @@ kind: CustomResourceDefinition metadata: name: keptnconfigs.options.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 {{- with .Values.global.caInjectionAnnotations }} {{- toYaml . | nindent 4 }} {{- end }} diff --git a/lifecycle-operator/chart/templates/keptnevaluation-crd.yaml b/lifecycle-operator/chart/templates/keptnevaluation-crd.yaml index c6f94382d8..ad163ab13c 100644 --- a/lifecycle-operator/chart/templates/keptnevaluation-crd.yaml +++ b/lifecycle-operator/chart/templates/keptnevaluation-crd.yaml @@ -3,7 +3,7 @@ kind: CustomResourceDefinition metadata: name: keptnevaluations.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 {{- with .Values.global.caInjectionAnnotations }} {{- toYaml . | nindent 4 }} {{- end }} diff --git a/lifecycle-operator/chart/templates/keptnevaluationdefinition-crd.yaml b/lifecycle-operator/chart/templates/keptnevaluationdefinition-crd.yaml index d91e028b80..3383127b4a 100644 --- a/lifecycle-operator/chart/templates/keptnevaluationdefinition-crd.yaml +++ b/lifecycle-operator/chart/templates/keptnevaluationdefinition-crd.yaml @@ -3,7 +3,7 @@ kind: CustomResourceDefinition metadata: name: keptnevaluationdefinitions.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 {{- with .Values.global.caInjectionAnnotations }} {{- toYaml . | nindent 4 }} {{- end }} diff --git a/lifecycle-operator/chart/templates/keptntask-crd.yaml b/lifecycle-operator/chart/templates/keptntask-crd.yaml index fa39cae8fe..27f4d7d2df 100644 --- a/lifecycle-operator/chart/templates/keptntask-crd.yaml +++ b/lifecycle-operator/chart/templates/keptntask-crd.yaml @@ -4,7 +4,7 @@ kind: CustomResourceDefinition metadata: name: keptntasks.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 {{- with .Values.global.caInjectionAnnotations }} {{- toYaml . | nindent 4 }} {{- end }} diff --git a/lifecycle-operator/chart/templates/keptntaskdefinition-crd.yaml b/lifecycle-operator/chart/templates/keptntaskdefinition-crd.yaml index 3d8b928468..b964b036a5 100644 --- a/lifecycle-operator/chart/templates/keptntaskdefinition-crd.yaml +++ b/lifecycle-operator/chart/templates/keptntaskdefinition-crd.yaml @@ -3,7 +3,7 @@ kind: CustomResourceDefinition metadata: name: keptntaskdefinitions.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 {{- with .Values.global.caInjectionAnnotations }} {{- toYaml . | nindent 4 }} {{- end }} @@ -75,6 +75,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic command: description: |- Entrypoint array. Not executed within a shell. @@ -88,6 +89,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic env: description: |- List of environment variables to set in the container. @@ -123,10 +125,13 @@ spec: description: The key to select. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its @@ -186,10 +191,13 @@ spec: be a valid secret key. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -204,6 +212,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map envFrom: description: |- List of sources to populate environment variables in the container. @@ -220,10 +231,13 @@ spec: description: The ConfigMap to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap must be defined @@ -238,10 +252,13 @@ spec: description: The Secret to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret must be defined @@ -250,6 +267,7 @@ spec: x-kubernetes-map-type: atomic type: object type: array + x-kubernetes-list-type: atomic image: description: |- Container image name. @@ -290,6 +308,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -319,6 +338,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -339,6 +359,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -387,6 +418,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -416,6 +448,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -436,6 +469,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -480,6 +524,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -496,11 +541,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -534,6 +579,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -690,6 +736,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -706,11 +753,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -744,6 +791,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -857,11 +905,9 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. @@ -872,6 +918,12 @@ spec: the Pod where this field is used. It makes that resource available inside a container. type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string required: - name type: object @@ -938,6 +990,30 @@ spec: 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. type: boolean + appArmorProfile: + description: |- + appArmorProfile is the AppArmor options to use by this container. If set, this profile + overrides the pod's appArmorProfile. + Note that this field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: |- + localhostProfile indicates a profile loaded on the node that should be used. + The profile must be preconfigured on the node to work. + Must match the loaded name of the profile. + Must be set if and only if type is "Localhost". + type: string + type: + description: |- + type indicates which kind of AppArmor profile will be applied. + Valid options are: + Localhost - a profile pre-loaded on the node. + RuntimeDefault - the container runtime's default profile. + Unconfined - no AppArmor enforcement. + type: string + required: + - type + type: object capabilities: description: |- The capabilities to add/drop when running containers. @@ -951,6 +1027,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic drop: description: Removed capabilities items: @@ -958,6 +1035,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic type: object privileged: description: |- @@ -969,7 +1047,7 @@ spec: procMount: description: |- procMount denotes the type of proc mount to use for the containers. - The default is DefaultProcMount which uses the container runtime defaults for + The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. @@ -1051,7 +1129,6 @@ spec: type indicates which kind of seccomp profile will be applied. Valid options are: - Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. @@ -1115,6 +1192,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -1131,11 +1209,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -1169,6 +1247,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -1310,6 +1389,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - devicePath + x-kubernetes-list-type: map volumeMounts: description: |- Pod volumes to mount into the container's filesystem. @@ -1329,6 +1411,8 @@ spec: to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). type: string name: description: This must match the Name of a Volume. @@ -1338,6 +1422,25 @@ spec: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string subPath: description: |- Path within the volume from which the container's volume should be mounted. @@ -1355,6 +1458,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - mountPath + x-kubernetes-list-type: map workingDir: description: |- Container's working directory. @@ -1447,10 +1553,13 @@ spec: referenced object inside the same namespace. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -1784,6 +1893,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic command: description: |- Entrypoint array. Not executed within a shell. @@ -1797,6 +1907,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic env: description: |- List of environment variables to set in the container. @@ -1832,10 +1943,13 @@ spec: description: The key to select. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its @@ -1895,10 +2009,13 @@ spec: be a valid secret key. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -1913,6 +2030,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map envFrom: description: |- List of sources to populate environment variables in the container. @@ -1929,10 +2049,13 @@ spec: description: The ConfigMap to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap must be defined @@ -1947,10 +2070,13 @@ spec: description: The Secret to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret must be defined @@ -1959,6 +2085,7 @@ spec: x-kubernetes-map-type: atomic type: object type: array + x-kubernetes-list-type: atomic image: description: |- Container image name. @@ -1999,6 +2126,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -2028,6 +2156,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -2048,6 +2177,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -2096,6 +2236,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -2125,6 +2266,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -2145,6 +2287,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -2189,6 +2342,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -2205,11 +2359,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -2243,6 +2397,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -2399,6 +2554,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -2415,11 +2571,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -2453,6 +2609,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -2566,11 +2723,9 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. @@ -2581,6 +2736,12 @@ spec: the Pod where this field is used. It makes that resource available inside a container. type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string required: - name type: object @@ -2647,6 +2808,30 @@ spec: 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. type: boolean + appArmorProfile: + description: |- + appArmorProfile is the AppArmor options to use by this container. If set, this profile + overrides the pod's appArmorProfile. + Note that this field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: |- + localhostProfile indicates a profile loaded on the node that should be used. + The profile must be preconfigured on the node to work. + Must match the loaded name of the profile. + Must be set if and only if type is "Localhost". + type: string + type: + description: |- + type indicates which kind of AppArmor profile will be applied. + Valid options are: + Localhost - a profile pre-loaded on the node. + RuntimeDefault - the container runtime's default profile. + Unconfined - no AppArmor enforcement. + type: string + required: + - type + type: object capabilities: description: |- The capabilities to add/drop when running containers. @@ -2660,6 +2845,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic drop: description: Removed capabilities items: @@ -2667,6 +2853,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic type: object privileged: description: |- @@ -2678,7 +2865,7 @@ spec: procMount: description: |- procMount denotes the type of proc mount to use for the containers. - The default is DefaultProcMount which uses the container runtime defaults for + The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. @@ -2760,7 +2947,6 @@ spec: type indicates which kind of seccomp profile will be applied. Valid options are: - Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. @@ -2824,6 +3010,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -2840,11 +3027,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -2878,6 +3065,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -3019,6 +3207,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - devicePath + x-kubernetes-list-type: map volumeMounts: description: |- Pod volumes to mount into the container's filesystem. @@ -3038,6 +3229,8 @@ spec: to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). type: string name: description: This must match the Name of a Volume. @@ -3047,6 +3240,25 @@ spec: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string subPath: description: |- Path within the volume from which the container's volume should be mounted. @@ -3064,6 +3276,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - mountPath + x-kubernetes-list-type: map workingDir: description: |- Container's working directory. @@ -3230,10 +3445,13 @@ spec: referenced object inside the same namespace. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -3415,6 +3633,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic command: description: |- Entrypoint array. Not executed within a shell. @@ -3428,6 +3647,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic env: description: |- List of environment variables to set in the container. @@ -3463,10 +3683,13 @@ spec: description: The key to select. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its @@ -3526,10 +3749,13 @@ spec: be a valid secret key. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -3544,6 +3770,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map envFrom: description: |- List of sources to populate environment variables in the container. @@ -3560,10 +3789,13 @@ spec: description: The ConfigMap to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap must be defined @@ -3578,10 +3810,13 @@ spec: description: The Secret to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret must be defined @@ -3590,6 +3825,7 @@ spec: x-kubernetes-map-type: atomic type: object type: array + x-kubernetes-list-type: atomic image: description: |- Container image name. @@ -3630,6 +3866,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -3659,6 +3896,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -3679,6 +3917,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -3727,6 +3976,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -3756,6 +4006,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -3776,6 +4027,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -3820,6 +4082,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -3836,11 +4099,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -3874,6 +4137,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -4030,6 +4294,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -4046,11 +4311,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -4084,6 +4349,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -4197,11 +4463,9 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. @@ -4212,6 +4476,12 @@ spec: the Pod where this field is used. It makes that resource available inside a container. type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string required: - name type: object @@ -4278,6 +4548,30 @@ spec: 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. type: boolean + appArmorProfile: + description: |- + appArmorProfile is the AppArmor options to use by this container. If set, this profile + overrides the pod's appArmorProfile. + Note that this field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: |- + localhostProfile indicates a profile loaded on the node that should be used. + The profile must be preconfigured on the node to work. + Must match the loaded name of the profile. + Must be set if and only if type is "Localhost". + type: string + type: + description: |- + type indicates which kind of AppArmor profile will be applied. + Valid options are: + Localhost - a profile pre-loaded on the node. + RuntimeDefault - the container runtime's default profile. + Unconfined - no AppArmor enforcement. + type: string + required: + - type + type: object capabilities: description: |- The capabilities to add/drop when running containers. @@ -4291,6 +4585,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic drop: description: Removed capabilities items: @@ -4298,6 +4593,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic type: object privileged: description: |- @@ -4309,7 +4605,7 @@ spec: procMount: description: |- procMount denotes the type of proc mount to use for the containers. - The default is DefaultProcMount which uses the container runtime defaults for + The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. @@ -4391,7 +4687,6 @@ spec: type indicates which kind of seccomp profile will be applied. Valid options are: - Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. @@ -4455,6 +4750,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -4471,11 +4767,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -4509,6 +4805,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -4650,6 +4947,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - devicePath + x-kubernetes-list-type: map volumeMounts: description: |- Pod volumes to mount into the container's filesystem. @@ -4669,6 +4969,8 @@ spec: to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). type: string name: description: This must match the Name of a Volume. @@ -4678,6 +4980,25 @@ spec: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string subPath: description: |- Path within the volume from which the container's volume should be mounted. @@ -4695,6 +5016,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - mountPath + x-kubernetes-list-type: map workingDir: description: |- Container's working directory. @@ -4861,10 +5185,13 @@ spec: referenced object inside the same namespace. