diff --git a/Makefile b/Makefile index f04ad330..cab32097 100644 --- a/Makefile +++ b/Makefile @@ -204,7 +204,7 @@ GINKGO ?= $(LOCALBIN)/ginkgo ## Tool Versions KUSTOMIZE_VERSION ?= v3.8.7 -CONTROLLER_TOOLS_VERSION ?= v0.11.1 +CONTROLLER_TOOLS_VERSION ?= v0.14.0 GOTOOLCHAIN_VERSION ?= go1.21.0 KUSTOMIZE_INSTALL_SCRIPT ?= "https://raw.githubusercontent.com/kubernetes-sigs/kustomize/master/hack/install_kustomize.sh" diff --git a/api/bases/barbican.openstack.org_barbicanapis.yaml b/api/bases/barbican.openstack.org_barbicanapis.yaml index a6c1f5b0..a634fe3d 100644 --- a/api/bases/barbican.openstack.org_barbicanapis.yaml +++ b/api/bases/barbican.openstack.org_barbicanapis.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.11.1 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: barbicanapis.barbican.openstack.org spec: group: barbican.openstack.org @@ -30,14 +29,19 @@ spec: description: BarbicanAPI is the Schema for the barbicanapis API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -49,17 +53,16 @@ spec: set to environmental default if empty) type: string customServiceConfig: - description: CustomServiceConfig - customize the service config using - this parameter to change service defaults, or overwrite rendered - information using raw OpenStack config format. The content gets - added to to /etc//.conf.d directory as a custom - config file. + description: |- + CustomServiceConfig - customize the service config using this parameter to change service defaults, + or overwrite rendered information using raw OpenStack config format. The content gets added to + to /etc//.conf.d directory as a custom config file. type: string customServiceConfigSecrets: - description: CustomServiceConfigSecrets - customize the service config - using this parameter to specify Secrets that contain sensitive service - config data. The content of each Secret gets added to the /etc//.conf.d - directory as a custom config file. + description: |- + CustomServiceConfigSecrets - customize the service config using this parameter to specify Secrets + that contain sensitive service config data. The content of each Secret gets added to the + /etc//.conf.d directory as a custom config file. items: type: string type: array @@ -72,17 +75,19 @@ spec: description: DatabaseHostname - Barbican Database Hostname type: string databaseInstance: - description: 'MariaDB instance name TODO(dmendiza): Is this comment - right? Right now required by the maridb-operator to get the credentials - from the instance to create the DB Might not be required in future' + description: |- + MariaDB instance name + TODO(dmendiza): Is this comment right? + Right now required by the maridb-operator to get the credentials from the instance to create the DB + Might not be required in future type: string defaultConfigOverwrite: additionalProperties: type: string - description: 'ConfigOverwrite - interface to overwrite default config - files like e.g. policy.json. But can also be used to add additional - files. Those get added to the service config dir in /etc/ - . TODO: -> implement' + description: |- + ConfigOverwrite - interface to overwrite default config files like e.g. policy.json. + But can also be used to add additional files. Those get added to the service config dir in /etc/ . + TODO: -> implement type: object enableSecureRBAC: default: true @@ -118,9 +123,9 @@ spec: nodeSelector: additionalProperties: type: string - description: NodeSelector to target subset of worker nodes running - this component. Setting here overrides any global NodeSelector settings - within the Barbican CR. + description: |- + NodeSelector to target subset of worker nodes running this component. Setting here overrides + any global NodeSelector settings within the Barbican CR. type: object override: description: Override, provides the ability to override the generated @@ -128,128 +133,114 @@ spec: properties: service: additionalProperties: - description: RoutedOverrideSpec - a routed service override - configuration for the Service created to serve traffic to - the cluster. Allows for the manifest of the created Service - to be overwritten with custom configuration. + description: |- + RoutedOverrideSpec - a routed service override configuration for the Service created to serve traffic + to the cluster. Allows for the manifest of the created Service to be overwritten with custom configuration. properties: endpointURL: type: string metadata: - description: EmbeddedLabelsAnnotations is an embedded subset - of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta. + description: |- + EmbeddedLabelsAnnotations is an embedded subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta. Only labels and annotations are included. properties: annotations: additionalProperties: type: string - description: 'Annotations is an unstructured key value - map stored with a resource that may be set by external - tools to store and retrieve arbitrary metadata. They - are not queryable and should be preserved when modifying - objects. More info: http://kubernetes.io/docs/user-guide/annotations' + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations type: object labels: additionalProperties: type: string - description: 'Map of string keys and values that can - be used to organize and categorize (scope and select) - objects. May match selectors of replication controllers - and services. More info: http://kubernetes.io/docs/user-guide/labels' + description: |- + Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: http://kubernetes.io/docs/user-guide/labels type: object type: object spec: - description: OverrideServiceSpec is a subset of the fields - included in https://pkg.go.dev/k8s.io/api@v0.26.6/core/v1#ServiceSpec - Limited to Type, SessionAffinity, LoadBalancerSourceRanges, - ExternalName, ExternalTrafficPolicy, SessionAffinityConfig, + description: |- + OverrideServiceSpec is a subset of the fields included in https://pkg.go.dev/k8s.io/api@v0.26.6/core/v1#ServiceSpec + Limited to Type, SessionAffinity, LoadBalancerSourceRanges, ExternalName, ExternalTrafficPolicy, SessionAffinityConfig, IPFamilyPolicy, LoadBalancerClass and InternalTrafficPolicy properties: externalName: - description: externalName is the external reference - that discovery mechanisms will return as an alias - for this service (e.g. a DNS CNAME record). No proxying - will be involved. Must be a lowercase RFC-1123 hostname - (https://tools.ietf.org/html/rfc1123) and requires - `type` to be "ExternalName". + description: |- + externalName is the external reference that discovery mechanisms will + return as an alias for this service (e.g. a DNS CNAME record). No + proxying will be involved. Must be a lowercase RFC-1123 hostname + (https://tools.ietf.org/html/rfc1123) and requires `type` to be "ExternalName". type: string externalTrafficPolicy: - description: externalTrafficPolicy describes how nodes - distribute service traffic they receive on one of - the Service's "externally-facing" addresses (NodePorts, - ExternalIPs, and LoadBalancer IPs). If set to "Local", - the proxy will configure the service in a way that - assumes that external load balancers will take care - of balancing the service traffic between nodes, and - so each node will deliver traffic only to the node-local - endpoints of the service, without masquerading the - client source IP. (Traffic mistakenly sent to a node - with no endpoints will be dropped.) The default value, - "Cluster", uses the standard behavior of routing to - all endpoints evenly (possibly modified by topology - and other features). Note that traffic sent to an - External IP or LoadBalancer IP from within the cluster - will always get "Cluster" semantics, but clients sending - to a NodePort from within the cluster may need to - take traffic policy into account when picking a node. + description: |- + externalTrafficPolicy describes how nodes distribute service traffic they + receive on one of the Service's "externally-facing" addresses (NodePorts, + ExternalIPs, and LoadBalancer IPs). If set to "Local", the proxy will configure + the service in a way that assumes that external load balancers will take care + of balancing the service traffic between nodes, and so each node will deliver + traffic only to the node-local endpoints of the service, without masquerading + the client source IP. (Traffic mistakenly sent to a node with no endpoints will + be dropped.) The default value, "Cluster", uses the standard behavior of + routing to all endpoints evenly (possibly modified by topology and other + features). Note that traffic sent to an External IP or LoadBalancer IP from + within the cluster will always get "Cluster" semantics, but clients sending to + a NodePort from within the cluster may need to take traffic policy into account + when picking a node. type: string internalTrafficPolicy: - description: InternalTrafficPolicy describes how nodes - distribute service traffic they receive on the ClusterIP. - If set to "Local", the proxy will assume that pods - only want to talk to endpoints of the service on the - same node as the pod, dropping the traffic if there - are no local endpoints. The default value, "Cluster", - uses the standard behavior of routing to all endpoints - evenly (possibly modified by topology and other features). + description: |- + InternalTrafficPolicy describes how nodes distribute service traffic they + receive on the ClusterIP. If set to "Local", the proxy will assume that pods + only want to talk to endpoints of the service on the same node as the pod, + dropping the traffic if there are no local endpoints. The default value, + "Cluster", uses the standard behavior of routing to all endpoints evenly + (possibly modified by topology and other features). type: string ipFamilyPolicy: - description: IPFamilyPolicy represents the dual-stack-ness - requested or required by this Service. If there is - no value provided, then this field will be set to - SingleStack. Services can be "SingleStack" (a single - IP family), "PreferDualStack" (two IP families on - dual-stack configured clusters or a single IP family - on single-stack clusters), or "RequireDualStack" (two - IP families on dual-stack configured clusters, otherwise - fail). The ipFamilies and clusterIPs fields depend - on the value of this field. This field will be wiped - when updating a service to type ExternalName. + description: |- + IPFamilyPolicy represents the dual-stack-ness requested or required by + this Service. If there is no value provided, then this field will be set + to SingleStack. Services can be "SingleStack" (a single IP family), + "PreferDualStack" (two IP families on dual-stack configured clusters or + a single IP family on single-stack clusters), or "RequireDualStack" + (two IP families on dual-stack configured clusters, otherwise fail). The + ipFamilies and clusterIPs fields depend on the value of this field. This + field will be wiped when updating a service to type ExternalName. type: string loadBalancerClass: - description: loadBalancerClass is the class of the load - balancer implementation this Service belongs to. If - specified, the value of this field must be a label-style - identifier, with an optional prefix, e.g. "internal-vip" - or "example.com/internal-vip". Unprefixed names are - reserved for end-users. This field can only be set - when the Service type is 'LoadBalancer'. If not set, - the default load balancer implementation is used, - today this is typically done through the cloud provider - integration, but should apply for any default implementation. - If set, it is assumed that a load balancer implementation - is watching for Services with a matching class. Any - default load balancer implementation (e.g. cloud providers) - should ignore Services that set this field. This field - can only be set when creating or updating a Service - to type 'LoadBalancer'. Once set, it can not be changed. - This field will be wiped when a service is updated - to a non 'LoadBalancer' type. + description: |- + loadBalancerClass is the class of the load balancer implementation this Service belongs to. + If specified, the value of this field must be a label-style identifier, with an optional prefix, + e.g. "internal-vip" or "example.com/internal-vip". Unprefixed names are reserved for end-users. + This field can only be set when the Service type is 'LoadBalancer'. If not set, the default load + balancer implementation is used, today this is typically done through the cloud provider integration, + but should apply for any default implementation. If set, it is assumed that a load balancer + implementation is watching for Services with a matching class. Any default load balancer + implementation (e.g. cloud providers) should ignore Services that set this field. + This field can only be set when creating or updating a Service to type 'LoadBalancer'. + Once set, it can not be changed. This field will be wiped when a service is updated to a non 'LoadBalancer' type. type: string loadBalancerSourceRanges: - description: 'If specified and supported by the platform, - this will restrict traffic through the cloud-provider - load-balancer will be restricted to the specified - client IPs. This field will be ignored if the cloud-provider - does not support the feature." More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/' + description: |- + If specified and supported by the platform, this will restrict traffic through the cloud-provider + load-balancer will be restricted to the specified client IPs. This field will be ignored if the + cloud-provider does not support the feature." + More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/ items: type: string type: array sessionAffinity: - description: 'Supports "ClientIP" and "None". Used to - maintain session affinity. Enable client IP based - session affinity. Must be ClientIP or None. Defaults - to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies' + description: |- + Supports "ClientIP" and "None". Used to maintain session affinity. + Enable client IP based session affinity. + Must be ClientIP or None. + Defaults to None. + More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies type: string sessionAffinityConfig: description: sessionAffinityConfig contains the configurations @@ -260,40 +251,38 @@ spec: of Client IP based session affinity. properties: timeoutSeconds: - description: timeoutSeconds specifies the seconds - of ClientIP type session sticky time. The - value must be >0 && <=86400(for 1 day) if - ServiceAffinity == "ClientIP". Default value - is 10800(for 3 hours). + description: |- + timeoutSeconds specifies the seconds of ClientIP type session sticky time. + The value must be >0 && <=86400(for 1 day) if ServiceAffinity == "ClientIP". + Default value is 10800(for 3 hours). format: int32 type: integer type: object type: object type: - description: 'type determines how the Service is exposed. - Defaults to ClusterIP. Valid options are ExternalName, - ClusterIP, NodePort, and LoadBalancer. "ClusterIP" - allocates a cluster-internal IP address for load-balancing - to endpoints. Endpoints are determined by the selector - or if that is not specified, by manual construction - of an Endpoints object or EndpointSlice objects. If - clusterIP is "None", no virtual IP is allocated and - the endpoints are published as a set of endpoints - rather than a virtual IP. "NodePort" builds on ClusterIP - and allocates a port on every node which routes to - the same endpoints as the clusterIP. "LoadBalancer" - builds on NodePort and creates an external load-balancer - (if supported in the current cloud) which routes to - the same endpoints as the clusterIP. "ExternalName" - aliases this service to the specified externalName. - Several other fields do not apply to ExternalName - services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types' + description: |- + type determines how the Service is exposed. Defaults to ClusterIP. Valid + options are ExternalName, ClusterIP, NodePort, and LoadBalancer. + "ClusterIP" allocates a cluster-internal IP address for load-balancing + to endpoints. Endpoints are determined by the selector or if that is not + specified, by manual construction of an Endpoints object or + EndpointSlice objects. If clusterIP is "None", no virtual IP is + allocated and the endpoints are published as a set of endpoints rather + than a virtual IP. + "NodePort" builds on ClusterIP and allocates a port on every node which + routes to the same endpoints as the clusterIP. + "LoadBalancer" builds on NodePort and creates an external load-balancer + (if supported in the current cloud) which routes to the same endpoints + as the clusterIP. + "ExternalName" aliases this service to the specified externalName. + Several other fields do not apply to ExternalName services. + More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types type: string type: object type: object - description: Override configuration for the Service created to - serve traffic to the cluster. The key must be the endpoint type - (public, internal) + description: |- + Override configuration for the Service created to serve traffic to the cluster. + The key must be the endpoint type (public, internal) type: object type: object passwordSelectors: @@ -392,20 +381,23 @@ spec: description: The HSM's IPv4 address (X.Y.Z.K) type: string slotId: - description: One of TokenSerialNumber, TokenLabels or SlotId must + description: |- + One of TokenSerialNumber, TokenLabels or SlotId must be defined. SlotId is used if none of the others is defined type: string tokenLabels: - description: Token labels used to identify the token to be used. - One of TokenSerialNumber, TokenLabels or SlotId must be specified. - TokenLabels takes priority over SlotId. This can be a comma - separated string of labels + description: |- + Token labels used to identify the token to be used. + One of TokenSerialNumber, TokenLabels or SlotId must + be specified. TokenLabels takes priority over SlotId. + This can be a comma separated string of labels type: string tokenSerialNumber: - description: Token serial number used to identify the token to - be used. One of TokenSerialNumber, TokenLabels or SlotId must - be defined. TokenSerialNumber takes priority over TokenLabels - and SlotId + description: |- + Token serial number used to identify the token to be used. + One of TokenSerialNumber, TokenLabels or SlotId must + be defined. TokenSerialNumber takes priority over + TokenLabels and SlotId type: string type: description: 'A string containing the HSM type (currently supported: @@ -421,8 +413,9 @@ spec: type: object rabbitMqClusterName: default: rabbitmq - description: RabbitMQ instance name Needed to request a transportURL - that is created and used in Barbican + description: |- + RabbitMQ instance name + Needed to request a transportURL that is created and used in Barbican type: string replicas: default: 1 @@ -432,22 +425,29 @@ spec: minimum: 0 type: integer resources: - description: Resources - Compute Resources required by this service - (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + description: |- + Resources - Compute Resources required by this service (Limits/Requests). + https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ properties: claims: - description: "Claims lists the names of resources, defined in - spec.resourceClaims, that are used by this container. \n This - is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable. It can only be set - for containers." + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + + This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in pod.spec.resourceClaims - of the Pod where this field is used. It makes that resource - available inside a container. + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. type: string required: - name @@ -463,8 +463,9 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object requests: additionalProperties: @@ -473,11 +474,11 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object type: object secret: @@ -553,10 +554,10 @@ spec: operational state. properties: lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. + description: |- + Last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when + the API field changed is acceptable. format: date-time type: string message: @@ -568,14 +569,13 @@ spec: in CamelCase. type: string severity: - description: Severity provides a classification of Reason code, - so the current situation is immediately understandable and - could act accordingly. It is meant for situations where Status=False - and it should be indicated if it is just informational, warning - (next reconciliation might fix it) or an error (e.g. DB create - issue and no actions to automatically resolve the issue can/should - be done). For conditions where Status=Unknown or Status=True - the Severity should be SeverityNone. + description: |- + Severity provides a classification of Reason code, so the current situation is immediately + understandable and could act accordingly. + It is meant for situations where Status=False and it should be indicated if it is just + informational, warning (next reconciliation might fix it) or an error (e.g. DB create issue + and no actions to automatically resolve the issue can/should be done). + For conditions where Status=Unknown or Status=True the Severity should be SeverityNone. type: string status: description: Status of the condition, one of True, False, Unknown. diff --git a/api/bases/barbican.openstack.org_barbicankeystonelisteners.yaml b/api/bases/barbican.openstack.org_barbicankeystonelisteners.yaml index 83665308..80e9920c 100644 --- a/api/bases/barbican.openstack.org_barbicankeystonelisteners.yaml +++ b/api/bases/barbican.openstack.org_barbicankeystonelisteners.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.11.1 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: barbicankeystonelisteners.barbican.openstack.org spec: group: barbican.openstack.org @@ -31,14 +30,19 @@ spec: API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -51,17 +55,16 @@ spec: set to environmental default if empty) type: string customServiceConfig: - description: CustomServiceConfig - customize the service config using - this parameter to change service defaults, or overwrite rendered - information using raw OpenStack config format. The content gets - added to to /etc//.conf.d directory as a custom - config file. + description: |- + CustomServiceConfig - customize the service config using this parameter to change service defaults, + or overwrite rendered information using raw OpenStack config format. The content gets added to + to /etc//.conf.d directory as a custom config file. type: string customServiceConfigSecrets: - description: CustomServiceConfigSecrets - customize the service config - using this parameter to specify Secrets that contain sensitive service - config data. The content of each Secret gets added to the /etc//.conf.d - directory as a custom config file. + description: |- + CustomServiceConfigSecrets - customize the service config using this parameter to specify Secrets + that contain sensitive service config data. The content of each Secret gets added to the + /etc//.conf.d directory as a custom config file. items: type: string type: array @@ -73,17 +76,19 @@ spec: databaseHostname: type: string databaseInstance: - description: 'MariaDB instance name TODO(dmendiza): Is this comment - right? Right now required by the maridb-operator to get the credentials - from the instance to create the DB Might not be required in future' + description: |- + MariaDB instance name + TODO(dmendiza): Is this comment right? + Right now required by the maridb-operator to get the credentials from the instance to create the DB + Might not be required in future type: string defaultConfigOverwrite: additionalProperties: type: string - description: 'ConfigOverwrite - interface to overwrite default config - files like e.g. policy.json. But can also be used to add additional - files. Those get added to the service config dir in /etc/ - . TODO: -> implement' + description: |- + ConfigOverwrite - interface to overwrite default config files like e.g. policy.json. + But can also be used to add additional files. Those get added to the service config dir in /etc/ . + TODO: -> implement type: object enabledSecretStores: items: @@ -114,9 +119,9 @@ spec: nodeSelector: additionalProperties: type: string - description: NodeSelector to target subset of worker nodes running - this component. Setting here overrides any global NodeSelector settings - within the Barbican CR. + description: |- + NodeSelector to target subset of worker nodes running this component. Setting here overrides + any global NodeSelector settings within the Barbican CR. type: object passwordSelectors: default: @@ -214,20 +219,23 @@ spec: description: The HSM's IPv4 address (X.Y.Z.K) type: string slotId: - description: One of TokenSerialNumber, TokenLabels or SlotId must + description: |- + One of TokenSerialNumber, TokenLabels or SlotId must be defined. SlotId is used if none of the others is defined type: string tokenLabels: - description: Token labels used to identify the token to be used. - One of TokenSerialNumber, TokenLabels or SlotId must be specified. - TokenLabels takes priority over SlotId. This can be a comma - separated string of labels + description: |- + Token labels used to identify the token to be used. + One of TokenSerialNumber, TokenLabels or SlotId must + be specified. TokenLabels takes priority over SlotId. + This can be a comma separated string of labels type: string tokenSerialNumber: - description: Token serial number used to identify the token to - be used. One of TokenSerialNumber, TokenLabels or SlotId must - be defined. TokenSerialNumber takes priority over TokenLabels - and SlotId + description: |- + Token serial number used to identify the token to be used. + One of TokenSerialNumber, TokenLabels or SlotId must + be defined. TokenSerialNumber takes priority over + TokenLabels and SlotId type: string type: description: 'A string containing the HSM type (currently supported: @@ -243,8 +251,9 @@ spec: type: object rabbitMqClusterName: default: rabbitmq - description: RabbitMQ instance name Needed to request a transportURL - that is created and used in Barbican + description: |- + RabbitMQ instance name + Needed to request a transportURL that is created and used in Barbican type: string replicas: default: 1 @@ -254,22 +263,29 @@ spec: minimum: 0 type: integer resources: - description: Resources - Compute Resources required by this service - (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + description: |- + Resources - Compute Resources required by this service (Limits/Requests). + https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ properties: claims: - description: "Claims lists the names of resources, defined in - spec.resourceClaims, that are used by this container. \n This - is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable. It can only be set - for containers." + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + + This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in pod.spec.resourceClaims - of the Pod where this field is used. It makes that resource - available inside a container. + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. type: string required: - name @@ -285,8 +301,9 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object requests: additionalProperties: @@ -295,11 +312,11 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object type: object secret: @@ -348,10 +365,10 @@ spec: operational state. properties: lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. + description: |- + Last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when + the API field changed is acceptable. format: date-time type: string message: @@ -363,14 +380,13 @@ spec: in CamelCase. type: string severity: - description: Severity provides a classification of Reason code, - so the current situation is immediately understandable and - could act accordingly. It is meant for situations where Status=False - and it should be indicated if it is just informational, warning - (next reconciliation might fix it) or an error (e.g. DB create - issue and no actions to automatically resolve the issue can/should - be done). For conditions where Status=Unknown or Status=True - the Severity should be SeverityNone. + description: |- + Severity provides a classification of Reason code, so the current situation is immediately + understandable and could act accordingly. + It is meant for situations where Status=False and it should be indicated if it is just + informational, warning (next reconciliation might fix it) or an error (e.g. DB create issue + and no actions to automatically resolve the issue can/should be done). + For conditions where Status=Unknown or Status=True the Severity should be SeverityNone. type: string status: description: Status of the condition, one of True, False, Unknown. @@ -400,9 +416,10 @@ spec: description: NetworkAttachments status of the deployment pods type: object readyCount: - description: 'INSERT ADDITIONAL STATUS FIELD - define observed state - of cluster Important: Run "make" to regenerate code after modifying - this file ReadyCount of barbican API instances' + description: |- + INSERT ADDITIONAL STATUS FIELD - define observed state of cluster + Important: Run "make" to regenerate code after modifying this file + ReadyCount of barbican API instances format: int32 type: integer type: object diff --git a/api/bases/barbican.openstack.org_barbicans.yaml b/api/bases/barbican.openstack.org_barbicans.yaml index bf9d770c..2a5a5e7b 100644 --- a/api/bases/barbican.openstack.org_barbicans.yaml +++ b/api/bases/barbican.openstack.org_barbicans.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.11.1 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: barbicans.barbican.openstack.org spec: group: barbican.openstack.org @@ -30,14 +29,19 @@ spec: description: Barbican is the Schema for the barbicans API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -53,28 +57,26 @@ spec: be set to environmental default if empty) type: string customServiceConfig: - description: CustomServiceConfig - customize the service config - using this parameter to change service defaults, or overwrite - rendered information using raw OpenStack config format. The - content gets added to to /etc//.conf.d directory - as a custom config file. + description: |- + CustomServiceConfig - customize the service config using this parameter to change service defaults, + or overwrite rendered information using raw OpenStack config format. The content gets added to + to /etc//.conf.d directory as a custom config file. type: string customServiceConfigSecrets: - description: CustomServiceConfigSecrets - customize the service - config using this parameter to specify Secrets that contain - sensitive service config data. The content of each Secret gets - added to the /etc//.conf.d directory as a - custom config file. + description: |- + CustomServiceConfigSecrets - customize the service config using this parameter to specify Secrets + that contain sensitive service config data. The content of each Secret gets added to the + /etc//.conf.d directory as a custom config file. items: type: string type: array defaultConfigOverwrite: additionalProperties: type: string - description: 'ConfigOverwrite - interface to overwrite default - config files like e.g. policy.json. But can also be used to - add additional files. Those get added to the service config - dir in /etc/ . TODO: -> implement' + description: |- + ConfigOverwrite - interface to overwrite default config files like e.g. policy.json. + But can also be used to add additional files. Those get added to the service config dir in /etc/ . + TODO: -> implement type: object enableSecureRBAC: default: true @@ -90,9 +92,9 @@ spec: nodeSelector: additionalProperties: type: string - description: NodeSelector to target subset of worker nodes running - this component. Setting here overrides any global NodeSelector - settings within the Barbican CR. + description: |- + NodeSelector to target subset of worker nodes running this component. Setting here overrides + any global NodeSelector settings within the Barbican CR. type: object override: description: Override, provides the ability to override the generated @@ -100,135 +102,114 @@ spec: properties: service: additionalProperties: - description: RoutedOverrideSpec - a routed service override - configuration for the Service created to serve traffic - to the cluster. Allows for the manifest of the created - Service to be overwritten with custom configuration. + description: |- + RoutedOverrideSpec - a routed service override configuration for the Service created to serve traffic + to the cluster. Allows for the manifest of the created Service to be overwritten with custom configuration. properties: endpointURL: type: string metadata: - description: EmbeddedLabelsAnnotations is an embedded - subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta. + description: |- + EmbeddedLabelsAnnotations is an embedded subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta. Only labels and annotations are included. properties: annotations: additionalProperties: type: string - description: 'Annotations is an unstructured key - value map stored with a resource that may be set - by external tools to store and retrieve arbitrary - metadata. They are not queryable and should be - preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations type: object labels: additionalProperties: type: string - description: 'Map of string keys and values that - can be used to organize and categorize (scope - and select) objects. May match selectors of replication - controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' + description: |- + Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: http://kubernetes.io/docs/user-guide/labels type: object type: object spec: - description: OverrideServiceSpec is a subset of the - fields included in https://pkg.go.dev/k8s.io/api@v0.26.6/core/v1#ServiceSpec - Limited to Type, SessionAffinity, LoadBalancerSourceRanges, - ExternalName, ExternalTrafficPolicy, SessionAffinityConfig, + description: |- + OverrideServiceSpec is a subset of the fields included in https://pkg.go.dev/k8s.io/api@v0.26.6/core/v1#ServiceSpec + Limited to Type, SessionAffinity, LoadBalancerSourceRanges, ExternalName, ExternalTrafficPolicy, SessionAffinityConfig, IPFamilyPolicy, LoadBalancerClass and InternalTrafficPolicy properties: externalName: - description: externalName is the external reference - that discovery mechanisms will return as an alias - for this service (e.g. a DNS CNAME record). No - proxying will be involved. Must be a lowercase - RFC-1123 hostname (https://tools.ietf.org/html/rfc1123) - and requires `type` to be "ExternalName". + description: |- + externalName is the external reference that discovery mechanisms will + return as an alias for this service (e.g. a DNS CNAME record). No + proxying will be involved. Must be a lowercase RFC-1123 hostname + (https://tools.ietf.org/html/rfc1123) and requires `type` to be "ExternalName". type: string externalTrafficPolicy: - description: externalTrafficPolicy describes how - nodes distribute service traffic they receive - on one of the Service's "externally-facing" addresses - (NodePorts, ExternalIPs, and LoadBalancer IPs). - If set to "Local", the proxy will configure the - service in a way that assumes that external load - balancers will take care of balancing the service - traffic between nodes, and so each node will deliver - traffic only to the node-local endpoints of the - service, without masquerading the client source - IP. (Traffic mistakenly sent to a node with no - endpoints will be dropped.) The default value, - "Cluster", uses the standard behavior of routing - to all endpoints evenly (possibly modified by - topology and other features). Note that traffic - sent to an External IP or LoadBalancer IP from - within the cluster will always get "Cluster" semantics, - but clients sending to a NodePort from within - the cluster may need to take traffic policy into - account when picking a node. + description: |- + externalTrafficPolicy describes how nodes distribute service traffic they + receive on one of the Service's "externally-facing" addresses (NodePorts, + ExternalIPs, and LoadBalancer IPs). If set to "Local", the proxy will configure + the service in a way that assumes that external load balancers will take care + of balancing the service traffic between nodes, and so each node will deliver + traffic only to the node-local endpoints of the service, without masquerading + the client source IP. (Traffic mistakenly sent to a node with no endpoints will + be dropped.) The default value, "Cluster", uses the standard behavior of + routing to all endpoints evenly (possibly modified by topology and other + features). Note that traffic sent to an External IP or LoadBalancer IP from + within the cluster will always get "Cluster" semantics, but clients sending to + a NodePort from within the cluster may need to take traffic policy into account + when picking a node. type: string internalTrafficPolicy: - description: InternalTrafficPolicy describes how - nodes distribute service traffic they receive - on the ClusterIP. If set to "Local", the proxy - will assume that pods only want to talk to endpoints - of the service on the same node as the pod, dropping - the traffic if there are no local endpoints. The - default value, "Cluster", uses the standard behavior - of routing to all endpoints evenly (possibly modified - by topology and other features). + description: |- + InternalTrafficPolicy describes how nodes distribute service traffic they + receive on the ClusterIP. If set to "Local", the proxy will assume that pods + only want to talk to endpoints of the service on the same node as the pod, + dropping the traffic if there are no local endpoints. The default value, + "Cluster", uses the standard behavior of routing to all endpoints evenly + (possibly modified by topology and other features). type: string ipFamilyPolicy: - description: IPFamilyPolicy represents the dual-stack-ness - requested or required by this Service. If there - is no value provided, then this field will be - set to SingleStack. Services can be "SingleStack" - (a single IP family), "PreferDualStack" (two IP - families on dual-stack configured clusters or - a single IP family on single-stack clusters), - or "RequireDualStack" (two IP families on dual-stack - configured clusters, otherwise fail). The ipFamilies - and clusterIPs fields depend on the value of this - field. This field will be wiped when updating - a service to type ExternalName. + description: |- + IPFamilyPolicy represents the dual-stack-ness requested or required by + this Service. If there is no value provided, then this field will be set + to SingleStack. Services can be "SingleStack" (a single IP family), + "PreferDualStack" (two IP families on dual-stack configured clusters or + a single IP family on single-stack clusters), or "RequireDualStack" + (two IP families on dual-stack configured clusters, otherwise fail). The + ipFamilies and clusterIPs fields depend on the value of this field. This + field will be wiped when updating a service to type ExternalName. type: string loadBalancerClass: - description: loadBalancerClass is the class of the - load balancer implementation this Service belongs - to. If specified, the value of this field must - be a label-style identifier, with an optional - prefix, e.g. "internal-vip" or "example.com/internal-vip". - Unprefixed names are reserved for end-users. This - field can only be set when the Service type is - 'LoadBalancer'. If not set, the default load balancer - implementation is used, today this is typically - done through the cloud provider integration, but - should apply for any default implementation. If - set, it is assumed that a load balancer implementation - is watching for Services with a matching class. - Any default load balancer implementation (e.g. - cloud providers) should ignore Services that set - this field. This field can only be set when creating - or updating a Service to type 'LoadBalancer'. - Once set, it can not be changed. This field will - be wiped when a service is updated to a non 'LoadBalancer' - type. + description: |- + loadBalancerClass is the class of the load balancer implementation this Service belongs to. + If specified, the value of this field must be a label-style identifier, with an optional prefix, + e.g. "internal-vip" or "example.com/internal-vip". Unprefixed names are reserved for end-users. + This field can only be set when the Service type is 'LoadBalancer'. If not set, the default load + balancer implementation is used, today this is typically done through the cloud provider integration, + but should apply for any default implementation. If set, it is assumed that a load balancer + implementation is watching for Services with a matching class. Any default load balancer + implementation (e.g. cloud providers) should ignore Services that set this field. + This field can only be set when creating or updating a Service to type 'LoadBalancer'. + Once set, it can not be changed. This field will be wiped when a service is updated to a non 'LoadBalancer' type. type: string loadBalancerSourceRanges: - description: 'If specified and supported by the - platform, this will restrict traffic through the - cloud-provider load-balancer will be restricted - to the specified client IPs. This field will be - ignored if the cloud-provider does not support - the feature." More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/' + description: |- + If specified and supported by the platform, this will restrict traffic through the cloud-provider + load-balancer will be restricted to the specified client IPs. This field will be ignored if the + cloud-provider does not support the feature." + More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/ items: type: string type: array sessionAffinity: - description: 'Supports "ClientIP" and "None". Used - to maintain session affinity. Enable client IP - based session affinity. Must be ClientIP or None. - Defaults to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies' + description: |- + Supports "ClientIP" and "None". Used to maintain session affinity. + Enable client IP based session affinity. + Must be ClientIP or None. + Defaults to None. + More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies type: string sessionAffinityConfig: description: sessionAffinityConfig contains the @@ -239,41 +220,38 @@ spec: of Client IP based session affinity. properties: timeoutSeconds: - description: timeoutSeconds specifies the - seconds of ClientIP type session sticky - time. The value must be >0 && <=86400(for - 1 day) if ServiceAffinity == "ClientIP". + description: |- + timeoutSeconds specifies the seconds of ClientIP type session sticky time. + The value must be >0 && <=86400(for 1 day) if ServiceAffinity == "ClientIP". Default value is 10800(for 3 hours). format: int32 type: integer type: object type: object type: - description: 'type determines how the Service is - exposed. Defaults to ClusterIP. Valid options - are ExternalName, ClusterIP, NodePort, and LoadBalancer. - "ClusterIP" allocates a cluster-internal IP address - for load-balancing to endpoints. Endpoints are - determined by the selector or if that is not specified, - by manual construction of an Endpoints object - or EndpointSlice objects. If clusterIP is "None", - no virtual IP is allocated and the endpoints are - published as a set of endpoints rather than a - virtual IP. "NodePort" builds on ClusterIP and - allocates a port on every node which routes to - the same endpoints as the clusterIP. "LoadBalancer" - builds on NodePort and creates an external load-balancer - (if supported in the current cloud) which routes - to the same endpoints as the clusterIP. "ExternalName" - aliases this service to the specified externalName. - Several other fields do not apply to ExternalName - services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types' + description: |- + type determines how the Service is exposed. Defaults to ClusterIP. Valid + options are ExternalName, ClusterIP, NodePort, and LoadBalancer. + "ClusterIP" allocates a cluster-internal IP address for load-balancing + to endpoints. Endpoints are determined by the selector or if that is not + specified, by manual construction of an Endpoints object or + EndpointSlice objects. If clusterIP is "None", no virtual IP is + allocated and the endpoints are published as a set of endpoints rather + than a virtual IP. + "NodePort" builds on ClusterIP and allocates a port on every node which + routes to the same endpoints as the clusterIP. + "LoadBalancer" builds on NodePort and creates an external load-balancer + (if supported in the current cloud) which routes to the same endpoints + as the clusterIP. + "ExternalName" aliases this service to the specified externalName. + Several other fields do not apply to ExternalName services. + More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types type: string type: object type: object - description: Override configuration for the Service created - to serve traffic to the cluster. The key must be the endpoint - type (public, internal) + description: |- + Override configuration for the Service created to serve traffic to the cluster. + The key must be the endpoint type (public, internal) type: object type: object replicas: @@ -284,23 +262,29 @@ spec: minimum: 0 type: integer resources: - description: Resources - Compute Resources required by this service - (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + description: |- + Resources - Compute Resources required by this service (Limits/Requests). + https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable. It can only be - set for containers." + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + + This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. type: string required: - name @@ -316,8 +300,9 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object requests: additionalProperties: @@ -326,11 +311,11 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. Requests cannot exceed - Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object type: object tls: @@ -375,28 +360,26 @@ spec: be set to environmental default if empty) type: string customServiceConfig: - description: CustomServiceConfig - customize the service config - using this parameter to change service defaults, or overwrite - rendered information using raw OpenStack config format. The - content gets added to to /etc//.conf.d directory - as a custom config file. + description: |- + CustomServiceConfig - customize the service config using this parameter to change service defaults, + or overwrite rendered information using raw OpenStack config format. The content gets added to + to /etc//.conf.d directory as a custom config file. type: string customServiceConfigSecrets: - description: CustomServiceConfigSecrets - customize the service - config using this parameter to specify Secrets that contain - sensitive service config data. The content of each Secret gets - added to the /etc//.conf.d directory as a - custom config file. + description: |- + CustomServiceConfigSecrets - customize the service config using this parameter to specify Secrets + that contain sensitive service config data. The content of each Secret gets added to the + /etc//.conf.d directory as a custom config file. items: type: string type: array defaultConfigOverwrite: additionalProperties: type: string - description: 'ConfigOverwrite - interface to overwrite default - config files like e.g. policy.json. But can also be used to - add additional files. Those get added to the service config - dir in /etc/ . TODO: -> implement' + description: |- + ConfigOverwrite - interface to overwrite default config files like e.g. policy.json. + But can also be used to add additional files. Those get added to the service config dir in /etc/ . + TODO: -> implement type: object networkAttachments: description: NetworkAttachments is a list of NetworkAttachment @@ -407,9 +390,9 @@ spec: nodeSelector: additionalProperties: type: string - description: NodeSelector to target subset of worker nodes running - this component. Setting here overrides any global NodeSelector - settings within the Barbican CR. + description: |- + NodeSelector to target subset of worker nodes running this component. Setting here overrides + any global NodeSelector settings within the Barbican CR. type: object replicas: default: 1 @@ -419,23 +402,29 @@ spec: minimum: 0 type: integer resources: - description: Resources - Compute Resources required by this service - (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + description: |- + Resources - Compute Resources required by this service (Limits/Requests). + https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable. It can only be - set for containers." + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + + This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. type: string required: - name @@ -451,8 +440,9 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object requests: additionalProperties: @@ -461,11 +451,11 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. Requests cannot exceed - Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object type: object required: @@ -480,28 +470,26 @@ spec: be set to environmental default if empty) type: string customServiceConfig: - description: CustomServiceConfig - customize the service config - using this parameter to change service defaults, or overwrite - rendered information using raw OpenStack config format. The - content gets added to to /etc//.conf.d directory - as a custom config file. + description: |- + CustomServiceConfig - customize the service config using this parameter to change service defaults, + or overwrite rendered information using raw OpenStack config format. The content gets added to + to /etc//.conf.d directory as a custom config file. type: string customServiceConfigSecrets: - description: CustomServiceConfigSecrets - customize the service - config using this parameter to specify Secrets that contain - sensitive service config data. The content of each Secret gets - added to the /etc//.conf.d directory as a - custom config file. + description: |- + CustomServiceConfigSecrets - customize the service config using this parameter to specify Secrets + that contain sensitive service config data. The content of each Secret gets added to the + /etc//.conf.d directory as a