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic diff --git a/lifecycle-operator/chart/templates/keptnworkload-crd.yaml b/lifecycle-operator/chart/templates/keptnworkload-crd.yaml index ac7f9b9018..1214f81385 100644 --- a/lifecycle-operator/chart/templates/keptnworkload-crd.yaml +++ b/lifecycle-operator/chart/templates/keptnworkload-crd.yaml @@ -3,7 +3,7 @@ kind: CustomResourceDefinition metadata: name: keptnworkloads.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 {{- with .Values.global.caInjectionAnnotations }} {{- toYaml . | nindent 4 }} {{- end }} diff --git a/lifecycle-operator/chart/templates/keptnworkloadversion-crd.yaml b/lifecycle-operator/chart/templates/keptnworkloadversion-crd.yaml index 92d6219103..b7f3b7c581 100644 --- a/lifecycle-operator/chart/templates/keptnworkloadversion-crd.yaml +++ b/lifecycle-operator/chart/templates/keptnworkloadversion-crd.yaml @@ -3,7 +3,7 @@ kind: CustomResourceDefinition metadata: name: keptnworkloadversions.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 {{- with .Values.global.caInjectionAnnotations }} {{- toYaml . | nindent 4 }} {{- end }} diff --git a/lifecycle-operator/chart/templates/lifecycle-operator-rbac.yaml b/lifecycle-operator/chart/templates/lifecycle-operator-rbac.yaml index 1f45b3ff8c..a3238406b0 100644 --- a/lifecycle-operator/chart/templates/lifecycle-operator-rbac.yaml +++ b/lifecycle-operator/chart/templates/lifecycle-operator-rbac.yaml @@ -10,42 +10,6 @@ metadata: labels: {{- include "common.labels.standard" ( dict "context" . ) | nindent 4 }} rules: -- apiGroups: - - apps - resources: - - daemonsets - - deployments - - replicasets - - statefulsets - verbs: - - get - - list - - watch -- apiGroups: - - argoproj.io - resources: - - rollouts - verbs: - - get - - list - - watch -- apiGroups: - - batch - resources: - - jobs - verbs: - - create - - get - - list - - update - - watch -- apiGroups: - - batch - resources: - - jobs/status - verbs: - - get - - list - apiGroups: - "" resources: @@ -91,8 +55,8 @@ rules: verbs: - get - list - - watch - update + - watch - apiGroups: - "" resources: @@ -100,120 +64,45 @@ rules: verbs: - get - apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappcontexts - verbs: - - get - - list - - watch -- apiGroups: - - lifecycle.keptn.sh + - apps resources: - - keptnappcreationrequests + - daemonsets + - deployments + - replicasets + - statefulsets verbs: - - create - - delete - get - list - - patch - - update - watch - apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappcreationrequests/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappcreationrequests/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh + - argoproj.io resources: - - keptnapps + - rollouts verbs: - - create - - delete - get - list - - patch - - update - watch - apiGroups: - - lifecycle.keptn.sh - resources: - - keptnapps/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnapps/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh + - batch resources: - - keptnappversion + - jobs verbs: - create - - delete - get - list - - patch - update - watch - apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappversion/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappversion/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh + - batch resources: - - keptnappversions + - jobs/status verbs: - - create - - delete - get - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappversions/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappversions/status - verbs: - - get - - patch - - update - apiGroups: - lifecycle.keptn.sh resources: + - keptnappcontexts - keptnevaluationdefinitions verbs: - get @@ -222,111 +111,15 @@ rules: - apiGroups: - lifecycle.keptn.sh resources: + - keptnappcreationrequests + - keptnapps + - keptnappversion + - keptnappversions - keptnevaluations - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnevaluations/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnevaluations/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - keptntaskdefinitions - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptntaskdefinitions/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptntaskdefinitions/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - keptntasks - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptntasks/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptntasks/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnworkloadversions - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnworkloadversions/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnworkloadversions/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - keptnworkloads + - keptnworkloadversions verbs: - create - delete @@ -338,13 +131,29 @@ rules: - apiGroups: - lifecycle.keptn.sh resources: + - keptnappcreationrequests/finalizers + - keptnapps/finalizers + - keptnappversion/finalizers + - keptnappversions/finalizers + - keptnevaluations/finalizers + - keptntaskdefinitions/finalizers + - keptntasks/finalizers - keptnworkloads/finalizers + - keptnworkloadversions/finalizers verbs: - update - apiGroups: - lifecycle.keptn.sh resources: + - keptnappcreationrequests/status + - keptnapps/status + - keptnappversion/status + - keptnappversions/status + - keptnevaluations/status + - keptntaskdefinitions/status + - keptntasks/status - keptnworkloads/status + - keptnworkloadversions/status verbs: - get - patch diff --git a/lifecycle-operator/cmd/fake/manager_mock.go b/lifecycle-operator/cmd/fake/manager_mock.go deleted file mode 100644 index 73324216a1..0000000000 --- a/lifecycle-operator/cmd/fake/manager_mock.go +++ /dev/null @@ -1,773 +0,0 @@ -// Code generated by moq; DO NOT EDIT. -// github.com/matryer/moq - -package fake - -import ( - "context" - "net/http" - "sync" - - "github.com/go-logr/logr" - "k8s.io/apimachinery/pkg/api/meta" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/client-go/rest" - "k8s.io/client-go/tools/record" - "sigs.k8s.io/controller-runtime/pkg/cache" - "sigs.k8s.io/controller-runtime/pkg/client" - "sigs.k8s.io/controller-runtime/pkg/config/v1alpha1" - "sigs.k8s.io/controller-runtime/pkg/healthz" - "sigs.k8s.io/controller-runtime/pkg/manager" - "sigs.k8s.io/controller-runtime/pkg/webhook" -) - -// MockManager is a mock implementation of manager.IManager. -// -// func TestSomethingThatUsesIManager(t *testing.T) { -// -// // make and configure a mocked manager.IManager -// mockedIManager := &MockManager{ -// AddFunc: func(runnable manager.Runnable) error { -// panic("mock out the Add method") -// }, -// AddHealthzCheckFunc: func(name string, check healthz.Checker) error { -// panic("mock out the AddHealthzCheck method") -// }, -// AddMetricsExtraHandlerFunc: func(path string, handler http.Handler) error { -// panic("mock out the AddMetricsExtraHandler method") -// }, -// AddReadyzCheckFunc: func(name string, check healthz.Checker) error { -// panic("mock out the AddReadyzCheck method") -// }, -// ElectedFunc: func() <-chan struct{} { -// panic("mock out the Elected method") -// }, -// GetAPIReaderFunc: func() client.Reader { -// panic("mock out the GetAPIReader method") -// }, -// GetCacheFunc: func() cache.Cache { -// panic("mock out the GetCache method") -// }, -// GetClientFunc: func() client.Client { -// panic("mock out the GetClient method") -// }, -// GetConfigFunc: func() *rest.Config { -// panic("mock out the GetConfig method") -// }, -// GetControllerOptionsFunc: func() v1alpha1.ControllerConfigurationSpec { -// panic("mock out the GetControllerOptions method") -// }, -// GetEventRecorderForFunc: func(name string) record.EventRecorder { -// panic("mock out the GetEventRecorderFor method") -// }, -// GetFieldIndexerFunc: func() client.FieldIndexer { -// panic("mock out the GetFieldIndexer method") -// }, -// GetLoggerFunc: func() logr.Logger { -// panic("mock out the GetLogger method") -// }, -// GetRESTMapperFunc: func() meta.RESTMapper { -// panic("mock out the GetRESTMapper method") -// }, -// GetSchemeFunc: func() *runtime.Scheme { -// panic("mock out the GetScheme method") -// }, -// GetWebhookServerFunc: func() *webhook.Server { -// panic("mock out the GetWebhookServer method") -// }, -// SetFieldsFunc: func(ifaceVal interface{}) error { -// panic("mock out the SetFields method") -// }, -// StartFunc: func(ctx context.Context) error { -// panic("mock out the Start method") -// }, -// } -// -// // use mockedIManager in code that requires manager.IManager -// // and then make assertions. -// -// } -type MockManager struct { - // AddFunc mocks the Add method. - AddFunc func(runnable manager.Runnable) error - - // AddHealthzCheckFunc mocks the AddHealthzCheck method. - AddHealthzCheckFunc func(name string, check healthz.Checker) error - - // AddMetricsExtraHandlerFunc mocks the AddMetricsExtraHandler method. - AddMetricsExtraHandlerFunc func(path string, handler http.Handler) error - - // AddReadyzCheckFunc mocks the AddReadyzCheck method. - AddReadyzCheckFunc func(name string, check healthz.Checker) error - - // ElectedFunc mocks the Elected method. - ElectedFunc func() <-chan struct{} - - // GetAPIReaderFunc mocks the GetAPIReader method. - GetAPIReaderFunc func() client.Reader - - // GetCacheFunc mocks the GetCache method. - GetCacheFunc func() cache.Cache - - // GetClientFunc mocks the GetClient method. - GetClientFunc func() client.Client - - // GetConfigFunc mocks the GetConfig method. - GetConfigFunc func() *rest.Config - - // GetControllerOptionsFunc mocks the GetControllerOptions method. - GetControllerOptionsFunc func() v1alpha1.ControllerConfigurationSpec - - // GetEventRecorderForFunc mocks the GetEventRecorderFor method. - GetEventRecorderForFunc func(name string) record.EventRecorder - - // GetFieldIndexerFunc mocks the GetFieldIndexer method. - GetFieldIndexerFunc func() client.FieldIndexer - - // GetLoggerFunc mocks the GetLogger method. - GetLoggerFunc func() logr.Logger - - // GetRESTMapperFunc mocks the GetRESTMapper method. - GetRESTMapperFunc func() meta.RESTMapper - - // GetSchemeFunc mocks the GetScheme method. - GetSchemeFunc func() *runtime.Scheme - - // GetWebhookServerFunc mocks the GetWebhookServer method. - GetWebhookServerFunc func() *webhook.Server - - // SetFieldsFunc mocks the SetFields method. - SetFieldsFunc func(ifaceVal interface{}) error - - // StartFunc mocks the Start method. - StartFunc func(ctx context.Context) error - - // calls tracks calls to the methods. - calls struct { - // Add holds details about calls to the Add method. - Add []struct { - // Runnable is the runnable argument value. - Runnable manager.Runnable - } - // AddHealthzCheck holds details about calls to the AddHealthzCheck method. - AddHealthzCheck []struct { - // Name is the name argument value. - Name string - // Check is the check argument value. - Check healthz.Checker - } - // AddMetricsExtraHandler holds details about calls to the AddMetricsExtraHandler method. - AddMetricsExtraHandler []struct { - // Path is the path argument value. - Path string - // Handler is the handler argument value. - Handler http.Handler - } - // AddReadyzCheck holds details about calls to the AddReadyzCheck method. - AddReadyzCheck []struct { - // Name is the name argument value. - Name string - // Check is the check argument value. - Check healthz.Checker - } - // Elected holds details about calls to the Elected method. - Elected []struct { - } - // GetAPIReader holds details about calls to the GetAPIReader method. - GetAPIReader []struct { - } - // GetCache holds details about calls to the GetCache method. - GetCache []struct { - } - // GetClient holds details about calls to the GetClient method. - GetClient []struct { - } - // GetConfig holds details about calls to the GetConfig method. - GetConfig []struct { - } - // GetControllerOptions holds details about calls to the GetControllerOptions method. - GetControllerOptions []struct { - } - // GetEventRecorderFor holds details about calls to the GetEventRecorderFor method. - GetEventRecorderFor []struct { - // Name is the name argument value. - Name string - } - // GetFieldIndexer holds details about calls to the GetFieldIndexer method. - GetFieldIndexer []struct { - } - // GetLogger holds details about calls to the GetLogger method. - GetLogger []struct { - } - // GetRESTMapper holds details about calls to the GetRESTMapper method. - GetRESTMapper []struct { - } - // GetScheme holds details about calls to the GetScheme method. - GetScheme []struct { - } - // GetWebhookServer holds details about calls to the GetWebhookServer method. - GetWebhookServer []struct { - } - // SetFields holds details about calls to the SetFields method. - SetFields []struct { - // IfaceVal is the ifaceVal argument value. - IfaceVal interface{} - } - // Start holds details about calls to the Start method. - Start []struct { - // Ctx is the ctx argument value. - Ctx context.Context - } - } - lockAdd sync.RWMutex - lockAddHealthzCheck sync.RWMutex - lockAddMetricsExtraHandler sync.RWMutex - lockAddReadyzCheck sync.RWMutex - lockElected sync.RWMutex - lockGetAPIReader sync.RWMutex - lockGetCache sync.RWMutex - lockGetClient sync.RWMutex - lockGetConfig sync.RWMutex - lockGetControllerOptions sync.RWMutex - lockGetEventRecorderFor sync.RWMutex - lockGetFieldIndexer sync.RWMutex - lockGetLogger sync.RWMutex - lockGetRESTMapper sync.RWMutex - lockGetScheme sync.RWMutex - lockGetWebhookServer sync.RWMutex - lockSetFields sync.RWMutex - lockStart sync.RWMutex -} - -// Add calls AddFunc. -func (mock *MockManager) Add(runnable manager.Runnable) error { - if mock.AddFunc == nil { - panic("MockManager.AddFunc: method is nil but IManager.Add was just called") - } - callInfo := struct { - Runnable manager.Runnable - }{ - Runnable: runnable, - } - mock.lockAdd.Lock() - mock.calls.Add = append(mock.calls.Add, callInfo) - mock.lockAdd.Unlock() - return mock.AddFunc(runnable) -} - -// AddCalls gets all the calls that were made to Add. -// Check the length with: -// -// len(mockedIManager.AddCalls()) -func (mock *MockManager) AddCalls() []struct { - Runnable manager.Runnable -} { - var calls []struct { - Runnable manager.Runnable - } - mock.lockAdd.RLock() - calls = mock.calls.Add - mock.lockAdd.RUnlock() - return calls -} - -// AddHealthzCheck calls AddHealthzCheckFunc. -func (mock *MockManager) AddHealthzCheck(name string, check healthz.Checker) error { - if mock.AddHealthzCheckFunc == nil { - panic("MockManager.AddHealthzCheckFunc: method is nil but IManager.AddHealthzCheck was just called") - } - callInfo := struct { - Name string - Check healthz.Checker - }{ - Name: name, - Check: check, - } - mock.lockAddHealthzCheck.Lock() - mock.calls.AddHealthzCheck = append(mock.calls.AddHealthzCheck, callInfo) - mock.lockAddHealthzCheck.Unlock() - return mock.AddHealthzCheckFunc(name, check) -} - -// AddHealthzCheckCalls gets all the calls that were made to AddHealthzCheck. -// Check the length with: -// -// len(mockedIManager.AddHealthzCheckCalls()) -func (mock *MockManager) AddHealthzCheckCalls() []struct { - Name string - Check healthz.Checker -} { - var calls []struct { - Name string - Check healthz.Checker - } - mock.lockAddHealthzCheck.RLock() - calls = mock.calls.AddHealthzCheck - mock.lockAddHealthzCheck.RUnlock() - return calls -} - -// AddMetricsExtraHandler calls AddMetricsExtraHandlerFunc. -func (mock *MockManager) AddMetricsExtraHandler(path string, handler http.Handler) error { - if mock.AddMetricsExtraHandlerFunc == nil { - panic("MockManager.AddMetricsExtraHandlerFunc: method is nil but IManager.AddMetricsExtraHandler was just called") - } - callInfo := struct { - Path string - Handler http.Handler - }{ - Path: path, - Handler: handler, - } - mock.lockAddMetricsExtraHandler.Lock() - mock.calls.AddMetricsExtraHandler = append(mock.calls.AddMetricsExtraHandler, callInfo) - mock.lockAddMetricsExtraHandler.Unlock() - return mock.AddMetricsExtraHandlerFunc(path, handler) -} - -// AddMetricsExtraHandlerCalls gets all the calls that were made to AddMetricsExtraHandler. -// Check the length with: -// -// len(mockedIManager.AddMetricsExtraHandlerCalls()) -func (mock *MockManager) AddMetricsExtraHandlerCalls() []struct { - Path string - Handler http.Handler -} { - var calls []struct { - Path string - Handler http.Handler - } - mock.lockAddMetricsExtraHandler.RLock() - calls = mock.calls.AddMetricsExtraHandler - mock.lockAddMetricsExtraHandler.RUnlock() - return calls -} - -// AddReadyzCheck calls AddReadyzCheckFunc. -func (mock *MockManager) AddReadyzCheck(name string, check healthz.Checker) error { - if mock.AddReadyzCheckFunc == nil { - panic("MockManager.AddReadyzCheckFunc: method is nil but IManager.AddReadyzCheck was just called") - } - callInfo := struct { - Name string - Check healthz.Checker - }{ - Name: name, - Check: check, - } - mock.lockAddReadyzCheck.Lock() - mock.calls.AddReadyzCheck = append(mock.calls.AddReadyzCheck, callInfo) - mock.lockAddReadyzCheck.Unlock() - return mock.AddReadyzCheckFunc(name, check) -} - -// AddReadyzCheckCalls gets all the calls that were made to AddReadyzCheck. -// Check the length with: -// -// len(mockedIManager.AddReadyzCheckCalls()) -func (mock *MockManager) AddReadyzCheckCalls() []struct { - Name string - Check healthz.Checker -} { - var calls []struct { - Name string - Check healthz.Checker - } - mock.lockAddReadyzCheck.RLock() - calls = mock.calls.AddReadyzCheck - mock.lockAddReadyzCheck.RUnlock() - return calls -} - -// Elected calls ElectedFunc. -func (mock *MockManager) Elected() <-chan struct{} { - if mock.ElectedFunc == nil { - panic("MockManager.ElectedFunc: method is nil but IManager.Elected was just called") - } - callInfo := struct { - }{} - mock.lockElected.Lock() - mock.calls.Elected = append(mock.calls.Elected, callInfo) - mock.lockElected.Unlock() - return mock.ElectedFunc() -} - -// ElectedCalls gets all the calls that were made to Elected. -// Check the length with: -// -// len(mockedIManager.ElectedCalls()) -func (mock *MockManager) ElectedCalls() []struct { -} { - var calls []struct { - } - mock.lockElected.RLock() - calls = mock.calls.Elected - mock.lockElected.RUnlock() - return calls -} - -// GetAPIReader calls GetAPIReaderFunc. -func (mock *MockManager) GetAPIReader() client.Reader { - if mock.GetAPIReaderFunc == nil { - panic("MockManager.GetAPIReaderFunc: method is nil but IManager.GetAPIReader was just called") - } - callInfo := struct { - }{} - mock.lockGetAPIReader.Lock() - mock.calls.GetAPIReader = append(mock.calls.GetAPIReader, callInfo) - mock.lockGetAPIReader.Unlock() - return mock.GetAPIReaderFunc() -} - -// GetAPIReaderCalls gets all the calls that were made to GetAPIReader. -// Check the length with: -// -// len(mockedIManager.GetAPIReaderCalls()) -func (mock *MockManager) GetAPIReaderCalls() []struct { -} { - var calls []struct { - } - mock.lockGetAPIReader.RLock() - calls = mock.calls.GetAPIReader - mock.lockGetAPIReader.RUnlock() - return calls -} - -// GetCache calls GetCacheFunc. -func (mock *MockManager) GetCache() cache.Cache { - if mock.GetCacheFunc == nil { - panic("MockManager.GetCacheFunc: method is nil but IManager.GetCache was just called") - } - callInfo := struct { - }{} - mock.lockGetCache.Lock() - mock.calls.GetCache = append(mock.calls.GetCache, callInfo) - mock.lockGetCache.Unlock() - return mock.GetCacheFunc() -} - -// GetCacheCalls gets all the calls that were made to GetCache. -// Check the length with: -// -// len(mockedIManager.GetCacheCalls()) -func (mock *MockManager) GetCacheCalls() []struct { -} { - var calls []struct { - } - mock.lockGetCache.RLock() - calls = mock.calls.GetCache - mock.lockGetCache.RUnlock() - return calls -} - -// GetClient calls GetClientFunc. -func (mock *MockManager) GetClient() client.Client { - if mock.GetClientFunc == nil { - panic("MockManager.GetClientFunc: method is nil but IManager.GetClient was just called") - } - callInfo := struct { - }{} - mock.lockGetClient.Lock() - mock.calls.GetClient = append(mock.calls.GetClient, callInfo) - mock.lockGetClient.Unlock() - return mock.GetClientFunc() -} - -// GetClientCalls gets all the calls that were made to GetClient. -// Check the length with: -// -// len(mockedIManager.GetClientCalls()) -func (mock *MockManager) GetClientCalls() []struct { -} { - var calls []struct { - } - mock.lockGetClient.RLock() - calls = mock.calls.GetClient - mock.lockGetClient.RUnlock() - return calls -} - -// GetConfig calls GetConfigFunc. -func (mock *MockManager) GetConfig() *rest.Config { - if mock.GetConfigFunc == nil { - panic("MockManager.GetConfigFunc: method is nil but IManager.GetConfig was just called") - } - callInfo := struct { - }{} - mock.lockGetConfig.Lock() - mock.calls.GetConfig = append(mock.calls.GetConfig, callInfo) - mock.lockGetConfig.Unlock() - return mock.GetConfigFunc() -} - -// GetConfigCalls gets all the calls that were made to GetConfig. -// Check the length with: -// -// len(mockedIManager.GetConfigCalls()) -func (mock *MockManager) GetConfigCalls() []struct { -} { - var calls []struct { - } - mock.lockGetConfig.RLock() - calls = mock.calls.GetConfig - mock.lockGetConfig.RUnlock() - return calls -} - -// GetControllerOptions calls GetControllerOptionsFunc. -func (mock *MockManager) GetControllerOptions() v1alpha1.ControllerConfigurationSpec { - if mock.GetControllerOptionsFunc == nil { - panic("MockManager.GetControllerOptionsFunc: method is nil but IManager.GetControllerOptions was just called") - } - callInfo := struct { - }{} - mock.lockGetControllerOptions.Lock() - mock.calls.GetControllerOptions = append(mock.calls.GetControllerOptions, callInfo) - mock.lockGetControllerOptions.Unlock() - return mock.GetControllerOptionsFunc() -} - -// GetControllerOptionsCalls gets all the calls that were made to GetControllerOptions. -// Check the length with: -// -// len(mockedIManager.GetControllerOptionsCalls()) -func (mock *MockManager) GetControllerOptionsCalls() []struct { -} { - var calls []struct { - } - mock.lockGetControllerOptions.RLock() - calls = mock.calls.GetControllerOptions - mock.lockGetControllerOptions.RUnlock() - return calls -} - -// GetEventRecorderFor calls GetEventRecorderForFunc. -func (mock *MockManager) GetEventRecorderFor(name string) record.EventRecorder { - if mock.GetEventRecorderForFunc == nil { - panic("MockManager.GetEventRecorderForFunc: method is nil but IManager.GetEventRecorderFor was just called") - } - callInfo := struct { - Name string - }{ - Name: name, - } - mock.lockGetEventRecorderFor.Lock() - mock.calls.GetEventRecorderFor = append(mock.calls.GetEventRecorderFor, callInfo) - mock.lockGetEventRecorderFor.Unlock() - return mock.GetEventRecorderForFunc(name) -} - -// GetEventRecorderForCalls gets all the calls that were made to GetEventRecorderFor. -// Check the length with: -// -// len(mockedIManager.GetEventRecorderForCalls()) -func (mock *MockManager) GetEventRecorderForCalls() []struct { - Name string -} { - var calls []struct { - Name string - } - mock.lockGetEventRecorderFor.RLock() - calls = mock.calls.GetEventRecorderFor - mock.lockGetEventRecorderFor.RUnlock() - return calls -} - -// GetFieldIndexer calls GetFieldIndexerFunc. -func (mock *MockManager) GetFieldIndexer() client.FieldIndexer { - if mock.GetFieldIndexerFunc == nil { - panic("MockManager.GetFieldIndexerFunc: method is nil but IManager.GetFieldIndexer was just called") - } - callInfo := struct { - }{} - mock.lockGetFieldIndexer.Lock() - mock.calls.GetFieldIndexer = append(mock.calls.GetFieldIndexer, callInfo) - mock.lockGetFieldIndexer.Unlock() - return mock.GetFieldIndexerFunc() -} - -// GetFieldIndexerCalls gets all the calls that were made to GetFieldIndexer. -// Check the length with: -// -// len(mockedIManager.GetFieldIndexerCalls()) -func (mock *MockManager) GetFieldIndexerCalls() []struct { -} { - var calls []struct { - } - mock.lockGetFieldIndexer.RLock() - calls = mock.calls.GetFieldIndexer - mock.lockGetFieldIndexer.RUnlock() - return calls -} - -// GetLogger calls GetLoggerFunc. -func (mock *MockManager) GetLogger() logr.Logger { - if mock.GetLoggerFunc == nil { - panic("MockManager.GetLoggerFunc: method is nil but IManager.GetLogger was just called") - } - callInfo := struct { - }{} - mock.lockGetLogger.Lock() - mock.calls.GetLogger = append(mock.calls.GetLogger, callInfo) - mock.lockGetLogger.Unlock() - return mock.GetLoggerFunc() -} - -// GetLoggerCalls gets all the calls that were made to GetLogger. -// Check the length with: -// -// len(mockedIManager.GetLoggerCalls()) -func (mock *MockManager) GetLoggerCalls() []struct { -} { - var calls []struct { - } - mock.lockGetLogger.RLock() - calls = mock.calls.GetLogger - mock.lockGetLogger.RUnlock() - return calls -} - -// GetRESTMapper calls GetRESTMapperFunc. -func (mock *MockManager) GetRESTMapper() meta.RESTMapper { - if mock.GetRESTMapperFunc == nil { - panic("MockManager.GetRESTMapperFunc: method is nil but IManager.GetRESTMapper was just called") - } - callInfo := struct { - }{} - mock.lockGetRESTMapper.Lock() - mock.calls.GetRESTMapper = append(mock.calls.GetRESTMapper, callInfo) - mock.lockGetRESTMapper.Unlock() - return mock.GetRESTMapperFunc() -} - -// GetRESTMapperCalls gets all the calls that were made to GetRESTMapper. -// Check the length with: -// -// len(mockedIManager.GetRESTMapperCalls()) -func (mock *MockManager) GetRESTMapperCalls() []struct { -} { - var calls []struct { - } - mock.lockGetRESTMapper.RLock() - calls = mock.calls.GetRESTMapper - mock.lockGetRESTMapper.RUnlock() - return calls -} - -// GetScheme calls GetSchemeFunc. -func (mock *MockManager) GetScheme() *runtime.Scheme { - if mock.GetSchemeFunc == nil { - panic("MockManager.GetSchemeFunc: method is nil but IManager.GetScheme was just called") - } - callInfo := struct { - }{} - mock.lockGetScheme.Lock() - mock.calls.GetScheme = append(mock.calls.GetScheme, callInfo) - mock.lockGetScheme.Unlock() - return mock.GetSchemeFunc() -} - -// GetSchemeCalls gets all the calls that were made to GetScheme. -// Check the length with: -// -// len(mockedIManager.GetSchemeCalls()) -func (mock *MockManager) GetSchemeCalls() []struct { -} { - var calls []struct { - } - mock.lockGetScheme.RLock() - calls = mock.calls.GetScheme - mock.lockGetScheme.RUnlock() - return calls -} - -// GetWebhookServer calls GetWebhookServerFunc. -func (mock *MockManager) GetWebhookServer() *webhook.Server { - if mock.GetWebhookServerFunc == nil { - panic("MockManager.GetWebhookServerFunc: method is nil but IManager.GetWebhookServer was just called") - } - callInfo := struct { - }{} - mock.lockGetWebhookServer.Lock() - mock.calls.GetWebhookServer = append(mock.calls.GetWebhookServer, callInfo) - mock.lockGetWebhookServer.Unlock() - return mock.GetWebhookServerFunc() -} - -// GetWebhookServerCalls gets all the calls that were made to GetWebhookServer. -// Check the length with: -// -// len(mockedIManager.GetWebhookServerCalls()) -func (mock *MockManager) GetWebhookServerCalls() []struct { -} { - var calls []struct { - } - mock.lockGetWebhookServer.RLock() - calls = mock.calls.GetWebhookServer - mock.lockGetWebhookServer.RUnlock() - return calls -} - -// SetFields calls SetFieldsFunc. -func (mock *MockManager) SetFields(ifaceVal interface{}) error { - if mock.SetFieldsFunc == nil { - panic("MockManager.SetFieldsFunc: method is nil but IManager.SetFields was just called") - } - callInfo := struct { - IfaceVal interface{} - }{ - IfaceVal: ifaceVal, - } - mock.lockSetFields.Lock() - mock.calls.SetFields = append(mock.calls.SetFields, callInfo) - mock.lockSetFields.Unlock() - return mock.SetFieldsFunc(ifaceVal) -} - -// SetFieldsCalls gets all the calls that were made to SetFields. -// Check the length with: -// -// len(mockedIManager.SetFieldsCalls()) -func (mock *MockManager) SetFieldsCalls() []struct { - IfaceVal interface{} -} { - var calls []struct { - IfaceVal interface{} - } - mock.lockSetFields.RLock() - calls = mock.calls.SetFields - mock.lockSetFields.RUnlock() - return calls -} - -// Start calls StartFunc. -func (mock *MockManager) Start(ctx context.Context) error { - if mock.StartFunc == nil { - panic("MockManager.StartFunc: method is nil but IManager.Start was just called") - } - callInfo := struct { - Ctx context.Context - }{ - Ctx: ctx, - } - mock.lockStart.Lock() - mock.calls.Start = append(mock.calls.Start, callInfo) - mock.lockStart.Unlock() - return mock.StartFunc(ctx) -} - -// StartCalls gets all the calls that were made to Start. -// Check the length with: -// -// len(mockedIManager.StartCalls()) -func (mock *MockManager) StartCalls() []struct { - Ctx context.Context -} { - var calls []struct { - Ctx context.Context - } - mock.lockStart.RLock() - calls = mock.calls.Start - mock.lockStart.RUnlock() - return calls -} diff --git a/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnappcontexts.yaml b/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnappcontexts.yaml index f022116183..721c32343b 100644 --- a/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnappcontexts.yaml +++ b/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnappcontexts.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.5 name: keptnappcontexts.lifecycle.keptn.sh spec: group: lifecycle.keptn.sh diff --git a/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnappcreationrequests.yaml b/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnappcreationrequests.yaml index 886b90e3e2..d874f21ed5 100644 --- a/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnappcreationrequests.yaml +++ b/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnappcreationrequests.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.5 name: keptnappcreationrequests.lifecycle.keptn.sh spec: group: lifecycle.keptn.sh diff --git a/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnapps.yaml b/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnapps.yaml index c25e83849e..3214607f74 100644 --- a/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnapps.yaml +++ b/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnapps.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.5 name: keptnapps.lifecycle.keptn.sh spec: group: lifecycle.keptn.sh diff --git a/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnappversions.yaml b/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnappversions.yaml index 93a0371ab3..36c47bcfbe 100644 --- a/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnappversions.yaml +++ b/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnappversions.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.5 name: keptnappversions.lifecycle.keptn.sh spec: group: lifecycle.keptn.sh diff --git a/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnevaluationdefinitions.yaml b/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnevaluationdefinitions.yaml index 7a3c2cb683..8de937f308 100644 --- a/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnevaluationdefinitions.yaml +++ b/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnevaluationdefinitions.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.5 name: keptnevaluationdefinitions.lifecycle.keptn.sh spec: group: lifecycle.keptn.sh diff --git a/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnevaluationproviders.yaml b/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnevaluationproviders.yaml index 294bff5f00..d86db8fcdb 100644 --- a/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnevaluationproviders.yaml +++ b/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnevaluationproviders.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.5 name: keptnevaluationproviders.lifecycle.keptn.sh spec: group: lifecycle.keptn.sh @@ -93,10 +93,13 @@ spec: valid secret key. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined @@ -153,10 +156,13 @@ spec: valid secret key. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined diff --git a/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnevaluations.yaml b/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnevaluations.yaml index a04b56ce6c..ae33aa08ac 100644 --- a/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnevaluations.yaml +++ b/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnevaluations.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.5 name: keptnevaluations.lifecycle.keptn.sh spec: group: lifecycle.keptn.sh diff --git a/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptntaskdefinitions.yaml b/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptntaskdefinitions.yaml index 2ed155474d..612e8ccd03 100644 --- a/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptntaskdefinitions.yaml +++ b/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptntaskdefinitions.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.5 name: keptntaskdefinitions.lifecycle.keptn.sh spec: group: lifecycle.keptn.sh @@ -67,6 +67,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic command: description: |- Entrypoint array. Not executed within a shell. @@ -80,6 +81,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic env: description: |- List of environment variables to set in the container. @@ -115,10 +117,13 @@ spec: description: The key to select. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its @@ -178,10 +183,13 @@ spec: be a valid secret key. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -196,6 +204,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map envFrom: description: |- List of sources to populate environment variables in the container. @@ -212,10 +223,13 @@ spec: description: The ConfigMap to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap must be defined @@ -230,10 +244,13 @@ spec: description: The Secret to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret must be defined @@ -242,6 +259,7 @@ spec: x-kubernetes-map-type: atomic type: object type: array + x-kubernetes-list-type: atomic image: description: |- Container image name. @@ -282,6 +300,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -311,6 +330,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -390,6 +410,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -419,6 +440,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -494,6 +516,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -510,11 +533,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -548,6 +571,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -704,6 +728,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -720,11 +745,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -758,6 +783,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -871,11 +897,9 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. @@ -886,6 +910,12 @@ spec: the Pod where this field is used. It makes that resource available inside a container. type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string required: - name type: object @@ -952,6 +982,30 @@ spec: 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. type: boolean + appArmorProfile: + description: |- + appArmorProfile is the AppArmor options to use by this container. If set, this profile + overrides the pod's appArmorProfile. + Note that this field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: |- + localhostProfile indicates a profile loaded on the node that should be used. + The profile must be preconfigured on the node to work. + Must match the loaded name of the profile. + Must be set if and only if type is "Localhost". + type: string + type: + description: |- + type indicates which kind of AppArmor profile will be applied. + Valid options are: + Localhost - a profile pre-loaded on the node. + RuntimeDefault - the container runtime's default profile. + Unconfined - no AppArmor enforcement. + type: string + required: + - type + type: object capabilities: description: |- The capabilities to add/drop when running containers. @@ -965,6 +1019,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic drop: description: Removed capabilities items: @@ -972,6 +1027,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic type: object privileged: description: |- @@ -983,7 +1039,7 @@ spec: procMount: description: |- procMount denotes the type of proc mount to use for the containers. - The default is DefaultProcMount which uses the container runtime defaults for + The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. @@ -1065,7 +1121,6 @@ spec: type indicates which kind of seccomp profile will be applied. Valid options are: - Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. @@ -1129,6 +1184,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -1145,11 +1201,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -1183,6 +1239,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -1324,6 +1381,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - devicePath + x-kubernetes-list-type: map volumeMounts: description: |- Pod volumes to mount into the container's filesystem. @@ -1343,6 +1403,8 @@ spec: to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). type: string name: description: This must match the Name of a Volume. @@ -1352,6 +1414,25 @@ spec: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string subPath: description: |- Path within the volume from which the container's volume should be mounted. @@ -1369,6 +1450,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - mountPath + x-kubernetes-list-type: map workingDir: description: |- Container's working directory. @@ -1461,10 +1545,13 @@ spec: referenced object inside the same namespace. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -1798,6 +1885,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic command: description: |- Entrypoint array. Not executed within a shell. @@ -1811,6 +1899,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic env: description: |- List of environment variables to set in the container. @@ -1846,10 +1935,13 @@ spec: description: The key to select. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its @@ -1909,10 +2001,13 @@ spec: be a valid secret key. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -1927,6 +2022,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map envFrom: description: |- List of sources to populate environment variables in the container. @@ -1943,10 +2041,13 @@ spec: description: The ConfigMap to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap must be defined @@ -1961,10 +2062,13 @@ spec: description: The Secret to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret must be defined @@ -1973,6 +2077,7 @@ spec: x-kubernetes-map-type: atomic type: object type: array + x-kubernetes-list-type: atomic image: description: |- Container image name. @@ -2013,6 +2118,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -2042,6 +2148,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -2121,6 +2228,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -2150,6 +2258,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -2225,6 +2334,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -2241,11 +2351,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -2279,6 +2389,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -2435,6 +2546,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -2451,11 +2563,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -2489,6 +2601,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -2602,11 +2715,9 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. @@ -2617,6 +2728,12 @@ spec: the Pod where this field is used. It makes that resource available inside a container. type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string required: - name type: object @@ -2683,6 +2800,30 @@ spec: 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. type: boolean + appArmorProfile: + description: |- + appArmorProfile is the AppArmor options to use by this container. If set, this profile + overrides the pod's appArmorProfile. + Note that this field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: |- + localhostProfile indicates a profile loaded on the node that should be used. + The profile must be preconfigured on the node to work. + Must match the loaded name of the profile. + Must be set if and only if type is "Localhost". + type: string + type: + description: |- + type indicates which kind of AppArmor profile will be applied. + Valid options are: + Localhost - a profile pre-loaded on the node. + RuntimeDefault - the container runtime's default profile. + Unconfined - no AppArmor enforcement. + type: string + required: + - type + type: object capabilities: description: |- The capabilities to add/drop when running containers. @@ -2696,6 +2837,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic drop: description: Removed capabilities items: @@ -2703,6 +2845,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic type: object privileged: description: |- @@ -2714,7 +2857,7 @@ spec: procMount: description: |- procMount denotes the type of proc mount to use for the containers. - The default is DefaultProcMount which uses the container runtime defaults for + The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. @@ -2796,7 +2939,6 @@ spec: type indicates which kind of seccomp profile will be applied. Valid options are: - Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. @@ -2860,6 +3002,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -2876,11 +3019,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -2914,6 +3057,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -3055,6 +3199,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - devicePath + x-kubernetes-list-type: map volumeMounts: description: |- Pod volumes to mount into the container's filesystem. @@ -3074,6 +3221,8 @@ spec: to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). type: string name: description: This must match the Name of a Volume. @@ -3083,6 +3232,25 @@ spec: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string subPath: description: |- Path within the volume from which the container's volume should be mounted. @@ -3100,6 +3268,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - mountPath + x-kubernetes-list-type: map workingDir: description: |- Container's working directory. @@ -3266,10 +3437,13 @@ spec: referenced object inside the same namespace. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -3451,6 +3625,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic command: description: |- Entrypoint array. Not executed within a shell. @@ -3464,6 +3639,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic env: description: |- List of environment variables to set in the container. @@ -3499,10 +3675,13 @@ spec: description: The key to select. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its @@ -3562,10 +3741,13 @@ spec: be a valid secret key. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -3580,6 +3762,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map envFrom: description: |- List of sources to populate environment variables in the container. @@ -3596,10 +3781,13 @@ spec: description: The ConfigMap to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap must be defined @@ -3614,10 +3802,13 @@ spec: description: The Secret to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret must be defined @@ -3626,6 +3817,7 @@ spec: x-kubernetes-map-type: atomic type: object type: array + x-kubernetes-list-type: atomic image: description: |- Container image name. @@ -3666,6 +3858,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -3695,6 +3888,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -3774,6 +3968,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -3803,6 +3998,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -3878,6 +4074,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -3894,11 +4091,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -3932,6 +4129,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -4088,6 +4286,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -4104,11 +4303,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -4142,6 +4341,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -4255,11 +4455,9 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. @@ -4270,6 +4468,12 @@ spec: the Pod where this field is used. It makes that resource available inside a container. type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string required: - name type: object @@ -4336,6 +4540,30 @@ spec: 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. type: boolean + appArmorProfile: + description: |- + appArmorProfile is the AppArmor options to use by this container. If set, this profile + overrides the pod's appArmorProfile. + Note that this field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: |- + localhostProfile indicates a profile loaded on the node that should be used. + The profile must be preconfigured on the node to work. + Must match the loaded name of the profile. + Must be set if and only if type is "Localhost". + type: string + type: + description: |- + type indicates which kind of AppArmor profile will be applied. + Valid options are: + Localhost - a profile pre-loaded on the node. + RuntimeDefault - the container runtime's default profile. + Unconfined - no AppArmor enforcement. + type: string + required: + - type + type: object capabilities: description: |- The capabilities to add/drop when running containers. @@ -4349,6 +4577,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic drop: description: Removed capabilities items: @@ -4356,6 +4585,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic type: object privileged: description: |- @@ -4367,7 +4597,7 @@ spec: procMount: description: |- procMount denotes the type of proc mount to use for the containers. - The default is DefaultProcMount which uses the container runtime defaults for + The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. @@ -4449,7 +4679,6 @@ spec: type indicates which kind of seccomp profile will be applied. Valid options are: - Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. @@ -4513,6 +4742,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -4529,11 +4759,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -4567,6 +4797,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -4708,6 +4939,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - devicePath + x-kubernetes-list-type: map volumeMounts: description: |- Pod volumes to mount into the container's filesystem. @@ -4727,6 +4961,8 @@ spec: to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). type: string name: description: This must match the Name of a Volume. @@ -4736,6 +4972,25 @@ spec: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string subPath: description: |- Path within the volume from which the container's volume should be mounted. @@ -4753,6 +5008,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - mountPath + x-kubernetes-list-type: map workingDir: description: |- Container's working directory. @@ -4919,10 +5177,13 @@ spec: referenced object inside the same namespace. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic diff --git a/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptntasks.yaml b/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptntasks.yaml index 7087242a70..ca9151bbf4 100644 --- a/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptntasks.yaml +++ b/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptntasks.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.5 name: keptntasks.lifecycle.keptn.sh spec: group: lifecycle.keptn.sh diff --git a/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnworkloadinstances.yaml b/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnworkloadinstances.yaml index 4b676377c3..26db9d4265 100644 --- a/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnworkloadinstances.yaml +++ b/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnworkloadinstances.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.5 name: keptnworkloadinstances.lifecycle.keptn.sh spec: group: lifecycle.keptn.sh diff --git a/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnworkloads.yaml b/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnworkloads.yaml index baf3497cd6..c717a5c7aa 100644 --- a/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnworkloads.yaml +++ b/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnworkloads.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.5 name: keptnworkloads.lifecycle.keptn.sh spec: group: lifecycle.keptn.sh diff --git a/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnworkloadversions.yaml b/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnworkloadversions.yaml index a553219653..3ce2eb8f0a 100644 --- a/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnworkloadversions.yaml +++ b/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnworkloadversions.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.5 name: keptnworkloadversions.lifecycle.keptn.sh spec: group: lifecycle.keptn.sh diff --git a/lifecycle-operator/config/crd/bases/options.keptn.sh_keptnconfigs.yaml b/lifecycle-operator/config/crd/bases/options.keptn.sh_keptnconfigs.yaml index 36ac20e93a..076b7e976c 100644 --- a/lifecycle-operator/config/crd/bases/options.keptn.sh_keptnconfigs.yaml +++ b/lifecycle-operator/config/crd/bases/options.keptn.sh_keptnconfigs.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.5 name: keptnconfigs.options.keptn.sh spec: group: options.keptn.sh diff --git a/lifecycle-operator/config/rbac/role.yaml b/lifecycle-operator/config/rbac/role.yaml index db29ef0610..dddbbd51bf 100644 --- a/lifecycle-operator/config/rbac/role.yaml +++ b/lifecycle-operator/config/rbac/role.yaml @@ -4,42 +4,6 @@ kind: ClusterRole metadata: name: lifecycle-operator-role rules: -- apiGroups: - - apps - resources: - - daemonsets - - deployments - - replicasets - - statefulsets - verbs: - - get - - list - - watch -- apiGroups: - - argoproj.io - resources: - - rollouts - verbs: - - get - - list - - watch -- apiGroups: - - batch - resources: - - jobs - verbs: - - create - - get - - list - - update - - watch -- apiGroups: - - batch - resources: - - jobs/status - verbs: - - get - - list - apiGroups: - "" resources: @@ -94,120 +58,45 @@ rules: verbs: - get - apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappcontexts - verbs: - - get - - list - - watch -- apiGroups: - - lifecycle.keptn.sh + - apps resources: - - keptnappcreationrequests + - daemonsets + - deployments + - replicasets + - statefulsets verbs: - - create - - delete - get - list - - patch - - update - watch - apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappcreationrequests/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappcreationrequests/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh + - argoproj.io resources: - - keptnapps + - rollouts verbs: - - create - - delete - get - list - - patch - - update - watch - apiGroups: - - lifecycle.keptn.sh - resources: - - keptnapps/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnapps/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh + - batch resources: - - keptnappversion + - jobs verbs: - create - - delete - get - list - - patch - update - watch - apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappversion/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappversion/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh + - batch resources: - - keptnappversions + - jobs/status verbs: - - create - - delete - get - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappversions/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappversions/status - verbs: - - get - - patch - - update - apiGroups: - lifecycle.keptn.sh resources: + - keptnappcontexts - keptnevaluationdefinitions verbs: - get @@ -216,110 +105,14 @@ rules: - apiGroups: - lifecycle.keptn.sh resources: + - keptnappcreationrequests + - keptnapps + - keptnappversion + - keptnappversions - keptnevaluations - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnevaluations/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnevaluations/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - keptntaskdefinitions - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptntaskdefinitions/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptntaskdefinitions/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - keptntasks - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptntasks/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptntasks/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - keptnworkloads - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnworkloads/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnworkloads/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - keptnworkloadversions verbs: - create @@ -332,12 +125,28 @@ rules: - apiGroups: - lifecycle.keptn.sh resources: + - keptnappcreationrequests/finalizers + - keptnapps/finalizers + - keptnappversion/finalizers + - keptnappversions/finalizers + - keptnevaluations/finalizers + - keptntaskdefinitions/finalizers + - keptntasks/finalizers + - keptnworkloads/finalizers - keptnworkloadversions/finalizers verbs: - update - apiGroups: - lifecycle.keptn.sh resources: + - keptnappcreationrequests/status + - keptnapps/status + - keptnappversion/status + - keptnappversions/status + - keptnevaluations/status + - keptntaskdefinitions/status + - keptntasks/status + - keptnworkloads/status - keptnworkloadversions/status verbs: - get diff --git a/lifecycle-operator/go.mod b/lifecycle-operator/go.mod index f859829432..6b8d932009 100644 --- a/lifecycle-operator/go.mod +++ b/lifecycle-operator/go.mod @@ -26,13 +26,13 @@ require ( go.opentelemetry.io/otel/trace v1.28.0 golang.org/x/exp v0.0.0-20241009180824-f66d83c29e7c golang.org/x/net v0.30.0 - google.golang.org/grpc v1.65.0 - k8s.io/api v0.29.9 - k8s.io/apiextensions-apiserver v0.29.9 - k8s.io/apimachinery v0.29.9 - k8s.io/apiserver v0.29.9 - k8s.io/client-go v0.29.9 - sigs.k8s.io/controller-runtime v0.16.6 + google.golang.org/grpc v1.67.1 + k8s.io/api v0.31.2 + k8s.io/apiextensions-apiserver v0.31.2 + k8s.io/apimachinery v0.31.2 + k8s.io/apiserver v0.31.2 + k8s.io/client-go v0.31.2 + sigs.k8s.io/controller-runtime v0.19.1 sigs.k8s.io/yaml v1.4.0 ) @@ -40,16 +40,16 @@ require ( github.com/beorn7/perks v1.0.1 // indirect github.com/cenkalti/backoff/v4 v4.3.0 // indirect github.com/cespare/xxhash/v2 v2.3.0 // indirect - github.com/davecgh/go-spew v1.1.1 // indirect + github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect github.com/emicklei/go-restful/v3 v3.11.0 // indirect - github.com/evanphx/json-patch v5.6.0+incompatible // indirect github.com/evanphx/json-patch/v5 v5.9.0 // indirect github.com/fsnotify/fsnotify v1.7.0 // indirect + github.com/fxamacker/cbor/v2 v2.7.0 // indirect github.com/go-logr/stdr v1.2.2 // indirect - github.com/go-logr/zapr v1.2.4 // indirect + github.com/go-logr/zapr v1.3.0 // indirect github.com/go-openapi/jsonpointer v0.19.6 // indirect github.com/go-openapi/jsonreference v0.20.2 // indirect - github.com/go-openapi/swag v0.22.3 // indirect + github.com/go-openapi/swag v0.22.4 // indirect github.com/go-task/slim-sprig/v3 v3.0.0 // indirect github.com/gogo/protobuf v1.3.2 // indirect github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect @@ -67,35 +67,36 @@ require ( github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect github.com/modern-go/reflect2 v1.0.2 // indirect github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect - github.com/pmezard/go-difflib v1.0.0 // indirect + github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect github.com/prometheus/client_model v0.6.1 // indirect github.com/prometheus/common v0.55.0 // indirect github.com/prometheus/procfs v0.15.1 // indirect github.com/spf13/afero v1.11.0 // indirect github.com/spf13/pflag v1.0.5 // indirect + github.com/x448/float16 v0.8.4 // indirect go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.28.0 // indirect go.opentelemetry.io/proto/otlp v1.3.1 // indirect go.uber.org/multierr v1.11.0 // indirect - go.uber.org/zap v1.25.0 // indirect - golang.org/x/oauth2 v0.21.0 // indirect + go.uber.org/zap v1.26.0 // indirect + golang.org/x/oauth2 v0.22.0 // indirect golang.org/x/sys v0.26.0 // indirect golang.org/x/term v0.25.0 // indirect golang.org/x/text v0.19.0 // indirect golang.org/x/time v0.5.0 // indirect golang.org/x/tools v0.26.0 // indirect gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect - google.golang.org/genproto/googleapis/api v0.0.0-20240701130421-f6361c86f094 // indirect - google.golang.org/genproto/googleapis/rpc v0.0.0-20240701130421-f6361c86f094 // indirect + google.golang.org/genproto/googleapis/api v0.0.0-20240814211410-ddb44dafa142 // indirect + google.golang.org/genproto/googleapis/rpc v0.0.0-20240814211410-ddb44dafa142 // indirect google.golang.org/protobuf v1.34.2 // indirect + gopkg.in/evanphx/json-patch.v4 v4.12.0 // indirect gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect - k8s.io/component-base v0.29.9 // indirect - k8s.io/klog/v2 v2.110.1 // indirect - k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 // indirect - k8s.io/utils v0.0.0-20230726121419-3b25d923346b // indirect + k8s.io/klog/v2 v2.130.1 // indirect + k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 // indirect + k8s.io/utils v0.0.0-20240711033017-18e509b52bc8 // indirect sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect ) -replace google.golang.org/protobuf => google.golang.org/protobuf v1.34.2 +replace google.golang.org/protobuf => google.golang.org/protobuf v1.35.1 diff --git a/lifecycle-operator/go.sum b/lifecycle-operator/go.sum index 3b4846a047..89000eb945 100644 --- a/lifecycle-operator/go.sum +++ b/lifecycle-operator/go.sum @@ -2,7 +2,6 @@ dario.cat/mergo v1.0.1 h1:Ra4+bf83h2ztPIQYNP99R6m+Y7KfnARDfID+a+vLl4s= dario.cat/mergo v1.0.1/go.mod h1:uNxQE+84aUszobStD9th8a29P2fMDhsBdgRYvZOxGmk= github.com/argoproj/argo-rollouts v1.7.2 h1:faDUH/qePerYRwsrHfVzNQkhjGBgXIiVYdVK8824kMo= github.com/argoproj/argo-rollouts v1.7.2/go.mod h1:Te4HrUELxKiBpK8lgk77o4gTa3mv8pXCd8xdPprKrbs= -github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA= github.com/benbjohnson/clock v1.3.5 h1:VvXlSJBzZpA/zum6Sj74hxwYI2DIxRWuNIoXAzHZz5o= github.com/benbjohnson/clock v1.3.5/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA= github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= @@ -15,8 +14,9 @@ github.com/cloudevents/sdk-go/v2 v2.15.2 h1:54+I5xQEnI73RBhWHxbI1XJcqOFOVJN85vb4 github.com/cloudevents/sdk-go/v2 v2.15.2/go.mod h1:lL7kSWAE/V8VI4Wh0jbL2v/jvqsm6tjmaQBSvxcv4uE= github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM= +github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/emicklei/go-restful/v3 v3.11.0 h1:rAQeMHw1c7zTmncogyy8VvRZwtkmkZ4FxERmMY4rD+g= github.com/emicklei/go-restful/v3 v3.11.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= github.com/evanphx/json-patch v5.6.0+incompatible h1:jBYDEEiFBPxA0v50tFdvOzQQTCvpL6mnFh5mB2/l16U= @@ -25,21 +25,22 @@ github.com/evanphx/json-patch/v5 v5.9.0 h1:kcBlZQbplgElYIlo/n1hJbls2z/1awpXxpRi0 github.com/evanphx/json-patch/v5 v5.9.0/go.mod h1:VNkHZ/282BpEyt/tObQO8s5CMPmYYq14uClGH4abBuQ= github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nosvA= github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM= +github.com/fxamacker/cbor/v2 v2.7.0 h1:iM5WgngdRBanHcxugY4JySA0nk1wZorNOpTgCMedv5E= +github.com/fxamacker/cbor/v2 v2.7.0/go.mod h1:pxXPTn3joSm21Gbwsv0w9OSA2y1HFR9qXEeXQVeNoDQ= github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-logr/logr v1.2.4/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-logr/logr v1.3.0/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= github.com/go-logr/logr v1.4.2 h1:6pFjapn8bFcIbiKo3XT4j/BhANplGihG6tvd+8rYgrY= github.com/go-logr/logr v1.4.2/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag= github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE= -github.com/go-logr/zapr v1.2.4 h1:QHVo+6stLbfJmYGkQ7uGHUCu5hnAFAj6mDe6Ea0SeOo= -github.com/go-logr/zapr v1.2.4/go.mod h1:FyHWQIzQORZ0QVE1BtVHv3cKtNLuXsbNLtpuhNapBOA= +github.com/go-logr/zapr v1.3.0 h1:XGdV8XW8zdwFiwOA2Dryh1gj2KRQyOOoNmBy4EplIcQ= +github.com/go-logr/zapr v1.3.0/go.mod h1:YKepepNBd1u/oyhd/yQmtjVXmm9uML4IXUgMOwR8/Gg= github.com/go-openapi/jsonpointer v0.19.6 h1:eCs3fxoIi3Wh6vtgmLTOjdhSpiqphQ+DaPn38N2ZdrE= github.com/go-openapi/jsonpointer v0.19.6/go.mod h1:osyAmYz/mB/C3I+WsTTSgw1ONzaLJoLCyoi6/zppojs= github.com/go-openapi/jsonreference v0.20.2 h1:3sVjiK66+uXK/6oQ8xgcRKcFgQ5KXa2KvnJRumpMGbE= github.com/go-openapi/jsonreference v0.20.2/go.mod h1:Bl1zwGIM8/wsvqjsOQLJ/SH+En5Ap4rVB5KVcIDZG2k= -github.com/go-openapi/swag v0.22.3 h1:yMBqmnQ0gyZvEb/+KzuWZOXgllrXT4SADYbvDaXHv/g= github.com/go-openapi/swag v0.22.3/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= +github.com/go-openapi/swag v0.22.4 h1:QLMzNJnMGPRNDCbySlcj1x01tzU8/9LTTL9hZZZogBU= +github.com/go-openapi/swag v0.22.4/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= github.com/go-task/slim-sprig/v3 v3.0.0 h1:sUs3vkvUymDpBKi3qH1YSqBQk9+9D/8M2mN1vB6EwHI= github.com/go-task/slim-sprig/v3 v3.0.0/go.mod h1:W848ghGpv3Qj3dhTPRyJypKRiqCdHZiAzKg9hl15HA8= github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= @@ -74,7 +75,6 @@ github.com/keptn/lifecycle-toolkit/keptn-cert-manager v0.0.0-20240806082913-9bcc github.com/keptn/lifecycle-toolkit/keptn-cert-manager v0.0.0-20240806082913-9bcc0d1633a6/go.mod h1:IF+voXJvrQqpwu13iW9J51xW01nUMtUVuggeZqqq3GQ= github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= -github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= @@ -97,11 +97,11 @@ github.com/onsi/ginkgo/v2 v2.20.2 h1:7NVCeyIWROIAheY21RLS+3j2bb52W0W82tkberYytp4 github.com/onsi/ginkgo/v2 v2.20.2/go.mod h1:K9gyxPIlb+aIvnZ8bd9Ak+YP18w3APlR+5coaZoE2ag= github.com/onsi/gomega v1.34.2 h1:pNCwDkzrsv7MS9kpaQvVb1aVLahQXyJ/Tv5oAZMI3i8= github.com/onsi/gomega v1.34.2/go.mod h1:v1xfxRgk0KIsG+QOdm7p8UosrOzPYRo60fd3B/1Dukc= -github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= -github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U= +github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/prometheus/client_golang v1.19.1 h1:wZWJDwK+NameRJuPGDhlnFgx8e8HN3XHQeLaYJFJBOE= github.com/prometheus/client_golang v1.19.1/go.mod h1:mP78NwGzrVks5S2H6ab8+ZZGJLZUq1hoULYBAYBw1Ho= github.com/prometheus/client_model v0.6.1 h1:ZKSh/rekM+n3CeS952MLRAdFwIKqeY8b62p8ais2e9E= @@ -120,7 +120,6 @@ github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+ github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= -github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= @@ -128,9 +127,10 @@ github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsT github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= github.com/valyala/bytebufferpool v1.0.0 h1:GqA5TC/0021Y/b9FG4Oi9Mr3q7XYx6KllzawFIhcdPw= github.com/valyala/bytebufferpool v1.0.0/go.mod h1:6bBcMArwyJ5K/AmCkWv1jt77kVWyCJ6HpOuEn7z0Csc= +github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM= +github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= go.opentelemetry.io/otel v1.28.0 h1:/SqNcYk+idO0CxKEUOtKQClMK/MimZihKYMruSMViUo= go.opentelemetry.io/otel v1.28.0/go.mod h1:q68ijF8Fc8CnMHKyzqL6akLO46ePnjkgfIMIjUIX9z4= go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.28.0 h1:3Q/xZUyC1BBkualc9ROb4G8qkH90LXEIICcs5zv1OYY= @@ -151,48 +151,35 @@ go.opentelemetry.io/otel/trace v1.28.0 h1:GhQ9cUuQGmNDd5BTCP2dAvv75RdMxEfTmYejp+ go.opentelemetry.io/otel/trace v1.28.0/go.mod h1:jPyXzNPg6da9+38HEwElrQiHlVMTnVfM3/yv2OlIHaI= go.opentelemetry.io/proto/otlp v1.3.1 h1:TrMUixzpM0yuc/znrFTP9MMRh8trP93mkCiDVeXrui0= go.opentelemetry.io/proto/otlp v1.3.1/go.mod h1:0X1WI4de4ZsLrrJNLAQbFeLCm3T7yBkR0XqQ7niQU+8= -go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= -go.uber.org/goleak v1.1.11/go.mod h1:cwTWslyiVhfpKIDGSZEM2HlOvcqm+tG4zioyIeLoqMQ= go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto= go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE= -go.uber.org/multierr v1.6.0/go.mod h1:cdWPpRnG4AhwMwsgIHip0KRBQjJy5kYEpYjJxpXp9iU= go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0= go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y= -go.uber.org/zap v1.24.0/go.mod h1:2kMP+WWQ8aoFoedH3T2sq6iJ2yDWpHbP0f6MQbS9Gkg= -go.uber.org/zap v1.25.0 h1:4Hvk6GtkucQ790dqmj7l1eEnRdKm3k3ZUrUMS2d5+5c= -go.uber.org/zap v1.25.0/go.mod h1:JIAUzQIH94IC4fOJQm7gMmBJP5k7wQfdcnYdPoEXJYk= +go.uber.org/zap v1.26.0 h1:sI7k6L95XOKS281NhVKOFCUNIvv9e0w4BF8N3u+tCRo= +go.uber.org/zap v1.26.0/go.mod h1:dtElttAiwGvoJ/vj4IwHBS/gXsEu/pZ50mUIRWuG0so= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/exp v0.0.0-20241009180824-f66d83c29e7c h1:7dEasQXItcW1xKJ2+gg5VOiBnqWrJc+rq0DPKyvvdbY= golang.org/x/exp v0.0.0-20241009180824-f66d83c29e7c/go.mod h1:NQtJDoLvd6faHhE7m4T/1IY708gDefGGjR/iUW8yQQ8= -golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= -golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= golang.org/x/net v0.30.0 h1:AcW1SDZMkb8IpzCdQUaIq2sP4sZ4zw+55h6ynffypl4= golang.org/x/net v0.30.0/go.mod h1:2wGyMJ5iFasEhkwi13ChkO/t1ECNC4X4eBKkVFyYFlU= -golang.org/x/oauth2 v0.21.0 h1:tsimM75w1tF/uws5rbeHzIWxEqElMehnc+iW793zsZs= -golang.org/x/oauth2 v0.21.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI= +golang.org/x/oauth2 v0.22.0 h1:BzDx2FehcG7jJwgWLELCdmLuxk2i+x9UDpSiss2u0ZA= +golang.org/x/oauth2 v0.22.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.26.0 h1:KHjCJyddX0LoSTb3J+vWpupP9p0oznkqVk/IfjymZbo= golang.org/x/sys v0.26.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.25.0 h1:WtHI/ltw4NvSUig5KARz9h521QvRC8RmF/cuYqifU24= golang.org/x/term v0.25.0/go.mod h1:RPyXicDX+6vLxogjjRxjgD2TKtmAO6NZBsBRfrOLu7M= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -202,11 +189,9 @@ golang.org/x/text v0.19.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY= golang.org/x/time v0.5.0 h1:o7cqy6amK/52YcAKIPlM3a+Fpj35zvRj2TP+e1xFSfk= golang.org/x/time v0.5.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.26.0 h1:v/60pFQmzmT9ExmjDv2gGIfi3OqfKoEP6I5+umXlbnQ= golang.org/x/tools v0.26.0/go.mod h1:TPVVj70c7JJ3WCazhD8OdXcZg/og+b9+tH/KxylGwH0= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= @@ -215,18 +200,19 @@ golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8T golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= gomodules.xyz/jsonpatch/v2 v2.4.0 h1:Ci3iUJyx9UeRx7CeFN8ARgGbkESwJK+KB9lLcWxY/Zw= gomodules.xyz/jsonpatch/v2 v2.4.0/go.mod h1:AH3dM2RI6uoBZxn3LVrfvJ3E0/9dG4cSrbuBJT4moAY= -google.golang.org/genproto/googleapis/api v0.0.0-20240701130421-f6361c86f094 h1:0+ozOGcrp+Y8Aq8TLNN2Aliibms5LEzsq99ZZmAGYm0= -google.golang.org/genproto/googleapis/api v0.0.0-20240701130421-f6361c86f094/go.mod h1:fJ/e3If/Q67Mj99hin0hMhiNyCRmt6BQ2aWIJshUSJw= -google.golang.org/genproto/googleapis/rpc v0.0.0-20240701130421-f6361c86f094 h1:BwIjyKYGsK9dMCBOorzRri8MQwmi7mT9rGHsCEinZkA= -google.golang.org/genproto/googleapis/rpc v0.0.0-20240701130421-f6361c86f094/go.mod h1:Ue6ibwXGpU+dqIcODieyLOcgj7z8+IcskoNIgZxtrFY= -google.golang.org/grpc v1.65.0 h1:bs/cUb4lp1G5iImFFd3u5ixQzweKizoZJAwBNLR42lc= -google.golang.org/grpc v1.65.0/go.mod h1:WgYC2ypjlB0EiQi6wdKixMqukr6lBc0Vo+oOgjrM5ZQ= -google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg= -google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw= +google.golang.org/genproto/googleapis/api v0.0.0-20240814211410-ddb44dafa142 h1:wKguEg1hsxI2/L3hUYrpo1RVi48K+uTyzKqprwLXsb8= +google.golang.org/genproto/googleapis/api v0.0.0-20240814211410-ddb44dafa142/go.mod h1:d6be+8HhtEtucleCbxpPW9PA9XwISACu8nvpPqF0BVo= +google.golang.org/genproto/googleapis/rpc v0.0.0-20240814211410-ddb44dafa142 h1:e7S5W7MGGLaSu8j3YjdezkZ+m1/Nm0uRVRMEMGk26Xs= +google.golang.org/genproto/googleapis/rpc v0.0.0-20240814211410-ddb44dafa142/go.mod h1:UqMtugtsSgubUsoxbuAoiCXvqvErP7Gf0so0mK9tHxU= +google.golang.org/grpc v1.67.1 h1:zWnc1Vrcno+lHZCOofnIMvycFcc0QRGIzm9dhnDX68E= +google.golang.org/grpc v1.67.1/go.mod h1:1gLDyUQU7CTLJI90u3nXZ9ekeghjeM7pTDZlqFNg2AA= +google.golang.org/protobuf v1.35.1 h1:m3LfL6/Ca+fqnjnlqQXNpFPABW1UD7mjh8KO2mKFytA= +google.golang.org/protobuf v1.35.1/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= +gopkg.in/evanphx/json-patch.v4 v4.12.0 h1:n6jtcsulIzXPJaxegRbvFNNrZDjbij7ny3gmSPG+6V4= +gopkg.in/evanphx/json-patch.v4 v4.12.0/go.mod h1:p8EYWUEYMpynmqDbY58zCKCFZw8pRWMG4EsWvDvM72M= gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= @@ -236,26 +222,24 @@ gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C gopkg.in/yaml.v3 v3.0.0/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -k8s.io/api v0.29.9 h1:FwdflpNsfMUYUOblMZNWJ4K/q0OSL5A4jGa0iOgcJco= -k8s.io/api v0.29.9/go.mod h1:fNhmzRfKaSEHCmczA/jRx6CiDKhYOnFLJBERMJAXEk8= -k8s.io/apiextensions-apiserver v0.29.9 h1:EB6RK06kFJjbzBwU1YiVznxrcgBE0hhDWt6EQQIcOy4= -k8s.io/apiextensions-apiserver v0.29.9/go.mod h1:jcaHG6R/bB1iU6XzC1DMhB1x2ktTJLt2KKpg6B65Z2c= -k8s.io/apimachinery v0.29.9 h1:YZ8HUid1TzQVz94cnNlsQjLdH0VoAhWSqz7t0q6B12A= -k8s.io/apimachinery v0.29.9/go.mod h1:i3FJVwhvSp/6n8Fl4K97PJEP8C+MM+aoDq4+ZJBf70Y= -k8s.io/apiserver v0.29.9 h1:BiHTZbAYcNYHTE9RlWMBe5AX2XoZbRujy6oo5krU4V8= -k8s.io/apiserver v0.29.9/go.mod h1:3zmBeYworciVZHs8jSfzt/naTpDQb3AM++aYJ5Pkqqo= -k8s.io/client-go v0.29.9 h1:4f/Wz6li3rEyIPFj32XAQMtOGMM1tg7KQi1oeS6ibPg= -k8s.io/client-go v0.29.9/go.mod h1:2N1drQEZ5yiYrWVaE2Un8JiISUhl47D8pyZlYLszke4= -k8s.io/component-base v0.29.9 h1:lPENvp3CCwdeMEWGjiTfn5b287qQYuK7gX32OBOovmA= -k8s.io/component-base v0.29.9/go.mod h1:NGDa6Ih0EdcLA2G4K2ZYySoiB+2Tn+rmSqPyudCPgDY= -k8s.io/klog/v2 v2.110.1 h1:U/Af64HJf7FcwMcXyKm2RPM22WZzyR7OSpYj5tg3cL0= -k8s.io/klog/v2 v2.110.1/go.mod h1:YGtd1984u+GgbuZ7e08/yBuAfKLSO0+uR1Fhi6ExXjo= -k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 h1:aVUu9fTY98ivBPKR9Y5w/AuzbMm96cd3YHRTU83I780= -k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00/go.mod h1:AsvuZPBlUDVuCdzJ87iajxtXuR9oktsTctW/R9wwouA= -k8s.io/utils v0.0.0-20230726121419-3b25d923346b h1:sgn3ZU783SCgtaSJjpcVVlRqd6GSnlTLKgpAAttJvpI= -k8s.io/utils v0.0.0-20230726121419-3b25d923346b/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= -sigs.k8s.io/controller-runtime v0.16.6 h1:FiXwTuFF5ZJKmozfP2Z0j7dh6kmxP4Ou1KLfxgKKC3I= -sigs.k8s.io/controller-runtime v0.16.6/go.mod h1:+dQzkZxnylD0u49e0a+7AR+vlibEBaThmPca7lTyUsI= +k8s.io/api v0.31.2 h1:3wLBbL5Uom/8Zy98GRPXpJ254nEFpl+hwndmk9RwmL0= +k8s.io/api v0.31.2/go.mod h1:bWmGvrGPssSK1ljmLzd3pwCQ9MgoTsRCuK35u6SygUk= +k8s.io/apiextensions-apiserver v0.31.2 h1:W8EwUb8+WXBLu56ser5IudT2cOho0gAKeTOnywBLxd0= +k8s.io/apiextensions-apiserver v0.31.2/go.mod h1:i+Geh+nGCJEGiCGR3MlBDkS7koHIIKWVfWeRFiOsUcM= +k8s.io/apimachinery v0.31.2 h1:i4vUt2hPK56W6mlT7Ry+AO8eEsyxMD1U44NR22CLTYw= +k8s.io/apimachinery v0.31.2/go.mod h1:rsPdaZJfTfLsNJSQzNHQvYoTmxhoOEofxtOsF3rtsMo= +k8s.io/apiserver v0.31.2 h1:VUzOEUGRCDi6kX1OyQ801m4A7AUPglpsmGvdsekmcI4= +k8s.io/apiserver v0.31.2/go.mod h1:o3nKZR7lPlJqkU5I3Ove+Zx3JuoFjQobGX1Gctw6XuE= +k8s.io/client-go v0.31.2 h1:Y2F4dxU5d3AQj+ybwSMqQnpZH9F30//1ObxOKlTI9yc= +k8s.io/client-go v0.31.2/go.mod h1:NPa74jSVR/+eez2dFsEIHNa+3o09vtNaWwWwb1qSxSs= +k8s.io/klog/v2 v2.130.1 h1:n9Xl7H1Xvksem4KFG4PYbdQCQxqc/tTUyrgXaOhHSzk= +k8s.io/klog/v2 v2.130.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= +k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 h1:BZqlfIlq5YbRMFko6/PM7FjZpUb45WallggurYhKGag= +k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340/go.mod h1:yD4MZYeKMBwQKVht279WycxKyM84kkAx2DPrTXaeb98= +k8s.io/utils v0.0.0-20240711033017-18e509b52bc8 h1:pUdcCO1Lk/tbT5ztQWOBi5HBgbBP1J8+AsQnQCKsi8A= +k8s.io/utils v0.0.0-20240711033017-18e509b52bc8/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +sigs.k8s.io/controller-runtime v0.19.1 h1:Son+Q40+Be3QWb+niBXAg2vFiYWolDjjRfO8hn/cxOk= +sigs.k8s.io/controller-runtime v0.19.1/go.mod h1:iRmWllt8IlaLjvTTDLhRBXIEtkCK6hwVBJJsYS9Ajf4= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= sigs.k8s.io/structured-merge-diff/v4 v4.4.1 h1:150L+0vs/8DA78h1u02ooW1/fFq/Lwr+sGiqlzvrtq4= diff --git a/lifecycle-operator/webhooks/pod_mutator/handlers/appcreationrequest_handler_test.go b/lifecycle-operator/webhooks/pod_mutator/handlers/appcreationrequest_handler_test.go index 7ef618ad61..342ebafc50 100644 --- a/lifecycle-operator/webhooks/pod_mutator/handlers/appcreationrequest_handler_test.go +++ b/lifecycle-operator/webhooks/pod_mutator/handlers/appcreationrequest_handler_test.go @@ -43,10 +43,6 @@ func TestAppHandlerHandle(t *testing.T) { }} singleServiceCreationReq := &apilifecycle.KeptnAppCreationRequest{ - TypeMeta: metav1.TypeMeta{ - Kind: "KeptnAppCreationRequest", - APIVersion: "lifecycle.keptn.sh/v1", - }, ObjectMeta: metav1.ObjectMeta{ Name: TestWorkload, Namespace: namespace, @@ -91,10 +87,6 @@ func TestAppHandlerHandle(t *testing.T) { }}, client: testcommon.NewTestClient(), wantReq: &apilifecycle.KeptnAppCreationRequest{ - TypeMeta: metav1.TypeMeta{ - Kind: "KeptnAppCreationRequest", - APIVersion: "lifecycle.keptn.sh/v1", - }, ObjectMeta: metav1.ObjectMeta{ Name: testApp, Namespace: namespace, diff --git a/lifecycle-operator/webhooks/pod_mutator/handlers/workload_test.go b/lifecycle-operator/webhooks/pod_mutator/handlers/workload_test.go index 3a6bd63a02..947b4f73b0 100644 --- a/lifecycle-operator/webhooks/pod_mutator/handlers/workload_test.go +++ b/lifecycle-operator/webhooks/pod_mutator/handlers/workload_test.go @@ -40,7 +40,6 @@ func TestHandle(t *testing.T) { } wantWorkload := &apilifecycle.KeptnWorkload{ - TypeMeta: metav1.TypeMeta{Kind: "KeptnWorkload", APIVersion: "lifecycle.keptn.sh/v1"}, ObjectMeta: metav1.ObjectMeta{ Name: testAppWorkload, Namespace: namespace, @@ -59,7 +58,6 @@ func TestHandle(t *testing.T) { }, } wantWorkload2 := &apilifecycle.KeptnWorkload{ - TypeMeta: metav1.TypeMeta{Kind: "KeptnWorkload", APIVersion: "lifecycle.keptn.sh/v1"}, ObjectMeta: metav1.ObjectMeta{ Name: testAppWorkload, Namespace: namespace, diff --git a/lifecycle-operator/webhooks/pod_mutator/pod_mutating_webhook.go b/lifecycle-operator/webhooks/pod_mutator/pod_mutating_webhook.go index 2233a08746..96c891bf8f 100644 --- a/lifecycle-operator/webhooks/pod_mutator/pod_mutating_webhook.go +++ b/lifecycle-operator/webhooks/pod_mutator/pod_mutating_webhook.go @@ -38,7 +38,7 @@ type PodMutatingWebhook struct { func NewPodMutator( client client.Client, - decoder *admission.Decoder, + decoder admission.Decoder, eventSender eventsender.IEvent, log logr.Logger, schedulingGatesEnabled bool, diff --git a/lifecycle-operator/webhooks/pod_mutator/pod_mutating_webhook_test.go b/lifecycle-operator/webhooks/pod_mutator/pod_mutating_webhook_test.go index 9c490cc074..eb159bb1bb 100644 --- a/lifecycle-operator/webhooks/pod_mutator/pod_mutating_webhook_test.go +++ b/lifecycle-operator/webhooks/pod_mutator/pod_mutating_webhook_test.go @@ -652,7 +652,7 @@ func generateRequest(pod *corev1.Pod, t *testing.T) admissionv1.AdmissionRequest } } -func setupTestData() (*corev1.Pod, *v1.Deployment, *corev1.Namespace, *admission.Decoder) { +func setupTestData() (*corev1.Pod, *v1.Deployment, *corev1.Namespace, admission.Decoder) { pod := &corev1.Pod{ ObjectMeta: metav1.ObjectMeta{ Name: testPod, diff --git a/metrics-operator/Makefile b/metrics-operator/Makefile index 4e028592b9..533931ccd2 100644 --- a/metrics-operator/Makefile +++ b/metrics-operator/Makefile @@ -25,7 +25,7 @@ ENVTEST_K8S_VERSION=1.27.1 ## Tool Versions # renovate: datasource=github-tags depName=kubernetes-sigs/kustomize -KUSTOMIZE_VERSION?=v5.4.3 +KUSTOMIZE_VERSION?=v5.5.0 # renovate: datasource=github-releases depName=kubernetes-sigs/controller-tools CONTROLLER_TOOLS_VERSION?=v0.16.5 diff --git a/metrics-operator/chart/templates/analysis-crd.yaml b/metrics-operator/chart/templates/analysis-crd.yaml index 7fd0b7da8a..4f1c47fdb0 100644 --- a/metrics-operator/chart/templates/analysis-crd.yaml +++ b/metrics-operator/chart/templates/analysis-crd.yaml @@ -3,7 +3,7 @@ kind: CustomResourceDefinition metadata: name: analyses.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 {{- with .Values.global.caInjectionAnnotations }} {{- toYaml . | nindent 4 }} {{- end }} diff --git a/metrics-operator/chart/templates/analysisdefinition-crd.yaml b/metrics-operator/chart/templates/analysisdefinition-crd.yaml index 7117a9f30c..0af1a41f03 100644 --- a/metrics-operator/chart/templates/analysisdefinition-crd.yaml +++ b/metrics-operator/chart/templates/analysisdefinition-crd.yaml @@ -3,7 +3,7 @@ kind: CustomResourceDefinition metadata: name: analysisdefinitions.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 {{- with .Values.global.caInjectionAnnotations }} {{- toYaml . | nindent 4 }} {{- end }} diff --git a/metrics-operator/chart/templates/analysisvaluetemplate-crd.yaml b/metrics-operator/chart/templates/analysisvaluetemplate-crd.yaml index 41d47fa463..ea51a1a876 100644 --- a/metrics-operator/chart/templates/analysisvaluetemplate-crd.yaml +++ b/metrics-operator/chart/templates/analysisvaluetemplate-crd.yaml @@ -3,7 +3,7 @@ kind: CustomResourceDefinition metadata: name: analysisvaluetemplates.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 {{- with .Values.global.caInjectionAnnotations }} {{- toYaml . | nindent 4 }} {{- end }} diff --git a/metrics-operator/chart/templates/keptnmetric-crd.yaml b/metrics-operator/chart/templates/keptnmetric-crd.yaml index 6dcd6a3a36..263d23bed8 100644 --- a/metrics-operator/chart/templates/keptnmetric-crd.yaml +++ b/metrics-operator/chart/templates/keptnmetric-crd.yaml @@ -3,7 +3,7 @@ kind: CustomResourceDefinition metadata: name: keptnmetrics.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 {{- with .Values.global.caInjectionAnnotations }} {{- toYaml . | nindent 4 }} {{- end }} diff --git a/metrics-operator/chart/templates/keptnmetricsprovider-crd.yaml b/metrics-operator/chart/templates/keptnmetricsprovider-crd.yaml index 9be49d5680..50a24fa6d5 100644 --- a/metrics-operator/chart/templates/keptnmetricsprovider-crd.yaml +++ b/metrics-operator/chart/templates/keptnmetricsprovider-crd.yaml @@ -3,7 +3,7 @@ kind: CustomResourceDefinition metadata: name: keptnmetricsproviders.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 {{- with .Values.global.caInjectionAnnotations }} {{- toYaml . | nindent 4 }} {{- end }} @@ -67,7 +67,6 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined @@ -133,7 +132,6 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined @@ -193,7 +191,6 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined @@ -260,7 +257,6 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined diff --git a/metrics-operator/chart/templates/metrics-operator-rbac.yaml b/metrics-operator/chart/templates/metrics-operator-rbac.yaml index 2c19791e45..8359f9be2a 100644 --- a/metrics-operator/chart/templates/metrics-operator-rbac.yaml +++ b/metrics-operator/chart/templates/metrics-operator-rbac.yaml @@ -40,12 +40,14 @@ rules: - metrics.keptn.sh resources: - analyses/finalizers + - keptnmetrics/finalizers verbs: - update - apiGroups: - metrics.keptn.sh resources: - analyses/status + - keptnmetrics/status verbs: - get - patch @@ -54,51 +56,9 @@ rules: - metrics.keptn.sh resources: - analysisdefinitions - verbs: - - get - - list - - watch - - apiGroups: - - metrics.keptn.sh - resources: - analysisvaluetemplates - verbs: - - get - - list - - watch - - apiGroups: - - metrics.keptn.sh - resources: - keptnmetrics - verbs: - - get - - list - - watch - - apiGroups: - - metrics.keptn.sh - resources: - - keptnmetrics/finalizers - verbs: - - update - - apiGroups: - - metrics.keptn.sh - resources: - - keptnmetrics/status - verbs: - - get - - patch - - update - - apiGroups: - - metrics.keptn.sh - resources: - keptnmetricsproviders - verbs: - - get - - list - - watch - - apiGroups: - - metrics.keptn.sh - resources: - providers verbs: - get diff --git a/metrics-operator/config/crd/bases/metrics.keptn.sh_analyses.yaml b/metrics-operator/config/crd/bases/metrics.keptn.sh_analyses.yaml index 95ae73f958..42fd587a45 100644 --- a/metrics-operator/config/crd/bases/metrics.keptn.sh_analyses.yaml +++ b/metrics-operator/config/crd/bases/metrics.keptn.sh_analyses.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.5 name: analyses.metrics.keptn.sh spec: group: metrics.keptn.sh diff --git a/metrics-operator/config/crd/bases/metrics.keptn.sh_analysisdefinitions.yaml b/metrics-operator/config/crd/bases/metrics.keptn.sh_analysisdefinitions.yaml index 14c309f04d..6074478dfb 100644 --- a/metrics-operator/config/crd/bases/metrics.keptn.sh_analysisdefinitions.yaml +++ b/metrics-operator/config/crd/bases/metrics.keptn.sh_analysisdefinitions.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.5 name: analysisdefinitions.metrics.keptn.sh spec: group: metrics.keptn.sh diff --git a/metrics-operator/config/crd/bases/metrics.keptn.sh_analysisvaluetemplates.yaml b/metrics-operator/config/crd/bases/metrics.keptn.sh_analysisvaluetemplates.yaml index e0edf4d0d9..67705015f8 100644 --- a/metrics-operator/config/crd/bases/metrics.keptn.sh_analysisvaluetemplates.yaml +++ b/metrics-operator/config/crd/bases/metrics.keptn.sh_analysisvaluetemplates.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.5 name: analysisvaluetemplates.metrics.keptn.sh spec: group: metrics.keptn.sh diff --git a/metrics-operator/config/crd/bases/metrics.keptn.sh_keptnmetrics.yaml b/metrics-operator/config/crd/bases/metrics.keptn.sh_keptnmetrics.yaml index 645687160e..14df82a485 100644 --- a/metrics-operator/config/crd/bases/metrics.keptn.sh_keptnmetrics.yaml +++ b/metrics-operator/config/crd/bases/metrics.keptn.sh_keptnmetrics.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.5 name: keptnmetrics.metrics.keptn.sh spec: group: metrics.keptn.sh diff --git a/metrics-operator/config/crd/bases/metrics.keptn.sh_keptnmetricsproviders.yaml b/metrics-operator/config/crd/bases/metrics.keptn.sh_keptnmetricsproviders.yaml index 5541e9366c..ec61b83506 100644 --- a/metrics-operator/config/crd/bases/metrics.keptn.sh_keptnmetricsproviders.yaml +++ b/metrics-operator/config/crd/bases/metrics.keptn.sh_keptnmetricsproviders.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.5 name: keptnmetricsproviders.metrics.keptn.sh spec: group: metrics.keptn.sh @@ -59,7 +59,6 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined @@ -125,7 +124,6 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined @@ -185,7 +183,6 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined @@ -252,7 +249,6 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined diff --git a/metrics-operator/config/rbac/role.yaml b/metrics-operator/config/rbac/role.yaml index 70fc4a915b..72343427d2 100644 --- a/metrics-operator/config/rbac/role.yaml +++ b/metrics-operator/config/rbac/role.yaml @@ -34,12 +34,14 @@ rules: - metrics.keptn.sh resources: - analyses/finalizers + - keptnmetrics/finalizers verbs: - update - apiGroups: - metrics.keptn.sh resources: - analyses/status + - keptnmetrics/status verbs: - get - patch @@ -48,51 +50,9 @@ rules: - metrics.keptn.sh resources: - analysisdefinitions - verbs: - - get - - list - - watch -- apiGroups: - - metrics.keptn.sh - resources: - analysisvaluetemplates - verbs: - - get - - list - - watch -- apiGroups: - - metrics.keptn.sh - resources: - keptnmetrics - verbs: - - get - - list - - watch -- apiGroups: - - metrics.keptn.sh - resources: - - keptnmetrics/finalizers - verbs: - - update -- apiGroups: - - metrics.keptn.sh - resources: - - keptnmetrics/status - verbs: - - get - - patch - - update -- apiGroups: - - metrics.keptn.sh - resources: - keptnmetricsproviders - verbs: - - get - - list - - watch -- apiGroups: - - metrics.keptn.sh - resources: - providers verbs: - get diff --git a/metrics-operator/go.mod b/metrics-operator/go.mod index 969386ca07..dfd35c74ae 100644 --- a/metrics-operator/go.mod +++ b/metrics-operator/go.mod @@ -3,7 +3,7 @@ module github.com/keptn/lifecycle-toolkit/metrics-operator go 1.23 require ( - github.com/DataDog/datadog-api-client-go/v2 v2.29.0 + github.com/DataDog/datadog-api-client-go/v2 v2.31.0 github.com/benbjohnson/clock v1.3.5 github.com/go-logr/logr v1.4.2 github.com/gorilla/mux v1.8.1 @@ -18,14 +18,14 @@ require ( golang.org/x/exp v0.0.0-20241009180824-f66d83c29e7c golang.org/x/net v0.30.0 gopkg.in/inf.v0 v0.9.1 - k8s.io/api v0.29.9 - k8s.io/apiextensions-apiserver v0.29.9 - k8s.io/apimachinery v0.29.9 - k8s.io/apiserver v0.29.9 - k8s.io/client-go v0.29.9 - k8s.io/component-base v0.29.9 + k8s.io/api v0.29.10 + k8s.io/apiextensions-apiserver v0.29.10 + k8s.io/apimachinery v0.29.10 + k8s.io/apiserver v0.29.10 + k8s.io/client-go v0.29.10 + k8s.io/component-base v0.29.10 k8s.io/klog/v2 v2.130.1 - k8s.io/metrics v0.29.9 + k8s.io/metrics v0.29.10 sigs.k8s.io/controller-runtime v0.16.6 sigs.k8s.io/custom-metrics-apiserver v1.29.0 sigs.k8s.io/yaml v1.4.0 @@ -85,32 +85,31 @@ require ( go.etcd.io/etcd/client/v3 v3.5.11 // indirect go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.46.1 // indirect go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.46.1 // indirect - go.opentelemetry.io/otel v1.28.0 // indirect + go.opentelemetry.io/otel v1.31.0 // indirect go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.28.0 // indirect go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.21.0 // indirect - go.opentelemetry.io/otel/metric v1.28.0 // indirect + go.opentelemetry.io/otel/metric v1.31.0 // indirect go.opentelemetry.io/otel/sdk v1.28.0 // indirect - go.opentelemetry.io/otel/trace v1.28.0 // indirect + go.opentelemetry.io/otel/trace v1.31.0 // indirect go.opentelemetry.io/proto/otlp v1.3.1 // indirect go.uber.org/multierr v1.11.0 // indirect go.uber.org/zap v1.26.0 // indirect golang.org/x/crypto v0.28.0 // indirect - golang.org/x/oauth2 v0.20.0 // indirect + golang.org/x/oauth2 v0.22.0 // indirect golang.org/x/sync v0.8.0 // indirect golang.org/x/sys v0.26.0 // indirect golang.org/x/term v0.25.0 // indirect golang.org/x/text v0.19.0 // indirect golang.org/x/time v0.5.0 // indirect gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect - google.golang.org/genproto v0.0.0-20240227224415-6ceb2ff114de // indirect - google.golang.org/genproto/googleapis/api v0.0.0-20240701130421-f6361c86f094 // indirect - google.golang.org/genproto/googleapis/rpc v0.0.0-20240701130421-f6361c86f094 // indirect - google.golang.org/grpc v1.65.0 // indirect - google.golang.org/protobuf v1.34.2 // indirect + google.golang.org/genproto/googleapis/api v0.0.0-20240814211410-ddb44dafa142 // indirect + google.golang.org/genproto/googleapis/rpc v0.0.0-20241007155032-5fefd90f89a9 // indirect + google.golang.org/grpc v1.67.1 // indirect + google.golang.org/protobuf v1.35.1 // indirect gopkg.in/natefinch/lumberjack.v2 v2.2.1 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect - k8s.io/kms v0.29.9 // indirect + k8s.io/kms v0.29.10 // indirect k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 // indirect k8s.io/utils v0.0.0-20231127182322-b307cd553661 // indirect sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.29.0 // indirect @@ -120,9 +119,9 @@ require ( replace ( github.com/golang/protobuf => github.com/golang/protobuf v1.5.4 - go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc => go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.53.0 - go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp => go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.53.0 + go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc => go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.56.0 + go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp => go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.56.0 go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc => go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.28.0 - google.golang.org/grpc => google.golang.org/grpc v1.65.0 - google.golang.org/protobuf => google.golang.org/protobuf v1.34.2 + google.golang.org/grpc => google.golang.org/grpc v1.67.1 + google.golang.org/protobuf => google.golang.org/protobuf v1.35.1 ) diff --git a/metrics-operator/go.sum b/metrics-operator/go.sum index 7fe0587a5a..c417f14fb0 100644 --- a/metrics-operator/go.sum +++ b/metrics-operator/go.sum @@ -1,5 +1,5 @@ -github.com/DataDog/datadog-api-client-go/v2 v2.29.0 h1:b0vTasEPUc7FuCKaRFqbJB+88IdWL/f7LdKcasMV8Vo= -github.com/DataDog/datadog-api-client-go/v2 v2.29.0/go.mod h1:QKOu6vscsh87fMY1lHfLEmNSunyXImj8BUaUWJXOehc= +github.com/DataDog/datadog-api-client-go/v2 v2.31.0 h1:JfJhYlHfLzvauI8u6h23smTooWYe6quNhhg9gpTszWY= +github.com/DataDog/datadog-api-client-go/v2 v2.31.0/go.mod h1:d3tOEgUd2kfsr9uuHQdY+nXrWp4uikgTgVCPdKNK30U= github.com/DataDog/zstd v1.5.2 h1:vUG4lAyuPCXO0TLbXvPv7EB7cNK1QV/luu55UHLrrn8= github.com/DataDog/zstd v1.5.2/go.mod h1:g4AWEaM3yOg3HYfnJ3YIawPnVdXJh9QME85blwSAmyw= github.com/NYTimes/gziphandler v1.1.1 h1:ZUDjpQae29j0ryrS0u/B8HZfJBtBQHjqw2rQ2cqUQ3I= @@ -200,22 +200,22 @@ go.etcd.io/etcd/raft/v3 v3.5.10 h1:cgNAYe7xrsrn/5kXMSaH8kM/Ky8mAdMqGOxyYwpP0LA= go.etcd.io/etcd/raft/v3 v3.5.10/go.mod h1:odD6kr8XQXTy9oQnyMPBOr0TVe+gT0neQhElQ6jbGRc= go.etcd.io/etcd/server/v3 v3.5.10 h1:4NOGyOwD5sUZ22PiWYKmfxqoeh72z6EhYjNosKGLmZg= go.etcd.io/etcd/server/v3 v3.5.10/go.mod h1:gBplPHfs6YI0L+RpGkTQO7buDbHv5HJGG/Bst0/zIPo= -go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.53.0 h1:9G6E0TXzGFVfTnawRzrPl83iHOAV7L8NJiR8RSGYV1g= -go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.53.0/go.mod h1:azvtTADFQJA8mX80jIH/akaE7h+dbm/sVuaHqN13w74= -go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.53.0 h1:4K4tsIXefpVJtvA/8srF4V4y0akAoPHkIslgAkjixJA= -go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.53.0/go.mod h1:jjdQuTGVsXV4vSs+CJ2qYDeDPf9yIJV23qlIzBm73Vg= -go.opentelemetry.io/otel v1.28.0 h1:/SqNcYk+idO0CxKEUOtKQClMK/MimZihKYMruSMViUo= -go.opentelemetry.io/otel v1.28.0/go.mod h1:q68ijF8Fc8CnMHKyzqL6akLO46ePnjkgfIMIjUIX9z4= +go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.56.0 h1:yMkBS9yViCc7U7yeLzJPM2XizlfdVvBRSmsQDWu6qc0= +go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.56.0/go.mod h1:n8MR6/liuGB5EmTETUBeU5ZgqMOlqKRxUaqPQBOANZ8= +go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.56.0 h1:UP6IpuHFkUgOQL9FFQFrZ+5LiwhhYRbi7VZSIx6Nj5s= +go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.56.0/go.mod h1:qxuZLtbq5QDtdeSHsS7bcf6EH6uO6jUAgk764zd3rhM= +go.opentelemetry.io/otel v1.31.0 h1:NsJcKPIW0D0H3NgzPDHmo0WW6SptzPdqg/L1zsIm2hY= +go.opentelemetry.io/otel v1.31.0/go.mod h1:O0C14Yl9FgkjqcCZAsE053C13OaddMYr/hz6clDkEJE= go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.28.0 h1:3Q/xZUyC1BBkualc9ROb4G8qkH90LXEIICcs5zv1OYY= go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.28.0/go.mod h1:s75jGIWA9OfCMzF0xr+ZgfrB5FEbbV7UuYo32ahUiFI= go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.28.0 h1:R3X6ZXmNPRR8ul6i3WgFURCHzaXjHdm0karRG/+dj3s= go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.28.0/go.mod h1:QWFXnDavXWwMx2EEcZsf3yxgEKAqsxQ+Syjp+seyInw= -go.opentelemetry.io/otel/metric v1.28.0 h1:f0HGvSl1KRAU1DLgLGFjrwVyismPlnuU6JD6bOeuA5Q= -go.opentelemetry.io/otel/metric v1.28.0/go.mod h1:Fb1eVBFZmLVTMb6PPohq3TO9IIhUisDsbJoL/+uQW4s= +go.opentelemetry.io/otel/metric v1.31.0 h1:FSErL0ATQAmYHUIzSezZibnyVlft1ybhy4ozRPcF2fE= +go.opentelemetry.io/otel/metric v1.31.0/go.mod h1:C3dEloVbLuYoX41KpmAhOqNriGbA+qqH6PQ5E5mUfnY= go.opentelemetry.io/otel/sdk v1.28.0 h1:b9d7hIry8yZsgtbmM0DKyPWMMUMlK9NEKuIG4aBqWyE= go.opentelemetry.io/otel/sdk v1.28.0/go.mod h1:oYj7ClPUA7Iw3m+r7GeEjz0qckQRJK2B8zjcZEfu7Pg= -go.opentelemetry.io/otel/trace v1.28.0 h1:GhQ9cUuQGmNDd5BTCP2dAvv75RdMxEfTmYejp+lkx9g= -go.opentelemetry.io/otel/trace v1.28.0/go.mod h1:jPyXzNPg6da9+38HEwElrQiHlVMTnVfM3/yv2OlIHaI= +go.opentelemetry.io/otel/trace v1.31.0 h1:ffjsj1aRouKewfr85U2aGagJ46+MvodynlQ1HYdmJys= +go.opentelemetry.io/otel/trace v1.31.0/go.mod h1:TXZkRk7SM2ZQLtR6eoAWQFIHPvzQ06FJAsO1tJg480A= go.opentelemetry.io/proto/otlp v1.3.1 h1:TrMUixzpM0yuc/znrFTP9MMRh8trP93mkCiDVeXrui0= go.opentelemetry.io/proto/otlp v1.3.1/go.mod h1:0X1WI4de4ZsLrrJNLAQbFeLCm3T7yBkR0XqQ7niQU+8= go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= @@ -247,8 +247,8 @@ golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwY golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= golang.org/x/net v0.30.0 h1:AcW1SDZMkb8IpzCdQUaIq2sP4sZ4zw+55h6ynffypl4= golang.org/x/net v0.30.0/go.mod h1:2wGyMJ5iFasEhkwi13ChkO/t1ECNC4X4eBKkVFyYFlU= -golang.org/x/oauth2 v0.20.0 h1:4mQdhULixXKP1rwYBW0vAijoXnkTG0BLCDRzfe1idMo= -golang.org/x/oauth2 v0.20.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI= +golang.org/x/oauth2 v0.22.0 h1:BzDx2FehcG7jJwgWLELCdmLuxk2i+x9UDpSiss2u0ZA= +golang.org/x/oauth2 v0.22.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -286,16 +286,16 @@ golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8T golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= gomodules.xyz/jsonpatch/v2 v2.4.0 h1:Ci3iUJyx9UeRx7CeFN8ARgGbkESwJK+KB9lLcWxY/Zw= gomodules.xyz/jsonpatch/v2 v2.4.0/go.mod h1:AH3dM2RI6uoBZxn3LVrfvJ3E0/9dG4cSrbuBJT4moAY= -google.golang.org/genproto v0.0.0-20240227224415-6ceb2ff114de h1:F6qOa9AZTYJXOUEr4jDysRDLrm4PHePlge4v4TGAlxY= -google.golang.org/genproto v0.0.0-20240227224415-6ceb2ff114de/go.mod h1:VUhTRKeHn9wwcdrk73nvdC9gF178Tzhmt/qyaFcPLSo= -google.golang.org/genproto/googleapis/api v0.0.0-20240701130421-f6361c86f094 h1:0+ozOGcrp+Y8Aq8TLNN2Aliibms5LEzsq99ZZmAGYm0= -google.golang.org/genproto/googleapis/api v0.0.0-20240701130421-f6361c86f094/go.mod h1:fJ/e3If/Q67Mj99hin0hMhiNyCRmt6BQ2aWIJshUSJw= -google.golang.org/genproto/googleapis/rpc v0.0.0-20240701130421-f6361c86f094 h1:BwIjyKYGsK9dMCBOorzRri8MQwmi7mT9rGHsCEinZkA= -google.golang.org/genproto/googleapis/rpc v0.0.0-20240701130421-f6361c86f094/go.mod h1:Ue6ibwXGpU+dqIcODieyLOcgj7z8+IcskoNIgZxtrFY= -google.golang.org/grpc v1.65.0 h1:bs/cUb4lp1G5iImFFd3u5ixQzweKizoZJAwBNLR42lc= -google.golang.org/grpc v1.65.0/go.mod h1:WgYC2ypjlB0EiQi6wdKixMqukr6lBc0Vo+oOgjrM5ZQ= -google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg= -google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw= +google.golang.org/genproto v0.0.0-20231212172506-995d672761c0 h1:YJ5pD9rF8o9Qtta0Cmy9rdBwkSjrTCT6XTiUQVOtIos= +google.golang.org/genproto v0.0.0-20231212172506-995d672761c0/go.mod h1:l/k7rMz0vFTBPy+tFSGvXEd3z+BcoG1k7EHbqm+YBsY= +google.golang.org/genproto/googleapis/api v0.0.0-20240814211410-ddb44dafa142 h1:wKguEg1hsxI2/L3hUYrpo1RVi48K+uTyzKqprwLXsb8= +google.golang.org/genproto/googleapis/api v0.0.0-20240814211410-ddb44dafa142/go.mod h1:d6be+8HhtEtucleCbxpPW9PA9XwISACu8nvpPqF0BVo= +google.golang.org/genproto/googleapis/rpc v0.0.0-20241007155032-5fefd90f89a9 h1:QCqS/PdaHTSWGvupk2F/ehwHtGc0/GYkT+3GAcR1CCc= +google.golang.org/genproto/googleapis/rpc v0.0.0-20241007155032-5fefd90f89a9/go.mod h1:GX3210XPVPUjJbTUbvwI8f2IpZDMZuPJWDzDuebbviI= +google.golang.org/grpc v1.67.1 h1:zWnc1Vrcno+lHZCOofnIMvycFcc0QRGIzm9dhnDX68E= +google.golang.org/grpc v1.67.1/go.mod h1:1gLDyUQU7CTLJI90u3nXZ9ekeghjeM7pTDZlqFNg2AA= +google.golang.org/protobuf v1.35.1 h1:m3LfL6/Ca+fqnjnlqQXNpFPABW1UD7mjh8KO2mKFytA= +google.golang.org/protobuf v1.35.1/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= @@ -310,26 +310,26 @@ gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -k8s.io/api v0.29.9 h1:FwdflpNsfMUYUOblMZNWJ4K/q0OSL5A4jGa0iOgcJco= -k8s.io/api v0.29.9/go.mod h1:fNhmzRfKaSEHCmczA/jRx6CiDKhYOnFLJBERMJAXEk8= -k8s.io/apiextensions-apiserver v0.29.9 h1:EB6RK06kFJjbzBwU1YiVznxrcgBE0hhDWt6EQQIcOy4= -k8s.io/apiextensions-apiserver v0.29.9/go.mod h1:jcaHG6R/bB1iU6XzC1DMhB1x2ktTJLt2KKpg6B65Z2c= -k8s.io/apimachinery v0.29.9 h1:YZ8HUid1TzQVz94cnNlsQjLdH0VoAhWSqz7t0q6B12A= -k8s.io/apimachinery v0.29.9/go.mod h1:i3FJVwhvSp/6n8Fl4K97PJEP8C+MM+aoDq4+ZJBf70Y= -k8s.io/apiserver v0.29.9 h1:BiHTZbAYcNYHTE9RlWMBe5AX2XoZbRujy6oo5krU4V8= -k8s.io/apiserver v0.29.9/go.mod h1:3zmBeYworciVZHs8jSfzt/naTpDQb3AM++aYJ5Pkqqo= -k8s.io/client-go v0.29.9 h1:4f/Wz6li3rEyIPFj32XAQMtOGMM1tg7KQi1oeS6ibPg= -k8s.io/client-go v0.29.9/go.mod h1:2N1drQEZ5yiYrWVaE2Un8JiISUhl47D8pyZlYLszke4= -k8s.io/component-base v0.29.9 h1:lPENvp3CCwdeMEWGjiTfn5b287qQYuK7gX32OBOovmA= -k8s.io/component-base v0.29.9/go.mod h1:NGDa6Ih0EdcLA2G4K2ZYySoiB+2Tn+rmSqPyudCPgDY= +k8s.io/api v0.29.10 h1:Fao3HOxccbGRC1HZtXD+Y41xJhP0tEToVo5W7EEUBm0= +k8s.io/api v0.29.10/go.mod h1:rF0sRh64w1hMNAVGh4YYniSxODyHye3GLmymAbWBDvY= +k8s.io/apiextensions-apiserver v0.29.10 h1:2k2AHrWgs4S+07HrOjEdcyrQ/UqYlvBi6uon1fox1KE= +k8s.io/apiextensions-apiserver v0.29.10/go.mod h1:3rrJC52bW5frHf10N3JvaDpl++hgrzD9Gs6IZpKWMoc= +k8s.io/apimachinery v0.29.10 h1:57OLNqOJUgp5KlRRY3JOBFOTTa5Rt/LVkmKiiN2cvaQ= +k8s.io/apimachinery v0.29.10/go.mod h1:i3FJVwhvSp/6n8Fl4K97PJEP8C+MM+aoDq4+ZJBf70Y= +k8s.io/apiserver v0.29.10 h1:dQwLNBG0qcNVbw72poZ3R+mvdi3RdtEX9x1nZX3RxGs= +k8s.io/apiserver v0.29.10/go.mod h1:UkJz90cVDZF/iZ19FEUEMWHI04EgoQiakMGD0x9urDY= +k8s.io/client-go v0.29.10 h1:hPmG1pmKslRhmCIzVd90sA58B0sJwNwduNgXFWsFqhI= +k8s.io/client-go v0.29.10/go.mod h1:gnMCQiRXGL9K0VtlW8gTkhzptGrHm2BJ4qBbujNemc4= +k8s.io/component-base v0.29.10 h1:YQrQ/bpzGPGqIPEPaBzxjH0/1DJOI+yZPZNbbz7ZCBY= +k8s.io/component-base v0.29.10/go.mod h1:IbwsBob2DnYiAONsSHIuYenchqcDycbHSLHrXshuLgM= k8s.io/klog/v2 v2.130.1 h1:n9Xl7H1Xvksem4KFG4PYbdQCQxqc/tTUyrgXaOhHSzk= k8s.io/klog/v2 v2.130.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= -k8s.io/kms v0.29.9 h1:7B9VGhFAzNfBmfXeQ0Xi+OzIcNPw/xazPnLm/J3vNT4= -k8s.io/kms v0.29.9/go.mod h1:vWVImKkJd+1BQY4tBwdfSwjQBiLrnbNtHADcDEDQFtk= +k8s.io/kms v0.29.10 h1:LAck4rZrOIjLrSE1yhMLJM8H91QkfpWzCQyeTxdHKSk= +k8s.io/kms v0.29.10/go.mod h1:vWVImKkJd+1BQY4tBwdfSwjQBiLrnbNtHADcDEDQFtk= k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 h1:aVUu9fTY98ivBPKR9Y5w/AuzbMm96cd3YHRTU83I780= k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00/go.mod h1:AsvuZPBlUDVuCdzJ87iajxtXuR9oktsTctW/R9wwouA= -k8s.io/metrics v0.29.9 h1:0Rglc03f5u4/wHliG8cfhLOtSbTwL03WQ37CMn9c4OI= -k8s.io/metrics v0.29.9/go.mod h1:1DixHaqPn7puV31YlEKT/kAEP+31cpOShIPiRtro5no= +k8s.io/metrics v0.29.10 h1:1HrqU+FzD2PaVpgDOmrEqX31t7KtZB5TAlPrsJLgH6I= +k8s.io/metrics v0.29.10/go.mod h1:N+6qNL56EeuhyuTj29iClimxtaFDg1wAMcCte1nVFL4= k8s.io/utils v0.0.0-20231127182322-b307cd553661 h1:FepOBzJ0GXm8t0su67ln2wAZjbQ6RxQGZDnzuLcrUTI= k8s.io/utils v0.0.0-20231127182322-b307cd553661/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.29.0 h1:/U5vjBbQn3RChhv7P11uhYvCSm5G2GaIi5AIGBS6r4c= diff --git a/renovate.json b/renovate.json index da0cb2e448..fac02f94b5 100644 --- a/renovate.json +++ b/renovate.json @@ -1,7 +1,7 @@ { "$schema": "https://docs.renovatebot.com/renovate-schema.json", "extends": [ - "config:base", + "config:recommended", ":gitSignOff", "schedule:nonOfficeHours", ":semanticCommitTypeAll(deps)", @@ -13,7 +13,7 @@ "addLabels": ["dependencies"], "cloneSubmodules": true, "prConcurrentLimit": 15, - "stabilityDays": 3, + "minimumReleaseAge": "3 days", "timezone": "Europe/Vienna", "rebaseWhen": "conflicted", "postUpdateOptions": [ @@ -26,15 +26,15 @@ ], "packageRules": [ { - "excludePackagePatterns": [ - "docker.io\\/thschue\\/.*", - "docker.io\\/annadreal\\/.*", - "docker.io\\/bacherfl\\/.*", - "docker.io\\/mowies\\/.*", - "docker.io\\/odubajdt\\/.*", - "docker.io\\/thisthatdc\\/.*", - "testreg\\/.*", - "myrep" + "matchPackageNames": [ + "!/docker.io\\/thschue\\/.*/", + "!/docker.io\\/annadreal\\/.*/", + "!/docker.io\\/bacherfl\\/.*/", + "!/docker.io\\/mowies\\/.*/", + "!/docker.io\\/odubajdt\\/.*/", + "!/docker.io\\/thisthatdc\\/.*/", + "!/testreg\\/.*/", + "!/myrep/" ] }, { @@ -79,12 +79,13 @@ }, { "matchManagers": ["gomod"], - "matchPackagePrefixes": ["golang.org/x"], - "groupName": "All golang.org/x packages" + "groupName": "All golang.org/x packages", + "matchPackageNames": ["golang.org/x{/,}**"] } ], - "regexManagers": [ + "customManagers": [ { + "customType": "regex", "fileMatch": [ "(^|\\/)Makefile$", "(^|\\/)Dockerfile", @@ -104,9 +105,7 @@ ], "packageRules": [ { - "excludePackagePatterns": [ - ".*podtato\\-head.*" - ] + "matchPackageNames": ["!/.*podtato\\-head.*/"] } ], "ignorePaths": [ diff --git a/requirements.txt b/requirements.txt index b79e9f60fa..a1e302df94 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,7 +1,7 @@ mkdocs==1.6.1 -mkdocs-git-revision-date-localized-plugin==1.2.9 -mkdocs-include-markdown-plugin==6.2.2 -mkdocs-material==9.5.40 +mkdocs-git-revision-date-localized-plugin==1.3.0 +mkdocs-include-markdown-plugin==7.0.0 +mkdocs-material==9.5.42 mkdocs-material-extensions==1.3.1 pymdown-extensions==10.11.2 -mkdocs-material[imaging]==9.5.40 +mkdocs-material[imaging]==9.5.42 diff --git a/runtimes/deno-runtime/Dockerfile b/runtimes/deno-runtime/Dockerfile index 188435313d..b78b033a75 100644 --- a/runtimes/deno-runtime/Dockerfile +++ b/runtimes/deno-runtime/Dockerfile @@ -1,4 +1,4 @@ -FROM denoland/deno:alpine-1.46.3 AS production +FROM denoland/deno:alpine-2.0.3 AS production LABEL org.opencontainers.image.source="https://github.com/keptn/lifecycle-toolkit" \ org.opencontainers.image.url="https://keptn.sh" \ diff --git a/runtimes/deno-runtime/README.md b/runtimes/deno-runtime/README.md index 7df63c1183..fcd90ac141 100644 --- a/runtimes/deno-runtime/README.md +++ b/runtimes/deno-runtime/README.md @@ -3,7 +3,7 @@ ## Build ```shell -docker build -t keptnsandbox/klc-runtime:${VERSION} . +docker build -t keptn/deno-runtime:${VERSION} . ``` ## Usage diff --git a/runtimes/python-runtime/Dockerfile b/runtimes/python-runtime/Dockerfile index d8f3522df0..c63712cf3c 100644 --- a/runtimes/python-runtime/Dockerfile +++ b/runtimes/python-runtime/Dockerfile @@ -1,4 +1,4 @@ -FROM python:3.12.7-alpine AS production +FROM python:3.13.0-alpine AS production LABEL org.opencontainers.image.source="https://github.com/keptn/lifecycle-toolkit" \ org.opencontainers.image.url="https://keptn.sh" \ diff --git a/scheduler/Makefile b/scheduler/Makefile index fcc5a2f4c1..7e82019804 100644 --- a/scheduler/Makefile +++ b/scheduler/Makefile @@ -46,7 +46,7 @@ $(LOCALBIN): ## Tool Versions # renovate: datasource=github-tags depName=kubernetes-sigs/kustomize -KUSTOMIZE_VERSION ?= v5.4.3 +KUSTOMIZE_VERSION ?= v5.5.0 ## Tool Binaries KUSTOMIZE ?= $(LOCALBIN)/kustomize diff --git a/scheduler/go.mod b/scheduler/go.mod index 1c7e630f75..209a24dbb8 100644 --- a/scheduler/go.mod +++ b/scheduler/go.mod @@ -126,7 +126,7 @@ replace ( github.com/golang/protobuf => github.com/golang/protobuf v1.5.4 github.com/keptn/lifecycle-toolkit/scheduler/pkg/klcpermit => /pkg/klcpermit golang.org/x/net => golang.org/x/net v0.30.0 - google.golang.org/protobuf => google.golang.org/protobuf v1.34.2 + google.golang.org/protobuf => google.golang.org/protobuf v1.35.1 k8s.io/apiextensions-apiserver => k8s.io/apiextensions-apiserver v0.25.16 k8s.io/cli-runtime => k8s.io/cli-runtime v0.25.16 k8s.io/cloud-provider => k8s.io/cloud-provider v0.25.16 diff --git a/scheduler/go.sum b/scheduler/go.sum index 427bd6a833..44a3e6dc63 100644 --- a/scheduler/go.sum +++ b/scheduler/go.sum @@ -674,8 +674,8 @@ google.golang.org/grpc v1.37.0/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQ google.golang.org/grpc v1.38.0/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM= google.golang.org/grpc v1.64.0 h1:KH3VH9y/MgNQg1dE7b3XfVK0GsPSIzJwdF617gUSbvY= google.golang.org/grpc v1.64.0/go.mod h1:oxjF8E3FBnjp+/gVFYdWacaLDx9na1aqy9oovLpxQYg= -google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg= -google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw= +google.golang.org/protobuf v1.35.1 h1:m3LfL6/Ca+fqnjnlqQXNpFPABW1UD7mjh8KO2mKFytA= +google.golang.org/protobuf v1.35.1/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE= gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= diff --git a/test/chainsaw/integration/expose-keptn-metric/job-existing-metric.yaml b/test/chainsaw/integration/expose-keptn-metric/job-existing-metric.yaml index e07d500510..e8b21a3f9a 100644 --- a/test/chainsaw/integration/expose-keptn-metric/job-existing-metric.yaml +++ b/test/chainsaw/integration/expose-keptn-metric/job-existing-metric.yaml @@ -20,7 +20,7 @@ spec: spec: containers: - name: test-prometheus - image: curlimages/curl:8.9.1 + image: curlimages/curl:8.10.1 env: - name: NAME value: (replace_all($namespace, '-', '')) @@ -38,7 +38,7 @@ spec: fi exit 1 - name: test-api-endpoint - image: curlimages/curl:8.9.1 + image: curlimages/curl:8.10.1 env: - name: NAME value: (replace_all($namespace, '-', '')) diff --git a/test/chainsaw/integration/expose-keptn-metric/job-no-metric.yaml b/test/chainsaw/integration/expose-keptn-metric/job-no-metric.yaml index bc44bf3019..cb09bcf505 100644 --- a/test/chainsaw/integration/expose-keptn-metric/job-no-metric.yaml +++ b/test/chainsaw/integration/expose-keptn-metric/job-no-metric.yaml @@ -10,7 +10,7 @@ spec: spec: containers: - name: test-prometheus - image: curlimages/curl:8.9.1 + image: curlimages/curl:8.10.1 env: - name: NAME value: (replace_all($namespace, '-', '')) @@ -26,7 +26,7 @@ spec: exit 1 fi - name: test-api-endpoint - image: curlimages/curl:8.9.1 + image: curlimages/curl:8.10.1 env: - name: NAME value: (replace_all($namespace, '-', '')) diff --git a/test/chainsaw/integration/podtato-head-application-auto-app-discovery/00-install.yaml b/test/chainsaw/integration/podtato-head-application-auto-app-discovery/00-install.yaml index 3b4a360410..b97a7451f9 100644 --- a/test/chainsaw/integration/podtato-head-application-auto-app-discovery/00-install.yaml +++ b/test/chainsaw/integration/podtato-head-application-auto-app-discovery/00-install.yaml @@ -24,7 +24,7 @@ spec: command: ['sh', '-c', 'sleep 30'] containers: - name: server - image: ghcr.io/podtato-head/entry:0.2.8 + image: ghcr.io/podtato-head/entry:0.3.0 imagePullPolicy: Always ports: - containerPort: 9000 @@ -72,7 +72,7 @@ spec: terminationGracePeriodSeconds: 5 containers: - name: server - image: ghcr.io/podtato-head/hat:0.2.8 + image: ghcr.io/podtato-head/hat:0.3.0 imagePullPolicy: Always ports: - containerPort: 9000 @@ -119,7 +119,7 @@ spec: terminationGracePeriodSeconds: 5 containers: - name: server - image: ghcr.io/podtato-head/left-leg:0.2.8 + image: ghcr.io/podtato-head/left-leg:0.3.0 imagePullPolicy: Always ports: - containerPort: 9000 @@ -165,7 +165,7 @@ spec: terminationGracePeriodSeconds: 5 containers: - name: server - image: ghcr.io/podtato-head/left-arm:0.2.8 + image: ghcr.io/podtato-head/left-arm:0.3.0 imagePullPolicy: Always ports: - containerPort: 9000 @@ -211,7 +211,7 @@ spec: terminationGracePeriodSeconds: 5 containers: - name: server - image: ghcr.io/podtato-head/right-leg:0.2.8 + image: ghcr.io/podtato-head/right-leg:0.3.0 imagePullPolicy: Always ports: - containerPort: 9000 @@ -257,7 +257,7 @@ spec: terminationGracePeriodSeconds: 5 containers: - name: server - image: ghcr.io/podtato-head/right-arm:0.2.8 + image: ghcr.io/podtato-head/right-arm:0.3.0 imagePullPolicy: Always ports: - containerPort: 9000 diff --git a/test/chainsaw/integration/podtato-head-application/00-install.yaml b/test/chainsaw/integration/podtato-head-application/00-install.yaml index 6b1bdb2060..5f0f56405b 100644 --- a/test/chainsaw/integration/podtato-head-application/00-install.yaml +++ b/test/chainsaw/integration/podtato-head-application/00-install.yaml @@ -47,7 +47,7 @@ spec: command: ['sh', '-c', 'sleep 30'] containers: - name: server - image: ghcr.io/podtato-head/entry:0.2.8 + image: ghcr.io/podtato-head/entry:0.3.0 imagePullPolicy: Always ports: - containerPort: 9000 @@ -97,7 +97,7 @@ spec: terminationGracePeriodSeconds: 5 containers: - name: server - image: ghcr.io/podtato-head/hat:0.2.8 + image: ghcr.io/podtato-head/hat:0.3.0 imagePullPolicy: Always ports: - containerPort: 9000 @@ -145,7 +145,7 @@ spec: terminationGracePeriodSeconds: 5 containers: - name: server - image: ghcr.io/podtato-head/left-leg:0.2.8 + image: ghcr.io/podtato-head/left-leg:0.3.0 imagePullPolicy: Always ports: - containerPort: 9000 @@ -193,7 +193,7 @@ spec: terminationGracePeriodSeconds: 5 containers: - name: server - image: ghcr.io/podtato-head/left-arm:0.2.8 + image: ghcr.io/podtato-head/left-arm:0.3.0 imagePullPolicy: Always ports: - containerPort: 9000 @@ -241,7 +241,7 @@ spec: terminationGracePeriodSeconds: 5 containers: - name: server - image: ghcr.io/podtato-head/right-leg:0.2.8 + image: ghcr.io/podtato-head/right-leg:0.3.0 imagePullPolicy: Always ports: - containerPort: 9000 @@ -289,7 +289,7 @@ spec: terminationGracePeriodSeconds: 5 containers: - name: server - image: ghcr.io/podtato-head/right-arm:0.2.8 + image: ghcr.io/podtato-head/right-arm:0.3.0 imagePullPolicy: Always ports: - containerPort: 9000 diff --git a/test/chainsaw/integration/restartable-app/00-install.yaml b/test/chainsaw/integration/restartable-app/00-install.yaml index 7fed2e4b2c..773cde2ebd 100644 --- a/test/chainsaw/integration/restartable-app/00-install.yaml +++ b/test/chainsaw/integration/restartable-app/00-install.yaml @@ -45,7 +45,7 @@ spec: command: ['sh', '-c', 'sleep 30'] containers: - name: server - image: ghcr.io/podtato-head/entry:0.2.8 + image: ghcr.io/podtato-head/entry:0.3.0 imagePullPolicy: Always ports: - containerPort: 9000 @@ -94,7 +94,7 @@ spec: terminationGracePeriodSeconds: 5 containers: - name: server - image: ghcr.io/podtato-head/hat:0.2.8 + image: ghcr.io/podtato-head/hat:0.3.0 imagePullPolicy: Always ports: - containerPort: 9000 @@ -141,7 +141,7 @@ spec: terminationGracePeriodSeconds: 5 containers: - name: server - image: ghcr.io/podtato-head/left-leg:0.2.8 + image: ghcr.io/podtato-head/left-leg:0.3.0 imagePullPolicy: Always ports: - containerPort: 9000 @@ -188,7 +188,7 @@ spec: terminationGracePeriodSeconds: 5 containers: - name: server - image: ghcr.io/podtato-head/left-arm:0.2.8 + image: ghcr.io/podtato-head/left-arm:0.3.0 imagePullPolicy: Always ports: - containerPort: 9000 @@ -235,7 +235,7 @@ spec: terminationGracePeriodSeconds: 5 containers: - name: server - image: ghcr.io/podtato-head/right-leg:0.2.8 + image: ghcr.io/podtato-head/right-leg:0.3.0 imagePullPolicy: Always ports: - containerPort: 9000 @@ -282,7 +282,7 @@ spec: terminationGracePeriodSeconds: 5 containers: - name: server - image: ghcr.io/podtato-head/right-arm:0.2.8 + image: ghcr.io/podtato-head/right-arm:0.3.0 imagePullPolicy: Always ports: - containerPort: 9000 diff --git a/test/chainsaw/integration/workload-version-failing-pre-task/00-install.yaml b/test/chainsaw/integration/workload-version-failing-pre-task/00-install.yaml index ea1cff4336..3faf5014bf 100644 --- a/test/chainsaw/integration/workload-version-failing-pre-task/00-install.yaml +++ b/test/chainsaw/integration/workload-version-failing-pre-task/00-install.yaml @@ -34,7 +34,7 @@ spec: terminationGracePeriodSeconds: 5 containers: - name: server - image: ghcr.io/podtato-head/entry:0.2.8 + image: ghcr.io/podtato-head/entry:0.3.0 imagePullPolicy: Always ports: - containerPort: 9000 diff --git a/test/chainsaw/integration/workload-version-missing-evaluation/00-install.yaml b/test/chainsaw/integration/workload-version-missing-evaluation/00-install.yaml index bcc95601e8..4b2db69be9 100644 --- a/test/chainsaw/integration/workload-version-missing-evaluation/00-install.yaml +++ b/test/chainsaw/integration/workload-version-missing-evaluation/00-install.yaml @@ -21,7 +21,7 @@ spec: terminationGracePeriodSeconds: 5 containers: - name: server - image: ghcr.io/podtato-head/entry:0.2.8 + image: ghcr.io/podtato-head/entry:0.3.0 imagePullPolicy: Always ports: - containerPort: 9000 diff --git a/test/chainsaw/integration/workload-version-missing-task/00-install.yaml b/test/chainsaw/integration/workload-version-missing-task/00-install.yaml index 9a3cbf1baa..0ce58af916 100644 --- a/test/chainsaw/integration/workload-version-missing-task/00-install.yaml +++ b/test/chainsaw/integration/workload-version-missing-task/00-install.yaml @@ -21,7 +21,7 @@ spec: terminationGracePeriodSeconds: 5 containers: - name: server - image: ghcr.io/podtato-head/entry:0.2.8 + image: ghcr.io/podtato-head/entry:0.3.0 imagePullPolicy: Always ports: - containerPort: 9000 diff --git a/test/chainsaw/non-blocking-deployment/01-install.yaml b/test/chainsaw/non-blocking-deployment/01-install.yaml index d27104b3e0..69a1d8d900 100644 --- a/test/chainsaw/non-blocking-deployment/01-install.yaml +++ b/test/chainsaw/non-blocking-deployment/01-install.yaml @@ -28,7 +28,7 @@ spec: terminationGracePeriodSeconds: 5 containers: - name: server - image: ghcr.io/podtato-head/entry:0.2.8 + image: ghcr.io/podtato-head/entry:0.3.0 imagePullPolicy: Always ports: - containerPort: 9000 diff --git a/test/chainsaw/testmetrics/metrics-hpa/00-install.yaml b/test/chainsaw/testmetrics/metrics-hpa/00-install.yaml index 3fde10dabe..fbe46fa3d6 100644 --- a/test/chainsaw/testmetrics/metrics-hpa/00-install.yaml +++ b/test/chainsaw/testmetrics/metrics-hpa/00-install.yaml @@ -17,7 +17,7 @@ spec: terminationGracePeriodSeconds: 5 containers: - name: server - image: ghcr.io/podtato-head/entry:0.2.8 + image: ghcr.io/podtato-head/entry:0.3.0 imagePullPolicy: Always resources: limits: diff --git a/test/chainsaw/testmetrics/metrics-keda/00-install.yaml b/test/chainsaw/testmetrics/metrics-keda/00-install.yaml index 3fde10dabe..fbe46fa3d6 100644 --- a/test/chainsaw/testmetrics/metrics-keda/00-install.yaml +++ b/test/chainsaw/testmetrics/metrics-keda/00-install.yaml @@ -17,7 +17,7 @@ spec: terminationGracePeriodSeconds: 5 containers: - name: server - image: ghcr.io/podtato-head/entry:0.2.8 + image: ghcr.io/podtato-head/entry:0.3.0 imagePullPolicy: Always resources: limits: diff --git a/test/chainsaw/traces/collector.yaml b/test/chainsaw/traces/collector.yaml index a2ac62fecd..d0df7a7dc6 100644 --- a/test/chainsaw/traces/collector.yaml +++ b/test/chainsaw/traces/collector.yaml @@ -24,7 +24,7 @@ data: endpoint: "0.0.0.0:4317" tls: insecure: true - logging: + debug: verbosity: detailed service: @@ -33,7 +33,7 @@ data: traces: receivers: [otlp] processors: [] - exporters: [otlp, logging] + exporters: [otlp, debug] --- apiVersion: v1 kind: Service @@ -91,7 +91,7 @@ spec: env: - name: GOGC value: "80" - image: otel/opentelemetry-collector:0.108.0 + image: otel/opentelemetry-collector:0.112.0 name: otel-collector resources: limits: @@ -121,22 +121,3 @@ spec: - key: otel-collector-config path: otel-collector-config.yaml name: otel-collector-config-vol ---- -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - labels: - serviceapp: otel-collector - name: otel-collector - namespace: keptn-system -spec: - endpoints: - - bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token - interval: 30s - port: metrics - namespaceSelector: - matchNames: - - keptn-system - selector: - matchLabels: - app: opentelemetry