custom config file. items: type: string type: array defaultConfigOverwrite: additionalProperties: type: string - description: 'ConfigOverwrite - interface to overwrite default - config files like e.g. policy.json. But can also be used to - add additional files. Those get added to the service config - dir in /etc/ . TODO: -> implement' + description: |- + ConfigOverwrite - interface to overwrite default config files like e.g. policy.json. + But can also be used to add additional files. Those get added to the service config dir in /etc/ . + TODO: -> implement type: object networkAttachments: description: NetworkAttachments is a list of NetworkAttachment @@ -512,9 +500,9 @@ spec: nodeSelector: additionalProperties: type: string - description: NodeSelector to target subset of worker nodes running - this component. Setting here overrides any global NodeSelector - settings within the Barbican CR. + description: |- + NodeSelector to target subset of worker nodes running this component. Setting here overrides + any global NodeSelector settings within the Barbican CR. type: object replicas: default: 1 @@ -524,23 +512,29 @@ spec: minimum: 0 type: integer resources: - description: Resources - Compute Resources required by this service - (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + description: |- + Resources - Compute Resources required by this service (Limits/Requests). + https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable. It can only be - set for containers." + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + + This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. type: string required: - name @@ -556,8 +550,9 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object requests: additionalProperties: @@ -566,22 +561,21 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. Requests cannot exceed - Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object type: object required: - containerImage type: object customServiceConfig: - description: CustomServiceConfig - customize the service config using - this parameter to change service defaults, or overwrite rendered - information using raw OpenStack config format. The content gets - added to to /etc//.conf.d directory as custom.conf - file. + description: |- + CustomServiceConfig - customize the service config using this parameter to change service defaults, + or overwrite rendered information using raw OpenStack config format. The content gets added to + to /etc//.conf.d directory as custom.conf file. type: string databaseAccount: default: barbican @@ -589,17 +583,19 @@ spec: for barbican DB, defaults to barbican type: string databaseInstance: - description: 'MariaDB instance name TODO(dmendiza): Is this comment - right? Right now required by the maridb-operator to get the credentials - from the instance to create the DB Might not be required in future' + description: |- + MariaDB instance name + TODO(dmendiza): Is this comment right? + Right now required by the maridb-operator to get the credentials from the instance to create the DB + Might not be required in future type: string defaultConfigOverwrite: additionalProperties: type: string - description: 'ConfigOverwrite - interface to overwrite default config - files like e.g. logging.conf or policy.json. But can also be used - to add additional files. Those get added to the service config dir - in /etc/ . TODO(dmendiza): -> implement' + description: |- + ConfigOverwrite - interface to overwrite default config files like e.g. logging.conf or policy.json. + But can also be used to add additional files. Those get added to the service config dir in /etc/ . + TODO(dmendiza): -> implement type: object enabledSecretStores: items: @@ -624,9 +620,9 @@ spec: nodeSelector: additionalProperties: type: string - description: NodeSelector to target subset of worker nodes running - this component. Setting here overrides any global NodeSelector settings - within the Barbican CR. + description: |- + NodeSelector to target subset of worker nodes running this component. Setting here overrides + any global NodeSelector settings within the Barbican CR. type: object passwordSelectors: default: @@ -724,20 +720,23 @@ spec: description: The HSM's IPv4 address (X.Y.Z.K) type: string slotId: - description: One of TokenSerialNumber, TokenLabels or SlotId must + description: |- + One of TokenSerialNumber, TokenLabels or SlotId must be defined. SlotId is used if none of the others is defined type: string tokenLabels: - description: Token labels used to identify the token to be used. - One of TokenSerialNumber, TokenLabels or SlotId must be specified. - TokenLabels takes priority over SlotId. This can be a comma - separated string of labels + description: |- + Token labels used to identify the token to be used. + One of TokenSerialNumber, TokenLabels or SlotId must + be specified. TokenLabels takes priority over SlotId. + This can be a comma separated string of labels type: string tokenSerialNumber: - description: Token serial number used to identify the token to - be used. One of TokenSerialNumber, TokenLabels or SlotId must - be defined. TokenSerialNumber takes priority over TokenLabels - and SlotId + description: |- + Token serial number used to identify the token to be used. + One of TokenSerialNumber, TokenLabels or SlotId must + be defined. TokenSerialNumber takes priority over + TokenLabels and SlotId type: string type: description: 'A string containing the HSM type (currently supported: @@ -758,8 +757,9 @@ spec: type: boolean rabbitMqClusterName: default: rabbitmq - description: RabbitMQ instance name Needed to request a transportURL - that is created and used in Barbican + description: |- + RabbitMQ instance name + Needed to request a transportURL that is created and used in Barbican type: string secret: default: osp-secret @@ -809,10 +809,10 @@ spec: operational state. properties: lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. + description: |- + Last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when + the API field changed is acceptable. format: date-time type: string message: @@ -824,14 +824,13 @@ spec: in CamelCase. type: string severity: - description: Severity provides a classification of Reason code, - so the current situation is immediately understandable and - could act accordingly. It is meant for situations where Status=False - and it should be indicated if it is just informational, warning - (next reconciliation might fix it) or an error (e.g. DB create - issue and no actions to automatically resolve the issue can/should - be done). For conditions where Status=Unknown or Status=True - the Severity should be SeverityNone. + description: |- + Severity provides a classification of Reason code, so the current situation is immediately + understandable and could act accordingly. + It is meant for situations where Status=False and it should be indicated if it is just + informational, warning (next reconciliation might fix it) or an error (e.g. DB create issue + and no actions to automatically resolve the issue can/should be done). + For conditions where Status=Unknown or Status=True the Severity should be SeverityNone. type: string status: description: Status of the condition, one of True, False, Unknown. @@ -854,11 +853,11 @@ spec: description: Map of hashes to track e.g. job status type: object observedGeneration: - description: ObservedGeneration - the most recent generation observed - for this service. If the observed generation is less than the spec - generation, then the controller has not processed the latest changes - injected by the opentack-operator in the top-level CR (e.g. the - ContainerImage) + description: |- + ObservedGeneration - the most recent generation observed for this + service. If the observed generation is less than the spec generation, + then the controller has not processed the latest changes injected by + the opentack-operator in the top-level CR (e.g. the ContainerImage) format: int64 type: integer serviceID: diff --git a/api/bases/barbican.openstack.org_barbicanworkers.yaml b/api/bases/barbican.openstack.org_barbicanworkers.yaml index 584c4df4..ad899467 100644 --- a/api/bases/barbican.openstack.org_barbicanworkers.yaml +++ b/api/bases/barbican.openstack.org_barbicanworkers.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.11.1 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: barbicanworkers.barbican.openstack.org spec: group: barbican.openstack.org @@ -30,14 +29,19 @@ spec: description: BarbicanWorker is the Schema for the barbicanworkers API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -49,17 +53,16 @@ spec: set to environmental default if empty) type: string customServiceConfig: - description: CustomServiceConfig - customize the service config using - this parameter to change service defaults, or overwrite rendered - information using raw OpenStack config format. The content gets - added to to /etc//.conf.d directory as a custom - config file. + description: |- + CustomServiceConfig - customize the service config using this parameter to change service defaults, + or overwrite rendered information using raw OpenStack config format. The content gets added to + to /etc//.conf.d directory as a custom config file. type: string customServiceConfigSecrets: - description: CustomServiceConfigSecrets - customize the service config - using this parameter to specify Secrets that contain sensitive service - config data. The content of each Secret gets added to the /etc//.conf.d - directory as a custom config file. + description: |- + CustomServiceConfigSecrets - customize the service config using this parameter to specify Secrets + that contain sensitive service config data. The content of each Secret gets added to the + /etc//.conf.d directory as a custom config file. items: type: string type: array @@ -71,17 +74,19 @@ spec: databaseHostname: type: string databaseInstance: - description: 'MariaDB instance name TODO(dmendiza): Is this comment - right? Right now required by the maridb-operator to get the credentials - from the instance to create the DB Might not be required in future' + description: |- + MariaDB instance name + TODO(dmendiza): Is this comment right? + Right now required by the maridb-operator to get the credentials from the instance to create the DB + Might not be required in future type: string defaultConfigOverwrite: additionalProperties: type: string - description: 'ConfigOverwrite - interface to overwrite default config - files like e.g. policy.json. But can also be used to add additional - files. Those get added to the service config dir in /etc/ - . TODO: -> implement' + description: |- + ConfigOverwrite - interface to overwrite default config files like e.g. policy.json. + But can also be used to add additional files. Those get added to the service config dir in /etc/ . + TODO: -> implement type: object enabledSecretStores: items: @@ -112,9 +117,9 @@ spec: nodeSelector: additionalProperties: type: string - description: NodeSelector to target subset of worker nodes running - this component. Setting here overrides any global NodeSelector settings - within the Barbican CR. + description: |- + NodeSelector to target subset of worker nodes running this component. Setting here overrides + any global NodeSelector settings within the Barbican CR. type: object passwordSelectors: default: @@ -212,20 +217,23 @@ spec: description: The HSM's IPv4 address (X.Y.Z.K) type: string slotId: - description: One of TokenSerialNumber, TokenLabels or SlotId must + description: |- + One of TokenSerialNumber, TokenLabels or SlotId must be defined. SlotId is used if none of the others is defined type: string tokenLabels: - description: Token labels used to identify the token to be used. - One of TokenSerialNumber, TokenLabels or SlotId must be specified. - TokenLabels takes priority over SlotId. This can be a comma - separated string of labels + description: |- + Token labels used to identify the token to be used. + One of TokenSerialNumber, TokenLabels or SlotId must + be specified. TokenLabels takes priority over SlotId. + This can be a comma separated string of labels type: string tokenSerialNumber: - description: Token serial number used to identify the token to - be used. One of TokenSerialNumber, TokenLabels or SlotId must - be defined. TokenSerialNumber takes priority over TokenLabels - and SlotId + description: |- + Token serial number used to identify the token to be used. + One of TokenSerialNumber, TokenLabels or SlotId must + be defined. TokenSerialNumber takes priority over + TokenLabels and SlotId type: string type: description: 'A string containing the HSM type (currently supported: @@ -241,8 +249,9 @@ spec: type: object rabbitMqClusterName: default: rabbitmq - description: RabbitMQ instance name Needed to request a transportURL - that is created and used in Barbican + description: |- + RabbitMQ instance name + Needed to request a transportURL that is created and used in Barbican type: string replicas: default: 1 @@ -252,22 +261,29 @@ spec: minimum: 0 type: integer resources: - description: Resources - Compute Resources required by this service - (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + description: |- + Resources - Compute Resources required by this service (Limits/Requests). + https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ properties: claims: - description: "Claims lists the names of resources, defined in - spec.resourceClaims, that are used by this container. \n This - is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable. It can only be set - for containers." + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + + This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in pod.spec.resourceClaims - of the Pod where this field is used. It makes that resource - available inside a container. + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. type: string required: - name @@ -283,8 +299,9 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object requests: additionalProperties: @@ -293,11 +310,11 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object type: object secret: @@ -345,10 +362,10 @@ spec: operational state. properties: lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. + description: |- + Last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when + the API field changed is acceptable. format: date-time type: string message: @@ -360,14 +377,13 @@ spec: in CamelCase. type: string severity: - description: Severity provides a classification of Reason code, - so the current situation is immediately understandable and - could act accordingly. It is meant for situations where Status=False - and it should be indicated if it is just informational, warning - (next reconciliation might fix it) or an error (e.g. DB create - issue and no actions to automatically resolve the issue can/should - be done). For conditions where Status=Unknown or Status=True - the Severity should be SeverityNone. + description: |- + Severity provides a classification of Reason code, so the current situation is immediately + understandable and could act accordingly. + It is meant for situations where Status=False and it should be indicated if it is just + informational, warning (next reconciliation might fix it) or an error (e.g. DB create issue + and no actions to automatically resolve the issue can/should be done). + For conditions where Status=Unknown or Status=True the Severity should be SeverityNone. type: string status: description: Status of the condition, one of True, False, Unknown. @@ -397,9 +413,10 @@ spec: description: NetworkAttachments status of the deployment pods type: object readyCount: - description: 'INSERT ADDITIONAL STATUS FIELD - define observed state - of cluster Important: Run "make" to regenerate code after modifying - this file ReadyCount of barbican API instances' + description: |- + INSERT ADDITIONAL STATUS FIELD - define observed state of cluster + Important: Run "make" to regenerate code after modifying this file + ReadyCount of barbican API instances format: int32 type: integer type: object diff --git a/api/v1beta1/zz_generated.deepcopy.go b/api/v1beta1/zz_generated.deepcopy.go index f61b4995..60e75711 100644 --- a/api/v1beta1/zz_generated.deepcopy.go +++ b/api/v1beta1/zz_generated.deepcopy.go @@ -1,5 +1,4 @@ //go:build !ignore_autogenerated -// +build !ignore_autogenerated /* Copyright 2023. @@ -184,7 +183,8 @@ func (in *BarbicanAPIStatus) DeepCopyInto(out *BarbicanAPIStatus) { if val == nil { (*out)[key] = nil } else { - in, out := &val, &outVal + inVal := (*in)[key] + in, out := &inVal, &outVal *out = make([]string, len(*in)) copy(*out, *in) } @@ -403,7 +403,8 @@ func (in *BarbicanKeystoneListenerStatus) DeepCopyInto(out *BarbicanKeystoneList if val == nil { (*out)[key] = nil } else { - in, out := &val, &outVal + inVal := (*in)[key] + in, out := &inVal, &outVal *out = make([]string, len(*in)) copy(*out, *in) } @@ -730,7 +731,8 @@ func (in *BarbicanWorkerStatus) DeepCopyInto(out *BarbicanWorkerStatus) { if val == nil { (*out)[key] = nil } else { - in, out := &val, &outVal + inVal := (*in)[key] + in, out := &inVal, &outVal *out = make([]string, len(*in)) copy(*out, *in) } diff --git a/config/crd/bases/barbican.openstack.org_barbicanapis.yaml b/config/crd/bases/barbican.openstack.org_barbicanapis.yaml index a6c1f5b0..a634fe3d 100644 --- a/config/crd/bases/barbican.openstack.org_barbicanapis.yaml +++ b/config/crd/bases/barbican.openstack.org_barbicanapis.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.11.1 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: barbicanapis.barbican.openstack.org spec: group: barbican.openstack.org @@ -30,14 +29,19 @@ spec: description: BarbicanAPI is the Schema for the barbicanapis API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -49,17 +53,16 @@ spec: set to environmental default if empty) type: string customServiceConfig: - description: CustomServiceConfig - customize the service config using - this parameter to change service defaults, or overwrite rendered - information using raw OpenStack config format. The content gets - added to to /etc//.conf.d directory as a custom - config file. + description: |- + CustomServiceConfig - customize the service config using this parameter to change service defaults, + or overwrite rendered information using raw OpenStack config format. The content gets added to + to /etc//.conf.d directory as a custom config file. type: string customServiceConfigSecrets: - description: CustomServiceConfigSecrets - customize the service config - using this parameter to specify Secrets that contain sensitive service - config data. The content of each Secret gets added to the /etc//.conf.d - directory as a custom config file. + description: |- + CustomServiceConfigSecrets - customize the service config using this parameter to specify Secrets + that contain sensitive service config data. The content of each Secret gets added to the + /etc//.conf.d directory as a custom config file. items: type: string type: array @@ -72,17 +75,19 @@ spec: description: DatabaseHostname - Barbican Database Hostname type: string databaseInstance: - description: 'MariaDB instance name TODO(dmendiza): Is this comment - right? Right now required by the maridb-operator to get the credentials - from the instance to create the DB Might not be required in future' + description: |- + MariaDB instance name + TODO(dmendiza): Is this comment right? + Right now required by the maridb-operator to get the credentials from the instance to create the DB + Might not be required in future type: string defaultConfigOverwrite: additionalProperties: type: string - description: 'ConfigOverwrite - interface to overwrite default config - files like e.g. policy.json. But can also be used to add additional - files. Those get added to the service config dir in /etc/ - . TODO: -> implement' + description: |- + ConfigOverwrite - interface to overwrite default config files like e.g. policy.json. + But can also be used to add additional files. Those get added to the service config dir in /etc/ . + TODO: -> implement type: object enableSecureRBAC: default: true @@ -118,9 +123,9 @@ spec: nodeSelector: additionalProperties: type: string - description: NodeSelector to target subset of worker nodes running - this component. Setting here overrides any global NodeSelector settings - within the Barbican CR. + description: |- + NodeSelector to target subset of worker nodes running this component. Setting here overrides + any global NodeSelector settings within the Barbican CR. type: object override: description: Override, provides the ability to override the generated @@ -128,128 +133,114 @@ spec: properties: service: additionalProperties: - description: RoutedOverrideSpec - a routed service override - configuration for the Service created to serve traffic to - the cluster. Allows for the manifest of the created Service - to be overwritten with custom configuration. + description: |- + RoutedOverrideSpec - a routed service override configuration for the Service created to serve traffic + to the cluster. Allows for the manifest of the created Service to be overwritten with custom configuration. properties: endpointURL: type: string metadata: - description: EmbeddedLabelsAnnotations is an embedded subset - of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta. + description: |- + EmbeddedLabelsAnnotations is an embedded subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta. Only labels and annotations are included. properties: annotations: additionalProperties: type: string - description: 'Annotations is an unstructured key value - map stored with a resource that may be set by external - tools to store and retrieve arbitrary metadata. They - are not queryable and should be preserved when modifying - objects. More info: http://kubernetes.io/docs/user-guide/annotations' + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations type: object labels: additionalProperties: type: string - description: 'Map of string keys and values that can - be used to organize and categorize (scope and select) - objects. May match selectors of replication controllers - and services. More info: http://kubernetes.io/docs/user-guide/labels' + description: |- + Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: http://kubernetes.io/docs/user-guide/labels type: object type: object spec: - description: OverrideServiceSpec is a subset of the fields - included in https://pkg.go.dev/k8s.io/api@v0.26.6/core/v1#ServiceSpec - Limited to Type, SessionAffinity, LoadBalancerSourceRanges, - ExternalName, ExternalTrafficPolicy, SessionAffinityConfig, + description: |- + OverrideServiceSpec is a subset of the fields included in https://pkg.go.dev/k8s.io/api@v0.26.6/core/v1#ServiceSpec + Limited to Type, SessionAffinity, LoadBalancerSourceRanges, ExternalName, ExternalTrafficPolicy, SessionAffinityConfig, IPFamilyPolicy, LoadBalancerClass and InternalTrafficPolicy properties: externalName: - description: externalName is the external reference - that discovery mechanisms will return as an alias - for this service (e.g. a DNS CNAME record). No proxying - will be involved. Must be a lowercase RFC-1123 hostname - (https://tools.ietf.org/html/rfc1123) and requires - `type` to be "ExternalName". + description: |- + externalName is the external reference that discovery mechanisms will + return as an alias for this service (e.g. a DNS CNAME record). No + proxying will be involved. Must be a lowercase RFC-1123 hostname + (https://tools.ietf.org/html/rfc1123) and requires `type` to be "ExternalName". type: string externalTrafficPolicy: - description: externalTrafficPolicy describes how nodes - distribute service traffic they receive on one of - the Service's "externally-facing" addresses (NodePorts, - ExternalIPs, and LoadBalancer IPs). If set to "Local", - the proxy will configure the service in a way that - assumes that external load balancers will take care - of balancing the service traffic between nodes, and - so each node will deliver traffic only to the node-local - endpoints of the service, without masquerading the - client source IP. (Traffic mistakenly sent to a node - with no endpoints will be dropped.) The default value, - "Cluster", uses the standard behavior of routing to - all endpoints evenly (possibly modified by topology - and other features). Note that traffic sent to an - External IP or LoadBalancer IP from within the cluster - will always get "Cluster" semantics, but clients sending - to a NodePort from within the cluster may need to - take traffic policy into account when picking a node. + description: |- + externalTrafficPolicy describes how nodes distribute service traffic they + receive on one of the Service's "externally-facing" addresses (NodePorts, + ExternalIPs, and LoadBalancer IPs). If set to "Local", the proxy will configure + the service in a way that assumes that external load balancers will take care + of balancing the service traffic between nodes, and so each node will deliver + traffic only to the node-local endpoints of the service, without masquerading + the client source IP. (Traffic mistakenly sent to a node with no endpoints will + be dropped.) The default value, "Cluster", uses the standard behavior of + routing to all endpoints evenly (possibly modified by topology and other + features). Note that traffic sent to an External IP or LoadBalancer IP from + within the cluster will always get "Cluster" semantics, but clients sending to + a NodePort from within the cluster may need to take traffic policy into account + when picking a node. type: string internalTrafficPolicy: - description: InternalTrafficPolicy describes how nodes - distribute service traffic they receive on the ClusterIP. - If set to "Local", the proxy will assume that pods - only want to talk to endpoints of the service on the - same node as the pod, dropping the traffic if there - are no local endpoints. The default value, "Cluster", - uses the standard behavior of routing to all endpoints - evenly (possibly modified by topology and other features). + description: |- + InternalTrafficPolicy describes how nodes distribute service traffic they + receive on the ClusterIP. If set to "Local", the proxy will assume that pods + only want to talk to endpoints of the service on the same node as the pod, + dropping the traffic if there are no local endpoints. The default value, + "Cluster", uses the standard behavior of routing to all endpoints evenly + (possibly modified by topology and other features). type: string ipFamilyPolicy: - description: IPFamilyPolicy represents the dual-stack-ness - requested or required by this Service. If there is - no value provided, then this field will be set to - SingleStack. Services can be "SingleStack" (a single - IP family), "PreferDualStack" (two IP families on - dual-stack configured clusters or a single IP family - on single-stack clusters), or "RequireDualStack" (two - IP families on dual-stack configured clusters, otherwise - fail). The ipFamilies and clusterIPs fields depend - on the value of this field. This field will be wiped - when updating a service to type ExternalName. + description: |- + IPFamilyPolicy represents the dual-stack-ness requested or required by + this Service. If there is no value provided, then this field will be set + to SingleStack. Services can be "SingleStack" (a single IP family), + "PreferDualStack" (two IP families on dual-stack configured clusters or + a single IP family on single-stack clusters), or "RequireDualStack" + (two IP families on dual-stack configured clusters, otherwise fail). The + ipFamilies and clusterIPs fields depend on the value of this field. This + field will be wiped when updating a service to type ExternalName. type: string loadBalancerClass: - description: loadBalancerClass is the class of the load - balancer implementation this Service belongs to. If - specified, the value of this field must be a label-style - identifier, with an optional prefix, e.g. "internal-vip" - or "example.com/internal-vip". Unprefixed names are - reserved for end-users. This field can only be set - when the Service type is 'LoadBalancer'. If not set, - the default load balancer implementation is used, - today this is typically done through the cloud provider - integration, but should apply for any default implementation. - If set, it is assumed that a load balancer implementation - is watching for Services with a matching class. Any - default load balancer implementation (e.g. cloud providers) - should ignore Services that set this field. This field - can only be set when creating or updating a Service - to type 'LoadBalancer'. Once set, it can not be changed. - This field will be wiped when a service is updated - to a non 'LoadBalancer' type. + description: |- + loadBalancerClass is the class of the load balancer implementation this Service belongs to. + If specified, the value of this field must be a label-style identifier, with an optional prefix, + e.g. "internal-vip" or "example.com/internal-vip". Unprefixed names are reserved for end-users. + This field can only be set when the Service type is 'LoadBalancer'. If not set, the default load + balancer implementation is used, today this is typically done through the cloud provider integration, + but should apply for any default implementation. If set, it is assumed that a load balancer + implementation is watching for Services with a matching class. Any default load balancer + implementation (e.g. cloud providers) should ignore Services that set this field. + This field can only be set when creating or updating a Service to type 'LoadBalancer'. + Once set, it can not be changed. This field will be wiped when a service is updated to a non 'LoadBalancer' type. type: string loadBalancerSourceRanges: - description: 'If specified and supported by the platform, - this will restrict traffic through the cloud-provider - load-balancer will be restricted to the specified - client IPs. This field will be ignored if the cloud-provider - does not support the feature." More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/' + description: |- + If specified and supported by the platform, this will restrict traffic through the cloud-provider + load-balancer will be restricted to the specified client IPs. This field will be ignored if the + cloud-provider does not support the feature." + More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/ items: type: string type: array sessionAffinity: - description: 'Supports "ClientIP" and "None". Used to - maintain session affinity. Enable client IP based - session affinity. Must be ClientIP or None. Defaults - to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies' + description: |- + Supports "ClientIP" and "None". Used to maintain session affinity. + Enable client IP based session affinity. + Must be ClientIP or None. + Defaults to None. + More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies type: string sessionAffinityConfig: description: sessionAffinityConfig contains the configurations @@ -260,40 +251,38 @@ spec: of Client IP based session affinity. properties: timeoutSeconds: - description: timeoutSeconds specifies the seconds - of ClientIP type session sticky time. The - value must be >0 && <=86400(for 1 day) if - ServiceAffinity == "ClientIP". Default value - is 10800(for 3 hours). + description: |- + timeoutSeconds specifies the seconds of ClientIP type session sticky time. + The value must be >0 && <=86400(for 1 day) if ServiceAffinity == "ClientIP". + Default value is 10800(for 3 hours). format: int32 type: integer type: object type: object type: - description: 'type determines how the Service is exposed. - Defaults to ClusterIP. Valid options are ExternalName, - ClusterIP, NodePort, and LoadBalancer. "ClusterIP" - allocates a cluster-internal IP address for load-balancing - to endpoints. Endpoints are determined by the selector - or if that is not specified, by manual construction - of an Endpoints object or EndpointSlice objects. If - clusterIP is "None", no virtual IP is allocated and - the endpoints are published as a set of endpoints - rather than a virtual IP. "NodePort" builds on ClusterIP - and allocates a port on every node which routes to - the same endpoints as the clusterIP. "LoadBalancer" - builds on NodePort and creates an external load-balancer - (if supported in the current cloud) which routes to - the same endpoints as the clusterIP. "ExternalName" - aliases this service to the specified externalName. - Several other fields do not apply to ExternalName - services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types' + description: |- + type determines how the Service is exposed. Defaults to ClusterIP. Valid + options are ExternalName, ClusterIP, NodePort, and LoadBalancer. + "ClusterIP" allocates a cluster-internal IP address for load-balancing + to endpoints. Endpoints are determined by the selector or if that is not + specified, by manual construction of an Endpoints object or + EndpointSlice objects. If clusterIP is "None", no virtual IP is + allocated and the endpoints are published as a set of endpoints rather + than a virtual IP. + "NodePort" builds on ClusterIP and allocates a port on every node which + routes to the same endpoints as the clusterIP. + "LoadBalancer" builds on NodePort and creates an external load-balancer + (if supported in the current cloud) which routes to the same endpoints + as the clusterIP. + "ExternalName" aliases this service to the specified externalName. + Several other fields do not apply to ExternalName services. + More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types type: string type: object type: object - description: Override configuration for the Service created to - serve traffic to the cluster. The key must be the endpoint type - (public, internal) + description: |- + Override configuration for the Service created to serve traffic to the cluster. + The key must be the endpoint type (public, internal) type: object type: object passwordSelectors: @@ -392,20 +381,23 @@ spec: description: The HSM's IPv4 address (X.Y.Z.K) type: string slotId: - description: One of TokenSerialNumber, TokenLabels or SlotId must + description: |- + One of TokenSerialNumber, TokenLabels or SlotId must be defined. SlotId is used if none of the others is defined type: string tokenLabels: - description: Token labels used to identify the token to be used. - One of TokenSerialNumber, TokenLabels or SlotId must be specified. - TokenLabels takes priority over SlotId. This can be a comma - separated string of labels + description: |- + Token labels used to identify the token to be used. + One of TokenSerialNumber, TokenLabels or SlotId must + be specified. TokenLabels takes priority over SlotId. + This can be a comma separated string of labels type: string tokenSerialNumber: - description: Token serial number used to identify the token to - be used. One of TokenSerialNumber, TokenLabels or SlotId must - be defined. TokenSerialNumber takes priority over TokenLabels - and SlotId + description: |- + Token serial number used to identify the token to be used. + One of TokenSerialNumber, TokenLabels or SlotId must + be defined. TokenSerialNumber takes priority over + TokenLabels and SlotId type: string type: description: 'A string containing the HSM type (currently supported: @@ -421,8 +413,9 @@ spec: type: object rabbitMqClusterName: default: rabbitmq - description: RabbitMQ instance name Needed to request a transportURL - that is created and used in Barbican + description: |- + RabbitMQ instance name + Needed to request a transportURL that is created and used in Barbican type: string replicas: default: 1 @@ -432,22 +425,29 @@ spec: minimum: 0 type: integer resources: - description: Resources - Compute Resources required by this service - (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + description: |- + Resources - Compute Resources required by this service (Limits/Requests). + https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ properties: claims: - description: "Claims lists the names of resources, defined in - spec.resourceClaims, that are used by this container. \n This - is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable. It can only be set - for containers." + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + + This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in pod.spec.resourceClaims - of the Pod where this field is used. It makes that resource - available inside a container. + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. type: string required: - name @@ -463,8 +463,9 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object requests: additionalProperties: @@ -473,11 +474,11 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object type: object secret: @@ -553,10 +554,10 @@ spec: operational state. properties: lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. + description: |- + Last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when + the API field changed is acceptable. format: date-time type: string message: @@ -568,14 +569,13 @@ spec: in CamelCase. type: string severity: - description: Severity provides a classification of Reason code, - so the current situation is immediately understandable and - could act accordingly. It is meant for situations where Status=False - and it should be indicated if it is just informational, warning - (next reconciliation might fix it) or an error (e.g. DB create - issue and no actions to automatically resolve the issue can/should - be done). For conditions where Status=Unknown or Status=True - the Severity should be SeverityNone. + description: |- + Severity provides a classification of Reason code, so the current situation is immediately + understandable and could act accordingly. + It is meant for situations where Status=False and it should be indicated if it is just + informational, warning (next reconciliation might fix it) or an error (e.g. DB create issue + and no actions to automatically resolve the issue can/should be done). + For conditions where Status=Unknown or Status=True the Severity should be SeverityNone. type: string status: description: Status of the condition, one of True, False, Unknown. diff --git a/config/crd/bases/barbican.openstack.org_barbicankeystonelisteners.yaml b/config/crd/bases/barbican.openstack.org_barbicankeystonelisteners.yaml index 83665308..80e9920c 100644 --- a/config/crd/bases/barbican.openstack.org_barbicankeystonelisteners.yaml +++ b/config/crd/bases/barbican.openstack.org_barbicankeystonelisteners.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.11.1 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: barbicankeystonelisteners.barbican.openstack.org spec: group: barbican.openstack.org @@ -31,14 +30,19 @@ spec: API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -51,17 +55,16 @@ spec: set to environmental default if empty) type: string customServiceConfig: - description: CustomServiceConfig - customize the service config using - this parameter to change service defaults, or overwrite rendered - information using raw OpenStack config format. The content gets - added to to /etc//.conf.d directory as a custom - config file. + description: |- + CustomServiceConfig - customize the service config using this parameter to change service defaults, + or overwrite rendered information using raw OpenStack config format. The content gets added to + to /etc//.conf.d directory as a custom config file. type: string customServiceConfigSecrets: - description: CustomServiceConfigSecrets - customize the service config - using this parameter to specify Secrets that contain sensitive service - config data. The content of each Secret gets added to the /etc//.conf.d - directory as a custom config file. + description: |- + CustomServiceConfigSecrets - customize the service config using this parameter to specify Secrets + that contain sensitive service config data. The content of each Secret gets added to the + /etc//.conf.d directory as a custom config file. items: type: string type: array @@ -73,17 +76,19 @@ spec: databaseHostname: type: string databaseInstance: - description: 'MariaDB instance name TODO(dmendiza): Is this comment - right? Right now required by the maridb-operator to get the credentials - from the instance to create the DB Might not be required in future' + description: |- + MariaDB instance name + TODO(dmendiza): Is this comment right? + Right now required by the maridb-operator to get the credentials from the instance to create the DB + Might not be required in future type: string defaultConfigOverwrite: additionalProperties: type: string - description: 'ConfigOverwrite - interface to overwrite default config - files like e.g. policy.json. But can also be used to add additional - files. Those get added to the service config dir in /etc/ - . TODO: -> implement' + description: |- + ConfigOverwrite - interface to overwrite default config files like e.g. policy.json. + But can also be used to add additional files. Those get added to the service config dir in /etc/ . + TODO: -> implement type: object enabledSecretStores: items: @@ -114,9 +119,9 @@ spec: nodeSelector: additionalProperties: type: string - description: NodeSelector to target subset of worker nodes running - this component. Setting here overrides any global NodeSelector settings - within the Barbican CR. + description: |- + NodeSelector to target subset of worker nodes running this component. Setting here overrides + any global NodeSelector settings within the Barbican CR. type: object passwordSelectors: default: @@ -214,20 +219,23 @@ spec: description: The HSM's IPv4 address (X.Y.Z.K) type: string slotId: - description: One of TokenSerialNumber, TokenLabels or SlotId must + description: |- + One of TokenSerialNumber, TokenLabels or SlotId must be defined. SlotId is used if none of the others is defined type: string tokenLabels: - description: Token labels used to identify the token to be used. - One of TokenSerialNumber, TokenLabels or SlotId must be specified. - TokenLabels takes priority over SlotId. This can be a comma - separated string of labels + description: |- + Token labels used to identify the token to be used. + One of TokenSerialNumber, TokenLabels or SlotId must + be specified. TokenLabels takes priority over SlotId. + This can be a comma separated string of labels type: string tokenSerialNumber: - description: Token serial number used to identify the token to - be used. One of TokenSerialNumber, TokenLabels or SlotId must - be defined. TokenSerialNumber takes priority over TokenLabels - and SlotId + description: |- + Token serial number used to identify the token to be used. + One of TokenSerialNumber, TokenLabels or SlotId must + be defined. TokenSerialNumber takes priority over + TokenLabels and SlotId type: string type: description: 'A string containing the HSM type (currently supported: @@ -243,8 +251,9 @@ spec: type: object rabbitMqClusterName: default: rabbitmq - description: RabbitMQ instance name Needed to request a transportURL - that is created and used in Barbican + description: |- + RabbitMQ instance name + Needed to request a transportURL that is created and used in Barbican type: string replicas: default: 1 @@ -254,22 +263,29 @@ spec: minimum: 0 type: integer resources: - description: Resources - Compute Resources required by this service - (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + description: |- + Resources - Compute Resources required by this service (Limits/Requests). + https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ properties: claims: - description: "Claims lists the names of resources, defined in - spec.resourceClaims, that are used by this container. \n This - is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable. It can only be set - for containers." + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + + This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in pod.spec.resourceClaims - of the Pod where this field is used. It makes that resource - available inside a container. + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. type: string required: - name @@ -285,8 +301,9 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object requests: additionalProperties: @@ -295,11 +312,11 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object type: object secret: @@ -348,10 +365,10 @@ spec: operational state. properties: lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. + description: |- + Last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when + the API field changed is acceptable. format: date-time type: string message: @@ -363,14 +380,13 @@ spec: in CamelCase. type: string severity: - description: Severity provides a classification of Reason code, - so the current situation is immediately understandable and - could act accordingly. It is meant for situations where Status=False - and it should be indicated if it is just informational, warning - (next reconciliation might fix it) or an error (e.g. DB create - issue and no actions to automatically resolve the issue can/should - be done). For conditions where Status=Unknown or Status=True - the Severity should be SeverityNone. + description: |- + Severity provides a classification of Reason code, so the current situation is immediately + understandable and could act accordingly. + It is meant for situations where Status=False and it should be indicated if it is just + informational, warning (next reconciliation might fix it) or an error (e.g. DB create issue + and no actions to automatically resolve the issue can/should be done). + For conditions where Status=Unknown or Status=True the Severity should be SeverityNone. type: string status: description: Status of the condition, one of True, False, Unknown. @@ -400,9 +416,10 @@ spec: description: NetworkAttachments status of the deployment pods type: object readyCount: - description: 'INSERT ADDITIONAL STATUS FIELD - define observed state - of cluster Important: Run "make" to regenerate code after modifying - this file ReadyCount of barbican API instances' + description: |- + INSERT ADDITIONAL STATUS FIELD - define observed state of cluster + Important: Run "make" to regenerate code after modifying this file + ReadyCount of barbican API instances format: int32 type: integer type: object diff --git a/config/crd/bases/barbican.openstack.org_barbicans.yaml b/config/crd/bases/barbican.openstack.org_barbicans.yaml index bf9d770c..2a5a5e7b 100644 --- a/config/crd/bases/barbican.openstack.org_barbicans.yaml +++ b/config/crd/bases/barbican.openstack.org_barbicans.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.11.1 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: barbicans.barbican.openstack.org spec: group: barbican.openstack.org @@ -30,14 +29,19 @@ spec: description: Barbican is the Schema for the barbicans API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -53,28 +57,26 @@ spec: be set to environmental default if empty) type: string customServiceConfig: - description: CustomServiceConfig - customize the service config - using this parameter to change service defaults, or overwrite - rendered information using raw OpenStack config format. The - content gets added to to /etc//.conf.d directory - as a custom config file. + description: |- + CustomServiceConfig - customize the service config using this parameter to change service defaults, + or overwrite rendered information using raw OpenStack config format. The content gets added to + to /etc//.conf.d directory as a custom config file. type: string customServiceConfigSecrets: - description: CustomServiceConfigSecrets - customize the service - config using this parameter to specify Secrets that contain - sensitive service config data. The content of each Secret gets - added to the /etc//.conf.d directory as a - custom config file. + description: |- + CustomServiceConfigSecrets - customize the service config using this parameter to specify Secrets + that contain sensitive service config data. The content of each Secret gets added to the + /etc//.conf.d directory as a custom config file. items: type: string type: array defaultConfigOverwrite: additionalProperties: type: string - description: 'ConfigOverwrite - interface to overwrite default - config files like e.g. policy.json. But can also be used to - add additional files. Those get added to the service config - dir in /etc/ . TODO: -> implement' + description: |- + ConfigOverwrite - interface to overwrite default config files like e.g. policy.json. + But can also be used to add additional files. Those get added to the service config dir in /etc/ . + TODO: -> implement type: object enableSecureRBAC: default: true @@ -90,9 +92,9 @@ spec: nodeSelector: additionalProperties: type: string - description: NodeSelector to target subset of worker nodes running - this component. Setting here overrides any global NodeSelector - settings within the Barbican CR. + description: |- + NodeSelector to target subset of worker nodes running this component. Setting here overrides + any global NodeSelector settings within the Barbican CR. type: object override: description: Override, provides the ability to override the generated @@ -100,135 +102,114 @@ spec: properties: service: additionalProperties: - description: RoutedOverrideSpec - a routed service override - configuration for the Service created to serve traffic - to the cluster. Allows for the manifest of the created - Service to be overwritten with custom configuration. + description: |- + RoutedOverrideSpec - a routed service override configuration for the Service created to serve traffic + to the cluster. Allows for the manifest of the created Service to be overwritten with custom configuration. properties: endpointURL: type: string metadata: - description: EmbeddedLabelsAnnotations is an embedded - subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta. + description: |- + EmbeddedLabelsAnnotations is an embedded subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta. Only labels and annotations are included. properties: annotations: additionalProperties: type: string - description: 'Annotations is an unstructured key - value map stored with a resource that may be set - by external tools to store and retrieve arbitrary - metadata. They are not queryable and should be - preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations type: object labels: additionalProperties: type: string - description: 'Map of string keys and values that - can be used to organize and categorize (scope - and select) objects. May match selectors of replication - controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' + description: |- + Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: http://kubernetes.io/docs/user-guide/labels type: object type: object spec: - description: OverrideServiceSpec is a subset of the - fields included in https://pkg.go.dev/k8s.io/api@v0.26.6/core/v1#ServiceSpec - Limited to Type, SessionAffinity, LoadBalancerSourceRanges, - ExternalName, ExternalTrafficPolicy, SessionAffinityConfig, + description: |- + OverrideServiceSpec is a subset of the fields included in https://pkg.go.dev/k8s.io/api@v0.26.6/core/v1#ServiceSpec + Limited to Type, SessionAffinity, LoadBalancerSourceRanges, ExternalName, ExternalTrafficPolicy, SessionAffinityConfig, IPFamilyPolicy, LoadBalancerClass and InternalTrafficPolicy properties: externalName: - description: externalName is the external reference - that discovery mechanisms will return as an alias - for this service (e.g. a DNS CNAME record). No - proxying will be involved. Must be a lowercase - RFC-1123 hostname (https://tools.ietf.org/html/rfc1123) - and requires `type` to be "ExternalName". + description: |- + externalName is the external reference that discovery mechanisms will + return as an alias for this service (e.g. a DNS CNAME record). No + proxying will be involved. Must be a lowercase RFC-1123 hostname + (https://tools.ietf.org/html/rfc1123) and requires `type` to be "ExternalName". type: string externalTrafficPolicy: - description: externalTrafficPolicy describes how - nodes distribute service traffic they receive - on one of the Service's "externally-facing" addresses - (NodePorts, ExternalIPs, and LoadBalancer IPs). - If set to "Local", the proxy will configure the - service in a way that assumes that external load - balancers will take care of balancing the service - traffic between nodes, and so each node will deliver - traffic only to the node-local endpoints of the - service, without masquerading the client source - IP. (Traffic mistakenly sent to a node with no - endpoints will be dropped.) The default value, - "Cluster", uses the standard behavior of routing - to all endpoints evenly (possibly modified by - topology and other features). Note that traffic - sent to an External IP or LoadBalancer IP from - within the cluster will always get "Cluster" semantics, - but clients sending to a NodePort from within - the cluster may need to take traffic policy into - account when picking a node. + description: |- + externalTrafficPolicy describes how nodes distribute service traffic they + receive on one of the Service's "externally-facing" addresses (NodePorts, + ExternalIPs, and LoadBalancer IPs). If set to "Local", the proxy will configure + the service in a way that assumes that external load balancers will take care + of balancing the service traffic between nodes, and so each node will deliver + traffic only to the node-local endpoints of the service, without masquerading + the client source IP. (Traffic mistakenly sent to a node with no endpoints will + be dropped.) The default value, "Cluster", uses the standard behavior of + routing to all endpoints evenly (possibly modified by topology and other + features). Note that traffic sent to an External IP or LoadBalancer IP from + within the cluster will always get "Cluster" semantics, but clients sending to + a NodePort from within the cluster may need to take traffic policy into account + when picking a node. type: string internalTrafficPolicy: - description: InternalTrafficPolicy describes how - nodes distribute service traffic they receive - on the ClusterIP. If set to "Local", the proxy - will assume that pods only want to talk to endpoints - of the service on the same node as the pod, dropping - the traffic if there are no local endpoints. The - default value, "Cluster", uses the standard behavior - of routing to all endpoints evenly (possibly modified - by topology and other features). + description: |- + InternalTrafficPolicy describes how nodes distribute service traffic they + receive on the ClusterIP. If set to "Local", the proxy will assume that pods + only want to talk to endpoints of the service on the same node as the pod, + dropping the traffic if there are no local endpoints. The default value, + "Cluster", uses the standard behavior of routing to all endpoints evenly + (possibly modified by topology and other features). type: string ipFamilyPolicy: - description: IPFamilyPolicy represents the dual-stack-ness - requested or required by this Service. If there - is no value provided, then this field will be - set to SingleStack. Services can be "SingleStack" - (a single IP family), "PreferDualStack" (two IP - families on dual-stack configured clusters or - a single IP family on single-stack clusters), - or "RequireDualStack" (two IP families on dual-stack - configured clusters, otherwise fail). The ipFamilies - and clusterIPs fields depend on the value of this - field. This field will be wiped when updating - a service to type ExternalName. + description: |- + IPFamilyPolicy represents the dual-stack-ness requested or required by + this Service. If there is no value provided, then this field will be set + to SingleStack. Services can be "SingleStack" (a single IP family), + "PreferDualStack" (two IP families on dual-stack configured clusters or + a single IP family on single-stack clusters), or "RequireDualStack" + (two IP families on dual-stack configured clusters, otherwise fail). The + ipFamilies and clusterIPs fields depend on the value of this field. This + field will be wiped when updating a service to type ExternalName. type: string loadBalancerClass: - description: loadBalancerClass is the class of the - load balancer implementation this Service belongs - to. If specified, the value of this field must - be a label-style identifier, with an optional - prefix, e.g. "internal-vip" or "example.com/internal-vip". - Unprefixed names are reserved for end-users. This - field can only be set when the Service type is - 'LoadBalancer'. If not set, the default load balancer - implementation is used, today this is typically - done through the cloud provider integration, but - should apply for any default implementation. If - set, it is assumed that a load balancer implementation - is watching for Services with a matching class. - Any default load balancer implementation (e.g. - cloud providers) should ignore Services that set - this field. This field can only be set when creating - or updating a Service to type 'LoadBalancer'. - Once set, it can not be changed. This field will - be wiped when a service is updated to a non 'LoadBalancer' - type. + description: |- + loadBalancerClass is the class of the load balancer implementation this Service belongs to. + If specified, the value of this field must be a label-style identifier, with an optional prefix, + e.g. "internal-vip" or "example.com/internal-vip". Unprefixed names are reserved for end-users. + This field can only be set when the Service type is 'LoadBalancer'. If not set, the default load + balancer implementation is used, today this is typically done through the cloud provider integration, + but should apply for any default implementation. If set, it is assumed that a load balancer + implementation is watching for Services with a matching class. Any default load balancer + implementation (e.g. cloud providers) should ignore Services that set this field. + This field can only be set when creating or updating a Service to type 'LoadBalancer'. + Once set, it can not be changed. This field will be wiped when a service is updated to a non 'LoadBalancer' type. type: string loadBalancerSourceRanges: - description: 'If specified and supported by the - platform, this will restrict traffic through the - cloud-provider load-balancer will be restricted - to the specified client IPs. This field will be - ignored if the cloud-provider does not support - the feature." More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/' + description: |- + If specified and supported by the platform, this will restrict traffic through the cloud-provider + load-balancer will be restricted to the specified client IPs. This field will be ignored if the + cloud-provider does not support the feature." + More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/ items: type: string type: array sessionAffinity: - description: 'Supports "ClientIP" and "None". Used - to maintain session affinity. Enable client IP - based session affinity. Must be ClientIP or None. - Defaults to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies' + description: |- + Supports "ClientIP" and "None". Used to maintain session affinity. + Enable client IP based session affinity. + Must be ClientIP or None. + Defaults to None. + More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies type: string sessionAffinityConfig: description: sessionAffinityConfig contains the @@ -239,41 +220,38 @@ spec: of Client IP based session affinity. properties: timeoutSeconds: - description: timeoutSeconds specifies the - seconds of ClientIP type session sticky - time. The value must be >0 && <=86400(for - 1 day) if ServiceAffinity == "ClientIP". + description: |- + timeoutSeconds specifies the seconds of ClientIP type session sticky time. + The value must be >0 && <=86400(for 1 day) if ServiceAffinity == "ClientIP". Default value is 10800(for 3 hours). format: int32 type: integer type: object type: object type: - description: 'type determines how the Service is - exposed. Defaults to ClusterIP. Valid options - are ExternalName, ClusterIP, NodePort, and LoadBalancer. - "ClusterIP" allocates a cluster-internal IP address - for load-balancing to endpoints. Endpoints are - determined by the selector or if that is not specified, - by manual construction of an Endpoints object - or EndpointSlice objects. If clusterIP is "None", - no virtual IP is allocated and the endpoints are - published as a set of endpoints rather than a - virtual IP. "NodePort" builds on ClusterIP and - allocates a port on every node which routes to - the same endpoints as the clusterIP. "LoadBalancer" - builds on NodePort and creates an external load-balancer - (if supported in the current cloud) which routes - to the same endpoints as the clusterIP. "ExternalName" - aliases this service to the specified externalName. - Several other fields do not apply to ExternalName - services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types' + description: |- + type determines how the Service is exposed. Defaults to ClusterIP. Valid + options are ExternalName, ClusterIP, NodePort, and LoadBalancer. + "ClusterIP" allocates a cluster-internal IP address for load-balancing + to endpoints. Endpoints are determined by the selector or if that is not + specified, by manual construction of an Endpoints object or + EndpointSlice objects. If clusterIP is "None", no virtual IP is + allocated and the endpoints are published as a set of endpoints rather + than a virtual IP. + "NodePort" builds on ClusterIP and allocates a port on every node which + routes to the same endpoints as the clusterIP. + "LoadBalancer" builds on NodePort and creates an external load-balancer + (if supported in the current cloud) which routes to the same endpoints + as the clusterIP. + "ExternalName" aliases this service to the specified externalName. + Several other fields do not apply to ExternalName services. + More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types type: string type: object type: object - description: Override configuration for the Service created - to serve traffic to the cluster. The key must be the endpoint - type (public, internal) + description: |- + Override configuration for the Service created to serve traffic to the cluster. + The key must be the endpoint type (public, internal) type: object type: object replicas: @@ -284,23 +262,29 @@ spec: minimum: 0 type: integer resources: - description: Resources - Compute Resources required by this service - (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + description: |- + Resources - Compute Resources required by this service (Limits/Requests). + https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable. It can only be - set for containers." + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + + This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. type: string required: - name @@ -316,8 +300,9 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object requests: additionalProperties: @@ -326,11 +311,11 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. Requests cannot exceed - Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object type: object tls: @@ -375,28 +360,26 @@ spec: be set to environmental default if empty) type: string customServiceConfig: - description: CustomServiceConfig - customize the service config - using this parameter to change service defaults, or overwrite - rendered information using raw OpenStack config format. The - content gets added to to /etc//.conf.d directory - as a custom config file. + description: |- + CustomServiceConfig - customize the service config using this parameter to change service defaults, + or overwrite rendered information using raw OpenStack config format. The content gets added to + to /etc//.conf.d directory as a custom config file. type: string customServiceConfigSecrets: - description: CustomServiceConfigSecrets - customize the service - config using this parameter to specify Secrets that contain - sensitive service config data. The content of each Secret gets - added to the /etc//.conf.d directory as a - custom config file. + description: |- + CustomServiceConfigSecrets - customize the service config using this parameter to specify Secrets + that contain sensitive service config data. The content of each Secret gets added to the + /etc//.conf.d directory as a custom config file. items: type: string type: array defaultConfigOverwrite: additionalProperties: type: string - description: 'ConfigOverwrite - interface to overwrite default - config files like e.g. policy.json. But can also be used to - add additional files. Those get added to the service config - dir in /etc/ . TODO: -> implement' + description: |- + ConfigOverwrite - interface to overwrite default config files like e.g. policy.json. + But can also be used to add additional files. Those get added to the service config dir in /etc/ . + TODO: -> implement type: object networkAttachments: description: NetworkAttachments is a list of NetworkAttachment @@ -407,9 +390,9 @@ spec: nodeSelector: additionalProperties: type: string - description: NodeSelector to target subset of worker nodes running - this component. Setting here overrides any global NodeSelector - settings within the Barbican CR. + description: |- + NodeSelector to target subset of worker nodes running this component. Setting here overrides + any global NodeSelector settings within the Barbican CR. type: object replicas: default: 1 @@ -419,23 +402,29 @@ spec: minimum: 0 type: integer resources: - description: Resources - Compute Resources required by this service - (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + description: |- + Resources - Compute Resources required by this service (Limits/Requests). + https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable. It can only be - set for containers." + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + + This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. type: string required: - name @@ -451,8 +440,9 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object requests: additionalProperties: @@ -461,11 +451,11 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. Requests cannot exceed - Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object type: object required: @@ -480,28 +470,26 @@ spec: be set to environmental default if empty) type: string customServiceConfig: - description: CustomServiceConfig - customize the service config - using this parameter to change service defaults, or overwrite - rendered information using raw OpenStack config format. The - content gets added to to /etc//.conf.d directory - as a custom config file. + description: |- + CustomServiceConfig - customize the service config using this parameter to change service defaults, + or overwrite rendered information using raw OpenStack config format. The content gets added to + to /etc//.conf.d directory as a custom config file. type: string customServiceConfigSecrets: - description: CustomServiceConfigSecrets - customize the service - config using this parameter to specify Secrets that contain - sensitive service config data. The content of each Secret gets - added to the /etc//.conf.d directory as a - custom config file. + description: |- + CustomServiceConfigSecrets - customize the service config using this parameter to specify Secrets + that contain sensitive service config data. The content of each Secret gets added to the + /etc//.conf.d directory as a custom config file. items: type: string type: array defaultConfigOverwrite: additionalProperties: type: string - description: 'ConfigOverwrite - interface to overwrite default - config files like e.g. policy.json. But can also be used to - add additional files. Those get added to the service config - dir in /etc/ . TODO: -> implement' + description: |- + ConfigOverwrite - interface to overwrite default config files like e.g. policy.json. + But can also be used to add additional files. Those get added to the service config dir in /etc/ . + TODO: -> implement type: object networkAttachments: description: NetworkAttachments is a list of NetworkAttachment @@ -512,9 +500,9 @@ spec: nodeSelector: additionalProperties: type: string - description: NodeSelector to target subset of worker nodes running - this component. Setting here overrides any global NodeSelector - settings within the Barbican CR. + description: |- + NodeSelector to target subset of worker nodes running this component. Setting here overrides + any global NodeSelector settings within the Barbican CR. type: object replicas: default: 1 @@ -524,23 +512,29 @@ spec: minimum: 0 type: integer resources: - description: Resources - Compute Resources required by this service - (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + description: |- + Resources - Compute Resources required by this service (Limits/Requests). + https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable. It can only be - set for containers." + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + + This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. type: string required: - name @@ -556,8 +550,9 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object requests: additionalProperties: @@ -566,22 +561,21 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. Requests cannot exceed - Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object type: object required: - containerImage type: object customServiceConfig: - description: CustomServiceConfig - customize the service config using - this parameter to change service defaults, or overwrite rendered - information using raw OpenStack config format. The content gets - added to to /etc//.conf.d directory as custom.conf - file. + description: |- + CustomServiceConfig - customize the service config using this parameter to change service defaults, + or overwrite rendered information using raw OpenStack config format. The content gets added to + to /etc//.conf.d directory as custom.conf file. type: string databaseAccount: default: barbican @@ -589,17 +583,19 @@ spec: for barbican DB, defaults to barbican type: string databaseInstance: - description: 'MariaDB instance name TODO(dmendiza): Is this comment - right? Right now required by the maridb-operator to get the credentials - from the instance to create the DB Might not be required in future' + description: |- + MariaDB instance name + TODO(dmendiza): Is this comment right? + Right now required by the maridb-operator to get the credentials from the instance to create the DB + Might not be required in future type: string defaultConfigOverwrite: additionalProperties: type: string - description: 'ConfigOverwrite - interface to overwrite default config - files like e.g. logging.conf or policy.json. But can also be used - to add additional files. Those get added to the service config dir - in /etc/ . TODO(dmendiza): -> implement' + description: |- + ConfigOverwrite - interface to overwrite default config files like e.g. logging.conf or policy.json. + But can also be used to add additional files. Those get added to the service config dir in /etc/ . + TODO(dmendiza): -> implement type: object enabledSecretStores: items: @@ -624,9 +620,9 @@ spec: nodeSelector: additionalProperties: type: string - description: NodeSelector to target subset of worker nodes running - this component. Setting here overrides any global NodeSelector settings - within the Barbican CR. + description: |- + NodeSelector to target subset of worker nodes running this component. Setting here overrides + any global NodeSelector settings within the Barbican CR. type: object passwordSelectors: default: @@ -724,20 +720,23 @@ spec: description: The HSM's IPv4 address (X.Y.Z.K) type: string slotId: - description: One of TokenSerialNumber, TokenLabels or SlotId must + description: |- + One of TokenSerialNumber, TokenLabels or SlotId must be defined. SlotId is used if none of the others is defined type: string tokenLabels: - description: Token labels used to identify the token to be used. - One of TokenSerialNumber, TokenLabels or SlotId must be specified. - TokenLabels takes priority over SlotId. This can be a comma - separated string of labels + description: |- + Token labels used to identify the token to be used. + One of TokenSerialNumber, TokenLabels or SlotId must + be specified. TokenLabels takes priority over SlotId. + This can be a comma separated string of labels type: string tokenSerialNumber: - description: Token serial number used to identify the token to - be used. One of TokenSerialNumber, TokenLabels or SlotId must - be defined. TokenSerialNumber takes priority over TokenLabels - and SlotId + description: |- + Token serial number used to identify the token to be used. + One of TokenSerialNumber, TokenLabels or SlotId must + be defined. TokenSerialNumber takes priority over + TokenLabels and SlotId type: string type: description: 'A string containing the HSM type (currently supported: @@ -758,8 +757,9 @@ spec: type: boolean rabbitMqClusterName: default: rabbitmq - description: RabbitMQ instance name Needed to request a transportURL - that is created and used in Barbican + description: |- + RabbitMQ instance name + Needed to request a transportURL that is created and used in Barbican type: string secret: default: osp-secret @@ -809,10 +809,10 @@ spec: operational state. properties: lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. + description: |- + Last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when + the API field changed is acceptable. format: date-time type: string message: @@ -824,14 +824,13 @@ spec: in CamelCase. type: string severity: - description: Severity provides a classification of Reason code, - so the current situation is immediately understandable and - could act accordingly. It is meant for situations where Status=False - and it should be indicated if it is just informational, warning - (next reconciliation might fix it) or an error (e.g. DB create - issue and no actions to automatically resolve the issue can/should - be done). For conditions where Status=Unknown or Status=True - the Severity should be SeverityNone. + description: |- + Severity provides a classification of Reason code, so the current situation is immediately + understandable and could act accordingly. + It is meant for situations where Status=False and it should be indicated if it is just + informational, warning (next reconciliation might fix it) or an error (e.g. DB create issue + and no actions to automatically resolve the issue can/should be done). + For conditions where Status=Unknown or Status=True the Severity should be SeverityNone. type: string status: description: Status of the condition, one of True, False, Unknown. @@ -854,11 +853,11 @@ spec: description: Map of hashes to track e.g. job status type: object observedGeneration: - description: ObservedGeneration - the most recent generation observed - for this service. If the observed generation is less than the spec - generation, then the controller has not processed the latest changes - injected by the opentack-operator in the top-level CR (e.g. the - ContainerImage) + description: |- + ObservedGeneration - the most recent generation observed for this + service. If the observed generation is less than the spec generation, + then the controller has not processed the latest changes injected by + the opentack-operator in the top-level CR (e.g. the ContainerImage) format: int64 type: integer serviceID: diff --git a/config/crd/bases/barbican.openstack.org_barbicanworkers.yaml b/config/crd/bases/barbican.openstack.org_barbicanworkers.yaml index 584c4df4..ad899467 100644 --- a/config/crd/bases/barbican.openstack.org_barbicanworkers.yaml +++ b/config/crd/bases/barbican.openstack.org_barbicanworkers.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.11.1 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: barbicanworkers.barbican.openstack.org spec: group: barbican.openstack.org @@ -30,14 +29,19 @@ spec: description: BarbicanWorker is the Schema for the barbicanworkers API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -49,17 +53,16 @@ spec: set to environmental default if empty) type: string customServiceConfig: - description: CustomServiceConfig - customize the service config using - this parameter to change service defaults, or overwrite rendered - information using raw OpenStack config format. The content gets - added to to /etc//.conf.d directory as a custom - config file. + description: |- + CustomServiceConfig - customize the service config using this parameter to change service defaults, + or overwrite rendered information using raw OpenStack config format. The content gets added to + to /etc//.conf.d directory as a custom config file. type: string customServiceConfigSecrets: - description: CustomServiceConfigSecrets - customize the service config - using this parameter to specify Secrets that contain sensitive service - config data. The content of each Secret gets added to the /etc//.conf.d - directory as a custom config file. + description: |- + CustomServiceConfigSecrets - customize the service config using this parameter to specify Secrets + that contain sensitive service config data. The content of each Secret gets added to the + /etc//.conf.d directory as a custom config file. items: type: string type: array @@ -71,17 +74,19 @@ spec: databaseHostname: type: string databaseInstance: - description: 'MariaDB instance name TODO(dmendiza): Is this comment - right? Right now required by the maridb-operator to get the credentials - from the instance to create the DB Might not be required in future' + description: |- + MariaDB instance name + TODO(dmendiza): Is this comment right? + Right now required by the maridb-operator to get the credentials from the instance to create the DB + Might not be required in future type: string defaultConfigOverwrite: additionalProperties: type: string - description: 'ConfigOverwrite - interface to overwrite default config - files like e.g. policy.json. But can also be used to add additional - files. Those get added to the service config dir in /etc/ - . TODO: -> implement' + description: |- + ConfigOverwrite - interface to overwrite default config files like e.g. policy.json. + But can also be used to add additional files. Those get added to the service config dir in /etc/ . + TODO: -> implement type: object enabledSecretStores: items: @@ -112,9 +117,9 @@ spec: nodeSelector: additionalProperties: type: string - description: NodeSelector to target subset of worker nodes running - this component. Setting here overrides any global NodeSelector settings - within the Barbican CR. + description: |- + NodeSelector to target subset of worker nodes running this component. Setting here overrides + any global NodeSelector settings within the Barbican CR. type: object passwordSelectors: default: @@ -212,20 +217,23 @@ spec: description: The HSM's IPv4 address (X.Y.Z.K) type: string slotId: - description: One of TokenSerialNumber, TokenLabels or SlotId must + description: |- + One of TokenSerialNumber, TokenLabels or SlotId must be defined. SlotId is used if none of the others is defined type: string tokenLabels: - description: Token labels used to identify the token to be used. - One of TokenSerialNumber, TokenLabels or SlotId must be specified. - TokenLabels takes priority over SlotId. This can be a comma - separated string of labels + description: |- + Token labels used to identify the token to be used. + One of TokenSerialNumber, TokenLabels or SlotId must + be specified. TokenLabels takes priority over SlotId. + This can be a comma separated string of labels type: string tokenSerialNumber: - description: Token serial number used to identify the token to - be used. One of TokenSerialNumber, TokenLabels or SlotId must - be defined. TokenSerialNumber takes priority over TokenLabels - and SlotId + description: |- + Token serial number used to identify the token to be used. + One of TokenSerialNumber, TokenLabels or SlotId must + be defined. TokenSerialNumber takes priority over + TokenLabels and SlotId type: string type: description: 'A string containing the HSM type (currently supported: @@ -241,8 +249,9 @@ spec: type: object rabbitMqClusterName: default: rabbitmq - description: RabbitMQ instance name Needed to request a transportURL - that is created and used in Barbican + description: |- + RabbitMQ instance name + Needed to request a transportURL that is created and used in Barbican type: string replicas: default: 1 @@ -252,22 +261,29 @@ spec: minimum: 0 type: integer resources: - description: Resources - Compute Resources required by this service - (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + description: |- + Resources - Compute Resources required by this service (Limits/Requests). + https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ properties: claims: - description: "Claims lists the names of resources, defined in - spec.resourceClaims, that are used by this container. \n This - is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable. It can only be set - for containers." + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + + This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in pod.spec.resourceClaims - of the Pod where this field is used. It makes that resource - available inside a container. + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. type: string required: - name @@ -283,8 +299,9 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object requests: additionalProperties: @@ -293,11 +310,11 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object type: object secret: @@ -345,10 +362,10 @@ spec: operational state. properties: lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. + description: |- + Last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when + the API field changed is acceptable. format: date-time type: string message: @@ -360,14 +377,13 @@ spec: in CamelCase. type: string severity: - description: Severity provides a classification of Reason code, - so the current situation is immediately understandable and - could act accordingly. It is meant for situations where Status=False - and it should be indicated if it is just informational, warning - (next reconciliation might fix it) or an error (e.g. DB create - issue and no actions to automatically resolve the issue can/should - be done). For conditions where Status=Unknown or Status=True - the Severity should be SeverityNone. + description: |- + Severity provides a classification of Reason code, so the current situation is immediately + understandable and could act accordingly. + It is meant for situations where Status=False and it should be indicated if it is just + informational, warning (next reconciliation might fix it) or an error (e.g. DB create issue + and no actions to automatically resolve the issue can/should be done). + For conditions where Status=Unknown or Status=True the Severity should be SeverityNone. type: string status: description: Status of the condition, one of True, False, Unknown. @@ -397,9 +413,10 @@ spec: description: NetworkAttachments status of the deployment pods type: object readyCount: - description: 'INSERT ADDITIONAL STATUS FIELD - define observed state - of cluster Important: Run "make" to regenerate code after modifying - this file ReadyCount of barbican API instances' + description: |- + INSERT ADDITIONAL STATUS FIELD - define observed state of cluster + Important: Run "make" to regenerate code after modifying this file + ReadyCount of barbican API instances format: int32 type: integer type: object diff --git a/config/rbac/role.yaml b/config/rbac/role.yaml index 09b13bc2..bc7684c6 100644 --- a/config/rbac/role.yaml +++ b/config/rbac/role.yaml @@ -2,7 +2,6 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - creationTimestamp: null name: manager-role rules: - apiGroups: diff --git a/config/webhook/manifests.yaml b/config/webhook/manifests.yaml index 657de810..40246fd2 100644 --- a/config/webhook/manifests.yaml +++ b/config/webhook/manifests.yaml @@ -2,7 +2,6 @@ apiVersion: admissionregistration.k8s.io/v1 kind: MutatingWebhookConfiguration metadata: - creationTimestamp: null name: mutating-webhook-configuration webhooks: - admissionReviewVersions: @@ -29,7 +28,6 @@ webhooks: apiVersion: admissionregistration.k8s.io/v1 kind: ValidatingWebhookConfiguration metadata: - creationTimestamp: null name: validating-webhook-configuration webhooks: - admissionReviewVersions: