diff --git a/go.mod b/go.mod index 8704f801b4..688ba14635 100644 --- a/go.mod +++ b/go.mod @@ -39,9 +39,9 @@ require ( github.com/opencontainers/go-digest v1.0.0 github.com/opencontainers/image-spec v1.1.1 github.com/openshift-eng/openshift-tests-extension v0.0.0-20250804142706-7b3ab438a292 - github.com/openshift/api v0.0.0-20260309185601-71270106f276 + github.com/openshift/api v0.0.0-20260626094904-39631f42b31b github.com/openshift/build-machinery-go v0.0.0-20251023084048-5d77c1a5e5af - github.com/openshift/client-go v0.0.0-20260306160707-3935d929fc7d + github.com/openshift/client-go v0.0.0-20260629081241-b769428f4111 github.com/openshift/library-go v0.0.0-20260303171201-5d9eb6295ff6 github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c github.com/prometheus/client_golang v1.23.2 @@ -108,7 +108,7 @@ require ( github.com/docker/docker-credential-helpers v0.9.7 // indirect github.com/docker/go-connections v0.7.0 // indirect github.com/docker/go-metrics v0.0.1 // indirect - github.com/emicklei/go-restful/v3 v3.12.2 // indirect + github.com/emicklei/go-restful/v3 v3.13.0 // indirect github.com/exponent-io/jsonpath v0.0.0-20210407135951-1de76d718b3f // indirect github.com/fatih/camelcase v1.0.0 // indirect github.com/felixge/fgprof v0.9.4 // indirect @@ -122,7 +122,18 @@ require ( github.com/go-logr/logr v1.4.3 // indirect github.com/go-openapi/jsonpointer v0.21.0 // indirect github.com/go-openapi/jsonreference v0.21.0 // indirect - github.com/go-openapi/swag v0.23.0 // indirect + github.com/go-openapi/swag v0.25.4 // indirect + github.com/go-openapi/swag/cmdutils v0.25.4 // indirect + github.com/go-openapi/swag/conv v0.25.4 // indirect + github.com/go-openapi/swag/fileutils v0.25.4 // indirect + github.com/go-openapi/swag/jsonname v0.25.4 // indirect + github.com/go-openapi/swag/jsonutils v0.25.4 // indirect + github.com/go-openapi/swag/loading v0.25.4 // indirect + github.com/go-openapi/swag/mangling v0.25.4 // indirect + github.com/go-openapi/swag/netutils v0.25.4 // indirect + github.com/go-openapi/swag/stringutils v0.25.4 // indirect + github.com/go-openapi/swag/typeutils v0.25.4 // indirect + github.com/go-openapi/swag/yamlutils v0.25.4 // indirect github.com/go-task/slim-sprig/v3 v3.0.0 // indirect github.com/gogo/protobuf v1.3.2 // indirect github.com/gonum/blas v0.0.0-20181208220705-f22b278b28ac // indirect @@ -146,12 +157,10 @@ require ( github.com/int128/listener v1.3.0 // indirect github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 // indirect github.com/jonboulle/clockwork v0.5.0 // indirect - github.com/josharian/intern v1.0.0 // indirect github.com/json-iterator/go v1.1.12 // indirect github.com/klauspost/compress v1.18.6 // indirect github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de // indirect github.com/lithammer/dedent v1.1.0 // indirect - github.com/mailru/easyjson v0.7.7 // indirect github.com/mitchellh/go-wordwrap v1.0.1 // indirect github.com/moby/docker-image-spec v1.3.1 // indirect github.com/moby/go-archive v0.1.0 // indirect @@ -208,7 +217,7 @@ require ( gopkg.in/yaml.v3 v3.0.1 // indirect k8s.io/component-helpers v0.35.2 // indirect k8s.io/kube-aggregator v0.35.1 // indirect - k8s.io/kube-openapi v0.0.0-20250910181357-589584f1c912 // indirect + k8s.io/kube-openapi v0.0.0-20260519202549-bbf5c5577288 // indirect k8s.io/metrics v0.35.2 // indirect sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730 // indirect sigs.k8s.io/kube-storage-version-migrator v0.0.6-0.20230721195810-5c8923c5ff96 // indirect @@ -216,7 +225,7 @@ require ( sigs.k8s.io/kustomize/kustomize/v5 v5.7.1 // indirect sigs.k8s.io/kustomize/kyaml v0.20.1 // indirect sigs.k8s.io/randfill v1.0.0 // indirect - sigs.k8s.io/structured-merge-diff/v6 v6.3.0 // indirect + sigs.k8s.io/structured-merge-diff/v6 v6.3.2 // indirect ) replace github.com/apcera/gssapi => github.com/openshift/gssapi v0.0.0-20161010215902-5fb4217df13b diff --git a/go.sum b/go.sum index 0db6b686f4..393a695d03 100644 --- a/go.sum +++ b/go.sum @@ -141,8 +141,8 @@ github.com/docker/libtrust v0.0.0-20160708172513-aabc10ec26b7 h1:UhxFibDNY/bfvqU github.com/docker/libtrust v0.0.0-20160708172513-aabc10ec26b7/go.mod h1:cyGadeNEkKy96OOhEzfZl+yxihPEzKnqJwvfuSUqbZE= github.com/elazarl/goproxy v1.8.2 h1:keGt9KHFAnrXFEctQuOF9NRxKFCXtd5cQg5PrBdeVW4= github.com/elazarl/goproxy v1.8.2/go.mod h1:b5xm6W48AUHNpRTCvlnd0YVh+JafCCtsLsJZvvNTz+E= -github.com/emicklei/go-restful/v3 v3.12.2 h1:DhwDP0vY3k8ZzE0RunuJy8GhNpPL6zqLkDf9B/a0/xU= -github.com/emicklei/go-restful/v3 v3.12.2/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= +github.com/emicklei/go-restful/v3 v3.13.0 h1:C4Bl2xDndpU6nJ4bc1jXd+uTmYPVUwkD6bFY/oTyCes= +github.com/emicklei/go-restful/v3 v3.13.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= github.com/exponent-io/jsonpath v0.0.0-20210407135951-1de76d718b3f h1:Wl78ApPPB2Wvf/TIe2xdyJxTlb6obmF18d8QdkxNDu4= github.com/exponent-io/jsonpath v0.0.0-20210407135951-1de76d718b3f/go.mod h1:OSYXu++VVOHnXeitef/D8n/6y4QV8uLHSFXX4NeXMGc= github.com/fatih/camelcase v1.0.0 h1:hxNvNX/xYBp0ovncs8WyWZrOrpBNub/JfaMvbURyft8= @@ -183,8 +183,36 @@ github.com/go-openapi/jsonpointer v0.21.0 h1:YgdVicSA9vH5RiHs9TZW5oyafXZFc6+2Vc1 github.com/go-openapi/jsonpointer v0.21.0/go.mod h1:IUyH9l/+uyhIYQ/PXVA41Rexl+kOkAPDdXEYns6fzUY= github.com/go-openapi/jsonreference v0.21.0 h1:Rs+Y7hSXT83Jacb7kFyjn4ijOuVGSvOdF2+tg1TRrwQ= github.com/go-openapi/jsonreference v0.21.0/go.mod h1:LmZmgsrTkVg9LG4EaHeY8cBDslNPMo06cago5JNLkm4= -github.com/go-openapi/swag v0.23.0 h1:vsEVJDUo2hPJ2tu0/Xc+4noaxyEffXNIs3cOULZ+GrE= -github.com/go-openapi/swag v0.23.0/go.mod h1:esZ8ITTYEsH1V2trKHjAN8Ai7xHb8RV+YSZ577vPjgQ= +github.com/go-openapi/swag v0.25.4 h1:OyUPUFYDPDBMkqyxOTkqDYFnrhuhi9NR6QVUvIochMU= +github.com/go-openapi/swag v0.25.4/go.mod h1:zNfJ9WZABGHCFg2RnY0S4IOkAcVTzJ6z2Bi+Q4i6qFQ= +github.com/go-openapi/swag/cmdutils v0.25.4 h1:8rYhB5n6WawR192/BfUu2iVlxqVR9aRgGJP6WaBoW+4= +github.com/go-openapi/swag/cmdutils v0.25.4/go.mod h1:pdae/AFo6WxLl5L0rq87eRzVPm/XRHM3MoYgRMvG4A0= +github.com/go-openapi/swag/conv v0.25.4 h1:/Dd7p0LZXczgUcC/Ikm1+YqVzkEeCc9LnOWjfkpkfe4= +github.com/go-openapi/swag/conv v0.25.4/go.mod h1:3LXfie/lwoAv0NHoEuY1hjoFAYkvlqI/Bn5EQDD3PPU= +github.com/go-openapi/swag/fileutils v0.25.4 h1:2oI0XNW5y6UWZTC7vAxC8hmsK/tOkWXHJQH4lKjqw+Y= +github.com/go-openapi/swag/fileutils v0.25.4/go.mod h1:cdOT/PKbwcysVQ9Tpr0q20lQKH7MGhOEb6EwmHOirUk= +github.com/go-openapi/swag/jsonname v0.25.4 h1:bZH0+MsS03MbnwBXYhuTttMOqk+5KcQ9869Vye1bNHI= +github.com/go-openapi/swag/jsonname v0.25.4/go.mod h1:GPVEk9CWVhNvWhZgrnvRA6utbAltopbKwDu8mXNUMag= +github.com/go-openapi/swag/jsonutils v0.25.4 h1:VSchfbGhD4UTf4vCdR2F4TLBdLwHyUDTd1/q4i+jGZA= +github.com/go-openapi/swag/jsonutils v0.25.4/go.mod h1:7OYGXpvVFPn4PpaSdPHJBtF0iGnbEaTk8AvBkoWnaAY= +github.com/go-openapi/swag/jsonutils/fixtures_test v0.25.4 h1:IACsSvBhiNJwlDix7wq39SS2Fh7lUOCJRmx/4SN4sVo= +github.com/go-openapi/swag/jsonutils/fixtures_test v0.25.4/go.mod h1:Mt0Ost9l3cUzVv4OEZG+WSeoHwjWLnarzMePNDAOBiM= +github.com/go-openapi/swag/loading v0.25.4 h1:jN4MvLj0X6yhCDduRsxDDw1aHe+ZWoLjW+9ZQWIKn2s= +github.com/go-openapi/swag/loading v0.25.4/go.mod h1:rpUM1ZiyEP9+mNLIQUdMiD7dCETXvkkC30z53i+ftTE= +github.com/go-openapi/swag/mangling v0.25.4 h1:2b9kBJk9JvPgxr36V23FxJLdwBrpijI26Bx5JH4Hp48= +github.com/go-openapi/swag/mangling v0.25.4/go.mod h1:6dxwu6QyORHpIIApsdZgb6wBk/DPU15MdyYj/ikn0Hg= +github.com/go-openapi/swag/netutils v0.25.4 h1:Gqe6K71bGRb3ZQLusdI8p/y1KLgV4M/k+/HzVSqT8H0= +github.com/go-openapi/swag/netutils v0.25.4/go.mod h1:m2W8dtdaoX7oj9rEttLyTeEFFEBvnAx9qHd5nJEBzYg= +github.com/go-openapi/swag/stringutils v0.25.4 h1:O6dU1Rd8bej4HPA3/CLPciNBBDwZj9HiEpdVsb8B5A8= +github.com/go-openapi/swag/stringutils v0.25.4/go.mod h1:GTsRvhJW5xM5gkgiFe0fV3PUlFm0dr8vki6/VSRaZK0= +github.com/go-openapi/swag/typeutils v0.25.4 h1:1/fbZOUN472NTc39zpa+YGHn3jzHWhv42wAJSN91wRw= +github.com/go-openapi/swag/typeutils v0.25.4/go.mod h1:Ou7g//Wx8tTLS9vG0UmzfCsjZjKhpjxayRKTHXf2pTE= +github.com/go-openapi/swag/yamlutils v0.25.4 h1:6jdaeSItEUb7ioS9lFoCZ65Cne1/RZtPBZ9A56h92Sw= +github.com/go-openapi/swag/yamlutils v0.25.4/go.mod h1:MNzq1ulQu+yd8Kl7wPOut/YHAAU/H6hL91fF+E2RFwc= +github.com/go-openapi/testify/enable/yaml/v2 v2.0.2 h1:0+Y41Pz1NkbTHz8NngxTuAXxEodtNSI1WG1c/m5Akw4= +github.com/go-openapi/testify/enable/yaml/v2 v2.0.2/go.mod h1:kme83333GCtJQHXQ8UKX3IBZu6z8T5Dvy5+CW3NLUUg= +github.com/go-openapi/testify/v2 v2.0.2 h1:X999g3jeLcoY8qctY/c/Z8iBHTbwLz7R2WXd6Ub6wls= +github.com/go-openapi/testify/v2 v2.0.2/go.mod h1:HCPmvFFnheKK2BuwSA0TbbdxJ3I16pjwMkYkP4Ywn54= github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= github.com/go-task/slim-sprig/v3 v3.0.0 h1:sUs3vkvUymDpBKi3qH1YSqBQk9+9D/8M2mN1vB6EwHI= github.com/go-task/slim-sprig/v3 v3.0.0/go.mod h1:W848ghGpv3Qj3dhTPRyJypKRiqCdHZiAzKg9hl15HA8= @@ -269,7 +297,6 @@ github.com/joelanford/ignore v0.1.1 h1:vKky5RDoPT+WbONrbQBgOn95VV/UPh4ejlyAbbzgn github.com/joelanford/ignore v0.1.1/go.mod h1:8eho/D8fwQ3rIXrLwE23AaeaGDNXqLE9QJ3zJ4LIPCw= github.com/jonboulle/clockwork v0.5.0 h1:Hyh9A8u51kptdkR+cqRpT1EebBwTn1oK9YfGYbdFz6I= github.com/jonboulle/clockwork v0.5.0/go.mod h1:3mZlmanh0g2NDKO5TWZVJAfofYk64M7XN3SzBPjZF60= -github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY= github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y= github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= github.com/json-iterator/go v1.1.7/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= @@ -295,7 +322,6 @@ github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de h1:9TO3cAIGXtEhn github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de/go.mod h1:zAbeS9B/r2mtpb6U+EI2rYA5OAXxsYw6wTamcNW+zcE= github.com/lithammer/dedent v1.1.0 h1:VNzHMVCBNG1j0fh3OrsFRkVUwStdDArbgBWoPAffktY= github.com/lithammer/dedent v1.1.0/go.mod h1:jrXYCQtgg0nJiN+StA2KgR7w6CiQNv9Fd/Z9BP0jIOc= -github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0= github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= github.com/mitchellh/go-wordwrap v1.0.1 h1:TLuKupo69TCn6TQSyGxwI1EblZZEsQ0vMlAFQflz0v0= @@ -355,12 +381,12 @@ github.com/opencontainers/selinux v1.14.1 h1:a7XlXV/nN/l5zFP1FWZYoExpClu1QOPMfWU github.com/opencontainers/selinux v1.14.1/go.mod h1:LenyElirjUHszfxrjuFqC85HIeXZKumHcKMQtnaDlQQ= github.com/openshift-eng/openshift-tests-extension v0.0.0-20250804142706-7b3ab438a292 h1:3athg6KQ+TaNfW4BWZDlGFt1ImSZEJWgzXtPC1VPITI= github.com/openshift-eng/openshift-tests-extension v0.0.0-20250804142706-7b3ab438a292/go.mod h1:6gkP5f2HL0meusT0Aim8icAspcD1cG055xxBZ9yC68M= -github.com/openshift/api v0.0.0-20260309185601-71270106f276 h1:9QZuPCOT0ME3I7NmsAGBuzGvEyCyzQhAmbfmfCmrLhI= -github.com/openshift/api v0.0.0-20260309185601-71270106f276/go.mod h1:pyVjK0nZ4sRs4fuQVQ4rubsJdahI1PB94LnQ8sGdvxo= +github.com/openshift/api v0.0.0-20260626094904-39631f42b31b h1:Z1/iNCtc1qSLJC6a91Ywk2oPSB4S9v6Lzz9hFPPkvWc= +github.com/openshift/api v0.0.0-20260626094904-39631f42b31b/go.mod h1:Jm45pE7O6/G0tYYhiLzNyZykTjmf9BfhsKYuGfLLwTE= github.com/openshift/build-machinery-go v0.0.0-20251023084048-5d77c1a5e5af h1:UiYYMi/CCV+kwWrXuXfuUSOY2yNXOpWpNVgHc6aLQlE= github.com/openshift/build-machinery-go v0.0.0-20251023084048-5d77c1a5e5af/go.mod h1:8jcm8UPtg2mCAsxfqKil1xrmRMI3a+XU2TZ9fF8A7TE= -github.com/openshift/client-go v0.0.0-20260306160707-3935d929fc7d h1:T+9HFgEEcnu1TDDfsO5JcJC6N0/Kzob5AtG9IpITHJ8= -github.com/openshift/client-go v0.0.0-20260306160707-3935d929fc7d/go.mod h1:tIA3XSb/WsC/Fg0YNRfs/JrMrloBKPGF+NKVutd7nMI= +github.com/openshift/client-go v0.0.0-20260629081241-b769428f4111 h1:Wa3YiBDvUxenrcE03qF//gWV/DRQf+03ptFUikYO5Kw= +github.com/openshift/client-go v0.0.0-20260629081241-b769428f4111/go.mod h1:X9OaPiMdlU4xQC5SUGxgxoQ/56/GsjAa1wMO/N1Vt08= github.com/openshift/gssapi v0.0.0-20161010215902-5fb4217df13b h1:it0YPE/evO6/m8t8wxis9KFI2F/aleOKsI6d9uz0cEk= github.com/openshift/gssapi v0.0.0-20161010215902-5fb4217df13b/go.mod h1:tNrEB5k8SI+g5kOlsCmL2ELASfpqEofI0+FLBgBdN08= github.com/openshift/library-go v0.0.0-20260303171201-5d9eb6295ff6 h1:xjqy0OolrFdJ+ofI/aD0+2k9+MSk5anP5dXifFt539Q= @@ -585,8 +611,8 @@ k8s.io/klog/v2 v2.140.0 h1:Tf+J3AH7xnUzZyVVXhTgGhEKnFqye14aadWv7bzXdzc= k8s.io/klog/v2 v2.140.0/go.mod h1:o+/RWfJ6PwpnFn7OyAG3QnO47BFsymfEfrz6XyYSSp0= k8s.io/kube-aggregator v0.35.1 h1:LN+btMJ3yp7biqVgT/0LF6SKIKLyfPU0R+JJ1mycs2I= k8s.io/kube-aggregator v0.35.1/go.mod h1:HQSjPQfOFRzcv7biQ7jV3cEfKHG+bczpLCfh4QfvxZU= -k8s.io/kube-openapi v0.0.0-20250910181357-589584f1c912 h1:Y3gxNAuB0OBLImH611+UDZcmKS3g6CthxToOb37KgwE= -k8s.io/kube-openapi v0.0.0-20250910181357-589584f1c912/go.mod h1:kdmbQkyfwUagLfXIad1y2TdrjPFWp2Q89B3qkRwf/pQ= +k8s.io/kube-openapi v0.0.0-20260519202549-bbf5c5577288 h1:A7Lby6ekC6nv+6oO38huCMFBRP0Os+tIeq1GkwxOQes= +k8s.io/kube-openapi v0.0.0-20260519202549-bbf5c5577288/go.mod h1:V/QaCUYDa+0QpcHhVVc5l99Uz56wEMEXBSj9oCDkNDY= k8s.io/kubectl v0.35.2 h1:aSmqhSOfsoG9NR5oR8OD5eMKpLN9x8oncxfqLHbJJII= k8s.io/kubectl v0.35.2/go.mod h1:+OJC779UsDJGxNPbHxCwvb4e4w9Eh62v/DNYU2TlsyM= k8s.io/metrics v0.35.2 h1:PJRP88qeadR5evg4ZKJAh3NR3ICchwM51/Aidd0LHjc= @@ -607,7 +633,7 @@ sigs.k8s.io/kustomize/kyaml v0.20.1 h1:PCMnA2mrVbRP3NIB6v9kYCAc38uvFLVs8j/CD567A sigs.k8s.io/kustomize/kyaml v0.20.1/go.mod h1:0EmkQHRUsJxY8Ug9Niig1pUMSCGHxQ5RklbpV/Ri6po= sigs.k8s.io/randfill v1.0.0 h1:JfjMILfT8A6RbawdsK2JXGBR5AQVfd+9TbzrlneTyrU= sigs.k8s.io/randfill v1.0.0/go.mod h1:XeLlZ/jmk4i1HRopwe7/aU3H5n1zNUcX6TM94b3QxOY= -sigs.k8s.io/structured-merge-diff/v6 v6.3.0 h1:jTijUJbW353oVOd9oTlifJqOGEkUw2jB/fXCbTiQEco= -sigs.k8s.io/structured-merge-diff/v6 v6.3.0/go.mod h1:M3W8sfWvn2HhQDIbGWj3S099YozAsymCo/wrT5ohRUE= +sigs.k8s.io/structured-merge-diff/v6 v6.3.2 h1:kwVWMx5yS1CrnFWA/2QHyRVJ8jM6dBA80uLmm0wJkk8= +sigs.k8s.io/structured-merge-diff/v6 v6.3.2/go.mod h1:M3W8sfWvn2HhQDIbGWj3S099YozAsymCo/wrT5ohRUE= sigs.k8s.io/yaml v1.6.0 h1:G8fkbMSAFqgEFgh4b1wmtzDnioxFCUgTZhlbj5P9QYs= sigs.k8s.io/yaml v1.6.0/go.mod h1:796bPqUfzR/0jLAl6XjHl3Ck7MiyVv8dbTdyT3/pMf4= diff --git a/pkg/cli/admin/admin.go b/pkg/cli/admin/admin.go index b9d89f7b4b..a31cb60fad 100644 --- a/pkg/cli/admin/admin.go +++ b/pkg/cli/admin/admin.go @@ -35,6 +35,7 @@ import ( "github.com/openshift/oc/pkg/cli/admin/release" "github.com/openshift/oc/pkg/cli/admin/restartkubelet" "github.com/openshift/oc/pkg/cli/admin/top" + "github.com/openshift/oc/pkg/cli/admin/transition" "github.com/openshift/oc/pkg/cli/admin/upgrade" "github.com/openshift/oc/pkg/cli/admin/verifyimagesignature" "github.com/openshift/oc/pkg/cli/admin/waitfornodereboot" @@ -50,6 +51,9 @@ var adminLong = ktemplates.LongDesc(` // inspectAlertsFeatureGate is an environment variable used to gate the inclusion of the inspect-alerts subcommand. const inspectAlertsFeatureGate = "OC_ENABLE_CMD_INSPECT_ALERTS" +// transitionTopologyFeatureGate is an environment variable used to gate the inclusion of the transition topology subcommand. +const transitionTopologyFeatureGate = "OC_ENABLE_CMD_TRANSITION_TOPOLOGY" + func NewCommandAdmin(f kcmdutil.Factory, streams genericiooptions.IOStreams) *cobra.Command { // Main command cmds := &cobra.Command{ @@ -72,6 +76,10 @@ func NewCommandAdmin(f kcmdutil.Factory, streams genericiooptions.IOStreams) *co clusterManagement = append(clusterManagement, inspectalerts.New(f, streams)) } + if kcmdutil.FeatureGate(transitionTopologyFeatureGate).IsEnabled() { + clusterManagement = append(clusterManagement, transition.NewCmdTransition(f, streams)) + } + groups := ktemplates.CommandGroups{ { Message: "Cluster Management:", diff --git a/pkg/cli/admin/transition/constants.go b/pkg/cli/admin/transition/constants.go new file mode 100644 index 0000000000..3da3d90d29 --- /dev/null +++ b/pkg/cli/admin/transition/constants.go @@ -0,0 +1,38 @@ +package transition + +import ( + configv1 "github.com/openshift/api/config/v1" +) + +// Kubernetes and OpenShift resource names +const ( + // InfrastructureResourceName is the name of the cluster-scoped Infrastructure resource + InfrastructureResourceName = "cluster" + + // EtcdOperatorResourceName is the name of the cluster-scoped Etcd operator resource + EtcdOperatorResourceName = "cluster" + + // EtcdNamespace is the namespace where etcd resources are located + EtcdNamespace = "openshift-etcd" + + // EtcdEndpointsConfigMapName is the name of the ConfigMap containing etcd endpoints + EtcdEndpointsConfigMapName = "etcd-endpoints" +) + +// ClusterOperator condition types +const ( + // ClusterOperatorAvailable indicates the operand is available + ClusterOperatorAvailable configv1.ClusterStatusConditionType = configv1.OperatorAvailable + + // ClusterOperatorProgressing indicates the operand is being updated + ClusterOperatorProgressing configv1.ClusterStatusConditionType = configv1.OperatorProgressing + + // ClusterOperatorDegraded indicates the operand is degraded + ClusterOperatorDegraded configv1.ClusterStatusConditionType = configv1.OperatorDegraded +) + +// Etcd operator condition types +const ( + // EtcdMembersAvailableCondition indicates etcd has quorum + EtcdMembersAvailableCondition = "EtcdMembersAvailable" +) diff --git a/pkg/cli/admin/transition/preflight/client_validator.go b/pkg/cli/admin/transition/preflight/client_validator.go new file mode 100644 index 0000000000..6d54792cce --- /dev/null +++ b/pkg/cli/admin/transition/preflight/client_validator.go @@ -0,0 +1,569 @@ +package preflight + +import ( + "context" + "fmt" + "strings" + + corev1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/client-go/kubernetes" + + configv1 "github.com/openshift/api/config/v1" + configv1client "github.com/openshift/client-go/config/clientset/versioned" + operatorv1client "github.com/openshift/client-go/operator/clientset/versioned" + "github.com/openshift/library-go/pkg/operator/v1helpers" +) + +// ClientSideValidator implements Validator interface using client-side validation. +// It duplicates CCO's preflight validation logic by directly querying the API server. +type ClientSideValidator struct { + kubeClient kubernetes.Interface + configClient configv1client.Interface + operatorClient operatorv1client.Interface +} + +// NewClientSideValidator creates a new client-side validator +func NewClientSideValidator( + kubeClient kubernetes.Interface, + configClient configv1client.Interface, + operatorClient operatorv1client.Interface, +) *ClientSideValidator { + return &ClientSideValidator{ + kubeClient: kubeClient, + configClient: configClient, + operatorClient: operatorClient, + } +} + +// Validate checks if transition from current to target topology is possible. +// Uses tiered validation approach: +// - Phase 1: Run ALL Error-severity checks (blocking issues: transition support, feature gates, version) +// - Phase 2: Run ALL Warning-severity checks (cluster readiness: nodes, operators, etcd) +// Short-circuits after Phase 1 if any Error checks fail to avoid wasting time on cluster state checks. +func (v *ClientSideValidator) Validate(ctx context.Context, current, target TopologyState) (*ValidationResult, error) { + result := NewValidationResult(current, target) + + // ======================================================================== + // PHASE 1: Error-severity checks (blocking - cannot be bypassed) + // ======================================================================== + // These checks determine if the transition is fundamentally supported. + // Show ALL blocking issues to the user before short-circuiting. + + // Check 1: Is the control plane transition supported? (CEL-based validation) + // This validates what the CCO will accept in spec.controlPlaneTopology + result.AddCheck(v.validateSupportedTransition(ctx, current, target)) + + // Check 2: Is MutableTopology feature gate enabled? + result.AddCheck(v.validateFeatureGateEnabled(ctx)) + + // Short-circuit if ANY Error-severity checks failed + // Don't waste time checking cluster state if transition isn't even valid + if result.HasErrorCheckFailures() { + return result, nil + } + + // ======================================================================== + // PHASE 2: Warning-severity checks (cluster readiness - bypassable) + // ======================================================================== + // These checks validate cluster state is ready for the transition. + // Can be bypassed with --allow-transition-with-warnings. + + result.AddCheck(v.validateClusterOperatorsStable(ctx)) + result.AddCheck(v.validateControlPlaneNodeCount(ctx, RequiredControlPlaneNodeCount)) + result.AddCheck(v.validateExactInfrastructureNodeCount(ctx, RequiredInfrastructureNodeCount)) + result.AddCheck(v.validateControlPlaneNodesSchedulable(ctx, RequiredControlPlaneNodeCount)) + result.AddCheck(v.validateControlPlaneNodesReady(ctx, RequiredControlPlaneNodeCount)) + result.AddCheck(v.validateEtcdQuorum(ctx)) + result.AddCheck(v.validateEtcdNotProgressing(ctx)) + result.AddCheck(v.validateEtcdVotingMembers(ctx, RequiredEtcdVotingMembers)) + + return result, nil +} + +// Helper functions for creating CheckResults with common patterns + +// checkUnknown creates a CheckResult with Unknown status (API error) +func checkUnknown(name string, severity CheckSeverity, message string, err error) CheckResult { + return CheckResult{ + Name: name, + Severity: severity, + Status: CheckStatusUnknown, + Message: fmt.Sprintf("%s: %v", message, err), + } +} + +// checkFailed creates a CheckResult with Failed status +func checkFailed(name string, severity CheckSeverity, message string) CheckResult { + return CheckResult{ + Name: name, + Severity: severity, + Status: CheckStatusFailed, + Message: message, + } +} + +// checkPassed creates a CheckResult with Passed status +func checkPassed(name string, severity CheckSeverity) CheckResult { + return CheckResult{ + Name: name, + Severity: severity, + Status: CheckStatusPassed, + } +} + +// listNodes fetches all nodes or returns an Unknown CheckResult on error +func (v *ClientSideValidator) listNodes(ctx context.Context, checkName string, severity CheckSeverity) (*corev1.NodeList, *CheckResult) { + nodes, err := v.kubeClient.CoreV1().Nodes().List(ctx, metav1.ListOptions{}) + if err != nil { + result := checkUnknown(checkName, severity, "failed to list nodes", err) + return nil, &result + } + return nodes, nil +} + +// validateSupportedTransition checks if the control plane and infrastructure transition is supported. +// This validates what will be set in spec.controlPlaneTopology and the expected status changes. +// +// Constraint priority (most fundamental first): +// 1. Already at target (no-op check) +// 2. Current state must be SNO (only SNO → HA transitions are supported) +// 3. Control plane must be transitioning to HighlyAvailable (not SingleReplica, infrastructure cannot transition alone) +// 4. Infrastructure must also transition to HighlyAvailable (both topologies transition together) +// +// This ordering ensures that attempts to transition from HighlyAvailable state show the fundamental +// constraint ("only SNO → HA supported") rather than derivative constraints. +func (v *ClientSideValidator) validateSupportedTransition(ctx context.Context, current, target TopologyState) CheckResult { + // Check if control plane is transitioning + cpTransitioning := current.ControlPlane != target.ControlPlane + infraTransitioning := current.Infrastructure != target.Infrastructure + + // Constraint 1: If nothing is transitioning, cluster is already at target + if !cpTransitioning && !infraTransitioning { + return checkFailed(CheckNameSupportedTransition, CheckSeverityError, + fmt.Sprintf("cluster is already at target topology (control plane: %s, infrastructure: %s)", + current.ControlPlane, current.Infrastructure)) + } + + // Constraint 2: Current state must be SingleReplica for both topologies + // This is the fundamental requirement - we only support SNO → HA transitions + if current.ControlPlane != configv1.SingleReplicaTopologyMode || current.Infrastructure != configv1.SingleReplicaTopologyMode { + return checkFailed(CheckNameSupportedTransition, CheckSeverityError, + fmt.Sprintf("only SingleReplica -> HighlyAvailable transitions are supported (current state: control plane %s, infrastructure %s)", + current.ControlPlane, current.Infrastructure)) + } + + // At this point: current state is SNO, something is transitioning + + // Constraint 3: Control plane must be transitioning to HighlyAvailable + if !cpTransitioning { + // Infrastructure is transitioning but control plane is not + return checkFailed(CheckNameSupportedTransition, CheckSeverityError, + fmt.Sprintf("control plane must transition to HighlyAvailable (infrastructure cannot transition alone)")) + } + + if target.ControlPlane != configv1.HighlyAvailableTopologyMode { + // Control plane is transitioning but not to HighlyAvailable + return checkFailed(CheckNameSupportedTransition, CheckSeverityError, + fmt.Sprintf("control plane target must be HighlyAvailable, got %s (only SingleReplica -> HighlyAvailable is allowed)", + target.ControlPlane)) + } + + // At this point: current is SNO, control plane is transitioning SNO → HA + + // Constraint 4: Infrastructure must also transition to HighlyAvailable + if target.Infrastructure != configv1.HighlyAvailableTopologyMode { + return checkFailed(CheckNameSupportedTransition, CheckSeverityError, + fmt.Sprintf("infrastructure must transition to HighlyAvailable with control plane (infrastructure: %s -> %s, control plane: %s -> %s)", + current.Infrastructure, target.Infrastructure, current.ControlPlane, target.ControlPlane)) + } + + // All constraints satisfied - this is a valid SNO → HA transition + return checkPassed(CheckNameSupportedTransition, CheckSeverityError) +} + +// validateFeatureGateEnabled checks that the MutableTopology feature gate is enabled. +// This is required for the Infrastructure.spec.controlPlaneTopology field to be mutable. +func (v *ClientSideValidator) validateFeatureGateEnabled(ctx context.Context) CheckResult { + featureGate, err := v.configClient.ConfigV1().FeatureGates().Get(ctx, FeatureGateResourceName, metav1.GetOptions{}) + if err != nil { + return CheckResult{ + Name: CheckNameFeatureGateEnabled, + Severity: CheckSeverityError, + Status: CheckStatusUnknown, + Message: fmt.Sprintf("failed to get FeatureGate resource: %v", err), + } + } + + // Check if FeatureGates status has at least one entry + if len(featureGate.Status.FeatureGates) == 0 { + return CheckResult{ + Name: CheckNameFeatureGateEnabled, + Severity: CheckSeverityError, + Status: CheckStatusFailed, + Message: "FeatureGate resource has no status entries", + } + } + + // Check if MutableTopology is enabled in the active version (first entry). + // FeatureGate.Status.FeatureGates is a listType=map with listMapKey=version. + // The first entry is the authoritative version matching the cluster's current version. + // This is per the API contract: "version matches the version provided by the ClusterVersion" + // and matches usage throughout oc (e.g., release/info.go). + activeVersion := featureGate.Status.FeatureGates[0] + for _, enabledFeature := range activeVersion.Enabled { + if string(enabledFeature.Name) == MutableTopologyFeatureGate { + return CheckResult{ + Name: CheckNameFeatureGateEnabled, + Severity: CheckSeverityError, + Status: CheckStatusPassed, + } + } + } + + // MutableTopology not found in enabled features for active version + return CheckResult{ + Name: CheckNameFeatureGateEnabled, + Severity: CheckSeverityError, + Status: CheckStatusFailed, + Message: fmt.Sprintf("%s feature gate is not enabled (required for topology transitions)", MutableTopologyFeatureGate), + } +} + +// validateClusterOperatorsStable checks that all ClusterOperators are stable. +// Stable means: Available=True, Progressing=False, Degraded=False +// Matches CCO's checkClusterOperatorsStable implementation. +func (v *ClientSideValidator) validateClusterOperatorsStable(ctx context.Context) CheckResult { + operators, err := v.configClient.ConfigV1().ClusterOperators().List(ctx, metav1.ListOptions{}) + if err != nil { + return CheckResult{ + Name: CheckNameClusterOperatorsStable, + Severity: CheckSeverityWarning, + Status: CheckStatusUnknown, + Message: fmt.Sprintf("failed to list cluster operators: %v", err), + } + } + + if len(operators.Items) == 0 { + return CheckResult{ + Name: CheckNameClusterOperatorsStable, + Severity: CheckSeverityWarning, + Status: CheckStatusFailed, + Message: "no cluster operators found", + } + } + + var unstable []string + for _, co := range operators.Items { + var issues []string + availableSeen, progressingSeen, degradedSeen := false, false, false + + for _, cond := range co.Status.Conditions { + switch cond.Type { + case ClusterOperatorAvailable: + availableSeen = true + if cond.Status != configv1.ConditionTrue { + issues = append(issues, "Available="+string(cond.Status)) + } + case ClusterOperatorProgressing: + progressingSeen = true + if cond.Status != configv1.ConditionFalse { + issues = append(issues, "Progressing="+string(cond.Status)) + } + case ClusterOperatorDegraded: + degradedSeen = true + if cond.Status != configv1.ConditionFalse { + issues = append(issues, "Degraded="+string(cond.Status)) + } + } + } + + if !availableSeen { + issues = append(issues, "Available condition missing") + } + if !progressingSeen { + issues = append(issues, "Progressing condition missing") + } + if !degradedSeen { + issues = append(issues, "Degraded condition missing") + } + + if len(issues) > 0 { + unstable = append(unstable, fmt.Sprintf("%s: %s", co.Name, strings.Join(issues, ", "))) + } + } + + if len(unstable) > 0 { + return CheckResult{ + Name: CheckNameClusterOperatorsStable, + Severity: CheckSeverityWarning, + Status: CheckStatusFailed, + Message: strings.Join(unstable, "; "), + } + } + + return CheckResult{ + Name: CheckNameClusterOperatorsStable, + Severity: CheckSeverityWarning, + Status: CheckStatusPassed, + } +} + +// validateControlPlaneNodeCount checks that at least the required number of control plane nodes exist. +// Control plane nodes are identified by node-role.kubernetes.io/control-plane or node-role.kubernetes.io/master labels. +func (v *ClientSideValidator) validateControlPlaneNodeCount(ctx context.Context, required int) CheckResult { + nodes, err := v.kubeClient.CoreV1().Nodes().List(ctx, metav1.ListOptions{}) + if err != nil { + return CheckResult{ + Name: CheckNameControlPlaneNodeCount, + Severity: CheckSeverityWarning, + Status: CheckStatusUnknown, + Message: fmt.Sprintf("failed to list nodes: %v", err), + } + } + + count := 0 + for _, node := range nodes.Items { + if isControlPlaneNode(&node) { + count++ + } + } + + if count < required { + return CheckResult{ + Name: CheckNameControlPlaneNodeCount, + Severity: CheckSeverityWarning, + Status: CheckStatusFailed, + Message: fmt.Sprintf("need %d, have %d", required, count), + } + } + + return CheckResult{ + Name: CheckNameControlPlaneNodeCount, + Severity: CheckSeverityWarning, + Status: CheckStatusPassed, + } +} + +// validateExactInfrastructureNodeCount checks that exactly the required number of infrastructure nodes exist. +// Infrastructure nodes are nodes WITHOUT the control-plane role (i.e., worker nodes). +// For HA Compact topology, this should be 0 (no dedicated workers). +func (v *ClientSideValidator) validateExactInfrastructureNodeCount(ctx context.Context, required int) CheckResult { + nodes, err := v.kubeClient.CoreV1().Nodes().List(ctx, metav1.ListOptions{}) + if err != nil { + return CheckResult{ + Name: CheckNameInfrastructureNodeCount, + Severity: CheckSeverityWarning, + Status: CheckStatusUnknown, + Message: fmt.Sprintf("failed to list nodes: %v", err), + } + } + + count := 0 + for _, node := range nodes.Items { + if !isControlPlaneNode(&node) { + count++ + } + } + + if count != required { + return CheckResult{ + Name: CheckNameInfrastructureNodeCount, + Severity: CheckSeverityWarning, + Status: CheckStatusFailed, + Message: fmt.Sprintf("need exactly %d, have %d (HighlyAvailable compact topology requires no dedicated worker nodes)", required, count), + } + } + + return CheckResult{ + Name: CheckNameInfrastructureNodeCount, + Severity: CheckSeverityWarning, + Status: CheckStatusPassed, + } +} + +// validateControlPlaneNodesSchedulable checks that the required number of control plane nodes are schedulable. +// Schedulable means the node does not have spec.Unschedulable=true and no NoSchedule taints. +func (v *ClientSideValidator) validateControlPlaneNodesSchedulable(ctx context.Context, required int) CheckResult { + nodes, err := v.kubeClient.CoreV1().Nodes().List(ctx, metav1.ListOptions{}) + if err != nil { + return CheckResult{ + Name: CheckNameControlPlaneNodesSchedulable, + Severity: CheckSeverityWarning, + Status: CheckStatusUnknown, + Message: fmt.Sprintf("failed to list nodes: %v", err), + } + } + + schedulable := 0 + for _, node := range nodes.Items { + if !isControlPlaneNode(&node) { + continue + } + if !node.Spec.Unschedulable && !hasNoScheduleTaint(&node) { + schedulable++ + } + } + + if schedulable < required { + return CheckResult{ + Name: CheckNameControlPlaneNodesSchedulable, + Severity: CheckSeverityWarning, + Status: CheckStatusFailed, + Message: fmt.Sprintf("need %d, have %d", required, schedulable), + } + } + + return CheckResult{ + Name: CheckNameControlPlaneNodesSchedulable, + Severity: CheckSeverityWarning, + Status: CheckStatusPassed, + } +} + +// validateControlPlaneNodesReady checks that the required number of control plane nodes are Ready. +// Ready means the node has a Ready=True condition. +func (v *ClientSideValidator) validateControlPlaneNodesReady(ctx context.Context, required int) CheckResult { + nodes, err := v.kubeClient.CoreV1().Nodes().List(ctx, metav1.ListOptions{}) + if err != nil { + return CheckResult{ + Name: CheckNameControlPlaneNodesReady, + Severity: CheckSeverityWarning, + Status: CheckStatusUnknown, + Message: fmt.Sprintf("failed to list nodes: %v", err), + } + } + + ready := 0 + for _, node := range nodes.Items { + if !isControlPlaneNode(&node) { + continue + } + for _, cond := range node.Status.Conditions { + if cond.Type == corev1.NodeReady && cond.Status == corev1.ConditionTrue { + ready++ + break + } + } + } + + if ready < required { + return CheckResult{ + Name: CheckNameControlPlaneNodesReady, + Severity: CheckSeverityWarning, + Status: CheckStatusFailed, + Message: fmt.Sprintf("need %d, have %d", required, ready), + } + } + + return CheckResult{ + Name: CheckNameControlPlaneNodesReady, + Severity: CheckSeverityWarning, + Status: CheckStatusPassed, + } +} + +// validateEtcdQuorum checks that etcd has quorum by checking the EtcdMembersAvailable condition. +func (v *ClientSideValidator) validateEtcdQuorum(ctx context.Context) CheckResult { + etcd, err := v.operatorClient.OperatorV1().Etcds().Get(ctx, EtcdOperatorResourceName, metav1.GetOptions{}) + if err != nil { + return CheckResult{ + Name: CheckNameEtcdQuorum, + Severity: CheckSeverityWarning, + Status: CheckStatusUnknown, + Message: fmt.Sprintf("failed to get etcd operator CR: %v", err), + } + } + + if !v1helpers.IsOperatorConditionTrue(etcd.Status.Conditions, EtcdMembersAvailableCondition) { + return CheckResult{ + Name: CheckNameEtcdQuorum, + Severity: CheckSeverityWarning, + Status: CheckStatusFailed, + Message: fmt.Sprintf("etcd does not have quorum (%s condition is not True)", EtcdMembersAvailableCondition), + } + } + + return CheckResult{ + Name: CheckNameEtcdQuorum, + Severity: CheckSeverityWarning, + Status: CheckStatusPassed, + } +} + +// validateEtcdNotProgressing checks that etcd is not currently scaling/progressing. +func (v *ClientSideValidator) validateEtcdNotProgressing(ctx context.Context) CheckResult { + etcd, err := v.operatorClient.OperatorV1().Etcds().Get(ctx, EtcdOperatorResourceName, metav1.GetOptions{}) + if err != nil { + return CheckResult{ + Name: CheckNameEtcdNotProgressing, + Severity: CheckSeverityWarning, + Status: CheckStatusUnknown, + Message: fmt.Sprintf("failed to get etcd operator CR: %v", err), + } + } + + if v1helpers.IsOperatorConditionTrue(etcd.Status.Conditions, EtcdProgressingCondition) { + return CheckResult{ + Name: CheckNameEtcdNotProgressing, + Severity: CheckSeverityWarning, + Status: CheckStatusFailed, + Message: "etcd is currently progressing (scaling in progress)", + } + } + + return CheckResult{ + Name: CheckNameEtcdNotProgressing, + Severity: CheckSeverityWarning, + Status: CheckStatusPassed, + } +} + +// validateEtcdVotingMembers checks that exactly the required number of etcd voting members exist. +// Reads the etcd-endpoints ConfigMap in openshift-etcd namespace. +// The number of keys in the ConfigMap Data equals the voting member count. +func (v *ClientSideValidator) validateEtcdVotingMembers(ctx context.Context, required int) CheckResult { + cm, err := v.kubeClient.CoreV1().ConfigMaps(EtcdNamespace).Get(ctx, EtcdEndpointsConfigMapName, metav1.GetOptions{}) + if err != nil { + return CheckResult{ + Name: CheckNameEtcdVotingMembers, + Severity: CheckSeverityWarning, + Status: CheckStatusUnknown, + Message: fmt.Sprintf("failed to get %s ConfigMap: %v", EtcdEndpointsConfigMapName, err), + } + } + + votingMembers := len(cm.Data) + if votingMembers != required { + return CheckResult{ + Name: CheckNameEtcdVotingMembers, + Severity: CheckSeverityWarning, + Status: CheckStatusFailed, + Message: fmt.Sprintf("need %d, have %d", required, votingMembers), + } + } + + return CheckResult{ + Name: CheckNameEtcdVotingMembers, + Severity: CheckSeverityWarning, + Status: CheckStatusPassed, + } +} + +// isControlPlaneNode returns true if the node has a control plane role label. +// Checks both node-role.kubernetes.io/control-plane and node-role.kubernetes.io/master (legacy). +func isControlPlaneNode(node *corev1.Node) bool { + _, hasControlPlane := node.Labels[NodeRoleLabelControlPlane] + _, hasMaster := node.Labels[NodeRoleLabelMaster] + return hasControlPlane || hasMaster +} + +// hasNoScheduleTaint returns true if the node has a NoSchedule taint. +func hasNoScheduleTaint(node *corev1.Node) bool { + for _, taint := range node.Spec.Taints { + if taint.Effect == corev1.TaintEffectNoSchedule { + return true + } + } + return false +} diff --git a/pkg/cli/admin/transition/preflight/client_validator_test.go b/pkg/cli/admin/transition/preflight/client_validator_test.go new file mode 100644 index 0000000000..bc68d78131 --- /dev/null +++ b/pkg/cli/admin/transition/preflight/client_validator_test.go @@ -0,0 +1,602 @@ +package preflight + +/* +================================================================================ +CLIENT-SIDE VALIDATOR TESTS +================================================================================ + +This file tests the ClientSideValidator implementation which duplicates CCO's +preflight validation logic for topology transitions. Tests use fake clients to +verify the orchestration logic and one representative test per validation pattern. + +TIERED VALIDATION APPROACH: + Phase 1: ALL Error-severity checks (blocking - show complete picture) + - Supported transition (CEL-based: only SNO -> HA) + - Feature gate enabled (MutableTopology) + + Phase 2: ALL Warning-severity checks (cluster readiness - bypassable) + - Cluster operators stable + - Control plane node count/schedulability/readiness + - etcd quorum/stability/voting member count + + Short-circuit after Phase 1 if ANY Error checks fail to avoid wasting time + checking cluster state when transition isn't even valid. + +-------------------------------------------------------------------------------- +TEST COVERAGE (18 test cases across 11 test functions) +-------------------------------------------------------------------------------- + +ORCHESTRATION (5 tests - complex logic) + - SNO -> HighlyAvailable, all checks pass - Full integration of 10 checks + - Already at target topology - Error check short-circuit logic + - Unsupported transition (HA -> SNO) - CEL transition validation + - Infrastructure stays SingleReplica - Validates infra must transition with CP + - Error checks pass, Warning checks fail - Tiered validation behavior + +FEATURE GATE (2 tests - complex parsing) + - MutableTopology enabled - Version array, enabled list parsing + - FeatureGate resource missing - Error handling + +VALIDATORS (8 subtests - smoke tests per pattern) + - ClusterOperators stable - Condition checking pattern + - Control plane node count (3) - Counting pattern + - Infrastructure node count (0) - Inverse counting (NOT control-plane) + - Control plane nodes schedulable - Taint checking + - Control plane nodes ready - Node condition iteration + - Etcd quorum available - library-go v1helpers usage + - Etcd not progressing - Etcd-specific conditions + - Etcd voting members (3) - ConfigMap data parsing + +TYPES (3 tests - status computation only) + - ValidationResult status all pass - Status computation logic + - ValidationResult status some fail - Status computation logic + - ClientSideValidator interface compliance - Interface implementation + +-------------------------------------------------------------------------------- +*/ + +import ( + "context" + "fmt" + "strings" + "testing" + + corev1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/client-go/kubernetes/fake" + + configv1 "github.com/openshift/api/config/v1" + operatorv1 "github.com/openshift/api/operator/v1" + fakeconfigclient "github.com/openshift/client-go/config/clientset/versioned/fake" + fakeoperatorclient "github.com/openshift/client-go/operator/clientset/versioned/fake" +) + +// TestValidate_SNOToHA_AllChecksPass tests the happy path: SNO → HighlyAvailable with all checks passing +func TestValidate_SNOToHA_AllChecksPass(t *testing.T) { + // Create healthy cluster state + kubeClient := fake.NewSimpleClientset( + // 3 healthy, schedulable, ready control plane nodes + newFakeNode("master-0", true, false, true, true), + newFakeNode("master-1", true, false, true, true), + newFakeNode("master-2", true, false, true, true), + // etcd-endpoints ConfigMap with 3 voting members + newFakeEtcdConfigMap(3), + ) + + configClient := fakeconfigclient.NewSimpleClientset( + // MutableTopology feature gate enabled + newFakeFeatureGate(true), + // 3 stable ClusterOperators + newFakeClusterOperator("kube-apiserver", true, false, false), + newFakeClusterOperator("etcd", true, false, false), + newFakeClusterOperator("network", true, false, false), + ) + + operatorClient := fakeoperatorclient.NewSimpleClientset( + // Healthy etcd operator: quorum available, not progressing + newFakeEtcdOperator(true, false), + ) + + validator := NewClientSideValidator(kubeClient, configClient, operatorClient) + + // Validate SNO → HA transition + current := TopologyState{ControlPlane: configv1.SingleReplicaTopologyMode, Infrastructure: configv1.SingleReplicaTopologyMode} + target := TopologyState{ControlPlane: configv1.HighlyAvailableTopologyMode, Infrastructure: configv1.HighlyAvailableTopologyMode} + result, err := validator.Validate(context.Background(), current, target) + + // Should complete without API error + if err != nil { + t.Fatalf("unexpected error: %v", err) + } + + // Should have Ready status (all checks passed) + if result.Status != ValidationStatusReady { + t.Errorf("expected status=Ready when all checks pass, got %s", result.Status) + } + + // Should have 10 checks total: 2 Error + 8 Warning + // Error: validateSupportedTransition, validateFeatureGateEnabled + // Warning: operators, 3x node checks, 3x etcd checks + expectedChecks := 10 + if len(result.Checks) != expectedChecks { + t.Errorf("expected %d checks, got %d", expectedChecks, len(result.Checks)) + } + + // All checks should have Passed status + for i, check := range result.Checks { + if check.Status != CheckStatusPassed { + t.Errorf("check %d (%s) expected status=Passed, got %s: %s", i, check.Name, check.Status, check.Message) + } + } + + // First two checks should be Error severity (Supported Transition, Feature Gate Enabled) + if result.Checks[0].Name != "Supported Transition" { + t.Errorf("expected first check to be 'Supported Transition', got %s", result.Checks[0].Name) + } + if result.Checks[0].Severity != CheckSeverityError { + t.Errorf("expected first check severity=Error, got %s", result.Checks[0].Severity) + } + + if result.Checks[1].Name != "Feature Gate Enabled" { + t.Errorf("expected second check to be 'Feature Gate Enabled', got %s", result.Checks[1].Name) + } + if result.Checks[1].Severity != CheckSeverityError { + t.Errorf("expected second check severity=Error, got %s", result.Checks[1].Severity) + } + + // Remaining checks should be Warning severity + for i := 2; i < len(result.Checks); i++ { + if result.Checks[i].Severity != CheckSeverityWarning { + t.Errorf("check %d (%s) expected severity=Warning, got %s", i, result.Checks[i].Name, result.Checks[i].Severity) + } + } +} + +// TestValidate_AlreadyAtTarget tests validation when already at target topology +func TestValidate_AlreadyAtTarget(t *testing.T) { + // Create validator with feature gate enabled (other resources not needed for this test) + validator := NewClientSideValidator( + fake.NewSimpleClientset(), + fakeconfigclient.NewSimpleClientset( + newFakeFeatureGate(true), + ), + fakeoperatorclient.NewSimpleClientset(), + ) + + // Attempt to transition when already at HA: HA → HA + current := TopologyState{ControlPlane: configv1.HighlyAvailableTopologyMode, Infrastructure: configv1.HighlyAvailableTopologyMode} + target := TopologyState{ControlPlane: configv1.HighlyAvailableTopologyMode, Infrastructure: configv1.HighlyAvailableTopologyMode} + result, err := validator.Validate(context.Background(), current, target) + + // Should complete without API error + if err != nil { + t.Fatalf("unexpected error: %v", err) + } + + // Should have Not Ready status due to Error-severity check failure + if result.Status != ValidationStatusNotReady { + t.Errorf("expected status=Not Ready when already at target, got %s", result.Status) + } + + // Should have at least one check (the supported transition check) + if len(result.Checks) == 0 { + t.Fatal("expected at least one check result") + } + + // First check should be "Supported Transition" with Failed status (already at target) + supportedTransitionCheck := result.Checks[0] + if supportedTransitionCheck.Name != "Supported Transition" { + t.Errorf("expected first check name='Supported Transition', got %s", supportedTransitionCheck.Name) + } + if supportedTransitionCheck.Status != CheckStatusFailed { + t.Errorf("expected first check status=Failed, got %s", supportedTransitionCheck.Status) + } + if supportedTransitionCheck.Severity != CheckSeverityError { + t.Errorf("expected first check severity=Error, got %s", supportedTransitionCheck.Severity) + } + + // Message should indicate cluster is already at target + if !strings.Contains(supportedTransitionCheck.Message, "cluster is already at target topology") { + t.Errorf("expected message about cluster already at target, got: %s", supportedTransitionCheck.Message) + } + + // Should short-circuit after Error-severity checks, so only Error checks should run + // Currently 2 Error checks (supported transition, feature gate), so only 2 checks total + if len(result.Checks) != 2 { + t.Errorf("expected only 2 checks (short-circuit after error phase), got %d", len(result.Checks)) + } +} + +// TestValidate_UnsupportedTransition tests HA → SNO (one-way only) +func TestValidate_UnsupportedTransition(t *testing.T) { + // Create validator with feature gate enabled (other resources not needed for this test) + validator := NewClientSideValidator( + fake.NewSimpleClientset(), + fakeconfigclient.NewSimpleClientset( + newFakeFeatureGate(true), + ), + fakeoperatorclient.NewSimpleClientset(), + ) + + // Attempt unsupported transition: HA → SNO + current := TopologyState{ControlPlane: configv1.HighlyAvailableTopologyMode, Infrastructure: configv1.HighlyAvailableTopologyMode} + target := TopologyState{ControlPlane: configv1.SingleReplicaTopologyMode, Infrastructure: configv1.SingleReplicaTopologyMode} + result, err := validator.Validate(context.Background(), current, target) + + // Should complete without API error + if err != nil { + t.Fatalf("unexpected error: %v", err) + } + + // Should have Not Ready status due to Error-severity check failure + if result.Status != ValidationStatusNotReady { + t.Errorf("expected status=Not Ready for unsupported transition, got %s", result.Status) + } + + // Should have at least one check (the supported transition check) + if len(result.Checks) == 0 { + t.Fatal("expected at least one check result") + } + + // First check should be "Supported Transition" which fails (HA -> SNO not supported) + supportedTransitionCheck := result.Checks[0] + if supportedTransitionCheck.Name != "Supported Transition" { + t.Errorf("expected first check name='Supported Transition', got %s", supportedTransitionCheck.Name) + } + if supportedTransitionCheck.Status != CheckStatusFailed { + t.Errorf("expected first check status=Failed, got %s", supportedTransitionCheck.Status) + } + if supportedTransitionCheck.Severity != CheckSeverityError { + t.Errorf("expected first check severity=Error, got %s", supportedTransitionCheck.Severity) + } + + // Should short-circuit after Error-severity checks, so only 2 checks should run + if len(result.Checks) != 2 { + t.Errorf("expected only 2 checks (short-circuit after error phase), got %d", len(result.Checks)) + } +} + +// TestValidate_InfrastructureStaysAtSingleReplica tests that trying to transition CP to HA +// while keeping infrastructure at SingleReplica is rejected +func TestValidate_InfrastructureStaysAtSingleReplica(t *testing.T) { + // Create validator with feature gate enabled (other resources not needed for this test) + validator := NewClientSideValidator( + fake.NewSimpleClientset(), + fakeconfigclient.NewSimpleClientset( + newFakeFeatureGate(true), + ), + fakeoperatorclient.NewSimpleClientset(), + ) + + // Attempt invalid transition: CP SNO → HA, but Infra stays at SingleReplica + current := TopologyState{ControlPlane: configv1.SingleReplicaTopologyMode, Infrastructure: configv1.SingleReplicaTopologyMode} + target := TopologyState{ControlPlane: configv1.HighlyAvailableTopologyMode, Infrastructure: configv1.SingleReplicaTopologyMode} + result, err := validator.Validate(context.Background(), current, target) + + // Should complete without API error + if err != nil { + t.Fatalf("unexpected error: %v", err) + } + + // Should have Not Ready status due to Error-severity check failure + if result.Status != ValidationStatusNotReady { + t.Errorf("expected status=Not Ready for invalid infrastructure target, got %s", result.Status) + } + + // Should have at least one check (the supported transition check) + if len(result.Checks) == 0 { + t.Fatal("expected at least one check result") + } + + // First check should be "Supported Transition" which fails + supportedTransitionCheck := result.Checks[0] + if supportedTransitionCheck.Name != "Supported Transition" { + t.Errorf("expected first check name='Supported Transition', got %s", supportedTransitionCheck.Name) + } + if supportedTransitionCheck.Status != CheckStatusFailed { + t.Errorf("expected first check status=Failed, got %s", supportedTransitionCheck.Status) + } + if supportedTransitionCheck.Severity != CheckSeverityError { + t.Errorf("expected first check severity=Error, got %s", supportedTransitionCheck.Severity) + } + + // Message should indicate infrastructure must transition to HighlyAvailable + if !strings.Contains(supportedTransitionCheck.Message, "infrastructure must transition to HighlyAvailable with control plane") { + t.Errorf("expected message about infrastructure requirement, got: %s", supportedTransitionCheck.Message) + } + + // Should short-circuit after Error-severity checks, so only 2 checks should run + if len(result.Checks) != 2 { + t.Errorf("expected only 2 checks (short-circuit after error phase), got %d", len(result.Checks)) + } +} + +// TestValidateFeatureGateEnabled_Enabled tests feature gate check with MutableTopology enabled +func TestValidateFeatureGateEnabled_Enabled(t *testing.T) { + validator := NewClientSideValidator( + fake.NewSimpleClientset(), + fakeconfigclient.NewSimpleClientset( + newFakeFeatureGate(true), + ), + fakeoperatorclient.NewSimpleClientset(), + ) + + result := validator.validateFeatureGateEnabled(context.Background()) + + if result.Name != CheckNameFeatureGateEnabled { + t.Errorf("expected check name='Feature Gate Enabled', got %s", result.Name) + } + if result.Severity != CheckSeverityError { + t.Errorf("expected severity=Error, got %s", result.Severity) + } + if result.Status != CheckStatusPassed { + t.Errorf("expected status=Passed when feature gate enabled, got %s: %s", result.Status, result.Message) + } +} + +// TestValidateFeatureGateEnabled_Missing tests feature gate check with FeatureGate resource missing +func TestValidateFeatureGateEnabled_Missing(t *testing.T) { + validator := NewClientSideValidator( + fake.NewSimpleClientset(), + fakeconfigclient.NewSimpleClientset(), + fakeoperatorclient.NewSimpleClientset(), + ) + + result := validator.validateFeatureGateEnabled(context.Background()) + + if result.Name != CheckNameFeatureGateEnabled { + t.Errorf("expected check name='Feature Gate Enabled', got %s", result.Name) + } + if result.Severity != CheckSeverityError { + t.Errorf("expected severity=Error, got %s", result.Severity) + } + if result.Status != CheckStatusUnknown { + t.Errorf("expected status=Unknown when FeatureGate resource missing, got %s", result.Status) + } +} + +// Individual validator tests have been consolidated into validator_helpers_test.go +// using a table-driven approach for better maintainability and reduced code duplication. + +// ============================================================================ +// HELPER FUNCTIONS FOR BUILDING TEST FIXTURES +// ============================================================================ + +// newFakeFeatureGate creates a FeatureGate resource with MutableTopology enabled or disabled +func newFakeFeatureGate(enabled bool) *configv1.FeatureGate { + fg := &configv1.FeatureGate{ + ObjectMeta: metav1.ObjectMeta{Name: "cluster"}, + Status: configv1.FeatureGateStatus{ + FeatureGates: []configv1.FeatureGateDetails{ + { + Version: "4.18", + Enabled: []configv1.FeatureGateAttributes{}, + Disabled: []configv1.FeatureGateAttributes{}, + }, + }, + }, + } + + if enabled { + fg.Status.FeatureGates[0].Enabled = append(fg.Status.FeatureGates[0].Enabled, configv1.FeatureGateAttributes{ + Name: "MutableTopology", + }) + } else { + fg.Status.FeatureGates[0].Disabled = append(fg.Status.FeatureGates[0].Disabled, configv1.FeatureGateAttributes{ + Name: "MutableTopology", + }) + } + + return fg +} + +// newFakeClusterOperator creates a ClusterOperator with specified conditions +func newFakeClusterOperator(name string, available, progressing, degraded bool) *configv1.ClusterOperator { + return &configv1.ClusterOperator{ + ObjectMeta: metav1.ObjectMeta{Name: name}, + Status: configv1.ClusterOperatorStatus{ + Conditions: []configv1.ClusterOperatorStatusCondition{ + { + Type: configv1.OperatorAvailable, + Status: boolToConfigConditionStatus(available), + }, + { + Type: configv1.OperatorProgressing, + Status: boolToConfigConditionStatus(progressing), + }, + { + Type: configv1.OperatorDegraded, + Status: boolToConfigConditionStatus(degraded), + }, + }, + }, + } +} + +// newFakeNode creates a Node with specified properties +func newFakeNode(name string, controlPlane, worker, ready, schedulable bool) *corev1.Node { + node := &corev1.Node{ + ObjectMeta: metav1.ObjectMeta{ + Name: name, + Labels: map[string]string{}, + }, + Spec: corev1.NodeSpec{}, + Status: corev1.NodeStatus{ + Conditions: []corev1.NodeCondition{}, + }, + } + + // Add role labels + if controlPlane { + node.Labels["node-role.kubernetes.io/control-plane"] = "" + node.Labels["node-role.kubernetes.io/master"] = "" // Legacy label + } + if worker { + node.Labels["node-role.kubernetes.io/worker"] = "" + } + + // Add Ready condition + node.Status.Conditions = append(node.Status.Conditions, corev1.NodeCondition{ + Type: corev1.NodeReady, + Status: boolToConditionStatus(ready), + }) + + // Add unschedulable taint if not schedulable + if !schedulable { + node.Spec.Taints = append(node.Spec.Taints, corev1.Taint{ + Key: "node.kubernetes.io/unschedulable", + Effect: corev1.TaintEffectNoSchedule, + }) + } + + return node +} + +// newFakeEtcdOperator creates an Etcd operator resource with specified conditions +func newFakeEtcdOperator(quorum, progressing bool) *operatorv1.Etcd { + etcd := &operatorv1.Etcd{ + ObjectMeta: metav1.ObjectMeta{Name: "cluster"}, + } + // EtcdStatus embeds StaticPodOperatorStatus which embeds OperatorStatus + // We need to set Conditions on the embedded OperatorStatus + etcd.Status.Conditions = []operatorv1.OperatorCondition{ + { + Type: "EtcdMembersAvailable", + Status: boolToOperatorConditionStatus(quorum), + }, + { + Type: operatorv1.OperatorStatusTypeProgressing, + Status: boolToOperatorConditionStatus(progressing), + }, + } + return etcd +} + +// newFakeEtcdConfigMap creates a ConfigMap with etcd member list +// The number of keys in Data corresponds to the number of voting members +func newFakeEtcdConfigMap(votingMembers int) *corev1.ConfigMap { + cm := &corev1.ConfigMap{ + ObjectMeta: metav1.ObjectMeta{ + Name: "etcd-endpoints", + Namespace: "openshift-etcd", + }, + Data: map[string]string{}, + } + + // Add one entry per voting member + // The actual format is: : + for i := 0; i < votingMembers; i++ { + nodeName := fmt.Sprintf("master-%d", i) + endpoint := fmt.Sprintf("https://10.0.0.%d:2379", i+1) + cm.Data[nodeName] = endpoint + } + + return cm +} + +// boolToConditionStatus converts bool to corev1.ConditionStatus +func boolToConditionStatus(b bool) corev1.ConditionStatus { + if b { + return corev1.ConditionTrue + } + return corev1.ConditionFalse +} + +// boolToConfigConditionStatus converts bool to configv1.ConditionStatus +func boolToConfigConditionStatus(b bool) configv1.ConditionStatus { + if b { + return configv1.ConditionTrue + } + return configv1.ConditionFalse +} + +// boolToOperatorConditionStatus converts bool to operatorv1.ConditionStatus +func boolToOperatorConditionStatus(b bool) operatorv1.ConditionStatus { + if b { + return operatorv1.ConditionTrue + } + return operatorv1.ConditionFalse +} + +// TestValidate_WarningFailures verifies behavior when Error checks pass but Warning checks fail. +// This tests the tiered validation approach: even though Error checks (transition support, +// feature gate) pass, Warning checks (cluster readiness) can still block the transition +// unless --allow-transition-with-warnings is used. +func TestValidate_WarningFailures(t *testing.T) { + // Create fake clients with: + // - Supported transition: SNO → HA (Error check passes) + // - Feature gate enabled (Error check passes) + // - Degraded cluster operator (Warning check fails) + + configClient := fakeconfigclient.NewSimpleClientset( + &configv1.Infrastructure{ + ObjectMeta: metav1.ObjectMeta{Name: "cluster"}, + Status: configv1.InfrastructureStatus{ + ControlPlaneTopology: configv1.SingleReplicaTopologyMode, + }, + }, + &configv1.FeatureGate{ + ObjectMeta: metav1.ObjectMeta{Name: "cluster"}, + Status: configv1.FeatureGateStatus{ + FeatureGates: []configv1.FeatureGateDetails{ + { + Version: "4.18", + Enabled: []configv1.FeatureGateAttributes{ + {Name: "MutableTopology"}, + }, + }, + }, + }, + }, + // Degraded cluster operator → Warning check fails + newFakeClusterOperator("kube-apiserver", true, false, true), + ) + + kubeClient := fake.NewSimpleClientset( + newFakeNode("master-0", true, false, true, true), + newFakeNode("master-1", true, false, true, true), + newFakeNode("master-2", true, false, true, true), + newFakeEtcdConfigMap(3), + ) + + operatorClient := fakeoperatorclient.NewSimpleClientset( + newFakeEtcdOperator(true, false), + ) + + v := NewClientSideValidator(kubeClient, configClient, operatorClient) + + current := TopologyState{ControlPlane: configv1.SingleReplicaTopologyMode, Infrastructure: configv1.SingleReplicaTopologyMode} + target := TopologyState{ControlPlane: configv1.HighlyAvailableTopologyMode, Infrastructure: configv1.HighlyAvailableTopologyMode} + result, err := v.Validate(context.Background(), current, target) + if err != nil { + t.Fatalf("unexpected error: %v", err) + } + + // Verify Error checks passed (should have 2: Supported Transition, Feature Gate) + errorChecksPassed := 0 + for _, check := range result.Checks { + if check.Severity == CheckSeverityError && check.Status == CheckStatusPassed { + errorChecksPassed++ + } + } + if errorChecksPassed < 2 { + t.Errorf("expected at least 2 Error checks to pass, got %d", errorChecksPassed) + } + + // Verify the ClusterOperators check specifically failed (degraded operator) + clusterOperatorsCheckFailed := false + for _, check := range result.Checks { + if check.Name == CheckNameClusterOperatorsStable && check.Severity == CheckSeverityWarning && check.Status == CheckStatusFailed { + clusterOperatorsCheckFailed = true + break + } + } + if !clusterOperatorsCheckFailed { + t.Error("expected ClusterOperators check to fail due to degraded operator") + } + + // Verify overall status is Not Ready + if result.Status != ValidationStatusNotReady { + t.Errorf("expected status=Not Ready when Warning checks fail, got %s", result.Status) + } +} diff --git a/pkg/cli/admin/transition/preflight/constants.go b/pkg/cli/admin/transition/preflight/constants.go new file mode 100644 index 0000000000..ac0ddcd060 --- /dev/null +++ b/pkg/cli/admin/transition/preflight/constants.go @@ -0,0 +1,87 @@ +package preflight + +import ( + configv1 "github.com/openshift/api/config/v1" +) + +// Topology transition requirements for HighlyAvailable Compact topology +const ( + // RequiredControlPlaneNodeCount is the minimum number of control plane nodes required for HA topology + RequiredControlPlaneNodeCount = 3 + + // RequiredInfrastructureNodeCount is the required number of infrastructure nodes for HA Compact topology + // (must be 0 - no dedicated workers allowed) + RequiredInfrastructureNodeCount = 0 + + // RequiredEtcdVotingMembers is the required number of etcd voting members for HA topology + RequiredEtcdVotingMembers = 3 +) + +// Kubernetes and OpenShift resource names +const ( + // InfrastructureResourceName is the name of the cluster-scoped Infrastructure resource + InfrastructureResourceName = "cluster" + + // EtcdOperatorResourceName is the name of the cluster-scoped Etcd operator resource + EtcdOperatorResourceName = "cluster" + + // FeatureGateResourceName is the name of the cluster-scoped FeatureGate resource + FeatureGateResourceName = "cluster" + + // EtcdNamespace is the namespace where etcd resources are located + EtcdNamespace = "openshift-etcd" + + // EtcdEndpointsConfigMapName is the name of the ConfigMap containing etcd endpoints + // The number of keys in this ConfigMap equals the number of etcd voting members + EtcdEndpointsConfigMapName = "etcd-endpoints" +) + +// ClusterOperator condition types +const ( + // ClusterOperatorAvailable indicates the operand is available + ClusterOperatorAvailable configv1.ClusterStatusConditionType = configv1.OperatorAvailable + + // ClusterOperatorProgressing indicates the operand is being updated + ClusterOperatorProgressing configv1.ClusterStatusConditionType = configv1.OperatorProgressing + + // ClusterOperatorDegraded indicates the operand is degraded + ClusterOperatorDegraded configv1.ClusterStatusConditionType = configv1.OperatorDegraded +) + +// Etcd operator condition types +const ( + // EtcdMembersAvailableCondition indicates etcd has quorum + EtcdMembersAvailableCondition = "EtcdMembersAvailable" + + // EtcdProgressingCondition indicates etcd is scaling/progressing + EtcdProgressingCondition = "Progressing" +) + +// Feature gate names +const ( + // MutableTopologyFeatureGate is the feature gate that enables topology transitions + MutableTopologyFeatureGate = "MutableTopology" +) + +// Check names (used in CheckResult.Name field) +const ( + CheckNameSupportedTransition = "Supported Transition" + CheckNameFeatureGateEnabled = "Feature Gate Enabled" + CheckNameClusterOperatorsStable = "Cluster Operators Stable" + CheckNameControlPlaneNodeCount = "Control Plane Node Count" + CheckNameInfrastructureNodeCount = "Infrastructure Node Count" + CheckNameControlPlaneNodesSchedulable = "Control Plane Nodes Schedulable" + CheckNameControlPlaneNodesReady = "Control Plane Nodes Ready" + CheckNameEtcdQuorum = "etcd Quorum" + CheckNameEtcdNotProgressing = "etcd Not Progressing" + CheckNameEtcdVotingMembers = "etcd Voting Members" +) + +// Node role labels +const ( + // NodeRoleLabelControlPlane is the label for control plane nodes + NodeRoleLabelControlPlane = "node-role.kubernetes.io/control-plane" + + // NodeRoleLabelMaster is the legacy label for control plane nodes + NodeRoleLabelMaster = "node-role.kubernetes.io/master" +) diff --git a/pkg/cli/admin/transition/preflight/types.go b/pkg/cli/admin/transition/preflight/types.go new file mode 100644 index 0000000000..6c7471c613 --- /dev/null +++ b/pkg/cli/admin/transition/preflight/types.go @@ -0,0 +1,232 @@ +package preflight + +import ( + "context" + "fmt" + "strings" + + configv1 "github.com/openshift/api/config/v1" +) + +// TopologyState represents the control plane and infrastructure topology modes +type TopologyState struct { + ControlPlane configv1.TopologyMode + Infrastructure configv1.TopologyMode +} + +// Validator validates whether a topology transition is possible. +// This interface allows swapping between client-side validation (current) +// and status-published validation (future) without changing command code. +type Validator interface { + // Validate checks if transition to target topology is possible. + // Returns validation results for each check and overall availability. + Validate(ctx context.Context, current, target TopologyState) (*ValidationResult, error) +} + +// CheckSeverity indicates the severity of a validation check failure. +type CheckSeverity string + +const ( + // CheckSeverityError indicates a check failure that blocks the transition. + // Cannot be bypassed with --allow-transition-with-warnings. + // Example: Unsupported transition (HA → SNO). + CheckSeverityError CheckSeverity = "Error" + + // CheckSeverityWarning indicates a check failure that can be bypassed. + // Can proceed with --allow-transition-with-warnings. + // Example: Insufficient node count, etcd quorum issues. + CheckSeverityWarning CheckSeverity = "Warning" +) + +// CheckStatus represents the outcome of a validation check. +type CheckStatus string + +const ( + // CheckStatusPassed indicates the check succeeded + CheckStatusPassed CheckStatus = "Passed" + // CheckStatusFailed indicates the check failed (known issue blocking transition) + CheckStatusFailed CheckStatus = "Failed" + // CheckStatusUnknown indicates the check could not complete (API error, etc.) + CheckStatusUnknown CheckStatus = "Unknown" +) + +// ValidationStatus represents the overall outcome of validation. +type ValidationStatus string + +const ( + // ValidationStatusReady indicates the transition can proceed (all checks passed) + ValidationStatusReady ValidationStatus = "Ready" + // ValidationStatusNotReady indicates the transition cannot proceed (checks failed) + ValidationStatusNotReady ValidationStatus = "Not Ready" + // ValidationStatusUnknown indicates validation could not complete (API errors, etc.) + ValidationStatusUnknown ValidationStatus = "Unknown" +) + +// ValidationResult contains the outcome of preflight validation checks +// for a topology transition. +type ValidationResult struct { + // Current topology state of the cluster + Current TopologyState + + // Target topology state being validated + Target TopologyState + + // Status indicates the overall validation outcome + Status ValidationStatus + + // Checks contains individual validation check results + Checks []CheckResult +} + +// NewValidationResult creates a new validation result with status initialized to Unknown +func NewValidationResult(current, target TopologyState) *ValidationResult { + return &ValidationResult{ + Current: current, + Target: target, + Status: ValidationStatusUnknown, // Unknown until checks run + Checks: []CheckResult{}, + } +} + +// CheckResult represents the outcome of a single validation check. +type CheckResult struct { + // Name is the human-readable name of the check + Name string + + // Severity indicates whether a check failure blocks the transition + Severity CheckSeverity + + // Status indicates whether the check passed, failed, or could not complete + Status CheckStatus + + // Message provides details about the check result. + // Empty for passed checks, contains error details for failed/unknown checks. + Message string +} + +// AddCheck appends a check result to the validation result and updates overall status +func (vr *ValidationResult) AddCheck(check CheckResult) { + // Check if this is the first check (to distinguish initial Unknown from API error Unknown) + isFirstCheck := len(vr.Checks) == 0 + + vr.Checks = append(vr.Checks, check) + + // Update overall status based on check results + // Priority: Unknown (API error) > Not Ready (check failed) > Ready (all passed) + switch check.Status { + case CheckStatusPassed: + // Set to Ready if this is the first check (initial Unknown state) + // Keep Ready if already Ready + // Do NOT transition from Unknown to Ready if Unknown came from a previous API error + if isFirstCheck && vr.Status == ValidationStatusUnknown { + vr.Status = ValidationStatusReady + } else if vr.Status == ValidationStatusReady { + // Keep Ready status + } + // else: keep current status (Not Ready/Unknown from previous checks) + + case CheckStatusFailed: + // Set to Not Ready if this is the first check (initial Unknown state) OR status is Ready + // Keep Unknown if it came from a previous API error (len(vr.Checks) > 1 && status is Unknown) + if isFirstCheck || vr.Status == ValidationStatusReady { + vr.Status = ValidationStatusNotReady + } + // else: keep Unknown status from previous API error + + case CheckStatusUnknown: + // Unknown (API error) takes precedence over everything + vr.Status = ValidationStatusUnknown + } +} + +// HasErrorCheckFailures returns true if any Error-severity checks failed or are unknown. +// Error-severity checks cannot be bypassed with --allow-transition-with-warnings. +func (vr *ValidationResult) HasErrorCheckFailures() bool { + for _, check := range vr.Checks { + if check.Severity == CheckSeverityError && check.Status != CheckStatusPassed { + return true + } + } + return false +} + +// HasWarningCheckFailures returns true if any Warning-severity checks failed or are unknown. +// Warning-severity checks can be bypassed with --allow-transition-with-warnings. +func (vr *ValidationResult) HasWarningCheckFailures() bool { + for _, check := range vr.Checks { + if check.Severity == CheckSeverityWarning && check.Status != CheckStatusPassed { + return true + } + } + return false +} + +// Error returns an aggregate error if the validation status is not Available. +// Returns nil if status is Available. +func (vr *ValidationResult) Error() error { + if vr.Status == ValidationStatusReady { + return nil + } + + var errorFailed, errorUnknown []string + var warningFailed, warningUnknown []string + + for _, check := range vr.Checks { + var dest *[]string + switch check.Status { + case CheckStatusFailed: + if check.Severity == CheckSeverityError { + dest = &errorFailed + } else { + dest = &warningFailed + } + case CheckStatusUnknown: + if check.Severity == CheckSeverityError { + dest = &errorUnknown + } else { + dest = &warningUnknown + } + default: + continue + } + *dest = append(*dest, fmt.Sprintf("%s: %s", check.Name, check.Message)) + } + + var parts []string + + // Error-severity checks listed first (cannot be bypassed) + if len(errorFailed) > 0 { + parts = append(parts, fmt.Sprintf("%d error(s):\n - %s", len(errorFailed), strings.Join(errorFailed, "\n - "))) + } + if len(errorUnknown) > 0 { + parts = append(parts, fmt.Sprintf("%d error(s) - could not complete:\n - %s", len(errorUnknown), strings.Join(errorUnknown, "\n - "))) + } + + // Warning-severity checks listed second (can be bypassed) + if len(warningFailed) > 0 { + parts = append(parts, fmt.Sprintf("%d warning(s):\n - %s", len(warningFailed), strings.Join(warningFailed, "\n - "))) + } + if len(warningUnknown) > 0 { + parts = append(parts, fmt.Sprintf("%d warning(s) - could not complete:\n - %s", len(warningUnknown), strings.Join(warningUnknown, "\n - "))) + } + + if len(parts) == 0 { + return nil + } + + return fmt.Errorf("%s", strings.Join(parts, "\n\n")) +} + +// String returns a formatted string representation of the check result +func (cr CheckResult) String() string { + switch cr.Status { + case CheckStatusPassed: + return fmt.Sprintf(" %s: passed", cr.Name) + case CheckStatusFailed: + return fmt.Sprintf(" %s: %s", cr.Name, cr.Message) + case CheckStatusUnknown: + return fmt.Sprintf(" %s: unknown (%s)", cr.Name, cr.Message) + default: + return fmt.Sprintf(" %s: %s", cr.Name, cr.Message) + } +} diff --git a/pkg/cli/admin/transition/preflight/types_test.go b/pkg/cli/admin/transition/preflight/types_test.go new file mode 100644 index 0000000000..458766f46f --- /dev/null +++ b/pkg/cli/admin/transition/preflight/types_test.go @@ -0,0 +1,88 @@ +package preflight + +/* +================================================================================ +PREFLIGHT TYPES TESTS +================================================================================ + +This file tests the types and interfaces used by the preflight validation system. +These types form the abstraction layer that allows swapping between client-side +and status-published validation implementations. + +-------------------------------------------------------------------------------- +TEST COVERAGE AT-A-GLANCE +-------------------------------------------------------------------------------- + +VALIDATION RESULT CONSTRUCTION + - NewValidationResult creates result with current and target + - NewValidationResult initializes status to Unknown + - NewValidationResult initializes empty checks slice + +VALIDATION RESULT METHODS + - AddCheckResult appends to checks slice + - AddCheckResult maintains order + - Status becomes Available when all checks pass + - Status becomes Unavailable when a check fails + - Status becomes Unknown when a check is unknown + +CHECK RESULT CONSTRUCTION + - CheckResult fields set correctly + +CHECK RESULT METHODS + - String() formats passed check correctly + - String() formats failed check with message + - String() formats unknown check with message + +VALIDATOR INTERFACE (CONTRACT TESTS) + - ClientSideValidator implements Validator interface + - (FUTURE) StatusPublishedValidator implements Validator interface + +-------------------------------------------------------------------------------- +*/ + +import ( + "testing" + + configv1 "github.com/openshift/api/config/v1" +) + +// TestNewValidationResult tests ValidationResult construction +// TestValidationResult_AddCheckResult tests adding check results +// TestValidationResult_Status_AllPass tests status when all checks pass +func TestValidationResult_Status_AllPass(t *testing.T) { + current := TopologyState{ControlPlane: configv1.SingleReplicaTopologyMode, Infrastructure: configv1.SingleReplicaTopologyMode} + target := TopologyState{ControlPlane: configv1.HighlyAvailableTopologyMode, Infrastructure: configv1.HighlyAvailableTopologyMode} + result := NewValidationResult(current, target) + + result.AddCheck(CheckResult{Name: "Check 1", Severity: CheckSeverityWarning, Status: CheckStatusPassed}) + result.AddCheck(CheckResult{Name: "Check 2", Severity: CheckSeverityError, Status: CheckStatusPassed}) + + if result.Status != ValidationStatusReady { + t.Errorf("expected status=Ready when all checks pass, got %s", result.Status) + } +} + +// TestValidationResult_Status_SomeFail tests status when checks fail +func TestValidationResult_Status_SomeFail(t *testing.T) { + current := TopologyState{ControlPlane: configv1.SingleReplicaTopologyMode, Infrastructure: configv1.SingleReplicaTopologyMode} + target := TopologyState{ControlPlane: configv1.HighlyAvailableTopologyMode, Infrastructure: configv1.HighlyAvailableTopologyMode} + result := NewValidationResult(current, target) + + result.AddCheck(CheckResult{Name: "Check 1", Severity: CheckSeverityWarning, Status: CheckStatusPassed}) + result.AddCheck(CheckResult{Name: "Check 2", Severity: CheckSeverityError, Status: CheckStatusFailed, Message: "failed"}) + + if result.Status != ValidationStatusNotReady { + t.Errorf("expected status=Not Ready when a check fails, got %s", result.Status) + } +} + +// TestValidationResult_Status_Unknown tests status when a check is unknown +// TestCheckResult_Construction tests CheckResult construction +// TestCheckResult_String_Passed tests formatting of passed check +// TestCheckResult_String_Failed tests formatting of failed check with message +// TestCheckResult_String_Unknown tests formatting of unknown check +// TestClientSideValidator_ImplementsInterface tests interface compliance +func TestClientSideValidator_ImplementsInterface(t *testing.T) { + // Compile-time check that ClientSideValidator implements Validator + var _ Validator = (*ClientSideValidator)(nil) +} diff --git a/pkg/cli/admin/transition/preflight/validator_helpers_test.go b/pkg/cli/admin/transition/preflight/validator_helpers_test.go new file mode 100644 index 0000000000..3a963a4124 --- /dev/null +++ b/pkg/cli/admin/transition/preflight/validator_helpers_test.go @@ -0,0 +1,250 @@ +package preflight + +/* +================================================================================ +INDIVIDUAL VALIDATOR TESTS +================================================================================ + +This file tests individual validator methods in isolation. Each test verifies +that a specific validation function (validateClusterOperatorsStable, +validateControlPlaneNodeCount, etc.) correctly checks a particular aspect of +cluster readiness and returns the expected CheckResult. + +These tests complement the orchestration tests in client_validator_test.go +which test the full Validate() flow with all checks integrated. + +-------------------------------------------------------------------------------- +TEST COVERAGE (8 subtests) +-------------------------------------------------------------------------------- + +INDIVIDUAL VALIDATORS + - ClusterOperators stable - Condition checking pattern + - Control plane node count (3) - Counting pattern + - Infrastructure node count (0) - Inverse counting (NOT control-plane) + - Control plane nodes schedulable - Taint checking + - Control plane nodes ready - Node condition iteration + - Etcd quorum available - library-go v1helpers usage + - Etcd not progressing - Etcd-specific conditions + - Etcd voting members (3) - ConfigMap data parsing + +-------------------------------------------------------------------------------- +*/ + +import ( + "context" + "testing" + + fakeconfigclient "github.com/openshift/client-go/config/clientset/versioned/fake" + fakeoperatorclient "github.com/openshift/client-go/operator/clientset/versioned/fake" + fake "k8s.io/client-go/kubernetes/fake" +) + +// validatorTestCase defines a test case for individual validator methods +type validatorTestCase struct { + name string + setupKube func() *fake.Clientset + setupConfig func() *fakeconfigclient.Clientset + setupOperator func() *fakeoperatorclient.Clientset + validate func(*ClientSideValidator) CheckResult + expectedName string + expectedSeverity CheckSeverity + expectedStatus CheckStatus +} + +// TestIndividualValidators tests individual validator methods using table-driven approach +func TestIndividualValidators(t *testing.T) { + testCases := []validatorTestCase{ + { + name: "ClusterOperators stable - all healthy", + setupKube: func() *fake.Clientset { + return fake.NewSimpleClientset() + }, + setupConfig: func() *fakeconfigclient.Clientset { + return fakeconfigclient.NewSimpleClientset( + newFakeClusterOperator("kube-apiserver", true, false, false), + newFakeClusterOperator("etcd", true, false, false), + ) + }, + setupOperator: func() *fakeoperatorclient.Clientset { + return fakeoperatorclient.NewSimpleClientset() + }, + validate: func(v *ClientSideValidator) CheckResult { + return v.validateClusterOperatorsStable(context.Background()) + }, + expectedName: CheckNameClusterOperatorsStable, + expectedSeverity: CheckSeverityWarning, + expectedStatus: CheckStatusPassed, + }, + { + name: "Control plane node count - exactly 3", + setupKube: func() *fake.Clientset { + return fake.NewSimpleClientset( + newFakeNode("master-0", true, false, true, true), + newFakeNode("master-1", true, false, true, true), + newFakeNode("master-2", true, false, true, true), + ) + }, + setupConfig: func() *fakeconfigclient.Clientset { + return fakeconfigclient.NewSimpleClientset() + }, + setupOperator: func() *fakeoperatorclient.Clientset { + return fakeoperatorclient.NewSimpleClientset() + }, + validate: func(v *ClientSideValidator) CheckResult { + return v.validateControlPlaneNodeCount(context.Background(), 3) + }, + expectedName: CheckNameControlPlaneNodeCount, + expectedSeverity: CheckSeverityWarning, + expectedStatus: CheckStatusPassed, + }, + { + name: "Infrastructure node count - no workers (compact topology)", + setupKube: func() *fake.Clientset { + return fake.NewSimpleClientset( + newFakeNode("master-0", true, false, true, true), + newFakeNode("master-1", true, false, true, true), + newFakeNode("master-2", true, false, true, true), + ) + }, + setupConfig: func() *fakeconfigclient.Clientset { + return fakeconfigclient.NewSimpleClientset() + }, + setupOperator: func() *fakeoperatorclient.Clientset { + return fakeoperatorclient.NewSimpleClientset() + }, + validate: func(v *ClientSideValidator) CheckResult { + return v.validateExactInfrastructureNodeCount(context.Background(), 0) + }, + expectedName: CheckNameInfrastructureNodeCount, + expectedSeverity: CheckSeverityWarning, + expectedStatus: CheckStatusPassed, + }, + { + name: "Control plane nodes schedulable - all 3 schedulable", + setupKube: func() *fake.Clientset { + return fake.NewSimpleClientset( + newFakeNode("master-0", true, false, true, true), + newFakeNode("master-1", true, false, true, true), + newFakeNode("master-2", true, false, true, true), + ) + }, + setupConfig: func() *fakeconfigclient.Clientset { + return fakeconfigclient.NewSimpleClientset() + }, + setupOperator: func() *fakeoperatorclient.Clientset { + return fakeoperatorclient.NewSimpleClientset() + }, + validate: func(v *ClientSideValidator) CheckResult { + return v.validateControlPlaneNodesSchedulable(context.Background(), 3) + }, + expectedName: CheckNameControlPlaneNodesSchedulable, + expectedSeverity: CheckSeverityWarning, + expectedStatus: CheckStatusPassed, + }, + { + name: "Control plane nodes ready - all 3 ready", + setupKube: func() *fake.Clientset { + return fake.NewSimpleClientset( + newFakeNode("master-0", true, false, true, true), + newFakeNode("master-1", true, false, true, true), + newFakeNode("master-2", true, false, true, true), + ) + }, + setupConfig: func() *fakeconfigclient.Clientset { + return fakeconfigclient.NewSimpleClientset() + }, + setupOperator: func() *fakeoperatorclient.Clientset { + return fakeoperatorclient.NewSimpleClientset() + }, + validate: func(v *ClientSideValidator) CheckResult { + return v.validateControlPlaneNodesReady(context.Background(), 3) + }, + expectedName: CheckNameControlPlaneNodesReady, + expectedSeverity: CheckSeverityWarning, + expectedStatus: CheckStatusPassed, + }, + { + name: "Etcd quorum - EtcdMembersAvailable=True", + setupKube: func() *fake.Clientset { + return fake.NewSimpleClientset() + }, + setupConfig: func() *fakeconfigclient.Clientset { + return fakeconfigclient.NewSimpleClientset() + }, + setupOperator: func() *fakeoperatorclient.Clientset { + return fakeoperatorclient.NewSimpleClientset( + newFakeEtcdOperator(true, false), + ) + }, + validate: func(v *ClientSideValidator) CheckResult { + return v.validateEtcdQuorum(context.Background()) + }, + expectedName: CheckNameEtcdQuorum, + expectedSeverity: CheckSeverityWarning, + expectedStatus: CheckStatusPassed, + }, + { + name: "Etcd not progressing - Progressing=False", + setupKube: func() *fake.Clientset { + return fake.NewSimpleClientset() + }, + setupConfig: func() *fakeconfigclient.Clientset { + return fakeconfigclient.NewSimpleClientset() + }, + setupOperator: func() *fakeoperatorclient.Clientset { + return fakeoperatorclient.NewSimpleClientset( + newFakeEtcdOperator(true, false), + ) + }, + validate: func(v *ClientSideValidator) CheckResult { + return v.validateEtcdNotProgressing(context.Background()) + }, + expectedName: CheckNameEtcdNotProgressing, + expectedSeverity: CheckSeverityWarning, + expectedStatus: CheckStatusPassed, + }, + { + name: "Etcd voting members - exactly 3", + setupKube: func() *fake.Clientset { + return fake.NewSimpleClientset( + newFakeEtcdConfigMap(3), + ) + }, + setupConfig: func() *fakeconfigclient.Clientset { + return fakeconfigclient.NewSimpleClientset() + }, + setupOperator: func() *fakeoperatorclient.Clientset { + return fakeoperatorclient.NewSimpleClientset() + }, + validate: func(v *ClientSideValidator) CheckResult { + return v.validateEtcdVotingMembers(context.Background(), 3) + }, + expectedName: CheckNameEtcdVotingMembers, + expectedSeverity: CheckSeverityWarning, + expectedStatus: CheckStatusPassed, + }, + } + + for _, tc := range testCases { + t.Run(tc.name, func(t *testing.T) { + validator := NewClientSideValidator( + tc.setupKube(), + tc.setupConfig(), + tc.setupOperator(), + ) + + result := tc.validate(validator) + + if result.Name != tc.expectedName { + t.Errorf("expected name=%s, got %s", tc.expectedName, result.Name) + } + if result.Severity != tc.expectedSeverity { + t.Errorf("expected severity=%s, got %s", tc.expectedSeverity, result.Severity) + } + if result.Status != tc.expectedStatus { + t.Errorf("expected status=%s, got %s: %s", + tc.expectedStatus, result.Status, result.Message) + } + }) + } +} diff --git a/pkg/cli/admin/transition/status.go b/pkg/cli/admin/transition/status.go new file mode 100644 index 0000000000..75df8267c3 --- /dev/null +++ b/pkg/cli/admin/transition/status.go @@ -0,0 +1,201 @@ +package transition + +import ( + "context" + "fmt" + "strings" + + "github.com/spf13/cobra" + + configv1 "github.com/openshift/api/config/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + kcmdutil "k8s.io/kubectl/pkg/cmd/util" + "k8s.io/kubectl/pkg/util/templates" +) + +var ( + statusLong = templates.LongDesc(` + Monitor topology transition progress. + + Displays the current control plane topology status and cluster operator conditions + to help monitor the transition progress. Shows whether operators are progressing, + available, or degraded during the transition. + `) + + statusExample = templates.Examples(` + # Monitor transition progress + oc adm transition topology status + `) +) + +// StatusOptions holds options for the status subcommand +type StatusOptions struct { + *TransitionOptions +} + +// NewCmdStatus creates the status subcommand +func NewCmdStatus(f kcmdutil.Factory, parent *TransitionOptions) *cobra.Command { + o := &StatusOptions{ + TransitionOptions: parent, + } + + cmd := &cobra.Command{ + Use: "status", + Short: "Monitor topology transition progress", + Long: statusLong, + Example: statusExample, + Run: func(cmd *cobra.Command, args []string) { + // Ensure clients are initialized (parent Complete may not have been called yet) + if o.configClient == nil { + kcmdutil.CheckErr(o.Complete(f, cmd, args)) + } + kcmdutil.CheckErr(o.Run()) + }, + } + + return cmd +} + +// Run executes the status subcommand +func (o *StatusOptions) Run() error { + ctx := context.TODO() + + // Get Infrastructure resource + infra, err := o.configClient.ConfigV1().Infrastructures().Get(ctx, InfrastructureResourceName, metav1.GetOptions{}) + if err != nil { + return fmt.Errorf("failed to get Infrastructure resource: %w", err) + } + + // Display topology status + fmt.Fprintf(o.Out, "Control Plane Topology Status:\n\n") + + // Show both spec (desired) and status (current) topology + if infra.Spec.ControlPlaneTopology != "" { + fmt.Fprintf(o.Out, " Spec (desired): %s\n", infra.Spec.ControlPlaneTopology) + } else { + fmt.Fprintf(o.Out, " Spec (desired): (not set)\n") + } + fmt.Fprintf(o.Out, " Status (current): %s\n\n", infra.Status.ControlPlaneTopology) + + // Check if transition is in progress + if infra.Spec.ControlPlaneTopology != "" && infra.Spec.ControlPlaneTopology != infra.Status.ControlPlaneTopology { + fmt.Fprintf(o.Out, "Transition in progress: %s -> %s\n\n", + infra.Status.ControlPlaneTopology, + infra.Spec.ControlPlaneTopology) + } else { + fmt.Fprintf(o.Out, "No transition in progress\n\n") + } + + // Display cluster operator status + fmt.Fprintf(o.Out, "Cluster Operators:\n\n") + + operators, err := o.configClient.ConfigV1().ClusterOperators().List(ctx, metav1.ListOptions{}) + if err != nil { + return fmt.Errorf("failed to list cluster operators: %w", err) + } + + if len(operators.Items) == 0 { + fmt.Fprintf(o.Out, " (no cluster operators found)\n") + return nil + } + + // Track operator health + var progressing, degraded, unavailable []string + + for _, co := range operators.Items { + var status []string + isHealthy := true + + for _, cond := range co.Status.Conditions { + switch cond.Type { + case ClusterOperatorAvailable: + if cond.Status != configv1.ConditionTrue { + status = append(status, fmt.Sprintf("Available=%s", cond.Status)) + unavailable = append(unavailable, co.Name) + isHealthy = false + } + case ClusterOperatorProgressing: + if cond.Status == configv1.ConditionTrue { + status = append(status, "Progressing=True") + progressing = append(progressing, co.Name) + isHealthy = false + } + case ClusterOperatorDegraded: + if cond.Status == configv1.ConditionTrue { + status = append(status, "Degraded=True") + degraded = append(degraded, co.Name) + isHealthy = false + } + } + } + + // Only show unhealthy operators + if !isHealthy { + fmt.Fprintf(o.Out, " %s: %s\n", co.Name, strings.Join(status, ", ")) + } + } + + if len(progressing) == 0 && len(degraded) == 0 && len(unavailable) == 0 { + fmt.Fprintf(o.Out, " All cluster operators healthy\n") + } else { + fmt.Fprintf(o.Out, "\n") + if len(progressing) > 0 { + fmt.Fprintf(o.Out, " Progressing: %d operator(s)\n", len(progressing)) + } + if len(degraded) > 0 { + fmt.Fprintf(o.Out, " Degraded: %d operator(s)\n", len(degraded)) + } + if len(unavailable) > 0 { + fmt.Fprintf(o.Out, " Unavailable: %d operator(s)\n", len(unavailable)) + } + } + + // Display etcd status + fmt.Fprintf(o.Out, "\netcd Status:\n\n") + + etcd, err := o.operatorClient.OperatorV1().Etcds().Get(ctx, EtcdOperatorResourceName, metav1.GetOptions{}) + if err != nil { + fmt.Fprintf(o.Out, " Failed to get etcd operator: %v\n", err) + return nil + } + + // Check etcd conditions + var etcdStatus []string + for _, cond := range etcd.Status.Conditions { + switch cond.Type { + case EtcdMembersAvailableCondition: + if cond.Status == "True" { + etcdStatus = append(etcdStatus, "Members available") + } else { + etcdStatus = append(etcdStatus, fmt.Sprintf("Members not available: %s", cond.Message)) + } + case "Progressing": + if cond.Status == "True" { + etcdStatus = append(etcdStatus, fmt.Sprintf("Progressing: %s", cond.Message)) + } + case "Degraded": + if cond.Status == "True" { + etcdStatus = append(etcdStatus, fmt.Sprintf("Degraded: %s", cond.Message)) + } + } + } + + if len(etcdStatus) == 0 { + fmt.Fprintf(o.Out, " etcd healthy\n") + } else { + for _, s := range etcdStatus { + fmt.Fprintf(o.Out, " %s\n", s) + } + } + + // Get etcd voting member count + cm, err := o.kubeClient.CoreV1().ConfigMaps(EtcdNamespace).Get(ctx, EtcdEndpointsConfigMapName, metav1.GetOptions{}) + if err != nil { + fmt.Fprintf(o.Out, " Failed to get %s ConfigMap: %v\n", EtcdEndpointsConfigMapName, err) + } else { + votingMembers := len(cm.Data) + fmt.Fprintf(o.Out, " Voting members: %d\n", votingMembers) + } + + return nil +} diff --git a/pkg/cli/admin/transition/transition.go b/pkg/cli/admin/transition/transition.go new file mode 100644 index 0000000000..16341c7831 --- /dev/null +++ b/pkg/cli/admin/transition/transition.go @@ -0,0 +1,471 @@ +package transition + +import ( + "context" + "fmt" + "io" + "time" + + "github.com/spf13/cobra" + + configv1 "github.com/openshift/api/config/v1" + configv1client "github.com/openshift/client-go/config/clientset/versioned" + operatorv1client "github.com/openshift/client-go/operator/clientset/versioned" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/cli-runtime/pkg/genericclioptions" + "k8s.io/client-go/kubernetes" + kcmdutil "k8s.io/kubectl/pkg/cmd/util" + "k8s.io/kubectl/pkg/util/templates" + + "github.com/openshift/oc/pkg/cli/admin/transition/preflight" +) + +var ( + transitionLong = templates.LongDesc(` + Transition the cluster control plane and infrastructure topology. + + This command enables transitioning between Single-Node OpenShift (SNO) and + Highly Available (HA) topologies. Currently supports one-way transition from + SingleReplica to HighlyAvailable for both control plane and infrastructure. + + FEATURE GATE REQUIRED: + This command requires the OC_ENABLE_CMD_TRANSITION_TOPOLOGY environment + variable to be set to "true" to enable the command. Additionally, the + MutableTopology feature gate must be enabled on the cluster. + + THREE MODES: + + 1. Discovery mode (no topology flags): + Shows current control plane and infrastructure topology and available transitions. + + 2. Validation mode (--control-plane and/or --infrastructure flags): + Validates cluster readiness for transition (dry-run by default). + Runs preflight checks and shows what would be changed. + + 3. Initiate mode (topology flags + --confirm): + Validates cluster readiness and applies the topology transition. + Patches Infrastructure spec to initiate the transition. + + 4. Status mode (status subcommand): + Monitors transition progress by displaying cluster operator conditions. + + PREFLIGHT CHECKS: + + The command runs comprehensive preflight validation before initiating a transition: + - Blocking checks (Error severity): Supported transition, feature gate enabled + - Readiness checks (Warning severity): Cluster operators, nodes, etcd stability + + Warning-severity check failures can be bypassed with --allow-transition-with-warnings + when combined with --confirm. Error-severity check failures cannot be bypassed. + `) + + transitionExample = templates.Examples(` + # Show current topology and available transitions + oc adm transition topology + + # Validate transition readiness (dry-run, default behavior) + oc adm transition topology --control-plane=HighlyAvailable --infrastructure=HighlyAvailable + + # Initiate transition to HighlyAvailable topology (both control plane and infrastructure) + oc adm transition topology --control-plane=HighlyAvailable --infrastructure=HighlyAvailable --confirm + + # Bypass warning-severity preflight check failures (not recommended) + oc adm transition topology --control-plane=HighlyAvailable --infrastructure=HighlyAvailable --confirm --allow-transition-with-warnings + + # Monitor transition progress + oc adm transition topology status + `) +) + +// TransitionOptions holds all options for the topology transition command +type TransitionOptions struct { + // Target control plane topology (--control-plane flag) + ControlPlane string + + // Target infrastructure topology (--infrastructure flag) + Infrastructure string + + // Confirm actually applies the transition (--confirm flag) + // Without this flag, the command runs in dry-run mode + Confirm bool + + // AllowTransitionWithWarnings bypasses Warning-severity check failures (--allow-transition-with-warnings flag) + AllowTransitionWithWarnings bool + + // Context for API calls + ctx context.Context + + // Clients + kubeClient kubernetes.Interface + configClient configv1client.Interface + operatorClient operatorv1client.Interface + + // Validator for preflight checks + validator preflight.Validator + + genericclioptions.IOStreams +} + +// NewTransitionOptions creates a new TransitionOptions with default values +func NewTransitionOptions(streams genericclioptions.IOStreams) *TransitionOptions { + return &TransitionOptions{ + IOStreams: streams, + } +} + +// errorWriter accumulates write errors to reduce repetitive error handling +type errorWriter struct { + w io.Writer + err error +} + +// fprintf writes formatted output, storing any error for later retrieval +func (ew *errorWriter) fprintf(format string, a ...interface{}) { + if ew.err != nil { + return // already failed, skip remaining writes + } + _, ew.err = fmt.Fprintf(ew.w, format, a...) +} + +// error returns the first write error encountered, if any +func (ew *errorWriter) error() error { + return ew.err +} + +// NewCmdTransition creates the transition command with topology subcommand +func NewCmdTransition(f kcmdutil.Factory, streams genericclioptions.IOStreams) *cobra.Command { + cmd := &cobra.Command{ + Use: "transition", + Short: "Transition cluster resources", + Long: "Transition cluster resources such as control plane topology.", + Run: kcmdutil.DefaultSubCommandRun(streams.ErrOut), + } + + // Add topology subcommand + cmd.AddCommand(NewCmdTopology(f, streams)) + + return cmd +} + +// NewCmdTopology creates the topology transition subcommand +func NewCmdTopology(f kcmdutil.Factory, streams genericclioptions.IOStreams) *cobra.Command { + o := NewTransitionOptions(streams) + + cmd := &cobra.Command{ + Use: "topology [status]", + Short: "Transition cluster control plane topology", + Long: transitionLong, + Example: transitionExample, + Args: cobra.NoArgs, + Run: func(cmd *cobra.Command, args []string) { + kcmdutil.CheckErr(o.Complete(f, cmd, args)) + kcmdutil.CheckErr(o.Validate()) + kcmdutil.CheckErr(o.Run()) + }, + } + + cmd.Flags().StringVar(&o.ControlPlane, "control-plane", "", "Target control plane topology (HighlyAvailable or SingleReplica)") + cmd.Flags().StringVar(&o.Infrastructure, "infrastructure", "", "Target infrastructure topology (HighlyAvailable or SingleReplica)") + cmd.Flags().BoolVar(&o.Confirm, "confirm", false, "Apply the transition (default is dry-run)") + cmd.Flags().BoolVar(&o.AllowTransitionWithWarnings, "allow-transition-with-warnings", false, "Bypass warning-severity preflight check failures (requires --confirm)") + + // Add status subcommand + cmd.AddCommand(NewCmdStatus(f, o)) + + return cmd +} + +// Complete sets up all required fields from the factory +func (o *TransitionOptions) Complete(f kcmdutil.Factory, cmd *cobra.Command, args []string) error { + // Store base context - timeout will be applied in Run() + o.ctx = cmd.Context() + + // Get REST config + restConfig, err := f.ToRESTConfig() + if err != nil { + return fmt.Errorf("failed to get REST config: %w", err) + } + + // Create clients + o.kubeClient, err = kubernetes.NewForConfig(restConfig) + if err != nil { + return fmt.Errorf("failed to create kubernetes client: %w", err) + } + + o.configClient, err = configv1client.NewForConfig(restConfig) + if err != nil { + return fmt.Errorf("failed to create config client: %w", err) + } + + o.operatorClient, err = operatorv1client.NewForConfig(restConfig) + if err != nil { + return fmt.Errorf("failed to create operator client: %w", err) + } + + // Create validator + o.validator = preflight.NewClientSideValidator( + o.kubeClient, + o.configClient, + o.operatorClient, + ) + + return nil +} + +// Validate validates the command options +func (o *TransitionOptions) Validate() error { + validTopologies := map[string]bool{ + string(configv1.HighlyAvailableTopologyMode): true, + string(configv1.SingleReplicaTopologyMode): true, + } + + // Validate control plane topology if specified + if o.ControlPlane != "" && !validTopologies[o.ControlPlane] { + return fmt.Errorf("invalid control plane topology %q, must be 'HighlyAvailable' or 'SingleReplica'", o.ControlPlane) + } + + // Validate infrastructure topology if specified + if o.Infrastructure != "" && !validTopologies[o.Infrastructure] { + return fmt.Errorf("invalid infrastructure topology %q, must be 'HighlyAvailable' or 'SingleReplica'", o.Infrastructure) + } + + // --confirm requires at least one of --control-plane or --infrastructure + if o.Confirm && o.ControlPlane == "" && o.Infrastructure == "" { + return fmt.Errorf("--confirm requires at least one of --control-plane or --infrastructure") + } + + // --allow-transition-with-warnings requires --confirm flag + if o.AllowTransitionWithWarnings && !o.Confirm { + return fmt.Errorf("--allow-transition-with-warnings requires --confirm flag") + } + + return nil +} + +// Run executes the topology transition command +func (o *TransitionOptions) Run() error { + // Create a timeout-scoped context for API calls (2 minutes) + // This prevents unbounded waits on cluster API calls + ctx, cancel := context.WithTimeout(o.ctx, 2*time.Minute) + defer cancel() + + // Get current topologies from Infrastructure resource + infra, err := o.configClient.ConfigV1().Infrastructures().Get(ctx, InfrastructureResourceName, metav1.GetOptions{}) + if err != nil { + return fmt.Errorf("failed to get Infrastructure resource: %w", err) + } + + currentCP := infra.Status.ControlPlaneTopology + currentInfra := infra.Status.InfrastructureTopology + + // Mode 1: Discovery mode (no topology flags) + if o.ControlPlane == "" && o.Infrastructure == "" { + return o.runDiscoveryMode(currentCP, currentInfra) + } + + // Mode 2: Initiate mode (at least one topology flag provided) + return o.runInitiateMode(ctx, currentCP, currentInfra) +} + +// runDiscoveryMode displays current topology and available transitions +func (o *TransitionOptions) runDiscoveryMode(currentCP, currentInfra configv1.TopologyMode) error { + w := &errorWriter{w: o.Out} + + // Show current state of both topologies + w.fprintf("Current Topology:\n") + w.fprintf(" Control Plane: %s\n", currentCP) + w.fprintf(" Infrastructure: %s\n\n", currentInfra) + + // Currently only SNO -> HA transition is supported (both topologies together) + if currentCP == configv1.SingleReplicaTopologyMode && currentInfra == configv1.SingleReplicaTopologyMode { + w.fprintf("Available Transition:\n") + w.fprintf(" Control Plane: SingleReplica -> HighlyAvailable\n") + w.fprintf(" (Infrastructure also transitions to HighlyAvailable)\n\n") + w.fprintf("To validate transition readiness:\n") + w.fprintf(" oc adm transition topology --control-plane=HighlyAvailable\n\n") + w.fprintf("To initiate transition:\n") + w.fprintf(" oc adm transition topology --control-plane=HighlyAvailable --confirm\n") + } else { + w.fprintf("Available Transitions:\n") + w.fprintf(" (none)\n\n") + w.fprintf("Note: Only SingleReplica -> HighlyAvailable transitions are currently supported.\n") + w.fprintf(" Both control plane and infrastructure must be SingleReplica to transition.\n") + } + + return w.error() +} + +// runInitiateMode validates cluster readiness and initiates topology transition +func (o *TransitionOptions) runInitiateMode(ctx context.Context, currentCP, currentInfra configv1.TopologyMode) error { + w := &errorWriter{w: o.Out} + + // Prepare topology states for validation + current := preflight.TopologyState{ + ControlPlane: currentCP, + Infrastructure: currentInfra, + } + + // Determine target topologies + targetCP := currentCP + if o.ControlPlane != "" { + targetCP = configv1.TopologyMode(o.ControlPlane) + } + + // Derive target infrastructure topology + // If user specified --infrastructure, use that (for future flexibility) + // Otherwise, derive based on control plane transition: + // - SNO -> HA: infrastructure becomes HighlyAvailable (managed by controller) + // - Future transitions (e.g., HA -> HAA): infrastructure stays HighlyAvailable + targetInfra := currentInfra + if o.Infrastructure != "" { + targetInfra = configv1.TopologyMode(o.Infrastructure) + } else if targetCP == configv1.HighlyAvailableTopologyMode { + // For transitions to HighlyAvailable control plane, infrastructure also becomes HighlyAvailable + targetInfra = configv1.HighlyAvailableTopologyMode + } + + target := preflight.TopologyState{ + ControlPlane: targetCP, + Infrastructure: targetInfra, + } + + // Check if cluster is already at target topology (no transition needed) + if current.ControlPlane == target.ControlPlane && current.Infrastructure == target.Infrastructure { + w.fprintf("Cluster is already at target topology:\n") + w.fprintf(" Control Plane: %s\n", current.ControlPlane) + w.fprintf(" Infrastructure: %s\n\n", current.Infrastructure) + w.fprintf("No transition needed.\n") + return w.error() + } + + // Step 1: Run preflight validation + w.fprintf("Running preflight validation...\n\n") + if w.error() != nil { + return w.error() + } + + result, err := o.validator.Validate(ctx, current, target) + if err != nil { + return fmt.Errorf("preflight validation failed: %w", err) + } + + // Step 2: Display validation results + w.fprintf("Topology Transition:\n") + w.fprintf(" Control Plane: %s -> %s\n", current.ControlPlane, target.ControlPlane) + w.fprintf(" Infrastructure: %s -> %s", current.Infrastructure, target.Infrastructure) + + // Note if infrastructure topology is derived (not explicitly specified by user) + if o.Infrastructure == "" && current.Infrastructure != target.Infrastructure { + w.fprintf(" (managed by controller)") + } + w.fprintf("\n") + + w.fprintf("Status: %s\n\n", result.Status) + + // Group checks by severity + var errorChecks, warningChecks []preflight.CheckResult + for _, check := range result.Checks { + if check.Severity == preflight.CheckSeverityError { + errorChecks = append(errorChecks, check) + } else { + warningChecks = append(warningChecks, check) + } + } + + // Display Error-severity checks first + if len(errorChecks) > 0 { + w.fprintf("BLOCKING CHECKS (cannot be bypassed):\n") + for _, check := range errorChecks { + w.fprintf(" %s\n", check.String()) + } + w.fprintf("\n") + } + + // Display Warning-severity checks + if len(warningChecks) > 0 { + w.fprintf("READINESS CHECKS (can be bypassed with --allow-transition-with-warnings):\n") + for _, check := range warningChecks { + w.fprintf(" %s\n", check.String()) + } + w.fprintf("\n") + } + + // Check for write errors before proceeding to validation logic + if w.error() != nil { + return w.error() + } + + // Step 3: Check for Error-severity failures (blocking - cannot proceed) + if result.HasErrorCheckFailures() { + return fmt.Errorf("cannot proceed with transition - see errors listed above") + } + + // Step 4: Check for Warning-severity failures + if result.HasWarningCheckFailures() && !o.AllowTransitionWithWarnings { + return fmt.Errorf("cluster not ready for transition - use --allow-transition-with-warnings with --confirm to bypass (not recommended)") + } + + // Step 5: If warnings bypassed, show warning message + if result.HasWarningCheckFailures() && o.AllowTransitionWithWarnings { + w.fprintf("warning: Proceeding despite failed preflight checks (--allow-transition-with-warnings)\n") + w.fprintf("warning: This may result in cluster instability or transition failure\n\n") + } + + // Step 6: If no --confirm, show dry-run message + if !o.Confirm { + w.fprintf("\nDry run: Would patch Infrastructure spec:\n") + w.fprintf(" spec.controlPlaneTopology: %s\n\n", target.ControlPlane) + w.fprintf("Note: The cluster-config-operator will update both status.controlPlaneTopology\n") + w.fprintf(" and status.infrastructureTopology to %s based on this change.\n\n", target.ControlPlane) + w.fprintf("Add --confirm to apply this transition\n") + return w.error() + } + + // Check for write errors before applying transition + if w.error() != nil { + return w.error() + } + + // Step 7: Apply transition + return o.applyTransition(ctx, target.ControlPlane, target.Infrastructure) +} + +// applyTransition patches the Infrastructure resource to initiate the transition +func (o *TransitionOptions) applyTransition(ctx context.Context, targetCP, targetInfra configv1.TopologyMode) error { + w := &errorWriter{w: o.Out} + + w.fprintf("\nInitiating topology transition...\n") + if w.error() != nil { + return w.error() + } + + // Get current Infrastructure resource + infra, err := o.configClient.ConfigV1().Infrastructures().Get(ctx, InfrastructureResourceName, metav1.GetOptions{}) + if err != nil { + return fmt.Errorf("failed to get Infrastructure resource: %w", err) + } + + // Patch control plane topology (spec only supports controlPlaneTopology) + // NOTE: InfrastructureTopology only exists in status, not spec. + // For SNO->HA transition, the cluster-config-operator will update both + // controlPlaneTopology and infrastructureTopology in status. + infra.Spec.ControlPlaneTopology = targetCP + + _, err = o.configClient.ConfigV1().Infrastructures().Update(ctx, infra, metav1.UpdateOptions{}) + if err != nil { + return fmt.Errorf("failed to update Infrastructure resource: %w", err) + } + + w.fprintf("\nInfrastructure spec patched:\n") + w.fprintf(" spec.controlPlaneTopology: %s\n\n", targetCP) + w.fprintf("Note: The cluster-config-operator will update status.controlPlaneTopology\n") + w.fprintf(" and status.infrastructureTopology based on this change.\n\n") + w.fprintf("Transition initiated. The cluster will begin scaling control plane components.\n") + w.fprintf("This process may take several minutes.\n\n") + w.fprintf("Monitor progress with:\n") + w.fprintf(" oc adm transition topology status\n") + w.fprintf(" oc get clusteroperators\n") + w.fprintf(" oc get etcd -n openshift-etcd\n") + + return w.error() +} diff --git a/pkg/cli/admin/transition/transition_test.go b/pkg/cli/admin/transition/transition_test.go new file mode 100644 index 0000000000..c60c417e79 --- /dev/null +++ b/pkg/cli/admin/transition/transition_test.go @@ -0,0 +1,672 @@ +package transition + +import ( + "context" + "strings" + "testing" + + configv1 "github.com/openshift/api/config/v1" + operatorv1 "github.com/openshift/api/operator/v1" + fakeconfigclient "github.com/openshift/client-go/config/clientset/versioned/fake" + fakeoperatorclient "github.com/openshift/client-go/operator/clientset/versioned/fake" + "github.com/spf13/cobra" + corev1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/cli-runtime/pkg/genericclioptions" + fake "k8s.io/client-go/kubernetes/fake" + ktesting "k8s.io/client-go/testing" + + "github.com/openshift/oc/pkg/cli/admin/transition/preflight" +) + +/* +================================================================================ +TRANSITION COMMAND TESTS +================================================================================ + +This file tests the `oc adm transition topology` command implementation. +Tests use fake clients with action recording to verify API call behavior. + +-------------------------------------------------------------------------------- +TEST COVERAGE +-------------------------------------------------------------------------------- + +COMMAND STRUCTURE (1 test) + - NewCmdTransition - Command metadata, flags, subcommands + +VALIDATION (2 tests) + - Topology flag validation - Valid/invalid control-plane/infrastructure values + - Flag dependencies - --confirm/--allow-* require correct flags + +DISCOVERY MODE (2 tests) + - Discovery mode from SingleReplica - Shows available transition + - Discovery mode from HighlyAvailable - Shows no transitions, not supported note + +INITIATE MODE (3 tests) + - Patches Infrastructure with --confirm - Verifies Update action with correct topology + - Default dry-run without --confirm - Verifies no Update action, dry-run output + - Already at target topology - Early exit with success message, no validation + +-------------------------------------------------------------------------------- +*/ + +// TestNewCmdTransition verifies command structure +func TestNewCmdTransition(t *testing.T) { + streams := genericclioptions.NewTestIOStreamsDiscard() + + // Create command with nil factory (just testing structure, not execution) + cmd := NewCmdTransition(nil, streams) + + // Verify parent transition command + if cmd.Use != "transition" { + t.Errorf("expected Use='transition', got %q", cmd.Use) + } + + if cmd.Short == "" { + t.Error("expected non-empty Short description") + } + + // Verify topology subcommand exists + topologyCmd := findSubcommand(cmd, "topology") + if topologyCmd == nil { + t.Fatal("expected 'topology' subcommand to exist") + } + + // Verify topology command metadata + if topologyCmd.Use != "topology [status]" { + t.Errorf("expected topology Use='topology [status]', got %q", topologyCmd.Use) + } + + if topologyCmd.Short == "" { + t.Error("expected topology non-empty Short description") + } + + if topologyCmd.Long == "" { + t.Error("expected topology non-empty Long description") + } + + if topologyCmd.Example == "" { + t.Error("expected topology non-empty Example") + } + + // Verify flags exist on topology command + requiredFlags := []string{"control-plane", "infrastructure", "confirm", "allow-transition-with-warnings"} + for _, flagName := range requiredFlags { + flag := topologyCmd.Flags().Lookup(flagName) + if flag == nil { + t.Errorf("expected flag %q to exist", flagName) + } + } + + // Verify status subcommand exists under topology + statusCmd := findSubcommand(topologyCmd, "status") + if statusCmd == nil { + t.Error("expected 'status' subcommand to exist") + } else { + if statusCmd.Short == "" { + t.Error("expected status subcommand to have Short description") + } + } +} + +// TestValidate_TopologyFlags tests --control-plane and --infrastructure flag validation +func TestValidate_TopologyFlags(t *testing.T) { + testCases := []struct { + name string + controlPlane string + infrastructure string + expectErr bool + }{ + { + name: "valid HighlyAvailable control plane", + controlPlane: "HighlyAvailable", + expectErr: false, + }, + { + name: "valid SingleReplica control plane", + controlPlane: "SingleReplica", + expectErr: false, + }, + { + name: "valid HighlyAvailable infrastructure", + infrastructure: "HighlyAvailable", + expectErr: false, + }, + { + name: "valid both topologies", + controlPlane: "HighlyAvailable", + infrastructure: "HighlyAvailable", + expectErr: false, + }, + { + name: "invalid control plane topology", + controlPlane: "InvalidTopology", + expectErr: true, + }, + { + name: "invalid infrastructure topology", + infrastructure: "InvalidTopology", + expectErr: true, + }, + { + name: "empty (discovery mode)", + expectErr: false, + }, + } + + for _, tc := range testCases { + t.Run(tc.name, func(t *testing.T) { + streams := genericclioptions.NewTestIOStreamsDiscard() + o := NewTransitionOptions(streams) + o.ControlPlane = tc.controlPlane + o.Infrastructure = tc.infrastructure + + err := o.Validate() + + if tc.expectErr && err == nil { + t.Error("expected error, got nil") + } + if !tc.expectErr && err != nil { + t.Errorf("expected no error, got %v", err) + } + }) + } +} + +// TestValidate_FlagDependencies tests flag dependencies +func TestValidate_FlagDependencies(t *testing.T) { + testCases := []struct { + name string + controlPlane string + infrastructure string + confirm bool + allowTransitionWithWarnings bool + expectErr bool + errContains string + }{ + { + name: "--confirm requires at least one topology flag", + confirm: true, + expectErr: true, + errContains: "--confirm requires at least one of --control-plane or --infrastructure", + }, + { + name: "--allow-transition-with-warnings requires --confirm", + controlPlane: "HighlyAvailable", + allowTransitionWithWarnings: true, + expectErr: true, + errContains: "--allow-transition-with-warnings requires --confirm", + }, + { + name: "--control-plane alone is valid (dry-run mode)", + controlPlane: "HighlyAvailable", + expectErr: false, + }, + { + name: "--infrastructure alone is valid (dry-run mode)", + infrastructure: "HighlyAvailable", + expectErr: false, + }, + { + name: "--control-plane with --confirm is valid", + controlPlane: "HighlyAvailable", + confirm: true, + expectErr: false, + }, + { + name: "--infrastructure with --confirm is valid", + infrastructure: "HighlyAvailable", + confirm: true, + expectErr: false, + }, + { + name: "--control-plane and --infrastructure with --confirm is valid", + controlPlane: "HighlyAvailable", + infrastructure: "HighlyAvailable", + confirm: true, + expectErr: false, + }, + { + name: "--control-plane with --confirm and --allow is valid", + controlPlane: "HighlyAvailable", + confirm: true, + allowTransitionWithWarnings: true, + expectErr: false, + }, + } + + for _, tc := range testCases { + t.Run(tc.name, func(t *testing.T) { + streams := genericclioptions.NewTestIOStreamsDiscard() + o := NewTransitionOptions(streams) + o.ControlPlane = tc.controlPlane + o.Infrastructure = tc.infrastructure + o.Confirm = tc.confirm + o.AllowTransitionWithWarnings = tc.allowTransitionWithWarnings + + err := o.Validate() + + if tc.expectErr { + if err == nil { + t.Error("expected error, got nil") + } else if !strings.Contains(err.Error(), tc.errContains) { + t.Errorf("expected error containing %q, got %v", tc.errContains, err) + } + } else { + if err != nil { + t.Errorf("expected no error, got %v", err) + } + } + }) + } +} + +// TestRunDiscoveryMode_SingleReplica tests discovery mode output for SNO +func TestRunDiscoveryMode_SingleReplica(t *testing.T) { + streams, _, out, _ := genericclioptions.NewTestIOStreams() + o := NewTransitionOptions(streams) + + err := o.runDiscoveryMode(configv1.SingleReplicaTopologyMode, configv1.SingleReplicaTopologyMode) + if err != nil { + t.Fatalf("unexpected error: %v", err) + } + + output := out.String() + + // Should show current topology for both control plane and infrastructure + if !strings.Contains(output, "Current Topology:") { + t.Errorf("expected current topology header in output, got:\n%s", output) + } + if !strings.Contains(output, "Control Plane:") { + t.Errorf("expected control plane topology in output, got:\n%s", output) + } + if !strings.Contains(output, "Infrastructure:") { + t.Errorf("expected infrastructure topology in output, got:\n%s", output) + } + + // Should show available transition for control plane + if !strings.Contains(output, "Control Plane: SingleReplica -> HighlyAvailable") { + t.Errorf("expected available control plane transition in output, got:\n%s", output) + } + + // Should indicate infrastructure also transitions + if !strings.Contains(output, "Infrastructure also transitions") { + t.Errorf("expected note about infrastructure transition in output, got:\n%s", output) + } + + // Should show command to initiate with just --control-plane flag + if !strings.Contains(output, "--control-plane=HighlyAvailable --confirm") { + t.Errorf("expected initiate command with --control-plane flag in output, got:\n%s", output) + } +} + +// TestRunDiscoveryMode_HighlyAvailable tests discovery mode output for HA +func TestRunDiscoveryMode_HighlyAvailable(t *testing.T) { + streams, _, out, _ := genericclioptions.NewTestIOStreams() + o := NewTransitionOptions(streams) + + err := o.runDiscoveryMode(configv1.HighlyAvailableTopologyMode, configv1.HighlyAvailableTopologyMode) + if err != nil { + t.Fatalf("unexpected error: %v", err) + } + + output := out.String() + + // Should show current topology for both control plane and infrastructure + if !strings.Contains(output, "Current Topology:") { + t.Errorf("expected current topology header in output, got:\n%s", output) + } + + // Should show no available transitions + if !strings.Contains(output, "(none") { + t.Errorf("expected no available transitions in output, got:\n%s", output) + } + + // Should mention what transitions are supported + if !strings.Contains(output, "Only SingleReplica -> HighlyAvailable") { + t.Errorf("expected note about supported transition types in output, got:\n%s", output) + } +} + +// findSubcommand finds a subcommand by name +func findSubcommand(parent *cobra.Command, name string) *cobra.Command { + for _, cmd := range parent.Commands() { + if cmd.Name() == name { + return cmd + } + } + return nil +} + +// Helper functions for test fixtures + +func newFakeNode(name string, master, worker, ready, schedulable bool) *corev1.Node { + node := &corev1.Node{ + ObjectMeta: metav1.ObjectMeta{ + Name: name, + Labels: map[string]string{}, + }, + Spec: corev1.NodeSpec{ + Unschedulable: !schedulable, + }, + Status: corev1.NodeStatus{ + Conditions: []corev1.NodeCondition{}, + }, + } + + if master { + node.Labels["node-role.kubernetes.io/master"] = "" + } + if worker { + node.Labels["node-role.kubernetes.io/worker"] = "" + } + if ready { + node.Status.Conditions = append(node.Status.Conditions, corev1.NodeCondition{ + Type: corev1.NodeReady, + Status: corev1.ConditionTrue, + }) + } + + return node +} + +func newFakeClusterOperator(name string, available, progressing, degraded bool) *configv1.ClusterOperator { + co := &configv1.ClusterOperator{ + ObjectMeta: metav1.ObjectMeta{Name: name}, + Status: configv1.ClusterOperatorStatus{ + Conditions: []configv1.ClusterOperatorStatusCondition{ + { + Type: configv1.OperatorAvailable, + Status: boolToConfigConditionStatus(available), + }, + { + Type: configv1.OperatorProgressing, + Status: boolToConfigConditionStatus(progressing), + }, + { + Type: configv1.OperatorDegraded, + Status: boolToConfigConditionStatus(degraded), + }, + }, + }, + } + + return co +} + +func boolToConfigConditionStatus(b bool) configv1.ConditionStatus { + if b { + return configv1.ConditionTrue + } + return configv1.ConditionFalse +} + +func newFakeEtcdOperator(available, progressing bool) *operatorv1.Etcd { + etcd := &operatorv1.Etcd{ + ObjectMeta: metav1.ObjectMeta{Name: "cluster"}, + } + + // EtcdStatus embeds StaticPodOperatorStatus which embeds OperatorStatus + // Set Conditions directly on Status + if available { + etcd.Status.Conditions = append(etcd.Status.Conditions, operatorv1.OperatorCondition{ + Type: "EtcdMembersAvailable", + Status: operatorv1.ConditionTrue, + }) + } + if progressing { + etcd.Status.Conditions = append(etcd.Status.Conditions, operatorv1.OperatorCondition{ + Type: operatorv1.OperatorStatusTypeProgressing, + Status: operatorv1.ConditionTrue, + }) + } + + return etcd +} + +func newFakeEtcdConfigMap(memberCount int) *corev1.ConfigMap { + cm := &corev1.ConfigMap{ + ObjectMeta: metav1.ObjectMeta{ + Name: "etcd-endpoints", + Namespace: "openshift-etcd", + }, + Data: map[string]string{}, + } + + for i := 0; i < memberCount; i++ { + cm.Data[string(rune('a'+i))] = "etcd-member" + } + + return cm +} + +// TestRunInitiateMode_PatchesInfrastructure verifies that the command patches Infrastructure.spec.controlPlaneTopology +func TestRunInitiateMode_PatchesInfrastructure(t *testing.T) { + streams, _, out, _ := genericclioptions.NewTestIOStreams() + + // Create fake infrastructure resource (current: SingleReplica) + infra := &configv1.Infrastructure{ + ObjectMeta: metav1.ObjectMeta{Name: "cluster"}, + Status: configv1.InfrastructureStatus{ + ControlPlaneTopology: configv1.SingleReplicaTopologyMode, + InfrastructureTopology: configv1.SingleReplicaTopologyMode, + }, + Spec: configv1.InfrastructureSpec{ + ControlPlaneTopology: configv1.SingleReplicaTopologyMode, + }, + } + + configClient := fakeconfigclient.NewSimpleClientset( + infra, + &configv1.FeatureGate{ + ObjectMeta: metav1.ObjectMeta{Name: "cluster"}, + Status: configv1.FeatureGateStatus{ + FeatureGates: []configv1.FeatureGateDetails{ + { + Version: "4.18", + Enabled: []configv1.FeatureGateAttributes{ + {Name: "MutableTopology"}, + }, + }, + }, + }, + }, + newFakeClusterOperator("kube-apiserver", true, false, false), + ) + + kubeClient := fake.NewSimpleClientset( + newFakeNode("master-0", true, false, true, true), + newFakeNode("master-1", true, false, true, true), + newFakeNode("master-2", true, false, true, true), + newFakeEtcdConfigMap(3), + ) + + operatorClient := fakeoperatorclient.NewSimpleClientset( + newFakeEtcdOperator(true, false), + ) + + o := &TransitionOptions{ + ControlPlane: "HighlyAvailable", + Infrastructure: "HighlyAvailable", + Confirm: true, // Apply the transition + IOStreams: streams, + ctx: context.Background(), + kubeClient: kubeClient, + configClient: configClient, + operatorClient: operatorClient, + validator: preflight.NewClientSideValidator(kubeClient, configClient, operatorClient), + } + + // Run the command + err := o.Run() + if err != nil { + t.Fatalf("unexpected error: %v", err) + } + + // Verify Infrastructure was updated + actions := configClient.Actions() + var updateAction ktesting.UpdateAction + for _, action := range actions { + if action.GetVerb() == "update" && action.GetResource().Resource == "infrastructures" { + updateAction = action.(ktesting.UpdateAction) + break + } + } + + if updateAction == nil { + t.Fatal("expected Infrastructure update action, got none") + } + + updatedInfra := updateAction.GetObject().(*configv1.Infrastructure) + if updatedInfra.Spec.ControlPlaneTopology != configv1.HighlyAvailableTopologyMode { + t.Errorf("expected spec.controlPlaneTopology=%s, got %s", + configv1.HighlyAvailableTopologyMode, updatedInfra.Spec.ControlPlaneTopology) + } + + // Verify output confirms transition + if !strings.Contains(out.String(), "Initiating topology transition") { + t.Error("expected output to confirm transition initiation") + } +} + +// TestRunInitiateMode_DefaultDryRun verifies that without --confirm the command runs in dry-run mode +func TestRunInitiateMode_DefaultDryRun(t *testing.T) { + streams, _, out, _ := genericclioptions.NewTestIOStreams() + + // Create fake infrastructure resource + infra := &configv1.Infrastructure{ + ObjectMeta: metav1.ObjectMeta{Name: "cluster"}, + Status: configv1.InfrastructureStatus{ + ControlPlaneTopology: configv1.SingleReplicaTopologyMode, + InfrastructureTopology: configv1.SingleReplicaTopologyMode, + }, + Spec: configv1.InfrastructureSpec{ + ControlPlaneTopology: configv1.SingleReplicaTopologyMode, + }, + } + + configClient := fakeconfigclient.NewSimpleClientset( + infra, + &configv1.FeatureGate{ + ObjectMeta: metav1.ObjectMeta{Name: "cluster"}, + Status: configv1.FeatureGateStatus{ + FeatureGates: []configv1.FeatureGateDetails{ + { + Version: "4.18", + Enabled: []configv1.FeatureGateAttributes{ + {Name: "MutableTopology"}, + }, + }, + }, + }, + }, + newFakeClusterOperator("kube-apiserver", true, false, false), + ) + + kubeClient := fake.NewSimpleClientset( + newFakeNode("master-0", true, false, true, true), + newFakeNode("master-1", true, false, true, true), + newFakeNode("master-2", true, false, true, true), + newFakeEtcdConfigMap(3), + ) + + operatorClient := fakeoperatorclient.NewSimpleClientset( + newFakeEtcdOperator(true, false), + ) + + o := &TransitionOptions{ + ControlPlane: "HighlyAvailable", + Infrastructure: "HighlyAvailable", + // No --confirm flag, so defaults to dry-run + IOStreams: streams, + ctx: context.Background(), + kubeClient: kubeClient, + configClient: configClient, + operatorClient: operatorClient, + validator: preflight.NewClientSideValidator(kubeClient, configClient, operatorClient), + } + + // Run the command + err := o.Run() + if err != nil { + t.Fatalf("unexpected error: %v", err) + } + + // Verify NO Infrastructure update occurred + actions := configClient.Actions() + for _, action := range actions { + if action.GetVerb() == "update" { + t.Error("expected no update action in dry-run mode") + } + } + + // Verify dry-run message in output + if !strings.Contains(out.String(), "Dry run") { + t.Error("expected output to indicate dry-run mode") + } + if !strings.Contains(out.String(), "Add --confirm") { + t.Error("expected output to mention --confirm flag") + } +} + +// TestRunInitiateMode_AlreadyAtTarget verifies that when cluster is already at target, +// the command exits successfully without running validation or patching +func TestRunInitiateMode_AlreadyAtTarget(t *testing.T) { + streams, _, out, _ := genericclioptions.NewTestIOStreams() + + // Create fake infrastructure resource (already at SingleReplica) + infra := &configv1.Infrastructure{ + ObjectMeta: metav1.ObjectMeta{Name: "cluster"}, + Status: configv1.InfrastructureStatus{ + ControlPlaneTopology: configv1.SingleReplicaTopologyMode, + InfrastructureTopology: configv1.SingleReplicaTopologyMode, + }, + Spec: configv1.InfrastructureSpec{ + ControlPlaneTopology: configv1.SingleReplicaTopologyMode, + }, + } + + configClient := fakeconfigclient.NewSimpleClientset(infra) + kubeClient := fake.NewSimpleClientset() + operatorClient := fakeoperatorclient.NewSimpleClientset() + + o := &TransitionOptions{ + ControlPlane: "SingleReplica", + Infrastructure: "SingleReplica", + IOStreams: streams, + ctx: context.Background(), + kubeClient: kubeClient, + configClient: configClient, + operatorClient: operatorClient, + validator: preflight.NewClientSideValidator(kubeClient, configClient, operatorClient), + } + + // Run the command + err := o.Run() + if err != nil { + t.Fatalf("unexpected error: %v", err) + } + + // Verify NO Infrastructure update occurred (no-op) + actions := configClient.Actions() + for _, action := range actions { + if action.GetVerb() == "update" { + t.Error("expected no update action when already at target") + } + } + + output := out.String() + + // Verify success message + if !strings.Contains(output, "Cluster is already at target topology") { + t.Error("expected output to indicate cluster is already at target") + } + if !strings.Contains(output, "No transition needed") { + t.Error("expected output to indicate no transition needed") + } + + // Verify validation was NOT run + if strings.Contains(output, "Running preflight validation") { + t.Error("expected validation to be skipped when already at target") + } +} diff --git a/vendor/github.com/emicklei/go-restful/v3/.travis.yml b/vendor/github.com/emicklei/go-restful/v3/.travis.yml deleted file mode 100644 index 3a0bf5ff1b..0000000000 --- a/vendor/github.com/emicklei/go-restful/v3/.travis.yml +++ /dev/null @@ -1,13 +0,0 @@ -language: go - -go: - - 1.x - -before_install: - - go test -v - -script: - - go test -race -coverprofile=coverage.txt -covermode=atomic - -after_success: - - bash <(curl -s https://codecov.io/bash) \ No newline at end of file diff --git a/vendor/github.com/emicklei/go-restful/v3/CHANGES.md b/vendor/github.com/emicklei/go-restful/v3/CHANGES.md index 6f24dfff56..4fcd920abe 100644 --- a/vendor/github.com/emicklei/go-restful/v3/CHANGES.md +++ b/vendor/github.com/emicklei/go-restful/v3/CHANGES.md @@ -1,5 +1,9 @@ # Change history of go-restful +## [v3.13.0] - 2025-08-14 + +- optimize performance of path matching in CurlyRouter ( thanks @wenhuang, Wen Huang) + ## [v3.12.2] - 2025-02-21 - allow empty payloads in post,put,patch, issue #580 ( thanks @liggitt, Jordan Liggitt) diff --git a/vendor/github.com/emicklei/go-restful/v3/README.md b/vendor/github.com/emicklei/go-restful/v3/README.md index 3fb40d1980..50a79ab692 100644 --- a/vendor/github.com/emicklei/go-restful/v3/README.md +++ b/vendor/github.com/emicklei/go-restful/v3/README.md @@ -84,6 +84,7 @@ func (u UserResource) findUser(request *restful.Request, response *restful.Respo - Configurable (trace) logging - Customizable gzip/deflate readers and writers using CompressorProvider registration - Inject your own http.Handler using the `HttpMiddlewareHandlerToFilter` function +- Added `SetPathTokenCacheEnabled` and `SetCustomVerbCacheEnabled` to disable regexp caching (default=true) ## How to customize There are several hooks to customize the behavior of the go-restful package. diff --git a/vendor/github.com/emicklei/go-restful/v3/curly.go b/vendor/github.com/emicklei/go-restful/v3/curly.go index 6fd2bcd5a1..eec43bfd06 100644 --- a/vendor/github.com/emicklei/go-restful/v3/curly.go +++ b/vendor/github.com/emicklei/go-restful/v3/curly.go @@ -9,11 +9,35 @@ import ( "regexp" "sort" "strings" + "sync" ) // CurlyRouter expects Routes with paths that contain zero or more parameters in curly brackets. type CurlyRouter struct{} +var ( + regexCache sync.Map // Cache for compiled regex patterns + pathTokenCacheEnabled = true // Enable/disable path token regex caching +) + +// SetPathTokenCacheEnabled enables or disables path token regex caching for CurlyRouter. +// When disabled, regex patterns will be compiled on every request. +// When enabled (default), compiled regex patterns are cached for better performance. +func SetPathTokenCacheEnabled(enabled bool) { + pathTokenCacheEnabled = enabled +} + +// getCachedRegexp retrieves a compiled regex from the cache if found and valid. +// Returns the regex and true if found and valid, nil and false otherwise. +func getCachedRegexp(cache *sync.Map, pattern string) (*regexp.Regexp, bool) { + if cached, found := cache.Load(pattern); found { + if regex, ok := cached.(*regexp.Regexp); ok { + return regex, true + } + } + return nil, false +} + // SelectRoute is part of the Router interface and returns the best match // for the WebService and its Route for the given Request. func (c CurlyRouter) SelectRoute( @@ -113,8 +137,28 @@ func (c CurlyRouter) regularMatchesPathToken(routeToken string, colon int, reque } return true, true } - matched, err := regexp.MatchString(regPart, requestToken) - return (matched && err == nil), false + + // Check cache first (if enabled) + if pathTokenCacheEnabled { + if regex, found := getCachedRegexp(®exCache, regPart); found { + matched := regex.MatchString(requestToken) + return matched, false + } + } + + // Compile the regex + regex, err := regexp.Compile(regPart) + if err != nil { + return false, false + } + + // Cache the regex (if enabled) + if pathTokenCacheEnabled { + regexCache.Store(regPart, regex) + } + + matched := regex.MatchString(requestToken) + return matched, false } var jsr311Router = RouterJSR311{} @@ -168,7 +212,7 @@ func (c CurlyRouter) computeWebserviceScore(requestTokens []string, routeTokens if matchesToken { score++ // extra score for regex match } - } + } } else { // not a parameter if eachRequestToken != eachRouteToken { diff --git a/vendor/github.com/emicklei/go-restful/v3/custom_verb.go b/vendor/github.com/emicklei/go-restful/v3/custom_verb.go index bfc17efde8..0b98eeb091 100644 --- a/vendor/github.com/emicklei/go-restful/v3/custom_verb.go +++ b/vendor/github.com/emicklei/go-restful/v3/custom_verb.go @@ -1,14 +1,28 @@ package restful +// Copyright 2025 Ernest Micklei. All rights reserved. +// Use of this source code is governed by a license +// that can be found in the LICENSE file. + import ( "fmt" "regexp" + "sync" ) var ( - customVerbReg = regexp.MustCompile(":([A-Za-z]+)$") + customVerbReg = regexp.MustCompile(":([A-Za-z]+)$") + customVerbCache sync.Map // Cache for compiled custom verb regexes + customVerbCacheEnabled = true // Enable/disable custom verb regex caching ) +// SetCustomVerbCacheEnabled enables or disables custom verb regex caching. +// When disabled, custom verb regex patterns will be compiled on every request. +// When enabled (default), compiled custom verb regex patterns are cached for better performance. +func SetCustomVerbCacheEnabled(enabled bool) { + customVerbCacheEnabled = enabled +} + func hasCustomVerb(routeToken string) bool { return customVerbReg.MatchString(routeToken) } @@ -20,7 +34,23 @@ func isMatchCustomVerb(routeToken string, pathToken string) bool { } customVerb := rs[1] - specificVerbReg := regexp.MustCompile(fmt.Sprintf(":%s$", customVerb)) + regexPattern := fmt.Sprintf(":%s$", customVerb) + + // Check cache first (if enabled) + if customVerbCacheEnabled { + if specificVerbReg, found := getCachedRegexp(&customVerbCache, regexPattern); found { + return specificVerbReg.MatchString(pathToken) + } + } + + // Compile the regex + specificVerbReg := regexp.MustCompile(regexPattern) + + // Cache the regex (if enabled) + if customVerbCacheEnabled { + customVerbCache.Store(regexPattern, specificVerbReg) + } + return specificVerbReg.MatchString(pathToken) } diff --git a/vendor/github.com/emicklei/go-restful/v3/doc.go b/vendor/github.com/emicklei/go-restful/v3/doc.go index 69b13057d0..80809225b8 100644 --- a/vendor/github.com/emicklei/go-restful/v3/doc.go +++ b/vendor/github.com/emicklei/go-restful/v3/doc.go @@ -1,7 +1,7 @@ /* Package restful , a lean package for creating REST-style WebServices without magic. -WebServices and Routes +### WebServices and Routes A WebService has a collection of Route objects that dispatch incoming Http Requests to a function calls. Typically, a WebService has a root path (e.g. /users) and defines common MIME types for its routes. @@ -30,14 +30,14 @@ The (*Request, *Response) arguments provide functions for reading information fr See the example https://github.com/emicklei/go-restful/blob/v3/examples/user-resource/restful-user-resource.go with a full implementation. -Regular expression matching Routes +### Regular expression matching Routes A Route parameter can be specified using the format "uri/{var[:regexp]}" or the special version "uri/{var:*}" for matching the tail of the path. For example, /persons/{name:[A-Z][A-Z]} can be used to restrict values for the parameter "name" to only contain capital alphabetic characters. Regular expressions must use the standard Go syntax as described in the regexp package. (https://code.google.com/p/re2/wiki/Syntax) This feature requires the use of a CurlyRouter. -Containers +### Containers A Container holds a collection of WebServices, Filters and a http.ServeMux for multiplexing http requests. Using the statements "restful.Add(...) and restful.Filter(...)" will register WebServices and Filters to the Default Container. @@ -47,7 +47,7 @@ You can create your own Container and create a new http.Server for that particul container := restful.NewContainer() server := &http.Server{Addr: ":8081", Handler: container} -Filters +### Filters A filter dynamically intercepts requests and responses to transform or use the information contained in the requests or responses. You can use filters to perform generic logging, measurement, authentication, redirect, set response headers etc. @@ -60,22 +60,21 @@ Use the following statement to pass the request,response pair to the next filter chain.ProcessFilter(req, resp) -Container Filters +### Container Filters These are processed before any registered WebService. // install a (global) filter for the default container (processed before any webservice) restful.Filter(globalLogging) -WebService Filters +### WebService Filters These are processed before any Route of a WebService. // install a webservice filter (processed before any route) ws.Filter(webserviceLogging).Filter(measureTime) - -Route Filters +### Route Filters These are processed before calling the function associated with the Route. @@ -84,7 +83,7 @@ These are processed before calling the function associated with the Route. See the example https://github.com/emicklei/go-restful/blob/v3/examples/filters/restful-filters.go with full implementations. -Response Encoding +### Response Encoding Two encodings are supported: gzip and deflate. To enable this for all responses: @@ -95,20 +94,20 @@ Alternatively, you can create a Filter that performs the encoding and install it See the example https://github.com/emicklei/go-restful/blob/v3/examples/encoding/restful-encoding-filter.go -OPTIONS support +### OPTIONS support By installing a pre-defined container filter, your Webservice(s) can respond to the OPTIONS Http request. Filter(OPTIONSFilter()) -CORS +### CORS By installing the filter of a CrossOriginResourceSharing (CORS), your WebService(s) can handle CORS requests. cors := CrossOriginResourceSharing{ExposeHeaders: []string{"X-My-Header"}, CookiesAllowed: false, Container: DefaultContainer} Filter(cors.Filter) -Error Handling +### Error Handling Unexpected things happen. If a request cannot be processed because of a failure, your service needs to tell via the response what happened and why. For this reason HTTP status codes exist and it is important to use the correct code in every exceptional situation. @@ -137,11 +136,11 @@ The request does not have or has an unknown Accept Header set for this operation The request does not have or has an unknown Content-Type Header set for this operation. -ServiceError +### ServiceError In addition to setting the correct (error) Http status code, you can choose to write a ServiceError message on the response. -Performance options +### Performance options This package has several options that affect the performance of your service. It is important to understand them and how you can change it. @@ -156,30 +155,27 @@ Default value is true If content encoding is enabled then the default strategy for getting new gzip/zlib writers and readers is to use a sync.Pool. Because writers are expensive structures, performance is even more improved when using a preloaded cache. You can also inject your own implementation. -Trouble shooting +### Trouble shooting This package has the means to produce detail logging of the complete Http request matching process and filter invocation. Enabling this feature requires you to set an implementation of restful.StdLogger (e.g. log.Logger) instance such as: restful.TraceLogger(log.New(os.Stdout, "[restful] ", log.LstdFlags|log.Lshortfile)) -Logging +### Logging The restful.SetLogger() method allows you to override the logger used by the package. By default restful uses the standard library `log` package and logs to stdout. Different logging packages are supported as long as they conform to `StdLogger` interface defined in the `log` sub-package, writing an adapter for your preferred package is simple. -Resources +### Resources -[project]: https://github.com/emicklei/go-restful +(c) 2012-2025, http://ernestmicklei.com. MIT License +[project]: https://github.com/emicklei/go-restful [examples]: https://github.com/emicklei/go-restful/blob/master/examples - -[design]: http://ernestmicklei.com/2012/11/11/go-restful-api-design/ - +[design]: http://ernestmicklei.com/2012/11/11/go-restful-api-design/ [showcases]: https://github.com/emicklei/mora, https://github.com/emicklei/landskape - -(c) 2012-2015, http://ernestmicklei.com. MIT License */ package restful diff --git a/vendor/github.com/go-openapi/swag/.codecov.yml b/vendor/github.com/go-openapi/swag/.codecov.yml new file mode 100644 index 0000000000..3354f44b28 --- /dev/null +++ b/vendor/github.com/go-openapi/swag/.codecov.yml @@ -0,0 +1,4 @@ +ignore: + - jsonutils/fixtures_test + - jsonutils/adapters/ifaces/mocks + - jsonutils/adapters/testintegration/benchmarks diff --git a/vendor/github.com/go-openapi/swag/.golangci.yml b/vendor/github.com/go-openapi/swag/.golangci.yml index 80e2be0042..126264a6b8 100644 --- a/vendor/github.com/go-openapi/swag/.golangci.yml +++ b/vendor/github.com/go-openapi/swag/.golangci.yml @@ -1,60 +1,78 @@ -linters-settings: - govet: - check-shadowing: true - golint: - min-confidence: 0 - gocyclo: - min-complexity: 45 - maligned: - suggest-new: true - dupl: - threshold: 200 - goconst: - min-len: 3 - min-occurrences: 3 - +version: "2" linters: - enable-all: true + default: all disable: - - maligned - - lll - - gochecknoinits - - gochecknoglobals + - cyclop + - depguard + - errchkjson + - errorlint + - exhaustruct + - forcetypeassert - funlen - - godox + - gochecknoglobals + - gochecknoinits - gocognit - - whitespace - - wsl - - wrapcheck - - testpackage - - nlreturn - - gomnd - - exhaustivestruct - - goerr113 - - errorlint - - nestif - godot - - gofumpt + - godox + - gomoddirectives + - gosmopolitan + - inamedparam + - intrange + - ireturn + - lll + - musttag + - modernize + - nestif + - nlreturn + - nonamedreturns + - noinlineerr - paralleltest - - tparallel + - recvcheck + - testpackage - thelper - - ifshort - - exhaustruct + - tagliatelle + - tparallel + - unparam - varnamelen - - gci - - depguard - - errchkjson - - inamedparam - - nonamedreturns - - musttag - - ireturn - - forcetypeassert - - cyclop - # deprecated linters - - deadcode - - interfacer - - scopelint - - varcheck - - structcheck - - golint - - nosnakecase + - whitespace + - wrapcheck + - wsl + - wsl_v5 + settings: + dupl: + threshold: 200 + goconst: + min-len: 2 + min-occurrences: 3 + gocyclo: + min-complexity: 45 + exclusions: + generated: lax + presets: + - comments + - common-false-positives + - legacy + - std-error-handling + paths: + - third_party$ + - builtin$ + - examples$ +formatters: + enable: + - gofmt + - goimports + exclusions: + generated: lax + paths: + - third_party$ + - builtin$ + - examples$ +issues: + # Maximum issues count per one linter. + # Set to 0 to disable. + # Default: 50 + max-issues-per-linter: 0 + # Maximum count of issues with the same text. + # Set to 0 to disable. + # Default: 3 + max-same-issues: 0 diff --git a/vendor/github.com/go-openapi/swag/.mockery.yml b/vendor/github.com/go-openapi/swag/.mockery.yml new file mode 100644 index 0000000000..8557cb58d3 --- /dev/null +++ b/vendor/github.com/go-openapi/swag/.mockery.yml @@ -0,0 +1,30 @@ +all: false +dir: '{{.InterfaceDir}}' +filename: mocks_test.go +force-file-write: true +formatter: goimports +include-auto-generated: false +log-level: info +structname: '{{.Mock}}{{.InterfaceName}}' +pkgname: '{{.SrcPackageName}}' +recursive: false +require-template-schema-exists: true +template: matryer +template-schema: '{{.Template}}.schema.json' +packages: + github.com/go-openapi/swag/jsonutils/adapters/ifaces: + config: + dir: jsonutils/adapters/ifaces/mocks + filename: mocks.go + pkgname: 'mocks' + force-file-write: true + all: true + github.com/go-openapi/swag/jsonutils/adapters/testintegration: + config: + inpackage: true + dir: jsonutils/adapters/testintegration + force-file-write: true + all: true + interfaces: + EJMarshaler: + EJUnmarshaler: diff --git a/vendor/github.com/go-openapi/swag/README.md b/vendor/github.com/go-openapi/swag/README.md index a729222998..371fd55fdc 100644 --- a/vendor/github.com/go-openapi/swag/README.md +++ b/vendor/github.com/go-openapi/swag/README.md @@ -1,23 +1,239 @@ # Swag [![Build Status](https://github.com/go-openapi/swag/actions/workflows/go-test.yml/badge.svg)](https://github.com/go-openapi/swag/actions?query=workflow%3A"go+test") [![codecov](https://codecov.io/gh/go-openapi/swag/branch/master/graph/badge.svg)](https://codecov.io/gh/go-openapi/swag) [![Slack Status](https://slackin.goswagger.io/badge.svg)](https://slackin.goswagger.io) -[![license](http://img.shields.io/badge/license-Apache%20v2-orange.svg)](https://raw.githubusercontent.com/go-openapi/swag/master/LICENSE) +[![license](https://img.shields.io/badge/license-Apache%20v2-orange.svg)](https://raw.githubusercontent.com/go-openapi/swag/master/LICENSE) [![Go Reference](https://pkg.go.dev/badge/github.com/go-openapi/swag.svg)](https://pkg.go.dev/github.com/go-openapi/swag) [![Go Report Card](https://goreportcard.com/badge/github.com/go-openapi/swag)](https://goreportcard.com/report/github.com/go-openapi/swag) -Contains a bunch of helper functions for go-openapi and go-swagger projects. +Package `swag` contains a bunch of helper functions for go-openapi and go-swagger projects. You may also use it standalone for your projects. -* convert between value and pointers for builtin types -* convert from string to builtin types (wraps strconv) -* fast json concatenation -* search in path -* load from file or http -* name mangling +> **NOTE** +> `swag` is one of the foundational building blocks of the go-openapi initiative. +> Most repositories in `github.com/go-openapi/...` depend on it in some way. +> And so does our CLI tool `github.com/go-swagger/go-swagger`, +> as well as the code generated by this tool. +* [Contents](#contents) +* [Dependencies](#dependencies) +* [Release Notes](#release-notes) +* [Licensing](#licensing) +* [Note to contributors](#note-to-contributors) +* [TODOs, suggestions and plans](#todos-suggestions-and-plans) -This repo has only few dependencies outside of the standard library: +## Contents -* YAML utilities depend on `gopkg.in/yaml.v3` -* `github.com/mailru/easyjson v0.7.7` +`go-openapi/swag` exposes a collection of relatively independent modules. + +Moving forward, no additional feature will be added to the `swag` API directly at the root package level, +which remains there for backward-compatibility purposes. All exported top-level features are now deprecated. + +Child modules will continue to evolve and some new ones may be added in the future. + +| Module | Content | Main features | +|---------------|---------|---------------| +| `cmdutils` | utilities to work with CLIs || +| `conv` | type conversion utilities | convert between values and pointers for any types
convert from string to builtin types (wraps `strconv`)
require `./typeutils` (test dependency)
| +| `fileutils` | file utilities | | +| `jsonname` | JSON utilities | infer JSON names from `go` properties
| +| `jsonutils` | JSON utilities | fast json concatenation
read and write JSON from and to dynamic `go` data structures
~require `github.com/mailru/easyjson`~
| +| `loading` | file loading | load from file or http
require `./yamlutils`
| +| `mangling` | safe name generation | name mangling for `go`
| +| `netutils` | networking utilities | host, port from address
| +| `stringutils` | `string` utilities | search in slice (with case-insensitive)
split/join query parameters as arrays
| +| `typeutils` | `go` types utilities | check the zero value for any type
safe check for a nil value
| +| `yamlutils` | YAML utilities | converting YAML to JSON
loading YAML into a dynamic YAML document
maintaining the original order of keys in YAML objects
require `./jsonutils`
~require `github.com/mailru/easyjson`~
require `go.yaml.in/yaml/v3`
| + +--- + +## Dependencies + +The root module `github.com/go-openapi/swag` at the repo level maintains a few +dependencies outside of the standard library. + +* YAML utilities depend on `go.yaml.in/yaml/v3` +* JSON utilities depend on their registered adapter module: + * by default, only the standard library is used + * `github.com/mailru/easyjson` is now only a dependency for module + `github.com/go-openapi/swag/jsonutils/adapters/easyjson/json`, + for users willing to import that module. + * integration tests and benchmarks use all the dependencies are published as their own module +* other dependencies are test dependencies drawn from `github.com/stretchr/testify` + +## Release notes + +### v0.25.4 + +** mangling** + +Bug fix + +* [x] mangler may panic with pluralized overlapping initialisms + +Tests + +* [x] introduced fuzz tests + +### v0.25.3 + +** mangling** + +Bug fix + +* [x] mangler may panic with pluralized initialisms + +### v0.25.2 + +Minor changes due to internal maintenance that don't affect the behavior of the library. + +* [x] removed indirect test dependencies by switching all tests to `go-openapi/testify`, + a fork of `stretch/testify` with zero-dependencies. +* [x] improvements to CI to catch test reports. +* [x] modernized licensing annotations in source code, using the more compact SPDX annotations + rather than the full license terms. +* [x] simplified a bit JSON & YAML testing by using newly available assertions +* started the journey to an OpenSSF score card badge: + * [x] explicited permissions in CI workflows + * [x] published security policy + * pinned dependencies to github actions + * introduced fuzzing in tests + +### v0.25.1 + +* fixes a data race that could occur when using the standard library implementation of a JSON ordered map + +### v0.25.0 + +**New with this release**: + +* requires `go1.24`, as iterators are being introduced +* removes the dependency to `mailru/easyjson` by default (#68) + * functionality remains the same, but performance may somewhat degrade for applications + that relied on `easyjson` + * users of the JSON or YAML utilities who want to use `easyjson` as their preferred JSON serializer library + will be able to do so by registering this the corresponding JSON adapter at runtime. See below. + * ordered keys in JSON and YAML objects: this feature used to rely solely on `easyjson`. + With this release, an implementation relying on the standard `encoding/json` is provided. + * an independent [benchmark](./jsonutils/adapters/testintegration/benchmarks/README.md) to compare the different adapters +* improves the "float is integer" check (`conv.IsFloat64AJSONInteger`) (#59) +* removes the _direct_ dependency to `gopkg.in/yaml.v3` (indirect dependency is still incurred through `stretchr/testify`) (#127) +* exposed `conv.IsNil()` (previously kept private): a safe nil check (accounting for the "non-nil interface with nil value" nonsensical go trick) + +**What coming next?** + +Moving forward, we want to : +* provide an implementation of the JSON adapter based on `encoding/json/v2`, for `go1.25` builds. +* provide similar implementations for `goccy/go-json` and `jsoniterator/go`, and perhaps some other + similar libraries may be interesting too. + + +**How to explicitly register a dependency at runtime**? + +The following would maintain how JSON utilities proposed by `swag` used work, up to `v0.24.1`. + + ```go + import ( + "github.com/go-openapi/swag/jsonutils/adapters" + easyjson "github.com/go-openapi/swag/jsonutils/adapters/easyjson/json" + ) + + func init() { + easyjson.Register(adapters.Registry) + } + ``` + +Subsequent calls to `jsonutils.ReadJSON()` or `jsonutils.WriteJSON()` will switch to `easyjson` +whenever the passed data structures implement the `easyjson.Unmarshaler` or `easyjson.Marshaler` respectively, +or fallback to the standard library. + +For more details, you may also look at our +[integration tests](jsonutils/adapters/testintegration/integration_suite_test.go#29). + +### v0.24.0 + +With this release, we have largely modernized the API of `swag`: + +* The traditional `swag` API is still supported: code that imports `swag` will still + compile and work the same. +* A deprecation notice is published to encourage consumers of this library to adopt + the newer API +* **Deprecation notice** + * configuration through global variables is now deprecated, in favor of options passed as parameters + * all helper functions are moved to more specialized packages, which are exposed as + go modules. Importing such a module would reduce the footprint of dependencies. + * _all_ functions, variables, constants exposed by the deprecated API have now moved, so + that consumers of the new API no longer need to import github.com/go-openapi/swag, but + should import the desired sub-module(s). + +**New with this release**: + +* [x] type converters and pointer to value helpers now support generic types +* [x] name mangling now support pluralized initialisms (issue #46) + Strings like "contact IDs" are now recognized as such a plural form and mangled as a linter would expect. +* [x] performance: small improvements to reduce the overhead of convert/format wrappers (see issues #110, or PR #108) +* [x] performance: name mangling utilities run ~ 10% faster (PR #115) + +--- + +## Licensing + +This library ships under the [SPDX-License-Identifier: Apache-2.0](./LICENSE). + +## Note to contributors + +A mono-repo structure comes with some unavoidable extra pains... + +* Testing + +> The usual `go test ./...` command, run from the root of this repo won't work any longer to test all submodules. +> +> Each module constitutes an independant unit of test. So you have to run `go test` inside each module. +> Or you may take a look at how this is achieved by CI +> [here] https://github.com/go-openapi/swag/blob/master/.github/workflows/go-test.yml). +> +> There are also some alternative tricks using `go work`, for local development, if you feel comfortable with +> go workspaces. Perhaps some day, we'll have a `go work test` to run all tests without any hack. + +* Releasing + +> Each module follows its own independant module versioning. +> +> So you have tags like `mangling/v0.24.0`, `fileutils/v0.24.0` etc that are used by `go mod` and `go get` +> to refer to the tagged version of each module specifically. +> +> This means we may release patches etc to each module independently. +> +> We'd like to adopt the rule that modules in this repo would only differ by a patch version +> (e.g. `v0.24.5` vs `v0.24.3`), and we'll level all modules whenever a minor version is introduced. +> +> A script in `./hack` is provided to tag all modules with the same version in one go. + +* Continuous integration + +> At this moment, all tests in all modules are systematically run over the full test matrix (3 platform x 2 go releases). +> This generates quite a lot of jobs. +> +> We ought to reduce the number of jobs required to test a PR focused on only a few modules. + +## Todos, suggestions and plans + +All kinds of contributions are welcome. + +A few ideas: + +* [x] Complete the split of dependencies to isolate easyjson from the rest +* [x] Improve CI to reduce needed tests +* [x] Replace dependency to `gopkg.in/yaml.v3` (`yamlutil`) +* [ ] Improve mangling utilities (improve readability, support for capitalized words, + better word substitution for non-letter symbols...) +* [ ] Move back to this common shared pot a few of the technical features introduced by go-swagger independently + (e.g. mangle go package names, search package with go modules support, ...) +* [ ] Apply a similar mono-repo approach to go-openapi/strfmt which suffer from similar woes: bloated API, + imposed dependency to some database driver. +* [ ] Adapt `go-swagger` (incl. generated code) to the new `swag` API. +* [ ] Factorize some tests, as there is a lot of redundant testing code in `jsonutils` +* [ ] Benchmark & profiling: publish independently the tool built to analyze and chart benchmarks (e.g. similar to `benchvisual`) +* [ ] more thorough testing for nil / null case +* [ ] ci pipeline to manage releases +* [ ] cleaner mockery generation (doesn't work out of the box for all sub-modules) diff --git a/vendor/github.com/go-openapi/swag/SECURITY.md b/vendor/github.com/go-openapi/swag/SECURITY.md new file mode 100644 index 0000000000..72296a8313 --- /dev/null +++ b/vendor/github.com/go-openapi/swag/SECURITY.md @@ -0,0 +1,19 @@ +# Security Policy + +This policy outlines the commitment and practices of the go-openapi maintainers regarding security. + +## Supported Versions + +| Version | Supported | +| ------- | ------------------ | +| 0.25.x | :white_check_mark: | + +## Reporting a vulnerability + +If you become aware of a security vulnerability that affects the current repository, +please report it privately to the maintainers. + +Please follow the instructions provided by github to +[Privately report a security vulnerability](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/privately-reporting-a-security-vulnerability#privately-reporting-a-security-vulnerability). + +TL;DR: on Github, navigate to the project's "Security" tab then click on "Report a vulnerability". diff --git a/vendor/github.com/go-openapi/swag/cmdutils/LICENSE b/vendor/github.com/go-openapi/swag/cmdutils/LICENSE new file mode 100644 index 0000000000..d645695673 --- /dev/null +++ b/vendor/github.com/go-openapi/swag/cmdutils/LICENSE @@ -0,0 +1,202 @@ + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/vendor/github.com/go-openapi/swag/cmdutils/cmd_utils.go b/vendor/github.com/go-openapi/swag/cmdutils/cmd_utils.go new file mode 100644 index 0000000000..6c7bbb26f0 --- /dev/null +++ b/vendor/github.com/go-openapi/swag/cmdutils/cmd_utils.go @@ -0,0 +1,13 @@ +// SPDX-FileCopyrightText: Copyright 2015-2025 go-swagger maintainers +// SPDX-License-Identifier: Apache-2.0 + +package cmdutils + +// CommandLineOptionsGroup represents a group of user-defined command line options. +// +// This is for instance used to configure command line arguments in API servers generated by go-swagger. +type CommandLineOptionsGroup struct { + ShortDescription string + LongDescription string + Options any +} diff --git a/vendor/github.com/go-openapi/swag/cmdutils/doc.go b/vendor/github.com/go-openapi/swag/cmdutils/doc.go new file mode 100644 index 0000000000..31f2c37538 --- /dev/null +++ b/vendor/github.com/go-openapi/swag/cmdutils/doc.go @@ -0,0 +1,5 @@ +// SPDX-FileCopyrightText: Copyright 2015-2025 go-swagger maintainers +// SPDX-License-Identifier: Apache-2.0 + +// Package cmdutils brings helpers for CLIs produced by go-openapi +package cmdutils diff --git a/vendor/github.com/go-openapi/swag/cmdutils_iface.go b/vendor/github.com/go-openapi/swag/cmdutils_iface.go new file mode 100644 index 0000000000..bd0c1fc128 --- /dev/null +++ b/vendor/github.com/go-openapi/swag/cmdutils_iface.go @@ -0,0 +1,11 @@ +// SPDX-FileCopyrightText: Copyright 2015-2025 go-swagger maintainers +// SPDX-License-Identifier: Apache-2.0 + +package swag + +import "github.com/go-openapi/swag/cmdutils" + +// CommandLineOptionsGroup represents a group of user-defined command line options. +// +// Deprecated: use [cmdutils.CommandLineOptionsGroup] instead. +type CommandLineOptionsGroup = cmdutils.CommandLineOptionsGroup diff --git a/vendor/github.com/go-openapi/swag/conv/LICENSE b/vendor/github.com/go-openapi/swag/conv/LICENSE new file mode 100644 index 0000000000..d645695673 --- /dev/null +++ b/vendor/github.com/go-openapi/swag/conv/LICENSE @@ -0,0 +1,202 @@ + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/vendor/github.com/go-openapi/swag/conv/convert.go b/vendor/github.com/go-openapi/swag/conv/convert.go new file mode 100644 index 0000000000..f205c39134 --- /dev/null +++ b/vendor/github.com/go-openapi/swag/conv/convert.go @@ -0,0 +1,161 @@ +// SPDX-FileCopyrightText: Copyright 2015-2025 go-swagger maintainers +// SPDX-License-Identifier: Apache-2.0 + +package conv + +import ( + "math" + "strconv" + "strings" +) + +// same as ECMA Number.MAX_SAFE_INTEGER and Number.MIN_SAFE_INTEGER +const ( + maxJSONFloat = float64(1<<53 - 1) // 9007199254740991.0 2^53 - 1 + minJSONFloat = -float64(1<<53 - 1) //-9007199254740991.0 -2^53 - 1 + epsilon float64 = 1e-9 +) + +// IsFloat64AJSONInteger allows for integers [-2^53, 2^53-1] inclusive. +func IsFloat64AJSONInteger(f float64) bool { + if math.IsNaN(f) || math.IsInf(f, 0) || f < minJSONFloat || f > maxJSONFloat { + return false + } + rounded := math.Round(f) + if f == rounded { + return true + } + if rounded == 0 { // f = 0.0 exited above + return false + } + + diff := math.Abs(f - rounded) + if diff == 0 { + return true + } + + // relative error Abs{f - Round(f)) / Round(f)} < ε ; Round(f) + return diff < epsilon*math.Abs(rounded) +} + +// ConvertFloat turns a string into a float numerical value. +func ConvertFloat[T Float](str string) (T, error) { + var v T + f, err := strconv.ParseFloat(str, bitsize(v)) + if err != nil { + return 0, err + } + + return T(f), nil +} + +// ConvertInteger turns a string into a signed integer. +func ConvertInteger[T Signed](str string) (T, error) { + var v T + f, err := strconv.ParseInt(str, 10, bitsize(v)) + if err != nil { + return 0, err + } + + return T(f), nil +} + +// ConvertUinteger turns a string into an unsigned integer. +func ConvertUinteger[T Unsigned](str string) (T, error) { + var v T + f, err := strconv.ParseUint(str, 10, bitsize(v)) + if err != nil { + return 0, err + } + + return T(f), nil +} + +// ConvertBool turns a string into a boolean. +// +// It supports a few more "true" strings than [strconv.ParseBool]: +// +// - it is not case sensitive ("trUe" or "FalsE" work) +// - "ok", "yes", "y", "on", "selected", "checked", "enabled" are all true +// - everything that is not true is false: there is never an actual error returned +func ConvertBool(str string) (bool, error) { + switch strings.ToLower(str) { + case "true", + "1", + "yes", + "ok", + "y", + "on", + "selected", + "checked", + "t", + "enabled": + return true, nil + default: + return false, nil + } +} + +// ConvertFloat32 turns a string into a float32. +func ConvertFloat32(str string) (float32, error) { return ConvertFloat[float32](str) } + +// ConvertFloat64 turns a string into a float64 +func ConvertFloat64(str string) (float64, error) { return ConvertFloat[float64](str) } + +// ConvertInt8 turns a string into an int8 +func ConvertInt8(str string) (int8, error) { return ConvertInteger[int8](str) } + +// ConvertInt16 turns a string into an int16 +func ConvertInt16(str string) (int16, error) { + i, err := strconv.ParseInt(str, 10, 16) + if err != nil { + return 0, err + } + return int16(i), nil +} + +// ConvertInt32 turns a string into an int32 +func ConvertInt32(str string) (int32, error) { + i, err := strconv.ParseInt(str, 10, 32) + if err != nil { + return 0, err + } + return int32(i), nil +} + +// ConvertInt64 turns a string into an int64 +func ConvertInt64(str string) (int64, error) { + return strconv.ParseInt(str, 10, 64) +} + +// ConvertUint8 turns a string into an uint8 +func ConvertUint8(str string) (uint8, error) { + i, err := strconv.ParseUint(str, 10, 8) + if err != nil { + return 0, err + } + return uint8(i), nil +} + +// ConvertUint16 turns a string into an uint16 +func ConvertUint16(str string) (uint16, error) { + i, err := strconv.ParseUint(str, 10, 16) + if err != nil { + return 0, err + } + return uint16(i), nil +} + +// ConvertUint32 turns a string into an uint32 +func ConvertUint32(str string) (uint32, error) { + i, err := strconv.ParseUint(str, 10, 32) + if err != nil { + return 0, err + } + return uint32(i), nil +} + +// ConvertUint64 turns a string into an uint64 +func ConvertUint64(str string) (uint64, error) { + return strconv.ParseUint(str, 10, 64) +} diff --git a/vendor/github.com/go-openapi/swag/conv/convert_types.go b/vendor/github.com/go-openapi/swag/conv/convert_types.go new file mode 100644 index 0000000000..cf4c6495eb --- /dev/null +++ b/vendor/github.com/go-openapi/swag/conv/convert_types.go @@ -0,0 +1,72 @@ +// SPDX-FileCopyrightText: Copyright 2015-2025 go-swagger maintainers +// SPDX-License-Identifier: Apache-2.0 + +package conv + +// Unlicensed credits (idea, concept) +// +// The idea to convert values to pointers and the other way around, was inspired, eons ago, by the aws go sdk. +// +// Nowadays, all sensible API sdk's expose a similar functionality. + +// Pointer returns a pointer to the value passed in. +func Pointer[T any](v T) *T { + return &v +} + +// Value returns a shallow copy of the value of the pointer passed in. +// +// If the pointer is nil, the returned value is the zero value. +func Value[T any](v *T) T { + if v != nil { + return *v + } + + var zero T + return zero +} + +// PointerSlice converts a slice of values into a slice of pointers. +func PointerSlice[T any](src []T) []*T { + dst := make([]*T, len(src)) + for i := 0; i < len(src); i++ { + dst[i] = &(src[i]) + } + return dst +} + +// ValueSlice converts a slice of pointers into a slice of values. +// +// nil elements are zero values. +func ValueSlice[T any](src []*T) []T { + dst := make([]T, len(src)) + for i := 0; i < len(src); i++ { + if src[i] != nil { + dst[i] = *(src[i]) + } + } + return dst +} + +// PointerMap converts a map of values into a map of pointers. +func PointerMap[K comparable, T any](src map[K]T) map[K]*T { + dst := make(map[K]*T) + for k, val := range src { + v := val + dst[k] = &v + } + return dst +} + +// ValueMap converts a map of pointers into a map of values. +// +// nil elements are skipped. +func ValueMap[K comparable, T any](src map[K]*T) map[K]T { + dst := make(map[K]T) + for k, val := range src { + if val != nil { + dst[k] = *val + } + } + return dst +} diff --git a/vendor/github.com/go-openapi/swag/conv/doc.go b/vendor/github.com/go-openapi/swag/conv/doc.go new file mode 100644 index 0000000000..1bd6ead6e2 --- /dev/null +++ b/vendor/github.com/go-openapi/swag/conv/doc.go @@ -0,0 +1,15 @@ +// SPDX-FileCopyrightText: Copyright 2015-2025 go-swagger maintainers +// SPDX-License-Identifier: Apache-2.0 + +// Package conv exposes utilities to convert types. +// +// The Convert and Format families of functions are essentially a shorthand to [strconv] functions, +// using the decimal representation of numbers. +// +// Features: +// +// - from string representation to value ("Convert*") and reciprocally ("Format*") +// - from pointer to value ([Value]) and reciprocally ([Pointer]) +// - from slice of values to slice of pointers ([PointerSlice]) and reciprocally ([ValueSlice]) +// - from map of values to map of pointers ([PointerMap]) and reciprocally ([ValueMap]) +package conv diff --git a/vendor/github.com/go-openapi/swag/conv/format.go b/vendor/github.com/go-openapi/swag/conv/format.go new file mode 100644 index 0000000000..5b87b8e146 --- /dev/null +++ b/vendor/github.com/go-openapi/swag/conv/format.go @@ -0,0 +1,28 @@ +// SPDX-FileCopyrightText: Copyright 2015-2025 go-swagger maintainers +// SPDX-License-Identifier: Apache-2.0 + +package conv + +import ( + "strconv" +) + +// FormatInteger turns an integer type into a string. +func FormatInteger[T Signed](value T) string { + return strconv.FormatInt(int64(value), 10) +} + +// FormatUinteger turns an unsigned integer type into a string. +func FormatUinteger[T Unsigned](value T) string { + return strconv.FormatUint(uint64(value), 10) +} + +// FormatFloat turns a floating point numerical value into a string. +func FormatFloat[T Float](value T) string { + return strconv.FormatFloat(float64(value), 'f', -1, bitsize(value)) +} + +// FormatBool turns a boolean into a string. +func FormatBool(value bool) string { + return strconv.FormatBool(value) +} diff --git a/vendor/github.com/go-openapi/swag/conv/sizeof.go b/vendor/github.com/go-openapi/swag/conv/sizeof.go new file mode 100644 index 0000000000..4943465573 --- /dev/null +++ b/vendor/github.com/go-openapi/swag/conv/sizeof.go @@ -0,0 +1,20 @@ +// SPDX-FileCopyrightText: Copyright 2015-2025 go-swagger maintainers +// SPDX-License-Identifier: Apache-2.0 + +package conv + +import "unsafe" + +// bitsize returns the size in bits of a type. +// +// NOTE: [unsafe.SizeOf] simply returns the size in bytes of the value. +// For primitive types T, the generic stencil is precompiled and this value +// is resolved at compile time, resulting in an immediate call to [strconv.ParseFloat]. +// +// We may leave up to the go compiler to simplify this function into a +// constant value, which happens in practice at least for primitive types +// (e.g. numerical types). +func bitsize[T Numerical](value T) int { + const bitsPerByte = 8 + return int(unsafe.Sizeof(value)) * bitsPerByte +} diff --git a/vendor/github.com/go-openapi/swag/conv/type_constraints.go b/vendor/github.com/go-openapi/swag/conv/type_constraints.go new file mode 100644 index 0000000000..81135e827e --- /dev/null +++ b/vendor/github.com/go-openapi/swag/conv/type_constraints.go @@ -0,0 +1,29 @@ +// SPDX-FileCopyrightText: Copyright 2015-2025 go-swagger maintainers +// SPDX-License-Identifier: Apache-2.0 + +package conv + +type ( + // these type constraints are redefined after golang.org/x/exp/constraints, + // because importing that package causes an undesired go upgrade. + + // Signed integer types, cf. [golang.org/x/exp/constraints.Signed] + Signed interface { + ~int | ~int8 | ~int16 | ~int32 | ~int64 + } + + // Unsigned integer types, cf. [golang.org/x/exp/constraints.Unsigned] + Unsigned interface { + ~uint | ~uint8 | ~uint16 | ~uint32 | ~uint64 | ~uintptr + } + + // Float numerical types, cf. [golang.org/x/exp/constraints.Float] + Float interface { + ~float32 | ~float64 + } + + // Numerical types + Numerical interface { + Signed | Unsigned | Float + } +) diff --git a/vendor/github.com/go-openapi/swag/conv_iface.go b/vendor/github.com/go-openapi/swag/conv_iface.go new file mode 100644 index 0000000000..eea7b2e56e --- /dev/null +++ b/vendor/github.com/go-openapi/swag/conv_iface.go @@ -0,0 +1,486 @@ +// SPDX-FileCopyrightText: Copyright 2015-2025 go-swagger maintainers +// SPDX-License-Identifier: Apache-2.0 + +package swag + +import ( + "time" + + "github.com/go-openapi/swag/conv" +) + +// IsFloat64AJSONInteger allows for integers [-2^53, 2^53-1] inclusive. +// +// Deprecated: use [conv.IsFloat64AJSONInteger] instead. +func IsFloat64AJSONInteger(f float64) bool { return conv.IsFloat64AJSONInteger(f) } + +// ConvertBool turns a string into a boolean. +// +// Deprecated: use [conv.ConvertBool] instead. +func ConvertBool(str string) (bool, error) { return conv.ConvertBool(str) } + +// ConvertFloat32 turns a string into a float32. +// +// Deprecated: use [conv.ConvertFloat32] instead. Alternatively, you may use the generic version [conv.ConvertFloat]. +func ConvertFloat32(str string) (float32, error) { return conv.ConvertFloat[float32](str) } + +// ConvertFloat64 turns a string into a float64. +// +// Deprecated: use [conv.ConvertFloat64] instead. Alternatively, you may use the generic version [conv.ConvertFloat]. +func ConvertFloat64(str string) (float64, error) { return conv.ConvertFloat[float64](str) } + +// ConvertInt8 turns a string into an int8. +// +// Deprecated: use [conv.ConvertInt8] instead. Alternatively, you may use the generic version [conv.ConvertInteger]. +func ConvertInt8(str string) (int8, error) { return conv.ConvertInteger[int8](str) } + +// ConvertInt16 turns a string into an int16. +// +// Deprecated: use [conv.ConvertInt16] instead. Alternatively, you may use the generic version [conv.ConvertInteger]. +func ConvertInt16(str string) (int16, error) { return conv.ConvertInteger[int16](str) } + +// ConvertInt32 turns a string into an int32. +// +// Deprecated: use [conv.ConvertInt32] instead. Alternatively, you may use the generic version [conv.ConvertInteger]. +func ConvertInt32(str string) (int32, error) { return conv.ConvertInteger[int32](str) } + +// ConvertInt64 turns a string into an int64. +// +// Deprecated: use [conv.ConvertInt64] instead. Alternatively, you may use the generic version [conv.ConvertInteger]. +func ConvertInt64(str string) (int64, error) { return conv.ConvertInteger[int64](str) } + +// ConvertUint8 turns a string into an uint8. +// +// Deprecated: use [conv.ConvertUint8] instead. Alternatively, you may use the generic version [conv.ConvertUinteger]. +func ConvertUint8(str string) (uint8, error) { return conv.ConvertUinteger[uint8](str) } + +// ConvertUint16 turns a string into an uint16. +// +// Deprecated: use [conv.ConvertUint16] instead. Alternatively, you may use the generic version [conv.ConvertUinteger]. +func ConvertUint16(str string) (uint16, error) { return conv.ConvertUinteger[uint16](str) } + +// ConvertUint32 turns a string into an uint32. +// +// Deprecated: use [conv.ConvertUint32] instead. Alternatively, you may use the generic version [conv.ConvertUinteger]. +func ConvertUint32(str string) (uint32, error) { return conv.ConvertUinteger[uint32](str) } + +// ConvertUint64 turns a string into an uint64. +// +// Deprecated: use [conv.ConvertUint64] instead. Alternatively, you may use the generic version [conv.ConvertUinteger]. +func ConvertUint64(str string) (uint64, error) { return conv.ConvertUinteger[uint64](str) } + +// FormatBool turns a boolean into a string. +// +// Deprecated: use [conv.FormatBool] instead. +func FormatBool(value bool) string { return conv.FormatBool(value) } + +// FormatFloat32 turns a float32 into a string. +// +// Deprecated: use [conv.FormatFloat] instead. +func FormatFloat32(value float32) string { return conv.FormatFloat(value) } + +// FormatFloat64 turns a float64 into a string. +// +// Deprecated: use [conv.FormatFloat] instead. +func FormatFloat64(value float64) string { return conv.FormatFloat(value) } + +// FormatInt8 turns an int8 into a string. +// +// Deprecated: use [conv.FormatInteger] instead. +func FormatInt8(value int8) string { return conv.FormatInteger(value) } + +// FormatInt16 turns an int16 into a string. +// +// Deprecated: use [conv.FormatInteger] instead. +func FormatInt16(value int16) string { return conv.FormatInteger(value) } + +// FormatInt32 turns an int32 into a string +// +// Deprecated: use [conv.FormatInteger] instead. +func FormatInt32(value int32) string { return conv.FormatInteger(value) } + +// FormatInt64 turns an int64 into a string. +// +// Deprecated: use [conv.FormatInteger] instead. +func FormatInt64(value int64) string { return conv.FormatInteger(value) } + +// FormatUint8 turns an uint8 into a string. +// +// Deprecated: use [conv.FormatUinteger] instead. +func FormatUint8(value uint8) string { return conv.FormatUinteger(value) } + +// FormatUint16 turns an uint16 into a string. +// +// Deprecated: use [conv.FormatUinteger] instead. +func FormatUint16(value uint16) string { return conv.FormatUinteger(value) } + +// FormatUint32 turns an uint32 into a string. +// +// Deprecated: use [conv.FormatUinteger] instead. +func FormatUint32(value uint32) string { return conv.FormatUinteger(value) } + +// FormatUint64 turns an uint64 into a string. +// +// Deprecated: use [conv.FormatUinteger] instead. +func FormatUint64(value uint64) string { return conv.FormatUinteger(value) } + +// String turn a pointer to of the string value passed in. +// +// Deprecated: use [conv.Pointer] instead. +func String(v string) *string { return conv.Pointer(v) } + +// StringValue turn the value of the string pointer passed in or +// "" if the pointer is nil. +// +// Deprecated: use [conv.Value] instead. +func StringValue(v *string) string { return conv.Value(v) } + +// StringSlice converts a slice of string values into a slice of string pointers. +// +// Deprecated: use [conv.PointerSlice] instead. +func StringSlice(src []string) []*string { return conv.PointerSlice(src) } + +// StringValueSlice converts a slice of string pointers into a slice of string values. +// +// Deprecated: use [conv.ValueSlice] instead. +func StringValueSlice(src []*string) []string { return conv.ValueSlice(src) } + +// StringMap converts a string map of string values into a string map of string pointers. +// +// Deprecated: use [conv.PointerMap] instead. +func StringMap(src map[string]string) map[string]*string { return conv.PointerMap(src) } + +// StringValueMap converts a string map of string pointers into a string map of string values. +// +// Deprecated: use [conv.ValueMap] instead. +func StringValueMap(src map[string]*string) map[string]string { return conv.ValueMap(src) } + +// Bool turn a pointer to of the bool value passed in. +// +// Deprecated: use [conv.Pointer] instead. +func Bool(v bool) *bool { return conv.Pointer(v) } + +// BoolValue turn the value of the bool pointer passed in or false if the pointer is nil. +// +// Deprecated: use [conv.Value] instead. +func BoolValue(v *bool) bool { return conv.Value(v) } + +// BoolSlice converts a slice of bool values into a slice of bool pointers. +// +// Deprecated: use [conv.PointerSlice] instead. +func BoolSlice(src []bool) []*bool { return conv.PointerSlice(src) } + +// BoolValueSlice converts a slice of bool pointers into a slice of bool values. +// +// Deprecated: use [conv.ValueSlice] instead. +func BoolValueSlice(src []*bool) []bool { return conv.ValueSlice(src) } + +// BoolMap converts a string map of bool values into a string map of bool pointers. +// +// Deprecated: use [conv.PointerMap] instead. +func BoolMap(src map[string]bool) map[string]*bool { return conv.PointerMap(src) } + +// BoolValueMap converts a string map of bool pointers into a string map of bool values. +// +// Deprecated: use [conv.ValueMap] instead. +func BoolValueMap(src map[string]*bool) map[string]bool { return conv.ValueMap(src) } + +// Int turn a pointer to of the int value passed in. +// +// Deprecated: use [conv.Pointer] instead. +func Int(v int) *int { return conv.Pointer(v) } + +// IntValue turn the value of the int pointer passed in or 0 if the pointer is nil. +// +// Deprecated: use [conv.Value] instead. +func IntValue(v *int) int { return conv.Value(v) } + +// IntSlice converts a slice of int values into a slice of int pointers. +// +// Deprecated: use [conv.PointerSlice] instead. +func IntSlice(src []int) []*int { return conv.PointerSlice(src) } + +// IntValueSlice converts a slice of int pointers into a slice of int values. +// +// Deprecated: use [conv.ValueSlice] instead. +func IntValueSlice(src []*int) []int { return conv.ValueSlice(src) } + +// IntMap converts a string map of int values into a string map of int pointers. +// +// Deprecated: use [conv.PointerMap] instead. +func IntMap(src map[string]int) map[string]*int { return conv.PointerMap(src) } + +// IntValueMap converts a string map of int pointers into a string map of int values. +// +// Deprecated: use [conv.ValueMap] instead. +func IntValueMap(src map[string]*int) map[string]int { return conv.ValueMap(src) } + +// Int32 turn a pointer to of the int32 value passed in. +// +// Deprecated: use [conv.Pointer] instead. +func Int32(v int32) *int32 { return conv.Pointer(v) } + +// Int32Value turn the value of the int32 pointer passed in or 0 if the pointer is nil. +// +// Deprecated: use [conv.Value] instead. +func Int32Value(v *int32) int32 { return conv.Value(v) } + +// Int32Slice converts a slice of int32 values into a slice of int32 pointers. +// +// Deprecated: use [conv.PointerSlice] instead. +func Int32Slice(src []int32) []*int32 { return conv.PointerSlice(src) } + +// Int32ValueSlice converts a slice of int32 pointers into a slice of int32 values. +// +// Deprecated: use [conv.ValueSlice] instead. +func Int32ValueSlice(src []*int32) []int32 { return conv.ValueSlice(src) } + +// Int32Map converts a string map of int32 values into a string map of int32 pointers. +// +// Deprecated: use [conv.PointerMap] instead. +func Int32Map(src map[string]int32) map[string]*int32 { return conv.PointerMap(src) } + +// Int32ValueMap converts a string map of int32 pointers into a string map of int32 values. +// +// Deprecated: use [conv.ValueMap] instead. +func Int32ValueMap(src map[string]*int32) map[string]int32 { return conv.ValueMap(src) } + +// Int64 turn a pointer to of the int64 value passed in. +// +// Deprecated: use [conv.Pointer] instead. +func Int64(v int64) *int64 { return conv.Pointer(v) } + +// Int64Value turn the value of the int64 pointer passed in or 0 if the pointer is nil. +// +// Deprecated: use [conv.Value] instead. +func Int64Value(v *int64) int64 { return conv.Value(v) } + +// Int64Slice converts a slice of int64 values into a slice of int64 pointers. +// +// Deprecated: use [conv.PointerSlice] instead. +func Int64Slice(src []int64) []*int64 { return conv.PointerSlice(src) } + +// Int64ValueSlice converts a slice of int64 pointers into a slice of int64 values. +// +// Deprecated: use [conv.ValueSlice] instead. +func Int64ValueSlice(src []*int64) []int64 { return conv.ValueSlice(src) } + +// Int64Map converts a string map of int64 values into a string map of int64 pointers. +// +// Deprecated: use [conv.PointerMap] instead. +func Int64Map(src map[string]int64) map[string]*int64 { return conv.PointerMap(src) } + +// Int64ValueMap converts a string map of int64 pointers into a string map of int64 values. +// +// Deprecated: use [conv.ValueMap] instead. +func Int64ValueMap(src map[string]*int64) map[string]int64 { return conv.ValueMap(src) } + +// Uint16 turn a pointer to of the uint16 value passed in. +// +// Deprecated: use [conv.Pointer] instead. +func Uint16(v uint16) *uint16 { return conv.Pointer(v) } + +// Uint16Value turn the value of the uint16 pointer passed in or 0 if the pointer is nil. +// +// Deprecated: use [conv.Value] instead. +func Uint16Value(v *uint16) uint16 { return conv.Value(v) } + +// Uint16Slice converts a slice of uint16 values into a slice of uint16 pointers. +// +// Deprecated: use [conv.PointerSlice] instead. +func Uint16Slice(src []uint16) []*uint16 { return conv.PointerSlice(src) } + +// Uint16ValueSlice converts a slice of uint16 pointers into a slice of uint16 values. +// +// Deprecated: use [conv.ValueSlice] instead. +func Uint16ValueSlice(src []*uint16) []uint16 { return conv.ValueSlice(src) } + +// Uint16Map converts a string map of uint16 values into a string map of uint16 pointers. +// +// Deprecated: use [conv.PointerMap] instead. +func Uint16Map(src map[string]uint16) map[string]*uint16 { return conv.PointerMap(src) } + +// Uint16ValueMap converts a string map of uint16 pointers into a string map of uint16 values. +// +// Deprecated: use [conv.ValueMap] instead. +func Uint16ValueMap(src map[string]*uint16) map[string]uint16 { return conv.ValueMap(src) } + +// Uint turn a pointer to of the uint value passed in. +// +// Deprecated: use [conv.Pointer] instead. +func Uint(v uint) *uint { return conv.Pointer(v) } + +// UintValue turn the value of the uint pointer passed in or 0 if the pointer is nil. +// +// Deprecated: use [conv.Value] instead. +func UintValue(v *uint) uint { return conv.Value(v) } + +// UintSlice converts a slice of uint values into a slice of uint pointers. +// +// Deprecated: use [conv.PointerSlice] instead. +func UintSlice(src []uint) []*uint { return conv.PointerSlice(src) } + +// UintValueSlice converts a slice of uint pointers into a slice of uint values. +// +// Deprecated: use [conv.ValueSlice] instead. +func UintValueSlice(src []*uint) []uint { return conv.ValueSlice(src) } + +// UintMap converts a string map of uint values into a string map of uint pointers. +// +// Deprecated: use [conv.PointerMap] instead. +func UintMap(src map[string]uint) map[string]*uint { return conv.PointerMap(src) } + +// UintValueMap converts a string map of uint pointers into a string map of uint values. +// +// Deprecated: use [conv.ValueMap] instead. +func UintValueMap(src map[string]*uint) map[string]uint { return conv.ValueMap(src) } + +// Uint32 turn a pointer to of the uint32 value passed in. +// +// Deprecated: use [conv.Pointer] instead. +func Uint32(v uint32) *uint32 { return conv.Pointer(v) } + +// Uint32Value turn the value of the uint32 pointer passed in or 0 if the pointer is nil. +// +// Deprecated: use [conv.Value] instead. +func Uint32Value(v *uint32) uint32 { return conv.Value(v) } + +// Uint32Slice converts a slice of uint32 values into a slice of uint32 pointers. +// +// Deprecated: use [conv.PointerSlice] instead. +func Uint32Slice(src []uint32) []*uint32 { return conv.PointerSlice(src) } + +// Uint32ValueSlice converts a slice of uint32 pointers into a slice of uint32 values. +// +// Deprecated: use [conv.ValueSlice] instead. +func Uint32ValueSlice(src []*uint32) []uint32 { return conv.ValueSlice(src) } + +// Uint32Map converts a string map of uint32 values into a string map of uint32 pointers. +// +// Deprecated: use [conv.PointerMap] instead. +func Uint32Map(src map[string]uint32) map[string]*uint32 { return conv.PointerMap(src) } + +// Uint32ValueMap converts a string map of uint32 pointers into a string map of uint32 values. +// +// Deprecated: use [conv.ValueMap] instead. +func Uint32ValueMap(src map[string]*uint32) map[string]uint32 { return conv.ValueMap(src) } + +// Uint64 turn a pointer to of the uint64 value passed in. +// +// Deprecated: use [conv.Pointer] instead. +func Uint64(v uint64) *uint64 { return conv.Pointer(v) } + +// Uint64Value turn the value of the uint64 pointer passed in or 0 if the pointer is nil. +// +// Deprecated: use [conv.Value] instead. +func Uint64Value(v *uint64) uint64 { return conv.Value(v) } + +// Uint64Slice converts a slice of uint64 values into a slice of uint64 pointers. +// +// Deprecated: use [conv.PointerSlice] instead. +func Uint64Slice(src []uint64) []*uint64 { return conv.PointerSlice(src) } + +// Uint64ValueSlice converts a slice of uint64 pointers into a slice of uint64 values. +// +// Deprecated: use [conv.ValueSlice] instead. +func Uint64ValueSlice(src []*uint64) []uint64 { return conv.ValueSlice(src) } + +// Uint64Map converts a string map of uint64 values into a string map of uint64 pointers. +// +// Deprecated: use [conv.PointerMap] instead. +func Uint64Map(src map[string]uint64) map[string]*uint64 { return conv.PointerMap(src) } + +// Uint64ValueMap converts a string map of uint64 pointers into a string map of uint64 values. +// +// Deprecated: use [conv.ValueMap] instead. +func Uint64ValueMap(src map[string]*uint64) map[string]uint64 { return conv.ValueMap(src) } + +// Float32 turn a pointer to of the float32 value passed in. +// +// Deprecated: use [conv.Pointer] instead. +func Float32(v float32) *float32 { return conv.Pointer(v) } + +// Float32Value turn the value of the float32 pointer passed in or 0 if the pointer is nil. +// +// Deprecated: use [conv.Value] instead. +func Float32Value(v *float32) float32 { return conv.Value(v) } + +// Float32Slice converts a slice of float32 values into a slice of float32 pointers. +// +// Deprecated: use [conv.PointerSlice] instead. +func Float32Slice(src []float32) []*float32 { return conv.PointerSlice(src) } + +// Float32ValueSlice converts a slice of float32 pointers into a slice of float32 values. +// +// Deprecated: use [conv.ValueSlice] instead. +func Float32ValueSlice(src []*float32) []float32 { return conv.ValueSlice(src) } + +// Float32Map converts a string map of float32 values into a string map of float32 pointers. +// +// Deprecated: use [conv.PointerMap] instead. +func Float32Map(src map[string]float32) map[string]*float32 { return conv.PointerMap(src) } + +// Float32ValueMap converts a string map of float32 pointers into a string map of float32 values. +// +// Deprecated: use [conv.ValueMap] instead. +func Float32ValueMap(src map[string]*float32) map[string]float32 { return conv.ValueMap(src) } + +// Float64 turn a pointer to of the float64 value passed in. +// +// Deprecated: use [conv.Pointer] instead. +func Float64(v float64) *float64 { return conv.Pointer(v) } + +// Float64Value turn the value of the float64 pointer passed in or 0 if the pointer is nil. +// +// Deprecated: use [conv.Value] instead. +func Float64Value(v *float64) float64 { return conv.Value(v) } + +// Float64Slice converts a slice of float64 values into a slice of float64 pointers. +// +// Deprecated: use [conv.PointerSlice] instead. +func Float64Slice(src []float64) []*float64 { return conv.PointerSlice(src) } + +// Float64ValueSlice converts a slice of float64 pointers into a slice of float64 values. +// +// Deprecated: use [conv.ValueSlice] instead. +func Float64ValueSlice(src []*float64) []float64 { return conv.ValueSlice(src) } + +// Float64Map converts a string map of float64 values into a string map of float64 pointers. +// +// Deprecated: use [conv.PointerMap] instead. +func Float64Map(src map[string]float64) map[string]*float64 { return conv.PointerMap(src) } + +// Float64ValueMap converts a string map of float64 pointers into a string map of float64 values. +// +// Deprecated: use [conv.ValueMap] instead. +func Float64ValueMap(src map[string]*float64) map[string]float64 { return conv.ValueMap(src) } + +// Time turn a pointer to of the time.Time value passed in. +// +// Deprecated: use [conv.Pointer] instead. +func Time(v time.Time) *time.Time { return conv.Pointer(v) } + +// TimeValue turn the value of the time.Time pointer passed in or time.Time{} if the pointer is nil. +// +// Deprecated: use [conv.Value] instead. +func TimeValue(v *time.Time) time.Time { return conv.Value(v) } + +// TimeSlice converts a slice of time.Time values into a slice of time.Time pointers. +// +// Deprecated: use [conv.PointerSlice] instead. +func TimeSlice(src []time.Time) []*time.Time { return conv.PointerSlice(src) } + +// TimeValueSlice converts a slice of time.Time pointers into a slice of time.Time values +// +// Deprecated: use [conv.ValueSlice] instead. +func TimeValueSlice(src []*time.Time) []time.Time { return conv.ValueSlice(src) } + +// TimeMap converts a string map of time.Time values into a string map of time.Time pointers. +// +// Deprecated: use [conv.PointerMap] instead. +func TimeMap(src map[string]time.Time) map[string]*time.Time { return conv.PointerMap(src) } + +// TimeValueMap converts a string map of time.Time pointers into a string map of time.Time values. +// +// Deprecated: use [conv.ValueMap] instead. +func TimeValueMap(src map[string]*time.Time) map[string]time.Time { return conv.ValueMap(src) } diff --git a/vendor/github.com/go-openapi/swag/convert.go b/vendor/github.com/go-openapi/swag/convert.go deleted file mode 100644 index fc085aeb8e..0000000000 --- a/vendor/github.com/go-openapi/swag/convert.go +++ /dev/null @@ -1,208 +0,0 @@ -// Copyright 2015 go-swagger maintainers -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package swag - -import ( - "math" - "strconv" - "strings" -) - -// same as ECMA Number.MAX_SAFE_INTEGER and Number.MIN_SAFE_INTEGER -const ( - maxJSONFloat = float64(1<<53 - 1) // 9007199254740991.0 2^53 - 1 - minJSONFloat = -float64(1<<53 - 1) //-9007199254740991.0 -2^53 - 1 - epsilon float64 = 1e-9 -) - -// IsFloat64AJSONInteger allow for integers [-2^53, 2^53-1] inclusive -func IsFloat64AJSONInteger(f float64) bool { - if math.IsNaN(f) || math.IsInf(f, 0) || f < minJSONFloat || f > maxJSONFloat { - return false - } - fa := math.Abs(f) - g := float64(uint64(f)) - ga := math.Abs(g) - - diff := math.Abs(f - g) - - // more info: https://floating-point-gui.de/errors/comparison/#look-out-for-edge-cases - switch { - case f == g: // best case - return true - case f == float64(int64(f)) || f == float64(uint64(f)): // optimistic case - return true - case f == 0 || g == 0 || diff < math.SmallestNonzeroFloat64: // very close to 0 values - return diff < (epsilon * math.SmallestNonzeroFloat64) - } - // check the relative error - return diff/math.Min(fa+ga, math.MaxFloat64) < epsilon -} - -var evaluatesAsTrue map[string]struct{} - -func init() { - evaluatesAsTrue = map[string]struct{}{ - "true": {}, - "1": {}, - "yes": {}, - "ok": {}, - "y": {}, - "on": {}, - "selected": {}, - "checked": {}, - "t": {}, - "enabled": {}, - } -} - -// ConvertBool turn a string into a boolean -func ConvertBool(str string) (bool, error) { - _, ok := evaluatesAsTrue[strings.ToLower(str)] - return ok, nil -} - -// ConvertFloat32 turn a string into a float32 -func ConvertFloat32(str string) (float32, error) { - f, err := strconv.ParseFloat(str, 32) - if err != nil { - return 0, err - } - return float32(f), nil -} - -// ConvertFloat64 turn a string into a float64 -func ConvertFloat64(str string) (float64, error) { - return strconv.ParseFloat(str, 64) -} - -// ConvertInt8 turn a string into an int8 -func ConvertInt8(str string) (int8, error) { - i, err := strconv.ParseInt(str, 10, 8) - if err != nil { - return 0, err - } - return int8(i), nil -} - -// ConvertInt16 turn a string into an int16 -func ConvertInt16(str string) (int16, error) { - i, err := strconv.ParseInt(str, 10, 16) - if err != nil { - return 0, err - } - return int16(i), nil -} - -// ConvertInt32 turn a string into an int32 -func ConvertInt32(str string) (int32, error) { - i, err := strconv.ParseInt(str, 10, 32) - if err != nil { - return 0, err - } - return int32(i), nil -} - -// ConvertInt64 turn a string into an int64 -func ConvertInt64(str string) (int64, error) { - return strconv.ParseInt(str, 10, 64) -} - -// ConvertUint8 turn a string into an uint8 -func ConvertUint8(str string) (uint8, error) { - i, err := strconv.ParseUint(str, 10, 8) - if err != nil { - return 0, err - } - return uint8(i), nil -} - -// ConvertUint16 turn a string into an uint16 -func ConvertUint16(str string) (uint16, error) { - i, err := strconv.ParseUint(str, 10, 16) - if err != nil { - return 0, err - } - return uint16(i), nil -} - -// ConvertUint32 turn a string into an uint32 -func ConvertUint32(str string) (uint32, error) { - i, err := strconv.ParseUint(str, 10, 32) - if err != nil { - return 0, err - } - return uint32(i), nil -} - -// ConvertUint64 turn a string into an uint64 -func ConvertUint64(str string) (uint64, error) { - return strconv.ParseUint(str, 10, 64) -} - -// FormatBool turns a boolean into a string -func FormatBool(value bool) string { - return strconv.FormatBool(value) -} - -// FormatFloat32 turns a float32 into a string -func FormatFloat32(value float32) string { - return strconv.FormatFloat(float64(value), 'f', -1, 32) -} - -// FormatFloat64 turns a float64 into a string -func FormatFloat64(value float64) string { - return strconv.FormatFloat(value, 'f', -1, 64) -} - -// FormatInt8 turns an int8 into a string -func FormatInt8(value int8) string { - return strconv.FormatInt(int64(value), 10) -} - -// FormatInt16 turns an int16 into a string -func FormatInt16(value int16) string { - return strconv.FormatInt(int64(value), 10) -} - -// FormatInt32 turns an int32 into a string -func FormatInt32(value int32) string { - return strconv.Itoa(int(value)) -} - -// FormatInt64 turns an int64 into a string -func FormatInt64(value int64) string { - return strconv.FormatInt(value, 10) -} - -// FormatUint8 turns an uint8 into a string -func FormatUint8(value uint8) string { - return strconv.FormatUint(uint64(value), 10) -} - -// FormatUint16 turns an uint16 into a string -func FormatUint16(value uint16) string { - return strconv.FormatUint(uint64(value), 10) -} - -// FormatUint32 turns an uint32 into a string -func FormatUint32(value uint32) string { - return strconv.FormatUint(uint64(value), 10) -} - -// FormatUint64 turns an uint64 into a string -func FormatUint64(value uint64) string { - return strconv.FormatUint(value, 10) -} diff --git a/vendor/github.com/go-openapi/swag/convert_types.go b/vendor/github.com/go-openapi/swag/convert_types.go deleted file mode 100644 index c49cc473a8..0000000000 --- a/vendor/github.com/go-openapi/swag/convert_types.go +++ /dev/null @@ -1,730 +0,0 @@ -package swag - -import "time" - -// This file was taken from the aws go sdk - -// String returns a pointer to of the string value passed in. -func String(v string) *string { - return &v -} - -// StringValue returns the value of the string pointer passed in or -// "" if the pointer is nil. -func StringValue(v *string) string { - if v != nil { - return *v - } - return "" -} - -// StringSlice converts a slice of string values into a slice of -// string pointers -func StringSlice(src []string) []*string { - dst := make([]*string, len(src)) - for i := 0; i < len(src); i++ { - dst[i] = &(src[i]) - } - return dst -} - -// StringValueSlice converts a slice of string pointers into a slice of -// string values -func StringValueSlice(src []*string) []string { - dst := make([]string, len(src)) - for i := 0; i < len(src); i++ { - if src[i] != nil { - dst[i] = *(src[i]) - } - } - return dst -} - -// StringMap converts a string map of string values into a string -// map of string pointers -func StringMap(src map[string]string) map[string]*string { - dst := make(map[string]*string) - for k, val := range src { - v := val - dst[k] = &v - } - return dst -} - -// StringValueMap converts a string map of string pointers into a string -// map of string values -func StringValueMap(src map[string]*string) map[string]string { - dst := make(map[string]string) - for k, val := range src { - if val != nil { - dst[k] = *val - } - } - return dst -} - -// Bool returns a pointer to of the bool value passed in. -func Bool(v bool) *bool { - return &v -} - -// BoolValue returns the value of the bool pointer passed in or -// false if the pointer is nil. -func BoolValue(v *bool) bool { - if v != nil { - return *v - } - return false -} - -// BoolSlice converts a slice of bool values into a slice of -// bool pointers -func BoolSlice(src []bool) []*bool { - dst := make([]*bool, len(src)) - for i := 0; i < len(src); i++ { - dst[i] = &(src[i]) - } - return dst -} - -// BoolValueSlice converts a slice of bool pointers into a slice of -// bool values -func BoolValueSlice(src []*bool) []bool { - dst := make([]bool, len(src)) - for i := 0; i < len(src); i++ { - if src[i] != nil { - dst[i] = *(src[i]) - } - } - return dst -} - -// BoolMap converts a string map of bool values into a string -// map of bool pointers -func BoolMap(src map[string]bool) map[string]*bool { - dst := make(map[string]*bool) - for k, val := range src { - v := val - dst[k] = &v - } - return dst -} - -// BoolValueMap converts a string map of bool pointers into a string -// map of bool values -func BoolValueMap(src map[string]*bool) map[string]bool { - dst := make(map[string]bool) - for k, val := range src { - if val != nil { - dst[k] = *val - } - } - return dst -} - -// Int returns a pointer to of the int value passed in. -func Int(v int) *int { - return &v -} - -// IntValue returns the value of the int pointer passed in or -// 0 if the pointer is nil. -func IntValue(v *int) int { - if v != nil { - return *v - } - return 0 -} - -// IntSlice converts a slice of int values into a slice of -// int pointers -func IntSlice(src []int) []*int { - dst := make([]*int, len(src)) - for i := 0; i < len(src); i++ { - dst[i] = &(src[i]) - } - return dst -} - -// IntValueSlice converts a slice of int pointers into a slice of -// int values -func IntValueSlice(src []*int) []int { - dst := make([]int, len(src)) - for i := 0; i < len(src); i++ { - if src[i] != nil { - dst[i] = *(src[i]) - } - } - return dst -} - -// IntMap converts a string map of int values into a string -// map of int pointers -func IntMap(src map[string]int) map[string]*int { - dst := make(map[string]*int) - for k, val := range src { - v := val - dst[k] = &v - } - return dst -} - -// IntValueMap converts a string map of int pointers into a string -// map of int values -func IntValueMap(src map[string]*int) map[string]int { - dst := make(map[string]int) - for k, val := range src { - if val != nil { - dst[k] = *val - } - } - return dst -} - -// Int32 returns a pointer to of the int32 value passed in. -func Int32(v int32) *int32 { - return &v -} - -// Int32Value returns the value of the int32 pointer passed in or -// 0 if the pointer is nil. -func Int32Value(v *int32) int32 { - if v != nil { - return *v - } - return 0 -} - -// Int32Slice converts a slice of int32 values into a slice of -// int32 pointers -func Int32Slice(src []int32) []*int32 { - dst := make([]*int32, len(src)) - for i := 0; i < len(src); i++ { - dst[i] = &(src[i]) - } - return dst -} - -// Int32ValueSlice converts a slice of int32 pointers into a slice of -// int32 values -func Int32ValueSlice(src []*int32) []int32 { - dst := make([]int32, len(src)) - for i := 0; i < len(src); i++ { - if src[i] != nil { - dst[i] = *(src[i]) - } - } - return dst -} - -// Int32Map converts a string map of int32 values into a string -// map of int32 pointers -func Int32Map(src map[string]int32) map[string]*int32 { - dst := make(map[string]*int32) - for k, val := range src { - v := val - dst[k] = &v - } - return dst -} - -// Int32ValueMap converts a string map of int32 pointers into a string -// map of int32 values -func Int32ValueMap(src map[string]*int32) map[string]int32 { - dst := make(map[string]int32) - for k, val := range src { - if val != nil { - dst[k] = *val - } - } - return dst -} - -// Int64 returns a pointer to of the int64 value passed in. -func Int64(v int64) *int64 { - return &v -} - -// Int64Value returns the value of the int64 pointer passed in or -// 0 if the pointer is nil. -func Int64Value(v *int64) int64 { - if v != nil { - return *v - } - return 0 -} - -// Int64Slice converts a slice of int64 values into a slice of -// int64 pointers -func Int64Slice(src []int64) []*int64 { - dst := make([]*int64, len(src)) - for i := 0; i < len(src); i++ { - dst[i] = &(src[i]) - } - return dst -} - -// Int64ValueSlice converts a slice of int64 pointers into a slice of -// int64 values -func Int64ValueSlice(src []*int64) []int64 { - dst := make([]int64, len(src)) - for i := 0; i < len(src); i++ { - if src[i] != nil { - dst[i] = *(src[i]) - } - } - return dst -} - -// Int64Map converts a string map of int64 values into a string -// map of int64 pointers -func Int64Map(src map[string]int64) map[string]*int64 { - dst := make(map[string]*int64) - for k, val := range src { - v := val - dst[k] = &v - } - return dst -} - -// Int64ValueMap converts a string map of int64 pointers into a string -// map of int64 values -func Int64ValueMap(src map[string]*int64) map[string]int64 { - dst := make(map[string]int64) - for k, val := range src { - if val != nil { - dst[k] = *val - } - } - return dst -} - -// Uint16 returns a pointer to of the uint16 value passed in. -func Uint16(v uint16) *uint16 { - return &v -} - -// Uint16Value returns the value of the uint16 pointer passed in or -// 0 if the pointer is nil. -func Uint16Value(v *uint16) uint16 { - if v != nil { - return *v - } - - return 0 -} - -// Uint16Slice converts a slice of uint16 values into a slice of -// uint16 pointers -func Uint16Slice(src []uint16) []*uint16 { - dst := make([]*uint16, len(src)) - for i := 0; i < len(src); i++ { - dst[i] = &(src[i]) - } - - return dst -} - -// Uint16ValueSlice converts a slice of uint16 pointers into a slice of -// uint16 values -func Uint16ValueSlice(src []*uint16) []uint16 { - dst := make([]uint16, len(src)) - - for i := 0; i < len(src); i++ { - if src[i] != nil { - dst[i] = *(src[i]) - } - } - - return dst -} - -// Uint16Map converts a string map of uint16 values into a string -// map of uint16 pointers -func Uint16Map(src map[string]uint16) map[string]*uint16 { - dst := make(map[string]*uint16) - - for k, val := range src { - v := val - dst[k] = &v - } - - return dst -} - -// Uint16ValueMap converts a string map of uint16 pointers into a string -// map of uint16 values -func Uint16ValueMap(src map[string]*uint16) map[string]uint16 { - dst := make(map[string]uint16) - - for k, val := range src { - if val != nil { - dst[k] = *val - } - } - - return dst -} - -// Uint returns a pointer to of the uint value passed in. -func Uint(v uint) *uint { - return &v -} - -// UintValue returns the value of the uint pointer passed in or -// 0 if the pointer is nil. -func UintValue(v *uint) uint { - if v != nil { - return *v - } - return 0 -} - -// UintSlice converts a slice of uint values into a slice of -// uint pointers -func UintSlice(src []uint) []*uint { - dst := make([]*uint, len(src)) - for i := 0; i < len(src); i++ { - dst[i] = &(src[i]) - } - return dst -} - -// UintValueSlice converts a slice of uint pointers into a slice of -// uint values -func UintValueSlice(src []*uint) []uint { - dst := make([]uint, len(src)) - for i := 0; i < len(src); i++ { - if src[i] != nil { - dst[i] = *(src[i]) - } - } - return dst -} - -// UintMap converts a string map of uint values into a string -// map of uint pointers -func UintMap(src map[string]uint) map[string]*uint { - dst := make(map[string]*uint) - for k, val := range src { - v := val - dst[k] = &v - } - return dst -} - -// UintValueMap converts a string map of uint pointers into a string -// map of uint values -func UintValueMap(src map[string]*uint) map[string]uint { - dst := make(map[string]uint) - for k, val := range src { - if val != nil { - dst[k] = *val - } - } - return dst -} - -// Uint32 returns a pointer to of the uint32 value passed in. -func Uint32(v uint32) *uint32 { - return &v -} - -// Uint32Value returns the value of the uint32 pointer passed in or -// 0 if the pointer is nil. -func Uint32Value(v *uint32) uint32 { - if v != nil { - return *v - } - return 0 -} - -// Uint32Slice converts a slice of uint32 values into a slice of -// uint32 pointers -func Uint32Slice(src []uint32) []*uint32 { - dst := make([]*uint32, len(src)) - for i := 0; i < len(src); i++ { - dst[i] = &(src[i]) - } - return dst -} - -// Uint32ValueSlice converts a slice of uint32 pointers into a slice of -// uint32 values -func Uint32ValueSlice(src []*uint32) []uint32 { - dst := make([]uint32, len(src)) - for i := 0; i < len(src); i++ { - if src[i] != nil { - dst[i] = *(src[i]) - } - } - return dst -} - -// Uint32Map converts a string map of uint32 values into a string -// map of uint32 pointers -func Uint32Map(src map[string]uint32) map[string]*uint32 { - dst := make(map[string]*uint32) - for k, val := range src { - v := val - dst[k] = &v - } - return dst -} - -// Uint32ValueMap converts a string map of uint32 pointers into a string -// map of uint32 values -func Uint32ValueMap(src map[string]*uint32) map[string]uint32 { - dst := make(map[string]uint32) - for k, val := range src { - if val != nil { - dst[k] = *val - } - } - return dst -} - -// Uint64 returns a pointer to of the uint64 value passed in. -func Uint64(v uint64) *uint64 { - return &v -} - -// Uint64Value returns the value of the uint64 pointer passed in or -// 0 if the pointer is nil. -func Uint64Value(v *uint64) uint64 { - if v != nil { - return *v - } - return 0 -} - -// Uint64Slice converts a slice of uint64 values into a slice of -// uint64 pointers -func Uint64Slice(src []uint64) []*uint64 { - dst := make([]*uint64, len(src)) - for i := 0; i < len(src); i++ { - dst[i] = &(src[i]) - } - return dst -} - -// Uint64ValueSlice converts a slice of uint64 pointers into a slice of -// uint64 values -func Uint64ValueSlice(src []*uint64) []uint64 { - dst := make([]uint64, len(src)) - for i := 0; i < len(src); i++ { - if src[i] != nil { - dst[i] = *(src[i]) - } - } - return dst -} - -// Uint64Map converts a string map of uint64 values into a string -// map of uint64 pointers -func Uint64Map(src map[string]uint64) map[string]*uint64 { - dst := make(map[string]*uint64) - for k, val := range src { - v := val - dst[k] = &v - } - return dst -} - -// Uint64ValueMap converts a string map of uint64 pointers into a string -// map of uint64 values -func Uint64ValueMap(src map[string]*uint64) map[string]uint64 { - dst := make(map[string]uint64) - for k, val := range src { - if val != nil { - dst[k] = *val - } - } - return dst -} - -// Float32 returns a pointer to of the float32 value passed in. -func Float32(v float32) *float32 { - return &v -} - -// Float32Value returns the value of the float32 pointer passed in or -// 0 if the pointer is nil. -func Float32Value(v *float32) float32 { - if v != nil { - return *v - } - - return 0 -} - -// Float32Slice converts a slice of float32 values into a slice of -// float32 pointers -func Float32Slice(src []float32) []*float32 { - dst := make([]*float32, len(src)) - - for i := 0; i < len(src); i++ { - dst[i] = &(src[i]) - } - - return dst -} - -// Float32ValueSlice converts a slice of float32 pointers into a slice of -// float32 values -func Float32ValueSlice(src []*float32) []float32 { - dst := make([]float32, len(src)) - - for i := 0; i < len(src); i++ { - if src[i] != nil { - dst[i] = *(src[i]) - } - } - - return dst -} - -// Float32Map converts a string map of float32 values into a string -// map of float32 pointers -func Float32Map(src map[string]float32) map[string]*float32 { - dst := make(map[string]*float32) - - for k, val := range src { - v := val - dst[k] = &v - } - - return dst -} - -// Float32ValueMap converts a string map of float32 pointers into a string -// map of float32 values -func Float32ValueMap(src map[string]*float32) map[string]float32 { - dst := make(map[string]float32) - - for k, val := range src { - if val != nil { - dst[k] = *val - } - } - - return dst -} - -// Float64 returns a pointer to of the float64 value passed in. -func Float64(v float64) *float64 { - return &v -} - -// Float64Value returns the value of the float64 pointer passed in or -// 0 if the pointer is nil. -func Float64Value(v *float64) float64 { - if v != nil { - return *v - } - return 0 -} - -// Float64Slice converts a slice of float64 values into a slice of -// float64 pointers -func Float64Slice(src []float64) []*float64 { - dst := make([]*float64, len(src)) - for i := 0; i < len(src); i++ { - dst[i] = &(src[i]) - } - return dst -} - -// Float64ValueSlice converts a slice of float64 pointers into a slice of -// float64 values -func Float64ValueSlice(src []*float64) []float64 { - dst := make([]float64, len(src)) - for i := 0; i < len(src); i++ { - if src[i] != nil { - dst[i] = *(src[i]) - } - } - return dst -} - -// Float64Map converts a string map of float64 values into a string -// map of float64 pointers -func Float64Map(src map[string]float64) map[string]*float64 { - dst := make(map[string]*float64) - for k, val := range src { - v := val - dst[k] = &v - } - return dst -} - -// Float64ValueMap converts a string map of float64 pointers into a string -// map of float64 values -func Float64ValueMap(src map[string]*float64) map[string]float64 { - dst := make(map[string]float64) - for k, val := range src { - if val != nil { - dst[k] = *val - } - } - return dst -} - -// Time returns a pointer to of the time.Time value passed in. -func Time(v time.Time) *time.Time { - return &v -} - -// TimeValue returns the value of the time.Time pointer passed in or -// time.Time{} if the pointer is nil. -func TimeValue(v *time.Time) time.Time { - if v != nil { - return *v - } - return time.Time{} -} - -// TimeSlice converts a slice of time.Time values into a slice of -// time.Time pointers -func TimeSlice(src []time.Time) []*time.Time { - dst := make([]*time.Time, len(src)) - for i := 0; i < len(src); i++ { - dst[i] = &(src[i]) - } - return dst -} - -// TimeValueSlice converts a slice of time.Time pointers into a slice of -// time.Time values -func TimeValueSlice(src []*time.Time) []time.Time { - dst := make([]time.Time, len(src)) - for i := 0; i < len(src); i++ { - if src[i] != nil { - dst[i] = *(src[i]) - } - } - return dst -} - -// TimeMap converts a string map of time.Time values into a string -// map of time.Time pointers -func TimeMap(src map[string]time.Time) map[string]*time.Time { - dst := make(map[string]*time.Time) - for k, val := range src { - v := val - dst[k] = &v - } - return dst -} - -// TimeValueMap converts a string map of time.Time pointers into a string -// map of time.Time values -func TimeValueMap(src map[string]*time.Time) map[string]time.Time { - dst := make(map[string]time.Time) - for k, val := range src { - if val != nil { - dst[k] = *val - } - } - return dst -} diff --git a/vendor/github.com/go-openapi/swag/doc.go b/vendor/github.com/go-openapi/swag/doc.go index 55094cb74c..b54b57478a 100644 --- a/vendor/github.com/go-openapi/swag/doc.go +++ b/vendor/github.com/go-openapi/swag/doc.go @@ -1,31 +1,47 @@ -// Copyright 2015 go-swagger maintainers +// SPDX-FileCopyrightText: Copyright 2015-2025 go-swagger maintainers +// SPDX-License-Identifier: Apache-2.0 + +// Package swag contains a bunch of helper functions for go-openapi and go-swagger projects. // -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at +// You may also use it standalone for your projects. // -// http://www.apache.org/licenses/LICENSE-2.0 +// NOTE: all features that used to be exposed as package-level members (constants, variables, +// functions and types) are now deprecated and are superseded by equivalent features in +// more specialized sub-packages. +// Moving forward, no additional feature will be added to the [swag] API directly at the root package level, +// which remains there for backward-compatibility purposes. // -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -/* -Package swag contains a bunch of helper functions for go-openapi and go-swagger projects. - -You may also use it standalone for your projects. - - - convert between value and pointers for builtin types - - convert from string to builtin types (wraps strconv) - - fast json concatenation - - search in path - - load from file or http - - name mangling - -This repo has only few dependencies outside of the standard library: - - - YAML utilities depend on gopkg.in/yaml.v2 -*/ +// Child modules will continue to evolve or some new ones may be added in the future. +// +// # Modules +// +// - [cmdutils] utilities to work with CLIs +// +// - [conv] type conversion utilities +// +// - [fileutils] file utilities +// +// - [jsonname] JSON utilities +// +// - [jsonutils] JSON utilities +// +// - [loading] file loading +// +// - [mangling] safe name generation +// +// - [netutils] networking utilities +// +// - [stringutils] `string` utilities +// +// - [typeutils] `go` types utilities +// +// - [yamlutils] YAML utilities +// +// # Dependencies +// +// This repo has a few dependencies outside of the standard library: +// +// - YAML utilities depend on [go.yaml.in/yaml/v3] package swag + +//go:generate mockery diff --git a/vendor/github.com/go-openapi/swag/file.go b/vendor/github.com/go-openapi/swag/file.go deleted file mode 100644 index 16accc55f8..0000000000 --- a/vendor/github.com/go-openapi/swag/file.go +++ /dev/null @@ -1,33 +0,0 @@ -// Copyright 2015 go-swagger maintainers -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package swag - -import "mime/multipart" - -// File represents an uploaded file. -type File struct { - Data multipart.File - Header *multipart.FileHeader -} - -// Read bytes from the file -func (f *File) Read(p []byte) (n int, err error) { - return f.Data.Read(p) -} - -// Close the file -func (f *File) Close() error { - return f.Data.Close() -} diff --git a/vendor/github.com/go-openapi/swag/fileutils/LICENSE b/vendor/github.com/go-openapi/swag/fileutils/LICENSE new file mode 100644 index 0000000000..d645695673 --- /dev/null +++ b/vendor/github.com/go-openapi/swag/fileutils/LICENSE @@ -0,0 +1,202 @@ + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/vendor/github.com/go-openapi/swag/fileutils/doc.go b/vendor/github.com/go-openapi/swag/fileutils/doc.go new file mode 100644 index 0000000000..859a200d84 --- /dev/null +++ b/vendor/github.com/go-openapi/swag/fileutils/doc.go @@ -0,0 +1,10 @@ +// SPDX-FileCopyrightText: Copyright 2015-2025 go-swagger maintainers +// SPDX-License-Identifier: Apache-2.0 + +// Package fileutils exposes utilities to deal with files and paths. +// +// Currently, there is: +// - [File] to represent an abstraction of an uploaded file. +// For instance, this is used by [github.com/go-openapi/runtime.File]. +// - path search utilities (e.g. finding packages in the GO search path) +package fileutils diff --git a/vendor/github.com/go-openapi/swag/fileutils/file.go b/vendor/github.com/go-openapi/swag/fileutils/file.go new file mode 100644 index 0000000000..5ad4cfaeaf --- /dev/null +++ b/vendor/github.com/go-openapi/swag/fileutils/file.go @@ -0,0 +1,22 @@ +// SPDX-FileCopyrightText: Copyright 2015-2025 go-swagger maintainers +// SPDX-License-Identifier: Apache-2.0 + +package fileutils + +import "mime/multipart" + +// File represents an uploaded file. +type File struct { + Data multipart.File + Header *multipart.FileHeader +} + +// Read bytes from the file +func (f *File) Read(p []byte) (n int, err error) { + return f.Data.Read(p) +} + +// Close the file +func (f *File) Close() error { + return f.Data.Close() +} diff --git a/vendor/github.com/go-openapi/swag/path.go b/vendor/github.com/go-openapi/swag/fileutils/path.go similarity index 58% rename from vendor/github.com/go-openapi/swag/path.go rename to vendor/github.com/go-openapi/swag/fileutils/path.go index 941bd0176b..dd09f690bf 100644 --- a/vendor/github.com/go-openapi/swag/path.go +++ b/vendor/github.com/go-openapi/swag/fileutils/path.go @@ -1,18 +1,7 @@ -// Copyright 2015 go-swagger maintainers -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. +// SPDX-FileCopyrightText: Copyright 2015-2025 go-swagger maintainers +// SPDX-License-Identifier: Apache-2.0 -package swag +package fileutils import ( "os" @@ -21,10 +10,8 @@ import ( "strings" ) -const ( - // GOPATHKey represents the env key for gopath - GOPATHKey = "GOPATH" -) +// GOPATHKey represents the env key for gopath +const GOPATHKey = "GOPATH" // FindInSearchPath finds a package in a provided lists of paths func FindInSearchPath(searchPath, pkg string) string { @@ -40,11 +27,17 @@ func FindInSearchPath(searchPath, pkg string) string { } // FindInGoSearchPath finds a package in the $GOPATH:$GOROOT +// +// Deprecated: this function is no longer relevant with modern go. +// It uses [runtime.GOROOT] under the hood, which is deprecated as of go1.24. func FindInGoSearchPath(pkg string) string { return FindInSearchPath(FullGoSearchPath(), pkg) } // FullGoSearchPath gets the search paths for finding packages +// +// Deprecated: this function is no longer relevant with modern go. +// It uses [runtime.GOROOT] under the hood, which is deprecated as of go1.24. func FullGoSearchPath() string { allPaths := os.Getenv(GOPATHKey) if allPaths == "" { diff --git a/vendor/github.com/go-openapi/swag/fileutils_iface.go b/vendor/github.com/go-openapi/swag/fileutils_iface.go new file mode 100644 index 0000000000..f3e79a0e4b --- /dev/null +++ b/vendor/github.com/go-openapi/swag/fileutils_iface.go @@ -0,0 +1,33 @@ +// SPDX-FileCopyrightText: Copyright 2015-2025 go-swagger maintainers +// SPDX-License-Identifier: Apache-2.0 + +package swag + +import "github.com/go-openapi/swag/fileutils" + +// GOPATHKey represents the env key for gopath +// +// Deprecated: use [fileutils.GOPATHKey] instead. +const GOPATHKey = fileutils.GOPATHKey + +// File represents an uploaded file. +// +// Deprecated: use [fileutils.File] instead. +type File = fileutils.File + +// FindInSearchPath finds a package in a provided lists of paths. +// +// Deprecated: use [fileutils.FindInSearchPath] instead. +func FindInSearchPath(searchPath, pkg string) string { + return fileutils.FindInSearchPath(searchPath, pkg) +} + +// FindInGoSearchPath finds a package in the $GOPATH:$GOROOT +// +// Deprecated: use [fileutils.FindInGoSearchPath] instead. +func FindInGoSearchPath(pkg string) string { return fileutils.FindInGoSearchPath(pkg) } + +// FullGoSearchPath gets the search paths for finding packages +// +// Deprecated: use [fileutils.FullGoSearchPath] instead. +func FullGoSearchPath() string { return fileutils.FullGoSearchPath() } diff --git a/vendor/github.com/go-openapi/swag/go.work b/vendor/github.com/go-openapi/swag/go.work new file mode 100644 index 0000000000..1e537f0749 --- /dev/null +++ b/vendor/github.com/go-openapi/swag/go.work @@ -0,0 +1,20 @@ +use ( + . + ./cmdutils + ./conv + ./fileutils + ./jsonname + ./jsonutils + ./jsonutils/adapters/easyjson + ./jsonutils/adapters/testintegration + ./jsonutils/adapters/testintegration/benchmarks + ./jsonutils/fixtures_test + ./loading + ./mangling + ./netutils + ./stringutils + ./typeutils + ./yamlutils +) + +go 1.24.0 diff --git a/vendor/github.com/go-openapi/swag/go.work.sum b/vendor/github.com/go-openapi/swag/go.work.sum new file mode 100644 index 0000000000..c1308cafa6 --- /dev/null +++ b/vendor/github.com/go-openapi/swag/go.work.sum @@ -0,0 +1,7 @@ +github.com/go-openapi/testify/v2 v2.0.1/go.mod h1:HCPmvFFnheKK2BuwSA0TbbdxJ3I16pjwMkYkP4Ywn54= +golang.org/x/mod v0.21.0 h1:vvrHzRwRfVKSiLrG+d4FMl/Qi4ukBCE6kZlTUkDYRT0= +golang.org/x/mod v0.21.0/go.mod h1:6SkKJ3Xj0I0BrPOZoBy3bdMptDDU9oJrpohJ3eWZ1fY= +golang.org/x/sys v0.26.0 h1:KHjCJyddX0LoSTb3J+vWpupP9p0oznkqVk/IfjymZbo= +golang.org/x/sys v0.26.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/tools v0.26.0 h1:v/60pFQmzmT9ExmjDv2gGIfi3OqfKoEP6I5+umXlbnQ= +golang.org/x/tools v0.26.0/go.mod h1:TPVVj70c7JJ3WCazhD8OdXcZg/og+b9+tH/KxylGwH0= diff --git a/vendor/github.com/go-openapi/swag/initialism_index.go b/vendor/github.com/go-openapi/swag/initialism_index.go deleted file mode 100644 index 20a359bb60..0000000000 --- a/vendor/github.com/go-openapi/swag/initialism_index.go +++ /dev/null @@ -1,202 +0,0 @@ -// Copyright 2015 go-swagger maintainers -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package swag - -import ( - "sort" - "strings" - "sync" -) - -var ( - // commonInitialisms are common acronyms that are kept as whole uppercased words. - commonInitialisms *indexOfInitialisms - - // initialisms is a slice of sorted initialisms - initialisms []string - - // a copy of initialisms pre-baked as []rune - initialismsRunes [][]rune - initialismsUpperCased [][]rune - - isInitialism func(string) bool - - maxAllocMatches int -) - -func init() { - // Taken from https://github.com/golang/lint/blob/3390df4df2787994aea98de825b964ac7944b817/lint.go#L732-L769 - configuredInitialisms := map[string]bool{ - "ACL": true, - "API": true, - "ASCII": true, - "CPU": true, - "CSS": true, - "DNS": true, - "EOF": true, - "GUID": true, - "HTML": true, - "HTTPS": true, - "HTTP": true, - "ID": true, - "IP": true, - "IPv4": true, - "IPv6": true, - "JSON": true, - "LHS": true, - "OAI": true, - "QPS": true, - "RAM": true, - "RHS": true, - "RPC": true, - "SLA": true, - "SMTP": true, - "SQL": true, - "SSH": true, - "TCP": true, - "TLS": true, - "TTL": true, - "UDP": true, - "UI": true, - "UID": true, - "UUID": true, - "URI": true, - "URL": true, - "UTF8": true, - "VM": true, - "XML": true, - "XMPP": true, - "XSRF": true, - "XSS": true, - } - - // a thread-safe index of initialisms - commonInitialisms = newIndexOfInitialisms().load(configuredInitialisms) - initialisms = commonInitialisms.sorted() - initialismsRunes = asRunes(initialisms) - initialismsUpperCased = asUpperCased(initialisms) - maxAllocMatches = maxAllocHeuristic(initialismsRunes) - - // a test function - isInitialism = commonInitialisms.isInitialism -} - -func asRunes(in []string) [][]rune { - out := make([][]rune, len(in)) - for i, initialism := range in { - out[i] = []rune(initialism) - } - - return out -} - -func asUpperCased(in []string) [][]rune { - out := make([][]rune, len(in)) - - for i, initialism := range in { - out[i] = []rune(upper(trim(initialism))) - } - - return out -} - -func maxAllocHeuristic(in [][]rune) int { - heuristic := make(map[rune]int) - for _, initialism := range in { - heuristic[initialism[0]]++ - } - - var maxAlloc int - for _, val := range heuristic { - if val > maxAlloc { - maxAlloc = val - } - } - - return maxAlloc -} - -// AddInitialisms add additional initialisms -func AddInitialisms(words ...string) { - for _, word := range words { - // commonInitialisms[upper(word)] = true - commonInitialisms.add(upper(word)) - } - // sort again - initialisms = commonInitialisms.sorted() - initialismsRunes = asRunes(initialisms) - initialismsUpperCased = asUpperCased(initialisms) -} - -// indexOfInitialisms is a thread-safe implementation of the sorted index of initialisms. -// Since go1.9, this may be implemented with sync.Map. -type indexOfInitialisms struct { - sortMutex *sync.Mutex - index *sync.Map -} - -func newIndexOfInitialisms() *indexOfInitialisms { - return &indexOfInitialisms{ - sortMutex: new(sync.Mutex), - index: new(sync.Map), - } -} - -func (m *indexOfInitialisms) load(initial map[string]bool) *indexOfInitialisms { - m.sortMutex.Lock() - defer m.sortMutex.Unlock() - for k, v := range initial { - m.index.Store(k, v) - } - return m -} - -func (m *indexOfInitialisms) isInitialism(key string) bool { - _, ok := m.index.Load(key) - return ok -} - -func (m *indexOfInitialisms) add(key string) *indexOfInitialisms { - m.index.Store(key, true) - return m -} - -func (m *indexOfInitialisms) sorted() (result []string) { - m.sortMutex.Lock() - defer m.sortMutex.Unlock() - m.index.Range(func(key, _ interface{}) bool { - k := key.(string) - result = append(result, k) - return true - }) - sort.Sort(sort.Reverse(byInitialism(result))) - return -} - -type byInitialism []string - -func (s byInitialism) Len() int { - return len(s) -} -func (s byInitialism) Swap(i, j int) { - s[i], s[j] = s[j], s[i] -} -func (s byInitialism) Less(i, j int) bool { - if len(s[i]) != len(s[j]) { - return len(s[i]) < len(s[j]) - } - - return strings.Compare(s[i], s[j]) > 0 -} diff --git a/vendor/github.com/go-openapi/swag/json.go b/vendor/github.com/go-openapi/swag/json.go deleted file mode 100644 index 7e9902ca31..0000000000 --- a/vendor/github.com/go-openapi/swag/json.go +++ /dev/null @@ -1,312 +0,0 @@ -// Copyright 2015 go-swagger maintainers -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package swag - -import ( - "bytes" - "encoding/json" - "log" - "reflect" - "strings" - "sync" - - "github.com/mailru/easyjson/jlexer" - "github.com/mailru/easyjson/jwriter" -) - -// nullJSON represents a JSON object with null type -var nullJSON = []byte("null") - -// DefaultJSONNameProvider the default cache for types -var DefaultJSONNameProvider = NewNameProvider() - -const comma = byte(',') - -var closers map[byte]byte - -func init() { - closers = map[byte]byte{ - '{': '}', - '[': ']', - } -} - -type ejMarshaler interface { - MarshalEasyJSON(w *jwriter.Writer) -} - -type ejUnmarshaler interface { - UnmarshalEasyJSON(w *jlexer.Lexer) -} - -// WriteJSON writes json data, prefers finding an appropriate interface to short-circuit the marshaler -// so it takes the fastest option available. -func WriteJSON(data interface{}) ([]byte, error) { - if d, ok := data.(ejMarshaler); ok { - jw := new(jwriter.Writer) - d.MarshalEasyJSON(jw) - return jw.BuildBytes() - } - if d, ok := data.(json.Marshaler); ok { - return d.MarshalJSON() - } - return json.Marshal(data) -} - -// ReadJSON reads json data, prefers finding an appropriate interface to short-circuit the unmarshaler -// so it takes the fastest option available -func ReadJSON(data []byte, value interface{}) error { - trimmedData := bytes.Trim(data, "\x00") - if d, ok := value.(ejUnmarshaler); ok { - jl := &jlexer.Lexer{Data: trimmedData} - d.UnmarshalEasyJSON(jl) - return jl.Error() - } - if d, ok := value.(json.Unmarshaler); ok { - return d.UnmarshalJSON(trimmedData) - } - return json.Unmarshal(trimmedData, value) -} - -// DynamicJSONToStruct converts an untyped json structure into a struct -func DynamicJSONToStruct(data interface{}, target interface{}) error { - // TODO: convert straight to a json typed map (mergo + iterate?) - b, err := WriteJSON(data) - if err != nil { - return err - } - return ReadJSON(b, target) -} - -// ConcatJSON concatenates multiple json objects efficiently -func ConcatJSON(blobs ...[]byte) []byte { - if len(blobs) == 0 { - return nil - } - - last := len(blobs) - 1 - for blobs[last] == nil || bytes.Equal(blobs[last], nullJSON) { - // strips trailing null objects - last-- - if last < 0 { - // there was nothing but "null"s or nil... - return nil - } - } - if last == 0 { - return blobs[0] - } - - var opening, closing byte - var idx, a int - buf := bytes.NewBuffer(nil) - - for i, b := range blobs[:last+1] { - if b == nil || bytes.Equal(b, nullJSON) { - // a null object is in the list: skip it - continue - } - if len(b) > 0 && opening == 0 { // is this an array or an object? - opening, closing = b[0], closers[b[0]] - } - - if opening != '{' && opening != '[' { - continue // don't know how to concatenate non container objects - } - - if len(b) < 3 { // yep empty but also the last one, so closing this thing - if i == last && a > 0 { - if err := buf.WriteByte(closing); err != nil { - log.Println(err) - } - } - continue - } - - idx = 0 - if a > 0 { // we need to join with a comma for everything beyond the first non-empty item - if err := buf.WriteByte(comma); err != nil { - log.Println(err) - } - idx = 1 // this is not the first or the last so we want to drop the leading bracket - } - - if i != last { // not the last one, strip brackets - if _, err := buf.Write(b[idx : len(b)-1]); err != nil { - log.Println(err) - } - } else { // last one, strip only the leading bracket - if _, err := buf.Write(b[idx:]); err != nil { - log.Println(err) - } - } - a++ - } - // somehow it ended up being empty, so provide a default value - if buf.Len() == 0 { - if err := buf.WriteByte(opening); err != nil { - log.Println(err) - } - if err := buf.WriteByte(closing); err != nil { - log.Println(err) - } - } - return buf.Bytes() -} - -// ToDynamicJSON turns an object into a properly JSON typed structure -func ToDynamicJSON(data interface{}) interface{} { - // TODO: convert straight to a json typed map (mergo + iterate?) - b, err := json.Marshal(data) - if err != nil { - log.Println(err) - } - var res interface{} - if err := json.Unmarshal(b, &res); err != nil { - log.Println(err) - } - return res -} - -// FromDynamicJSON turns an object into a properly JSON typed structure -func FromDynamicJSON(data, target interface{}) error { - b, err := json.Marshal(data) - if err != nil { - log.Println(err) - } - return json.Unmarshal(b, target) -} - -// NameProvider represents an object capable of translating from go property names -// to json property names -// This type is thread-safe. -type NameProvider struct { - lock *sync.Mutex - index map[reflect.Type]nameIndex -} - -type nameIndex struct { - jsonNames map[string]string - goNames map[string]string -} - -// NewNameProvider creates a new name provider -func NewNameProvider() *NameProvider { - return &NameProvider{ - lock: &sync.Mutex{}, - index: make(map[reflect.Type]nameIndex), - } -} - -func buildnameIndex(tpe reflect.Type, idx, reverseIdx map[string]string) { - for i := 0; i < tpe.NumField(); i++ { - targetDes := tpe.Field(i) - - if targetDes.PkgPath != "" { // unexported - continue - } - - if targetDes.Anonymous { // walk embedded structures tree down first - buildnameIndex(targetDes.Type, idx, reverseIdx) - continue - } - - if tag := targetDes.Tag.Get("json"); tag != "" { - - parts := strings.Split(tag, ",") - if len(parts) == 0 { - continue - } - - nm := parts[0] - if nm == "-" { - continue - } - if nm == "" { // empty string means we want to use the Go name - nm = targetDes.Name - } - - idx[nm] = targetDes.Name - reverseIdx[targetDes.Name] = nm - } - } -} - -func newNameIndex(tpe reflect.Type) nameIndex { - var idx = make(map[string]string, tpe.NumField()) - var reverseIdx = make(map[string]string, tpe.NumField()) - - buildnameIndex(tpe, idx, reverseIdx) - return nameIndex{jsonNames: idx, goNames: reverseIdx} -} - -// GetJSONNames gets all the json property names for a type -func (n *NameProvider) GetJSONNames(subject interface{}) []string { - n.lock.Lock() - defer n.lock.Unlock() - tpe := reflect.Indirect(reflect.ValueOf(subject)).Type() - names, ok := n.index[tpe] - if !ok { - names = n.makeNameIndex(tpe) - } - - res := make([]string, 0, len(names.jsonNames)) - for k := range names.jsonNames { - res = append(res, k) - } - return res -} - -// GetJSONName gets the json name for a go property name -func (n *NameProvider) GetJSONName(subject interface{}, name string) (string, bool) { - tpe := reflect.Indirect(reflect.ValueOf(subject)).Type() - return n.GetJSONNameForType(tpe, name) -} - -// GetJSONNameForType gets the json name for a go property name on a given type -func (n *NameProvider) GetJSONNameForType(tpe reflect.Type, name string) (string, bool) { - n.lock.Lock() - defer n.lock.Unlock() - names, ok := n.index[tpe] - if !ok { - names = n.makeNameIndex(tpe) - } - nme, ok := names.goNames[name] - return nme, ok -} - -func (n *NameProvider) makeNameIndex(tpe reflect.Type) nameIndex { - names := newNameIndex(tpe) - n.index[tpe] = names - return names -} - -// GetGoName gets the go name for a json property name -func (n *NameProvider) GetGoName(subject interface{}, name string) (string, bool) { - tpe := reflect.Indirect(reflect.ValueOf(subject)).Type() - return n.GetGoNameForType(tpe, name) -} - -// GetGoNameForType gets the go name for a given type for a json property name -func (n *NameProvider) GetGoNameForType(tpe reflect.Type, name string) (string, bool) { - n.lock.Lock() - defer n.lock.Unlock() - names, ok := n.index[tpe] - if !ok { - names = n.makeNameIndex(tpe) - } - nme, ok := names.jsonNames[name] - return nme, ok -} diff --git a/vendor/github.com/go-openapi/swag/jsonname/LICENSE b/vendor/github.com/go-openapi/swag/jsonname/LICENSE new file mode 100644 index 0000000000..d645695673 --- /dev/null +++ b/vendor/github.com/go-openapi/swag/jsonname/LICENSE @@ -0,0 +1,202 @@ + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/vendor/github.com/go-openapi/swag/jsonname/doc.go b/vendor/github.com/go-openapi/swag/jsonname/doc.go new file mode 100644 index 0000000000..79232eaca4 --- /dev/null +++ b/vendor/github.com/go-openapi/swag/jsonname/doc.go @@ -0,0 +1,5 @@ +// SPDX-FileCopyrightText: Copyright 2015-2025 go-swagger maintainers +// SPDX-License-Identifier: Apache-2.0 + +// Package jsonname is a provider of json property names from go properties. +package jsonname diff --git a/vendor/github.com/go-openapi/swag/jsonname/name_provider.go b/vendor/github.com/go-openapi/swag/jsonname/name_provider.go new file mode 100644 index 0000000000..8eaf1bece8 --- /dev/null +++ b/vendor/github.com/go-openapi/swag/jsonname/name_provider.go @@ -0,0 +1,138 @@ +// SPDX-FileCopyrightText: Copyright 2015-2025 go-swagger maintainers +// SPDX-License-Identifier: Apache-2.0 + +package jsonname + +import ( + "reflect" + "strings" + "sync" +) + +// DefaultJSONNameProvider is the default cache for types. +var DefaultJSONNameProvider = NewNameProvider() + +// NameProvider represents an object capable of translating from go property names +// to json property names. +// +// This type is thread-safe. +// +// See [github.com/go-openapi/jsonpointer.Pointer] for an example. +type NameProvider struct { + lock *sync.Mutex + index map[reflect.Type]nameIndex +} + +type nameIndex struct { + jsonNames map[string]string + goNames map[string]string +} + +// NewNameProvider creates a new name provider +func NewNameProvider() *NameProvider { + return &NameProvider{ + lock: &sync.Mutex{}, + index: make(map[reflect.Type]nameIndex), + } +} + +func buildnameIndex(tpe reflect.Type, idx, reverseIdx map[string]string) { + for i := 0; i < tpe.NumField(); i++ { + targetDes := tpe.Field(i) + + if targetDes.PkgPath != "" { // unexported + continue + } + + if targetDes.Anonymous { // walk embedded structures tree down first + buildnameIndex(targetDes.Type, idx, reverseIdx) + continue + } + + if tag := targetDes.Tag.Get("json"); tag != "" { + + parts := strings.Split(tag, ",") + if len(parts) == 0 { + continue + } + + nm := parts[0] + if nm == "-" { + continue + } + if nm == "" { // empty string means we want to use the Go name + nm = targetDes.Name + } + + idx[nm] = targetDes.Name + reverseIdx[targetDes.Name] = nm + } + } +} + +func newNameIndex(tpe reflect.Type) nameIndex { + var idx = make(map[string]string, tpe.NumField()) + var reverseIdx = make(map[string]string, tpe.NumField()) + + buildnameIndex(tpe, idx, reverseIdx) + return nameIndex{jsonNames: idx, goNames: reverseIdx} +} + +// GetJSONNames gets all the json property names for a type +func (n *NameProvider) GetJSONNames(subject any) []string { + n.lock.Lock() + defer n.lock.Unlock() + tpe := reflect.Indirect(reflect.ValueOf(subject)).Type() + names, ok := n.index[tpe] + if !ok { + names = n.makeNameIndex(tpe) + } + + res := make([]string, 0, len(names.jsonNames)) + for k := range names.jsonNames { + res = append(res, k) + } + return res +} + +// GetJSONName gets the json name for a go property name +func (n *NameProvider) GetJSONName(subject any, name string) (string, bool) { + tpe := reflect.Indirect(reflect.ValueOf(subject)).Type() + return n.GetJSONNameForType(tpe, name) +} + +// GetJSONNameForType gets the json name for a go property name on a given type +func (n *NameProvider) GetJSONNameForType(tpe reflect.Type, name string) (string, bool) { + n.lock.Lock() + defer n.lock.Unlock() + names, ok := n.index[tpe] + if !ok { + names = n.makeNameIndex(tpe) + } + nme, ok := names.goNames[name] + return nme, ok +} + +// GetGoName gets the go name for a json property name +func (n *NameProvider) GetGoName(subject any, name string) (string, bool) { + tpe := reflect.Indirect(reflect.ValueOf(subject)).Type() + return n.GetGoNameForType(tpe, name) +} + +// GetGoNameForType gets the go name for a given type for a json property name +func (n *NameProvider) GetGoNameForType(tpe reflect.Type, name string) (string, bool) { + n.lock.Lock() + defer n.lock.Unlock() + names, ok := n.index[tpe] + if !ok { + names = n.makeNameIndex(tpe) + } + nme, ok := names.jsonNames[name] + return nme, ok +} + +func (n *NameProvider) makeNameIndex(tpe reflect.Type) nameIndex { + names := newNameIndex(tpe) + n.index[tpe] = names + return names +} diff --git a/vendor/github.com/go-openapi/swag/jsonname_iface.go b/vendor/github.com/go-openapi/swag/jsonname_iface.go new file mode 100644 index 0000000000..303a007f6f --- /dev/null +++ b/vendor/github.com/go-openapi/swag/jsonname_iface.go @@ -0,0 +1,24 @@ +// SPDX-FileCopyrightText: Copyright 2015-2025 go-swagger maintainers +// SPDX-License-Identifier: Apache-2.0 + +package swag + +import ( + "github.com/go-openapi/swag/jsonname" +) + +// DefaultJSONNameProvider is the default cache for types +// +// Deprecated: use [jsonname.DefaultJSONNameProvider] instead. +var DefaultJSONNameProvider = jsonname.DefaultJSONNameProvider + +// NameProvider represents an object capable of translating from go property names +// to json property names. +// +// Deprecated: use [jsonname.NameProvider] instead. +type NameProvider = jsonname.NameProvider + +// NewNameProvider creates a new name provider +// +// Deprecated: use [jsonname.NewNameProvider] instead. +func NewNameProvider() *NameProvider { return jsonname.NewNameProvider() } diff --git a/vendor/github.com/go-openapi/swag/jsonutils/LICENSE b/vendor/github.com/go-openapi/swag/jsonutils/LICENSE new file mode 100644 index 0000000000..d645695673 --- /dev/null +++ b/vendor/github.com/go-openapi/swag/jsonutils/LICENSE @@ -0,0 +1,202 @@ + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/vendor/github.com/go-openapi/swag/jsonutils/README.md b/vendor/github.com/go-openapi/swag/jsonutils/README.md new file mode 100644 index 0000000000..d745cdb466 --- /dev/null +++ b/vendor/github.com/go-openapi/swag/jsonutils/README.md @@ -0,0 +1,108 @@ + # jsonutils + +`jsonutils` exposes a few tools to work with JSON: + +- a fast, simple `Concat` to concatenate (not merge) JSON objects and arrays +- `FromDynamicJSON` to convert a data structure into a "dynamic JSON" data structure +- `ReadJSON` and `WriteJSON` behave like `json.Unmarshal` and `json.Marshal`, + with the ability to use another underlying serialization library through an `Adapter` + configured at runtime +- a `JSONMapSlice` structure that may be used to store JSON objects with the order of keys maintained + +## Dynamic JSON + +We call "dynamic JSON" the go data structure that results from unmarshaling JSON like this: + +```go + var value any + jsonBytes := `{"a": 1, ... }` + _ = json.Unmarshal(jsonBytes, &value) +``` + +In this configuration, the standard library mappings are as follows: + +| JSON | go | +|-----------|------------------| +| `number` | `float64` | +| `string` | `string` | +| `boolean` | `bool` | +| `null` | `nil` | +| `object` | `map[string]any` | +| `array` | `[]any` | + +## Map slices + +When using `JSONMapSlice`, the ordering of keys is ensured by replacing +mappings to `map[string]any` by a `JSONMapSlice` which is an (ordered) +slice of `JSONMapItem`s. + +Notice that a similar feature is available for YAML (see [`yamlutils`](../yamlutils)), +with a `YAMLMapSlice` type based on the `JSONMapSlice`. + +`JSONMapSlice` is similar to an ordered map, but the keys are not retrieved +in constant time. + +Another difference with the the above standard mappings is that numbers don't always map +to a `float64`: if the value is a JSON integer, it unmarshals to `int64`. + +See also [some examples](https://pkg.go.dev/github.com/go-openapi/swag/jsonutils#pkg-examples) + +## Adapters + +`ReadJSON`, `WriteJSON` and `FromDynamicJSON` (which is a combination of the latter two) +are wrappers on top of `json.Unmarshal` and `json.Marshal`. + +By default, the adapter merely wraps the standard library. + +The adapter may be used to register other JSON serialization libraries, +possibly several ones at the same time. + +If the value passed is identified as an "ordered map" (i.e. implements `ifaces.Ordered` +or `ifaces.SetOrdered`, the adapter favors the "ordered" JSON behavior and tries to +find a registered implementation that support ordered keys in objects. + +Our standard library implementation supports this. + +As of `v0.25.0`, we support through such an adapter the popular `mailru/easyjson` +library, which kicks in when the passed values support the `easyjson.Unmarshaler` +or `easyjson.Marshaler` interfaces. + +In the future, we plan to add more similar libraries that compete on the go JSON +serializers scene. + +## Registering an adapter + +In package `github.com/go-openapi/swag/easyjson/adapters`, several adapters are available. + +Each adapter is an independent go module. Hence you'll pick its dependencies only if you import it. + +At this moment we provide: +* `stdlib`: JSON adapter based on the standard library +* `easyjson`: JSON adapter based on the `github.com/mailru/easyjson` + +The adapters provide the basic `Marshal` and `Unmarshal` capabilities, plus an implementation +of the `MapSlice` pattern. + +You may also build your own adapter based on your specific use-case. An adapter is not required to implement +all capabilities. + +Every adapter comes with a `Register` function, possibly with some options, to register the adapter +to a global registry. + +For example, to enable `easyjson` to be used in `ReadJSON` and `WriteJSON`, you would write something like: + +```go + import ( + "github.com/go-openapi/swag/jsonutils/adapters" + easyjson "github.com/go-openapi/swag/jsonutils/adapters/easyjson/json" + ) + + func init() { + easyjson.Register(adapters.Registry) + } +``` + +You may register several adapters. In this case, capability matching is evaluated from the last registered +adapters (LIFO). + +## [Benchmarks](./adapters/testintegration/benchmarks/README.md) diff --git a/vendor/github.com/go-openapi/swag/jsonutils/adapters/doc.go b/vendor/github.com/go-openapi/swag/jsonutils/adapters/doc.go new file mode 100644 index 0000000000..76d3898fca --- /dev/null +++ b/vendor/github.com/go-openapi/swag/jsonutils/adapters/doc.go @@ -0,0 +1,8 @@ +// SPDX-FileCopyrightText: Copyright 2015-2025 go-swagger maintainers +// SPDX-License-Identifier: Apache-2.0 + +// Package adapters exposes a registry of adapters to multiple +// JSON serialization libraries. +// +// All interfaces are defined in package [ifaces.Adapter]. +package adapters diff --git a/vendor/github.com/go-openapi/swag/jsonutils/adapters/ifaces/doc.go b/vendor/github.com/go-openapi/swag/jsonutils/adapters/ifaces/doc.go new file mode 100644 index 0000000000..1fd43a1fad --- /dev/null +++ b/vendor/github.com/go-openapi/swag/jsonutils/adapters/ifaces/doc.go @@ -0,0 +1,5 @@ +// SPDX-FileCopyrightText: Copyright 2015-2025 go-swagger maintainers +// SPDX-License-Identifier: Apache-2.0 + +// Package ifaces exposes all interfaces to work with adapters. +package ifaces diff --git a/vendor/github.com/go-openapi/swag/jsonutils/adapters/ifaces/ifaces.go b/vendor/github.com/go-openapi/swag/jsonutils/adapters/ifaces/ifaces.go new file mode 100644 index 0000000000..7805e5e5e3 --- /dev/null +++ b/vendor/github.com/go-openapi/swag/jsonutils/adapters/ifaces/ifaces.go @@ -0,0 +1,84 @@ +// SPDX-FileCopyrightText: Copyright 2015-2025 go-swagger maintainers +// SPDX-License-Identifier: Apache-2.0 + +package ifaces + +import ( + _ "encoding/json" // for documentation purpose + "iter" +) + +// Ordered knows how to iterate over the (key,value) pairs of a JSON object. +type Ordered interface { + OrderedItems() iter.Seq2[string, any] +} + +// SetOrdered knows how to append or update the keys of a JSON object, +// given an iterator over (key,value) pairs. +// +// If the provided iterator is nil then the receiver should be set to nil. +type SetOrdered interface { + SetOrderedItems(iter.Seq2[string, any]) +} + +// OrderedMap represent a JSON object (i.e. like a map[string,any]), +// and knows how to serialize and deserialize JSON with the order of keys maintained. +type OrderedMap interface { + Ordered + SetOrdered + + OrderedMarshalJSON() ([]byte, error) + OrderedUnmarshalJSON([]byte) error +} + +// MarshalAdapter behaves likes the standard library [json.Marshal]. +type MarshalAdapter interface { + Poolable + + Marshal(any) ([]byte, error) +} + +// OrderedMarshalAdapter behaves likes the standard library [json.Marshal], preserving the order of keys in objects. +type OrderedMarshalAdapter interface { + Poolable + + OrderedMarshal(Ordered) ([]byte, error) +} + +// UnmarshalAdapter behaves likes the standard library [json.Unmarshal]. +type UnmarshalAdapter interface { + Poolable + + Unmarshal([]byte, any) error +} + +// OrderedUnmarshalAdapter behaves likes the standard library [json.Unmarshal], preserving the order of keys in objects. +type OrderedUnmarshalAdapter interface { + Poolable + + OrderedUnmarshal([]byte, SetOrdered) error +} + +// Adapter exposes an interface like the standard [json] library. +type Adapter interface { + MarshalAdapter + UnmarshalAdapter + + OrderedAdapter +} + +// OrderedAdapter exposes interfaces to process JSON and keep the order of object keys. +type OrderedAdapter interface { + OrderedMarshalAdapter + OrderedUnmarshalAdapter + NewOrderedMap(capacity int) OrderedMap +} + +type Poolable interface { + // Self-redeem: for [Adapter] s that are allocated from a pool. + // The [Adapter] must not be used after calling [Redeem]. + Redeem() + + // Reset the state of the [Adapter], if any. + Reset() +} diff --git a/vendor/github.com/go-openapi/swag/jsonutils/adapters/ifaces/registry_iface.go b/vendor/github.com/go-openapi/swag/jsonutils/adapters/ifaces/registry_iface.go new file mode 100644 index 0000000000..2d6c69f4e6 --- /dev/null +++ b/vendor/github.com/go-openapi/swag/jsonutils/adapters/ifaces/registry_iface.go @@ -0,0 +1,91 @@ +// SPDX-FileCopyrightText: Copyright 2015-2025 go-swagger maintainers +// SPDX-License-Identifier: Apache-2.0 + +package ifaces + +import ( + "strings" +) + +// Capability indicates what a JSON adapter is capable of. +type Capability uint8 + +const ( + CapabilityMarshalJSON Capability = 1 << iota + CapabilityUnmarshalJSON + CapabilityOrderedMarshalJSON + CapabilityOrderedUnmarshalJSON + CapabilityOrderedMap +) + +func (c Capability) String() string { + switch c { + case CapabilityMarshalJSON: + return "MarshalJSON" + case CapabilityUnmarshalJSON: + return "UnmarshalJSON" + case CapabilityOrderedMarshalJSON: + return "OrderedMarshalJSON" + case CapabilityOrderedUnmarshalJSON: + return "OrderedUnmarshalJSON" + case CapabilityOrderedMap: + return "OrderedMap" + default: + return "" + } +} + +// Capabilities holds several unitary capability flags +type Capabilities uint8 + +// Has some capability flag enabled. +func (c Capabilities) Has(capability Capability) bool { + return Capability(c)&capability > 0 +} + +func (c Capabilities) String() string { + var w strings.Builder + + first := true + for _, capability := range []Capability{ + CapabilityMarshalJSON, + CapabilityUnmarshalJSON, + CapabilityOrderedMarshalJSON, + CapabilityOrderedUnmarshalJSON, + CapabilityOrderedMap, + } { + if c.Has(capability) { + if !first { + w.WriteByte('|') + } else { + first = false + } + w.WriteString(capability.String()) + } + } + + return w.String() +} + +const ( + AllCapabilities Capabilities = Capabilities(uint8(CapabilityMarshalJSON) | + uint8(CapabilityUnmarshalJSON) | + uint8(CapabilityOrderedMarshalJSON) | + uint8(CapabilityOrderedUnmarshalJSON) | + uint8(CapabilityOrderedMap)) + + AllUnorderedCapabilities Capabilities = Capabilities(uint8(CapabilityMarshalJSON) | uint8(CapabilityUnmarshalJSON)) +) + +// RegistryEntry describes how any given adapter registers its capabilities to the [Registrar]. +type RegistryEntry struct { + Who string + What Capabilities + Constructor func() Adapter + Support func(what Capability, value any) bool +} + +// Registrar is a type that knows how to keep registration calls from adapters. +type Registrar interface { + RegisterFor(RegistryEntry) +} diff --git a/vendor/github.com/go-openapi/swag/jsonutils/adapters/registry.go b/vendor/github.com/go-openapi/swag/jsonutils/adapters/registry.go new file mode 100644 index 0000000000..3062acaff2 --- /dev/null +++ b/vendor/github.com/go-openapi/swag/jsonutils/adapters/registry.go @@ -0,0 +1,229 @@ +// SPDX-FileCopyrightText: Copyright 2015-2025 go-swagger maintainers +// SPDX-License-Identifier: Apache-2.0 + +package adapters + +import ( + "fmt" + "reflect" + "slices" + "sync" + + "github.com/go-openapi/swag/jsonutils/adapters/ifaces" + stdlib "github.com/go-openapi/swag/jsonutils/adapters/stdlib/json" +) + +// Registry holds the global registry for registered adapters. +var Registry = NewRegistrar() + +var ( + defaultRegistered = stdlib.Register + + _ ifaces.Registrar = &Registrar{} +) + +type registryError string + +func (e registryError) Error() string { + return string(e) +} + +// ErrRegistry indicates an error returned by the [Registrar]. +var ErrRegistry registryError = "JSON adapters registry error" + +type registry []*ifaces.RegistryEntry + +// Registrar holds registered [ifaces.Adapters] for different serialization capabilities. +// +// Internally, it maintains a cache for data types that favor a given adapter. +type Registrar struct { + marshalerRegistry registry + unmarshalerRegistry registry + orderedMarshalerRegistry registry + orderedUnmarshalerRegistry registry + orderedMapRegistry registry + + gmx sync.RWMutex + + // cache indexed by value type, so we don't have to lookup + marshalerCache map[reflect.Type]*ifaces.RegistryEntry + unmarshalerCache map[reflect.Type]*ifaces.RegistryEntry + orderedMarshalerCache map[reflect.Type]*ifaces.RegistryEntry + orderedUnmarshalerCache map[reflect.Type]*ifaces.RegistryEntry + orderedMapCache map[reflect.Type]*ifaces.RegistryEntry +} + +func NewRegistrar() *Registrar { + r := &Registrar{} + + r.marshalerRegistry = make(registry, 0, 1) + r.unmarshalerRegistry = make(registry, 0, 1) + r.orderedMarshalerRegistry = make(registry, 0, 1) + r.orderedUnmarshalerRegistry = make(registry, 0, 1) + r.orderedMapRegistry = make(registry, 0, 1) + + r.marshalerCache = make(map[reflect.Type]*ifaces.RegistryEntry) + r.unmarshalerCache = make(map[reflect.Type]*ifaces.RegistryEntry) + r.orderedMarshalerCache = make(map[reflect.Type]*ifaces.RegistryEntry) + r.orderedUnmarshalerCache = make(map[reflect.Type]*ifaces.RegistryEntry) + r.orderedMapCache = make(map[reflect.Type]*ifaces.RegistryEntry) + + defaultRegistered(r) + + return r +} + +// ClearCache resets the internal type cache. +func (r *Registrar) ClearCache() { + r.gmx.Lock() + r.clearCache() + r.gmx.Unlock() +} + +// Reset the [Registrar] to its defaults. +func (r *Registrar) Reset() { + r.gmx.Lock() + r.clearCache() + r.marshalerRegistry = r.marshalerRegistry[:0] + r.unmarshalerRegistry = r.unmarshalerRegistry[:0] + r.orderedMarshalerRegistry = r.orderedMarshalerRegistry[:0] + r.orderedUnmarshalerRegistry = r.orderedUnmarshalerRegistry[:0] + r.orderedMapRegistry = r.orderedMapRegistry[:0] + r.gmx.Unlock() + + defaultRegistered(r) +} + +// RegisterFor registers an adapter for some JSON capabilities. +func (r *Registrar) RegisterFor(entry ifaces.RegistryEntry) { + r.gmx.Lock() + if entry.What.Has(ifaces.CapabilityMarshalJSON) { + e := entry + e.What &= ifaces.Capabilities(ifaces.CapabilityMarshalJSON) + r.marshalerRegistry = slices.Insert(r.marshalerRegistry, 0, &e) + } + if entry.What.Has(ifaces.CapabilityUnmarshalJSON) { + e := entry + e.What &= ifaces.Capabilities(ifaces.CapabilityUnmarshalJSON) + r.unmarshalerRegistry = slices.Insert(r.unmarshalerRegistry, 0, &e) + } + if entry.What.Has(ifaces.CapabilityOrderedMarshalJSON) { + e := entry + e.What &= ifaces.Capabilities(ifaces.CapabilityOrderedMarshalJSON) + r.orderedMarshalerRegistry = slices.Insert(r.orderedMarshalerRegistry, 0, &e) + } + if entry.What.Has(ifaces.CapabilityOrderedUnmarshalJSON) { + e := entry + e.What &= ifaces.Capabilities(ifaces.CapabilityOrderedUnmarshalJSON) + r.orderedUnmarshalerRegistry = slices.Insert(r.orderedUnmarshalerRegistry, 0, &e) + } + if entry.What.Has(ifaces.CapabilityOrderedMap) { + e := entry + e.What &= ifaces.Capabilities(ifaces.CapabilityOrderedMap) + r.orderedMapRegistry = slices.Insert(r.orderedMapRegistry, 0, &e) + } + r.gmx.Unlock() +} + +// AdapterFor returns an [ifaces.Adapter] that supports this capability for this type of value. +// +// The [ifaces.Adapter] may be redeemed to its pool using its Redeem() method, for adapters that support global +// pooling. When this is not the case, the redeem function is just a no-operation. +func (r *Registrar) AdapterFor(capability ifaces.Capability, value any) ifaces.Adapter { + entry := r.findFirstFor(capability, value) + if entry == nil { + return nil + } + + return entry.Constructor() +} + +func (r *Registrar) clearCache() { + clear(r.marshalerCache) + clear(r.unmarshalerCache) + clear(r.orderedMarshalerCache) + clear(r.orderedUnmarshalerCache) + clear(r.orderedMapCache) +} + +func (r *Registrar) findFirstFor(capability ifaces.Capability, value any) *ifaces.RegistryEntry { + switch capability { + case ifaces.CapabilityMarshalJSON: + return r.findFirstInRegistryFor(r.marshalerRegistry, r.marshalerCache, capability, value) + case ifaces.CapabilityUnmarshalJSON: + return r.findFirstInRegistryFor(r.unmarshalerRegistry, r.unmarshalerCache, capability, value) + case ifaces.CapabilityOrderedMarshalJSON: + return r.findFirstInRegistryFor(r.orderedMarshalerRegistry, r.orderedMarshalerCache, capability, value) + case ifaces.CapabilityOrderedUnmarshalJSON: + return r.findFirstInRegistryFor(r.orderedUnmarshalerRegistry, r.orderedUnmarshalerCache, capability, value) + case ifaces.CapabilityOrderedMap: + return r.findFirstInRegistryFor(r.orderedMapRegistry, r.orderedMapCache, capability, value) + default: + panic(fmt.Errorf("unsupported capability %d: %w", capability, ErrRegistry)) + } +} + +func (r *Registrar) findFirstInRegistryFor(reg registry, cache map[reflect.Type]*ifaces.RegistryEntry, capability ifaces.Capability, value any) *ifaces.RegistryEntry { + r.gmx.RLock() + if len(reg) > 1 { + if entry, ok := cache[reflect.TypeOf(value)]; ok { + // cache hit + r.gmx.RUnlock() + return entry + } + } + + for _, entry := range reg { + if !entry.Support(capability, value) { + continue + } + + r.gmx.RUnlock() + + // update the internal cache + r.gmx.Lock() + cache[reflect.TypeOf(value)] = entry + r.gmx.Unlock() + + return entry + } + + // no adapter found + r.gmx.RUnlock() + + return nil +} + +// MarshalAdapterFor returns the first adapter that knows how to Marshal this type of value. +func MarshalAdapterFor(value any) ifaces.MarshalAdapter { + return Registry.AdapterFor(ifaces.CapabilityMarshalJSON, value) +} + +// OrderedMarshalAdapterFor returns the first adapter that knows how to OrderedMarshal this type of value. +func OrderedMarshalAdapterFor(value ifaces.Ordered) ifaces.OrderedMarshalAdapter { + return Registry.AdapterFor(ifaces.CapabilityOrderedMarshalJSON, value) +} + +// UnmarshalAdapterFor returns the first adapter that knows how to Unmarshal this type of value. +func UnmarshalAdapterFor(value any) ifaces.UnmarshalAdapter { + return Registry.AdapterFor(ifaces.CapabilityUnmarshalJSON, value) +} + +// OrderedUnmarshalAdapterFor provides the first adapter that knows how to OrderedUnmarshal this type of value. +func OrderedUnmarshalAdapterFor(value ifaces.SetOrdered) ifaces.OrderedUnmarshalAdapter { + return Registry.AdapterFor(ifaces.CapabilityOrderedUnmarshalJSON, value) +} + +// NewOrderedMap provides the "ordered map" implementation provided by the registry. +func NewOrderedMap(capacity int) ifaces.OrderedMap { + var v any + adapter := Registry.AdapterFor(ifaces.CapabilityOrderedUnmarshalJSON, v) + if adapter == nil { + return nil + } + + defer adapter.Redeem() + return adapter.NewOrderedMap(capacity) +} + +func noopRedeemer() {} diff --git a/vendor/github.com/go-openapi/swag/jsonutils/adapters/stdlib/json/adapter.go b/vendor/github.com/go-openapi/swag/jsonutils/adapters/stdlib/json/adapter.go new file mode 100644 index 0000000000..0213ff5c29 --- /dev/null +++ b/vendor/github.com/go-openapi/swag/jsonutils/adapters/stdlib/json/adapter.go @@ -0,0 +1,115 @@ +// SPDX-FileCopyrightText: Copyright 2015-2025 go-swagger maintainers +// SPDX-License-Identifier: Apache-2.0 + +package json + +import ( + stdjson "encoding/json" + + "github.com/go-openapi/swag/jsonutils/adapters/ifaces" + "github.com/go-openapi/swag/typeutils" +) + +const sensibleBufferSize = 8192 + +type jsonError string + +func (e jsonError) Error() string { + return string(e) +} + +// ErrStdlib indicates that an error comes from the stdlib JSON adapter +var ErrStdlib jsonError = "error from the JSON adapter stdlib" + +var _ ifaces.Adapter = &Adapter{} + +type Adapter struct { +} + +// NewAdapter yields an [ifaces.Adapter] using the standard library. +func NewAdapter() *Adapter { + return &Adapter{} +} + +func (a *Adapter) Marshal(value any) ([]byte, error) { + return stdjson.Marshal(value) +} + +func (a *Adapter) Unmarshal(data []byte, value any) error { + return stdjson.Unmarshal(data, value) +} + +func (a *Adapter) OrderedMarshal(value ifaces.Ordered) ([]byte, error) { + w := poolOfWriters.Borrow() + defer func() { + poolOfWriters.Redeem(w) + }() + + if typeutils.IsNil(value) { + w.RawString("null") + + return w.BuildBytes() + } + + w.RawByte('{') + first := true + for k, v := range value.OrderedItems() { + if first { + first = false + } else { + w.RawByte(',') + } + + w.String(k) + w.RawByte(':') + + switch val := v.(type) { + case ifaces.Ordered: + w.Raw(a.OrderedMarshal(val)) + default: + w.Raw(stdjson.Marshal(v)) + } + } + + w.RawByte('}') + + return w.BuildBytes() +} + +func (a *Adapter) OrderedUnmarshal(data []byte, value ifaces.SetOrdered) error { + var m MapSlice + if err := m.OrderedUnmarshalJSON(data); err != nil { + return err + } + + if typeutils.IsNil(m) { + // force input value to nil + value.SetOrderedItems(nil) + + return nil + } + + value.SetOrderedItems(m.OrderedItems()) + + return nil +} + +func (a *Adapter) NewOrderedMap(capacity int) ifaces.OrderedMap { + m := make(MapSlice, 0, capacity) + + return &m +} + +// Redeem the [Adapter] when it comes from a pool. +// +// The adapter becomes immediately unusable once redeemed. +func (a *Adapter) Redeem() { + if a == nil { + return + } + + RedeemAdapter(a) +} + +func (a *Adapter) Reset() { +} diff --git a/vendor/github.com/go-openapi/swag/jsonutils/adapters/stdlib/json/doc.go b/vendor/github.com/go-openapi/swag/jsonutils/adapters/stdlib/json/doc.go new file mode 100644 index 0000000000..5ea1b44042 --- /dev/null +++ b/vendor/github.com/go-openapi/swag/jsonutils/adapters/stdlib/json/doc.go @@ -0,0 +1,5 @@ +// SPDX-FileCopyrightText: Copyright 2015-2025 go-swagger maintainers +// SPDX-License-Identifier: Apache-2.0 + +// Package json implements an [ifaces.Adapter] using the standard library. +package json diff --git a/vendor/github.com/go-openapi/swag/jsonutils/adapters/stdlib/json/lexer.go b/vendor/github.com/go-openapi/swag/jsonutils/adapters/stdlib/json/lexer.go new file mode 100644 index 0000000000..b5aa1c7972 --- /dev/null +++ b/vendor/github.com/go-openapi/swag/jsonutils/adapters/stdlib/json/lexer.go @@ -0,0 +1,320 @@ +// SPDX-FileCopyrightText: Copyright 2015-2025 go-swagger maintainers +// SPDX-License-Identifier: Apache-2.0 + +package json + +import ( + stdjson "encoding/json" + "errors" + "fmt" + "io" + "math" + "strconv" + + "github.com/go-openapi/swag/conv" +) + +type token struct { + stdjson.Token +} + +func (t token) String() string { + if t == invalidToken { + return "invalid token" + } + if t == eofToken { + return "EOF" + } + + return fmt.Sprintf("%v", t.Token) +} + +func (t token) Kind() tokenKind { + switch t.Token.(type) { + case nil: + return tokenNull + case stdjson.Delim: + return tokenDelim + case bool: + return tokenBool + case float64: + return tokenFloat + case stdjson.Number: + return tokenNumber + case string: + return tokenString + default: + return tokenUndef + } +} + +func (t token) Delim() byte { + r, ok := t.Token.(stdjson.Delim) + if !ok { + return 0 + } + + return byte(r) +} + +type tokenKind uint8 + +const ( + tokenUndef tokenKind = iota + tokenString + tokenNumber + tokenFloat + tokenBool + tokenNull + tokenDelim +) + +var ( + invalidToken = token{ + Token: stdjson.Token(struct{}{}), + } + + eofToken = token{ + Token: stdjson.Token(&struct{}{}), + } + + undefToken = token{ + Token: stdjson.Token(uint8(0)), + } +) + +// jlexer apes easyjson's jlexer, but uses the standard library decoder under the hood. +type jlexer struct { + buf *bytesReader + dec *stdjson.Decoder + err error + // current token + next token + // started bool +} + +type bytesReader struct { + buf []byte + offset int +} + +func (b *bytesReader) Reset() { + b.buf = nil + b.offset = 0 +} + +func (b *bytesReader) Read(p []byte) (int, error) { + if b.offset >= len(b.buf) { + return 0, io.EOF + } + + n := len(p) + buf := b.buf[b.offset:] + m := len(buf) + + if n >= m { + copy(p, buf) + b.offset += m + + return m, nil + } + + copy(p, buf[:n]) + b.offset += n + + return n, nil +} + +var _ io.Reader = &bytesReader{} + +func newLexer(data []byte) *jlexer { + l := &jlexer{ + // current: undefToken, + next: undefToken, + } + l.buf = &bytesReader{ + buf: data, + } + l.dec = stdjson.NewDecoder(l.buf) // unfortunately, cannot pool this + + return l +} + +func (l *jlexer) Reset() { + l.err = nil + l.next = undefToken + // leave l.dec and l.buf alone, since they are replaced at every Borrow +} + +func (l *jlexer) Error() error { + return l.err +} + +func (l *jlexer) SetErr(err error) { + l.err = err +} + +func (l *jlexer) Ok() bool { + return l.err == nil +} + +// NextToken consumes a token +func (l *jlexer) NextToken() token { + if !l.Ok() { + return invalidToken + } + + if l.next != undefToken { + next := l.next + l.next = undefToken + + return next + } + + return l.fetchToken() +} + +// PeekToken returns the next token without consuming it +func (l *jlexer) PeekToken() token { + if l.next == undefToken { + l.next = l.fetchToken() + } + + return l.next +} + +func (l *jlexer) Skip() { + _ = l.NextToken() +} + +func (l *jlexer) IsDelim(c byte) bool { + if !l.Ok() { + return false + } + + next := l.PeekToken() + if next.Kind() != tokenDelim { + return false + } + + if next.Delim() != c { + return false + } + + return true +} + +func (l *jlexer) IsNull() bool { + if !l.Ok() { + return false + } + + next := l.PeekToken() + + return next.Kind() == tokenNull +} + +func (l *jlexer) Delim(c byte) { + if !l.Ok() { + return + } + + tok := l.NextToken() + if tok.Kind() != tokenDelim { + l.err = fmt.Errorf("expected a delimiter token but got '%v': %w", tok, ErrStdlib) + + return + } + + if tok.Delim() != c { + l.err = fmt.Errorf("expected delimiter '%q' but got '%q': %w", c, tok.Delim(), ErrStdlib) + } +} + +func (l *jlexer) Null() { + if !l.Ok() { + return + } + + tok := l.NextToken() + if tok.Kind() != tokenNull { + l.err = fmt.Errorf("expected a null token but got '%v': %w", tok, ErrStdlib) + } +} + +func (l *jlexer) Number() any { + if !l.Ok() { + return 0 + } + + tok := l.NextToken() + + switch tok.Kind() { //nolint:exhaustive + case tokenNumber: + n := tok.Token.(stdjson.Number).String() + f, _ := strconv.ParseFloat(n, 64) + if conv.IsFloat64AJSONInteger(f) { + return int64(math.Trunc(f)) + } + + return f + + case tokenFloat: + f := tok.Token.(float64) + if conv.IsFloat64AJSONInteger(f) { + return int64(math.Trunc(f)) + } + + return f + + default: + l.err = fmt.Errorf("expected a number token but got '%v': %w", tok, ErrStdlib) + + return 0 + } +} + +func (l *jlexer) Bool() bool { + if !l.Ok() { + return false + } + + tok := l.NextToken() + if tok.Kind() != tokenBool { + l.err = fmt.Errorf("expected a bool token but got '%v': %w", tok, ErrStdlib) + + return false + } + + return tok.Token.(bool) +} + +func (l *jlexer) String() string { + if !l.Ok() { + return "" + } + + tok := l.NextToken() + if tok.Kind() != tokenString { + l.err = fmt.Errorf("expected a string token but got '%v': %w", tok, ErrStdlib) + + return "" + } + + return tok.Token.(string) +} + +// Commas and colons are elided. +func (l *jlexer) fetchToken() token { + jtok, err := l.dec.Token() + if err != nil { + if errors.Is(err, io.EOF) { + return eofToken + } + + l.err = errors.Join(err, ErrStdlib) + return invalidToken + } + + return token{Token: jtok} +} diff --git a/vendor/github.com/go-openapi/swag/jsonutils/adapters/stdlib/json/ordered_map.go b/vendor/github.com/go-openapi/swag/jsonutils/adapters/stdlib/json/ordered_map.go new file mode 100644 index 0000000000..54deef406f --- /dev/null +++ b/vendor/github.com/go-openapi/swag/jsonutils/adapters/stdlib/json/ordered_map.go @@ -0,0 +1,266 @@ +// SPDX-FileCopyrightText: Copyright 2015-2025 go-swagger maintainers +// SPDX-License-Identifier: Apache-2.0 + +package json + +import ( + stdjson "encoding/json" + "fmt" + "iter" + + "github.com/go-openapi/swag/jsonutils/adapters/ifaces" +) + +var _ ifaces.OrderedMap = &MapSlice{} + +// MapSlice represents a JSON object, with the order of keys maintained. +type MapSlice []MapItem + +func (s MapSlice) OrderedItems() iter.Seq2[string, any] { + return func(yield func(string, any) bool) { + for _, item := range s { + if !yield(item.Key, item.Value) { + return + } + } + } +} + +func (s *MapSlice) SetOrderedItems(items iter.Seq2[string, any]) { + if items == nil { + *s = nil + + return + } + + m := *s + if len(m) > 0 { + // update mode + idx := make(map[string]int, len(m)) + + for i, item := range m { + idx[item.Key] = i + } + + for k, v := range items { + idx, ok := idx[k] + if ok { + m[idx].Value = v + + continue + } + m = append(m, MapItem{Key: k, Value: v}) + } + + *s = m + + return + } + + for k, v := range items { + m = append(m, MapItem{Key: k, Value: v}) + } + + *s = m +} + +// MarshalJSON renders a [MapSlice] as JSON bytes, preserving the order of keys. +func (s MapSlice) MarshalJSON() ([]byte, error) { + return s.OrderedMarshalJSON() +} + +func (s MapSlice) OrderedMarshalJSON() ([]byte, error) { + w := poolOfWriters.Borrow() + defer func() { + poolOfWriters.Redeem(w) + }() + + s.marshalObject(w) + + return w.BuildBytes() // this clones data, so it's okay to redeem the writer and its buffer +} + +// UnmarshalJSON builds a [MapSlice] from JSON bytes, preserving the order of keys. +// +// Inner objects are unmarshaled as [MapSlice] slices and not map[string]any. +func (s *MapSlice) UnmarshalJSON(data []byte) error { + return s.OrderedUnmarshalJSON(data) +} + +func (s *MapSlice) OrderedUnmarshalJSON(data []byte) error { + l := poolOfLexers.Borrow(data) + defer func() { + poolOfLexers.Redeem(l) + }() + + s.unmarshalObject(l) + + return l.Error() +} + +func (s MapSlice) marshalObject(w *jwriter) { + if s == nil { + w.RawString("null") + + return + } + + w.RawByte('{') + + if len(s) == 0 { + w.RawByte('}') + + return + } + + s[0].marshalJSON(w) + + for i := 1; i < len(s); i++ { + w.RawByte(',') + s[i].marshalJSON(w) + } + + w.RawByte('}') +} + +func (s *MapSlice) unmarshalObject(in *jlexer) { + if in.IsNull() { + in.Skip() + + return + } + + in.Delim('{') // consume token + if !in.Ok() { + return + } + + result := make(MapSlice, 0) + + for in.Ok() && !in.IsDelim('}') { + var mi MapItem + + mi.unmarshalKeyValue(in) + result = append(result, mi) + } + + in.Delim('}') + + if !in.Ok() { + return + } + + *s = result +} + +// MapItem represents the value of a key in a JSON object held by [MapSlice]. +// +// Notice that [MapItem] should not be marshaled to or unmarshaled from JSON directly, +// use this type as part of a [MapSlice] when dealing with JSON bytes. +type MapItem struct { + Key string + Value any +} + +func (s MapItem) marshalJSON(w *jwriter) { + w.String(s.Key) + w.RawByte(':') + w.Raw(stdjson.Marshal(s.Value)) +} + +func (s *MapItem) unmarshalKeyValue(in *jlexer) { + key := in.String() // consume string + value := s.asInterface(in) // consume any value, including termination tokens '}' or ']' + + if !in.Ok() { + return + } + + s.Key = key + s.Value = value +} + +func (s *MapItem) unmarshalArray(in *jlexer) []any { + if in.IsNull() { + in.Skip() + + return nil + } + + in.Delim('[') // consume token + if !in.Ok() { + return nil + } + + ret := make([]any, 0) + + for in.Ok() && !in.IsDelim(']') { + ret = append(ret, s.asInterface(in)) + } + + in.Delim(']') + if !in.Ok() { + return nil + } + + return ret +} + +// asInterface is very much like [jlexer.Lexer.Interface], but unmarshals an object +// into a [MapSlice], not a map[string]any. +// +// We have to force parsing errors somehow, since [jlexer.Lexer] doesn't let us +// set a parsing error directly. +func (s *MapItem) asInterface(in *jlexer) any { + if !in.Ok() { + return nil + } + + tok := in.PeekToken() // look-ahead what the next token looks like + kind := tok.Kind() + + switch kind { + case tokenString: + return in.String() // consume string + + case tokenNumber, tokenFloat: + return in.Number() + + case tokenBool: + return in.Bool() + + case tokenNull: + in.Null() + + return nil + + case tokenDelim: + switch tok.Delim() { + case '{': // not consumed yet + ret := make(MapSlice, 0) + ret.unmarshalObject(in) // consumes the terminating '}' + + if in.Ok() { + return ret + } + + // lexer is in an error state: will exhaust + return nil + + case '[': // not consumed yet + return s.unmarshalArray(in) // consumes the terminating ']' + default: + in.SetErr(fmt.Errorf("unexpected delimiter: %v: %w", tok, ErrStdlib)) // force error + return nil + } + + case tokenUndef: + fallthrough + default: + if in.Ok() { + in.SetErr(fmt.Errorf("unexpected token: %v: %w", tok, ErrStdlib)) // force error + } + + return nil + } +} diff --git a/vendor/github.com/go-openapi/swag/jsonutils/adapters/stdlib/json/pool.go b/vendor/github.com/go-openapi/swag/jsonutils/adapters/stdlib/json/pool.go new file mode 100644 index 0000000000..709b97c304 --- /dev/null +++ b/vendor/github.com/go-openapi/swag/jsonutils/adapters/stdlib/json/pool.go @@ -0,0 +1,143 @@ +// SPDX-FileCopyrightText: Copyright 2015-2025 go-swagger maintainers +// SPDX-License-Identifier: Apache-2.0 + +package json + +import ( + "encoding/json" + "sync" + + "github.com/go-openapi/swag/jsonutils/adapters/ifaces" +) + +type adaptersPool struct { + sync.Pool +} + +func (p *adaptersPool) Borrow() *Adapter { + return p.Get().(*Adapter) +} + +func (p *adaptersPool) BorrowIface() ifaces.Adapter { + return p.Get().(*Adapter) +} + +func (p *adaptersPool) Redeem(a *Adapter) { + p.Put(a) +} + +type writersPool struct { + sync.Pool +} + +func (p *writersPool) Borrow() *jwriter { + ptr := p.Get() + + jw := ptr.(*jwriter) + jw.Reset() + + return jw +} + +func (p *writersPool) Redeem(w *jwriter) { + p.Put(w) +} + +type lexersPool struct { + sync.Pool +} + +func (p *lexersPool) Borrow(data []byte) *jlexer { + ptr := p.Get() + + l := ptr.(*jlexer) + l.buf = poolOfReaders.Borrow(data) + l.dec = json.NewDecoder(l.buf) // cannot pool, not exposed by the encoding/json API + l.Reset() + + return l +} + +func (p *lexersPool) Redeem(l *jlexer) { + l.dec = nil + discard := l.buf + l.buf = nil + poolOfReaders.Redeem(discard) + p.Put(l) +} + +type readersPool struct { + sync.Pool +} + +func (p *readersPool) Borrow(data []byte) *bytesReader { + ptr := p.Get() + + b := ptr.(*bytesReader) + b.Reset() + b.buf = data + + return b +} + +func (p *readersPool) Redeem(b *bytesReader) { + p.Put(b) +} + +var ( + poolOfAdapters = &adaptersPool{ + Pool: sync.Pool{ + New: func() any { + return NewAdapter() + }, + }, + } + + poolOfWriters = &writersPool{ + Pool: sync.Pool{ + New: func() any { + return newJWriter() + }, + }, + } + + poolOfLexers = &lexersPool{ + Pool: sync.Pool{ + New: func() any { + return newLexer(nil) + }, + }, + } + + poolOfReaders = &readersPool{ + Pool: sync.Pool{ + New: func() any { + return &bytesReader{} + }, + }, + } +) + +// BorrowAdapter borrows an [Adapter] from the pool, recycling already allocated instances. +func BorrowAdapter() *Adapter { + return poolOfAdapters.Borrow() +} + +// BorrowAdapterIface borrows a stdlib [Adapter] and converts it directly +// to [ifaces.Adapter]. This is useful to avoid further allocations when +// translating the concrete type into an interface. +func BorrowAdapterIface() ifaces.Adapter { + return poolOfAdapters.BorrowIface() +} + +// RedeemAdapter redeems an [Adapter] to the pool, so it may be recycled. +func RedeemAdapter(a *Adapter) { + poolOfAdapters.Redeem(a) +} + +func RedeemAdapterIface(a ifaces.Adapter) { + concrete, ok := a.(*Adapter) + if ok { + poolOfAdapters.Redeem(concrete) + } +} diff --git a/vendor/github.com/go-openapi/swag/jsonutils/adapters/stdlib/json/register.go b/vendor/github.com/go-openapi/swag/jsonutils/adapters/stdlib/json/register.go new file mode 100644 index 0000000000..fc8818694e --- /dev/null +++ b/vendor/github.com/go-openapi/swag/jsonutils/adapters/stdlib/json/register.go @@ -0,0 +1,26 @@ +// SPDX-FileCopyrightText: Copyright 2015-2025 go-swagger maintainers +// SPDX-License-Identifier: Apache-2.0 + +package json + +import ( + "fmt" + "reflect" + + "github.com/go-openapi/swag/jsonutils/adapters/ifaces" +) + +func Register(dispatcher ifaces.Registrar) { + t := reflect.TypeOf(Adapter{}) + dispatcher.RegisterFor( + ifaces.RegistryEntry{ + Who: fmt.Sprintf("%s.%s", t.PkgPath(), t.Name()), + What: ifaces.AllCapabilities, + Constructor: BorrowAdapterIface, + Support: support, + }) +} + +func support(_ ifaces.Capability, _ any) bool { + return true +} diff --git a/vendor/github.com/go-openapi/swag/jsonutils/adapters/stdlib/json/writer.go b/vendor/github.com/go-openapi/swag/jsonutils/adapters/stdlib/json/writer.go new file mode 100644 index 0000000000..dc2325c1a3 --- /dev/null +++ b/vendor/github.com/go-openapi/swag/jsonutils/adapters/stdlib/json/writer.go @@ -0,0 +1,75 @@ +// SPDX-FileCopyrightText: Copyright 2015-2025 go-swagger maintainers +// SPDX-License-Identifier: Apache-2.0 + +package json + +import ( + "bytes" + "encoding/json" + "strings" +) + +type jwriter struct { + buf *bytes.Buffer + err error +} + +func newJWriter() *jwriter { + buf := make([]byte, 0, sensibleBufferSize) + + return &jwriter{buf: bytes.NewBuffer(buf)} +} + +func (w *jwriter) Reset() { + w.buf.Reset() + w.err = nil +} + +func (w *jwriter) RawString(s string) { + if w.err != nil { + return + } + w.buf.WriteString(s) +} + +func (w *jwriter) Raw(b []byte, err error) { + if w.err != nil { + return + } + if err != nil { + w.err = err + return + } + + _, _ = w.buf.Write(b) +} + +func (w *jwriter) RawByte(c byte) { + if w.err != nil { + return + } + w.buf.WriteByte(c) +} + +var quoteReplacer = strings.NewReplacer(`"`, `\"`, `\`, `\\`) + +func (w *jwriter) String(s string) { + if w.err != nil { + return + } + // escape quotes and \ + s = quoteReplacer.Replace(s) + + _ = w.buf.WriteByte('"') + json.HTMLEscape(w.buf, []byte(s)) + _ = w.buf.WriteByte('"') +} + +// BuildBytes returns a clone of the internal buffer. +func (w *jwriter) BuildBytes() ([]byte, error) { + if w.err != nil { + return nil, w.err + } + + return bytes.Clone(w.buf.Bytes()), nil +} diff --git a/vendor/github.com/go-openapi/swag/jsonutils/concat.go b/vendor/github.com/go-openapi/swag/jsonutils/concat.go new file mode 100644 index 0000000000..2068503af0 --- /dev/null +++ b/vendor/github.com/go-openapi/swag/jsonutils/concat.go @@ -0,0 +1,92 @@ +// SPDX-FileCopyrightText: Copyright 2015-2025 go-swagger maintainers +// SPDX-License-Identifier: Apache-2.0 + +package jsonutils + +import ( + "bytes" +) + +// nullJSON represents a JSON object with null type +var nullJSON = []byte("null") + +const comma = byte(',') + +var closers map[byte]byte + +func init() { + closers = map[byte]byte{ + '{': '}', + '[': ']', + } +} + +// ConcatJSON concatenates multiple json objects or arrays efficiently. +// +// Note that [ConcatJSON] performs a very simple (and fast) concatenation +// operation: it does not attempt to merge objects. +func ConcatJSON(blobs ...[]byte) []byte { + if len(blobs) == 0 { + return nil + } + + last := len(blobs) - 1 + for blobs[last] == nil || bytes.Equal(blobs[last], nullJSON) { + // strips trailing null objects + last-- + if last < 0 { + // there was nothing but "null"s or nil... + return nil + } + } + if last == 0 { + return blobs[0] + } + + var opening, closing byte + var idx, a int + buf := bytes.NewBuffer(nil) + + for i, b := range blobs[:last+1] { + if b == nil || bytes.Equal(b, nullJSON) { + // a null object is in the list: skip it + continue + } + if len(b) > 0 && opening == 0 { // is this an array or an object? + opening, closing = b[0], closers[b[0]] + } + + if opening != '{' && opening != '[' { + continue // don't know how to concatenate non container objects + } + + const minLengthIfNotEmpty = 3 + if len(b) < minLengthIfNotEmpty { // yep empty but also the last one, so closing this thing + if i == last && a > 0 { + _ = buf.WriteByte(closing) // never returns err != nil + } + continue + } + + idx = 0 + if a > 0 { // we need to join with a comma for everything beyond the first non-empty item + _ = buf.WriteByte(comma) // never returns err != nil + idx = 1 // this is not the first or the last so we want to drop the leading bracket + } + + if i != last { // not the last one, strip brackets + _, _ = buf.Write(b[idx : len(b)-1]) // never returns err != nil + } else { // last one, strip only the leading bracket + _, _ = buf.Write(b[idx:]) + } + a++ + } + + // somehow it ended up being empty, so provide a default value + if buf.Len() == 0 && (opening == '{' || opening == '[') { + _ = buf.WriteByte(opening) // never returns err != nil + _ = buf.WriteByte(closing) + } + + return buf.Bytes() +} diff --git a/vendor/github.com/go-openapi/swag/jsonutils/doc.go b/vendor/github.com/go-openapi/swag/jsonutils/doc.go new file mode 100644 index 0000000000..3926cc58d1 --- /dev/null +++ b/vendor/github.com/go-openapi/swag/jsonutils/doc.go @@ -0,0 +1,7 @@ +// SPDX-FileCopyrightText: Copyright 2015-2025 go-swagger maintainers +// SPDX-License-Identifier: Apache-2.0 + +// Package jsonutils provides helpers to work with JSON. +// +// These utilities work with dynamic go structures to and from JSON. +package jsonutils diff --git a/vendor/github.com/go-openapi/swag/jsonutils/json.go b/vendor/github.com/go-openapi/swag/jsonutils/json.go new file mode 100644 index 0000000000..40753ce03f --- /dev/null +++ b/vendor/github.com/go-openapi/swag/jsonutils/json.go @@ -0,0 +1,116 @@ +// SPDX-FileCopyrightText: Copyright 2015-2025 go-swagger maintainers +// SPDX-License-Identifier: Apache-2.0 + +package jsonutils + +import ( + "bytes" + "encoding/json" + + "github.com/go-openapi/swag/jsonutils/adapters" + "github.com/go-openapi/swag/jsonutils/adapters/ifaces" +) + +// WriteJSON marshals a data structure as JSON. +// +// The difference with [json.Marshal] is that it may check among several alternatives +// to do so. +// +// See [adapters.Registrar] for more details about how to configure +// multiple serialization alternatives. +// +// NOTE: to allow types that are [easyjson.Marshaler] s to use that route to process JSON, +// you now need to register the adapter for easyjson at runtime. +func WriteJSON(value any) ([]byte, error) { + if orderedMap, isOrdered := value.(ifaces.Ordered); isOrdered { + orderedMarshaler := adapters.OrderedMarshalAdapterFor(orderedMap) + + if orderedMarshaler != nil { + defer orderedMarshaler.Redeem() + + return orderedMarshaler.OrderedMarshal(orderedMap) + } + + // no support found in registered adapters, fallback to the default (unordered) case + } + + marshaler := adapters.MarshalAdapterFor(value) + if marshaler != nil { + defer marshaler.Redeem() + + return marshaler.Marshal(value) + } + + // no support found in registered adapters, fallback to the default standard library. + // + // This only happens when tinkering with the global registry of adapters, since the default handles all the above cases. + return json.Marshal(value) // Codecov ignore // this is a safeguard not easily simulated in tests +} + +// ReadJSON unmarshals JSON data into a data structure. +// +// The difference with [json.Unmarshal] is that it may check among several alternatives +// to do so. +// +// See [adapters.Registrar] for more details about how to configure +// multiple serialization alternatives. +// +// NOTE: value must be a pointer. +// +// If the provided value implements [ifaces.SetOrdered], it is a considered an "ordered map" and [ReadJSON] +// will favor an adapter that supports the [ifaces.OrderedUnmarshal] feature, or fallback to +// an unordered behavior if none is found. +// +// NOTE: to allow types that are [easyjson.Unmarshaler] s to use that route to process JSON, +// you now need to register the adapter for easyjson at runtime. +func ReadJSON(data []byte, value any) error { + trimmedData := bytes.Trim(data, "\x00") + + if orderedMap, isOrdered := value.(ifaces.SetOrdered); isOrdered { + // if the value is an ordered map, favors support for OrderedUnmarshal. + + orderedUnmarshaler := adapters.OrderedUnmarshalAdapterFor(orderedMap) + + if orderedUnmarshaler != nil { + defer orderedUnmarshaler.Redeem() + + return orderedUnmarshaler.OrderedUnmarshal(trimmedData, orderedMap) + } + + // no support found in registered adapters, fallback to the default (unordered) case + } + + unmarshaler := adapters.UnmarshalAdapterFor(value) + if unmarshaler != nil { + defer unmarshaler.Redeem() + + return unmarshaler.Unmarshal(trimmedData, value) + } + + // no support found in registered adapters, fallback to the default standard library. + // + // This only happens when tinkering with the global registry of adapters, since the default handles all the above cases. + return json.Unmarshal(trimmedData, value) // Codecov ignore // this is a safeguard not easily simulated in tests +} + +// FromDynamicJSON turns a go value into a properly JSON typed structure. +// +// "Dynamic JSON" refers to what you get when unmarshaling JSON into an untyped any, +// i.e. objects are represented by map[string]any, arrays by []any, and +// all numbers are represented as float64. +// +// NOTE: target must be a pointer. +// +// # Maintaining the order of keys in objects +// +// If source and target implement [ifaces.Ordered] and [ifaces.SetOrdered] respectively, +// they are considered "ordered maps" and the order of keys is maintained in the +// "jsonification" process. In that case, map[string]any values are replaced by (ordered) [JSONMapSlice] ones. +func FromDynamicJSON(source, target any) error { + b, err := WriteJSON(source) + if err != nil { + return err + } + + return ReadJSON(b, target) +} diff --git a/vendor/github.com/go-openapi/swag/jsonutils/ordered_map.go b/vendor/github.com/go-openapi/swag/jsonutils/ordered_map.go new file mode 100644 index 0000000000..38dd3e2444 --- /dev/null +++ b/vendor/github.com/go-openapi/swag/jsonutils/ordered_map.go @@ -0,0 +1,114 @@ +// SPDX-FileCopyrightText: Copyright 2015-2025 go-swagger maintainers +// SPDX-License-Identifier: Apache-2.0 + +package jsonutils + +import ( + "iter" + + "github.com/go-openapi/swag/jsonutils/adapters" + "github.com/go-openapi/swag/typeutils" +) + +// JSONMapSlice represents a JSON object, with the order of keys maintained. +// +// It behaves like an ordered map, but keys can't be accessed in constant time. +type JSONMapSlice []JSONMapItem + +// OrderedItems iterates over all (key,value) pairs with the order of keys maintained. +// +// This implements the [ifaces.Ordered] interface, so that [ifaces.Adapter] s know how to marshal +// keys in the desired order. +func (s JSONMapSlice) OrderedItems() iter.Seq2[string, any] { + return func(yield func(string, any) bool) { + for _, item := range s { + if !yield(item.Key, item.Value) { + return + } + } + } +} + +// SetOrderedItems sets keys in the [JSONMapSlice] objects, as presented by +// the provided iterator. +// +// As a special case, if items is nil, this sets to receiver to a nil slice. +// +// This implements the [ifaces.SetOrdered] interface, so that [ifaces.Adapter] s know how to unmarshal +// keys in the desired order. +func (s *JSONMapSlice) SetOrderedItems(items iter.Seq2[string, any]) { + if items == nil { + // force receiver to be a nil slice + *s = nil + + return + } + + m := *s + if len(m) > 0 { + // update mode: short-circuited when unmarshaling fresh data structures + idx := make(map[string]int, len(m)) + + for i, item := range m { + idx[item.Key] = i + } + + for k, v := range items { + idx, ok := idx[k] + if ok { + m[idx].Value = v + + continue + } + + m = append(m, JSONMapItem{Key: k, Value: v}) + } + + *s = m + + return + } + + for k, v := range items { + m = append(m, JSONMapItem{Key: k, Value: v}) + } + + *s = m +} + +// MarshalJSON renders a [JSONMapSlice] as JSON bytes, preserving the order of keys. +// +// It will pick the JSON library currently configured by the [adapters.Registry] (defaults to the standard library). +func (s JSONMapSlice) MarshalJSON() ([]byte, error) { + orderedMarshaler := adapters.OrderedMarshalAdapterFor(s) + defer orderedMarshaler.Redeem() + + return orderedMarshaler.OrderedMarshal(s) +} + +// UnmarshalJSON builds a [JSONMapSlice] from JSON bytes, preserving the order of keys. +// +// Inner objects are unmarshaled as ordered [JSONMapSlice] slices and not map[string]any. +// +// It will pick the JSON library currently configured by the [adapters.Registry] (defaults to the standard library). +func (s *JSONMapSlice) UnmarshalJSON(data []byte) error { + if typeutils.IsNil(*s) { + // allow to unmarshal with a simple var declaration (nil slice) + *s = JSONMapSlice{} + } + + orderedUnmarshaler := adapters.OrderedUnmarshalAdapterFor(s) + defer orderedUnmarshaler.Redeem() + + return orderedUnmarshaler.OrderedUnmarshal(data, s) +} + +// JSONMapItem represents the value of a key in a JSON object held by [JSONMapSlice]. +// +// Notice that JSONMapItem should not be marshaled to or unmarshaled from JSON directly. +// +// Use this type as part of a [JSONMapSlice] when dealing with JSON bytes. +type JSONMapItem struct { + Key string + Value any +} diff --git a/vendor/github.com/go-openapi/swag/jsonutils_iface.go b/vendor/github.com/go-openapi/swag/jsonutils_iface.go new file mode 100644 index 0000000000..7bd4105fa5 --- /dev/null +++ b/vendor/github.com/go-openapi/swag/jsonutils_iface.go @@ -0,0 +1,65 @@ +// SPDX-FileCopyrightText: Copyright 2015-2025 go-swagger maintainers +// SPDX-License-Identifier: Apache-2.0 + +package swag + +import ( + "log" + + "github.com/go-openapi/swag/jsonutils" +) + +// JSONMapSlice represents a JSON object, with the order of keys maintained +// +// Deprecated: use [jsonutils.JSONMapSlice] instead, or [yamlutils.YAMLMapSlice] if you marshal YAML. +type JSONMapSlice = jsonutils.JSONMapSlice + +// JSONMapItem represents a JSON object, with the order of keys maintained +// +// Deprecated: use [jsonutils.JSONMapItem] instead. +type JSONMapItem = jsonutils.JSONMapItem + +// WriteJSON writes json data. +// +// Deprecated: use [jsonutils.WriteJSON] instead. +func WriteJSON(data any) ([]byte, error) { return jsonutils.WriteJSON(data) } + +// ReadJSON reads json data. +// +// Deprecated: use [jsonutils.ReadJSON] instead. +func ReadJSON(data []byte, value any) error { return jsonutils.ReadJSON(data, value) } + +// DynamicJSONToStruct converts an untyped JSON structure into a target data type. +// +// Deprecated: use [jsonutils.FromDynamicJSON] instead. +func DynamicJSONToStruct(data any, target any) error { + return jsonutils.FromDynamicJSON(data, target) +} + +// ConcatJSON concatenates multiple JSON objects efficiently. +// +// Deprecated: use [jsonutils.ConcatJSON] instead. +func ConcatJSON(blobs ...[]byte) []byte { return jsonutils.ConcatJSON(blobs...) } + +// ToDynamicJSON turns a go value into a properly JSON untyped structure. +// +// It is the same as [FromDynamicJSON], but doesn't check for errors. +// +// Deprecated: this function is a misnomer and is unsafe. Use [jsonutils.FromDynamicJSON] instead. +func ToDynamicJSON(value any) any { + var res any + if err := FromDynamicJSON(value, &res); err != nil { + log.Println(err) + } + + return res +} + +// FromDynamicJSON turns a go value into a properly JSON typed structure. +// +// "Dynamic JSON" refers to what you get when unmarshaling JSON into an untyped any, +// i.e. objects are represented by map[string]any, arrays by []any, and all +// scalar values are any. +// +// Deprecated: use [jsonutils.FromDynamicJSON] instead. +func FromDynamicJSON(data, target any) error { return jsonutils.FromDynamicJSON(data, target) } diff --git a/vendor/github.com/go-openapi/swag/loading/LICENSE b/vendor/github.com/go-openapi/swag/loading/LICENSE new file mode 100644 index 0000000000..d645695673 --- /dev/null +++ b/vendor/github.com/go-openapi/swag/loading/LICENSE @@ -0,0 +1,202 @@ + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/vendor/github.com/go-openapi/swag/loading/doc.go b/vendor/github.com/go-openapi/swag/loading/doc.go new file mode 100644 index 0000000000..8cf7bcb8b9 --- /dev/null +++ b/vendor/github.com/go-openapi/swag/loading/doc.go @@ -0,0 +1,5 @@ +// SPDX-FileCopyrightText: Copyright 2015-2025 go-swagger maintainers +// SPDX-License-Identifier: Apache-2.0 + +// Package loading provides tools to load a file from http or from a local file system. +package loading diff --git a/vendor/github.com/go-openapi/swag/loading/errors.go b/vendor/github.com/go-openapi/swag/loading/errors.go new file mode 100644 index 0000000000..b3964289c7 --- /dev/null +++ b/vendor/github.com/go-openapi/swag/loading/errors.go @@ -0,0 +1,15 @@ +// SPDX-FileCopyrightText: Copyright 2015-2025 go-swagger maintainers +// SPDX-License-Identifier: Apache-2.0 + +package loading + +type loadingError string + +const ( + // ErrLoader is an error raised by the file loader utility + ErrLoader loadingError = "loader error" +) + +func (e loadingError) Error() string { + return string(e) +} diff --git a/vendor/github.com/go-openapi/swag/loading/json.go b/vendor/github.com/go-openapi/swag/loading/json.go new file mode 100644 index 0000000000..59db12f5cf --- /dev/null +++ b/vendor/github.com/go-openapi/swag/loading/json.go @@ -0,0 +1,25 @@ +// SPDX-FileCopyrightText: Copyright 2015-2025 go-swagger maintainers +// SPDX-License-Identifier: Apache-2.0 + +package loading + +import ( + "encoding/json" + "errors" + "path/filepath" +) + +// JSONMatcher matches json for a file loader. +func JSONMatcher(path string) bool { + ext := filepath.Ext(path) + return ext == ".json" || ext == ".jsn" || ext == ".jso" +} + +// JSONDoc loads a json document from either a file or a remote url. +func JSONDoc(path string, opts ...Option) (json.RawMessage, error) { + data, err := LoadFromFileOrHTTP(path, opts...) + if err != nil { + return nil, errors.Join(err, ErrLoader) + } + return json.RawMessage(data), nil +} diff --git a/vendor/github.com/go-openapi/swag/loading.go b/vendor/github.com/go-openapi/swag/loading/loading.go similarity index 59% rename from vendor/github.com/go-openapi/swag/loading.go rename to vendor/github.com/go-openapi/swag/loading/loading.go index 783442fddf..269fb74d16 100644 --- a/vendor/github.com/go-openapi/swag/loading.go +++ b/vendor/github.com/go-openapi/swag/loading/loading.go @@ -1,54 +1,26 @@ -// Copyright 2015 go-swagger maintainers -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. +// SPDX-FileCopyrightText: Copyright 2015-2025 go-swagger maintainers +// SPDX-License-Identifier: Apache-2.0 -package swag +package loading import ( + "context" + "embed" "fmt" "io" "log" "net/http" "net/url" - "os" "path" "path/filepath" "runtime" "strings" - "time" ) -// LoadHTTPTimeout the default timeout for load requests -var LoadHTTPTimeout = 30 * time.Second - -// LoadHTTPBasicAuthUsername the username to use when load requests require basic auth -var LoadHTTPBasicAuthUsername = "" - -// LoadHTTPBasicAuthPassword the password to use when load requests require basic auth -var LoadHTTPBasicAuthPassword = "" - -// LoadHTTPCustomHeaders an optional collection of custom HTTP headers for load requests -var LoadHTTPCustomHeaders = map[string]string{} - // LoadFromFileOrHTTP loads the bytes from a file or a remote http server based on the path passed in -func LoadFromFileOrHTTP(pth string) ([]byte, error) { - return LoadStrategy(pth, os.ReadFile, loadHTTPBytes(LoadHTTPTimeout))(pth) -} - -// LoadFromFileOrHTTPWithTimeout loads the bytes from a file or a remote http server based on the path passed in -// timeout arg allows for per request overriding of the request timeout -func LoadFromFileOrHTTPWithTimeout(pth string, timeout time.Duration) ([]byte, error) { - return LoadStrategy(pth, os.ReadFile, loadHTTPBytes(timeout))(pth) +func LoadFromFileOrHTTP(pth string, opts ...Option) ([]byte, error) { + o := optionsWithDefaults(opts) + return LoadStrategy(pth, o.ReadFileFunc(), loadHTTPBytes(opts...), opts...)(pth) } // LoadStrategy returns a loader function for a given path or URI. @@ -81,10 +53,12 @@ func LoadFromFileOrHTTPWithTimeout(pth string, timeout time.Duration) ([]byte, e // - `file://host/folder/file` becomes an UNC path like `\\host\folder\file` (no port specification is supported) // - `file:///c:/folder/file` becomes `C:\folder\file` // - `file://c:/folder/file` is tolerated (without leading `/`) and becomes `c:\folder\file` -func LoadStrategy(pth string, local, remote func(string) ([]byte, error)) func(string) ([]byte, error) { +func LoadStrategy(pth string, local, remote func(string) ([]byte, error), opts ...Option) func(string) ([]byte, error) { if strings.HasPrefix(pth, "http") { return remote } + o := optionsWithDefaults(opts) + _, isEmbedFS := o.fs.(embed.FS) return func(p string) ([]byte, error) { upth, err := url.PathUnescape(p) @@ -92,19 +66,19 @@ func LoadStrategy(pth string, local, remote func(string) ([]byte, error)) func(s return nil, err } - if !strings.HasPrefix(p, `file://`) { + cpth, hasPrefix := strings.CutPrefix(upth, "file://") + if !hasPrefix || isEmbedFS || runtime.GOOS != "windows" { + // crude processing: trim the file:// prefix. This leaves full URIs with a host with a (mostly) unexpected result // regular file path provided: just normalize slashes - return local(filepath.FromSlash(upth)) - } - - if runtime.GOOS != "windows" { - // crude processing: this leaves full URIs with a host with a (mostly) unexpected result - upth = strings.TrimPrefix(upth, `file://`) + if isEmbedFS { + // on windows, we need to slash the path if FS is an embed FS. + return local(strings.TrimLeft(filepath.ToSlash(cpth), "./")) // remove invalid leading characters for embed FS + } - return local(filepath.FromSlash(upth)) + return local(filepath.FromSlash(cpth)) } - // windows-only pre-processing of file://... URIs + // windows-only pre-processing of file://... URIs, excluding embed.FS // support for canonical file URIs on windows. u, err := url.Parse(filepath.ToSlash(upth)) @@ -139,19 +113,29 @@ func LoadStrategy(pth string, local, remote func(string) ([]byte, error)) func(s } } -func loadHTTPBytes(timeout time.Duration) func(path string) ([]byte, error) { +func loadHTTPBytes(opts ...Option) func(path string) ([]byte, error) { + o := optionsWithDefaults(opts) + return func(path string) ([]byte, error) { - client := &http.Client{Timeout: timeout} - req, err := http.NewRequest(http.MethodGet, path, nil) //nolint:noctx + client := o.client + timeoutCtx := context.Background() + var cancel func() + + if o.httpTimeout > 0 { + timeoutCtx, cancel = context.WithTimeout(timeoutCtx, o.httpTimeout) + defer cancel() + } + + req, err := http.NewRequestWithContext(timeoutCtx, http.MethodGet, path, nil) if err != nil { return nil, err } - if LoadHTTPBasicAuthUsername != "" && LoadHTTPBasicAuthPassword != "" { - req.SetBasicAuth(LoadHTTPBasicAuthUsername, LoadHTTPBasicAuthPassword) + if o.basicAuthUsername != "" && o.basicAuthPassword != "" { + req.SetBasicAuth(o.basicAuthUsername, o.basicAuthPassword) } - for key, val := range LoadHTTPCustomHeaders { + for key, val := range o.customHeaders { req.Header.Set(key, val) } @@ -168,7 +152,7 @@ func loadHTTPBytes(timeout time.Duration) func(path string) ([]byte, error) { } if resp.StatusCode != http.StatusOK { - return nil, fmt.Errorf("could not access document at %q [%s] ", path, resp.Status) + return nil, fmt.Errorf("could not access document at %q [%s]: %w", path, resp.Status, ErrLoader) } return io.ReadAll(resp.Body) diff --git a/vendor/github.com/go-openapi/swag/loading/options.go b/vendor/github.com/go-openapi/swag/loading/options.go new file mode 100644 index 0000000000..6674ac69e6 --- /dev/null +++ b/vendor/github.com/go-openapi/swag/loading/options.go @@ -0,0 +1,125 @@ +// SPDX-FileCopyrightText: Copyright 2015-2025 go-swagger maintainers +// SPDX-License-Identifier: Apache-2.0 + +package loading + +import ( + "io/fs" + "net/http" + "os" + "time" +) + +type ( + // Option provides options for loading a file over HTTP or from a file. + Option func(*options) + + httpOptions struct { + httpTimeout time.Duration + basicAuthUsername string + basicAuthPassword string + customHeaders map[string]string + client *http.Client + } + + fileOptions struct { + fs fs.ReadFileFS + } + + options struct { + httpOptions + fileOptions + } +) + +func (fo fileOptions) ReadFileFunc() func(string) ([]byte, error) { + if fo.fs == nil { + return os.ReadFile + } + + return fo.fs.ReadFile +} + +// WithTimeout sets a timeout for the remote file loader. +// +// The default timeout is 30s. +func WithTimeout(timeout time.Duration) Option { + return func(o *options) { + o.httpTimeout = timeout + } +} + +// WithBasicAuth sets a basic authentication scheme for the remote file loader. +func WithBasicAuth(username, password string) Option { + return func(o *options) { + o.basicAuthUsername = username + o.basicAuthPassword = password + } +} + +// WithCustomHeaders sets custom headers for the remote file loader. +func WithCustomHeaders(headers map[string]string) Option { + return func(o *options) { + if o.customHeaders == nil { + o.customHeaders = make(map[string]string, len(headers)) + } + + for header, value := range headers { + o.customHeaders[header] = value + } + } +} + +// WithHTTPClient overrides the default HTTP client used to fetch a remote file. +// +// By default, [http.DefaultClient] is used. +func WithHTTPClient(client *http.Client) Option { + return func(o *options) { + o.client = client + } +} + +// WithFS sets a file system for the local file loader. +// +// If the provided file system is a [fs.ReadFileFS], the ReadFile function is used. +// Otherwise, ReadFile is wrapped using [fs.ReadFile]. +// +// By default, the file system is the one provided by the os package. +// +// For example, this may be set to consume from an embedded file system, or a rooted FS. +func WithFS(filesystem fs.FS) Option { + return func(o *options) { + if rfs, ok := filesystem.(fs.ReadFileFS); ok { + o.fs = rfs + + return + } + o.fs = readFileFS{FS: filesystem} + } +} + +type readFileFS struct { + fs.FS +} + +func (r readFileFS) ReadFile(name string) ([]byte, error) { + return fs.ReadFile(r.FS, name) +} + +func optionsWithDefaults(opts []Option) options { + const defaultTimeout = 30 * time.Second + + o := options{ + // package level defaults + httpOptions: httpOptions{ + httpTimeout: defaultTimeout, + client: http.DefaultClient, + }, + } + + for _, apply := range opts { + apply(&o) + } + + return o +} diff --git a/vendor/github.com/go-openapi/swag/loading/yaml.go b/vendor/github.com/go-openapi/swag/loading/yaml.go new file mode 100644 index 0000000000..3ebb53668c --- /dev/null +++ b/vendor/github.com/go-openapi/swag/loading/yaml.go @@ -0,0 +1,37 @@ +// SPDX-FileCopyrightText: Copyright 2015-2025 go-swagger maintainers +// SPDX-License-Identifier: Apache-2.0 + +package loading + +import ( + "encoding/json" + "path/filepath" + + "github.com/go-openapi/swag/yamlutils" +) + +// YAMLMatcher matches yaml for a file loader. +func YAMLMatcher(path string) bool { + ext := filepath.Ext(path) + return ext == ".yaml" || ext == ".yml" +} + +// YAMLDoc loads a yaml document from either http or a file and converts it to json. +func YAMLDoc(path string, opts ...Option) (json.RawMessage, error) { + yamlDoc, err := YAMLData(path, opts...) + if err != nil { + return nil, err + } + + return yamlutils.YAMLToJSON(yamlDoc) +} + +// YAMLData loads a yaml document from either http or a file. +func YAMLData(path string, opts ...Option) (any, error) { + data, err := LoadFromFileOrHTTP(path, opts...) + if err != nil { + return nil, err + } + + return yamlutils.BytesToYAMLDoc(data) +} diff --git a/vendor/github.com/go-openapi/swag/loading_iface.go b/vendor/github.com/go-openapi/swag/loading_iface.go new file mode 100644 index 0000000000..27ec3fb8c3 --- /dev/null +++ b/vendor/github.com/go-openapi/swag/loading_iface.go @@ -0,0 +1,91 @@ +// SPDX-FileCopyrightText: Copyright 2015-2025 go-swagger maintainers +// SPDX-License-Identifier: Apache-2.0 + +package swag + +import ( + "encoding/json" + "time" + + "github.com/go-openapi/swag/loading" +) + +var ( + // Package-level defaults for the file loading utilities (deprecated). + + // LoadHTTPTimeout the default timeout for load requests. + // + // Deprecated: use [loading.WithTimeout] instead. + LoadHTTPTimeout = 30 * time.Second + + // LoadHTTPBasicAuthUsername the username to use when load requests require basic auth. + // + // Deprecated: use [loading.WithBasicAuth] instead. + LoadHTTPBasicAuthUsername = "" + + // LoadHTTPBasicAuthPassword the password to use when load requests require basic auth. + // + // Deprecated: use [loading.WithBasicAuth] instead. + LoadHTTPBasicAuthPassword = "" + + // LoadHTTPCustomHeaders an optional collection of custom HTTP headers for load requests. + // + // Deprecated: use [loading.WithCustomHeaders] instead. + LoadHTTPCustomHeaders = map[string]string{} +) + +// LoadFromFileOrHTTP loads the bytes from a file or a remote http server based on the provided path. +// +// Deprecated: use [loading.LoadFromFileOrHTTP] instead. +func LoadFromFileOrHTTP(pth string, opts ...loading.Option) ([]byte, error) { + return loading.LoadFromFileOrHTTP(pth, loadingOptionsWithDefaults(opts)...) +} + +// LoadFromFileOrHTTPWithTimeout loads the bytes from a file or a remote http server based on the path passed in +// timeout arg allows for per request overriding of the request timeout. +// +// Deprecated: use [loading.LoadFileOrHTTP] with the [loading.WithTimeout] option instead. +func LoadFromFileOrHTTPWithTimeout(pth string, timeout time.Duration, opts ...loading.Option) ([]byte, error) { + opts = append(opts, loading.WithTimeout(timeout)) + + return LoadFromFileOrHTTP(pth, opts...) +} + +// LoadStrategy returns a loader function for a given path or URL. +// +// Deprecated: use [loading.LoadStrategy] instead. +func LoadStrategy(pth string, local, remote func(string) ([]byte, error), opts ...loading.Option) func(string) ([]byte, error) { + return loading.LoadStrategy(pth, local, remote, loadingOptionsWithDefaults(opts)...) +} + +// YAMLMatcher matches yaml for a file loader. +// +// Deprecated: use [loading.YAMLMatcher] instead. +func YAMLMatcher(path string) bool { return loading.YAMLMatcher(path) } + +// YAMLDoc loads a yaml document from either http or a file and converts it to json. +// +// Deprecated: use [loading.YAMLDoc] instead. +func YAMLDoc(path string) (json.RawMessage, error) { + return loading.YAMLDoc(path) +} + +// YAMLData loads a yaml document from either http or a file. +// +// Deprecated: use [loading.YAMLData] instead. +func YAMLData(path string) (any, error) { + return loading.YAMLData(path) +} + +// loadingOptionsWithDefaults bridges deprecated default settings that use package-level variables, +// with the recommended use of loading.Option. +func loadingOptionsWithDefaults(opts []loading.Option) []loading.Option { + o := []loading.Option{ + loading.WithTimeout(LoadHTTPTimeout), + loading.WithBasicAuth(LoadHTTPBasicAuthUsername, LoadHTTPBasicAuthPassword), + loading.WithCustomHeaders(LoadHTTPCustomHeaders), + } + o = append(o, opts...) + + return o +} diff --git a/vendor/github.com/go-openapi/swag/BENCHMARK.md b/vendor/github.com/go-openapi/swag/mangling/BENCHMARK.md similarity index 53% rename from vendor/github.com/go-openapi/swag/BENCHMARK.md rename to vendor/github.com/go-openapi/swag/mangling/BENCHMARK.md index e7f28ed6b7..6674c63b72 100644 --- a/vendor/github.com/go-openapi/swag/BENCHMARK.md +++ b/vendor/github.com/go-openapi/swag/mangling/BENCHMARK.md @@ -1,12 +1,10 @@ -# Benchmarks - -## Name mangling utilities +# Benchmarking name mangling utilities ```bash go test -bench XXX -run XXX -benchtime 30s ``` -### Benchmarks at b3e7a5386f996177e4808f11acb2aa93a0f660df +## Benchmarks at b3e7a5386f996177e4808f11acb2aa93a0f660df ``` goos: linux @@ -21,7 +19,7 @@ BenchmarkToXXXName/ToHumanNameLower-4 895334 40354 ns/op 10472 B/op BenchmarkToXXXName/ToHumanNameTitle-4 882441 40678 ns/op 10566 B/op 749 allocs/op ``` -### Benchmarks after PR #79 +## Benchmarks after PR #79 ~ x10 performance improvement and ~ /100 memory allocations. @@ -50,3 +48,43 @@ BenchmarkToXXXName/ToCommandName-16 32256634 1137 ns/op 147 B/op BenchmarkToXXXName/ToHumanNameLower-16 18599661 1946 ns/op 92 B/op 6 allocs/op BenchmarkToXXXName/ToHumanNameTitle-16 17581353 2054 ns/op 105 B/op 6 allocs/op ``` + +## Benchmarks at d7d2d1b895f5b6747afaff312dd2a402e69e818b + +go1.24 + +``` +goos: linux +goarch: amd64 +pkg: github.com/go-openapi/swag +cpu: AMD Ryzen 7 5800X 8-Core Processor +BenchmarkToXXXName/ToGoName-16 19757858 1881 ns/op 42 B/op 5 allocs/op +BenchmarkToXXXName/ToVarName-16 17494111 2094 ns/op 74 B/op 7 allocs/op +BenchmarkToXXXName/ToFileName-16 28161226 1492 ns/op 158 B/op 7 allocs/op +BenchmarkToXXXName/ToCommandName-16 23787333 1489 ns/op 158 B/op 7 allocs/op +BenchmarkToXXXName/ToHumanNameLower-16 17537257 2030 ns/op 103 B/op 6 allocs/op +BenchmarkToXXXName/ToHumanNameTitle-16 16977453 2156 ns/op 105 B/op 6 allocs/op +``` + +## Benchmarks after PR #106 + +Moving the scope of everything down to a struct allowed to reduce a bit garbage and pooling. + +On top of that, ToGoName (and thus ToVarName) have been subject to a minor optimization, removing a few allocations. + +Overall timings improve by ~ -10%. + +go1.24 + +``` +goos: linux +goarch: amd64 +pkg: github.com/go-openapi/swag/mangling +cpu: AMD Ryzen 7 5800X 8-Core Processor +BenchmarkToXXXName/ToGoName-16 22496130 1618 ns/op 31 B/op 3 allocs/op +BenchmarkToXXXName/ToVarName-16 22538068 1618 ns/op 33 B/op 3 allocs/op +BenchmarkToXXXName/ToFileName-16 27722977 1236 ns/op 105 B/op 6 allocs/op +BenchmarkToXXXName/ToCommandName-16 27967395 1258 ns/op 105 B/op 6 allocs/op +BenchmarkToXXXName/ToHumanNameLower-16 18587901 1917 ns/op 103 B/op 6 allocs/op +BenchmarkToXXXName/ToHumanNameTitle-16 17193208 2019 ns/op 108 B/op 7 allocs/op +``` diff --git a/vendor/github.com/go-openapi/swag/mangling/LICENSE b/vendor/github.com/go-openapi/swag/mangling/LICENSE new file mode 100644 index 0000000000..d645695673 --- /dev/null +++ b/vendor/github.com/go-openapi/swag/mangling/LICENSE @@ -0,0 +1,202 @@ + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/vendor/github.com/go-openapi/swag/mangling/doc.go b/vendor/github.com/go-openapi/swag/mangling/doc.go new file mode 100644 index 0000000000..ce0d890485 --- /dev/null +++ b/vendor/github.com/go-openapi/swag/mangling/doc.go @@ -0,0 +1,25 @@ +// SPDX-FileCopyrightText: Copyright 2015-2025 go-swagger maintainers +// SPDX-License-Identifier: Apache-2.0 + +// Package mangling provides name mangling capabilities. +// +// Name mangling is an important stage when generating code: +// it helps construct safe program identifiers that abide by the language rules +// and play along with linters. +// +// Examples: +// +// Suppose we get an object name taken from an API spec: "json_object", +// +// We may generate a legit go type name using [NameMangler.ToGoName]: "JsonObject". +// +// We may then locate this type in a source file named using [NameMangler.ToFileName]: "json_object.go". +// +// The methods exposed by the NameMangler are used to generate code in many different contexts, such as: +// +// - generating exported or unexported go identifiers from a JSON schema or an API spec +// - generating file names +// - generating human-readable comments for types and variables +// - generating JSON-like API identifiers from go code +// - ... +package mangling diff --git a/vendor/github.com/go-openapi/swag/mangling/initialism_index.go b/vendor/github.com/go-openapi/swag/mangling/initialism_index.go new file mode 100644 index 0000000000..e5b70c1493 --- /dev/null +++ b/vendor/github.com/go-openapi/swag/mangling/initialism_index.go @@ -0,0 +1,270 @@ +// SPDX-FileCopyrightText: Copyright 2015-2025 go-swagger maintainers +// SPDX-License-Identifier: Apache-2.0 + +package mangling + +import ( + "sort" + "strings" + "unicode" + "unicode/utf8" +) + +// DefaultInitialisms returns all the initialisms configured by default for this package. +// +// # Motivation +// +// Common initialisms are acronyms for which the ordinary camel-casing rules are altered and +// for which we retain the original case. +// +// This is largely specific to the go naming conventions enforced by golint (now revive). +// +// # Example +// +// In go, "id" is a good-looking identifier, but "Id" is not and "ID" is preferred +// (notice that this stems only from conventions: the go compiler accepts all of these). +// +// Similarly, we may use "http", but not "Http". In this case, "HTTP" is preferred. +// +// # Reference and customization +// +// The default list of these casing-style exceptions is taken from the [github.com/mgechev/revive] linter for go: +// https://github.com/mgechev/revive/blob/master/lint/name.go#L93 +// +// There are a few additions to the original list, such as IPv4, IPv6 and OAI ("OpenAPI"). +// +// For these additions, "IPv4" would be preferred to "Ipv4" or "IPV4", and "OAI" to "Oai" +// +// You may redefine this list entirely using the mangler option [WithInitialisms], or simply add extra definitions +// using [WithAdditionalInitialisms]. +// +// # Mixed-case and plurals +// +// Notice that initialisms are not necessarily fully upper-cased: a mixed-case initialism indicates the preferred casing. +// +// Obviously, lower-case only initialisms do not make a lot of sense: if lower-case only initialisms are added, +// they will be considered fully capitalized. +// +// Plural forms use mixed case like "IDs". And so do values like "IPv4" or "IPv6". +// +// The [NameMangler] automatically detects simple plurals for words such as "IDs" or "APIs", +// so you don't need to configure these variants. +// +// At this moment, it doesn't support pluralization of terms that ends with an 's' (or 'S'), since there is +// no clear consensus on whether a word like DNS should be pluralized as DNSes or remain invariant. +// The [NameMangler] consider those invariant. Therefore DNSs or DNSes are not recognized as plurals for DNS. +// +// Besids, we don't want to support pluralization of terms which would otherwise conflict with another one, +// like "HTTPs" vs "HTTPS". All these should be considered invariant. Hence: "Https" matches "HTTPS" and +// "HTTPSS" is "HTTPS" followed by "S". +func DefaultInitialisms() []string { + return []string{ + "ACL", + "API", + "ASCII", + "CPU", + "CSS", + "DNS", + "EOF", + "GUID", + "HTML", + "HTTPS", + "HTTP", + "ID", + "IP", + "IPv4", // prefer the mixed case outcome IPv4 over the capitalized IPV4 + "IPv6", // prefer the mixed case outcome IPv6 over the capitalized IPV6 + "JSON", + "LHS", + "OAI", + "QPS", + "RAM", + "RHS", + "RPC", + "SLA", + "SMTP", + "SQL", + "SSH", + "TCP", + "TLS", + "TTL", + "UDP", + "UI", + "UID", + "UUID", + "URI", + "URL", + "UTF8", + "VM", + "XML", + "XMPP", + "XSRF", + "XSS", + } +} + +type indexOfInitialisms struct { + initialismsCache + + index map[string]struct{} +} + +func newIndexOfInitialisms() *indexOfInitialisms { + return &indexOfInitialisms{ + index: make(map[string]struct{}), + } +} + +func (m *indexOfInitialisms) add(words ...string) *indexOfInitialisms { + for _, word := range words { + // sanitization of injected words: trimmed from blanks, and must start with a letter + trimmed := strings.TrimSpace(word) + + firstRune, _ := utf8.DecodeRuneInString(trimmed) + if !unicode.IsLetter(firstRune) { + continue + } + + // Initialisms are case-sensitive. This means that we support mixed-case words. + // However, if specified as a lower-case string, the initialism should be fully capitalized. + if trimmed == strings.ToLower(trimmed) { + m.index[strings.ToUpper(trimmed)] = struct{}{} + + continue + } + + m.index[trimmed] = struct{}{} + } + return m +} + +func (m *indexOfInitialisms) sorted() []string { + result := make([]string, 0, len(m.index)) + for k := range m.index { + result = append(result, k) + } + sort.Sort(sort.Reverse(byInitialism(result))) + return result +} + +func (m *indexOfInitialisms) buildCache() { + m.build(m.sorted(), m.pluralForm) +} + +// initialismsCache caches all needed pre-computed and converted initialism entries, +// in the desired resolution order. +type initialismsCache struct { + initialisms []string + initialismsRunes [][]rune + initialismsUpperCased [][]rune // initialisms cached in their trimmed, upper-cased version + initialismsPluralForm []pluralForm +} + +func (c *initialismsCache) build(in []string, pluralfunc func(string) pluralForm) { + c.initialisms = in + c.initialismsRunes = asRunes(c.initialisms) + c.initialismsUpperCased = asUpperCased(c.initialisms) + c.initialismsPluralForm = asPluralForms(c.initialisms, pluralfunc) +} + +// pluralForm denotes the kind of pluralization to be used for initialisms. +// +// At this moment, initialisms are either invariant or follow a simple plural form with an +// extra (lower case) "s". +type pluralForm uint8 + +const ( + notPlural pluralForm = iota + invariantPlural + simplePlural +) + +func (f pluralForm) String() string { + switch f { + case notPlural: + return "notPlural" + case invariantPlural: + return "invariantPlural" + case simplePlural: + return "simplePlural" + default: + return "" + } +} + +// pluralForm indicates how we want to pluralize a given initialism. +// +// Besides configured invariant forms (like HTTP and HTTPS), +// an initialism is normally pluralized by adding a single 's', like in IDs. +// +// Initialisms ending with an 'S' or an 's' are configured as invariant (we don't +// support plural forms like CSSes or DNSes, however the mechanism could be extended to +// do just that). +func (m *indexOfInitialisms) pluralForm(key string) pluralForm { + if _, ok := m.index[key]; !ok { + return notPlural + } + + if strings.HasSuffix(strings.ToUpper(key), "S") { + return invariantPlural + } + + if _, ok := m.index[key+"s"]; ok { + return invariantPlural + } + + if _, ok := m.index[key+"S"]; ok { + return invariantPlural + } + + return simplePlural +} + +type byInitialism []string + +func (s byInitialism) Len() int { + return len(s) +} +func (s byInitialism) Swap(i, j int) { + s[i], s[j] = s[j], s[i] +} + +// Less specifies the order in which initialisms are prioritized: +// 1. match longest first +// 2. when equal length, match in reverse lexicographical order, lower case match comes first +func (s byInitialism) Less(i, j int) bool { + if len(s[i]) != len(s[j]) { + return len(s[i]) < len(s[j]) + } + + return s[i] < s[j] +} + +func asRunes(in []string) [][]rune { + out := make([][]rune, len(in)) + for i, initialism := range in { + out[i] = []rune(initialism) + } + + return out +} + +func asUpperCased(in []string) [][]rune { + out := make([][]rune, len(in)) + + for i, initialism := range in { + out[i] = []rune(upper(trim(initialism))) + } + + return out +} + +// asPluralForms bakes an index of pluralization support. +func asPluralForms(in []string, pluralFunc func(string) pluralForm) []pluralForm { + out := make([]pluralForm, len(in)) + for i, initialism := range in { + out[i] = pluralFunc(initialism) + } + + return out +} diff --git a/vendor/github.com/go-openapi/swag/mangling/name_lexem.go b/vendor/github.com/go-openapi/swag/mangling/name_lexem.go new file mode 100644 index 0000000000..bc837e3b9f --- /dev/null +++ b/vendor/github.com/go-openapi/swag/mangling/name_lexem.go @@ -0,0 +1,186 @@ +// SPDX-FileCopyrightText: Copyright 2015-2025 go-swagger maintainers +// SPDX-License-Identifier: Apache-2.0 + +package mangling + +import ( + "bytes" + "strings" + "unicode" + "unicode/utf8" +) + +type ( + lexemKind uint8 + + nameLexem struct { + original string + matchedInitialism string + kind lexemKind + } +) + +const ( + lexemKindCasualName lexemKind = iota + lexemKindInitialismName +) + +func newInitialismNameLexem(original, matchedInitialism string) nameLexem { + return nameLexem{ + kind: lexemKindInitialismName, + original: original, + matchedInitialism: matchedInitialism, + } +} + +func newCasualNameLexem(original string) nameLexem { + return nameLexem{ + kind: lexemKindCasualName, + original: trim(original), // TODO: save on calls to trim + } +} + +// WriteTitleized writes the titleized lexeme to a bytes.Buffer. +// +// If the first letter cannot be capitalized, it doesn't write anything and return false, +// so the caller may attempt some workaround strategy. +func (l nameLexem) WriteTitleized(w *bytes.Buffer, alwaysUpper bool) bool { + if l.kind == lexemKindInitialismName { + w.WriteString(l.matchedInitialism) + + return true + } + + if len(l.original) == 0 { + return true + } + + if len(l.original) == 1 { + // identifier is too short: casing will depend on the context + firstByte := l.original[0] + switch { + case 'A' <= firstByte && firstByte <= 'Z': + // safe + w.WriteByte(firstByte) + + return true + case alwaysUpper && 'a' <= firstByte && firstByte <= 'z': + w.WriteByte(firstByte - 'a' + 'A') + + return true + default: + + // not a letter: skip and let the caller decide + return false + } + } + + if firstByte := l.original[0]; firstByte < utf8.RuneSelf { + // ASCII + switch { + case 'A' <= firstByte && firstByte <= 'Z': + // already an upper case letter + w.WriteString(l.original) + + return true + case 'a' <= firstByte && firstByte <= 'z': + w.WriteByte(firstByte - 'a' + 'A') + w.WriteString(l.original[1:]) + + return true + default: + // not a good candidate: doesn't start with a letter + return false + } + } + + // unicode + firstRune, idx := utf8.DecodeRuneInString(l.original) + if !unicode.IsLetter(firstRune) || !unicode.IsUpper(unicode.ToUpper(firstRune)) { + // not a good candidate: doesn't start with a letter + // or a rune for which case doesn't make sense (e.g. East-Asian runes etc) + return false + } + + rest := l.original[idx:] + w.WriteRune(unicode.ToUpper(firstRune)) + w.WriteString(strings.ToLower(rest)) + + return true +} + +// WriteLower is like write titleized but it writes a lower-case version of the lexeme. +// +// Similarly, there is no writing if the casing of the first rune doesn't make sense. +func (l nameLexem) WriteLower(w *bytes.Buffer, alwaysLower bool) bool { + if l.kind == lexemKindInitialismName { + w.WriteString(lower(l.matchedInitialism)) + + return true + } + + if len(l.original) == 0 { + return true + } + + if len(l.original) == 1 { + // identifier is too short: casing will depend on the context + firstByte := l.original[0] + switch { + case 'a' <= firstByte && firstByte <= 'z': + // safe + w.WriteByte(firstByte) + + return true + case alwaysLower && 'A' <= firstByte && firstByte <= 'Z': + w.WriteByte(firstByte - 'A' + 'a') + + return true + default: + + // not a letter: skip and let the caller decide + return false + } + } + + if firstByte := l.original[0]; firstByte < utf8.RuneSelf { + // ASCII + switch { + case 'a' <= firstByte && firstByte <= 'z': + // already a lower case letter + w.WriteString(l.original) + + return true + case 'A' <= firstByte && firstByte <= 'Z': + w.WriteByte(firstByte - 'A' + 'a') + w.WriteString(l.original[1:]) + + return true + default: + // not a good candidate: doesn't start with a letter + return false + } + } + + // unicode + firstRune, idx := utf8.DecodeRuneInString(l.original) + if !unicode.IsLetter(firstRune) || !unicode.IsLower(unicode.ToLower(firstRune)) { + // not a good candidate: doesn't start with a letter + // or a rune for which case doesn't make sense (e.g. East-Asian runes etc) + return false + } + + rest := l.original[idx:] + w.WriteRune(unicode.ToLower(firstRune)) + w.WriteString(rest) + + return true +} + +func (l nameLexem) GetOriginal() string { + return l.original +} + +func (l nameLexem) IsInitialism() bool { + return l.kind == lexemKindInitialismName +} diff --git a/vendor/github.com/go-openapi/swag/mangling/name_mangler.go b/vendor/github.com/go-openapi/swag/mangling/name_mangler.go new file mode 100644 index 0000000000..da685681d0 --- /dev/null +++ b/vendor/github.com/go-openapi/swag/mangling/name_mangler.go @@ -0,0 +1,370 @@ +// SPDX-FileCopyrightText: Copyright 2015-2025 go-swagger maintainers +// SPDX-License-Identifier: Apache-2.0 + +package mangling + +import ( + "strings" + "unicode" +) + +// NameMangler knows how to transform sentences or words into +// identifiers that are a better fit in contexts such as: +// +// - unexported or exported go variable identifiers +// - file names +// - camel cased identifiers +// - ... +// +// The [NameMangler] is safe for concurrent use, save for its [NameMangler.AddInitialisms] method, +// which is not. +// +// # Known limitations +// +// At this moment, the [NameMangler] doesn't play well with "all caps" text: +// +// unless every single upper-cased word is declared as an initialism, capitalized words would generally +// not be transformed with the expected result, e.g. +// +// ToFileName("THIS_IS_ALL_CAPS") +// +// yields the weird outcome +// +// "t_h_i_s_i_s_a_l_l_c_a_p_s" +type NameMangler struct { + options + + index *indexOfInitialisms + + splitter splitter + splitterWithPostSplit splitter + + _ struct{} +} + +// NewNameMangler builds a name mangler ready to convert strings. +// +// The default name mangler is configured with default common initialisms and all default options. +func NewNameMangler(opts ...Option) NameMangler { + m := NameMangler{ + options: optionsWithDefaults(opts), + index: newIndexOfInitialisms(), + } + m.addInitialisms(m.commonInitialisms...) + + // a splitter that returns matches lexemes as ready-to-assemble strings: + // details of the lexemes are redeemed. + m.splitter = newSplitter( + withInitialismsCache(&m.index.initialismsCache), + withReplaceFunc(m.replaceFunc), + ) + + // a splitter that returns matches lexemes ready for post-processing + m.splitterWithPostSplit = newSplitter( + withInitialismsCache(&m.index.initialismsCache), + withReplaceFunc(m.replaceFunc), + withPostSplitInitialismCheck, + ) + + return m +} + +// AddInitialisms declares extra initialisms to the mangler. +// +// It declares extra words as "initialisms" (i.e. words that won't be camel cased or titled cased), +// on top of the existing list of common initialisms (such as ID, HTTP...). +// +// Added words must start with a (unicode) letter. If some don't, they are ignored. +// Added words are either fully capitalized or mixed-cased. Lower-case only words are considered capitalized. +// +// It is typically used just after initializing the [NameMangler]. +// +// When all initialisms are known at the time the mangler is initialized, it is preferable to +// use [NewNameMangler] with the option [WithAdditionalInitialisms]. +// +// Adding initialisms mutates the mangler and should not be carried out concurrently with other calls to the mangler. +func (m *NameMangler) AddInitialisms(words ...string) { + m.addInitialisms(words...) +} + +// Initialisms renders the list of initialisms supported by this mangler. +func (m *NameMangler) Initialisms() []string { + return m.index.initialisms +} + +// Camelize a single word. +// +// Example: +// +// - "HELLO" and "hello" become "Hello". +func (m NameMangler) Camelize(word string) string { + ru := []rune(word) + + switch len(ru) { + case 0: + return "" + case 1: + return string(unicode.ToUpper(ru[0])) + default: + camelized := poolOfBuffers.BorrowBuffer(len(word)) + camelized.Grow(len(word)) + defer func() { + poolOfBuffers.RedeemBuffer(camelized) + }() + + camelized.WriteRune(unicode.ToUpper(ru[0])) + for _, ru := range ru[1:] { + camelized.WriteRune(unicode.ToLower(ru)) + } + + return camelized.String() + } +} + +// ToFileName generates a suitable snake-case file name from a sentence. +// +// It lower-cases everything with underscore (_) as a word separator. +// +// Examples: +// +// - "Hello, Swagger" becomes "hello_swagger" +// - "HelloSwagger" becomes "hello_swagger" +func (m NameMangler) ToFileName(name string) string { + inptr := m.split(name) + in := *inptr + out := make([]string, 0, len(in)) + + for _, w := range in { + out = append(out, lower(w)) + } + poolOfStrings.RedeemStrings(inptr) + + return strings.Join(out, "_") +} + +// ToCommandName generates a suitable CLI command name from a sentence. +// +// It lower-cases everything with dash (-) as a word separator. +// +// Examples: +// +// - "Hello, Swagger" becomes "hello-swagger" +// - "HelloSwagger" becomes "hello-swagger" +func (m NameMangler) ToCommandName(name string) string { + inptr := m.split(name) + in := *inptr + out := make([]string, 0, len(in)) + + for _, w := range in { + out = append(out, lower(w)) + } + poolOfStrings.RedeemStrings(inptr) + + return strings.Join(out, "-") +} + +// ToHumanNameLower represents a code name as a human-readable series of words. +// +// It lower-cases everything with blank space as a word separator. +// +// NOTE: parts recognized as initialisms just keep their original casing. +// +// Examples: +// +// - "Hello, Swagger" becomes "hello swagger" +// - "HelloSwagger" or "Hello-Swagger" become "hello swagger" +func (m NameMangler) ToHumanNameLower(name string) string { + s := m.splitterWithPostSplit + in := s.split(name) + out := make([]string, 0, len(*in)) + + for _, w := range *in { + if !w.IsInitialism() { + out = append(out, lower(w.GetOriginal())) + } else { + out = append(out, trim(w.GetOriginal())) + } + } + + poolOfLexems.RedeemLexems(in) + + return strings.Join(out, " ") +} + +// ToHumanNameTitle represents a code name as a human-readable series of titleized words. +// +// It titleizes every word with blank space as a word separator. +// +// Examples: +// +// - "hello, Swagger" becomes "Hello Swagger" +// - "helloSwagger" becomes "Hello Swagger" +func (m NameMangler) ToHumanNameTitle(name string) string { + s := m.splitterWithPostSplit + in := s.split(name) + + out := make([]string, 0, len(*in)) + for _, w := range *in { + original := trim(w.GetOriginal()) + if !w.IsInitialism() { + out = append(out, m.Camelize(original)) + } else { + out = append(out, original) + } + } + poolOfLexems.RedeemLexems(in) + + return strings.Join(out, " ") +} + +// ToJSONName generates a camelized single-word version of a sentence. +// +// The output assembles every camelized word, but for the first word, which +// is lower-cased. +// +// Example: +// +// - "Hello_swagger" becomes "helloSwagger" +func (m NameMangler) ToJSONName(name string) string { + inptr := m.split(name) + in := *inptr + out := make([]string, 0, len(in)) + + for i, w := range in { + if i == 0 { + out = append(out, lower(w)) + continue + } + out = append(out, m.Camelize(trim(w))) + } + + poolOfStrings.RedeemStrings(inptr) + + return strings.Join(out, "") +} + +// ToVarName generates a legit unexported go variable name from a sentence. +// +// The generated name plays well with linters (see also [NameMangler.ToGoName]). +// +// Examples: +// +// - "Hello_swagger" becomes "helloSwagger" +// - "Http_server" becomes "httpServer" +// +// This name applies the same rules as [NameMangler.ToGoName] (legit exported variable), save the +// capitalization of the initial rune. +// +// Special case: when the initial part is a recognized as an initialism (like in the example above), +// the full part is lower-cased. +func (m NameMangler) ToVarName(name string) string { + return m.goIdentifier(name, false) +} + +// ToGoName generates a legit exported go variable name from a sentence. +// +// The generated name plays well with most linters. +// +// ToGoName abides by the go "exported" symbol rule starting with an upper-case letter. +// +// Examples: +// +// - "hello_swagger" becomes "HelloSwagger" +// - "Http_server" becomes "HTTPServer" +// +// # Edge cases +// +// Whenever the first rune is not eligible to upper case, a special prefix is prepended to the resulting name. +// By default this is simply "X" and you may customize this behavior using the [WithGoNamePrefixFunc] option. +// +// This happens when the first rune is not a letter, e.g. a digit, or a symbol that has no word transliteration +// (see also [WithReplaceFunc] about symbol transliterations), +// as well as for most East Asian or Devanagari runes, for which there is no such concept as upper-case. +// +// # Linting +// +// [revive], the successor of golint is the reference linter. +// +// This means that [NameMangler.ToGoName] supports the initialisms that revive checks (see also [DefaultInitialisms]). +// +// At this moment, there is no attempt to transliterate unicode into ascii, meaning that some linters +// (e.g. asciicheck, gosmopolitan) may croak on go identifiers generated from unicode input. +// +// [revive]: https://github.com/mgechev/revive +func (m NameMangler) ToGoName(name string) string { + return m.goIdentifier(name, true) +} + +func (m NameMangler) goIdentifier(name string, exported bool) string { + s := m.splitterWithPostSplit + lexems := s.split(name) + defer func() { + poolOfLexems.RedeemLexems(lexems) + }() + lexemes := *lexems + + if len(lexemes) == 0 { + return "" + } + + result := poolOfBuffers.BorrowBuffer(len(name)) + defer func() { + poolOfBuffers.RedeemBuffer(result) + }() + + firstPart := lexemes[0] + if !exported { + if ok := firstPart.WriteLower(result, true); !ok { + // NOTE: an initialism as the first part is lower-cased: no longer generates stuff like hTTPxyz. + // + // same prefixing rule applied to unexported variable as to an exported one, so that we have consistent + // names, whether the generated identifier is exported or not. + result.WriteString(strings.ToLower(m.prefixFunc()(name))) + result.WriteString(lexemes[0].GetOriginal()) + } + } else { + if ok := firstPart.WriteTitleized(result, true); !ok { + // "repairs" a lexeme that doesn't start with a letter to become + // the start a legit go name. The current strategy is very crude and simply adds a fixed prefix, + // e.g. "X". + // For instance "1_sesame_street" would be split into lexemes ["1", "sesame", "street"] and + // the first one ("1") would result in something like "X1" (with the default prefix function). + // + // NOTE: no longer forcing the first part to be fully upper-cased + result.WriteString(m.prefixFunc()(name)) + result.WriteString(lexemes[0].GetOriginal()) + } + } + + for _, lexem := range lexemes[1:] { + // NOTE: no longer forcing initialism parts to be fully upper-cased: + // * pluralized initialism preserve their trailing "s" + // * mixed-cased initialisms, such as IPv4, are preserved + if ok := lexem.WriteTitleized(result, false); !ok { + // it's not titleized: perhaps it's too short, perhaps the first rune is not a letter. + // write anyway + result.WriteString(lexem.GetOriginal()) + } + } + + return result.String() +} + +func (m *NameMangler) addInitialisms(words ...string) { + m.index.add(words...) + m.index.buildCache() +} + +// split calls the inner splitter. +func (m NameMangler) split(str string) *[]string { + s := m.splitter + lexems := s.split(str) + result := poolOfStrings.BorrowStrings() + + for _, lexem := range *lexems { + *result = append(*result, lexem.GetOriginal()) + } + poolOfLexems.RedeemLexems(lexems) + + return result +} diff --git a/vendor/github.com/go-openapi/swag/mangling/options.go b/vendor/github.com/go-openapi/swag/mangling/options.go new file mode 100644 index 0000000000..3c92b2f18b --- /dev/null +++ b/vendor/github.com/go-openapi/swag/mangling/options.go @@ -0,0 +1,150 @@ +// SPDX-FileCopyrightText: Copyright 2015-2025 go-swagger maintainers +// SPDX-License-Identifier: Apache-2.0 + +package mangling + +type ( + // PrefixFunc defines a safeguard rule (that may depend on the input string), to prefix + // a generated go name (in [NameMangler.ToGoName] and [NameMangler.ToVarName]). + // + // See [NameMangler.ToGoName] for more about which edge cases the prefix function covers. + PrefixFunc func(string) string + + // ReplaceFunc is a transliteration function to replace special runes by a word. + ReplaceFunc func(r rune) (string, bool) + + // Option to configure a [NameMangler]. + Option func(*options) + + options struct { + commonInitialisms []string + + goNamePrefixFunc PrefixFunc + goNamePrefixFuncPtr *PrefixFunc + replaceFunc func(r rune) (string, bool) + } +) + +func (o *options) prefixFunc() PrefixFunc { + if o.goNamePrefixFuncPtr != nil && *o.goNamePrefixFuncPtr != nil { + return *o.goNamePrefixFuncPtr + } + + return o.goNamePrefixFunc +} + +// WithGoNamePrefixFunc overrides the default prefix rule to safeguard generated go names. +// +// Example: +// +// This helps convert "123" into "{prefix}123" (a very crude strategy indeed, but it works). +// +// See [github.com/go-swagger/go-swagger/generator.DefaultFuncMap] for an example. +// +// The prefix function is assumed to return a string that starts with an upper case letter. +// +// The default is to prefix with "X". +// +// See [NameMangler.ToGoName] for more about which edge cases the prefix function covers. +func WithGoNamePrefixFunc(fn PrefixFunc) Option { + return func(o *options) { + o.goNamePrefixFunc = fn + } +} + +// WithGoNamePrefixFuncPtr is like [WithGoNamePrefixFunc] but it specifies a pointer to a function. +// +// [WithGoNamePrefixFunc] should be preferred in most situations. This option should only serve the +// purpose of handling special situations where the prefix function is not an internal variable +// (e.g. an exported package global). +// +// [WithGoNamePrefixFuncPtr] supersedes [WithGoNamePrefixFunc] if it also specified. +// +// If the provided pointer is nil or points to a nil value, this option has no effect. +// +// The caller should ensure that no undesirable concurrent changes are applied to the function pointed to. +func WithGoNamePrefixFuncPtr(ptr *PrefixFunc) Option { + return func(o *options) { + o.goNamePrefixFuncPtr = ptr + } +} + +// WithInitialisms declares the initialisms this mangler supports. +// +// This supersedes any pre-loaded defaults (see [DefaultInitialisms] for more about what initialisms are). +// +// It declares words to be recognized as "initialisms" (i.e. words that won't be camel cased or titled cased). +// +// Words must start with a (unicode) letter. If some don't, they are ignored. +// Words are either fully capitalized or mixed-cased. Lower-case only words are considered capitalized. +func WithInitialisms(words ...string) Option { + return func(o *options) { + o.commonInitialisms = words + } +} + +// WithAdditionalInitialisms adds new initialisms to the currently supported list (see [DefaultInitialisms]). +// +// The same sanitization rules apply as those described for [WithInitialisms]. +func WithAdditionalInitialisms(words ...string) Option { + return func(o *options) { + o.commonInitialisms = append(o.commonInitialisms, words...) + } +} + +// WithReplaceFunc specifies a custom transliteration function instead of the default. +// +// The default translates the following characters into words as follows: +// +// - '@' -> 'At' +// - '&' -> 'And' +// - '|' -> 'Pipe' +// - '$' -> 'Dollar' +// - '!' -> 'Bang' +// +// Notice that the outcome of a transliteration should always be titleized. +func WithReplaceFunc(fn ReplaceFunc) Option { + return func(o *options) { + o.replaceFunc = fn + } +} + +func defaultPrefixFunc(_ string) string { + return "X" +} + +// defaultReplaceTable finds a word representation for special characters. +func defaultReplaceTable(r rune) (string, bool) { + switch r { + case '@': + return "At ", true + case '&': + return "And ", true + case '|': + return "Pipe ", true + case '$': + return "Dollar ", true + case '!': + return "Bang ", true + case '-': + return "", true + case '_': + return "", true + default: + return "", false + } +} + +func optionsWithDefaults(opts []Option) options { + o := options{ + commonInitialisms: DefaultInitialisms(), + goNamePrefixFunc: defaultPrefixFunc, + replaceFunc: defaultReplaceTable, + } + + for _, apply := range opts { + apply(&o) + } + + return o +} diff --git a/vendor/github.com/go-openapi/swag/mangling/pools.go b/vendor/github.com/go-openapi/swag/mangling/pools.go new file mode 100644 index 0000000000..f810435144 --- /dev/null +++ b/vendor/github.com/go-openapi/swag/mangling/pools.go @@ -0,0 +1,123 @@ +// SPDX-FileCopyrightText: Copyright 2015-2025 go-swagger maintainers +// SPDX-License-Identifier: Apache-2.0 + +package mangling + +import ( + "bytes" + "sync" +) + +const maxAllocMatches = 8 + +type ( + // memory pools of temporary objects. + // + // These are used to recycle temporarily allocated objects + // and relieve the GC from undue pressure. + + matchesPool struct { + *sync.Pool + } + + buffersPool struct { + *sync.Pool + } + + lexemsPool struct { + *sync.Pool + } + + stringsPool struct { + *sync.Pool + } +) + +var ( + // poolOfMatches holds temporary slices for recycling during the initialism match process + poolOfMatches = matchesPool{ + Pool: &sync.Pool{ + New: func() any { + s := make(initialismMatches, 0, maxAllocMatches) + + return &s + }, + }, + } + + poolOfBuffers = buffersPool{ + Pool: &sync.Pool{ + New: func() any { + return new(bytes.Buffer) + }, + }, + } + + poolOfLexems = lexemsPool{ + Pool: &sync.Pool{ + New: func() any { + s := make([]nameLexem, 0, maxAllocMatches) + + return &s + }, + }, + } + + poolOfStrings = stringsPool{ + Pool: &sync.Pool{ + New: func() any { + s := make([]string, 0, maxAllocMatches) + + return &s + }, + }, + } +) + +func (p matchesPool) BorrowMatches() *initialismMatches { + s := p.Get().(*initialismMatches) + *s = (*s)[:0] // reset slice, keep allocated capacity + + return s +} + +func (p buffersPool) BorrowBuffer(size int) *bytes.Buffer { + s := p.Get().(*bytes.Buffer) + s.Reset() + + if s.Cap() < size { + s.Grow(size) + } + + return s +} + +func (p lexemsPool) BorrowLexems() *[]nameLexem { + s := p.Get().(*[]nameLexem) + *s = (*s)[:0] // reset slice, keep allocated capacity + + return s +} + +func (p stringsPool) BorrowStrings() *[]string { + s := p.Get().(*[]string) + *s = (*s)[:0] // reset slice, keep allocated capacity + + return s +} + +func (p matchesPool) RedeemMatches(s *initialismMatches) { + p.Put(s) +} + +func (p buffersPool) RedeemBuffer(s *bytes.Buffer) { + p.Put(s) +} + +func (p lexemsPool) RedeemLexems(s *[]nameLexem) { + p.Put(s) +} + +func (p stringsPool) RedeemStrings(s *[]string) { + p.Put(s) +} diff --git a/vendor/github.com/go-openapi/swag/mangling/split.go b/vendor/github.com/go-openapi/swag/mangling/split.go new file mode 100644 index 0000000000..ed12ea2567 --- /dev/null +++ b/vendor/github.com/go-openapi/swag/mangling/split.go @@ -0,0 +1,341 @@ +// SPDX-FileCopyrightText: Copyright 2015-2025 go-swagger maintainers +// SPDX-License-Identifier: Apache-2.0 + +package mangling + +import ( + "fmt" + "unicode" +) + +type splitterOption func(*splitter) + +// withPostSplitInitialismCheck allows to catch initialisms after main split process +func withPostSplitInitialismCheck(s *splitter) { + s.postSplitInitialismCheck = true +} + +func withReplaceFunc(fn ReplaceFunc) func(*splitter) { + return func(s *splitter) { + s.replaceFunc = fn + } +} + +func withInitialismsCache(c *initialismsCache) splitterOption { + return func(s *splitter) { + s.initialismsCache = c + } +} + +type ( + initialismMatch struct { + body []rune + start, end int + complete bool + hasPlural pluralForm + } + initialismMatches []initialismMatch +) + +// String representation of a match, e.g. for debugging. +func (m initialismMatch) String() string { + return fmt.Sprintf("{body: %s (%d), start: %d, end; %d, complete: %t, hasPlural: %v}", + string(m.body), len(m.body), m.start, m.end, m.complete, m.hasPlural, + ) +} + +func (m initialismMatch) isZero() bool { + return m.start == 0 && m.end == 0 +} + +type splitter struct { + *initialismsCache + + postSplitInitialismCheck bool + replaceFunc ReplaceFunc +} + +func newSplitter(options ...splitterOption) splitter { + var s splitter + + for _, option := range options { + option(&s) + } + + if s.replaceFunc == nil { + s.replaceFunc = defaultReplaceTable + } + + return s +} + +func (s splitter) split(name string) *[]nameLexem { + nameRunes := []rune(name) + matches := s.gatherInitialismMatches(nameRunes) + if matches == nil { + return poolOfLexems.BorrowLexems() + } + + return s.mapMatchesToNameLexems(nameRunes, matches) +} + +func (s splitter) gatherInitialismMatches(nameRunes []rune) *initialismMatches { + matches := poolOfMatches.BorrowMatches() + const minLenInitialism = 1 + if len(nameRunes) < minLenInitialism+1 { + // can't match initialism with 0 or 1 rune + return matches + } + + // first iteration + s.findMatches(matches, nameRunes, nameRunes[0], 0) + + for i, currentRune := range nameRunes[1:] { + currentRunePosition := i + 1 + // recycle allocations as we loop over runes + // with such recycling, only 2 slices should be allocated per call + // instead of o(n). + // + // BorrowMatches always yields slices with zero length (with some capacity) + newMatches := poolOfMatches.BorrowMatches() + + // check current initialism matches + for _, match := range *matches { + if keepCompleteMatch := match.complete; keepCompleteMatch { + // the match is already complete: keep it then move on to the next match + *newMatches = append(*newMatches, match) + continue + } + + if currentRunePosition-match.start == len(match.body) { + // unmatched: skip + continue + } + + // 1. by construction of the matches, we can't have currentRunePosition - match.start < 0 + // because matches have been computed with their start <= currentRunePosition in the previous + // iterations. + // 2. by construction of the matches, we can't have currentRunePosition - match.start >= len(match.body) + + currentMatchRune := match.body[currentRunePosition-match.start] + if currentMatchRune != currentRune { + // failed match, discard it then move on to the next match + continue + } + + // try to complete the current match + if currentRunePosition-match.start == len(match.body)-1 { + // we are close: the next step is to check the symbol ahead + // if it is a lowercase letter, then it is not the end of match + // but the beginning of the next word. + // + // NOTE(fredbi): this heuristic sometimes leads to counterintuitive splits and + // perhaps (not sure yet) we should check against case _alternance_. + // + // Example: + // + // In the current version, in the sentence "IDS initialism", "ID" is recognized as an initialism, + // leading to a split like "id_s_initialism" (or IDSInitialism), + // whereas in the sentence "IDx initialism", it is not and produces something like + // "i_d_x_initialism" (or IDxInitialism). The generated file name is not great. + // + // Both go identifiers are tolerated by linters. + // + // Notice that the slightly different input "IDs initialism" is correctly detected + // as a pluralized initialism and produces something like "ids_initialism" (or IDsInitialism). + + if currentRunePosition < len(nameRunes)-1 { // when before the last rune + nextRune := nameRunes[currentRunePosition+1] + + // recognize a plural form for this initialism (only simple english pluralization is supported). + if nextRune == 's' && match.hasPlural == simplePlural { + // detected a pluralized initialism + match.body = append(match.body, nextRune) + lookAhead := currentRunePosition + 1 + if lookAhead < len(nameRunes)-1 { + nextRune = nameRunes[lookAhead+1] + if newWord := unicode.IsLower(nextRune); newWord { + // it is the start of a new word. + // Match is only partial and the initialism is not recognized: + // move on to the next match, but do not advance the rune position + continue + } + } + + // this is a pluralized match: keep it + currentRunePosition++ + match.complete = true + match.hasPlural = simplePlural + match.end = currentRunePosition + *newMatches = append(*newMatches, match) + + // match is complete: keep it then move on to the next match + continue + } + + // other cases + // example: invariant plural such as "TLS" + if newWord := unicode.IsLower(nextRune); newWord { + // it is the start of a new word + // Match is only partial and the initialism is not recognized : move on + continue + } + } + + match.complete = true + match.end = currentRunePosition + } + + // append the ongoing matching attempt: it is not necessarily complete, but was successful so far. + // Let's see if it still matches on the next rune. + *newMatches = append(*newMatches, match) + } + + s.findMatches(newMatches, nameRunes, currentRune, currentRunePosition) + + poolOfMatches.RedeemMatches(matches) + matches = newMatches + } + + // it is up to the caller to redeem this last slice + return matches +} + +func (s splitter) findMatches(newMatches *initialismMatches, nameRunes []rune, currentRune rune, currentRunePosition int) { + // check for new initialism matches, based on the first character + for i, r := range s.initialismsRunes { + if r[0] != currentRune { + continue + } + + if currentRunePosition+len(r) > len(nameRunes) { + continue // not eligible: would spilll over the initial string + } + + // possible matches: all initialisms starting with the current rune and that can fit the given string (nameRunes) + *newMatches = append(*newMatches, initialismMatch{ + start: currentRunePosition, + body: r, + complete: false, + hasPlural: s.initialismsPluralForm[i], + }) + } +} + +func (s splitter) mapMatchesToNameLexems(nameRunes []rune, matches *initialismMatches) *[]nameLexem { + nameLexems := poolOfLexems.BorrowLexems() + + var lastAcceptedMatch initialismMatch + for _, match := range *matches { + if !match.complete { + continue + } + + if firstMatch := lastAcceptedMatch.isZero(); firstMatch { + s.appendBrokenDownCasualString(nameLexems, nameRunes[:match.start]) + *nameLexems = append(*nameLexems, s.breakInitialism(string(match.body))) + + lastAcceptedMatch = match + + continue + } + + if overlappedMatch := match.start <= lastAcceptedMatch.end; overlappedMatch { + continue + } + + middle := nameRunes[lastAcceptedMatch.end+1 : match.start] + s.appendBrokenDownCasualString(nameLexems, middle) + *nameLexems = append(*nameLexems, s.breakInitialism(string(match.body))) + + lastAcceptedMatch = match + } + + // we have not found any accepted matches + if lastAcceptedMatch.isZero() { + *nameLexems = (*nameLexems)[:0] + s.appendBrokenDownCasualString(nameLexems, nameRunes) + } else if lastAcceptedMatch.end+1 != len(nameRunes) { + rest := nameRunes[lastAcceptedMatch.end+1:] + s.appendBrokenDownCasualString(nameLexems, rest) + } + + poolOfMatches.RedeemMatches(matches) + + return nameLexems +} + +func (s splitter) breakInitialism(original string) nameLexem { + return newInitialismNameLexem(original, original) +} + +func (s splitter) appendBrokenDownCasualString(segments *[]nameLexem, str []rune) { + currentSegment := poolOfBuffers.BorrowBuffer(len(str)) // unlike strings.Builder, bytes.Buffer initial storage can reused + defer func() { + poolOfBuffers.RedeemBuffer(currentSegment) + }() + + addCasualNameLexem := func(original string) { + *segments = append(*segments, newCasualNameLexem(original)) + } + + addInitialismNameLexem := func(original, match string) { + *segments = append(*segments, newInitialismNameLexem(original, match)) + } + + var addNameLexem func(string) + if s.postSplitInitialismCheck { + addNameLexem = func(original string) { + for i := range s.initialisms { + if isEqualFoldIgnoreSpace(s.initialismsUpperCased[i], original) { + addInitialismNameLexem(original, s.initialisms[i]) + + return + } + } + + addCasualNameLexem(original) + } + } else { + addNameLexem = addCasualNameLexem + } + + // NOTE: (performance). The few remaining non-amortized allocations + // lay in the code below: using String() forces + for _, rn := range str { + if replace, found := s.replaceFunc(rn); found { + if currentSegment.Len() > 0 { + addNameLexem(currentSegment.String()) + currentSegment.Reset() + } + + if replace != "" { + addNameLexem(replace) + } + + continue + } + + if !unicode.In(rn, unicode.L, unicode.M, unicode.N, unicode.Pc) { + if currentSegment.Len() > 0 { + addNameLexem(currentSegment.String()) + currentSegment.Reset() + } + + continue + } + + if unicode.IsUpper(rn) { + if currentSegment.Len() > 0 { + addNameLexem(currentSegment.String()) + } + currentSegment.Reset() + } + + currentSegment.WriteRune(rn) + } + + if currentSegment.Len() > 0 { + addNameLexem(currentSegment.String()) + } +} diff --git a/vendor/github.com/go-openapi/swag/string_bytes.go b/vendor/github.com/go-openapi/swag/mangling/string_bytes.go similarity index 60% rename from vendor/github.com/go-openapi/swag/string_bytes.go rename to vendor/github.com/go-openapi/swag/mangling/string_bytes.go index 90745d5ca9..28daaf72b1 100644 --- a/vendor/github.com/go-openapi/swag/string_bytes.go +++ b/vendor/github.com/go-openapi/swag/mangling/string_bytes.go @@ -1,4 +1,7 @@ -package swag +// SPDX-FileCopyrightText: Copyright 2015-2025 go-swagger maintainers +// SPDX-License-Identifier: Apache-2.0 + +package mangling import "unsafe" diff --git a/vendor/github.com/go-openapi/swag/mangling/util.go b/vendor/github.com/go-openapi/swag/mangling/util.go new file mode 100644 index 0000000000..0636417e36 --- /dev/null +++ b/vendor/github.com/go-openapi/swag/mangling/util.go @@ -0,0 +1,118 @@ +// SPDX-FileCopyrightText: Copyright 2015-2025 go-swagger maintainers +// SPDX-License-Identifier: Apache-2.0 + +package mangling + +import ( + "strings" + "unicode" + "unicode/utf8" +) + +// Removes leading whitespaces +func trim(str string) string { return strings.TrimSpace(str) } + +// upper is strings.ToUpper() combined with trim +func upper(str string) string { + return strings.ToUpper(trim(str)) +} + +// lower is strings.ToLower() combined with trim +func lower(str string) string { + return strings.ToLower(trim(str)) +} + +// isEqualFoldIgnoreSpace is the same as strings.EqualFold, but +// it ignores leading and trailing blank spaces in the compared +// string. +// +// base is assumed to be composed of upper-cased runes, and be already +// trimmed. +// +// This code is heavily inspired from strings.EqualFold. +func isEqualFoldIgnoreSpace(base []rune, str string) bool { + var i, baseIndex int + // equivalent to b := []byte(str), but without data copy + b := hackStringBytes(str) + + for i < len(b) { + if c := b[i]; c < utf8.RuneSelf { + // fast path for ASCII + if c != ' ' && c != '\t' { + break + } + i++ + + continue + } + + // unicode case + r, size := utf8.DecodeRune(b[i:]) + if !unicode.IsSpace(r) { + break + } + i += size + } + + if i >= len(b) { + return len(base) == 0 + } + + for _, baseRune := range base { + if i >= len(b) { + break + } + + if c := b[i]; c < utf8.RuneSelf { + // single byte rune case (ASCII) + if baseRune >= utf8.RuneSelf { + return false + } + + baseChar := byte(baseRune) + if c != baseChar && ((c < 'a') || (c > 'z') || (c-'a'+'A' != baseChar)) { + return false + } + + baseIndex++ + i++ + + continue + } + + // unicode case + r, size := utf8.DecodeRune(b[i:]) + if unicode.ToUpper(r) != baseRune { + return false + } + baseIndex++ + i += size + } + + if baseIndex != len(base) { + return false + } + + // all passed: now we should only have blanks + for i < len(b) { + if c := b[i]; c < utf8.RuneSelf { + // fast path for ASCII + if c != ' ' && c != '\t' { + return false + } + i++ + + continue + } + + // unicode case + r, size := utf8.DecodeRune(b[i:]) + if !unicode.IsSpace(r) { + return false + } + + i += size + } + + return true +} diff --git a/vendor/github.com/go-openapi/swag/mangling_iface.go b/vendor/github.com/go-openapi/swag/mangling_iface.go new file mode 100644 index 0000000000..98b9a99929 --- /dev/null +++ b/vendor/github.com/go-openapi/swag/mangling_iface.go @@ -0,0 +1,69 @@ +// SPDX-FileCopyrightText: Copyright 2015-2025 go-swagger maintainers +// SPDX-License-Identifier: Apache-2.0 + +package swag + +import "github.com/go-openapi/swag/mangling" + +// GoNamePrefixFunc sets an optional rule to prefix go names +// which do not start with a letter. +// +// GoNamePrefixFunc should not be written to while concurrently using the other mangling functions of this package. +// +// Deprecated: use [mangling.WithGoNamePrefixFunc] instead. +var GoNamePrefixFunc mangling.PrefixFunc + +// swagNameMangler is a global instance of the name mangler specifically alloted +// to support deprecated functions. +var swagNameMangler = mangling.NewNameMangler( + mangling.WithGoNamePrefixFuncPtr(&GoNamePrefixFunc), +) + +// AddInitialisms adds additional initialisms to the default list (see [mangling.DefaultInitialisms]). +// +// AddInitialisms is not safe to be called concurrently. +// +// Deprecated: use [mangling.WithAdditionalInitialisms] instead. +func AddInitialisms(words ...string) { + swagNameMangler.AddInitialisms(words...) +} + +// Camelize a single word. +// +// Deprecated: use [mangling.NameMangler.Camelize] instead. +func Camelize(word string) string { return swagNameMangler.Camelize(word) } + +// ToFileName lowercases and underscores a go type name. +// +// Deprecated: use [mangling.NameMangler.ToFileName] instead. +func ToFileName(name string) string { return swagNameMangler.ToFileName(name) } + +// ToCommandName lowercases and underscores a go type name. +// +// Deprecated: use [mangling.NameMangler.ToCommandName] instead. +func ToCommandName(name string) string { return swagNameMangler.ToCommandName(name) } + +// ToHumanNameLower represents a code name as a human series of words. +// +// Deprecated: use [mangling.NameMangler.ToHumanNameLower] instead. +func ToHumanNameLower(name string) string { return swagNameMangler.ToHumanNameLower(name) } + +// ToHumanNameTitle represents a code name as a human series of words with the first letters titleized. +// +// Deprecated: use [mangling.NameMangler.ToHumanNameTitle] instead. +func ToHumanNameTitle(name string) string { return swagNameMangler.ToHumanNameTitle(name) } + +// ToJSONName camel-cases a name which can be underscored or pascal-cased. +// +// Deprecated: use [mangling.NameMangler.ToJSONName] instead. +func ToJSONName(name string) string { return swagNameMangler.ToJSONName(name) } + +// ToVarName camel-cases a name which can be underscored or pascal-cased. +// +// Deprecated: use [mangling.NameMangler.ToVarName] instead. +func ToVarName(name string) string { return swagNameMangler.ToVarName(name) } + +// ToGoName translates a swagger name which can be underscored or camel cased to a name that golint likes. +// +// Deprecated: use [mangling.NameMangler.ToGoName] instead. +func ToGoName(name string) string { return swagNameMangler.ToGoName(name) } diff --git a/vendor/github.com/go-openapi/swag/name_lexem.go b/vendor/github.com/go-openapi/swag/name_lexem.go deleted file mode 100644 index 8bb64ac32f..0000000000 --- a/vendor/github.com/go-openapi/swag/name_lexem.go +++ /dev/null @@ -1,93 +0,0 @@ -// Copyright 2015 go-swagger maintainers -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package swag - -import ( - "unicode" - "unicode/utf8" -) - -type ( - lexemKind uint8 - - nameLexem struct { - original string - matchedInitialism string - kind lexemKind - } -) - -const ( - lexemKindCasualName lexemKind = iota - lexemKindInitialismName -) - -func newInitialismNameLexem(original, matchedInitialism string) nameLexem { - return nameLexem{ - kind: lexemKindInitialismName, - original: original, - matchedInitialism: matchedInitialism, - } -} - -func newCasualNameLexem(original string) nameLexem { - return nameLexem{ - kind: lexemKindCasualName, - original: original, - } -} - -func (l nameLexem) GetUnsafeGoName() string { - if l.kind == lexemKindInitialismName { - return l.matchedInitialism - } - - var ( - first rune - rest string - ) - - for i, orig := range l.original { - if i == 0 { - first = orig - continue - } - - if i > 0 { - rest = l.original[i:] - break - } - } - - if len(l.original) > 1 { - b := poolOfBuffers.BorrowBuffer(utf8.UTFMax + len(rest)) - defer func() { - poolOfBuffers.RedeemBuffer(b) - }() - b.WriteRune(unicode.ToUpper(first)) - b.WriteString(lower(rest)) - return b.String() - } - - return l.original -} - -func (l nameLexem) GetOriginal() string { - return l.original -} - -func (l nameLexem) IsInitialism() bool { - return l.kind == lexemKindInitialismName -} diff --git a/vendor/github.com/go-openapi/swag/net.go b/vendor/github.com/go-openapi/swag/net.go deleted file mode 100644 index 821235f84d..0000000000 --- a/vendor/github.com/go-openapi/swag/net.go +++ /dev/null @@ -1,38 +0,0 @@ -// Copyright 2015 go-swagger maintainers -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package swag - -import ( - "net" - "strconv" -) - -// SplitHostPort splits a network address into a host and a port. -// The port is -1 when there is no port to be found -func SplitHostPort(addr string) (host string, port int, err error) { - h, p, err := net.SplitHostPort(addr) - if err != nil { - return "", -1, err - } - if p == "" { - return "", -1, &net.AddrError{Err: "missing port in address", Addr: addr} - } - - pi, err := strconv.Atoi(p) - if err != nil { - return "", -1, err - } - return h, pi, nil -} diff --git a/vendor/github.com/go-openapi/swag/netutils/LICENSE b/vendor/github.com/go-openapi/swag/netutils/LICENSE new file mode 100644 index 0000000000..d645695673 --- /dev/null +++ b/vendor/github.com/go-openapi/swag/netutils/LICENSE @@ -0,0 +1,202 @@ + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/vendor/github.com/go-openapi/swag/netutils/doc.go b/vendor/github.com/go-openapi/swag/netutils/doc.go new file mode 100644 index 0000000000..74282f8e51 --- /dev/null +++ b/vendor/github.com/go-openapi/swag/netutils/doc.go @@ -0,0 +1,5 @@ +// SPDX-FileCopyrightText: Copyright 2015-2025 go-swagger maintainers +// SPDX-License-Identifier: Apache-2.0 + +// Package netutils provides helpers for network-related tasks. +package netutils diff --git a/vendor/github.com/go-openapi/swag/netutils/net.go b/vendor/github.com/go-openapi/swag/netutils/net.go new file mode 100644 index 0000000000..82a1544af7 --- /dev/null +++ b/vendor/github.com/go-openapi/swag/netutils/net.go @@ -0,0 +1,31 @@ +// SPDX-FileCopyrightText: Copyright 2015-2025 go-swagger maintainers +// SPDX-License-Identifier: Apache-2.0 + +package netutils + +import ( + "net" + "strconv" +) + +// SplitHostPort splits a network address into a host and a port. +// +// The difference with the standard net.SplitHostPort is that the port is converted to an int. +// +// The port is -1 when there is no port to be found. +func SplitHostPort(addr string) (host string, port int, err error) { + h, p, err := net.SplitHostPort(addr) + if err != nil { + return "", -1, err + } + if p == "" { + return "", -1, &net.AddrError{Err: "missing port in address", Addr: addr} + } + + pi, err := strconv.Atoi(p) + if err != nil { + return "", -1, err + } + + return h, pi, nil +} diff --git a/vendor/github.com/go-openapi/swag/netutils_iface.go b/vendor/github.com/go-openapi/swag/netutils_iface.go new file mode 100644 index 0000000000..d658de25b3 --- /dev/null +++ b/vendor/github.com/go-openapi/swag/netutils_iface.go @@ -0,0 +1,13 @@ +// SPDX-FileCopyrightText: Copyright 2015-2025 go-swagger maintainers +// SPDX-License-Identifier: Apache-2.0 + +package swag + +import "github.com/go-openapi/swag/netutils" + +// SplitHostPort splits a network address into a host and a port. +// +// Deprecated: use [netutils.SplitHostPort] instead. +func SplitHostPort(addr string) (host string, port int, err error) { + return netutils.SplitHostPort(addr) +} diff --git a/vendor/github.com/go-openapi/swag/split.go b/vendor/github.com/go-openapi/swag/split.go deleted file mode 100644 index 274727a866..0000000000 --- a/vendor/github.com/go-openapi/swag/split.go +++ /dev/null @@ -1,508 +0,0 @@ -// Copyright 2015 go-swagger maintainers -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package swag - -import ( - "bytes" - "sync" - "unicode" - "unicode/utf8" -) - -type ( - splitter struct { - initialisms []string - initialismsRunes [][]rune - initialismsUpperCased [][]rune // initialisms cached in their trimmed, upper-cased version - postSplitInitialismCheck bool - } - - splitterOption func(*splitter) - - initialismMatch struct { - body []rune - start, end int - complete bool - } - initialismMatches []initialismMatch -) - -type ( - // memory pools of temporary objects. - // - // These are used to recycle temporarily allocated objects - // and relieve the GC from undue pressure. - - matchesPool struct { - *sync.Pool - } - - buffersPool struct { - *sync.Pool - } - - lexemsPool struct { - *sync.Pool - } - - splittersPool struct { - *sync.Pool - } -) - -var ( - // poolOfMatches holds temporary slices for recycling during the initialism match process - poolOfMatches = matchesPool{ - Pool: &sync.Pool{ - New: func() any { - s := make(initialismMatches, 0, maxAllocMatches) - - return &s - }, - }, - } - - poolOfBuffers = buffersPool{ - Pool: &sync.Pool{ - New: func() any { - return new(bytes.Buffer) - }, - }, - } - - poolOfLexems = lexemsPool{ - Pool: &sync.Pool{ - New: func() any { - s := make([]nameLexem, 0, maxAllocMatches) - - return &s - }, - }, - } - - poolOfSplitters = splittersPool{ - Pool: &sync.Pool{ - New: func() any { - s := newSplitter() - - return &s - }, - }, - } -) - -// nameReplaceTable finds a word representation for special characters. -func nameReplaceTable(r rune) (string, bool) { - switch r { - case '@': - return "At ", true - case '&': - return "And ", true - case '|': - return "Pipe ", true - case '$': - return "Dollar ", true - case '!': - return "Bang ", true - case '-': - return "", true - case '_': - return "", true - default: - return "", false - } -} - -// split calls the splitter. -// -// Use newSplitter for more control and options -func split(str string) []string { - s := poolOfSplitters.BorrowSplitter() - lexems := s.split(str) - result := make([]string, 0, len(*lexems)) - - for _, lexem := range *lexems { - result = append(result, lexem.GetOriginal()) - } - poolOfLexems.RedeemLexems(lexems) - poolOfSplitters.RedeemSplitter(s) - - return result - -} - -func newSplitter(options ...splitterOption) splitter { - s := splitter{ - postSplitInitialismCheck: false, - initialisms: initialisms, - initialismsRunes: initialismsRunes, - initialismsUpperCased: initialismsUpperCased, - } - - for _, option := range options { - option(&s) - } - - return s -} - -// withPostSplitInitialismCheck allows to catch initialisms after main split process -func withPostSplitInitialismCheck(s *splitter) { - s.postSplitInitialismCheck = true -} - -func (p matchesPool) BorrowMatches() *initialismMatches { - s := p.Get().(*initialismMatches) - *s = (*s)[:0] // reset slice, keep allocated capacity - - return s -} - -func (p buffersPool) BorrowBuffer(size int) *bytes.Buffer { - s := p.Get().(*bytes.Buffer) - s.Reset() - - if s.Cap() < size { - s.Grow(size) - } - - return s -} - -func (p lexemsPool) BorrowLexems() *[]nameLexem { - s := p.Get().(*[]nameLexem) - *s = (*s)[:0] // reset slice, keep allocated capacity - - return s -} - -func (p splittersPool) BorrowSplitter(options ...splitterOption) *splitter { - s := p.Get().(*splitter) - s.postSplitInitialismCheck = false // reset options - for _, apply := range options { - apply(s) - } - - return s -} - -func (p matchesPool) RedeemMatches(s *initialismMatches) { - p.Put(s) -} - -func (p buffersPool) RedeemBuffer(s *bytes.Buffer) { - p.Put(s) -} - -func (p lexemsPool) RedeemLexems(s *[]nameLexem) { - p.Put(s) -} - -func (p splittersPool) RedeemSplitter(s *splitter) { - p.Put(s) -} - -func (m initialismMatch) isZero() bool { - return m.start == 0 && m.end == 0 -} - -func (s splitter) split(name string) *[]nameLexem { - nameRunes := []rune(name) - matches := s.gatherInitialismMatches(nameRunes) - if matches == nil { - return poolOfLexems.BorrowLexems() - } - - return s.mapMatchesToNameLexems(nameRunes, matches) -} - -func (s splitter) gatherInitialismMatches(nameRunes []rune) *initialismMatches { - var matches *initialismMatches - - for currentRunePosition, currentRune := range nameRunes { - // recycle these allocations as we loop over runes - // with such recycling, only 2 slices should be allocated per call - // instead of o(n). - newMatches := poolOfMatches.BorrowMatches() - - // check current initialism matches - if matches != nil { // skip first iteration - for _, match := range *matches { - if keepCompleteMatch := match.complete; keepCompleteMatch { - *newMatches = append(*newMatches, match) - continue - } - - // drop failed match - currentMatchRune := match.body[currentRunePosition-match.start] - if currentMatchRune != currentRune { - continue - } - - // try to complete ongoing match - if currentRunePosition-match.start == len(match.body)-1 { - // we are close; the next step is to check the symbol ahead - // if it is a small letter, then it is not the end of match - // but beginning of the next word - - if currentRunePosition < len(nameRunes)-1 { - nextRune := nameRunes[currentRunePosition+1] - if newWord := unicode.IsLower(nextRune); newWord { - // oh ok, it was the start of a new word - continue - } - } - - match.complete = true - match.end = currentRunePosition - } - - *newMatches = append(*newMatches, match) - } - } - - // check for new initialism matches - for i := range s.initialisms { - initialismRunes := s.initialismsRunes[i] - if initialismRunes[0] == currentRune { - *newMatches = append(*newMatches, initialismMatch{ - start: currentRunePosition, - body: initialismRunes, - complete: false, - }) - } - } - - if matches != nil { - poolOfMatches.RedeemMatches(matches) - } - matches = newMatches - } - - // up to the caller to redeem this last slice - return matches -} - -func (s splitter) mapMatchesToNameLexems(nameRunes []rune, matches *initialismMatches) *[]nameLexem { - nameLexems := poolOfLexems.BorrowLexems() - - var lastAcceptedMatch initialismMatch - for _, match := range *matches { - if !match.complete { - continue - } - - if firstMatch := lastAcceptedMatch.isZero(); firstMatch { - s.appendBrokenDownCasualString(nameLexems, nameRunes[:match.start]) - *nameLexems = append(*nameLexems, s.breakInitialism(string(match.body))) - - lastAcceptedMatch = match - - continue - } - - if overlappedMatch := match.start <= lastAcceptedMatch.end; overlappedMatch { - continue - } - - middle := nameRunes[lastAcceptedMatch.end+1 : match.start] - s.appendBrokenDownCasualString(nameLexems, middle) - *nameLexems = append(*nameLexems, s.breakInitialism(string(match.body))) - - lastAcceptedMatch = match - } - - // we have not found any accepted matches - if lastAcceptedMatch.isZero() { - *nameLexems = (*nameLexems)[:0] - s.appendBrokenDownCasualString(nameLexems, nameRunes) - } else if lastAcceptedMatch.end+1 != len(nameRunes) { - rest := nameRunes[lastAcceptedMatch.end+1:] - s.appendBrokenDownCasualString(nameLexems, rest) - } - - poolOfMatches.RedeemMatches(matches) - - return nameLexems -} - -func (s splitter) breakInitialism(original string) nameLexem { - return newInitialismNameLexem(original, original) -} - -func (s splitter) appendBrokenDownCasualString(segments *[]nameLexem, str []rune) { - currentSegment := poolOfBuffers.BorrowBuffer(len(str)) // unlike strings.Builder, bytes.Buffer initial storage can reused - defer func() { - poolOfBuffers.RedeemBuffer(currentSegment) - }() - - addCasualNameLexem := func(original string) { - *segments = append(*segments, newCasualNameLexem(original)) - } - - addInitialismNameLexem := func(original, match string) { - *segments = append(*segments, newInitialismNameLexem(original, match)) - } - - var addNameLexem func(string) - if s.postSplitInitialismCheck { - addNameLexem = func(original string) { - for i := range s.initialisms { - if isEqualFoldIgnoreSpace(s.initialismsUpperCased[i], original) { - addInitialismNameLexem(original, s.initialisms[i]) - - return - } - } - - addCasualNameLexem(original) - } - } else { - addNameLexem = addCasualNameLexem - } - - for _, rn := range str { - if replace, found := nameReplaceTable(rn); found { - if currentSegment.Len() > 0 { - addNameLexem(currentSegment.String()) - currentSegment.Reset() - } - - if replace != "" { - addNameLexem(replace) - } - - continue - } - - if !unicode.In(rn, unicode.L, unicode.M, unicode.N, unicode.Pc) { - if currentSegment.Len() > 0 { - addNameLexem(currentSegment.String()) - currentSegment.Reset() - } - - continue - } - - if unicode.IsUpper(rn) { - if currentSegment.Len() > 0 { - addNameLexem(currentSegment.String()) - } - currentSegment.Reset() - } - - currentSegment.WriteRune(rn) - } - - if currentSegment.Len() > 0 { - addNameLexem(currentSegment.String()) - } -} - -// isEqualFoldIgnoreSpace is the same as strings.EqualFold, but -// it ignores leading and trailing blank spaces in the compared -// string. -// -// base is assumed to be composed of upper-cased runes, and be already -// trimmed. -// -// This code is heavily inspired from strings.EqualFold. -func isEqualFoldIgnoreSpace(base []rune, str string) bool { - var i, baseIndex int - // equivalent to b := []byte(str), but without data copy - b := hackStringBytes(str) - - for i < len(b) { - if c := b[i]; c < utf8.RuneSelf { - // fast path for ASCII - if c != ' ' && c != '\t' { - break - } - i++ - - continue - } - - // unicode case - r, size := utf8.DecodeRune(b[i:]) - if !unicode.IsSpace(r) { - break - } - i += size - } - - if i >= len(b) { - return len(base) == 0 - } - - for _, baseRune := range base { - if i >= len(b) { - break - } - - if c := b[i]; c < utf8.RuneSelf { - // single byte rune case (ASCII) - if baseRune >= utf8.RuneSelf { - return false - } - - baseChar := byte(baseRune) - if c != baseChar && - !('a' <= c && c <= 'z' && c-'a'+'A' == baseChar) { - return false - } - - baseIndex++ - i++ - - continue - } - - // unicode case - r, size := utf8.DecodeRune(b[i:]) - if unicode.ToUpper(r) != baseRune { - return false - } - baseIndex++ - i += size - } - - if baseIndex != len(base) { - return false - } - - // all passed: now we should only have blanks - for i < len(b) { - if c := b[i]; c < utf8.RuneSelf { - // fast path for ASCII - if c != ' ' && c != '\t' { - return false - } - i++ - - continue - } - - // unicode case - r, size := utf8.DecodeRune(b[i:]) - if !unicode.IsSpace(r) { - return false - } - - i += size - } - - return true -} diff --git a/vendor/github.com/go-openapi/swag/stringutils/LICENSE b/vendor/github.com/go-openapi/swag/stringutils/LICENSE new file mode 100644 index 0000000000..d645695673 --- /dev/null +++ b/vendor/github.com/go-openapi/swag/stringutils/LICENSE @@ -0,0 +1,202 @@ + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/vendor/github.com/go-openapi/swag/stringutils/collection_formats.go b/vendor/github.com/go-openapi/swag/stringutils/collection_formats.go new file mode 100644 index 0000000000..28056ad25c --- /dev/null +++ b/vendor/github.com/go-openapi/swag/stringutils/collection_formats.go @@ -0,0 +1,74 @@ +// SPDX-FileCopyrightText: Copyright 2015-2025 go-swagger maintainers +// SPDX-License-Identifier: Apache-2.0 + +package stringutils + +import "strings" + +const ( + // collectionFormatComma = "csv" + collectionFormatSpace = "ssv" + collectionFormatTab = "tsv" + collectionFormatPipe = "pipes" + collectionFormatMulti = "multi" + + collectionFormatDefaultSep = "," +) + +// JoinByFormat joins a string array by a known format (e.g. swagger's collectionFormat attribute): +// +// ssv: space separated value +// tsv: tab separated value +// pipes: pipe (|) separated value +// csv: comma separated value (default) +func JoinByFormat(data []string, format string) []string { + if len(data) == 0 { + return data + } + var sep string + switch format { + case collectionFormatSpace: + sep = " " + case collectionFormatTab: + sep = "\t" + case collectionFormatPipe: + sep = "|" + case collectionFormatMulti: + return data + default: + sep = collectionFormatDefaultSep + } + return []string{strings.Join(data, sep)} +} + +// SplitByFormat splits a string by a known format: +// +// ssv: space separated value +// tsv: tab separated value +// pipes: pipe (|) separated value +// csv: comma separated value (default) +func SplitByFormat(data, format string) []string { + if data == "" { + return nil + } + var sep string + switch format { + case collectionFormatSpace: + sep = " " + case collectionFormatTab: + sep = "\t" + case collectionFormatPipe: + sep = "|" + case collectionFormatMulti: + return nil + default: + sep = collectionFormatDefaultSep + } + var result []string + for _, s := range strings.Split(data, sep) { + if ts := strings.TrimSpace(s); ts != "" { + result = append(result, ts) + } + } + return result +} diff --git a/vendor/github.com/go-openapi/swag/stringutils/doc.go b/vendor/github.com/go-openapi/swag/stringutils/doc.go new file mode 100644 index 0000000000..c6d17a1160 --- /dev/null +++ b/vendor/github.com/go-openapi/swag/stringutils/doc.go @@ -0,0 +1,5 @@ +// SPDX-FileCopyrightText: Copyright 2015-2025 go-swagger maintainers +// SPDX-License-Identifier: Apache-2.0 + +// Package stringutils exposes helpers to search and process strings. +package stringutils diff --git a/vendor/github.com/go-openapi/swag/stringutils/strings.go b/vendor/github.com/go-openapi/swag/stringutils/strings.go new file mode 100644 index 0000000000..cd792b7d08 --- /dev/null +++ b/vendor/github.com/go-openapi/swag/stringutils/strings.go @@ -0,0 +1,23 @@ +// SPDX-FileCopyrightText: Copyright 2015-2025 go-swagger maintainers +// SPDX-License-Identifier: Apache-2.0 + +package stringutils + +import ( + "slices" + "strings" +) + +// ContainsStrings searches a slice of strings for a case-sensitive match +// +// Now equivalent to the standard library [slice.Contains]. +func ContainsStrings(coll []string, item string) bool { + return slices.Contains(coll, item) +} + +// ContainsStringsCI searches a slice of strings for a case-insensitive match +func ContainsStringsCI(coll []string, item string) bool { + return slices.ContainsFunc(coll, func(e string) bool { + return strings.EqualFold(e, item) + }) +} diff --git a/vendor/github.com/go-openapi/swag/stringutils_iface.go b/vendor/github.com/go-openapi/swag/stringutils_iface.go new file mode 100644 index 0000000000..dbfa484843 --- /dev/null +++ b/vendor/github.com/go-openapi/swag/stringutils_iface.go @@ -0,0 +1,34 @@ +// SPDX-FileCopyrightText: Copyright 2015-2025 go-swagger maintainers +// SPDX-License-Identifier: Apache-2.0 + +package swag + +import "github.com/go-openapi/swag/stringutils" + +// ContainsStrings searches a slice of strings for a case-sensitive match. +// +// Deprecated: use [slices.Contains] or [stringutils.ContainsStrings] instead. +func ContainsStrings(coll []string, item string) bool { + return stringutils.ContainsStrings(coll, item) +} + +// ContainsStringsCI searches a slice of strings for a case-insensitive match. +// +// Deprecated: use [stringutils.ContainsStringsCI] instead. +func ContainsStringsCI(coll []string, item string) bool { + return stringutils.ContainsStringsCI(coll, item) +} + +// JoinByFormat joins a string array by a known format (e.g. swagger's collectionFormat attribute). +// +// Deprecated: use [stringutils.JoinByFormat] instead. +func JoinByFormat(data []string, format string) []string { + return stringutils.JoinByFormat(data, format) +} + +// SplitByFormat splits a string by a known format. +// +// Deprecated: use [stringutils.SplitByFormat] instead. +func SplitByFormat(data, format string) []string { + return stringutils.SplitByFormat(data, format) +} diff --git a/vendor/github.com/go-openapi/swag/typeutils/LICENSE b/vendor/github.com/go-openapi/swag/typeutils/LICENSE new file mode 100644 index 0000000000..d645695673 --- /dev/null +++ b/vendor/github.com/go-openapi/swag/typeutils/LICENSE @@ -0,0 +1,202 @@ + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/vendor/github.com/go-openapi/swag/typeutils/doc.go b/vendor/github.com/go-openapi/swag/typeutils/doc.go new file mode 100644 index 0000000000..66bed20dff --- /dev/null +++ b/vendor/github.com/go-openapi/swag/typeutils/doc.go @@ -0,0 +1,5 @@ +// SPDX-FileCopyrightText: Copyright 2015-2025 go-swagger maintainers +// SPDX-License-Identifier: Apache-2.0 + +// Package typeutils exposes utilities to inspect generic types. +package typeutils diff --git a/vendor/github.com/go-openapi/swag/typeutils/types.go b/vendor/github.com/go-openapi/swag/typeutils/types.go new file mode 100644 index 0000000000..55487a673c --- /dev/null +++ b/vendor/github.com/go-openapi/swag/typeutils/types.go @@ -0,0 +1,80 @@ +// SPDX-FileCopyrightText: Copyright 2015-2025 go-swagger maintainers +// SPDX-License-Identifier: Apache-2.0 + +package typeutils + +import "reflect" + +type zeroable interface { + IsZero() bool +} + +// IsZero returns true when the value passed into the function is a zero value. +// This allows for safer checking of interface values. +func IsZero(data any) bool { + v := reflect.ValueOf(data) + // check for nil data + switch v.Kind() { //nolint:exhaustive + case + reflect.Interface, + reflect.Func, + reflect.Chan, + reflect.Pointer, + reflect.UnsafePointer, + reflect.Map, + reflect.Slice: + if v.IsNil() { + return true + } + } + + // check for things that have an IsZero method instead + if vv, ok := data.(zeroable); ok { + return vv.IsZero() + } + + // continue with slightly more complex reflection + switch v.Kind() { //nolint:exhaustive + case reflect.String: + return v.Len() == 0 + case reflect.Bool: + return !v.Bool() + case reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64: + return v.Int() == 0 + case reflect.Uint, reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64, reflect.Uintptr: + return v.Uint() == 0 + case reflect.Float32, reflect.Float64: + return v.Float() == 0 + case reflect.Struct, reflect.Array: + return reflect.DeepEqual(data, reflect.Zero(v.Type()).Interface()) + case reflect.Invalid: + return true + default: + return false + } +} + +// IsNil checks if input is nil. +// +// For types chan, func, interface, map, pointer, or slice it returns true if its argument is nil. +// +// See [reflect.Value.IsNil]. +func IsNil(input any) bool { + if input == nil { + return true + } + + kind := reflect.TypeOf(input).Kind() + switch kind { //nolint:exhaustive + case reflect.Pointer, + reflect.UnsafePointer, + reflect.Map, + reflect.Slice, + reflect.Chan, + reflect.Interface, + reflect.Func: + return reflect.ValueOf(input).IsNil() + default: + return false + } +} diff --git a/vendor/github.com/go-openapi/swag/typeutils_iface.go b/vendor/github.com/go-openapi/swag/typeutils_iface.go new file mode 100644 index 0000000000..b63813ea40 --- /dev/null +++ b/vendor/github.com/go-openapi/swag/typeutils_iface.go @@ -0,0 +1,12 @@ +// SPDX-FileCopyrightText: Copyright 2015-2025 go-swagger maintainers +// SPDX-License-Identifier: Apache-2.0 + +package swag + +import "github.com/go-openapi/swag/typeutils" + +// IsZero returns true when the value passed into the function is a zero value. +// This allows for safer checking of interface values. +// +// Deprecated: use [typeutils.IsZero] instead. +func IsZero(data any) bool { return typeutils.IsZero(data) } diff --git a/vendor/github.com/go-openapi/swag/util.go b/vendor/github.com/go-openapi/swag/util.go deleted file mode 100644 index 5051401c49..0000000000 --- a/vendor/github.com/go-openapi/swag/util.go +++ /dev/null @@ -1,364 +0,0 @@ -// Copyright 2015 go-swagger maintainers -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package swag - -import ( - "reflect" - "strings" - "unicode" - "unicode/utf8" -) - -// GoNamePrefixFunc sets an optional rule to prefix go names -// which do not start with a letter. -// -// The prefix function is assumed to return a string that starts with an upper case letter. -// -// e.g. to help convert "123" into "{prefix}123" -// -// The default is to prefix with "X" -var GoNamePrefixFunc func(string) string - -func prefixFunc(name, in string) string { - if GoNamePrefixFunc == nil { - return "X" + in - } - - return GoNamePrefixFunc(name) + in -} - -const ( - // collectionFormatComma = "csv" - collectionFormatSpace = "ssv" - collectionFormatTab = "tsv" - collectionFormatPipe = "pipes" - collectionFormatMulti = "multi" -) - -// JoinByFormat joins a string array by a known format (e.g. swagger's collectionFormat attribute): -// -// ssv: space separated value -// tsv: tab separated value -// pipes: pipe (|) separated value -// csv: comma separated value (default) -func JoinByFormat(data []string, format string) []string { - if len(data) == 0 { - return data - } - var sep string - switch format { - case collectionFormatSpace: - sep = " " - case collectionFormatTab: - sep = "\t" - case collectionFormatPipe: - sep = "|" - case collectionFormatMulti: - return data - default: - sep = "," - } - return []string{strings.Join(data, sep)} -} - -// SplitByFormat splits a string by a known format: -// -// ssv: space separated value -// tsv: tab separated value -// pipes: pipe (|) separated value -// csv: comma separated value (default) -func SplitByFormat(data, format string) []string { - if data == "" { - return nil - } - var sep string - switch format { - case collectionFormatSpace: - sep = " " - case collectionFormatTab: - sep = "\t" - case collectionFormatPipe: - sep = "|" - case collectionFormatMulti: - return nil - default: - sep = "," - } - var result []string - for _, s := range strings.Split(data, sep) { - if ts := strings.TrimSpace(s); ts != "" { - result = append(result, ts) - } - } - return result -} - -// Removes leading whitespaces -func trim(str string) string { - return strings.TrimSpace(str) -} - -// Shortcut to strings.ToUpper() -func upper(str string) string { - return strings.ToUpper(trim(str)) -} - -// Shortcut to strings.ToLower() -func lower(str string) string { - return strings.ToLower(trim(str)) -} - -// Camelize an uppercased word -func Camelize(word string) string { - camelized := poolOfBuffers.BorrowBuffer(len(word)) - defer func() { - poolOfBuffers.RedeemBuffer(camelized) - }() - - for pos, ru := range []rune(word) { - if pos > 0 { - camelized.WriteRune(unicode.ToLower(ru)) - } else { - camelized.WriteRune(unicode.ToUpper(ru)) - } - } - return camelized.String() -} - -// ToFileName lowercases and underscores a go type name -func ToFileName(name string) string { - in := split(name) - out := make([]string, 0, len(in)) - - for _, w := range in { - out = append(out, lower(w)) - } - - return strings.Join(out, "_") -} - -// ToCommandName lowercases and underscores a go type name -func ToCommandName(name string) string { - in := split(name) - out := make([]string, 0, len(in)) - - for _, w := range in { - out = append(out, lower(w)) - } - return strings.Join(out, "-") -} - -// ToHumanNameLower represents a code name as a human series of words -func ToHumanNameLower(name string) string { - s := poolOfSplitters.BorrowSplitter(withPostSplitInitialismCheck) - in := s.split(name) - poolOfSplitters.RedeemSplitter(s) - out := make([]string, 0, len(*in)) - - for _, w := range *in { - if !w.IsInitialism() { - out = append(out, lower(w.GetOriginal())) - } else { - out = append(out, trim(w.GetOriginal())) - } - } - poolOfLexems.RedeemLexems(in) - - return strings.Join(out, " ") -} - -// ToHumanNameTitle represents a code name as a human series of words with the first letters titleized -func ToHumanNameTitle(name string) string { - s := poolOfSplitters.BorrowSplitter(withPostSplitInitialismCheck) - in := s.split(name) - poolOfSplitters.RedeemSplitter(s) - - out := make([]string, 0, len(*in)) - for _, w := range *in { - original := trim(w.GetOriginal()) - if !w.IsInitialism() { - out = append(out, Camelize(original)) - } else { - out = append(out, original) - } - } - poolOfLexems.RedeemLexems(in) - - return strings.Join(out, " ") -} - -// ToJSONName camelcases a name which can be underscored or pascal cased -func ToJSONName(name string) string { - in := split(name) - out := make([]string, 0, len(in)) - - for i, w := range in { - if i == 0 { - out = append(out, lower(w)) - continue - } - out = append(out, Camelize(trim(w))) - } - return strings.Join(out, "") -} - -// ToVarName camelcases a name which can be underscored or pascal cased -func ToVarName(name string) string { - res := ToGoName(name) - if isInitialism(res) { - return lower(res) - } - if len(res) <= 1 { - return lower(res) - } - return lower(res[:1]) + res[1:] -} - -// ToGoName translates a swagger name which can be underscored or camel cased to a name that golint likes -func ToGoName(name string) string { - s := poolOfSplitters.BorrowSplitter(withPostSplitInitialismCheck) - lexems := s.split(name) - poolOfSplitters.RedeemSplitter(s) - defer func() { - poolOfLexems.RedeemLexems(lexems) - }() - lexemes := *lexems - - if len(lexemes) == 0 { - return "" - } - - result := poolOfBuffers.BorrowBuffer(len(name)) - defer func() { - poolOfBuffers.RedeemBuffer(result) - }() - - // check if not starting with a letter, upper case - firstPart := lexemes[0].GetUnsafeGoName() - if lexemes[0].IsInitialism() { - firstPart = upper(firstPart) - } - - if c := firstPart[0]; c < utf8.RuneSelf { - // ASCII - switch { - case 'A' <= c && c <= 'Z': - result.WriteString(firstPart) - case 'a' <= c && c <= 'z': - result.WriteByte(c - 'a' + 'A') - result.WriteString(firstPart[1:]) - default: - result.WriteString(prefixFunc(name, firstPart)) - // NOTE: no longer check if prefixFunc returns a string that starts with uppercase: - // assume this is always the case - } - } else { - // unicode - firstRune, _ := utf8.DecodeRuneInString(firstPart) - switch { - case !unicode.IsLetter(firstRune): - result.WriteString(prefixFunc(name, firstPart)) - case !unicode.IsUpper(firstRune): - result.WriteString(prefixFunc(name, firstPart)) - /* - result.WriteRune(unicode.ToUpper(firstRune)) - result.WriteString(firstPart[offset:]) - */ - default: - result.WriteString(firstPart) - } - } - - for _, lexem := range lexemes[1:] { - goName := lexem.GetUnsafeGoName() - - // to support old behavior - if lexem.IsInitialism() { - goName = upper(goName) - } - result.WriteString(goName) - } - - return result.String() -} - -// ContainsStrings searches a slice of strings for a case-sensitive match -func ContainsStrings(coll []string, item string) bool { - for _, a := range coll { - if a == item { - return true - } - } - return false -} - -// ContainsStringsCI searches a slice of strings for a case-insensitive match -func ContainsStringsCI(coll []string, item string) bool { - for _, a := range coll { - if strings.EqualFold(a, item) { - return true - } - } - return false -} - -type zeroable interface { - IsZero() bool -} - -// IsZero returns true when the value passed into the function is a zero value. -// This allows for safer checking of interface values. -func IsZero(data interface{}) bool { - v := reflect.ValueOf(data) - // check for nil data - switch v.Kind() { //nolint:exhaustive - case reflect.Interface, reflect.Map, reflect.Ptr, reflect.Slice: - if v.IsNil() { - return true - } - } - - // check for things that have an IsZero method instead - if vv, ok := data.(zeroable); ok { - return vv.IsZero() - } - - // continue with slightly more complex reflection - switch v.Kind() { //nolint:exhaustive - case reflect.String: - return v.Len() == 0 - case reflect.Bool: - return !v.Bool() - case reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64: - return v.Int() == 0 - case reflect.Uint, reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64, reflect.Uintptr: - return v.Uint() == 0 - case reflect.Float32, reflect.Float64: - return v.Float() == 0 - case reflect.Struct, reflect.Array: - return reflect.DeepEqual(data, reflect.Zero(v.Type()).Interface()) - case reflect.Invalid: - return true - default: - return false - } -} - -// CommandLineOptionsGroup represents a group of user-defined command line options -type CommandLineOptionsGroup struct { - ShortDescription string - LongDescription string - Options interface{} -} diff --git a/vendor/github.com/go-openapi/swag/yaml.go b/vendor/github.com/go-openapi/swag/yaml.go deleted file mode 100644 index f59e025932..0000000000 --- a/vendor/github.com/go-openapi/swag/yaml.go +++ /dev/null @@ -1,481 +0,0 @@ -// Copyright 2015 go-swagger maintainers -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package swag - -import ( - "encoding/json" - "errors" - "fmt" - "path/filepath" - "reflect" - "sort" - "strconv" - - "github.com/mailru/easyjson/jlexer" - "github.com/mailru/easyjson/jwriter" - yaml "gopkg.in/yaml.v3" -) - -// YAMLMatcher matches yaml -func YAMLMatcher(path string) bool { - ext := filepath.Ext(path) - return ext == ".yaml" || ext == ".yml" -} - -// YAMLToJSON converts YAML unmarshaled data into json compatible data -func YAMLToJSON(data interface{}) (json.RawMessage, error) { - jm, err := transformData(data) - if err != nil { - return nil, err - } - b, err := WriteJSON(jm) - return json.RawMessage(b), err -} - -// BytesToYAMLDoc converts a byte slice into a YAML document -func BytesToYAMLDoc(data []byte) (interface{}, error) { - var document yaml.Node // preserve order that is present in the document - if err := yaml.Unmarshal(data, &document); err != nil { - return nil, err - } - if document.Kind != yaml.DocumentNode || len(document.Content) != 1 || document.Content[0].Kind != yaml.MappingNode { - return nil, errors.New("only YAML documents that are objects are supported") - } - return &document, nil -} - -func yamlNode(root *yaml.Node) (interface{}, error) { - switch root.Kind { - case yaml.DocumentNode: - return yamlDocument(root) - case yaml.SequenceNode: - return yamlSequence(root) - case yaml.MappingNode: - return yamlMapping(root) - case yaml.ScalarNode: - return yamlScalar(root) - case yaml.AliasNode: - return yamlNode(root.Alias) - default: - return nil, fmt.Errorf("unsupported YAML node type: %v", root.Kind) - } -} - -func yamlDocument(node *yaml.Node) (interface{}, error) { - if len(node.Content) != 1 { - return nil, fmt.Errorf("unexpected YAML Document node content length: %d", len(node.Content)) - } - return yamlNode(node.Content[0]) -} - -func yamlMapping(node *yaml.Node) (interface{}, error) { - m := make(JSONMapSlice, len(node.Content)/2) - - var j int - for i := 0; i < len(node.Content); i += 2 { - var nmi JSONMapItem - k, err := yamlStringScalarC(node.Content[i]) - if err != nil { - return nil, fmt.Errorf("unable to decode YAML map key: %w", err) - } - nmi.Key = k - v, err := yamlNode(node.Content[i+1]) - if err != nil { - return nil, fmt.Errorf("unable to process YAML map value for key %q: %w", k, err) - } - nmi.Value = v - m[j] = nmi - j++ - } - return m, nil -} - -func yamlSequence(node *yaml.Node) (interface{}, error) { - s := make([]interface{}, 0) - - for i := 0; i < len(node.Content); i++ { - - v, err := yamlNode(node.Content[i]) - if err != nil { - return nil, fmt.Errorf("unable to decode YAML sequence value: %w", err) - } - s = append(s, v) - } - return s, nil -} - -const ( // See https://yaml.org/type/ - yamlStringScalar = "tag:yaml.org,2002:str" - yamlIntScalar = "tag:yaml.org,2002:int" - yamlBoolScalar = "tag:yaml.org,2002:bool" - yamlFloatScalar = "tag:yaml.org,2002:float" - yamlTimestamp = "tag:yaml.org,2002:timestamp" - yamlNull = "tag:yaml.org,2002:null" -) - -func yamlScalar(node *yaml.Node) (interface{}, error) { - switch node.LongTag() { - case yamlStringScalar: - return node.Value, nil - case yamlBoolScalar: - b, err := strconv.ParseBool(node.Value) - if err != nil { - return nil, fmt.Errorf("unable to process scalar node. Got %q. Expecting bool content: %w", node.Value, err) - } - return b, nil - case yamlIntScalar: - i, err := strconv.ParseInt(node.Value, 10, 64) - if err != nil { - return nil, fmt.Errorf("unable to process scalar node. Got %q. Expecting integer content: %w", node.Value, err) - } - return i, nil - case yamlFloatScalar: - f, err := strconv.ParseFloat(node.Value, 64) - if err != nil { - return nil, fmt.Errorf("unable to process scalar node. Got %q. Expecting float content: %w", node.Value, err) - } - return f, nil - case yamlTimestamp: - return node.Value, nil - case yamlNull: - return nil, nil //nolint:nilnil - default: - return nil, fmt.Errorf("YAML tag %q is not supported", node.LongTag()) - } -} - -func yamlStringScalarC(node *yaml.Node) (string, error) { - if node.Kind != yaml.ScalarNode { - return "", fmt.Errorf("expecting a string scalar but got %q", node.Kind) - } - switch node.LongTag() { - case yamlStringScalar, yamlIntScalar, yamlFloatScalar: - return node.Value, nil - default: - return "", fmt.Errorf("YAML tag %q is not supported as map key", node.LongTag()) - } -} - -// JSONMapSlice represent a JSON object, with the order of keys maintained -type JSONMapSlice []JSONMapItem - -// MarshalJSON renders a JSONMapSlice as JSON -func (s JSONMapSlice) MarshalJSON() ([]byte, error) { - w := &jwriter.Writer{Flags: jwriter.NilMapAsEmpty | jwriter.NilSliceAsEmpty} - s.MarshalEasyJSON(w) - return w.BuildBytes() -} - -// MarshalEasyJSON renders a JSONMapSlice as JSON, using easyJSON -func (s JSONMapSlice) MarshalEasyJSON(w *jwriter.Writer) { - w.RawByte('{') - - ln := len(s) - last := ln - 1 - for i := 0; i < ln; i++ { - s[i].MarshalEasyJSON(w) - if i != last { // last item - w.RawByte(',') - } - } - - w.RawByte('}') -} - -// UnmarshalJSON makes a JSONMapSlice from JSON -func (s *JSONMapSlice) UnmarshalJSON(data []byte) error { - l := jlexer.Lexer{Data: data} - s.UnmarshalEasyJSON(&l) - return l.Error() -} - -// UnmarshalEasyJSON makes a JSONMapSlice from JSON, using easyJSON -func (s *JSONMapSlice) UnmarshalEasyJSON(in *jlexer.Lexer) { - if in.IsNull() { - in.Skip() - return - } - - var result JSONMapSlice - in.Delim('{') - for !in.IsDelim('}') { - var mi JSONMapItem - mi.UnmarshalEasyJSON(in) - result = append(result, mi) - } - *s = result -} - -func (s JSONMapSlice) MarshalYAML() (interface{}, error) { - var n yaml.Node - n.Kind = yaml.DocumentNode - var nodes []*yaml.Node - for _, item := range s { - nn, err := json2yaml(item.Value) - if err != nil { - return nil, err - } - ns := []*yaml.Node{ - { - Kind: yaml.ScalarNode, - Tag: yamlStringScalar, - Value: item.Key, - }, - nn, - } - nodes = append(nodes, ns...) - } - - n.Content = []*yaml.Node{ - { - Kind: yaml.MappingNode, - Content: nodes, - }, - } - - return yaml.Marshal(&n) -} - -func isNil(input interface{}) bool { - if input == nil { - return true - } - kind := reflect.TypeOf(input).Kind() - switch kind { //nolint:exhaustive - case reflect.Ptr, reflect.Map, reflect.Slice, reflect.Chan: - return reflect.ValueOf(input).IsNil() - default: - return false - } -} - -func json2yaml(item interface{}) (*yaml.Node, error) { - if isNil(item) { - return &yaml.Node{ - Kind: yaml.ScalarNode, - Value: "null", - }, nil - } - - switch val := item.(type) { - case JSONMapSlice: - var n yaml.Node - n.Kind = yaml.MappingNode - for i := range val { - childNode, err := json2yaml(&val[i].Value) - if err != nil { - return nil, err - } - n.Content = append(n.Content, &yaml.Node{ - Kind: yaml.ScalarNode, - Tag: yamlStringScalar, - Value: val[i].Key, - }, childNode) - } - return &n, nil - case map[string]interface{}: - var n yaml.Node - n.Kind = yaml.MappingNode - keys := make([]string, 0, len(val)) - for k := range val { - keys = append(keys, k) - } - sort.Strings(keys) - - for _, k := range keys { - v := val[k] - childNode, err := json2yaml(v) - if err != nil { - return nil, err - } - n.Content = append(n.Content, &yaml.Node{ - Kind: yaml.ScalarNode, - Tag: yamlStringScalar, - Value: k, - }, childNode) - } - return &n, nil - case []interface{}: - var n yaml.Node - n.Kind = yaml.SequenceNode - for i := range val { - childNode, err := json2yaml(val[i]) - if err != nil { - return nil, err - } - n.Content = append(n.Content, childNode) - } - return &n, nil - case string: - return &yaml.Node{ - Kind: yaml.ScalarNode, - Tag: yamlStringScalar, - Value: val, - }, nil - case float64: - return &yaml.Node{ - Kind: yaml.ScalarNode, - Tag: yamlFloatScalar, - Value: strconv.FormatFloat(val, 'f', -1, 64), - }, nil - case int64: - return &yaml.Node{ - Kind: yaml.ScalarNode, - Tag: yamlIntScalar, - Value: strconv.FormatInt(val, 10), - }, nil - case uint64: - return &yaml.Node{ - Kind: yaml.ScalarNode, - Tag: yamlIntScalar, - Value: strconv.FormatUint(val, 10), - }, nil - case bool: - return &yaml.Node{ - Kind: yaml.ScalarNode, - Tag: yamlBoolScalar, - Value: strconv.FormatBool(val), - }, nil - default: - return nil, fmt.Errorf("unhandled type: %T", val) - } -} - -// JSONMapItem represents the value of a key in a JSON object held by JSONMapSlice -type JSONMapItem struct { - Key string - Value interface{} -} - -// MarshalJSON renders a JSONMapItem as JSON -func (s JSONMapItem) MarshalJSON() ([]byte, error) { - w := &jwriter.Writer{Flags: jwriter.NilMapAsEmpty | jwriter.NilSliceAsEmpty} - s.MarshalEasyJSON(w) - return w.BuildBytes() -} - -// MarshalEasyJSON renders a JSONMapItem as JSON, using easyJSON -func (s JSONMapItem) MarshalEasyJSON(w *jwriter.Writer) { - w.String(s.Key) - w.RawByte(':') - w.Raw(WriteJSON(s.Value)) -} - -// UnmarshalJSON makes a JSONMapItem from JSON -func (s *JSONMapItem) UnmarshalJSON(data []byte) error { - l := jlexer.Lexer{Data: data} - s.UnmarshalEasyJSON(&l) - return l.Error() -} - -// UnmarshalEasyJSON makes a JSONMapItem from JSON, using easyJSON -func (s *JSONMapItem) UnmarshalEasyJSON(in *jlexer.Lexer) { - key := in.UnsafeString() - in.WantColon() - value := in.Interface() - in.WantComma() - s.Key = key - s.Value = value -} - -func transformData(input interface{}) (out interface{}, err error) { - format := func(t interface{}) (string, error) { - switch k := t.(type) { - case string: - return k, nil - case uint: - return strconv.FormatUint(uint64(k), 10), nil - case uint8: - return strconv.FormatUint(uint64(k), 10), nil - case uint16: - return strconv.FormatUint(uint64(k), 10), nil - case uint32: - return strconv.FormatUint(uint64(k), 10), nil - case uint64: - return strconv.FormatUint(k, 10), nil - case int: - return strconv.Itoa(k), nil - case int8: - return strconv.FormatInt(int64(k), 10), nil - case int16: - return strconv.FormatInt(int64(k), 10), nil - case int32: - return strconv.FormatInt(int64(k), 10), nil - case int64: - return strconv.FormatInt(k, 10), nil - default: - return "", fmt.Errorf("unexpected map key type, got: %T", k) - } - } - - switch in := input.(type) { - case yaml.Node: - return yamlNode(&in) - case *yaml.Node: - return yamlNode(in) - case map[interface{}]interface{}: - o := make(JSONMapSlice, 0, len(in)) - for ke, va := range in { - var nmi JSONMapItem - if nmi.Key, err = format(ke); err != nil { - return nil, err - } - - v, ert := transformData(va) - if ert != nil { - return nil, ert - } - nmi.Value = v - o = append(o, nmi) - } - return o, nil - case []interface{}: - len1 := len(in) - o := make([]interface{}, len1) - for i := 0; i < len1; i++ { - o[i], err = transformData(in[i]) - if err != nil { - return nil, err - } - } - return o, nil - } - return input, nil -} - -// YAMLDoc loads a yaml document from either http or a file and converts it to json -func YAMLDoc(path string) (json.RawMessage, error) { - yamlDoc, err := YAMLData(path) - if err != nil { - return nil, err - } - - data, err := YAMLToJSON(yamlDoc) - if err != nil { - return nil, err - } - - return data, nil -} - -// YAMLData loads a yaml document from either http or a file -func YAMLData(path string) (interface{}, error) { - data, err := LoadFromFileOrHTTP(path) - if err != nil { - return nil, err - } - - return BytesToYAMLDoc(data) -} diff --git a/vendor/github.com/go-openapi/swag/yamlutils/LICENSE b/vendor/github.com/go-openapi/swag/yamlutils/LICENSE new file mode 100644 index 0000000000..d645695673 --- /dev/null +++ b/vendor/github.com/go-openapi/swag/yamlutils/LICENSE @@ -0,0 +1,202 @@ + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/vendor/github.com/go-openapi/swag/yamlutils/doc.go b/vendor/github.com/go-openapi/swag/yamlutils/doc.go new file mode 100644 index 0000000000..7bb92a82f1 --- /dev/null +++ b/vendor/github.com/go-openapi/swag/yamlutils/doc.go @@ -0,0 +1,13 @@ +// SPDX-FileCopyrightText: Copyright 2015-2025 go-swagger maintainers +// SPDX-License-Identifier: Apache-2.0 + +// Package yamlutils provides utilities to work with YAML documents. +// +// - [BytesToYAMLDoc] to construct a [yaml.Node] document +// - [YAMLToJSON] to convert a [yaml.Node] document to JSON bytes +// - [YAMLMapSlice] to serialize and deserialize YAML with the order of keys maintained +package yamlutils + +import ( + _ "go.yaml.in/yaml/v3" // for documentation purpose only +) diff --git a/vendor/github.com/go-openapi/swag/yamlutils/errors.go b/vendor/github.com/go-openapi/swag/yamlutils/errors.go new file mode 100644 index 0000000000..e87bc5e8be --- /dev/null +++ b/vendor/github.com/go-openapi/swag/yamlutils/errors.go @@ -0,0 +1,15 @@ +// SPDX-FileCopyrightText: Copyright 2015-2025 go-swagger maintainers +// SPDX-License-Identifier: Apache-2.0 + +package yamlutils + +type yamlError string + +const ( + // ErrYAML is an error raised by YAML utilities + ErrYAML yamlError = "yaml error" +) + +func (e yamlError) Error() string { + return string(e) +} diff --git a/vendor/github.com/go-openapi/swag/yamlutils/ordered_map.go b/vendor/github.com/go-openapi/swag/yamlutils/ordered_map.go new file mode 100644 index 0000000000..3daf68dbba --- /dev/null +++ b/vendor/github.com/go-openapi/swag/yamlutils/ordered_map.go @@ -0,0 +1,316 @@ +// SPDX-FileCopyrightText: Copyright 2015-2025 go-swagger maintainers +// SPDX-License-Identifier: Apache-2.0 + +package yamlutils + +import ( + "fmt" + "iter" + "slices" + "sort" + "strconv" + + "github.com/go-openapi/swag/conv" + "github.com/go-openapi/swag/jsonutils" + "github.com/go-openapi/swag/jsonutils/adapters/ifaces" + "github.com/go-openapi/swag/typeutils" + yaml "go.yaml.in/yaml/v3" +) + +var ( + _ yaml.Marshaler = YAMLMapSlice{} + _ yaml.Unmarshaler = &YAMLMapSlice{} +) + +// YAMLMapSlice represents a YAML object, with the order of keys maintained. +// +// It is similar to [jsonutils.JSONMapSlice] and also knows how to marshal and unmarshal YAML. +// +// It behaves like an ordered map, but keys can't be accessed in constant time. +type YAMLMapSlice []YAMLMapItem + +// YAMLMapItem represents the value of a key in a YAML object held by [YAMLMapSlice]. +// +// It is entirely equivalent to [jsonutils.JSONMapItem], with the same limitation that +// you should not Marshal or Unmarshal directly this type, outside of a [YAMLMapSlice]. +type YAMLMapItem = jsonutils.JSONMapItem + +func (s YAMLMapSlice) OrderedItems() iter.Seq2[string, any] { + return func(yield func(string, any) bool) { + for _, item := range s { + if !yield(item.Key, item.Value) { + return + } + } + } +} + +// SetOrderedItems implements [ifaces.SetOrdered]: it merges keys passed by the iterator argument +// into the [YAMLMapSlice]. +func (s *YAMLMapSlice) SetOrderedItems(items iter.Seq2[string, any]) { + if items == nil { + // force receiver to be a nil slice + *s = nil + + return + } + + m := *s + if len(m) > 0 { + // update mode: short-circuited when unmarshaling fresh data structures + idx := make(map[string]int, len(m)) + + for i, item := range m { + idx[item.Key] = i + } + + for k, v := range items { + idx, ok := idx[k] + if ok { + m[idx].Value = v + + continue + } + + m = append(m, YAMLMapItem{Key: k, Value: v}) + } + + *s = m + + return + } + + for k, v := range items { + m = append(m, YAMLMapItem{Key: k, Value: v}) + } + + *s = m +} + +// MarshalJSON renders this YAML object as JSON bytes. +// +// The difference with standard JSON marshaling is that the order of keys is maintained. +func (s YAMLMapSlice) MarshalJSON() ([]byte, error) { + return jsonutils.JSONMapSlice(s).MarshalJSON() +} + +// UnmarshalJSON builds this YAML object from JSON bytes. +// +// The difference with standard JSON marshaling is that the order of keys is maintained. +func (s *YAMLMapSlice) UnmarshalJSON(data []byte) error { + js := jsonutils.JSONMapSlice(*s) + + if err := js.UnmarshalJSON(data); err != nil { + return err + } + + *s = YAMLMapSlice(js) + + return nil +} + +// MarshalYAML produces a YAML document as bytes +// +// The difference with standard YAML marshaling is that the order of keys is maintained. +// +// It implements [yaml.Marshaler]. +func (s YAMLMapSlice) MarshalYAML() (any, error) { + if typeutils.IsNil(s) { + return []byte("null\n"), nil + } + var n yaml.Node + n.Kind = yaml.DocumentNode + var nodes []*yaml.Node + + for _, item := range s { + nn, err := json2yaml(item.Value) + if err != nil { + return nil, err + } + + ns := []*yaml.Node{ + { + Kind: yaml.ScalarNode, + Tag: yamlStringScalar, + Value: item.Key, + }, + nn, + } + nodes = append(nodes, ns...) + } + + n.Content = []*yaml.Node{ + { + Kind: yaml.MappingNode, + Content: nodes, + }, + } + + return yaml.Marshal(&n) +} + +// UnmarshalYAML builds a YAMLMapSlice object from a YAML document [yaml.Node]. +// +// It implements [yaml.Unmarshaler]. +func (s *YAMLMapSlice) UnmarshalYAML(node *yaml.Node) error { + if typeutils.IsNil(*s) { + // allow to unmarshal with a simple var declaration (nil slice) + *s = YAMLMapSlice{} + } + if node == nil { + *s = nil + return nil + } + + const sensibleAllocDivider = 2 + m := slices.Grow(*s, len(node.Content)/sensibleAllocDivider) + m = m[:0] + + for i := 0; i < len(node.Content); i += 2 { + var nmi YAMLMapItem + k, err := yamlStringScalarC(node.Content[i]) + if err != nil { + return fmt.Errorf("unable to decode YAML map key: %w: %w", err, ErrYAML) + } + nmi.Key = k + v, err := yamlNode(node.Content[i+1]) + if err != nil { + return fmt.Errorf("unable to process YAML map value for key %q: %w: %w", k, err, ErrYAML) + } + nmi.Value = v + m = append(m, nmi) + } + + *s = m + + return nil +} + +func json2yaml(item any) (*yaml.Node, error) { + if typeutils.IsNil(item) { + return &yaml.Node{ + Kind: yaml.ScalarNode, + Value: "null", + }, nil + } + + switch val := item.(type) { + case ifaces.Ordered: + return orderedYAML(val) + + case map[string]any: + var n yaml.Node + n.Kind = yaml.MappingNode + keys := make([]string, 0, len(val)) + for k := range val { + keys = append(keys, k) + } + sort.Strings(keys) + + for _, k := range keys { + v := val[k] + childNode, err := json2yaml(v) + if err != nil { + return nil, err + } + n.Content = append(n.Content, &yaml.Node{ + Kind: yaml.ScalarNode, + Tag: yamlStringScalar, + Value: k, + }, childNode) + } + return &n, nil + + case []any: + var n yaml.Node + n.Kind = yaml.SequenceNode + for i := range val { + childNode, err := json2yaml(val[i]) + if err != nil { + return nil, err + } + n.Content = append(n.Content, childNode) + } + return &n, nil + case string: + return &yaml.Node{ + Kind: yaml.ScalarNode, + Tag: yamlStringScalar, + Value: val, + }, nil + case float32: + return floatNode(val) + case float64: + return floatNode(val) + case int: + return integerNode(val) + case int8: + return integerNode(val) + case int16: + return integerNode(val) + case int32: + return integerNode(val) + case int64: + return integerNode(val) + case uint: + return uintegerNode(val) + case uint8: + return uintegerNode(val) + case uint16: + return uintegerNode(val) + case uint32: + return uintegerNode(val) + case uint64: + return uintegerNode(val) + case bool: + return &yaml.Node{ + Kind: yaml.ScalarNode, + Tag: yamlBoolScalar, + Value: strconv.FormatBool(val), + }, nil + default: + return nil, fmt.Errorf("unhandled type: %T: %w", val, ErrYAML) + } +} + +func floatNode[T conv.Float](val T) (*yaml.Node, error) { + return &yaml.Node{ + Kind: yaml.ScalarNode, + Tag: yamlFloatScalar, + Value: conv.FormatFloat(val), + }, nil +} + +func integerNode[T conv.Signed](val T) (*yaml.Node, error) { + return &yaml.Node{ + Kind: yaml.ScalarNode, + Tag: yamlIntScalar, + Value: conv.FormatInteger(val), + }, nil +} + +func uintegerNode[T conv.Unsigned](val T) (*yaml.Node, error) { + return &yaml.Node{ + Kind: yaml.ScalarNode, + Tag: yamlIntScalar, + Value: conv.FormatUinteger(val), + }, nil +} + +func orderedYAML[T ifaces.Ordered](val T) (*yaml.Node, error) { + var n yaml.Node + n.Kind = yaml.MappingNode + for key, value := range val.OrderedItems() { + childNode, err := json2yaml(value) + if err != nil { + return nil, err + } + + n.Content = append(n.Content, &yaml.Node{ + Kind: yaml.ScalarNode, + Tag: yamlStringScalar, + Value: key, + }, childNode) + } + return &n, nil +} diff --git a/vendor/github.com/go-openapi/swag/yamlutils/yaml.go b/vendor/github.com/go-openapi/swag/yamlutils/yaml.go new file mode 100644 index 0000000000..e3aff3c2fd --- /dev/null +++ b/vendor/github.com/go-openapi/swag/yamlutils/yaml.go @@ -0,0 +1,211 @@ +// SPDX-FileCopyrightText: Copyright 2015-2025 go-swagger maintainers +// SPDX-License-Identifier: Apache-2.0 + +package yamlutils + +import ( + json "encoding/json" + "fmt" + "strconv" + + "github.com/go-openapi/swag/jsonutils" + yaml "go.yaml.in/yaml/v3" +) + +// YAMLToJSON converts a YAML document into JSON bytes. +// +// Note: a YAML document is the output from a [yaml.Marshaler], e.g a pointer to a [yaml.Node]. +// +// [YAMLToJSON] is typically called after [BytesToYAMLDoc]. +func YAMLToJSON(value any) (json.RawMessage, error) { + jm, err := transformData(value) + if err != nil { + return nil, err + } + + b, err := jsonutils.WriteJSON(jm) + + return json.RawMessage(b), err +} + +// BytesToYAMLDoc converts a byte slice into a YAML document. +// +// This function only supports root documents that are objects. +// +// A YAML document is a pointer to a [yaml.Node]. +func BytesToYAMLDoc(data []byte) (any, error) { + var document yaml.Node // preserve order that is present in the document + if err := yaml.Unmarshal(data, &document); err != nil { + return nil, err + } + if document.Kind != yaml.DocumentNode || len(document.Content) != 1 || document.Content[0].Kind != yaml.MappingNode { + return nil, fmt.Errorf("only YAML documents that are objects are supported: %w", ErrYAML) + } + return &document, nil +} + +func yamlNode(root *yaml.Node) (any, error) { + switch root.Kind { + case yaml.DocumentNode: + return yamlDocument(root) + case yaml.SequenceNode: + return yamlSequence(root) + case yaml.MappingNode: + return yamlMapping(root) + case yaml.ScalarNode: + return yamlScalar(root) + case yaml.AliasNode: + return yamlNode(root.Alias) + default: + return nil, fmt.Errorf("unsupported YAML node type: %v: %w", root.Kind, ErrYAML) + } +} + +func yamlDocument(node *yaml.Node) (any, error) { + if len(node.Content) != 1 { + return nil, fmt.Errorf("unexpected YAML Document node content length: %d: %w", len(node.Content), ErrYAML) + } + return yamlNode(node.Content[0]) +} + +func yamlMapping(node *yaml.Node) (any, error) { + const sensibleAllocDivider = 2 // nodes concatenate (key,value) sequences + m := make(YAMLMapSlice, len(node.Content)/sensibleAllocDivider) + + if err := m.UnmarshalYAML(node); err != nil { + return nil, err + } + + return m, nil +} + +func yamlSequence(node *yaml.Node) (any, error) { + s := make([]any, 0) + + for i := range len(node.Content) { + v, err := yamlNode(node.Content[i]) + if err != nil { + return nil, fmt.Errorf("unable to decode YAML sequence value: %w: %w", err, ErrYAML) + } + s = append(s, v) + } + return s, nil +} + +const ( // See https://yaml.org/type/ + yamlStringScalar = "tag:yaml.org,2002:str" + yamlIntScalar = "tag:yaml.org,2002:int" + yamlBoolScalar = "tag:yaml.org,2002:bool" + yamlFloatScalar = "tag:yaml.org,2002:float" + yamlTimestamp = "tag:yaml.org,2002:timestamp" + yamlNull = "tag:yaml.org,2002:null" +) + +func yamlScalar(node *yaml.Node) (any, error) { + switch node.LongTag() { + case yamlStringScalar: + return node.Value, nil + case yamlBoolScalar: + b, err := strconv.ParseBool(node.Value) + if err != nil { + return nil, fmt.Errorf("unable to process scalar node. Got %q. Expecting bool content: %w: %w", node.Value, err, ErrYAML) + } + return b, nil + case yamlIntScalar: + i, err := strconv.ParseInt(node.Value, 10, 64) + if err != nil { + return nil, fmt.Errorf("unable to process scalar node. Got %q. Expecting integer content: %w: %w", node.Value, err, ErrYAML) + } + return i, nil + case yamlFloatScalar: + f, err := strconv.ParseFloat(node.Value, 64) + if err != nil { + return nil, fmt.Errorf("unable to process scalar node. Got %q. Expecting float content: %w: %w", node.Value, err, ErrYAML) + } + return f, nil + case yamlTimestamp: + // YAML timestamp is marshaled as string, not time + return node.Value, nil + case yamlNull: + return nil, nil //nolint:nilnil + default: + return nil, fmt.Errorf("YAML tag %q is not supported: %w", node.LongTag(), ErrYAML) + } +} + +func yamlStringScalarC(node *yaml.Node) (string, error) { + if node.Kind != yaml.ScalarNode { + return "", fmt.Errorf("expecting a string scalar but got %q: %w", node.Kind, ErrYAML) + } + switch node.LongTag() { + case yamlStringScalar, yamlIntScalar, yamlFloatScalar: + return node.Value, nil + default: + return "", fmt.Errorf("YAML tag %q is not supported as map key: %w", node.LongTag(), ErrYAML) + } +} + +func format(t any) (string, error) { + switch k := t.(type) { + case string: + return k, nil + case uint: + return strconv.FormatUint(uint64(k), 10), nil + case uint8: + return strconv.FormatUint(uint64(k), 10), nil + case uint16: + return strconv.FormatUint(uint64(k), 10), nil + case uint32: + return strconv.FormatUint(uint64(k), 10), nil + case uint64: + return strconv.FormatUint(k, 10), nil + case int: + return strconv.Itoa(k), nil + case int8: + return strconv.FormatInt(int64(k), 10), nil + case int16: + return strconv.FormatInt(int64(k), 10), nil + case int32: + return strconv.FormatInt(int64(k), 10), nil + case int64: + return strconv.FormatInt(k, 10), nil + default: + return "", fmt.Errorf("unexpected map key type, got: %T: %w", k, ErrYAML) + } +} + +func transformData(input any) (out any, err error) { + switch in := input.(type) { + case yaml.Node: + return yamlNode(&in) + case *yaml.Node: + return yamlNode(in) + case map[any]any: + o := make(YAMLMapSlice, 0, len(in)) + for ke, va := range in { + var nmi YAMLMapItem + if nmi.Key, err = format(ke); err != nil { + return nil, err + } + + v, ert := transformData(va) + if ert != nil { + return nil, ert + } + nmi.Value = v + o = append(o, nmi) + } + return o, nil + case []any: + len1 := len(in) + o := make([]any, len1) + for i := range len1 { + o[i], err = transformData(in[i]) + if err != nil { + return nil, err + } + } + return o, nil + } + return input, nil +} diff --git a/vendor/github.com/go-openapi/swag/yamlutils_iface.go b/vendor/github.com/go-openapi/swag/yamlutils_iface.go new file mode 100644 index 0000000000..57767efc56 --- /dev/null +++ b/vendor/github.com/go-openapi/swag/yamlutils_iface.go @@ -0,0 +1,20 @@ +// SPDX-FileCopyrightText: Copyright 2015-2025 go-swagger maintainers +// SPDX-License-Identifier: Apache-2.0 + +package swag + +import ( + "encoding/json" + + "github.com/go-openapi/swag/yamlutils" +) + +// YAMLToJSON converts YAML unmarshaled data into json compatible data +// +// Deprecated: use [yamlutils.YAMLToJSON] instead. +func YAMLToJSON(data any) (json.RawMessage, error) { return yamlutils.YAMLToJSON(data) } + +// BytesToYAMLDoc converts a byte slice into a YAML document +// +// Deprecated: use [yamlutils.BytesToYAMLDoc] instead. +func BytesToYAMLDoc(data []byte) (any, error) { return yamlutils.BytesToYAMLDoc(data) } diff --git a/vendor/github.com/josharian/intern/README.md b/vendor/github.com/josharian/intern/README.md deleted file mode 100644 index ffc44b219b..0000000000 --- a/vendor/github.com/josharian/intern/README.md +++ /dev/null @@ -1,5 +0,0 @@ -Docs: https://godoc.org/github.com/josharian/intern - -See also [Go issue 5160](https://golang.org/issue/5160). - -License: MIT diff --git a/vendor/github.com/josharian/intern/intern.go b/vendor/github.com/josharian/intern/intern.go deleted file mode 100644 index 7acb1fe90a..0000000000 --- a/vendor/github.com/josharian/intern/intern.go +++ /dev/null @@ -1,44 +0,0 @@ -// Package intern interns strings. -// Interning is best effort only. -// Interned strings may be removed automatically -// at any time without notification. -// All functions may be called concurrently -// with themselves and each other. -package intern - -import "sync" - -var ( - pool sync.Pool = sync.Pool{ - New: func() interface{} { - return make(map[string]string) - }, - } -) - -// String returns s, interned. -func String(s string) string { - m := pool.Get().(map[string]string) - c, ok := m[s] - if ok { - pool.Put(m) - return c - } - m[s] = s - pool.Put(m) - return s -} - -// Bytes returns b converted to a string, interned. -func Bytes(b []byte) string { - m := pool.Get().(map[string]string) - c, ok := m[string(b)] - if ok { - pool.Put(m) - return c - } - s := string(b) - m[s] = s - pool.Put(m) - return s -} diff --git a/vendor/github.com/josharian/intern/license.md b/vendor/github.com/josharian/intern/license.md deleted file mode 100644 index 353d3055f0..0000000000 --- a/vendor/github.com/josharian/intern/license.md +++ /dev/null @@ -1,21 +0,0 @@ -MIT License - -Copyright (c) 2019 Josh Bleecher Snyder - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -SOFTWARE. diff --git a/vendor/github.com/mailru/easyjson/LICENSE b/vendor/github.com/mailru/easyjson/LICENSE deleted file mode 100644 index fbff658f70..0000000000 --- a/vendor/github.com/mailru/easyjson/LICENSE +++ /dev/null @@ -1,7 +0,0 @@ -Copyright (c) 2016 Mail.Ru Group - -Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/vendor/github.com/mailru/easyjson/buffer/pool.go b/vendor/github.com/mailru/easyjson/buffer/pool.go deleted file mode 100644 index 598a54af9d..0000000000 --- a/vendor/github.com/mailru/easyjson/buffer/pool.go +++ /dev/null @@ -1,278 +0,0 @@ -// Package buffer implements a buffer for serialization, consisting of a chain of []byte-s to -// reduce copying and to allow reuse of individual chunks. -package buffer - -import ( - "io" - "net" - "sync" -) - -// PoolConfig contains configuration for the allocation and reuse strategy. -type PoolConfig struct { - StartSize int // Minimum chunk size that is allocated. - PooledSize int // Minimum chunk size that is reused, reusing chunks too small will result in overhead. - MaxSize int // Maximum chunk size that will be allocated. -} - -var config = PoolConfig{ - StartSize: 128, - PooledSize: 512, - MaxSize: 32768, -} - -// Reuse pool: chunk size -> pool. -var buffers = map[int]*sync.Pool{} - -func initBuffers() { - for l := config.PooledSize; l <= config.MaxSize; l *= 2 { - buffers[l] = new(sync.Pool) - } -} - -func init() { - initBuffers() -} - -// Init sets up a non-default pooling and allocation strategy. Should be run before serialization is done. -func Init(cfg PoolConfig) { - config = cfg - initBuffers() -} - -// putBuf puts a chunk to reuse pool if it can be reused. -func putBuf(buf []byte) { - size := cap(buf) - if size < config.PooledSize { - return - } - if c := buffers[size]; c != nil { - c.Put(buf[:0]) - } -} - -// getBuf gets a chunk from reuse pool or creates a new one if reuse failed. -func getBuf(size int) []byte { - if size >= config.PooledSize { - if c := buffers[size]; c != nil { - v := c.Get() - if v != nil { - return v.([]byte) - } - } - } - return make([]byte, 0, size) -} - -// Buffer is a buffer optimized for serialization without extra copying. -type Buffer struct { - - // Buf is the current chunk that can be used for serialization. - Buf []byte - - toPool []byte - bufs [][]byte -} - -// EnsureSpace makes sure that the current chunk contains at least s free bytes, -// possibly creating a new chunk. -func (b *Buffer) EnsureSpace(s int) { - if cap(b.Buf)-len(b.Buf) < s { - b.ensureSpaceSlow(s) - } -} - -func (b *Buffer) ensureSpaceSlow(s int) { - l := len(b.Buf) - if l > 0 { - if cap(b.toPool) != cap(b.Buf) { - // Chunk was reallocated, toPool can be pooled. - putBuf(b.toPool) - } - if cap(b.bufs) == 0 { - b.bufs = make([][]byte, 0, 8) - } - b.bufs = append(b.bufs, b.Buf) - l = cap(b.toPool) * 2 - } else { - l = config.StartSize - } - - if l > config.MaxSize { - l = config.MaxSize - } - b.Buf = getBuf(l) - b.toPool = b.Buf -} - -// AppendByte appends a single byte to buffer. -func (b *Buffer) AppendByte(data byte) { - b.EnsureSpace(1) - b.Buf = append(b.Buf, data) -} - -// AppendBytes appends a byte slice to buffer. -func (b *Buffer) AppendBytes(data []byte) { - if len(data) <= cap(b.Buf)-len(b.Buf) { - b.Buf = append(b.Buf, data...) // fast path - } else { - b.appendBytesSlow(data) - } -} - -func (b *Buffer) appendBytesSlow(data []byte) { - for len(data) > 0 { - b.EnsureSpace(1) - - sz := cap(b.Buf) - len(b.Buf) - if sz > len(data) { - sz = len(data) - } - - b.Buf = append(b.Buf, data[:sz]...) - data = data[sz:] - } -} - -// AppendString appends a string to buffer. -func (b *Buffer) AppendString(data string) { - if len(data) <= cap(b.Buf)-len(b.Buf) { - b.Buf = append(b.Buf, data...) // fast path - } else { - b.appendStringSlow(data) - } -} - -func (b *Buffer) appendStringSlow(data string) { - for len(data) > 0 { - b.EnsureSpace(1) - - sz := cap(b.Buf) - len(b.Buf) - if sz > len(data) { - sz = len(data) - } - - b.Buf = append(b.Buf, data[:sz]...) - data = data[sz:] - } -} - -// Size computes the size of a buffer by adding sizes of every chunk. -func (b *Buffer) Size() int { - size := len(b.Buf) - for _, buf := range b.bufs { - size += len(buf) - } - return size -} - -// DumpTo outputs the contents of a buffer to a writer and resets the buffer. -func (b *Buffer) DumpTo(w io.Writer) (written int, err error) { - bufs := net.Buffers(b.bufs) - if len(b.Buf) > 0 { - bufs = append(bufs, b.Buf) - } - n, err := bufs.WriteTo(w) - - for _, buf := range b.bufs { - putBuf(buf) - } - putBuf(b.toPool) - - b.bufs = nil - b.Buf = nil - b.toPool = nil - - return int(n), err -} - -// BuildBytes creates a single byte slice with all the contents of the buffer. Data is -// copied if it does not fit in a single chunk. You can optionally provide one byte -// slice as argument that it will try to reuse. -func (b *Buffer) BuildBytes(reuse ...[]byte) []byte { - if len(b.bufs) == 0 { - ret := b.Buf - b.toPool = nil - b.Buf = nil - return ret - } - - var ret []byte - size := b.Size() - - // If we got a buffer as argument and it is big enough, reuse it. - if len(reuse) == 1 && cap(reuse[0]) >= size { - ret = reuse[0][:0] - } else { - ret = make([]byte, 0, size) - } - for _, buf := range b.bufs { - ret = append(ret, buf...) - putBuf(buf) - } - - ret = append(ret, b.Buf...) - putBuf(b.toPool) - - b.bufs = nil - b.toPool = nil - b.Buf = nil - - return ret -} - -type readCloser struct { - offset int - bufs [][]byte -} - -func (r *readCloser) Read(p []byte) (n int, err error) { - for _, buf := range r.bufs { - // Copy as much as we can. - x := copy(p[n:], buf[r.offset:]) - n += x // Increment how much we filled. - - // Did we empty the whole buffer? - if r.offset+x == len(buf) { - // On to the next buffer. - r.offset = 0 - r.bufs = r.bufs[1:] - - // We can release this buffer. - putBuf(buf) - } else { - r.offset += x - } - - if n == len(p) { - break - } - } - // No buffers left or nothing read? - if len(r.bufs) == 0 { - err = io.EOF - } - return -} - -func (r *readCloser) Close() error { - // Release all remaining buffers. - for _, buf := range r.bufs { - putBuf(buf) - } - // In case Close gets called multiple times. - r.bufs = nil - - return nil -} - -// ReadCloser creates an io.ReadCloser with all the contents of the buffer. -func (b *Buffer) ReadCloser() io.ReadCloser { - ret := &readCloser{0, append(b.bufs, b.Buf)} - - b.bufs = nil - b.toPool = nil - b.Buf = nil - - return ret -} diff --git a/vendor/github.com/mailru/easyjson/jlexer/bytestostr.go b/vendor/github.com/mailru/easyjson/jlexer/bytestostr.go deleted file mode 100644 index ff7b27c5b2..0000000000 --- a/vendor/github.com/mailru/easyjson/jlexer/bytestostr.go +++ /dev/null @@ -1,24 +0,0 @@ -// This file will only be included to the build if neither -// easyjson_nounsafe nor appengine build tag is set. See README notes -// for more details. - -//+build !easyjson_nounsafe -//+build !appengine - -package jlexer - -import ( - "reflect" - "unsafe" -) - -// bytesToStr creates a string pointing at the slice to avoid copying. -// -// Warning: the string returned by the function should be used with care, as the whole input data -// chunk may be either blocked from being freed by GC because of a single string or the buffer.Data -// may be garbage-collected even when the string exists. -func bytesToStr(data []byte) string { - h := (*reflect.SliceHeader)(unsafe.Pointer(&data)) - shdr := reflect.StringHeader{Data: h.Data, Len: h.Len} - return *(*string)(unsafe.Pointer(&shdr)) -} diff --git a/vendor/github.com/mailru/easyjson/jlexer/bytestostr_nounsafe.go b/vendor/github.com/mailru/easyjson/jlexer/bytestostr_nounsafe.go deleted file mode 100644 index 864d1be676..0000000000 --- a/vendor/github.com/mailru/easyjson/jlexer/bytestostr_nounsafe.go +++ /dev/null @@ -1,13 +0,0 @@ -// This file is included to the build if any of the buildtags below -// are defined. Refer to README notes for more details. - -//+build easyjson_nounsafe appengine - -package jlexer - -// bytesToStr creates a string normally from []byte -// -// Note that this method is roughly 1.5x slower than using the 'unsafe' method. -func bytesToStr(data []byte) string { - return string(data) -} diff --git a/vendor/github.com/mailru/easyjson/jlexer/error.go b/vendor/github.com/mailru/easyjson/jlexer/error.go deleted file mode 100644 index e90ec40d05..0000000000 --- a/vendor/github.com/mailru/easyjson/jlexer/error.go +++ /dev/null @@ -1,15 +0,0 @@ -package jlexer - -import "fmt" - -// LexerError implements the error interface and represents all possible errors that can be -// generated during parsing the JSON data. -type LexerError struct { - Reason string - Offset int - Data string -} - -func (l *LexerError) Error() string { - return fmt.Sprintf("parse error: %s near offset %d of '%s'", l.Reason, l.Offset, l.Data) -} diff --git a/vendor/github.com/mailru/easyjson/jlexer/lexer.go b/vendor/github.com/mailru/easyjson/jlexer/lexer.go deleted file mode 100644 index b5f5e26132..0000000000 --- a/vendor/github.com/mailru/easyjson/jlexer/lexer.go +++ /dev/null @@ -1,1244 +0,0 @@ -// Package jlexer contains a JSON lexer implementation. -// -// It is expected that it is mostly used with generated parser code, so the interface is tuned -// for a parser that knows what kind of data is expected. -package jlexer - -import ( - "bytes" - "encoding/base64" - "encoding/json" - "errors" - "fmt" - "io" - "strconv" - "unicode" - "unicode/utf16" - "unicode/utf8" - - "github.com/josharian/intern" -) - -// tokenKind determines type of a token. -type tokenKind byte - -const ( - tokenUndef tokenKind = iota // No token. - tokenDelim // Delimiter: one of '{', '}', '[' or ']'. - tokenString // A string literal, e.g. "abc\u1234" - tokenNumber // Number literal, e.g. 1.5e5 - tokenBool // Boolean literal: true or false. - tokenNull // null keyword. -) - -// token describes a single token: type, position in the input and value. -type token struct { - kind tokenKind // Type of a token. - - boolValue bool // Value if a boolean literal token. - byteValueCloned bool // true if byteValue was allocated and does not refer to original json body - byteValue []byte // Raw value of a token. - delimValue byte -} - -// Lexer is a JSON lexer: it iterates over JSON tokens in a byte slice. -type Lexer struct { - Data []byte // Input data given to the lexer. - - start int // Start of the current token. - pos int // Current unscanned position in the input stream. - token token // Last scanned token, if token.kind != tokenUndef. - - firstElement bool // Whether current element is the first in array or an object. - wantSep byte // A comma or a colon character, which need to occur before a token. - - UseMultipleErrors bool // If we want to use multiple errors. - fatalError error // Fatal error occurred during lexing. It is usually a syntax error. - multipleErrors []*LexerError // Semantic errors occurred during lexing. Marshalling will be continued after finding this errors. -} - -// FetchToken scans the input for the next token. -func (r *Lexer) FetchToken() { - r.token.kind = tokenUndef - r.start = r.pos - - // Check if r.Data has r.pos element - // If it doesn't, it mean corrupted input data - if len(r.Data) < r.pos { - r.errParse("Unexpected end of data") - return - } - // Determine the type of a token by skipping whitespace and reading the - // first character. - for _, c := range r.Data[r.pos:] { - switch c { - case ':', ',': - if r.wantSep == c { - r.pos++ - r.start++ - r.wantSep = 0 - } else { - r.errSyntax() - } - - case ' ', '\t', '\r', '\n': - r.pos++ - r.start++ - - case '"': - if r.wantSep != 0 { - r.errSyntax() - } - - r.token.kind = tokenString - r.fetchString() - return - - case '{', '[': - if r.wantSep != 0 { - r.errSyntax() - } - r.firstElement = true - r.token.kind = tokenDelim - r.token.delimValue = r.Data[r.pos] - r.pos++ - return - - case '}', ']': - if !r.firstElement && (r.wantSep != ',') { - r.errSyntax() - } - r.wantSep = 0 - r.token.kind = tokenDelim - r.token.delimValue = r.Data[r.pos] - r.pos++ - return - - case '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', '-': - if r.wantSep != 0 { - r.errSyntax() - } - r.token.kind = tokenNumber - r.fetchNumber() - return - - case 'n': - if r.wantSep != 0 { - r.errSyntax() - } - - r.token.kind = tokenNull - r.fetchNull() - return - - case 't': - if r.wantSep != 0 { - r.errSyntax() - } - - r.token.kind = tokenBool - r.token.boolValue = true - r.fetchTrue() - return - - case 'f': - if r.wantSep != 0 { - r.errSyntax() - } - - r.token.kind = tokenBool - r.token.boolValue = false - r.fetchFalse() - return - - default: - r.errSyntax() - return - } - } - r.fatalError = io.EOF - return -} - -// isTokenEnd returns true if the char can follow a non-delimiter token -func isTokenEnd(c byte) bool { - return c == ' ' || c == '\t' || c == '\r' || c == '\n' || c == '[' || c == ']' || c == '{' || c == '}' || c == ',' || c == ':' -} - -// fetchNull fetches and checks remaining bytes of null keyword. -func (r *Lexer) fetchNull() { - r.pos += 4 - if r.pos > len(r.Data) || - r.Data[r.pos-3] != 'u' || - r.Data[r.pos-2] != 'l' || - r.Data[r.pos-1] != 'l' || - (r.pos != len(r.Data) && !isTokenEnd(r.Data[r.pos])) { - - r.pos -= 4 - r.errSyntax() - } -} - -// fetchTrue fetches and checks remaining bytes of true keyword. -func (r *Lexer) fetchTrue() { - r.pos += 4 - if r.pos > len(r.Data) || - r.Data[r.pos-3] != 'r' || - r.Data[r.pos-2] != 'u' || - r.Data[r.pos-1] != 'e' || - (r.pos != len(r.Data) && !isTokenEnd(r.Data[r.pos])) { - - r.pos -= 4 - r.errSyntax() - } -} - -// fetchFalse fetches and checks remaining bytes of false keyword. -func (r *Lexer) fetchFalse() { - r.pos += 5 - if r.pos > len(r.Data) || - r.Data[r.pos-4] != 'a' || - r.Data[r.pos-3] != 'l' || - r.Data[r.pos-2] != 's' || - r.Data[r.pos-1] != 'e' || - (r.pos != len(r.Data) && !isTokenEnd(r.Data[r.pos])) { - - r.pos -= 5 - r.errSyntax() - } -} - -// fetchNumber scans a number literal token. -func (r *Lexer) fetchNumber() { - hasE := false - afterE := false - hasDot := false - - r.pos++ - for i, c := range r.Data[r.pos:] { - switch { - case c >= '0' && c <= '9': - afterE = false - case c == '.' && !hasDot: - hasDot = true - case (c == 'e' || c == 'E') && !hasE: - hasE = true - hasDot = true - afterE = true - case (c == '+' || c == '-') && afterE: - afterE = false - default: - r.pos += i - if !isTokenEnd(c) { - r.errSyntax() - } else { - r.token.byteValue = r.Data[r.start:r.pos] - } - return - } - } - - r.pos = len(r.Data) - r.token.byteValue = r.Data[r.start:] -} - -// findStringLen tries to scan into the string literal for ending quote char to determine required size. -// The size will be exact if no escapes are present and may be inexact if there are escaped chars. -func findStringLen(data []byte) (isValid bool, length int) { - for { - idx := bytes.IndexByte(data, '"') - if idx == -1 { - return false, len(data) - } - if idx == 0 || (idx > 0 && data[idx-1] != '\\') { - return true, length + idx - } - - // count \\\\\\\ sequences. even number of slashes means quote is not really escaped - cnt := 1 - for idx-cnt-1 >= 0 && data[idx-cnt-1] == '\\' { - cnt++ - } - if cnt%2 == 0 { - return true, length + idx - } - - length += idx + 1 - data = data[idx+1:] - } -} - -// unescapeStringToken performs unescaping of string token. -// if no escaping is needed, original string is returned, otherwise - a new one allocated -func (r *Lexer) unescapeStringToken() (err error) { - data := r.token.byteValue - var unescapedData []byte - - for { - i := bytes.IndexByte(data, '\\') - if i == -1 { - break - } - - escapedRune, escapedBytes, err := decodeEscape(data[i:]) - if err != nil { - r.errParse(err.Error()) - return err - } - - if unescapedData == nil { - unescapedData = make([]byte, 0, len(r.token.byteValue)) - } - - var d [4]byte - s := utf8.EncodeRune(d[:], escapedRune) - unescapedData = append(unescapedData, data[:i]...) - unescapedData = append(unescapedData, d[:s]...) - - data = data[i+escapedBytes:] - } - - if unescapedData != nil { - r.token.byteValue = append(unescapedData, data...) - r.token.byteValueCloned = true - } - return -} - -// getu4 decodes \uXXXX from the beginning of s, returning the hex value, -// or it returns -1. -func getu4(s []byte) rune { - if len(s) < 6 || s[0] != '\\' || s[1] != 'u' { - return -1 - } - var val rune - for i := 2; i < len(s) && i < 6; i++ { - var v byte - c := s[i] - switch c { - case '0', '1', '2', '3', '4', '5', '6', '7', '8', '9': - v = c - '0' - case 'a', 'b', 'c', 'd', 'e', 'f': - v = c - 'a' + 10 - case 'A', 'B', 'C', 'D', 'E', 'F': - v = c - 'A' + 10 - default: - return -1 - } - - val <<= 4 - val |= rune(v) - } - return val -} - -// decodeEscape processes a single escape sequence and returns number of bytes processed. -func decodeEscape(data []byte) (decoded rune, bytesProcessed int, err error) { - if len(data) < 2 { - return 0, 0, errors.New("incorrect escape symbol \\ at the end of token") - } - - c := data[1] - switch c { - case '"', '/', '\\': - return rune(c), 2, nil - case 'b': - return '\b', 2, nil - case 'f': - return '\f', 2, nil - case 'n': - return '\n', 2, nil - case 'r': - return '\r', 2, nil - case 't': - return '\t', 2, nil - case 'u': - rr := getu4(data) - if rr < 0 { - return 0, 0, errors.New("incorrectly escaped \\uXXXX sequence") - } - - read := 6 - if utf16.IsSurrogate(rr) { - rr1 := getu4(data[read:]) - if dec := utf16.DecodeRune(rr, rr1); dec != unicode.ReplacementChar { - read += 6 - rr = dec - } else { - rr = unicode.ReplacementChar - } - } - return rr, read, nil - } - - return 0, 0, errors.New("incorrectly escaped bytes") -} - -// fetchString scans a string literal token. -func (r *Lexer) fetchString() { - r.pos++ - data := r.Data[r.pos:] - - isValid, length := findStringLen(data) - if !isValid { - r.pos += length - r.errParse("unterminated string literal") - return - } - r.token.byteValue = data[:length] - r.pos += length + 1 // skip closing '"' as well -} - -// scanToken scans the next token if no token is currently available in the lexer. -func (r *Lexer) scanToken() { - if r.token.kind != tokenUndef || r.fatalError != nil { - return - } - - r.FetchToken() -} - -// consume resets the current token to allow scanning the next one. -func (r *Lexer) consume() { - r.token.kind = tokenUndef - r.token.byteValueCloned = false - r.token.delimValue = 0 -} - -// Ok returns true if no error (including io.EOF) was encountered during scanning. -func (r *Lexer) Ok() bool { - return r.fatalError == nil -} - -const maxErrorContextLen = 13 - -func (r *Lexer) errParse(what string) { - if r.fatalError == nil { - var str string - if len(r.Data)-r.pos <= maxErrorContextLen { - str = string(r.Data) - } else { - str = string(r.Data[r.pos:r.pos+maxErrorContextLen-3]) + "..." - } - r.fatalError = &LexerError{ - Reason: what, - Offset: r.pos, - Data: str, - } - } -} - -func (r *Lexer) errSyntax() { - r.errParse("syntax error") -} - -func (r *Lexer) errInvalidToken(expected string) { - if r.fatalError != nil { - return - } - if r.UseMultipleErrors { - r.pos = r.start - r.consume() - r.SkipRecursive() - switch expected { - case "[": - r.token.delimValue = ']' - r.token.kind = tokenDelim - case "{": - r.token.delimValue = '}' - r.token.kind = tokenDelim - } - r.addNonfatalError(&LexerError{ - Reason: fmt.Sprintf("expected %s", expected), - Offset: r.start, - Data: string(r.Data[r.start:r.pos]), - }) - return - } - - var str string - if len(r.token.byteValue) <= maxErrorContextLen { - str = string(r.token.byteValue) - } else { - str = string(r.token.byteValue[:maxErrorContextLen-3]) + "..." - } - r.fatalError = &LexerError{ - Reason: fmt.Sprintf("expected %s", expected), - Offset: r.pos, - Data: str, - } -} - -func (r *Lexer) GetPos() int { - return r.pos -} - -// Delim consumes a token and verifies that it is the given delimiter. -func (r *Lexer) Delim(c byte) { - if r.token.kind == tokenUndef && r.Ok() { - r.FetchToken() - } - - if !r.Ok() || r.token.delimValue != c { - r.consume() // errInvalidToken can change token if UseMultipleErrors is enabled. - r.errInvalidToken(string([]byte{c})) - } else { - r.consume() - } -} - -// IsDelim returns true if there was no scanning error and next token is the given delimiter. -func (r *Lexer) IsDelim(c byte) bool { - if r.token.kind == tokenUndef && r.Ok() { - r.FetchToken() - } - return !r.Ok() || r.token.delimValue == c -} - -// Null verifies that the next token is null and consumes it. -func (r *Lexer) Null() { - if r.token.kind == tokenUndef && r.Ok() { - r.FetchToken() - } - if !r.Ok() || r.token.kind != tokenNull { - r.errInvalidToken("null") - } - r.consume() -} - -// IsNull returns true if the next token is a null keyword. -func (r *Lexer) IsNull() bool { - if r.token.kind == tokenUndef && r.Ok() { - r.FetchToken() - } - return r.Ok() && r.token.kind == tokenNull -} - -// Skip skips a single token. -func (r *Lexer) Skip() { - if r.token.kind == tokenUndef && r.Ok() { - r.FetchToken() - } - r.consume() -} - -// SkipRecursive skips next array or object completely, or just skips a single token if not -// an array/object. -// -// Note: no syntax validation is performed on the skipped data. -func (r *Lexer) SkipRecursive() { - r.scanToken() - var start, end byte - startPos := r.start - - switch r.token.delimValue { - case '{': - start, end = '{', '}' - case '[': - start, end = '[', ']' - default: - r.consume() - return - } - - r.consume() - - level := 1 - inQuotes := false - wasEscape := false - - for i, c := range r.Data[r.pos:] { - switch { - case c == start && !inQuotes: - level++ - case c == end && !inQuotes: - level-- - if level == 0 { - r.pos += i + 1 - if !json.Valid(r.Data[startPos:r.pos]) { - r.pos = len(r.Data) - r.fatalError = &LexerError{ - Reason: "skipped array/object json value is invalid", - Offset: r.pos, - Data: string(r.Data[r.pos:]), - } - } - return - } - case c == '\\' && inQuotes: - wasEscape = !wasEscape - continue - case c == '"' && inQuotes: - inQuotes = wasEscape - case c == '"': - inQuotes = true - } - wasEscape = false - } - r.pos = len(r.Data) - r.fatalError = &LexerError{ - Reason: "EOF reached while skipping array/object or token", - Offset: r.pos, - Data: string(r.Data[r.pos:]), - } -} - -// Raw fetches the next item recursively as a data slice -func (r *Lexer) Raw() []byte { - r.SkipRecursive() - if !r.Ok() { - return nil - } - return r.Data[r.start:r.pos] -} - -// IsStart returns whether the lexer is positioned at the start -// of an input string. -func (r *Lexer) IsStart() bool { - return r.pos == 0 -} - -// Consumed reads all remaining bytes from the input, publishing an error if -// there is anything but whitespace remaining. -func (r *Lexer) Consumed() { - if r.pos > len(r.Data) || !r.Ok() { - return - } - - for _, c := range r.Data[r.pos:] { - if c != ' ' && c != '\t' && c != '\r' && c != '\n' { - r.AddError(&LexerError{ - Reason: "invalid character '" + string(c) + "' after top-level value", - Offset: r.pos, - Data: string(r.Data[r.pos:]), - }) - return - } - - r.pos++ - r.start++ - } -} - -func (r *Lexer) unsafeString(skipUnescape bool) (string, []byte) { - if r.token.kind == tokenUndef && r.Ok() { - r.FetchToken() - } - if !r.Ok() || r.token.kind != tokenString { - r.errInvalidToken("string") - return "", nil - } - if !skipUnescape { - if err := r.unescapeStringToken(); err != nil { - r.errInvalidToken("string") - return "", nil - } - } - - bytes := r.token.byteValue - ret := bytesToStr(r.token.byteValue) - r.consume() - return ret, bytes -} - -// UnsafeString returns the string value if the token is a string literal. -// -// Warning: returned string may point to the input buffer, so the string should not outlive -// the input buffer. Intended pattern of usage is as an argument to a switch statement. -func (r *Lexer) UnsafeString() string { - ret, _ := r.unsafeString(false) - return ret -} - -// UnsafeBytes returns the byte slice if the token is a string literal. -func (r *Lexer) UnsafeBytes() []byte { - _, ret := r.unsafeString(false) - return ret -} - -// UnsafeFieldName returns current member name string token -func (r *Lexer) UnsafeFieldName(skipUnescape bool) string { - ret, _ := r.unsafeString(skipUnescape) - return ret -} - -// String reads a string literal. -func (r *Lexer) String() string { - if r.token.kind == tokenUndef && r.Ok() { - r.FetchToken() - } - if !r.Ok() || r.token.kind != tokenString { - r.errInvalidToken("string") - return "" - } - if err := r.unescapeStringToken(); err != nil { - r.errInvalidToken("string") - return "" - } - var ret string - if r.token.byteValueCloned { - ret = bytesToStr(r.token.byteValue) - } else { - ret = string(r.token.byteValue) - } - r.consume() - return ret -} - -// StringIntern reads a string literal, and performs string interning on it. -func (r *Lexer) StringIntern() string { - if r.token.kind == tokenUndef && r.Ok() { - r.FetchToken() - } - if !r.Ok() || r.token.kind != tokenString { - r.errInvalidToken("string") - return "" - } - if err := r.unescapeStringToken(); err != nil { - r.errInvalidToken("string") - return "" - } - ret := intern.Bytes(r.token.byteValue) - r.consume() - return ret -} - -// Bytes reads a string literal and base64 decodes it into a byte slice. -func (r *Lexer) Bytes() []byte { - if r.token.kind == tokenUndef && r.Ok() { - r.FetchToken() - } - if !r.Ok() || r.token.kind != tokenString { - r.errInvalidToken("string") - return nil - } - if err := r.unescapeStringToken(); err != nil { - r.errInvalidToken("string") - return nil - } - ret := make([]byte, base64.StdEncoding.DecodedLen(len(r.token.byteValue))) - n, err := base64.StdEncoding.Decode(ret, r.token.byteValue) - if err != nil { - r.fatalError = &LexerError{ - Reason: err.Error(), - } - return nil - } - - r.consume() - return ret[:n] -} - -// Bool reads a true or false boolean keyword. -func (r *Lexer) Bool() bool { - if r.token.kind == tokenUndef && r.Ok() { - r.FetchToken() - } - if !r.Ok() || r.token.kind != tokenBool { - r.errInvalidToken("bool") - return false - } - ret := r.token.boolValue - r.consume() - return ret -} - -func (r *Lexer) number() string { - if r.token.kind == tokenUndef && r.Ok() { - r.FetchToken() - } - if !r.Ok() || r.token.kind != tokenNumber { - r.errInvalidToken("number") - return "" - } - ret := bytesToStr(r.token.byteValue) - r.consume() - return ret -} - -func (r *Lexer) Uint8() uint8 { - s := r.number() - if !r.Ok() { - return 0 - } - - n, err := strconv.ParseUint(s, 10, 8) - if err != nil { - r.addNonfatalError(&LexerError{ - Offset: r.start, - Reason: err.Error(), - Data: s, - }) - } - return uint8(n) -} - -func (r *Lexer) Uint16() uint16 { - s := r.number() - if !r.Ok() { - return 0 - } - - n, err := strconv.ParseUint(s, 10, 16) - if err != nil { - r.addNonfatalError(&LexerError{ - Offset: r.start, - Reason: err.Error(), - Data: s, - }) - } - return uint16(n) -} - -func (r *Lexer) Uint32() uint32 { - s := r.number() - if !r.Ok() { - return 0 - } - - n, err := strconv.ParseUint(s, 10, 32) - if err != nil { - r.addNonfatalError(&LexerError{ - Offset: r.start, - Reason: err.Error(), - Data: s, - }) - } - return uint32(n) -} - -func (r *Lexer) Uint64() uint64 { - s := r.number() - if !r.Ok() { - return 0 - } - - n, err := strconv.ParseUint(s, 10, 64) - if err != nil { - r.addNonfatalError(&LexerError{ - Offset: r.start, - Reason: err.Error(), - Data: s, - }) - } - return n -} - -func (r *Lexer) Uint() uint { - return uint(r.Uint64()) -} - -func (r *Lexer) Int8() int8 { - s := r.number() - if !r.Ok() { - return 0 - } - - n, err := strconv.ParseInt(s, 10, 8) - if err != nil { - r.addNonfatalError(&LexerError{ - Offset: r.start, - Reason: err.Error(), - Data: s, - }) - } - return int8(n) -} - -func (r *Lexer) Int16() int16 { - s := r.number() - if !r.Ok() { - return 0 - } - - n, err := strconv.ParseInt(s, 10, 16) - if err != nil { - r.addNonfatalError(&LexerError{ - Offset: r.start, - Reason: err.Error(), - Data: s, - }) - } - return int16(n) -} - -func (r *Lexer) Int32() int32 { - s := r.number() - if !r.Ok() { - return 0 - } - - n, err := strconv.ParseInt(s, 10, 32) - if err != nil { - r.addNonfatalError(&LexerError{ - Offset: r.start, - Reason: err.Error(), - Data: s, - }) - } - return int32(n) -} - -func (r *Lexer) Int64() int64 { - s := r.number() - if !r.Ok() { - return 0 - } - - n, err := strconv.ParseInt(s, 10, 64) - if err != nil { - r.addNonfatalError(&LexerError{ - Offset: r.start, - Reason: err.Error(), - Data: s, - }) - } - return n -} - -func (r *Lexer) Int() int { - return int(r.Int64()) -} - -func (r *Lexer) Uint8Str() uint8 { - s, b := r.unsafeString(false) - if !r.Ok() { - return 0 - } - - n, err := strconv.ParseUint(s, 10, 8) - if err != nil { - r.addNonfatalError(&LexerError{ - Offset: r.start, - Reason: err.Error(), - Data: string(b), - }) - } - return uint8(n) -} - -func (r *Lexer) Uint16Str() uint16 { - s, b := r.unsafeString(false) - if !r.Ok() { - return 0 - } - - n, err := strconv.ParseUint(s, 10, 16) - if err != nil { - r.addNonfatalError(&LexerError{ - Offset: r.start, - Reason: err.Error(), - Data: string(b), - }) - } - return uint16(n) -} - -func (r *Lexer) Uint32Str() uint32 { - s, b := r.unsafeString(false) - if !r.Ok() { - return 0 - } - - n, err := strconv.ParseUint(s, 10, 32) - if err != nil { - r.addNonfatalError(&LexerError{ - Offset: r.start, - Reason: err.Error(), - Data: string(b), - }) - } - return uint32(n) -} - -func (r *Lexer) Uint64Str() uint64 { - s, b := r.unsafeString(false) - if !r.Ok() { - return 0 - } - - n, err := strconv.ParseUint(s, 10, 64) - if err != nil { - r.addNonfatalError(&LexerError{ - Offset: r.start, - Reason: err.Error(), - Data: string(b), - }) - } - return n -} - -func (r *Lexer) UintStr() uint { - return uint(r.Uint64Str()) -} - -func (r *Lexer) UintptrStr() uintptr { - return uintptr(r.Uint64Str()) -} - -func (r *Lexer) Int8Str() int8 { - s, b := r.unsafeString(false) - if !r.Ok() { - return 0 - } - - n, err := strconv.ParseInt(s, 10, 8) - if err != nil { - r.addNonfatalError(&LexerError{ - Offset: r.start, - Reason: err.Error(), - Data: string(b), - }) - } - return int8(n) -} - -func (r *Lexer) Int16Str() int16 { - s, b := r.unsafeString(false) - if !r.Ok() { - return 0 - } - - n, err := strconv.ParseInt(s, 10, 16) - if err != nil { - r.addNonfatalError(&LexerError{ - Offset: r.start, - Reason: err.Error(), - Data: string(b), - }) - } - return int16(n) -} - -func (r *Lexer) Int32Str() int32 { - s, b := r.unsafeString(false) - if !r.Ok() { - return 0 - } - - n, err := strconv.ParseInt(s, 10, 32) - if err != nil { - r.addNonfatalError(&LexerError{ - Offset: r.start, - Reason: err.Error(), - Data: string(b), - }) - } - return int32(n) -} - -func (r *Lexer) Int64Str() int64 { - s, b := r.unsafeString(false) - if !r.Ok() { - return 0 - } - - n, err := strconv.ParseInt(s, 10, 64) - if err != nil { - r.addNonfatalError(&LexerError{ - Offset: r.start, - Reason: err.Error(), - Data: string(b), - }) - } - return n -} - -func (r *Lexer) IntStr() int { - return int(r.Int64Str()) -} - -func (r *Lexer) Float32() float32 { - s := r.number() - if !r.Ok() { - return 0 - } - - n, err := strconv.ParseFloat(s, 32) - if err != nil { - r.addNonfatalError(&LexerError{ - Offset: r.start, - Reason: err.Error(), - Data: s, - }) - } - return float32(n) -} - -func (r *Lexer) Float32Str() float32 { - s, b := r.unsafeString(false) - if !r.Ok() { - return 0 - } - n, err := strconv.ParseFloat(s, 32) - if err != nil { - r.addNonfatalError(&LexerError{ - Offset: r.start, - Reason: err.Error(), - Data: string(b), - }) - } - return float32(n) -} - -func (r *Lexer) Float64() float64 { - s := r.number() - if !r.Ok() { - return 0 - } - - n, err := strconv.ParseFloat(s, 64) - if err != nil { - r.addNonfatalError(&LexerError{ - Offset: r.start, - Reason: err.Error(), - Data: s, - }) - } - return n -} - -func (r *Lexer) Float64Str() float64 { - s, b := r.unsafeString(false) - if !r.Ok() { - return 0 - } - n, err := strconv.ParseFloat(s, 64) - if err != nil { - r.addNonfatalError(&LexerError{ - Offset: r.start, - Reason: err.Error(), - Data: string(b), - }) - } - return n -} - -func (r *Lexer) Error() error { - return r.fatalError -} - -func (r *Lexer) AddError(e error) { - if r.fatalError == nil { - r.fatalError = e - } -} - -func (r *Lexer) AddNonFatalError(e error) { - r.addNonfatalError(&LexerError{ - Offset: r.start, - Data: string(r.Data[r.start:r.pos]), - Reason: e.Error(), - }) -} - -func (r *Lexer) addNonfatalError(err *LexerError) { - if r.UseMultipleErrors { - // We don't want to add errors with the same offset. - if len(r.multipleErrors) != 0 && r.multipleErrors[len(r.multipleErrors)-1].Offset == err.Offset { - return - } - r.multipleErrors = append(r.multipleErrors, err) - return - } - r.fatalError = err -} - -func (r *Lexer) GetNonFatalErrors() []*LexerError { - return r.multipleErrors -} - -// JsonNumber fetches and json.Number from 'encoding/json' package. -// Both int, float or string, contains them are valid values -func (r *Lexer) JsonNumber() json.Number { - if r.token.kind == tokenUndef && r.Ok() { - r.FetchToken() - } - if !r.Ok() { - r.errInvalidToken("json.Number") - return json.Number("") - } - - switch r.token.kind { - case tokenString: - return json.Number(r.String()) - case tokenNumber: - return json.Number(r.Raw()) - case tokenNull: - r.Null() - return json.Number("") - default: - r.errSyntax() - return json.Number("") - } -} - -// Interface fetches an interface{} analogous to the 'encoding/json' package. -func (r *Lexer) Interface() interface{} { - if r.token.kind == tokenUndef && r.Ok() { - r.FetchToken() - } - - if !r.Ok() { - return nil - } - switch r.token.kind { - case tokenString: - return r.String() - case tokenNumber: - return r.Float64() - case tokenBool: - return r.Bool() - case tokenNull: - r.Null() - return nil - } - - if r.token.delimValue == '{' { - r.consume() - - ret := map[string]interface{}{} - for !r.IsDelim('}') { - key := r.String() - r.WantColon() - ret[key] = r.Interface() - r.WantComma() - } - r.Delim('}') - - if r.Ok() { - return ret - } else { - return nil - } - } else if r.token.delimValue == '[' { - r.consume() - - ret := []interface{}{} - for !r.IsDelim(']') { - ret = append(ret, r.Interface()) - r.WantComma() - } - r.Delim(']') - - if r.Ok() { - return ret - } else { - return nil - } - } - r.errSyntax() - return nil -} - -// WantComma requires a comma to be present before fetching next token. -func (r *Lexer) WantComma() { - r.wantSep = ',' - r.firstElement = false -} - -// WantColon requires a colon to be present before fetching next token. -func (r *Lexer) WantColon() { - r.wantSep = ':' - r.firstElement = false -} diff --git a/vendor/github.com/mailru/easyjson/jwriter/writer.go b/vendor/github.com/mailru/easyjson/jwriter/writer.go deleted file mode 100644 index 2c5b20105b..0000000000 --- a/vendor/github.com/mailru/easyjson/jwriter/writer.go +++ /dev/null @@ -1,405 +0,0 @@ -// Package jwriter contains a JSON writer. -package jwriter - -import ( - "io" - "strconv" - "unicode/utf8" - - "github.com/mailru/easyjson/buffer" -) - -// Flags describe various encoding options. The behavior may be actually implemented in the encoder, but -// Flags field in Writer is used to set and pass them around. -type Flags int - -const ( - NilMapAsEmpty Flags = 1 << iota // Encode nil map as '{}' rather than 'null'. - NilSliceAsEmpty // Encode nil slice as '[]' rather than 'null'. -) - -// Writer is a JSON writer. -type Writer struct { - Flags Flags - - Error error - Buffer buffer.Buffer - NoEscapeHTML bool -} - -// Size returns the size of the data that was written out. -func (w *Writer) Size() int { - return w.Buffer.Size() -} - -// DumpTo outputs the data to given io.Writer, resetting the buffer. -func (w *Writer) DumpTo(out io.Writer) (written int, err error) { - return w.Buffer.DumpTo(out) -} - -// BuildBytes returns writer data as a single byte slice. You can optionally provide one byte slice -// as argument that it will try to reuse. -func (w *Writer) BuildBytes(reuse ...[]byte) ([]byte, error) { - if w.Error != nil { - return nil, w.Error - } - - return w.Buffer.BuildBytes(reuse...), nil -} - -// ReadCloser returns an io.ReadCloser that can be used to read the data. -// ReadCloser also resets the buffer. -func (w *Writer) ReadCloser() (io.ReadCloser, error) { - if w.Error != nil { - return nil, w.Error - } - - return w.Buffer.ReadCloser(), nil -} - -// RawByte appends raw binary data to the buffer. -func (w *Writer) RawByte(c byte) { - w.Buffer.AppendByte(c) -} - -// RawByte appends raw binary data to the buffer. -func (w *Writer) RawString(s string) { - w.Buffer.AppendString(s) -} - -// Raw appends raw binary data to the buffer or sets the error if it is given. Useful for -// calling with results of MarshalJSON-like functions. -func (w *Writer) Raw(data []byte, err error) { - switch { - case w.Error != nil: - return - case err != nil: - w.Error = err - case len(data) > 0: - w.Buffer.AppendBytes(data) - default: - w.RawString("null") - } -} - -// RawText encloses raw binary data in quotes and appends in to the buffer. -// Useful for calling with results of MarshalText-like functions. -func (w *Writer) RawText(data []byte, err error) { - switch { - case w.Error != nil: - return - case err != nil: - w.Error = err - case len(data) > 0: - w.String(string(data)) - default: - w.RawString("null") - } -} - -// Base64Bytes appends data to the buffer after base64 encoding it -func (w *Writer) Base64Bytes(data []byte) { - if data == nil { - w.Buffer.AppendString("null") - return - } - w.Buffer.AppendByte('"') - w.base64(data) - w.Buffer.AppendByte('"') -} - -func (w *Writer) Uint8(n uint8) { - w.Buffer.EnsureSpace(3) - w.Buffer.Buf = strconv.AppendUint(w.Buffer.Buf, uint64(n), 10) -} - -func (w *Writer) Uint16(n uint16) { - w.Buffer.EnsureSpace(5) - w.Buffer.Buf = strconv.AppendUint(w.Buffer.Buf, uint64(n), 10) -} - -func (w *Writer) Uint32(n uint32) { - w.Buffer.EnsureSpace(10) - w.Buffer.Buf = strconv.AppendUint(w.Buffer.Buf, uint64(n), 10) -} - -func (w *Writer) Uint(n uint) { - w.Buffer.EnsureSpace(20) - w.Buffer.Buf = strconv.AppendUint(w.Buffer.Buf, uint64(n), 10) -} - -func (w *Writer) Uint64(n uint64) { - w.Buffer.EnsureSpace(20) - w.Buffer.Buf = strconv.AppendUint(w.Buffer.Buf, n, 10) -} - -func (w *Writer) Int8(n int8) { - w.Buffer.EnsureSpace(4) - w.Buffer.Buf = strconv.AppendInt(w.Buffer.Buf, int64(n), 10) -} - -func (w *Writer) Int16(n int16) { - w.Buffer.EnsureSpace(6) - w.Buffer.Buf = strconv.AppendInt(w.Buffer.Buf, int64(n), 10) -} - -func (w *Writer) Int32(n int32) { - w.Buffer.EnsureSpace(11) - w.Buffer.Buf = strconv.AppendInt(w.Buffer.Buf, int64(n), 10) -} - -func (w *Writer) Int(n int) { - w.Buffer.EnsureSpace(21) - w.Buffer.Buf = strconv.AppendInt(w.Buffer.Buf, int64(n), 10) -} - -func (w *Writer) Int64(n int64) { - w.Buffer.EnsureSpace(21) - w.Buffer.Buf = strconv.AppendInt(w.Buffer.Buf, n, 10) -} - -func (w *Writer) Uint8Str(n uint8) { - w.Buffer.EnsureSpace(3) - w.Buffer.Buf = append(w.Buffer.Buf, '"') - w.Buffer.Buf = strconv.AppendUint(w.Buffer.Buf, uint64(n), 10) - w.Buffer.Buf = append(w.Buffer.Buf, '"') -} - -func (w *Writer) Uint16Str(n uint16) { - w.Buffer.EnsureSpace(5) - w.Buffer.Buf = append(w.Buffer.Buf, '"') - w.Buffer.Buf = strconv.AppendUint(w.Buffer.Buf, uint64(n), 10) - w.Buffer.Buf = append(w.Buffer.Buf, '"') -} - -func (w *Writer) Uint32Str(n uint32) { - w.Buffer.EnsureSpace(10) - w.Buffer.Buf = append(w.Buffer.Buf, '"') - w.Buffer.Buf = strconv.AppendUint(w.Buffer.Buf, uint64(n), 10) - w.Buffer.Buf = append(w.Buffer.Buf, '"') -} - -func (w *Writer) UintStr(n uint) { - w.Buffer.EnsureSpace(20) - w.Buffer.Buf = append(w.Buffer.Buf, '"') - w.Buffer.Buf = strconv.AppendUint(w.Buffer.Buf, uint64(n), 10) - w.Buffer.Buf = append(w.Buffer.Buf, '"') -} - -func (w *Writer) Uint64Str(n uint64) { - w.Buffer.EnsureSpace(20) - w.Buffer.Buf = append(w.Buffer.Buf, '"') - w.Buffer.Buf = strconv.AppendUint(w.Buffer.Buf, n, 10) - w.Buffer.Buf = append(w.Buffer.Buf, '"') -} - -func (w *Writer) UintptrStr(n uintptr) { - w.Buffer.EnsureSpace(20) - w.Buffer.Buf = append(w.Buffer.Buf, '"') - w.Buffer.Buf = strconv.AppendUint(w.Buffer.Buf, uint64(n), 10) - w.Buffer.Buf = append(w.Buffer.Buf, '"') -} - -func (w *Writer) Int8Str(n int8) { - w.Buffer.EnsureSpace(4) - w.Buffer.Buf = append(w.Buffer.Buf, '"') - w.Buffer.Buf = strconv.AppendInt(w.Buffer.Buf, int64(n), 10) - w.Buffer.Buf = append(w.Buffer.Buf, '"') -} - -func (w *Writer) Int16Str(n int16) { - w.Buffer.EnsureSpace(6) - w.Buffer.Buf = append(w.Buffer.Buf, '"') - w.Buffer.Buf = strconv.AppendInt(w.Buffer.Buf, int64(n), 10) - w.Buffer.Buf = append(w.Buffer.Buf, '"') -} - -func (w *Writer) Int32Str(n int32) { - w.Buffer.EnsureSpace(11) - w.Buffer.Buf = append(w.Buffer.Buf, '"') - w.Buffer.Buf = strconv.AppendInt(w.Buffer.Buf, int64(n), 10) - w.Buffer.Buf = append(w.Buffer.Buf, '"') -} - -func (w *Writer) IntStr(n int) { - w.Buffer.EnsureSpace(21) - w.Buffer.Buf = append(w.Buffer.Buf, '"') - w.Buffer.Buf = strconv.AppendInt(w.Buffer.Buf, int64(n), 10) - w.Buffer.Buf = append(w.Buffer.Buf, '"') -} - -func (w *Writer) Int64Str(n int64) { - w.Buffer.EnsureSpace(21) - w.Buffer.Buf = append(w.Buffer.Buf, '"') - w.Buffer.Buf = strconv.AppendInt(w.Buffer.Buf, n, 10) - w.Buffer.Buf = append(w.Buffer.Buf, '"') -} - -func (w *Writer) Float32(n float32) { - w.Buffer.EnsureSpace(20) - w.Buffer.Buf = strconv.AppendFloat(w.Buffer.Buf, float64(n), 'g', -1, 32) -} - -func (w *Writer) Float32Str(n float32) { - w.Buffer.EnsureSpace(20) - w.Buffer.Buf = append(w.Buffer.Buf, '"') - w.Buffer.Buf = strconv.AppendFloat(w.Buffer.Buf, float64(n), 'g', -1, 32) - w.Buffer.Buf = append(w.Buffer.Buf, '"') -} - -func (w *Writer) Float64(n float64) { - w.Buffer.EnsureSpace(20) - w.Buffer.Buf = strconv.AppendFloat(w.Buffer.Buf, n, 'g', -1, 64) -} - -func (w *Writer) Float64Str(n float64) { - w.Buffer.EnsureSpace(20) - w.Buffer.Buf = append(w.Buffer.Buf, '"') - w.Buffer.Buf = strconv.AppendFloat(w.Buffer.Buf, float64(n), 'g', -1, 64) - w.Buffer.Buf = append(w.Buffer.Buf, '"') -} - -func (w *Writer) Bool(v bool) { - w.Buffer.EnsureSpace(5) - if v { - w.Buffer.Buf = append(w.Buffer.Buf, "true"...) - } else { - w.Buffer.Buf = append(w.Buffer.Buf, "false"...) - } -} - -const chars = "0123456789abcdef" - -func getTable(falseValues ...int) [128]bool { - table := [128]bool{} - - for i := 0; i < 128; i++ { - table[i] = true - } - - for _, v := range falseValues { - table[v] = false - } - - return table -} - -var ( - htmlEscapeTable = getTable(0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, '"', '&', '<', '>', '\\') - htmlNoEscapeTable = getTable(0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, '"', '\\') -) - -func (w *Writer) String(s string) { - w.Buffer.AppendByte('"') - - // Portions of the string that contain no escapes are appended as - // byte slices. - - p := 0 // last non-escape symbol - - escapeTable := &htmlEscapeTable - if w.NoEscapeHTML { - escapeTable = &htmlNoEscapeTable - } - - for i := 0; i < len(s); { - c := s[i] - - if c < utf8.RuneSelf { - if escapeTable[c] { - // single-width character, no escaping is required - i++ - continue - } - - w.Buffer.AppendString(s[p:i]) - switch c { - case '\t': - w.Buffer.AppendString(`\t`) - case '\r': - w.Buffer.AppendString(`\r`) - case '\n': - w.Buffer.AppendString(`\n`) - case '\\': - w.Buffer.AppendString(`\\`) - case '"': - w.Buffer.AppendString(`\"`) - default: - w.Buffer.AppendString(`\u00`) - w.Buffer.AppendByte(chars[c>>4]) - w.Buffer.AppendByte(chars[c&0xf]) - } - - i++ - p = i - continue - } - - // broken utf - runeValue, runeWidth := utf8.DecodeRuneInString(s[i:]) - if runeValue == utf8.RuneError && runeWidth == 1 { - w.Buffer.AppendString(s[p:i]) - w.Buffer.AppendString(`\ufffd`) - i++ - p = i - continue - } - - // jsonp stuff - tab separator and line separator - if runeValue == '\u2028' || runeValue == '\u2029' { - w.Buffer.AppendString(s[p:i]) - w.Buffer.AppendString(`\u202`) - w.Buffer.AppendByte(chars[runeValue&0xf]) - i += runeWidth - p = i - continue - } - i += runeWidth - } - w.Buffer.AppendString(s[p:]) - w.Buffer.AppendByte('"') -} - -const encode = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/" -const padChar = '=' - -func (w *Writer) base64(in []byte) { - - if len(in) == 0 { - return - } - - w.Buffer.EnsureSpace(((len(in)-1)/3 + 1) * 4) - - si := 0 - n := (len(in) / 3) * 3 - - for si < n { - // Convert 3x 8bit source bytes into 4 bytes - val := uint(in[si+0])<<16 | uint(in[si+1])<<8 | uint(in[si+2]) - - w.Buffer.Buf = append(w.Buffer.Buf, encode[val>>18&0x3F], encode[val>>12&0x3F], encode[val>>6&0x3F], encode[val&0x3F]) - - si += 3 - } - - remain := len(in) - si - if remain == 0 { - return - } - - // Add the remaining small block - val := uint(in[si+0]) << 16 - if remain == 2 { - val |= uint(in[si+1]) << 8 - } - - w.Buffer.Buf = append(w.Buffer.Buf, encode[val>>18&0x3F], encode[val>>12&0x3F]) - - switch remain { - case 2: - w.Buffer.Buf = append(w.Buffer.Buf, encode[val>>6&0x3F], byte(padChar)) - case 1: - w.Buffer.Buf = append(w.Buffer.Buf, byte(padChar), byte(padChar)) - } -} diff --git a/vendor/github.com/openshift/api/.ci-operator.yaml b/vendor/github.com/openshift/api/.ci-operator.yaml index a3628cf240..1d88a59fdf 100644 --- a/vendor/github.com/openshift/api/.ci-operator.yaml +++ b/vendor/github.com/openshift/api/.ci-operator.yaml @@ -1,4 +1,4 @@ build_root_image: name: release namespace: openshift - tag: rhel-9-release-golang-1.25-openshift-4.22 + tag: rhel-9-release-golang-1.26-openshift-5.0 diff --git a/vendor/github.com/openshift/api/.golangci.yaml b/vendor/github.com/openshift/api/.golangci.yaml index 608fb0ed2e..53c9b4009e 100644 --- a/vendor/github.com/openshift/api/.golangci.yaml +++ b/vendor/github.com/openshift/api/.golangci.yaml @@ -111,6 +111,12 @@ linters: # Silence norefs lint for `Ref` field in ClusterAPI as it refers to an OCI image reference, not a kube object reference. path: operator/v1alpha1/types_clusterapi.go text: "noreferences: naming convention \"no-references\": field ClusterAPIInstallerComponentImage.Ref: field names should not contain reference-related words" + - linters: + - kubeapilinter + # PacemakerCluster intentionally marks Conditions as required with XValidation rules + # to enforce specific condition types are always present. + path: etcd/v1/types_pacemakercluster.go + text: "conditions: Conditions field in (PacemakerClusterStatus|PacemakerClusterNodeStatus|PacemakerClusterFencingAgentStatus|PacemakerClusterResourceStatus) is missing the following markers: optional" - linters: - kubeapilinter path: features|payload-command/*.go diff --git a/vendor/github.com/openshift/api/Dockerfile.ocp b/vendor/github.com/openshift/api/Dockerfile.ocp index e04ec9fbc1..98870518c2 100644 --- a/vendor/github.com/openshift/api/Dockerfile.ocp +++ b/vendor/github.com/openshift/api/Dockerfile.ocp @@ -1,10 +1,10 @@ -FROM registry.ci.openshift.org/ocp/builder:rhel-9-golang-1.25-openshift-4.22 AS builder +FROM registry.ci.openshift.org/ocp/builder:rhel-9-golang-1.26-openshift-5.0 AS builder WORKDIR /go/src/github.com/openshift/api COPY . . ENV GO_PACKAGE github.com/openshift/api RUN make build --warn-undefined-variables -FROM registry.ci.openshift.org/ocp/4.22:base-rhel9 +FROM registry.ci.openshift.org/ocp/5.0:base-rhel9 # copy the built binaries to /usr/bin COPY --from=builder /go/src/github.com/openshift/api/render /usr/bin/ diff --git a/vendor/github.com/openshift/api/Makefile b/vendor/github.com/openshift/api/Makefile index ac20137fad..8b85144eaf 100644 --- a/vendor/github.com/openshift/api/Makefile +++ b/vendor/github.com/openshift/api/Makefile @@ -179,6 +179,27 @@ generate-with-container: integration: make -C tests integration +# Run API review evals. Requires claude CLI. +# EVAL_RUNS=5 Number of runs per test case (default: 1) +# EVAL_THRESHOLD=0.8 Minimum pass rate (default: 0.8) +# EVAL_GOLDEN_MODEL=... Model for golden tests (default: sonnet) +# EVAL_INTEGRATION_MODEL=... Model for integration tests (default: opus) +# EVAL_JUDGE_MODEL=... Model for judging results (default: haiku) +# EVAL_GOLDEN_PROCS=4 Max parallel golden tests (default: 4) +# EVAL_INTEGRATION_PROCS=2 Max parallel integration tests (default: 2) +# EVAL_GINKGO_ARGS=... Extra ginkgo args +.PHONY: eval +eval: + $(MAKE) -C tests eval + +.PHONY: eval-golden +eval-golden: + $(MAKE) -C tests eval-golden + +.PHONY: eval-integration +eval-integration: + $(MAKE) -C tests eval-integration + tests-vendor: make -C tests vendor diff --git a/vendor/github.com/openshift/api/apiextensions/v1alpha1/doc.go b/vendor/github.com/openshift/api/apiextensions/v1alpha1/doc.go index e5d665fbbc..ff9b7416ac 100644 --- a/vendor/github.com/openshift/api/apiextensions/v1alpha1/doc.go +++ b/vendor/github.com/openshift/api/apiextensions/v1alpha1/doc.go @@ -1,6 +1,7 @@ // +k8s:deepcopy-gen=package,register // +k8s:defaulter-gen=TypeMeta // +k8s:openapi-gen=true +// +k8s:openapi-model-package=com.github.openshift.api.apiextensions.v1alpha1 // +openshift:featuregated-schema-gen=true // +groupName=apiextensions.openshift.io diff --git a/vendor/github.com/openshift/api/apiextensions/v1alpha1/zz_generated.model_name.go b/vendor/github.com/openshift/api/apiextensions/v1alpha1/zz_generated.model_name.go new file mode 100644 index 0000000000..1f0482e4f8 --- /dev/null +++ b/vendor/github.com/openshift/api/apiextensions/v1alpha1/zz_generated.model_name.go @@ -0,0 +1,61 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Code generated by codegen. DO NOT EDIT. + +package v1alpha1 + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in APIExcludedField) OpenAPIModelName() string { + return "com.github.openshift.api.apiextensions.v1alpha1.APIExcludedField" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in APIVersions) OpenAPIModelName() string { + return "com.github.openshift.api.apiextensions.v1alpha1.APIVersions" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in CRDData) OpenAPIModelName() string { + return "com.github.openshift.api.apiextensions.v1alpha1.CRDData" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in CompatibilityRequirement) OpenAPIModelName() string { + return "com.github.openshift.api.apiextensions.v1alpha1.CompatibilityRequirement" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in CompatibilityRequirementList) OpenAPIModelName() string { + return "com.github.openshift.api.apiextensions.v1alpha1.CompatibilityRequirementList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in CompatibilityRequirementSpec) OpenAPIModelName() string { + return "com.github.openshift.api.apiextensions.v1alpha1.CompatibilityRequirementSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in CompatibilityRequirementStatus) OpenAPIModelName() string { + return "com.github.openshift.api.apiextensions.v1alpha1.CompatibilityRequirementStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in CompatibilitySchema) OpenAPIModelName() string { + return "com.github.openshift.api.apiextensions.v1alpha1.CompatibilitySchema" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in CustomResourceDefinitionSchemaValidation) OpenAPIModelName() string { + return "com.github.openshift.api.apiextensions.v1alpha1.CustomResourceDefinitionSchemaValidation" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ObjectSchemaValidation) OpenAPIModelName() string { + return "com.github.openshift.api.apiextensions.v1alpha1.ObjectSchemaValidation" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ObservedCRD) OpenAPIModelName() string { + return "com.github.openshift.api.apiextensions.v1alpha1.ObservedCRD" +} diff --git a/vendor/github.com/openshift/api/apiserver/v1/doc.go b/vendor/github.com/openshift/api/apiserver/v1/doc.go index cc6a8aa617..598fd6e754 100644 --- a/vendor/github.com/openshift/api/apiserver/v1/doc.go +++ b/vendor/github.com/openshift/api/apiserver/v1/doc.go @@ -1,6 +1,7 @@ // +k8s:deepcopy-gen=package,register // +k8s:defaulter-gen=TypeMeta // +k8s:openapi-gen=true +// +k8s:openapi-model-package=com.github.openshift.api.apiserver.v1 // +kubebuilder:validation:Optional // +groupName=apiserver.openshift.io diff --git a/vendor/github.com/openshift/api/apiserver/v1/zz_generated.model_name.go b/vendor/github.com/openshift/api/apiserver/v1/zz_generated.model_name.go new file mode 100644 index 0000000000..69b62d04fb --- /dev/null +++ b/vendor/github.com/openshift/api/apiserver/v1/zz_generated.model_name.go @@ -0,0 +1,46 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Code generated by codegen. DO NOT EDIT. + +package v1 + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in APIRequestCount) OpenAPIModelName() string { + return "com.github.openshift.api.apiserver.v1.APIRequestCount" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in APIRequestCountList) OpenAPIModelName() string { + return "com.github.openshift.api.apiserver.v1.APIRequestCountList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in APIRequestCountSpec) OpenAPIModelName() string { + return "com.github.openshift.api.apiserver.v1.APIRequestCountSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in APIRequestCountStatus) OpenAPIModelName() string { + return "com.github.openshift.api.apiserver.v1.APIRequestCountStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PerNodeAPIRequestLog) OpenAPIModelName() string { + return "com.github.openshift.api.apiserver.v1.PerNodeAPIRequestLog" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PerResourceAPIRequestLog) OpenAPIModelName() string { + return "com.github.openshift.api.apiserver.v1.PerResourceAPIRequestLog" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PerUserAPIRequestCount) OpenAPIModelName() string { + return "com.github.openshift.api.apiserver.v1.PerUserAPIRequestCount" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PerVerbAPIRequestCount) OpenAPIModelName() string { + return "com.github.openshift.api.apiserver.v1.PerVerbAPIRequestCount" +} diff --git a/vendor/github.com/openshift/api/apps/v1/doc.go b/vendor/github.com/openshift/api/apps/v1/doc.go index f0fb3f59a2..9ba23002df 100644 --- a/vendor/github.com/openshift/api/apps/v1/doc.go +++ b/vendor/github.com/openshift/api/apps/v1/doc.go @@ -2,6 +2,7 @@ // +k8s:conversion-gen=github.com/openshift/origin/pkg/apps/apis/apps // +k8s:defaulter-gen=TypeMeta // +k8s:openapi-gen=true +// +k8s:openapi-model-package=com.github.openshift.api.apps.v1 // +k8s:prerelease-lifecycle-gen=true // +groupName=apps.openshift.io diff --git a/vendor/github.com/openshift/api/apps/v1/zz_generated.model_name.go b/vendor/github.com/openshift/api/apps/v1/zz_generated.model_name.go new file mode 100644 index 0000000000..3eea1fc875 --- /dev/null +++ b/vendor/github.com/openshift/api/apps/v1/zz_generated.model_name.go @@ -0,0 +1,116 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Code generated by codegen. DO NOT EDIT. + +package v1 + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in CustomDeploymentStrategyParams) OpenAPIModelName() string { + return "com.github.openshift.api.apps.v1.CustomDeploymentStrategyParams" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in DeploymentCause) OpenAPIModelName() string { + return "com.github.openshift.api.apps.v1.DeploymentCause" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in DeploymentCauseImageTrigger) OpenAPIModelName() string { + return "com.github.openshift.api.apps.v1.DeploymentCauseImageTrigger" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in DeploymentCondition) OpenAPIModelName() string { + return "com.github.openshift.api.apps.v1.DeploymentCondition" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in DeploymentConfig) OpenAPIModelName() string { + return "com.github.openshift.api.apps.v1.DeploymentConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in DeploymentConfigList) OpenAPIModelName() string { + return "com.github.openshift.api.apps.v1.DeploymentConfigList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in DeploymentConfigRollback) OpenAPIModelName() string { + return "com.github.openshift.api.apps.v1.DeploymentConfigRollback" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in DeploymentConfigRollbackSpec) OpenAPIModelName() string { + return "com.github.openshift.api.apps.v1.DeploymentConfigRollbackSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in DeploymentConfigSpec) OpenAPIModelName() string { + return "com.github.openshift.api.apps.v1.DeploymentConfigSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in DeploymentConfigStatus) OpenAPIModelName() string { + return "com.github.openshift.api.apps.v1.DeploymentConfigStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in DeploymentDetails) OpenAPIModelName() string { + return "com.github.openshift.api.apps.v1.DeploymentDetails" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in DeploymentLog) OpenAPIModelName() string { + return "com.github.openshift.api.apps.v1.DeploymentLog" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in DeploymentLogOptions) OpenAPIModelName() string { + return "com.github.openshift.api.apps.v1.DeploymentLogOptions" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in DeploymentRequest) OpenAPIModelName() string { + return "com.github.openshift.api.apps.v1.DeploymentRequest" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in DeploymentStrategy) OpenAPIModelName() string { + return "com.github.openshift.api.apps.v1.DeploymentStrategy" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in DeploymentTriggerImageChangeParams) OpenAPIModelName() string { + return "com.github.openshift.api.apps.v1.DeploymentTriggerImageChangeParams" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in DeploymentTriggerPolicy) OpenAPIModelName() string { + return "com.github.openshift.api.apps.v1.DeploymentTriggerPolicy" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ExecNewPodHook) OpenAPIModelName() string { + return "com.github.openshift.api.apps.v1.ExecNewPodHook" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in LifecycleHook) OpenAPIModelName() string { + return "com.github.openshift.api.apps.v1.LifecycleHook" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in RecreateDeploymentStrategyParams) OpenAPIModelName() string { + return "com.github.openshift.api.apps.v1.RecreateDeploymentStrategyParams" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in RollingDeploymentStrategyParams) OpenAPIModelName() string { + return "com.github.openshift.api.apps.v1.RollingDeploymentStrategyParams" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in TagImageHook) OpenAPIModelName() string { + return "com.github.openshift.api.apps.v1.TagImageHook" +} diff --git a/vendor/github.com/openshift/api/authorization/v1/doc.go b/vendor/github.com/openshift/api/authorization/v1/doc.go index a66741dce6..8b4e927d63 100644 --- a/vendor/github.com/openshift/api/authorization/v1/doc.go +++ b/vendor/github.com/openshift/api/authorization/v1/doc.go @@ -2,6 +2,7 @@ // +k8s:conversion-gen=github.com/openshift/origin/pkg/authorization/apis/authorization // +k8s:defaulter-gen=TypeMeta // +k8s:openapi-gen=true +// +k8s:openapi-model-package=com.github.openshift.api.authorization.v1 // +kubebuilder:validation:Optional // +groupName=authorization.openshift.io diff --git a/vendor/github.com/openshift/api/authorization/v1/zz_generated.model_name.go b/vendor/github.com/openshift/api/authorization/v1/zz_generated.model_name.go new file mode 100644 index 0000000000..47987773bf --- /dev/null +++ b/vendor/github.com/openshift/api/authorization/v1/zz_generated.model_name.go @@ -0,0 +1,171 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Code generated by codegen. DO NOT EDIT. + +package v1 + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in Action) OpenAPIModelName() string { + return "com.github.openshift.api.authorization.v1.Action" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ClusterRole) OpenAPIModelName() string { + return "com.github.openshift.api.authorization.v1.ClusterRole" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ClusterRoleBinding) OpenAPIModelName() string { + return "com.github.openshift.api.authorization.v1.ClusterRoleBinding" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ClusterRoleBindingList) OpenAPIModelName() string { + return "com.github.openshift.api.authorization.v1.ClusterRoleBindingList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ClusterRoleList) OpenAPIModelName() string { + return "com.github.openshift.api.authorization.v1.ClusterRoleList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in GroupRestriction) OpenAPIModelName() string { + return "com.github.openshift.api.authorization.v1.GroupRestriction" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in IsPersonalSubjectAccessReview) OpenAPIModelName() string { + return "com.github.openshift.api.authorization.v1.IsPersonalSubjectAccessReview" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in LocalResourceAccessReview) OpenAPIModelName() string { + return "com.github.openshift.api.authorization.v1.LocalResourceAccessReview" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in LocalSubjectAccessReview) OpenAPIModelName() string { + return "com.github.openshift.api.authorization.v1.LocalSubjectAccessReview" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NamedClusterRole) OpenAPIModelName() string { + return "com.github.openshift.api.authorization.v1.NamedClusterRole" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NamedClusterRoleBinding) OpenAPIModelName() string { + return "com.github.openshift.api.authorization.v1.NamedClusterRoleBinding" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NamedRole) OpenAPIModelName() string { + return "com.github.openshift.api.authorization.v1.NamedRole" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NamedRoleBinding) OpenAPIModelName() string { + return "com.github.openshift.api.authorization.v1.NamedRoleBinding" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PolicyRule) OpenAPIModelName() string { + return "com.github.openshift.api.authorization.v1.PolicyRule" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ResourceAccessReview) OpenAPIModelName() string { + return "com.github.openshift.api.authorization.v1.ResourceAccessReview" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ResourceAccessReviewResponse) OpenAPIModelName() string { + return "com.github.openshift.api.authorization.v1.ResourceAccessReviewResponse" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in Role) OpenAPIModelName() string { + return "com.github.openshift.api.authorization.v1.Role" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in RoleBinding) OpenAPIModelName() string { + return "com.github.openshift.api.authorization.v1.RoleBinding" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in RoleBindingList) OpenAPIModelName() string { + return "com.github.openshift.api.authorization.v1.RoleBindingList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in RoleBindingRestriction) OpenAPIModelName() string { + return "com.github.openshift.api.authorization.v1.RoleBindingRestriction" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in RoleBindingRestrictionList) OpenAPIModelName() string { + return "com.github.openshift.api.authorization.v1.RoleBindingRestrictionList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in RoleBindingRestrictionSpec) OpenAPIModelName() string { + return "com.github.openshift.api.authorization.v1.RoleBindingRestrictionSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in RoleList) OpenAPIModelName() string { + return "com.github.openshift.api.authorization.v1.RoleList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in SelfSubjectRulesReview) OpenAPIModelName() string { + return "com.github.openshift.api.authorization.v1.SelfSubjectRulesReview" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in SelfSubjectRulesReviewSpec) OpenAPIModelName() string { + return "com.github.openshift.api.authorization.v1.SelfSubjectRulesReviewSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ServiceAccountReference) OpenAPIModelName() string { + return "com.github.openshift.api.authorization.v1.ServiceAccountReference" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ServiceAccountRestriction) OpenAPIModelName() string { + return "com.github.openshift.api.authorization.v1.ServiceAccountRestriction" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in SubjectAccessReview) OpenAPIModelName() string { + return "com.github.openshift.api.authorization.v1.SubjectAccessReview" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in SubjectAccessReviewResponse) OpenAPIModelName() string { + return "com.github.openshift.api.authorization.v1.SubjectAccessReviewResponse" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in SubjectRulesReview) OpenAPIModelName() string { + return "com.github.openshift.api.authorization.v1.SubjectRulesReview" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in SubjectRulesReviewSpec) OpenAPIModelName() string { + return "com.github.openshift.api.authorization.v1.SubjectRulesReviewSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in SubjectRulesReviewStatus) OpenAPIModelName() string { + return "com.github.openshift.api.authorization.v1.SubjectRulesReviewStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in UserRestriction) OpenAPIModelName() string { + return "com.github.openshift.api.authorization.v1.UserRestriction" +} diff --git a/vendor/github.com/openshift/api/build/v1/doc.go b/vendor/github.com/openshift/api/build/v1/doc.go index 9bc16f64b2..6fe1839e9a 100644 --- a/vendor/github.com/openshift/api/build/v1/doc.go +++ b/vendor/github.com/openshift/api/build/v1/doc.go @@ -2,6 +2,7 @@ // +k8s:conversion-gen=github.com/openshift/origin/pkg/build/apis/build // +k8s:defaulter-gen=TypeMeta // +k8s:openapi-gen=true +// +k8s:openapi-model-package=com.github.openshift.api.build.v1 // +groupName=build.openshift.io // Package v1 is the v1 version of the API. diff --git a/vendor/github.com/openshift/api/build/v1/zz_generated.model_name.go b/vendor/github.com/openshift/api/build/v1/zz_generated.model_name.go new file mode 100644 index 0000000000..dd144e3aff --- /dev/null +++ b/vendor/github.com/openshift/api/build/v1/zz_generated.model_name.go @@ -0,0 +1,301 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Code generated by codegen. DO NOT EDIT. + +package v1 + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in BinaryBuildRequestOptions) OpenAPIModelName() string { + return "com.github.openshift.api.build.v1.BinaryBuildRequestOptions" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in BinaryBuildSource) OpenAPIModelName() string { + return "com.github.openshift.api.build.v1.BinaryBuildSource" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in BitbucketWebHookCause) OpenAPIModelName() string { + return "com.github.openshift.api.build.v1.BitbucketWebHookCause" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in Build) OpenAPIModelName() string { + return "com.github.openshift.api.build.v1.Build" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in BuildCondition) OpenAPIModelName() string { + return "com.github.openshift.api.build.v1.BuildCondition" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in BuildConfig) OpenAPIModelName() string { + return "com.github.openshift.api.build.v1.BuildConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in BuildConfigList) OpenAPIModelName() string { + return "com.github.openshift.api.build.v1.BuildConfigList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in BuildConfigSpec) OpenAPIModelName() string { + return "com.github.openshift.api.build.v1.BuildConfigSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in BuildConfigStatus) OpenAPIModelName() string { + return "com.github.openshift.api.build.v1.BuildConfigStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in BuildList) OpenAPIModelName() string { + return "com.github.openshift.api.build.v1.BuildList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in BuildLog) OpenAPIModelName() string { + return "com.github.openshift.api.build.v1.BuildLog" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in BuildLogOptions) OpenAPIModelName() string { + return "com.github.openshift.api.build.v1.BuildLogOptions" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in BuildOutput) OpenAPIModelName() string { + return "com.github.openshift.api.build.v1.BuildOutput" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in BuildPostCommitSpec) OpenAPIModelName() string { + return "com.github.openshift.api.build.v1.BuildPostCommitSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in BuildRequest) OpenAPIModelName() string { + return "com.github.openshift.api.build.v1.BuildRequest" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in BuildSource) OpenAPIModelName() string { + return "com.github.openshift.api.build.v1.BuildSource" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in BuildSpec) OpenAPIModelName() string { + return "com.github.openshift.api.build.v1.BuildSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in BuildStatus) OpenAPIModelName() string { + return "com.github.openshift.api.build.v1.BuildStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in BuildStatusOutput) OpenAPIModelName() string { + return "com.github.openshift.api.build.v1.BuildStatusOutput" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in BuildStatusOutputTo) OpenAPIModelName() string { + return "com.github.openshift.api.build.v1.BuildStatusOutputTo" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in BuildStrategy) OpenAPIModelName() string { + return "com.github.openshift.api.build.v1.BuildStrategy" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in BuildTriggerCause) OpenAPIModelName() string { + return "com.github.openshift.api.build.v1.BuildTriggerCause" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in BuildTriggerPolicy) OpenAPIModelName() string { + return "com.github.openshift.api.build.v1.BuildTriggerPolicy" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in BuildVolume) OpenAPIModelName() string { + return "com.github.openshift.api.build.v1.BuildVolume" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in BuildVolumeMount) OpenAPIModelName() string { + return "com.github.openshift.api.build.v1.BuildVolumeMount" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in BuildVolumeSource) OpenAPIModelName() string { + return "com.github.openshift.api.build.v1.BuildVolumeSource" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in CommonSpec) OpenAPIModelName() string { + return "com.github.openshift.api.build.v1.CommonSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in CommonWebHookCause) OpenAPIModelName() string { + return "com.github.openshift.api.build.v1.CommonWebHookCause" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ConfigMapBuildSource) OpenAPIModelName() string { + return "com.github.openshift.api.build.v1.ConfigMapBuildSource" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in CustomBuildStrategy) OpenAPIModelName() string { + return "com.github.openshift.api.build.v1.CustomBuildStrategy" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in DockerBuildStrategy) OpenAPIModelName() string { + return "com.github.openshift.api.build.v1.DockerBuildStrategy" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in DockerStrategyOptions) OpenAPIModelName() string { + return "com.github.openshift.api.build.v1.DockerStrategyOptions" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in GenericWebHookCause) OpenAPIModelName() string { + return "com.github.openshift.api.build.v1.GenericWebHookCause" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in GenericWebHookEvent) OpenAPIModelName() string { + return "com.github.openshift.api.build.v1.GenericWebHookEvent" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in GitBuildSource) OpenAPIModelName() string { + return "com.github.openshift.api.build.v1.GitBuildSource" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in GitHubWebHookCause) OpenAPIModelName() string { + return "com.github.openshift.api.build.v1.GitHubWebHookCause" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in GitInfo) OpenAPIModelName() string { + return "com.github.openshift.api.build.v1.GitInfo" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in GitLabWebHookCause) OpenAPIModelName() string { + return "com.github.openshift.api.build.v1.GitLabWebHookCause" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in GitRefInfo) OpenAPIModelName() string { + return "com.github.openshift.api.build.v1.GitRefInfo" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in GitSourceRevision) OpenAPIModelName() string { + return "com.github.openshift.api.build.v1.GitSourceRevision" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageChangeCause) OpenAPIModelName() string { + return "com.github.openshift.api.build.v1.ImageChangeCause" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageChangeTrigger) OpenAPIModelName() string { + return "com.github.openshift.api.build.v1.ImageChangeTrigger" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageChangeTriggerStatus) OpenAPIModelName() string { + return "com.github.openshift.api.build.v1.ImageChangeTriggerStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageLabel) OpenAPIModelName() string { + return "com.github.openshift.api.build.v1.ImageLabel" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageSource) OpenAPIModelName() string { + return "com.github.openshift.api.build.v1.ImageSource" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageSourcePath) OpenAPIModelName() string { + return "com.github.openshift.api.build.v1.ImageSourcePath" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageStreamTagReference) OpenAPIModelName() string { + return "com.github.openshift.api.build.v1.ImageStreamTagReference" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in JenkinsPipelineBuildStrategy) OpenAPIModelName() string { + return "com.github.openshift.api.build.v1.JenkinsPipelineBuildStrategy" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ProxyConfig) OpenAPIModelName() string { + return "com.github.openshift.api.build.v1.ProxyConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in SecretBuildSource) OpenAPIModelName() string { + return "com.github.openshift.api.build.v1.SecretBuildSource" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in SecretLocalReference) OpenAPIModelName() string { + return "com.github.openshift.api.build.v1.SecretLocalReference" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in SecretSpec) OpenAPIModelName() string { + return "com.github.openshift.api.build.v1.SecretSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in SourceBuildStrategy) OpenAPIModelName() string { + return "com.github.openshift.api.build.v1.SourceBuildStrategy" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in SourceControlUser) OpenAPIModelName() string { + return "com.github.openshift.api.build.v1.SourceControlUser" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in SourceRevision) OpenAPIModelName() string { + return "com.github.openshift.api.build.v1.SourceRevision" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in SourceStrategyOptions) OpenAPIModelName() string { + return "com.github.openshift.api.build.v1.SourceStrategyOptions" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in StageInfo) OpenAPIModelName() string { + return "com.github.openshift.api.build.v1.StageInfo" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in StepInfo) OpenAPIModelName() string { + return "com.github.openshift.api.build.v1.StepInfo" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in WebHookTrigger) OpenAPIModelName() string { + return "com.github.openshift.api.build.v1.WebHookTrigger" +} diff --git a/vendor/github.com/openshift/api/cloudnetwork/v1/doc.go b/vendor/github.com/openshift/api/cloudnetwork/v1/doc.go index 1d495ee24c..006a1705b6 100644 --- a/vendor/github.com/openshift/api/cloudnetwork/v1/doc.go +++ b/vendor/github.com/openshift/api/cloudnetwork/v1/doc.go @@ -1,5 +1,6 @@ // Package v1 contains API Schema definitions for the cloud network v1 API group // +k8s:deepcopy-gen=package,register +// +k8s:openapi-model-package=com.github.openshift.api.cloudnetwork.v1 // +groupName=cloud.network.openshift.io // +kubebuilder:validation:Optional package v1 diff --git a/vendor/github.com/openshift/api/cloudnetwork/v1/zz_generated.model_name.go b/vendor/github.com/openshift/api/cloudnetwork/v1/zz_generated.model_name.go new file mode 100644 index 0000000000..5409883975 --- /dev/null +++ b/vendor/github.com/openshift/api/cloudnetwork/v1/zz_generated.model_name.go @@ -0,0 +1,26 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Code generated by codegen. DO NOT EDIT. + +package v1 + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in CloudPrivateIPConfig) OpenAPIModelName() string { + return "com.github.openshift.api.cloudnetwork.v1.CloudPrivateIPConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in CloudPrivateIPConfigList) OpenAPIModelName() string { + return "com.github.openshift.api.cloudnetwork.v1.CloudPrivateIPConfigList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in CloudPrivateIPConfigSpec) OpenAPIModelName() string { + return "com.github.openshift.api.cloudnetwork.v1.CloudPrivateIPConfigSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in CloudPrivateIPConfigStatus) OpenAPIModelName() string { + return "com.github.openshift.api.cloudnetwork.v1.CloudPrivateIPConfigStatus" +} diff --git a/vendor/github.com/openshift/api/config/v1/doc.go b/vendor/github.com/openshift/api/config/v1/doc.go index f994547583..867a4f43f9 100644 --- a/vendor/github.com/openshift/api/config/v1/doc.go +++ b/vendor/github.com/openshift/api/config/v1/doc.go @@ -1,6 +1,7 @@ // +k8s:deepcopy-gen=package,register // +k8s:defaulter-gen=TypeMeta // +k8s:openapi-gen=true +// +k8s:openapi-model-package=com.github.openshift.api.config.v1 // +openshift:featuregated-schema-gen=true // +kubebuilder:validation:Optional diff --git a/vendor/github.com/openshift/api/config/v1/register.go b/vendor/github.com/openshift/api/config/v1/register.go index 222c7f0cc7..1f27d821ab 100644 --- a/vendor/github.com/openshift/api/config/v1/register.go +++ b/vendor/github.com/openshift/api/config/v1/register.go @@ -78,6 +78,8 @@ func addKnownTypes(scheme *runtime.Scheme) error { &ClusterImagePolicyList{}, &InsightsDataGather{}, &InsightsDataGatherList{}, + &CRIOCredentialProviderConfig{}, + &CRIOCredentialProviderConfigList{}, ) metav1.AddToGroupVersion(scheme, GroupVersion) return nil diff --git a/vendor/github.com/openshift/api/config/v1/types.go b/vendor/github.com/openshift/api/config/v1/types.go index 3e17ca0ccb..e7106ef7ab 100644 --- a/vendor/github.com/openshift/api/config/v1/types.go +++ b/vendor/github.com/openshift/api/config/v1/types.go @@ -284,7 +284,12 @@ type ClientConnectionOverrides struct { } // GenericControllerConfig provides information to configure a controller +// +// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). +// +openshift:compatibility-gen:level=1 type GenericControllerConfig struct { + metav1.TypeMeta `json:",inline"` + // servingInfo is the HTTP serving information for the controller's endpoints ServingInfo HTTPServingInfo `json:"servingInfo"` diff --git a/vendor/github.com/openshift/api/config/v1/types_apiserver.go b/vendor/github.com/openshift/api/config/v1/types_apiserver.go index 31d8881858..7de714ebfb 100644 --- a/vendor/github.com/openshift/api/config/v1/types_apiserver.go +++ b/vendor/github.com/openshift/api/config/v1/types_apiserver.go @@ -34,6 +34,7 @@ type APIServer struct { Status APIServerStatus `json:"status"` } +// +openshift:validation:FeatureGateAwareXValidation:featureGate=TLSAdherence,rule="has(oldSelf.tlsAdherence) ? has(self.tlsAdherence) : true",message="tlsAdherence may not be removed once set" type APIServerSpec struct { // servingCert is the TLS cert info for serving secure traffic. If not specified, operator managed certificates // will be used for serving secure traffic. @@ -62,6 +63,39 @@ type APIServerSpec struct { // The current default is the Intermediate profile. // +optional TLSSecurityProfile *TLSSecurityProfile `json:"tlsSecurityProfile,omitempty"` + // tlsAdherence controls if components in the cluster adhere to the TLS security profile + // configured on this APIServer resource. + // + // Valid values are "LegacyAdheringComponentsOnly" and "StrictAllComponents". + // + // When set to "LegacyAdheringComponentsOnly", components that already honor the + // cluster-wide TLS profile continue to do so. Components that do not already honor + // it continue to use their individual TLS configurations. + // + // When set to "StrictAllComponents", all components must honor the configured TLS + // profile unless they have a component-specific TLS configuration that overrides + // it. This mode is recommended for security-conscious deployments and is required + // for certain compliance frameworks. + // + // Note: Some components such as Kubelet and IngressController have their own + // dedicated TLS configuration mechanisms via KubeletConfig and IngressController + // CRs respectively. When these component-specific TLS configurations are set, + // they take precedence over the cluster-wide tlsSecurityProfile. When not set, + // these components fall back to the cluster-wide default. + // + // Components that encounter an unknown value for tlsAdherence should treat it + // as "StrictAllComponents" and log a warning to ensure forward compatibility + // while defaulting to the more secure behavior. + // + // This field is optional. + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // The current default is LegacyAdheringComponentsOnly. + // + // Once set, this field may be changed to a different value, but may not be removed. + // +openshift:enable:FeatureGate=TLSAdherence + // +optional + TLSAdherence TLSAdherencePolicy `json:"tlsAdherence,omitempty"` // audit specifies the settings for audit configuration to be applied to all OpenShift-provided // API servers in the cluster. // +optional @@ -175,7 +209,7 @@ type APIServerNamedServingCert struct { } // APIServerEncryption is used to encrypt sensitive resources on the cluster. -// +openshift:validation:FeatureGateAwareXValidation:featureGate=KMSEncryptionProvider,rule="has(self.type) && self.type == 'KMS' ? has(self.kms) : !has(self.kms)",message="kms config is required when encryption type is KMS, and forbidden otherwise" +// +openshift:validation:FeatureGateAwareXValidation:featureGate=KMSEncryption,rule="has(self.type) && self.type == 'KMS' ? has(self.kms) : !has(self.kms)",message="kms config is required when encryption type is KMS, and forbidden otherwise" // +union type APIServerEncryption struct { // type defines what encryption type should be used to encrypt resources at the datastore layer. @@ -204,14 +238,13 @@ type APIServerEncryption struct { // managing the lifecyle of the encryption keys outside of the control plane. // This allows integration with an external provider to manage the data encryption keys securely. // - // +openshift:enable:FeatureGate=KMSEncryptionProvider + // +openshift:enable:FeatureGate=KMSEncryption // +unionMember // +optional - KMS *KMSConfig `json:"kms,omitempty"` + KMS KMSPluginConfig `json:"kms,omitempty,omitzero"` } // +openshift:validation:FeatureGateAwareEnum:featureGate="",enum="";identity;aescbc;aesgcm -// +openshift:validation:FeatureGateAwareEnum:featureGate=KMSEncryptionProvider,enum="";identity;aescbc;aesgcm;KMS // +openshift:validation:FeatureGateAwareEnum:featureGate=KMSEncryption,enum="";identity;aescbc;aesgcm;KMS type EncryptionType string @@ -237,6 +270,35 @@ const ( type APIServerStatus struct { } +// TLSAdherencePolicy defines which components adhere to the TLS security profile. +// Implementors should use the ShouldHonorClusterTLSProfile helper function from library-go +// rather than checking these values directly. +// +kubebuilder:validation:Enum=LegacyAdheringComponentsOnly;StrictAllComponents +type TLSAdherencePolicy string + +const ( + // TLSAdherencePolicyNoOpinion represents an empty/unset value for tlsAdherence. + // This value cannot be explicitly set and is only present when the field is omitted. + // When the field is omitted, the cluster defaults to LegacyAdheringComponentsOnly + // behavior. Components should treat this the same as LegacyAdheringComponentsOnly. + TLSAdherencePolicyNoOpinion TLSAdherencePolicy = "" + + // TLSAdherencePolicyLegacyAdheringComponentsOnly maintains backward-compatible behavior. + // Components that already honor the cluster-wide TLS profile (such as kube-apiserver, + // openshift-apiserver, oauth-apiserver, and others) continue to do so. Components that do + // not already honor it continue to use their individual TLS configurations (e.g., + // IngressController.spec.tlsSecurityProfile, KubeletConfig.spec.tlsSecurityProfile, + // or component defaults). No additional components are required to start honoring the + // cluster-wide profile in this mode. + TLSAdherencePolicyLegacyAdheringComponentsOnly TLSAdherencePolicy = "LegacyAdheringComponentsOnly" + + // TLSAdherencePolicyStrictAllComponents means all components must honor the configured TLS + // profile unless they have a component-specific TLS configuration that overrides it. + // This mode is recommended for security-conscious deployments and is required + // for certain compliance frameworks. + TLSAdherencePolicyStrictAllComponents TLSAdherencePolicy = "StrictAllComponents" +) + // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object // Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). diff --git a/vendor/github.com/openshift/api/config/v1/types_authentication.go b/vendor/github.com/openshift/api/config/v1/types_authentication.go index 64d0f399b0..348ee04010 100644 --- a/vendor/github.com/openshift/api/config/v1/types_authentication.go +++ b/vendor/github.com/openshift/api/config/v1/types_authentication.go @@ -5,7 +5,7 @@ import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" // +genclient // +genclient:nonNamespaced // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -// +openshift:validation:FeatureGateAwareXValidation:featureGate=ExternalOIDC;ExternalOIDCWithUIDAndExtraClaimMappings;ExternalOIDCWithUpstreamParity,rule="!has(self.spec.oidcProviders) || self.spec.oidcProviders.all(p, !has(p.oidcClients) || p.oidcClients.all(specC, self.status.oidcClients.exists(statusC, statusC.componentNamespace == specC.componentNamespace && statusC.componentName == specC.componentName) || (has(oldSelf.spec.oidcProviders) && oldSelf.spec.oidcProviders.exists(oldP, oldP.name == p.name && has(oldP.oidcClients) && oldP.oidcClients.exists(oldC, oldC.componentNamespace == specC.componentNamespace && oldC.componentName == specC.componentName)))))",message="all oidcClients in the oidcProviders must match their componentName and componentNamespace to either a previously configured oidcClient or they must exist in the status.oidcClients" +// +openshift:validation:FeatureGateAwareXValidation:featureGate=ExternalOIDC;ExternalOIDCWithUIDAndExtraClaimMappings;ExternalOIDCWithUpstreamParity;ExternalOIDCExternalClaimsSourcing,rule="!has(self.spec.oidcProviders) || self.spec.oidcProviders.all(p, !has(p.oidcClients) || p.oidcClients.all(specC, self.status.oidcClients.exists(statusC, statusC.componentNamespace == specC.componentNamespace && statusC.componentName == specC.componentName) || (has(oldSelf.spec.oidcProviders) && oldSelf.spec.oidcProviders.exists(oldP, oldP.name == p.name && has(oldP.oidcClients) && oldP.oidcClients.exists(oldC, oldC.componentNamespace == specC.componentNamespace && oldC.componentName == specC.componentName)))))",message="all oidcClients in the oidcProviders must match their componentName and componentNamespace to either a previously configured oidcClient or they must exist in the status.oidcClients" // Authentication specifies cluster-wide settings for authentication (like OAuth and // webhook token authenticators). The canonical name of an instance is `cluster`. @@ -91,6 +91,7 @@ type AuthenticationSpec struct { // +openshift:enable:FeatureGate=ExternalOIDC // +openshift:enable:FeatureGate=ExternalOIDCWithUIDAndExtraClaimMappings // +openshift:enable:FeatureGate=ExternalOIDCWithUpstreamParity + // +openshift:enable:FeatureGate=ExternalOIDCExternalClaimsSourcing // +optional OIDCProviders []OIDCProvider `json:"oidcProviders,omitempty"` } @@ -245,6 +246,36 @@ type OIDCProvider struct { // +optional // +openshift:enable:FeatureGate=ExternalOIDCWithUpstreamParity UserValidationRules []TokenUserValidationRule `json:"userValidationRules,omitempty"` + + // externalClaimsSources is an optional field that can be used to configure + // sources, external to the token provided in a request, in which claims + // should be fetched from and made available to the claim mapping process + // that is used to build the identity of a token holder. + // + // For example, fetching additional user metadata from an OIDC provider's UserInfo endpoint. + // + // When not specified, only claims present in the token itself will be available + // in the claim mapping process. + // + // When specified, at least one external claim source must be specified and no more than 5 + // sources may be specified. + // All external claim sources must have unique claim mappings. + // When an external source responds and resolves additional claims successfully, they will + // be made available as claims during the claim mapping process. + // Externally sourced claims with the same name as a claim existing within the token will + // overwrite the claim data from the token with the externally sourced information. + // If an external source does not respond, responds with an error, or the additional + // claim data cannot be resolved from the response successfully it will not be + // included in the claim data passed to the claim mapping process. + // + // +openshift:enable:FeatureGate=ExternalOIDCExternalClaimsSourcing + // + // +optional + // +kubebuilder:validation:MinItems=1 + // +kubebuilder:validation:MaxItems=5 + // +kubebuilder:validation:XValidation:rule="self.all(s, s.mappings.all(m, self.filter(s2, s2.mappings.exists(m2, m2.name == m.name)).size() == 1))",message="mapping names must be unique across all external claim sources." + // +listType=atomic + ExternalClaimsSources []ExternalClaimsSource `json:"externalClaimsSources,omitempty"` } // +kubebuilder:validation:MinLength=1 @@ -618,6 +649,7 @@ type OIDCClientReference struct { // +openshift:validation:FeatureGateAwareXValidation:featureGate=ExternalOIDC,rule="has(self.claim)",message="claim is required" // +openshift:validation:FeatureGateAwareXValidation:featureGate=ExternalOIDCWithUIDAndExtraClaimMappings,rule="has(self.claim)",message="claim is required" // +openshift:validation:FeatureGateAwareXValidation:featureGate=ExternalOIDCWithUpstreamParity,rule="has(self.claim) ? !has(self.expression) : has(self.expression)",message="precisely one of claim or expression must be set" +// +openshift:validation:FeatureGateAwareXValidation:featureGate=ExternalOIDCWithUpstreamParity,rule="has(self.expression) && size(self.expression) > 0 ? !has(self.prefixPolicy) || self.prefixPolicy != 'Prefix' : true",message="prefixPolicy must not be set to 'Prefix' when expression is set" type UsernameClaimMapping struct { // claim is an optional field that configures the JWT token claim whose value is assigned to the cluster identity field associated with this mapping. // claim is required when the ExternalOIDCWithUpstreamParity feature gate is not enabled. @@ -650,11 +682,9 @@ type UsernameClaimMapping struct { // Allowed values are 'Prefix', 'NoPrefix', and omitted (not provided or an empty string). // // When set to 'Prefix', the value specified in the prefix field will be prepended to the value of the JWT claim. - // // The prefix field must be set when prefixPolicy is 'Prefix'. - // + // Must not be set to 'Prefix' when expression is set. // When set to 'NoPrefix', no prefix will be prepended to the value of the JWT claim. - // // When omitted, this means no opinion and the platform is left to choose any prefixes that are applied which is subject to change over time. // Currently, the platform prepends `{issuerURL}#` to the value of the JWT claim when the claim is not 'email'. // @@ -684,7 +714,7 @@ type UsernameClaimMapping struct { // +enum type UsernamePrefixPolicy string -var ( +const ( // NoOpinion let's the cluster assign prefixes. If the username claim is email, there is no prefix // If the username claim is anything else, it is prefixed by the issuerURL NoOpinion UsernamePrefixPolicy = "" @@ -710,12 +740,14 @@ type UsernamePrefix struct { // PrefixedClaimMapping configures a claim mapping // that allows for an optional prefix. +// +openshift:validation:FeatureGateAwareXValidation:featureGate=ExternalOIDCWithUpstreamParity,rule="has(self.expression) && size(self.expression) > 0 ? (!has(self.prefix) || size(self.prefix) == 0) : true",message="prefix must not be set to a non-empty value when expression is set" type PrefixedClaimMapping struct { TokenClaimMapping `json:",inline"` // prefix is an optional field that configures the prefix that will be applied to the cluster identity attribute during the process of mapping JWT claims to cluster identity attributes. // - // When omitted (""), no prefix is applied to the cluster identity attribute. + // When omitted or set to an empty string (""), no prefix is applied to the cluster identity attribute. + // Must not be set to a non-empty value when expression is set. // // Example: if `prefix` is set to "myoidc:" and the `claim` in JWT contains an array of strings "a", "b" and "c", the mapping will result in an array of string "myoidc:a", "myoidc:b" and "myoidc:c". // @@ -734,10 +766,10 @@ type TokenValidationRuleType string const ( // TokenValidationRuleTypeRequiredClaim indicates that the token must contain a specific claim. // Used as a value for TokenValidationRuleType. - TokenValidationRuleTypeRequiredClaim = "RequiredClaim" + TokenValidationRuleTypeRequiredClaim TokenValidationRuleType = "RequiredClaim" // TokenValidationRuleTypeCEL indicates that the token validation is defined via a CEL expression. // Used as a value for TokenValidationRuleType. - TokenValidationRuleTypeCEL = "CEL" + TokenValidationRuleTypeCEL TokenValidationRuleType = "CEL" ) // TokenClaimValidationRule represents a validation rule based on token claims. @@ -830,3 +862,355 @@ type TokenUserValidationRule struct { // +kubebuilder:validation:MaxLength=256 Message string `json:"message,omitempty"` } + +// ExternalClaimsSource provides the configuration for a single external claim source. +type ExternalClaimsSource struct { + // authentication is an optional field that configures how the apiserver authenticates with an external claims source. + // When not specified, anonymous authentication is used which means no 'Authorization' header + // is sent in the HTTP request to fetch the external claims. + // + // +optional + Authentication ExternalSourceAuthentication `json:"authentication,omitzero"` + + // tls is an optional field that configures the http client TLS + // settings when fetching external claims from this source. + // + // When omitted, system default TLS settings will be used + // for fetching claims from the external source. + // + // +optional + TLS ExternalSourceTLS `json:"tls,omitzero"` + + // url is a required configuration of the URL + // for which the external claims are located. + // + // +required + URL SourceURL `json:"url,omitzero"` + + // mappings is a required list of the claim + // and response handling expression pairs + // that produces the claims from the external source. + // mappings must have at least 1 entry and must not exceed 16 entries. + // Entries must have a unique name across all external claim sources. + // + // +required + // +listType=map + // +listMapKey=name + // +kubebuilder:validation:MinItems=1 + // +kubebuilder:validation:MaxItems=16 + Mappings []SourcedClaimMapping `json:"mappings,omitempty"` + + // predicates is an optional list of constraints in + // which claims should attempt to be fetched from this + // external source. + // + // When omitted, claims are always fetched + // from this external source. + // + // When specified, all predicates must evaluate to 'true' + // before claims are attempted to be fetched from this external source. + // predicates must have at least 1 entry and must not exceed 16 entries. + // Entries must have unique expressions. + // + // +optional + // +listType=map + // +listMapKey=expression + // +kubebuilder:validation:MinItems=1 + // +kubebuilder:validation:MaxItems=16 + Predicates []ExternalSourcePredicate `json:"predicates,omitempty"` +} + +// ExternalSourceAuthenticationType is the type of authentication that should be used +// when fetching claims from an external source. +// +// +enum +// +kubebuilder:validation:Enum=RequestProvidedToken;ClientCredential +type ExternalSourceAuthenticationType string + +const ( + // ExternalSourceAuthenticationTypeRequestProvidedToken is an ExternalSourceAuthenticationType + // that represents that the token being evaluated for authentication + // should be used for authenticating with the external claims source. + // This is useful for scenarios where a token has multiple audiences + // and scopes so that it can be used to access both the cluster and + // the UserInfo endpoint that contains additional information about the + // user not present in the token. + ExternalSourceAuthenticationTypeRequestProvidedToken ExternalSourceAuthenticationType = "RequestProvidedToken" + + // ExternalSourceAuthenticationTypeClientCredential is an ExternalSourceAuthenticationType + // that represents that the authenticator should use the OAuth2 + // client credentials grant flow to obtain an access token for + // authenticating with the external claims source. + // This is useful for scenarios such as fetching user information + // from Microsoft's Graph API where a separate client credential + // is needed to access the API. + ExternalSourceAuthenticationTypeClientCredential ExternalSourceAuthenticationType = "ClientCredential" +) + +// ExternalSourceAuthentication configures how the apiserver should attempt +// to authenticate with an external claims source. +// +// +kubebuilder:validation:XValidation:rule="self.type == 'ClientCredential' ? has(self.clientCredential) : !has(self.clientCredential)",message="clientCredential is required when type is ClientCredential, and forbidden otherwise" +type ExternalSourceAuthentication struct { + // type is a required field that sets the type of + // authentication method used by the authenticator + // when fetching external claims. + // + // Allowed values are 'RequestProvidedToken' and 'ClientCredential'. + // + // When set to 'RequestProvidedToken', the authenticator will + // use the token provided to the kube-apiserver as part of the + // request to authenticate with the external claims source. + // + // When set to 'ClientCredential', the authenticator will + // use the configured client-id, client-secret, and token endpoint + // to fetch an access token using the OAuth2 client credentials grant + // flow. The fetched access token will then be used to authenticate + // with the external claims source. + // + // +required + Type ExternalSourceAuthenticationType `json:"type,omitempty"` + + // clientCredential configures the client credentials + // and token endpoint to use to get an access token. + // clientCredential is required when type is 'ClientCredential', and forbidden otherwise. + // + // +optional + ClientCredential ClientCredentialConfig `json:"clientCredential,omitzero"` +} + +// ExternalSourceTLS configures the TLS options that the apiserver uses as a client +// when making a request to the external claim source. +type ExternalSourceTLS struct { + // certificateAuthority is a required reference to a ConfigMap in the openshift-config + // namespace that contains the CA certificate to use to validate TLS connections with the external claims source. + // The key "ca-bundle.crt" must be present in the referenced ConfigMap and must contain the CA certificate to be used + // to verify the external source's TLS certificate. + // + // +required + CertificateAuthority ExternalSourceCertificateAuthorityConfigMapReference `json:"certificateAuthority,omitzero"` +} + +// ClientCredentialConfig configures the client credentials and token endpoint +// to use to get an access token via the OAuth2 client credentials grant flow. +type ClientCredentialConfig struct { + // clientID is a required client identifier to use during the OAuth2 client credentials flow. + // clientID must be at least 1 character in length, must not exceed 256 characters in length, + // and must only contain printable ASCII characters. + // + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=256 + // +kubebuilder:validation:XValidation:rule="self.matches('^[[:print:]]+$')",message="clientID must only contain printable ASCII characters" + ClientID string `json:"clientID,omitempty"` + + // clientSecret is a required reference to a Secret in the openshift-config namespace to be used + // as the client secret during the OAuth2 client credentials flow. + // + // The key 'client-secret' is used to locate the client secret data in the Secret. + // + // +required + ClientSecret ClientSecretSecretReference `json:"clientSecret,omitzero"` + + // tokenEndpoint is a required URL to query for an access token using + // the client credential OAuth2 flow. + // tokenEndpoint must be at least 1 character in length and must not exceed 2048 characters in length. + // tokenEndpoint must be a valid HTTPS URL. + // tokenEndpoint must have a host and a path. + // tokenEndpoint must not contain query parameters, fragments, + // or user information (e.g., "user:password@host"). + // + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=2048 + // +kubebuilder:validation:XValidation:rule="isURL(self)",message="tokenEndpoint must be a valid HTTPS url" + // +kubebuilder:validation:XValidation:rule="isURL(self) && url(self).getScheme() == 'https'",message="tokenEndpoint must be a valid HTTPS url" + // +kubebuilder:validation:XValidation:rule="isURL(self) && url(self).getHost() != ''",message="tokenEndpoint must have a hostname" + // +kubebuilder:validation:XValidation:rule="isURL(self) && url(self).getEscapedPath() != ''",message="tokenEndpoint must have a path" + // +kubebuilder:validation:XValidation:rule="isURL(self) && url(self).getQuery() == {}",message="tokenEndpoint must not have query parameters" + // +kubebuilder:validation:XValidation:rule="isURL(self) && self.find('#(.+)$') == ''",message="tokenEndpoint must not have a fragment" + // +kubebuilder:validation:XValidation:rule="isURL(self) && !self.matches('^https://[^/]+@.+$')",message="tokenEndpoint must not have user info" + TokenEndpoint string `json:"tokenEndpoint,omitempty"` + + // scopes is an optional list of OAuth2 scopes to request when obtaining + // an access token. + // + // If not specified, the token endpoint's default scopes + // will be used. + // + // When specified, there must be at least 1 entry and must not exceed 16 entries. + // Each entry must be at least 1 character in length and must not exceed 256 characters in length. + // Each entry must only contain printable ASCII characters, excluding spaces, double quotes and backslashes. + // Entries must be unique. + // + // +optional + // +kubebuilder:validation:MinItems=1 + // +kubebuilder:validation:MaxItems=16 + // +listType=set + Scopes []OAuth2Scope `json:"scopes,omitempty"` + + // tls is an optional field that allows configuring the TLS + // settings used to interact with the identity provider + // as an OAuth2 client. + // + // When omitted, system default TLS settings will be used + // for the OAuth2 client. + // + // +optional + TLS ExternalSourceTLS `json:"tls,omitzero"` +} + +// OAuth2Scope is a string alias that represents an OAuth2 Scope as defined by https://datatracker.ietf.org/doc/html/rfc6749#appendix-A.4 +// Must be at least 1 character in length, must not exceed 256 characters in length and must only contain printable ASCII characters, excluding spaces, double quotes and backslashes. +// +// +kubebuilder:validation:XValidation:rule="self.matches('^[!#-[\\\\]-~]+$')",message="scopes must only contain printable ASCII characters excluding spaces, double quotes and backslashes" +// +kubebuilder:validation:MinLength=1 +// +kubebuilder:validation:MaxLength=256 +type OAuth2Scope string + +// SourceURL configures the options used to build the URL that is queried for external claims. +type SourceURL struct { + // hostname is a required hostname for which the external claims are located. + // + // It must be a valid DNS subdomain name as per RFC1123. + // + // This means that it must start and end with a lowercase alphanumeric character, + // must only consist of lowercase alphanumeric characters, '-', and '.'. + // hostname may optionally specify a port in the format ':{port}'. + // If a port is specified it must not exceed 65535. + // + // hostname must be at least 1 character in length. + // When specifying a port, hostname must not exceed 259 characters in length. + // When not specifying a port, hostname must not exceed 253 characters in length. + // + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=259 + // +kubebuilder:validation:XValidation:rule="isURL('https://'+self)",message="hostname must be a valid hostname" + // +kubebuilder:validation:XValidation:rule="!format.dns1123Subdomain().validate(self.split(':')[0]).hasValue()",message="hostname before port must start and end with a lowercase alphanumeric character, and must only contain lowercase alphanumeric characters, '-' or '.'" + // +kubebuilder:validation:XValidation:rule="self.split(':').size() > 1 ? int(self.split(':')[1]) <= 65535 : true",message="port must not exceed 65535" + Hostname string `json:"hostname,omitempty"` + + // pathExpression is a required CEL expression that returns a list + // of string values used to construct the URL path. + // Claims from the token used for the request to the kube-apiserver + // are made available via the `claims` variable. + // expression must be at least 1 character in length and must not exceed 1024 characters in length. + // + // Values in the returned list will be joined with the hostname using a forward slash + // (`/`) as a separator. Values in the returned list do not need to include the forward slash. + // If a forward slash is included in a returned value, it will be encoded as `%2F`. + // + // Example of a static path configuration: + // + // pathExpression: ['realms', 'k8s', 'protocol', 'openid-connect', 'userinfo'] + // + // The above example would resolve to the path: '/realms/k8s/protocol/openid-connect/userinfo' + // + // Example of a dynamic path configuration: + // + // pathExpression: "['admin', 'realms', 'k8s', 'users'] + [claims.sub] + ['groups']" + // + // Assuming 'claims.sub' is set to '12345', the above example would resolve to the path: '/admin/realms/k8s/users/12345/groups' + // + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=1024 + PathExpression string `json:"pathExpression,omitempty"` +} + +// SourcedClaimMapping configures the mapping behavior for a single external claim +// from the response the apiserver received from the external claim source. +type SourcedClaimMapping struct { + // name is a required name of the claim that + // will be produced and made available during + // the claim-to-identity mapping process. + // name must consist of only lowercase alpha characters and underscores ('_'). + // name must be at least 1 character and must not exceed 256 characters in length. + // + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=256 + // +kubebuilder:validation:XValidation:rule="self.matches('^[a-z_]+$')",message="name must consist of only lowercase alpha characters and underscores" + Name string `json:"name,omitempty"` + + // expression is a required CEL expression that + // will produce a value to be assigned to the claim. + // The full response body from the request to the + // external claim source is provided via the + // `response.body` variable. + // + // The contents of the `response.body` variable varies based on the response received + // from the external source. It is the responsibility of those configuring + // this expression to understand what is returned from the external source. + // + // expression must be at least 1 character and must not exceed 1024 characters in length. + // + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=1024 + Expression string `json:"expression,omitempty"` +} + +// ExternalSourcePredicate configures a singular condition +// that must return true before the external source is queried +// to retrieve external claims. +type ExternalSourcePredicate struct { + // expression is a required CEL expression that + // is used to determine whether or not an external + // source should be used to fetch external claims. + // + // The expression must return a boolean value, + // where true means that the source should be consulted + // and false means that it should not. + // + // Claims from the token used for the request to the kube-apiserver + // are made available via the `claims` variable. + // + // The contents of the `claims` variable varies based on the claims that are + // present in the token being validated. It is the responsibility of those configuring this + // field to understand what claims the identity provider includes when issuing tokens. + // + // expression must be at least 1 character and must not exceed 1024 characters in length. + // + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=1024 + Expression string `json:"expression,omitempty"` +} + +// ExternalSourceCertificateAuthorityConfigMapReference is a reference to a ConfigMap in the openshift-config +// namespace that should be used for configuring the certificate authority to be +// used when sourcing claims from external sources. +type ExternalSourceCertificateAuthorityConfigMapReference struct { + // name is the required name of the ConfigMap that exists in the openshift-config namespace. + // The key "ca-bundle.crt" must be present and must contain the CA certificate to be used + // to verify the external source's TLS certificate. + // + // It must be at least 1 character in length, must not exceed 253 characters in length, + // must start and end with a lowercase alphanumeric character, and must only contain + // lowercase alphanumeric characters, '-' or '.'. + // + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=253 + // +kubebuilder:validation:XValidation:rule="!format.dns1123Subdomain().validate(self).hasValue()",message="name must start and end with a lowercase alphanumeric character, and must only contain lowercase alphanumeric characters, '-' or '.'" + Name string `json:"name,omitempty"` +} + +// ClientSecretSecretReference is a reference to a Secret in the openshift-config +// namespace that should be used for configuring the client secret to be +// used when sourcing claims from external sources with the client credential authentication flow. +type ClientSecretSecretReference struct { + // name is the required name of the Secret that exists in the openshift-config namespace. + // + // It must be at least 1 character in length, must not exceed 253 characters in length, + // must start and end with a lowercase alphanumeric character, and must only contain + // lowercase alphanumeric characters, '-' or '.'. + // + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=253 + // +kubebuilder:validation:XValidation:rule="!format.dns1123Subdomain().validate(self).hasValue()",message="name must start and end with a lowercase alphanumeric character, and must only contain lowercase alphanumeric characters, '-' or '.'" + Name string `json:"name,omitempty"` +} diff --git a/vendor/github.com/openshift/api/config/v1/types_cluster_operator.go b/vendor/github.com/openshift/api/config/v1/types_cluster_operator.go index 8323040389..e934e83550 100644 --- a/vendor/github.com/openshift/api/config/v1/types_cluster_operator.go +++ b/vendor/github.com/openshift/api/config/v1/types_cluster_operator.go @@ -160,8 +160,9 @@ const ( // is actively rolling out new code, propagating config changes (e.g, a version change), or otherwise // moving from one steady state to another. Operators should not report // Progressing when they are reconciling (without action) a previously known - // state. Operators should not report Progressing only because DaemonSets owned by them - // are adjusting to a new node from cluster scaleup or a node rebooting from cluster upgrade. + // state. Operators should not report Progressing only because resources owned by them, + // such as DaemonSets and Deployments, are adjusting to a new node from cluster scaleup + // or a node rebooting from cluster upgrade. // If the observed cluster state has changed and the component is // reacting to it (updated proxy configuration for instance), Progressing should become true // since it is moving from one steady state to another. diff --git a/vendor/github.com/openshift/api/config/v1/types_cluster_version.go b/vendor/github.com/openshift/api/config/v1/types_cluster_version.go index f8d45114a8..9cb85f4c00 100644 --- a/vendor/github.com/openshift/api/config/v1/types_cluster_version.go +++ b/vendor/github.com/openshift/api/config/v1/types_cluster_version.go @@ -18,7 +18,8 @@ import ( // +kubebuilder:object:root=true // +kubebuilder:subresource:status // +kubebuilder:resource:path=clusterversions,scope=Cluster -// +kubebuilder:validation:XValidation:rule="has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities) && self.spec.capabilities.baselineCapabilitySet == 'None' && 'marketplace' in self.spec.capabilities.additionalEnabledCapabilities ? 'OperatorLifecycleManager' in self.spec.capabilities.additionalEnabledCapabilities || (has(self.status) && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) && 'OperatorLifecycleManager' in self.status.capabilities.enabledCapabilities) : true",message="the `marketplace` capability requires the `OperatorLifecycleManager` capability, which is neither explicitly or implicitly enabled in this cluster, please enable the `OperatorLifecycleManager` capability" +// +openshift:validation:FeatureGateAwareXValidation:featureGate="";CRDCompatibilityRequirementOperator;ClusterAPIMachineManagement,rule="has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities) && self.spec.capabilities.baselineCapabilitySet == 'None' && 'marketplace' in self.spec.capabilities.additionalEnabledCapabilities ? 'OperatorLifecycleManager' in self.spec.capabilities.additionalEnabledCapabilities || (has(self.status) && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) && 'OperatorLifecycleManager' in self.status.capabilities.enabledCapabilities) : true",message="the `marketplace` capability requires the `OperatorLifecycleManager` capability, which is neither explicitly or implicitly enabled in this cluster, please enable the `OperatorLifecycleManager` capability" +// +openshift:validation:FeatureGateAwareXValidation:requiredFeatureGate=CRDCompatibilityRequirementOperator;ClusterAPIMachineManagement,rule="has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities) && 'ClusterAPI' in self.spec.capabilities.additionalEnabledCapabilities ? 'CompatibilityRequirements' in self.spec.capabilities.additionalEnabledCapabilities || (has(self.status) && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) && 'CompatibilityRequirements' in self.status.capabilities.enabledCapabilities) : true",message="the `ClusterAPI` capability requires the `CompatibilityRequirements` capability, which is neither explicitly or implicitly enabled in this cluster, please enable the `CompatibilityRequirements` capability" // +kubebuilder:printcolumn:name=Version,JSONPath=.status.history[?(@.state=="Completed")].version,type=string // +kubebuilder:printcolumn:name=Available,JSONPath=.status.conditions[?(@.type=="Available")].status,type=string // +kubebuilder:printcolumn:name=Progressing,JSONPath=.status.conditions[?(@.type=="Progressing")].status,type=string @@ -304,7 +305,10 @@ const ( ) // ClusterVersionCapability enumerates optional, core cluster components. -// +kubebuilder:validation:Enum=openshift-samples;baremetal;marketplace;Console;Insights;Storage;CSISnapshot;NodeTuning;MachineAPI;Build;DeploymentConfig;ImageRegistry;OperatorLifecycleManager;CloudCredential;Ingress;CloudControllerManager;OperatorLifecycleManagerV1 +// +openshift:validation:FeatureGateAwareEnum:featureGate="",enum=openshift-samples;baremetal;marketplace;Console;Insights;Storage;CSISnapshot;NodeTuning;MachineAPI;Build;DeploymentConfig;ImageRegistry;OperatorLifecycleManager;CloudCredential;Ingress;CloudControllerManager;OperatorLifecycleManagerV1 +// +openshift:validation:FeatureGateAwareEnum:featureGate=CRDCompatibilityRequirementOperator,enum=openshift-samples;baremetal;marketplace;Console;Insights;Storage;CSISnapshot;NodeTuning;MachineAPI;Build;DeploymentConfig;ImageRegistry;OperatorLifecycleManager;CloudCredential;Ingress;CloudControllerManager;OperatorLifecycleManagerV1;CompatibilityRequirements +// +openshift:validation:FeatureGateAwareEnum:featureGate=ClusterAPIMachineManagement,enum=openshift-samples;baremetal;marketplace;Console;Insights;Storage;CSISnapshot;NodeTuning;MachineAPI;Build;DeploymentConfig;ImageRegistry;OperatorLifecycleManager;CloudCredential;Ingress;CloudControllerManager;OperatorLifecycleManagerV1;CompatibilityRequirements;ClusterAPI +// +openshift:validation:FeatureGateAwareEnum:requiredFeatureGate=CRDCompatibilityRequirementOperator;ClusterAPIMachineManagement,enum=openshift-samples;baremetal;marketplace;Console;Insights;Storage;CSISnapshot;NodeTuning;MachineAPI;Build;DeploymentConfig;ImageRegistry;OperatorLifecycleManager;CloudCredential;Ingress;CloudControllerManager;OperatorLifecycleManagerV1;CompatibilityRequirements;ClusterAPI type ClusterVersionCapability string const ( @@ -425,6 +429,19 @@ const ( // Managers deployed on top of OpenShift. They help you to work with cloud // provider API and embeds cloud-specific control logic. ClusterVersionCapabilityCloudControllerManager ClusterVersionCapability = "CloudControllerManager" + + // ClusterVersionCapabilityCompatibilityRequirements manages the Compatibility + // Requirements operator which enforces CRD compatibility constraints via + // validating webhooks. + ClusterVersionCapabilityCompatibilityRequirements ClusterVersionCapability = "CompatibilityRequirements" + + // ClusterVersionCapabilityClusterAPI manages the Cluster API operator and + // controllers which provide forward-compatible machine management for + // OpenShift clusters. + // + // Note that Cluster API has a hard requirement on CompatibilityRequirements. + // CompatibilityRequirements cannot be disabled while Cluster API is enabled. + ClusterVersionCapabilityClusterAPI ClusterVersionCapability = "ClusterAPI" ) // KnownClusterVersionCapabilities includes all known optional, core cluster components. @@ -446,6 +463,8 @@ var KnownClusterVersionCapabilities = []ClusterVersionCapability{ ClusterVersionCapabilityCloudCredential, ClusterVersionCapabilityIngress, ClusterVersionCapabilityCloudControllerManager, + ClusterVersionCapabilityCompatibilityRequirements, + ClusterVersionCapabilityClusterAPI, } // ClusterVersionCapabilitySet defines sets of cluster version capabilities. @@ -644,6 +663,8 @@ var ClusterVersionCapabilitySets = map[ClusterVersionCapabilitySet][]ClusterVers ClusterVersionCapabilityCloudCredential, ClusterVersionCapabilityIngress, ClusterVersionCapabilityCloudControllerManager, + ClusterVersionCapabilityCompatibilityRequirements, + ClusterVersionCapabilityClusterAPI, }, } diff --git a/vendor/github.com/openshift/api/config/v1/types_crio_credential_provider_config.go b/vendor/github.com/openshift/api/config/v1/types_crio_credential_provider_config.go new file mode 100644 index 0000000000..3fe543aac8 --- /dev/null +++ b/vendor/github.com/openshift/api/config/v1/types_crio_credential_provider_config.go @@ -0,0 +1,186 @@ +package v1 + +import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + +// +genclient +// +genclient:nonNamespaced +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +// CRIOCredentialProviderConfig holds cluster-wide singleton resource configurations for CRI-O credential provider, the name of this instance is "cluster". CRI-O credential provider is a binary shipped with CRI-O that provides a way to obtain container image pull credentials from external sources. +// For example, it can be used to fetch mirror registry credentials from secrets resources in the cluster within the same namespace the pod will be running in. +// CRIOCredentialProviderConfig configuration specifies the pod image sources registries that should trigger the CRI-O credential provider execution, which will resolve the CRI-O mirror configurations and obtain the necessary credentials for pod creation. +// Note: Configuration changes will only take effect after the kubelet restarts, which is automatically managed by the cluster during rollout. +// +// The resource is a singleton named "cluster". +// +// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). +// +kubebuilder:object:root=true +// +kubebuilder:resource:path=criocredentialproviderconfigs,scope=Cluster +// +kubebuilder:subresource:status +// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/2725 +// +openshift:file-pattern=cvoRunLevel=0000_10,operatorName=config-operator,operatorOrdering=01 +// +openshift:enable:FeatureGate=CRIOCredentialProviderConfig +// +openshift:compatibility-gen:level=1 +// +kubebuilder:validation:XValidation:rule="self.metadata.name == 'cluster'",message="criocredentialproviderconfig is a singleton, .metadata.name must be 'cluster'" +type CRIOCredentialProviderConfig struct { + metav1.TypeMeta `json:",inline"` + + // metadata is the standard object's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + // +optional + metav1.ObjectMeta `json:"metadata,omitzero"` + + // spec defines the desired configuration of the CRI-O Credential Provider. + // This field is required and must be provided when creating the resource. + // +required + Spec *CRIOCredentialProviderConfigSpec `json:"spec,omitempty,omitzero"` + + // status represents the current state of the CRIOCredentialProviderConfig. + // When omitted or nil, it indicates that the status has not yet been set by the controller. + // The controller will populate this field with validation conditions and operational state. + // +optional + Status CRIOCredentialProviderConfigStatus `json:"status,omitzero,omitempty"` +} + +// CRIOCredentialProviderConfigSpec defines the desired configuration of the CRI-O Credential Provider. +// +kubebuilder:validation:MinProperties=0 +type CRIOCredentialProviderConfigSpec struct { + // matchImages is a list of string patterns used to determine whether + // the CRI-O credential provider should be invoked for a given image. This list is + // passed to the kubelet CredentialProviderConfig, and if any pattern matches + // the requested image, CRI-O credential provider will be invoked to obtain credentials for pulling + // that image or its mirrors. + // Depending on the platform, the CRI-O credential provider may be installed alongside an existing platform specific provider. + // Conflicts between the existing platform specific provider image match configuration and this list will be handled by + // the following precedence rule: credentials from built-in kubelet providers (e.g., ECR, GCR, ACR) take precedence over those + // from the CRIOCredentialProviderConfig when both match the same image. + // To avoid uncertainty, it is recommended to avoid configuring your private image patterns to overlap with + // existing platform specific provider config(e.g., the entries from https://github.com/openshift/machine-config-operator/blob/main/templates/common/aws/files/etc-kubernetes-credential-providers-ecr-credential-provider.yaml). + // You can check the resource's Status conditions + // to see if any entries were ignored due to exact matches with known built-in provider patterns. + // + // This field is optional, the items of the list must contain between 1 and 50 entries. + // The list is treated as a set, so duplicate entries are not allowed. + // + // For more details, see: + // https://kubernetes.io/docs/tasks/administer-cluster/kubelet-credential-provider/ + // https://github.com/cri-o/crio-credential-provider#architecture + // + // Each entry in matchImages is a pattern which can optionally contain a port and a path. Each entry must be no longer than 512 characters. + // Wildcards ('*') are supported for full subdomain labels, such as '*.k8s.io' or 'k8s.*.io', + // and for top-level domains, such as 'k8s.*' (which matches 'k8s.io' or 'k8s.net'). + // A global wildcard '*' (matching any domain) is not allowed. + // Wildcards may replace an entire hostname label (e.g., *.example.com), but they cannot appear within a label (e.g., f*oo.example.com) and are not allowed in the port or path. + // For example, 'example.*.com' is valid, but 'exa*mple.*.com' is not. + // Each wildcard matches only a single domain label, + // so '*.io' does **not** match '*.k8s.io'. + // + // A match exists between an image and a matchImage when all of the below are true: + // Both contain the same number of domain parts and each part matches. + // The URL path of an matchImages must be a prefix of the target image URL path. + // If the matchImages contains a port, then the port must match in the image as well. + // + // Example values of matchImages: + // - 123456789.dkr.ecr.us-east-1.amazonaws.com + // - *.azurecr.io + // - gcr.io + // - *.*.registry.io + // - registry.io:8080/path + // + // +kubebuilder:validation:MaxItems=50 + // +kubebuilder:validation:MinItems=1 + // +listType=set + // +optional + MatchImages []MatchImage `json:"matchImages,omitempty"` +} + +// MatchImage is a string pattern used to match container image registry addresses. +// It must be a valid fully qualified domain name with optional wildcard, port, and path. +// The maximum length is 512 characters. +// +// Wildcards ('*') are supported for full subdomain labels and top-level domains. +// Each entry can optionally contain a port (e.g., :8080) and a path (e.g., /path). +// Wildcards are not allowed in the port or path portions. +// +// Examples: +// - "registry.io" - matches exactly registry.io +// - "*.azurecr.io" - matches any single subdomain of azurecr.io +// - "registry.io:8080/path" - matches with specific port and path prefix +// +// +kubebuilder:validation:MaxLength=512 +// +kubebuilder:validation:MinLength=1 +// +kubebuilder:validation:XValidation:rule="self != '*'",message="global wildcard '*' is not allowed" +// +kubebuilder:validation:XValidation:rule=`self.matches('^((\\*|[a-z0-9]([a-z0-9-]*[a-z0-9])?)(\\.(\\*|[a-z0-9]([a-z0-9-]*[a-z0-9])?))*)(:[0-9]+)?(/[-a-z0-9._/]*)?$')`,message="invalid matchImages value, must be a valid fully qualified domain name in lowercase with optional wildcard, port, and path" +type MatchImage string + +// +k8s:deepcopy-gen=true +// CRIOCredentialProviderConfigStatus defines the observed state of CRIOCredentialProviderConfig +// +kubebuilder:validation:MinProperties=1 +type CRIOCredentialProviderConfigStatus struct { + // conditions represent the latest available observations of the configuration state. + // When omitted, it indicates that no conditions have been reported yet. + // The maximum number of conditions is 16. + // Conditions are stored as a map keyed by condition type, ensuring uniqueness. + // + // Expected condition types include: + // "Validated": indicates whether the matchImages configuration is valid + // +optional + // +kubebuilder:validation:MaxItems=16 + // +kubebuilder:validation:MinItems=1 + // +listType=map + // +listMapKey=type + Conditions []metav1.Condition `json:"conditions,omitempty"` +} + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +// CRIOCredentialProviderConfigList contains a list of CRIOCredentialProviderConfig resources +// +// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). +// +openshift:compatibility-gen:level=1 +type CRIOCredentialProviderConfigList struct { + metav1.TypeMeta `json:",inline"` + + // metadata is the standard list's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + metav1.ListMeta `json:"metadata"` + + Items []CRIOCredentialProviderConfig `json:"items"` +} + +const ( + // ConditionTypeValidated is a condition type that indicates whether the CRIOCredentialProviderConfig + // matchImages configuration has been validated successfully. + // When True, all matchImage patterns are valid and have been applied. + // When False, the configuration contains errors (see Reason for details). + // Possible reasons for False status: + // - ValidationFailed: matchImages contains invalid patterns + // - ConfigurationPartiallyApplied: some matchImage entries were ignored due to conflicts + ConditionTypeValidated = "Validated" + + // ReasonValidationFailed is a condition reason used with ConditionTypeValidated=False + // to indicate that the matchImages configuration contains one or more invalid registry patterns + // that do not conform to the required format (valid FQDN with optional wildcard, port, and path). + ReasonValidationFailed = "ValidationFailed" + + // ReasonConfigurationPartiallyApplied is a condition reason used with ConditionTypeValidated=False + // to indicate that some matchImage entries were ignored due to conflicts or overlapping patterns. + // The condition message will contain details about which entries were ignored and why. + ReasonConfigurationPartiallyApplied = "ConfigurationPartiallyApplied" + + // ConditionTypeMachineConfigRendered is a condition type that indicates whether + // the CRIOCredentialProviderConfig has been successfully rendered into a + // MachineConfig object. + // When True, the corresponding MachineConfig is present in the cluster. + // When False, rendering failed. + ConditionTypeMachineConfigRendered = "MachineConfigRendered" + + // ReasonMachineConfigRenderingSucceeded is a condition reason used with ConditionTypeMachineConfigRendered=True + // to indicate that the MachineConfig was successfully created/updated in the API server. + ReasonMachineConfigRenderingSucceeded = "MachineConfigRenderingSucceeded" + + // ReasonMachineConfigRenderingFailed is a condition reason used with ConditionTypeMachineConfigRendered=False + // to indicate that the MachineConfig creation/update failed. + // The condition message will contain details about the failure. + ReasonMachineConfigRenderingFailed = "MachineConfigRenderingFailed" +) diff --git a/vendor/github.com/openshift/api/config/v1/types_dns.go b/vendor/github.com/openshift/api/config/v1/types_dns.go index 06eb75ccf7..efbdc3ae54 100644 --- a/vendor/github.com/openshift/api/config/v1/types_dns.go +++ b/vendor/github.com/openshift/api/config/v1/types_dns.go @@ -134,7 +134,14 @@ type AWSDNSSpec struct { // privateZoneIAMRole contains the ARN of an IAM role that should be assumed when performing // operations on the cluster's private hosted zone specified in the cluster DNS config. // When left empty, no role should be assumed. - // +kubebuilder:validation:Pattern:=`^arn:(aws|aws-cn|aws-us-gov):iam::[0-9]{12}:role\/.*$` + // + // The ARN must follow the format: arn::iam:::role/, where: + // is the AWS partition (aws, aws-cn, aws-us-gov, or aws-eusc), + // is a 12-digit numeric identifier for the AWS account, + // is the IAM role name. + // + // +openshift:validation:FeatureGateAwareXValidation:featureGate="",rule=`matches(self, '^arn:(aws|aws-cn|aws-us-gov):iam::[0-9]{12}:role/.*$')`,message=`privateZoneIAMRole must be a valid AWS IAM role ARN in the format: arn::iam:::role/` + // +openshift:validation:FeatureGateAwareXValidation:featureGate=AWSEuropeanSovereignCloudInstall,rule=`matches(self, '^arn:(aws|aws-cn|aws-us-gov|aws-eusc):iam::[0-9]{12}:role/.*$')`,message=`privateZoneIAMRole must be a valid AWS IAM role ARN in the format: arn::iam:::role/` // +optional PrivateZoneIAMRole string `json:"privateZoneIAMRole"` } diff --git a/vendor/github.com/openshift/api/config/v1/types_image.go b/vendor/github.com/openshift/api/config/v1/types_image.go index 82f46c8b6c..96fa349a67 100644 --- a/vendor/github.com/openshift/api/config/v1/types_image.go +++ b/vendor/github.com/openshift/api/config/v1/types_image.go @@ -165,20 +165,50 @@ type RegistryLocation struct { // +kubebuilder:validation:XValidation:rule="has(self.blockedRegistries) ? !has(self.allowedRegistries) : true",message="Only one of blockedRegistries or allowedRegistries may be set" type RegistrySources struct { // insecureRegistries are registries which do not have a valid TLS certificates or only support HTTP connections. + // Each entry must be a valid registry scope in the format hostname[:port][/path], + // optionally prefixed with "*." for wildcard subdomains (e.g., "*.example.com"). + // The hostname must consist of valid DNS labels separated by dots, where each label + // contains only alphanumeric characters and hyphens and does not start or end with a hyphen. + // Entries must not be empty, must not include tags (e.g., ":latest") or digests (e.g., "@sha256:..."), + // and must be at most 256 characters in length. The list may contain at most 1024 entries. // +optional // +listType=atomic + // +kubebuilder:validation:MaxItems=1024 + // +kubebuilder:validation:items:MinLength=1 + // +kubebuilder:validation:items:MaxLength=256 + // +kubebuilder:validation:items:XValidation:rule="self.matches('^\\\\*(?:\\\\.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]))+$|^((?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])(?:(?:\\\\.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]))+)?(?::[0-9]+)?)(?:(?:/[a-z0-9]+(?:(?:(?:[._]|__|[-]*)[a-z0-9]+)+)?)+)?$')",message="each registry must be a valid hostname[:port][/path] or wildcard *.hostname format without tags or digests" InsecureRegistries []string `json:"insecureRegistries,omitempty"` // blockedRegistries cannot be used for image pull and push actions. All other registries are permitted. + // Each entry must be a valid registry scope in the format hostname[:port][/path], + // optionally prefixed with "*." for wildcard subdomains (e.g., "*.example.com"). + // The hostname must consist of valid DNS labels separated by dots, where each label + // contains only alphanumeric characters and hyphens and does not start or end with a hyphen. + // Entries must not be empty, must not include tags (e.g., ":latest") or digests (e.g., "@sha256:..."), + // and must be at most 256 characters in length. The list may contain at most 1024 entries. // // Only one of BlockedRegistries or AllowedRegistries may be set. // +optional // +listType=atomic + // +kubebuilder:validation:MaxItems=1024 + // +kubebuilder:validation:items:MinLength=1 + // +kubebuilder:validation:items:MaxLength=256 + // +kubebuilder:validation:items:XValidation:rule="self.matches('^\\\\*(?:\\\\.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]))+$|^((?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])(?:(?:\\\\.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]))+)?(?::[0-9]+)?)(?:(?:/[a-z0-9]+(?:(?:(?:[._]|__|[-]*)[a-z0-9]+)+)?)+)?$')",message="each registry must be a valid hostname[:port][/path] or wildcard *.hostname format without tags or digests" BlockedRegistries []string `json:"blockedRegistries,omitempty"` // allowedRegistries are the only registries permitted for image pull and push actions. All other registries are denied. + // Each entry must be a valid registry scope in the format hostname[:port][/path], + // optionally prefixed with "*." for wildcard subdomains (e.g., "*.example.com"). + // The hostname must consist of valid DNS labels separated by dots, where each label + // contains only alphanumeric characters and hyphens and does not start or end with a hyphen. + // Entries must not be empty, must not include tags (e.g., ":latest") or digests (e.g., "@sha256:..."), + // and must be at most 256 characters in length. The list may contain at most 1024 entries. // // Only one of BlockedRegistries or AllowedRegistries may be set. // +optional // +listType=atomic + // +kubebuilder:validation:MaxItems=1024 + // +kubebuilder:validation:items:MinLength=1 + // +kubebuilder:validation:items:MaxLength=256 + // +kubebuilder:validation:items:XValidation:rule="self.matches('^\\\\*(?:\\\\.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]))+$|^((?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])(?:(?:\\\\.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]))+)?(?::[0-9]+)?)(?:(?:/[a-z0-9]+(?:(?:(?:[._]|__|[-]*)[a-z0-9]+)+)?)+)?$')",message="each registry must be a valid hostname[:port][/path] or wildcard *.hostname format without tags or digests" AllowedRegistries []string `json:"allowedRegistries,omitempty"` // containerRuntimeSearchRegistries are registries that will be searched when pulling images that do not have fully qualified // domains in their pull specs. Registries will be searched in the order provided in the list. diff --git a/vendor/github.com/openshift/api/config/v1/types_infrastructure.go b/vendor/github.com/openshift/api/config/v1/types_infrastructure.go index 369ba1e7a0..e8aaa810f5 100644 --- a/vendor/github.com/openshift/api/config/v1/types_infrastructure.go +++ b/vendor/github.com/openshift/api/config/v1/types_infrastructure.go @@ -19,6 +19,7 @@ import ( // +kubebuilder:resource:path=infrastructures,scope=Cluster // +kubebuilder:subresource:status // +kubebuilder:metadata:annotations=release.openshift.io/bootstrap-required=true +// +openshift:validation:FeatureGateAwareXValidation:featureGate=MutableTopology,rule="!has(self.spec.controlPlaneTopology) || (has(oldSelf.spec.controlPlaneTopology) && self.spec.controlPlaneTopology == oldSelf.spec.controlPlaneTopology) || (has(self.status.controlPlaneTopology) && self.spec.controlPlaneTopology == self.status.controlPlaneTopology) || (has(self.status.controlPlaneTopology) && self.status.controlPlaneTopology == 'SingleReplica' && self.spec.controlPlaneTopology == 'HighlyAvailable')",message="spec.controlPlaneTopology must match status.controlPlaneTopology or be set to HighlyAvailable when status.controlPlaneTopology is SingleReplica" type Infrastructure struct { metav1.TypeMeta `json:",inline"` @@ -55,6 +56,21 @@ type InfrastructureSpec struct { // platformSpec holds desired information specific to the underlying // infrastructure provider. PlatformSpec PlatformSpec `json:"platformSpec,omitempty"` + + // controlPlaneTopology expresses the desired topology configuration for control nodes. + // + // When status.controlPlaneTopology is 'SingleReplica' and spec.controlPlaneTopology is set to 'HighlyAvailable', + // a transition will be triggered to reconfigure the cluster from SingleReplica to HighlyAvailable. + // + // When left blank or status.controlPlaneTopology and spec.controlPlaneTopology are the same value, + // no changes are required and no transitions will be triggered. + // + // This value may be set to match status.controlPlaneTopology regardless of the current value. + // + // +openshift:enable:FeatureGate=MutableTopology + // +kubebuilder:validation:Enum=HighlyAvailable;SingleReplica + // +optional + ControlPlaneTopology TopologyMode `json:"controlPlaneTopology,omitempty"` } // InfrastructureStatus describes the infrastructure the cluster is leveraging. @@ -102,11 +118,11 @@ type InfrastructureStatus struct { // and the operators should not configure the operand for highly-available operation // The 'External' mode indicates that the control plane is hosted externally to the cluster and that // its components are not visible within the cluster. + // The 'HighlyAvailableArbiter' mode indicates that the control plane will consist of 2 control-plane nodes + // that run conventional services and 1 smaller sized arbiter node that runs a bare minimum of services to maintain quorum. // +kubebuilder:default=HighlyAvailable - // +openshift:validation:FeatureGateAwareEnum:featureGate="",enum=HighlyAvailable;SingleReplica;External - // +openshift:validation:FeatureGateAwareEnum:featureGate=HighlyAvailableArbiter,enum=HighlyAvailable;HighlyAvailableArbiter;SingleReplica;External - // +openshift:validation:FeatureGateAwareEnum:featureGate=DualReplica,enum=HighlyAvailable;SingleReplica;DualReplica;External - // +openshift:validation:FeatureGateAwareEnum:requiredFeatureGate=HighlyAvailableArbiter;DualReplica,enum=HighlyAvailable;HighlyAvailableArbiter;SingleReplica;DualReplica;External + // +openshift:validation:FeatureGateAwareEnum:featureGate="",enum=HighlyAvailable;HighlyAvailableArbiter;SingleReplica;External + // +openshift:validation:FeatureGateAwareEnum:featureGate=DualReplica,enum=HighlyAvailable;HighlyAvailableArbiter;SingleReplica;DualReplica;External // +optional ControlPlaneTopology TopologyMode `json:"controlPlaneTopology"` @@ -295,7 +311,8 @@ type ExternalPlatformSpec struct { // PlatformSpec holds the desired state specific to the underlying infrastructure provider // of the current cluster. Since these are used at spec-level for the underlying cluster, it // is supposed that only one of the spec structs is set. -// +kubebuilder:validation:XValidation:rule="!has(oldSelf.vsphere) && has(self.vsphere) ? size(self.vsphere.vcenters) < 2 : true",message="vcenters can have at most 1 item when configured post-install" +// +openshift:validation:FeatureGateAwareXValidation:featureGate="",rule="!has(oldSelf.vsphere) && has(self.vsphere) ? (has(self.vsphere.vcenters) && size(self.vsphere.vcenters) < 2) : true",message="vcenters can have at most 1 item when configured post-install" +// +openshift:validation:FeatureGateAwareXValidation:featureGate=VSphereMultiVCenterDay2,rule="oldSelf.?vsphere.vcenters.hasValue() ? self.?vsphere.vcenters.hasValue() : true",message="vcenters is required once set and cannot be removed" type PlatformSpec struct { // type is the underlying infrastructure provider for the cluster. This // value controls whether infrastructure automation such as service load @@ -787,7 +804,6 @@ type GCPPlatformStatus struct { // // +default={"dnsType": "PlatformDefault"} // +kubebuilder:default={"dnsType": "PlatformDefault"} - // +openshift:enable:FeatureGate=GCPClusterHostedDNSInstall // +optional // +nullable CloudLoadBalancerConfig *CloudLoadBalancerConfig `json:"cloudLoadBalancerConfig,omitempty"` @@ -1642,21 +1658,24 @@ type VSpherePlatformNodeNetworking struct { // use these fields for configuration. // +kubebuilder:validation:XValidation:rule="!has(oldSelf.apiServerInternalIPs) || has(self.apiServerInternalIPs)",message="apiServerInternalIPs list is required once set" // +kubebuilder:validation:XValidation:rule="!has(oldSelf.ingressIPs) || has(self.ingressIPs)",message="ingressIPs list is required once set" -// +kubebuilder:validation:XValidation:rule="!has(oldSelf.vcenters) && has(self.vcenters) ? size(self.vcenters) < 2 : true",message="vcenters can have at most 1 item when configured post-install" type VSpherePlatformSpec struct { // vcenters holds the connection details for services to communicate with vCenter. - // Currently, only a single vCenter is supported, but in tech preview 3 vCenters are supported. + // Up to 3 vCenters are supported. // Once the cluster has been installed, you are unable to change the current number of defined - // vCenters except in the case where the cluster has been upgraded from a version of OpenShift - // where the vsphere platform spec was not present. You may make modifications to the existing + // vCenters except when 1.) the cluster has been upgraded from a version of OpenShift + // where the vsphere platform spec was not present or 2.) in TechPreview you are able to add and + // remove vCenters but may not remove all vCenters. You may make modifications to the existing // vCenters that are defined in the vcenters list in order to match with any added or modified // failure domains. // --- // + If VCenters is not defined use the existing cloud-config configmap defined // + in openshift-config. - // +kubebuilder:validation:MinItems=0 + // +kubebuilder:validation:MinItems=1 // +kubebuilder:validation:MaxItems=3 - // +kubebuilder:validation:XValidation:rule="size(self) != size(oldSelf) ? size(oldSelf) == 0 && size(self) < 2 : true",message="vcenters cannot be added or removed once set" + // +openshift:validation:FeatureGateAwareXValidation:featureGate="",rule="size(self) != size(oldSelf) ? size(oldSelf) == 0 && size(self) < 2 : true",message="vcenters cannot be added or removed once set" + // +openshift:validation:FeatureGateAwareXValidation:featureGate=VSphereMultiVCenterDay2,rule="size(self) >= size(oldSelf) ? oldSelf.all(x, self.exists(y, y.server == x.server)) : true",message="Cannot add and remove vCenters at the same time" + // +openshift:validation:FeatureGateAwareXValidation:featureGate=VSphereMultiVCenterDay2,rule="size(self) < size(oldSelf) ? self.all(x, oldSelf.exists(y, y.server == x.server)) : true",message="Cannot add and remove vCenters at the same time" + // +kubebuilder:validation:XValidation:rule="self.all(x, self.exists_one(y, y.server == x.server))",message="vcenters must have unique server values" // +listType=atomic // +optional VCenters []VSpherePlatformVCenterSpec `json:"vcenters,omitempty"` diff --git a/vendor/github.com/openshift/api/config/v1/types_kmsencryption.go b/vendor/github.com/openshift/api/config/v1/types_kmsencryption.go index 3293204fa4..6b58d9da49 100644 --- a/vendor/github.com/openshift/api/config/v1/types_kmsencryption.go +++ b/vendor/github.com/openshift/api/config/v1/types_kmsencryption.go @@ -1,55 +1,261 @@ package v1 -// KMSConfig defines the configuration for the KMS instance -// that will be used with KMSEncryptionProvider encryption -// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'AWS' ? has(self.aws) : !has(self.aws)",message="aws config is required when kms provider type is AWS, and forbidden otherwise" +// KMSPluginConfig defines the configuration for the KMS instance +// that will be used with KMS encryption +// +kubebuilder:validation:XValidation:rule="self.type == 'Vault' ? has(self.vault) : !has(self.vault)",message="vault config is required when kms provider type is Vault, and forbidden otherwise" // +union -type KMSConfig struct { +type KMSPluginConfig struct { // type defines the kind of platform for the KMS provider. - // Available provider types are AWS only. + // Allowed values are Vault. + // When set to Vault, the plugin connects to a HashiCorp Vault server for key management. // // +unionDiscriminator // +required Type KMSProviderType `json:"type"` - // aws defines the key config for using an AWS KMS instance - // for the encryption. The AWS KMS instance is managed + // vault defines the configuration for the Vault KMS plugin. + // The plugin connects to a Vault Enterprise server that is managed // by the user outside the purview of the control plane. + // This field must be set when type is Vault, and must be unset otherwise. // // +unionMember // +optional - AWS *AWSKMSConfig `json:"aws,omitempty"` + Vault VaultKMSPluginConfig `json:"vault,omitempty,omitzero"` + + // --- TOMBSTONE --- + // aws was a field that allowed configuring AWS KMS. + // It was never implemented and has been removed. + // The field name is reserved to prevent reuse. + // + // +optional + // AWS *AWSKMSConfig `json:"aws,omitempty"` } -// AWSKMSConfig defines the KMS config specific to AWS KMS provider -type AWSKMSConfig struct { - // keyARN specifies the Amazon Resource Name (ARN) of the AWS KMS key used for encryption. - // The value must adhere to the format `arn:aws:kms:::key/`, where: - // - `` is the AWS region consisting of lowercase letters and hyphens followed by a number. - // - `` is a 12-digit numeric identifier for the AWS account. - // - `` is a unique identifier for the KMS key, consisting of lowercase hexadecimal characters and hyphens. +// --- TOMBSTONE --- +// AWSKMSConfig was a type for AWS KMS configuration that was never implemented. +// The type name is reserved to prevent reuse. +// +// type AWSKMSConfig struct { +// KeyARN string `json:"keyARN"` +// Region string `json:"region"` +// } + +// KMSProviderType is a specific supported KMS provider +// +kubebuilder:validation:Enum=Vault +type KMSProviderType string + +const ( + // VaultKMSProvider represents a supported KMS provider for use with HashiCorp Vault + VaultKMSProvider KMSProviderType = "Vault" + + // --- TOMBSTONE --- + // AWSKMSProvider was a constant for AWS KMS support that was never implemented. + // The constant name is reserved to prevent reuse. + // + // AWSKMSProvider KMSProviderType = "AWS" +) + +// VaultSecretReference references a secret in the openshift-config namespace. +type VaultSecretReference struct { + // name is the metadata.name of the referenced secret in the openshift-config namespace. + // The name must be a valid DNS subdomain name: it must contain no more than 253 characters, + // contain only lowercase alphanumeric characters, '-' or '.', and start and end with an alphanumeric character. // - // +kubebuilder:validation:MaxLength=128 // +kubebuilder:validation:MinLength=1 - // +kubebuilder:validation:XValidation:rule="self.matches('^arn:aws:kms:[a-z0-9-]+:[0-9]{12}:key/[a-f0-9-]+$')",message="keyARN must follow the format `arn:aws:kms:::key/`. The account ID must be a 12 digit number and the region and key ID should consist only of lowercase hexadecimal characters and hyphens (-)." + // +kubebuilder:validation:MaxLength=253 + // +kubebuilder:validation:XValidation:rule="!format.dns1123Subdomain().validate(self).hasValue()",message="name must be a valid DNS subdomain name: contain no more than 253 characters, contain only lowercase alphanumeric characters, '-' or '.', and start and end with an alphanumeric character" // +required - KeyARN string `json:"keyARN"` - // region specifies the AWS region where the KMS instance exists, and follows the format - // `--`, e.g.: `us-east-1`. - // Only lowercase letters and hyphens followed by numbers are allowed. + Name string `json:"name,omitempty"` +} + +// VaultConfigMapReference references a ConfigMap in the openshift-config namespace. +type VaultConfigMapReference struct { + // name is the metadata.name of the referenced ConfigMap in the openshift-config namespace. + // The name must be a valid DNS subdomain name: it must contain no more than 253 characters, + // contain only lowercase alphanumeric characters, '-' or '.', and start and end with an alphanumeric character. // - // +kubebuilder:validation:MaxLength=64 // +kubebuilder:validation:MinLength=1 - // +kubebuilder:validation:XValidation:rule="self.matches('^[a-z0-9]+(-[a-z0-9]+)*$')",message="region must be a valid AWS region, consisting of lowercase characters, digits and hyphens (-) only." + // +kubebuilder:validation:MaxLength=253 + // +kubebuilder:validation:XValidation:rule="!format.dns1123Subdomain().validate(self).hasValue()",message="name must be a valid DNS subdomain name: contain no more than 253 characters, contain only lowercase alphanumeric characters, '-' or '.', and start and end with an alphanumeric character" // +required - Region string `json:"region"` + Name string `json:"name,omitempty"` } -// KMSProviderType is a specific supported KMS provider -// +kubebuilder:validation:Enum=AWS -type KMSProviderType string +// VaultAuthentication defines the authentication method used to authenticate with Vault. +// +kubebuilder:validation:XValidation:rule="self.type == 'AppRole' ? has(self.appRole) : !has(self.appRole)",message="appRole config is required when authentication type is AppRole, and forbidden otherwise" +// +union +type VaultAuthentication struct { + // type defines the authentication method used to authenticate with Vault. + // Allowed values are AppRole. + // When set to AppRole, the plugin uses AppRole credentials to authenticate with Vault. + // + // +unionDiscriminator + // +required + Type VaultAuthenticationType `json:"type,omitempty"` + + // appRole defines the configuration for AppRole authentication. + // This field must be set when type is AppRole, and must be unset otherwise. + // + // +unionMember + // +optional + AppRole VaultAppRoleAuthentication `json:"appRole,omitzero"` +} + +// VaultAuthenticationType defines the authentication method type for Vault. +// +kubebuilder:validation:Enum=AppRole +type VaultAuthenticationType string const ( - // AWSKMSProvider represents a supported KMS provider for use with AWS KMS - AWSKMSProvider KMSProviderType = "AWS" + // VaultAuthenticationTypeAppRole represents AppRole authentication method. + VaultAuthenticationTypeAppRole VaultAuthenticationType = "AppRole" ) + +// VaultAppRoleAuthentication defines the configuration for AppRole authentication with Vault. +type VaultAppRoleAuthentication struct { + // secret references a secret in the openshift-config namespace containing + // the AppRole credentials used to authenticate with Vault. + // The referenced Secret must contain two keys: "role-id" for the AppRole Role ID and "secret-id" for the AppRole Secret ID. + // + // +required + Secret VaultSecretReference `json:"secret,omitzero"` +} + +// VaultKMSPluginConfig defines the KMS plugin configuration specific to Vault KMS +type VaultKMSPluginConfig struct { + // kmsPluginImage specifies the container image for the HashiCorp Vault KMS plugin. + // + // The image must be a fully qualified OCI image pull spec with a SHA256 digest. + // The format is: host[:port][/namespace]/name@sha256: + // where the digest must be 64 characters long and consist only of lowercase hexadecimal characters, a-f and 0-9. + // The total length must be between 75 and 447 characters. + // + // Short names (e.g., "vault-plugin" or "hashicorp/vault-plugin") are not allowed. + // The registry hostname must be included and must contain at least one dot. + // Image tags (e.g., ":latest", ":v1.0.0") are not allowed. + // + // Consult the OpenShift documentation for compatible plugin versions with your cluster version, + // then obtain the image digest for that version from HashiCorp's container registry. + // + // For disconnected environments, mirror the plugin image to an accessible registry + // and reference the mirrored location with its digest. + // + // +kubebuilder:validation:MinLength=75 + // +kubebuilder:validation:MaxLength=447 + // +kubebuilder:validation:XValidation:rule=`(self.split('@').size() == 2 && self.split('@')[1].matches('^sha256:[a-f0-9]{64}$'))`,message="the OCI Image reference must end with a valid '@sha256:' suffix, where '' is 64 characters long" + // +kubebuilder:validation:XValidation:rule=`(self.split('@')[0].matches('^([a-zA-Z0-9-]+\\.)+[a-zA-Z0-9-]+(:[0-9]{2,5})?(/[a-zA-Z0-9-_.]+)+$'))`,message="the OCI Image name should follow the host[:port][/namespace]/name format, resembling a valid URL without the scheme. Short names are not allowed, the registry hostname must be included." + // +required + KMSPluginImage string `json:"kmsPluginImage,omitempty"` + + // vaultAddress specifies the address of the HashiCorp Vault instance. + // The value must be a valid HTTPS URL containing only scheme, host, and optional port. + // Paths, user info, query parameters, and fragments are not allowed. + // + // Format: https://hostname[:port] + // Example: https://vault.example.com:8200 + // + // The value must be between 1 and 512 characters. + // + // +kubebuilder:validation:XValidation:rule="isURL(self)",message="must be a valid URL" + // +kubebuilder:validation:XValidation:rule="isURL(self) && url(self).getScheme() == 'https'",message="must use the 'https' scheme" + // +kubebuilder:validation:XValidation:rule="isURL(self) && (url(self).getEscapedPath() == '' || url(self).getEscapedPath() == '/')",message="must not contain a path" + // +kubebuilder:validation:XValidation:rule="isURL(self) && url(self).getQuery() == {}",message="must not have a query" + // +kubebuilder:validation:XValidation:rule="self.find('#(.+)$') == ''",message="must not have a fragment" + // +kubebuilder:validation:XValidation:rule="self.find('@') == ''",message="must not have user info" + // +kubebuilder:validation:MaxLength=512 + // +kubebuilder:validation:MinLength=1 + // +required + VaultAddress string `json:"vaultAddress,omitempty"` + + // vaultNamespace specifies the Vault namespace where the Transit secrets engine is mounted. + // This is only applicable for Vault Enterprise installations. + // When this field is not set, no namespace is used. + // + // The value must be between 1 and 4096 characters. + // The namespace cannot end with a forward slash, cannot contain spaces, and cannot be one of the reserved strings: root, sys, audit, auth, cubbyhole, or identity. + // + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=4096 + // +kubebuilder:validation:XValidation:rule="!self.endsWith('/')",message="vaultNamespace cannot end with a forward slash" + // +kubebuilder:validation:XValidation:rule="!self.contains(' ')",message="vaultNamespace cannot contain spaces" + // +kubebuilder:validation:XValidation:rule="!(self in ['root', 'sys', 'audit', 'auth', 'cubbyhole', 'identity'])",message="vaultNamespace cannot be a reserved string (root, sys, audit, auth, cubbyhole, identity)" + // +optional + VaultNamespace string `json:"vaultNamespace,omitempty"` + + // tls contains the TLS configuration for connecting to the Vault server. + // When this field is not set, system default TLS settings are used. + // +optional + TLS VaultTLSConfig `json:"tls,omitzero"` + + // authentication defines the authentication method used to authenticate with Vault. + // + // +required + Authentication VaultAuthentication `json:"authentication,omitzero"` + + // transitMount specifies the mount path of the Vault Transit engine. + // + // The transit mount must be between 1 and 1024 characters, cannot start or + // end with a forward slash, cannot contain consecutive forward slashes, and + // must only contain RFC 3986 unreserved characters (alphanumeric, hyphen, + // period, underscore, tilde) and forward slashes as path separators. + // + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=1024 + // +kubebuilder:validation:XValidation:rule="!self.startsWith('/')",message="transitMount cannot start with a forward slash" + // +kubebuilder:validation:XValidation:rule="!self.endsWith('/')",message="transitMount cannot end with a forward slash" + // +kubebuilder:validation:XValidation:rule="!self.contains('//')",message="transitMount cannot contain consecutive forward slashes" + // +kubebuilder:validation:XValidation:rule="self.matches('^[a-zA-Z0-9._~/-]+$')",message="transitMount must only contain RFC 3986 unreserved characters (alphanumeric, hyphen, period, underscore, tilde) and forward slashes" + // +required + TransitMount string `json:"transitMount,omitempty"` + + // transitKey specifies the name of the encryption key in Vault's Transit engine. + // This key is used to encrypt and decrypt data. + // + // The transit key must be between 1 and 512 characters, cannot contain forward slashes, + // and must only contain alphanumeric characters, hyphens, periods, and underscores. + // + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=512 + // +kubebuilder:validation:XValidation:rule="!self.contains('/')",message="transitKey cannot contain forward slashes" + // +kubebuilder:validation:XValidation:rule="self.matches('^[a-zA-Z0-9._-]+$')",message="transitKey must only contain alphanumeric characters, hyphens, periods, and underscores" + // +required + TransitKey string `json:"transitKey,omitempty"` +} + +// VaultTLSConfig contains TLS configuration for connecting to Vault. +// +kubebuilder:validation:MinProperties=1 +type VaultTLSConfig struct { + // caBundle references a ConfigMap in the openshift-config namespace containing + // the CA certificate bundle used to verify the TLS connection to the Vault server. + // The referenced ConfigMap must contain the CA bundle in the key "ca-bundle.crt". + // When this field is not set, the system's trusted CA certificates are used. + // + // The namespace for the ConfigMap is openshift-config. + // + // Example ConfigMap: + // apiVersion: v1 + // kind: ConfigMap + // metadata: + // name: vault-ca-bundle + // namespace: openshift-config + // data: + // ca-bundle.crt: | + // -----BEGIN CERTIFICATE----- + // ... + // -----END CERTIFICATE----- + // + // +optional + CABundle VaultConfigMapReference `json:"caBundle,omitzero"` + + // serverName specifies the Server Name Indication (SNI) to use when connecting to Vault via TLS. + // This is useful when the Vault server's hostname doesn't match its TLS certificate. + // When this field is not set, the hostname from vaultAddress is used for SNI. + // + // The value must be a valid DNS hostname: it must contain no more than 253 characters, + // contain only lowercase alphanumeric characters, '-' or '.', and start and end with an alphanumeric character. + // + // +kubebuilder:validation:MaxLength=253 + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:XValidation:rule="!format.dns1123Subdomain().validate(self).hasValue()",message="serverName must be a valid DNS hostname: contain no more than 253 characters, contain only lowercase alphanumeric characters, '-' or '.', and start and end with an alphanumeric character" + // +optional + ServerName string `json:"serverName,omitempty"` +} diff --git a/vendor/github.com/openshift/api/config/v1/types_network.go b/vendor/github.com/openshift/api/config/v1/types_network.go index fb8ed2fff7..5e2eb93372 100644 --- a/vendor/github.com/openshift/api/config/v1/types_network.go +++ b/vendor/github.com/openshift/api/config/v1/types_network.go @@ -86,6 +86,13 @@ type NetworkSpec struct { // // +optional NetworkDiagnostics NetworkDiagnostics `json:"networkDiagnostics"` + + // networkObservability is an optional field that configures network observability installation + // during cluster deployment (day-0). + // When omitted, unless this is a SNO cluster, network observability will be installed if not already present, after that, no action taken. + // +openshift:enable:FeatureGate=NetworkObservabilityInstall + // +optional + NetworkObservability NetworkObservabilitySpec `json:"networkObservability,omitempty,omitzero"` } // NetworkStatus is the current network configuration. @@ -304,3 +311,26 @@ type NetworkDiagnosticsTargetPlacement struct { // +listType=atomic Tolerations []corev1.Toleration `json:"tolerations"` } + +// NetworkObservabilityInstallationPolicy is an enumeration of the available network observability installation policies +// Valid values are "InstallAndEnable", "NoAction". +// +kubebuilder:validation:Enum=InstallAndEnable;NoAction +type NetworkObservabilityInstallationPolicy string + +const ( + // NetworkObservabilityInstallAndEnable means that network observability should be installed and enabled during cluster deployment + // Since this was explicitly set to install, if the user remove NetworkObservability, it will be installed again unless the value of InstallationPolicy is changed + NetworkObservabilityInstallAndEnable NetworkObservabilityInstallationPolicy = "InstallAndEnable" + // NetworkObservabilityNoAction means that nothing will be done regarding Network Observability + NetworkObservabilityNoAction NetworkObservabilityInstallationPolicy = "NoAction" +) + +// NetworkObservabilitySpec defines the configuration for network observability installation +type NetworkObservabilitySpec struct { + // installationPolicy controls whether network observability is installed during cluster deployment. + // Valid values are "InstallAndEnable" and "NoAction". + // When set to "InstallAndEnable", ensure that network observability will be installed and enabled on the cluster. If already installed, no action taken, but if it gets uninstalled, it will install it again. + // When set to "NoAction", nothing will be done regarding Network observability. + // +required + InstallationPolicy NetworkObservabilityInstallationPolicy `json:"installationPolicy,omitempty"` +} diff --git a/vendor/github.com/openshift/api/config/v1/types_tlssecurityprofile.go b/vendor/github.com/openshift/api/config/v1/types_tlssecurityprofile.go index 48657b0894..2e9be97aeb 100644 --- a/vendor/github.com/openshift/api/config/v1/types_tlssecurityprofile.go +++ b/vendor/github.com/openshift/api/config/v1/types_tlssecurityprofile.go @@ -7,10 +7,16 @@ type TLSSecurityProfile struct { // type is one of Old, Intermediate, Modern or Custom. Custom provides the // ability to specify individual TLS security profile parameters. // - // The profiles are based on version 5.7 of the Mozilla Server Side TLS - // configuration guidelines. The cipher lists consist of the configuration's - // "ciphersuites" followed by the Go-specific "ciphers" from the guidelines. - // See: https://ssl-config.mozilla.org/guidelines/5.7.json + // The cipher and groups lists in these profiles are based on version 5.8 of the + // Mozilla Server Side TLS configuration guidelines. + // See: https://ssl-config.mozilla.org/guidelines/5.8.json + // + // The groups are listed in suggested preference order, with the most preferred group first. + // Note that not all platform components honor the ordering: Go-based components use Go's + // internal preference order and treat this list as a filter of allowed groups rather than + // an ordered preference. + // Note that X25519MLKEM768 is a post-quantum hybrid group that is not + // FIPS-approved and should be ignored by components running in FIPS mode. // // The profiles are intent based, so they may change over time as new ciphers are // developed and existing ciphers are found to be insecure. Depending on @@ -23,6 +29,10 @@ type TLSSecurityProfile struct { // old is a TLS profile for use when services need to be accessed by very old // clients or libraries and should be used only as a last resort. // + // The supported groups list includes by default the following groups + // in suggested preference order (ordering may not be honored by all implementations): + // X25519MLKEM768, X25519, secp256r1, secp384r1. + // // This profile is equivalent to a Custom profile specified as: // minTLSVersion: VersionTLS10 // ciphers: @@ -39,11 +49,14 @@ type TLSSecurityProfile struct { // - ECDHE-RSA-AES128-SHA256 // - ECDHE-ECDSA-AES128-SHA // - ECDHE-RSA-AES128-SHA + // - ECDHE-ECDSA-AES256-SHA384 + // - ECDHE-RSA-AES256-SHA384 // - ECDHE-ECDSA-AES256-SHA // - ECDHE-RSA-AES256-SHA // - AES128-GCM-SHA256 // - AES256-GCM-SHA384 // - AES128-SHA256 + // - AES256-SHA256 // - AES128-SHA // - AES256-SHA // - DES-CBC3-SHA @@ -56,6 +69,10 @@ type TLSSecurityProfile struct { // legacy clients and want to remain highly secure while being compatible with // most clients currently in use. // + // The supported groups list includes by default the following groups + // in suggested preference order (ordering may not be honored by all implementations): + // X25519MLKEM768, X25519, secp256r1, secp384r1. + // // This profile is equivalent to a Custom profile specified as: // minTLSVersion: VersionTLS12 // ciphers: @@ -75,7 +92,9 @@ type TLSSecurityProfile struct { // modern is a TLS security profile for use with clients that support TLS 1.3 and // do not need backward compatibility for older clients. - // + // The supported groups list includes by default the following groups + // in suggested preference order (ordering may not be honored by all implementations): + // X25519MLKEM768, X25519, secp256r1, secp384r1. // This profile is equivalent to a Custom profile specified as: // minTLSVersion: VersionTLS13 // ciphers: @@ -88,8 +107,11 @@ type TLSSecurityProfile struct { Modern *ModernTLSProfile `json:"modern,omitempty"` // custom is a user-defined TLS security profile. Be extremely careful using a custom - // profile as invalid configurations can be catastrophic. An example custom profile - // looks like this: + // profile as invalid configurations can be catastrophic. + // + // The supported groups list for this profile is empty by default. + // + // An example custom profile looks like this: // // minTLSVersion: VersionTLS11 // ciphers: @@ -142,6 +164,33 @@ const ( TLSProfileCustomType TLSProfileType = "Custom" ) +// TLSGroup is a supported group identifier that can be used in TLSProfile.Groups. +// There is a one-to-one mapping between these names and the group IDs defined +// in Go's crypto/tls package based on IANA's "TLS Supported Groups" registry: +// https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8 +// Note that X25519MLKEM768 is a post-quantum hybrid group that is not +// FIPS-approved and should be ignored by components running in FIPS mode. +// +// +kubebuilder:validation:Enum=X25519;secp256r1;secp384r1;secp521r1;X25519MLKEM768;SecP256r1MLKEM768;SecP384r1MLKEM1024 +type TLSGroup string + +const ( + // TLSGroupX25519 represents X25519. + TLSGroupX25519 TLSGroup = "X25519" + // TLSGroupSecP256r1 represents P-256 (secp256r1). + TLSGroupSecP256r1 TLSGroup = "secp256r1" + // TLSGroupSecP384r1 represents P-384 (secp384r1). + TLSGroupSecP384r1 TLSGroup = "secp384r1" + // TLSGroupSecP521r1 represents P-521 (secp521r1). + TLSGroupSecP521r1 TLSGroup = "secp521r1" + // TLSGroupX25519MLKEM768 represents X25519MLKEM768. + TLSGroupX25519MLKEM768 TLSGroup = "X25519MLKEM768" + // TLSGroupSecP256r1MLKEM768 represents SecP256r1MLKEM768. + TLSGroupSecP256r1MLKEM768 TLSGroup = "SecP256r1MLKEM768" + // TLSGroupSecP384r1MLKEM1024 represents SecP384r1MLKEM1024. + TLSGroupSecP384r1MLKEM1024 TLSGroup = "SecP384r1MLKEM1024" +) + // TLSProfileSpec is the desired behavior of a TLSSecurityProfile. type TLSProfileSpec struct { // ciphers is used to specify the cipher algorithms that are negotiated @@ -155,6 +204,30 @@ type TLSProfileSpec struct { // and are always enabled when TLS 1.3 is negotiated. // +listType=atomic Ciphers []string `json:"ciphers"` + // groups is an optional, ordered field used to specify the supported groups (formerly known as + // elliptic curves) that are used during the TLS handshake. The order of the groups represents + // a suggested preference, with the most preferred group first. Note that not all platform + // components honor the ordering: Go-based components use Go's internal preference order and + // treat this list as a filter of allowed groups rather than an ordered preference. + // Operators may remove entries their operands do not support. + // + // When omitted, this means no opinion and the platform is left to choose reasonable defaults which are + // subject to change over time and may be different per platform component depending on the underlying TLS + // libraries they use. If specified, the list must contain at least one and at most 7 groups, + // and each group must be unique. + // + // For example, to use X25519 and secp256r1 (yaml): + // + // groups: + // - X25519 + // - secp256r1 + // + // +optional + // +listType=set + // +kubebuilder:validation:MaxItems=7 + // +kubebuilder:validation:MinItems=1 + // +openshift:enable:FeatureGate=TLSGroupPreferences + Groups []TLSGroup `json:"groups,omitempty"` // minTLSVersion is used to specify the minimal version of the TLS protocol // that is negotiated during the TLS handshake. For example, to use TLS // versions 1.1, 1.2 and 1.3 (yaml): @@ -187,16 +260,22 @@ const ( // TLSProfiles contains a map of TLSProfileType names to TLSProfileSpec. // -// These profiles are based on version 5.7 of the Mozilla Server Side TLS -// configuration guidelines. See: https://ssl-config.mozilla.org/guidelines/5.7.json +// The cipher and groups lists in these profiles are based on version 5.8 of the +// Mozilla Server Side TLS configuration guidelines. +// See: https://ssl-config.mozilla.org/guidelines/5.8.json // // Each Ciphers slice is the configuration's "ciphersuites" followed by the -// Go-specific "ciphers" from the guidelines JSON. +// "ciphers" from the guidelines JSON. +// +// Groups are listed in suggested preference order, though Go-based components may use +// their own internal ordering. TLSProfiles Old, Intermediate, Modern include by default +// the following groups: X25519MLKEM768, X25519, secp256r1, secp384r1 // // NOTE: The caller needs to make sure to check that these constants are valid // for their binary. Not all entries map to values for all binaries. In the case // of ties, the kube-apiserver wins. Do not fail, just be sure to include only -// valid entries and everything will be ok. +// valid entries and everything will be ok. In particular, X25519MLKEM768 is +// not FIPS-approved and must be omitted by components running in FIPS mode. var TLSProfiles = map[TLSProfileType]*TLSProfileSpec{ TLSProfileOldType: { Ciphers: []string{ @@ -213,15 +292,24 @@ var TLSProfiles = map[TLSProfileType]*TLSProfileSpec{ "ECDHE-RSA-AES128-SHA256", "ECDHE-ECDSA-AES128-SHA", "ECDHE-RSA-AES128-SHA", + "ECDHE-ECDSA-AES256-SHA384", + "ECDHE-RSA-AES256-SHA384", "ECDHE-ECDSA-AES256-SHA", "ECDHE-RSA-AES256-SHA", "AES128-GCM-SHA256", "AES256-GCM-SHA384", "AES128-SHA256", + "AES256-SHA256", "AES128-SHA", "AES256-SHA", "DES-CBC3-SHA", }, + Groups: []TLSGroup{ + TLSGroupX25519MLKEM768, + TLSGroupX25519, + TLSGroupSecP256r1, + TLSGroupSecP384r1, + }, MinTLSVersion: VersionTLS10, }, TLSProfileIntermediateType: { @@ -236,6 +324,12 @@ var TLSProfiles = map[TLSProfileType]*TLSProfileSpec{ "ECDHE-ECDSA-CHACHA20-POLY1305", "ECDHE-RSA-CHACHA20-POLY1305", }, + Groups: []TLSGroup{ + TLSGroupX25519MLKEM768, + TLSGroupX25519, + TLSGroupSecP256r1, + TLSGroupSecP384r1, + }, MinTLSVersion: VersionTLS12, }, TLSProfileModernType: { @@ -244,6 +338,12 @@ var TLSProfiles = map[TLSProfileType]*TLSProfileSpec{ "TLS_AES_256_GCM_SHA384", "TLS_CHACHA20_POLY1305_SHA256", }, + Groups: []TLSGroup{ + TLSGroupX25519MLKEM768, + TLSGroupX25519, + TLSGroupSecP256r1, + TLSGroupSecP384r1, + }, MinTLSVersion: VersionTLS13, }, } diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.deepcopy.go b/vendor/github.com/openshift/api/config/v1/zz_generated.deepcopy.go index 30b85b78e9..3c75062bb7 100644 --- a/vendor/github.com/openshift/api/config/v1/zz_generated.deepcopy.go +++ b/vendor/github.com/openshift/api/config/v1/zz_generated.deepcopy.go @@ -42,11 +42,7 @@ func (in *APIServer) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *APIServerEncryption) DeepCopyInto(out *APIServerEncryption) { *out = *in - if in.KMS != nil { - in, out := &in.KMS, &out.KMS - *out = new(KMSConfig) - (*in).DeepCopyInto(*out) - } + out.KMS = in.KMS return } @@ -148,7 +144,7 @@ func (in *APIServerSpec) DeepCopyInto(out *APIServerSpec) { *out = make([]string, len(*in)) copy(*out, *in) } - in.Encryption.DeepCopyInto(&out.Encryption) + out.Encryption = in.Encryption if in.TLSSecurityProfile != nil { in, out := &in.TLSSecurityProfile, &out.TLSSecurityProfile *out = new(TLSSecurityProfile) @@ -216,22 +212,6 @@ func (in *AWSIngressSpec) DeepCopy() *AWSIngressSpec { return out } -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *AWSKMSConfig) DeepCopyInto(out *AWSKMSConfig) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AWSKMSConfig. -func (in *AWSKMSConfig) DeepCopy() *AWSKMSConfig { - if in == nil { - return nil - } - out := new(AWSKMSConfig) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *AWSPlatformSpec) DeepCopyInto(out *AWSPlatformSpec) { *out = *in @@ -924,6 +904,115 @@ func (in *BuildSpec) DeepCopy() *BuildSpec { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CRIOCredentialProviderConfig) DeepCopyInto(out *CRIOCredentialProviderConfig) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + if in.Spec != nil { + in, out := &in.Spec, &out.Spec + *out = new(CRIOCredentialProviderConfigSpec) + (*in).DeepCopyInto(*out) + } + in.Status.DeepCopyInto(&out.Status) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CRIOCredentialProviderConfig. +func (in *CRIOCredentialProviderConfig) DeepCopy() *CRIOCredentialProviderConfig { + if in == nil { + return nil + } + out := new(CRIOCredentialProviderConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *CRIOCredentialProviderConfig) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CRIOCredentialProviderConfigList) DeepCopyInto(out *CRIOCredentialProviderConfigList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]CRIOCredentialProviderConfig, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CRIOCredentialProviderConfigList. +func (in *CRIOCredentialProviderConfigList) DeepCopy() *CRIOCredentialProviderConfigList { + if in == nil { + return nil + } + out := new(CRIOCredentialProviderConfigList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *CRIOCredentialProviderConfigList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CRIOCredentialProviderConfigSpec) DeepCopyInto(out *CRIOCredentialProviderConfigSpec) { + *out = *in + if in.MatchImages != nil { + in, out := &in.MatchImages, &out.MatchImages + *out = make([]MatchImage, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CRIOCredentialProviderConfigSpec. +func (in *CRIOCredentialProviderConfigSpec) DeepCopy() *CRIOCredentialProviderConfigSpec { + if in == nil { + return nil + } + out := new(CRIOCredentialProviderConfigSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CRIOCredentialProviderConfigStatus) DeepCopyInto(out *CRIOCredentialProviderConfigStatus) { + *out = *in + if in.Conditions != nil { + in, out := &in.Conditions, &out.Conditions + *out = make([]metav1.Condition, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CRIOCredentialProviderConfigStatus. +func (in *CRIOCredentialProviderConfigStatus) DeepCopy() *CRIOCredentialProviderConfigStatus { + if in == nil { + return nil + } + out := new(CRIOCredentialProviderConfigStatus) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *CertInfo) DeepCopyInto(out *CertInfo) { *out = *in @@ -956,6 +1045,45 @@ func (in *ClientConnectionOverrides) DeepCopy() *ClientConnectionOverrides { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ClientCredentialConfig) DeepCopyInto(out *ClientCredentialConfig) { + *out = *in + out.ClientSecret = in.ClientSecret + if in.Scopes != nil { + in, out := &in.Scopes, &out.Scopes + *out = make([]OAuth2Scope, len(*in)) + copy(*out, *in) + } + out.TLS = in.TLS + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClientCredentialConfig. +func (in *ClientCredentialConfig) DeepCopy() *ClientCredentialConfig { + if in == nil { + return nil + } + out := new(ClientCredentialConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ClientSecretSecretReference) DeepCopyInto(out *ClientSecretSecretReference) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClientSecretSecretReference. +func (in *ClientSecretSecretReference) DeepCopy() *ClientSecretSecretReference { + if in == nil { + return nil + } + out := new(ClientSecretSecretReference) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *CloudControllerManagerStatus) DeepCopyInto(out *CloudControllerManagerStatus) { *out = *in @@ -2103,6 +2231,35 @@ func (in *EtcdStorageConfig) DeepCopy() *EtcdStorageConfig { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ExternalClaimsSource) DeepCopyInto(out *ExternalClaimsSource) { + *out = *in + in.Authentication.DeepCopyInto(&out.Authentication) + out.TLS = in.TLS + out.URL = in.URL + if in.Mappings != nil { + in, out := &in.Mappings, &out.Mappings + *out = make([]SourcedClaimMapping, len(*in)) + copy(*out, *in) + } + if in.Predicates != nil { + in, out := &in.Predicates, &out.Predicates + *out = make([]ExternalSourcePredicate, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalClaimsSource. +func (in *ExternalClaimsSource) DeepCopy() *ExternalClaimsSource { + if in == nil { + return nil + } + out := new(ExternalClaimsSource) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ExternalIPConfig) DeepCopyInto(out *ExternalIPConfig) { *out = *in @@ -2188,6 +2345,72 @@ func (in *ExternalPlatformStatus) DeepCopy() *ExternalPlatformStatus { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ExternalSourceAuthentication) DeepCopyInto(out *ExternalSourceAuthentication) { + *out = *in + in.ClientCredential.DeepCopyInto(&out.ClientCredential) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalSourceAuthentication. +func (in *ExternalSourceAuthentication) DeepCopy() *ExternalSourceAuthentication { + if in == nil { + return nil + } + out := new(ExternalSourceAuthentication) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ExternalSourceCertificateAuthorityConfigMapReference) DeepCopyInto(out *ExternalSourceCertificateAuthorityConfigMapReference) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalSourceCertificateAuthorityConfigMapReference. +func (in *ExternalSourceCertificateAuthorityConfigMapReference) DeepCopy() *ExternalSourceCertificateAuthorityConfigMapReference { + if in == nil { + return nil + } + out := new(ExternalSourceCertificateAuthorityConfigMapReference) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ExternalSourcePredicate) DeepCopyInto(out *ExternalSourcePredicate) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalSourcePredicate. +func (in *ExternalSourcePredicate) DeepCopy() *ExternalSourcePredicate { + if in == nil { + return nil + } + out := new(ExternalSourcePredicate) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ExternalSourceTLS) DeepCopyInto(out *ExternalSourceTLS) { + *out = *in + out.CertificateAuthority = in.CertificateAuthority + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalSourceTLS. +func (in *ExternalSourceTLS) DeepCopy() *ExternalSourceTLS { + if in == nil { + return nil + } + out := new(ExternalSourceTLS) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ExtraMapping) DeepCopyInto(out *ExtraMapping) { *out = *in @@ -2560,6 +2783,7 @@ func (in *GenericAPIServerConfig) DeepCopy() *GenericAPIServerConfig { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *GenericControllerConfig) DeepCopyInto(out *GenericControllerConfig) { *out = *in + out.TypeMeta = in.TypeMeta in.ServingInfo.DeepCopyInto(&out.ServingInfo) out.LeaderElection = in.LeaderElection out.Authentication = in.Authentication @@ -3830,22 +4054,18 @@ func (in *IntermediateTLSProfile) DeepCopy() *IntermediateTLSProfile { } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *KMSConfig) DeepCopyInto(out *KMSConfig) { +func (in *KMSPluginConfig) DeepCopyInto(out *KMSPluginConfig) { *out = *in - if in.AWS != nil { - in, out := &in.AWS, &out.AWS - *out = new(AWSKMSConfig) - **out = **in - } + out.Vault = in.Vault return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KMSConfig. -func (in *KMSConfig) DeepCopy() *KMSConfig { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KMSPluginConfig. +func (in *KMSPluginConfig) DeepCopy() *KMSPluginConfig { if in == nil { return nil } - out := new(KMSConfig) + out := new(KMSPluginConfig) in.DeepCopyInto(out) return out } @@ -4283,6 +4503,22 @@ func (in *NetworkMigration) DeepCopy() *NetworkMigration { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NetworkObservabilitySpec) DeepCopyInto(out *NetworkObservabilitySpec) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkObservabilitySpec. +func (in *NetworkObservabilitySpec) DeepCopy() *NetworkObservabilitySpec { + if in == nil { + return nil + } + out := new(NetworkObservabilitySpec) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *NetworkSpec) DeepCopyInto(out *NetworkSpec) { *out = *in @@ -4302,6 +4538,7 @@ func (in *NetworkSpec) DeepCopyInto(out *NetworkSpec) { (*in).DeepCopyInto(*out) } in.NetworkDiagnostics.DeepCopyInto(&out.NetworkDiagnostics) + out.NetworkObservability = in.NetworkObservability return } @@ -4847,6 +5084,13 @@ func (in *OIDCProvider) DeepCopyInto(out *OIDCProvider) { *out = make([]TokenUserValidationRule, len(*in)) copy(*out, *in) } + if in.ExternalClaimsSources != nil { + in, out := &in.ExternalClaimsSources, &out.ExternalClaimsSources + *out = make([]ExternalClaimsSource, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } return } @@ -6187,6 +6431,38 @@ func (in *SignatureStore) DeepCopy() *SignatureStore { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SourceURL) DeepCopyInto(out *SourceURL) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SourceURL. +func (in *SourceURL) DeepCopy() *SourceURL { + if in == nil { + return nil + } + out := new(SourceURL) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SourcedClaimMapping) DeepCopyInto(out *SourcedClaimMapping) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SourcedClaimMapping. +func (in *SourcedClaimMapping) DeepCopy() *SourcedClaimMapping { + if in == nil { + return nil + } + out := new(SourcedClaimMapping) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *Storage) DeepCopyInto(out *Storage) { *out = *in @@ -6245,6 +6521,11 @@ func (in *TLSProfileSpec) DeepCopyInto(out *TLSProfileSpec) { *out = make([]string, len(*in)) copy(*out, *in) } + if in.Groups != nil { + in, out := &in.Groups, &out.Groups + *out = make([]TLSGroup, len(*in)) + copy(*out, *in) + } return } @@ -6901,6 +7182,107 @@ func (in *VSpherePlatformVCenterSpec) DeepCopy() *VSpherePlatformVCenterSpec { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *VaultAppRoleAuthentication) DeepCopyInto(out *VaultAppRoleAuthentication) { + *out = *in + out.Secret = in.Secret + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VaultAppRoleAuthentication. +func (in *VaultAppRoleAuthentication) DeepCopy() *VaultAppRoleAuthentication { + if in == nil { + return nil + } + out := new(VaultAppRoleAuthentication) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *VaultAuthentication) DeepCopyInto(out *VaultAuthentication) { + *out = *in + out.AppRole = in.AppRole + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VaultAuthentication. +func (in *VaultAuthentication) DeepCopy() *VaultAuthentication { + if in == nil { + return nil + } + out := new(VaultAuthentication) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *VaultConfigMapReference) DeepCopyInto(out *VaultConfigMapReference) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VaultConfigMapReference. +func (in *VaultConfigMapReference) DeepCopy() *VaultConfigMapReference { + if in == nil { + return nil + } + out := new(VaultConfigMapReference) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *VaultKMSPluginConfig) DeepCopyInto(out *VaultKMSPluginConfig) { + *out = *in + out.TLS = in.TLS + out.Authentication = in.Authentication + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VaultKMSPluginConfig. +func (in *VaultKMSPluginConfig) DeepCopy() *VaultKMSPluginConfig { + if in == nil { + return nil + } + out := new(VaultKMSPluginConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *VaultSecretReference) DeepCopyInto(out *VaultSecretReference) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VaultSecretReference. +func (in *VaultSecretReference) DeepCopy() *VaultSecretReference { + if in == nil { + return nil + } + out := new(VaultSecretReference) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *VaultTLSConfig) DeepCopyInto(out *VaultTLSConfig) { + *out = *in + out.CABundle = in.CABundle + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VaultTLSConfig. +func (in *VaultTLSConfig) DeepCopy() *VaultTLSConfig { + if in == nil { + return nil + } + out := new(VaultTLSConfig) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *WebhookTokenAuthenticator) DeepCopyInto(out *WebhookTokenAuthenticator) { *out = *in diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/config/v1/zz_generated.featuregated-crd-manifests.yaml index ebf1713a16..5426057a88 100644 --- a/vendor/github.com/openshift/api/config/v1/zz_generated.featuregated-crd-manifests.yaml +++ b/vendor/github.com/openshift/api/config/v1/zz_generated.featuregated-crd-manifests.yaml @@ -7,7 +7,8 @@ apiservers.config.openshift.io: Category: "" FeatureGates: - KMSEncryption - - KMSEncryptionProvider + - TLSAdherence + - TLSGroupPreferences FilenameOperatorName: config-operator FilenameOperatorOrdering: "01" FilenameRunLevel: "0000_10" @@ -31,6 +32,7 @@ authentications.config.openshift.io: Category: "" FeatureGates: - ExternalOIDC + - ExternalOIDCExternalClaimsSourcing - ExternalOIDCWithUIDAndExtraClaimMappings - ExternalOIDCWithUpstreamParity FilenameOperatorName: config-operator @@ -68,6 +70,29 @@ builds.config.openshift.io: TopLevelFeatureGates: [] Version: v1 +criocredentialproviderconfigs.config.openshift.io: + Annotations: {} + ApprovedPRNumber: https://github.com/openshift/api/pull/2725 + CRDName: criocredentialproviderconfigs.config.openshift.io + Capability: "" + Category: "" + FeatureGates: + - CRIOCredentialProviderConfig + FilenameOperatorName: config-operator + FilenameOperatorOrdering: "01" + FilenameRunLevel: "0000_10" + GroupName: config.openshift.io + HasStatus: true + KindName: CRIOCredentialProviderConfig + Labels: {} + PluralName: criocredentialproviderconfigs + PrinterColumns: [] + Scope: Cluster + ShortNames: null + TopLevelFeatureGates: + - CRIOCredentialProviderConfig + Version: v1 + clusterimagepolicies.config.openshift.io: Annotations: {} ApprovedPRNumber: https://github.com/openshift/api/pull/2310 @@ -143,6 +168,9 @@ clusterversions.config.openshift.io: Capability: "" Category: "" FeatureGates: + - CRDCompatibilityRequirementOperator + - CRDCompatibilityRequirementOperator+ClusterAPIMachineManagement + - ClusterAPIMachineManagement - ClusterUpdateAcceptRisks - ClusterUpdatePreflight - ImageStreamImportMode @@ -205,7 +233,8 @@ dnses.config.openshift.io: CRDName: dnses.config.openshift.io Capability: "" Category: "" - FeatureGates: [] + FeatureGates: + - AWSEuropeanSovereignCloudInstall FilenameOperatorName: config-operator FilenameOperatorOrdering: "01" FilenameRunLevel: "0000_10" @@ -371,13 +400,12 @@ infrastructures.config.openshift.io: - AzureDualStackInstall - DualReplica - DyanmicServiceEndpointIBMCloud - - GCPClusterHostedDNSInstall - - HighlyAvailableArbiter - - HighlyAvailableArbiter+DualReplica + - MutableTopology - NutanixMultiSubnets - OnPremDNSRecords - VSphereHostVMGroupZonal - VSphereMultiNetworks + - VSphereMultiVCenterDay2 FilenameOperatorName: config-operator FilenameOperatorOrdering: "01" FilenameRunLevel: "0000_10" @@ -444,7 +472,8 @@ networks.config.openshift.io: CRDName: networks.config.openshift.io Capability: "" Category: "" - FeatureGates: [] + FeatureGates: + - NetworkObservabilityInstall FilenameOperatorName: config-operator FilenameOperatorOrdering: "01" FilenameRunLevel: "0000_10" diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.model_name.go b/vendor/github.com/openshift/api/config/v1/zz_generated.model_name.go new file mode 100644 index 0000000000..043c03ef5e --- /dev/null +++ b/vendor/github.com/openshift/api/config/v1/zz_generated.model_name.go @@ -0,0 +1,1566 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Code generated by codegen. DO NOT EDIT. + +package v1 + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in APIServer) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.APIServer" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in APIServerEncryption) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.APIServerEncryption" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in APIServerList) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.APIServerList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in APIServerNamedServingCert) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.APIServerNamedServingCert" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in APIServerServingCerts) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.APIServerServingCerts" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in APIServerSpec) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.APIServerSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in APIServerStatus) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.APIServerStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AWSDNSSpec) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.AWSDNSSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AWSIngressSpec) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.AWSIngressSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AWSPlatformSpec) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.AWSPlatformSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AWSPlatformStatus) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.AWSPlatformStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AWSResourceTag) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.AWSResourceTag" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AWSServiceEndpoint) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.AWSServiceEndpoint" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AcceptRisk) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.AcceptRisk" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AdmissionConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.AdmissionConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AdmissionPluginConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.AdmissionPluginConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AlibabaCloudPlatformSpec) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.AlibabaCloudPlatformSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AlibabaCloudPlatformStatus) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.AlibabaCloudPlatformStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AlibabaCloudResourceTag) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.AlibabaCloudResourceTag" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in Audit) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.Audit" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AuditConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.AuditConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AuditCustomRule) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.AuditCustomRule" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in Authentication) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.Authentication" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AuthenticationList) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.AuthenticationList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AuthenticationSpec) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.AuthenticationSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AuthenticationStatus) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.AuthenticationStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AzurePlatformSpec) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.AzurePlatformSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AzurePlatformStatus) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.AzurePlatformStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AzureResourceTag) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.AzureResourceTag" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in BareMetalPlatformLoadBalancer) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.BareMetalPlatformLoadBalancer" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in BareMetalPlatformSpec) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.BareMetalPlatformSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in BareMetalPlatformStatus) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.BareMetalPlatformStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in BasicAuthIdentityProvider) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.BasicAuthIdentityProvider" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in Build) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.Build" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in BuildDefaults) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.BuildDefaults" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in BuildList) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.BuildList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in BuildOverrides) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.BuildOverrides" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in BuildSpec) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.BuildSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in CRIOCredentialProviderConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.CRIOCredentialProviderConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in CRIOCredentialProviderConfigList) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.CRIOCredentialProviderConfigList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in CRIOCredentialProviderConfigSpec) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.CRIOCredentialProviderConfigSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in CRIOCredentialProviderConfigStatus) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.CRIOCredentialProviderConfigStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in CertInfo) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.CertInfo" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ClientConnectionOverrides) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ClientConnectionOverrides" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ClientCredentialConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ClientCredentialConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ClientSecretSecretReference) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ClientSecretSecretReference" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in CloudControllerManagerStatus) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.CloudControllerManagerStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in CloudLoadBalancerConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.CloudLoadBalancerConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in CloudLoadBalancerIPs) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.CloudLoadBalancerIPs" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ClusterCondition) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ClusterCondition" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ClusterImagePolicy) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ClusterImagePolicy" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ClusterImagePolicyList) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ClusterImagePolicyList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ClusterImagePolicySpec) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ClusterImagePolicySpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ClusterImagePolicyStatus) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ClusterImagePolicyStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ClusterNetworkEntry) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ClusterNetworkEntry" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ClusterOperator) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ClusterOperator" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ClusterOperatorList) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ClusterOperatorList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ClusterOperatorSpec) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ClusterOperatorSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ClusterOperatorStatus) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ClusterOperatorStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ClusterOperatorStatusCondition) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ClusterOperatorStatusCondition" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ClusterVersion) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ClusterVersion" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ClusterVersionCapabilitiesSpec) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ClusterVersionCapabilitiesSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ClusterVersionCapabilitiesStatus) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ClusterVersionCapabilitiesStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ClusterVersionList) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ClusterVersionList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ClusterVersionSpec) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ClusterVersionSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ClusterVersionStatus) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ClusterVersionStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ComponentOverride) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ComponentOverride" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ComponentRouteSpec) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ComponentRouteSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ComponentRouteStatus) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ComponentRouteStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ConditionalUpdate) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ConditionalUpdate" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ConditionalUpdateRisk) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ConditionalUpdateRisk" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ConfigMapFileReference) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ConfigMapFileReference" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ConfigMapNameReference) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ConfigMapNameReference" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in Console) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.Console" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ConsoleAuthentication) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ConsoleAuthentication" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ConsoleList) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ConsoleList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ConsoleSpec) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ConsoleSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ConsoleStatus) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ConsoleStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in Custom) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.Custom" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in CustomFeatureGates) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.CustomFeatureGates" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in CustomTLSProfile) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.CustomTLSProfile" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in DNS) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.DNS" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in DNSList) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.DNSList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in DNSPlatformSpec) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.DNSPlatformSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in DNSSpec) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.DNSSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in DNSStatus) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.DNSStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in DNSZone) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.DNSZone" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in DelegatedAuthentication) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.DelegatedAuthentication" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in DelegatedAuthorization) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.DelegatedAuthorization" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in DeprecatedWebhookTokenAuthenticator) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.DeprecatedWebhookTokenAuthenticator" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in EquinixMetalPlatformSpec) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.EquinixMetalPlatformSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in EquinixMetalPlatformStatus) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.EquinixMetalPlatformStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in EtcdConnectionInfo) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.EtcdConnectionInfo" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in EtcdStorageConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.EtcdStorageConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ExternalClaimsSource) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ExternalClaimsSource" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ExternalIPConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ExternalIPConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ExternalIPPolicy) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ExternalIPPolicy" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ExternalPlatformSpec) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ExternalPlatformSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ExternalPlatformStatus) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ExternalPlatformStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ExternalSourceAuthentication) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ExternalSourceAuthentication" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ExternalSourceCertificateAuthorityConfigMapReference) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ExternalSourceCertificateAuthorityConfigMapReference" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ExternalSourcePredicate) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ExternalSourcePredicate" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ExternalSourceTLS) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ExternalSourceTLS" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ExtraMapping) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ExtraMapping" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in FeatureGate) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.FeatureGate" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in FeatureGateAttributes) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.FeatureGateAttributes" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in FeatureGateDetails) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.FeatureGateDetails" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in FeatureGateList) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.FeatureGateList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in FeatureGateSelection) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.FeatureGateSelection" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in FeatureGateSpec) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.FeatureGateSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in FeatureGateStatus) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.FeatureGateStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in FeatureGateTests) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.FeatureGateTests" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in GCPPlatformSpec) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.GCPPlatformSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in GCPPlatformStatus) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.GCPPlatformStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in GCPResourceLabel) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.GCPResourceLabel" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in GCPResourceTag) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.GCPResourceTag" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in GatherConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.GatherConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in GathererConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.GathererConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in Gatherers) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.Gatherers" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in GenericAPIServerConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.GenericAPIServerConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in GenericControllerConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.GenericControllerConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in GitHubIdentityProvider) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.GitHubIdentityProvider" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in GitLabIdentityProvider) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.GitLabIdentityProvider" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in GoogleIdentityProvider) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.GoogleIdentityProvider" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in HTPasswdIdentityProvider) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.HTPasswdIdentityProvider" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in HTTPServingInfo) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.HTTPServingInfo" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in HubSource) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.HubSource" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in HubSourceStatus) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.HubSourceStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in IBMCloudPlatformSpec) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.IBMCloudPlatformSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in IBMCloudPlatformStatus) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.IBMCloudPlatformStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in IBMCloudServiceEndpoint) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.IBMCloudServiceEndpoint" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in IdentityProvider) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.IdentityProvider" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in IdentityProviderConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.IdentityProviderConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in Image) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.Image" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageContentPolicy) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ImageContentPolicy" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageContentPolicyList) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ImageContentPolicyList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageContentPolicySpec) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ImageContentPolicySpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageDigestMirrorSet) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ImageDigestMirrorSet" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageDigestMirrorSetList) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ImageDigestMirrorSetList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageDigestMirrorSetSpec) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ImageDigestMirrorSetSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageDigestMirrorSetStatus) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ImageDigestMirrorSetStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageDigestMirrors) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ImageDigestMirrors" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageLabel) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ImageLabel" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageList) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ImageList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImagePolicy) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ImagePolicy" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImagePolicyFulcioCAWithRekorRootOfTrust) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ImagePolicyFulcioCAWithRekorRootOfTrust" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImagePolicyList) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ImagePolicyList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImagePolicyPKIRootOfTrust) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ImagePolicyPKIRootOfTrust" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImagePolicyPublicKeyRootOfTrust) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ImagePolicyPublicKeyRootOfTrust" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImagePolicySpec) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ImagePolicySpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImagePolicyStatus) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ImagePolicyStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageSigstoreVerificationPolicy) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ImageSigstoreVerificationPolicy" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageSpec) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ImageSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageStatus) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ImageStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageTagMirrorSet) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ImageTagMirrorSet" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageTagMirrorSetList) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ImageTagMirrorSetList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageTagMirrorSetSpec) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ImageTagMirrorSetSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageTagMirrorSetStatus) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ImageTagMirrorSetStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageTagMirrors) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ImageTagMirrors" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in Infrastructure) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.Infrastructure" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in InfrastructureList) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.InfrastructureList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in InfrastructureSpec) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.InfrastructureSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in InfrastructureStatus) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.InfrastructureStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in Ingress) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.Ingress" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in IngressList) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.IngressList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in IngressPlatformSpec) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.IngressPlatformSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in IngressSpec) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.IngressSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in IngressStatus) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.IngressStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in InsightsDataGather) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.InsightsDataGather" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in InsightsDataGatherList) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.InsightsDataGatherList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in InsightsDataGatherSpec) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.InsightsDataGatherSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in IntermediateTLSProfile) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.IntermediateTLSProfile" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in KMSPluginConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.KMSPluginConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in KeystoneIdentityProvider) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.KeystoneIdentityProvider" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in KubeClientConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.KubeClientConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in KubevirtPlatformSpec) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.KubevirtPlatformSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in KubevirtPlatformStatus) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.KubevirtPlatformStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in LDAPAttributeMapping) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.LDAPAttributeMapping" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in LDAPIdentityProvider) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.LDAPIdentityProvider" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in LeaderElection) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.LeaderElection" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in LoadBalancer) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.LoadBalancer" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MTUMigration) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.MTUMigration" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MTUMigrationValues) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.MTUMigrationValues" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MaxAgePolicy) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.MaxAgePolicy" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ModernTLSProfile) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ModernTLSProfile" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NamedCertificate) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.NamedCertificate" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in Network) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.Network" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NetworkDiagnostics) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.NetworkDiagnostics" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NetworkDiagnosticsSourcePlacement) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.NetworkDiagnosticsSourcePlacement" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NetworkDiagnosticsTargetPlacement) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.NetworkDiagnosticsTargetPlacement" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NetworkList) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.NetworkList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NetworkMigration) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.NetworkMigration" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NetworkObservabilitySpec) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.NetworkObservabilitySpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NetworkSpec) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.NetworkSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NetworkStatus) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.NetworkStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in Node) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.Node" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NodeList) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.NodeList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NodeSpec) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.NodeSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NodeStatus) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.NodeStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NutanixFailureDomain) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.NutanixFailureDomain" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NutanixPlatformLoadBalancer) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.NutanixPlatformLoadBalancer" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NutanixPlatformSpec) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.NutanixPlatformSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NutanixPlatformStatus) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.NutanixPlatformStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NutanixPrismElementEndpoint) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.NutanixPrismElementEndpoint" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NutanixPrismEndpoint) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.NutanixPrismEndpoint" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NutanixResourceIdentifier) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.NutanixResourceIdentifier" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OAuth) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.OAuth" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OAuthList) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.OAuthList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OAuthRemoteConnectionInfo) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.OAuthRemoteConnectionInfo" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OAuthSpec) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.OAuthSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OAuthStatus) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.OAuthStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OAuthTemplates) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.OAuthTemplates" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OIDCClientConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.OIDCClientConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OIDCClientReference) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.OIDCClientReference" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OIDCClientStatus) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.OIDCClientStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OIDCProvider) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.OIDCProvider" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ObjectReference) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ObjectReference" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OldTLSProfile) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.OldTLSProfile" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OpenIDClaims) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.OpenIDClaims" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OpenIDIdentityProvider) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.OpenIDIdentityProvider" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OpenStackPlatformLoadBalancer) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.OpenStackPlatformLoadBalancer" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OpenStackPlatformSpec) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.OpenStackPlatformSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OpenStackPlatformStatus) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.OpenStackPlatformStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OperandVersion) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.OperandVersion" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OperatorHub) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.OperatorHub" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OperatorHubList) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.OperatorHubList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OperatorHubSpec) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.OperatorHubSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OperatorHubStatus) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.OperatorHubStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OvirtPlatformLoadBalancer) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.OvirtPlatformLoadBalancer" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OvirtPlatformSpec) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.OvirtPlatformSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OvirtPlatformStatus) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.OvirtPlatformStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PKICertificateSubject) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.PKICertificateSubject" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PersistentVolumeClaimReference) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.PersistentVolumeClaimReference" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PersistentVolumeConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.PersistentVolumeConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PlatformSpec) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.PlatformSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PlatformStatus) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.PlatformStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PolicyFulcioSubject) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.PolicyFulcioSubject" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PolicyIdentity) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.PolicyIdentity" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PolicyMatchExactRepository) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.PolicyMatchExactRepository" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PolicyMatchRemapIdentity) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.PolicyMatchRemapIdentity" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PolicyRootOfTrust) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.PolicyRootOfTrust" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PowerVSPlatformSpec) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.PowerVSPlatformSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PowerVSPlatformStatus) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.PowerVSPlatformStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PowerVSServiceEndpoint) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.PowerVSServiceEndpoint" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PrefixedClaimMapping) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.PrefixedClaimMapping" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ProfileCustomizations) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ProfileCustomizations" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in Project) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.Project" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ProjectList) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ProjectList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ProjectSpec) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ProjectSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ProjectStatus) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ProjectStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PromQLClusterCondition) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.PromQLClusterCondition" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in Proxy) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.Proxy" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ProxyList) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ProxyList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ProxySpec) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ProxySpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ProxyStatus) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ProxyStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in RegistryLocation) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.RegistryLocation" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in RegistrySources) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.RegistrySources" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in Release) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.Release" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in RemoteConnectionInfo) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.RemoteConnectionInfo" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in RepositoryDigestMirrors) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.RepositoryDigestMirrors" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in RequestHeaderIdentityProvider) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.RequestHeaderIdentityProvider" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in RequiredHSTSPolicy) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.RequiredHSTSPolicy" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in Scheduler) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.Scheduler" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in SchedulerList) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.SchedulerList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in SchedulerSpec) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.SchedulerSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in SchedulerStatus) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.SchedulerStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in SecretNameReference) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.SecretNameReference" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ServingInfo) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.ServingInfo" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in SignatureStore) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.SignatureStore" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in SourceURL) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.SourceURL" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in SourcedClaimMapping) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.SourcedClaimMapping" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in Storage) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.Storage" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in StringSource) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.StringSource" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in StringSourceSpec) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.StringSourceSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in TLSProfileSpec) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.TLSProfileSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in TLSSecurityProfile) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.TLSSecurityProfile" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in TemplateReference) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.TemplateReference" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in TestDetails) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.TestDetails" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in TestReporting) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.TestReporting" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in TestReportingSpec) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.TestReportingSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in TestReportingStatus) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.TestReportingStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in TokenClaimMapping) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.TokenClaimMapping" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in TokenClaimMappings) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.TokenClaimMappings" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in TokenClaimOrExpressionMapping) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.TokenClaimOrExpressionMapping" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in TokenClaimValidationCELRule) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.TokenClaimValidationCELRule" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in TokenClaimValidationRule) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.TokenClaimValidationRule" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in TokenConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.TokenConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in TokenIssuer) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.TokenIssuer" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in TokenRequiredClaim) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.TokenRequiredClaim" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in TokenUserValidationRule) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.TokenUserValidationRule" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in Update) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.Update" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in UpdateHistory) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.UpdateHistory" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in UsernameClaimMapping) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.UsernameClaimMapping" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in UsernamePrefix) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.UsernamePrefix" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in VSphereFailureDomainHostGroup) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.VSphereFailureDomainHostGroup" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in VSphereFailureDomainRegionAffinity) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.VSphereFailureDomainRegionAffinity" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in VSphereFailureDomainZoneAffinity) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.VSphereFailureDomainZoneAffinity" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in VSpherePlatformFailureDomainSpec) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.VSpherePlatformFailureDomainSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in VSpherePlatformLoadBalancer) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.VSpherePlatformLoadBalancer" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in VSpherePlatformNodeNetworking) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.VSpherePlatformNodeNetworking" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in VSpherePlatformNodeNetworkingSpec) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.VSpherePlatformNodeNetworkingSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in VSpherePlatformSpec) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.VSpherePlatformSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in VSpherePlatformStatus) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.VSpherePlatformStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in VSpherePlatformTopology) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.VSpherePlatformTopology" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in VSpherePlatformVCenterSpec) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.VSpherePlatformVCenterSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in VaultAppRoleAuthentication) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.VaultAppRoleAuthentication" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in VaultAuthentication) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.VaultAuthentication" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in VaultConfigMapReference) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.VaultConfigMapReference" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in VaultKMSPluginConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.VaultKMSPluginConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in VaultSecretReference) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.VaultSecretReference" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in VaultTLSConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.VaultTLSConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in WebhookTokenAuthenticator) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1.WebhookTokenAuthenticator" +} diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go index 3c9c96b7bc..b321d3d7e1 100644 --- a/vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go @@ -137,7 +137,7 @@ func (GenericAPIServerConfig) SwaggerDoc() map[string]string { } var map_GenericControllerConfig = map[string]string{ - "": "GenericControllerConfig provides information to configure a controller", + "": "GenericControllerConfig provides information to configure a controller\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", "servingInfo": "servingInfo is the HTTP serving information for the controller's endpoints", "leaderElection": "leaderElection provides information to elect a leader. Only override this if you have a specific need", "authentication": "authentication allows configuration of authentication for the endpoints", @@ -319,6 +319,7 @@ var map_APIServerSpec = map[string]string{ "additionalCORSAllowedOrigins": "additionalCORSAllowedOrigins lists additional, user-defined regular expressions describing hosts for which the API server allows access using the CORS headers. This may be needed to access the API and the integrated OAuth server from JavaScript applications. The values are regular expressions that correspond to the Golang regular expression language.", "encryption": "encryption allows the configuration of encryption of resources at the datastore layer.", "tlsSecurityProfile": "tlsSecurityProfile specifies settings for TLS connections for externally exposed servers.\n\nWhen omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default is the Intermediate profile.", + "tlsAdherence": "tlsAdherence controls if components in the cluster adhere to the TLS security profile configured on this APIServer resource.\n\nValid values are \"LegacyAdheringComponentsOnly\" and \"StrictAllComponents\".\n\nWhen set to \"LegacyAdheringComponentsOnly\", components that already honor the cluster-wide TLS profile continue to do so. Components that do not already honor it continue to use their individual TLS configurations.\n\nWhen set to \"StrictAllComponents\", all components must honor the configured TLS profile unless they have a component-specific TLS configuration that overrides it. This mode is recommended for security-conscious deployments and is required for certain compliance frameworks.\n\nNote: Some components such as Kubelet and IngressController have their own dedicated TLS configuration mechanisms via KubeletConfig and IngressController CRs respectively. When these component-specific TLS configurations are set, they take precedence over the cluster-wide tlsSecurityProfile. When not set, these components fall back to the cluster-wide default.\n\nComponents that encounter an unknown value for tlsAdherence should treat it as \"StrictAllComponents\" and log a warning to ensure forward compatibility while defaulting to the more secure behavior.\n\nThis field is optional. When omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. The current default is LegacyAdheringComponentsOnly.\n\nOnce set, this field may be changed to a different value, but may not be removed.", "audit": "audit specifies the settings for audit configuration to be applied to all OpenShift-provided API servers in the cluster.", } @@ -387,6 +388,28 @@ func (AuthenticationStatus) SwaggerDoc() map[string]string { return map_AuthenticationStatus } +var map_ClientCredentialConfig = map[string]string{ + "": "ClientCredentialConfig configures the client credentials and token endpoint to use to get an access token via the OAuth2 client credentials grant flow.", + "clientID": "clientID is a required client identifier to use during the OAuth2 client credentials flow. clientID must be at least 1 character in length, must not exceed 256 characters in length, and must only contain printable ASCII characters.", + "clientSecret": "clientSecret is a required reference to a Secret in the openshift-config namespace to be used as the client secret during the OAuth2 client credentials flow.\n\nThe key 'client-secret' is used to locate the client secret data in the Secret.", + "tokenEndpoint": "tokenEndpoint is a required URL to query for an access token using the client credential OAuth2 flow. tokenEndpoint must be at least 1 character in length and must not exceed 2048 characters in length. tokenEndpoint must be a valid HTTPS URL. tokenEndpoint must have a host and a path. tokenEndpoint must not contain query parameters, fragments, or user information (e.g., \"user:password@host\").", + "scopes": "scopes is an optional list of OAuth2 scopes to request when obtaining an access token.\n\nIf not specified, the token endpoint's default scopes will be used.\n\nWhen specified, there must be at least 1 entry and must not exceed 16 entries. Each entry must be at least 1 character in length and must not exceed 256 characters in length. Each entry must only contain printable ASCII characters, excluding spaces, double quotes and backslashes. Entries must be unique.", + "tls": "tls is an optional field that allows configuring the TLS settings used to interact with the identity provider as an OAuth2 client.\n\nWhen omitted, system default TLS settings will be used for the OAuth2 client.", +} + +func (ClientCredentialConfig) SwaggerDoc() map[string]string { + return map_ClientCredentialConfig +} + +var map_ClientSecretSecretReference = map[string]string{ + "": "ClientSecretSecretReference is a reference to a Secret in the openshift-config namespace that should be used for configuring the client secret to be used when sourcing claims from external sources with the client credential authentication flow.", + "name": "name is the required name of the Secret that exists in the openshift-config namespace.\n\nIt must be at least 1 character in length, must not exceed 253 characters in length, must start and end with a lowercase alphanumeric character, and must only contain lowercase alphanumeric characters, '-' or '.'.", +} + +func (ClientSecretSecretReference) SwaggerDoc() map[string]string { + return map_ClientSecretSecretReference +} + var map_DeprecatedWebhookTokenAuthenticator = map[string]string{ "": "deprecatedWebhookTokenAuthenticator holds the necessary configuration options for a remote token authenticator. It's the same as WebhookTokenAuthenticator but it's missing the 'required' validation on KubeConfig field.", "kubeConfig": "kubeConfig contains kube config file data which describes how to access the remote webhook service. For further details, see: https://kubernetes.io/docs/reference/access-authn-authz/authentication/#webhook-token-authentication The key \"kubeConfig\" is used to locate the data. If the secret or expected key is not found, the webhook is not honored. If the specified kube config data is not valid, the webhook is not honored. The namespace for this secret is determined by the point of use.", @@ -396,6 +419,56 @@ func (DeprecatedWebhookTokenAuthenticator) SwaggerDoc() map[string]string { return map_DeprecatedWebhookTokenAuthenticator } +var map_ExternalClaimsSource = map[string]string{ + "": "ExternalClaimsSource provides the configuration for a single external claim source.", + "authentication": "authentication is an optional field that configures how the apiserver authenticates with an external claims source. When not specified, anonymous authentication is used which means no 'Authorization' header is sent in the HTTP request to fetch the external claims.", + "tls": "tls is an optional field that configures the http client TLS settings when fetching external claims from this source.\n\nWhen omitted, system default TLS settings will be used for fetching claims from the external source.", + "url": "url is a required configuration of the URL for which the external claims are located.", + "mappings": "mappings is a required list of the claim and response handling expression pairs that produces the claims from the external source. mappings must have at least 1 entry and must not exceed 16 entries. Entries must have a unique name across all external claim sources.", + "predicates": "predicates is an optional list of constraints in which claims should attempt to be fetched from this external source.\n\nWhen omitted, claims are always fetched from this external source.\n\nWhen specified, all predicates must evaluate to 'true' before claims are attempted to be fetched from this external source. predicates must have at least 1 entry and must not exceed 16 entries. Entries must have unique expressions.", +} + +func (ExternalClaimsSource) SwaggerDoc() map[string]string { + return map_ExternalClaimsSource +} + +var map_ExternalSourceAuthentication = map[string]string{ + "": "ExternalSourceAuthentication configures how the apiserver should attempt to authenticate with an external claims source.", + "type": "type is a required field that sets the type of authentication method used by the authenticator when fetching external claims.\n\nAllowed values are 'RequestProvidedToken' and 'ClientCredential'.\n\nWhen set to 'RequestProvidedToken', the authenticator will use the token provided to the kube-apiserver as part of the request to authenticate with the external claims source.\n\nWhen set to 'ClientCredential', the authenticator will use the configured client-id, client-secret, and token endpoint to fetch an access token using the OAuth2 client credentials grant flow. The fetched access token will then be used to authenticate with the external claims source.", + "clientCredential": "clientCredential configures the client credentials and token endpoint to use to get an access token. clientCredential is required when type is 'ClientCredential', and forbidden otherwise.", +} + +func (ExternalSourceAuthentication) SwaggerDoc() map[string]string { + return map_ExternalSourceAuthentication +} + +var map_ExternalSourceCertificateAuthorityConfigMapReference = map[string]string{ + "": "ExternalSourceCertificateAuthorityConfigMapReference is a reference to a ConfigMap in the openshift-config namespace that should be used for configuring the certificate authority to be used when sourcing claims from external sources.", + "name": "name is the required name of the ConfigMap that exists in the openshift-config namespace. The key \"ca-bundle.crt\" must be present and must contain the CA certificate to be used to verify the external source's TLS certificate.\n\nIt must be at least 1 character in length, must not exceed 253 characters in length, must start and end with a lowercase alphanumeric character, and must only contain lowercase alphanumeric characters, '-' or '.'.", +} + +func (ExternalSourceCertificateAuthorityConfigMapReference) SwaggerDoc() map[string]string { + return map_ExternalSourceCertificateAuthorityConfigMapReference +} + +var map_ExternalSourcePredicate = map[string]string{ + "": "ExternalSourcePredicate configures a singular condition that must return true before the external source is queried to retrieve external claims.", + "expression": "expression is a required CEL expression that is used to determine whether or not an external source should be used to fetch external claims.\n\nThe expression must return a boolean value, where true means that the source should be consulted and false means that it should not.\n\nClaims from the token used for the request to the kube-apiserver are made available via the `claims` variable.\n\nThe contents of the `claims` variable varies based on the claims that are present in the token being validated. It is the responsibility of those configuring this field to understand what claims the identity provider includes when issuing tokens.\n\nexpression must be at least 1 character and must not exceed 1024 characters in length.", +} + +func (ExternalSourcePredicate) SwaggerDoc() map[string]string { + return map_ExternalSourcePredicate +} + +var map_ExternalSourceTLS = map[string]string{ + "": "ExternalSourceTLS configures the TLS options that the apiserver uses as a client when making a request to the external claim source.", + "certificateAuthority": "certificateAuthority is a required reference to a ConfigMap in the openshift-config namespace that contains the CA certificate to use to validate TLS connections with the external claims source. The key \"ca-bundle.crt\" must be present in the referenced ConfigMap and must contain the CA certificate to be used to verify the external source's TLS certificate.", +} + +func (ExternalSourceTLS) SwaggerDoc() map[string]string { + return map_ExternalSourceTLS +} + var map_ExtraMapping = map[string]string{ "": "ExtraMapping allows specifying a key and CEL expression to evaluate the keys' value. It is used to create additional mappings and attributes added to a cluster identity from a provided authentication token.", "key": "key is a required field that specifies the string to use as the extra attribute key.\n\nkey must be a domain-prefix path (e.g 'example.org/foo'). key must not exceed 510 characters in length. key must contain the '/' character, separating the domain and path characters. key must not be empty.\n\nThe domain portion of the key (string of characters prior to the '/') must be a valid RFC1123 subdomain. It must not exceed 253 characters in length. It must start and end with an alphanumeric character. It must only contain lower case alphanumeric characters and '-' or '.'. It must not use the reserved domains, or be subdomains of, \"kubernetes.io\", \"k8s.io\", and \"openshift.io\".\n\nThe path portion of the key (string of characters after the '/') must not be empty and must consist of at least one alphanumeric character, percent-encoded octets, '-', '.', '_', '~', '!', '$', '&', ''', '(', ')', '*', '+', ',', ';', '=', and ':'. It must not exceed 256 characters in length.", @@ -444,12 +517,13 @@ func (OIDCClientStatus) SwaggerDoc() map[string]string { } var map_OIDCProvider = map[string]string{ - "name": "name is a required field that configures the unique human-readable identifier associated with the identity provider. It is used to distinguish between multiple identity providers and has no impact on token validation or authentication mechanics.\n\nname must not be an empty string (\"\").", - "issuer": "issuer is a required field that configures how the platform interacts with the identity provider and how tokens issued from the identity provider are evaluated by the Kubernetes API server.", - "oidcClients": "oidcClients is an optional field that configures how on-cluster, platform clients should request tokens from the identity provider. oidcClients must not exceed 20 entries and entries must have unique namespace/name pairs.", - "claimMappings": "claimMappings is a required field that configures the rules to be used by the Kubernetes API server for translating claims in a JWT token, issued by the identity provider, to a cluster identity.", - "claimValidationRules": "claimValidationRules is an optional field that configures the rules to be used by the Kubernetes API server for validating the claims in a JWT token issued by the identity provider.\n\nValidation rules are joined via an AND operation.", - "userValidationRules": "userValidationRules is an optional field that configures the set of rules used to validate the cluster user identity that was constructed via mapping token claims to user identity attributes. Rules are CEL expressions that must evaluate to 'true' for authentication to succeed. If any rule in the chain of rules evaluates to 'false', authentication will fail. When specified, at least one rule must be specified and no more than 64 rules may be specified.", + "name": "name is a required field that configures the unique human-readable identifier associated with the identity provider. It is used to distinguish between multiple identity providers and has no impact on token validation or authentication mechanics.\n\nname must not be an empty string (\"\").", + "issuer": "issuer is a required field that configures how the platform interacts with the identity provider and how tokens issued from the identity provider are evaluated by the Kubernetes API server.", + "oidcClients": "oidcClients is an optional field that configures how on-cluster, platform clients should request tokens from the identity provider. oidcClients must not exceed 20 entries and entries must have unique namespace/name pairs.", + "claimMappings": "claimMappings is a required field that configures the rules to be used by the Kubernetes API server for translating claims in a JWT token, issued by the identity provider, to a cluster identity.", + "claimValidationRules": "claimValidationRules is an optional field that configures the rules to be used by the Kubernetes API server for validating the claims in a JWT token issued by the identity provider.\n\nValidation rules are joined via an AND operation.", + "userValidationRules": "userValidationRules is an optional field that configures the set of rules used to validate the cluster user identity that was constructed via mapping token claims to user identity attributes. Rules are CEL expressions that must evaluate to 'true' for authentication to succeed. If any rule in the chain of rules evaluates to 'false', authentication will fail. When specified, at least one rule must be specified and no more than 64 rules may be specified.", + "externalClaimsSources": "externalClaimsSources is an optional field that can be used to configure sources, external to the token provided in a request, in which claims should be fetched from and made available to the claim mapping process that is used to build the identity of a token holder.\n\nFor example, fetching additional user metadata from an OIDC provider's UserInfo endpoint.\n\nWhen not specified, only claims present in the token itself will be available in the claim mapping process.\n\nWhen specified, at least one external claim source must be specified and no more than 5 sources may be specified. All external claim sources must have unique claim mappings. When an external source responds and resolves additional claims successfully, they will be made available as claims during the claim mapping process. Externally sourced claims with the same name as a claim existing within the token will overwrite the claim data from the token with the externally sourced information. If an external source does not respond, responds with an error, or the additional claim data cannot be resolved from the response successfully it will not be included in the claim data passed to the claim mapping process.", } func (OIDCProvider) SwaggerDoc() map[string]string { @@ -458,13 +532,33 @@ func (OIDCProvider) SwaggerDoc() map[string]string { var map_PrefixedClaimMapping = map[string]string{ "": "PrefixedClaimMapping configures a claim mapping that allows for an optional prefix.", - "prefix": "prefix is an optional field that configures the prefix that will be applied to the cluster identity attribute during the process of mapping JWT claims to cluster identity attributes.\n\nWhen omitted (\"\"), no prefix is applied to the cluster identity attribute.\n\nExample: if `prefix` is set to \"myoidc:\" and the `claim` in JWT contains an array of strings \"a\", \"b\" and \"c\", the mapping will result in an array of string \"myoidc:a\", \"myoidc:b\" and \"myoidc:c\".", + "prefix": "prefix is an optional field that configures the prefix that will be applied to the cluster identity attribute during the process of mapping JWT claims to cluster identity attributes.\n\nWhen omitted or set to an empty string (\"\"), no prefix is applied to the cluster identity attribute. Must not be set to a non-empty value when expression is set.\n\nExample: if `prefix` is set to \"myoidc:\" and the `claim` in JWT contains an array of strings \"a\", \"b\" and \"c\", the mapping will result in an array of string \"myoidc:a\", \"myoidc:b\" and \"myoidc:c\".", } func (PrefixedClaimMapping) SwaggerDoc() map[string]string { return map_PrefixedClaimMapping } +var map_SourceURL = map[string]string{ + "": "SourceURL configures the options used to build the URL that is queried for external claims.", + "hostname": "hostname is a required hostname for which the external claims are located.\n\nIt must be a valid DNS subdomain name as per RFC1123.\n\nThis means that it must start and end with a lowercase alphanumeric character, must only consist of lowercase alphanumeric characters, '-', and '.'. hostname may optionally specify a port in the format ':{port}'. If a port is specified it must not exceed 65535.\n\nhostname must be at least 1 character in length. When specifying a port, hostname must not exceed 259 characters in length. When not specifying a port, hostname must not exceed 253 characters in length.", + "pathExpression": "pathExpression is a required CEL expression that returns a list of string values used to construct the URL path. Claims from the token used for the request to the kube-apiserver are made available via the `claims` variable. expression must be at least 1 character in length and must not exceed 1024 characters in length.\n\nValues in the returned list will be joined with the hostname using a forward slash (`/`) as a separator. Values in the returned list do not need to include the forward slash. If a forward slash is included in a returned value, it will be encoded as `%2F`.\n\nExample of a static path configuration:\n\n pathExpression: ['realms', 'k8s', 'protocol', 'openid-connect', 'userinfo']\n\nThe above example would resolve to the path: '/realms/k8s/protocol/openid-connect/userinfo'\n\nExample of a dynamic path configuration:\n\n pathExpression: \"['admin', 'realms', 'k8s', 'users'] + [claims.sub] + ['groups']\"\n\nAssuming 'claims.sub' is set to '12345', the above example would resolve to the path: '/admin/realms/k8s/users/12345/groups'", +} + +func (SourceURL) SwaggerDoc() map[string]string { + return map_SourceURL +} + +var map_SourcedClaimMapping = map[string]string{ + "": "SourcedClaimMapping configures the mapping behavior for a single external claim from the response the apiserver received from the external claim source.", + "name": "name is a required name of the claim that will be produced and made available during the claim-to-identity mapping process. name must consist of only lowercase alpha characters and underscores ('_'). name must be at least 1 character and must not exceed 256 characters in length.", + "expression": "expression is a required CEL expression that will produce a value to be assigned to the claim. The full response body from the request to the external claim source is provided via the `response.body` variable.\n\nThe contents of the `response.body` variable varies based on the response received from the external source. It is the responsibility of those configuring this expression to understand what is returned from the external source.\n\nexpression must be at least 1 character and must not exceed 1024 characters in length.", +} + +func (SourcedClaimMapping) SwaggerDoc() map[string]string { + return map_SourcedClaimMapping +} + var map_TokenClaimMapping = map[string]string{ "": "TokenClaimMapping allows specifying a JWT token claim to be used when mapping claims from an authentication token to cluster identities.", "claim": "claim is an optional field for specifying the JWT token claim that is used in the mapping. The value of this claim will be assigned to the field in which this mapping is associated. claim must not exceed 256 characters in length. When set to the empty string `\"\"`, this means that no named claim should be used for the group mapping. claim is required when the ExternalOIDCWithUpstreamParity feature gate is not enabled.", @@ -549,7 +643,7 @@ func (TokenUserValidationRule) SwaggerDoc() map[string]string { var map_UsernameClaimMapping = map[string]string{ "claim": "claim is an optional field that configures the JWT token claim whose value is assigned to the cluster identity field associated with this mapping. claim is required when the ExternalOIDCWithUpstreamParity feature gate is not enabled. When the ExternalOIDCWithUpstreamParity feature gate is enabled, claim must not be set when expression is set.\n\nclaim must not be an empty string (\"\") and must not exceed 256 characters.", "expression": "expression is an optional CEL expression used to derive the username from JWT claims.\n\nCEL expressions have access to the token claims through a CEL variable, 'claims'.\n\nexpression must be at least 1 character and must not exceed 1024 characters in length. expression must not be set when claim is set.", - "prefixPolicy": "prefixPolicy is an optional field that configures how a prefix should be applied to the value of the JWT claim specified in the 'claim' field.\n\nAllowed values are 'Prefix', 'NoPrefix', and omitted (not provided or an empty string).\n\nWhen set to 'Prefix', the value specified in the prefix field will be prepended to the value of the JWT claim.\n\nThe prefix field must be set when prefixPolicy is 'Prefix'.\n\nWhen set to 'NoPrefix', no prefix will be prepended to the value of the JWT claim.\n\nWhen omitted, this means no opinion and the platform is left to choose any prefixes that are applied which is subject to change over time. Currently, the platform prepends `{issuerURL}#` to the value of the JWT claim when the claim is not 'email'.\n\nAs an example, consider the following scenario:\n\n `prefix` is unset, `issuerURL` is set to `https://myoidc.tld`,\n the JWT claims include \"username\":\"userA\" and \"email\":\"userA@myoidc.tld\",\n and `claim` is set to:\n - \"username\": the mapped value will be \"https://myoidc.tld#userA\"\n - \"email\": the mapped value will be \"userA@myoidc.tld\"", + "prefixPolicy": "prefixPolicy is an optional field that configures how a prefix should be applied to the value of the JWT claim specified in the 'claim' field.\n\nAllowed values are 'Prefix', 'NoPrefix', and omitted (not provided or an empty string).\n\nWhen set to 'Prefix', the value specified in the prefix field will be prepended to the value of the JWT claim. The prefix field must be set when prefixPolicy is 'Prefix'. Must not be set to 'Prefix' when expression is set. When set to 'NoPrefix', no prefix will be prepended to the value of the JWT claim. When omitted, this means no opinion and the platform is left to choose any prefixes that are applied which is subject to change over time. Currently, the platform prepends `{issuerURL}#` to the value of the JWT claim when the claim is not 'email'.\n\nAs an example, consider the following scenario:\n\n `prefix` is unset, `issuerURL` is set to `https://myoidc.tld`,\n the JWT claims include \"username\":\"userA\" and \"email\":\"userA@myoidc.tld\",\n and `claim` is set to:\n - \"username\": the mapped value will be \"https://myoidc.tld#userA\"\n - \"email\": the mapped value will be \"userA@myoidc.tld\"", "prefix": "prefix configures the prefix that should be prepended to the value of the JWT claim.\n\nprefix must be set when prefixPolicy is set to 'Prefix' and must be unset otherwise.", } @@ -985,9 +1079,47 @@ func (ConsoleStatus) SwaggerDoc() map[string]string { return map_ConsoleStatus } +var map_CRIOCredentialProviderConfig = map[string]string{ + "": "CRIOCredentialProviderConfig holds cluster-wide singleton resource configurations for CRI-O credential provider, the name of this instance is \"cluster\". CRI-O credential provider is a binary shipped with CRI-O that provides a way to obtain container image pull credentials from external sources. For example, it can be used to fetch mirror registry credentials from secrets resources in the cluster within the same namespace the pod will be running in. CRIOCredentialProviderConfig configuration specifies the pod image sources registries that should trigger the CRI-O credential provider execution, which will resolve the CRI-O mirror configurations and obtain the necessary credentials for pod creation. Note: Configuration changes will only take effect after the kubelet restarts, which is automatically managed by the cluster during rollout.\n\nThe resource is a singleton named \"cluster\".\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", + "metadata": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", + "spec": "spec defines the desired configuration of the CRI-O Credential Provider. This field is required and must be provided when creating the resource.", + "status": "status represents the current state of the CRIOCredentialProviderConfig. When omitted or nil, it indicates that the status has not yet been set by the controller. The controller will populate this field with validation conditions and operational state.", +} + +func (CRIOCredentialProviderConfig) SwaggerDoc() map[string]string { + return map_CRIOCredentialProviderConfig +} + +var map_CRIOCredentialProviderConfigList = map[string]string{ + "": "CRIOCredentialProviderConfigList contains a list of CRIOCredentialProviderConfig resources\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", + "metadata": "metadata is the standard list's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", +} + +func (CRIOCredentialProviderConfigList) SwaggerDoc() map[string]string { + return map_CRIOCredentialProviderConfigList +} + +var map_CRIOCredentialProviderConfigSpec = map[string]string{ + "": "CRIOCredentialProviderConfigSpec defines the desired configuration of the CRI-O Credential Provider.", + "matchImages": "matchImages is a list of string patterns used to determine whether the CRI-O credential provider should be invoked for a given image. This list is passed to the kubelet CredentialProviderConfig, and if any pattern matches the requested image, CRI-O credential provider will be invoked to obtain credentials for pulling that image or its mirrors. Depending on the platform, the CRI-O credential provider may be installed alongside an existing platform specific provider. Conflicts between the existing platform specific provider image match configuration and this list will be handled by the following precedence rule: credentials from built-in kubelet providers (e.g., ECR, GCR, ACR) take precedence over those from the CRIOCredentialProviderConfig when both match the same image. To avoid uncertainty, it is recommended to avoid configuring your private image patterns to overlap with existing platform specific provider config(e.g., the entries from https://github.com/openshift/machine-config-operator/blob/main/templates/common/aws/files/etc-kubernetes-credential-providers-ecr-credential-provider.yaml). You can check the resource's Status conditions to see if any entries were ignored due to exact matches with known built-in provider patterns.\n\nThis field is optional, the items of the list must contain between 1 and 50 entries. The list is treated as a set, so duplicate entries are not allowed.\n\nFor more details, see: https://kubernetes.io/docs/tasks/administer-cluster/kubelet-credential-provider/ https://github.com/cri-o/crio-credential-provider#architecture\n\nEach entry in matchImages is a pattern which can optionally contain a port and a path. Each entry must be no longer than 512 characters. Wildcards ('*') are supported for full subdomain labels, such as '*.k8s.io' or 'k8s.*.io', and for top-level domains, such as 'k8s.*' (which matches 'k8s.io' or 'k8s.net'). A global wildcard '*' (matching any domain) is not allowed. Wildcards may replace an entire hostname label (e.g., *.example.com), but they cannot appear within a label (e.g., f*oo.example.com) and are not allowed in the port or path. For example, 'example.*.com' is valid, but 'exa*mple.*.com' is not. Each wildcard matches only a single domain label, so '*.io' does **not** match '*.k8s.io'.\n\nA match exists between an image and a matchImage when all of the below are true: Both contain the same number of domain parts and each part matches. The URL path of an matchImages must be a prefix of the target image URL path. If the matchImages contains a port, then the port must match in the image as well.\n\nExample values of matchImages: - 123456789.dkr.ecr.us-east-1.amazonaws.com - *.azurecr.io - gcr.io - *.*.registry.io - registry.io:8080/path", +} + +func (CRIOCredentialProviderConfigSpec) SwaggerDoc() map[string]string { + return map_CRIOCredentialProviderConfigSpec +} + +var map_CRIOCredentialProviderConfigStatus = map[string]string{ + "": "CRIOCredentialProviderConfigStatus defines the observed state of CRIOCredentialProviderConfig", + "conditions": "conditions represent the latest available observations of the configuration state. When omitted, it indicates that no conditions have been reported yet. The maximum number of conditions is 16. Conditions are stored as a map keyed by condition type, ensuring uniqueness.\n\nExpected condition types include: \"Validated\": indicates whether the matchImages configuration is valid", +} + +func (CRIOCredentialProviderConfigStatus) SwaggerDoc() map[string]string { + return map_CRIOCredentialProviderConfigStatus +} + var map_AWSDNSSpec = map[string]string{ "": "AWSDNSSpec contains DNS configuration specific to the Amazon Web Services cloud provider.", - "privateZoneIAMRole": "privateZoneIAMRole contains the ARN of an IAM role that should be assumed when performing operations on the cluster's private hosted zone specified in the cluster DNS config. When left empty, no role should be assumed.", + "privateZoneIAMRole": "privateZoneIAMRole contains the ARN of an IAM role that should be assumed when performing operations on the cluster's private hosted zone specified in the cluster DNS config. When left empty, no role should be assumed.\n\nThe ARN must follow the format: arn::iam:::role/, where: is the AWS partition (aws, aws-cn, aws-us-gov, or aws-eusc), is a 12-digit numeric identifier for the AWS account, is the IAM role name.", } func (AWSDNSSpec) SwaggerDoc() map[string]string { @@ -1164,9 +1296,9 @@ func (RegistryLocation) SwaggerDoc() map[string]string { var map_RegistrySources = map[string]string{ "": "RegistrySources holds cluster-wide information about how to handle the registries config.", - "insecureRegistries": "insecureRegistries are registries which do not have a valid TLS certificates or only support HTTP connections.", - "blockedRegistries": "blockedRegistries cannot be used for image pull and push actions. All other registries are permitted.\n\nOnly one of BlockedRegistries or AllowedRegistries may be set.", - "allowedRegistries": "allowedRegistries are the only registries permitted for image pull and push actions. All other registries are denied.\n\nOnly one of BlockedRegistries or AllowedRegistries may be set.", + "insecureRegistries": "insecureRegistries are registries which do not have a valid TLS certificates or only support HTTP connections. Each entry must be a valid registry scope in the format hostname[:port][/path], optionally prefixed with \"*.\" for wildcard subdomains (e.g., \"*.example.com\"). The hostname must consist of valid DNS labels separated by dots, where each label contains only alphanumeric characters and hyphens and does not start or end with a hyphen. Entries must not be empty, must not include tags (e.g., \":latest\") or digests (e.g., \"@sha256:...\"), and must be at most 256 characters in length. The list may contain at most 1024 entries.", + "blockedRegistries": "blockedRegistries cannot be used for image pull and push actions. All other registries are permitted. Each entry must be a valid registry scope in the format hostname[:port][/path], optionally prefixed with \"*.\" for wildcard subdomains (e.g., \"*.example.com\"). The hostname must consist of valid DNS labels separated by dots, where each label contains only alphanumeric characters and hyphens and does not start or end with a hyphen. Entries must not be empty, must not include tags (e.g., \":latest\") or digests (e.g., \"@sha256:...\"), and must be at most 256 characters in length. The list may contain at most 1024 entries.\n\nOnly one of BlockedRegistries or AllowedRegistries may be set.", + "allowedRegistries": "allowedRegistries are the only registries permitted for image pull and push actions. All other registries are denied. Each entry must be a valid registry scope in the format hostname[:port][/path], optionally prefixed with \"*.\" for wildcard subdomains (e.g., \"*.example.com\"). The hostname must consist of valid DNS labels separated by dots, where each label contains only alphanumeric characters and hyphens and does not start or end with a hyphen. Entries must not be empty, must not include tags (e.g., \":latest\") or digests (e.g., \"@sha256:...\"), and must be at most 256 characters in length. The list may contain at most 1024 entries.\n\nOnly one of BlockedRegistries or AllowedRegistries may be set.", "containerRuntimeSearchRegistries": "containerRuntimeSearchRegistries are registries that will be searched when pulling images that do not have fully qualified domains in their pull specs. Registries will be searched in the order provided in the list. Note: this search list only works with the container runtime, i.e CRI-O. Will NOT work with builds or imagestream imports.", } @@ -1736,9 +1868,10 @@ func (InfrastructureList) SwaggerDoc() map[string]string { } var map_InfrastructureSpec = map[string]string{ - "": "InfrastructureSpec contains settings that apply to the cluster infrastructure.", - "cloudConfig": "cloudConfig is a reference to a ConfigMap containing the cloud provider configuration file. This configuration file is used to configure the Kubernetes cloud provider integration when using the built-in cloud provider integration or the external cloud controller manager. The namespace for this config map is openshift-config.\n\ncloudConfig should only be consumed by the kube_cloud_config controller. The controller is responsible for using the user configuration in the spec for various platforms and combining that with the user provided ConfigMap in this field to create a stitched kube cloud config. The controller generates a ConfigMap `kube-cloud-config` in `openshift-config-managed` namespace with the kube cloud config is stored in `cloud.conf` key. All the clients are expected to use the generated ConfigMap only.", - "platformSpec": "platformSpec holds desired information specific to the underlying infrastructure provider.", + "": "InfrastructureSpec contains settings that apply to the cluster infrastructure.", + "cloudConfig": "cloudConfig is a reference to a ConfigMap containing the cloud provider configuration file. This configuration file is used to configure the Kubernetes cloud provider integration when using the built-in cloud provider integration or the external cloud controller manager. The namespace for this config map is openshift-config.\n\ncloudConfig should only be consumed by the kube_cloud_config controller. The controller is responsible for using the user configuration in the spec for various platforms and combining that with the user provided ConfigMap in this field to create a stitched kube cloud config. The controller generates a ConfigMap `kube-cloud-config` in `openshift-config-managed` namespace with the kube cloud config is stored in `cloud.conf` key. All the clients are expected to use the generated ConfigMap only.", + "platformSpec": "platformSpec holds desired information specific to the underlying infrastructure provider.", + "controlPlaneTopology": "controlPlaneTopology expresses the desired topology configuration for control nodes.\n\nWhen status.controlPlaneTopology is 'SingleReplica' and spec.controlPlaneTopology is set to 'HighlyAvailable', a transition will be triggered to reconfigure the cluster from SingleReplica to HighlyAvailable.\n\nWhen left blank or status.controlPlaneTopology and spec.controlPlaneTopology are the same value, no changes are required and no transitions will be triggered.\n\nThis value may be set to match status.controlPlaneTopology regardless of the current value.", } func (InfrastructureSpec) SwaggerDoc() map[string]string { @@ -1753,7 +1886,7 @@ var map_InfrastructureStatus = map[string]string{ "etcdDiscoveryDomain": "etcdDiscoveryDomain is the domain used to fetch the SRV records for discovering etcd servers and clients. For more info: https://github.com/etcd-io/etcd/blob/329be66e8b3f9e2e6af83c123ff89297e49ebd15/Documentation/op-guide/clustering.md#dns-discovery deprecated: as of 4.7, this field is no longer set or honored. It will be removed in a future release.", "apiServerURL": "apiServerURL is a valid URI with scheme 'https', address and optionally a port (defaulting to 443). apiServerURL can be used by components like the web console to tell users where to find the Kubernetes API.", "apiServerInternalURI": "apiServerInternalURL is a valid URI with scheme 'https', address and optionally a port (defaulting to 443). apiServerInternalURL can be used by components like kubelets, to contact the Kubernetes API server using the infrastructure provider rather than Kubernetes networking.", - "controlPlaneTopology": "controlPlaneTopology expresses the expectations for operands that normally run on control nodes. The default is 'HighlyAvailable', which represents the behavior operators have in a \"normal\" cluster. The 'SingleReplica' mode will be used in single-node deployments and the operators should not configure the operand for highly-available operation The 'External' mode indicates that the control plane is hosted externally to the cluster and that its components are not visible within the cluster.", + "controlPlaneTopology": "controlPlaneTopology expresses the expectations for operands that normally run on control nodes. The default is 'HighlyAvailable', which represents the behavior operators have in a \"normal\" cluster. The 'SingleReplica' mode will be used in single-node deployments and the operators should not configure the operand for highly-available operation The 'External' mode indicates that the control plane is hosted externally to the cluster and that its components are not visible within the cluster. The 'HighlyAvailableArbiter' mode indicates that the control plane will consist of 2 control-plane nodes that run conventional services and 1 smaller sized arbiter node that runs a bare minimum of services to maintain quorum.", "infrastructureTopology": "infrastructureTopology expresses the expectations for infrastructure services that do not run on control plane nodes, usually indicated by a node selector for a `role` value other than `master`. The default is 'HighlyAvailable', which represents the behavior operators have in a \"normal\" cluster. The 'SingleReplica' mode will be used in single-node deployments and the operators should not configure the operand for highly-available operation NOTE: External topology mode is not applicable for this field.", "cpuPartitioning": "cpuPartitioning expresses if CPU partitioning is a currently enabled feature in the cluster. CPU Partitioning means that this cluster can support partitioning workloads to specific CPU Sets. Valid values are \"None\" and \"AllNodes\". When omitted, the default value is \"None\". The default value of \"None\" indicates that no nodes will be setup with CPU partitioning. The \"AllNodes\" value indicates that all nodes have been setup with CPU partitioning, and can then be further configured via the PerformanceProfile API.", } @@ -2081,7 +2214,7 @@ func (VSpherePlatformNodeNetworkingSpec) SwaggerDoc() map[string]string { var map_VSpherePlatformSpec = map[string]string{ "": "VSpherePlatformSpec holds the desired state of the vSphere infrastructure provider. In the future the cloud provider operator, storage operator and machine operator will use these fields for configuration.", - "vcenters": "vcenters holds the connection details for services to communicate with vCenter. Currently, only a single vCenter is supported, but in tech preview 3 vCenters are supported. Once the cluster has been installed, you are unable to change the current number of defined vCenters except in the case where the cluster has been upgraded from a version of OpenShift where the vsphere platform spec was not present. You may make modifications to the existing vCenters that are defined in the vcenters list in order to match with any added or modified failure domains.", + "vcenters": "vcenters holds the connection details for services to communicate with vCenter. Up to 3 vCenters are supported. Once the cluster has been installed, you are unable to change the current number of defined vCenters except when 1.) the cluster has been upgraded from a version of OpenShift where the vsphere platform spec was not present or 2.) in TechPreview you are able to add and remove vCenters but may not remove all vCenters. You may make modifications to the existing vCenters that are defined in the vcenters list in order to match with any added or modified failure domains.", "failureDomains": "failureDomains contains the definition of region, zone and the vCenter topology. If this is omitted failure domains (regions and zones) will not be used.", "nodeNetworking": "nodeNetworking contains the definition of internal and external network constraints for assigning the node's networking. If this field is omitted, networking defaults to the legacy address selection behavior which is to only support a single address and return the first one found.", "apiServerInternalIPs": "apiServerInternalIPs are the IP addresses to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. These are the IPs for a self-hosted load balancer in front of the API servers. In dual stack clusters this list contains two IP addresses, one from IPv4 family and one from IPv6. In single stack clusters a single IP address is expected. When omitted, values from the status.apiServerInternalIPs will be used. Once set, the list cannot be completely removed (but its second entry can).", @@ -2328,24 +2461,76 @@ func (Storage) SwaggerDoc() map[string]string { return map_Storage } -var map_AWSKMSConfig = map[string]string{ - "": "AWSKMSConfig defines the KMS config specific to AWS KMS provider", - "keyARN": "keyARN specifies the Amazon Resource Name (ARN) of the AWS KMS key used for encryption. The value must adhere to the format `arn:aws:kms:::key/`, where: - `` is the AWS region consisting of lowercase letters and hyphens followed by a number. - `` is a 12-digit numeric identifier for the AWS account. - `` is a unique identifier for the KMS key, consisting of lowercase hexadecimal characters and hyphens.", - "region": "region specifies the AWS region where the KMS instance exists, and follows the format `--`, e.g.: `us-east-1`. Only lowercase letters and hyphens followed by numbers are allowed.", +var map_KMSPluginConfig = map[string]string{ + "": "KMSPluginConfig defines the configuration for the KMS instance that will be used with KMS encryption", + "type": "type defines the kind of platform for the KMS provider. Allowed values are Vault. When set to Vault, the plugin connects to a HashiCorp Vault server for key management.", + "vault": "vault defines the configuration for the Vault KMS plugin. The plugin connects to a Vault Enterprise server that is managed by the user outside the purview of the control plane. This field must be set when type is Vault, and must be unset otherwise.", } -func (AWSKMSConfig) SwaggerDoc() map[string]string { - return map_AWSKMSConfig +func (KMSPluginConfig) SwaggerDoc() map[string]string { + return map_KMSPluginConfig } -var map_KMSConfig = map[string]string{ - "": "KMSConfig defines the configuration for the KMS instance that will be used with KMSEncryptionProvider encryption", - "type": "type defines the kind of platform for the KMS provider. Available provider types are AWS only.", - "aws": "aws defines the key config for using an AWS KMS instance for the encryption. The AWS KMS instance is managed by the user outside the purview of the control plane.", +var map_VaultAppRoleAuthentication = map[string]string{ + "": "VaultAppRoleAuthentication defines the configuration for AppRole authentication with Vault.", + "secret": "secret references a secret in the openshift-config namespace containing the AppRole credentials used to authenticate with Vault. The referenced Secret must contain two keys: \"role-id\" for the AppRole Role ID and \"secret-id\" for the AppRole Secret ID.", } -func (KMSConfig) SwaggerDoc() map[string]string { - return map_KMSConfig +func (VaultAppRoleAuthentication) SwaggerDoc() map[string]string { + return map_VaultAppRoleAuthentication +} + +var map_VaultAuthentication = map[string]string{ + "": "VaultAuthentication defines the authentication method used to authenticate with Vault.", + "type": "type defines the authentication method used to authenticate with Vault. Allowed values are AppRole. When set to AppRole, the plugin uses AppRole credentials to authenticate with Vault.", + "appRole": "appRole defines the configuration for AppRole authentication. This field must be set when type is AppRole, and must be unset otherwise.", +} + +func (VaultAuthentication) SwaggerDoc() map[string]string { + return map_VaultAuthentication +} + +var map_VaultConfigMapReference = map[string]string{ + "": "VaultConfigMapReference references a ConfigMap in the openshift-config namespace.", + "name": "name is the metadata.name of the referenced ConfigMap in the openshift-config namespace. The name must be a valid DNS subdomain name: it must contain no more than 253 characters, contain only lowercase alphanumeric characters, '-' or '.', and start and end with an alphanumeric character.", +} + +func (VaultConfigMapReference) SwaggerDoc() map[string]string { + return map_VaultConfigMapReference +} + +var map_VaultKMSPluginConfig = map[string]string{ + "": "VaultKMSPluginConfig defines the KMS plugin configuration specific to Vault KMS", + "kmsPluginImage": "kmsPluginImage specifies the container image for the HashiCorp Vault KMS plugin.\n\nThe image must be a fully qualified OCI image pull spec with a SHA256 digest. The format is: host[:port][/namespace]/name@sha256: where the digest must be 64 characters long and consist only of lowercase hexadecimal characters, a-f and 0-9. The total length must be between 75 and 447 characters.\n\nShort names (e.g., \"vault-plugin\" or \"hashicorp/vault-plugin\") are not allowed. The registry hostname must be included and must contain at least one dot. Image tags (e.g., \":latest\", \":v1.0.0\") are not allowed.\n\nConsult the OpenShift documentation for compatible plugin versions with your cluster version, then obtain the image digest for that version from HashiCorp's container registry.\n\nFor disconnected environments, mirror the plugin image to an accessible registry and reference the mirrored location with its digest.", + "vaultAddress": "vaultAddress specifies the address of the HashiCorp Vault instance. The value must be a valid HTTPS URL containing only scheme, host, and optional port. Paths, user info, query parameters, and fragments are not allowed.\n\nFormat: https://hostname[:port] Example: https://vault.example.com:8200\n\nThe value must be between 1 and 512 characters.", + "vaultNamespace": "vaultNamespace specifies the Vault namespace where the Transit secrets engine is mounted. This is only applicable for Vault Enterprise installations. When this field is not set, no namespace is used.\n\nThe value must be between 1 and 4096 characters. The namespace cannot end with a forward slash, cannot contain spaces, and cannot be one of the reserved strings: root, sys, audit, auth, cubbyhole, or identity.", + "tls": "tls contains the TLS configuration for connecting to the Vault server. When this field is not set, system default TLS settings are used.", + "authentication": "authentication defines the authentication method used to authenticate with Vault.", + "transitMount": "transitMount specifies the mount path of the Vault Transit engine.\n\nThe transit mount must be between 1 and 1024 characters, cannot start or end with a forward slash, cannot contain consecutive forward slashes, and must only contain RFC 3986 unreserved characters (alphanumeric, hyphen, period, underscore, tilde) and forward slashes as path separators.", + "transitKey": "transitKey specifies the name of the encryption key in Vault's Transit engine. This key is used to encrypt and decrypt data.\n\nThe transit key must be between 1 and 512 characters, cannot contain forward slashes, and must only contain alphanumeric characters, hyphens, periods, and underscores.", +} + +func (VaultKMSPluginConfig) SwaggerDoc() map[string]string { + return map_VaultKMSPluginConfig +} + +var map_VaultSecretReference = map[string]string{ + "": "VaultSecretReference references a secret in the openshift-config namespace.", + "name": "name is the metadata.name of the referenced secret in the openshift-config namespace. The name must be a valid DNS subdomain name: it must contain no more than 253 characters, contain only lowercase alphanumeric characters, '-' or '.', and start and end with an alphanumeric character.", +} + +func (VaultSecretReference) SwaggerDoc() map[string]string { + return map_VaultSecretReference +} + +var map_VaultTLSConfig = map[string]string{ + "": "VaultTLSConfig contains TLS configuration for connecting to Vault.", + "caBundle": "caBundle references a ConfigMap in the openshift-config namespace containing the CA certificate bundle used to verify the TLS connection to the Vault server. The referenced ConfigMap must contain the CA bundle in the key \"ca-bundle.crt\". When this field is not set, the system's trusted CA certificates are used.\n\nThe namespace for the ConfigMap is openshift-config.\n\nExample ConfigMap:\n apiVersion: v1\n kind: ConfigMap\n metadata:\n name: vault-ca-bundle\n namespace: openshift-config\n data:\n ca-bundle.crt: |", + "serverName": "serverName specifies the Server Name Indication (SNI) to use when connecting to Vault via TLS. This is useful when the Vault server's hostname doesn't match its TLS certificate. When this field is not set, the hostname from vaultAddress is used for SNI.\n\nThe value must be a valid DNS hostname: it must contain no more than 253 characters, contain only lowercase alphanumeric characters, '-' or '.', and start and end with an alphanumeric character.", +} + +func (VaultTLSConfig) SwaggerDoc() map[string]string { + return map_VaultTLSConfig } var map_ClusterNetworkEntry = map[string]string{ @@ -2458,6 +2643,15 @@ func (NetworkMigration) SwaggerDoc() map[string]string { return map_NetworkMigration } +var map_NetworkObservabilitySpec = map[string]string{ + "": "NetworkObservabilitySpec defines the configuration for network observability installation", + "installationPolicy": "installationPolicy controls whether network observability is installed during cluster deployment. Valid values are \"InstallAndEnable\" and \"NoAction\". When set to \"InstallAndEnable\", ensure that network observability will be installed and enabled on the cluster. If already installed, no action taken, but if it gets uninstalled, it will install it again. When set to \"NoAction\", nothing will be done regarding Network observability.", +} + +func (NetworkObservabilitySpec) SwaggerDoc() map[string]string { + return map_NetworkObservabilitySpec +} + var map_NetworkSpec = map[string]string{ "": "NetworkSpec is the desired network configuration. As a general rule, this SHOULD NOT be read directly. Instead, you should consume the NetworkStatus, as it indicates the currently deployed configuration. Currently, most spec fields are immutable after installation. Please view the individual ones for further details on each.", "clusterNetwork": "IP address pool to use for pod IPs. This field is immutable after installation.", @@ -2466,6 +2660,7 @@ var map_NetworkSpec = map[string]string{ "externalIP": "externalIP defines configuration for controllers that affect Service.ExternalIP. If nil, then ExternalIP is not allowed to be set.", "serviceNodePortRange": "The port range allowed for Services of type NodePort. If not specified, the default of 30000-32767 will be used. Such Services without a NodePort specified will have one automatically allocated from this range. This parameter can be updated after the cluster is installed.", "networkDiagnostics": "networkDiagnostics defines network diagnostics configuration.\n\nTakes precedence over spec.disableNetworkDiagnostics in network.operator.openshift.io. If networkDiagnostics is not specified or is empty, and the spec.disableNetworkDiagnostics flag in network.operator.openshift.io is set to true, the network diagnostics feature will be disabled.", + "networkObservability": "networkObservability is an optional field that configures network observability installation during cluster deployment (day-0). When omitted, unless this is a SNO cluster, network observability will be installed if not already present, after that, no action taken.", } func (NetworkSpec) SwaggerDoc() map[string]string { @@ -3008,6 +3203,7 @@ func (OldTLSProfile) SwaggerDoc() map[string]string { var map_TLSProfileSpec = map[string]string{ "": "TLSProfileSpec is the desired behavior of a TLSSecurityProfile.", "ciphers": "ciphers is used to specify the cipher algorithms that are negotiated during the TLS handshake. Operators may remove entries that their operands do not support. For example, to use only ECDHE-RSA-AES128-GCM-SHA256 (yaml):\n\n ciphers:\n - ECDHE-RSA-AES128-GCM-SHA256\n\nTLS 1.3 cipher suites (e.g. TLS_AES_128_GCM_SHA256) are not configurable and are always enabled when TLS 1.3 is negotiated.", + "groups": "groups is an optional, ordered field used to specify the supported groups (formerly known as elliptic curves) that are used during the TLS handshake. The order of the groups represents a suggested preference, with the most preferred group first. Note that not all platform components honor the ordering: Go-based components use Go's internal preference order and treat this list as a filter of allowed groups rather than an ordered preference. Operators may remove entries their operands do not support.\n\nWhen omitted, this means no opinion and the platform is left to choose reasonable defaults which are subject to change over time and may be different per platform component depending on the underlying TLS libraries they use. If specified, the list must contain at least one and at most 7 groups, and each group must be unique.\n\nFor example, to use X25519 and secp256r1 (yaml):\n\n groups:\n - X25519\n - secp256r1", "minTLSVersion": "minTLSVersion is used to specify the minimal version of the TLS protocol that is negotiated during the TLS handshake. For example, to use TLS versions 1.1, 1.2 and 1.3 (yaml):\n\n minTLSVersion: VersionTLS11", } @@ -3017,11 +3213,11 @@ func (TLSProfileSpec) SwaggerDoc() map[string]string { var map_TLSSecurityProfile = map[string]string{ "": "TLSSecurityProfile defines the schema for a TLS security profile. This object is used by operators to apply TLS security settings to operands.", - "type": "type is one of Old, Intermediate, Modern or Custom. Custom provides the ability to specify individual TLS security profile parameters.\n\nThe profiles are based on version 5.7 of the Mozilla Server Side TLS configuration guidelines. The cipher lists consist of the configuration's \"ciphersuites\" followed by the Go-specific \"ciphers\" from the guidelines. See: https://ssl-config.mozilla.org/guidelines/5.7.json\n\nThe profiles are intent based, so they may change over time as new ciphers are developed and existing ciphers are found to be insecure. Depending on precisely which ciphers are available to a process, the list may be reduced.", - "old": "old is a TLS profile for use when services need to be accessed by very old clients or libraries and should be used only as a last resort.\n\nThis profile is equivalent to a Custom profile specified as:\n minTLSVersion: VersionTLS10\n ciphers:\n - TLS_AES_128_GCM_SHA256\n - TLS_AES_256_GCM_SHA384\n - TLS_CHACHA20_POLY1305_SHA256\n - ECDHE-ECDSA-AES128-GCM-SHA256\n - ECDHE-RSA-AES128-GCM-SHA256\n - ECDHE-ECDSA-AES256-GCM-SHA384\n - ECDHE-RSA-AES256-GCM-SHA384\n - ECDHE-ECDSA-CHACHA20-POLY1305\n - ECDHE-RSA-CHACHA20-POLY1305\n - ECDHE-ECDSA-AES128-SHA256\n - ECDHE-RSA-AES128-SHA256\n - ECDHE-ECDSA-AES128-SHA\n - ECDHE-RSA-AES128-SHA\n - ECDHE-ECDSA-AES256-SHA\n - ECDHE-RSA-AES256-SHA\n - AES128-GCM-SHA256\n - AES256-GCM-SHA384\n - AES128-SHA256\n - AES128-SHA\n - AES256-SHA\n - DES-CBC3-SHA", - "intermediate": "intermediate is a TLS profile for use when you do not need compatibility with legacy clients and want to remain highly secure while being compatible with most clients currently in use.\n\nThis profile is equivalent to a Custom profile specified as:\n minTLSVersion: VersionTLS12\n ciphers:\n - TLS_AES_128_GCM_SHA256\n - TLS_AES_256_GCM_SHA384\n - TLS_CHACHA20_POLY1305_SHA256\n - ECDHE-ECDSA-AES128-GCM-SHA256\n - ECDHE-RSA-AES128-GCM-SHA256\n - ECDHE-ECDSA-AES256-GCM-SHA384\n - ECDHE-RSA-AES256-GCM-SHA384\n - ECDHE-ECDSA-CHACHA20-POLY1305\n - ECDHE-RSA-CHACHA20-POLY1305", - "modern": "modern is a TLS security profile for use with clients that support TLS 1.3 and do not need backward compatibility for older clients.\n\nThis profile is equivalent to a Custom profile specified as:\n minTLSVersion: VersionTLS13\n ciphers:\n - TLS_AES_128_GCM_SHA256\n - TLS_AES_256_GCM_SHA384\n - TLS_CHACHA20_POLY1305_SHA256", - "custom": "custom is a user-defined TLS security profile. Be extremely careful using a custom profile as invalid configurations can be catastrophic. An example custom profile looks like this:\n\n minTLSVersion: VersionTLS11\n ciphers:\n - ECDHE-ECDSA-CHACHA20-POLY1305\n - ECDHE-RSA-CHACHA20-POLY1305\n - ECDHE-RSA-AES128-GCM-SHA256\n - ECDHE-ECDSA-AES128-GCM-SHA256", + "type": "type is one of Old, Intermediate, Modern or Custom. Custom provides the ability to specify individual TLS security profile parameters.\n\nThe cipher and groups lists in these profiles are based on version 5.8 of the Mozilla Server Side TLS configuration guidelines. See: https://ssl-config.mozilla.org/guidelines/5.8.json\n\nThe groups are listed in suggested preference order, with the most preferred group first. Note that not all platform components honor the ordering: Go-based components use Go's internal preference order and treat this list as a filter of allowed groups rather than an ordered preference. Note that X25519MLKEM768 is a post-quantum hybrid group that is not FIPS-approved and should be ignored by components running in FIPS mode.\n\nThe profiles are intent based, so they may change over time as new ciphers are developed and existing ciphers are found to be insecure. Depending on precisely which ciphers are available to a process, the list may be reduced.", + "old": "old is a TLS profile for use when services need to be accessed by very old clients or libraries and should be used only as a last resort.\n\nThe supported groups list includes by default the following groups in suggested preference order (ordering may not be honored by all implementations): X25519MLKEM768, X25519, secp256r1, secp384r1.\n\nThis profile is equivalent to a Custom profile specified as:\n minTLSVersion: VersionTLS10\n ciphers:\n - TLS_AES_128_GCM_SHA256\n - TLS_AES_256_GCM_SHA384\n - TLS_CHACHA20_POLY1305_SHA256\n - ECDHE-ECDSA-AES128-GCM-SHA256\n - ECDHE-RSA-AES128-GCM-SHA256\n - ECDHE-ECDSA-AES256-GCM-SHA384\n - ECDHE-RSA-AES256-GCM-SHA384\n - ECDHE-ECDSA-CHACHA20-POLY1305\n - ECDHE-RSA-CHACHA20-POLY1305\n - ECDHE-ECDSA-AES128-SHA256\n - ECDHE-RSA-AES128-SHA256\n - ECDHE-ECDSA-AES128-SHA\n - ECDHE-RSA-AES128-SHA\n - ECDHE-ECDSA-AES256-SHA384\n - ECDHE-RSA-AES256-SHA384\n - ECDHE-ECDSA-AES256-SHA\n - ECDHE-RSA-AES256-SHA\n - AES128-GCM-SHA256\n - AES256-GCM-SHA384\n - AES128-SHA256\n - AES256-SHA256\n - AES128-SHA\n - AES256-SHA\n - DES-CBC3-SHA", + "intermediate": "intermediate is a TLS profile for use when you do not need compatibility with legacy clients and want to remain highly secure while being compatible with most clients currently in use.\n\nThe supported groups list includes by default the following groups in suggested preference order (ordering may not be honored by all implementations): X25519MLKEM768, X25519, secp256r1, secp384r1.\n\nThis profile is equivalent to a Custom profile specified as:\n minTLSVersion: VersionTLS12\n ciphers:\n - TLS_AES_128_GCM_SHA256\n - TLS_AES_256_GCM_SHA384\n - TLS_CHACHA20_POLY1305_SHA256\n - ECDHE-ECDSA-AES128-GCM-SHA256\n - ECDHE-RSA-AES128-GCM-SHA256\n - ECDHE-ECDSA-AES256-GCM-SHA384\n - ECDHE-RSA-AES256-GCM-SHA384\n - ECDHE-ECDSA-CHACHA20-POLY1305\n - ECDHE-RSA-CHACHA20-POLY1305", + "modern": "modern is a TLS security profile for use with clients that support TLS 1.3 and do not need backward compatibility for older clients. The supported groups list includes by default the following groups in suggested preference order (ordering may not be honored by all implementations): X25519MLKEM768, X25519, secp256r1, secp384r1. This profile is equivalent to a Custom profile specified as:\n minTLSVersion: VersionTLS13\n ciphers:\n - TLS_AES_128_GCM_SHA256\n - TLS_AES_256_GCM_SHA384\n - TLS_CHACHA20_POLY1305_SHA256", + "custom": "custom is a user-defined TLS security profile. Be extremely careful using a custom profile as invalid configurations can be catastrophic.\n\nThe supported groups list for this profile is empty by default.\n\nAn example custom profile looks like this:\n\n minTLSVersion: VersionTLS11\n ciphers:\n - ECDHE-ECDSA-CHACHA20-POLY1305\n - ECDHE-RSA-CHACHA20-POLY1305\n - ECDHE-RSA-AES128-GCM-SHA256\n - ECDHE-ECDSA-AES128-GCM-SHA256", } func (TLSSecurityProfile) SwaggerDoc() map[string]string { diff --git a/vendor/github.com/openshift/api/config/v1alpha1/doc.go b/vendor/github.com/openshift/api/config/v1alpha1/doc.go index 20d4485739..65333883b5 100644 --- a/vendor/github.com/openshift/api/config/v1alpha1/doc.go +++ b/vendor/github.com/openshift/api/config/v1alpha1/doc.go @@ -1,6 +1,7 @@ // +k8s:deepcopy-gen=package,register // +k8s:defaulter-gen=TypeMeta // +k8s:openapi-gen=true +// +k8s:openapi-model-package=com.github.openshift.api.config.v1alpha1 // +kubebuilder:validation:Optional // +groupName=config.openshift.io diff --git a/vendor/github.com/openshift/api/config/v1alpha1/register.go b/vendor/github.com/openshift/api/config/v1alpha1/register.go index 383d19e7e6..1d84b71079 100644 --- a/vendor/github.com/openshift/api/config/v1alpha1/register.go +++ b/vendor/github.com/openshift/api/config/v1alpha1/register.go @@ -36,10 +36,6 @@ func addKnownTypes(scheme *runtime.Scheme) error { &InsightsDataGatherList{}, &Backup{}, &BackupList{}, - &ImagePolicy{}, - &ImagePolicyList{}, - &ClusterImagePolicy{}, - &ClusterImagePolicyList{}, &CRIOCredentialProviderConfig{}, &CRIOCredentialProviderConfigList{}, &PKI{}, diff --git a/vendor/github.com/openshift/api/config/v1alpha1/types_cluster_image_policy.go b/vendor/github.com/openshift/api/config/v1alpha1/types_cluster_image_policy.go deleted file mode 100644 index e8d7603d7b..0000000000 --- a/vendor/github.com/openshift/api/config/v1alpha1/types_cluster_image_policy.go +++ /dev/null @@ -1,80 +0,0 @@ -package v1alpha1 - -import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - -// +genclient -// +genclient:nonNamespaced -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// ClusterImagePolicy holds cluster-wide configuration for image signature verification -// -// Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. -// +kubebuilder:object:root=true -// +kubebuilder:resource:path=clusterimagepolicies,scope=Cluster -// +kubebuilder:subresource:status -// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/1457 -// +openshift:file-pattern=cvoRunLevel=0000_10,operatorName=config-operator,operatorOrdering=01 -// +openshift:enable:FeatureGate=SigstoreImageVerification -// +openshift:compatibility-gen:level=4 -type ClusterImagePolicy struct { - metav1.TypeMeta `json:",inline"` - - // metadata is the standard object's metadata. - // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata - metav1.ObjectMeta `json:"metadata,omitempty"` - - // spec contains the configuration for the cluster image policy. - // +required - Spec ClusterImagePolicySpec `json:"spec"` - // status contains the observed state of the resource. - // +optional - Status ClusterImagePolicyStatus `json:"status,omitempty"` -} - -// CLusterImagePolicySpec is the specification of the ClusterImagePolicy custom resource. -type ClusterImagePolicySpec struct { - // scopes defines the list of image identities assigned to a policy. Each item refers to a scope in a registry implementing the "Docker Registry HTTP API V2". - // Scopes matching individual images are named Docker references in the fully expanded form, either using a tag or digest. For example, docker.io/library/busybox:latest (not busybox:latest). - // More general scopes are prefixes of individual-image scopes, and specify a repository (by omitting the tag or digest), a repository - // namespace, or a registry host (by only specifying the host name and possibly a port number) or a wildcard expression starting with `*.`, for matching all subdomains (not including a port number). - // Wildcards are only supported for subdomain matching, and may not be used in the middle of the host, i.e. *.example.com is a valid case, but example*.*.com is not. - // If multiple scopes match a given image, only the policy requirements for the most specific scope apply. The policy requirements for more general scopes are ignored. - // In addition to setting a policy appropriate for your own deployed applications, make sure that a policy on the OpenShift image repositories - // quay.io/openshift-release-dev/ocp-release, quay.io/openshift-release-dev/ocp-v4.0-art-dev (or on a more general scope) allows deployment of the OpenShift images required for cluster operation. - // If a scope is configured in both the ClusterImagePolicy and the ImagePolicy, or if the scope in ImagePolicy is nested under one of the scopes from the ClusterImagePolicy, only the policy from the ClusterImagePolicy will be applied. - // For additional details about the format, please refer to the document explaining the docker transport field, - // which can be found at: https://github.com/containers/image/blob/main/docs/containers-policy.json.5.md#docker - // +required - // +kubebuilder:validation:MaxItems=256 - // +listType=set - Scopes []ImageScope `json:"scopes"` - // policy contains configuration to allow scopes to be verified, and defines how - // images not matching the verification policy will be treated. - // +required - Policy ImageSigstoreVerificationPolicy `json:"policy"` -} - -// +k8s:deepcopy-gen=true -type ClusterImagePolicyStatus struct { - // conditions provide details on the status of this API Resource. - // +listType=map - // +listMapKey=type - // +optional - Conditions []metav1.Condition `json:"conditions,omitempty"` -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// ClusterImagePolicyList is a list of ClusterImagePolicy resources -// -// Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. -// +openshift:compatibility-gen:level=4 -type ClusterImagePolicyList struct { - metav1.TypeMeta `json:",inline"` - - // metadata is the standard list's metadata. - // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata - metav1.ListMeta `json:"metadata"` - - Items []ClusterImagePolicy `json:"items"` -} diff --git a/vendor/github.com/openshift/api/config/v1alpha1/types_cluster_monitoring.go b/vendor/github.com/openshift/api/config/v1alpha1/types_cluster_monitoring.go index e72f537f99..ca2f0216a9 100644 --- a/vendor/github.com/openshift/api/config/v1alpha1/types_cluster_monitoring.go +++ b/vendor/github.com/openshift/api/config/v1alpha1/types_cluster_monitoring.go @@ -89,6 +89,19 @@ type ClusterMonitoringSpec struct { // The current default value is `DefaultConfig`. // +optional AlertmanagerConfig AlertmanagerConfig `json:"alertmanagerConfig,omitempty,omitzero"` + // prometheusConfig provides configuration options for the default platform Prometheus instance + // that runs in the `openshift-monitoring` namespace. This configuration applies only to the + // platform Prometheus instance; user-workload Prometheus instances are configured separately. + // + // This field allows you to customize how the platform Prometheus is deployed and operated, including: + // - Pod scheduling (node selectors, tolerations, topology spread constraints) + // - Resource allocation (CPU, memory requests/limits) + // - Retention policies (how long metrics are stored) + // - External integrations (remote write, additional alertmanagers) + // + // This field is optional. When omitted, the platform chooses reasonable defaults, which may change over time. + // +optional + PrometheusConfig PrometheusConfig `json:"prometheusConfig,omitempty,omitzero"` // metricsServerConfig is an optional field that can be used to configure the Kubernetes Metrics Server that runs in the openshift-monitoring namespace. // Specifically, it can configure how the Metrics Server instance is deployed, pod scheduling, its audit policy and log verbosity. // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. @@ -107,6 +120,641 @@ type ClusterMonitoringSpec struct { // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. // +optional PrometheusOperatorAdmissionWebhookConfig PrometheusOperatorAdmissionWebhookConfig `json:"prometheusOperatorAdmissionWebhookConfig,omitempty,omitzero"` + // openShiftStateMetricsConfig is an optional field that can be used to configure the openshift-state-metrics + // agent that runs in the openshift-monitoring namespace. The openshift-state-metrics agent generates metrics + // about the state of OpenShift-specific Kubernetes objects, such as routes, builds, and deployments. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // +optional + OpenShiftStateMetricsConfig OpenShiftStateMetricsConfig `json:"openShiftStateMetricsConfig,omitempty,omitzero"` + // telemeterClientConfig is an optional field that can be used to configure the Telemeter Client + // component that runs in the openshift-monitoring namespace. The Telemeter Client collects + // selected monitoring metrics and forwards them to Red Hat for telemetry purposes. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // When set, at least one field must be specified within telemeterClientConfig. + // +optional + TelemeterClientConfig TelemeterClientConfig `json:"telemeterClientConfig,omitempty,omitzero"` + // thanosQuerierConfig is an optional field that can be used to configure the Thanos Querier + // component that runs in the openshift-monitoring namespace. The Thanos Querier provides + // a global query view by aggregating and deduplicating metrics from multiple Prometheus instances. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The current default deploys the Thanos Querier on linux nodes with 5m CPU and 12Mi memory + // requests, and no custom tolerations or topology spread constraints. + // When set, at least one field must be specified within thanosQuerierConfig. + // +optional + ThanosQuerierConfig ThanosQuerierConfig `json:"thanosQuerierConfig,omitempty,omitzero"` + // nodeExporterConfig is an optional field that can be used to configure the node-exporter agent + // that runs as a DaemonSet in the openshift-monitoring namespace. The node-exporter agent collects + // hardware and OS-level metrics from every node in the cluster. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // +optional + NodeExporterConfig NodeExporterConfig `json:"nodeExporterConfig,omitempty,omitzero"` + // monitoringPluginConfig is an optional field that can be used to configure the monitoring plugin + // that runs as a dynamic plugin of the OpenShift web console. The monitoring plugin provides + // the monitoring UI in the OpenShift web console for visualizing metrics, alerts, and dashboards. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The current default deploys the monitoring-plugin as a single-replica Deployment + // on linux nodes with 10m CPU and 50Mi memory requests, and no custom tolerations + // or topology spread constraints. + // When set, at least one field must be specified within monitoringPluginConfig. + // +optional + MonitoringPluginConfig MonitoringPluginConfig `json:"monitoringPluginConfig,omitempty,omitzero"` + // kubeStateMetricsConfig is an optional field that can be used to configure the kube-state-metrics + // agent that runs in the openshift-monitoring namespace. kube-state-metrics generates metrics about + // the state of Kubernetes objects such as Deployments, Nodes, and Pods. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // +optional + KubeStateMetricsConfig KubeStateMetricsConfig `json:"kubeStateMetricsConfig,omitempty,omitzero"` +} + +// OpenShiftStateMetricsConfig provides configuration options for the openshift-state-metrics agent +// that runs in the `openshift-monitoring` namespace. The openshift-state-metrics agent generates +// metrics about the state of OpenShift-specific Kubernetes objects, such as routes, builds, and deployments. +// +kubebuilder:validation:MinProperties=1 +type OpenShiftStateMetricsConfig struct { + // nodeSelector defines the nodes on which the Pods are scheduled. + // nodeSelector is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // The current default value is `kubernetes.io/os: linux`. + // When specified, nodeSelector must contain at least 1 entry and must not contain more than 10 entries. + // +optional + // +kubebuilder:validation:MinProperties=1 + // +kubebuilder:validation:MaxProperties=10 + NodeSelector map[string]string `json:"nodeSelector,omitempty"` + // resources defines the compute resource requests and limits for the openshift-state-metrics container. + // This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. + // When not specified, defaults are used by the platform. Requests cannot exceed limits. + // This field is optional. + // More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + // This is a simplified API that maps to Kubernetes ResourceRequirements. + // The current default values are: + // resources: + // - name: cpu + // request: 1m + // limit: null + // - name: memory + // request: 32Mi + // limit: null + // Maximum length for this list is 5. + // Minimum length for this list is 1. + // Each resource name must be unique within this list. + // +optional + // +listType=map + // +listMapKey=name + // +kubebuilder:validation:MaxItems=5 + // +kubebuilder:validation:MinItems=1 + Resources []ContainerResource `json:"resources,omitempty"` + // tolerations defines tolerations for the pods. + // tolerations is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // Defaults are empty/unset. + // Maximum length for this list is 10. + // Minimum length for this list is 1. + // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:MinItems=1 + // +listType=atomic + // +optional + Tolerations []v1.Toleration `json:"tolerations,omitempty"` + // topologySpreadConstraints defines rules for how openshift-state-metrics Pods should be distributed + // across topology domains such as zones, nodes, or other user-defined labels. + // topologySpreadConstraints is optional. + // This helps improve high availability and resource efficiency by avoiding placing + // too many replicas in the same failure domain. + // + // When omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. + // This field maps directly to the `topologySpreadConstraints` field in the Pod spec. + // Default is empty list. + // Maximum length for this list is 10. + // Minimum length for this list is 1. + // Entries must have unique topologyKey and whenUnsatisfiable pairs. + // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:MinItems=1 + // +listType=map + // +listMapKey=topologyKey + // +listMapKey=whenUnsatisfiable + // +optional + TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` +} + +// NodeExporterConfig provides configuration options for the node-exporter agent +// that runs as a DaemonSet in the `openshift-monitoring` namespace. The node-exporter agent collects +// hardware and OS-level metrics from every node in the cluster, including CPU, memory, disk, and +// network statistics. +// At least one field must be specified. +// +kubebuilder:validation:MinProperties=1 +type NodeExporterConfig struct { + // resources defines the compute resource requests and limits for the node-exporter container. + // This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. + // When not specified, defaults are used by the platform. Requests cannot exceed limits. + // This field is optional. + // More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + // This is a simplified API that maps to Kubernetes ResourceRequirements. + // The current default values are: + // resources: + // - name: cpu + // request: 8m + // limit: null + // - name: memory + // request: 32Mi + // limit: null + // --- + // maxItems is set to 5 to stay within the Kubernetes CRD CEL validation cost budget. + // See the MaxItems comment near the ContainerResource type definition for details. + // Minimum length for this list is 1. + // Each resource name must be unique within this list. + // +optional + // +listType=map + // +listMapKey=name + // +kubebuilder:validation:MaxItems=5 + // +kubebuilder:validation:MinItems=1 + Resources []ContainerResource `json:"resources,omitempty"` + + // --- TOMBSTONE --- + // nodeSelector was a field that defined the nodes on which the Pods are scheduled. + // It was removed because node-exporter runs as a DaemonSet on all nodes, + // and the CMO does not support this field. + // The field name "nodeSelector" and json tag are reserved to prevent reuse + // with a different backing type. + // + // +optional + // NodeSelector map[string]string `json:"nodeSelector,omitempty"` + + // --- TOMBSTONE --- + // tolerations was a field that defined tolerations for the pods. + // It was removed because node-exporter runs as a DaemonSet on all nodes, + // and the CMO does not support this field. + // The field name "tolerations" and json tag are reserved to prevent reuse + // with a different backing type. + // + // +optional + // Tolerations []v1.Toleration `json:"tolerations,omitempty"` + + // collectors configures which node-exporter metric collectors are enabled. + // collectors is optional. + // Each collector can be individually enabled or disabled. Some collectors may have + // additional configuration options. + // + // When omitted, this means no opinion and the platform is left to choose a reasonable + // default, which is subject to change over time. + // +optional + Collectors NodeExporterCollectorConfig `json:"collectors,omitempty,omitzero"` + // maxProcs sets the target number of CPUs on which the node-exporter process will run. + // maxProcs is optional. + // Use this setting to override the default value, which is set either to 4 or to the number + // of CPUs on the host, whichever is smaller. + // The default value is computed at runtime and set via the GOMAXPROCS environment variable before + // node-exporter is launched. + // If a kernel deadlock occurs or if performance degrades when reading from sysfs concurrently, + // you can change this value to 1, which limits node-exporter to running on one CPU. + // For nodes with a high CPU count, setting the limit to a low number saves resources by preventing + // Go routines from being scheduled to run on all CPUs. However, I/O performance degrades if the + // maxProcs value is set too low and there are many metrics to collect. + // The minimum value is 1 and the maximum value is 1024. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, + // which is subject to change over time. The current default is min(4, number of host CPUs). + // +optional + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=1024 + MaxProcs int32 `json:"maxProcs,omitempty"` + // ignoredNetworkDevices is a list of regular expression patterns that match network devices + // to be excluded from the relevant collector configuration such as netdev, netclass, and ethtool. + // ignoredNetworkDevices is optional. + // + // When omitted, the Cluster Monitoring Operator uses a predefined list of devices to be excluded + // to minimize the impact on memory usage. + // When set as an empty list, no devices are excluded. + // If you modify this setting, monitor the prometheus-k8s deployment closely for excessive memory usage. + // Maximum length for this list is 50. + // Each entry must be at least 1 character and at most 1024 characters long. + // +kubebuilder:validation:MaxItems=50 + // +kubebuilder:validation:MinItems=0 + // +listType=set + // +optional + IgnoredNetworkDevices *[]NodeExporterIgnoredNetworkDevice `json:"ignoredNetworkDevices,omitempty"` +} + +// NodeExporterIgnoredNetworkDevice is a string that is interpreted as a Go regular expression +// pattern by the controller to match network device names to exclude from node-exporter +// metric collection for collectors such as netdev, netclass, and ethtool. +// Invalid regular expressions will cause a controller-level error at runtime. +// Must be at least 1 character and at most 1024 characters. +// +kubebuilder:validation:MinLength=1 +// +kubebuilder:validation:MaxLength=1024 +type NodeExporterIgnoredNetworkDevice string + +// NodeExporterCollectorCollectionPolicy declares whether a node-exporter collector should collect metrics. +// Valid values are "Collect" and "DoNotCollect". +// +kubebuilder:validation:Enum=Collect;DoNotCollect +// +enum +type NodeExporterCollectorCollectionPolicy string + +const ( + // NodeExporterCollectorCollectionPolicyCollect means the collector is active and will produce metrics. + NodeExporterCollectorCollectionPolicyCollect NodeExporterCollectorCollectionPolicy = "Collect" + // NodeExporterCollectorCollectionPolicyDoNotCollect means the collector is inactive and will not produce metrics. + NodeExporterCollectorCollectionPolicyDoNotCollect NodeExporterCollectorCollectionPolicy = "DoNotCollect" +) + +// NodeExporterNetclassStatsGatherer identifies how the netclass collector gathers device statistics +// (for example via sysfs or netlink, as implemented in node_exporter). +// Valid values are "Sysfs" and "Netlink". +// +kubebuilder:validation:Enum=Sysfs;Netlink +// +enum +type NodeExporterNetclassStatsGatherer string + +const ( + // NodeExporterNetclassStatsGathererSysfs uses the sysfs-based implementation. + NodeExporterNetclassStatsGathererSysfs NodeExporterNetclassStatsGatherer = "Sysfs" + // NodeExporterNetclassStatsGathererNetlink uses the netlink-based implementation. + NodeExporterNetclassStatsGathererNetlink NodeExporterNetclassStatsGatherer = "Netlink" +) + +// NodeExporterCollectorConfig defines settings for individual collectors +// of the node-exporter agent. Each collector can be individually set to collect or not collect metrics. +// At least one collector must be specified. +// +kubebuilder:validation:MinProperties=1 +type NodeExporterCollectorConfig struct { + // cpuFreq configures the cpufreq collector, which collects CPU frequency statistics. + // cpuFreq is optional. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, + // which is subject to change over time. The current default is disabled. + // Consider enabling when you need to observe CPU frequency scaling; expect higher CPU usage on + // many-core nodes when collectionPolicy is Collect. + // +optional + CpuFreq NodeExporterCollectorCpufreqConfig `json:"cpuFreq,omitempty,omitzero"` + // tcpStat configures the tcpstat collector, which collects TCP connection statistics. + // tcpStat is optional. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, + // which is subject to change over time. The current default is disabled. + // Enable when debugging TCP connection behavior or capacity at the node level. + // +optional + TcpStat NodeExporterCollectorTcpStatConfig `json:"tcpStat,omitempty,omitzero"` + // ethtool configures the ethtool collector, which collects ethernet device statistics. + // ethtool is optional. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, + // which is subject to change over time. The current default is disabled. + // Enable when you need NIC driver-level ethtool metrics beyond generic netdev counters. + // +optional + Ethtool NodeExporterCollectorEthtoolConfig `json:"ethtool,omitempty,omitzero"` + // netDev configures the netdev collector, which collects network device statistics. + // netDev is optional. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, + // which is subject to change over time. The current default is enabled. + // Turn off if you must reduce per-interface metric cardinality on hosts with many virtual interfaces. + // +optional + NetDev NodeExporterCollectorNetDevConfig `json:"netDev,omitempty,omitzero"` + // netClass configures the netclass collector, which collects information about network devices. + // netClass is optional. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, + // which is subject to change over time. The current default is enabled with netlink mode active. + // Use statsGatherer when sysfs vs netlink implementation matters or when matching node_exporter tuning. + // +optional + NetClass NodeExporterCollectorNetClassConfig `json:"netClass,omitempty,omitzero"` + // buddyInfo configures the buddyinfo collector, which collects statistics about memory + // fragmentation from the node_buddyinfo_blocks metric. This metric collects data from /proc/buddyinfo. + // buddyInfo is optional. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, + // which is subject to change over time. The current default is disabled. + // Enable when investigating kernel memory fragmentation; typically for advanced troubleshooting only. + // +optional + BuddyInfo NodeExporterCollectorBuddyInfoConfig `json:"buddyInfo,omitempty,omitzero"` + // mountStats configures the mountstats collector, which collects statistics about NFS volume + // I/O activities. + // mountStats is optional. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, + // which is subject to change over time. The current default is disabled. + // Enabling this collector may produce metrics with high cardinality. If you enable this + // collector, closely monitor the prometheus-k8s deployment for excessive memory usage. + // Enable when you care about per-mount NFS client statistics. + // +optional + MountStats NodeExporterCollectorMountStatsConfig `json:"mountStats,omitempty,omitzero"` + // ksmd configures the ksmd collector, which collects statistics from the kernel same-page + // merger daemon. + // ksmd is optional. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, + // which is subject to change over time. The current default is disabled. + // Enable on nodes where KSM is in use and you want visibility into merging activity. + // +optional + Ksmd NodeExporterCollectorKSMDConfig `json:"ksmd,omitempty,omitzero"` + // processes configures the processes collector, which collects statistics from processes and + // threads running in the system. + // processes is optional. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, + // which is subject to change over time. The current default is disabled. + // Enable for process/thread-level insight; can be expensive on busy nodes. + // +optional + Processes NodeExporterCollectorProcessesConfig `json:"processes,omitempty,omitzero"` + // systemd configures the systemd collector, which collects statistics on the systemd daemon + // and its managed services. + // systemd is optional. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, + // which is subject to change over time. The current default is disabled. + // Enabling this collector with a long list of selected units may produce metrics with high + // cardinality. If you enable this collector, closely monitor the prometheus-k8s deployment + // for excessive memory usage. + // Enable when you need metrics for specific units; scope units carefully. + // +optional + Systemd NodeExporterCollectorSystemdConfig `json:"systemd,omitempty,omitzero"` + // softirqs configures the softirqs collector, which exposes detailed softirq statistics + // from /proc/softirqs. + // softirqs is optional. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, + // which is subject to change over time. The current default is disabled. + // Enable when you need visibility into kernel softirq processing across CPUs. + // +optional + Softirqs NodeExporterCollectorSoftirqsConfig `json:"softirqs,omitempty,omitzero"` +} + +// NodeExporterCollectorCpufreqConfig provides configuration for the cpufreq collector +// of the node-exporter agent. The cpufreq collector collects CPU frequency statistics. +// It is disabled by default. +type NodeExporterCollectorCpufreqConfig struct { + // collectionPolicy declares whether the cpufreq collector collects metrics. + // This field is required. + // Valid values are "Collect" and "DoNotCollect". + // When set to "Collect", the cpufreq collector is active and CPU frequency statistics are collected. + // When set to "DoNotCollect", the cpufreq collector is inactive. + // +required + CollectionPolicy NodeExporterCollectorCollectionPolicy `json:"collectionPolicy,omitempty"` +} + +// NodeExporterCollectorTcpStatConfig provides configuration for the tcpstat collector +// of the node-exporter agent. The tcpstat collector collects TCP connection statistics. +// It is disabled by default. +type NodeExporterCollectorTcpStatConfig struct { + // collectionPolicy declares whether the tcpstat collector collects metrics. + // This field is required. + // Valid values are "Collect" and "DoNotCollect". + // When set to "Collect", the tcpstat collector is active and TCP connection statistics are collected. + // When set to "DoNotCollect", the tcpstat collector is inactive. + // +required + CollectionPolicy NodeExporterCollectorCollectionPolicy `json:"collectionPolicy,omitempty"` +} + +// NodeExporterCollectorEthtoolConfig provides configuration for the ethtool collector +// of the node-exporter agent. The ethtool collector collects ethernet device statistics. +// It is disabled by default. +type NodeExporterCollectorEthtoolConfig struct { + // collectionPolicy declares whether the ethtool collector collects metrics. + // This field is required. + // Valid values are "Collect" and "DoNotCollect". + // When set to "Collect", the ethtool collector is active and ethernet device statistics are collected. + // When set to "DoNotCollect", the ethtool collector is inactive. + // +required + CollectionPolicy NodeExporterCollectorCollectionPolicy `json:"collectionPolicy,omitempty"` +} + +// NodeExporterCollectorNetDevConfig provides configuration for the netdev collector +// of the node-exporter agent. The netdev collector collects network device statistics +// such as bytes, packets, errors, and drops per device. +// It is enabled by default. +type NodeExporterCollectorNetDevConfig struct { + // collectionPolicy declares whether the netdev collector collects metrics. + // This field is required. + // Valid values are "Collect" and "DoNotCollect". + // When set to "Collect", the netdev collector is active and network device statistics are collected. + // When set to "DoNotCollect", the netdev collector is inactive and the corresponding metrics become unavailable. + // +required + CollectionPolicy NodeExporterCollectorCollectionPolicy `json:"collectionPolicy,omitempty"` +} + +// NodeExporterCollectorNetClassConfig provides configuration for the netclass collector +// of the node-exporter agent. The netclass collector collects information about network devices +// such as network speed, MTU, and carrier status. +// It is enabled by default. +// When collectionPolicy is DoNotCollect, the collect field must not be set. +// +kubebuilder:validation:XValidation:rule="has(self.collectionPolicy) && self.collectionPolicy == 'Collect' ? true : !has(self.collect)",message="collect is forbidden when collectionPolicy is not Collect" +// +union +type NodeExporterCollectorNetClassConfig struct { + // collectionPolicy declares whether the netclass collector collects metrics. + // This field is required. + // Valid values are "Collect" and "DoNotCollect". + // When set to "Collect", the netclass collector is active and network class information is collected. + // When set to "DoNotCollect", the netclass collector is inactive and the corresponding metrics become unavailable. + // When set to "DoNotCollect", the collect field must not be set. + // +unionDiscriminator + // +required + CollectionPolicy NodeExporterCollectorCollectionPolicy `json:"collectionPolicy,omitempty"` + // collect contains configuration options that apply only when the netclass collector is actively collecting metrics + // (i.e. when collectionPolicy is Collect). + // collect is optional and may be omitted even when collectionPolicy is Collect. + // collect may only be set when collectionPolicy is Collect. + // When set, at least one field must be specified within collect. + // +unionMember + // +optional + Collect NodeExporterCollectorNetClassCollectConfig `json:"collect,omitzero,omitempty"` +} + +// NodeExporterCollectorNetClassCollectConfig holds configuration options for the netclass collector +// when it is actively collecting metrics. At least one field must be specified. +// +kubebuilder:validation:MinProperties=1 +type NodeExporterCollectorNetClassCollectConfig struct { + // statsGatherer selects which implementation the netclass collector uses to gather statistics (sysfs or netlink). + // statsGatherer is optional. + // Valid values are "Sysfs" and "Netlink". + // When set to "Netlink", the netlink implementation is used; when set to "Sysfs", the sysfs implementation is used. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, + // which is subject to change over time. The current default is Netlink. + // +optional + StatsGatherer NodeExporterNetclassStatsGatherer `json:"statsGatherer,omitempty"` +} + +// NodeExporterCollectorBuddyInfoConfig provides configuration for the buddyinfo collector +// of the node-exporter agent. The buddyinfo collector collects statistics about memory fragmentation +// from the node_buddyinfo_blocks metric using data from /proc/buddyinfo. +// It is disabled by default. +type NodeExporterCollectorBuddyInfoConfig struct { + // collectionPolicy declares whether the buddyinfo collector collects metrics. + // This field is required. + // Valid values are "Collect" and "DoNotCollect". + // When set to "Collect", the buddyinfo collector is active and memory fragmentation statistics are collected. + // When set to "DoNotCollect", the buddyinfo collector is inactive. + // +required + CollectionPolicy NodeExporterCollectorCollectionPolicy `json:"collectionPolicy,omitempty"` +} + +// NodeExporterCollectorMountStatsConfig provides configuration for the mountstats collector +// of the node-exporter agent. The mountstats collector collects statistics about NFS volume I/O activities. +// It is disabled by default. +// Enabling this collector may produce metrics with high cardinality. If you enable this +// collector, closely monitor the prometheus-k8s deployment for excessive memory usage. +type NodeExporterCollectorMountStatsConfig struct { + // collectionPolicy declares whether the mountstats collector collects metrics. + // This field is required. + // Valid values are "Collect" and "DoNotCollect". + // When set to "Collect", the mountstats collector is active and NFS volume I/O statistics are collected. + // When set to "DoNotCollect", the mountstats collector is inactive. + // +required + CollectionPolicy NodeExporterCollectorCollectionPolicy `json:"collectionPolicy,omitempty"` +} + +// NodeExporterCollectorKSMDConfig provides configuration for the ksmd collector +// of the node-exporter agent. The ksmd collector collects statistics from the kernel +// same-page merger daemon. +// It is disabled by default. +type NodeExporterCollectorKSMDConfig struct { + // collectionPolicy declares whether the ksmd collector collects metrics. + // This field is required. + // Valid values are "Collect" and "DoNotCollect". + // When set to "Collect", the ksmd collector is active and kernel same-page merger statistics are collected. + // When set to "DoNotCollect", the ksmd collector is inactive. + // +required + CollectionPolicy NodeExporterCollectorCollectionPolicy `json:"collectionPolicy,omitempty"` +} + +// NodeExporterCollectorProcessesConfig provides configuration for the processes collector +// of the node-exporter agent. The processes collector collects statistics from processes and threads +// running in the system. +// It is disabled by default. +type NodeExporterCollectorProcessesConfig struct { + // collectionPolicy declares whether the processes collector collects metrics. + // This field is required. + // Valid values are "Collect" and "DoNotCollect". + // When set to "Collect", the processes collector is active and process/thread statistics are collected. + // When set to "DoNotCollect", the processes collector is inactive. + // +required + CollectionPolicy NodeExporterCollectorCollectionPolicy `json:"collectionPolicy,omitempty"` +} + +// NodeExporterCollectorSystemdConfig provides configuration for the systemd collector +// of the node-exporter agent. The systemd collector collects statistics on the systemd daemon +// and its managed services. +// It is disabled by default. +// Enabling this collector with a long list of selected units may produce metrics with high +// cardinality. If you enable this collector, closely monitor the prometheus-k8s deployment +// for excessive memory usage. +// When collectionPolicy is DoNotCollect, the collect field must not be set. +// +kubebuilder:validation:XValidation:rule="has(self.collectionPolicy) && self.collectionPolicy == 'Collect' ? true : !has(self.collect)",message="collect is forbidden when collectionPolicy is not Collect" +// +union +type NodeExporterCollectorSystemdConfig struct { + // collectionPolicy declares whether the systemd collector collects metrics. + // This field is required. + // Valid values are "Collect" and "DoNotCollect". + // When set to "Collect", the systemd collector is active and systemd unit statistics are collected. + // When set to "DoNotCollect", the systemd collector is inactive and the collect field must not be set. + // +unionDiscriminator + // +required + CollectionPolicy NodeExporterCollectorCollectionPolicy `json:"collectionPolicy,omitempty"` + // collect contains configuration options that apply only when the systemd collector is actively collecting metrics + // (i.e. when collectionPolicy is Collect). + // collect is optional and may be omitted even when collectionPolicy is Collect. + // collect may only be set when collectionPolicy is Collect. + // When set, at least one field must be specified within collect. + // +unionMember + // +optional + Collect NodeExporterCollectorSystemdCollectConfig `json:"collect,omitzero,omitempty"` +} + +// NodeExporterCollectorSystemdCollectConfig holds configuration options for the systemd collector +// when it is actively collecting metrics. At least one field must be specified. +// +kubebuilder:validation:MinProperties=1 +type NodeExporterCollectorSystemdCollectConfig struct { + // units is a list of regular expression patterns that match systemd units to be included + // by the systemd collector. + // units is optional. + // By default, the list is empty, so the collector exposes no metrics for systemd units. + // Each entry is a regular expression pattern and must be at least 1 character and at most 1024 characters. + // Maximum length for this list is 50. + // Minimum length for this list is 1. + // Entries in this list must be unique. + // +kubebuilder:validation:MaxItems=50 + // +kubebuilder:validation:MinItems=1 + // +listType=set + // +optional + Units []NodeExporterSystemdUnit `json:"units,omitempty"` +} + +// NodeExporterSystemdUnit is a string that is interpreted as a Go regular expression +// pattern by the controller to match systemd unit names. +// Invalid regular expressions will cause a controller-level error at runtime. +// Must be at least 1 character and at most 1024 characters. +// +kubebuilder:validation:MinLength=1 +// +kubebuilder:validation:MaxLength=1024 +type NodeExporterSystemdUnit string + +// NodeExporterCollectorSoftirqsConfig provides configuration for the softirqs collector +// of the node-exporter agent. The softirqs collector exposes detailed softirq statistics +// from /proc/softirqs. +// It is disabled by default. +type NodeExporterCollectorSoftirqsConfig struct { + // collectionPolicy declares whether the softirqs collector collects metrics. + // This field is required. + // Valid values are "Collect" and "DoNotCollect". + // When set to "Collect", the softirqs collector is active and softirq statistics are collected. + // When set to "DoNotCollect", the softirqs collector is inactive. + // +required + CollectionPolicy NodeExporterCollectorCollectionPolicy `json:"collectionPolicy,omitempty"` +} + +// MonitoringPluginConfig provides configuration options for the monitoring plugin +// that runs as a dynamic plugin of the OpenShift web console. +// The monitoring plugin provides the monitoring UI in the OpenShift web console +// for visualizing metrics, alerts, and dashboards. +// At least one field must be specified; an empty monitoringPluginConfig object is not allowed. +// +kubebuilder:validation:MinProperties=1 +type MonitoringPluginConfig struct { + // nodeSelector defines the nodes on which the Pods are scheduled. + // nodeSelector is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // The current default value is `kubernetes.io/os: linux`. + // When specified, nodeSelector must contain at least 1 entry and must not contain more than 10 entries. + // +optional + // +kubebuilder:validation:MinProperties=1 + // +kubebuilder:validation:MaxProperties=10 + NodeSelector map[string]string `json:"nodeSelector,omitempty"` + // resources defines the compute resource requests and limits for the monitoring-plugin container. + // This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. + // When not specified, defaults are used by the platform. Requests cannot exceed limits. + // This field is optional. + // More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + // This is a simplified API that maps to Kubernetes ResourceRequirements. + // The current default values are: + // resources: + // - name: cpu + // request: 10m + // - name: memory + // request: 50Mi + // + // When specified, resources must contain at least 1 entry and must not exceed 5 entries. + // +optional + // +listType=map + // +listMapKey=name + // +kubebuilder:validation:MaxItems=5 + // +kubebuilder:validation:MinItems=1 + Resources []ContainerResource `json:"resources,omitempty"` + // tolerations defines the tolerations required for the monitoring-plugin Pods. + // This field is optional. + // + // When omitted, the monitoring-plugin Pods will not have any tolerations, which + // means they will only be scheduled on nodes with no taints. + // When specified, tolerations must contain at least 1 entry and must not contain more than 10 entries. + // +optional + // +listType=atomic + // +kubebuilder:validation:MinItems=1 + // +kubebuilder:validation:MaxItems=10 + Tolerations []v1.Toleration `json:"tolerations,omitempty"` + // topologySpreadConstraints defines rules for how monitoring-plugin Pods should be distributed + // across topology domains such as zones, nodes, or other user-defined labels. + // topologySpreadConstraints is optional. + // This helps improve high availability and resource efficiency by avoiding placing + // too many replicas in the same failure domain. + // + // When omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. + // This field maps directly to the `topologySpreadConstraints` field in the Pod spec. + // Default is empty list. + // When specified, this list must contain at least 1 entry and must not exceed 10 entries. + // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:MinItems=1 + // +listType=map + // +listMapKey=topologyKey + // +listMapKey=whenUnsatisfiable + // +optional + TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` } // UserDefinedMonitoring config for user-defined projects. @@ -154,12 +802,43 @@ type AlertmanagerConfig struct { CustomConfig AlertmanagerCustomConfig `json:"customConfig,omitempty,omitzero"` } +// UserAlertmanagerConfigSelection controls whether the platform Alertmanager selects +// AlertmanagerConfig resources from user-defined namespaces. +// +enum +type UserAlertmanagerConfigSelection string + +const ( + // UserAlertmanagerConfigSelectionSelectable enables user-defined namespaces to be selected + // for AlertmanagerConfig lookups on the platform Alertmanager. + UserAlertmanagerConfigSelectionSelectable UserAlertmanagerConfigSelection = "Selectable" + // UserAlertmanagerConfigSelectionNone disables user-defined namespaces from being selected + // for AlertmanagerConfig lookups on the platform Alertmanager. + UserAlertmanagerConfigSelectionNone UserAlertmanagerConfigSelection = "None" +) + // AlertmanagerCustomConfig represents the configuration for a custom Alertmanager deployment. // alertmanagerCustomConfig provides configuration options for the default Alertmanager instance // that runs in the `openshift-monitoring` namespace. Use this configuration to control -// whether the default Alertmanager is deployed, how it logs, and how its pods are scheduled. +// whether user-defined namespaces are selected for AlertmanagerConfig lookups, how it logs, +// and how its pods are scheduled. // +kubebuilder:validation:MinProperties=1 type AlertmanagerCustomConfig struct { + // userAlertmanagerConfigSelection is an optional field that controls whether user-defined + // namespaces can be selected for AlertmanagerConfig lookups on the platform Alertmanager + // instance in the `openshift-monitoring` namespace. + // Valid values are Selectable and None. + // When set to Selectable, the platform Alertmanager discovers AlertmanagerConfig resources + // in user-defined namespaces. This is equivalent to `enableUserAlertmanagerConfig: true` in + // the cluster-monitoring-config ConfigMap. + // When set to None, user-defined namespaces are not selected for AlertmanagerConfig lookups + // on the platform Alertmanager. This is equivalent to `enableUserAlertmanagerConfig: false` + // in the cluster-monitoring-config ConfigMap. + // This setting only applies when the user-workload monitoring Alertmanager is not enabled. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The current default value is `None`. + // +optional + // +kubebuilder:validation:Enum=Selectable;None + UserAlertmanagerConfigSelection UserAlertmanagerConfigSelection `json:"userAlertmanagerConfigSelection,omitempty"` // logLevel defines the verbosity of logs emitted by Alertmanager. // This field allows users to control the amount and severity of logs generated, which can be useful // for debugging issues or reducing noise in production environments. @@ -196,13 +875,13 @@ type AlertmanagerCustomConfig struct { // - name: memory // request: 40Mi // limit: null - // Maximum length for this list is 10. + // Maximum length for this list is 5. // Minimum length for this list is 1. // Each resource name must be unique within this list. // +optional // +listType=map // +listMapKey=name - // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:MaxItems=5 // +kubebuilder:validation:MinItems=1 Resources []ContainerResource `json:"resources,omitempty"` // secrets defines a list of secrets that need to be mounted into the Alertmanager. @@ -258,14 +937,12 @@ type AlertmanagerCustomConfig struct { // +listMapKey=whenUnsatisfiable // +optional TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` - // volumeClaimTemplate Defines persistent storage for Alertmanager. Use this setting to - // configure the persistent volume claim, including storage class, volume - // size, and name. + // volumeClaimTemplate defines persistent storage for Alertmanager. Use this setting to + // configure the persistent volume claim, including storage class and volume size. // If omitted, the Pod uses ephemeral storage and alert data will not persist // across restarts. - // This field is optional. // +optional - VolumeClaimTemplate *v1.PersistentVolumeClaim `json:"volumeClaimTemplate,omitempty"` + VolumeClaimTemplate *v1.PersistentVolumeClaim `json:"volumeClaimTemplate,omitempty,omitzero"` } // AlertManagerDeployMode defines the deployment state of the platform Alertmanager instance. @@ -286,22 +963,29 @@ const ( AlertManagerDeployModeCustomConfig AlertManagerDeployMode = "CustomConfig" ) -// logLevel defines the verbosity of logs emitted by Alertmanager. +// LogLevel defines the verbosity of logs emitted by Alertmanager. // Valid values are Error, Warn, Info and Debug. // +kubebuilder:validation:Enum=Error;Warn;Info;Debug type LogLevel string const ( - // Error only errors will be logged. + // LogLevelError only errors will be logged. LogLevelError LogLevel = "Error" - // Warn, both warnings and errors will be logged. + // LogLevelWarn, both warnings and errors will be logged. LogLevelWarn LogLevel = "Warn" - // Info, general information, warnings, and errors will all be logged. + // LogLevelInfo, general information, warnings, and errors will all be logged. LogLevelInfo LogLevel = "Info" - // Debug, detailed debugging information will be logged. + // LogLevelDebug, detailed debugging information will be logged. LogLevelDebug LogLevel = "Debug" ) +// MaxItems on []ContainerResource fields is kept at 5 to stay within the +// Kubernetes CRD CEL validation cost budget (StaticEstimatedCRDCostLimit). +// The quantity() CEL function has a high fixed estimated cost per invocation, +// and the limit-vs-request comparison rule is costed per maxItems per location. +// With multiple structs in ClusterMonitoringSpec embedding []ContainerResource, +// maxItems > 5 causes the total estimated rule cost to exceed the budget. + // ContainerResource defines a single resource requirement for a container. // +kubebuilder:validation:XValidation:rule="has(self.request) || has(self.limit)",message="at least one of request or limit must be set" // +kubebuilder:validation:XValidation:rule="!(has(self.request) && has(self.limit)) || quantity(self.limit).compareTo(quantity(self.request)) >= 0",message="limit must be greater than or equal to request" @@ -318,76 +1002,1394 @@ type ContainerResource struct { // request is the minimum amount of the resource required (e.g. "2Mi", "1Gi"). // This field is optional. // When limit is specified, request cannot be greater than limit. + // The value must be greater than 0 when specified. + // +optional + // +kubebuilder:validation:XIntOrString + // +kubebuilder:validation:MaxLength=20 + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:XValidation:rule="quantity(self).isGreaterThan(quantity('0'))",message="request must be a positive, non-zero quantity" + Request resource.Quantity `json:"request,omitempty"` + + // limit is the maximum amount of the resource allowed (e.g. "2Mi", "1Gi"). + // This field is optional. + // When request is specified, limit cannot be less than request. + // The value must be greater than 0 when specified. // +optional // +kubebuilder:validation:XIntOrString // +kubebuilder:validation:MaxLength=20 // +kubebuilder:validation:MinLength=1 - // +kubebuilder:validation:XValidation:rule="isQuantity(self) && quantity(self).isGreaterThan(quantity('0'))",message="request must be a positive, non-zero quantity" - Request resource.Quantity `json:"request,omitempty"` + // +kubebuilder:validation:XValidation:rule="quantity(self).isGreaterThan(quantity('0'))",message="limit must be a positive, non-zero quantity" + Limit resource.Quantity `json:"limit,omitempty"` +} + +// SecretName is a type that represents the name of a Secret in the same namespace. +// It must be at most 253 characters in length. +// +kubebuilder:validation:XValidation:rule="!format.dns1123Subdomain().validate(self).hasValue()",message="a lowercase RFC 1123 subdomain must consist of lower case alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character." +// +kubebuilder:validation:MaxLength=63 +type SecretName string + +// MetricsServerConfig provides configuration options for the Metrics Server instance +// that runs in the `openshift-monitoring` namespace. Use this configuration to control +// how the Metrics Server instance is deployed, how it logs, and how its pods are scheduled. +// +kubebuilder:validation:MinProperties=1 +type MetricsServerConfig struct { + // audit defines the audit configuration used by the Metrics Server instance. + // audit is optional. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. + //The current default sets audit.profile to Metadata + // +optional + Audit Audit `json:"audit,omitempty,omitzero"` + // nodeSelector defines the nodes on which the Pods are scheduled + // nodeSelector is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // The current default value is `kubernetes.io/os: linux`. + // +optional + // +kubebuilder:validation:MinProperties=1 + // +kubebuilder:validation:MaxProperties=10 + NodeSelector map[string]string `json:"nodeSelector,omitempty"` + // tolerations defines tolerations for the pods. + // tolerations is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // Defaults are empty/unset. + // Maximum length for this list is 10. + // Minimum length for this list is 1. + // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:MinItems=1 + // +listType=atomic + // +optional + Tolerations []v1.Toleration `json:"tolerations,omitempty"` + // verbosity defines the verbosity of log messages for Metrics Server. + // Valid values are Errors, Info, Trace, TraceAll and omitted. + // When set to Errors, only critical messages and errors are logged. + // When set to Info, only basic information messages are logged. + // When set to Trace, information useful for general debugging is logged. + // When set to TraceAll, detailed information about metric scraping is logged. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. + // The current default value is `Errors` + // +optional + Verbosity VerbosityLevel `json:"verbosity,omitempty,omitzero"` + // resources defines the compute resource requests and limits for the Metrics Server container. + // This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. + // When not specified, defaults are used by the platform. Requests cannot exceed limits. + // This field is optional. + // More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + // This is a simplified API that maps to Kubernetes ResourceRequirements. + // The current default values are: + // resources: + // - name: cpu + // request: 4m + // limit: null + // - name: memory + // request: 40Mi + // limit: null + // Maximum length for this list is 5. + // Minimum length for this list is 1. + // Each resource name must be unique within this list. + // +optional + // +listType=map + // +listMapKey=name + // +kubebuilder:validation:MaxItems=5 + // +kubebuilder:validation:MinItems=1 + Resources []ContainerResource `json:"resources,omitempty"` + // topologySpreadConstraints defines rules for how Metrics Server Pods should be distributed + // across topology domains such as zones, nodes, or other user-defined labels. + // topologySpreadConstraints is optional. + // This helps improve high availability and resource efficiency by avoiding placing + // too many replicas in the same failure domain. + // + // When omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. + // This field maps directly to the `topologySpreadConstraints` field in the Pod spec. + // Default is empty list. + // Maximum length for this list is 10. + // Minimum length for this list is 1. + // Entries must have unique topologyKey and whenUnsatisfiable pairs. + // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:MinItems=1 + // +listType=map + // +listMapKey=topologyKey + // +listMapKey=whenUnsatisfiable + // +optional + TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` +} + +// PrometheusOperatorConfig provides configuration options for the Prometheus Operator instance +// Use this configuration to control how the Prometheus Operator instance is deployed, how it logs, and how its pods are scheduled. +// +kubebuilder:validation:MinProperties=1 +type PrometheusOperatorConfig struct { + // logLevel defines the verbosity of logs emitted by Prometheus Operator. + // This field allows users to control the amount and severity of logs generated, which can be useful + // for debugging issues or reducing noise in production environments. + // Allowed values are Error, Warn, Info, and Debug. + // When set to Error, only errors will be logged. + // When set to Warn, both warnings and errors will be logged. + // When set to Info, general information, warnings, and errors will all be logged. + // When set to Debug, detailed debugging information will be logged. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. + // The current default value is `Info`. + // +optional + LogLevel LogLevel `json:"logLevel,omitempty"` + // nodeSelector defines the nodes on which the Pods are scheduled + // nodeSelector is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // The current default value is `kubernetes.io/os: linux`. + // When specified, nodeSelector must contain at least 1 entry and must not contain more than 10 entries. + // +optional + // +kubebuilder:validation:MinProperties=1 + // +kubebuilder:validation:MaxProperties=10 + NodeSelector map[string]string `json:"nodeSelector,omitempty"` + // resources defines the compute resource requests and limits for the Prometheus Operator container. + // This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. + // When not specified, defaults are used by the platform. Requests cannot exceed limits. + // This field is optional. + // More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + // This is a simplified API that maps to Kubernetes ResourceRequirements. + // The current default values are: + // resources: + // - name: cpu + // request: 4m + // limit: null + // - name: memory + // request: 40Mi + // limit: null + // Maximum length for this list is 5. + // Minimum length for this list is 1. + // Each resource name must be unique within this list. + // +optional + // +listType=map + // +listMapKey=name + // +kubebuilder:validation:MaxItems=5 + // +kubebuilder:validation:MinItems=1 + Resources []ContainerResource `json:"resources,omitempty"` + // tolerations defines tolerations for the pods. + // tolerations is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // Defaults are empty/unset. + // Maximum length for this list is 10. + // Minimum length for this list is 1. + // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:MinItems=1 + // +listType=atomic + // +optional + Tolerations []v1.Toleration `json:"tolerations,omitempty"` + // topologySpreadConstraints defines rules for how Prometheus Operator Pods should be distributed + // across topology domains such as zones, nodes, or other user-defined labels. + // topologySpreadConstraints is optional. + // This helps improve high availability and resource efficiency by avoiding placing + // too many replicas in the same failure domain. + // + // When omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. + // This field maps directly to the `topologySpreadConstraints` field in the Pod spec. + // Default is empty list. + // Maximum length for this list is 10. + // Minimum length for this list is 1. + // Entries must have unique topologyKey and whenUnsatisfiable pairs. + // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:MinItems=1 + // +listType=map + // +listMapKey=topologyKey + // +listMapKey=whenUnsatisfiable + // +optional + TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` +} + +// PrometheusOperatorAdmissionWebhookConfig provides configuration options for the admission webhook +// component of Prometheus Operator that runs in the `openshift-monitoring` namespace. The admission +// webhook validates PrometheusRule and AlertmanagerConfig objects, mutates PrometheusRule annotations, +// and converts AlertmanagerConfig objects between API versions. +// +kubebuilder:validation:MinProperties=1 +type PrometheusOperatorAdmissionWebhookConfig struct { + // resources defines the compute resource requests and limits for the + // prometheus-operator-admission-webhook container. + // This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. + // When not specified, defaults are used by the platform. Requests cannot exceed limits. + // This field is optional. + // More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + // This is a simplified API that maps to Kubernetes ResourceRequirements. + // The current default values are: + // resources: + // - name: cpu + // request: 5m + // limit: null + // - name: memory + // request: 30Mi + // limit: null + // Maximum length for this list is 5. + // Minimum length for this list is 1. + // Each resource name must be unique within this list. + // +optional + // +listType=map + // +listMapKey=name + // +kubebuilder:validation:MaxItems=5 + // +kubebuilder:validation:MinItems=1 + Resources []ContainerResource `json:"resources,omitempty"` + // topologySpreadConstraints defines rules for how admission webhook Pods should be distributed + // across topology domains such as zones, nodes, or other user-defined labels. + // topologySpreadConstraints is optional. + // This helps improve high availability and resource efficiency by avoiding placing + // too many replicas in the same failure domain. + // + // When omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. + // This field maps directly to the `topologySpreadConstraints` field in the Pod spec. + // Default is empty list. + // Maximum length for this list is 10. + // Minimum length for this list is 1. + // Entries must have unique topologyKey and whenUnsatisfiable pairs. + // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:MinItems=1 + // +listType=map + // +listMapKey=topologyKey + // +listMapKey=whenUnsatisfiable + // +optional + TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` +} + +// PrometheusConfig provides configuration options for the Prometheus instance. +// Use this configuration to control +// Prometheus deployment, pod scheduling, resource allocation, retention policies, and external integrations. +// +kubebuilder:validation:MinProperties=1 +type PrometheusConfig struct { + // additionalAlertmanagerConfigs configures additional Alertmanager instances that receive alerts from + // the Prometheus component. This is useful for organizations that need to: + // - Send alerts to external monitoring systems (like PagerDuty, Slack, or custom webhooks) + // - Route different types of alerts to different teams or systems + // - Integrate with existing enterprise alerting infrastructure + // - Maintain separate alert routing for compliance or organizational requirements + // When omitted, no additional Alertmanager instances are configured (default behavior). + // When provided, at least one configuration must be specified (minimum 1, maximum 10 items). + // Entries must have unique names (name is the list key). + // +optional + // +kubebuilder:validation:MinItems=1 + // +kubebuilder:validation:MaxItems=10 + // +listType=map + // +listMapKey=name + AdditionalAlertmanagerConfigs []AdditionalAlertmanagerConfig `json:"additionalAlertmanagerConfigs,omitempty"` + // enforcedBodySizeLimitBytes enforces a body size limit (in bytes) for Prometheus scraped metrics. + // If a scraped target's body response is larger than the limit, the scrape will fail. + // This helps protect Prometheus from targets that return excessively large responses. + // The value is specified in bytes (e.g., 4194304 for 4MB, 1073741824 for 1GB). + // When omitted, the Cluster Monitoring Operator automatically calculates an appropriate + // limit based on cluster capacity. Set an explicit value to override the automatic calculation. + // Minimum value is 10240 (10kB). + // Maximum value is 1073741824 (1GB). + // +kubebuilder:validation:Minimum=10240 + // +kubebuilder:validation:Maximum=1073741824 + // +optional + EnforcedBodySizeLimitBytes int64 `json:"enforcedBodySizeLimitBytes,omitempty"` + // externalLabels defines labels to be attached to time series and alerts + // when communicating with external systems such as federation, remote storage, + // and Alertmanager. These labels are not stored with metrics on disk; they are + // only added when data leaves Prometheus (e.g., during federation queries, + // remote write, or alert notifications). + // At least 1 label must be specified when set, with a maximum of 50 labels allowed. + // Each label key must be unique within this list. + // When omitted, no external labels are applied. + // +optional + // +kubebuilder:validation:MinItems=1 + // +kubebuilder:validation:MaxItems=50 + // +listType=map + // +listMapKey=key + ExternalLabels []Label `json:"externalLabels,omitempty"` + // logLevel defines the verbosity of logs emitted by Prometheus. + // This field allows users to control the amount and severity of logs generated, which can be useful + // for debugging issues or reducing noise in production environments. + // Allowed values are Error, Warn, Info, and Debug. + // When set to Error, only errors will be logged. + // When set to Warn, both warnings and errors will be logged. + // When set to Info, general information, warnings, and errors will all be logged. + // When set to Debug, detailed debugging information will be logged. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. + // The current default value is `Info`. + // +optional + LogLevel LogLevel `json:"logLevel,omitempty"` + // nodeSelector defines the nodes on which the Pods are scheduled. + // nodeSelector is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // The current default value is `kubernetes.io/os: linux`. + // When specified, nodeSelector must contain at least one key-value pair (minimum of 1) + // and must not contain more than 10 entries. + // +optional + // +kubebuilder:validation:MinProperties=1 + // +kubebuilder:validation:MaxProperties=10 + NodeSelector map[string]string `json:"nodeSelector,omitempty"` + // queryLogFile specifies the file to which PromQL queries are logged. + // This setting can be either a filename, in which + // case the queries are saved to an `emptyDir` volume + // at `/var/log/prometheus`, or a full path to a location where + // an `emptyDir` volume will be mounted and the queries saved. + // Writing to `/dev/stderr`, `/dev/stdout` or `/dev/null` is supported, but + // writing to any other `/dev/` path is not supported. Relative paths are + // also not supported. + // By default, PromQL queries are not logged. + // Must be an absolute path starting with `/` or a simple filename without path separators. + // Must not contain consecutive slashes, end with a slash, or include '..' path traversal. + // Must contain only alphanumeric characters, '.', '_', '-', or '/'. + // Must be between 1 and 255 characters in length. + // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=255 + // +kubebuilder:validation:XValidation:rule="self.matches('^[a-zA-Z0-9._/-]+$')",message="must contain only alphanumeric characters, '.', '_', '-', or '/'" + // +kubebuilder:validation:XValidation:rule="self.startsWith('/') || !self.contains('/')",message="must be an absolute path starting with '/' or a simple filename without '/'" + // +kubebuilder:validation:XValidation:rule="!self.startsWith('/dev/') || self in ['/dev/stdout', '/dev/stderr', '/dev/null']",message="only /dev/stdout, /dev/stderr, and /dev/null are allowed as /dev/ paths" + // +kubebuilder:validation:XValidation:rule="!self.contains('//') && !self.endsWith('/') && !self.contains('..')",message="must not contain '//', end with '/', or contain '..'" + QueryLogFile string `json:"queryLogFile,omitempty"` + // remoteWrite defines the remote write configuration, including URL, authentication, and relabeling settings. + // Remote write allows Prometheus to send metrics it collects to external long-term storage systems. + // When omitted, no remote write endpoints are configured. + // When provided, at least one configuration must be specified (minimum 1, maximum 10 items). + // Entries must have unique names (name is the list key). + // +kubebuilder:validation:MinItems=1 + // +kubebuilder:validation:MaxItems=10 + // +listType=map + // +listMapKey=name + // +optional + RemoteWrite []RemoteWriteSpec `json:"remoteWrite,omitempty"` + // resources defines the compute resource requests and limits for the Prometheus container. + // This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. + // When not specified, defaults are used by the platform. Requests cannot exceed limits. + // This field is optional. + // More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + // This is a simplified API that maps to Kubernetes ResourceRequirements. + // The current default values are: + // resources: + // - name: cpu + // request: 4m + // limit: null + // - name: memory + // request: 40Mi + // limit: null + // Maximum length for this list is 5. + // Minimum length for this list is 1. + // Each resource name must be unique within this list. + // +optional + // +listType=map + // +listMapKey=name + // +kubebuilder:validation:MaxItems=5 + // +kubebuilder:validation:MinItems=1 + Resources []ContainerResource `json:"resources,omitempty"` + // retention configures how long Prometheus retains metrics data and how much storage it can use. + // When omitted, the platform chooses reasonable defaults (currently 15d retention, no size limit). + // +optional + Retention Retention `json:"retention,omitempty,omitzero"` + // tolerations defines tolerations for the pods. + // tolerations is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // Defaults are empty/unset. + // Maximum length for this list is 10 + // Minimum length for this list is 1 + // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:MinItems=1 + // +listType=atomic + // +optional + Tolerations []v1.Toleration `json:"tolerations,omitempty"` + // topologySpreadConstraints defines rules for how Prometheus Pods should be distributed + // across topology domains such as zones, nodes, or other user-defined labels. + // topologySpreadConstraints is optional. + // This helps improve high availability and resource efficiency by avoiding placing + // too many replicas in the same failure domain. + // + // When omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. + // This field maps directly to the `topologySpreadConstraints` field in the Pod spec. + // Default is empty list. + // Maximum length for this list is 10. + // Minimum length for this list is 1 + // Entries must have unique topologyKey and whenUnsatisfiable pairs. + // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:MinItems=1 + // +listType=map + // +listMapKey=topologyKey + // +listMapKey=whenUnsatisfiable + // +optional + TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` + // collectionProfile defines the metrics collection profile that Prometheus uses to collect + // metrics from the platform components. Supported values are `Full` or + // `Minimal`. In the `Full` profile (default), Prometheus collects all + // metrics that are exposed by the platform components. In the `Minimal` + // profile, Prometheus only collects metrics necessary for the default + // platform alerts, recording rules, telemetry and console dashboards. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The default value is `Full`. + // +optional + CollectionProfile CollectionProfile `json:"collectionProfile,omitempty"` + // volumeClaimTemplate defines persistent storage for Prometheus. Use this setting to + // configure the persistent volume claim, including storage class and volume size. + // If omitted, the Pod uses ephemeral storage and Prometheus data will not persist + // across restarts. + // +optional + VolumeClaimTemplate *v1.PersistentVolumeClaim `json:"volumeClaimTemplate,omitempty,omitzero"` +} + +// AlertmanagerScheme defines the URL scheme to use when communicating with Alertmanager instances. +// +kubebuilder:validation:Enum=HTTP;HTTPS +type AlertmanagerScheme string + +const ( + AlertmanagerSchemeHTTP AlertmanagerScheme = "HTTP" + AlertmanagerSchemeHTTPS AlertmanagerScheme = "HTTPS" +) + +// AdditionalAlertmanagerConfig represents configuration for additional Alertmanager instances. +// The `AdditionalAlertmanagerConfig` resource defines settings for how a +// component communicates with additional Alertmanager instances. +type AdditionalAlertmanagerConfig struct { + // name is a unique identifier for this Alertmanager configuration entry. + // The name must be a valid DNS subdomain (RFC 1123): lowercase alphanumeric characters, + // hyphens, or periods, and must start and end with an alphanumeric character. + // Minimum length is 1 character (empty string is invalid). + // Maximum length is 253 characters. + // +kubebuilder:validation:MaxLength=253 + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:XValidation:rule="!format.dns1123Subdomain().validate(self).hasValue()",message="a lowercase RFC 1123 subdomain must consist of lower case alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character." + // +required + Name string `json:"name,omitempty"` + // authorization configures the authentication method for Alertmanager connections. + // Supports bearer token authentication. When omitted, no authentication is used. + // +optional + Authorization AuthorizationConfig `json:"authorization,omitempty,omitzero"` + // pathPrefix defines an optional URL path prefix to prepend to the Alertmanager API endpoints. + // For example, if your Alertmanager is behind a reverse proxy at "/alertmanager/", + // set this to "/alertmanager" so requests go to "/alertmanager/api/v1/alerts" instead of "/api/v1/alerts". + // This is commonly needed when Alertmanager is deployed behind ingress controllers or load balancers. + // When no prefix is needed, omit this field; do not set it to "/" as that would produce paths with double slashes (e.g. "//api/v1/alerts"). + // Must start with "/", must not end with "/", and must not be exactly "/". + // Must not contain query strings ("?") or fragments ("#"). + // +kubebuilder:validation:MaxLength=255 + // +kubebuilder:validation:MinLength=2 + // +kubebuilder:validation:XValidation:rule="self.startsWith('/')",message="pathPrefix must start with '/'" + // +kubebuilder:validation:XValidation:rule="!self.endsWith('/')",message="pathPrefix must not end with '/'" + // +kubebuilder:validation:XValidation:rule="self != '/'",message="pathPrefix must not be '/' (would produce double slashes in request path); omit for no prefix" + // +kubebuilder:validation:XValidation:rule="!self.contains('?') && !self.contains('#')",message="pathPrefix must not contain '?' or '#'" + // +optional + PathPrefix string `json:"pathPrefix,omitempty"` + // scheme defines the URL scheme to use when communicating with Alertmanager + // instances. + // Possible values are `HTTP` or `HTTPS`. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The current default value is `HTTP`. + // +optional + Scheme AlertmanagerScheme `json:"scheme,omitempty"` + // staticConfigs is a list of statically configured Alertmanager endpoints in the form + // of `:`. Each entry must be a valid hostname, IPv4 address, or IPv6 address + // (in brackets) followed by a colon and a valid port number (1-65535). + // Examples: "alertmanager.example.com:9093", "192.168.1.100:9093", "[::1]:9093" + // At least one endpoint must be specified (minimum 1, maximum 10 endpoints). + // Each entry must be unique and non-empty (empty string is invalid). + // +kubebuilder:validation:MinItems=1 + // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:items:MinLength=1 + // +kubebuilder:validation:items:MaxLength=255 + // +kubebuilder:validation:items:XValidation:rule="isURL('http://' + self) && size(url('http://' + self).getHostname()) > 0 && size(url('http://' + self).getPort()) > 0 && int(url('http://' + self).getPort()) >= 1 && int(url('http://' + self).getPort()) <= 65535",message="must be a valid 'host:port' where host is a DNS name, IPv4, or IPv6 address (in brackets), and port is 1-65535" + // +listType=set + // +required + StaticConfigs []string `json:"staticConfigs,omitempty"` + // timeoutSeconds defines the timeout in seconds for requests to Alertmanager. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // Currently the default is 10 seconds. + // Minimum value is 1 second. + // Maximum value is 600 seconds (10 minutes). + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=600 + // +optional + TimeoutSeconds int32 `json:"timeoutSeconds,omitempty"` + // tlsConfig defines the TLS settings to use for Alertmanager connections. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // +optional + TLSConfig TLSConfig `json:"tlsConfig,omitempty,omitzero"` +} + +// Label represents a key/value pair for external labels. +type Label struct { + // key is the name of the label. + // Prometheus supports UTF-8 label names, so any valid UTF-8 string is allowed. + // Must be between 1 and 128 characters in length. + // +required + // +kubebuilder:validation:MaxLength=128 + // +kubebuilder:validation:MinLength=1 + Key string `json:"key,omitempty"` + // value is the value of the label. + // Must be between 1 and 128 characters in length. + // +required + // +kubebuilder:validation:MaxLength=128 + // +kubebuilder:validation:MinLength=1 + Value string `json:"value,omitempty"` +} + +// RemoteWriteSpec represents configuration for remote write endpoints. +type RemoteWriteSpec struct { + // url is the URL of the remote write endpoint. + // Must be a valid URL with http or https scheme and a non-empty hostname. + // Query parameters, fragments, and user information (e.g. user:password@host) are not allowed. + // Empty string is invalid. Must be between 1 and 2048 characters in length. + // +required + // +kubebuilder:validation:MaxLength=2048 + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:XValidation:rule="isURL(self)",message="must be a valid URL" + // +kubebuilder:validation:XValidation:rule="!isURL(self) || url(self).getScheme() == 'http' || url(self).getScheme() == 'https'",message="must use http or https scheme" + // +kubebuilder:validation:XValidation:rule="!isURL(self) || size(url(self).getHostname()) > 0",message="must have a non-empty hostname" + // +kubebuilder:validation:XValidation:rule="!isURL(self) || url(self).getQuery().size() == 0",message="query parameters are not allowed" + // +kubebuilder:validation:XValidation:rule="!self.matches('.*#.*')",message="fragments are not allowed" + // +kubebuilder:validation:XValidation:rule="!self.matches('.*@.*')",message="user information (e.g. user:password@host) is not allowed" + URL string `json:"url,omitempty"` + // name is a required identifier for this remote write configuration (name is the list key for the remoteWrite list). + // This name is used in metrics and logging to differentiate remote write queues. + // Must contain only alphanumeric characters, hyphens, and underscores. + // Must be between 1 and 63 characters in length. + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=63 + // +kubebuilder:validation:XValidation:rule="self.matches('^[a-zA-Z0-9_-]+$')",message="must contain only alphanumeric characters, hyphens, and underscores" + Name string `json:"name,omitempty"` + // authorization defines the authorization method for the remote write endpoint. + // When omitted, no authorization is performed. + // When set, type must be one of BearerToken, BasicAuth, OAuth2, SigV4, SafeAuthorization, or ServiceAccount; the corresponding nested config must be set (ServiceAccount has no config). + // +optional + AuthorizationConfig RemoteWriteAuthorization `json:"authorization,omitzero"` + // headers specifies the custom HTTP headers to be sent along with each remote write request. + // Sending custom headers makes the configuration of a proxy in between optional and helps the + // receiver recognize the given source better. + // Clients MAY allow users to send custom HTTP headers; they MUST NOT allow users to configure + // them in such a way as to send reserved headers. Headers set by Prometheus cannot be overwritten. + // When omitted, no custom headers are sent. + // Maximum of 50 headers can be specified. Each header name must be unique. + // Each header name must contain only alphanumeric characters, hyphens, and underscores, and must not be a reserved Prometheus header (Host, Authorization, Content-Encoding, Content-Type, X-Prometheus-Remote-Write-Version, User-Agent, Connection, Keep-Alive, Proxy-Authenticate, Proxy-Authorization, WWW-Authenticate). + // +optional + // +kubebuilder:validation:MinItems=0 + // +kubebuilder:validation:MaxItems=50 + // +kubebuilder:validation:items:XValidation:rule="self.name.matches('^[a-zA-Z0-9_-]+$')",message="header name must contain only alphanumeric characters, hyphens, and underscores" + // +kubebuilder:validation:items:XValidation:rule="!self.name.matches('(?i)^(host|authorization|content-encoding|content-type|x-prometheus-remote-write-version|user-agent|connection|keep-alive|proxy-authenticate|proxy-authorization|www-authenticate)$')",message="header name must not be a reserved Prometheus header (Host, Authorization, Content-Encoding, Content-Type, X-Prometheus-Remote-Write-Version, User-Agent, Connection, Keep-Alive, Proxy-Authenticate, Proxy-Authorization, WWW-Authenticate)" + // +listType=map + // +listMapKey=name + Headers []PrometheusRemoteWriteHeader `json:"headers,omitempty"` + // metadataConfig configures the sending of series metadata to remote storage. + // When omitted, no metadata is sent. + // When set to sendPolicy: Default, metadata is sent using platform-chosen defaults (e.g. send interval 30 seconds). + // When set to sendPolicy: Custom, metadata is sent using the settings in the custom field (e.g. custom.sendIntervalSeconds). + // +optional + MetadataConfig MetadataConfig `json:"metadataConfig,omitempty,omitzero"` + // proxyUrl defines an optional proxy URL. + // If the cluster-wide proxy is enabled, it replaces the proxyUrl setting. + // The cluster-wide proxy supports both HTTP and HTTPS proxies, with HTTPS taking precedence. + // When omitted, no proxy is used. + // Must be a valid URL with http or https scheme. + // Must be between 1 and 2048 characters in length. + // +optional + // +kubebuilder:validation:MaxLength=2048 + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:XValidation:rule="isURL(self) && (url(self).getScheme() == 'http' || url(self).getScheme() == 'https')",message="must be a valid URL with http or https scheme" + ProxyURL string `json:"proxyUrl,omitempty"` + // queueConfig allows tuning configuration for remote write queue parameters. + // When omitted, default queue configuration is used. + // +optional + QueueConfig QueueConfig `json:"queueConfig,omitempty,omitzero"` + // remoteTimeoutSeconds defines the timeout in seconds for requests to the remote write endpoint. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // Minimum value is 1 second. + // Maximum value is 600 seconds (10 minutes). + // +optional + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=600 + RemoteTimeoutSeconds int32 `json:"remoteTimeoutSeconds,omitempty"` + // exemplarsMode controls whether exemplars are sent via remote write. + // Valid values are "Send", "DoNotSend" and omitted. + // When set to "Send", Prometheus is configured to store a maximum of 100,000 exemplars in memory and send them with remote write. + // Note that this setting only applies to user-defined monitoring. It is not applicable to default in-cluster monitoring. + // When omitted or set to "DoNotSend", exemplars are not sent. + // +optional + ExemplarsMode ExemplarsMode `json:"exemplarsMode,omitempty"` + // tlsConfig defines TLS authentication settings for the remote write endpoint. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // +optional + TLSConfig TLSConfig `json:"tlsConfig,omitempty,omitzero"` + // writeRelabelConfigs is a list of relabeling rules to apply before sending data to the remote endpoint. + // When omitted, no relabeling is performed and all metrics are sent as-is. + // Minimum of 1 and maximum of 10 relabeling rules can be specified. + // Each rule must have a unique name. + // +optional + // +kubebuilder:validation:MinItems=1 + // +kubebuilder:validation:MaxItems=10 + // +listType=map + // +listMapKey=name + WriteRelabelConfigs []RelabelConfig `json:"writeRelabelConfigs,omitempty"` +} + +// PrometheusRemoteWriteHeader defines a custom HTTP header for remote write requests. +// The header name must not be one of the reserved headers set by Prometheus (Host, Authorization, Content-Encoding, Content-Type, X-Prometheus-Remote-Write-Version, User-Agent, Connection, Keep-Alive, Proxy-Authenticate, Proxy-Authorization, WWW-Authenticate). +// Header names must contain only case-insensitive alphanumeric characters, hyphens (-), and underscores (_); other characters (e.g. emoji) are rejected by validation. +// Validation is enforced on the Headers field in RemoteWriteSpec. +type PrometheusRemoteWriteHeader struct { + // name is the HTTP header name. Must not be a reserved header (see type documentation). + // Must contain only alphanumeric characters, hyphens, and underscores; invalid characters are rejected. Must be between 1 and 256 characters. + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=256 + Name string `json:"name,omitempty"` + // value is the HTTP header value. Must be at most 4096 characters. + // +required + // +kubebuilder:validation:MinLength=0 + // +kubebuilder:validation:MaxLength=4096 + Value *string `json:"value,omitempty"` +} + +// BasicAuth defines basic authentication settings for the remote write endpoint URL. +type BasicAuth struct { + // username defines the secret reference containing the username for basic authentication. + // The secret must exist in the openshift-monitoring namespace. + // +required + Username SecretKeySelector `json:"username,omitzero,omitempty"` + // password defines the secret reference containing the password for basic authentication. + // The secret must exist in the openshift-monitoring namespace. + // +required + Password SecretKeySelector `json:"password,omitzero,omitempty"` +} + +// RemoteWriteAuthorizationType defines the authorization method for remote write endpoints. +// +kubebuilder:validation:Enum=BearerToken;BasicAuth;OAuth2;SigV4;SafeAuthorization;ServiceAccount +type RemoteWriteAuthorizationType string + +const ( + // RemoteWriteAuthorizationTypeBearerToken indicates bearer token from a secret. + RemoteWriteAuthorizationTypeBearerToken RemoteWriteAuthorizationType = "BearerToken" + // RemoteWriteAuthorizationTypeBasicAuth indicates HTTP basic authentication. + RemoteWriteAuthorizationTypeBasicAuth RemoteWriteAuthorizationType = "BasicAuth" + // RemoteWriteAuthorizationTypeOAuth2 indicates OAuth2 client credentials. + RemoteWriteAuthorizationTypeOAuth2 RemoteWriteAuthorizationType = "OAuth2" + // RemoteWriteAuthorizationTypeSigV4 indicates AWS Signature Version 4. + RemoteWriteAuthorizationTypeSigV4 RemoteWriteAuthorizationType = "SigV4" + // RemoteWriteAuthorizationTypeSafeAuthorization indicates authorization from a secret (Prometheus SafeAuthorization pattern). + // The secret key contains the credentials (e.g. a Bearer token). Use the safeAuthorization field. + RemoteWriteAuthorizationTypeSafeAuthorization RemoteWriteAuthorizationType = "SafeAuthorization" + // RemoteWriteAuthorizationTypeServiceAccount indicates use of the pod's service account token for machine identity. + // No additional field is required; the operator configures the token path. + RemoteWriteAuthorizationTypeServiceAccount RemoteWriteAuthorizationType = "ServiceAccount" +) + +// RemoteWriteAuthorization defines the authorization method for a remote write endpoint. +// Exactly one of the nested configs must be set according to the type discriminator. +// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'BearerToken' ? has(self.bearerToken) : !has(self.bearerToken)",message="bearerToken is required when type is BearerToken, and forbidden otherwise" +// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'BasicAuth' ? has(self.basicAuth) : !has(self.basicAuth)",message="basicAuth is required when type is BasicAuth, and forbidden otherwise" +// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'OAuth2' ? has(self.oauth2) : !has(self.oauth2)",message="oauth2 is required when type is OAuth2, and forbidden otherwise" +// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'SigV4' ? has(self.sigv4) : !has(self.sigv4)",message="sigv4 is required when type is SigV4, and forbidden otherwise" +// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'SafeAuthorization' ? has(self.safeAuthorization) : !has(self.safeAuthorization)",message="safeAuthorization is required when type is SafeAuthorization, and forbidden otherwise" +// +union +type RemoteWriteAuthorization struct { + // type specifies the authorization method to use. + // Allowed values are BearerToken, BasicAuth, OAuth2, SigV4, SafeAuthorization, ServiceAccount. + // + // When set to BearerToken, the bearer token is read from a Secret referenced by the bearerToken field. + // + // When set to BasicAuth, HTTP basic authentication is used; the basicAuth field (username and password from Secrets) must be set. + // + // When set to OAuth2, OAuth2 client credentials flow is used; the oauth2 field (clientId, clientSecret, tokenUrl) must be set. + // + // When set to SigV4, AWS Signature Version 4 is used for authentication; the sigv4 field must be set. + // + // When set to SafeAuthorization, credentials are read from a single Secret key (Prometheus SafeAuthorization pattern). The secret key typically contains a Bearer token. Use the safeAuthorization field. + // + // When set to ServiceAccount, the pod's service account token is used for machine identity. No additional field is required; the operator configures the token path. + // +unionDiscriminator + // +required + Type RemoteWriteAuthorizationType `json:"type,omitempty"` + // safeAuthorization defines the secret reference containing the credentials for authentication (e.g. Bearer token). + // Required when type is "SafeAuthorization", and forbidden otherwise. Maps to Prometheus SafeAuthorization. The secret must exist in the openshift-monitoring namespace. + // +unionMember + // +optional + SafeAuthorization *v1.SecretKeySelector `json:"safeAuthorization,omitempty"` + // bearerToken defines the secret reference containing the bearer token. + // Required when type is "BearerToken", and forbidden otherwise. + // +unionMember + // +optional + BearerToken SecretKeySelector `json:"bearerToken,omitempty,omitzero"` + // basicAuth defines HTTP basic authentication credentials. + // Required when type is "BasicAuth", and forbidden otherwise. + // +unionMember + // +optional + BasicAuth BasicAuth `json:"basicAuth,omitempty,omitzero"` + // oauth2 defines OAuth2 client credentials authentication. + // Required when type is "OAuth2", and forbidden otherwise. + // +unionMember + // +optional + OAuth2 OAuth2 `json:"oauth2,omitempty,omitzero"` + // sigv4 defines AWS Signature Version 4 authentication. + // Required when type is "SigV4", and forbidden otherwise. + // +unionMember + // +optional + Sigv4 Sigv4 `json:"sigv4,omitempty,omitzero"` +} + +// MetadataConfigSendPolicy defines whether to send metadata with platform defaults or with custom settings. +// +kubebuilder:validation:Enum=Default;Custom +type MetadataConfigSendPolicy string + +const ( + // MetadataConfigSendPolicyDefault indicates metadata is sent using platform-chosen defaults (e.g. send interval 30 seconds). + MetadataConfigSendPolicyDefault MetadataConfigSendPolicy = "Default" + // MetadataConfigSendPolicyCustom indicates metadata is sent using the settings in the custom field. + MetadataConfigSendPolicyCustom MetadataConfigSendPolicy = "Custom" +) + +// MetadataConfig defines whether and how to send series metadata to remote write storage. +// +kubebuilder:validation:XValidation:rule="self.sendPolicy == 'Default' ? self.custom.sendIntervalSeconds == 0 : true",message="custom is forbidden when sendPolicy is Default" +type MetadataConfig struct { + // sendPolicy specifies whether to send metadata and how it is configured. + // Default: send metadata using platform-chosen defaults (e.g. send interval 30 seconds). + // Custom: send metadata using the settings in the custom field. + // +required + SendPolicy MetadataConfigSendPolicy `json:"sendPolicy,omitempty"` + // custom defines custom metadata send settings. Required when sendPolicy is Custom (must have at least one property), and forbidden when sendPolicy is Default. + // +optional + Custom MetadataConfigCustom `json:"custom,omitempty,omitzero"` +} + +// MetadataConfigCustom defines custom settings for sending series metadata when sendPolicy is Custom. +// At least one property must be set when sendPolicy is Custom (e.g. sendIntervalSeconds). +// +kubebuilder:validation:MinProperties=1 +type MetadataConfigCustom struct { + // sendIntervalSeconds is the interval in seconds at which metadata is sent. + // When omitted, the platform chooses a reasonable default (e.g. 30 seconds). + // Minimum value is 1 second. Maximum value is 86400 seconds (24 hours). + // +optional + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=86400 + SendIntervalSeconds int32 `json:"sendIntervalSeconds,omitempty"` +} + +// OAuth2 defines OAuth2 authentication settings for the remote write endpoint. +type OAuth2 struct { + // clientId defines the secret reference containing the OAuth2 client ID. + // The secret must exist in the openshift-monitoring namespace. + // +required + ClientID SecretKeySelector `json:"clientId,omitzero,omitempty"` + // clientSecret defines the secret reference containing the OAuth2 client secret. + // The secret must exist in the openshift-monitoring namespace. + // +required + ClientSecret SecretKeySelector `json:"clientSecret,omitzero,omitempty"` + // tokenUrl is the URL to fetch the token from. + // Must be a valid URL with http or https scheme. + // Must be between 1 and 2048 characters in length. + // +required + // +kubebuilder:validation:MaxLength=2048 + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:XValidation:rule="isURL(self)",message="must be a valid URL" + // +kubebuilder:validation:XValidation:rule="!isURL(self) || url(self).getScheme() == 'http' || url(self).getScheme() == 'https'",message="must use http or https scheme" + TokenURL string `json:"tokenUrl,omitempty"` + // scopes is a list of OAuth2 scopes to request. + // When omitted, no scopes are requested. + // Maximum of 20 scopes can be specified. + // Each scope must be between 1 and 256 characters. + // +optional + // +kubebuilder:validation:MinItems=0 + // +kubebuilder:validation:MaxItems=20 + // +kubebuilder:validation:items:MinLength=1 + // +kubebuilder:validation:items:MaxLength=256 + // +listType=atomic + Scopes []string `json:"scopes,omitempty"` + // endpointParams defines additional parameters to append to the token URL. + // When omitted, no additional parameters are sent. + // Maximum of 20 parameters can be specified. Entries must have unique names (name is the list key). + // +optional + // +kubebuilder:validation:MinItems=0 + // +kubebuilder:validation:MaxItems=20 + // +listType=map + // +listMapKey=name + EndpointParams []OAuth2EndpointParam `json:"endpointParams,omitempty"` +} + +// OAuth2EndpointParam defines a name/value parameter for the OAuth2 token URL. +type OAuth2EndpointParam struct { + // name is the parameter name. Must be between 1 and 256 characters. + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=256 + Name string `json:"name,omitempty"` + // value is the optional parameter value. When omitted, the query parameter is applied as ?name (no value). + // When set (including to the empty string), it is applied as ?name=value. Empty string may be used when the + // external system expects a parameter with an empty value (e.g. ?parameter=""). + // Must be between 0 and 2048 characters when present (aligned with common URL length recommendations). + // +optional + // +kubebuilder:validation:MinLength=0 + // +kubebuilder:validation:MaxLength=2048 + Value *string `json:"value,omitempty"` +} + +// QueueConfig allows tuning configuration for remote write queue parameters. +// Configure this when you need to control throughput, backpressure, or retry behavior—for example to avoid overloading the remote endpoint, to reduce memory usage, or to tune for high-cardinality workloads. Consider capacity, maxShards, and batchSendDeadlineSeconds for throughput; minBackoffMilliseconds and maxBackoffMilliseconds for retries; and rateLimitedAction when the remote returns HTTP 429. +// +kubebuilder:validation:MinProperties=1 +type QueueConfig struct { + // capacity is the number of samples to buffer per shard before we start dropping them. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The default value is 10000. + // Minimum value is 1. + // Maximum value is 1000000. + // +optional + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=1000000 + Capacity int32 `json:"capacity,omitempty"` + // maxShards is the maximum number of shards, i.e. amount of concurrency. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The default value is 200. + // Minimum value is 1. + // Maximum value is 10000. + // +optional + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=10000 + MaxShards int32 `json:"maxShards,omitempty"` + // minShards is the minimum number of shards, i.e. amount of concurrency. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The default value is 1. + // Minimum value is 1. + // Maximum value is 10000. + // +optional + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=10000 + MinShards int32 `json:"minShards,omitempty"` + // maxSamplesPerSend is the maximum number of samples per send. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The default value is 1000. + // Minimum value is 1. + // Maximum value is 100000. + // +optional + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=100000 + MaxSamplesPerSend int32 `json:"maxSamplesPerSend,omitempty"` + // batchSendDeadlineSeconds is the maximum time in seconds a sample will wait in buffer before being sent. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // Minimum value is 1 second. + // Maximum value is 3600 seconds (1 hour). + // +optional + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=3600 + BatchSendDeadlineSeconds int32 `json:"batchSendDeadlineSeconds,omitempty"` + // minBackoffMilliseconds is the minimum retry delay in milliseconds. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // Minimum value is 1 millisecond. + // Maximum value is 3600000 milliseconds (1 hour). + // +optional + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=3600000 + MinBackoffMilliseconds int32 `json:"minBackoffMilliseconds,omitempty"` + // maxBackoffMilliseconds is the maximum retry delay in milliseconds. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // Minimum value is 1 millisecond. + // Maximum value is 3600000 milliseconds (1 hour). + // +optional + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=3600000 + MaxBackoffMilliseconds int32 `json:"maxBackoffMilliseconds,omitempty"` + // rateLimitedAction controls what to do when the remote write endpoint returns HTTP 429 (Too Many Requests). + // When omitted, no retries are performed on rate limit responses. + // When set to "Retry", Prometheus will retry such requests using the backoff settings above. + // Valid value when set is "Retry". + // +optional + RateLimitedAction RateLimitedAction `json:"rateLimitedAction,omitempty"` +} + +// Sigv4 defines AWS Signature Version 4 authentication settings. +// At least one of region, accessKey/secretKey, profile, or roleArn must be set so the platform can perform authentication. +// +kubebuilder:validation:MinProperties=1 +type Sigv4 struct { + // region is the AWS region. + // When omitted, the region is derived from the environment or instance metadata. + // Must be between 1 and 128 characters. + // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=128 + Region string `json:"region,omitempty"` + // accessKey defines the secret reference containing the AWS access key ID. + // The secret must exist in the openshift-monitoring namespace. + // When omitted, the access key is derived from the environment or instance metadata. + // +optional + AccessKey SecretKeySelector `json:"accessKey,omitempty,omitzero"` + // secretKey defines the secret reference containing the AWS secret access key. + // The secret must exist in the openshift-monitoring namespace. + // When omitted, the secret key is derived from the environment or instance metadata. + // +optional + SecretKey SecretKeySelector `json:"secretKey,omitempty,omitzero"` + // profile is the named AWS profile used to authenticate. + // When omitted, the default profile is used. + // Must be between 1 and 128 characters. + // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=128 + Profile string `json:"profile,omitempty"` + // roleArn is the AWS Role ARN, an alternative to using AWS API keys. + // When omitted, API keys are used for authentication. + // Must be a valid AWS ARN format (e.g., "arn:aws:iam::123456789012:role/MyRole"). + // Must be between 1 and 512 characters. + // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=512 + // +kubebuilder:validation:XValidation:rule=`self.startsWith('arn:aws') && self.matches('^arn:aws(-[a-z]+)?:iam::[0-9]{12}:role/.+$')`,message="must be a valid AWS IAM role ARN (e.g., arn:aws:iam::123456789012:role/MyRole)" + RoleArn string `json:"roleArn,omitempty"` +} + +// RelabelConfig represents a relabeling rule. +type RelabelConfig struct { + // name is a unique identifier for this relabel configuration. + // Must contain only alphanumeric characters, hyphens, and underscores. + // Must be between 1 and 63 characters in length. + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=63 + // +kubebuilder:validation:XValidation:rule="self.matches('^[a-zA-Z0-9_-]+$')",message="must contain only alphanumeric characters, hyphens, and underscores" + Name string `json:"name,omitempty"` + + // sourceLabels specifies which label names to extract from each series for this relabeling rule. + // The values of these labels are joined together using the configured separator, + // and the resulting string is then matched against the regular expression. + // If a referenced label does not exist on a series, Prometheus substitutes an empty string. + // When omitted, the rule operates without extracting source labels (useful for actions like labelmap). + // Minimum of 1 and maximum of 10 source labels can be specified, each between 1 and 128 characters. + // Each entry must be unique. + // Label names beginning with "__" (two underscores) are reserved for internal Prometheus use and are not allowed. + // Label names SHOULD start with a letter (a-z, A-Z) or underscore (_), followed by zero or more letters, digits (0-9), or underscores for best compatibility. + // While Prometheus supports UTF-8 characters in label names (since v3.0.0), using the recommended character set + // ensures better compatibility with the wider ecosystem (tooling, third-party instrumentation, etc.). + // +optional + // +kubebuilder:validation:MinItems=1 + // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:items:MinLength=1 + // +kubebuilder:validation:items:MaxLength=128 + // +kubebuilder:validation:items:XValidation:rule="!self.startsWith('__')",message="label names beginning with '__' (two underscores) are reserved for internal Prometheus use and are not allowed" + // +listType=set + SourceLabels []string `json:"sourceLabels,omitempty"` + + // separator is the character sequence used to join source label values. + // Common examples: ";", ",", "::", "|||". + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The default value is ";". + // Must be between 1 and 5 characters in length when specified. + // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=5 + Separator string `json:"separator,omitempty"` + + // regex is the regular expression to match against the concatenated source label values. + // Must be a valid RE2 regular expression (https://github.com/google/re2/wiki/Syntax). + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The default value is "(.*)" to match everything. + // Must be between 1 and 1000 characters in length when specified. + // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=1000 + Regex string `json:"regex,omitempty"` + + // action defines the action to perform on the matched labels and its configuration. + // Exactly one action-specific configuration must be specified based on the action type. + // +required + Action RelabelActionConfig `json:"action,omitzero"` +} + +// RelabelActionConfig represents the action to perform and its configuration. +// Exactly one action-specific configuration must be specified based on the action type. +// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'Replace' ? has(self.replace) : !has(self.replace)",message="replace is required when type is Replace, and forbidden otherwise" +// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'HashMod' ? has(self.hashMod) : !has(self.hashMod)",message="hashMod is required when type is HashMod, and forbidden otherwise" +// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'Lowercase' ? has(self.lowercase) : !has(self.lowercase)",message="lowercase is required when type is Lowercase, and forbidden otherwise" +// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'Uppercase' ? has(self.uppercase) : !has(self.uppercase)",message="uppercase is required when type is Uppercase, and forbidden otherwise" +// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'KeepEqual' ? has(self.keepEqual) : !has(self.keepEqual)",message="keepEqual is required when type is KeepEqual, and forbidden otherwise" +// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'DropEqual' ? has(self.dropEqual) : !has(self.dropEqual)",message="dropEqual is required when type is DropEqual, and forbidden otherwise" +// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'LabelMap' ? has(self.labelMap) : !has(self.labelMap)",message="labelMap is required when type is LabelMap, and forbidden otherwise" +// +union +type RelabelActionConfig struct { + // type specifies the action to perform on the matched labels. + // Allowed values are Replace, Lowercase, Uppercase, Keep, Drop, KeepEqual, DropEqual, HashMod, LabelMap, LabelDrop, LabelKeep. + // + // When set to Replace, regex is matched against the concatenated source_labels; target_label is set to replacement with match group references (${1}, ${2}, ...) substituted. If regex does not match, no replacement takes place. + // + // When set to Lowercase, the concatenated source_labels are mapped to their lower case. Requires Prometheus >= v2.36.0. + // + // When set to Uppercase, the concatenated source_labels are mapped to their upper case. Requires Prometheus >= v2.36.0. + // + // When set to Keep, targets for which regex does not match the concatenated source_labels are dropped. + // + // When set to Drop, targets for which regex matches the concatenated source_labels are dropped. + // + // When set to KeepEqual, targets for which the concatenated source_labels do not match target_label are dropped. Requires Prometheus >= v2.41.0. + // + // When set to DropEqual, targets for which the concatenated source_labels do match target_label are dropped. Requires Prometheus >= v2.41.0. + // + // When set to HashMod, target_label is set to the modulus of a hash of the concatenated source_labels. + // + // When set to LabelMap, regex is matched against all source label names (not just source_labels); matching label values are copied to new names given by replacement with ${1}, ${2}, ... substituted. + // + // When set to LabelDrop, regex is matched against all label names; any label that matches is removed. + // + // When set to LabelKeep, regex is matched against all label names; any label that does not match is removed. + // +required + // +unionDiscriminator + Type RelabelAction `json:"type,omitempty"` + + // replace configures the Replace action. + // Required when type is Replace, and forbidden otherwise. + // +unionMember + // +optional + Replace ReplaceActionConfig `json:"replace,omitempty,omitzero"` + + // hashMod configures the HashMod action. + // Required when type is HashMod, and forbidden otherwise. + // +unionMember + // +optional + HashMod HashModActionConfig `json:"hashMod,omitempty,omitzero"` + + // labelMap configures the LabelMap action. + // Required when type is LabelMap, and forbidden otherwise. + // +unionMember + // +optional + LabelMap LabelMapActionConfig `json:"labelMap,omitempty,omitzero"` + + // lowercase configures the Lowercase action. + // Required when type is Lowercase, and forbidden otherwise. + // Requires Prometheus >= v2.36.0. + // +unionMember + // +optional + Lowercase LowercaseActionConfig `json:"lowercase,omitempty,omitzero"` + + // uppercase configures the Uppercase action. + // Required when type is Uppercase, and forbidden otherwise. + // Requires Prometheus >= v2.36.0. + // +unionMember + // +optional + Uppercase UppercaseActionConfig `json:"uppercase,omitempty,omitzero"` + + // keepEqual configures the KeepEqual action. + // Required when type is KeepEqual, and forbidden otherwise. + // Requires Prometheus >= v2.41.0. + // +unionMember + // +optional + KeepEqual KeepEqualActionConfig `json:"keepEqual,omitempty,omitzero"` + + // dropEqual configures the DropEqual action. + // Required when type is DropEqual, and forbidden otherwise. + // Requires Prometheus >= v2.41.0. + // +unionMember + // +optional + DropEqual DropEqualActionConfig `json:"dropEqual,omitempty,omitzero"` +} + +// ReplaceActionConfig configures the Replace action. +// Regex is matched against the concatenated source_labels; target_label is set to replacement with match group references (${1}, ${2}, ...) substituted. No replacement if regex does not match. +type ReplaceActionConfig struct { + // targetLabel is the label name where the replacement result is written. + // Must be between 1 and 128 characters in length. + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=128 + TargetLabel string `json:"targetLabel,omitempty"` + + // replacement is the value written to target_label when regex matches; match group references (${1}, ${2}, ...) are substituted. + // Required when using the Replace action so the intended behavior is explicit and the platform does not need to apply defaults. + // Use "$1" for the first capture group, "$2" for the second, etc. Use an empty string ("") to explicitly clear the target label value. + // Must be between 0 and 255 characters in length. + // +required + // +kubebuilder:validation:MinLength=0 + // +kubebuilder:validation:MaxLength=255 + Replacement *string `json:"replacement,omitempty"` +} + +// HashModActionConfig configures the HashMod action. +// target_label is set to the modulus of a hash of the concatenated source_labels (target = hash % modulus). +type HashModActionConfig struct { + // targetLabel is the label name where the hash modulus result is written. + // Must be between 1 and 128 characters in length. + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=128 + TargetLabel string `json:"targetLabel,omitempty"` + + // modulus is the divisor applied to the hash of the concatenated source label values (target = hash % modulus). + // Required when using the HashMod action so the intended behavior is explicit. + // Must be between 1 and 1000000. + // +required + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=1000000 + Modulus int64 `json:"modulus,omitempty"` +} + +// LowercaseActionConfig configures the Lowercase action. +// Maps the concatenated source_labels to their lower case and writes to target_label. +// Requires Prometheus >= v2.36.0. +type LowercaseActionConfig struct { + // targetLabel is the label name where the lower-cased value is written. + // Must be between 1 and 128 characters in length. + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=128 + TargetLabel string `json:"targetLabel,omitempty"` +} + +// UppercaseActionConfig configures the Uppercase action. +// Maps the concatenated source_labels to their upper case and writes to target_label. +// Requires Prometheus >= v2.36.0. +type UppercaseActionConfig struct { + // targetLabel is the label name where the upper-cased value is written. + // Must be between 1 and 128 characters in length. + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=128 + TargetLabel string `json:"targetLabel,omitempty"` +} + +// KeepEqualActionConfig configures the KeepEqual action. +// Drops targets for which the concatenated source_labels do not match the value of target_label. +// Requires Prometheus >= v2.41.0. +type KeepEqualActionConfig struct { + // targetLabel is the label name whose value is compared to the concatenated source_labels; targets that do not match are dropped. + // Must be between 1 and 128 characters in length. + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=128 + TargetLabel string `json:"targetLabel,omitempty"` +} + +// DropEqualActionConfig configures the DropEqual action. +// Drops targets for which the concatenated source_labels do match the value of target_label. +// Requires Prometheus >= v2.41.0. +type DropEqualActionConfig struct { + // targetLabel is the label name whose value is compared to the concatenated source_labels; targets that match are dropped. + // Must be between 1 and 128 characters in length. + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=128 + TargetLabel string `json:"targetLabel,omitempty"` +} + +// LabelMapActionConfig configures the LabelMap action. +// Regex is matched against all source label names (not just source_labels). Matching label values are copied to new label names given by replacement, with match group references (${1}, ${2}, ...) substituted. +type LabelMapActionConfig struct { + // replacement is the template for new label names; match group references (${1}, ${2}, ...) are substituted from the matched label name. + // Required when using the LabelMap action so the intended behavior is explicit and the platform does not need to apply defaults. + // Use "$1" for the first capture group, "$2" for the second, etc. + // Must be between 1 and 255 characters in length. Empty string is invalid as it would produce invalid label names. + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=255 + Replacement string `json:"replacement,omitempty"` +} + +// TLSConfig represents TLS configuration for Alertmanager connections. +// At least one TLS configuration option must be specified. +// For mutual TLS (mTLS), both cert and key must be specified together, or both omitted. +// +kubebuilder:validation:MinProperties=1 +// +kubebuilder:validation:XValidation:rule="(has(self.cert) && has(self.key)) || (!has(self.cert) && !has(self.key))",message="cert and key must both be specified together for mutual TLS, or both be omitted" +type TLSConfig struct { + // ca is an optional CA certificate to use for TLS connections. + // When omitted, the system's default CA bundle is used. + // +optional + CA SecretKeySelector `json:"ca,omitempty,omitzero"` + // cert is an optional client certificate to use for mutual TLS connections. + // When omitted, no client certificate is presented. + // +optional + Cert SecretKeySelector `json:"cert,omitempty,omitzero"` + // key is an optional client key to use for mutual TLS connections. + // When omitted, no client key is used. + // +optional + Key SecretKeySelector `json:"key,omitempty,omitzero"` + // serverName is an optional server name to use for TLS connections. + // When specified, must be a valid DNS subdomain as per RFC 1123. + // When omitted, the server name is derived from the URL. + // Must be between 1 and 253 characters in length. + // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=253 + // +kubebuilder:validation:XValidation:rule="!format.dns1123Subdomain().validate(self).hasValue()",message="must be a valid DNS subdomain (lowercase alphanumeric characters, '-' or '.', start and end with alphanumeric)" + ServerName string `json:"serverName,omitempty"` + // certificateVerification determines the policy for TLS certificate verification. + // Allowed values are "Verify" (performs certificate verification, secure) and "SkipVerify" (skips verification, insecure). + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The default value is "Verify". + // +optional + CertificateVerification CertificateVerificationType `json:"certificateVerification,omitempty"` +} + +// CertificateVerificationType defines the TLS certificate verification policy. +// +kubebuilder:validation:Enum=Verify;SkipVerify +type CertificateVerificationType string + +const ( + // CertificateVerificationVerify performs certificate verification (secure, recommended). + CertificateVerificationVerify CertificateVerificationType = "Verify" + // CertificateVerificationSkipVerify skips certificate verification (insecure, use with caution). + CertificateVerificationSkipVerify CertificateVerificationType = "SkipVerify" +) + +// AuthorizationType defines the type of authentication to use. +// +kubebuilder:validation:Enum=BearerToken +type AuthorizationType string + +const ( + // AuthorizationTypeBearerToken indicates bearer token authentication. + AuthorizationTypeBearerToken AuthorizationType = "BearerToken" +) + +// AuthorizationConfig defines the authentication method for Alertmanager connections. +// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'BearerToken' ? has(self.bearerToken) : !has(self.bearerToken)",message="bearerToken is required when type is BearerToken" +// +union +type AuthorizationConfig struct { + // type specifies the authentication type to use. + // Valid value is "BearerToken" (bearer token authentication). + // When set to BearerToken, the bearerToken field must be specified. + // +unionDiscriminator + // +required + Type AuthorizationType `json:"type,omitempty"` + // bearerToken defines the secret reference containing the bearer token. + // Required when type is "BearerToken", and forbidden otherwise. + // The secret must exist in the openshift-monitoring namespace. + // +optional + BearerToken SecretKeySelector `json:"bearerToken,omitempty,omitzero"` +} + +// SecretKeySelector selects a key of a Secret in the `openshift-monitoring` namespace. +// +structType=atomic +type SecretKeySelector struct { + // name is the name of the secret in the `openshift-monitoring` namespace to select from. + // Must be a valid Kubernetes secret name (lowercase alphanumeric, '-' or '.', start/end with alphanumeric). + // Must be between 1 and 253 characters in length. + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=253 + // +kubebuilder:validation:XValidation:rule="!format.dns1123Subdomain().validate(self).hasValue()",message="must be a valid secret name (lowercase alphanumeric characters, '-' or '.', start and end with alphanumeric)" + Name string `json:"name,omitempty"` + // key is the key of the secret to select from. + // Must consist of alphanumeric characters, '-', '_', or '.'. + // Must be between 1 and 253 characters in length. + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=253 + // +kubebuilder:validation:XValidation:rule="self.matches('^[a-zA-Z0-9._-]+$')",message="must contain only alphanumeric characters, '-', '_', or '.'" + Key string `json:"key,omitempty"` +} - // limit is the maximum amount of the resource allowed (e.g. "2Mi", "1Gi"). - // This field is optional. - // When request is specified, limit cannot be less than request. - // The value must be greater than 0 when specified. +// Retention configures how long Prometheus retains metrics data and how much storage it can use. +// +kubebuilder:validation:MinProperties=1 +type Retention struct { + // TOMBSTONE: This field has been tombstoned in favor of the `duration` field. This tombstone will be dropped when promoting this API to v1. + // --- + // durationInDays specifies how many days Prometheus will retain metrics data. + // Prometheus automatically deletes data older than this duration. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The default value is 15. + // Minimum value is 1 day. + // Maximum value is 365 days (1 year). + // Former marker: kubebuilder:validation:Minimum=1 + // Former marker: kubebuilder:validation:Maximum=365 + // Former marker: optional + // DurationInDays int32 `json:"durationInDays,omitempty"` + + // TOMBSTONE: This field has been tombstoned in favor of the `size` field. This tombstone will be dropped when promoting this API to v1. + // --- + // sizeInGiB specifies the maximum storage size in gibibytes (GiB) that Prometheus + // can use for data blocks and the write-ahead log (WAL). + // When the limit is reached, Prometheus will delete oldest data first. + // When omitted, no size limit is enforced and Prometheus uses available PersistentVolume capacity. + // Minimum value is 1 GiB. + // Maximum value is 16384 GiB (16 TiB). + // Former marker: kubebuilder:validation:Minimum=1 + // Former marker: kubebuilder:validation:Maximum=16384 + // Former marker: optional + // SizeInGiB int32 `json:"sizeInGiB,omitempty"` + + // duration is an optional field that specifies how long Prometheus retains metrics data. + // Valid values are Prometheus-style duration strings with unit suffixes y, w, d, h, m, s, or ms + // (for example, "15d", "24h", or "5d1h30m"). Each unit value must be a positive integer. + // Composite durations must follow the fixed unit order y, w, d, h, m, s, ms. + // Must be at least 1 character and at most 64 characters. + // When set to "0", time-based retention is disabled. This is the only supported form for disabling + // time-based retention; other zero-duration representations such as "0d", "0h", or "0y" are rejected. + // Prometheus automatically deletes data older than this duration. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The current default value is `15d`. + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=64 + // +kubebuilder:validation:XValidation:rule=`self == "0" || self.matches('^([1-9][0-9]*y)?([1-9][0-9]*w)?([1-9][0-9]*d)?([1-9][0-9]*h)?([1-9][0-9]*m)?([1-9][0-9]*s)?([1-9][0-9]*ms)?$')`,message=`must be "0" to disable time-based retention, or a duration string with only positive unit values` // +optional - // +kubebuilder:validation:XIntOrString - // +kubebuilder:validation:MaxLength=20 + Duration string `json:"duration,omitempty"` + + // size is an optional field that specifies the maximum storage size that Prometheus + // can use for data blocks and the write-ahead log (WAL). + // Valid values are byte-size strings with an optional decimal prefix and a unit suffix B, KB, MB, GB, + // TB, EB, PB, or their binary equivalents KiB, MiB, GiB, TiB, EiB, PiB (for example, "500MiB", "10GiB"). + // The numeric value must be greater than zero. + // Must be at least 1 character and at most 32 characters. + // When set to "0", no size limit is enforced. This is the only supported form for disabling size-based + // retention; other zero-size representations such as "0B" or "0MiB" are rejected. + // When the limit is reached, Prometheus deletes oldest data first. + // When omitted, no size limit is enforced and Prometheus uses available PersistentVolume capacity. // +kubebuilder:validation:MinLength=1 - // +kubebuilder:validation:XValidation:rule="isQuantity(self) && quantity(self).isGreaterThan(quantity('0'))",message="limit must be a positive, non-zero quantity" - Limit resource.Quantity `json:"limit,omitempty"` + // +kubebuilder:validation:MaxLength=32 + // +kubebuilder:validation:XValidation:rule=`self == "0" || self.matches('^([1-9][0-9]*([.][0-9]+)?|[0-9]*[.][1-9][0-9]*)((K|M|G|T|E|P)i?)?B$')`,message=`must be "0" to disable size-based retention, or a positive byte-size string` + // +optional + Size string `json:"size,omitempty"` } -// SecretName is a type that represents the name of a Secret in the same namespace. -// It must be at most 253 characters in length. -// +kubebuilder:validation:XValidation:rule="!format.dns1123Subdomain().validate(self).hasValue()",message="a lowercase RFC 1123 subdomain must consist of lower case alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character." -// +kubebuilder:validation:MaxLength=63 -type SecretName string +// RelabelAction defines the action to perform in a relabeling rule. +// +kubebuilder:validation:Enum=Replace;Keep;Drop;HashMod;LabelMap;LabelDrop;LabelKeep;Lowercase;Uppercase;KeepEqual;DropEqual +type RelabelAction string -// MetricsServerConfig provides configuration options for the Metrics Server instance -// that runs in the `openshift-monitoring` namespace. Use this configuration to control -// how the Metrics Server instance is deployed, how it logs, and how its pods are scheduled. +const ( + // RelabelActionReplace: match regex against concatenated source_labels; set target_label to replacement with ${1}, ${2}, ... substituted. No replacement if regex does not match. + RelabelActionReplace RelabelAction = "Replace" + // RelabelActionLowercase: map the concatenated source_labels to their lower case. + RelabelActionLowercase RelabelAction = "Lowercase" + // RelabelActionUppercase: map the concatenated source_labels to their upper case. + RelabelActionUppercase RelabelAction = "Uppercase" + // RelabelActionKeep: drop targets for which regex does not match the concatenated source_labels. + RelabelActionKeep RelabelAction = "Keep" + // RelabelActionDrop: drop targets for which regex matches the concatenated source_labels. + RelabelActionDrop RelabelAction = "Drop" + // RelabelActionKeepEqual: drop targets for which the concatenated source_labels do not match target_label. + RelabelActionKeepEqual RelabelAction = "KeepEqual" + // RelabelActionDropEqual: drop targets for which the concatenated source_labels do match target_label. + RelabelActionDropEqual RelabelAction = "DropEqual" + // RelabelActionHashMod: set target_label to the modulus of a hash of the concatenated source_labels. + RelabelActionHashMod RelabelAction = "HashMod" + // RelabelActionLabelMap: match regex against all source label names; copy matching label values to new names given by replacement with ${1}, ${2}, ... substituted. + RelabelActionLabelMap RelabelAction = "LabelMap" + // RelabelActionLabelDrop: match regex against all label names; any label that matches is removed. + RelabelActionLabelDrop RelabelAction = "LabelDrop" + // RelabelActionLabelKeep: match regex against all label names; any label that does not match is removed. + RelabelActionLabelKeep RelabelAction = "LabelKeep" +) + +// CollectionProfile defines the metrics collection profile for Prometheus. +// +kubebuilder:validation:Enum=Full;Minimal +type CollectionProfile string + +const ( + // CollectionProfileFull means Prometheus collects all metrics that are exposed by the platform components. + CollectionProfileFull CollectionProfile = "Full" + // CollectionProfileMinimal means Prometheus only collects metrics necessary for the default + // platform alerts, recording rules, telemetry and console dashboards. + CollectionProfileMinimal CollectionProfile = "Minimal" +) + +// TelemeterClientConfig provides configuration options for the Telemeter Client component +// that runs in the `openshift-monitoring` namespace. The Telemeter Client collects selected +// monitoring metrics and forwards them to Red Hat for telemetry purposes. +// At least one field must be specified. // +kubebuilder:validation:MinProperties=1 -type MetricsServerConfig struct { - // audit defines the audit configuration used by the Metrics Server instance. - // audit is optional. - // When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. - //The current default sets audit.profile to Metadata - // +optional - Audit Audit `json:"audit,omitempty,omitzero"` - // nodeSelector defines the nodes on which the Pods are scheduled +type TelemeterClientConfig struct { + // nodeSelector defines the nodes on which the Pods are scheduled. // nodeSelector is optional. // // When omitted, this means the user has no opinion and the platform is left // to choose reasonable defaults. These defaults are subject to change over time. // The current default value is `kubernetes.io/os: linux`. + // When specified, nodeSelector must contain at least 1 entry and must not contain more than 10 entries. // +optional // +kubebuilder:validation:MinProperties=1 // +kubebuilder:validation:MaxProperties=10 NodeSelector map[string]string `json:"nodeSelector,omitempty"` - // tolerations defines tolerations for the pods. - // tolerations is optional. - // - // When omitted, this means the user has no opinion and the platform is left - // to choose reasonable defaults. These defaults are subject to change over time. - // Defaults are empty/unset. - // Maximum length for this list is 10. - // Minimum length for this list is 1. - // +kubebuilder:validation:MaxItems=10 - // +kubebuilder:validation:MinItems=1 - // +listType=atomic - // +optional - Tolerations []v1.Toleration `json:"tolerations,omitempty"` - // verbosity defines the verbosity of log messages for Metrics Server. - // Valid values are Errors, Info, Trace, TraceAll and omitted. - // When set to Errors, only critical messages and errors are logged. - // When set to Info, only basic information messages are logged. - // When set to Trace, information useful for general debugging is logged. - // When set to TraceAll, detailed information about metric scraping is logged. - // When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. - // The current default value is `Errors` - // +optional - Verbosity VerbosityLevel `json:"verbosity,omitempty,omitzero"` - // resources defines the compute resource requests and limits for the Metrics Server container. + // resources defines the compute resource requests and limits for the Telemeter Client container. // This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. // When not specified, defaults are used by the platform. Requests cannot exceed limits. // This field is optional. @@ -396,21 +2398,34 @@ type MetricsServerConfig struct { // The current default values are: // resources: // - name: cpu - // request: 4m + // request: 1m // limit: null // - name: memory // request: 40Mi // limit: null - // Maximum length for this list is 10. + // Maximum length for this list is 5. // Minimum length for this list is 1. // Each resource name must be unique within this list. // +optional // +listType=map // +listMapKey=name - // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:MaxItems=5 // +kubebuilder:validation:MinItems=1 Resources []ContainerResource `json:"resources,omitempty"` - // topologySpreadConstraints defines rules for how Metrics Server Pods should be distributed + // tolerations defines tolerations for the pods. + // tolerations is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // Defaults are empty/unset. + // Maximum length for this list is 10. + // Minimum length for this list is 1. + // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:MinItems=1 + // +listType=atomic + // +optional + Tolerations []v1.Toleration `json:"tolerations,omitempty"` + // topologySpreadConstraints defines rules for how Telemeter Client Pods should be distributed // across topology domains such as zones, nodes, or other user-defined labels. // topologySpreadConstraints is optional. // This helps improve high availability and resource efficiency by avoiding placing @@ -431,13 +2446,13 @@ type MetricsServerConfig struct { TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` } -// PrometheusOperatorConfig provides configuration options for the Prometheus Operator instance -// Use this configuration to control how the Prometheus Operator instance is deployed, how it logs, and how its pods are scheduled. +// ThanosQuerierConfig provides configuration options for the Thanos Querier component +// that runs in the `openshift-monitoring` namespace. +// At least one field must be specified; an empty thanosQuerierConfig object is not allowed. // +kubebuilder:validation:MinProperties=1 -type PrometheusOperatorConfig struct { - // logLevel defines the verbosity of logs emitted by Prometheus Operator. - // This field allows users to control the amount and severity of logs generated, which can be useful - // for debugging issues or reducing noise in production environments. +type ThanosQuerierConfig struct { + // logLevel defines the verbosity of logs emitted by Thanos Querier. + // logLevel is optional. // Allowed values are Error, Warn, Info, and Debug. // When set to Error, only errors will be logged. // When set to Warn, both warnings and errors will be logged. @@ -447,7 +2462,24 @@ type PrometheusOperatorConfig struct { // The current default value is `Info`. // +optional LogLevel LogLevel `json:"logLevel,omitempty"` - // nodeSelector defines the nodes on which the Pods are scheduled + // requestLogging configures request logging for Thanos Querier. + // requestLogging is optional. + // When provided, the policy field within is required. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. + // The current default behavior is to not log any requests. + // +optional + RequestLogging ThanosQuerierRequestLoggingConfig `json:"requestLogging,omitempty,omitzero"` + // crossOriginRequestPolicy configures the CORS (Cross-Origin Resource Sharing) policy + // for Thanos Querier's HTTP endpoints. + // crossOriginRequestPolicy is optional. + // Valid values are "AllowAll" and "DenyAll". + // When set to "AllowAll", CORS headers are added to responses, allowing cross-origin requests from any domain. + // When set to "DenyAll", no CORS headers are added and cross-origin requests are rejected by the browser. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. + // The current default value is "DenyAll". + // +optional + CrossOriginRequestPolicy CrossOriginRequestPolicy `json:"crossOriginRequestPolicy,omitempty"` + // nodeSelector defines the nodes on which the Pods are scheduled. // nodeSelector is optional. // // When omitted, this means the user has no opinion and the platform is left @@ -458,27 +2490,27 @@ type PrometheusOperatorConfig struct { // +kubebuilder:validation:MinProperties=1 // +kubebuilder:validation:MaxProperties=10 NodeSelector map[string]string `json:"nodeSelector,omitempty"` - // resources defines the compute resource requests and limits for the Prometheus Operator container. - // This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. - // When not specified, defaults are used by the platform. Requests cannot exceed limits. - // This field is optional. + // resources defines the compute resource requests and limits for the Thanos Querier container. + // resources is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // Requests cannot exceed limits. // More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ // This is a simplified API that maps to Kubernetes ResourceRequirements. // The current default values are: // resources: // - name: cpu - // request: 4m - // limit: null + // request: 5m // - name: memory - // request: 40Mi - // limit: null - // Maximum length for this list is 10. + // request: 12Mi + // Maximum length for this list is 5. // Minimum length for this list is 1. // Each resource name must be unique within this list. // +optional // +listType=map // +listMapKey=name - // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:MaxItems=5 // +kubebuilder:validation:MinItems=1 Resources []ContainerResource `json:"resources,omitempty"` // tolerations defines tolerations for the pods. @@ -494,7 +2526,7 @@ type PrometheusOperatorConfig struct { // +listType=atomic // +optional Tolerations []v1.Toleration `json:"tolerations,omitempty"` - // topologySpreadConstraints defines rules for how Prometheus Operator Pods should be distributed + // topologySpreadConstraints defines rules for how Thanos Querier Pods should be distributed // across topology domains such as zones, nodes, or other user-defined labels. // topologySpreadConstraints is optional. // This helps improve high availability and resource efficiency by avoiding placing @@ -502,7 +2534,7 @@ type PrometheusOperatorConfig struct { // // When omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. // This field maps directly to the `topologySpreadConstraints` field in the Pod spec. - // Default is empty list. + // Defaults are empty/unset. // Maximum length for this list is 10. // Minimum length for this list is 1. // Entries must have unique topologyKey and whenUnsatisfiable pairs. @@ -515,57 +2547,42 @@ type PrometheusOperatorConfig struct { TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` } -// PrometheusOperatorAdmissionWebhookConfig provides configuration options for the admission webhook -// component of Prometheus Operator that runs in the `openshift-monitoring` namespace. The admission -// webhook validates PrometheusRule and AlertmanagerConfig objects, mutates PrometheusRule annotations, -// and converts AlertmanagerConfig objects between API versions. -// +kubebuilder:validation:MinProperties=1 -type PrometheusOperatorAdmissionWebhookConfig struct { - // resources defines the compute resource requests and limits for the - // prometheus-operator-admission-webhook container. - // This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. - // When not specified, defaults are used by the platform. Requests cannot exceed limits. - // This field is optional. - // More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - // This is a simplified API that maps to Kubernetes ResourceRequirements. - // The current default values are: - // resources: - // - name: cpu - // request: 5m - // limit: null - // - name: memory - // request: 30Mi - // limit: null - // Maximum length for this list is 10. - // Minimum length for this list is 1. - // Each resource name must be unique within this list. - // +optional - // +listType=map - // +listMapKey=name - // +kubebuilder:validation:MaxItems=10 - // +kubebuilder:validation:MinItems=1 - Resources []ContainerResource `json:"resources,omitempty"` - // topologySpreadConstraints defines rules for how admission webhook Pods should be distributed - // across topology domains such as zones, nodes, or other user-defined labels. - // topologySpreadConstraints is optional. - // This helps improve high availability and resource efficiency by avoiding placing - // too many replicas in the same failure domain. - // - // When omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. - // This field maps directly to the `topologySpreadConstraints` field in the Pod spec. - // Default is empty list. - // Maximum length for this list is 10. - // Minimum length for this list is 1. - // Entries must have unique topologyKey and whenUnsatisfiable pairs. - // +kubebuilder:validation:MaxItems=10 - // +kubebuilder:validation:MinItems=1 - // +listType=map - // +listMapKey=topologyKey - // +listMapKey=whenUnsatisfiable - // +optional - TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` +// ThanosQuerierRequestLoggingConfig configures request logging for Thanos Querier. +type ThanosQuerierRequestLoggingConfig struct { + // policy determines which HTTP and gRPC requests are logged by Thanos Querier. + // Valid values are "AllRequests" and "NoRequests". + // When set to "AllRequests", every request received by Thanos Querier is logged with method, path, and response status. + // The log level for request logs is derived from the logLevel field. + // When set to "NoRequests", request logging is turned off. + // +required + Policy RequestLoggingPolicy `json:"policy,omitempty"` } +// RequestLoggingPolicy controls which HTTP and gRPC requests are logged. +// Valid values are "AllRequests" and "NoRequests". +// +kubebuilder:validation:Enum=AllRequests;NoRequests +type RequestLoggingPolicy string + +const ( + // RequestLoggingPolicyAllRequests enables logging of all incoming requests. + RequestLoggingPolicyAllRequests RequestLoggingPolicy = "AllRequests" + // RequestLoggingPolicyNoRequests disables request logging. + RequestLoggingPolicyNoRequests RequestLoggingPolicy = "NoRequests" +) + +// CrossOriginRequestPolicy controls the CORS (Cross-Origin Resource Sharing) policy +// for Thanos Querier's HTTP endpoints. +// Valid values are "AllowAll" and "DenyAll". +// +kubebuilder:validation:Enum=AllowAll;DenyAll +type CrossOriginRequestPolicy string + +const ( + // CrossOriginRequestPolicyAllowAll sets CORS headers allowing requests from any origin. + CrossOriginRequestPolicyAllowAll CrossOriginRequestPolicy = "AllowAll" + // CrossOriginRequestPolicyDenyAll does not set CORS headers, rejecting cross-origin requests. + CrossOriginRequestPolicyDenyAll CrossOriginRequestPolicy = "DenyAll" +) + // AuditProfile defines the audit log level for the Metrics Server. // +kubebuilder:validation:Enum=None;Metadata;Request;RequestResponse type AuditProfile string @@ -596,6 +2613,27 @@ const ( VerbosityLevelTraceAll VerbosityLevel = "TraceAll" ) +// ExemplarsMode defines whether exemplars are sent via remote write. +// +kubebuilder:validation:Enum=Send;DoNotSend +type ExemplarsMode string + +const ( + // ExemplarsModeSend means exemplars are sent via remote write. + ExemplarsModeSend ExemplarsMode = "Send" + // ExemplarsModeDoNotSend means exemplars are not sent via remote write. + ExemplarsModeDoNotSend ExemplarsMode = "DoNotSend" +) + +// RateLimitedAction defines what to do when the remote write endpoint returns HTTP 429 (Too Many Requests). +// Omission of this field means do not retry. When set, the only valid value is Retry. +// +kubebuilder:validation:Enum=Retry +type RateLimitedAction string + +const ( + // RateLimitedActionRetry means requests will be retried on HTTP 429 responses. + RateLimitedActionRetry RateLimitedAction = "Retry" +) + // Audit profile configurations type Audit struct { // profile is a required field for configuring the audit log level of the Kubernetes Metrics Server. @@ -610,3 +2648,154 @@ type Audit struct { // +required Profile AuditProfile `json:"profile,omitempty"` } + +// KubeStateMetricsConfig provides configuration options for the kube-state-metrics agent +// that runs in the `openshift-monitoring` namespace. kube-state-metrics generates metrics +// about the state of Kubernetes objects such as Deployments, Nodes, and Pods. +// +kubebuilder:validation:MinProperties=1 +type KubeStateMetricsConfig struct { + // nodeSelector defines the nodes on which the Pods are scheduled. + // nodeSelector is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // The current default value is `kubernetes.io/os: linux`. + // When specified, nodeSelector must contain at least 1 entry and must not contain more than 10 entries. + // +optional + // +kubebuilder:validation:MinProperties=1 + // +kubebuilder:validation:MaxProperties=10 + NodeSelector map[string]string `json:"nodeSelector,omitempty"` + // resources defines the compute resource requests and limits for the kube-state-metrics container. + // This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. + // When not specified, defaults are used by the platform. Requests cannot exceed limits. + // This field is optional. + // More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + // This is a simplified API that maps to Kubernetes ResourceRequirements. + // The current default values are: + // resources: + // - name: cpu + // request: 4m + // limit: null + // - name: memory + // request: 40Mi + // limit: null + // Maximum length for this list is 5. + // Minimum length for this list is 1. + // Each resource name must be unique within this list. + // +optional + // +listType=map + // +listMapKey=name + // +kubebuilder:validation:MaxItems=5 + // +kubebuilder:validation:MinItems=1 + Resources []ContainerResource `json:"resources,omitempty"` + // tolerations defines tolerations for the pods. + // tolerations is optional. + // + // When omitted, no tolerations are applied. This default is subject to change over time. + // When specified, tolerations must contain at least 1 entry and must not contain more than 10 entries. + // Each toleration's operator, when specified, must be either "Exists" or "Equal". + // Each toleration's effect, when specified, must be one of "NoSchedule", "PreferNoSchedule", or "NoExecute". + // An empty or unset effect means match all effects. + // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:MinItems=1 + // +listType=atomic + // +kubebuilder:validation:XValidation:rule="self.all(t, !has(t.operator) || t.operator == 'Exists' || t.operator == 'Equal')",message="operator must be either Exists or Equal" + // +kubebuilder:validation:XValidation:rule="self.all(t, !has(t.effect) || t.effect == 'NoSchedule' || t.effect == 'PreferNoSchedule' || t.effect == 'NoExecute' || t.effect == '')",message="effect must be NoSchedule, PreferNoSchedule, NoExecute, or empty" + // +optional + Tolerations []v1.Toleration `json:"tolerations,omitempty"` + // topologySpreadConstraints defines rules for how kube-state-metrics Pods should be distributed + // across topology domains such as zones, nodes, or other user-defined labels. + // topologySpreadConstraints is optional. + // This helps improve high availability and resource efficiency by avoiding placing + // too many replicas in the same failure domain. + // + // This field maps directly to the `topologySpreadConstraints` field in the Pod spec. + // When omitted, no topology spread constraints are applied. This default is subject to change over time. + // When specified, topologySpreadConstraints must contain at least 1 entry and must not contain more than 10 entries. + // Entries must have unique topologyKey and whenUnsatisfiable pairs. + // Each entry's whenUnsatisfiable must be either "DoNotSchedule" or "ScheduleAnyway". + // Each entry's maxSkew must be at least 1. + // When minDomains is specified, it must be at least 1 and whenUnsatisfiable must be "DoNotSchedule". + // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:MinItems=1 + // +listType=map + // +listMapKey=topologyKey + // +listMapKey=whenUnsatisfiable + // +kubebuilder:validation:XValidation:rule="self.all(c, c.whenUnsatisfiable == 'DoNotSchedule' || c.whenUnsatisfiable == 'ScheduleAnyway')",message="whenUnsatisfiable must be either DoNotSchedule or ScheduleAnyway" + // +kubebuilder:validation:XValidation:rule="self.all(c, c.maxSkew >= 1)",message="maxSkew must be at least 1" + // +kubebuilder:validation:XValidation:rule="self.all(c, !has(c.minDomains) || c.minDomains >= 1)",message="minDomains must be at least 1" + // +kubebuilder:validation:XValidation:rule="self.all(c, !has(c.minDomains) || c.whenUnsatisfiable == 'DoNotSchedule')",message="minDomains can only be used when whenUnsatisfiable is DoNotSchedule" + // +optional + TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` + // additionalResourceLabels defines additional Kubernetes resource labels to expose as metrics + // in kube-state-metrics. + // Currently, only "Job" and "CronJob" resources are supported due to cardinality concerns. + // Each entry specifies a resource name and a list of Kubernetes label names to expose. + // Use "*" in the labels list to expose all labels for a given resource. + // additionalResourceLabels is optional. + // When omitted, no additional Kubernetes object labels are exposed as metrics + // by kube-state-metrics beyond its built-in metric labels (e.g. namespace, job_name). + // Use this field to opt in to exposing specific Kubernetes labels as metric labels + // for the supported resource types. + // Minimum length for this list is 1. + // Maximum length for this list is 2. + // Each resource name must be unique within this list. + // +optional + // +kubebuilder:validation:MaxItems=2 + // +kubebuilder:validation:MinItems=1 + // +listType=map + // +listMapKey=resource + AdditionalResourceLabels []KubeStateMetricsResourceLabels `json:"additionalResourceLabels,omitempty"` +} + +// KubeStateMetricsResourceName is the name of a Kubernetes resource whose labels can be exposed +// as metrics by kube-state-metrics. Currently, only "Job" and "CronJob" are supported +// due to cardinality concerns. +// Valid values are "Job" and "CronJob". +// +kubebuilder:validation:Enum=Job;CronJob +type KubeStateMetricsResourceName string + +const ( + // KubeStateMetricsResourceJob indicates the Kubernetes Job resource. + KubeStateMetricsResourceJob KubeStateMetricsResourceName = "Job" + // KubeStateMetricsResourceCronJob indicates the Kubernetes CronJob resource. + KubeStateMetricsResourceCronJob KubeStateMetricsResourceName = "CronJob" +) + +// KubeStateMetricsLabelName is the name of a Kubernetes label to expose as a metric +// via kube-state-metrics. Use "*" to expose all labels for a resource. +// Must be either the wildcard "*" or a valid Kubernetes label key. +// A valid label key has an optional DNS subdomain prefix followed by a "/" and a name segment, +// or just a name segment without a prefix. The name segment must be 63 characters or fewer, +// beginning and ending with an alphanumeric character, with dashes, underscores, dots, and +// alphanumerics in between. +// Must be at least 1 character and at most 253 characters in length. +// +kubebuilder:validation:MinLength=1 +// +kubebuilder:validation:MaxLength=253 +// +kubebuilder:validation:XValidation:rule="self == '*' || !format.qualifiedName().validate(self).hasValue()",message="must be a valid Kubernetes label key or the wildcard '*'" +type KubeStateMetricsLabelName string + +// KubeStateMetricsResourceLabels defines which Kubernetes labels to expose as metrics +// for a given resource type in kube-state-metrics. +type KubeStateMetricsResourceLabels struct { + // resource is the Kubernetes resource name whose labels should be exposed as metrics. + // Currently, only "Job" and "CronJob" are supported due to cardinality concerns. + // Valid values are "Job" and "CronJob". + // This field is required. + // +required + Resource KubeStateMetricsResourceName `json:"resource,omitempty"` + // labels is the list of Kubernetes label names to expose as metrics for this resource. + // Use "*" to expose all labels for the specified resource. + // When "*" is specified, it must be the only entry in the list; mixing "*" with + // specific label names is not allowed. + // This field is required. + // Each label name must be unique within this list. + // Minimum length for this list is 1. + // Maximum length for this list is 50. + // +required + // +kubebuilder:validation:MinItems=1 + // +kubebuilder:validation:MaxItems=50 + // +listType=set + // +kubebuilder:validation:XValidation:rule="!self.exists(l, l == '*') || self.size() == 1",message="when '*' is specified, no other labels may be listed" + Labels []KubeStateMetricsLabelName `json:"labels,omitempty"` +} diff --git a/vendor/github.com/openshift/api/config/v1alpha1/types_image_policy.go b/vendor/github.com/openshift/api/config/v1alpha1/types_image_policy.go deleted file mode 100644 index 977ca3dde3..0000000000 --- a/vendor/github.com/openshift/api/config/v1alpha1/types_image_policy.go +++ /dev/null @@ -1,289 +0,0 @@ -package v1alpha1 - -import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - -// +genclient -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// ImagePolicy holds namespace-wide configuration for image signature verification -// -// Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. -// +kubebuilder:object:root=true -// +kubebuilder:resource:path=imagepolicies,scope=Namespaced -// +kubebuilder:subresource:status -// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/1457 -// +openshift:file-pattern=cvoRunLevel=0000_10,operatorName=config-operator,operatorOrdering=01 -// +openshift:enable:FeatureGate=SigstoreImageVerification -// +openshift:compatibility-gen:level=4 -type ImagePolicy struct { - metav1.TypeMeta `json:",inline"` - - // metadata is the standard object's metadata. - // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata - metav1.ObjectMeta `json:"metadata,omitempty"` - - // spec holds user settable values for configuration - // +required - Spec ImagePolicySpec `json:"spec"` - // status contains the observed state of the resource. - // +optional - Status ImagePolicyStatus `json:"status,omitempty"` -} - -// ImagePolicySpec is the specification of the ImagePolicy CRD. -type ImagePolicySpec struct { - // scopes defines the list of image identities assigned to a policy. Each item refers to a scope in a registry implementing the "Docker Registry HTTP API V2". - // Scopes matching individual images are named Docker references in the fully expanded form, either using a tag or digest. For example, docker.io/library/busybox:latest (not busybox:latest). - // More general scopes are prefixes of individual-image scopes, and specify a repository (by omitting the tag or digest), a repository - // namespace, or a registry host (by only specifying the host name and possibly a port number) or a wildcard expression starting with `*.`, for matching all subdomains (not including a port number). - // Wildcards are only supported for subdomain matching, and may not be used in the middle of the host, i.e. *.example.com is a valid case, but example*.*.com is not. - // If multiple scopes match a given image, only the policy requirements for the most specific scope apply. The policy requirements for more general scopes are ignored. - // In addition to setting a policy appropriate for your own deployed applications, make sure that a policy on the OpenShift image repositories - // quay.io/openshift-release-dev/ocp-release, quay.io/openshift-release-dev/ocp-v4.0-art-dev (or on a more general scope) allows deployment of the OpenShift images required for cluster operation. - // If a scope is configured in both the ClusterImagePolicy and the ImagePolicy, or if the scope in ImagePolicy is nested under one of the scopes from the ClusterImagePolicy, only the policy from the ClusterImagePolicy will be applied. - // For additional details about the format, please refer to the document explaining the docker transport field, - // which can be found at: https://github.com/containers/image/blob/main/docs/containers-policy.json.5.md#docker - // +required - // +kubebuilder:validation:MaxItems=256 - // +listType=set - Scopes []ImageScope `json:"scopes"` - // policy contains configuration to allow scopes to be verified, and defines how - // images not matching the verification policy will be treated. - // +required - Policy ImageSigstoreVerificationPolicy `json:"policy"` -} - -// +kubebuilder:validation:XValidation:rule="size(self.split('/')[0].split('.')) == 1 ? self.split('/')[0].split('.')[0].split(':')[0] == 'localhost' : true",message="invalid image scope format, scope must contain a fully qualified domain name or 'localhost'" -// +kubebuilder:validation:XValidation:rule=`self.contains('*') ? self.matches('^\\*(?:\\.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]))+$') : true`,message="invalid image scope with wildcard, a wildcard can only be at the start of the domain and is only supported for subdomain matching, not path matching" -// +kubebuilder:validation:XValidation:rule=`!self.contains('*') ? self.matches('^((((?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])(?:\\.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]))+(?::[0-9]+)?)|(localhost(?::[0-9]+)?))(?:(?:/[a-z0-9]+(?:(?:(?:[._]|__|[-]*)[a-z0-9]+)+)?)+)?)(?::([\\w][\\w.-]{0,127}))?(?:@([A-Za-z][A-Za-z0-9]*(?:[-_+.][A-Za-z][A-Za-z0-9]*)*[:][[:xdigit:]]{32,}))?$') : true`,message="invalid repository namespace or image specification in the image scope" -// +kubebuilder:validation:MaxLength=512 -type ImageScope string - -// ImageSigstoreVerificationPolicy defines the verification policy for the items in the scopes list. -type ImageSigstoreVerificationPolicy struct { - // rootOfTrust specifies the root of trust for the policy. - // +required - RootOfTrust PolicyRootOfTrust `json:"rootOfTrust"` - // signedIdentity specifies what image identity the signature claims about the image. The required matchPolicy field specifies the approach used in the verification process to verify the identity in the signature and the actual image identity, the default matchPolicy is "MatchRepoDigestOrExact". - // +optional - SignedIdentity PolicyIdentity `json:"signedIdentity,omitempty"` -} - -// PolicyRootOfTrust defines the root of trust based on the selected policyType. -// +union -// +kubebuilder:validation:XValidation:rule="has(self.policyType) && self.policyType == 'PublicKey' ? has(self.publicKey) : !has(self.publicKey)",message="publicKey is required when policyType is PublicKey, and forbidden otherwise" -// +kubebuilder:validation:XValidation:rule="has(self.policyType) && self.policyType == 'FulcioCAWithRekor' ? has(self.fulcioCAWithRekor) : !has(self.fulcioCAWithRekor)",message="fulcioCAWithRekor is required when policyType is FulcioCAWithRekor, and forbidden otherwise" -// +openshift:validation:FeatureGateAwareXValidation:featureGate=SigstoreImageVerificationPKI,rule="has(self.policyType) && self.policyType == 'PKI' ? has(self.pki) : !has(self.pki)",message="pki is required when policyType is PKI, and forbidden otherwise" -type PolicyRootOfTrust struct { - // policyType serves as the union's discriminator. Users are required to assign a value to this field, choosing one of the policy types that define the root of trust. - // "PublicKey" indicates that the policy relies on a sigstore publicKey and may optionally use a Rekor verification. - // "FulcioCAWithRekor" indicates that the policy is based on the Fulcio certification and incorporates a Rekor verification. - // "PKI" indicates that the policy is based on the certificates from Bring Your Own Public Key Infrastructure (BYOPKI). This value is enabled by turning on the SigstoreImageVerificationPKI feature gate. - // +unionDiscriminator - // +required - PolicyType PolicyType `json:"policyType"` - // publicKey defines the root of trust based on a sigstore public key. - // +optional - PublicKey *ImagePolicyPublicKeyRootOfTrust `json:"publicKey,omitempty"` - // fulcioCAWithRekor defines the root of trust based on the Fulcio certificate and the Rekor public key. - // For more information about Fulcio and Rekor, please refer to the document at: - // https://github.com/sigstore/fulcio and https://github.com/sigstore/rekor - // +optional - FulcioCAWithRekor *ImagePolicyFulcioCAWithRekorRootOfTrust `json:"fulcioCAWithRekor,omitempty"` - // pki defines the root of trust based on Bring Your Own Public Key Infrastructure (BYOPKI) Root CA(s) and corresponding intermediate certificates. - // +optional - // +openshift:enable:FeatureGate=SigstoreImageVerificationPKI - PKI *ImagePolicyPKIRootOfTrust `json:"pki,omitempty"` -} - -// +openshift:validation:FeatureGateAwareEnum:featureGate="",enum=PublicKey;FulcioCAWithRekor -// +openshift:validation:FeatureGateAwareEnum:featureGate=SigstoreImageVerificationPKI,enum=PublicKey;FulcioCAWithRekor;PKI -type PolicyType string - -const ( - PublicKeyRootOfTrust PolicyType = "PublicKey" - FulcioCAWithRekorRootOfTrust PolicyType = "FulcioCAWithRekor" - PKIRootOfTrust PolicyType = "PKI" -) - -// ImagePolicyPublicKeyRootOfTrust defines the root of trust based on a sigstore public key. -type ImagePolicyPublicKeyRootOfTrust struct { - // keyData contains inline base64-encoded data for the PEM format public key. - // KeyData must be at most 8192 characters. - // +required - // +kubebuilder:validation:MaxLength=8192 - KeyData []byte `json:"keyData"` - // rekorKeyData contains inline base64-encoded data for the PEM format from the Rekor public key. - // rekorKeyData must be at most 8192 characters. - // +optional - // +kubebuilder:validation:MaxLength=8192 - RekorKeyData []byte `json:"rekorKeyData,omitempty"` -} - -// ImagePolicyFulcioCAWithRekorRootOfTrust defines the root of trust based on the Fulcio certificate and the Rekor public key. -type ImagePolicyFulcioCAWithRekorRootOfTrust struct { - // fulcioCAData contains inline base64-encoded data for the PEM format fulcio CA. - // fulcioCAData must be at most 8192 characters. - // +required - // +kubebuilder:validation:MaxLength=8192 - FulcioCAData []byte `json:"fulcioCAData"` - // rekorKeyData contains inline base64-encoded data for the PEM format from the Rekor public key. - // rekorKeyData must be at most 8192 characters. - // +required - // +kubebuilder:validation:MaxLength=8192 - RekorKeyData []byte `json:"rekorKeyData"` - // fulcioSubject specifies OIDC issuer and the email of the Fulcio authentication configuration. - // +required - FulcioSubject PolicyFulcioSubject `json:"fulcioSubject"` -} - -// PolicyFulcioSubject defines the OIDC issuer and the email of the Fulcio authentication configuration. -type PolicyFulcioSubject struct { - // oidcIssuer contains the expected OIDC issuer. It will be verified that the Fulcio-issued certificate contains a (Fulcio-defined) certificate extension pointing at this OIDC issuer URL. When Fulcio issues certificates, it includes a value based on an URL inside the client-provided ID token. - // Example: "https://expected.OIDC.issuer/" - // +required - // +kubebuilder:validation:XValidation:rule="isURL(self)",message="oidcIssuer must be a valid URL" - OIDCIssuer string `json:"oidcIssuer"` - // signedEmail holds the email address the the Fulcio certificate is issued for. - // Example: "expected-signing-user@example.com" - // +required - // +kubebuilder:validation:XValidation:rule=`self.matches('^\\S+@\\S+$')`,message="invalid email address" - SignedEmail string `json:"signedEmail"` -} - -// ImagePolicyPKIRootOfTrust defines the root of trust based on Root CA(s) and corresponding intermediate certificates. -type ImagePolicyPKIRootOfTrust struct { - // caRootsData contains base64-encoded data of a certificate bundle PEM file, which contains one or more CA roots in the PEM format. The total length of the data must not exceed 8192 characters. - // +required - // +kubebuilder:validation:MaxLength=8192 - // +kubebuilder:validation:XValidation:rule="string(self).startsWith('-----BEGIN CERTIFICATE-----')",message="the caRootsData must start with base64 encoding of '-----BEGIN CERTIFICATE-----'." - // +kubebuilder:validation:XValidation:rule="string(self).endsWith('-----END CERTIFICATE-----\\n') || string(self).endsWith('-----END CERTIFICATE-----')",message="the caRootsData must end with base64 encoding of '-----END CERTIFICATE-----'." - // +kubebuilder:validation:XValidation:rule="string(self).findAll('-----BEGIN CERTIFICATE-----').size() == string(self).findAll('-----END CERTIFICATE-----').size()",message="caRootsData must be base64 encoding of valid PEM format data contain the same number of '-----BEGIN CERTIFICATE-----' and '-----END CERTIFICATE-----' markers." - CertificateAuthorityRootsData []byte `json:"caRootsData"` - // caIntermediatesData contains base64-encoded data of a certificate bundle PEM file, which contains one or more intermediate certificates in the PEM format. The total length of the data must not exceed 8192 characters. - // caIntermediatesData requires caRootsData to be set. - // +optional - // +kubebuilder:validation:XValidation:rule="string(self).startsWith('-----BEGIN CERTIFICATE-----')",message="the caIntermediatesData must start with base64 encoding of '-----BEGIN CERTIFICATE-----'." - // +kubebuilder:validation:XValidation:rule="string(self).endsWith('-----END CERTIFICATE-----\\n') || string(self).endsWith('-----END CERTIFICATE-----')",message="the caIntermediatesData must end with base64 encoding of '-----END CERTIFICATE-----'." - // +kubebuilder:validation:XValidation:rule="string(self).findAll('-----BEGIN CERTIFICATE-----').size() == string(self).findAll('-----END CERTIFICATE-----').size()",message="caIntermediatesData must be base64 encoding of valid PEM format data contain the same number of '-----BEGIN CERTIFICATE-----' and '-----END CERTIFICATE-----' markers." - // +kubebuilder:validation:MaxLength=8192 - CertificateAuthorityIntermediatesData []byte `json:"caIntermediatesData,omitempty"` - - // pkiCertificateSubject defines the requirements imposed on the subject to which the certificate was issued. - // +required - PKICertificateSubject PKICertificateSubject `json:"pkiCertificateSubject"` -} - -// PKICertificateSubject defines the requirements imposed on the subject to which the certificate was issued. -// +kubebuilder:validation:XValidation:rule="has(self.email) || has(self.hostname)", message="at least one of email or hostname must be set in pkiCertificateSubject" -// +openshift:enable:FeatureGate=SigstoreImageVerificationPKI -type PKICertificateSubject struct { - // email specifies the expected email address imposed on the subject to which the certificate was issued, and must match the email address listed in the Subject Alternative Name (SAN) field of the certificate. - // The email should be a valid email address and at most 320 characters in length. - // +optional - // +kubebuilder:validation:MaxLength:=320 - // +kubebuilder:validation:XValidation:rule=`self.matches('^\\S+@\\S+$')`,message="invalid email address in pkiCertificateSubject" - Email string `json:"email,omitempty"` - // hostname specifies the expected hostname imposed on the subject to which the certificate was issued, and it must match the hostname listed in the Subject Alternative Name (SAN) DNS field of the certificate. - // The hostname should be a valid dns 1123 subdomain name, optionally prefixed by '*.', and at most 253 characters in length. - // It should consist only of lowercase alphanumeric characters, hyphens, periods and the optional preceding asterisk. - // +optional - // +kubebuilder:validation:MaxLength:=253 - // +kubebuilder:validation:XValidation:rule="self.startsWith('*.') ? !format.dns1123Subdomain().validate(self.replace('*.', '', 1)).hasValue() : !format.dns1123Subdomain().validate(self).hasValue()",message="hostname should be a valid dns 1123 subdomain name, optionally prefixed by '*.'. It should consist only of lowercase alphanumeric characters, hyphens, periods and the optional preceding asterisk." - Hostname string `json:"hostname,omitempty"` -} - -// PolicyIdentity defines image identity the signature claims about the image. When omitted, the default matchPolicy is "MatchRepoDigestOrExact". -// +kubebuilder:validation:XValidation:rule="(has(self.matchPolicy) && self.matchPolicy == 'ExactRepository') ? has(self.exactRepository) : !has(self.exactRepository)",message="exactRepository is required when matchPolicy is ExactRepository, and forbidden otherwise" -// +kubebuilder:validation:XValidation:rule="(has(self.matchPolicy) && self.matchPolicy == 'RemapIdentity') ? has(self.remapIdentity) : !has(self.remapIdentity)",message="remapIdentity is required when matchPolicy is RemapIdentity, and forbidden otherwise" -// +union -type PolicyIdentity struct { - // matchPolicy sets the type of matching to be used. - // Valid values are "MatchRepoDigestOrExact", "MatchRepository", "ExactRepository", "RemapIdentity". When omitted, the default value is "MatchRepoDigestOrExact". - // If set matchPolicy to ExactRepository, then the exactRepository must be specified. - // If set matchPolicy to RemapIdentity, then the remapIdentity must be specified. - // "MatchRepoDigestOrExact" means that the identity in the signature must be in the same repository as the image identity if the image identity is referenced by a digest. Otherwise, the identity in the signature must be the same as the image identity. - // "MatchRepository" means that the identity in the signature must be in the same repository as the image identity. - // "ExactRepository" means that the identity in the signature must be in the same repository as a specific identity specified by "repository". - // "RemapIdentity" means that the signature must be in the same as the remapped image identity. Remapped image identity is obtained by replacing the "prefix" with the specified “signedPrefix” if the the image identity matches the specified remapPrefix. - // +unionDiscriminator - // +required - MatchPolicy IdentityMatchPolicy `json:"matchPolicy"` - // exactRepository is required if matchPolicy is set to "ExactRepository". - // +optional - PolicyMatchExactRepository *PolicyMatchExactRepository `json:"exactRepository,omitempty"` - // remapIdentity is required if matchPolicy is set to "RemapIdentity". - // +optional - PolicyMatchRemapIdentity *PolicyMatchRemapIdentity `json:"remapIdentity,omitempty"` -} - -// +kubebuilder:validation:MaxLength=512 -// +kubebuilder:validation:XValidation:rule=`self.matches('.*:([\\w][\\w.-]{0,127})$')? self.matches('^(localhost:[0-9]+)$'): true`,message="invalid repository or prefix in the signedIdentity, should not include the tag or digest" -// +kubebuilder:validation:XValidation:rule=`self.matches('^(((?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])(?:\\.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]))+(?::[0-9]+)?)|(localhost(?::[0-9]+)?))(?:(?:/[a-z0-9]+(?:(?:(?:[._]|__|[-]*)[a-z0-9]+)+)?)+)?$')`,message="invalid repository or prefix in the signedIdentity" -type IdentityRepositoryPrefix string - -type PolicyMatchExactRepository struct { - // repository is the reference of the image identity to be matched. - // The value should be a repository name (by omitting the tag or digest) in a registry implementing the "Docker Registry HTTP API V2". For example, docker.io/library/busybox - // +required - Repository IdentityRepositoryPrefix `json:"repository"` -} - -type PolicyMatchRemapIdentity struct { - // prefix is the prefix of the image identity to be matched. - // If the image identity matches the specified prefix, that prefix is replaced by the specified “signedPrefix” (otherwise it is used as unchanged and no remapping takes place). - // This useful when verifying signatures for a mirror of some other repository namespace that preserves the vendor’s repository structure. - // The prefix and signedPrefix values can be either host[:port] values (matching exactly the same host[:port], string), repository namespaces, - // or repositories (i.e. they must not contain tags/digests), and match as prefixes of the fully expanded form. - // For example, docker.io/library/busybox (not busybox) to specify that single repository, or docker.io/library (not an empty string) to specify the parent namespace of docker.io/library/busybox. - // +required - Prefix IdentityRepositoryPrefix `json:"prefix"` - // signedPrefix is the prefix of the image identity to be matched in the signature. The format is the same as "prefix". The values can be either host[:port] values (matching exactly the same host[:port], string), repository namespaces, - // or repositories (i.e. they must not contain tags/digests), and match as prefixes of the fully expanded form. - // For example, docker.io/library/busybox (not busybox) to specify that single repository, or docker.io/library (not an empty string) to specify the parent namespace of docker.io/library/busybox. - // +required - SignedPrefix IdentityRepositoryPrefix `json:"signedPrefix"` -} - -// IdentityMatchPolicy defines the type of matching for "matchPolicy". -// +kubebuilder:validation:Enum=MatchRepoDigestOrExact;MatchRepository;ExactRepository;RemapIdentity -type IdentityMatchPolicy string - -const ( - IdentityMatchPolicyMatchRepoDigestOrExact IdentityMatchPolicy = "MatchRepoDigestOrExact" - IdentityMatchPolicyMatchRepository IdentityMatchPolicy = "MatchRepository" - IdentityMatchPolicyExactRepository IdentityMatchPolicy = "ExactRepository" - IdentityMatchPolicyRemapIdentity IdentityMatchPolicy = "RemapIdentity" -) - -// +k8s:deepcopy-gen=true -type ImagePolicyStatus struct { - // conditions provide details on the status of this API Resource. - // +listType=map - // +listMapKey=type - // +optional - Conditions []metav1.Condition `json:"conditions,omitempty"` -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// ImagePolicyList is a list of ImagePolicy resources -// -// Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. -// +openshift:compatibility-gen:level=4 -type ImagePolicyList struct { - metav1.TypeMeta `json:",inline"` - - // metadata is the standard list's metadata. - // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata - metav1.ListMeta `json:"metadata"` - - Items []ImagePolicy `json:"items"` -} - -const ( - // ImagePolicyPending indicates that the customer resource contains a policy that cannot take effect. It is either overwritten by a global policy or the image scope is not valid. - ImagePolicyPending = "Pending" - // ImagePolicyApplied indicates that the policy has been applied - ImagePolicyApplied = "Applied" -) diff --git a/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.deepcopy.go b/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.deepcopy.go index e28a94dbef..7313338a3b 100644 --- a/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.deepcopy.go +++ b/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.deepcopy.go @@ -11,6 +11,29 @@ import ( runtime "k8s.io/apimachinery/pkg/runtime" ) +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AdditionalAlertmanagerConfig) DeepCopyInto(out *AdditionalAlertmanagerConfig) { + *out = *in + out.Authorization = in.Authorization + if in.StaticConfigs != nil { + in, out := &in.StaticConfigs, &out.StaticConfigs + *out = make([]string, len(*in)) + copy(*out, *in) + } + out.TLSConfig = in.TLSConfig + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AdditionalAlertmanagerConfig. +func (in *AdditionalAlertmanagerConfig) DeepCopy() *AdditionalAlertmanagerConfig { + if in == nil { + return nil + } + out := new(AdditionalAlertmanagerConfig) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *AlertmanagerConfig) DeepCopyInto(out *AlertmanagerConfig) { *out = *in @@ -98,6 +121,23 @@ func (in *Audit) DeepCopy() *Audit { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AuthorizationConfig) DeepCopyInto(out *AuthorizationConfig) { + *out = *in + out.BearerToken = in.BearerToken + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthorizationConfig. +func (in *AuthorizationConfig) DeepCopy() *AuthorizationConfig { + if in == nil { + return nil + } + out := new(AuthorizationConfig) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *Backup) DeepCopyInto(out *Backup) { *out = *in @@ -192,6 +232,24 @@ func (in *BackupStatus) DeepCopy() *BackupStatus { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *BasicAuth) DeepCopyInto(out *BasicAuth) { + *out = *in + out.Username = in.Username + out.Password = in.Password + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BasicAuth. +func (in *BasicAuth) DeepCopy() *BasicAuth { + if in == nil { + return nil + } + out := new(BasicAuth) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *CRIOCredentialProviderConfig) DeepCopyInto(out *CRIOCredentialProviderConfig) { *out = *in @@ -318,112 +376,6 @@ func (in *CertificateConfig) DeepCopy() *CertificateConfig { return out } -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ClusterImagePolicy) DeepCopyInto(out *ClusterImagePolicy) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterImagePolicy. -func (in *ClusterImagePolicy) DeepCopy() *ClusterImagePolicy { - if in == nil { - return nil - } - out := new(ClusterImagePolicy) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *ClusterImagePolicy) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ClusterImagePolicyList) DeepCopyInto(out *ClusterImagePolicyList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]ClusterImagePolicy, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterImagePolicyList. -func (in *ClusterImagePolicyList) DeepCopy() *ClusterImagePolicyList { - if in == nil { - return nil - } - out := new(ClusterImagePolicyList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *ClusterImagePolicyList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ClusterImagePolicySpec) DeepCopyInto(out *ClusterImagePolicySpec) { - *out = *in - if in.Scopes != nil { - in, out := &in.Scopes, &out.Scopes - *out = make([]ImageScope, len(*in)) - copy(*out, *in) - } - in.Policy.DeepCopyInto(&out.Policy) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterImagePolicySpec. -func (in *ClusterImagePolicySpec) DeepCopy() *ClusterImagePolicySpec { - if in == nil { - return nil - } - out := new(ClusterImagePolicySpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ClusterImagePolicyStatus) DeepCopyInto(out *ClusterImagePolicyStatus) { - *out = *in - if in.Conditions != nil { - in, out := &in.Conditions, &out.Conditions - *out = make([]metav1.Condition, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterImagePolicyStatus. -func (in *ClusterImagePolicyStatus) DeepCopy() *ClusterImagePolicyStatus { - if in == nil { - return nil - } - out := new(ClusterImagePolicyStatus) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ClusterMonitoring) DeepCopyInto(out *ClusterMonitoring) { *out = *in @@ -490,9 +442,16 @@ func (in *ClusterMonitoringSpec) DeepCopyInto(out *ClusterMonitoringSpec) { *out = *in out.UserDefined = in.UserDefined in.AlertmanagerConfig.DeepCopyInto(&out.AlertmanagerConfig) + in.PrometheusConfig.DeepCopyInto(&out.PrometheusConfig) in.MetricsServerConfig.DeepCopyInto(&out.MetricsServerConfig) in.PrometheusOperatorConfig.DeepCopyInto(&out.PrometheusOperatorConfig) in.PrometheusOperatorAdmissionWebhookConfig.DeepCopyInto(&out.PrometheusOperatorAdmissionWebhookConfig) + in.OpenShiftStateMetricsConfig.DeepCopyInto(&out.OpenShiftStateMetricsConfig) + in.TelemeterClientConfig.DeepCopyInto(&out.TelemeterClientConfig) + in.ThanosQuerierConfig.DeepCopyInto(&out.ThanosQuerierConfig) + in.NodeExporterConfig.DeepCopyInto(&out.NodeExporterConfig) + in.MonitoringPluginConfig.DeepCopyInto(&out.MonitoringPluginConfig) + in.KubeStateMetricsConfig.DeepCopyInto(&out.KubeStateMetricsConfig) return } @@ -574,6 +533,22 @@ func (in *DefaultCertificateConfig) DeepCopy() *DefaultCertificateConfig { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *DropEqualActionConfig) DeepCopyInto(out *DropEqualActionConfig) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DropEqualActionConfig. +func (in *DropEqualActionConfig) DeepCopy() *DropEqualActionConfig { + if in == nil { + return nil + } + out := new(DropEqualActionConfig) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ECDSAKeyConfig) DeepCopyInto(out *ECDSAKeyConfig) { *out = *in @@ -634,68 +609,57 @@ func (in *GatherConfig) DeepCopy() *GatherConfig { } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ImagePolicy) DeepCopyInto(out *ImagePolicy) { +func (in *HashModActionConfig) DeepCopyInto(out *HashModActionConfig) { *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImagePolicy. -func (in *ImagePolicy) DeepCopy() *ImagePolicy { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HashModActionConfig. +func (in *HashModActionConfig) DeepCopy() *HashModActionConfig { if in == nil { return nil } - out := new(ImagePolicy) + out := new(HashModActionConfig) in.DeepCopyInto(out) return out } -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *ImagePolicy) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ImagePolicyFulcioCAWithRekorRootOfTrust) DeepCopyInto(out *ImagePolicyFulcioCAWithRekorRootOfTrust) { +func (in *InsightsDataGather) DeepCopyInto(out *InsightsDataGather) { *out = *in - if in.FulcioCAData != nil { - in, out := &in.FulcioCAData, &out.FulcioCAData - *out = make([]byte, len(*in)) - copy(*out, *in) - } - if in.RekorKeyData != nil { - in, out := &in.RekorKeyData, &out.RekorKeyData - *out = make([]byte, len(*in)) - copy(*out, *in) - } - out.FulcioSubject = in.FulcioSubject + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + out.Status = in.Status return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImagePolicyFulcioCAWithRekorRootOfTrust. -func (in *ImagePolicyFulcioCAWithRekorRootOfTrust) DeepCopy() *ImagePolicyFulcioCAWithRekorRootOfTrust { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InsightsDataGather. +func (in *InsightsDataGather) DeepCopy() *InsightsDataGather { if in == nil { return nil } - out := new(ImagePolicyFulcioCAWithRekorRootOfTrust) + out := new(InsightsDataGather) in.DeepCopyInto(out) return out } +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *InsightsDataGather) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ImagePolicyList) DeepCopyInto(out *ImagePolicyList) { +func (in *InsightsDataGatherList) DeepCopyInto(out *InsightsDataGatherList) { *out = *in out.TypeMeta = in.TypeMeta in.ListMeta.DeepCopyInto(&out.ListMeta) if in.Items != nil { in, out := &in.Items, &out.Items - *out = make([]ImagePolicy, len(*in)) + *out = make([]InsightsDataGather, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -703,18 +667,18 @@ func (in *ImagePolicyList) DeepCopyInto(out *ImagePolicyList) { return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImagePolicyList. -func (in *ImagePolicyList) DeepCopy() *ImagePolicyList { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InsightsDataGatherList. +func (in *InsightsDataGatherList) DeepCopy() *InsightsDataGatherList { if in == nil { return nil } - out := new(ImagePolicyList) + out := new(InsightsDataGatherList) in.DeepCopyInto(out) return out } // DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *ImagePolicyList) DeepCopyObject() runtime.Object { +func (in *InsightsDataGatherList) DeepCopyObject() runtime.Object { if c := in.DeepCopy(); c != nil { return c } @@ -722,86 +686,106 @@ func (in *ImagePolicyList) DeepCopyObject() runtime.Object { } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ImagePolicyPKIRootOfTrust) DeepCopyInto(out *ImagePolicyPKIRootOfTrust) { +func (in *InsightsDataGatherSpec) DeepCopyInto(out *InsightsDataGatherSpec) { *out = *in - if in.CertificateAuthorityRootsData != nil { - in, out := &in.CertificateAuthorityRootsData, &out.CertificateAuthorityRootsData - *out = make([]byte, len(*in)) - copy(*out, *in) - } - if in.CertificateAuthorityIntermediatesData != nil { - in, out := &in.CertificateAuthorityIntermediatesData, &out.CertificateAuthorityIntermediatesData - *out = make([]byte, len(*in)) - copy(*out, *in) - } - out.PKICertificateSubject = in.PKICertificateSubject + in.GatherConfig.DeepCopyInto(&out.GatherConfig) return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImagePolicyPKIRootOfTrust. -func (in *ImagePolicyPKIRootOfTrust) DeepCopy() *ImagePolicyPKIRootOfTrust { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InsightsDataGatherSpec. +func (in *InsightsDataGatherSpec) DeepCopy() *InsightsDataGatherSpec { if in == nil { return nil } - out := new(ImagePolicyPKIRootOfTrust) + out := new(InsightsDataGatherSpec) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ImagePolicyPublicKeyRootOfTrust) DeepCopyInto(out *ImagePolicyPublicKeyRootOfTrust) { +func (in *InsightsDataGatherStatus) DeepCopyInto(out *InsightsDataGatherStatus) { *out = *in - if in.KeyData != nil { - in, out := &in.KeyData, &out.KeyData - *out = make([]byte, len(*in)) - copy(*out, *in) - } - if in.RekorKeyData != nil { - in, out := &in.RekorKeyData, &out.RekorKeyData - *out = make([]byte, len(*in)) - copy(*out, *in) - } return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImagePolicyPublicKeyRootOfTrust. -func (in *ImagePolicyPublicKeyRootOfTrust) DeepCopy() *ImagePolicyPublicKeyRootOfTrust { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InsightsDataGatherStatus. +func (in *InsightsDataGatherStatus) DeepCopy() *InsightsDataGatherStatus { if in == nil { return nil } - out := new(ImagePolicyPublicKeyRootOfTrust) + out := new(InsightsDataGatherStatus) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ImagePolicySpec) DeepCopyInto(out *ImagePolicySpec) { +func (in *KeepEqualActionConfig) DeepCopyInto(out *KeepEqualActionConfig) { *out = *in - if in.Scopes != nil { - in, out := &in.Scopes, &out.Scopes - *out = make([]ImageScope, len(*in)) - copy(*out, *in) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeepEqualActionConfig. +func (in *KeepEqualActionConfig) DeepCopy() *KeepEqualActionConfig { + if in == nil { + return nil } - in.Policy.DeepCopyInto(&out.Policy) + out := new(KeepEqualActionConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *KeyConfig) DeepCopyInto(out *KeyConfig) { + *out = *in + out.RSA = in.RSA + out.ECDSA = in.ECDSA return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImagePolicySpec. -func (in *ImagePolicySpec) DeepCopy() *ImagePolicySpec { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeyConfig. +func (in *KeyConfig) DeepCopy() *KeyConfig { if in == nil { return nil } - out := new(ImagePolicySpec) + out := new(KeyConfig) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ImagePolicyStatus) DeepCopyInto(out *ImagePolicyStatus) { +func (in *KubeStateMetricsConfig) DeepCopyInto(out *KubeStateMetricsConfig) { *out = *in - if in.Conditions != nil { - in, out := &in.Conditions, &out.Conditions - *out = make([]metav1.Condition, len(*in)) + if in.NodeSelector != nil { + in, out := &in.NodeSelector, &out.NodeSelector + *out = make(map[string]string, len(*in)) + for key, val := range *in { + (*out)[key] = val + } + } + if in.Resources != nil { + in, out := &in.Resources, &out.Resources + *out = make([]ContainerResource, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Tolerations != nil { + in, out := &in.Tolerations, &out.Tolerations + *out = make([]v1.Toleration, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.TopologySpreadConstraints != nil { + in, out := &in.TopologySpreadConstraints, &out.TopologySpreadConstraints + *out = make([]v1.TopologySpreadConstraint, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.AdditionalResourceLabels != nil { + in, out := &in.AdditionalResourceLabels, &out.AdditionalResourceLabels + *out = make([]KubeStateMetricsResourceLabels, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -809,142 +793,114 @@ func (in *ImagePolicyStatus) DeepCopyInto(out *ImagePolicyStatus) { return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImagePolicyStatus. -func (in *ImagePolicyStatus) DeepCopy() *ImagePolicyStatus { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubeStateMetricsConfig. +func (in *KubeStateMetricsConfig) DeepCopy() *KubeStateMetricsConfig { if in == nil { return nil } - out := new(ImagePolicyStatus) + out := new(KubeStateMetricsConfig) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ImageSigstoreVerificationPolicy) DeepCopyInto(out *ImageSigstoreVerificationPolicy) { +func (in *KubeStateMetricsResourceLabels) DeepCopyInto(out *KubeStateMetricsResourceLabels) { *out = *in - in.RootOfTrust.DeepCopyInto(&out.RootOfTrust) - in.SignedIdentity.DeepCopyInto(&out.SignedIdentity) + if in.Labels != nil { + in, out := &in.Labels, &out.Labels + *out = make([]KubeStateMetricsLabelName, len(*in)) + copy(*out, *in) + } return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImageSigstoreVerificationPolicy. -func (in *ImageSigstoreVerificationPolicy) DeepCopy() *ImageSigstoreVerificationPolicy { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubeStateMetricsResourceLabels. +func (in *KubeStateMetricsResourceLabels) DeepCopy() *KubeStateMetricsResourceLabels { if in == nil { return nil } - out := new(ImageSigstoreVerificationPolicy) + out := new(KubeStateMetricsResourceLabels) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *InsightsDataGather) DeepCopyInto(out *InsightsDataGather) { +func (in *Label) DeepCopyInto(out *Label) { *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - out.Status = in.Status return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InsightsDataGather. -func (in *InsightsDataGather) DeepCopy() *InsightsDataGather { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Label. +func (in *Label) DeepCopy() *Label { if in == nil { return nil } - out := new(InsightsDataGather) + out := new(Label) in.DeepCopyInto(out) return out } -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *InsightsDataGather) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *InsightsDataGatherList) DeepCopyInto(out *InsightsDataGatherList) { +func (in *LabelMapActionConfig) DeepCopyInto(out *LabelMapActionConfig) { *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]InsightsDataGather, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InsightsDataGatherList. -func (in *InsightsDataGatherList) DeepCopy() *InsightsDataGatherList { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LabelMapActionConfig. +func (in *LabelMapActionConfig) DeepCopy() *LabelMapActionConfig { if in == nil { return nil } - out := new(InsightsDataGatherList) + out := new(LabelMapActionConfig) in.DeepCopyInto(out) return out } -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *InsightsDataGatherList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *InsightsDataGatherSpec) DeepCopyInto(out *InsightsDataGatherSpec) { +func (in *LowercaseActionConfig) DeepCopyInto(out *LowercaseActionConfig) { *out = *in - in.GatherConfig.DeepCopyInto(&out.GatherConfig) return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InsightsDataGatherSpec. -func (in *InsightsDataGatherSpec) DeepCopy() *InsightsDataGatherSpec { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LowercaseActionConfig. +func (in *LowercaseActionConfig) DeepCopy() *LowercaseActionConfig { if in == nil { return nil } - out := new(InsightsDataGatherSpec) + out := new(LowercaseActionConfig) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *InsightsDataGatherStatus) DeepCopyInto(out *InsightsDataGatherStatus) { +func (in *MetadataConfig) DeepCopyInto(out *MetadataConfig) { *out = *in + out.Custom = in.Custom return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InsightsDataGatherStatus. -func (in *InsightsDataGatherStatus) DeepCopy() *InsightsDataGatherStatus { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MetadataConfig. +func (in *MetadataConfig) DeepCopy() *MetadataConfig { if in == nil { return nil } - out := new(InsightsDataGatherStatus) + out := new(MetadataConfig) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *KeyConfig) DeepCopyInto(out *KeyConfig) { +func (in *MetadataConfigCustom) DeepCopyInto(out *MetadataConfigCustom) { *out = *in - out.RSA = in.RSA - out.ECDSA = in.ECDSA return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeyConfig. -func (in *KeyConfig) DeepCopy() *KeyConfig { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MetadataConfigCustom. +func (in *MetadataConfigCustom) DeepCopy() *MetadataConfigCustom { if in == nil { return nil } - out := new(KeyConfig) + out := new(MetadataConfigCustom) in.DeepCopyInto(out) return out } @@ -995,275 +951,293 @@ func (in *MetricsServerConfig) DeepCopy() *MetricsServerConfig { } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PKI) DeepCopyInto(out *PKI) { +func (in *MonitoringPluginConfig) DeepCopyInto(out *MonitoringPluginConfig) { *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - out.Spec = in.Spec + if in.NodeSelector != nil { + in, out := &in.NodeSelector, &out.NodeSelector + *out = make(map[string]string, len(*in)) + for key, val := range *in { + (*out)[key] = val + } + } + if in.Resources != nil { + in, out := &in.Resources, &out.Resources + *out = make([]ContainerResource, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Tolerations != nil { + in, out := &in.Tolerations, &out.Tolerations + *out = make([]v1.Toleration, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.TopologySpreadConstraints != nil { + in, out := &in.TopologySpreadConstraints, &out.TopologySpreadConstraints + *out = make([]v1.TopologySpreadConstraint, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PKI. -func (in *PKI) DeepCopy() *PKI { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MonitoringPluginConfig. +func (in *MonitoringPluginConfig) DeepCopy() *MonitoringPluginConfig { if in == nil { return nil } - out := new(PKI) + out := new(MonitoringPluginConfig) in.DeepCopyInto(out) return out } -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *PKI) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NodeExporterCollectorBuddyInfoConfig) DeepCopyInto(out *NodeExporterCollectorBuddyInfoConfig) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeExporterCollectorBuddyInfoConfig. +func (in *NodeExporterCollectorBuddyInfoConfig) DeepCopy() *NodeExporterCollectorBuddyInfoConfig { + if in == nil { + return nil } - return nil + out := new(NodeExporterCollectorBuddyInfoConfig) + in.DeepCopyInto(out) + return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PKICertificateManagement) DeepCopyInto(out *PKICertificateManagement) { +func (in *NodeExporterCollectorConfig) DeepCopyInto(out *NodeExporterCollectorConfig) { *out = *in - out.Custom = in.Custom + out.CpuFreq = in.CpuFreq + out.TcpStat = in.TcpStat + out.Ethtool = in.Ethtool + out.NetDev = in.NetDev + out.NetClass = in.NetClass + out.BuddyInfo = in.BuddyInfo + out.MountStats = in.MountStats + out.Ksmd = in.Ksmd + out.Processes = in.Processes + in.Systemd.DeepCopyInto(&out.Systemd) + out.Softirqs = in.Softirqs return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PKICertificateManagement. -func (in *PKICertificateManagement) DeepCopy() *PKICertificateManagement { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeExporterCollectorConfig. +func (in *NodeExporterCollectorConfig) DeepCopy() *NodeExporterCollectorConfig { if in == nil { return nil } - out := new(PKICertificateManagement) + out := new(NodeExporterCollectorConfig) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PKICertificateSubject) DeepCopyInto(out *PKICertificateSubject) { +func (in *NodeExporterCollectorCpufreqConfig) DeepCopyInto(out *NodeExporterCollectorCpufreqConfig) { *out = *in return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PKICertificateSubject. -func (in *PKICertificateSubject) DeepCopy() *PKICertificateSubject { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeExporterCollectorCpufreqConfig. +func (in *NodeExporterCollectorCpufreqConfig) DeepCopy() *NodeExporterCollectorCpufreqConfig { if in == nil { return nil } - out := new(PKICertificateSubject) + out := new(NodeExporterCollectorCpufreqConfig) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PKIList) DeepCopyInto(out *PKIList) { +func (in *NodeExporterCollectorEthtoolConfig) DeepCopyInto(out *NodeExporterCollectorEthtoolConfig) { *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]PKI, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PKIList. -func (in *PKIList) DeepCopy() *PKIList { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeExporterCollectorEthtoolConfig. +func (in *NodeExporterCollectorEthtoolConfig) DeepCopy() *NodeExporterCollectorEthtoolConfig { if in == nil { return nil } - out := new(PKIList) + out := new(NodeExporterCollectorEthtoolConfig) in.DeepCopyInto(out) return out } -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *PKIList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NodeExporterCollectorKSMDConfig) DeepCopyInto(out *NodeExporterCollectorKSMDConfig) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeExporterCollectorKSMDConfig. +func (in *NodeExporterCollectorKSMDConfig) DeepCopy() *NodeExporterCollectorKSMDConfig { + if in == nil { + return nil } - return nil + out := new(NodeExporterCollectorKSMDConfig) + in.DeepCopyInto(out) + return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PKIProfile) DeepCopyInto(out *PKIProfile) { +func (in *NodeExporterCollectorMountStatsConfig) DeepCopyInto(out *NodeExporterCollectorMountStatsConfig) { *out = *in - out.Defaults = in.Defaults - out.SignerCertificates = in.SignerCertificates - out.ServingCertificates = in.ServingCertificates - out.ClientCertificates = in.ClientCertificates return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PKIProfile. -func (in *PKIProfile) DeepCopy() *PKIProfile { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeExporterCollectorMountStatsConfig. +func (in *NodeExporterCollectorMountStatsConfig) DeepCopy() *NodeExporterCollectorMountStatsConfig { if in == nil { return nil } - out := new(PKIProfile) + out := new(NodeExporterCollectorMountStatsConfig) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PKISpec) DeepCopyInto(out *PKISpec) { +func (in *NodeExporterCollectorNetClassCollectConfig) DeepCopyInto(out *NodeExporterCollectorNetClassCollectConfig) { *out = *in - out.CertificateManagement = in.CertificateManagement return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PKISpec. -func (in *PKISpec) DeepCopy() *PKISpec { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeExporterCollectorNetClassCollectConfig. +func (in *NodeExporterCollectorNetClassCollectConfig) DeepCopy() *NodeExporterCollectorNetClassCollectConfig { if in == nil { return nil } - out := new(PKISpec) + out := new(NodeExporterCollectorNetClassCollectConfig) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PersistentVolumeClaimReference) DeepCopyInto(out *PersistentVolumeClaimReference) { +func (in *NodeExporterCollectorNetClassConfig) DeepCopyInto(out *NodeExporterCollectorNetClassConfig) { *out = *in + out.Collect = in.Collect return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PersistentVolumeClaimReference. -func (in *PersistentVolumeClaimReference) DeepCopy() *PersistentVolumeClaimReference { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeExporterCollectorNetClassConfig. +func (in *NodeExporterCollectorNetClassConfig) DeepCopy() *NodeExporterCollectorNetClassConfig { if in == nil { return nil } - out := new(PersistentVolumeClaimReference) + out := new(NodeExporterCollectorNetClassConfig) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PersistentVolumeConfig) DeepCopyInto(out *PersistentVolumeConfig) { +func (in *NodeExporterCollectorNetDevConfig) DeepCopyInto(out *NodeExporterCollectorNetDevConfig) { *out = *in - out.Claim = in.Claim return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PersistentVolumeConfig. -func (in *PersistentVolumeConfig) DeepCopy() *PersistentVolumeConfig { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeExporterCollectorNetDevConfig. +func (in *NodeExporterCollectorNetDevConfig) DeepCopy() *NodeExporterCollectorNetDevConfig { if in == nil { return nil } - out := new(PersistentVolumeConfig) + out := new(NodeExporterCollectorNetDevConfig) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PolicyFulcioSubject) DeepCopyInto(out *PolicyFulcioSubject) { +func (in *NodeExporterCollectorProcessesConfig) DeepCopyInto(out *NodeExporterCollectorProcessesConfig) { *out = *in return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyFulcioSubject. -func (in *PolicyFulcioSubject) DeepCopy() *PolicyFulcioSubject { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeExporterCollectorProcessesConfig. +func (in *NodeExporterCollectorProcessesConfig) DeepCopy() *NodeExporterCollectorProcessesConfig { if in == nil { return nil } - out := new(PolicyFulcioSubject) + out := new(NodeExporterCollectorProcessesConfig) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PolicyIdentity) DeepCopyInto(out *PolicyIdentity) { +func (in *NodeExporterCollectorSoftirqsConfig) DeepCopyInto(out *NodeExporterCollectorSoftirqsConfig) { *out = *in - if in.PolicyMatchExactRepository != nil { - in, out := &in.PolicyMatchExactRepository, &out.PolicyMatchExactRepository - *out = new(PolicyMatchExactRepository) - **out = **in - } - if in.PolicyMatchRemapIdentity != nil { - in, out := &in.PolicyMatchRemapIdentity, &out.PolicyMatchRemapIdentity - *out = new(PolicyMatchRemapIdentity) - **out = **in - } return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyIdentity. -func (in *PolicyIdentity) DeepCopy() *PolicyIdentity { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeExporterCollectorSoftirqsConfig. +func (in *NodeExporterCollectorSoftirqsConfig) DeepCopy() *NodeExporterCollectorSoftirqsConfig { if in == nil { return nil } - out := new(PolicyIdentity) + out := new(NodeExporterCollectorSoftirqsConfig) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PolicyMatchExactRepository) DeepCopyInto(out *PolicyMatchExactRepository) { +func (in *NodeExporterCollectorSystemdCollectConfig) DeepCopyInto(out *NodeExporterCollectorSystemdCollectConfig) { *out = *in + if in.Units != nil { + in, out := &in.Units, &out.Units + *out = make([]NodeExporterSystemdUnit, len(*in)) + copy(*out, *in) + } return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyMatchExactRepository. -func (in *PolicyMatchExactRepository) DeepCopy() *PolicyMatchExactRepository { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeExporterCollectorSystemdCollectConfig. +func (in *NodeExporterCollectorSystemdCollectConfig) DeepCopy() *NodeExporterCollectorSystemdCollectConfig { if in == nil { return nil } - out := new(PolicyMatchExactRepository) + out := new(NodeExporterCollectorSystemdCollectConfig) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PolicyMatchRemapIdentity) DeepCopyInto(out *PolicyMatchRemapIdentity) { +func (in *NodeExporterCollectorSystemdConfig) DeepCopyInto(out *NodeExporterCollectorSystemdConfig) { *out = *in + in.Collect.DeepCopyInto(&out.Collect) return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyMatchRemapIdentity. -func (in *PolicyMatchRemapIdentity) DeepCopy() *PolicyMatchRemapIdentity { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeExporterCollectorSystemdConfig. +func (in *NodeExporterCollectorSystemdConfig) DeepCopy() *NodeExporterCollectorSystemdConfig { if in == nil { return nil } - out := new(PolicyMatchRemapIdentity) + out := new(NodeExporterCollectorSystemdConfig) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PolicyRootOfTrust) DeepCopyInto(out *PolicyRootOfTrust) { +func (in *NodeExporterCollectorTcpStatConfig) DeepCopyInto(out *NodeExporterCollectorTcpStatConfig) { *out = *in - if in.PublicKey != nil { - in, out := &in.PublicKey, &out.PublicKey - *out = new(ImagePolicyPublicKeyRootOfTrust) - (*in).DeepCopyInto(*out) - } - if in.FulcioCAWithRekor != nil { - in, out := &in.FulcioCAWithRekor, &out.FulcioCAWithRekor - *out = new(ImagePolicyFulcioCAWithRekorRootOfTrust) - (*in).DeepCopyInto(*out) - } - if in.PKI != nil { - in, out := &in.PKI, &out.PKI - *out = new(ImagePolicyPKIRootOfTrust) - (*in).DeepCopyInto(*out) - } return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyRootOfTrust. -func (in *PolicyRootOfTrust) DeepCopy() *PolicyRootOfTrust { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeExporterCollectorTcpStatConfig. +func (in *NodeExporterCollectorTcpStatConfig) DeepCopy() *NodeExporterCollectorTcpStatConfig { if in == nil { return nil } - out := new(PolicyRootOfTrust) + out := new(NodeExporterCollectorTcpStatConfig) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PrometheusOperatorAdmissionWebhookConfig) DeepCopyInto(out *PrometheusOperatorAdmissionWebhookConfig) { +func (in *NodeExporterConfig) DeepCopyInto(out *NodeExporterConfig) { *out = *in if in.Resources != nil { in, out := &in.Resources, &out.Resources @@ -1272,9 +1246,42 @@ func (in *PrometheusOperatorAdmissionWebhookConfig) DeepCopyInto(out *Prometheus (*in)[i].DeepCopyInto(&(*out)[i]) } } - if in.TopologySpreadConstraints != nil { - in, out := &in.TopologySpreadConstraints, &out.TopologySpreadConstraints - *out = make([]v1.TopologySpreadConstraint, len(*in)) + in.Collectors.DeepCopyInto(&out.Collectors) + if in.IgnoredNetworkDevices != nil { + in, out := &in.IgnoredNetworkDevices, &out.IgnoredNetworkDevices + *out = new([]NodeExporterIgnoredNetworkDevice) + if **in != nil { + in, out := *in, *out + *out = make([]NodeExporterIgnoredNetworkDevice, len(*in)) + copy(*out, *in) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeExporterConfig. +func (in *NodeExporterConfig) DeepCopy() *NodeExporterConfig { + if in == nil { + return nil + } + out := new(NodeExporterConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OAuth2) DeepCopyInto(out *OAuth2) { + *out = *in + out.ClientID = in.ClientID + out.ClientSecret = in.ClientSecret + if in.Scopes != nil { + in, out := &in.Scopes, &out.Scopes + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.EndpointParams != nil { + in, out := &in.EndpointParams, &out.EndpointParams + *out = make([]OAuth2EndpointParam, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -1282,18 +1289,39 @@ func (in *PrometheusOperatorAdmissionWebhookConfig) DeepCopyInto(out *Prometheus return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PrometheusOperatorAdmissionWebhookConfig. -func (in *PrometheusOperatorAdmissionWebhookConfig) DeepCopy() *PrometheusOperatorAdmissionWebhookConfig { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OAuth2. +func (in *OAuth2) DeepCopy() *OAuth2 { if in == nil { return nil } - out := new(PrometheusOperatorAdmissionWebhookConfig) + out := new(OAuth2) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PrometheusOperatorConfig) DeepCopyInto(out *PrometheusOperatorConfig) { +func (in *OAuth2EndpointParam) DeepCopyInto(out *OAuth2EndpointParam) { + *out = *in + if in.Value != nil { + in, out := &in.Value, &out.Value + *out = new(string) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OAuth2EndpointParam. +func (in *OAuth2EndpointParam) DeepCopy() *OAuth2EndpointParam { + if in == nil { + return nil + } + out := new(OAuth2EndpointParam) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OpenShiftStateMetricsConfig) DeepCopyInto(out *OpenShiftStateMetricsConfig) { *out = *in if in.NodeSelector != nil { in, out := &in.NodeSelector, &out.NodeSelector @@ -1326,80 +1354,548 @@ func (in *PrometheusOperatorConfig) DeepCopyInto(out *PrometheusOperatorConfig) return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PrometheusOperatorConfig. -func (in *PrometheusOperatorConfig) DeepCopy() *PrometheusOperatorConfig { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OpenShiftStateMetricsConfig. +func (in *OpenShiftStateMetricsConfig) DeepCopy() *OpenShiftStateMetricsConfig { if in == nil { return nil } - out := new(PrometheusOperatorConfig) + out := new(OpenShiftStateMetricsConfig) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *RSAKeyConfig) DeepCopyInto(out *RSAKeyConfig) { +func (in *PKI) DeepCopyInto(out *PKI) { *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + out.Spec = in.Spec return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RSAKeyConfig. -func (in *RSAKeyConfig) DeepCopy() *RSAKeyConfig { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PKI. +func (in *PKI) DeepCopy() *PKI { if in == nil { return nil } - out := new(RSAKeyConfig) + out := new(PKI) in.DeepCopyInto(out) return out } +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *PKI) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *RetentionNumberConfig) DeepCopyInto(out *RetentionNumberConfig) { +func (in *PKICertificateManagement) DeepCopyInto(out *PKICertificateManagement) { *out = *in + out.Custom = in.Custom return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RetentionNumberConfig. -func (in *RetentionNumberConfig) DeepCopy() *RetentionNumberConfig { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PKICertificateManagement. +func (in *PKICertificateManagement) DeepCopy() *PKICertificateManagement { if in == nil { return nil } - out := new(RetentionNumberConfig) + out := new(PKICertificateManagement) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *RetentionPolicy) DeepCopyInto(out *RetentionPolicy) { +func (in *PKIList) DeepCopyInto(out *PKIList) { *out = *in - if in.RetentionNumber != nil { - in, out := &in.RetentionNumber, &out.RetentionNumber - *out = new(RetentionNumberConfig) - **out = **in - } - if in.RetentionSize != nil { - in, out := &in.RetentionSize, &out.RetentionSize - *out = new(RetentionSizeConfig) - **out = **in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]PKI, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } } return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RetentionPolicy. -func (in *RetentionPolicy) DeepCopy() *RetentionPolicy { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PKIList. +func (in *PKIList) DeepCopy() *PKIList { if in == nil { return nil } - out := new(RetentionPolicy) + out := new(PKIList) in.DeepCopyInto(out) return out } -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *RetentionSizeConfig) DeepCopyInto(out *RetentionSizeConfig) { - *out = *in - return -} - +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *PKIList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PKIProfile) DeepCopyInto(out *PKIProfile) { + *out = *in + out.Defaults = in.Defaults + out.SignerCertificates = in.SignerCertificates + out.ServingCertificates = in.ServingCertificates + out.ClientCertificates = in.ClientCertificates + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PKIProfile. +func (in *PKIProfile) DeepCopy() *PKIProfile { + if in == nil { + return nil + } + out := new(PKIProfile) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PKISpec) DeepCopyInto(out *PKISpec) { + *out = *in + out.CertificateManagement = in.CertificateManagement + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PKISpec. +func (in *PKISpec) DeepCopy() *PKISpec { + if in == nil { + return nil + } + out := new(PKISpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PersistentVolumeClaimReference) DeepCopyInto(out *PersistentVolumeClaimReference) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PersistentVolumeClaimReference. +func (in *PersistentVolumeClaimReference) DeepCopy() *PersistentVolumeClaimReference { + if in == nil { + return nil + } + out := new(PersistentVolumeClaimReference) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PersistentVolumeConfig) DeepCopyInto(out *PersistentVolumeConfig) { + *out = *in + out.Claim = in.Claim + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PersistentVolumeConfig. +func (in *PersistentVolumeConfig) DeepCopy() *PersistentVolumeConfig { + if in == nil { + return nil + } + out := new(PersistentVolumeConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PrometheusConfig) DeepCopyInto(out *PrometheusConfig) { + *out = *in + if in.AdditionalAlertmanagerConfigs != nil { + in, out := &in.AdditionalAlertmanagerConfigs, &out.AdditionalAlertmanagerConfigs + *out = make([]AdditionalAlertmanagerConfig, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.ExternalLabels != nil { + in, out := &in.ExternalLabels, &out.ExternalLabels + *out = make([]Label, len(*in)) + copy(*out, *in) + } + if in.NodeSelector != nil { + in, out := &in.NodeSelector, &out.NodeSelector + *out = make(map[string]string, len(*in)) + for key, val := range *in { + (*out)[key] = val + } + } + if in.RemoteWrite != nil { + in, out := &in.RemoteWrite, &out.RemoteWrite + *out = make([]RemoteWriteSpec, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Resources != nil { + in, out := &in.Resources, &out.Resources + *out = make([]ContainerResource, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + out.Retention = in.Retention + if in.Tolerations != nil { + in, out := &in.Tolerations, &out.Tolerations + *out = make([]v1.Toleration, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.TopologySpreadConstraints != nil { + in, out := &in.TopologySpreadConstraints, &out.TopologySpreadConstraints + *out = make([]v1.TopologySpreadConstraint, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.VolumeClaimTemplate != nil { + in, out := &in.VolumeClaimTemplate, &out.VolumeClaimTemplate + *out = new(v1.PersistentVolumeClaim) + (*in).DeepCopyInto(*out) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PrometheusConfig. +func (in *PrometheusConfig) DeepCopy() *PrometheusConfig { + if in == nil { + return nil + } + out := new(PrometheusConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PrometheusOperatorAdmissionWebhookConfig) DeepCopyInto(out *PrometheusOperatorAdmissionWebhookConfig) { + *out = *in + if in.Resources != nil { + in, out := &in.Resources, &out.Resources + *out = make([]ContainerResource, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.TopologySpreadConstraints != nil { + in, out := &in.TopologySpreadConstraints, &out.TopologySpreadConstraints + *out = make([]v1.TopologySpreadConstraint, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PrometheusOperatorAdmissionWebhookConfig. +func (in *PrometheusOperatorAdmissionWebhookConfig) DeepCopy() *PrometheusOperatorAdmissionWebhookConfig { + if in == nil { + return nil + } + out := new(PrometheusOperatorAdmissionWebhookConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PrometheusOperatorConfig) DeepCopyInto(out *PrometheusOperatorConfig) { + *out = *in + if in.NodeSelector != nil { + in, out := &in.NodeSelector, &out.NodeSelector + *out = make(map[string]string, len(*in)) + for key, val := range *in { + (*out)[key] = val + } + } + if in.Resources != nil { + in, out := &in.Resources, &out.Resources + *out = make([]ContainerResource, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Tolerations != nil { + in, out := &in.Tolerations, &out.Tolerations + *out = make([]v1.Toleration, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.TopologySpreadConstraints != nil { + in, out := &in.TopologySpreadConstraints, &out.TopologySpreadConstraints + *out = make([]v1.TopologySpreadConstraint, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PrometheusOperatorConfig. +func (in *PrometheusOperatorConfig) DeepCopy() *PrometheusOperatorConfig { + if in == nil { + return nil + } + out := new(PrometheusOperatorConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PrometheusRemoteWriteHeader) DeepCopyInto(out *PrometheusRemoteWriteHeader) { + *out = *in + if in.Value != nil { + in, out := &in.Value, &out.Value + *out = new(string) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PrometheusRemoteWriteHeader. +func (in *PrometheusRemoteWriteHeader) DeepCopy() *PrometheusRemoteWriteHeader { + if in == nil { + return nil + } + out := new(PrometheusRemoteWriteHeader) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *QueueConfig) DeepCopyInto(out *QueueConfig) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new QueueConfig. +func (in *QueueConfig) DeepCopy() *QueueConfig { + if in == nil { + return nil + } + out := new(QueueConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RSAKeyConfig) DeepCopyInto(out *RSAKeyConfig) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RSAKeyConfig. +func (in *RSAKeyConfig) DeepCopy() *RSAKeyConfig { + if in == nil { + return nil + } + out := new(RSAKeyConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RelabelActionConfig) DeepCopyInto(out *RelabelActionConfig) { + *out = *in + in.Replace.DeepCopyInto(&out.Replace) + out.HashMod = in.HashMod + out.LabelMap = in.LabelMap + out.Lowercase = in.Lowercase + out.Uppercase = in.Uppercase + out.KeepEqual = in.KeepEqual + out.DropEqual = in.DropEqual + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RelabelActionConfig. +func (in *RelabelActionConfig) DeepCopy() *RelabelActionConfig { + if in == nil { + return nil + } + out := new(RelabelActionConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RelabelConfig) DeepCopyInto(out *RelabelConfig) { + *out = *in + if in.SourceLabels != nil { + in, out := &in.SourceLabels, &out.SourceLabels + *out = make([]string, len(*in)) + copy(*out, *in) + } + in.Action.DeepCopyInto(&out.Action) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RelabelConfig. +func (in *RelabelConfig) DeepCopy() *RelabelConfig { + if in == nil { + return nil + } + out := new(RelabelConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RemoteWriteAuthorization) DeepCopyInto(out *RemoteWriteAuthorization) { + *out = *in + if in.SafeAuthorization != nil { + in, out := &in.SafeAuthorization, &out.SafeAuthorization + *out = new(v1.SecretKeySelector) + (*in).DeepCopyInto(*out) + } + out.BearerToken = in.BearerToken + out.BasicAuth = in.BasicAuth + in.OAuth2.DeepCopyInto(&out.OAuth2) + out.Sigv4 = in.Sigv4 + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RemoteWriteAuthorization. +func (in *RemoteWriteAuthorization) DeepCopy() *RemoteWriteAuthorization { + if in == nil { + return nil + } + out := new(RemoteWriteAuthorization) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RemoteWriteSpec) DeepCopyInto(out *RemoteWriteSpec) { + *out = *in + in.AuthorizationConfig.DeepCopyInto(&out.AuthorizationConfig) + if in.Headers != nil { + in, out := &in.Headers, &out.Headers + *out = make([]PrometheusRemoteWriteHeader, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + out.MetadataConfig = in.MetadataConfig + out.QueueConfig = in.QueueConfig + out.TLSConfig = in.TLSConfig + if in.WriteRelabelConfigs != nil { + in, out := &in.WriteRelabelConfigs, &out.WriteRelabelConfigs + *out = make([]RelabelConfig, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RemoteWriteSpec. +func (in *RemoteWriteSpec) DeepCopy() *RemoteWriteSpec { + if in == nil { + return nil + } + out := new(RemoteWriteSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ReplaceActionConfig) DeepCopyInto(out *ReplaceActionConfig) { + *out = *in + if in.Replacement != nil { + in, out := &in.Replacement, &out.Replacement + *out = new(string) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ReplaceActionConfig. +func (in *ReplaceActionConfig) DeepCopy() *ReplaceActionConfig { + if in == nil { + return nil + } + out := new(ReplaceActionConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Retention) DeepCopyInto(out *Retention) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Retention. +func (in *Retention) DeepCopy() *Retention { + if in == nil { + return nil + } + out := new(Retention) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RetentionNumberConfig) DeepCopyInto(out *RetentionNumberConfig) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RetentionNumberConfig. +func (in *RetentionNumberConfig) DeepCopy() *RetentionNumberConfig { + if in == nil { + return nil + } + out := new(RetentionNumberConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RetentionPolicy) DeepCopyInto(out *RetentionPolicy) { + *out = *in + if in.RetentionNumber != nil { + in, out := &in.RetentionNumber, &out.RetentionNumber + *out = new(RetentionNumberConfig) + **out = **in + } + if in.RetentionSize != nil { + in, out := &in.RetentionSize, &out.RetentionSize + *out = new(RetentionSizeConfig) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RetentionPolicy. +func (in *RetentionPolicy) DeepCopy() *RetentionPolicy { + if in == nil { + return nil + } + out := new(RetentionPolicy) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RetentionSizeConfig) DeepCopyInto(out *RetentionSizeConfig) { + *out = *in + return +} + // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RetentionSizeConfig. func (in *RetentionSizeConfig) DeepCopy() *RetentionSizeConfig { if in == nil { @@ -1410,6 +1906,40 @@ func (in *RetentionSizeConfig) DeepCopy() *RetentionSizeConfig { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SecretKeySelector) DeepCopyInto(out *SecretKeySelector) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretKeySelector. +func (in *SecretKeySelector) DeepCopy() *SecretKeySelector { + if in == nil { + return nil + } + out := new(SecretKeySelector) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Sigv4) DeepCopyInto(out *Sigv4) { + *out = *in + out.AccessKey = in.AccessKey + out.SecretKey = in.SecretKey + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Sigv4. +func (in *Sigv4) DeepCopy() *Sigv4 { + if in == nil { + return nil + } + out := new(Sigv4) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *Storage) DeepCopyInto(out *Storage) { *out = *in @@ -1431,6 +1961,146 @@ func (in *Storage) DeepCopy() *Storage { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TLSConfig) DeepCopyInto(out *TLSConfig) { + *out = *in + out.CA = in.CA + out.Cert = in.Cert + out.Key = in.Key + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TLSConfig. +func (in *TLSConfig) DeepCopy() *TLSConfig { + if in == nil { + return nil + } + out := new(TLSConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TelemeterClientConfig) DeepCopyInto(out *TelemeterClientConfig) { + *out = *in + if in.NodeSelector != nil { + in, out := &in.NodeSelector, &out.NodeSelector + *out = make(map[string]string, len(*in)) + for key, val := range *in { + (*out)[key] = val + } + } + if in.Resources != nil { + in, out := &in.Resources, &out.Resources + *out = make([]ContainerResource, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Tolerations != nil { + in, out := &in.Tolerations, &out.Tolerations + *out = make([]v1.Toleration, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.TopologySpreadConstraints != nil { + in, out := &in.TopologySpreadConstraints, &out.TopologySpreadConstraints + *out = make([]v1.TopologySpreadConstraint, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TelemeterClientConfig. +func (in *TelemeterClientConfig) DeepCopy() *TelemeterClientConfig { + if in == nil { + return nil + } + out := new(TelemeterClientConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ThanosQuerierConfig) DeepCopyInto(out *ThanosQuerierConfig) { + *out = *in + out.RequestLogging = in.RequestLogging + if in.NodeSelector != nil { + in, out := &in.NodeSelector, &out.NodeSelector + *out = make(map[string]string, len(*in)) + for key, val := range *in { + (*out)[key] = val + } + } + if in.Resources != nil { + in, out := &in.Resources, &out.Resources + *out = make([]ContainerResource, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Tolerations != nil { + in, out := &in.Tolerations, &out.Tolerations + *out = make([]v1.Toleration, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.TopologySpreadConstraints != nil { + in, out := &in.TopologySpreadConstraints, &out.TopologySpreadConstraints + *out = make([]v1.TopologySpreadConstraint, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ThanosQuerierConfig. +func (in *ThanosQuerierConfig) DeepCopy() *ThanosQuerierConfig { + if in == nil { + return nil + } + out := new(ThanosQuerierConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ThanosQuerierRequestLoggingConfig) DeepCopyInto(out *ThanosQuerierRequestLoggingConfig) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ThanosQuerierRequestLoggingConfig. +func (in *ThanosQuerierRequestLoggingConfig) DeepCopy() *ThanosQuerierRequestLoggingConfig { + if in == nil { + return nil + } + out := new(ThanosQuerierRequestLoggingConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *UppercaseActionConfig) DeepCopyInto(out *UppercaseActionConfig) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UppercaseActionConfig. +func (in *UppercaseActionConfig) DeepCopy() *UppercaseActionConfig { + if in == nil { + return nil + } + out := new(UppercaseActionConfig) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *UserDefinedMonitoring) DeepCopyInto(out *UserDefinedMonitoring) { *out = *in diff --git a/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.featuregated-crd-manifests.yaml index dc2d249a99..b2a1241937 100644 --- a/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.featuregated-crd-manifests.yaml +++ b/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.featuregated-crd-manifests.yaml @@ -44,30 +44,6 @@ criocredentialproviderconfigs.config.openshift.io: - CRIOCredentialProviderConfig Version: v1alpha1 -clusterimagepolicies.config.openshift.io: - Annotations: {} - ApprovedPRNumber: https://github.com/openshift/api/pull/1457 - CRDName: clusterimagepolicies.config.openshift.io - Capability: "" - Category: "" - FeatureGates: - - SigstoreImageVerification - - SigstoreImageVerificationPKI - FilenameOperatorName: config-operator - FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_10" - GroupName: config.openshift.io - HasStatus: true - KindName: ClusterImagePolicy - Labels: {} - PluralName: clusterimagepolicies - PrinterColumns: [] - Scope: Cluster - ShortNames: null - TopLevelFeatureGates: - - SigstoreImageVerification - Version: v1alpha1 - clustermonitorings.config.openshift.io: Annotations: description: Cluster Monitoring Operators configuration API @@ -92,30 +68,6 @@ clustermonitorings.config.openshift.io: - ClusterMonitoringConfig Version: v1alpha1 -imagepolicies.config.openshift.io: - Annotations: {} - ApprovedPRNumber: https://github.com/openshift/api/pull/1457 - CRDName: imagepolicies.config.openshift.io - Capability: "" - Category: "" - FeatureGates: - - SigstoreImageVerification - - SigstoreImageVerificationPKI - FilenameOperatorName: config-operator - FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_10" - GroupName: config.openshift.io - HasStatus: true - KindName: ImagePolicy - Labels: {} - PluralName: imagepolicies - PrinterColumns: [] - Scope: Namespaced - ShortNames: null - TopLevelFeatureGates: - - SigstoreImageVerification - Version: v1alpha1 - insightsdatagathers.config.openshift.io: Annotations: {} ApprovedPRNumber: https://github.com/openshift/api/pull/1245 diff --git a/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.model_name.go b/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.model_name.go new file mode 100644 index 0000000000..36a7803bf2 --- /dev/null +++ b/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.model_name.go @@ -0,0 +1,461 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Code generated by codegen. DO NOT EDIT. + +package v1alpha1 + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AdditionalAlertmanagerConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.AdditionalAlertmanagerConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AlertmanagerConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.AlertmanagerConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AlertmanagerCustomConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.AlertmanagerCustomConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in Audit) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.Audit" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AuthorizationConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.AuthorizationConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in Backup) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.Backup" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in BackupList) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.BackupList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in BackupSpec) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.BackupSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in BackupStatus) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.BackupStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in BasicAuth) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.BasicAuth" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in CRIOCredentialProviderConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.CRIOCredentialProviderConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in CRIOCredentialProviderConfigList) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.CRIOCredentialProviderConfigList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in CRIOCredentialProviderConfigSpec) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.CRIOCredentialProviderConfigSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in CRIOCredentialProviderConfigStatus) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.CRIOCredentialProviderConfigStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in CertificateConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.CertificateConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ClusterMonitoring) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.ClusterMonitoring" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ClusterMonitoringList) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.ClusterMonitoringList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ClusterMonitoringSpec) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.ClusterMonitoringSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ClusterMonitoringStatus) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.ClusterMonitoringStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ContainerResource) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.ContainerResource" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in CustomPKIPolicy) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.CustomPKIPolicy" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in DefaultCertificateConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.DefaultCertificateConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in DropEqualActionConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.DropEqualActionConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ECDSAKeyConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.ECDSAKeyConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in EtcdBackupSpec) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.EtcdBackupSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in GatherConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.GatherConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in HashModActionConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.HashModActionConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in InsightsDataGather) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.InsightsDataGather" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in InsightsDataGatherList) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.InsightsDataGatherList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in InsightsDataGatherSpec) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.InsightsDataGatherSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in InsightsDataGatherStatus) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.InsightsDataGatherStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in KeepEqualActionConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.KeepEqualActionConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in KeyConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.KeyConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in KubeStateMetricsConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.KubeStateMetricsConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in KubeStateMetricsResourceLabels) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.KubeStateMetricsResourceLabels" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in Label) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.Label" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in LabelMapActionConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.LabelMapActionConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in LowercaseActionConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.LowercaseActionConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MetadataConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.MetadataConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MetadataConfigCustom) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.MetadataConfigCustom" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MetricsServerConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.MetricsServerConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MonitoringPluginConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.MonitoringPluginConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NodeExporterCollectorBuddyInfoConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.NodeExporterCollectorBuddyInfoConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NodeExporterCollectorConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.NodeExporterCollectorConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NodeExporterCollectorCpufreqConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.NodeExporterCollectorCpufreqConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NodeExporterCollectorEthtoolConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.NodeExporterCollectorEthtoolConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NodeExporterCollectorKSMDConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.NodeExporterCollectorKSMDConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NodeExporterCollectorMountStatsConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.NodeExporterCollectorMountStatsConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NodeExporterCollectorNetClassCollectConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.NodeExporterCollectorNetClassCollectConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NodeExporterCollectorNetClassConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.NodeExporterCollectorNetClassConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NodeExporterCollectorNetDevConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.NodeExporterCollectorNetDevConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NodeExporterCollectorProcessesConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.NodeExporterCollectorProcessesConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NodeExporterCollectorSoftirqsConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.NodeExporterCollectorSoftirqsConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NodeExporterCollectorSystemdCollectConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.NodeExporterCollectorSystemdCollectConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NodeExporterCollectorSystemdConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.NodeExporterCollectorSystemdConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NodeExporterCollectorTcpStatConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.NodeExporterCollectorTcpStatConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NodeExporterConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.NodeExporterConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OAuth2) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.OAuth2" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OAuth2EndpointParam) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.OAuth2EndpointParam" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OpenShiftStateMetricsConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.OpenShiftStateMetricsConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PKI) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.PKI" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PKICertificateManagement) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.PKICertificateManagement" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PKIList) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.PKIList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PKIProfile) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.PKIProfile" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PKISpec) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.PKISpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PersistentVolumeClaimReference) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.PersistentVolumeClaimReference" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PersistentVolumeConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.PersistentVolumeConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PrometheusConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.PrometheusConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PrometheusOperatorAdmissionWebhookConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.PrometheusOperatorAdmissionWebhookConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PrometheusOperatorConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.PrometheusOperatorConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PrometheusRemoteWriteHeader) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.PrometheusRemoteWriteHeader" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in QueueConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.QueueConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in RSAKeyConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.RSAKeyConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in RelabelActionConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.RelabelActionConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in RelabelConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.RelabelConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in RemoteWriteAuthorization) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.RemoteWriteAuthorization" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in RemoteWriteSpec) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.RemoteWriteSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ReplaceActionConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.ReplaceActionConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in Retention) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.Retention" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in RetentionNumberConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.RetentionNumberConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in RetentionPolicy) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.RetentionPolicy" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in RetentionSizeConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.RetentionSizeConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in SecretKeySelector) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.SecretKeySelector" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in Sigv4) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.Sigv4" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in Storage) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.Storage" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in TLSConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.TLSConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in TelemeterClientConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.TelemeterClientConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ThanosQuerierConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.ThanosQuerierConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ThanosQuerierRequestLoggingConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.ThanosQuerierRequestLoggingConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in UppercaseActionConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.UppercaseActionConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in UserDefinedMonitoring) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha1.UserDefinedMonitoring" +} diff --git a/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.swagger_doc_generated.go index e43dc7b236..2194d79def 100644 --- a/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.swagger_doc_generated.go @@ -80,42 +80,19 @@ func (RetentionSizeConfig) SwaggerDoc() map[string]string { return map_RetentionSizeConfig } -var map_ClusterImagePolicy = map[string]string{ - "": "ClusterImagePolicy holds cluster-wide configuration for image signature verification\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.", - "metadata": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", - "spec": "spec contains the configuration for the cluster image policy.", - "status": "status contains the observed state of the resource.", -} - -func (ClusterImagePolicy) SwaggerDoc() map[string]string { - return map_ClusterImagePolicy -} - -var map_ClusterImagePolicyList = map[string]string{ - "": "ClusterImagePolicyList is a list of ClusterImagePolicy resources\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.", - "metadata": "metadata is the standard list's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", -} - -func (ClusterImagePolicyList) SwaggerDoc() map[string]string { - return map_ClusterImagePolicyList -} - -var map_ClusterImagePolicySpec = map[string]string{ - "": "CLusterImagePolicySpec is the specification of the ClusterImagePolicy custom resource.", - "scopes": "scopes defines the list of image identities assigned to a policy. Each item refers to a scope in a registry implementing the \"Docker Registry HTTP API V2\". Scopes matching individual images are named Docker references in the fully expanded form, either using a tag or digest. For example, docker.io/library/busybox:latest (not busybox:latest). More general scopes are prefixes of individual-image scopes, and specify a repository (by omitting the tag or digest), a repository namespace, or a registry host (by only specifying the host name and possibly a port number) or a wildcard expression starting with `*.`, for matching all subdomains (not including a port number). Wildcards are only supported for subdomain matching, and may not be used in the middle of the host, i.e. *.example.com is a valid case, but example*.*.com is not. If multiple scopes match a given image, only the policy requirements for the most specific scope apply. The policy requirements for more general scopes are ignored. In addition to setting a policy appropriate for your own deployed applications, make sure that a policy on the OpenShift image repositories quay.io/openshift-release-dev/ocp-release, quay.io/openshift-release-dev/ocp-v4.0-art-dev (or on a more general scope) allows deployment of the OpenShift images required for cluster operation. If a scope is configured in both the ClusterImagePolicy and the ImagePolicy, or if the scope in ImagePolicy is nested under one of the scopes from the ClusterImagePolicy, only the policy from the ClusterImagePolicy will be applied. For additional details about the format, please refer to the document explaining the docker transport field, which can be found at: https://github.com/containers/image/blob/main/docs/containers-policy.json.5.md#docker", - "policy": "policy contains configuration to allow scopes to be verified, and defines how images not matching the verification policy will be treated.", -} - -func (ClusterImagePolicySpec) SwaggerDoc() map[string]string { - return map_ClusterImagePolicySpec -} - -var map_ClusterImagePolicyStatus = map[string]string{ - "conditions": "conditions provide details on the status of this API Resource.", +var map_AdditionalAlertmanagerConfig = map[string]string{ + "": "AdditionalAlertmanagerConfig represents configuration for additional Alertmanager instances. The `AdditionalAlertmanagerConfig` resource defines settings for how a component communicates with additional Alertmanager instances.", + "name": "name is a unique identifier for this Alertmanager configuration entry. The name must be a valid DNS subdomain (RFC 1123): lowercase alphanumeric characters, hyphens, or periods, and must start and end with an alphanumeric character. Minimum length is 1 character (empty string is invalid). Maximum length is 253 characters.", + "authorization": "authorization configures the authentication method for Alertmanager connections. Supports bearer token authentication. When omitted, no authentication is used.", + "pathPrefix": "pathPrefix defines an optional URL path prefix to prepend to the Alertmanager API endpoints. For example, if your Alertmanager is behind a reverse proxy at \"/alertmanager/\", set this to \"/alertmanager\" so requests go to \"/alertmanager/api/v1/alerts\" instead of \"/api/v1/alerts\". This is commonly needed when Alertmanager is deployed behind ingress controllers or load balancers. When no prefix is needed, omit this field; do not set it to \"/\" as that would produce paths with double slashes (e.g. \"//api/v1/alerts\"). Must start with \"/\", must not end with \"/\", and must not be exactly \"/\". Must not contain query strings (\"?\") or fragments (\"#\").", + "scheme": "scheme defines the URL scheme to use when communicating with Alertmanager instances. Possible values are `HTTP` or `HTTPS`. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default value is `HTTP`.", + "staticConfigs": "staticConfigs is a list of statically configured Alertmanager endpoints in the form of `:`. Each entry must be a valid hostname, IPv4 address, or IPv6 address (in brackets) followed by a colon and a valid port number (1-65535). Examples: \"alertmanager.example.com:9093\", \"192.168.1.100:9093\", \"[::1]:9093\" At least one endpoint must be specified (minimum 1, maximum 10 endpoints). Each entry must be unique and non-empty (empty string is invalid).", + "timeoutSeconds": "timeoutSeconds defines the timeout in seconds for requests to Alertmanager. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. Currently the default is 10 seconds. Minimum value is 1 second. Maximum value is 600 seconds (10 minutes).", + "tlsConfig": "tlsConfig defines the TLS settings to use for Alertmanager connections. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time.", } -func (ClusterImagePolicyStatus) SwaggerDoc() map[string]string { - return map_ClusterImagePolicyStatus +func (AdditionalAlertmanagerConfig) SwaggerDoc() map[string]string { + return map_AdditionalAlertmanagerConfig } var map_AlertmanagerConfig = map[string]string{ @@ -129,14 +106,15 @@ func (AlertmanagerConfig) SwaggerDoc() map[string]string { } var map_AlertmanagerCustomConfig = map[string]string{ - "": "AlertmanagerCustomConfig represents the configuration for a custom Alertmanager deployment. alertmanagerCustomConfig provides configuration options for the default Alertmanager instance that runs in the `openshift-monitoring` namespace. Use this configuration to control whether the default Alertmanager is deployed, how it logs, and how its pods are scheduled.", - "logLevel": "logLevel defines the verbosity of logs emitted by Alertmanager. This field allows users to control the amount and severity of logs generated, which can be useful for debugging issues or reducing noise in production environments. Allowed values are Error, Warn, Info, and Debug. When set to Error, only errors will be logged. When set to Warn, both warnings and errors will be logged. When set to Info, general information, warnings, and errors will all be logged. When set to Debug, detailed debugging information will be logged. When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. The current default value is `Info`.", - "nodeSelector": "nodeSelector defines the nodes on which the Pods are scheduled nodeSelector is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. The current default value is `kubernetes.io/os: linux`.", - "resources": "resources defines the compute resource requests and limits for the Alertmanager container. This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. When not specified, defaults are used by the platform. Requests cannot exceed limits. This field is optional. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ This is a simplified API that maps to Kubernetes ResourceRequirements. The current default values are:\n resources:\n - name: cpu\n request: 4m\n limit: null\n - name: memory\n request: 40Mi\n limit: null\nMaximum length for this list is 10. Minimum length for this list is 1. Each resource name must be unique within this list.", - "secrets": "secrets defines a list of secrets that need to be mounted into the Alertmanager. The secrets must reside within the same namespace as the Alertmanager object. They will be added as volumes named secret- and mounted at /etc/alertmanager/secrets/ within the 'alertmanager' container of the Alertmanager Pods.\n\nThese secrets can be used to authenticate Alertmanager with endpoint receivers. For example, you can use secrets to: - Provide certificates for TLS authentication with receivers that require private CA certificates - Store credentials for Basic HTTP authentication with receivers that require password-based auth - Store any other authentication credentials needed by your alert receivers\n\nThis field is optional. Maximum length for this list is 10. Minimum length for this list is 1. Entries in this list must be unique.", - "tolerations": "tolerations defines tolerations for the pods. tolerations is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. Defaults are empty/unset. Maximum length for this list is 10. Minimum length for this list is 1.", - "topologySpreadConstraints": "topologySpreadConstraints defines rules for how Alertmanager Pods should be distributed across topology domains such as zones, nodes, or other user-defined labels. topologySpreadConstraints is optional. This helps improve high availability and resource efficiency by avoiding placing too many replicas in the same failure domain.\n\nWhen omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. This field maps directly to the `topologySpreadConstraints` field in the Pod spec. Default is empty list. Maximum length for this list is 10. Minimum length for this list is 1. Entries must have unique topologyKey and whenUnsatisfiable pairs.", - "volumeClaimTemplate": "volumeClaimTemplate Defines persistent storage for Alertmanager. Use this setting to configure the persistent volume claim, including storage class, volume size, and name. If omitted, the Pod uses ephemeral storage and alert data will not persist across restarts. This field is optional.", + "": "AlertmanagerCustomConfig represents the configuration for a custom Alertmanager deployment. alertmanagerCustomConfig provides configuration options for the default Alertmanager instance that runs in the `openshift-monitoring` namespace. Use this configuration to control whether user-defined namespaces are selected for AlertmanagerConfig lookups, how it logs, and how its pods are scheduled.", + "userAlertmanagerConfigSelection": "userAlertmanagerConfigSelection is an optional field that controls whether user-defined namespaces can be selected for AlertmanagerConfig lookups on the platform Alertmanager instance in the `openshift-monitoring` namespace. Valid values are Selectable and None. When set to Selectable, the platform Alertmanager discovers AlertmanagerConfig resources in user-defined namespaces. This is equivalent to `enableUserAlertmanagerConfig: true` in the cluster-monitoring-config ConfigMap. When set to None, user-defined namespaces are not selected for AlertmanagerConfig lookups on the platform Alertmanager. This is equivalent to `enableUserAlertmanagerConfig: false` in the cluster-monitoring-config ConfigMap. This setting only applies when the user-workload monitoring Alertmanager is not enabled. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default value is `None`.", + "logLevel": "logLevel defines the verbosity of logs emitted by Alertmanager. This field allows users to control the amount and severity of logs generated, which can be useful for debugging issues or reducing noise in production environments. Allowed values are Error, Warn, Info, and Debug. When set to Error, only errors will be logged. When set to Warn, both warnings and errors will be logged. When set to Info, general information, warnings, and errors will all be logged. When set to Debug, detailed debugging information will be logged. When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. The current default value is `Info`.", + "nodeSelector": "nodeSelector defines the nodes on which the Pods are scheduled nodeSelector is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. The current default value is `kubernetes.io/os: linux`.", + "resources": "resources defines the compute resource requests and limits for the Alertmanager container. This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. When not specified, defaults are used by the platform. Requests cannot exceed limits. This field is optional. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ This is a simplified API that maps to Kubernetes ResourceRequirements. The current default values are:\n resources:\n - name: cpu\n request: 4m\n limit: null\n - name: memory\n request: 40Mi\n limit: null\nMaximum length for this list is 5. Minimum length for this list is 1. Each resource name must be unique within this list.", + "secrets": "secrets defines a list of secrets that need to be mounted into the Alertmanager. The secrets must reside within the same namespace as the Alertmanager object. They will be added as volumes named secret- and mounted at /etc/alertmanager/secrets/ within the 'alertmanager' container of the Alertmanager Pods.\n\nThese secrets can be used to authenticate Alertmanager with endpoint receivers. For example, you can use secrets to: - Provide certificates for TLS authentication with receivers that require private CA certificates - Store credentials for Basic HTTP authentication with receivers that require password-based auth - Store any other authentication credentials needed by your alert receivers\n\nThis field is optional. Maximum length for this list is 10. Minimum length for this list is 1. Entries in this list must be unique.", + "tolerations": "tolerations defines tolerations for the pods. tolerations is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. Defaults are empty/unset. Maximum length for this list is 10. Minimum length for this list is 1.", + "topologySpreadConstraints": "topologySpreadConstraints defines rules for how Alertmanager Pods should be distributed across topology domains such as zones, nodes, or other user-defined labels. topologySpreadConstraints is optional. This helps improve high availability and resource efficiency by avoiding placing too many replicas in the same failure domain.\n\nWhen omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. This field maps directly to the `topologySpreadConstraints` field in the Pod spec. Default is empty list. Maximum length for this list is 10. Minimum length for this list is 1. Entries must have unique topologyKey and whenUnsatisfiable pairs.", + "volumeClaimTemplate": "volumeClaimTemplate defines persistent storage for Alertmanager. Use this setting to configure the persistent volume claim, including storage class and volume size. If omitted, the Pod uses ephemeral storage and alert data will not persist across restarts.", } func (AlertmanagerCustomConfig) SwaggerDoc() map[string]string { @@ -152,6 +130,26 @@ func (Audit) SwaggerDoc() map[string]string { return map_Audit } +var map_AuthorizationConfig = map[string]string{ + "": "AuthorizationConfig defines the authentication method for Alertmanager connections.", + "type": "type specifies the authentication type to use. Valid value is \"BearerToken\" (bearer token authentication). When set to BearerToken, the bearerToken field must be specified.", + "bearerToken": "bearerToken defines the secret reference containing the bearer token. Required when type is \"BearerToken\", and forbidden otherwise. The secret must exist in the openshift-monitoring namespace.", +} + +func (AuthorizationConfig) SwaggerDoc() map[string]string { + return map_AuthorizationConfig +} + +var map_BasicAuth = map[string]string{ + "": "BasicAuth defines basic authentication settings for the remote write endpoint URL.", + "username": "username defines the secret reference containing the username for basic authentication. The secret must exist in the openshift-monitoring namespace.", + "password": "password defines the secret reference containing the password for basic authentication. The secret must exist in the openshift-monitoring namespace.", +} + +func (BasicAuth) SwaggerDoc() map[string]string { + return map_BasicAuth +} + var map_ClusterMonitoring = map[string]string{ "": "ClusterMonitoring is the Custom Resource object which holds the current status of Cluster Monitoring Operator. CMO is a central component of the monitoring stack.\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. ClusterMonitoring is the Schema for the Cluster Monitoring Operators API", "metadata": "metadata is the standard object metadata.", @@ -177,9 +175,16 @@ var map_ClusterMonitoringSpec = map[string]string{ "": "ClusterMonitoringSpec defines the desired state of Cluster Monitoring Operator", "userDefined": "userDefined set the deployment mode for user-defined monitoring in addition to the default platform monitoring. userDefined is optional. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default value is `Disabled`.", "alertmanagerConfig": "alertmanagerConfig allows users to configure how the default Alertmanager instance should be deployed in the `openshift-monitoring` namespace. alertmanagerConfig is optional. When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. The current default value is `DefaultConfig`.", + "prometheusConfig": "prometheusConfig provides configuration options for the default platform Prometheus instance that runs in the `openshift-monitoring` namespace. This configuration applies only to the platform Prometheus instance; user-workload Prometheus instances are configured separately.\n\nThis field allows you to customize how the platform Prometheus is deployed and operated, including:\n - Pod scheduling (node selectors, tolerations, topology spread constraints)\n - Resource allocation (CPU, memory requests/limits)\n - Retention policies (how long metrics are stored)\n - External integrations (remote write, additional alertmanagers)\n\nThis field is optional. When omitted, the platform chooses reasonable defaults, which may change over time.", "metricsServerConfig": "metricsServerConfig is an optional field that can be used to configure the Kubernetes Metrics Server that runs in the openshift-monitoring namespace. Specifically, it can configure how the Metrics Server instance is deployed, pod scheduling, its audit policy and log verbosity. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time.", "prometheusOperatorConfig": "prometheusOperatorConfig is an optional field that can be used to configure the Prometheus Operator component. Specifically, it can configure how the Prometheus Operator instance is deployed, pod scheduling, and resource allocation. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time.", "prometheusOperatorAdmissionWebhookConfig": "prometheusOperatorAdmissionWebhookConfig is an optional field that can be used to configure the admission webhook component of Prometheus Operator that runs in the openshift-monitoring namespace. The admission webhook validates PrometheusRule and AlertmanagerConfig objects to ensure they are semantically valid, mutates PrometheusRule annotations, and converts AlertmanagerConfig objects between API versions. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time.", + "openShiftStateMetricsConfig": "openShiftStateMetricsConfig is an optional field that can be used to configure the openshift-state-metrics agent that runs in the openshift-monitoring namespace. The openshift-state-metrics agent generates metrics about the state of OpenShift-specific Kubernetes objects, such as routes, builds, and deployments. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time.", + "telemeterClientConfig": "telemeterClientConfig is an optional field that can be used to configure the Telemeter Client component that runs in the openshift-monitoring namespace. The Telemeter Client collects selected monitoring metrics and forwards them to Red Hat for telemetry purposes. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. When set, at least one field must be specified within telemeterClientConfig.", + "thanosQuerierConfig": "thanosQuerierConfig is an optional field that can be used to configure the Thanos Querier component that runs in the openshift-monitoring namespace. The Thanos Querier provides a global query view by aggregating and deduplicating metrics from multiple Prometheus instances. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default deploys the Thanos Querier on linux nodes with 5m CPU and 12Mi memory requests, and no custom tolerations or topology spread constraints. When set, at least one field must be specified within thanosQuerierConfig.", + "nodeExporterConfig": "nodeExporterConfig is an optional field that can be used to configure the node-exporter agent that runs as a DaemonSet in the openshift-monitoring namespace. The node-exporter agent collects hardware and OS-level metrics from every node in the cluster. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time.", + "monitoringPluginConfig": "monitoringPluginConfig is an optional field that can be used to configure the monitoring plugin that runs as a dynamic plugin of the OpenShift web console. The monitoring plugin provides the monitoring UI in the OpenShift web console for visualizing metrics, alerts, and dashboards. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default deploys the monitoring-plugin as a single-replica Deployment on linux nodes with 10m CPU and 50Mi memory requests, and no custom tolerations or topology spread constraints. When set, at least one field must be specified within monitoringPluginConfig.", + "kubeStateMetricsConfig": "kubeStateMetricsConfig is an optional field that can be used to configure the kube-state-metrics agent that runs in the openshift-monitoring namespace. kube-state-metrics generates metrics about the state of Kubernetes objects such as Deployments, Nodes, and Pods. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time.", } func (ClusterMonitoringSpec) SwaggerDoc() map[string]string { @@ -197,7 +202,7 @@ func (ClusterMonitoringStatus) SwaggerDoc() map[string]string { var map_ContainerResource = map[string]string{ "": "ContainerResource defines a single resource requirement for a container.", "name": "name of the resource (e.g. \"cpu\", \"memory\", \"hugepages-2Mi\"). This field is required. name must consist only of alphanumeric characters, `-`, `_` and `.` and must start and end with an alphanumeric character.", - "request": "request is the minimum amount of the resource required (e.g. \"2Mi\", \"1Gi\"). This field is optional. When limit is specified, request cannot be greater than limit.", + "request": "request is the minimum amount of the resource required (e.g. \"2Mi\", \"1Gi\"). This field is optional. When limit is specified, request cannot be greater than limit. The value must be greater than 0 when specified.", "limit": "limit is the maximum amount of the resource allowed (e.g. \"2Mi\", \"1Gi\"). This field is optional. When request is specified, limit cannot be less than request. The value must be greater than 0 when specified.", } @@ -205,13 +210,111 @@ func (ContainerResource) SwaggerDoc() map[string]string { return map_ContainerResource } +var map_DropEqualActionConfig = map[string]string{ + "": "DropEqualActionConfig configures the DropEqual action. Drops targets for which the concatenated source_labels do match the value of target_label. Requires Prometheus >= v2.41.0.", + "targetLabel": "targetLabel is the label name whose value is compared to the concatenated source_labels; targets that match are dropped. Must be between 1 and 128 characters in length.", +} + +func (DropEqualActionConfig) SwaggerDoc() map[string]string { + return map_DropEqualActionConfig +} + +var map_HashModActionConfig = map[string]string{ + "": "HashModActionConfig configures the HashMod action. target_label is set to the modulus of a hash of the concatenated source_labels (target = hash % modulus).", + "targetLabel": "targetLabel is the label name where the hash modulus result is written. Must be between 1 and 128 characters in length.", + "modulus": "modulus is the divisor applied to the hash of the concatenated source label values (target = hash % modulus). Required when using the HashMod action so the intended behavior is explicit. Must be between 1 and 1000000.", +} + +func (HashModActionConfig) SwaggerDoc() map[string]string { + return map_HashModActionConfig +} + +var map_KeepEqualActionConfig = map[string]string{ + "": "KeepEqualActionConfig configures the KeepEqual action. Drops targets for which the concatenated source_labels do not match the value of target_label. Requires Prometheus >= v2.41.0.", + "targetLabel": "targetLabel is the label name whose value is compared to the concatenated source_labels; targets that do not match are dropped. Must be between 1 and 128 characters in length.", +} + +func (KeepEqualActionConfig) SwaggerDoc() map[string]string { + return map_KeepEqualActionConfig +} + +var map_KubeStateMetricsConfig = map[string]string{ + "": "KubeStateMetricsConfig provides configuration options for the kube-state-metrics agent that runs in the `openshift-monitoring` namespace. kube-state-metrics generates metrics about the state of Kubernetes objects such as Deployments, Nodes, and Pods.", + "nodeSelector": "nodeSelector defines the nodes on which the Pods are scheduled. nodeSelector is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. The current default value is `kubernetes.io/os: linux`. When specified, nodeSelector must contain at least 1 entry and must not contain more than 10 entries.", + "resources": "resources defines the compute resource requests and limits for the kube-state-metrics container. This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. When not specified, defaults are used by the platform. Requests cannot exceed limits. This field is optional. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ This is a simplified API that maps to Kubernetes ResourceRequirements. The current default values are:\n resources:\n - name: cpu\n request: 4m\n limit: null\n - name: memory\n request: 40Mi\n limit: null\nMaximum length for this list is 5. Minimum length for this list is 1. Each resource name must be unique within this list.", + "tolerations": "tolerations defines tolerations for the pods. tolerations is optional.\n\nWhen omitted, no tolerations are applied. This default is subject to change over time. When specified, tolerations must contain at least 1 entry and must not contain more than 10 entries. Each toleration's operator, when specified, must be either \"Exists\" or \"Equal\". Each toleration's effect, when specified, must be one of \"NoSchedule\", \"PreferNoSchedule\", or \"NoExecute\". An empty or unset effect means match all effects.", + "topologySpreadConstraints": "topologySpreadConstraints defines rules for how kube-state-metrics Pods should be distributed across topology domains such as zones, nodes, or other user-defined labels. topologySpreadConstraints is optional. This helps improve high availability and resource efficiency by avoiding placing too many replicas in the same failure domain.\n\nThis field maps directly to the `topologySpreadConstraints` field in the Pod spec. When omitted, no topology spread constraints are applied. This default is subject to change over time. When specified, topologySpreadConstraints must contain at least 1 entry and must not contain more than 10 entries. Entries must have unique topologyKey and whenUnsatisfiable pairs. Each entry's whenUnsatisfiable must be either \"DoNotSchedule\" or \"ScheduleAnyway\". Each entry's maxSkew must be at least 1. When minDomains is specified, it must be at least 1 and whenUnsatisfiable must be \"DoNotSchedule\".", + "additionalResourceLabels": "additionalResourceLabels defines additional Kubernetes resource labels to expose as metrics in kube-state-metrics. Currently, only \"Job\" and \"CronJob\" resources are supported due to cardinality concerns. Each entry specifies a resource name and a list of Kubernetes label names to expose. Use \"*\" in the labels list to expose all labels for a given resource. additionalResourceLabels is optional. When omitted, no additional Kubernetes object labels are exposed as metrics by kube-state-metrics beyond its built-in metric labels (e.g. namespace, job_name). Use this field to opt in to exposing specific Kubernetes labels as metric labels for the supported resource types. Minimum length for this list is 1. Maximum length for this list is 2. Each resource name must be unique within this list.", +} + +func (KubeStateMetricsConfig) SwaggerDoc() map[string]string { + return map_KubeStateMetricsConfig +} + +var map_KubeStateMetricsResourceLabels = map[string]string{ + "": "KubeStateMetricsResourceLabels defines which Kubernetes labels to expose as metrics for a given resource type in kube-state-metrics.", + "resource": "resource is the Kubernetes resource name whose labels should be exposed as metrics. Currently, only \"Job\" and \"CronJob\" are supported due to cardinality concerns. Valid values are \"Job\" and \"CronJob\". This field is required.", + "labels": "labels is the list of Kubernetes label names to expose as metrics for this resource. Use \"*\" to expose all labels for the specified resource. When \"*\" is specified, it must be the only entry in the list; mixing \"*\" with specific label names is not allowed. This field is required. Each label name must be unique within this list. Minimum length for this list is 1. Maximum length for this list is 50.", +} + +func (KubeStateMetricsResourceLabels) SwaggerDoc() map[string]string { + return map_KubeStateMetricsResourceLabels +} + +var map_Label = map[string]string{ + "": "Label represents a key/value pair for external labels.", + "key": "key is the name of the label. Prometheus supports UTF-8 label names, so any valid UTF-8 string is allowed. Must be between 1 and 128 characters in length.", + "value": "value is the value of the label. Must be between 1 and 128 characters in length.", +} + +func (Label) SwaggerDoc() map[string]string { + return map_Label +} + +var map_LabelMapActionConfig = map[string]string{ + "": "LabelMapActionConfig configures the LabelMap action. Regex is matched against all source label names (not just source_labels). Matching label values are copied to new label names given by replacement, with match group references (${1}, ${2}, ...) substituted.", + "replacement": "replacement is the template for new label names; match group references (${1}, ${2}, ...) are substituted from the matched label name. Required when using the LabelMap action so the intended behavior is explicit and the platform does not need to apply defaults. Use \"$1\" for the first capture group, \"$2\" for the second, etc. Must be between 1 and 255 characters in length. Empty string is invalid as it would produce invalid label names.", +} + +func (LabelMapActionConfig) SwaggerDoc() map[string]string { + return map_LabelMapActionConfig +} + +var map_LowercaseActionConfig = map[string]string{ + "": "LowercaseActionConfig configures the Lowercase action. Maps the concatenated source_labels to their lower case and writes to target_label. Requires Prometheus >= v2.36.0.", + "targetLabel": "targetLabel is the label name where the lower-cased value is written. Must be between 1 and 128 characters in length.", +} + +func (LowercaseActionConfig) SwaggerDoc() map[string]string { + return map_LowercaseActionConfig +} + +var map_MetadataConfig = map[string]string{ + "": "MetadataConfig defines whether and how to send series metadata to remote write storage.", + "sendPolicy": "sendPolicy specifies whether to send metadata and how it is configured. Default: send metadata using platform-chosen defaults (e.g. send interval 30 seconds). Custom: send metadata using the settings in the custom field.", + "custom": "custom defines custom metadata send settings. Required when sendPolicy is Custom (must have at least one property), and forbidden when sendPolicy is Default.", +} + +func (MetadataConfig) SwaggerDoc() map[string]string { + return map_MetadataConfig +} + +var map_MetadataConfigCustom = map[string]string{ + "": "MetadataConfigCustom defines custom settings for sending series metadata when sendPolicy is Custom. At least one property must be set when sendPolicy is Custom (e.g. sendIntervalSeconds).", + "sendIntervalSeconds": "sendIntervalSeconds is the interval in seconds at which metadata is sent. When omitted, the platform chooses a reasonable default (e.g. 30 seconds). Minimum value is 1 second. Maximum value is 86400 seconds (24 hours).", +} + +func (MetadataConfigCustom) SwaggerDoc() map[string]string { + return map_MetadataConfigCustom +} + var map_MetricsServerConfig = map[string]string{ "": "MetricsServerConfig provides configuration options for the Metrics Server instance that runs in the `openshift-monitoring` namespace. Use this configuration to control how the Metrics Server instance is deployed, how it logs, and how its pods are scheduled.", "audit": "audit defines the audit configuration used by the Metrics Server instance. audit is optional. When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. The current default sets audit.profile to Metadata", "nodeSelector": "nodeSelector defines the nodes on which the Pods are scheduled nodeSelector is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. The current default value is `kubernetes.io/os: linux`.", "tolerations": "tolerations defines tolerations for the pods. tolerations is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. Defaults are empty/unset. Maximum length for this list is 10. Minimum length for this list is 1.", "verbosity": "verbosity defines the verbosity of log messages for Metrics Server. Valid values are Errors, Info, Trace, TraceAll and omitted. When set to Errors, only critical messages and errors are logged. When set to Info, only basic information messages are logged. When set to Trace, information useful for general debugging is logged. When set to TraceAll, detailed information about metric scraping is logged. When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. The current default value is `Errors`", - "resources": "resources defines the compute resource requests and limits for the Metrics Server container. This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. When not specified, defaults are used by the platform. Requests cannot exceed limits. This field is optional. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ This is a simplified API that maps to Kubernetes ResourceRequirements. The current default values are:\n resources:\n - name: cpu\n request: 4m\n limit: null\n - name: memory\n request: 40Mi\n limit: null\nMaximum length for this list is 10. Minimum length for this list is 1. Each resource name must be unique within this list.", + "resources": "resources defines the compute resource requests and limits for the Metrics Server container. This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. When not specified, defaults are used by the platform. Requests cannot exceed limits. This field is optional. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ This is a simplified API that maps to Kubernetes ResourceRequirements. The current default values are:\n resources:\n - name: cpu\n request: 4m\n limit: null\n - name: memory\n request: 40Mi\n limit: null\nMaximum length for this list is 5. Minimum length for this list is 1. Each resource name must be unique within this list.", "topologySpreadConstraints": "topologySpreadConstraints defines rules for how Metrics Server Pods should be distributed across topology domains such as zones, nodes, or other user-defined labels. topologySpreadConstraints is optional. This helps improve high availability and resource efficiency by avoiding placing too many replicas in the same failure domain.\n\nWhen omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. This field maps directly to the `topologySpreadConstraints` field in the Pod spec. Default is empty list. Maximum length for this list is 10. Minimum length for this list is 1. Entries must have unique topologyKey and whenUnsatisfiable pairs.", } @@ -219,9 +322,227 @@ func (MetricsServerConfig) SwaggerDoc() map[string]string { return map_MetricsServerConfig } +var map_MonitoringPluginConfig = map[string]string{ + "": "MonitoringPluginConfig provides configuration options for the monitoring plugin that runs as a dynamic plugin of the OpenShift web console. The monitoring plugin provides the monitoring UI in the OpenShift web console for visualizing metrics, alerts, and dashboards. At least one field must be specified; an empty monitoringPluginConfig object is not allowed.", + "nodeSelector": "nodeSelector defines the nodes on which the Pods are scheduled. nodeSelector is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. The current default value is `kubernetes.io/os: linux`. When specified, nodeSelector must contain at least 1 entry and must not contain more than 10 entries.", + "resources": "resources defines the compute resource requests and limits for the monitoring-plugin container. This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. When not specified, defaults are used by the platform. Requests cannot exceed limits. This field is optional. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ This is a simplified API that maps to Kubernetes ResourceRequirements. The current default values are:\n resources:\n - name: cpu\n request: 10m\n - name: memory\n request: 50Mi\n\nWhen specified, resources must contain at least 1 entry and must not exceed 5 entries.", + "tolerations": "tolerations defines the tolerations required for the monitoring-plugin Pods. This field is optional.\n\nWhen omitted, the monitoring-plugin Pods will not have any tolerations, which means they will only be scheduled on nodes with no taints. When specified, tolerations must contain at least 1 entry and must not contain more than 10 entries.", + "topologySpreadConstraints": "topologySpreadConstraints defines rules for how monitoring-plugin Pods should be distributed across topology domains such as zones, nodes, or other user-defined labels. topologySpreadConstraints is optional. This helps improve high availability and resource efficiency by avoiding placing too many replicas in the same failure domain.\n\nWhen omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. This field maps directly to the `topologySpreadConstraints` field in the Pod spec. Default is empty list. When specified, this list must contain at least 1 entry and must not exceed 10 entries.", +} + +func (MonitoringPluginConfig) SwaggerDoc() map[string]string { + return map_MonitoringPluginConfig +} + +var map_NodeExporterCollectorBuddyInfoConfig = map[string]string{ + "": "NodeExporterCollectorBuddyInfoConfig provides configuration for the buddyinfo collector of the node-exporter agent. The buddyinfo collector collects statistics about memory fragmentation from the node_buddyinfo_blocks metric using data from /proc/buddyinfo. It is disabled by default.", + "collectionPolicy": "collectionPolicy declares whether the buddyinfo collector collects metrics. This field is required. Valid values are \"Collect\" and \"DoNotCollect\". When set to \"Collect\", the buddyinfo collector is active and memory fragmentation statistics are collected. When set to \"DoNotCollect\", the buddyinfo collector is inactive.", +} + +func (NodeExporterCollectorBuddyInfoConfig) SwaggerDoc() map[string]string { + return map_NodeExporterCollectorBuddyInfoConfig +} + +var map_NodeExporterCollectorConfig = map[string]string{ + "": "NodeExporterCollectorConfig defines settings for individual collectors of the node-exporter agent. Each collector can be individually set to collect or not collect metrics. At least one collector must be specified.", + "cpuFreq": "cpuFreq configures the cpufreq collector, which collects CPU frequency statistics. cpuFreq is optional. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default is disabled. Consider enabling when you need to observe CPU frequency scaling; expect higher CPU usage on many-core nodes when collectionPolicy is Collect.", + "tcpStat": "tcpStat configures the tcpstat collector, which collects TCP connection statistics. tcpStat is optional. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default is disabled. Enable when debugging TCP connection behavior or capacity at the node level.", + "ethtool": "ethtool configures the ethtool collector, which collects ethernet device statistics. ethtool is optional. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default is disabled. Enable when you need NIC driver-level ethtool metrics beyond generic netdev counters.", + "netDev": "netDev configures the netdev collector, which collects network device statistics. netDev is optional. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default is enabled. Turn off if you must reduce per-interface metric cardinality on hosts with many virtual interfaces.", + "netClass": "netClass configures the netclass collector, which collects information about network devices. netClass is optional. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default is enabled with netlink mode active. Use statsGatherer when sysfs vs netlink implementation matters or when matching node_exporter tuning.", + "buddyInfo": "buddyInfo configures the buddyinfo collector, which collects statistics about memory fragmentation from the node_buddyinfo_blocks metric. This metric collects data from /proc/buddyinfo. buddyInfo is optional. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default is disabled. Enable when investigating kernel memory fragmentation; typically for advanced troubleshooting only.", + "mountStats": "mountStats configures the mountstats collector, which collects statistics about NFS volume I/O activities. mountStats is optional. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default is disabled. Enabling this collector may produce metrics with high cardinality. If you enable this collector, closely monitor the prometheus-k8s deployment for excessive memory usage. Enable when you care about per-mount NFS client statistics.", + "ksmd": "ksmd configures the ksmd collector, which collects statistics from the kernel same-page merger daemon. ksmd is optional. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default is disabled. Enable on nodes where KSM is in use and you want visibility into merging activity.", + "processes": "processes configures the processes collector, which collects statistics from processes and threads running in the system. processes is optional. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default is disabled. Enable for process/thread-level insight; can be expensive on busy nodes.", + "systemd": "systemd configures the systemd collector, which collects statistics on the systemd daemon and its managed services. systemd is optional. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default is disabled. Enabling this collector with a long list of selected units may produce metrics with high cardinality. If you enable this collector, closely monitor the prometheus-k8s deployment for excessive memory usage. Enable when you need metrics for specific units; scope units carefully.", + "softirqs": "softirqs configures the softirqs collector, which exposes detailed softirq statistics from /proc/softirqs. softirqs is optional. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default is disabled. Enable when you need visibility into kernel softirq processing across CPUs.", +} + +func (NodeExporterCollectorConfig) SwaggerDoc() map[string]string { + return map_NodeExporterCollectorConfig +} + +var map_NodeExporterCollectorCpufreqConfig = map[string]string{ + "": "NodeExporterCollectorCpufreqConfig provides configuration for the cpufreq collector of the node-exporter agent. The cpufreq collector collects CPU frequency statistics. It is disabled by default.", + "collectionPolicy": "collectionPolicy declares whether the cpufreq collector collects metrics. This field is required. Valid values are \"Collect\" and \"DoNotCollect\". When set to \"Collect\", the cpufreq collector is active and CPU frequency statistics are collected. When set to \"DoNotCollect\", the cpufreq collector is inactive.", +} + +func (NodeExporterCollectorCpufreqConfig) SwaggerDoc() map[string]string { + return map_NodeExporterCollectorCpufreqConfig +} + +var map_NodeExporterCollectorEthtoolConfig = map[string]string{ + "": "NodeExporterCollectorEthtoolConfig provides configuration for the ethtool collector of the node-exporter agent. The ethtool collector collects ethernet device statistics. It is disabled by default.", + "collectionPolicy": "collectionPolicy declares whether the ethtool collector collects metrics. This field is required. Valid values are \"Collect\" and \"DoNotCollect\". When set to \"Collect\", the ethtool collector is active and ethernet device statistics are collected. When set to \"DoNotCollect\", the ethtool collector is inactive.", +} + +func (NodeExporterCollectorEthtoolConfig) SwaggerDoc() map[string]string { + return map_NodeExporterCollectorEthtoolConfig +} + +var map_NodeExporterCollectorKSMDConfig = map[string]string{ + "": "NodeExporterCollectorKSMDConfig provides configuration for the ksmd collector of the node-exporter agent. The ksmd collector collects statistics from the kernel same-page merger daemon. It is disabled by default.", + "collectionPolicy": "collectionPolicy declares whether the ksmd collector collects metrics. This field is required. Valid values are \"Collect\" and \"DoNotCollect\". When set to \"Collect\", the ksmd collector is active and kernel same-page merger statistics are collected. When set to \"DoNotCollect\", the ksmd collector is inactive.", +} + +func (NodeExporterCollectorKSMDConfig) SwaggerDoc() map[string]string { + return map_NodeExporterCollectorKSMDConfig +} + +var map_NodeExporterCollectorMountStatsConfig = map[string]string{ + "": "NodeExporterCollectorMountStatsConfig provides configuration for the mountstats collector of the node-exporter agent. The mountstats collector collects statistics about NFS volume I/O activities. It is disabled by default. Enabling this collector may produce metrics with high cardinality. If you enable this collector, closely monitor the prometheus-k8s deployment for excessive memory usage.", + "collectionPolicy": "collectionPolicy declares whether the mountstats collector collects metrics. This field is required. Valid values are \"Collect\" and \"DoNotCollect\". When set to \"Collect\", the mountstats collector is active and NFS volume I/O statistics are collected. When set to \"DoNotCollect\", the mountstats collector is inactive.", +} + +func (NodeExporterCollectorMountStatsConfig) SwaggerDoc() map[string]string { + return map_NodeExporterCollectorMountStatsConfig +} + +var map_NodeExporterCollectorNetClassCollectConfig = map[string]string{ + "": "NodeExporterCollectorNetClassCollectConfig holds configuration options for the netclass collector when it is actively collecting metrics. At least one field must be specified.", + "statsGatherer": "statsGatherer selects which implementation the netclass collector uses to gather statistics (sysfs or netlink). statsGatherer is optional. Valid values are \"Sysfs\" and \"Netlink\". When set to \"Netlink\", the netlink implementation is used; when set to \"Sysfs\", the sysfs implementation is used. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default is Netlink.", +} + +func (NodeExporterCollectorNetClassCollectConfig) SwaggerDoc() map[string]string { + return map_NodeExporterCollectorNetClassCollectConfig +} + +var map_NodeExporterCollectorNetClassConfig = map[string]string{ + "": "NodeExporterCollectorNetClassConfig provides configuration for the netclass collector of the node-exporter agent. The netclass collector collects information about network devices such as network speed, MTU, and carrier status. It is enabled by default. When collectionPolicy is DoNotCollect, the collect field must not be set.", + "collectionPolicy": "collectionPolicy declares whether the netclass collector collects metrics. This field is required. Valid values are \"Collect\" and \"DoNotCollect\". When set to \"Collect\", the netclass collector is active and network class information is collected. When set to \"DoNotCollect\", the netclass collector is inactive and the corresponding metrics become unavailable. When set to \"DoNotCollect\", the collect field must not be set.", + "collect": "collect contains configuration options that apply only when the netclass collector is actively collecting metrics (i.e. when collectionPolicy is Collect). collect is optional and may be omitted even when collectionPolicy is Collect. collect may only be set when collectionPolicy is Collect. When set, at least one field must be specified within collect.", +} + +func (NodeExporterCollectorNetClassConfig) SwaggerDoc() map[string]string { + return map_NodeExporterCollectorNetClassConfig +} + +var map_NodeExporterCollectorNetDevConfig = map[string]string{ + "": "NodeExporterCollectorNetDevConfig provides configuration for the netdev collector of the node-exporter agent. The netdev collector collects network device statistics such as bytes, packets, errors, and drops per device. It is enabled by default.", + "collectionPolicy": "collectionPolicy declares whether the netdev collector collects metrics. This field is required. Valid values are \"Collect\" and \"DoNotCollect\". When set to \"Collect\", the netdev collector is active and network device statistics are collected. When set to \"DoNotCollect\", the netdev collector is inactive and the corresponding metrics become unavailable.", +} + +func (NodeExporterCollectorNetDevConfig) SwaggerDoc() map[string]string { + return map_NodeExporterCollectorNetDevConfig +} + +var map_NodeExporterCollectorProcessesConfig = map[string]string{ + "": "NodeExporterCollectorProcessesConfig provides configuration for the processes collector of the node-exporter agent. The processes collector collects statistics from processes and threads running in the system. It is disabled by default.", + "collectionPolicy": "collectionPolicy declares whether the processes collector collects metrics. This field is required. Valid values are \"Collect\" and \"DoNotCollect\". When set to \"Collect\", the processes collector is active and process/thread statistics are collected. When set to \"DoNotCollect\", the processes collector is inactive.", +} + +func (NodeExporterCollectorProcessesConfig) SwaggerDoc() map[string]string { + return map_NodeExporterCollectorProcessesConfig +} + +var map_NodeExporterCollectorSoftirqsConfig = map[string]string{ + "": "NodeExporterCollectorSoftirqsConfig provides configuration for the softirqs collector of the node-exporter agent. The softirqs collector exposes detailed softirq statistics from /proc/softirqs. It is disabled by default.", + "collectionPolicy": "collectionPolicy declares whether the softirqs collector collects metrics. This field is required. Valid values are \"Collect\" and \"DoNotCollect\". When set to \"Collect\", the softirqs collector is active and softirq statistics are collected. When set to \"DoNotCollect\", the softirqs collector is inactive.", +} + +func (NodeExporterCollectorSoftirqsConfig) SwaggerDoc() map[string]string { + return map_NodeExporterCollectorSoftirqsConfig +} + +var map_NodeExporterCollectorSystemdCollectConfig = map[string]string{ + "": "NodeExporterCollectorSystemdCollectConfig holds configuration options for the systemd collector when it is actively collecting metrics. At least one field must be specified.", + "units": "units is a list of regular expression patterns that match systemd units to be included by the systemd collector. units is optional. By default, the list is empty, so the collector exposes no metrics for systemd units. Each entry is a regular expression pattern and must be at least 1 character and at most 1024 characters. Maximum length for this list is 50. Minimum length for this list is 1. Entries in this list must be unique.", +} + +func (NodeExporterCollectorSystemdCollectConfig) SwaggerDoc() map[string]string { + return map_NodeExporterCollectorSystemdCollectConfig +} + +var map_NodeExporterCollectorSystemdConfig = map[string]string{ + "": "NodeExporterCollectorSystemdConfig provides configuration for the systemd collector of the node-exporter agent. The systemd collector collects statistics on the systemd daemon and its managed services. It is disabled by default. Enabling this collector with a long list of selected units may produce metrics with high cardinality. If you enable this collector, closely monitor the prometheus-k8s deployment for excessive memory usage. When collectionPolicy is DoNotCollect, the collect field must not be set.", + "collectionPolicy": "collectionPolicy declares whether the systemd collector collects metrics. This field is required. Valid values are \"Collect\" and \"DoNotCollect\". When set to \"Collect\", the systemd collector is active and systemd unit statistics are collected. When set to \"DoNotCollect\", the systemd collector is inactive and the collect field must not be set.", + "collect": "collect contains configuration options that apply only when the systemd collector is actively collecting metrics (i.e. when collectionPolicy is Collect). collect is optional and may be omitted even when collectionPolicy is Collect. collect may only be set when collectionPolicy is Collect. When set, at least one field must be specified within collect.", +} + +func (NodeExporterCollectorSystemdConfig) SwaggerDoc() map[string]string { + return map_NodeExporterCollectorSystemdConfig +} + +var map_NodeExporterCollectorTcpStatConfig = map[string]string{ + "": "NodeExporterCollectorTcpStatConfig provides configuration for the tcpstat collector of the node-exporter agent. The tcpstat collector collects TCP connection statistics. It is disabled by default.", + "collectionPolicy": "collectionPolicy declares whether the tcpstat collector collects metrics. This field is required. Valid values are \"Collect\" and \"DoNotCollect\". When set to \"Collect\", the tcpstat collector is active and TCP connection statistics are collected. When set to \"DoNotCollect\", the tcpstat collector is inactive.", +} + +func (NodeExporterCollectorTcpStatConfig) SwaggerDoc() map[string]string { + return map_NodeExporterCollectorTcpStatConfig +} + +var map_NodeExporterConfig = map[string]string{ + "": "NodeExporterConfig provides configuration options for the node-exporter agent that runs as a DaemonSet in the `openshift-monitoring` namespace. The node-exporter agent collects hardware and OS-level metrics from every node in the cluster, including CPU, memory, disk, and network statistics. At least one field must be specified.", + "resources": "resources defines the compute resource requests and limits for the node-exporter container. This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. When not specified, defaults are used by the platform. Requests cannot exceed limits. This field is optional. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ This is a simplified API that maps to Kubernetes ResourceRequirements. The current default values are:\n resources:\n - name: cpu\n request: 8m\n limit: null\n - name: memory\n request: 32Mi\n limit: null", + "collectors": "collectors configures which node-exporter metric collectors are enabled. collectors is optional. Each collector can be individually enabled or disabled. Some collectors may have additional configuration options.\n\nWhen omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time.", + "maxProcs": "maxProcs sets the target number of CPUs on which the node-exporter process will run. maxProcs is optional. Use this setting to override the default value, which is set either to 4 or to the number of CPUs on the host, whichever is smaller. The default value is computed at runtime and set via the GOMAXPROCS environment variable before node-exporter is launched. If a kernel deadlock occurs or if performance degrades when reading from sysfs concurrently, you can change this value to 1, which limits node-exporter to running on one CPU. For nodes with a high CPU count, setting the limit to a low number saves resources by preventing Go routines from being scheduled to run on all CPUs. However, I/O performance degrades if the maxProcs value is set too low and there are many metrics to collect. The minimum value is 1 and the maximum value is 1024. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default is min(4, number of host CPUs).", + "ignoredNetworkDevices": "ignoredNetworkDevices is a list of regular expression patterns that match network devices to be excluded from the relevant collector configuration such as netdev, netclass, and ethtool. ignoredNetworkDevices is optional.\n\nWhen omitted, the Cluster Monitoring Operator uses a predefined list of devices to be excluded to minimize the impact on memory usage. When set as an empty list, no devices are excluded. If you modify this setting, monitor the prometheus-k8s deployment closely for excessive memory usage. Maximum length for this list is 50. Each entry must be at least 1 character and at most 1024 characters long.", +} + +func (NodeExporterConfig) SwaggerDoc() map[string]string { + return map_NodeExporterConfig +} + +var map_OAuth2 = map[string]string{ + "": "OAuth2 defines OAuth2 authentication settings for the remote write endpoint.", + "clientId": "clientId defines the secret reference containing the OAuth2 client ID. The secret must exist in the openshift-monitoring namespace.", + "clientSecret": "clientSecret defines the secret reference containing the OAuth2 client secret. The secret must exist in the openshift-monitoring namespace.", + "tokenUrl": "tokenUrl is the URL to fetch the token from. Must be a valid URL with http or https scheme. Must be between 1 and 2048 characters in length.", + "scopes": "scopes is a list of OAuth2 scopes to request. When omitted, no scopes are requested. Maximum of 20 scopes can be specified. Each scope must be between 1 and 256 characters.", + "endpointParams": "endpointParams defines additional parameters to append to the token URL. When omitted, no additional parameters are sent. Maximum of 20 parameters can be specified. Entries must have unique names (name is the list key).", +} + +func (OAuth2) SwaggerDoc() map[string]string { + return map_OAuth2 +} + +var map_OAuth2EndpointParam = map[string]string{ + "": "OAuth2EndpointParam defines a name/value parameter for the OAuth2 token URL.", + "name": "name is the parameter name. Must be between 1 and 256 characters.", + "value": "value is the optional parameter value. When omitted, the query parameter is applied as ?name (no value). When set (including to the empty string), it is applied as ?name=value. Empty string may be used when the external system expects a parameter with an empty value (e.g. ?parameter=\"\"). Must be between 0 and 2048 characters when present (aligned with common URL length recommendations).", +} + +func (OAuth2EndpointParam) SwaggerDoc() map[string]string { + return map_OAuth2EndpointParam +} + +var map_OpenShiftStateMetricsConfig = map[string]string{ + "": "OpenShiftStateMetricsConfig provides configuration options for the openshift-state-metrics agent that runs in the `openshift-monitoring` namespace. The openshift-state-metrics agent generates metrics about the state of OpenShift-specific Kubernetes objects, such as routes, builds, and deployments.", + "nodeSelector": "nodeSelector defines the nodes on which the Pods are scheduled. nodeSelector is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. The current default value is `kubernetes.io/os: linux`. When specified, nodeSelector must contain at least 1 entry and must not contain more than 10 entries.", + "resources": "resources defines the compute resource requests and limits for the openshift-state-metrics container. This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. When not specified, defaults are used by the platform. Requests cannot exceed limits. This field is optional. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ This is a simplified API that maps to Kubernetes ResourceRequirements. The current default values are:\n resources:\n - name: cpu\n request: 1m\n limit: null\n - name: memory\n request: 32Mi\n limit: null\nMaximum length for this list is 5. Minimum length for this list is 1. Each resource name must be unique within this list.", + "tolerations": "tolerations defines tolerations for the pods. tolerations is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. Defaults are empty/unset. Maximum length for this list is 10. Minimum length for this list is 1.", + "topologySpreadConstraints": "topologySpreadConstraints defines rules for how openshift-state-metrics Pods should be distributed across topology domains such as zones, nodes, or other user-defined labels. topologySpreadConstraints is optional. This helps improve high availability and resource efficiency by avoiding placing too many replicas in the same failure domain.\n\nWhen omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. This field maps directly to the `topologySpreadConstraints` field in the Pod spec. Default is empty list. Maximum length for this list is 10. Minimum length for this list is 1. Entries must have unique topologyKey and whenUnsatisfiable pairs.", +} + +func (OpenShiftStateMetricsConfig) SwaggerDoc() map[string]string { + return map_OpenShiftStateMetricsConfig +} + +var map_PrometheusConfig = map[string]string{ + "": "PrometheusConfig provides configuration options for the Prometheus instance. Use this configuration to control Prometheus deployment, pod scheduling, resource allocation, retention policies, and external integrations.", + "additionalAlertmanagerConfigs": "additionalAlertmanagerConfigs configures additional Alertmanager instances that receive alerts from the Prometheus component. This is useful for organizations that need to:\n - Send alerts to external monitoring systems (like PagerDuty, Slack, or custom webhooks)\n - Route different types of alerts to different teams or systems\n - Integrate with existing enterprise alerting infrastructure\n - Maintain separate alert routing for compliance or organizational requirements\nWhen omitted, no additional Alertmanager instances are configured (default behavior). When provided, at least one configuration must be specified (minimum 1, maximum 10 items). Entries must have unique names (name is the list key).", + "enforcedBodySizeLimitBytes": "enforcedBodySizeLimitBytes enforces a body size limit (in bytes) for Prometheus scraped metrics. If a scraped target's body response is larger than the limit, the scrape will fail. This helps protect Prometheus from targets that return excessively large responses. The value is specified in bytes (e.g., 4194304 for 4MB, 1073741824 for 1GB). When omitted, the Cluster Monitoring Operator automatically calculates an appropriate limit based on cluster capacity. Set an explicit value to override the automatic calculation. Minimum value is 10240 (10kB). Maximum value is 1073741824 (1GB).", + "externalLabels": "externalLabels defines labels to be attached to time series and alerts when communicating with external systems such as federation, remote storage, and Alertmanager. These labels are not stored with metrics on disk; they are only added when data leaves Prometheus (e.g., during federation queries, remote write, or alert notifications). At least 1 label must be specified when set, with a maximum of 50 labels allowed. Each label key must be unique within this list. When omitted, no external labels are applied.", + "logLevel": "logLevel defines the verbosity of logs emitted by Prometheus. This field allows users to control the amount and severity of logs generated, which can be useful for debugging issues or reducing noise in production environments. Allowed values are Error, Warn, Info, and Debug. When set to Error, only errors will be logged. When set to Warn, both warnings and errors will be logged. When set to Info, general information, warnings, and errors will all be logged. When set to Debug, detailed debugging information will be logged. When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. The current default value is `Info`.", + "nodeSelector": "nodeSelector defines the nodes on which the Pods are scheduled. nodeSelector is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. The current default value is `kubernetes.io/os: linux`. When specified, nodeSelector must contain at least one key-value pair (minimum of 1) and must not contain more than 10 entries.", + "queryLogFile": "queryLogFile specifies the file to which PromQL queries are logged. This setting can be either a filename, in which case the queries are saved to an `emptyDir` volume at `/var/log/prometheus`, or a full path to a location where an `emptyDir` volume will be mounted and the queries saved. Writing to `/dev/stderr`, `/dev/stdout` or `/dev/null` is supported, but writing to any other `/dev/` path is not supported. Relative paths are also not supported. By default, PromQL queries are not logged. Must be an absolute path starting with `/` or a simple filename without path separators. Must not contain consecutive slashes, end with a slash, or include '..' path traversal. Must contain only alphanumeric characters, '.', '_', '-', or '/'. Must be between 1 and 255 characters in length.", + "remoteWrite": "remoteWrite defines the remote write configuration, including URL, authentication, and relabeling settings. Remote write allows Prometheus to send metrics it collects to external long-term storage systems. When omitted, no remote write endpoints are configured. When provided, at least one configuration must be specified (minimum 1, maximum 10 items). Entries must have unique names (name is the list key).", + "resources": "resources defines the compute resource requests and limits for the Prometheus container. This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. When not specified, defaults are used by the platform. Requests cannot exceed limits. This field is optional. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ This is a simplified API that maps to Kubernetes ResourceRequirements. The current default values are:\n resources:\n - name: cpu\n request: 4m\n limit: null\n - name: memory\n request: 40Mi\n limit: null\nMaximum length for this list is 5. Minimum length for this list is 1. Each resource name must be unique within this list.", + "retention": "retention configures how long Prometheus retains metrics data and how much storage it can use. When omitted, the platform chooses reasonable defaults (currently 15d retention, no size limit).", + "tolerations": "tolerations defines tolerations for the pods. tolerations is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. Defaults are empty/unset. Maximum length for this list is 10 Minimum length for this list is 1", + "topologySpreadConstraints": "topologySpreadConstraints defines rules for how Prometheus Pods should be distributed across topology domains such as zones, nodes, or other user-defined labels. topologySpreadConstraints is optional. This helps improve high availability and resource efficiency by avoiding placing too many replicas in the same failure domain.\n\nWhen omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. This field maps directly to the `topologySpreadConstraints` field in the Pod spec. Default is empty list. Maximum length for this list is 10. Minimum length for this list is 1 Entries must have unique topologyKey and whenUnsatisfiable pairs.", + "collectionProfile": "collectionProfile defines the metrics collection profile that Prometheus uses to collect metrics from the platform components. Supported values are `Full` or `Minimal`. In the `Full` profile (default), Prometheus collects all metrics that are exposed by the platform components. In the `Minimal` profile, Prometheus only collects metrics necessary for the default platform alerts, recording rules, telemetry and console dashboards. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The default value is `Full`.", + "volumeClaimTemplate": "volumeClaimTemplate defines persistent storage for Prometheus. Use this setting to configure the persistent volume claim, including storage class and volume size. If omitted, the Pod uses ephemeral storage and Prometheus data will not persist across restarts.", +} + +func (PrometheusConfig) SwaggerDoc() map[string]string { + return map_PrometheusConfig +} + var map_PrometheusOperatorAdmissionWebhookConfig = map[string]string{ "": "PrometheusOperatorAdmissionWebhookConfig provides configuration options for the admission webhook component of Prometheus Operator that runs in the `openshift-monitoring` namespace. The admission webhook validates PrometheusRule and AlertmanagerConfig objects, mutates PrometheusRule annotations, and converts AlertmanagerConfig objects between API versions.", - "resources": "resources defines the compute resource requests and limits for the prometheus-operator-admission-webhook container. This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. When not specified, defaults are used by the platform. Requests cannot exceed limits. This field is optional. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ This is a simplified API that maps to Kubernetes ResourceRequirements. The current default values are:\n resources:\n - name: cpu\n request: 5m\n limit: null\n - name: memory\n request: 30Mi\n limit: null\nMaximum length for this list is 10. Minimum length for this list is 1. Each resource name must be unique within this list.", + "resources": "resources defines the compute resource requests and limits for the prometheus-operator-admission-webhook container. This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. When not specified, defaults are used by the platform. Requests cannot exceed limits. This field is optional. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ This is a simplified API that maps to Kubernetes ResourceRequirements. The current default values are:\n resources:\n - name: cpu\n request: 5m\n limit: null\n - name: memory\n request: 30Mi\n limit: null\nMaximum length for this list is 5. Minimum length for this list is 1. Each resource name must be unique within this list.", "topologySpreadConstraints": "topologySpreadConstraints defines rules for how admission webhook Pods should be distributed across topology domains such as zones, nodes, or other user-defined labels. topologySpreadConstraints is optional. This helps improve high availability and resource efficiency by avoiding placing too many replicas in the same failure domain.\n\nWhen omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. This field maps directly to the `topologySpreadConstraints` field in the Pod spec. Default is empty list. Maximum length for this list is 10. Minimum length for this list is 1. Entries must have unique topologyKey and whenUnsatisfiable pairs.", } @@ -233,7 +554,7 @@ var map_PrometheusOperatorConfig = map[string]string{ "": "PrometheusOperatorConfig provides configuration options for the Prometheus Operator instance Use this configuration to control how the Prometheus Operator instance is deployed, how it logs, and how its pods are scheduled.", "logLevel": "logLevel defines the verbosity of logs emitted by Prometheus Operator. This field allows users to control the amount and severity of logs generated, which can be useful for debugging issues or reducing noise in production environments. Allowed values are Error, Warn, Info, and Debug. When set to Error, only errors will be logged. When set to Warn, both warnings and errors will be logged. When set to Info, general information, warnings, and errors will all be logged. When set to Debug, detailed debugging information will be logged. When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. The current default value is `Info`.", "nodeSelector": "nodeSelector defines the nodes on which the Pods are scheduled nodeSelector is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. The current default value is `kubernetes.io/os: linux`. When specified, nodeSelector must contain at least 1 entry and must not contain more than 10 entries.", - "resources": "resources defines the compute resource requests and limits for the Prometheus Operator container. This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. When not specified, defaults are used by the platform. Requests cannot exceed limits. This field is optional. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ This is a simplified API that maps to Kubernetes ResourceRequirements. The current default values are:\n resources:\n - name: cpu\n request: 4m\n limit: null\n - name: memory\n request: 40Mi\n limit: null\nMaximum length for this list is 10. Minimum length for this list is 1. Each resource name must be unique within this list.", + "resources": "resources defines the compute resource requests and limits for the Prometheus Operator container. This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. When not specified, defaults are used by the platform. Requests cannot exceed limits. This field is optional. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ This is a simplified API that maps to Kubernetes ResourceRequirements. The current default values are:\n resources:\n - name: cpu\n request: 4m\n limit: null\n - name: memory\n request: 40Mi\n limit: null\nMaximum length for this list is 5. Minimum length for this list is 1. Each resource name must be unique within this list.", "tolerations": "tolerations defines tolerations for the pods. tolerations is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. Defaults are empty/unset. Maximum length for this list is 10. Minimum length for this list is 1.", "topologySpreadConstraints": "topologySpreadConstraints defines rules for how Prometheus Operator Pods should be distributed across topology domains such as zones, nodes, or other user-defined labels. topologySpreadConstraints is optional. This helps improve high availability and resource efficiency by avoiding placing too many replicas in the same failure domain.\n\nWhen omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. This field maps directly to the `topologySpreadConstraints` field in the Pod spec. Default is empty list. Maximum length for this list is 10. Minimum length for this list is 1. Entries must have unique topologyKey and whenUnsatisfiable pairs.", } @@ -242,191 +563,240 @@ func (PrometheusOperatorConfig) SwaggerDoc() map[string]string { return map_PrometheusOperatorConfig } -var map_UserDefinedMonitoring = map[string]string{ - "": "UserDefinedMonitoring config for user-defined projects.", - "mode": "mode defines the different configurations of UserDefinedMonitoring Valid values are Disabled and NamespaceIsolated Disabled disables monitoring for user-defined projects. This restricts the default monitoring stack, installed in the openshift-monitoring project, to monitor only platform namespaces, which prevents any custom monitoring configurations or resources from being applied to user-defined namespaces. NamespaceIsolated enables monitoring for user-defined projects with namespace-scoped tenancy. This ensures that metrics, alerts, and monitoring data are isolated at the namespace level. The current default value is `Disabled`.", +var map_PrometheusRemoteWriteHeader = map[string]string{ + "": "PrometheusRemoteWriteHeader defines a custom HTTP header for remote write requests. The header name must not be one of the reserved headers set by Prometheus (Host, Authorization, Content-Encoding, Content-Type, X-Prometheus-Remote-Write-Version, User-Agent, Connection, Keep-Alive, Proxy-Authenticate, Proxy-Authorization, WWW-Authenticate). Header names must contain only case-insensitive alphanumeric characters, hyphens (-), and underscores (_); other characters (e.g. emoji) are rejected by validation. Validation is enforced on the Headers field in RemoteWriteSpec.", + "name": "name is the HTTP header name. Must not be a reserved header (see type documentation). Must contain only alphanumeric characters, hyphens, and underscores; invalid characters are rejected. Must be between 1 and 256 characters.", + "value": "value is the HTTP header value. Must be at most 4096 characters.", } -func (UserDefinedMonitoring) SwaggerDoc() map[string]string { - return map_UserDefinedMonitoring +func (PrometheusRemoteWriteHeader) SwaggerDoc() map[string]string { + return map_PrometheusRemoteWriteHeader } -var map_CRIOCredentialProviderConfig = map[string]string{ - "": "CRIOCredentialProviderConfig holds cluster-wide singleton resource configurations for CRI-O credential provider, the name of this instance is \"cluster\". CRI-O credential provider is a binary shipped with CRI-O that provides a way to obtain container image pull credentials from external sources. For example, it can be used to fetch mirror registry credentials from secrets resources in the cluster within the same namespace the pod will be running in. CRIOCredentialProviderConfig configuration specifies the pod image sources registries that should trigger the CRI-O credential provider execution, which will resolve the CRI-O mirror configurations and obtain the necessary credentials for pod creation. Note: Configuration changes will only take effect after the kubelet restarts, which is automatically managed by the cluster during rollout.\n\nThe resource is a singleton named \"cluster\".\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.", - "metadata": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", - "spec": "spec defines the desired configuration of the CRI-O Credential Provider. This field is required and must be provided when creating the resource.", - "status": "status represents the current state of the CRIOCredentialProviderConfig. When omitted or nil, it indicates that the status has not yet been set by the controller. The controller will populate this field with validation conditions and operational state.", +var map_QueueConfig = map[string]string{ + "": "QueueConfig allows tuning configuration for remote write queue parameters. Configure this when you need to control throughput, backpressure, or retry behavior—for example to avoid overloading the remote endpoint, to reduce memory usage, or to tune for high-cardinality workloads. Consider capacity, maxShards, and batchSendDeadlineSeconds for throughput; minBackoffMilliseconds and maxBackoffMilliseconds for retries; and rateLimitedAction when the remote returns HTTP 429.", + "capacity": "capacity is the number of samples to buffer per shard before we start dropping them. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The default value is 10000. Minimum value is 1. Maximum value is 1000000.", + "maxShards": "maxShards is the maximum number of shards, i.e. amount of concurrency. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The default value is 200. Minimum value is 1. Maximum value is 10000.", + "minShards": "minShards is the minimum number of shards, i.e. amount of concurrency. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The default value is 1. Minimum value is 1. Maximum value is 10000.", + "maxSamplesPerSend": "maxSamplesPerSend is the maximum number of samples per send. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The default value is 1000. Minimum value is 1. Maximum value is 100000.", + "batchSendDeadlineSeconds": "batchSendDeadlineSeconds is the maximum time in seconds a sample will wait in buffer before being sent. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. Minimum value is 1 second. Maximum value is 3600 seconds (1 hour).", + "minBackoffMilliseconds": "minBackoffMilliseconds is the minimum retry delay in milliseconds. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. Minimum value is 1 millisecond. Maximum value is 3600000 milliseconds (1 hour).", + "maxBackoffMilliseconds": "maxBackoffMilliseconds is the maximum retry delay in milliseconds. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. Minimum value is 1 millisecond. Maximum value is 3600000 milliseconds (1 hour).", + "rateLimitedAction": "rateLimitedAction controls what to do when the remote write endpoint returns HTTP 429 (Too Many Requests). When omitted, no retries are performed on rate limit responses. When set to \"Retry\", Prometheus will retry such requests using the backoff settings above. Valid value when set is \"Retry\".", } -func (CRIOCredentialProviderConfig) SwaggerDoc() map[string]string { - return map_CRIOCredentialProviderConfig +func (QueueConfig) SwaggerDoc() map[string]string { + return map_QueueConfig } -var map_CRIOCredentialProviderConfigList = map[string]string{ - "": "CRIOCredentialProviderConfigList contains a list of CRIOCredentialProviderConfig resources\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.", - "metadata": "metadata is the standard list's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", +var map_RelabelActionConfig = map[string]string{ + "": "RelabelActionConfig represents the action to perform and its configuration. Exactly one action-specific configuration must be specified based on the action type.", + "type": "type specifies the action to perform on the matched labels. Allowed values are Replace, Lowercase, Uppercase, Keep, Drop, KeepEqual, DropEqual, HashMod, LabelMap, LabelDrop, LabelKeep.\n\nWhen set to Replace, regex is matched against the concatenated source_labels; target_label is set to replacement with match group references (${1}, ${2}, ...) substituted. If regex does not match, no replacement takes place.\n\nWhen set to Lowercase, the concatenated source_labels are mapped to their lower case. Requires Prometheus >= v2.36.0.\n\nWhen set to Uppercase, the concatenated source_labels are mapped to their upper case. Requires Prometheus >= v2.36.0.\n\nWhen set to Keep, targets for which regex does not match the concatenated source_labels are dropped.\n\nWhen set to Drop, targets for which regex matches the concatenated source_labels are dropped.\n\nWhen set to KeepEqual, targets for which the concatenated source_labels do not match target_label are dropped. Requires Prometheus >= v2.41.0.\n\nWhen set to DropEqual, targets for which the concatenated source_labels do match target_label are dropped. Requires Prometheus >= v2.41.0.\n\nWhen set to HashMod, target_label is set to the modulus of a hash of the concatenated source_labels.\n\nWhen set to LabelMap, regex is matched against all source label names (not just source_labels); matching label values are copied to new names given by replacement with ${1}, ${2}, ... substituted.\n\nWhen set to LabelDrop, regex is matched against all label names; any label that matches is removed.\n\nWhen set to LabelKeep, regex is matched against all label names; any label that does not match is removed.", + "replace": "replace configures the Replace action. Required when type is Replace, and forbidden otherwise.", + "hashMod": "hashMod configures the HashMod action. Required when type is HashMod, and forbidden otherwise.", + "labelMap": "labelMap configures the LabelMap action. Required when type is LabelMap, and forbidden otherwise.", + "lowercase": "lowercase configures the Lowercase action. Required when type is Lowercase, and forbidden otherwise. Requires Prometheus >= v2.36.0.", + "uppercase": "uppercase configures the Uppercase action. Required when type is Uppercase, and forbidden otherwise. Requires Prometheus >= v2.36.0.", + "keepEqual": "keepEqual configures the KeepEqual action. Required when type is KeepEqual, and forbidden otherwise. Requires Prometheus >= v2.41.0.", + "dropEqual": "dropEqual configures the DropEqual action. Required when type is DropEqual, and forbidden otherwise. Requires Prometheus >= v2.41.0.", } -func (CRIOCredentialProviderConfigList) SwaggerDoc() map[string]string { - return map_CRIOCredentialProviderConfigList +func (RelabelActionConfig) SwaggerDoc() map[string]string { + return map_RelabelActionConfig } -var map_CRIOCredentialProviderConfigSpec = map[string]string{ - "": "CRIOCredentialProviderConfigSpec defines the desired configuration of the CRI-O Credential Provider.", - "matchImages": "matchImages is a list of string patterns used to determine whether the CRI-O credential provider should be invoked for a given image. This list is passed to the kubelet CredentialProviderConfig, and if any pattern matches the requested image, CRI-O credential provider will be invoked to obtain credentials for pulling that image or its mirrors. Depending on the platform, the CRI-O credential provider may be installed alongside an existing platform specific provider. Conflicts between the existing platform specific provider image match configuration and this list will be handled by the following precedence rule: credentials from built-in kubelet providers (e.g., ECR, GCR, ACR) take precedence over those from the CRIOCredentialProviderConfig when both match the same image. To avoid uncertainty, it is recommended to avoid configuring your private image patterns to overlap with existing platform specific provider config(e.g., the entries from https://github.com/openshift/machine-config-operator/blob/main/templates/common/aws/files/etc-kubernetes-credential-providers-ecr-credential-provider.yaml). You can check the resource's Status conditions to see if any entries were ignored due to exact matches with known built-in provider patterns.\n\nThis field is optional, the items of the list must contain between 1 and 50 entries. The list is treated as a set, so duplicate entries are not allowed.\n\nFor more details, see: https://kubernetes.io/docs/tasks/administer-cluster/kubelet-credential-provider/ https://github.com/cri-o/crio-credential-provider#architecture\n\nEach entry in matchImages is a pattern which can optionally contain a port and a path. Each entry must be no longer than 512 characters. Wildcards ('*') are supported for full subdomain labels, such as '*.k8s.io' or 'k8s.*.io', and for top-level domains, such as 'k8s.*' (which matches 'k8s.io' or 'k8s.net'). A global wildcard '*' (matching any domain) is not allowed. Wildcards may replace an entire hostname label (e.g., *.example.com), but they cannot appear within a label (e.g., f*oo.example.com) and are not allowed in the port or path. For example, 'example.*.com' is valid, but 'exa*mple.*.com' is not. Each wildcard matches only a single domain label, so '*.io' does **not** match '*.k8s.io'.\n\nA match exists between an image and a matchImage when all of the below are true: Both contain the same number of domain parts and each part matches. The URL path of an matchImages must be a prefix of the target image URL path. If the matchImages contains a port, then the port must match in the image as well.\n\nExample values of matchImages: - 123456789.dkr.ecr.us-east-1.amazonaws.com - *.azurecr.io - gcr.io - *.*.registry.io - registry.io:8080/path", +var map_RelabelConfig = map[string]string{ + "": "RelabelConfig represents a relabeling rule.", + "name": "name is a unique identifier for this relabel configuration. Must contain only alphanumeric characters, hyphens, and underscores. Must be between 1 and 63 characters in length.", + "sourceLabels": "sourceLabels specifies which label names to extract from each series for this relabeling rule. The values of these labels are joined together using the configured separator, and the resulting string is then matched against the regular expression. If a referenced label does not exist on a series, Prometheus substitutes an empty string. When omitted, the rule operates without extracting source labels (useful for actions like labelmap). Minimum of 1 and maximum of 10 source labels can be specified, each between 1 and 128 characters. Each entry must be unique. Label names beginning with \"__\" (two underscores) are reserved for internal Prometheus use and are not allowed. Label names SHOULD start with a letter (a-z, A-Z) or underscore (_), followed by zero or more letters, digits (0-9), or underscores for best compatibility. While Prometheus supports UTF-8 characters in label names (since v3.0.0), using the recommended character set ensures better compatibility with the wider ecosystem (tooling, third-party instrumentation, etc.).", + "separator": "separator is the character sequence used to join source label values. Common examples: \";\", \",\", \"::\", \"|||\". When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The default value is \";\". Must be between 1 and 5 characters in length when specified.", + "regex": "regex is the regular expression to match against the concatenated source label values. Must be a valid RE2 regular expression (https://github.com/google/re2/wiki/Syntax). When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The default value is \"(.*)\" to match everything. Must be between 1 and 1000 characters in length when specified.", + "action": "action defines the action to perform on the matched labels and its configuration. Exactly one action-specific configuration must be specified based on the action type.", } -func (CRIOCredentialProviderConfigSpec) SwaggerDoc() map[string]string { - return map_CRIOCredentialProviderConfigSpec +func (RelabelConfig) SwaggerDoc() map[string]string { + return map_RelabelConfig } -var map_CRIOCredentialProviderConfigStatus = map[string]string{ - "": "CRIOCredentialProviderConfigStatus defines the observed state of CRIOCredentialProviderConfig", - "conditions": "conditions represent the latest available observations of the configuration state. When omitted, it indicates that no conditions have been reported yet. The maximum number of conditions is 16. Conditions are stored as a map keyed by condition type, ensuring uniqueness.\n\nExpected condition types include: \"Validated\": indicates whether the matchImages configuration is valid", +var map_RemoteWriteAuthorization = map[string]string{ + "": "RemoteWriteAuthorization defines the authorization method for a remote write endpoint. Exactly one of the nested configs must be set according to the type discriminator.", + "type": "type specifies the authorization method to use. Allowed values are BearerToken, BasicAuth, OAuth2, SigV4, SafeAuthorization, ServiceAccount.\n\nWhen set to BearerToken, the bearer token is read from a Secret referenced by the bearerToken field.\n\nWhen set to BasicAuth, HTTP basic authentication is used; the basicAuth field (username and password from Secrets) must be set.\n\nWhen set to OAuth2, OAuth2 client credentials flow is used; the oauth2 field (clientId, clientSecret, tokenUrl) must be set.\n\nWhen set to SigV4, AWS Signature Version 4 is used for authentication; the sigv4 field must be set.\n\nWhen set to SafeAuthorization, credentials are read from a single Secret key (Prometheus SafeAuthorization pattern). The secret key typically contains a Bearer token. Use the safeAuthorization field.\n\nWhen set to ServiceAccount, the pod's service account token is used for machine identity. No additional field is required; the operator configures the token path.", + "safeAuthorization": "safeAuthorization defines the secret reference containing the credentials for authentication (e.g. Bearer token). Required when type is \"SafeAuthorization\", and forbidden otherwise. Maps to Prometheus SafeAuthorization. The secret must exist in the openshift-monitoring namespace.", + "bearerToken": "bearerToken defines the secret reference containing the bearer token. Required when type is \"BearerToken\", and forbidden otherwise.", + "basicAuth": "basicAuth defines HTTP basic authentication credentials. Required when type is \"BasicAuth\", and forbidden otherwise.", + "oauth2": "oauth2 defines OAuth2 client credentials authentication. Required when type is \"OAuth2\", and forbidden otherwise.", + "sigv4": "sigv4 defines AWS Signature Version 4 authentication. Required when type is \"SigV4\", and forbidden otherwise.", } -func (CRIOCredentialProviderConfigStatus) SwaggerDoc() map[string]string { - return map_CRIOCredentialProviderConfigStatus +func (RemoteWriteAuthorization) SwaggerDoc() map[string]string { + return map_RemoteWriteAuthorization } -var map_ImagePolicy = map[string]string{ - "": "ImagePolicy holds namespace-wide configuration for image signature verification\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.", - "metadata": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", - "spec": "spec holds user settable values for configuration", - "status": "status contains the observed state of the resource.", +var map_RemoteWriteSpec = map[string]string{ + "": "RemoteWriteSpec represents configuration for remote write endpoints.", + "url": "url is the URL of the remote write endpoint. Must be a valid URL with http or https scheme and a non-empty hostname. Query parameters, fragments, and user information (e.g. user:password@host) are not allowed. Empty string is invalid. Must be between 1 and 2048 characters in length.", + "name": "name is a required identifier for this remote write configuration (name is the list key for the remoteWrite list). This name is used in metrics and logging to differentiate remote write queues. Must contain only alphanumeric characters, hyphens, and underscores. Must be between 1 and 63 characters in length.", + "authorization": "authorization defines the authorization method for the remote write endpoint. When omitted, no authorization is performed. When set, type must be one of BearerToken, BasicAuth, OAuth2, SigV4, SafeAuthorization, or ServiceAccount; the corresponding nested config must be set (ServiceAccount has no config).", + "headers": "headers specifies the custom HTTP headers to be sent along with each remote write request. Sending custom headers makes the configuration of a proxy in between optional and helps the receiver recognize the given source better. Clients MAY allow users to send custom HTTP headers; they MUST NOT allow users to configure them in such a way as to send reserved headers. Headers set by Prometheus cannot be overwritten. When omitted, no custom headers are sent. Maximum of 50 headers can be specified. Each header name must be unique. Each header name must contain only alphanumeric characters, hyphens, and underscores, and must not be a reserved Prometheus header (Host, Authorization, Content-Encoding, Content-Type, X-Prometheus-Remote-Write-Version, User-Agent, Connection, Keep-Alive, Proxy-Authenticate, Proxy-Authorization, WWW-Authenticate).", + "metadataConfig": "metadataConfig configures the sending of series metadata to remote storage. When omitted, no metadata is sent. When set to sendPolicy: Default, metadata is sent using platform-chosen defaults (e.g. send interval 30 seconds). When set to sendPolicy: Custom, metadata is sent using the settings in the custom field (e.g. custom.sendIntervalSeconds).", + "proxyUrl": "proxyUrl defines an optional proxy URL. If the cluster-wide proxy is enabled, it replaces the proxyUrl setting. The cluster-wide proxy supports both HTTP and HTTPS proxies, with HTTPS taking precedence. When omitted, no proxy is used. Must be a valid URL with http or https scheme. Must be between 1 and 2048 characters in length.", + "queueConfig": "queueConfig allows tuning configuration for remote write queue parameters. When omitted, default queue configuration is used.", + "remoteTimeoutSeconds": "remoteTimeoutSeconds defines the timeout in seconds for requests to the remote write endpoint. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. Minimum value is 1 second. Maximum value is 600 seconds (10 minutes).", + "exemplarsMode": "exemplarsMode controls whether exemplars are sent via remote write. Valid values are \"Send\", \"DoNotSend\" and omitted. When set to \"Send\", Prometheus is configured to store a maximum of 100,000 exemplars in memory and send them with remote write. Note that this setting only applies to user-defined monitoring. It is not applicable to default in-cluster monitoring. When omitted or set to \"DoNotSend\", exemplars are not sent.", + "tlsConfig": "tlsConfig defines TLS authentication settings for the remote write endpoint. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time.", + "writeRelabelConfigs": "writeRelabelConfigs is a list of relabeling rules to apply before sending data to the remote endpoint. When omitted, no relabeling is performed and all metrics are sent as-is. Minimum of 1 and maximum of 10 relabeling rules can be specified. Each rule must have a unique name.", } -func (ImagePolicy) SwaggerDoc() map[string]string { - return map_ImagePolicy +func (RemoteWriteSpec) SwaggerDoc() map[string]string { + return map_RemoteWriteSpec } -var map_ImagePolicyFulcioCAWithRekorRootOfTrust = map[string]string{ - "": "ImagePolicyFulcioCAWithRekorRootOfTrust defines the root of trust based on the Fulcio certificate and the Rekor public key.", - "fulcioCAData": "fulcioCAData contains inline base64-encoded data for the PEM format fulcio CA. fulcioCAData must be at most 8192 characters.", - "rekorKeyData": "rekorKeyData contains inline base64-encoded data for the PEM format from the Rekor public key. rekorKeyData must be at most 8192 characters.", - "fulcioSubject": "fulcioSubject specifies OIDC issuer and the email of the Fulcio authentication configuration.", +var map_ReplaceActionConfig = map[string]string{ + "": "ReplaceActionConfig configures the Replace action. Regex is matched against the concatenated source_labels; target_label is set to replacement with match group references (${1}, ${2}, ...) substituted. No replacement if regex does not match.", + "targetLabel": "targetLabel is the label name where the replacement result is written. Must be between 1 and 128 characters in length.", + "replacement": "replacement is the value written to target_label when regex matches; match group references (${1}, ${2}, ...) are substituted. Required when using the Replace action so the intended behavior is explicit and the platform does not need to apply defaults. Use \"$1\" for the first capture group, \"$2\" for the second, etc. Use an empty string (\"\") to explicitly clear the target label value. Must be between 0 and 255 characters in length.", } -func (ImagePolicyFulcioCAWithRekorRootOfTrust) SwaggerDoc() map[string]string { - return map_ImagePolicyFulcioCAWithRekorRootOfTrust +func (ReplaceActionConfig) SwaggerDoc() map[string]string { + return map_ReplaceActionConfig } -var map_ImagePolicyList = map[string]string{ - "": "ImagePolicyList is a list of ImagePolicy resources\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.", - "metadata": "metadata is the standard list's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", +var map_Retention = map[string]string{ + "": "Retention configures how long Prometheus retains metrics data and how much storage it can use.", + "duration": "duration is an optional field that specifies how long Prometheus retains metrics data. Valid values are Prometheus-style duration strings with unit suffixes y, w, d, h, m, s, or ms (for example, \"15d\", \"24h\", or \"5d1h30m\"). Each unit value must be a positive integer. Composite durations must follow the fixed unit order y, w, d, h, m, s, ms. Must be at least 1 character and at most 64 characters. When set to \"0\", time-based retention is disabled. This is the only supported form for disabling time-based retention; other zero-duration representations such as \"0d\", \"0h\", or \"0y\" are rejected. Prometheus automatically deletes data older than this duration. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default value is `15d`.", + "size": "size is an optional field that specifies the maximum storage size that Prometheus can use for data blocks and the write-ahead log (WAL). Valid values are byte-size strings with an optional decimal prefix and a unit suffix B, KB, MB, GB, TB, EB, PB, or their binary equivalents KiB, MiB, GiB, TiB, EiB, PiB (for example, \"500MiB\", \"10GiB\"). The numeric value must be greater than zero. Must be at least 1 character and at most 32 characters. When set to \"0\", no size limit is enforced. This is the only supported form for disabling size-based retention; other zero-size representations such as \"0B\" or \"0MiB\" are rejected. When the limit is reached, Prometheus deletes oldest data first. When omitted, no size limit is enforced and Prometheus uses available PersistentVolume capacity.", } -func (ImagePolicyList) SwaggerDoc() map[string]string { - return map_ImagePolicyList +func (Retention) SwaggerDoc() map[string]string { + return map_Retention } -var map_ImagePolicyPKIRootOfTrust = map[string]string{ - "": "ImagePolicyPKIRootOfTrust defines the root of trust based on Root CA(s) and corresponding intermediate certificates.", - "caRootsData": "caRootsData contains base64-encoded data of a certificate bundle PEM file, which contains one or more CA roots in the PEM format. The total length of the data must not exceed 8192 characters. ", - "caIntermediatesData": "caIntermediatesData contains base64-encoded data of a certificate bundle PEM file, which contains one or more intermediate certificates in the PEM format. The total length of the data must not exceed 8192 characters. caIntermediatesData requires caRootsData to be set. ", - "pkiCertificateSubject": "pkiCertificateSubject defines the requirements imposed on the subject to which the certificate was issued.", +var map_SecretKeySelector = map[string]string{ + "": "SecretKeySelector selects a key of a Secret in the `openshift-monitoring` namespace.", + "name": "name is the name of the secret in the `openshift-monitoring` namespace to select from. Must be a valid Kubernetes secret name (lowercase alphanumeric, '-' or '.', start/end with alphanumeric). Must be between 1 and 253 characters in length.", + "key": "key is the key of the secret to select from. Must consist of alphanumeric characters, '-', '_', or '.'. Must be between 1 and 253 characters in length.", } -func (ImagePolicyPKIRootOfTrust) SwaggerDoc() map[string]string { - return map_ImagePolicyPKIRootOfTrust +func (SecretKeySelector) SwaggerDoc() map[string]string { + return map_SecretKeySelector } -var map_ImagePolicyPublicKeyRootOfTrust = map[string]string{ - "": "ImagePolicyPublicKeyRootOfTrust defines the root of trust based on a sigstore public key.", - "keyData": "keyData contains inline base64-encoded data for the PEM format public key. KeyData must be at most 8192 characters.", - "rekorKeyData": "rekorKeyData contains inline base64-encoded data for the PEM format from the Rekor public key. rekorKeyData must be at most 8192 characters.", +var map_Sigv4 = map[string]string{ + "": "Sigv4 defines AWS Signature Version 4 authentication settings. At least one of region, accessKey/secretKey, profile, or roleArn must be set so the platform can perform authentication.", + "region": "region is the AWS region. When omitted, the region is derived from the environment or instance metadata. Must be between 1 and 128 characters.", + "accessKey": "accessKey defines the secret reference containing the AWS access key ID. The secret must exist in the openshift-monitoring namespace. When omitted, the access key is derived from the environment or instance metadata.", + "secretKey": "secretKey defines the secret reference containing the AWS secret access key. The secret must exist in the openshift-monitoring namespace. When omitted, the secret key is derived from the environment or instance metadata.", + "profile": "profile is the named AWS profile used to authenticate. When omitted, the default profile is used. Must be between 1 and 128 characters.", + "roleArn": "roleArn is the AWS Role ARN, an alternative to using AWS API keys. When omitted, API keys are used for authentication. Must be a valid AWS ARN format (e.g., \"arn:aws:iam::123456789012:role/MyRole\"). Must be between 1 and 512 characters.", } -func (ImagePolicyPublicKeyRootOfTrust) SwaggerDoc() map[string]string { - return map_ImagePolicyPublicKeyRootOfTrust +func (Sigv4) SwaggerDoc() map[string]string { + return map_Sigv4 } -var map_ImagePolicySpec = map[string]string{ - "": "ImagePolicySpec is the specification of the ImagePolicy CRD.", - "scopes": "scopes defines the list of image identities assigned to a policy. Each item refers to a scope in a registry implementing the \"Docker Registry HTTP API V2\". Scopes matching individual images are named Docker references in the fully expanded form, either using a tag or digest. For example, docker.io/library/busybox:latest (not busybox:latest). More general scopes are prefixes of individual-image scopes, and specify a repository (by omitting the tag or digest), a repository namespace, or a registry host (by only specifying the host name and possibly a port number) or a wildcard expression starting with `*.`, for matching all subdomains (not including a port number). Wildcards are only supported for subdomain matching, and may not be used in the middle of the host, i.e. *.example.com is a valid case, but example*.*.com is not. If multiple scopes match a given image, only the policy requirements for the most specific scope apply. The policy requirements for more general scopes are ignored. In addition to setting a policy appropriate for your own deployed applications, make sure that a policy on the OpenShift image repositories quay.io/openshift-release-dev/ocp-release, quay.io/openshift-release-dev/ocp-v4.0-art-dev (or on a more general scope) allows deployment of the OpenShift images required for cluster operation. If a scope is configured in both the ClusterImagePolicy and the ImagePolicy, or if the scope in ImagePolicy is nested under one of the scopes from the ClusterImagePolicy, only the policy from the ClusterImagePolicy will be applied. For additional details about the format, please refer to the document explaining the docker transport field, which can be found at: https://github.com/containers/image/blob/main/docs/containers-policy.json.5.md#docker", - "policy": "policy contains configuration to allow scopes to be verified, and defines how images not matching the verification policy will be treated.", +var map_TLSConfig = map[string]string{ + "": "TLSConfig represents TLS configuration for Alertmanager connections. At least one TLS configuration option must be specified. For mutual TLS (mTLS), both cert and key must be specified together, or both omitted.", + "ca": "ca is an optional CA certificate to use for TLS connections. When omitted, the system's default CA bundle is used.", + "cert": "cert is an optional client certificate to use for mutual TLS connections. When omitted, no client certificate is presented.", + "key": "key is an optional client key to use for mutual TLS connections. When omitted, no client key is used.", + "serverName": "serverName is an optional server name to use for TLS connections. When specified, must be a valid DNS subdomain as per RFC 1123. When omitted, the server name is derived from the URL. Must be between 1 and 253 characters in length.", + "certificateVerification": "certificateVerification determines the policy for TLS certificate verification. Allowed values are \"Verify\" (performs certificate verification, secure) and \"SkipVerify\" (skips verification, insecure). When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The default value is \"Verify\".", } -func (ImagePolicySpec) SwaggerDoc() map[string]string { - return map_ImagePolicySpec +func (TLSConfig) SwaggerDoc() map[string]string { + return map_TLSConfig } -var map_ImagePolicyStatus = map[string]string{ - "conditions": "conditions provide details on the status of this API Resource.", +var map_TelemeterClientConfig = map[string]string{ + "": "TelemeterClientConfig provides configuration options for the Telemeter Client component that runs in the `openshift-monitoring` namespace. The Telemeter Client collects selected monitoring metrics and forwards them to Red Hat for telemetry purposes. At least one field must be specified.", + "nodeSelector": "nodeSelector defines the nodes on which the Pods are scheduled. nodeSelector is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. The current default value is `kubernetes.io/os: linux`. When specified, nodeSelector must contain at least 1 entry and must not contain more than 10 entries.", + "resources": "resources defines the compute resource requests and limits for the Telemeter Client container. This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. When not specified, defaults are used by the platform. Requests cannot exceed limits. This field is optional. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ This is a simplified API that maps to Kubernetes ResourceRequirements. The current default values are:\n resources:\n - name: cpu\n request: 1m\n limit: null\n - name: memory\n request: 40Mi\n limit: null\nMaximum length for this list is 5. Minimum length for this list is 1. Each resource name must be unique within this list.", + "tolerations": "tolerations defines tolerations for the pods. tolerations is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. Defaults are empty/unset. Maximum length for this list is 10. Minimum length for this list is 1.", + "topologySpreadConstraints": "topologySpreadConstraints defines rules for how Telemeter Client Pods should be distributed across topology domains such as zones, nodes, or other user-defined labels. topologySpreadConstraints is optional. This helps improve high availability and resource efficiency by avoiding placing too many replicas in the same failure domain.\n\nWhen omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. This field maps directly to the `topologySpreadConstraints` field in the Pod spec. Default is empty list. Maximum length for this list is 10. Minimum length for this list is 1. Entries must have unique topologyKey and whenUnsatisfiable pairs.", } -func (ImagePolicyStatus) SwaggerDoc() map[string]string { - return map_ImagePolicyStatus +func (TelemeterClientConfig) SwaggerDoc() map[string]string { + return map_TelemeterClientConfig } -var map_ImageSigstoreVerificationPolicy = map[string]string{ - "": "ImageSigstoreVerificationPolicy defines the verification policy for the items in the scopes list.", - "rootOfTrust": "rootOfTrust specifies the root of trust for the policy.", - "signedIdentity": "signedIdentity specifies what image identity the signature claims about the image. The required matchPolicy field specifies the approach used in the verification process to verify the identity in the signature and the actual image identity, the default matchPolicy is \"MatchRepoDigestOrExact\".", +var map_ThanosQuerierConfig = map[string]string{ + "": "ThanosQuerierConfig provides configuration options for the Thanos Querier component that runs in the `openshift-monitoring` namespace. At least one field must be specified; an empty thanosQuerierConfig object is not allowed.", + "logLevel": "logLevel defines the verbosity of logs emitted by Thanos Querier. logLevel is optional. Allowed values are Error, Warn, Info, and Debug. When set to Error, only errors will be logged. When set to Warn, both warnings and errors will be logged. When set to Info, general information, warnings, and errors will all be logged. When set to Debug, detailed debugging information will be logged. When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. The current default value is `Info`.", + "requestLogging": "requestLogging configures request logging for Thanos Querier. requestLogging is optional. When provided, the policy field within is required. When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. The current default behavior is to not log any requests.", + "crossOriginRequestPolicy": "crossOriginRequestPolicy configures the CORS (Cross-Origin Resource Sharing) policy for Thanos Querier's HTTP endpoints. crossOriginRequestPolicy is optional. Valid values are \"AllowAll\" and \"DenyAll\". When set to \"AllowAll\", CORS headers are added to responses, allowing cross-origin requests from any domain. When set to \"DenyAll\", no CORS headers are added and cross-origin requests are rejected by the browser. When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. The current default value is \"DenyAll\".", + "nodeSelector": "nodeSelector defines the nodes on which the Pods are scheduled. nodeSelector is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. The current default value is `kubernetes.io/os: linux`. When specified, nodeSelector must contain at least 1 entry and must not contain more than 10 entries.", + "resources": "resources defines the compute resource requests and limits for the Thanos Querier container. resources is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. Requests cannot exceed limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ This is a simplified API that maps to Kubernetes ResourceRequirements. The current default values are:\n resources:\n - name: cpu\n request: 5m\n - name: memory\n request: 12Mi\nMaximum length for this list is 5. Minimum length for this list is 1. Each resource name must be unique within this list.", + "tolerations": "tolerations defines tolerations for the pods. tolerations is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. Defaults are empty/unset. Maximum length for this list is 10. Minimum length for this list is 1.", + "topologySpreadConstraints": "topologySpreadConstraints defines rules for how Thanos Querier Pods should be distributed across topology domains such as zones, nodes, or other user-defined labels. topologySpreadConstraints is optional. This helps improve high availability and resource efficiency by avoiding placing too many replicas in the same failure domain.\n\nWhen omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. This field maps directly to the `topologySpreadConstraints` field in the Pod spec. Defaults are empty/unset. Maximum length for this list is 10. Minimum length for this list is 1. Entries must have unique topologyKey and whenUnsatisfiable pairs.", +} + +func (ThanosQuerierConfig) SwaggerDoc() map[string]string { + return map_ThanosQuerierConfig } -func (ImageSigstoreVerificationPolicy) SwaggerDoc() map[string]string { - return map_ImageSigstoreVerificationPolicy +var map_ThanosQuerierRequestLoggingConfig = map[string]string{ + "": "ThanosQuerierRequestLoggingConfig configures request logging for Thanos Querier.", + "policy": "policy determines which HTTP and gRPC requests are logged by Thanos Querier. Valid values are \"AllRequests\" and \"NoRequests\". When set to \"AllRequests\", every request received by Thanos Querier is logged with method, path, and response status. The log level for request logs is derived from the logLevel field. When set to \"NoRequests\", request logging is turned off.", } -var map_PKICertificateSubject = map[string]string{ - "": "PKICertificateSubject defines the requirements imposed on the subject to which the certificate was issued.", - "email": "email specifies the expected email address imposed on the subject to which the certificate was issued, and must match the email address listed in the Subject Alternative Name (SAN) field of the certificate. The email should be a valid email address and at most 320 characters in length.", - "hostname": "hostname specifies the expected hostname imposed on the subject to which the certificate was issued, and it must match the hostname listed in the Subject Alternative Name (SAN) DNS field of the certificate. The hostname should be a valid dns 1123 subdomain name, optionally prefixed by '*.', and at most 253 characters in length. It should consist only of lowercase alphanumeric characters, hyphens, periods and the optional preceding asterisk.", +func (ThanosQuerierRequestLoggingConfig) SwaggerDoc() map[string]string { + return map_ThanosQuerierRequestLoggingConfig } -func (PKICertificateSubject) SwaggerDoc() map[string]string { - return map_PKICertificateSubject +var map_UppercaseActionConfig = map[string]string{ + "": "UppercaseActionConfig configures the Uppercase action. Maps the concatenated source_labels to their upper case and writes to target_label. Requires Prometheus >= v2.36.0.", + "targetLabel": "targetLabel is the label name where the upper-cased value is written. Must be between 1 and 128 characters in length.", } -var map_PolicyFulcioSubject = map[string]string{ - "": "PolicyFulcioSubject defines the OIDC issuer and the email of the Fulcio authentication configuration.", - "oidcIssuer": "oidcIssuer contains the expected OIDC issuer. It will be verified that the Fulcio-issued certificate contains a (Fulcio-defined) certificate extension pointing at this OIDC issuer URL. When Fulcio issues certificates, it includes a value based on an URL inside the client-provided ID token. Example: \"https://expected.OIDC.issuer/\"", - "signedEmail": "signedEmail holds the email address the the Fulcio certificate is issued for. Example: \"expected-signing-user@example.com\"", +func (UppercaseActionConfig) SwaggerDoc() map[string]string { + return map_UppercaseActionConfig +} + +var map_UserDefinedMonitoring = map[string]string{ + "": "UserDefinedMonitoring config for user-defined projects.", + "mode": "mode defines the different configurations of UserDefinedMonitoring Valid values are Disabled and NamespaceIsolated Disabled disables monitoring for user-defined projects. This restricts the default monitoring stack, installed in the openshift-monitoring project, to monitor only platform namespaces, which prevents any custom monitoring configurations or resources from being applied to user-defined namespaces. NamespaceIsolated enables monitoring for user-defined projects with namespace-scoped tenancy. This ensures that metrics, alerts, and monitoring data are isolated at the namespace level. The current default value is `Disabled`.", } -func (PolicyFulcioSubject) SwaggerDoc() map[string]string { - return map_PolicyFulcioSubject +func (UserDefinedMonitoring) SwaggerDoc() map[string]string { + return map_UserDefinedMonitoring } -var map_PolicyIdentity = map[string]string{ - "": "PolicyIdentity defines image identity the signature claims about the image. When omitted, the default matchPolicy is \"MatchRepoDigestOrExact\".", - "matchPolicy": "matchPolicy sets the type of matching to be used. Valid values are \"MatchRepoDigestOrExact\", \"MatchRepository\", \"ExactRepository\", \"RemapIdentity\". When omitted, the default value is \"MatchRepoDigestOrExact\". If set matchPolicy to ExactRepository, then the exactRepository must be specified. If set matchPolicy to RemapIdentity, then the remapIdentity must be specified. \"MatchRepoDigestOrExact\" means that the identity in the signature must be in the same repository as the image identity if the image identity is referenced by a digest. Otherwise, the identity in the signature must be the same as the image identity. \"MatchRepository\" means that the identity in the signature must be in the same repository as the image identity. \"ExactRepository\" means that the identity in the signature must be in the same repository as a specific identity specified by \"repository\". \"RemapIdentity\" means that the signature must be in the same as the remapped image identity. Remapped image identity is obtained by replacing the \"prefix\" with the specified “signedPrefix” if the the image identity matches the specified remapPrefix.", - "exactRepository": "exactRepository is required if matchPolicy is set to \"ExactRepository\".", - "remapIdentity": "remapIdentity is required if matchPolicy is set to \"RemapIdentity\".", +var map_CRIOCredentialProviderConfig = map[string]string{ + "": "CRIOCredentialProviderConfig holds cluster-wide singleton resource configurations for CRI-O credential provider, the name of this instance is \"cluster\". CRI-O credential provider is a binary shipped with CRI-O that provides a way to obtain container image pull credentials from external sources. For example, it can be used to fetch mirror registry credentials from secrets resources in the cluster within the same namespace the pod will be running in. CRIOCredentialProviderConfig configuration specifies the pod image sources registries that should trigger the CRI-O credential provider execution, which will resolve the CRI-O mirror configurations and obtain the necessary credentials for pod creation. Note: Configuration changes will only take effect after the kubelet restarts, which is automatically managed by the cluster during rollout.\n\nThe resource is a singleton named \"cluster\".\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.", + "metadata": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", + "spec": "spec defines the desired configuration of the CRI-O Credential Provider. This field is required and must be provided when creating the resource.", + "status": "status represents the current state of the CRIOCredentialProviderConfig. When omitted or nil, it indicates that the status has not yet been set by the controller. The controller will populate this field with validation conditions and operational state.", } -func (PolicyIdentity) SwaggerDoc() map[string]string { - return map_PolicyIdentity +func (CRIOCredentialProviderConfig) SwaggerDoc() map[string]string { + return map_CRIOCredentialProviderConfig } -var map_PolicyMatchExactRepository = map[string]string{ - "repository": "repository is the reference of the image identity to be matched. The value should be a repository name (by omitting the tag or digest) in a registry implementing the \"Docker Registry HTTP API V2\". For example, docker.io/library/busybox", +var map_CRIOCredentialProviderConfigList = map[string]string{ + "": "CRIOCredentialProviderConfigList contains a list of CRIOCredentialProviderConfig resources\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.", + "metadata": "metadata is the standard list's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", } -func (PolicyMatchExactRepository) SwaggerDoc() map[string]string { - return map_PolicyMatchExactRepository +func (CRIOCredentialProviderConfigList) SwaggerDoc() map[string]string { + return map_CRIOCredentialProviderConfigList } -var map_PolicyMatchRemapIdentity = map[string]string{ - "prefix": "prefix is the prefix of the image identity to be matched. If the image identity matches the specified prefix, that prefix is replaced by the specified “signedPrefix” (otherwise it is used as unchanged and no remapping takes place). This useful when verifying signatures for a mirror of some other repository namespace that preserves the vendor’s repository structure. The prefix and signedPrefix values can be either host[:port] values (matching exactly the same host[:port], string), repository namespaces, or repositories (i.e. they must not contain tags/digests), and match as prefixes of the fully expanded form. For example, docker.io/library/busybox (not busybox) to specify that single repository, or docker.io/library (not an empty string) to specify the parent namespace of docker.io/library/busybox.", - "signedPrefix": "signedPrefix is the prefix of the image identity to be matched in the signature. The format is the same as \"prefix\". The values can be either host[:port] values (matching exactly the same host[:port], string), repository namespaces, or repositories (i.e. they must not contain tags/digests), and match as prefixes of the fully expanded form. For example, docker.io/library/busybox (not busybox) to specify that single repository, or docker.io/library (not an empty string) to specify the parent namespace of docker.io/library/busybox.", +var map_CRIOCredentialProviderConfigSpec = map[string]string{ + "": "CRIOCredentialProviderConfigSpec defines the desired configuration of the CRI-O Credential Provider.", + "matchImages": "matchImages is a list of string patterns used to determine whether the CRI-O credential provider should be invoked for a given image. This list is passed to the kubelet CredentialProviderConfig, and if any pattern matches the requested image, CRI-O credential provider will be invoked to obtain credentials for pulling that image or its mirrors. Depending on the platform, the CRI-O credential provider may be installed alongside an existing platform specific provider. Conflicts between the existing platform specific provider image match configuration and this list will be handled by the following precedence rule: credentials from built-in kubelet providers (e.g., ECR, GCR, ACR) take precedence over those from the CRIOCredentialProviderConfig when both match the same image. To avoid uncertainty, it is recommended to avoid configuring your private image patterns to overlap with existing platform specific provider config(e.g., the entries from https://github.com/openshift/machine-config-operator/blob/main/templates/common/aws/files/etc-kubernetes-credential-providers-ecr-credential-provider.yaml). You can check the resource's Status conditions to see if any entries were ignored due to exact matches with known built-in provider patterns.\n\nThis field is optional, the items of the list must contain between 1 and 50 entries. The list is treated as a set, so duplicate entries are not allowed.\n\nFor more details, see: https://kubernetes.io/docs/tasks/administer-cluster/kubelet-credential-provider/ https://github.com/cri-o/crio-credential-provider#architecture\n\nEach entry in matchImages is a pattern which can optionally contain a port and a path. Each entry must be no longer than 512 characters. Wildcards ('*') are supported for full subdomain labels, such as '*.k8s.io' or 'k8s.*.io', and for top-level domains, such as 'k8s.*' (which matches 'k8s.io' or 'k8s.net'). A global wildcard '*' (matching any domain) is not allowed. Wildcards may replace an entire hostname label (e.g., *.example.com), but they cannot appear within a label (e.g., f*oo.example.com) and are not allowed in the port or path. For example, 'example.*.com' is valid, but 'exa*mple.*.com' is not. Each wildcard matches only a single domain label, so '*.io' does **not** match '*.k8s.io'.\n\nA match exists between an image and a matchImage when all of the below are true: Both contain the same number of domain parts and each part matches. The URL path of an matchImages must be a prefix of the target image URL path. If the matchImages contains a port, then the port must match in the image as well.\n\nExample values of matchImages: - 123456789.dkr.ecr.us-east-1.amazonaws.com - *.azurecr.io - gcr.io - *.*.registry.io - registry.io:8080/path", } -func (PolicyMatchRemapIdentity) SwaggerDoc() map[string]string { - return map_PolicyMatchRemapIdentity +func (CRIOCredentialProviderConfigSpec) SwaggerDoc() map[string]string { + return map_CRIOCredentialProviderConfigSpec } -var map_PolicyRootOfTrust = map[string]string{ - "": "PolicyRootOfTrust defines the root of trust based on the selected policyType.", - "policyType": "policyType serves as the union's discriminator. Users are required to assign a value to this field, choosing one of the policy types that define the root of trust. \"PublicKey\" indicates that the policy relies on a sigstore publicKey and may optionally use a Rekor verification. \"FulcioCAWithRekor\" indicates that the policy is based on the Fulcio certification and incorporates a Rekor verification. \"PKI\" indicates that the policy is based on the certificates from Bring Your Own Public Key Infrastructure (BYOPKI). This value is enabled by turning on the SigstoreImageVerificationPKI feature gate.", - "publicKey": "publicKey defines the root of trust based on a sigstore public key.", - "fulcioCAWithRekor": "fulcioCAWithRekor defines the root of trust based on the Fulcio certificate and the Rekor public key. For more information about Fulcio and Rekor, please refer to the document at: https://github.com/sigstore/fulcio and https://github.com/sigstore/rekor", - "pki": "pki defines the root of trust based on Bring Your Own Public Key Infrastructure (BYOPKI) Root CA(s) and corresponding intermediate certificates.", +var map_CRIOCredentialProviderConfigStatus = map[string]string{ + "": "CRIOCredentialProviderConfigStatus defines the observed state of CRIOCredentialProviderConfig", + "conditions": "conditions represent the latest available observations of the configuration state. When omitted, it indicates that no conditions have been reported yet. The maximum number of conditions is 16. Conditions are stored as a map keyed by condition type, ensuring uniqueness.\n\nExpected condition types include: \"Validated\": indicates whether the matchImages configuration is valid", } -func (PolicyRootOfTrust) SwaggerDoc() map[string]string { - return map_PolicyRootOfTrust +func (CRIOCredentialProviderConfigStatus) SwaggerDoc() map[string]string { + return map_CRIOCredentialProviderConfigStatus } var map_GatherConfig = map[string]string{ diff --git a/vendor/github.com/openshift/api/config/v1alpha2/doc.go b/vendor/github.com/openshift/api/config/v1alpha2/doc.go index 15ac6b4972..5777844e2a 100644 --- a/vendor/github.com/openshift/api/config/v1alpha2/doc.go +++ b/vendor/github.com/openshift/api/config/v1alpha2/doc.go @@ -1,6 +1,7 @@ // +k8s:deepcopy-gen=package,register // +k8s:defaulter-gen=TypeMeta // +k8s:openapi-gen=true +// +k8s:openapi-model-package=com.github.openshift.api.config.v1alpha2 // +groupName=config.openshift.io // Package v1alpha2 is the v1alpha2 version of the API. diff --git a/vendor/github.com/openshift/api/config/v1alpha2/zz_generated.model_name.go b/vendor/github.com/openshift/api/config/v1alpha2/zz_generated.model_name.go new file mode 100644 index 0000000000..d05e8558c7 --- /dev/null +++ b/vendor/github.com/openshift/api/config/v1alpha2/zz_generated.model_name.go @@ -0,0 +1,61 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Code generated by codegen. DO NOT EDIT. + +package v1alpha2 + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in Custom) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha2.Custom" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in GatherConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha2.GatherConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in GathererConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha2.GathererConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in Gatherers) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha2.Gatherers" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in InsightsDataGather) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha2.InsightsDataGather" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in InsightsDataGatherList) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha2.InsightsDataGatherList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in InsightsDataGatherSpec) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha2.InsightsDataGatherSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in InsightsDataGatherStatus) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha2.InsightsDataGatherStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PersistentVolumeClaimReference) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha2.PersistentVolumeClaimReference" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PersistentVolumeConfig) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha2.PersistentVolumeConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in Storage) OpenAPIModelName() string { + return "com.github.openshift.api.config.v1alpha2.Storage" +} diff --git a/vendor/github.com/openshift/api/console/v1/doc.go b/vendor/github.com/openshift/api/console/v1/doc.go index c08b5b519b..f6c62bd19b 100644 --- a/vendor/github.com/openshift/api/console/v1/doc.go +++ b/vendor/github.com/openshift/api/console/v1/doc.go @@ -1,6 +1,7 @@ // +k8s:deepcopy-gen=package,register // +k8s:defaulter-gen=TypeMeta // +k8s:openapi-gen=true +// +k8s:openapi-model-package=com.github.openshift.api.console.v1 // +groupName=console.openshift.io // Package v1 is the v1 version of the API. diff --git a/vendor/github.com/openshift/api/console/v1/types_console_plugin.go b/vendor/github.com/openshift/api/console/v1/types_console_plugin.go index 0160a4a242..c63db50d52 100644 --- a/vendor/github.com/openshift/api/console/v1/types_console_plugin.go +++ b/vendor/github.com/openshift/api/console/v1/types_console_plugin.go @@ -90,7 +90,6 @@ type ConsolePluginSpec struct { // OpenShift web console server CSP response header: // Content-Security-Policy: default-src 'self'; base-uri 'self'; script-src 'self' https://script1.com/ https://script2.com/ https://script3.com/; font-src 'self' https://font1.com/ https://font2.com/; img-src 'self' https://img1.com/; style-src 'self'; frame-src 'none'; object-src 'none' // - // +openshift:enable:FeatureGate=ConsolePluginContentSecurityPolicy // +kubebuilder:validation:MaxItems=5 // +kubebuilder:validation:XValidation:rule="self.map(x, x.values.map(y, y.size()).sum()).sum() < 8192",message="the total combined size of values of all directives must not exceed 8192 (8kb)" // +listType=map diff --git a/vendor/github.com/openshift/api/console/v1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/console/v1/zz_generated.featuregated-crd-manifests.yaml index caa676e691..26524d0a17 100644 --- a/vendor/github.com/openshift/api/console/v1/zz_generated.featuregated-crd-manifests.yaml +++ b/vendor/github.com/openshift/api/console/v1/zz_generated.featuregated-crd-manifests.yaml @@ -137,8 +137,7 @@ consoleplugins.console.openshift.io: CRDName: consoleplugins.console.openshift.io Capability: Console Category: "" - FeatureGates: - - ConsolePluginContentSecurityPolicy + FeatureGates: [] FilenameOperatorName: "" FilenameOperatorOrdering: "90" FilenameRunLevel: "" diff --git a/vendor/github.com/openshift/api/console/v1/zz_generated.model_name.go b/vendor/github.com/openshift/api/console/v1/zz_generated.model_name.go new file mode 100644 index 0000000000..d5c9c2bc52 --- /dev/null +++ b/vendor/github.com/openshift/api/console/v1/zz_generated.model_name.go @@ -0,0 +1,226 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Code generated by codegen. DO NOT EDIT. + +package v1 + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ApplicationMenuSpec) OpenAPIModelName() string { + return "com.github.openshift.api.console.v1.ApplicationMenuSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in CLIDownloadLink) OpenAPIModelName() string { + return "com.github.openshift.api.console.v1.CLIDownloadLink" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ConsoleCLIDownload) OpenAPIModelName() string { + return "com.github.openshift.api.console.v1.ConsoleCLIDownload" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ConsoleCLIDownloadList) OpenAPIModelName() string { + return "com.github.openshift.api.console.v1.ConsoleCLIDownloadList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ConsoleCLIDownloadSpec) OpenAPIModelName() string { + return "com.github.openshift.api.console.v1.ConsoleCLIDownloadSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ConsoleExternalLogLink) OpenAPIModelName() string { + return "com.github.openshift.api.console.v1.ConsoleExternalLogLink" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ConsoleExternalLogLinkList) OpenAPIModelName() string { + return "com.github.openshift.api.console.v1.ConsoleExternalLogLinkList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ConsoleExternalLogLinkSpec) OpenAPIModelName() string { + return "com.github.openshift.api.console.v1.ConsoleExternalLogLinkSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ConsoleLink) OpenAPIModelName() string { + return "com.github.openshift.api.console.v1.ConsoleLink" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ConsoleLinkList) OpenAPIModelName() string { + return "com.github.openshift.api.console.v1.ConsoleLinkList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ConsoleLinkSpec) OpenAPIModelName() string { + return "com.github.openshift.api.console.v1.ConsoleLinkSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ConsoleNotification) OpenAPIModelName() string { + return "com.github.openshift.api.console.v1.ConsoleNotification" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ConsoleNotificationList) OpenAPIModelName() string { + return "com.github.openshift.api.console.v1.ConsoleNotificationList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ConsoleNotificationSpec) OpenAPIModelName() string { + return "com.github.openshift.api.console.v1.ConsoleNotificationSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ConsolePlugin) OpenAPIModelName() string { + return "com.github.openshift.api.console.v1.ConsolePlugin" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ConsolePluginBackend) OpenAPIModelName() string { + return "com.github.openshift.api.console.v1.ConsolePluginBackend" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ConsolePluginCSP) OpenAPIModelName() string { + return "com.github.openshift.api.console.v1.ConsolePluginCSP" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ConsolePluginI18n) OpenAPIModelName() string { + return "com.github.openshift.api.console.v1.ConsolePluginI18n" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ConsolePluginList) OpenAPIModelName() string { + return "com.github.openshift.api.console.v1.ConsolePluginList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ConsolePluginProxy) OpenAPIModelName() string { + return "com.github.openshift.api.console.v1.ConsolePluginProxy" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ConsolePluginProxyEndpoint) OpenAPIModelName() string { + return "com.github.openshift.api.console.v1.ConsolePluginProxyEndpoint" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ConsolePluginProxyServiceConfig) OpenAPIModelName() string { + return "com.github.openshift.api.console.v1.ConsolePluginProxyServiceConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ConsolePluginService) OpenAPIModelName() string { + return "com.github.openshift.api.console.v1.ConsolePluginService" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ConsolePluginSpec) OpenAPIModelName() string { + return "com.github.openshift.api.console.v1.ConsolePluginSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ConsoleQuickStart) OpenAPIModelName() string { + return "com.github.openshift.api.console.v1.ConsoleQuickStart" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ConsoleQuickStartList) OpenAPIModelName() string { + return "com.github.openshift.api.console.v1.ConsoleQuickStartList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ConsoleQuickStartSpec) OpenAPIModelName() string { + return "com.github.openshift.api.console.v1.ConsoleQuickStartSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ConsoleQuickStartTask) OpenAPIModelName() string { + return "com.github.openshift.api.console.v1.ConsoleQuickStartTask" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ConsoleQuickStartTaskReview) OpenAPIModelName() string { + return "com.github.openshift.api.console.v1.ConsoleQuickStartTaskReview" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ConsoleQuickStartTaskSummary) OpenAPIModelName() string { + return "com.github.openshift.api.console.v1.ConsoleQuickStartTaskSummary" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ConsoleSample) OpenAPIModelName() string { + return "com.github.openshift.api.console.v1.ConsoleSample" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ConsoleSampleContainerImportSource) OpenAPIModelName() string { + return "com.github.openshift.api.console.v1.ConsoleSampleContainerImportSource" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ConsoleSampleContainerImportSourceService) OpenAPIModelName() string { + return "com.github.openshift.api.console.v1.ConsoleSampleContainerImportSourceService" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ConsoleSampleGitImportSource) OpenAPIModelName() string { + return "com.github.openshift.api.console.v1.ConsoleSampleGitImportSource" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ConsoleSampleGitImportSourceRepository) OpenAPIModelName() string { + return "com.github.openshift.api.console.v1.ConsoleSampleGitImportSourceRepository" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ConsoleSampleGitImportSourceService) OpenAPIModelName() string { + return "com.github.openshift.api.console.v1.ConsoleSampleGitImportSourceService" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ConsoleSampleList) OpenAPIModelName() string { + return "com.github.openshift.api.console.v1.ConsoleSampleList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ConsoleSampleSource) OpenAPIModelName() string { + return "com.github.openshift.api.console.v1.ConsoleSampleSource" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ConsoleSampleSpec) OpenAPIModelName() string { + return "com.github.openshift.api.console.v1.ConsoleSampleSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ConsoleYAMLSample) OpenAPIModelName() string { + return "com.github.openshift.api.console.v1.ConsoleYAMLSample" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ConsoleYAMLSampleList) OpenAPIModelName() string { + return "com.github.openshift.api.console.v1.ConsoleYAMLSampleList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ConsoleYAMLSampleSpec) OpenAPIModelName() string { + return "com.github.openshift.api.console.v1.ConsoleYAMLSampleSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in Link) OpenAPIModelName() string { + return "com.github.openshift.api.console.v1.Link" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NamespaceDashboardSpec) OpenAPIModelName() string { + return "com.github.openshift.api.console.v1.NamespaceDashboardSpec" +} diff --git a/vendor/github.com/openshift/api/envtest-releases.yaml b/vendor/github.com/openshift/api/envtest-releases.yaml index 9ab6d63a6f..ea376ded55 100644 --- a/vendor/github.com/openshift/api/envtest-releases.yaml +++ b/vendor/github.com/openshift/api/envtest-releases.yaml @@ -1,4 +1,30 @@ releases: + v1.28.15: + envtest-v1.28.15-darwin-amd64.tar.gz: + hash: 79e04e7e264e6907da73d27c04d50be7bfa702b059e66f21331c9c8e16daa6ff960e750c1910804b7aa2a5bd79488a5bd082b76a7bab003e613a2cdbb2a8b80d + selfLink: https://storage.googleapis.com/openshift-kubebuilder-tools/envtest-v1.28.15-darwin-amd64.tar.gz + envtest-v1.28.15-darwin-arm64.tar.gz: + hash: 9646d169cf5161793ded60fa2ffde705d8fdde7c7c77833be9a77909f5804b909f28d56b2b0b93bd200d8057db3e37da9fe1683368ae38777ea62609135d0b4d + selfLink: https://storage.googleapis.com/openshift-kubebuilder-tools/envtest-v1.28.15-darwin-arm64.tar.gz + envtest-v1.28.15-linux-amd64.tar.gz: + hash: bc7e3deabbb3c7ee5e572e1392041af9d2fa40a51eb88dcabdaf57ff2a476e81efbd837a87f1f0849a5083dcb7c0b4b2fc16107da4cf3308805eee377fb383c1 + selfLink: https://storage.googleapis.com/openshift-kubebuilder-tools/envtest-v1.28.15-linux-amd64.tar.gz + envtest-v1.28.15-linux-arm64.tar.gz: + hash: 17ec8d5f7de118b66d1621d8b25b4f0a891e4a641d5e845d14c0da4cb2e258b6bf788fe6b5334b27beb12d9e67f7c8f2c2ded6023bf9a7e79ac3b483b8cdfcc2 + selfLink: https://storage.googleapis.com/openshift-kubebuilder-tools/envtest-v1.28.15-linux-arm64.tar.gz + v1.29.7: + envtest-v1.29.7-darwin-amd64.tar.gz: + hash: 4a97f9162ee882632aafda20e562dfb4011879f9ec6c8ffa4922e566933fc35292171cc837b50860e2e91238d820931a1fb8c3280541a180f6e9057178c71889 + selfLink: https://storage.googleapis.com/openshift-kubebuilder-tools/envtest-v1.29.7-darwin-amd64.tar.gz + envtest-v1.29.7-darwin-arm64.tar.gz: + hash: e810e04c14b1bba79c90c755ecb8b13094132a86339e78d1fe39029b9825b90b663d538b29d6ab4d905c22728efdf278881ee3f434f2215bc77157dee90a2bde + selfLink: https://storage.googleapis.com/openshift-kubebuilder-tools/envtest-v1.29.7-darwin-arm64.tar.gz + envtest-v1.29.7-linux-amd64.tar.gz: + hash: 91dcf683c95541691b8b9fdd332b0d3df56f8969b57c14797e990b9861ad71b2954f402913b5579f6afb99dce19817ba49542e2e276c7f70aeeb857a5ec1d57c + selfLink: https://storage.googleapis.com/openshift-kubebuilder-tools/envtest-v1.29.7-linux-amd64.tar.gz + envtest-v1.29.7-linux-arm64.tar.gz: + hash: 912333dee15e9cc068ebc5ef25591e16b9732cc70c23435efa72af352cffa9c25236d3982db910bd3a06172e9d57fc0d50585996f17c66ae1b80f0e2d3ef37b5 + selfLink: https://storage.googleapis.com/openshift-kubebuilder-tools/envtest-v1.29.7-linux-arm64.tar.gz v1.30.3: envtest-v1.30.3-darwin-amd64.tar.gz: hash: 81ab2ad5841522976d9a5fc58642b745cf308230b0f2e634acfb2d5c8f288ef837f7b82144a5e91db607d86885101e06dd473a68bcac0d71be2297edc4aaa92e diff --git a/vendor/github.com/openshift/api/etcd/install.go b/vendor/github.com/openshift/api/etcd/install.go index 7e7474152c..659816d814 100644 --- a/vendor/github.com/openshift/api/etcd/install.go +++ b/vendor/github.com/openshift/api/etcd/install.go @@ -5,6 +5,7 @@ import ( "k8s.io/apimachinery/pkg/runtime/schema" v1alpha1 "github.com/openshift/api/etcd/v1alpha1" + v1 "github.com/openshift/api/etcd/v1" ) const ( @@ -12,7 +13,7 @@ const ( ) var ( - schemeBuilder = runtime.NewSchemeBuilder(v1alpha1.Install) + schemeBuilder = runtime.NewSchemeBuilder(v1.Install, v1alpha1.Install) // Install is a function which adds every version of this group to a scheme Install = schemeBuilder.AddToScheme ) diff --git a/vendor/github.com/openshift/api/etcd/v1/Makefile b/vendor/github.com/openshift/api/etcd/v1/Makefile new file mode 100644 index 0000000000..6fa6435a24 --- /dev/null +++ b/vendor/github.com/openshift/api/etcd/v1/Makefile @@ -0,0 +1,3 @@ +.PHONY: test +test: + make -C ../../tests test GINKGO_EXTRA_ARGS=--focus="etcd.openshift.io/v1" diff --git a/vendor/github.com/openshift/api/etcd/v1/doc.go b/vendor/github.com/openshift/api/etcd/v1/doc.go new file mode 100644 index 0000000000..d1c4632de8 --- /dev/null +++ b/vendor/github.com/openshift/api/etcd/v1/doc.go @@ -0,0 +1,7 @@ +// +k8s:deepcopy-gen=package,register +// +k8s:defaulter-gen=TypeMeta +// +k8s:openapi-gen=true +// +k8s:openapi-model-package=com.github.openshift.api.etcd.v1 +// +openshift:featuregated-schema-gen=true +// +groupName=etcd.openshift.io +package v1 diff --git a/vendor/github.com/openshift/api/etcd/v1/register.go b/vendor/github.com/openshift/api/etcd/v1/register.go new file mode 100644 index 0000000000..1b59263043 --- /dev/null +++ b/vendor/github.com/openshift/api/etcd/v1/register.go @@ -0,0 +1,39 @@ +package v1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" +) + +var ( + GroupName = "etcd.openshift.io" + GroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1"} + schemeBuilder = runtime.NewSchemeBuilder(addKnownTypes) + // Install is a function which adds this version to a scheme + Install = schemeBuilder.AddToScheme + + // SchemeGroupVersion generated code relies on this name + // Deprecated + SchemeGroupVersion = GroupVersion + // AddToScheme exists solely to keep the old generators creating valid code + // DEPRECATED + AddToScheme = schemeBuilder.AddToScheme +) + +// Resource generated code relies on this being here, but it logically belongs to the group +// DEPRECATED +func Resource(resource string) schema.GroupResource { + return schema.GroupResource{Group: GroupName, Resource: resource} +} + +func addKnownTypes(scheme *runtime.Scheme) error { + metav1.AddToGroupVersion(scheme, GroupVersion) + + scheme.AddKnownTypes(GroupVersion, + &PacemakerCluster{}, + &PacemakerClusterList{}, + ) + + return nil +} diff --git a/vendor/github.com/openshift/api/etcd/v1/types_pacemakercluster.go b/vendor/github.com/openshift/api/etcd/v1/types_pacemakercluster.go new file mode 100644 index 0000000000..a481f5e1bd --- /dev/null +++ b/vendor/github.com/openshift/api/etcd/v1/types_pacemakercluster.go @@ -0,0 +1,737 @@ +package v1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +// PacemakerCluster is used in Two Node OpenShift with Fencing deployments to monitor the health +// of etcd running under pacemaker. + +// Cluster-level condition types for PacemakerCluster.status.conditions +const ( + // ClusterHealthyConditionType tracks the overall health of the pacemaker cluster. + // This is an aggregate condition that reflects the health of all cluster-level conditions and node health. + // Specifically, it aggregates the following conditions: + // - ClusterInServiceConditionType + // - ClusterNodeCountAsExpectedConditionType + // - NodeHealthyConditionType (for each node) + // When True, the cluster is healthy with reason "ClusterHealthy". + // When False, the cluster is unhealthy with reason "ClusterUnhealthy". + ClusterHealthyConditionType = "Healthy" + + // ClusterInServiceConditionType tracks whether the cluster is in service (not in maintenance mode). + // Maintenance mode is a cluster-wide setting that prevents pacemaker from starting or stopping resources. + // When True, the cluster is in service with reason "InService". This is the normal operating state. + // When False, the cluster is in maintenance mode with reason "InMaintenance". This is an unexpected state. + ClusterInServiceConditionType = "InService" + + // ClusterNodeCountAsExpectedConditionType tracks whether the cluster has the expected number of nodes. + // For Two Node OpenShift with Fencing, we are expecting exactly 2 nodes. + // When True, the expected number of nodes are present with reason "AsExpected". + // When False, the node count is incorrect with reason "InsufficientNodes" or "ExcessiveNodes". + ClusterNodeCountAsExpectedConditionType = "NodeCountAsExpected" +) + +// ClusterHealthy condition reasons +const ( + // ClusterHealthyReasonHealthy means the pacemaker cluster is healthy and operating normally. + ClusterHealthyReasonHealthy = "ClusterHealthy" + + // ClusterHealthyReasonUnhealthy means the pacemaker cluster has issues that need investigation. + ClusterHealthyReasonUnhealthy = "ClusterUnhealthy" +) + +// ClusterInService condition reasons +const ( + // ClusterInServiceReasonInService means the cluster is in service (not in maintenance mode). + // This is the normal operating state. + ClusterInServiceReasonInService = "InService" + + // ClusterInServiceReasonInMaintenance means the cluster is in maintenance mode. + // In maintenance mode, pacemaker will not start or stop any resources. Entering and exiting this state requires + // manual user intervention, and is unexpected during normal cluster operation. + ClusterInServiceReasonInMaintenance = "InMaintenance" +) + +// ClusterNodeCountAsExpected condition reasons +const ( + // ClusterNodeCountAsExpectedReasonAsExpected means the expected number of nodes are present. + // For Two Node OpenShift with Fencing, we are expecting exactly 2 nodes. This is the expected healthy state. + ClusterNodeCountAsExpectedReasonAsExpected = "AsExpected" + + // ClusterNodeCountAsExpectedReasonInsufficientNodes means fewer nodes than expected are present. + // For Two Node OpenShift with Fencing, this means that less than 2 nodes are present. Under normal operation, this will only happen during + // a node replacement operation. It's also possible to enter this state with manual user intervention, but + // will also require user intervention to restore normal functionality. + ClusterNodeCountAsExpectedReasonInsufficientNodes = "InsufficientNodes" + + // ClusterNodeCountAsExpectedReasonExcessiveNodes means more nodes than expected are present. + // For Two Node OpenShift with Fencing, this means more than 2 nodes are present. This should be investigated as it is unexpected and should + // never happen during normal cluster operation. It is possible to enter this state with manual user intervention, + // but will also require user intervention to restore normal functionality. + ClusterNodeCountAsExpectedReasonExcessiveNodes = "ExcessiveNodes" +) + +// Node-level condition types for PacemakerCluster.status.nodes[].conditions +const ( + // NodeHealthyConditionType tracks the overall health of a node in the pacemaker cluster. + // This is an aggregate condition that reflects the health of all node-level conditions and resource health. + // Specifically, it aggregates the following conditions: + // - NodeOnlineConditionType + // - NodeInServiceConditionType + // - NodeActiveConditionType + // - NodeReadyConditionType + // - NodeCleanConditionType + // - NodeMemberConditionType + // - NodeFencingAvailableConditionType + // - NodeFencingHealthyConditionType + // - ResourceHealthyConditionType (for each resource in the node's resources list) + // When True, the node is healthy with reason "NodeHealthy". + // When False, the node is unhealthy with reason "NodeUnhealthy". + NodeHealthyConditionType = "Healthy" + + // NodeOnlineConditionType tracks whether a node is online. + // When True, the node is online with reason "Online". This is the normal operating state. + // When False, the node is offline with reason "Offline". This can occur during reboots, failures, maintenance, or replacement. + NodeOnlineConditionType = "Online" + + // NodeInServiceConditionType tracks whether a node is in service (not in maintenance mode). + // A node in maintenance mode is ignored by pacemaker while maintenance mode is active. + // When True, the node is in service with reason "InService". This is the normal operating state. + // When False, the node is in maintenance mode with reason "InMaintenance". This is an unexpected state. + NodeInServiceConditionType = "InService" + + // NodeActiveConditionType tracks whether a node is active (not in standby mode). + // When a node enters standby mode, pacemaker moves its resources to other nodes in the cluster. + // In Two Node OpenShift with Fencing, we do not use standby mode during normal operation. + // When True, the node is active with reason "Active". This is the normal operating state. + // When False, the node is in standby mode with reason "Standby". This is an unexpected state. + NodeActiveConditionType = "Active" + + // NodeReadyConditionType tracks whether a node is ready (not in a pending state). + // A node in a pending state is in the process of joining or leaving the cluster. + // When True, the node is ready with reason "Ready". This is the normal operating state. + // When False, the node is pending with reason "Pending". This is expected to be temporary. + NodeReadyConditionType = "Ready" + + // NodeCleanConditionType tracks whether a node is in a clean state. + // An unclean state means that pacemaker was unable to confirm the node's state, which signifies issues + // in fencing, communication, or configuration. + // When True, the node is clean with reason "Clean". This is the normal operating state. + // When False, the node is unclean with reason "Unclean". This is an unexpected state. + NodeCleanConditionType = "Clean" + + // NodeMemberConditionType tracks whether a node is a member of the cluster. + // Some configurations may use remote nodes or ping nodes, which are nodes that are not members. + // For Two Node OpenShift with Fencing, we expect both nodes to be members. + // When True, the node is a member with reason "Member". This is the normal operating state. + // When False, the node is not a member with reason "NotMember". This is an unexpected state. + NodeMemberConditionType = "Member" + + // NodeFencingAvailableConditionType tracks whether a node can be fenced by at least one fencing agent. + // For Two Node OpenShift with Fencing, each node needs at least one healthy fencing agent to ensure + // that the cluster can recover from a node failure via STONITH (Shoot The Other Node In The Head). + // When True, at least one fencing agent is healthy with reason "FencingAvailable". + // When False, all fencing agents are unhealthy with reason "FencingUnavailable". This is a critical + // state that should degrade the operator. + NodeFencingAvailableConditionType = "FencingAvailable" + + // NodeFencingHealthyConditionType tracks whether all fencing agents for a node are healthy. + // This is an aggregate condition that reflects the health of all fencing agents targeting this node. + // When True, all fencing agents are healthy with reason "FencingHealthy". + // When False, one or more fencing agents are unhealthy with reason "FencingUnhealthy". Warning events + // should be emitted for failing agents, but the operator should not be degraded if FencingAvailable is True. + NodeFencingHealthyConditionType = "FencingHealthy" +) + +// NodeHealthy condition reasons +const ( + // NodeHealthyReasonHealthy means the node is healthy and operating normally. + NodeHealthyReasonHealthy = "NodeHealthy" + + // NodeHealthyReasonUnhealthy means the node has issues that need investigation. + NodeHealthyReasonUnhealthy = "NodeUnhealthy" +) + +// NodeOnline condition reasons +const ( + // NodeOnlineReasonOnline means the node is online. This is the normal operating state. + NodeOnlineReasonOnline = "Online" + + // NodeOnlineReasonOffline means the node is offline. + NodeOnlineReasonOffline = "Offline" +) + +// NodeInService condition reasons +const ( + // NodeInServiceReasonInService means the node is in service (not in maintenance mode). + // This is the normal operating state. + NodeInServiceReasonInService = "InService" + + // NodeInServiceReasonInMaintenance means the node is in maintenance mode. + // This is an unexpected state. + NodeInServiceReasonInMaintenance = "InMaintenance" +) + +// NodeActive condition reasons +const ( + // NodeActiveReasonActive means the node is active (not in standby mode). + // This is the normal operating state. + NodeActiveReasonActive = "Active" + + // NodeActiveReasonStandby means the node is in standby mode. + // This is an unexpected state. + NodeActiveReasonStandby = "Standby" +) + +// NodeReady condition reasons +const ( + // NodeReadyReasonReady means the node is ready (not in a pending state). + // This is the normal operating state. + NodeReadyReasonReady = "Ready" + + // NodeReadyReasonPending means the node is joining or leaving the cluster. + // This state is expected to be temporary. + NodeReadyReasonPending = "Pending" +) + +// NodeClean condition reasons +const ( + // NodeCleanReasonClean means the node is in a clean state. + // This is the normal operating state. + NodeCleanReasonClean = "Clean" + + // NodeCleanReasonUnclean means the node is in an unclean state. + // Pacemaker was unable to confirm the node's state, which signifies issues in fencing, communication, or configuration. + // This is an unexpected state. + NodeCleanReasonUnclean = "Unclean" +) + +// NodeMember condition reasons +const ( + // NodeMemberReasonMember means the node is a member of the cluster. + // For Two Node OpenShift with Fencing, we expect both nodes to be members. This is the normal operating state. + NodeMemberReasonMember = "Member" + + // NodeMemberReasonNotMember means the node is not a member of the cluster. + // This is an unexpected state. + NodeMemberReasonNotMember = "NotMember" +) + +// NodeFencingAvailable condition reasons +const ( + // NodeFencingAvailableReasonAvailable means at least one fencing agent for this node is healthy. + // The cluster can fence this node if needed. This is the normal operating state. + NodeFencingAvailableReasonAvailable = "FencingAvailable" + + // NodeFencingAvailableReasonUnavailable means all fencing agents for this node are unhealthy. + // The cluster cannot fence this node, which compromises high availability. + // This is a critical state that should degrade the operator. + NodeFencingAvailableReasonUnavailable = "FencingUnavailable" +) + +// NodeFencingHealthy condition reasons +const ( + // NodeFencingHealthyReasonHealthy means all fencing agents for this node are healthy. + // This is the ideal operating state with full redundancy. + NodeFencingHealthyReasonHealthy = "FencingHealthy" + + // NodeFencingHealthyReasonUnhealthy means one or more fencing agents for this node are unhealthy. + // Warning events should be emitted for failing agents, but the operator should not be degraded + // if FencingAvailable is still True. + NodeFencingHealthyReasonUnhealthy = "FencingUnhealthy" +) + +// Resource-level condition types for PacemakerCluster.status.nodes[].resources[].conditions +const ( + // ResourceHealthyConditionType tracks the overall health of a pacemaker resource. + // This is an aggregate condition that reflects the health of all resource-level conditions. + // Specifically, it aggregates the following conditions: + // - ResourceInServiceConditionType + // - ResourceManagedConditionType + // - ResourceEnabledConditionType + // - ResourceOperationalConditionType + // - ResourceActiveConditionType + // - ResourceStartedConditionType + // - ResourceSchedulableConditionType + // When True, the resource is healthy with reason "ResourceHealthy". + // When False, the resource is unhealthy with reason "ResourceUnhealthy". + ResourceHealthyConditionType = "Healthy" + + // ResourceInServiceConditionType tracks whether a resource is in service (not in maintenance mode). + // Resources in maintenance mode are not monitored or moved by pacemaker. + // In Two Node OpenShift with Fencing, we do not expect any resources to be in maintenance mode. + // When True, the resource is in service with reason "InService". This is the normal operating state. + // When False, the resource is in maintenance mode with reason "InMaintenance". This is an unexpected state. + ResourceInServiceConditionType = "InService" + + // ResourceManagedConditionType tracks whether a resource is managed by pacemaker. + // Resources that are not managed by pacemaker are effectively invisible to the pacemaker HA logic. + // For Two Node OpenShift with Fencing, all resources are expected to be managed. + // When True, the resource is managed with reason "Managed". This is the normal operating state. + // When False, the resource is not managed with reason "Unmanaged". This is an unexpected state. + ResourceManagedConditionType = "Managed" + + // ResourceEnabledConditionType tracks whether a resource is enabled. + // Resources that are disabled are stopped and not automatically managed or started by the cluster. + // In Two Node OpenShift with Fencing, we do not expect any resources to be disabled. + // When True, the resource is enabled with reason "Enabled". This is the normal operating state. + // When False, the resource is disabled with reason "Disabled". This is an unexpected state. + ResourceEnabledConditionType = "Enabled" + + // ResourceOperationalConditionType tracks whether a resource is operational (not failed). + // A failed resource is one that is not able to start or is in an error state. + // When True, the resource is operational with reason "Operational". This is the normal operating state. + // When False, the resource has failed with reason "Failed". This is an unexpected state. + ResourceOperationalConditionType = "Operational" + + // ResourceActiveConditionType tracks whether a resource is active. + // An active resource is running on a cluster node. + // In Two Node OpenShift with Fencing, all resources are expected to be active. + // When True, the resource is active with reason "Active". This is the normal operating state. + // When False, the resource is not active with reason "Inactive". This is an unexpected state. + ResourceActiveConditionType = "Active" + + // ResourceStartedConditionType tracks whether a resource is started. + // It's normal for a resource like etcd to become stopped in the event of a quorum loss event because + // the pacemaker recovery logic will fence a node and restore etcd quorum on the surviving node as a cluster-of-one. + // A resource that stays stopped for an extended period of time is an unexpected state and should be investigated. + // When True, the resource is started with reason "Started". This is the normal operating state. + // When False, the resource is not started with reason "Stopped". This is expected to be temporary. + ResourceStartedConditionType = "Started" + + // ResourceSchedulableConditionType tracks whether a resource is schedulable (not blocked). + // A resource that is not schedulable is unable to start or move to a different node. + // In Two Node OpenShift with Fencing, we do not expect any resources to be unschedulable. + // When True, the resource is schedulable with reason "Schedulable". This is the normal operating state. + // When False, the resource is not schedulable with reason "Unschedulable". This is an unexpected state. + ResourceSchedulableConditionType = "Schedulable" +) + +// ResourceHealthy condition reasons +const ( + // ResourceHealthyReasonHealthy means the resource is healthy and operating normally. + ResourceHealthyReasonHealthy = "ResourceHealthy" + + // ResourceHealthyReasonUnhealthy means the resource has issues that need investigation. + ResourceHealthyReasonUnhealthy = "ResourceUnhealthy" +) + +// ResourceInService condition reasons +const ( + // ResourceInServiceReasonInService means the resource is in service (not in maintenance mode). + // This is the normal operating state. + ResourceInServiceReasonInService = "InService" + + // ResourceInServiceReasonInMaintenance means the resource is in maintenance mode. + // Resources in maintenance mode are not monitored or moved by pacemaker. This is an unexpected state. + ResourceInServiceReasonInMaintenance = "InMaintenance" +) + +// ResourceManaged condition reasons +const ( + // ResourceManagedReasonManaged means the resource is managed by pacemaker. + // This is the normal operating state. + ResourceManagedReasonManaged = "Managed" + + // ResourceManagedReasonUnmanaged means the resource is not managed by pacemaker. + // Resources that are not managed by pacemaker are effectively invisible to the pacemaker HA logic. + // This is an unexpected state. + ResourceManagedReasonUnmanaged = "Unmanaged" +) + +// ResourceEnabled condition reasons +const ( + // ResourceEnabledReasonEnabled means the resource is enabled. + // This is the normal operating state. + ResourceEnabledReasonEnabled = "Enabled" + + // ResourceEnabledReasonDisabled means the resource is disabled. + // Resources that are disabled are stopped and not automatically managed or started by the cluster. + // This is an unexpected state. + ResourceEnabledReasonDisabled = "Disabled" +) + +// ResourceOperational condition reasons +const ( + // ResourceOperationalReasonOperational means the resource is operational (not failed). + // This is the normal operating state. + ResourceOperationalReasonOperational = "Operational" + + // ResourceOperationalReasonFailed means the resource has failed. + // A failed resource is one that is not able to start or is in an error state. This is an unexpected state. + ResourceOperationalReasonFailed = "Failed" +) + +// ResourceActive condition reasons +const ( + // ResourceActiveReasonActive means the resource is active. + // An active resource is running on a cluster node. This is the normal operating state. + ResourceActiveReasonActive = "Active" + + // ResourceActiveReasonInactive means the resource is not active. + // This is an unexpected state. + ResourceActiveReasonInactive = "Inactive" +) + +// ResourceStarted condition reasons +const ( + // ResourceStartedReasonStarted means the resource is started. + // This is the normal operating state. + ResourceStartedReasonStarted = "Started" + + // ResourceStartedReasonStopped means the resource is stopped. + // It's normal for a resource like etcd to become stopped in the event of a quorum loss event because + // the pacemaker recovery logic will fence a node and restore etcd quorum on the surviving node as a cluster-of-one. + // A resource that stays stopped for an extended period of time is an unexpected state and should be investigated. + ResourceStartedReasonStopped = "Stopped" +) + +// ResourceSchedulable condition reasons +const ( + // ResourceSchedulableReasonSchedulable means the resource is schedulable (not blocked). + // This is the normal operating state. + ResourceSchedulableReasonSchedulable = "Schedulable" + + // ResourceSchedulableReasonUnschedulable means the resource is not schedulable (blocked). + // A resource that is not schedulable is unable to start or move to a different node. This is an unexpected state. + ResourceSchedulableReasonUnschedulable = "Unschedulable" +) + +// PacemakerNodeAddressType represents the type of a node address. +// Currently only InternalIP is supported. +// +kubebuilder:validation:Enum=InternalIP +// +enum +type PacemakerNodeAddressType string + +const ( + // PacemakerNodeInternalIP is an internal IP address assigned to the node. + // This is typically the IP address used for intra-cluster communication. + PacemakerNodeInternalIP PacemakerNodeAddressType = "InternalIP" +) + +// PacemakerNodeAddress contains information for a node's address. +// This is similar to corev1.NodeAddress but adds validation for IP addresses. +type PacemakerNodeAddress struct { + // type is the type of node address. + // Currently only "InternalIP" is supported. + // +required + Type PacemakerNodeAddressType `json:"type,omitempty"` + + // address is the node address. + // For InternalIP, this must be a valid global unicast IPv4 or IPv6 address in canonical form. + // Canonical form means the shortest standard representation (e.g., "192.168.1.1" not "192.168.001.001", + // or "2001:db8::1" not "2001:0db8::1"). Maximum length is 39 characters (full IPv6 address). + // Global unicast includes private/RFC1918 addresses but excludes loopback, link-local, and multicast. + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=39 + // +kubebuilder:validation:XValidation:rule="isIP(self) && ip.isCanonical(self) && ip(self).isGlobalUnicast()",message="must be a valid global unicast IPv4 or IPv6 address in canonical form" + // +required + Address string `json:"address,omitempty"` +} + +// PacemakerClusterResourceName represents the name of a pacemaker resource. +// Fencing agents are tracked separately in the fencingAgents field. +// +kubebuilder:validation:Enum=Kubelet;Etcd +// +enum +type PacemakerClusterResourceName string + +// PacemakerClusterResourceName values +const ( + // PacemakerClusterResourceNameKubelet is the kubelet pacemaker resource. + // The kubelet resource is a prerequisite for etcd in Two Node OpenShift with Fencing deployments. + PacemakerClusterResourceNameKubelet PacemakerClusterResourceName = "Kubelet" + + // PacemakerClusterResourceNameEtcd is the etcd pacemaker resource. + // The etcd resource may temporarily transition to stopped during pacemaker quorum-recovery operations. + PacemakerClusterResourceNameEtcd PacemakerClusterResourceName = "Etcd" +) + +// FencingMethod represents the method used by a fencing agent to isolate failed nodes. +// Valid values are "Redfish" and "IPMI". +// +kubebuilder:validation:Enum=Redfish;IPMI +// +enum +type FencingMethod string + +// FencingMethod values +const ( + // FencingMethodRedfish uses Redfish, a standard RESTful API for server management. + FencingMethodRedfish FencingMethod = "Redfish" + + // FencingMethodIPMI uses IPMI (Intelligent Platform Management Interface), a hardware management interface. + FencingMethodIPMI FencingMethod = "IPMI" +) + +// +genclient +// +genclient:nonNamespaced +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +// PacemakerCluster represents the current state of the pacemaker cluster as reported by the pcs status command. +// PacemakerCluster is a cluster-scoped singleton resource. The name of this instance is "cluster". This +// resource provides a view into the health and status of a pacemaker-managed cluster in Two Node OpenShift with Fencing deployments. +// +// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). +// +openshift:compatibility-gen:level=1 +// +kubebuilder:object:root=true +// +kubebuilder:resource:path=pacemakerclusters,scope=Cluster,singular=pacemakercluster +// +kubebuilder:subresource:status +// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/2544 +// +openshift:file-pattern=cvoRunLevel=0000_25,operatorName=etcd,operatorOrdering=01,operatorComponent=two-node-fencing +// +openshift:enable:FeatureGate=DualReplica +// +kubebuilder:validation:XValidation:rule="self.metadata.name == 'cluster'",message="PacemakerCluster must be named 'cluster'" +// +kubebuilder:validation:XValidation:rule="!has(oldSelf.status) || has(self.status)",message="status may not be removed once set" +type PacemakerCluster struct { + metav1.TypeMeta `json:",inline"` + + // metadata is the standard object's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + // +required + metav1.ObjectMeta `json:"metadata,omitempty"` + + // status contains the actual pacemaker cluster status information collected from the cluster. + // The goal of this status is to be able to quickly identify if pacemaker is in a healthy state. + // In Two Node OpenShift with Fencing, a healthy pacemaker cluster has 2 nodes, both of which have healthy kubelet, etcd, and fencing resources. + // This field is optional on creation - the status collector populates it immediately after creating + // the resource via the status subresource. + // +optional + Status PacemakerClusterStatus `json:"status,omitzero"` +} + +// PacemakerClusterStatus contains the actual pacemaker cluster status information. As part of validating the status +// object, we need to ensure that the lastUpdated timestamp may not be set to an earlier timestamp than the current value. +// The validation rule checks if oldSelf has lastUpdated before comparing, to handle the initial status creation case. +// +kubebuilder:validation:XValidation:rule="!has(oldSelf.lastUpdated) || self.lastUpdated >= oldSelf.lastUpdated",message="lastUpdated may not be set to an earlier timestamp" +type PacemakerClusterStatus struct { + // conditions represent the observations of the pacemaker cluster's current state. + // Known condition types are: "Healthy", "InService", "NodeCountAsExpected". + // The "Healthy" condition is an aggregate that tracks the overall health of the cluster. + // The "InService" condition tracks whether the cluster is in service (not in maintenance mode). + // The "NodeCountAsExpected" condition tracks whether the expected number of nodes are present. + // Each of these conditions is required, so the array must contain at least 3 items. + // +listType=map + // +listMapKey=type + // +kubebuilder:validation:MinItems=3 + // +kubebuilder:validation:MaxItems=8 + // +kubebuilder:validation:XValidation:rule="self.exists(c, c.type == 'Healthy')",message="conditions must contain a condition of type Healthy" + // +kubebuilder:validation:XValidation:rule="self.exists(c, c.type == 'InService')",message="conditions must contain a condition of type InService" + // +kubebuilder:validation:XValidation:rule="self.exists(c, c.type == 'NodeCountAsExpected')",message="conditions must contain a condition of type NodeCountAsExpected" + // +required + Conditions []metav1.Condition `json:"conditions,omitempty"` + + // lastUpdated is the timestamp when this status was last updated. This is useful for identifying + // stale status reports. It must be a valid timestamp in RFC3339 format. Once set, this field cannot + // be removed and cannot be set to an earlier timestamp than the current value. + // +kubebuilder:validation:Format=date-time + // +required + LastUpdated metav1.Time `json:"lastUpdated,omitempty,omitzero"` + + // nodes provides detailed status for each control-plane node in the Pacemaker cluster. + // While Pacemaker supports up to 32 nodes, the limit is set to 5 (max OpenShift control-plane nodes). + // For Two Node OpenShift with Fencing, exactly 2 nodes are expected in a healthy cluster. + // An empty list indicates a catastrophic failure where Pacemaker reports no nodes. + // +listType=map + // +listMapKey=nodeName + // +kubebuilder:validation:MinItems=0 + // +kubebuilder:validation:MaxItems=5 + // +required + Nodes *[]PacemakerClusterNodeStatus `json:"nodes,omitempty"` +} + +// PacemakerClusterNodeStatus represents the status of a single node in the pacemaker cluster including +// the node's conditions and the health of critical resources running on that node. +type PacemakerClusterNodeStatus struct { + // conditions represent the observations of the node's current state. + // Known condition types are: "Healthy", "Online", "InService", "Active", "Ready", "Clean", "Member", + // "FencingAvailable", "FencingHealthy". + // The "Healthy" condition is an aggregate that tracks the overall health of the node. + // The "Online" condition tracks whether the node is online. + // The "InService" condition tracks whether the node is in service (not in maintenance mode). + // The "Active" condition tracks whether the node is active (not in standby mode). + // The "Ready" condition tracks whether the node is ready (not in a pending state). + // The "Clean" condition tracks whether the node is in a clean (status known) state. + // The "Member" condition tracks whether the node is a member of the cluster. + // The "FencingAvailable" condition tracks whether this node can be fenced by at least one healthy agent. + // The "FencingHealthy" condition tracks whether all fencing agents for this node are healthy. + // Each of these conditions is required, so the array must contain at least 9 items. + // +listType=map + // +listMapKey=type + // +kubebuilder:validation:MinItems=9 + // +kubebuilder:validation:MaxItems=16 + // +kubebuilder:validation:XValidation:rule="self.exists(c, c.type == 'Healthy')",message="conditions must contain a condition of type Healthy" + // +kubebuilder:validation:XValidation:rule="self.exists(c, c.type == 'Online')",message="conditions must contain a condition of type Online" + // +kubebuilder:validation:XValidation:rule="self.exists(c, c.type == 'InService')",message="conditions must contain a condition of type InService" + // +kubebuilder:validation:XValidation:rule="self.exists(c, c.type == 'Active')",message="conditions must contain a condition of type Active" + // +kubebuilder:validation:XValidation:rule="self.exists(c, c.type == 'Ready')",message="conditions must contain a condition of type Ready" + // +kubebuilder:validation:XValidation:rule="self.exists(c, c.type == 'Clean')",message="conditions must contain a condition of type Clean" + // +kubebuilder:validation:XValidation:rule="self.exists(c, c.type == 'Member')",message="conditions must contain a condition of type Member" + // +kubebuilder:validation:XValidation:rule="self.exists(c, c.type == 'FencingAvailable')",message="conditions must contain a condition of type FencingAvailable" + // +kubebuilder:validation:XValidation:rule="self.exists(c, c.type == 'FencingHealthy')",message="conditions must contain a condition of type FencingHealthy" + // +required + Conditions []metav1.Condition `json:"conditions,omitempty"` + + // nodeName is the name of the node. This is expected to match the Kubernetes node's name, which must be a lowercase + // RFC 1123 subdomain consisting of lowercase alphanumeric characters, '-' or '.', starting and ending with + // an alphanumeric character, and be at most 253 characters in length. + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=253 + // +kubebuilder:validation:XValidation:rule="!format.dns1123Subdomain().validate(self).hasValue()",message="nodeName must be a lowercase RFC 1123 subdomain consisting of lowercase alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character" + // +required + NodeName string `json:"nodeName,omitempty"` + + // addresses is a list of IP addresses for the node. + // Pacemaker allows multiple IP addresses for Corosync communication between nodes. + // The first address in this list is used for IP-based peer URLs for etcd membership. + // Each address must be a valid global unicast IPv4 or IPv6 address in canonical form + // (e.g., "192.168.1.1" not "192.168.001.001", or "2001:db8::1" not "2001:0db8::1"). + // This excludes loopback, link-local, and multicast addresses. + // +listType=atomic + // +kubebuilder:validation:MinItems=1 + // +kubebuilder:validation:MaxItems=8 + // +required + Addresses []PacemakerNodeAddress `json:"addresses,omitempty"` + + // resources contains the status of pacemaker resources scheduled on this node. + // Each resource entry includes the resource name and its health conditions. + // For Two Node OpenShift with Fencing, we track Kubelet and Etcd resources per node. + // Both resources are required to be present, so the array must contain at least 2 items. + // Valid resource names are "Kubelet" and "Etcd". + // Fencing agents are tracked separately in the fencingAgents field. + // +listType=map + // +listMapKey=name + // +kubebuilder:validation:MinItems=2 + // +kubebuilder:validation:MaxItems=8 + // +kubebuilder:validation:XValidation:rule="self.exists(r, r.name == 'Kubelet')",message="resources must contain a resource named Kubelet" + // +kubebuilder:validation:XValidation:rule="self.exists(r, r.name == 'Etcd')",message="resources must contain a resource named Etcd" + // +required + Resources []PacemakerClusterResourceStatus `json:"resources,omitempty"` + + // fencingAgents contains the status of fencing agents that can fence this node. + // Unlike resources (which are scheduled to run on this node), fencing agents are mapped + // to the node they can fence (their target), not the node where monitoring operations run. + // Each fencing agent entry includes a unique name, fencing type, target node, and health conditions. + // A node is considered fence-capable if at least one fencing agent is healthy. + // A healthy node is expected to have at least 1 fencing agent, but the list may be empty + // when fencing agent discovery fails. + // Names must be unique within this array. + // +listType=map + // +listMapKey=name + // +kubebuilder:validation:MinItems=0 + // +kubebuilder:validation:MaxItems=8 + // +kubebuilder:validation:XValidation:rule="self.all(x, self.exists_one(y, x.name == y.name))",message="fencing agent names must be unique" + // +required + FencingAgents []PacemakerClusterFencingAgentStatus `json:"fencingAgents,omitempty"` +} + +// PacemakerClusterFencingAgentStatus represents the status of a fencing agent that can fence a node. +// Fencing agents are STONITH (Shoot The Other Node In The Head) devices used to isolate failed nodes. +// Unlike regular pacemaker resources, fencing agents are mapped to their target node (the node they +// can fence), not the node where their monitoring operations are scheduled. +type PacemakerClusterFencingAgentStatus struct { + // conditions represent the observations of the fencing agent's current state. + // Known condition types are: "Healthy", "InService", "Managed", "Enabled", "Operational", + // "Active", "Started", "Schedulable". + // The "Healthy" condition is an aggregate that tracks the overall health of the fencing agent. + // The "InService" condition tracks whether the fencing agent is in service (not in maintenance mode). + // The "Managed" condition tracks whether the fencing agent is managed by pacemaker. + // The "Enabled" condition tracks whether the fencing agent is enabled. + // The "Operational" condition tracks whether the fencing agent is operational (not failed). + // The "Active" condition tracks whether the fencing agent is active (available to be used). + // The "Started" condition tracks whether the fencing agent is started. + // The "Schedulable" condition tracks whether the fencing agent is schedulable (not blocked). + // Each of these conditions is required, so the array must contain at least 8 items. + // +listType=map + // +listMapKey=type + // +kubebuilder:validation:MinItems=8 + // +kubebuilder:validation:MaxItems=16 + // +kubebuilder:validation:XValidation:rule="self.exists(c, c.type == 'Healthy')",message="conditions must contain a condition of type Healthy" + // +kubebuilder:validation:XValidation:rule="self.exists(c, c.type == 'InService')",message="conditions must contain a condition of type InService" + // +kubebuilder:validation:XValidation:rule="self.exists(c, c.type == 'Managed')",message="conditions must contain a condition of type Managed" + // +kubebuilder:validation:XValidation:rule="self.exists(c, c.type == 'Enabled')",message="conditions must contain a condition of type Enabled" + // +kubebuilder:validation:XValidation:rule="self.exists(c, c.type == 'Operational')",message="conditions must contain a condition of type Operational" + // +kubebuilder:validation:XValidation:rule="self.exists(c, c.type == 'Active')",message="conditions must contain a condition of type Active" + // +kubebuilder:validation:XValidation:rule="self.exists(c, c.type == 'Started')",message="conditions must contain a condition of type Started" + // +kubebuilder:validation:XValidation:rule="self.exists(c, c.type == 'Schedulable')",message="conditions must contain a condition of type Schedulable" + // +required + Conditions []metav1.Condition `json:"conditions,omitempty"` + + // name is the unique identifier for this fencing agent (e.g., "master-0_redfish"). + // The name must be unique within the fencingAgents array for this node. + // It may contain alphanumeric characters, dots, hyphens, and underscores. + // Maximum length is 300 characters, providing headroom beyond the typical format of + // _ (253 for RFC 1123 node name + 1 underscore + type). + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=300 + // +kubebuilder:validation:XValidation:rule="self.matches('^[a-zA-Z0-9._-]+$')",message="name must contain only alphanumeric characters, dots, hyphens, and underscores" + // +required + Name string `json:"name,omitempty"` + + // method is the fencing method used by this agent. + // Valid values are "Redfish" and "IPMI". + // Redfish is a standard RESTful API for server management. + // IPMI (Intelligent Platform Management Interface) is a hardware management interface. + // +required + Method FencingMethod `json:"method,omitempty"` +} + +// PacemakerClusterResourceStatus represents the status of a pacemaker resource scheduled on a node. +// A pacemaker resource is a unit of work managed by pacemaker. In pacemaker terminology, resources are services or +// applications that pacemaker monitors, starts, stops, and moves between nodes to maintain high availability. +// For Two Node OpenShift with Fencing, we track two resources per node: +// - Kubelet (the Kubernetes node agent and a prerequisite for etcd) +// - Etcd (the distributed key-value store) +// +// Fencing agents are tracked separately in the fencingAgents field because they are mapped to +// their target node (the node they can fence), not the node where monitoring operations are scheduled. +type PacemakerClusterResourceStatus struct { + // conditions represent the observations of the resource's current state. + // Known condition types are: "Healthy", "InService", "Managed", "Enabled", "Operational", + // "Active", "Started", "Schedulable". + // The "Healthy" condition is an aggregate that tracks the overall health of the resource. + // The "InService" condition tracks whether the resource is in service (not in maintenance mode). + // The "Managed" condition tracks whether the resource is managed by pacemaker. + // The "Enabled" condition tracks whether the resource is enabled. + // The "Operational" condition tracks whether the resource is operational (not failed). + // The "Active" condition tracks whether the resource is active (available to be used). + // The "Started" condition tracks whether the resource is started. + // The "Schedulable" condition tracks whether the resource is schedulable (not blocked). + // Each of these conditions is required, so the array must contain at least 8 items. + // +listType=map + // +listMapKey=type + // +kubebuilder:validation:MinItems=8 + // +kubebuilder:validation:MaxItems=16 + // +kubebuilder:validation:XValidation:rule="self.exists(c, c.type == 'Healthy')",message="conditions must contain a condition of type Healthy" + // +kubebuilder:validation:XValidation:rule="self.exists(c, c.type == 'InService')",message="conditions must contain a condition of type InService" + // +kubebuilder:validation:XValidation:rule="self.exists(c, c.type == 'Managed')",message="conditions must contain a condition of type Managed" + // +kubebuilder:validation:XValidation:rule="self.exists(c, c.type == 'Enabled')",message="conditions must contain a condition of type Enabled" + // +kubebuilder:validation:XValidation:rule="self.exists(c, c.type == 'Operational')",message="conditions must contain a condition of type Operational" + // +kubebuilder:validation:XValidation:rule="self.exists(c, c.type == 'Active')",message="conditions must contain a condition of type Active" + // +kubebuilder:validation:XValidation:rule="self.exists(c, c.type == 'Started')",message="conditions must contain a condition of type Started" + // +kubebuilder:validation:XValidation:rule="self.exists(c, c.type == 'Schedulable')",message="conditions must contain a condition of type Schedulable" + // +required + Conditions []metav1.Condition `json:"conditions,omitempty"` + + // name is the name of the pacemaker resource. + // Valid values are "Kubelet" and "Etcd". + // The Kubelet resource is a prerequisite for etcd in Two Node OpenShift with Fencing deployments. + // The Etcd resource may temporarily transition to stopped during pacemaker quorum-recovery operations. + // Fencing agents are tracked separately in the node's fencingAgents field. + // +required + Name PacemakerClusterResourceName `json:"name,omitempty"` +} + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +// PacemakerClusterList contains a list of PacemakerCluster objects. PacemakerCluster is a cluster-scoped singleton +// resource; only one instance named "cluster" may exist. This list type exists only to satisfy Kubernetes API +// conventions. +// +// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). +// +openshift:compatibility-gen:level=1 +type PacemakerClusterList struct { + metav1.TypeMeta `json:",inline"` + + // metadata is the standard list's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + metav1.ListMeta `json:"metadata,omitempty"` + + // items is a list of PacemakerCluster objects. + Items []PacemakerCluster `json:"items"` +} diff --git a/vendor/github.com/openshift/api/etcd/v1/zz_generated.deepcopy.go b/vendor/github.com/openshift/api/etcd/v1/zz_generated.deepcopy.go new file mode 100644 index 0000000000..c529240e40 --- /dev/null +++ b/vendor/github.com/openshift/api/etcd/v1/zz_generated.deepcopy.go @@ -0,0 +1,210 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Code generated by codegen. DO NOT EDIT. + +package v1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" +) + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PacemakerCluster) DeepCopyInto(out *PacemakerCluster) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Status.DeepCopyInto(&out.Status) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PacemakerCluster. +func (in *PacemakerCluster) DeepCopy() *PacemakerCluster { + if in == nil { + return nil + } + out := new(PacemakerCluster) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *PacemakerCluster) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PacemakerClusterFencingAgentStatus) DeepCopyInto(out *PacemakerClusterFencingAgentStatus) { + *out = *in + if in.Conditions != nil { + in, out := &in.Conditions, &out.Conditions + *out = make([]metav1.Condition, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PacemakerClusterFencingAgentStatus. +func (in *PacemakerClusterFencingAgentStatus) DeepCopy() *PacemakerClusterFencingAgentStatus { + if in == nil { + return nil + } + out := new(PacemakerClusterFencingAgentStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PacemakerClusterList) DeepCopyInto(out *PacemakerClusterList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]PacemakerCluster, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PacemakerClusterList. +func (in *PacemakerClusterList) DeepCopy() *PacemakerClusterList { + if in == nil { + return nil + } + out := new(PacemakerClusterList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *PacemakerClusterList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PacemakerClusterNodeStatus) DeepCopyInto(out *PacemakerClusterNodeStatus) { + *out = *in + if in.Conditions != nil { + in, out := &in.Conditions, &out.Conditions + *out = make([]metav1.Condition, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Addresses != nil { + in, out := &in.Addresses, &out.Addresses + *out = make([]PacemakerNodeAddress, len(*in)) + copy(*out, *in) + } + if in.Resources != nil { + in, out := &in.Resources, &out.Resources + *out = make([]PacemakerClusterResourceStatus, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.FencingAgents != nil { + in, out := &in.FencingAgents, &out.FencingAgents + *out = make([]PacemakerClusterFencingAgentStatus, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PacemakerClusterNodeStatus. +func (in *PacemakerClusterNodeStatus) DeepCopy() *PacemakerClusterNodeStatus { + if in == nil { + return nil + } + out := new(PacemakerClusterNodeStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PacemakerClusterResourceStatus) DeepCopyInto(out *PacemakerClusterResourceStatus) { + *out = *in + if in.Conditions != nil { + in, out := &in.Conditions, &out.Conditions + *out = make([]metav1.Condition, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PacemakerClusterResourceStatus. +func (in *PacemakerClusterResourceStatus) DeepCopy() *PacemakerClusterResourceStatus { + if in == nil { + return nil + } + out := new(PacemakerClusterResourceStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PacemakerClusterStatus) DeepCopyInto(out *PacemakerClusterStatus) { + *out = *in + if in.Conditions != nil { + in, out := &in.Conditions, &out.Conditions + *out = make([]metav1.Condition, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + in.LastUpdated.DeepCopyInto(&out.LastUpdated) + if in.Nodes != nil { + in, out := &in.Nodes, &out.Nodes + *out = new([]PacemakerClusterNodeStatus) + if **in != nil { + in, out := *in, *out + *out = make([]PacemakerClusterNodeStatus, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PacemakerClusterStatus. +func (in *PacemakerClusterStatus) DeepCopy() *PacemakerClusterStatus { + if in == nil { + return nil + } + out := new(PacemakerClusterStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PacemakerNodeAddress) DeepCopyInto(out *PacemakerNodeAddress) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PacemakerNodeAddress. +func (in *PacemakerNodeAddress) DeepCopy() *PacemakerNodeAddress { + if in == nil { + return nil + } + out := new(PacemakerNodeAddress) + in.DeepCopyInto(out) + return out +} diff --git a/vendor/github.com/openshift/api/etcd/v1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/etcd/v1/zz_generated.featuregated-crd-manifests.yaml new file mode 100644 index 0000000000..1a11a877c4 --- /dev/null +++ b/vendor/github.com/openshift/api/etcd/v1/zz_generated.featuregated-crd-manifests.yaml @@ -0,0 +1,23 @@ +pacemakerclusters.etcd.openshift.io: + Annotations: {} + ApprovedPRNumber: https://github.com/openshift/api/pull/2544 + CRDName: pacemakerclusters.etcd.openshift.io + Capability: "" + Category: "" + FeatureGates: + - DualReplica + FilenameOperatorName: etcd + FilenameOperatorOrdering: "01" + FilenameRunLevel: "0000_25" + GroupName: etcd.openshift.io + HasStatus: true + KindName: PacemakerCluster + Labels: {} + PluralName: pacemakerclusters + PrinterColumns: [] + Scope: Cluster + ShortNames: null + TopLevelFeatureGates: + - DualReplica + Version: v1 + diff --git a/vendor/github.com/openshift/api/etcd/v1/zz_generated.model_name.go b/vendor/github.com/openshift/api/etcd/v1/zz_generated.model_name.go new file mode 100644 index 0000000000..9e13a7167e --- /dev/null +++ b/vendor/github.com/openshift/api/etcd/v1/zz_generated.model_name.go @@ -0,0 +1,41 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Code generated by codegen. DO NOT EDIT. + +package v1 + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PacemakerCluster) OpenAPIModelName() string { + return "com.github.openshift.api.etcd.v1.PacemakerCluster" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PacemakerClusterFencingAgentStatus) OpenAPIModelName() string { + return "com.github.openshift.api.etcd.v1.PacemakerClusterFencingAgentStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PacemakerClusterList) OpenAPIModelName() string { + return "com.github.openshift.api.etcd.v1.PacemakerClusterList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PacemakerClusterNodeStatus) OpenAPIModelName() string { + return "com.github.openshift.api.etcd.v1.PacemakerClusterNodeStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PacemakerClusterResourceStatus) OpenAPIModelName() string { + return "com.github.openshift.api.etcd.v1.PacemakerClusterResourceStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PacemakerClusterStatus) OpenAPIModelName() string { + return "com.github.openshift.api.etcd.v1.PacemakerClusterStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PacemakerNodeAddress) OpenAPIModelName() string { + return "com.github.openshift.api.etcd.v1.PacemakerNodeAddress" +} diff --git a/vendor/github.com/openshift/api/etcd/v1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/etcd/v1/zz_generated.swagger_doc_generated.go new file mode 100644 index 0000000000..e9e47b47cf --- /dev/null +++ b/vendor/github.com/openshift/api/etcd/v1/zz_generated.swagger_doc_generated.go @@ -0,0 +1,89 @@ +package v1 + +// This file contains a collection of methods that can be used from go-restful to +// generate Swagger API documentation for its models. Please read this PR for more +// information on the implementation: https://github.com/emicklei/go-restful/pull/215 +// +// TODOs are ignored from the parser (e.g. TODO(andronat):... || TODO:...) if and only if +// they are on one line! For multiple line or blocks that you want to ignore use ---. +// Any context after a --- is ignored. +// +// Those methods can be generated by using hack/update-swagger-docs.sh + +// AUTO-GENERATED FUNCTIONS START HERE +var map_PacemakerCluster = map[string]string{ + "": "PacemakerCluster represents the current state of the pacemaker cluster as reported by the pcs status command. PacemakerCluster is a cluster-scoped singleton resource. The name of this instance is \"cluster\". This resource provides a view into the health and status of a pacemaker-managed cluster in Two Node OpenShift with Fencing deployments.\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", + "metadata": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", + "status": "status contains the actual pacemaker cluster status information collected from the cluster. The goal of this status is to be able to quickly identify if pacemaker is in a healthy state. In Two Node OpenShift with Fencing, a healthy pacemaker cluster has 2 nodes, both of which have healthy kubelet, etcd, and fencing resources. This field is optional on creation - the status collector populates it immediately after creating the resource via the status subresource.", +} + +func (PacemakerCluster) SwaggerDoc() map[string]string { + return map_PacemakerCluster +} + +var map_PacemakerClusterFencingAgentStatus = map[string]string{ + "": "PacemakerClusterFencingAgentStatus represents the status of a fencing agent that can fence a node. Fencing agents are STONITH (Shoot The Other Node In The Head) devices used to isolate failed nodes. Unlike regular pacemaker resources, fencing agents are mapped to their target node (the node they can fence), not the node where their monitoring operations are scheduled.", + "conditions": "conditions represent the observations of the fencing agent's current state. Known condition types are: \"Healthy\", \"InService\", \"Managed\", \"Enabled\", \"Operational\", \"Active\", \"Started\", \"Schedulable\". The \"Healthy\" condition is an aggregate that tracks the overall health of the fencing agent. The \"InService\" condition tracks whether the fencing agent is in service (not in maintenance mode). The \"Managed\" condition tracks whether the fencing agent is managed by pacemaker. The \"Enabled\" condition tracks whether the fencing agent is enabled. The \"Operational\" condition tracks whether the fencing agent is operational (not failed). The \"Active\" condition tracks whether the fencing agent is active (available to be used). The \"Started\" condition tracks whether the fencing agent is started. The \"Schedulable\" condition tracks whether the fencing agent is schedulable (not blocked). Each of these conditions is required, so the array must contain at least 8 items.", + "name": "name is the unique identifier for this fencing agent (e.g., \"master-0_redfish\"). The name must be unique within the fencingAgents array for this node. It may contain alphanumeric characters, dots, hyphens, and underscores. Maximum length is 300 characters, providing headroom beyond the typical format of _ (253 for RFC 1123 node name + 1 underscore + type).", + "method": "method is the fencing method used by this agent. Valid values are \"Redfish\" and \"IPMI\". Redfish is a standard RESTful API for server management. IPMI (Intelligent Platform Management Interface) is a hardware management interface.", +} + +func (PacemakerClusterFencingAgentStatus) SwaggerDoc() map[string]string { + return map_PacemakerClusterFencingAgentStatus +} + +var map_PacemakerClusterList = map[string]string{ + "": "PacemakerClusterList contains a list of PacemakerCluster objects. PacemakerCluster is a cluster-scoped singleton resource; only one instance named \"cluster\" may exist. This list type exists only to satisfy Kubernetes API conventions.\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", + "metadata": "metadata is the standard list's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", + "items": "items is a list of PacemakerCluster objects.", +} + +func (PacemakerClusterList) SwaggerDoc() map[string]string { + return map_PacemakerClusterList +} + +var map_PacemakerClusterNodeStatus = map[string]string{ + "": "PacemakerClusterNodeStatus represents the status of a single node in the pacemaker cluster including the node's conditions and the health of critical resources running on that node.", + "conditions": "conditions represent the observations of the node's current state. Known condition types are: \"Healthy\", \"Online\", \"InService\", \"Active\", \"Ready\", \"Clean\", \"Member\", \"FencingAvailable\", \"FencingHealthy\". The \"Healthy\" condition is an aggregate that tracks the overall health of the node. The \"Online\" condition tracks whether the node is online. The \"InService\" condition tracks whether the node is in service (not in maintenance mode). The \"Active\" condition tracks whether the node is active (not in standby mode). The \"Ready\" condition tracks whether the node is ready (not in a pending state). The \"Clean\" condition tracks whether the node is in a clean (status known) state. The \"Member\" condition tracks whether the node is a member of the cluster. The \"FencingAvailable\" condition tracks whether this node can be fenced by at least one healthy agent. The \"FencingHealthy\" condition tracks whether all fencing agents for this node are healthy. Each of these conditions is required, so the array must contain at least 9 items.", + "nodeName": "nodeName is the name of the node. This is expected to match the Kubernetes node's name, which must be a lowercase RFC 1123 subdomain consisting of lowercase alphanumeric characters, '-' or '.', starting and ending with an alphanumeric character, and be at most 253 characters in length.", + "addresses": "addresses is a list of IP addresses for the node. Pacemaker allows multiple IP addresses for Corosync communication between nodes. The first address in this list is used for IP-based peer URLs for etcd membership. Each address must be a valid global unicast IPv4 or IPv6 address in canonical form (e.g., \"192.168.1.1\" not \"192.168.001.001\", or \"2001:db8::1\" not \"2001:0db8::1\"). This excludes loopback, link-local, and multicast addresses.", + "resources": "resources contains the status of pacemaker resources scheduled on this node. Each resource entry includes the resource name and its health conditions. For Two Node OpenShift with Fencing, we track Kubelet and Etcd resources per node. Both resources are required to be present, so the array must contain at least 2 items. Valid resource names are \"Kubelet\" and \"Etcd\". Fencing agents are tracked separately in the fencingAgents field.", + "fencingAgents": "fencingAgents contains the status of fencing agents that can fence this node. Unlike resources (which are scheduled to run on this node), fencing agents are mapped to the node they can fence (their target), not the node where monitoring operations run. Each fencing agent entry includes a unique name, fencing type, target node, and health conditions. A node is considered fence-capable if at least one fencing agent is healthy. A healthy node is expected to have at least 1 fencing agent, but the list may be empty when fencing agent discovery fails. Names must be unique within this array.", +} + +func (PacemakerClusterNodeStatus) SwaggerDoc() map[string]string { + return map_PacemakerClusterNodeStatus +} + +var map_PacemakerClusterResourceStatus = map[string]string{ + "": "PacemakerClusterResourceStatus represents the status of a pacemaker resource scheduled on a node. A pacemaker resource is a unit of work managed by pacemaker. In pacemaker terminology, resources are services or applications that pacemaker monitors, starts, stops, and moves between nodes to maintain high availability. For Two Node OpenShift with Fencing, we track two resources per node:\n - Kubelet (the Kubernetes node agent and a prerequisite for etcd)\n - Etcd (the distributed key-value store)\n\nFencing agents are tracked separately in the fencingAgents field because they are mapped to their target node (the node they can fence), not the node where monitoring operations are scheduled.", + "conditions": "conditions represent the observations of the resource's current state. Known condition types are: \"Healthy\", \"InService\", \"Managed\", \"Enabled\", \"Operational\", \"Active\", \"Started\", \"Schedulable\". The \"Healthy\" condition is an aggregate that tracks the overall health of the resource. The \"InService\" condition tracks whether the resource is in service (not in maintenance mode). The \"Managed\" condition tracks whether the resource is managed by pacemaker. The \"Enabled\" condition tracks whether the resource is enabled. The \"Operational\" condition tracks whether the resource is operational (not failed). The \"Active\" condition tracks whether the resource is active (available to be used). The \"Started\" condition tracks whether the resource is started. The \"Schedulable\" condition tracks whether the resource is schedulable (not blocked). Each of these conditions is required, so the array must contain at least 8 items.", + "name": "name is the name of the pacemaker resource. Valid values are \"Kubelet\" and \"Etcd\". The Kubelet resource is a prerequisite for etcd in Two Node OpenShift with Fencing deployments. The Etcd resource may temporarily transition to stopped during pacemaker quorum-recovery operations. Fencing agents are tracked separately in the node's fencingAgents field.", +} + +func (PacemakerClusterResourceStatus) SwaggerDoc() map[string]string { + return map_PacemakerClusterResourceStatus +} + +var map_PacemakerClusterStatus = map[string]string{ + "": "PacemakerClusterStatus contains the actual pacemaker cluster status information. As part of validating the status object, we need to ensure that the lastUpdated timestamp may not be set to an earlier timestamp than the current value. The validation rule checks if oldSelf has lastUpdated before comparing, to handle the initial status creation case.", + "conditions": "conditions represent the observations of the pacemaker cluster's current state. Known condition types are: \"Healthy\", \"InService\", \"NodeCountAsExpected\". The \"Healthy\" condition is an aggregate that tracks the overall health of the cluster. The \"InService\" condition tracks whether the cluster is in service (not in maintenance mode). The \"NodeCountAsExpected\" condition tracks whether the expected number of nodes are present. Each of these conditions is required, so the array must contain at least 3 items.", + "lastUpdated": "lastUpdated is the timestamp when this status was last updated. This is useful for identifying stale status reports. It must be a valid timestamp in RFC3339 format. Once set, this field cannot be removed and cannot be set to an earlier timestamp than the current value.", + "nodes": "nodes provides detailed status for each control-plane node in the Pacemaker cluster. While Pacemaker supports up to 32 nodes, the limit is set to 5 (max OpenShift control-plane nodes). For Two Node OpenShift with Fencing, exactly 2 nodes are expected in a healthy cluster. An empty list indicates a catastrophic failure where Pacemaker reports no nodes.", +} + +func (PacemakerClusterStatus) SwaggerDoc() map[string]string { + return map_PacemakerClusterStatus +} + +var map_PacemakerNodeAddress = map[string]string{ + "": "PacemakerNodeAddress contains information for a node's address. This is similar to corev1.NodeAddress but adds validation for IP addresses.", + "type": "type is the type of node address. Currently only \"InternalIP\" is supported.", + "address": "address is the node address. For InternalIP, this must be a valid global unicast IPv4 or IPv6 address in canonical form. Canonical form means the shortest standard representation (e.g., \"192.168.1.1\" not \"192.168.001.001\", or \"2001:db8::1\" not \"2001:0db8::1\"). Maximum length is 39 characters (full IPv6 address). Global unicast includes private/RFC1918 addresses but excludes loopback, link-local, and multicast.", +} + +func (PacemakerNodeAddress) SwaggerDoc() map[string]string { + return map_PacemakerNodeAddress +} + +// AUTO-GENERATED FUNCTIONS END HERE diff --git a/vendor/github.com/openshift/api/etcd/v1alpha1/doc.go b/vendor/github.com/openshift/api/etcd/v1alpha1/doc.go index aea92fb381..c93f9a586c 100644 --- a/vendor/github.com/openshift/api/etcd/v1alpha1/doc.go +++ b/vendor/github.com/openshift/api/etcd/v1alpha1/doc.go @@ -1,6 +1,7 @@ // +k8s:deepcopy-gen=package,register // +k8s:defaulter-gen=TypeMeta // +k8s:openapi-gen=true +// +k8s:openapi-model-package=com.github.openshift.api.etcd.v1alpha1 // +openshift:featuregated-schema-gen=true // +groupName=etcd.openshift.io package v1alpha1 diff --git a/vendor/github.com/openshift/api/etcd/v1alpha1/types_pacemakercluster.go b/vendor/github.com/openshift/api/etcd/v1alpha1/types_pacemakercluster.go index ab06d0e390..b627413474 100644 --- a/vendor/github.com/openshift/api/etcd/v1alpha1/types_pacemakercluster.go +++ b/vendor/github.com/openshift/api/etcd/v1alpha1/types_pacemakercluster.go @@ -609,11 +609,12 @@ type PacemakerClusterNodeStatus struct { // to the node they can fence (their target), not the node where monitoring operations run. // Each fencing agent entry includes a unique name, fencing type, target node, and health conditions. // A node is considered fence-capable if at least one fencing agent is healthy. - // Expected to have 1 fencing agent per node, but up to 8 are supported for redundancy. + // A healthy node is expected to have at least 1 fencing agent, but the list may be empty + // when fencing agent discovery fails. // Names must be unique within this array. // +listType=map // +listMapKey=name - // +kubebuilder:validation:MinItems=1 + // +kubebuilder:validation:MinItems=0 // +kubebuilder:validation:MaxItems=8 // +kubebuilder:validation:XValidation:rule="self.all(x, self.exists_one(y, x.name == y.name))",message="fencing agent names must be unique" // +required diff --git a/vendor/github.com/openshift/api/etcd/v1alpha1/zz_generated.model_name.go b/vendor/github.com/openshift/api/etcd/v1alpha1/zz_generated.model_name.go new file mode 100644 index 0000000000..11fac8dad4 --- /dev/null +++ b/vendor/github.com/openshift/api/etcd/v1alpha1/zz_generated.model_name.go @@ -0,0 +1,41 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Code generated by codegen. DO NOT EDIT. + +package v1alpha1 + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PacemakerCluster) OpenAPIModelName() string { + return "com.github.openshift.api.etcd.v1alpha1.PacemakerCluster" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PacemakerClusterFencingAgentStatus) OpenAPIModelName() string { + return "com.github.openshift.api.etcd.v1alpha1.PacemakerClusterFencingAgentStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PacemakerClusterList) OpenAPIModelName() string { + return "com.github.openshift.api.etcd.v1alpha1.PacemakerClusterList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PacemakerClusterNodeStatus) OpenAPIModelName() string { + return "com.github.openshift.api.etcd.v1alpha1.PacemakerClusterNodeStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PacemakerClusterResourceStatus) OpenAPIModelName() string { + return "com.github.openshift.api.etcd.v1alpha1.PacemakerClusterResourceStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PacemakerClusterStatus) OpenAPIModelName() string { + return "com.github.openshift.api.etcd.v1alpha1.PacemakerClusterStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PacemakerNodeAddress) OpenAPIModelName() string { + return "com.github.openshift.api.etcd.v1alpha1.PacemakerNodeAddress" +} diff --git a/vendor/github.com/openshift/api/etcd/v1alpha1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/etcd/v1alpha1/zz_generated.swagger_doc_generated.go index 62e1c3ebd7..dc6f224288 100644 --- a/vendor/github.com/openshift/api/etcd/v1alpha1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/etcd/v1alpha1/zz_generated.swagger_doc_generated.go @@ -48,7 +48,7 @@ var map_PacemakerClusterNodeStatus = map[string]string{ "nodeName": "nodeName is the name of the node. This is expected to match the Kubernetes node's name, which must be a lowercase RFC 1123 subdomain consisting of lowercase alphanumeric characters, '-' or '.', starting and ending with an alphanumeric character, and be at most 253 characters in length.", "addresses": "addresses is a list of IP addresses for the node. Pacemaker allows multiple IP addresses for Corosync communication between nodes. The first address in this list is used for IP-based peer URLs for etcd membership. Each address must be a valid global unicast IPv4 or IPv6 address in canonical form (e.g., \"192.168.1.1\" not \"192.168.001.001\", or \"2001:db8::1\" not \"2001:0db8::1\"). This excludes loopback, link-local, and multicast addresses.", "resources": "resources contains the status of pacemaker resources scheduled on this node. Each resource entry includes the resource name and its health conditions. For Two Node OpenShift with Fencing, we track Kubelet and Etcd resources per node. Both resources are required to be present, so the array must contain at least 2 items. Valid resource names are \"Kubelet\" and \"Etcd\". Fencing agents are tracked separately in the fencingAgents field.", - "fencingAgents": "fencingAgents contains the status of fencing agents that can fence this node. Unlike resources (which are scheduled to run on this node), fencing agents are mapped to the node they can fence (their target), not the node where monitoring operations run. Each fencing agent entry includes a unique name, fencing type, target node, and health conditions. A node is considered fence-capable if at least one fencing agent is healthy. Expected to have 1 fencing agent per node, but up to 8 are supported for redundancy. Names must be unique within this array.", + "fencingAgents": "fencingAgents contains the status of fencing agents that can fence this node. Unlike resources (which are scheduled to run on this node), fencing agents are mapped to the node they can fence (their target), not the node where monitoring operations run. Each fencing agent entry includes a unique name, fencing type, target node, and health conditions. A node is considered fence-capable if at least one fencing agent is healthy. A healthy node is expected to have at least 1 fencing agent, but the list may be empty when fencing agent discovery fails. Names must be unique within this array.", } func (PacemakerClusterNodeStatus) SwaggerDoc() map[string]string { diff --git a/vendor/github.com/openshift/api/features.md b/vendor/github.com/openshift/api/features.md index d2c7601014..2959484d4e 100644 --- a/vendor/github.com/openshift/api/features.md +++ b/vendor/github.com/openshift/api/features.md @@ -3,35 +3,39 @@ | ClientsAllowCBOR| | | | | | | | | | ClusterAPIInstall| | | | | | | | | | EventedPLEG| | | | | | | | | +| MachineAPIMigrationAzure| | | | | | | | | +| MachineAPIMigrationBareMetal| | | | | | | | | +| MachineAPIMigrationGCP| | | | | | | | | +| MachineAPIMigrationPowerVS| | | | | | | | | | MachineAPIOperatorDisableMachineHealthCheckController| | | | | | | | | | MultiArchInstallAzure| | | | | | | | | | ShortCertRotation| | | | | | | | | +| MutableTopology| | | | Enabled | | | | | | ClusterAPIComputeInstall| | | Enabled | Enabled | | | | | | ClusterAPIControlPlaneInstall| | | Enabled | Enabled | | | | | | ClusterUpdatePreflight| | | Enabled | Enabled | | | | | +| ConfidentialCluster| | | Enabled | Enabled | | | | | | Example2| | | Enabled | Enabled | | | | | | ExternalOIDCExternalClaimsSourcing| | | Enabled | Enabled | | | | | -| ExternalSnapshotMetadata| | | Enabled | Enabled | | | | | -| KMSEncryptionProvider| | | Enabled | Enabled | | | | | | MachineAPIMigrationVSphere| | | Enabled | Enabled | | | | | | NetworkConnect| | | Enabled | Enabled | | | | | | NewOLMBoxCutterRuntime| | | | Enabled | | | | Enabled | | NewOLMCatalogdAPIV1Metas| | | | Enabled | | | | Enabled | +| NewOLMConfigAPI| | | | Enabled | | | | Enabled | +| NewOLMOwnSingleNamespace| | | | Enabled | | | | Enabled | | NewOLMPreflightPermissionChecks| | | | Enabled | | | | Enabled | | NoRegistryClusterInstall| | | | Enabled | | | | Enabled | +| OLMLifecycleAndCompatibility| | | | Enabled | | | | Enabled | | ProvisioningRequestAvailable| | | Enabled | Enabled | | | | | | AWSClusterHostedDNS| | | Enabled | Enabled | | | Enabled | Enabled | -| AWSClusterHostedDNSInstall| | | Enabled | Enabled | | | Enabled | Enabled | | AWSDedicatedHosts| | | Enabled | Enabled | | | Enabled | Enabled | | AWSDualStackInstall| | | Enabled | Enabled | | | Enabled | Enabled | -| AWSServiceLBNetworkSecurityGroup| | | Enabled | Enabled | | | Enabled | Enabled | +| AWSEuropeanSovereignCloudInstall| | | Enabled | Enabled | | | Enabled | Enabled | | AdditionalStorageConfig| | | Enabled | Enabled | | | Enabled | Enabled | | AutomatedEtcdBackup| | | Enabled | Enabled | | | Enabled | Enabled | -| AzureClusterHostedDNSInstall| | | Enabled | Enabled | | | Enabled | Enabled | | AzureDedicatedHosts| | | Enabled | Enabled | | | Enabled | Enabled | | AzureDualStackInstall| | | Enabled | Enabled | | | Enabled | Enabled | | AzureMultiDisk| | | Enabled | Enabled | | | Enabled | Enabled | -| BootImageSkewEnforcement| | | Enabled | Enabled | | | Enabled | Enabled | | BootcNodeManagement| | | Enabled | Enabled | | | Enabled | Enabled | | CBORServingAndStorage| | | Enabled | Enabled | | | Enabled | Enabled | | CRDCompatibilityRequirementOperator| | | Enabled | Enabled | | | Enabled | Enabled | @@ -51,19 +55,14 @@ | ClusterVersionOperatorConfiguration| | | Enabled | Enabled | | | Enabled | Enabled | | ConfigurablePKI| | | Enabled | Enabled | | | Enabled | Enabled | | DNSNameResolver| | | Enabled | Enabled | | | Enabled | Enabled | -| DRAPartitionableDevices| | | Enabled | Enabled | | | Enabled | Enabled | -| DualReplica| | | Enabled | Enabled | | | Enabled | Enabled | | DyanmicServiceEndpointIBMCloud| | | Enabled | Enabled | | | Enabled | Enabled | -| EVPN| | | Enabled | Enabled | | | Enabled | Enabled | | EtcdBackendQuota| | | Enabled | Enabled | | | Enabled | Enabled | -| EventTTL| | | Enabled | Enabled | | | Enabled | Enabled | | Example| | | Enabled | Enabled | | | Enabled | Enabled | | ExternalOIDCWithUpstreamParity| | | Enabled | Enabled | | | Enabled | Enabled | -| GCPClusterHostedDNS| | | Enabled | Enabled | | | Enabled | Enabled | +| ExternalSnapshotMetadata| | | Enabled | Enabled | | | Enabled | Enabled | | GCPCustomAPIEndpoints| | | Enabled | Enabled | | | Enabled | Enabled | | GCPCustomAPIEndpointsInstall| | | Enabled | Enabled | | | Enabled | Enabled | | GCPDualStackInstall| | | Enabled | Enabled | | | Enabled | Enabled | -| GatewayAPIWithoutOLM| | | Enabled | Enabled | | | Enabled | Enabled | | HyperShiftOnlyDynamicResourceAllocation| Enabled | | Enabled | | Enabled | | Enabled | | | ImageModeStatusReporting| | | Enabled | Enabled | | | Enabled | Enabled | | IngressControllerDynamicConfigurationManager| | | Enabled | Enabled | | | Enabled | Enabled | @@ -76,45 +75,50 @@ | MinimumKubeletVersion| | | Enabled | Enabled | | | Enabled | Enabled | | MixedCPUsAllocation| | | Enabled | Enabled | | | Enabled | Enabled | | MultiDiskSetup| | | Enabled | Enabled | | | Enabled | Enabled | -| MutatingAdmissionPolicy| | | Enabled | Enabled | | | Enabled | Enabled | +| NetworkObservabilityInstall| | | Enabled | Enabled | | | Enabled | Enabled | | NewOLM| | Enabled | | Enabled | | Enabled | | Enabled | -| NewOLMOwnSingleNamespace| | Enabled | | Enabled | | Enabled | | Enabled | | NewOLMWebhookProviderOpenshiftServiceCA| | Enabled | | Enabled | | Enabled | | Enabled | +| NoOverlayMode| | | Enabled | Enabled | | | Enabled | Enabled | | NutanixMultiSubnets| | | Enabled | Enabled | | | Enabled | Enabled | -| OSStreams| | | Enabled | Enabled | | | Enabled | Enabled | | OVNObservability| | | Enabled | Enabled | | | Enabled | Enabled | | OnPremDNSRecords| | | Enabled | Enabled | | | Enabled | Enabled | | SELinuxMount| | | Enabled | Enabled | | | Enabled | Enabled | +| SELinuxMountGAReadiness| | | Enabled | Enabled | | | Enabled | Enabled | | SignatureStores| | | Enabled | Enabled | | | Enabled | Enabled | +| TLSAdherence| | | Enabled | Enabled | | | Enabled | Enabled | +| TLSGroupPreferences| | | Enabled | Enabled | | | Enabled | Enabled | | VSphereConfigurableMaxAllowedBlockVolumesPerNode| | | Enabled | Enabled | | | Enabled | Enabled | -| VSphereHostVMGroupZonal| | | Enabled | Enabled | | | Enabled | Enabled | | VSphereMixedNodeEnv| | | Enabled | Enabled | | | Enabled | Enabled | +| VSphereMultiVCenterDay2| | | Enabled | Enabled | | | Enabled | Enabled | | VolumeGroupSnapshot| | | Enabled | Enabled | | | Enabled | Enabled | +| AWSServiceLBNetworkSecurityGroup| | Enabled | Enabled | Enabled | | Enabled | Enabled | Enabled | +| OSStreams| | Enabled | Enabled | Enabled | | Enabled | Enabled | Enabled | +| AWSClusterHostedDNSInstall| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | +| AzureClusterHostedDNSInstall| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | AzureWorkloadIdentity| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | +| BootImageSkewEnforcement| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | BuildCSIVolumes| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| ConsolePluginContentSecurityPolicy| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | +| DualReplica| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | +| EVPN| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | +| EventTTL| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | ExternalOIDC| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | ExternalOIDCWithUIDAndExtraClaimMappings| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| GCPClusterHostedDNSInstall| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| HighlyAvailableArbiter| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | +| GatewayAPIWithoutOLM| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | ImageStreamImportMode| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| ImageVolume| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | InsightsConfig| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | InsightsOnDemandDataGather| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | KMSv1| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| MachineConfigNodes| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | ManagedBootImagesCPMS| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | MetricsCollectionProfiles| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | MutableCSINodeAllocatableCount| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | +| MutatingAdmissionPolicy| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | OpenShiftPodSecurityAdmission| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| PinnedImages| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | RouteExternalCertificate| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | ServiceAccountTokenNodeBinding| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | SigstoreImageVerification| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | SigstoreImageVerificationPKI| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | StoragePerformantSecurityPolicy| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | UpgradeStatus| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| UserNamespacesPodSecurityStandards| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| UserNamespacesSupport| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | +| VSphereHostVMGroupZonal| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | VSphereMultiDisk| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | VSphereMultiNetworks| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | diff --git a/vendor/github.com/openshift/api/features/features.go b/vendor/github.com/openshift/api/features/features.go index f174e8db31..1a5afd6784 100644 --- a/vendor/github.com/openshift/api/features/features.go +++ b/vendor/github.com/openshift/api/features/features.go @@ -75,14 +75,6 @@ func AllFeatureSets() map[uint64]map[ClusterProfileName]map[configv1.FeatureSet] var ( allFeatureGates = map[configv1.FeatureGateName][]featureGateStatus{} - FeatureGateConsolePluginCSP = newFeatureGate("ConsolePluginContentSecurityPolicy"). - reportProblemsToJiraComponent("Management Console"). - contactPerson("jhadvig"). - productScope(ocpSpecific). - enable(inDefault(), inOKD(), inTechPreviewNoUpgrade(), inDevPreviewNoUpgrade()). - enhancementPR("https://github.com/openshift/enhancements/pull/1706"). - mustRegister() - FeatureGateServiceAccountTokenNodeBinding = newFeatureGate("ServiceAccountTokenNodeBinding"). reportProblemsToJiraComponent("apiserver-auth"). contactPerson("ibihim"). @@ -96,7 +88,7 @@ var ( contactPerson("benluddy"). productScope(kubernetes). enhancementPR("https://github.com/kubernetes/enhancements/issues/3962"). - enable(inTechPreviewNoUpgrade(), inDevPreviewNoUpgrade()). + enable(inDefault(), inOKD(), inTechPreviewNoUpgrade(), inDevPreviewNoUpgrade()). mustRegister() FeatureGateOpenShiftPodSecurityAdmission = newFeatureGate("OpenShiftPodSecurityAdmission"). @@ -175,7 +167,7 @@ var ( contactPerson("jcpowermac"). productScope(ocpSpecific). enhancementPR("https://github.com/openshift/enhancements/pull/1677"). - enable(inTechPreviewNoUpgrade(), inDevPreviewNoUpgrade()). + enable(inDefault(), inOKD(), inTechPreviewNoUpgrade(), inDevPreviewNoUpgrade()). mustRegister() FeatureGateVSphereMultiDisk = newFeatureGate("VSphereMultiDisk"). @@ -202,12 +194,20 @@ var ( enable(inDevPreviewNoUpgrade()). mustRegister() + FeatureGateNoOverlayMode = newFeatureGate("NoOverlayMode"). + reportProblemsToJiraComponent("Networking/ovn-kubernetes"). + contactPerson("pliurh"). + productScope(ocpSpecific). + enhancementPR("https://github.com/openshift/enhancements/pull/1859"). + enable(inDevPreviewNoUpgrade(), inTechPreviewNoUpgrade()). + mustRegister() + FeatureGateEVPN = newFeatureGate("EVPN"). reportProblemsToJiraComponent("Networking/ovn-kubernetes"). contactPerson("jcaamano"). productScope(ocpSpecific). enhancementPR("https://github.com/openshift/enhancements/pull/1862"). - enable(inDevPreviewNoUpgrade(), inTechPreviewNoUpgrade()). + enable(inDefault(), inOKD(), inDevPreviewNoUpgrade(), inTechPreviewNoUpgrade()). mustRegister() FeatureGateOVNObservability = newFeatureGate("OVNObservability"). @@ -249,14 +249,6 @@ var ( enable(inTechPreviewNoUpgrade(), inDevPreviewNoUpgrade()). mustRegister() - FeatureGateMachineConfigNodes = newFeatureGate("MachineConfigNodes"). - reportProblemsToJiraComponent("MachineConfigOperator"). - contactPerson("ijanssen"). - productScope(ocpSpecific). - enhancementPR("https://github.com/openshift/enhancements/pull/1765"). - enable(inDefault(), inOKD(), inTechPreviewNoUpgrade(), inDevPreviewNoUpgrade()). - mustRegister() - FeatureGateImageModeStatusReporting = newFeatureGate("ImageModeStatusReporting"). reportProblemsToJiraComponent("MachineConfigOperator"). contactPerson("ijanssen"). @@ -272,14 +264,6 @@ var ( enhancementPR(legacyFeatureGateWithoutEnhancement). mustRegister() - FeatureGateGCPClusterHostedDNS = newFeatureGate("GCPClusterHostedDNS"). - reportProblemsToJiraComponent("Installer"). - contactPerson("barbacbd"). - productScope(ocpSpecific). - enhancementPR(legacyFeatureGateWithoutEnhancement). - enable(inTechPreviewNoUpgrade(), inDevPreviewNoUpgrade()). - mustRegister() - FeatureGateAWSClusterHostedDNS = newFeatureGate("AWSClusterHostedDNS"). reportProblemsToJiraComponent("Installer"). contactPerson("barbacbd"). @@ -293,7 +277,7 @@ var ( contactPerson("sadasu"). productScope(ocpSpecific). enhancementPR("https://github.com/openshift/enhancements/pull/1468"). - enable(inTechPreviewNoUpgrade(), inDevPreviewNoUpgrade()). + enable(inDefault(), inOKD(), inTechPreviewNoUpgrade(), inDevPreviewNoUpgrade()). mustRegister() FeatureGateMixedCPUsAllocation = newFeatureGate("MixedCPUsAllocation"). @@ -317,7 +301,7 @@ var ( contactPerson("djoshy"). productScope(ocpSpecific). enhancementPR("https://github.com/openshift/enhancements/pull/1761"). - enable(inTechPreviewNoUpgrade(), inDevPreviewNoUpgrade()). + enable(inDefault(), inOKD(), inTechPreviewNoUpgrade(), inDevPreviewNoUpgrade()). mustRegister() FeatureGateBootcNodeManagement = newFeatureGate("BootcNodeManagement"). @@ -344,14 +328,6 @@ var ( enable(inDefault(), inOKD(), inTechPreviewNoUpgrade(), inDevPreviewNoUpgrade()). mustRegister() - FeatureGatePinnedImages = newFeatureGate("PinnedImages"). - reportProblemsToJiraComponent("MachineConfigOperator"). - contactPerson("RishabhSaini"). - productScope(ocpSpecific). - enhancementPR(legacyFeatureGateWithoutEnhancement). - enable(inDefault(), inOKD(), inTechPreviewNoUpgrade(), inDevPreviewNoUpgrade()). - mustRegister() - FeatureGateAdditionalStorageConfig = newFeatureGate("AdditionalStorageConfig"). reportProblemsToJiraComponent("node"). contactPerson("saschagrunert"). @@ -378,10 +354,10 @@ var ( FeatureGateExternalSnapshotMetadata = newFeatureGate("ExternalSnapshotMetadata"). reportProblemsToJiraComponent("Storage / Kubernetes External Components"). - contactPerson("jdobson"). + contactPerson("rbednar"). productScope(kubernetes). enhancementPR("https://github.com/kubernetes/enhancements/issues/3314"). - enable(inDevPreviewNoUpgrade()). + enable(inTechPreviewNoUpgrade(), inDevPreviewNoUpgrade()). mustRegister() FeatureGateExternalOIDC = newFeatureGate("ExternalOIDC"). @@ -461,7 +437,7 @@ var ( contactPerson("nschieder"). productScope(ocpSpecific). enhancementPR("https://github.com/openshift/enhancements/pull/1849"). - enable(inClusterProfile(SelfManaged), inDefault(), inOKD(), inTechPreviewNoUpgrade(), inDevPreviewNoUpgrade()). + enable(inClusterProfile(SelfManaged), inTechPreviewNoUpgrade(), inDevPreviewNoUpgrade()). mustRegister() FeatureGateNewOLMWebhookProviderOpenshiftServiceCA = newFeatureGate("NewOLMWebhookProviderOpenshiftServiceCA"). @@ -480,6 +456,22 @@ var ( enable(inClusterProfile(SelfManaged), inDevPreviewNoUpgrade(), inTechPreviewNoUpgrade()). mustRegister() + FeatureGateNewOLMConfigAPI = newFeatureGate("NewOLMConfigAPI"). + reportProblemsToJiraComponent("olm"). + contactPerson("tmshort"). + productScope(ocpSpecific). + enhancementPR("https://github.com/openshift/enhancements/pull/1915"). + enable(inClusterProfile(SelfManaged), inDevPreviewNoUpgrade(), inTechPreviewNoUpgrade()). + mustRegister() + + FeatureGateOLMLifecycleAndCompatibility = newFeatureGate("OLMLifecycleAndCompatibility"). + reportProblemsToJiraComponent("olm"). + contactPerson("joelanford"). + productScope(ocpSpecific). + enhancementPR("https://github.com/openshift/enhancements/pull/1991"). + enable(inClusterProfile(SelfManaged), inTechPreviewNoUpgrade(), inDevPreviewNoUpgrade()). + mustRegister() + FeatureGateInsightsOnDemandDataGather = newFeatureGate("InsightsOnDemandDataGather"). reportProblemsToJiraComponent("insights"). contactPerson("tremes"). @@ -543,6 +535,34 @@ var ( enable(inDevPreviewNoUpgrade()). mustRegister() + FeatureGateMachineAPIMigrationAzure = newFeatureGate("MachineAPIMigrationAzure"). + reportProblemsToJiraComponent("Cloud Compute / Cluster API Providers"). + contactPerson("ddonati"). + productScope(ocpSpecific). + enhancementPR("https://github.com/openshift/enhancements/pull/1465"). + mustRegister() + + FeatureGateMachineAPIMigrationBareMetal = newFeatureGate("MachineAPIMigrationBareMetal"). + reportProblemsToJiraComponent("Cloud Compute / BareMetal Provider"). + contactPerson("ddonati"). + productScope(ocpSpecific). + enhancementPR("https://github.com/openshift/enhancements/pull/1465"). + mustRegister() + + FeatureGateMachineAPIMigrationGCP = newFeatureGate("MachineAPIMigrationGCP"). + reportProblemsToJiraComponent("Cloud Compute / Cluster API Providers"). + contactPerson("ddonati"). + productScope(ocpSpecific). + enhancementPR("https://github.com/openshift/enhancements/pull/1465"). + mustRegister() + + FeatureGateMachineAPIMigrationPowerVS = newFeatureGate("MachineAPIMigrationPowerVS"). + reportProblemsToJiraComponent("Cloud Compute / IBM Provider"). + contactPerson("ddonati"). + productScope(ocpSpecific). + enhancementPR("https://github.com/openshift/enhancements/pull/1465"). + mustRegister() + FeatureGateClusterAPIMachineManagement = newFeatureGate("ClusterAPIMachineManagement"). reportProblemsToJiraComponent("Cloud Compute / Cluster API Providers"). contactPerson("ddonati"). @@ -630,25 +650,6 @@ var ( enable(inDefault(), inOKD(), inTechPreviewNoUpgrade(), inDevPreviewNoUpgrade()). mustRegister() - FeatureGateUserNamespacesSupport = newFeatureGate("UserNamespacesSupport"). - reportProblemsToJiraComponent("Node"). - contactPerson("haircommander"). - productScope(kubernetes). - enhancementPR("https://github.com/kubernetes/enhancements/issues/127"). - enable(inDefault(), inOKD(), inTechPreviewNoUpgrade(), inDevPreviewNoUpgrade()). - mustRegister() - - // Note: this feature is perma-alpha, but it is safe and desireable to enable. - // It was an oversight in upstream to not remove the feature gate after the version skew became safe in 1.33. - // See https://github.com/kubernetes/enhancements/tree/d4226c42/keps/sig-node/127-user-namespaces#pod-security-standards-pss-integration - FeatureGateUserNamespacesPodSecurityStandards = newFeatureGate("UserNamespacesPodSecurityStandards"). - reportProblemsToJiraComponent("Node"). - contactPerson("haircommander"). - productScope(kubernetes). - enhancementPR("https://github.com/kubernetes/enhancements/issues/127"). - enable(inDefault(), inOKD(), inTechPreviewNoUpgrade(), inDevPreviewNoUpgrade()). - mustRegister() - FeatureGateVSphereMultiNetworks = newFeatureGate("VSphereMultiNetworks"). reportProblemsToJiraComponent("SPLAT"). contactPerson("rvanderp"). @@ -681,14 +682,6 @@ var ( enable(inDevPreviewNoUpgrade(), inTechPreviewNoUpgrade()). mustRegister() - FeatureGateKMSEncryptionProvider = newFeatureGate("KMSEncryptionProvider"). - reportProblemsToJiraComponent("kube-apiserver"). - contactPerson("swghosh"). - productScope(ocpSpecific). - enhancementPR("https://github.com/openshift/enhancements/pull/1682"). - enable(inDevPreviewNoUpgrade()). - mustRegister() - FeatureGateKMSEncryption = newFeatureGate("KMSEncryption"). reportProblemsToJiraComponent("kube-apiserver"). contactPerson("ardaguclu"). @@ -697,14 +690,6 @@ var ( enable(inDevPreviewNoUpgrade(), inTechPreviewNoUpgrade()). mustRegister() - FeatureGateHighlyAvailableArbiter = newFeatureGate("HighlyAvailableArbiter"). - reportProblemsToJiraComponent("Two Node with Arbiter"). - contactPerson("eggfoobar"). - productScope(ocpSpecific). - enhancementPR("https://github.com/openshift/enhancements/pull/1674"). - enable(inDefault(), inOKD(), inTechPreviewNoUpgrade(), inDevPreviewNoUpgrade()). - mustRegister() - FeatureGateCVOConfiguration = newFeatureGate("ClusterVersionOperatorConfiguration"). reportProblemsToJiraComponent("Cluster Version Operator"). contactPerson("dhurta"). @@ -722,12 +707,12 @@ var ( mustRegister() FeatureGateClusterUpdatePreflight = newFeatureGate("ClusterUpdatePreflight"). - reportProblemsToJiraComponent("Cluster Version Operator"). - contactPerson("fao89"). - productScope(ocpSpecific). - enhancementPR("https://github.com/openshift/enhancements/pull/1930"). - enable(inDevPreviewNoUpgrade()). - mustRegister() + reportProblemsToJiraComponent("Cluster Version Operator"). + contactPerson("fao89"). + productScope(ocpSpecific). + enhancementPR("https://github.com/openshift/enhancements/pull/1930"). + enable(inDevPreviewNoUpgrade()). + mustRegister() FeatureGateGCPCustomAPIEndpoints = newFeatureGate("GCPCustomAPIEndpoints"). reportProblemsToJiraComponent("Installer"). @@ -758,7 +743,7 @@ var ( contactPerson("jaypoulz"). productScope(ocpSpecific). enhancementPR("https://github.com/openshift/enhancements/pull/1675"). - enable(inTechPreviewNoUpgrade(), inDevPreviewNoUpgrade()). + enable(inDefault(), inOKD(), inTechPreviewNoUpgrade(), inDevPreviewNoUpgrade()). mustRegister() FeatureShortCertRotation = newFeatureGate("ShortCertRotation"). @@ -816,22 +801,23 @@ var ( enable(inTechPreviewNoUpgrade(), inDevPreviewNoUpgrade()). mustRegister() + FeatureGateVSphereMultiVCenterDay2 = newFeatureGate("VSphereMultiVCenterDay2"). + reportProblemsToJiraComponent("splat"). + contactPerson("vr4manta"). + productScope(ocpSpecific). + enhancementPR("https://github.com/openshift/enhancements/pull/1961"). + enable(inTechPreviewNoUpgrade(), inDevPreviewNoUpgrade()). + mustRegister() + FeatureGateAWSServiceLBNetworkSecurityGroup = newFeatureGate("AWSServiceLBNetworkSecurityGroup"). reportProblemsToJiraComponent("Cloud Compute / Cloud Controller Manager"). contactPerson("mtulio"). productScope(ocpSpecific). enhancementPR("https://github.com/openshift/enhancements/pull/1802"). - enable(inTechPreviewNoUpgrade(), inDevPreviewNoUpgrade()). + enable(inClusterProfile(SelfManaged), inDefault(), inOKD(), inTechPreviewNoUpgrade(), inDevPreviewNoUpgrade()). + enable(inClusterProfile(Hypershift), inTechPreviewNoUpgrade(), inDevPreviewNoUpgrade()). mustRegister() - FeatureGateImageVolume = newFeatureGate("ImageVolume"). - reportProblemsToJiraComponent("Node"). - contactPerson("haircommander"). - productScope(kubernetes). - enhancementPR("https://github.com/openshift/enhancements/pull/1792"). - enable(inDefault(), inOKD(), inTechPreviewNoUpgrade(), inDevPreviewNoUpgrade()). - mustRegister() - FeatureGateNoRegistryClusterInstall = newFeatureGate("NoRegistryClusterInstall"). reportProblemsToJiraComponent("Installer / Agent based installation"). contactPerson("andfasano"). @@ -840,20 +826,12 @@ var ( enable(inClusterProfile(SelfManaged), inTechPreviewNoUpgrade(), inDevPreviewNoUpgrade()). mustRegister() - FeatureGateGCPClusterHostedDNSInstall = newFeatureGate("GCPClusterHostedDNSInstall"). - reportProblemsToJiraComponent("Installer"). - contactPerson("barbacbd"). - productScope(ocpSpecific). - enhancementPR("https://github.com/openshift/enhancements/pull/1468"). - enable(inDefault(), inOKD(), inTechPreviewNoUpgrade(), inDevPreviewNoUpgrade()). - mustRegister() - FeatureGateAWSClusterHostedDNSInstall = newFeatureGate("AWSClusterHostedDNSInstall"). reportProblemsToJiraComponent("Installer"). contactPerson("barbacbd"). productScope(ocpSpecific). enhancementPR("https://github.com/openshift/enhancements/pull/1468"). - enable(inTechPreviewNoUpgrade(), inDevPreviewNoUpgrade()). + enable(inDefault(), inOKD(), inTechPreviewNoUpgrade(), inDevPreviewNoUpgrade()). mustRegister() FeatureGateGCPCustomAPIEndpointsInstall = newFeatureGate("GCPCustomAPIEndpointsInstall"). @@ -923,7 +901,7 @@ var ( contactPerson("tjungblu"). productScope(ocpSpecific). enhancementPR("https://github.com/openshift/enhancements/pull/1857"). - enable(inTechPreviewNoUpgrade(), inDevPreviewNoUpgrade()). + enable(inDefault(), inOKD(), inTechPreviewNoUpgrade(), inDevPreviewNoUpgrade()). mustRegister() FeatureGateMutableCSINodeAllocatableCount = newFeatureGate("MutableCSINodeAllocatableCount"). @@ -938,7 +916,8 @@ var ( contactPerson("pabrodri"). productScope(ocpSpecific). enhancementPR("https://github.com/openshift/enhancements/pull/1874"). - enable(inTechPreviewNoUpgrade(), inDevPreviewNoUpgrade()). + enable(inClusterProfile(SelfManaged), inDevPreviewNoUpgrade(), inTechPreviewNoUpgrade(), inDefault(), inOKD()). + enable(inClusterProfile(Hypershift), inDevPreviewNoUpgrade(), inTechPreviewNoUpgrade()). mustRegister() FeatureGateCRDCompatibilityRequirementOperator = newFeatureGate("CRDCompatibilityRequirementOperator"). @@ -972,14 +951,6 @@ var ( enable(inClusterProfile(Hypershift), inDefault(), inOKD(), inTechPreviewNoUpgrade(), inDevPreviewNoUpgrade()). mustRegister() - FeatureGateDRAPartitionableDevices = newFeatureGate("DRAPartitionableDevices"). - reportProblemsToJiraComponent("Node"). - contactPerson("harche"). - productScope(kubernetes). - enhancementPR("https://github.com/kubernetes/enhancements/issues/4815"). - enable(inDevPreviewNoUpgrade(), inTechPreviewNoUpgrade()). - mustRegister() - FeatureGateConfigurablePKI = newFeatureGate("ConfigurablePKI"). reportProblemsToJiraComponent("kube-apiserver"). contactPerson("sanchezl"). @@ -1004,11 +975,66 @@ var ( enable(inDevPreviewNoUpgrade()). mustRegister() + FeatureGateAWSEuropeanSovereignCloudInstall = newFeatureGate("AWSEuropeanSovereignCloudInstall"). + reportProblemsToJiraComponent("Installer / openshift-installer"). + contactPerson("tthvo"). + productScope(ocpSpecific). + enhancementPR("https://github.com/openshift/enhancements/pull/1952"). + enable(inDevPreviewNoUpgrade(), inTechPreviewNoUpgrade()). + mustRegister() + FeatureGateGatewayAPIWithoutOLM = newFeatureGate("GatewayAPIWithoutOLM"). reportProblemsToJiraComponent("Routing"). contactPerson("miciah"). productScope(ocpSpecific). enhancementPR("https://github.com/openshift/enhancements/pull/1933"). + enable(inDefault(), inOKD(), inDevPreviewNoUpgrade(), inTechPreviewNoUpgrade()). + mustRegister() + + FeatureGateTLSAdherence = newFeatureGate("TLSAdherence"). + reportProblemsToJiraComponent("HPCASE / TLS Adherence"). + contactPerson("joelanford"). + productScope(ocpSpecific). + enhancementPR("https://github.com/openshift/enhancements/pull/1910"). + enable(inDevPreviewNoUpgrade(), inTechPreviewNoUpgrade()). + mustRegister() + + FeatureGateConfidentialCluster = newFeatureGate("ConfidentialCluster"). + reportProblemsToJiraComponent("ConfidentialClusters"). + contactPerson("fjin"). + productScope(ocpSpecific). + enhancementPR("https://github.com/openshift/enhancements/pull/1962"). + enable(inDevPreviewNoUpgrade()). + mustRegister() + FeatureGateNetworkObservabilityInstall = newFeatureGate("NetworkObservabilityInstall"). + reportProblemsToJiraComponent("netobserv"). + contactPerson("jtakvori"). + productScope(ocpSpecific). + enhancementPR("https://github.com/openshift/enhancements/pull/1908"). + enable(inDevPreviewNoUpgrade(), inTechPreviewNoUpgrade()). + mustRegister() + + FeatureGateTLSGroupPreferences = newFeatureGate("TLSGroupPreferences"). + reportProblemsToJiraComponent("Networking / router"). + contactPerson("davidesalerno"). + productScope(ocpSpecific). + enhancementPR("https://github.com/openshift/enhancements/pull/1894"). enable(inDevPreviewNoUpgrade(), inTechPreviewNoUpgrade()). mustRegister() + + FeatureGateMutableTopology = newFeatureGate("MutableTopology"). + reportProblemsToJiraComponent("Mutable Topology"). + contactPerson("jaypoulz"). + productScope(ocpSpecific). + enhancementPR("https://github.com/openshift/enhancements/pull/2008"). + enable(inClusterProfile(SelfManaged), inDevPreviewNoUpgrade()). + mustRegister() + + FeatureGateSELinuxMountGAReadiness = newFeatureGate("SELinuxMountGAReadiness"). + reportProblemsToJiraComponent("Storage / Operators"). + contactPerson("jsafrane"). + productScope(ocpSpecific). + enhancementPR("https://github.com/openshift/enhancements/pull/2010"). + enable(inTechPreviewNoUpgrade(), inDevPreviewNoUpgrade()). + mustRegister() ) diff --git a/vendor/github.com/openshift/api/helm/v1beta1/doc.go b/vendor/github.com/openshift/api/helm/v1beta1/doc.go index 8a45cd1c81..85ecec82b9 100644 --- a/vendor/github.com/openshift/api/helm/v1beta1/doc.go +++ b/vendor/github.com/openshift/api/helm/v1beta1/doc.go @@ -1,6 +1,7 @@ // +k8s:deepcopy-gen=package,register // +k8s:defaulter-gen=TypeMeta // +k8s:openapi-gen=true +// +k8s:openapi-model-package=com.github.openshift.api.helm.v1beta1 // +kubebuilder:validation:Optional // +groupName=helm.openshift.io diff --git a/vendor/github.com/openshift/api/helm/v1beta1/zz_generated.model_name.go b/vendor/github.com/openshift/api/helm/v1beta1/zz_generated.model_name.go new file mode 100644 index 0000000000..4cf8aee346 --- /dev/null +++ b/vendor/github.com/openshift/api/helm/v1beta1/zz_generated.model_name.go @@ -0,0 +1,51 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Code generated by codegen. DO NOT EDIT. + +package v1beta1 + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ConnectionConfig) OpenAPIModelName() string { + return "com.github.openshift.api.helm.v1beta1.ConnectionConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ConnectionConfigNamespaceScoped) OpenAPIModelName() string { + return "com.github.openshift.api.helm.v1beta1.ConnectionConfigNamespaceScoped" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in HelmChartRepository) OpenAPIModelName() string { + return "com.github.openshift.api.helm.v1beta1.HelmChartRepository" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in HelmChartRepositoryList) OpenAPIModelName() string { + return "com.github.openshift.api.helm.v1beta1.HelmChartRepositoryList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in HelmChartRepositorySpec) OpenAPIModelName() string { + return "com.github.openshift.api.helm.v1beta1.HelmChartRepositorySpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in HelmChartRepositoryStatus) OpenAPIModelName() string { + return "com.github.openshift.api.helm.v1beta1.HelmChartRepositoryStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ProjectHelmChartRepository) OpenAPIModelName() string { + return "com.github.openshift.api.helm.v1beta1.ProjectHelmChartRepository" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ProjectHelmChartRepositoryList) OpenAPIModelName() string { + return "com.github.openshift.api.helm.v1beta1.ProjectHelmChartRepositoryList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ProjectHelmChartRepositorySpec) OpenAPIModelName() string { + return "com.github.openshift.api.helm.v1beta1.ProjectHelmChartRepositorySpec" +} diff --git a/vendor/github.com/openshift/api/image/v1/doc.go b/vendor/github.com/openshift/api/image/v1/doc.go index e57d45bbf9..c55344ebcc 100644 --- a/vendor/github.com/openshift/api/image/v1/doc.go +++ b/vendor/github.com/openshift/api/image/v1/doc.go @@ -2,6 +2,7 @@ // +k8s:conversion-gen=github.com/openshift/origin/pkg/image/apis/image // +k8s:defaulter-gen=TypeMeta // +k8s:openapi-gen=true +// +k8s:openapi-model-package=com.github.openshift.api.image.v1 // +groupName=image.openshift.io // Package v1 is the v1 version of the API. diff --git a/vendor/github.com/openshift/api/image/v1/zz_generated.model_name.go b/vendor/github.com/openshift/api/image/v1/zz_generated.model_name.go new file mode 100644 index 0000000000..e1c8b2bc90 --- /dev/null +++ b/vendor/github.com/openshift/api/image/v1/zz_generated.model_name.go @@ -0,0 +1,196 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Code generated by codegen. DO NOT EDIT. + +package v1 + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in DockerImageReference) OpenAPIModelName() string { + return "com.github.openshift.api.image.v1.DockerImageReference" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in Image) OpenAPIModelName() string { + return "com.github.openshift.api.image.v1.Image" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageBlobReferences) OpenAPIModelName() string { + return "com.github.openshift.api.image.v1.ImageBlobReferences" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageImportSpec) OpenAPIModelName() string { + return "com.github.openshift.api.image.v1.ImageImportSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageImportStatus) OpenAPIModelName() string { + return "com.github.openshift.api.image.v1.ImageImportStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageLayer) OpenAPIModelName() string { + return "com.github.openshift.api.image.v1.ImageLayer" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageLayerData) OpenAPIModelName() string { + return "com.github.openshift.api.image.v1.ImageLayerData" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageList) OpenAPIModelName() string { + return "com.github.openshift.api.image.v1.ImageList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageLookupPolicy) OpenAPIModelName() string { + return "com.github.openshift.api.image.v1.ImageLookupPolicy" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageManifest) OpenAPIModelName() string { + return "com.github.openshift.api.image.v1.ImageManifest" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageSignature) OpenAPIModelName() string { + return "com.github.openshift.api.image.v1.ImageSignature" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageStream) OpenAPIModelName() string { + return "com.github.openshift.api.image.v1.ImageStream" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageStreamImage) OpenAPIModelName() string { + return "com.github.openshift.api.image.v1.ImageStreamImage" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageStreamImport) OpenAPIModelName() string { + return "com.github.openshift.api.image.v1.ImageStreamImport" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageStreamImportSpec) OpenAPIModelName() string { + return "com.github.openshift.api.image.v1.ImageStreamImportSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageStreamImportStatus) OpenAPIModelName() string { + return "com.github.openshift.api.image.v1.ImageStreamImportStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageStreamLayers) OpenAPIModelName() string { + return "com.github.openshift.api.image.v1.ImageStreamLayers" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageStreamList) OpenAPIModelName() string { + return "com.github.openshift.api.image.v1.ImageStreamList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageStreamMapping) OpenAPIModelName() string { + return "com.github.openshift.api.image.v1.ImageStreamMapping" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageStreamSpec) OpenAPIModelName() string { + return "com.github.openshift.api.image.v1.ImageStreamSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageStreamStatus) OpenAPIModelName() string { + return "com.github.openshift.api.image.v1.ImageStreamStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageStreamTag) OpenAPIModelName() string { + return "com.github.openshift.api.image.v1.ImageStreamTag" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageStreamTagList) OpenAPIModelName() string { + return "com.github.openshift.api.image.v1.ImageStreamTagList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageTag) OpenAPIModelName() string { + return "com.github.openshift.api.image.v1.ImageTag" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageTagList) OpenAPIModelName() string { + return "com.github.openshift.api.image.v1.ImageTagList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NamedTagEventList) OpenAPIModelName() string { + return "com.github.openshift.api.image.v1.NamedTagEventList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in RepositoryImportSpec) OpenAPIModelName() string { + return "com.github.openshift.api.image.v1.RepositoryImportSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in RepositoryImportStatus) OpenAPIModelName() string { + return "com.github.openshift.api.image.v1.RepositoryImportStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in SecretList) OpenAPIModelName() string { + return "com.github.openshift.api.image.v1.SecretList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in SignatureCondition) OpenAPIModelName() string { + return "com.github.openshift.api.image.v1.SignatureCondition" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in SignatureGenericEntity) OpenAPIModelName() string { + return "com.github.openshift.api.image.v1.SignatureGenericEntity" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in SignatureIssuer) OpenAPIModelName() string { + return "com.github.openshift.api.image.v1.SignatureIssuer" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in SignatureSubject) OpenAPIModelName() string { + return "com.github.openshift.api.image.v1.SignatureSubject" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in TagEvent) OpenAPIModelName() string { + return "com.github.openshift.api.image.v1.TagEvent" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in TagEventCondition) OpenAPIModelName() string { + return "com.github.openshift.api.image.v1.TagEventCondition" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in TagImportPolicy) OpenAPIModelName() string { + return "com.github.openshift.api.image.v1.TagImportPolicy" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in TagReference) OpenAPIModelName() string { + return "com.github.openshift.api.image.v1.TagReference" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in TagReferencePolicy) OpenAPIModelName() string { + return "com.github.openshift.api.image.v1.TagReferencePolicy" +} diff --git a/vendor/github.com/openshift/api/imageregistry/v1/doc.go b/vendor/github.com/openshift/api/imageregistry/v1/doc.go index 32ad6f8141..46761bad0d 100644 --- a/vendor/github.com/openshift/api/imageregistry/v1/doc.go +++ b/vendor/github.com/openshift/api/imageregistry/v1/doc.go @@ -1,3 +1,4 @@ // +k8s:deepcopy-gen=package // +groupName=imageregistry.operator.openshift.io +// +k8s:openapi-model-package=com.github.openshift.api.imageregistry.v1 package v1 diff --git a/vendor/github.com/openshift/api/imageregistry/v1/zz_generated.model_name.go b/vendor/github.com/openshift/api/imageregistry/v1/zz_generated.model_name.go new file mode 100644 index 0000000000..bb51d1e7ef --- /dev/null +++ b/vendor/github.com/openshift/api/imageregistry/v1/zz_generated.model_name.go @@ -0,0 +1,141 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Code generated by codegen. DO NOT EDIT. + +package v1 + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AzureNetworkAccess) OpenAPIModelName() string { + return "com.github.openshift.api.imageregistry.v1.AzureNetworkAccess" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AzureNetworkAccessInternal) OpenAPIModelName() string { + return "com.github.openshift.api.imageregistry.v1.AzureNetworkAccessInternal" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in Config) OpenAPIModelName() string { + return "com.github.openshift.api.imageregistry.v1.Config" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ConfigList) OpenAPIModelName() string { + return "com.github.openshift.api.imageregistry.v1.ConfigList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in EncryptionAlibaba) OpenAPIModelName() string { + return "com.github.openshift.api.imageregistry.v1.EncryptionAlibaba" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImagePruner) OpenAPIModelName() string { + return "com.github.openshift.api.imageregistry.v1.ImagePruner" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImagePrunerList) OpenAPIModelName() string { + return "com.github.openshift.api.imageregistry.v1.ImagePrunerList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImagePrunerSpec) OpenAPIModelName() string { + return "com.github.openshift.api.imageregistry.v1.ImagePrunerSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImagePrunerStatus) OpenAPIModelName() string { + return "com.github.openshift.api.imageregistry.v1.ImagePrunerStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageRegistryConfigProxy) OpenAPIModelName() string { + return "com.github.openshift.api.imageregistry.v1.ImageRegistryConfigProxy" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageRegistryConfigRequests) OpenAPIModelName() string { + return "com.github.openshift.api.imageregistry.v1.ImageRegistryConfigRequests" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageRegistryConfigRequestsLimits) OpenAPIModelName() string { + return "com.github.openshift.api.imageregistry.v1.ImageRegistryConfigRequestsLimits" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageRegistryConfigRoute) OpenAPIModelName() string { + return "com.github.openshift.api.imageregistry.v1.ImageRegistryConfigRoute" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageRegistryConfigStorage) OpenAPIModelName() string { + return "com.github.openshift.api.imageregistry.v1.ImageRegistryConfigStorage" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageRegistryConfigStorageAlibabaOSS) OpenAPIModelName() string { + return "com.github.openshift.api.imageregistry.v1.ImageRegistryConfigStorageAlibabaOSS" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageRegistryConfigStorageAzure) OpenAPIModelName() string { + return "com.github.openshift.api.imageregistry.v1.ImageRegistryConfigStorageAzure" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageRegistryConfigStorageEmptyDir) OpenAPIModelName() string { + return "com.github.openshift.api.imageregistry.v1.ImageRegistryConfigStorageEmptyDir" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageRegistryConfigStorageGCS) OpenAPIModelName() string { + return "com.github.openshift.api.imageregistry.v1.ImageRegistryConfigStorageGCS" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageRegistryConfigStorageIBMCOS) OpenAPIModelName() string { + return "com.github.openshift.api.imageregistry.v1.ImageRegistryConfigStorageIBMCOS" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageRegistryConfigStoragePVC) OpenAPIModelName() string { + return "com.github.openshift.api.imageregistry.v1.ImageRegistryConfigStoragePVC" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageRegistryConfigStorageS3) OpenAPIModelName() string { + return "com.github.openshift.api.imageregistry.v1.ImageRegistryConfigStorageS3" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageRegistryConfigStorageS3CloudFront) OpenAPIModelName() string { + return "com.github.openshift.api.imageregistry.v1.ImageRegistryConfigStorageS3CloudFront" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageRegistryConfigStorageSwift) OpenAPIModelName() string { + return "com.github.openshift.api.imageregistry.v1.ImageRegistryConfigStorageSwift" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageRegistrySpec) OpenAPIModelName() string { + return "com.github.openshift.api.imageregistry.v1.ImageRegistrySpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageRegistryStatus) OpenAPIModelName() string { + return "com.github.openshift.api.imageregistry.v1.ImageRegistryStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in KMSEncryptionAlibaba) OpenAPIModelName() string { + return "com.github.openshift.api.imageregistry.v1.KMSEncryptionAlibaba" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in S3TrustedCASource) OpenAPIModelName() string { + return "com.github.openshift.api.imageregistry.v1.S3TrustedCASource" +} diff --git a/vendor/github.com/openshift/api/install.go b/vendor/github.com/openshift/api/install.go index e4574e7c4f..6efcc1c298 100644 --- a/vendor/github.com/openshift/api/install.go +++ b/vendor/github.com/openshift/api/install.go @@ -14,8 +14,6 @@ import ( kauthorizationv1beta1 "k8s.io/api/authorization/v1beta1" kautoscalingv1 "k8s.io/api/autoscaling/v1" kautoscalingv2 "k8s.io/api/autoscaling/v2" - kautoscalingv2beta1 "k8s.io/api/autoscaling/v2beta1" - kautoscalingv2beta2 "k8s.io/api/autoscaling/v2beta2" kbatchv1 "k8s.io/api/batch/v1" kbatchv1beta1 "k8s.io/api/batch/v1beta1" kcertificatesv1 "k8s.io/api/certificates/v1" @@ -40,7 +38,6 @@ import ( krbacv1alpha1 "k8s.io/api/rbac/v1alpha1" krbacv1beta1 "k8s.io/api/rbac/v1beta1" kschedulingv1 "k8s.io/api/scheduling/v1" - kschedulingv1alpha1 "k8s.io/api/scheduling/v1alpha1" kschedulingv1beta1 "k8s.io/api/scheduling/v1beta1" kstoragev1 "k8s.io/api/storage/v1" kstoragev1alpha1 "k8s.io/api/storage/v1alpha1" @@ -134,8 +131,6 @@ var ( kauthorizationv1beta1.AddToScheme, kautoscalingv1.AddToScheme, kautoscalingv2.AddToScheme, - kautoscalingv2beta1.AddToScheme, - kautoscalingv2beta2.AddToScheme, kbatchv1.AddToScheme, kbatchv1beta1.AddToScheme, kcertificatesv1.AddToScheme, @@ -160,7 +155,6 @@ var ( krbacv1beta1.AddToScheme, krbacv1alpha1.AddToScheme, kschedulingv1.AddToScheme, - kschedulingv1alpha1.AddToScheme, kschedulingv1beta1.AddToScheme, kstoragev1.AddToScheme, kstoragev1beta1.AddToScheme, diff --git a/vendor/github.com/openshift/api/kubecontrolplane/v1/doc.go b/vendor/github.com/openshift/api/kubecontrolplane/v1/doc.go index d8872a6132..8f60e8e439 100644 --- a/vendor/github.com/openshift/api/kubecontrolplane/v1/doc.go +++ b/vendor/github.com/openshift/api/kubecontrolplane/v1/doc.go @@ -1,6 +1,7 @@ // +k8s:deepcopy-gen=package,register // +k8s:defaulter-gen=TypeMeta // +k8s:openapi-gen=true +// +k8s:openapi-model-package=com.github.openshift.api.kubecontrolplane.v1 // +groupName=kubecontrolplane.config.openshift.io // Package v1 is the v1 version of the API. diff --git a/vendor/github.com/openshift/api/kubecontrolplane/v1/zz_generated.model_name.go b/vendor/github.com/openshift/api/kubecontrolplane/v1/zz_generated.model_name.go new file mode 100644 index 0000000000..4048213494 --- /dev/null +++ b/vendor/github.com/openshift/api/kubecontrolplane/v1/zz_generated.model_name.go @@ -0,0 +1,76 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Code generated by codegen. DO NOT EDIT. + +package v1 + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AggregatorConfig) OpenAPIModelName() string { + return "com.github.openshift.api.kubecontrolplane.v1.AggregatorConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in KubeAPIServerConfig) OpenAPIModelName() string { + return "com.github.openshift.api.kubecontrolplane.v1.KubeAPIServerConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in KubeAPIServerImagePolicyConfig) OpenAPIModelName() string { + return "com.github.openshift.api.kubecontrolplane.v1.KubeAPIServerImagePolicyConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in KubeAPIServerProjectConfig) OpenAPIModelName() string { + return "com.github.openshift.api.kubecontrolplane.v1.KubeAPIServerProjectConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in KubeControllerManagerConfig) OpenAPIModelName() string { + return "com.github.openshift.api.kubecontrolplane.v1.KubeControllerManagerConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in KubeControllerManagerProjectConfig) OpenAPIModelName() string { + return "com.github.openshift.api.kubecontrolplane.v1.KubeControllerManagerProjectConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in KubeletConnectionInfo) OpenAPIModelName() string { + return "com.github.openshift.api.kubecontrolplane.v1.KubeletConnectionInfo" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MasterAuthConfig) OpenAPIModelName() string { + return "com.github.openshift.api.kubecontrolplane.v1.MasterAuthConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in RequestHeaderAuthenticationOptions) OpenAPIModelName() string { + return "com.github.openshift.api.kubecontrolplane.v1.RequestHeaderAuthenticationOptions" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ServiceServingCert) OpenAPIModelName() string { + return "com.github.openshift.api.kubecontrolplane.v1.ServiceServingCert" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in UserAgentDenyRule) OpenAPIModelName() string { + return "com.github.openshift.api.kubecontrolplane.v1.UserAgentDenyRule" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in UserAgentMatchRule) OpenAPIModelName() string { + return "com.github.openshift.api.kubecontrolplane.v1.UserAgentMatchRule" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in UserAgentMatchingConfig) OpenAPIModelName() string { + return "com.github.openshift.api.kubecontrolplane.v1.UserAgentMatchingConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in WebhookTokenAuthenticator) OpenAPIModelName() string { + return "com.github.openshift.api.kubecontrolplane.v1.WebhookTokenAuthenticator" +} diff --git a/vendor/github.com/openshift/api/legacyconfig/v1/doc.go b/vendor/github.com/openshift/api/legacyconfig/v1/doc.go index 93fc6dc50d..151f0501e9 100644 --- a/vendor/github.com/openshift/api/legacyconfig/v1/doc.go +++ b/vendor/github.com/openshift/api/legacyconfig/v1/doc.go @@ -1,6 +1,7 @@ // +k8s:deepcopy-gen=package,register // +k8s:defaulter-gen=TypeMeta // +k8s:openapi-gen=true +// +k8s:openapi-model-package=com.github.openshift.api.legacyconfig.v1 // +groupName=legacy.config.openshift.io // Package v1 is deprecated and exists to ease a transition to current APIs diff --git a/vendor/github.com/openshift/api/legacyconfig/v1/zz_generated.model_name.go b/vendor/github.com/openshift/api/legacyconfig/v1/zz_generated.model_name.go new file mode 100644 index 0000000000..1010a860a0 --- /dev/null +++ b/vendor/github.com/openshift/api/legacyconfig/v1/zz_generated.model_name.go @@ -0,0 +1,406 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Code generated by codegen. DO NOT EDIT. + +package v1 + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ActiveDirectoryConfig) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.ActiveDirectoryConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AdmissionConfig) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.AdmissionConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AdmissionPluginConfig) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.AdmissionPluginConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AggregatorConfig) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.AggregatorConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AllowAllPasswordIdentityProvider) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.AllowAllPasswordIdentityProvider" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AuditConfig) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.AuditConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AugmentedActiveDirectoryConfig) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.AugmentedActiveDirectoryConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in BasicAuthPasswordIdentityProvider) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.BasicAuthPasswordIdentityProvider" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in BuildDefaultsConfig) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.BuildDefaultsConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in BuildOverridesConfig) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.BuildOverridesConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in CertInfo) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.CertInfo" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ClientConnectionOverrides) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.ClientConnectionOverrides" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ClusterNetworkEntry) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.ClusterNetworkEntry" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ControllerConfig) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.ControllerConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ControllerElectionConfig) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.ControllerElectionConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in DNSConfig) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.DNSConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in DefaultAdmissionConfig) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.DefaultAdmissionConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in DenyAllPasswordIdentityProvider) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.DenyAllPasswordIdentityProvider" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in DockerConfig) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.DockerConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in EtcdConfig) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.EtcdConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in EtcdConnectionInfo) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.EtcdConnectionInfo" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in EtcdStorageConfig) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.EtcdStorageConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in GitHubIdentityProvider) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.GitHubIdentityProvider" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in GitLabIdentityProvider) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.GitLabIdentityProvider" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in GoogleIdentityProvider) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.GoogleIdentityProvider" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in GrantConfig) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.GrantConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in GroupResource) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.GroupResource" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in HTPasswdPasswordIdentityProvider) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.HTPasswdPasswordIdentityProvider" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in HTTPServingInfo) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.HTTPServingInfo" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in IdentityProvider) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.IdentityProvider" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageConfig) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.ImageConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImagePolicyConfig) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.ImagePolicyConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in JenkinsPipelineConfig) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.JenkinsPipelineConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in KeystonePasswordIdentityProvider) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.KeystonePasswordIdentityProvider" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in KubeletConnectionInfo) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.KubeletConnectionInfo" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in KubernetesMasterConfig) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.KubernetesMasterConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in LDAPAttributeMapping) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.LDAPAttributeMapping" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in LDAPPasswordIdentityProvider) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.LDAPPasswordIdentityProvider" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in LDAPQuery) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.LDAPQuery" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in LDAPSyncConfig) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.LDAPSyncConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in LocalQuota) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.LocalQuota" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MasterAuthConfig) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.MasterAuthConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MasterClients) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.MasterClients" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MasterConfig) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.MasterConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MasterNetworkConfig) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.MasterNetworkConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MasterVolumeConfig) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.MasterVolumeConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NamedCertificate) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.NamedCertificate" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NodeAuthConfig) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.NodeAuthConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NodeConfig) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.NodeConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NodeNetworkConfig) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.NodeNetworkConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NodeVolumeConfig) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.NodeVolumeConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OAuthConfig) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.OAuthConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OAuthTemplates) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.OAuthTemplates" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OpenIDClaims) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.OpenIDClaims" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OpenIDIdentityProvider) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.OpenIDIdentityProvider" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OpenIDURLs) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.OpenIDURLs" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PodManifestConfig) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.PodManifestConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PolicyConfig) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.PolicyConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ProjectConfig) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.ProjectConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in RFC2307Config) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.RFC2307Config" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in RegistryLocation) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.RegistryLocation" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in RemoteConnectionInfo) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.RemoteConnectionInfo" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in RequestHeaderAuthenticationOptions) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.RequestHeaderAuthenticationOptions" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in RequestHeaderIdentityProvider) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.RequestHeaderIdentityProvider" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in RoutingConfig) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.RoutingConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in SecurityAllocator) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.SecurityAllocator" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ServiceAccountConfig) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.ServiceAccountConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ServiceServingCert) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.ServiceServingCert" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ServingInfo) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.ServingInfo" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in SessionConfig) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.SessionConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in SessionSecret) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.SessionSecret" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in SessionSecrets) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.SessionSecrets" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in SourceStrategyDefaultsConfig) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.SourceStrategyDefaultsConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in StringSource) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.StringSource" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in StringSourceSpec) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.StringSourceSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in TokenConfig) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.TokenConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in UserAgentDenyRule) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.UserAgentDenyRule" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in UserAgentMatchRule) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.UserAgentMatchRule" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in UserAgentMatchingConfig) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.UserAgentMatchingConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in WebhookTokenAuthenticator) OpenAPIModelName() string { + return "com.github.openshift.api.legacyconfig.v1.WebhookTokenAuthenticator" +} diff --git a/vendor/github.com/openshift/api/machine/v1/doc.go b/vendor/github.com/openshift/api/machine/v1/doc.go index 7bd97c9507..ceddf5bd77 100644 --- a/vendor/github.com/openshift/api/machine/v1/doc.go +++ b/vendor/github.com/openshift/api/machine/v1/doc.go @@ -1,6 +1,7 @@ // +k8s:deepcopy-gen=package,register // +k8s:defaulter-gen=TypeMeta // +k8s:openapi-gen=true +// +k8s:openapi-model-package=com.github.openshift.api.machine.v1 // +kubebuilder:validation:Optional // +groupName=machine.openshift.io diff --git a/vendor/github.com/openshift/api/machine/v1/zz_generated.model_name.go b/vendor/github.com/openshift/api/machine/v1/zz_generated.model_name.go new file mode 100644 index 0000000000..11bf44a909 --- /dev/null +++ b/vendor/github.com/openshift/api/machine/v1/zz_generated.model_name.go @@ -0,0 +1,211 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Code generated by codegen. DO NOT EDIT. + +package v1 + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AWSFailureDomain) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1.AWSFailureDomain" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AWSFailureDomainPlacement) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1.AWSFailureDomainPlacement" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AWSResourceFilter) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1.AWSResourceFilter" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AWSResourceReference) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1.AWSResourceReference" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AlibabaCloudMachineProviderConfig) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1.AlibabaCloudMachineProviderConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AlibabaCloudMachineProviderConfigList) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1.AlibabaCloudMachineProviderConfigList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AlibabaCloudMachineProviderStatus) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1.AlibabaCloudMachineProviderStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AlibabaResourceReference) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1.AlibabaResourceReference" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AzureFailureDomain) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1.AzureFailureDomain" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in BandwidthProperties) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1.BandwidthProperties" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ControlPlaneMachineSet) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1.ControlPlaneMachineSet" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ControlPlaneMachineSetList) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1.ControlPlaneMachineSetList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ControlPlaneMachineSetSpec) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1.ControlPlaneMachineSetSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ControlPlaneMachineSetStatus) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1.ControlPlaneMachineSetStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ControlPlaneMachineSetStrategy) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1.ControlPlaneMachineSetStrategy" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ControlPlaneMachineSetTemplate) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1.ControlPlaneMachineSetTemplate" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ControlPlaneMachineSetTemplateObjectMeta) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1.ControlPlaneMachineSetTemplateObjectMeta" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in DataDiskProperties) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1.DataDiskProperties" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in FailureDomains) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1.FailureDomains" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in GCPFailureDomain) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1.GCPFailureDomain" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in LoadBalancerReference) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1.LoadBalancerReference" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NutanixCategory) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1.NutanixCategory" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NutanixFailureDomainReference) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1.NutanixFailureDomainReference" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NutanixGPU) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1.NutanixGPU" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NutanixMachineProviderConfig) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1.NutanixMachineProviderConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NutanixMachineProviderStatus) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1.NutanixMachineProviderStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NutanixResourceIdentifier) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1.NutanixResourceIdentifier" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NutanixStorageResourceIdentifier) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1.NutanixStorageResourceIdentifier" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NutanixVMDisk) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1.NutanixVMDisk" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NutanixVMDiskDeviceProperties) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1.NutanixVMDiskDeviceProperties" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NutanixVMStorageConfig) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1.NutanixVMStorageConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OpenShiftMachineV1Beta1MachineTemplate) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1.OpenShiftMachineV1Beta1MachineTemplate" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OpenStackFailureDomain) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1.OpenStackFailureDomain" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PowerVSMachineProviderConfig) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1.PowerVSMachineProviderConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PowerVSMachineProviderStatus) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1.PowerVSMachineProviderStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PowerVSResource) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1.PowerVSResource" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PowerVSSecretReference) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1.PowerVSSecretReference" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in RootVolume) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1.RootVolume" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in SystemDiskProperties) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1.SystemDiskProperties" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in Tag) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1.Tag" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in VSphereFailureDomain) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1.VSphereFailureDomain" +} diff --git a/vendor/github.com/openshift/api/machine/v1alpha1/doc.go b/vendor/github.com/openshift/api/machine/v1alpha1/doc.go index 111cacb635..201889b656 100644 --- a/vendor/github.com/openshift/api/machine/v1alpha1/doc.go +++ b/vendor/github.com/openshift/api/machine/v1alpha1/doc.go @@ -1,6 +1,7 @@ // +k8s:deepcopy-gen=package,register // +k8s:defaulter-gen=TypeMeta // +k8s:openapi-gen=true +// +k8s:openapi-model-package=com.github.openshift.api.machine.v1alpha1 // +kubebuilder:validation:Optional // +groupName=machine.openshift.io diff --git a/vendor/github.com/openshift/api/machine/v1alpha1/zz_generated.model_name.go b/vendor/github.com/openshift/api/machine/v1alpha1/zz_generated.model_name.go new file mode 100644 index 0000000000..8310e981e9 --- /dev/null +++ b/vendor/github.com/openshift/api/machine/v1alpha1/zz_generated.model_name.go @@ -0,0 +1,76 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Code generated by codegen. DO NOT EDIT. + +package v1alpha1 + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AdditionalBlockDevice) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1alpha1.AdditionalBlockDevice" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AddressPair) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1alpha1.AddressPair" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in BlockDeviceStorage) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1alpha1.BlockDeviceStorage" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in BlockDeviceVolume) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1alpha1.BlockDeviceVolume" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in Filter) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1alpha1.Filter" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in FixedIPs) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1alpha1.FixedIPs" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NetworkParam) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1alpha1.NetworkParam" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OpenstackProviderSpec) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1alpha1.OpenstackProviderSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PortOpts) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1alpha1.PortOpts" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in RootVolume) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1alpha1.RootVolume" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in SecurityGroupFilter) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1alpha1.SecurityGroupFilter" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in SecurityGroupParam) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1alpha1.SecurityGroupParam" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in SubnetFilter) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1alpha1.SubnetFilter" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in SubnetParam) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1alpha1.SubnetParam" +} diff --git a/vendor/github.com/openshift/api/machine/v1beta1/doc.go b/vendor/github.com/openshift/api/machine/v1beta1/doc.go index e14fc64e32..5c992f6923 100644 --- a/vendor/github.com/openshift/api/machine/v1beta1/doc.go +++ b/vendor/github.com/openshift/api/machine/v1beta1/doc.go @@ -1,6 +1,7 @@ // +k8s:deepcopy-gen=package,register // +k8s:defaulter-gen=TypeMeta // +k8s:openapi-gen=true +// +k8s:openapi-model-package=com.github.openshift.api.machine.v1beta1 // +kubebuilder:validation:Optional // +groupName=machine.openshift.io diff --git a/vendor/github.com/openshift/api/machine/v1beta1/types_machineset.go b/vendor/github.com/openshift/api/machine/v1beta1/types_machineset.go index be5476344b..cbbe0b337c 100644 --- a/vendor/github.com/openshift/api/machine/v1beta1/types_machineset.go +++ b/vendor/github.com/openshift/api/machine/v1beta1/types_machineset.go @@ -129,6 +129,14 @@ type MachineSetStatus struct { // observedGeneration reflects the generation of the most recently observed MachineSet. // +optional ObservedGeneration int64 `json:"observedGeneration,omitempty"` + // labelSelector is a label selector, in string format, for Machines corresponding to the MachineSet. + // It is exposed via the scale subresource as status.selector. + // When omitted, the MachineSet controller has not yet reconciled spec.selector into status.labelSelector. + // When present, it must not be empty and must not exceed 4096 characters. + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=4096 + // +optional + LabelSelector string `json:"labelSelector,omitempty"` // In the event that there is a terminal problem reconciling the // replicas, both ErrorReason and ErrorMessage will be set. ErrorReason // will be populated with a succinct value suitable for machine diff --git a/vendor/github.com/openshift/api/machine/v1beta1/zz_generated.model_name.go b/vendor/github.com/openshift/api/machine/v1beta1/zz_generated.model_name.go new file mode 100644 index 0000000000..fe84d447fd --- /dev/null +++ b/vendor/github.com/openshift/api/machine/v1beta1/zz_generated.model_name.go @@ -0,0 +1,376 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Code generated by codegen. DO NOT EDIT. + +package v1beta1 + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AWSMachineProviderConfig) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.AWSMachineProviderConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AWSMachineProviderConfigList) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.AWSMachineProviderConfigList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AWSMachineProviderStatus) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.AWSMachineProviderStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AWSResourceReference) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.AWSResourceReference" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AddressesFromPool) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.AddressesFromPool" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AzureBootDiagnostics) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.AzureBootDiagnostics" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AzureCustomerManagedBootDiagnostics) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.AzureCustomerManagedBootDiagnostics" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AzureDiagnostics) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.AzureDiagnostics" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AzureMachineProviderSpec) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.AzureMachineProviderSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AzureMachineProviderStatus) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.AzureMachineProviderStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in BlockDeviceMappingSpec) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.BlockDeviceMappingSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in CPUOptions) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.CPUOptions" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in Condition) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.Condition" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ConfidentialVM) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.ConfidentialVM" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in DataDisk) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.DataDisk" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in DataDiskManagedDiskParameters) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.DataDiskManagedDiskParameters" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in DedicatedHost) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.DedicatedHost" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in DedicatedHostStatus) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.DedicatedHostStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in DiskEncryptionSetParameters) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.DiskEncryptionSetParameters" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in DiskSettings) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.DiskSettings" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in DynamicHostAllocationSpec) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.DynamicHostAllocationSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in EBSBlockDeviceSpec) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.EBSBlockDeviceSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in Filter) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.Filter" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in GCPDisk) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.GCPDisk" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in GCPEncryptionKeyReference) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.GCPEncryptionKeyReference" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in GCPGPUConfig) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.GCPGPUConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in GCPKMSKeyReference) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.GCPKMSKeyReference" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in GCPMachineProviderSpec) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.GCPMachineProviderSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in GCPMachineProviderStatus) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.GCPMachineProviderStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in GCPMetadata) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.GCPMetadata" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in GCPNetworkInterface) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.GCPNetworkInterface" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in GCPServiceAccount) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.GCPServiceAccount" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in GCPShieldedInstanceConfig) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.GCPShieldedInstanceConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in HostPlacement) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.HostPlacement" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in Image) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.Image" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in LastOperation) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.LastOperation" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in LifecycleHook) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.LifecycleHook" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in LifecycleHooks) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.LifecycleHooks" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in LoadBalancerReference) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.LoadBalancerReference" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in Machine) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.Machine" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MachineHealthCheck) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.MachineHealthCheck" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MachineHealthCheckList) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.MachineHealthCheckList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MachineHealthCheckSpec) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.MachineHealthCheckSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MachineHealthCheckStatus) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.MachineHealthCheckStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MachineList) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.MachineList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MachineSet) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.MachineSet" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MachineSetList) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.MachineSetList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MachineSetSpec) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.MachineSetSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MachineSetStatus) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.MachineSetStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MachineSpec) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.MachineSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MachineStatus) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.MachineStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MachineTemplateSpec) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.MachineTemplateSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MetadataServiceOptions) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.MetadataServiceOptions" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NetworkDeviceSpec) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.NetworkDeviceSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NetworkSpec) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.NetworkSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OSDisk) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.OSDisk" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OSDiskManagedDiskParameters) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.OSDiskManagedDiskParameters" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ObjectMeta) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.ObjectMeta" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in Placement) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.Placement" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ProviderSpec) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.ProviderSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ResourceManagerTag) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.ResourceManagerTag" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in SecurityProfile) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.SecurityProfile" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in SecuritySettings) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.SecuritySettings" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in SpotMarketOptions) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.SpotMarketOptions" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in SpotVMOptions) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.SpotVMOptions" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in TagSpecification) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.TagSpecification" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in TrustedLaunch) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.TrustedLaunch" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in UEFISettings) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.UEFISettings" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in UnhealthyCondition) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.UnhealthyCondition" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in VMDiskSecurityProfile) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.VMDiskSecurityProfile" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in VSphereDisk) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.VSphereDisk" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in VSphereMachineProviderSpec) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.VSphereMachineProviderSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in VSphereMachineProviderStatus) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.VSphereMachineProviderStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in Workspace) OpenAPIModelName() string { + return "com.github.openshift.api.machine.v1beta1.Workspace" +} diff --git a/vendor/github.com/openshift/api/machine/v1beta1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/machine/v1beta1/zz_generated.swagger_doc_generated.go index 2c4a9030cc..e686cad25a 100644 --- a/vendor/github.com/openshift/api/machine/v1beta1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/machine/v1beta1/zz_generated.swagger_doc_generated.go @@ -748,6 +748,7 @@ var map_MachineSetStatus = map[string]string{ "readyReplicas": "The number of ready replicas for this MachineSet. A machine is considered ready when the node has been created and is \"Ready\".", "availableReplicas": "The number of available replicas (ready for at least minReadySeconds) for this MachineSet.", "observedGeneration": "observedGeneration reflects the generation of the most recently observed MachineSet.", + "labelSelector": "labelSelector is a label selector, in string format, for Machines corresponding to the MachineSet. It is exposed via the scale subresource as status.selector. When omitted, the MachineSet controller has not yet reconciled spec.selector into status.labelSelector. When present, it must not be empty and must not exceed 4096 characters.", "errorReason": "In the event that there is a terminal problem reconciling the replicas, both ErrorReason and ErrorMessage will be set. ErrorReason will be populated with a succinct value suitable for machine interpretation, while ErrorMessage will contain a more verbose string suitable for logging and human consumption.\n\nThese fields should not be set for transitive errors that a controller faces that are expected to be fixed automatically over time (like service outages), but instead indicate that something is fundamentally wrong with the MachineTemplate's spec or the configuration of the machine controller, and that manual intervention is required. Examples of terminal errors would be invalid combinations of settings in the spec, values that are unsupported by the machine controller, or the responsible machine controller itself being critically misconfigured.\n\nAny transient errors that occur during the reconciliation of Machines can be added as events to the MachineSet object and/or logged in the controller's output.", "conditions": "conditions defines the current state of the MachineSet", "authoritativeAPI": "authoritativeAPI is the API that is authoritative for this resource. Valid values are MachineAPI, ClusterAPI and Migrating. This value is updated by the migration controller to reflect the authoritative API. Machine API and Cluster API controllers use this value to determine whether or not to reconcile the resource. When set to Migrating, the migration controller is currently performing the handover of authority from one API to the other.", diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1/doc.go b/vendor/github.com/openshift/api/machineconfiguration/v1/doc.go index c3b273145d..fb466d576a 100644 --- a/vendor/github.com/openshift/api/machineconfiguration/v1/doc.go +++ b/vendor/github.com/openshift/api/machineconfiguration/v1/doc.go @@ -1,5 +1,6 @@ // +k8s:deepcopy-gen=package,register // +groupName=machineconfiguration.openshift.io +// +k8s:openapi-model-package=com.github.openshift.api.machineconfiguration.v1 // +kubebuilder:validation:Optional // Package v1 is the v1 version of the API. diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1/register.go b/vendor/github.com/openshift/api/machineconfiguration/v1/register.go index d0a88324f7..d52f6480e8 100644 --- a/vendor/github.com/openshift/api/machineconfiguration/v1/register.go +++ b/vendor/github.com/openshift/api/machineconfiguration/v1/register.go @@ -38,6 +38,8 @@ func addKnownTypes(scheme *runtime.Scheme) error { &MachineOSConfigList{}, &MachineOSBuild{}, &MachineOSBuildList{}, + &OSImageStream{}, + &OSImageStreamList{}, &PinnedImageSet{}, &PinnedImageSetList{}, &MachineConfigNode{}, diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1/types.go b/vendor/github.com/openshift/api/machineconfiguration/v1/types.go index 7ffad174fb..33c12be923 100644 --- a/vendor/github.com/openshift/api/machineconfiguration/v1/types.go +++ b/vendor/github.com/openshift/api/machineconfiguration/v1/types.go @@ -446,7 +446,6 @@ type MachineConfigPoolSpec struct { // Resolving these failures is the responsibility of the user. The admin // should be proactive in ensuring adequate storage and proper image // authentication exists in advance. - // +openshift:enable:FeatureGate=PinnedImages // +optional // +listType=map // +listMapKey=name @@ -489,7 +488,6 @@ type PinnedImageSetRef struct { // consists of alphanumeric characters and hyphens (-), must begin and end // with an alphanumeric character, and is at most 63 characters in length. // The total length of the name must not exceed 253 characters. - // +openshift:enable:FeatureGate=PinnedImages // +kubebuilder:validation:MinLength=1 // +kubebuilder:validation:MaxLength=253 // +kubebuilder:validation:Pattern=`^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$` @@ -540,7 +538,6 @@ type MachineConfigPoolStatus struct { CertExpirys []CertExpiry `json:"certExpirys"` // poolSynchronizersStatus is the status of the machines managed by the pool synchronizers. - // +openshift:enable:FeatureGate=PinnedImages // +listType=map // +listMapKey=poolSynchronizerType // +optional @@ -676,11 +673,9 @@ const ( MachineConfigPoolImageBuildDegraded MachineConfigPoolConditionType = "ImageBuildDegraded" // MachineConfigPoolPinnedImageSetsDegraded means the pinned image sets for the pool cannot be populated because of an error - // +openshift:enable:FeatureGate=PinnedImages MachineConfigPoolPinnedImageSetsDegraded MachineConfigPoolConditionType = "PinnedImageSetsDegraded" // MachineConfigPoolSynchronizerDegraded means the pool synchronizer can not be updated because of an error - // +openshift:enable:FeatureGate=PinnedImages MachineConfigPoolSynchronizerDegraded MachineConfigPoolConditionType = "PoolSynchronizerDegraded" // MachineConfigPoolDegraded is the overall status of the pool based, today, on whether we fail with NodeDegraded, RenderDegraded, or ImageBuildDegraded @@ -737,27 +732,40 @@ type KubeletConfig struct { Status KubeletConfigStatus `json:"status"` } -// KubeletConfigSpec defines the desired state of KubeletConfig +// KubeletConfigSpec configures the kubelet running on cluster nodes. type KubeletConfigSpec struct { + // autoSizingReserved controls whether system-reserved CPU and memory are automatically + // calculated based on each node's installed capacity. When set to true, this prevents node failure + // from resource starvation of system components (kubelet, CRI-O) without manual configuration. + // When omitted, this means the user has no opinion and the platform is left to choose a reasonable default, + // which is subject to change over time. The current default is true for worker nodes and false for control plane nodes. + // When set to false, automatic resource reservation is disabled and manual settings must be configured. // +optional AutoSizingReserved *bool `json:"autoSizingReserved,omitempty"` + // logLevel sets the kubelet log verbosity, controlling the amount of detail in kubelet logs. + // Valid values range from 0 (minimal logging) to 10 (maximum verbosity with trace-level detail). + // Higher log levels may impact node performance. When omitted, the platform chooses a reasonable default, + // which is subject to change over time. The current default is 2 (standard informational logging). + // +kubebuilder:validation:Minimum=0 + // +kubebuilder:validation:Maximum=10 // +optional LogLevel *int32 `json:"logLevel,omitempty"` - // machineConfigPoolSelector selects which pools the KubeletConfig shoud apply to. - // A nil selector will result in no pools being selected. + // machineConfigPoolSelector selects which pools the KubeletConfig should apply to. + // When omitted or set to an empty selector {}, no pools are selected, which is equivalent + // to not matching any MachineConfigPool. // +optional MachineConfigPoolSelector *metav1.LabelSelector `json:"machineConfigPoolSelector,omitempty"` - // kubeletConfig fields are defined in kubernetes upstream. Please refer to the types defined in the version/commit used by - // OpenShift of the upstream kubernetes. It's important to note that, since the fields of the kubelet configuration are directly fetched from - // upstream the validation of those values is handled directly by the kubelet. Please refer to the upstream version of the relevant kubernetes - // for the valid values of these fields. Invalid values of the kubelet configuration fields may render cluster nodes unusable. + // kubeletConfig contains upstream Kubernetes kubelet configuration fields. + // Values are validated by the kubelet itself. Invalid values may render nodes unusable. + // Refer to OpenShift documentation for the Kubernetes version corresponding to your + // OpenShift release to find valid kubelet configuration options. // +optional KubeletConfig *runtime.RawExtension `json:"kubeletConfig,omitempty"` - // If unset, the default is based on the apiservers.config.openshift.io/cluster resource. - // Note that only Old and Intermediate profiles are currently supported, and - // the maximum available minTLSVersion is VersionTLS12. + // tlsSecurityProfile configures TLS settings for the kubelet. + // When omitted, the TLS configuration defaults to the value from apiservers.config.openshift.io/cluster. + // When specified, the type field can be set to either "Old", "Intermediate", "Modern", "Custom" or omitted for backward compatibility. // +optional TLSSecurityProfile *configv1.TLSSecurityProfile `json:"tlsSecurityProfile,omitempty"` } @@ -803,10 +811,17 @@ type KubeletConfigCondition struct { type KubeletConfigStatusConditionType string const ( + // KubeletConfigAccepted designates whether a KubeletConfig CR has been accepted. + // When the condition status is True, the KubeletConfig has been accepted successfully. + // When the condition status is False, the KubeletConfig has not been accepted. + KubeletConfigAccepted KubeletConfigStatusConditionType = "Accepted" + // KubeletConfigSuccess designates a successful application of a KubeletConfig CR. + // Deprecated: Use KubeletConfigAccepted instead. KubeletConfigSuccess will be removed in a future release. KubeletConfigSuccess KubeletConfigStatusConditionType = "Success" // KubeletConfigFailure designates a failure applying a KubeletConfig CR. + // Deprecated: Use KubeletConfigAccepted with status False instead. KubeletConfigFailure will be removed in a future release. KubeletConfigFailure KubeletConfigStatusConditionType = "Failure" ) diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1/types_machineconfignode.go b/vendor/github.com/openshift/api/machineconfiguration/v1/types_machineconfignode.go index a51620fc5a..8f6bc650fc 100644 --- a/vendor/github.com/openshift/api/machineconfiguration/v1/types_machineconfignode.go +++ b/vendor/github.com/openshift/api/machineconfiguration/v1/types_machineconfignode.go @@ -12,7 +12,6 @@ import ( // +kubebuilder:subresource:status // +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/2255 // +openshift:file-pattern=cvoRunLevel=0000_80,operatorName=machine-config,operatorOrdering=01 -// +openshift:enable:FeatureGate=MachineConfigNodes // +kubebuilder:printcolumn:name="PoolName",type="string",JSONPath=.spec.pool.name,priority=0 // +kubebuilder:printcolumn:name="DesiredConfig",type="string",JSONPath=.spec.configVersion.desired,priority=0 // +kubebuilder:printcolumn:name="CurrentConfig",type="string",JSONPath=.status.configVersion.current,priority=0 @@ -116,6 +115,7 @@ type MachineConfigNodeStatus struct { // and PinnedImageSetsDegraded. // The following types are only available when the ImageModeStatusReporting feature gate is enabled: ImagePulledFromRegistry, // AppliedOSImage, AppliedFiles + // The following types are only available when the NoRegistryClusterInstall feature gate is enabled: InternalReleaseImageDegraded // +listType=map // +listMapKey=type // +kubebuilder:validation:MaxItems=20 @@ -211,12 +211,14 @@ type MachineConfigNodeStatusInternalReleaseImageRef struct { // image is an OCP release image referenced by digest. // The format of the image pull spec is: host[:port][/namespace]/name@sha256:, // where the digest must be 64 characters long, and consist only of lowercase hexadecimal characters, a-f and 0-9. + // The host must be either exactly "localhost" or a dot-qualified domain name. + // Single-label hosts other than "localhost" are not permitted. // The length of the whole spec must be between 1 to 447 characters. // The field is optional, and it will be provided after a release will be successfully installed. // +kubebuilder:validation:MinLength=1 // +kubebuilder:validation:MaxLength=447 // +kubebuilder:validation:XValidation:rule=`(self.split('@').size() == 2 && self.split('@')[1].matches('^sha256:[a-f0-9]{64}$'))`,message="the OCI Image reference must end with a valid '@sha256:' suffix, where '' is 64 characters long" - // +kubebuilder:validation:XValidation:rule=`(self.split('@')[0].matches('^([a-zA-Z0-9-]+\\.)+[a-zA-Z0-9-]+(:[0-9]{2,5})?/([a-zA-Z0-9-_]{0,61}/)?[a-zA-Z0-9-_.]*?$'))`,message="the OCI Image name should follow the host[:port][/namespace]/name format, resembling a valid URL without the scheme" + // +kubebuilder:validation:XValidation:rule=`(self.split('@')[0].matches('^(localhost|([a-zA-Z0-9-]+\\.)+[a-zA-Z0-9-]+)(:[0-9]{2,5})?/([a-zA-Z0-9-_]{0,61}/)?[a-zA-Z0-9-_.]*?$'))`,message="the OCI Image name should follow the host[:port][/namespace]/name format, resembling a valid URL without the scheme; host must be either 'localhost' or a dot-qualified domain name" // +optional Image string `json:"image,omitempty"` } @@ -418,4 +420,6 @@ const ( MachineConfigNodePinnedImageSetsProgressing StateProgress = "PinnedImageSetsProgressing" // MachineConfigNodePinnedImageSetsDegraded describes a machine that has failed to progress to the desired pinned image sets MachineConfigNodePinnedImageSetsDegraded StateProgress = "PinnedImageSetsDegraded" + // MachineConfigNodeInternalReleaseImageDegraded describes a machine where the local InternalReleaseImage registry is not properly working + MachineConfigNodeInternalReleaseImageDegraded StateProgress = "InternalReleaseImageDegraded" ) diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1/types_osimagestream.go b/vendor/github.com/openshift/api/machineconfiguration/v1/types_osimagestream.go new file mode 100644 index 0000000000..162bd98aac --- /dev/null +++ b/vendor/github.com/openshift/api/machineconfiguration/v1/types_osimagestream.go @@ -0,0 +1,162 @@ +package v1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +// +genclient +// +genclient:nonNamespaced +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +// OSImageStream describes a set of streams and associated images available +// for the MachineConfigPools to be used as base OS images. +// +// The resource is a singleton named "cluster". +// +// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). +// +openshift:compatibility-gen:level=1 +// +kubebuilder:object:root=true +// +kubebuilder:resource:path=osimagestreams,scope=Cluster +// +kubebuilder:subresource:status +// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/2555 +// +openshift:file-pattern=cvoRunLevel=0000_80,operatorName=machine-config,operatorOrdering=01 +// +openshift:enable:FeatureGate=OSStreams +// +kubebuilder:metadata:labels=openshift.io/operator-managed= +// +kubebuilder:validation:XValidation:rule="self.metadata.name == 'cluster'",message="osimagestream is a singleton, .metadata.name must be 'cluster'" +// +kubebuilder:validation:XValidation:rule="self.spec == oldSelf.spec || !has(self.status) || self.spec.defaultStream in self.status.availableStreams.map(s, s.name)",message="spec.defaultStream must reference an existing stream name from status.availableStreams" +type OSImageStream struct { + metav1.TypeMeta `json:",inline"` + + // metadata is the standard object's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + // +optional + metav1.ObjectMeta `json:"metadata,omitempty"` + + // spec contains the desired OSImageStream config configuration. + // +required + Spec OSImageStreamSpec `json:"spec,omitzero,omitempty"` + + // status describes the last observed state of this OSImageStream. + // Populated by the MachineConfigOperator after reading release metadata. + // When not present, the controller has not yet reconciled this resource. + // +optional + Status OSImageStreamStatus `json:"status,omitempty,omitzero"` +} + +// OSImageStreamStatus describes the current state of a OSImageStream +// +kubebuilder:validation:XValidation:rule="self.defaultStream in self.availableStreams.map(s, s.name)",message="defaultStream must reference a stream name from availableStreams" +type OSImageStreamStatus struct { + + // availableStreams is a list of the available OS Image Streams that can be + // used as the base image for MachineConfigPools. + // availableStreams is required, must have at least one item, must not exceed + // 100 items, and must have unique entries keyed on the name field. + // + // +required + // +kubebuilder:validation:MinItems=1 + // +kubebuilder:validation:MaxItems=100 + // +listType=map + // +listMapKey=name + AvailableStreams []OSImageStreamSet `json:"availableStreams,omitempty"` + + // defaultStream is the name of the stream that should be used as the default + // when no specific stream is requested by a MachineConfigPool. + // + // It must be a valid RFC 1123 subdomain between 1 and 253 characters in length, + // consisting of lowercase alphanumeric characters, hyphens ('-'), and periods ('.'), + // and must reference the name of one of the streams in availableStreams. + // + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=253 + // +kubebuilder:validation:XValidation:rule="!format.dns1123Subdomain().validate(self).hasValue()",message="a RFC 1123 subdomain must consist of lower case alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character." + DefaultStream string `json:"defaultStream,omitempty"` +} + +// OSImageStreamSpec defines the desired state of a OSImageStream. +type OSImageStreamSpec struct { + // defaultStream is the desired name of the stream that should be used as the + // default when no specific stream is requested by a MachineConfigPool. + // + // This field is set by the installer during installation. Users may need to + // update it if the currently selected stream is no longer available, for + // example when the stream has reached its End of Life. + // The MachineConfigOperator uses this value to determine which stream from + // status.availableStreams to apply as the default for MachineConfigPools + // that do not specify a stream override. + // + // When status.availableStreams has been populated by the operator, updating + // this field requires that the new value references the name of one of the + // streams in status.availableStreams. Status-only updates by the operator + // are not subject to this constraint, allowing the operator to update + // availableStreams independently of this field. + // During initial creation, before the operator has populated status, any + // valid value is accepted. + // + // For upgrade scenarios where the source OCP version doesn't have this CRD + // the MCO creates and populates the OSImageStream cluster singleton setting + // this field with the proper value based on the source OCP version. + // + // It must be a valid RFC 1123 subdomain between 1 and 253 characters in length, + // consisting of lowercase alphanumeric characters, hyphens ('-'), and periods ('.'). + // + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=253 + // +kubebuilder:validation:XValidation:rule="!format.dns1123Subdomain().validate(self).hasValue()",message="a RFC 1123 subdomain must consist of lower case alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character." + DefaultStream string `json:"defaultStream,omitempty"` +} + +type OSImageStreamSet struct { + // name is the required identifier of the stream. + // + // name is determined by the operator based on the OCI label of the + // discovered OS or Extension Image. + // + // Must be a valid RFC 1123 subdomain between 1 and 253 characters in length, + // consisting of lowercase alphanumeric characters, hyphens ('-'), and periods ('.'). + // + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=253 + // +kubebuilder:validation:XValidation:rule="!format.dns1123Subdomain().validate(self).hasValue()",message="a RFC 1123 subdomain must consist of lower case alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character." + Name string `json:"name,omitempty"` + + // osImage is a required OS Image referenced by digest. + // + // osImage contains the immutable, fundamental operating system components, including the kernel + // and base utilities, that define the core environment for the node's host operating system. + // + // The format of the image pull spec is: host[:port][/namespace]/name@sha256:, + // where the digest must be 64 characters long, and consist only of lowercase hexadecimal characters, a-f and 0-9. + // The length of the whole spec must be between 1 to 447 characters. + // +required + OSImage ImageDigestFormat `json:"osImage,omitempty"` + + // osExtensionsImage is a required OS Extensions Image referenced by digest. + // + // osExtensionsImage bundles the extra repositories used to enable extensions, augmenting + // the base operating system without modifying the underlying immutable osImage. + // + // The format of the image pull spec is: host[:port][/namespace]/name@sha256:, + // where the digest must be 64 characters long, and consist only of lowercase hexadecimal characters, a-f and 0-9. + // The length of the whole spec must be between 1 to 447 characters. + // +required + OSExtensionsImage ImageDigestFormat `json:"osExtensionsImage,omitempty"` +} + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +// OSImageStreamList is a list of OSImageStream resources +// +// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). +// +openshift:compatibility-gen:level=1 +type OSImageStreamList struct { + metav1.TypeMeta `json:",inline"` + + // metadata is the standard list's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + metav1.ListMeta `json:"metadata"` + + Items []OSImageStream `json:"items"` +} diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1/types_pinnedimageset.go b/vendor/github.com/openshift/api/machineconfiguration/v1/types_pinnedimageset.go index 240b679b7a..7bad7478c7 100644 --- a/vendor/github.com/openshift/api/machineconfiguration/v1/types_pinnedimageset.go +++ b/vendor/github.com/openshift/api/machineconfiguration/v1/types_pinnedimageset.go @@ -11,7 +11,6 @@ import ( // +kubebuilder:resource:path=pinnedimagesets,scope=Cluster // +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/2198 // +openshift:file-pattern=cvoRunLevel=0000_80,operatorName=machine-config,operatorOrdering=01 -// +openshift:enable:FeatureGate=PinnedImages // +kubebuilder:metadata:labels=openshift.io/operator-managed= // PinnedImageSet describes a set of images that should be pinned by CRI-O and @@ -21,7 +20,7 @@ import ( // +openshift:compatibility-gen:level=1 type PinnedImageSet struct { metav1.TypeMeta `json:",inline"` - + // metadata is the standard object metadata. // +optional metav1.ObjectMeta `json:"metadata,omitempty"` diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.deepcopy.go b/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.deepcopy.go index a42a2f36ed..9b738f8622 100644 --- a/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.deepcopy.go +++ b/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.deepcopy.go @@ -1553,6 +1553,67 @@ func (in *NetworkInfo) DeepCopy() *NetworkInfo { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OSImageStream) DeepCopyInto(out *OSImageStream) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + out.Spec = in.Spec + in.Status.DeepCopyInto(&out.Status) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OSImageStream. +func (in *OSImageStream) DeepCopy() *OSImageStream { + if in == nil { + return nil + } + out := new(OSImageStream) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *OSImageStream) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OSImageStreamList) DeepCopyInto(out *OSImageStreamList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]OSImageStream, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OSImageStreamList. +func (in *OSImageStreamList) DeepCopy() *OSImageStreamList { + if in == nil { + return nil + } + out := new(OSImageStreamList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *OSImageStreamList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *OSImageStreamReference) DeepCopyInto(out *OSImageStreamReference) { *out = *in @@ -1569,6 +1630,59 @@ func (in *OSImageStreamReference) DeepCopy() *OSImageStreamReference { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OSImageStreamSet) DeepCopyInto(out *OSImageStreamSet) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OSImageStreamSet. +func (in *OSImageStreamSet) DeepCopy() *OSImageStreamSet { + if in == nil { + return nil + } + out := new(OSImageStreamSet) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OSImageStreamSpec) DeepCopyInto(out *OSImageStreamSpec) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OSImageStreamSpec. +func (in *OSImageStreamSpec) DeepCopy() *OSImageStreamSpec { + if in == nil { + return nil + } + out := new(OSImageStreamSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OSImageStreamStatus) DeepCopyInto(out *OSImageStreamStatus) { + *out = *in + if in.AvailableStreams != nil { + in, out := &in.AvailableStreams, &out.AvailableStreams + *out = make([]OSImageStreamSet, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OSImageStreamStatus. +func (in *OSImageStreamStatus) DeepCopy() *OSImageStreamStatus { + if in == nil { + return nil + } + out := new(OSImageStreamStatus) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ObjectReference) DeepCopyInto(out *ObjectReference) { *out = *in diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.featuregated-crd-manifests.yaml index f82db003fc..b22dc29f5d 100644 --- a/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.featuregated-crd-manifests.yaml +++ b/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.featuregated-crd-manifests.yaml @@ -31,17 +31,17 @@ controllerconfigs.machineconfiguration.openshift.io: FeatureGates: - AWSClusterHostedDNSInstall - AWSDualStackInstall + - AWSEuropeanSovereignCloudInstall - AzureClusterHostedDNSInstall - AzureDualStackInstall - DualReplica - DyanmicServiceEndpointIBMCloud - - GCPClusterHostedDNSInstall - - HighlyAvailableArbiter - - HighlyAvailableArbiter+DualReplica + - MutableTopology - NutanixMultiSubnets - OnPremDNSRecords - VSphereHostVMGroupZonal - VSphereMultiNetworks + - VSphereMultiVCenterDay2 FilenameOperatorName: machine-config FilenameOperatorOrdering: "01" FilenameRunLevel: "0000_80" @@ -63,7 +63,8 @@ kubeletconfigs.machineconfiguration.openshift.io: CRDName: kubeletconfigs.machineconfiguration.openshift.io Capability: "" Category: "" - FeatureGates: [] + FeatureGates: + - TLSGroupPreferences FilenameOperatorName: machine-config FilenameOperatorOrdering: "01" FilenameRunLevel: "0000_80" @@ -123,7 +124,6 @@ machineconfignodes.machineconfiguration.openshift.io: FeatureGates: - ImageModeStatusReporting - IrreconcilableMachineConfig - - MachineConfigNodes - NoRegistryClusterInstall FilenameOperatorName: machine-config FilenameOperatorOrdering: "01" @@ -192,8 +192,7 @@ machineconfignodes.machineconfiguration.openshift.io: type: string Scope: Cluster ShortNames: null - TopLevelFeatureGates: - - MachineConfigNodes + TopLevelFeatureGates: [] Version: v1 machineconfigpools.machineconfiguration.openshift.io: @@ -204,7 +203,6 @@ machineconfigpools.machineconfiguration.openshift.io: Category: "" FeatureGates: - OSStreams - - PinnedImages FilenameOperatorName: machine-config FilenameOperatorOrdering: "01" FilenameRunLevel: "0000_80" @@ -321,14 +319,37 @@ machineosconfigs.machineconfiguration.openshift.io: TopLevelFeatureGates: [] Version: v1 +osimagestreams.machineconfiguration.openshift.io: + Annotations: {} + ApprovedPRNumber: https://github.com/openshift/api/pull/2555 + CRDName: osimagestreams.machineconfiguration.openshift.io + Capability: "" + Category: "" + FeatureGates: + - OSStreams + FilenameOperatorName: machine-config + FilenameOperatorOrdering: "01" + FilenameRunLevel: "0000_80" + GroupName: machineconfiguration.openshift.io + HasStatus: true + KindName: OSImageStream + Labels: + openshift.io/operator-managed: "" + PluralName: osimagestreams + PrinterColumns: [] + Scope: Cluster + ShortNames: null + TopLevelFeatureGates: + - OSStreams + Version: v1 + pinnedimagesets.machineconfiguration.openshift.io: Annotations: {} ApprovedPRNumber: https://github.com/openshift/api/pull/2198 CRDName: pinnedimagesets.machineconfiguration.openshift.io Capability: "" Category: "" - FeatureGates: - - PinnedImages + FeatureGates: [] FilenameOperatorName: machine-config FilenameOperatorOrdering: "01" FilenameRunLevel: "0000_80" @@ -341,7 +362,6 @@ pinnedimagesets.machineconfiguration.openshift.io: PrinterColumns: [] Scope: Cluster ShortNames: null - TopLevelFeatureGates: - - PinnedImages + TopLevelFeatureGates: [] Version: v1 diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.model_name.go b/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.model_name.go new file mode 100644 index 0000000000..1315ccb99e --- /dev/null +++ b/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.model_name.go @@ -0,0 +1,371 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Code generated by codegen. DO NOT EDIT. + +package v1 + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AdditionalArtifactStore) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.AdditionalArtifactStore" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AdditionalImageStore) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.AdditionalImageStore" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AdditionalLayerStore) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.AdditionalLayerStore" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in CertExpiry) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.CertExpiry" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ContainerRuntimeConfig) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.ContainerRuntimeConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ContainerRuntimeConfigCondition) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.ContainerRuntimeConfigCondition" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ContainerRuntimeConfigList) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.ContainerRuntimeConfigList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ContainerRuntimeConfigSpec) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.ContainerRuntimeConfigSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ContainerRuntimeConfigStatus) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.ContainerRuntimeConfigStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ContainerRuntimeConfiguration) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.ContainerRuntimeConfiguration" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ControllerCertificate) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.ControllerCertificate" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ControllerConfig) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.ControllerConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ControllerConfigList) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.ControllerConfigList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ControllerConfigSpec) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.ControllerConfigSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ControllerConfigStatus) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.ControllerConfigStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ControllerConfigStatusCondition) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.ControllerConfigStatusCondition" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageRegistryBundle) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.ImageRegistryBundle" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageSecretObjectReference) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.ImageSecretObjectReference" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in IrreconcilableChangeDiff) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.IrreconcilableChangeDiff" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in KubeletConfig) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.KubeletConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in KubeletConfigCondition) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.KubeletConfigCondition" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in KubeletConfigList) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.KubeletConfigList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in KubeletConfigSpec) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.KubeletConfigSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in KubeletConfigStatus) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.KubeletConfigStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MCOObjectReference) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.MCOObjectReference" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MachineConfig) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.MachineConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MachineConfigList) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.MachineConfigList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MachineConfigNode) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.MachineConfigNode" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MachineConfigNodeList) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.MachineConfigNodeList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MachineConfigNodeSpec) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.MachineConfigNodeSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MachineConfigNodeSpecConfigImage) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.MachineConfigNodeSpecConfigImage" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MachineConfigNodeSpecMachineConfigVersion) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.MachineConfigNodeSpecMachineConfigVersion" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MachineConfigNodeStatus) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.MachineConfigNodeStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MachineConfigNodeStatusConfigImage) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.MachineConfigNodeStatusConfigImage" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MachineConfigNodeStatusInternalReleaseImage) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.MachineConfigNodeStatusInternalReleaseImage" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MachineConfigNodeStatusInternalReleaseImageRef) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.MachineConfigNodeStatusInternalReleaseImageRef" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MachineConfigNodeStatusMachineConfigVersion) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.MachineConfigNodeStatusMachineConfigVersion" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MachineConfigNodeStatusPinnedImageSet) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.MachineConfigNodeStatusPinnedImageSet" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MachineConfigPool) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.MachineConfigPool" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MachineConfigPoolCondition) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.MachineConfigPoolCondition" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MachineConfigPoolList) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.MachineConfigPoolList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MachineConfigPoolReference) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.MachineConfigPoolReference" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MachineConfigPoolSpec) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.MachineConfigPoolSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MachineConfigPoolStatus) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.MachineConfigPoolStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MachineConfigPoolStatusConfiguration) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.MachineConfigPoolStatusConfiguration" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MachineConfigReference) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.MachineConfigReference" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MachineConfigSpec) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.MachineConfigSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MachineOSBuild) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.MachineOSBuild" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MachineOSBuildList) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.MachineOSBuildList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MachineOSBuildSpec) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.MachineOSBuildSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MachineOSBuildStatus) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.MachineOSBuildStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MachineOSBuilderReference) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.MachineOSBuilderReference" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MachineOSConfig) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.MachineOSConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MachineOSConfigList) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.MachineOSConfigList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MachineOSConfigReference) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.MachineOSConfigReference" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MachineOSConfigSpec) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.MachineOSConfigSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MachineOSConfigStatus) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.MachineOSConfigStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MachineOSContainerfile) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.MachineOSContainerfile" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MachineOSImageBuilder) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.MachineOSImageBuilder" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NetworkInfo) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.NetworkInfo" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OSImageStream) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.OSImageStream" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OSImageStreamList) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.OSImageStreamList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OSImageStreamReference) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.OSImageStreamReference" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OSImageStreamSet) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.OSImageStreamSet" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OSImageStreamSpec) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.OSImageStreamSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OSImageStreamStatus) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.OSImageStreamStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ObjectReference) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.ObjectReference" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PinnedImageRef) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.PinnedImageRef" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PinnedImageSet) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.PinnedImageSet" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PinnedImageSetList) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.PinnedImageSetList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PinnedImageSetRef) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.PinnedImageSetRef" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PinnedImageSetSpec) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.PinnedImageSetSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PoolSynchronizerStatus) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1.PoolSynchronizerStatus" +} diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.swagger_doc_generated.go index 0391fcdd86..7369c02db0 100644 --- a/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.swagger_doc_generated.go @@ -244,10 +244,12 @@ func (KubeletConfigList) SwaggerDoc() map[string]string { } var map_KubeletConfigSpec = map[string]string{ - "": "KubeletConfigSpec defines the desired state of KubeletConfig", - "machineConfigPoolSelector": "machineConfigPoolSelector selects which pools the KubeletConfig shoud apply to. A nil selector will result in no pools being selected.", - "kubeletConfig": "kubeletConfig fields are defined in kubernetes upstream. Please refer to the types defined in the version/commit used by OpenShift of the upstream kubernetes. It's important to note that, since the fields of the kubelet configuration are directly fetched from upstream the validation of those values is handled directly by the kubelet. Please refer to the upstream version of the relevant kubernetes for the valid values of these fields. Invalid values of the kubelet configuration fields may render cluster nodes unusable.", - "tlsSecurityProfile": "If unset, the default is based on the apiservers.config.openshift.io/cluster resource. Note that only Old and Intermediate profiles are currently supported, and the maximum available minTLSVersion is VersionTLS12.", + "": "KubeletConfigSpec configures the kubelet running on cluster nodes.", + "autoSizingReserved": "autoSizingReserved controls whether system-reserved CPU and memory are automatically calculated based on each node's installed capacity. When set to true, this prevents node failure from resource starvation of system components (kubelet, CRI-O) without manual configuration. When omitted, this means the user has no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default is true for worker nodes and false for control plane nodes. When set to false, automatic resource reservation is disabled and manual settings must be configured.", + "logLevel": "logLevel sets the kubelet log verbosity, controlling the amount of detail in kubelet logs. Valid values range from 0 (minimal logging) to 10 (maximum verbosity with trace-level detail). Higher log levels may impact node performance. When omitted, the platform chooses a reasonable default, which is subject to change over time. The current default is 2 (standard informational logging).", + "machineConfigPoolSelector": "machineConfigPoolSelector selects which pools the KubeletConfig should apply to. When omitted or set to an empty selector {}, no pools are selected, which is equivalent to not matching any MachineConfigPool.", + "kubeletConfig": "kubeletConfig contains upstream Kubernetes kubelet configuration fields. Values are validated by the kubelet itself. Invalid values may render nodes unusable. Refer to OpenShift documentation for the Kubernetes version corresponding to your OpenShift release to find valid kubelet configuration options.", + "tlsSecurityProfile": "tlsSecurityProfile configures TLS settings for the kubelet. When omitted, the TLS configuration defaults to the value from apiservers.config.openshift.io/cluster. When specified, the type field can be set to either \"Old\", \"Intermediate\", \"Modern\", \"Custom\" or omitted for backward compatibility.", } func (KubeletConfigSpec) SwaggerDoc() map[string]string { @@ -480,7 +482,7 @@ func (MachineConfigNodeSpecMachineConfigVersion) SwaggerDoc() map[string]string var map_MachineConfigNodeStatus = map[string]string{ "": "MachineConfigNodeStatus holds the reported information on a particular machine config node.", - "conditions": "conditions represent the observations of a machine config node's current state. Valid types are: UpdatePrepared, UpdateExecuted, UpdatePostActionComplete, UpdateComplete, Updated, Resumed, Drained, AppliedFilesAndOS, Cordoned, Uncordoned, RebootedNode, NodeDegraded, PinnedImageSetsProgressing, and PinnedImageSetsDegraded. The following types are only available when the ImageModeStatusReporting feature gate is enabled: ImagePulledFromRegistry, AppliedOSImage, AppliedFiles", + "conditions": "conditions represent the observations of a machine config node's current state. Valid types are: UpdatePrepared, UpdateExecuted, UpdatePostActionComplete, UpdateComplete, Updated, Resumed, Drained, AppliedFilesAndOS, Cordoned, Uncordoned, RebootedNode, NodeDegraded, PinnedImageSetsProgressing, and PinnedImageSetsDegraded. The following types are only available when the ImageModeStatusReporting feature gate is enabled: ImagePulledFromRegistry, AppliedOSImage, AppliedFiles The following types are only available when the NoRegistryClusterInstall feature gate is enabled: InternalReleaseImageDegraded", "observedGeneration": "observedGeneration represents the generation of the MachineConfigNode object observed by the Machine Config Operator's controller. This field is updated when the controller observes a change to the desiredConfig in the configVersion of the machine config node spec.", "configVersion": "configVersion describes the current and desired machine config version for this node.", "configImage": "configImage is an optional field for configuring the OS image to be used for this node. This field will only exist if the node belongs to a pool opted into on-cluster image builds, and will override any MachineConfig referenced OSImageURL fields. When omitted, this means that the Image Mode feature is not being used and the node will be up to date with the specific current rendered config version for the nodes MachinePool. When specified, the Image Mode feature is enabled and the contents of this field show the observed state of the node image. When Image Mode is enabled and a new MachineConfig is applied such that a new OS image build is not created, only the configVersion field will change. When Image Mode is enabled and a new MachineConfig is applied such that a new OS image build is created, then only the configImage field will change. It is also possible that both the configImage and configVersion change during the same update.", @@ -516,7 +518,7 @@ var map_MachineConfigNodeStatusInternalReleaseImageRef = map[string]string{ "": "MachineConfigNodeStatusInternalReleaseImageRef is used to provide a more detailed reference for a release bundle.", "conditions": "conditions represent the observations of an internal release image current state. Valid types are: Mounted, Installing, Available, Removing and Degraded.\n\nIf Mounted is true, that means that a valid ISO has been mounted on the current node. If Installing is true, that means that a new release bundle is currently being copied on the current node, and not yet completed. If Available is true, it means that the release has been previously installed on the current node, and it can be used. If Removing is true, it means that a release deletion is in progress on the current node, and not yet completed. If Degraded is true, that means something has gone wrong in the current node.", "name": "name indicates the desired release bundle identifier. This field is required and must be between 1 and 64 characters long. The expected name format is ocp-release-bundle--.", - "image": "image is an OCP release image referenced by digest. The format of the image pull spec is: host[:port][/namespace]/name@sha256:, where the digest must be 64 characters long, and consist only of lowercase hexadecimal characters, a-f and 0-9. The length of the whole spec must be between 1 to 447 characters. The field is optional, and it will be provided after a release will be successfully installed.", + "image": "image is an OCP release image referenced by digest. The format of the image pull spec is: host[:port][/namespace]/name@sha256:, where the digest must be 64 characters long, and consist only of lowercase hexadecimal characters, a-f and 0-9. The host must be either exactly \"localhost\" or a dot-qualified domain name. Single-label hosts other than \"localhost\" are not permitted. The length of the whole spec must be between 1 to 447 characters. The field is optional, and it will be provided after a release will be successfully installed.", } func (MachineConfigNodeStatusInternalReleaseImageRef) SwaggerDoc() map[string]string { @@ -715,6 +717,55 @@ func (MachineOSImageBuilder) SwaggerDoc() map[string]string { return map_MachineOSImageBuilder } +var map_OSImageStream = map[string]string{ + "": "OSImageStream describes a set of streams and associated images available for the MachineConfigPools to be used as base OS images.\n\nThe resource is a singleton named \"cluster\".\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", + "metadata": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", + "spec": "spec contains the desired OSImageStream config configuration.", + "status": "status describes the last observed state of this OSImageStream. Populated by the MachineConfigOperator after reading release metadata. When not present, the controller has not yet reconciled this resource.", +} + +func (OSImageStream) SwaggerDoc() map[string]string { + return map_OSImageStream +} + +var map_OSImageStreamList = map[string]string{ + "": "OSImageStreamList is a list of OSImageStream resources\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", + "metadata": "metadata is the standard list's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", +} + +func (OSImageStreamList) SwaggerDoc() map[string]string { + return map_OSImageStreamList +} + +var map_OSImageStreamSet = map[string]string{ + "name": "name is the required identifier of the stream.\n\nname is determined by the operator based on the OCI label of the discovered OS or Extension Image.\n\nMust be a valid RFC 1123 subdomain between 1 and 253 characters in length, consisting of lowercase alphanumeric characters, hyphens ('-'), and periods ('.').", + "osImage": "osImage is a required OS Image referenced by digest.\n\nosImage contains the immutable, fundamental operating system components, including the kernel and base utilities, that define the core environment for the node's host operating system.\n\nThe format of the image pull spec is: host[:port][/namespace]/name@sha256:, where the digest must be 64 characters long, and consist only of lowercase hexadecimal characters, a-f and 0-9. The length of the whole spec must be between 1 to 447 characters.", + "osExtensionsImage": "osExtensionsImage is a required OS Extensions Image referenced by digest.\n\nosExtensionsImage bundles the extra repositories used to enable extensions, augmenting the base operating system without modifying the underlying immutable osImage.\n\nThe format of the image pull spec is: host[:port][/namespace]/name@sha256:, where the digest must be 64 characters long, and consist only of lowercase hexadecimal characters, a-f and 0-9. The length of the whole spec must be between 1 to 447 characters.", +} + +func (OSImageStreamSet) SwaggerDoc() map[string]string { + return map_OSImageStreamSet +} + +var map_OSImageStreamSpec = map[string]string{ + "": "OSImageStreamSpec defines the desired state of a OSImageStream.", + "defaultStream": "defaultStream is the desired name of the stream that should be used as the default when no specific stream is requested by a MachineConfigPool.\n\nThis field is set by the installer during installation. Users may need to update it if the currently selected stream is no longer available, for example when the stream has reached its End of Life. The MachineConfigOperator uses this value to determine which stream from status.availableStreams to apply as the default for MachineConfigPools that do not specify a stream override.\n\nWhen status.availableStreams has been populated by the operator, updating this field requires that the new value references the name of one of the streams in status.availableStreams. Status-only updates by the operator are not subject to this constraint, allowing the operator to update availableStreams independently of this field. During initial creation, before the operator has populated status, any valid value is accepted.\n\nFor upgrade scenarios where the source OCP version doesn't have this CRD the MCO creates and populates the OSImageStream cluster singleton setting this field with the proper value based on the source OCP version.\n\nIt must be a valid RFC 1123 subdomain between 1 and 253 characters in length, consisting of lowercase alphanumeric characters, hyphens ('-'), and periods ('.').", +} + +func (OSImageStreamSpec) SwaggerDoc() map[string]string { + return map_OSImageStreamSpec +} + +var map_OSImageStreamStatus = map[string]string{ + "": "OSImageStreamStatus describes the current state of a OSImageStream", + "availableStreams": "availableStreams is a list of the available OS Image Streams that can be used as the base image for MachineConfigPools. availableStreams is required, must have at least one item, must not exceed 100 items, and must have unique entries keyed on the name field.", + "defaultStream": "defaultStream is the name of the stream that should be used as the default when no specific stream is requested by a MachineConfigPool.\n\nIt must be a valid RFC 1123 subdomain between 1 and 253 characters in length, consisting of lowercase alphanumeric characters, hyphens ('-'), and periods ('.'), and must reference the name of one of the streams in availableStreams.", +} + +func (OSImageStreamStatus) SwaggerDoc() map[string]string { + return map_OSImageStreamStatus +} + var map_PinnedImageRef = map[string]string{ "": "PinnedImageRef represents a reference to an OCI image", "name": "name is an OCI Image referenced by digest. The format of the image pull spec is: host[:port][/namespace]/name@sha256:, where the digest must be 64 characters long, and consist only of lowercase hexadecimal characters, a-f and 0-9. The length of the whole spec must be between 1 to 447 characters.", diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/doc.go b/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/doc.go index 5876803877..fbd6afe2d5 100644 --- a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/doc.go +++ b/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/doc.go @@ -2,6 +2,7 @@ // +groupName=machineconfiguration.openshift.io // +k8s:defaulter-gen=TypeMeta // +k8s:openapi-gen=true +// +k8s:openapi-model-package=com.github.openshift.api.machineconfiguration.v1alpha1 // Package v1alpha1 is the v1alpha1 version of the API. package v1alpha1 diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/register.go b/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/register.go index 27610a91bc..e640a51ea2 100644 --- a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/register.go +++ b/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/register.go @@ -24,10 +24,6 @@ var ( // Adds the list of known types to api.Scheme. func addKnownTypes(scheme *runtime.Scheme) error { scheme.AddKnownTypes(GroupVersion, - &MachineConfigNode{}, - &MachineConfigNodeList{}, - &PinnedImageSet{}, - &PinnedImageSetList{}, &OSImageStream{}, &OSImageStreamList{}, &InternalReleaseImage{}, diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/types_machineconfignode.go b/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/types_machineconfignode.go deleted file mode 100644 index fdb6509373..0000000000 --- a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/types_machineconfignode.go +++ /dev/null @@ -1,273 +0,0 @@ -package v1alpha1 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" -) - -// +genclient -// +genclient:nonNamespaced -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -// +kubebuilder:object:root=true -// +kubebuilder:resource:path=machineconfignodes,scope=Cluster -// +kubebuilder:subresource:status -// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/2256 -// +openshift:file-pattern=cvoRunLevel=0000_80,operatorName=machine-config,operatorOrdering=01 -// +openshift:enable:FeatureGate=MachineConfigNodes -// +kubebuilder:printcolumn:name="PoolName",type="string",JSONPath=.spec.pool.name,priority=0 -// +kubebuilder:printcolumn:name="DesiredConfig",type="string",JSONPath=.spec.configVersion.desired,priority=0 -// +kubebuilder:printcolumn:name="CurrentConfig",type="string",JSONPath=.status.configVersion.current,priority=0 -// +kubebuilder:printcolumn:name="Updated",type="string",JSONPath=.status.conditions[?(@.type=="Updated")].status,priority=0 -// +kubebuilder:printcolumn:name="UpdatePrepared",type="string",JSONPath=.status.conditions[?(@.type=="UpdatePrepared")].status,priority=1 -// +kubebuilder:printcolumn:name="UpdateExecuted",type="string",JSONPath=.status.conditions[?(@.type=="UpdateExecuted")].status,priority=1 -// +kubebuilder:printcolumn:name="UpdatePostActionComplete",type="string",JSONPath=.status.conditions[?(@.type=="UpdatePostActionComplete")].status,priority=1 -// +kubebuilder:printcolumn:name="UpdateComplete",type="string",JSONPath=.status.conditions[?(@.type=="UpdateComplete")].status,priority=1 -// +kubebuilder:printcolumn:name="Resumed",type="string",JSONPath=.status.conditions[?(@.type=="Resumed")].status,priority=1 -// +kubebuilder:printcolumn:name="UpdatedFilesAndOS",type="string",JSONPath=.status.conditions[?(@.type=="AppliedFilesAndOS")].status,priority=1 -// +kubebuilder:printcolumn:name="CordonedNode",type="string",JSONPath=.status.conditions[?(@.type=="Cordoned")].status,priority=1 -// +kubebuilder:printcolumn:name="DrainedNode",type="string",JSONPath=.status.conditions[?(@.type=="Drained")].status,priority=1 -// +kubebuilder:printcolumn:name="RebootedNode",type="string",JSONPath=.status.conditions[?(@.type=="RebootedNode")].status,priority=1 -// +kubebuilder:printcolumn:name="UncordonedNode",type="string",JSONPath=.status.conditions[?(@.type=="Uncordoned")].status,priority=1 -// +kubebuilder:metadata:labels=openshift.io/operator-managed= - -// MachineConfigNode describes the health of the Machines on the system -// Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. -// +openshift:compatibility-gen:level=4 -// +kubebuilder:validation:XValidation:rule="self.metadata.name == self.spec.node.name",message="spec.node.name should match metadata.name" -type MachineConfigNode struct { - metav1.TypeMeta `json:",inline"` - - // metadata is the standard object metadata. - // +optional - metav1.ObjectMeta `json:"metadata,omitempty"` - - // spec describes the configuration of the machine config node. - // +required - Spec MachineConfigNodeSpec `json:"spec"` - - // status describes the last observed state of this machine config node. - // +optional - Status MachineConfigNodeStatus `json:"status"` -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// MachineConfigNodeList describes all of the MachinesStates on the system -// -// Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. -// +openshift:compatibility-gen:level=4 -type MachineConfigNodeList struct { - metav1.TypeMeta `json:",inline"` - - // metadata is the standard list metadata. - // +optional - metav1.ListMeta `json:"metadata"` - - // items contains a collection of MachineConfigNode resources. - // +kubebuilder:validation:MaxItems=100 - // +optional - Items []MachineConfigNode `json:"items"` -} - -// MCOObjectReference holds information about an object the MCO either owns -// or modifies in some way -type MCOObjectReference struct { - // name is the name of the object being referenced. For example, this can represent a machine - // config pool or node name. - // Must be a lowercase RFC-1123 subdomain name (https://tools.ietf.org/html/rfc1123) consisting - // of only lowercase alphanumeric characters, hyphens (-), and periods (.), and must start and end - // with an alphanumeric character, and be at most 253 characters in length. - // +kubebuilder:validation:MaxLength:=253 - // +kubebuilder:validation:XValidation:rule="!format.dns1123Subdomain().validate(self).hasValue()",message="a lowercase RFC 1123 subdomain must consist of lower case alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character." - // +required - Name string `json:"name"` -} - -// MachineConfigNodeSpec describes the MachineConfigNode we are managing. -type MachineConfigNodeSpec struct { - // node contains a reference to the node for this machine config node. - // +required - Node MCOObjectReference `json:"node"` - - // pool contains a reference to the machine config pool that this machine config node's - // referenced node belongs to. - // +required - Pool MCOObjectReference `json:"pool"` - - // configVersion holds the desired config version for the node targeted by this machine config node resource. - // The desired version represents the machine config the node will attempt to update to and gets set before the machine config operator validates - // the new machine config against the current machine config. - // +required - ConfigVersion MachineConfigNodeSpecMachineConfigVersion `json:"configVersion"` - - // pinnedImageSets is a user defined value that holds the names of the desired image sets that the node should pull and pin. - // +listType=map - // +listMapKey=name - // +kubebuilder:validation:MaxItems=100 - // +optional - // Tombstone: Functionality to correctly and consistely populate this field was not implemented in the MCO, so - // when applying a PIS, this field is not being updated. Since this field is not being used, it is being removed - // before this API is GAed. - // PinnedImageSets []MachineConfigNodeSpecPinnedImageSet `json:"pinnedImageSets,omitempty"` -} - -// MachineConfigNodeStatus holds the reported information on a particular machine config node. -type MachineConfigNodeStatus struct { - // conditions represent the observations of a machine config node's current state. - // +listType=map - // +listMapKey=type - // +kubebuilder:validation:MaxItems=20 - // +optional - Conditions []metav1.Condition `json:"conditions,omitempty"` - // observedGeneration represents the generation of the MachineConfigNode object observed by the Machine Config Operator's controller. - // This field is updated when the controller observes a change to the desiredConfig in the configVersion of the machine config node spec. - // +kubebuilder:validation:XValidation:rule="self >= oldSelf", message="observedGeneration must not decrease" - // +kubebuilder:validation:Minimum=0 - // +optional - ObservedGeneration int64 `json:"observedGeneration,omitempty"` - // configVersion describes the current and desired machine config version for this node. - // +required - ConfigVersion MachineConfigNodeStatusMachineConfigVersion `json:"configVersion"` - // pinnedImageSets describes the current and desired pinned image sets for this node. - // +listType=map - // +listMapKey=name - // +kubebuilder:validation:MaxItems=100 - // +optional - PinnedImageSets []MachineConfigNodeStatusPinnedImageSet `json:"pinnedImageSets,omitempty"` -} - -// MachineConfigNodeStatusPinnedImageSet holds information about the current, desired, and failed pinned image sets for the observed machine config node. -// +kubebuilder:validation:XValidation:rule="has(self.desiredGeneration) && has(self.currentGeneration) ? self.desiredGeneration >= self.currentGeneration : true",message="desired generation must be greater than or equal to the current generation" -// +kubebuilder:validation:XValidation:rule="has(self.lastFailedGeneration) && has(self.desiredGeneration) ? self.desiredGeneration >= self.lastFailedGeneration : true",message="desired generation must be greater than or equal to the last failed generation" -// +kubebuilder:validation:XValidation:rule="has(self.lastFailedGeneration) ? has(self.lastFailedGenerationError) : true",message="last failed generation error must be defined on image pull and pin failure" -type MachineConfigNodeStatusPinnedImageSet struct { - // name is the name of the pinned image set. - // Must be a lowercase RFC-1123 subdomain name (https://tools.ietf.org/html/rfc1123) consisting - // of only lowercase alphanumeric characters, hyphens (-), and periods (.), and must start and end - // with an alphanumeric character, and be at most 253 characters in length. - // +kubebuilder:validation:MaxLength:=253 - // +kubebuilder:validation:XValidation:rule="!format.dns1123Subdomain().validate(self).hasValue()",message="a lowercase RFC 1123 subdomain must consist of lower case alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character." - // +required - Name string `json:"name"` - // currentGeneration is the generation of the pinned image set that has most recently been successfully pulled and pinned on this node. - // +kubebuilder:validation:XValidation:rule="self >= oldSelf", message="currentGeneration must not decrease" - // +kubebuilder:validation:Minimum=0 - // +optional - CurrentGeneration int32 `json:"currentGeneration,omitempty"` - // desiredGeneration is the generation of the pinned image set that is targeted to be pulled and pinned on this node. - // +kubebuilder:validation:XValidation:rule="self >= oldSelf", message="desiredGeneration must not decrease" - // +kubebuilder:validation:Minimum=0 - // +optional - DesiredGeneration int32 `json:"desiredGeneration,omitempty"` - // lastFailedGeneration is the generation of the most recent pinned image set that failed to be pulled and pinned on this node. - // +kubebuilder:validation:XValidation:rule="self >= oldSelf", message="lastFailedGeneration must not decrease" - // +kubebuilder:validation:Minimum=0 - // +optional - LastFailedGeneration int32 `json:"lastFailedGeneration,omitempty"` - // lastFailedGenerationError is the error explaining why the desired images failed to be pulled and pinned. - // The error is an empty string if the image pull and pin is successful. - // +kubebuilder:validation:MaxLength=32768 - // +optional - LastFailedGenerationError string `json:"lastFailedGenerationError,omitempty"` - // Previously, failures associated with pinning and pulling images where shared in a list of strings under `LastFailedGenerationErrors`. - // This field is being removed and a `LastFailedGenerationError` field of type string is being added in its place as this field will - // contain a single error and there is no need for a list anymore. - // Tombstone: legacy field no longer needed - // LastFailedGenerationErrors []string `json:"lastFailedGenerationErrors,omitempty"` -} - -// MachineConfigNodeStatusMachineConfigVersion holds the current and desired config versions as last updated in the MCN status. -// When the current and desired versions do not match, the machine config pool is processing an upgrade and the machine config node will -// monitor the upgrade process. -// When the current and desired versions do match, the machine config node will ignore these events given that certain operations -// happen both during the MCO's upgrade mode and the daily operations mode. -type MachineConfigNodeStatusMachineConfigVersion struct { - // current is the name of the machine config currently in use on the node. - // This value is updated once the machine config daemon has completed the update of the configuration for the node. - // This value should match the desired version unless an upgrade is in progress. - // Must be a lowercase RFC-1123 subdomain name (https://tools.ietf.org/html/rfc1123) consisting - // of only lowercase alphanumeric characters, hyphens (-), and periods (.), and must start and end - // with an alphanumeric character, and be at most 253 characters in length. - // +kubebuilder:validation:MaxLength:=253 - // +kubebuilder:validation:XValidation:rule="!format.dns1123Subdomain().validate(self).hasValue()",message="a lowercase RFC 1123 subdomain must consist of lower case alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character." - // +optional - Current string `json:"current"` - // desired is the MachineConfig the node wants to upgrade to. - // This value gets set in the machine config node status once the machine config has been validated - // against the current machine config. - // Must be a lowercase RFC-1123 subdomain name (https://tools.ietf.org/html/rfc1123) consisting - // of only lowercase alphanumeric characters, hyphens (-), and periods (.), and must start and end - // with an alphanumeric character, and be at most 253 characters in length. - // +kubebuilder:validation:MaxLength:=253 - // +kubebuilder:validation:XValidation:rule="!format.dns1123Subdomain().validate(self).hasValue()",message="a lowercase RFC 1123 subdomain must consist of lower case alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character." - // +required - Desired string `json:"desired"` -} - -// MachineConfigNodeSpecMachineConfigVersion holds the desired config version for the current observed machine config node. -// When Current is not equal to Desired, the MachineConfigOperator is in an upgrade phase and the machine config node will -// take account of upgrade related events. Otherwise, they will be ignored given that certain operations -// happen both during the MCO's upgrade mode and the daily operations mode. -type MachineConfigNodeSpecMachineConfigVersion struct { - // desired is the name of the machine config that the the node should be upgraded to. - // This value is set when the machine config pool generates a new version of its rendered configuration. - // When this value is changed, the machine config daemon starts the node upgrade process. - // This value gets set in the machine config node spec once the machine config has been targeted for upgrade and before it is validated. - // Must be a lowercase RFC-1123 subdomain name (https://tools.ietf.org/html/rfc1123) consisting - // of only lowercase alphanumeric characters, hyphens (-), and periods (.), and must start and end - // with an alphanumeric character, and be at most 253 characters in length. - // +kubebuilder:validation:MaxLength:=253 - // +kubebuilder:validation:XValidation:rule="!format.dns1123Subdomain().validate(self).hasValue()",message="a lowercase RFC 1123 subdomain must consist of lower case alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character." - // +required - Desired string `json:"desired"` -} - -// Tombstone: This struct defines the type of `Spec.PinnedImageSets`, which is being removed. Therefore, this field -// is also being tombstoned. -// MachineConfigNodeSpecPinnedImageSet holds information on the desired pinned image sets that the current observed machine config node -// should pin and pull. -// type MachineConfigNodeSpecPinnedImageSet struct { -// // name is the name of the pinned image set. -// // Must be a lowercase RFC-1123 subdomain name (https://tools.ietf.org/html/rfc1123) consisting -// // of only lowercase alphanumeric characters, hyphens (-), and periods (.), and must start and end -// // with an alphanumeric character, and be at most 253 characters in length. -// // +kubebuilder:validation:MaxLength:=253 -// // +kubebuilder:validation:XValidation:rule="!format.dns1123Subdomain().validate(self).hasValue()",message="a lowercase RFC 1123 subdomain must consist of lower case alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character." -// // +required -// Name string `json:"name"` -// } - -// StateProgress is each possible state for each possible MachineConfigNodeType -// Please note: These conditions are subject to change. Both additions and deletions may be made. -// +enum -type StateProgress string - -const ( - // MachineConfigNodeUpdatePrepared describes a machine that is preparing in the daemon to trigger an update - MachineConfigNodeUpdatePrepared StateProgress = "UpdatePrepared" - // MachineConfigNodeUpdateExecuted describes a machine that has executed the body of the upgrade - MachineConfigNodeUpdateExecuted StateProgress = "UpdateExecuted" - // MachineConfigNodeUpdatePostActionComplete describes a machine that has executed its post update action - MachineConfigNodeUpdatePostActionComplete StateProgress = "UpdatePostActionComplete" - // MachineConfigNodeUpdateComplete describes a machine that has completed the core parts of an upgrade - MachineConfigNodeUpdateComplete StateProgress = "UpdateComplete" - // MachineConfigNodeUpdated describes a machine that is fully updated and has a matching desired and current config - MachineConfigNodeUpdated StateProgress = "Updated" - // MachineConfigNodeUpdateResumed describes a machine that has resumed normal processes - MachineConfigNodeResumed StateProgress = "Resumed" - // MachineConfigNodeUpdateDrained describes the part of the in progress phase where the node drains - MachineConfigNodeUpdateDrained StateProgress = "Drained" - // MachineConfigNodeUpdateFilesAndOS describes the part of the in progress phase where the nodes files and OS config change - MachineConfigNodeUpdateFilesAndOS StateProgress = "AppliedFilesAndOS" - // MachineConfigNodeUpdateCordoned describes the part of the in progress phase where the node cordons - MachineConfigNodeUpdateCordoned StateProgress = "Cordoned" - // MachineConfigNodeUpdateUncordoned describes the part of the completing phase where the node uncordons - MachineConfigNodeUpdateUncordoned StateProgress = "Uncordoned" - // MachineConfigNodeUpdateRebooted describes the part of the post action phase where the node reboots itself - MachineConfigNodeUpdateRebooted StateProgress = "RebootedNode" - // MachineConfigNodeNodeDegraded describes a machine that has failed to update to the desired machine config and is in a degraded state - MachineConfigNodeNodeDegraded StateProgress = "NodeDegraded" - // MachineConfigNodePinnedImageSetsProgressing describes a machine currently progressing to the desired pinned image sets - MachineConfigNodePinnedImageSetsProgressing StateProgress = "PinnedImageSetsProgressing" - // MachineConfigNodePinnedImageSetsDegraded describes a machine that has failed to progress to the desired pinned image sets - MachineConfigNodePinnedImageSetsDegraded StateProgress = "PinnedImageSetsDegraded" -) diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/types_osimagestream.go b/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/types_osimagestream.go index 07ba93d0a6..fccf6da8cb 100644 --- a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/types_osimagestream.go +++ b/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/types_osimagestream.go @@ -74,6 +74,7 @@ type OSImageStreamStatus struct { } // OSImageStreamSpec defines the desired state of a OSImageStream. +// +kubebuilder:validation:XValidation:rule="!has(oldSelf.defaultStream) || has(self.defaultStream)",message="spec.defaultStream cannot be removed once set" type OSImageStreamSpec struct { // defaultStream is the desired name of the stream that should be used as the // default when no specific stream is requested by a MachineConfigPool. @@ -94,6 +95,7 @@ type OSImageStreamSpec struct { // valid value is accepted. // // When omitted, the operator determines the default stream automatically. + // Once set, this field cannot be removed. // // It must be a valid RFC 1123 subdomain between 1 and 253 characters in length, // consisting of lowercase alphanumeric characters, hyphens ('-'), and periods ('.'). diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/types_pinnedimageset.go b/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/types_pinnedimageset.go deleted file mode 100644 index 4708609fc5..0000000000 --- a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/types_pinnedimageset.go +++ /dev/null @@ -1,91 +0,0 @@ -package v1alpha1 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" -) - -// +genclient -// +genclient:nonNamespaced -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -// +kubebuilder:object:root=true -// +kubebuilder:resource:path=pinnedimagesets,scope=Cluster -// +kubebuilder:subresource:status -// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/1713 -// +openshift:file-pattern=cvoRunLevel=0000_80,operatorName=machine-config,operatorOrdering=01 -// +openshift:enable:FeatureGate=PinnedImages -// +kubebuilder:metadata:labels=openshift.io/operator-managed= - -// PinnedImageSet describes a set of images that should be pinned by CRI-O and -// pulled to the nodes which are members of the declared MachineConfigPools. -// -// Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. -// +openshift:compatibility-gen:level=4 -type PinnedImageSet struct { - metav1.TypeMeta `json:",inline"` - metav1.ObjectMeta `json:"metadata,omitempty"` - - // spec describes the configuration of this pinned image set. - // +required - Spec PinnedImageSetSpec `json:"spec"` - - // status describes the last observed state of this pinned image set. - // +optional - Status PinnedImageSetStatus `json:"status"` -} - -// PinnedImageSetStatus describes the current state of a PinnedImageSet. -type PinnedImageSetStatus struct { - // conditions represent the observations of a pinned image set's current state. - // +listType=map - // +listMapKey=type - // +optional - Conditions []metav1.Condition `json:"conditions,omitempty"` -} - -// PinnedImageSetSpec defines the desired state of a PinnedImageSet. -type PinnedImageSetSpec struct { - // pinnedImages is a list of OCI Image referenced by digest that should be - // pinned and pre-loaded by the nodes of a MachineConfigPool. - // Translates into a new file inside the /etc/crio/crio.conf.d directory - // with content similar to this: - // - // pinned_images = [ - // "quay.io/openshift-release-dev/ocp-release@sha256:...", - // "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:...", - // "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:...", - // ... - // ] - // - // These image references should all be by digest, tags aren't allowed. - // +required - // +kubebuilder:validation:MinItems=1 - // +kubebuilder:validation:MaxItems=500 - // +listType=map - // +listMapKey=name - PinnedImages []PinnedImageRef `json:"pinnedImages"` -} - -type PinnedImageRef struct { - // name is an OCI Image referenced by digest. - // The format of the image pull spec is: host[:port][/namespace]/name@sha256:, - // where the digest must be 64 characters long, and consist only of lowercase hexadecimal characters, a-f and 0-9. - // The length of the whole spec must be between 1 to 447 characters. - // +required - Name ImageDigestFormat `json:"name,omitempty"` -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// PinnedImageSetList is a list of PinnedImageSet resources -// -// Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. -// +openshift:compatibility-gen:level=4 -type PinnedImageSetList struct { - metav1.TypeMeta `json:",inline"` - - // metadata is the standard list's metadata. - // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata - metav1.ListMeta `json:"metadata"` - - Items []PinnedImageSet `json:"items"` -} diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.deepcopy.go b/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.deepcopy.go index 69b63f6778..72d1d4b32d 100644 --- a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.deepcopy.go +++ b/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.deepcopy.go @@ -161,179 +161,6 @@ func (in *InternalReleaseImageStatus) DeepCopy() *InternalReleaseImageStatus { return out } -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *MCOObjectReference) DeepCopyInto(out *MCOObjectReference) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MCOObjectReference. -func (in *MCOObjectReference) DeepCopy() *MCOObjectReference { - if in == nil { - return nil - } - out := new(MCOObjectReference) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *MachineConfigNode) DeepCopyInto(out *MachineConfigNode) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - out.Spec = in.Spec - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MachineConfigNode. -func (in *MachineConfigNode) DeepCopy() *MachineConfigNode { - if in == nil { - return nil - } - out := new(MachineConfigNode) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *MachineConfigNode) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *MachineConfigNodeList) DeepCopyInto(out *MachineConfigNodeList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]MachineConfigNode, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MachineConfigNodeList. -func (in *MachineConfigNodeList) DeepCopy() *MachineConfigNodeList { - if in == nil { - return nil - } - out := new(MachineConfigNodeList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *MachineConfigNodeList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *MachineConfigNodeSpec) DeepCopyInto(out *MachineConfigNodeSpec) { - *out = *in - out.Node = in.Node - out.Pool = in.Pool - out.ConfigVersion = in.ConfigVersion - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MachineConfigNodeSpec. -func (in *MachineConfigNodeSpec) DeepCopy() *MachineConfigNodeSpec { - if in == nil { - return nil - } - out := new(MachineConfigNodeSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *MachineConfigNodeSpecMachineConfigVersion) DeepCopyInto(out *MachineConfigNodeSpecMachineConfigVersion) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MachineConfigNodeSpecMachineConfigVersion. -func (in *MachineConfigNodeSpecMachineConfigVersion) DeepCopy() *MachineConfigNodeSpecMachineConfigVersion { - if in == nil { - return nil - } - out := new(MachineConfigNodeSpecMachineConfigVersion) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *MachineConfigNodeStatus) DeepCopyInto(out *MachineConfigNodeStatus) { - *out = *in - if in.Conditions != nil { - in, out := &in.Conditions, &out.Conditions - *out = make([]v1.Condition, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - out.ConfigVersion = in.ConfigVersion - if in.PinnedImageSets != nil { - in, out := &in.PinnedImageSets, &out.PinnedImageSets - *out = make([]MachineConfigNodeStatusPinnedImageSet, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MachineConfigNodeStatus. -func (in *MachineConfigNodeStatus) DeepCopy() *MachineConfigNodeStatus { - if in == nil { - return nil - } - out := new(MachineConfigNodeStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *MachineConfigNodeStatusMachineConfigVersion) DeepCopyInto(out *MachineConfigNodeStatusMachineConfigVersion) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MachineConfigNodeStatusMachineConfigVersion. -func (in *MachineConfigNodeStatusMachineConfigVersion) DeepCopy() *MachineConfigNodeStatusMachineConfigVersion { - if in == nil { - return nil - } - out := new(MachineConfigNodeStatusMachineConfigVersion) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *MachineConfigNodeStatusPinnedImageSet) DeepCopyInto(out *MachineConfigNodeStatusPinnedImageSet) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MachineConfigNodeStatusPinnedImageSet. -func (in *MachineConfigNodeStatusPinnedImageSet) DeepCopy() *MachineConfigNodeStatusPinnedImageSet { - if in == nil { - return nil - } - out := new(MachineConfigNodeStatusPinnedImageSet) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *OSImageStream) DeepCopyInto(out *OSImageStream) { *out = *in @@ -451,124 +278,3 @@ func (in *OSImageStreamStatus) DeepCopy() *OSImageStreamStatus { in.DeepCopyInto(out) return out } - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PinnedImageRef) DeepCopyInto(out *PinnedImageRef) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PinnedImageRef. -func (in *PinnedImageRef) DeepCopy() *PinnedImageRef { - if in == nil { - return nil - } - out := new(PinnedImageRef) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PinnedImageSet) DeepCopyInto(out *PinnedImageSet) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PinnedImageSet. -func (in *PinnedImageSet) DeepCopy() *PinnedImageSet { - if in == nil { - return nil - } - out := new(PinnedImageSet) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *PinnedImageSet) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PinnedImageSetList) DeepCopyInto(out *PinnedImageSetList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]PinnedImageSet, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PinnedImageSetList. -func (in *PinnedImageSetList) DeepCopy() *PinnedImageSetList { - if in == nil { - return nil - } - out := new(PinnedImageSetList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *PinnedImageSetList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PinnedImageSetSpec) DeepCopyInto(out *PinnedImageSetSpec) { - *out = *in - if in.PinnedImages != nil { - in, out := &in.PinnedImages, &out.PinnedImages - *out = make([]PinnedImageRef, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PinnedImageSetSpec. -func (in *PinnedImageSetSpec) DeepCopy() *PinnedImageSetSpec { - if in == nil { - return nil - } - out := new(PinnedImageSetSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PinnedImageSetStatus) DeepCopyInto(out *PinnedImageSetStatus) { - *out = *in - if in.Conditions != nil { - in, out := &in.Conditions, &out.Conditions - *out = make([]v1.Condition, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PinnedImageSetStatus. -func (in *PinnedImageSetStatus) DeepCopy() *PinnedImageSetStatus { - if in == nil { - return nil - } - out := new(PinnedImageSetStatus) - in.DeepCopyInto(out) - return out -} diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.featuregated-crd-manifests.yaml index dc82dc2049..57d3ff72ed 100644 --- a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.featuregated-crd-manifests.yaml +++ b/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.featuregated-crd-manifests.yaml @@ -22,82 +22,6 @@ internalreleaseimages.machineconfiguration.openshift.io: - NoRegistryClusterInstall Version: v1alpha1 -machineconfignodes.machineconfiguration.openshift.io: - Annotations: {} - ApprovedPRNumber: https://github.com/openshift/api/pull/2256 - CRDName: machineconfignodes.machineconfiguration.openshift.io - Capability: "" - Category: "" - FeatureGates: - - MachineConfigNodes - FilenameOperatorName: machine-config - FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_80" - GroupName: machineconfiguration.openshift.io - HasStatus: true - KindName: MachineConfigNode - Labels: - openshift.io/operator-managed: "" - PluralName: machineconfignodes - PrinterColumns: - - jsonPath: .spec.pool.name - name: PoolName - type: string - - jsonPath: .spec.configVersion.desired - name: DesiredConfig - type: string - - jsonPath: .status.configVersion.current - name: CurrentConfig - type: string - - jsonPath: .status.conditions[?(@.type=="Updated")].status - name: Updated - type: string - - jsonPath: .status.conditions[?(@.type=="UpdatePrepared")].status - name: UpdatePrepared - priority: 1 - type: string - - jsonPath: .status.conditions[?(@.type=="UpdateExecuted")].status - name: UpdateExecuted - priority: 1 - type: string - - jsonPath: .status.conditions[?(@.type=="UpdatePostActionComplete")].status - name: UpdatePostActionComplete - priority: 1 - type: string - - jsonPath: .status.conditions[?(@.type=="UpdateComplete")].status - name: UpdateComplete - priority: 1 - type: string - - jsonPath: .status.conditions[?(@.type=="Resumed")].status - name: Resumed - priority: 1 - type: string - - jsonPath: .status.conditions[?(@.type=="AppliedFilesAndOS")].status - name: UpdatedFilesAndOS - priority: 1 - type: string - - jsonPath: .status.conditions[?(@.type=="Cordoned")].status - name: CordonedNode - priority: 1 - type: string - - jsonPath: .status.conditions[?(@.type=="Drained")].status - name: DrainedNode - priority: 1 - type: string - - jsonPath: .status.conditions[?(@.type=="RebootedNode")].status - name: RebootedNode - priority: 1 - type: string - - jsonPath: .status.conditions[?(@.type=="Uncordoned")].status - name: UncordonedNode - priority: 1 - type: string - Scope: Cluster - ShortNames: null - TopLevelFeatureGates: - - MachineConfigNodes - Version: v1alpha1 - osimagestreams.machineconfiguration.openshift.io: Annotations: {} ApprovedPRNumber: https://github.com/openshift/api/pull/2555 @@ -122,27 +46,3 @@ osimagestreams.machineconfiguration.openshift.io: - OSStreams Version: v1alpha1 -pinnedimagesets.machineconfiguration.openshift.io: - Annotations: {} - ApprovedPRNumber: https://github.com/openshift/api/pull/1713 - CRDName: pinnedimagesets.machineconfiguration.openshift.io - Capability: "" - Category: "" - FeatureGates: - - PinnedImages - FilenameOperatorName: machine-config - FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_80" - GroupName: machineconfiguration.openshift.io - HasStatus: true - KindName: PinnedImageSet - Labels: - openshift.io/operator-managed: "" - PluralName: pinnedimagesets - PrinterColumns: [] - Scope: Cluster - ShortNames: null - TopLevelFeatureGates: - - PinnedImages - Version: v1alpha1 - diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.model_name.go b/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.model_name.go new file mode 100644 index 0000000000..8a2909bc22 --- /dev/null +++ b/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.model_name.go @@ -0,0 +1,61 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Code generated by codegen. DO NOT EDIT. + +package v1alpha1 + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in InternalReleaseImage) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1alpha1.InternalReleaseImage" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in InternalReleaseImageBundleStatus) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1alpha1.InternalReleaseImageBundleStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in InternalReleaseImageList) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1alpha1.InternalReleaseImageList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in InternalReleaseImageRef) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1alpha1.InternalReleaseImageRef" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in InternalReleaseImageSpec) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1alpha1.InternalReleaseImageSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in InternalReleaseImageStatus) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1alpha1.InternalReleaseImageStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OSImageStream) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1alpha1.OSImageStream" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OSImageStreamList) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1alpha1.OSImageStreamList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OSImageStreamSet) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1alpha1.OSImageStreamSet" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OSImageStreamSpec) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1alpha1.OSImageStreamSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OSImageStreamStatus) OpenAPIModelName() string { + return "com.github.openshift.api.machineconfiguration.v1alpha1.OSImageStreamStatus" +} diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.swagger_doc_generated.go index aad6325b4b..f083032cb8 100644 --- a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.swagger_doc_generated.go @@ -69,91 +69,6 @@ func (InternalReleaseImageStatus) SwaggerDoc() map[string]string { return map_InternalReleaseImageStatus } -var map_MCOObjectReference = map[string]string{ - "": "MCOObjectReference holds information about an object the MCO either owns or modifies in some way", - "name": "name is the name of the object being referenced. For example, this can represent a machine config pool or node name. Must be a lowercase RFC-1123 subdomain name (https://tools.ietf.org/html/rfc1123) consisting of only lowercase alphanumeric characters, hyphens (-), and periods (.), and must start and end with an alphanumeric character, and be at most 253 characters in length.", -} - -func (MCOObjectReference) SwaggerDoc() map[string]string { - return map_MCOObjectReference -} - -var map_MachineConfigNode = map[string]string{ - "": "MachineConfigNode describes the health of the Machines on the system Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.", - "metadata": "metadata is the standard object metadata.", - "spec": "spec describes the configuration of the machine config node.", - "status": "status describes the last observed state of this machine config node.", -} - -func (MachineConfigNode) SwaggerDoc() map[string]string { - return map_MachineConfigNode -} - -var map_MachineConfigNodeList = map[string]string{ - "": "MachineConfigNodeList describes all of the MachinesStates on the system\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.", - "metadata": "metadata is the standard list metadata.", - "items": "items contains a collection of MachineConfigNode resources.", -} - -func (MachineConfigNodeList) SwaggerDoc() map[string]string { - return map_MachineConfigNodeList -} - -var map_MachineConfigNodeSpec = map[string]string{ - "": "MachineConfigNodeSpec describes the MachineConfigNode we are managing.", - "node": "node contains a reference to the node for this machine config node.", - "pool": "pool contains a reference to the machine config pool that this machine config node's referenced node belongs to.", - "configVersion": "configVersion holds the desired config version for the node targeted by this machine config node resource. The desired version represents the machine config the node will attempt to update to and gets set before the machine config operator validates the new machine config against the current machine config.", -} - -func (MachineConfigNodeSpec) SwaggerDoc() map[string]string { - return map_MachineConfigNodeSpec -} - -var map_MachineConfigNodeSpecMachineConfigVersion = map[string]string{ - "": "MachineConfigNodeSpecMachineConfigVersion holds the desired config version for the current observed machine config node. When Current is not equal to Desired, the MachineConfigOperator is in an upgrade phase and the machine config node will take account of upgrade related events. Otherwise, they will be ignored given that certain operations happen both during the MCO's upgrade mode and the daily operations mode.", - "desired": "desired is the name of the machine config that the the node should be upgraded to. This value is set when the machine config pool generates a new version of its rendered configuration. When this value is changed, the machine config daemon starts the node upgrade process. This value gets set in the machine config node spec once the machine config has been targeted for upgrade and before it is validated. Must be a lowercase RFC-1123 subdomain name (https://tools.ietf.org/html/rfc1123) consisting of only lowercase alphanumeric characters, hyphens (-), and periods (.), and must start and end with an alphanumeric character, and be at most 253 characters in length.", -} - -func (MachineConfigNodeSpecMachineConfigVersion) SwaggerDoc() map[string]string { - return map_MachineConfigNodeSpecMachineConfigVersion -} - -var map_MachineConfigNodeStatus = map[string]string{ - "": "MachineConfigNodeStatus holds the reported information on a particular machine config node.", - "conditions": "conditions represent the observations of a machine config node's current state.", - "observedGeneration": "observedGeneration represents the generation of the MachineConfigNode object observed by the Machine Config Operator's controller. This field is updated when the controller observes a change to the desiredConfig in the configVersion of the machine config node spec.", - "configVersion": "configVersion describes the current and desired machine config version for this node.", - "pinnedImageSets": "pinnedImageSets describes the current and desired pinned image sets for this node.", -} - -func (MachineConfigNodeStatus) SwaggerDoc() map[string]string { - return map_MachineConfigNodeStatus -} - -var map_MachineConfigNodeStatusMachineConfigVersion = map[string]string{ - "": "MachineConfigNodeStatusMachineConfigVersion holds the current and desired config versions as last updated in the MCN status. When the current and desired versions do not match, the machine config pool is processing an upgrade and the machine config node will monitor the upgrade process. When the current and desired versions do match, the machine config node will ignore these events given that certain operations happen both during the MCO's upgrade mode and the daily operations mode.", - "current": "current is the name of the machine config currently in use on the node. This value is updated once the machine config daemon has completed the update of the configuration for the node. This value should match the desired version unless an upgrade is in progress. Must be a lowercase RFC-1123 subdomain name (https://tools.ietf.org/html/rfc1123) consisting of only lowercase alphanumeric characters, hyphens (-), and periods (.), and must start and end with an alphanumeric character, and be at most 253 characters in length.", - "desired": "desired is the MachineConfig the node wants to upgrade to. This value gets set in the machine config node status once the machine config has been validated against the current machine config. Must be a lowercase RFC-1123 subdomain name (https://tools.ietf.org/html/rfc1123) consisting of only lowercase alphanumeric characters, hyphens (-), and periods (.), and must start and end with an alphanumeric character, and be at most 253 characters in length.", -} - -func (MachineConfigNodeStatusMachineConfigVersion) SwaggerDoc() map[string]string { - return map_MachineConfigNodeStatusMachineConfigVersion -} - -var map_MachineConfigNodeStatusPinnedImageSet = map[string]string{ - "": "MachineConfigNodeStatusPinnedImageSet holds information about the current, desired, and failed pinned image sets for the observed machine config node.", - "name": "name is the name of the pinned image set. Must be a lowercase RFC-1123 subdomain name (https://tools.ietf.org/html/rfc1123) consisting of only lowercase alphanumeric characters, hyphens (-), and periods (.), and must start and end with an alphanumeric character, and be at most 253 characters in length.", - "currentGeneration": "currentGeneration is the generation of the pinned image set that has most recently been successfully pulled and pinned on this node.", - "desiredGeneration": "desiredGeneration is the generation of the pinned image set that is targeted to be pulled and pinned on this node.", - "lastFailedGeneration": "lastFailedGeneration is the generation of the most recent pinned image set that failed to be pulled and pinned on this node.", - "lastFailedGenerationError": "lastFailedGenerationError is the error explaining why the desired images failed to be pulled and pinned. The error is an empty string if the image pull and pin is successful.", -} - -func (MachineConfigNodeStatusPinnedImageSet) SwaggerDoc() map[string]string { - return map_MachineConfigNodeStatusPinnedImageSet -} - var map_OSImageStream = map[string]string{ "": "OSImageStream describes a set of streams and associated images available for the MachineConfigPools to be used as base OS images.\n\nThe resource is a singleton named \"cluster\".\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.", "metadata": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", @@ -186,7 +101,7 @@ func (OSImageStreamSet) SwaggerDoc() map[string]string { var map_OSImageStreamSpec = map[string]string{ "": "OSImageStreamSpec defines the desired state of a OSImageStream.", - "defaultStream": "defaultStream is the desired name of the stream that should be used as the default when no specific stream is requested by a MachineConfigPool.\n\nThis field is set by the installer during installation. Users may need to update it if the currently selected stream is no longer available, for example when the stream has reached its End of Life. The MachineConfigOperator uses this value to determine which stream from status.availableStreams to apply as the default for MachineConfigPools that do not specify a stream override.\n\nWhen status.availableStreams has been populated by the operator, updating this field requires that the new value references the name of one of the streams in status.availableStreams. Status-only updates by the operator are not subject to this constraint, allowing the operator to update availableStreams independently of this field. During initial creation, before the operator has populated status, any valid value is accepted.\n\nWhen omitted, the operator determines the default stream automatically.\n\nIt must be a valid RFC 1123 subdomain between 1 and 253 characters in length, consisting of lowercase alphanumeric characters, hyphens ('-'), and periods ('.').", + "defaultStream": "defaultStream is the desired name of the stream that should be used as the default when no specific stream is requested by a MachineConfigPool.\n\nThis field is set by the installer during installation. Users may need to update it if the currently selected stream is no longer available, for example when the stream has reached its End of Life. The MachineConfigOperator uses this value to determine which stream from status.availableStreams to apply as the default for MachineConfigPools that do not specify a stream override.\n\nWhen status.availableStreams has been populated by the operator, updating this field requires that the new value references the name of one of the streams in status.availableStreams. Status-only updates by the operator are not subject to this constraint, allowing the operator to update availableStreams independently of this field. During initial creation, before the operator has populated status, any valid value is accepted.\n\nWhen omitted, the operator determines the default stream automatically. Once set, this field cannot be removed.\n\nIt must be a valid RFC 1123 subdomain between 1 and 253 characters in length, consisting of lowercase alphanumeric characters, hyphens ('-'), and periods ('.').", } func (OSImageStreamSpec) SwaggerDoc() map[string]string { @@ -203,49 +118,4 @@ func (OSImageStreamStatus) SwaggerDoc() map[string]string { return map_OSImageStreamStatus } -var map_PinnedImageRef = map[string]string{ - "name": "name is an OCI Image referenced by digest. The format of the image pull spec is: host[:port][/namespace]/name@sha256:, where the digest must be 64 characters long, and consist only of lowercase hexadecimal characters, a-f and 0-9. The length of the whole spec must be between 1 to 447 characters.", -} - -func (PinnedImageRef) SwaggerDoc() map[string]string { - return map_PinnedImageRef -} - -var map_PinnedImageSet = map[string]string{ - "": "PinnedImageSet describes a set of images that should be pinned by CRI-O and pulled to the nodes which are members of the declared MachineConfigPools.\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.", - "spec": "spec describes the configuration of this pinned image set.", - "status": "status describes the last observed state of this pinned image set.", -} - -func (PinnedImageSet) SwaggerDoc() map[string]string { - return map_PinnedImageSet -} - -var map_PinnedImageSetList = map[string]string{ - "": "PinnedImageSetList is a list of PinnedImageSet resources\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.", - "metadata": "metadata is the standard list's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", -} - -func (PinnedImageSetList) SwaggerDoc() map[string]string { - return map_PinnedImageSetList -} - -var map_PinnedImageSetSpec = map[string]string{ - "": "PinnedImageSetSpec defines the desired state of a PinnedImageSet.", - "pinnedImages": "pinnedImages is a list of OCI Image referenced by digest that should be pinned and pre-loaded by the nodes of a MachineConfigPool. Translates into a new file inside the /etc/crio/crio.conf.d directory with content similar to this:\n\n pinned_images = [\n \"quay.io/openshift-release-dev/ocp-release@sha256:...\",\n \"quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:...\",\n \"quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:...\",\n ...\n ]\n\nThese image references should all be by digest, tags aren't allowed.", -} - -func (PinnedImageSetSpec) SwaggerDoc() map[string]string { - return map_PinnedImageSetSpec -} - -var map_PinnedImageSetStatus = map[string]string{ - "": "PinnedImageSetStatus describes the current state of a PinnedImageSet.", - "conditions": "conditions represent the observations of a pinned image set's current state.", -} - -func (PinnedImageSetStatus) SwaggerDoc() map[string]string { - return map_PinnedImageSetStatus -} - // AUTO-GENERATED FUNCTIONS END HERE diff --git a/vendor/github.com/openshift/api/monitoring/v1/doc.go b/vendor/github.com/openshift/api/monitoring/v1/doc.go index bf046d6ef9..54296a5b37 100644 --- a/vendor/github.com/openshift/api/monitoring/v1/doc.go +++ b/vendor/github.com/openshift/api/monitoring/v1/doc.go @@ -1,6 +1,7 @@ // +k8s:deepcopy-gen=package,register // +k8s:defaulter-gen=TypeMeta // +k8s:openapi-gen=true +// +k8s:openapi-model-package=com.github.openshift.api.monitoring.v1 // +groupName=monitoring.openshift.io package v1 diff --git a/vendor/github.com/openshift/api/monitoring/v1/zz_generated.model_name.go b/vendor/github.com/openshift/api/monitoring/v1/zz_generated.model_name.go new file mode 100644 index 0000000000..eb2793cefc --- /dev/null +++ b/vendor/github.com/openshift/api/monitoring/v1/zz_generated.model_name.go @@ -0,0 +1,66 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Code generated by codegen. DO NOT EDIT. + +package v1 + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AlertRelabelConfig) OpenAPIModelName() string { + return "com.github.openshift.api.monitoring.v1.AlertRelabelConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AlertRelabelConfigList) OpenAPIModelName() string { + return "com.github.openshift.api.monitoring.v1.AlertRelabelConfigList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AlertRelabelConfigSpec) OpenAPIModelName() string { + return "com.github.openshift.api.monitoring.v1.AlertRelabelConfigSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AlertRelabelConfigStatus) OpenAPIModelName() string { + return "com.github.openshift.api.monitoring.v1.AlertRelabelConfigStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AlertingRule) OpenAPIModelName() string { + return "com.github.openshift.api.monitoring.v1.AlertingRule" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AlertingRuleList) OpenAPIModelName() string { + return "com.github.openshift.api.monitoring.v1.AlertingRuleList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AlertingRuleSpec) OpenAPIModelName() string { + return "com.github.openshift.api.monitoring.v1.AlertingRuleSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AlertingRuleStatus) OpenAPIModelName() string { + return "com.github.openshift.api.monitoring.v1.AlertingRuleStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PrometheusRuleRef) OpenAPIModelName() string { + return "com.github.openshift.api.monitoring.v1.PrometheusRuleRef" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in RelabelConfig) OpenAPIModelName() string { + return "com.github.openshift.api.monitoring.v1.RelabelConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in Rule) OpenAPIModelName() string { + return "com.github.openshift.api.monitoring.v1.Rule" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in RuleGroup) OpenAPIModelName() string { + return "com.github.openshift.api.monitoring.v1.RuleGroup" +} diff --git a/vendor/github.com/openshift/api/network/v1/doc.go b/vendor/github.com/openshift/api/network/v1/doc.go index 2816420d96..a3a0e74635 100644 --- a/vendor/github.com/openshift/api/network/v1/doc.go +++ b/vendor/github.com/openshift/api/network/v1/doc.go @@ -2,6 +2,7 @@ // +k8s:conversion-gen=github.com/openshift/origin/pkg/network/apis/network // +k8s:defaulter-gen=TypeMeta // +k8s:openapi-gen=true +// +k8s:openapi-model-package=com.github.openshift.api.network.v1 // +groupName=network.openshift.io // Package v1 is the v1 version of the API. diff --git a/vendor/github.com/openshift/api/network/v1/zz_generated.model_name.go b/vendor/github.com/openshift/api/network/v1/zz_generated.model_name.go new file mode 100644 index 0000000000..20c5089052 --- /dev/null +++ b/vendor/github.com/openshift/api/network/v1/zz_generated.model_name.go @@ -0,0 +1,66 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Code generated by codegen. DO NOT EDIT. + +package v1 + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ClusterNetwork) OpenAPIModelName() string { + return "com.github.openshift.api.network.v1.ClusterNetwork" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ClusterNetworkEntry) OpenAPIModelName() string { + return "com.github.openshift.api.network.v1.ClusterNetworkEntry" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ClusterNetworkList) OpenAPIModelName() string { + return "com.github.openshift.api.network.v1.ClusterNetworkList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in EgressNetworkPolicy) OpenAPIModelName() string { + return "com.github.openshift.api.network.v1.EgressNetworkPolicy" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in EgressNetworkPolicyList) OpenAPIModelName() string { + return "com.github.openshift.api.network.v1.EgressNetworkPolicyList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in EgressNetworkPolicyPeer) OpenAPIModelName() string { + return "com.github.openshift.api.network.v1.EgressNetworkPolicyPeer" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in EgressNetworkPolicyRule) OpenAPIModelName() string { + return "com.github.openshift.api.network.v1.EgressNetworkPolicyRule" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in EgressNetworkPolicySpec) OpenAPIModelName() string { + return "com.github.openshift.api.network.v1.EgressNetworkPolicySpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in HostSubnet) OpenAPIModelName() string { + return "com.github.openshift.api.network.v1.HostSubnet" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in HostSubnetList) OpenAPIModelName() string { + return "com.github.openshift.api.network.v1.HostSubnetList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NetNamespace) OpenAPIModelName() string { + return "com.github.openshift.api.network.v1.NetNamespace" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NetNamespaceList) OpenAPIModelName() string { + return "com.github.openshift.api.network.v1.NetNamespaceList" +} diff --git a/vendor/github.com/openshift/api/network/v1alpha1/doc.go b/vendor/github.com/openshift/api/network/v1alpha1/doc.go index 35539c458c..c02bccc319 100644 --- a/vendor/github.com/openshift/api/network/v1alpha1/doc.go +++ b/vendor/github.com/openshift/api/network/v1alpha1/doc.go @@ -1,6 +1,7 @@ // +k8s:deepcopy-gen=package,register // +k8s:defaulter-gen=TypeMeta // +k8s:openapi-gen=true +// +k8s:openapi-model-package=com.github.openshift.api.network.v1alpha1 // +groupName=network.openshift.io package v1alpha1 diff --git a/vendor/github.com/openshift/api/network/v1alpha1/zz_generated.model_name.go b/vendor/github.com/openshift/api/network/v1alpha1/zz_generated.model_name.go new file mode 100644 index 0000000000..6a67483281 --- /dev/null +++ b/vendor/github.com/openshift/api/network/v1alpha1/zz_generated.model_name.go @@ -0,0 +1,36 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Code generated by codegen. DO NOT EDIT. + +package v1alpha1 + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in DNSNameResolver) OpenAPIModelName() string { + return "com.github.openshift.api.network.v1alpha1.DNSNameResolver" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in DNSNameResolverList) OpenAPIModelName() string { + return "com.github.openshift.api.network.v1alpha1.DNSNameResolverList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in DNSNameResolverResolvedAddress) OpenAPIModelName() string { + return "com.github.openshift.api.network.v1alpha1.DNSNameResolverResolvedAddress" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in DNSNameResolverResolvedName) OpenAPIModelName() string { + return "com.github.openshift.api.network.v1alpha1.DNSNameResolverResolvedName" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in DNSNameResolverSpec) OpenAPIModelName() string { + return "com.github.openshift.api.network.v1alpha1.DNSNameResolverSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in DNSNameResolverStatus) OpenAPIModelName() string { + return "com.github.openshift.api.network.v1alpha1.DNSNameResolverStatus" +} diff --git a/vendor/github.com/openshift/api/networkoperator/v1/doc.go b/vendor/github.com/openshift/api/networkoperator/v1/doc.go index 3c958bbc6e..e49a8969ce 100644 --- a/vendor/github.com/openshift/api/networkoperator/v1/doc.go +++ b/vendor/github.com/openshift/api/networkoperator/v1/doc.go @@ -1,5 +1,6 @@ // Package v1 contains API Schema definitions for the network v1 API group // +k8s:deepcopy-gen=package,register +// +k8s:openapi-model-package=com.github.openshift.api.networkoperator.v1 // +groupName=network.operator.openshift.io // +kubebuilder:validation:Optional package v1 diff --git a/vendor/github.com/openshift/api/networkoperator/v1/zz_generated.model_name.go b/vendor/github.com/openshift/api/networkoperator/v1/zz_generated.model_name.go new file mode 100644 index 0000000000..c667f3b2a4 --- /dev/null +++ b/vendor/github.com/openshift/api/networkoperator/v1/zz_generated.model_name.go @@ -0,0 +1,56 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Code generated by codegen. DO NOT EDIT. + +package v1 + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in EgressRouter) OpenAPIModelName() string { + return "com.github.openshift.api.networkoperator.v1.EgressRouter" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in EgressRouterAddress) OpenAPIModelName() string { + return "com.github.openshift.api.networkoperator.v1.EgressRouterAddress" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in EgressRouterInterface) OpenAPIModelName() string { + return "com.github.openshift.api.networkoperator.v1.EgressRouterInterface" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in EgressRouterList) OpenAPIModelName() string { + return "com.github.openshift.api.networkoperator.v1.EgressRouterList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in EgressRouterSpec) OpenAPIModelName() string { + return "com.github.openshift.api.networkoperator.v1.EgressRouterSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in EgressRouterStatus) OpenAPIModelName() string { + return "com.github.openshift.api.networkoperator.v1.EgressRouterStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in EgressRouterStatusCondition) OpenAPIModelName() string { + return "com.github.openshift.api.networkoperator.v1.EgressRouterStatusCondition" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in L4RedirectRule) OpenAPIModelName() string { + return "com.github.openshift.api.networkoperator.v1.L4RedirectRule" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MacvlanConfig) OpenAPIModelName() string { + return "com.github.openshift.api.networkoperator.v1.MacvlanConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in RedirectConfig) OpenAPIModelName() string { + return "com.github.openshift.api.networkoperator.v1.RedirectConfig" +} diff --git a/vendor/github.com/openshift/api/oauth/v1/doc.go b/vendor/github.com/openshift/api/oauth/v1/doc.go index cae9e70d4a..d39b241130 100644 --- a/vendor/github.com/openshift/api/oauth/v1/doc.go +++ b/vendor/github.com/openshift/api/oauth/v1/doc.go @@ -2,6 +2,7 @@ // +k8s:conversion-gen=github.com/openshift/origin/pkg/oauth/apis/oauth // +k8s:defaulter-gen=TypeMeta // +k8s:openapi-gen=true +// +k8s:openapi-model-package=com.github.openshift.api.oauth.v1 // +groupName=oauth.openshift.io // Package v1 is the v1 version of the API. diff --git a/vendor/github.com/openshift/api/oauth/v1/zz_generated.model_name.go b/vendor/github.com/openshift/api/oauth/v1/zz_generated.model_name.go new file mode 100644 index 0000000000..9a471d2c4a --- /dev/null +++ b/vendor/github.com/openshift/api/oauth/v1/zz_generated.model_name.go @@ -0,0 +1,76 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Code generated by codegen. DO NOT EDIT. + +package v1 + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ClusterRoleScopeRestriction) OpenAPIModelName() string { + return "com.github.openshift.api.oauth.v1.ClusterRoleScopeRestriction" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OAuthAccessToken) OpenAPIModelName() string { + return "com.github.openshift.api.oauth.v1.OAuthAccessToken" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OAuthAccessTokenList) OpenAPIModelName() string { + return "com.github.openshift.api.oauth.v1.OAuthAccessTokenList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OAuthAuthorizeToken) OpenAPIModelName() string { + return "com.github.openshift.api.oauth.v1.OAuthAuthorizeToken" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OAuthAuthorizeTokenList) OpenAPIModelName() string { + return "com.github.openshift.api.oauth.v1.OAuthAuthorizeTokenList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OAuthClient) OpenAPIModelName() string { + return "com.github.openshift.api.oauth.v1.OAuthClient" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OAuthClientAuthorization) OpenAPIModelName() string { + return "com.github.openshift.api.oauth.v1.OAuthClientAuthorization" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OAuthClientAuthorizationList) OpenAPIModelName() string { + return "com.github.openshift.api.oauth.v1.OAuthClientAuthorizationList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OAuthClientList) OpenAPIModelName() string { + return "com.github.openshift.api.oauth.v1.OAuthClientList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OAuthRedirectReference) OpenAPIModelName() string { + return "com.github.openshift.api.oauth.v1.OAuthRedirectReference" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in RedirectReference) OpenAPIModelName() string { + return "com.github.openshift.api.oauth.v1.RedirectReference" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ScopeRestriction) OpenAPIModelName() string { + return "com.github.openshift.api.oauth.v1.ScopeRestriction" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in UserOAuthAccessToken) OpenAPIModelName() string { + return "com.github.openshift.api.oauth.v1.UserOAuthAccessToken" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in UserOAuthAccessTokenList) OpenAPIModelName() string { + return "com.github.openshift.api.oauth.v1.UserOAuthAccessTokenList" +} diff --git a/vendor/github.com/openshift/api/openshiftcontrolplane/v1/doc.go b/vendor/github.com/openshift/api/openshiftcontrolplane/v1/doc.go index 4528e3c4a6..706f46006e 100644 --- a/vendor/github.com/openshift/api/openshiftcontrolplane/v1/doc.go +++ b/vendor/github.com/openshift/api/openshiftcontrolplane/v1/doc.go @@ -1,6 +1,7 @@ // +k8s:deepcopy-gen=package,register // +k8s:defaulter-gen=TypeMeta // +k8s:openapi-gen=true +// +k8s:openapi-model-package=com.github.openshift.api.openshiftcontrolplane.v1 // +groupName=openshiftcontrolplane.config.openshift.io // Package v1 is the v1 version of the API. diff --git a/vendor/github.com/openshift/api/openshiftcontrolplane/v1/zz_generated.model_name.go b/vendor/github.com/openshift/api/openshiftcontrolplane/v1/zz_generated.model_name.go new file mode 100644 index 0000000000..b843518b15 --- /dev/null +++ b/vendor/github.com/openshift/api/openshiftcontrolplane/v1/zz_generated.model_name.go @@ -0,0 +1,131 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Code generated by codegen. DO NOT EDIT. + +package v1 + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in APIServers) OpenAPIModelName() string { + return "com.github.openshift.api.openshiftcontrolplane.v1.APIServers" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in BuildControllerConfig) OpenAPIModelName() string { + return "com.github.openshift.api.openshiftcontrolplane.v1.BuildControllerConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in BuildDefaultsConfig) OpenAPIModelName() string { + return "com.github.openshift.api.openshiftcontrolplane.v1.BuildDefaultsConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in BuildOverridesConfig) OpenAPIModelName() string { + return "com.github.openshift.api.openshiftcontrolplane.v1.BuildOverridesConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ClusterNetworkEntry) OpenAPIModelName() string { + return "com.github.openshift.api.openshiftcontrolplane.v1.ClusterNetworkEntry" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in DeployerControllerConfig) OpenAPIModelName() string { + return "com.github.openshift.api.openshiftcontrolplane.v1.DeployerControllerConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in DockerPullSecretControllerConfig) OpenAPIModelName() string { + return "com.github.openshift.api.openshiftcontrolplane.v1.DockerPullSecretControllerConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in FrontProxyConfig) OpenAPIModelName() string { + return "com.github.openshift.api.openshiftcontrolplane.v1.FrontProxyConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageConfig) OpenAPIModelName() string { + return "com.github.openshift.api.openshiftcontrolplane.v1.ImageConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageImportControllerConfig) OpenAPIModelName() string { + return "com.github.openshift.api.openshiftcontrolplane.v1.ImageImportControllerConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImagePolicyConfig) OpenAPIModelName() string { + return "com.github.openshift.api.openshiftcontrolplane.v1.ImagePolicyConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in IngressControllerConfig) OpenAPIModelName() string { + return "com.github.openshift.api.openshiftcontrolplane.v1.IngressControllerConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in JenkinsPipelineConfig) OpenAPIModelName() string { + return "com.github.openshift.api.openshiftcontrolplane.v1.JenkinsPipelineConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NetworkControllerConfig) OpenAPIModelName() string { + return "com.github.openshift.api.openshiftcontrolplane.v1.NetworkControllerConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OpenShiftAPIServerConfig) OpenAPIModelName() string { + return "com.github.openshift.api.openshiftcontrolplane.v1.OpenShiftAPIServerConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OpenShiftControllerManagerConfig) OpenAPIModelName() string { + return "com.github.openshift.api.openshiftcontrolplane.v1.OpenShiftControllerManagerConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PerGroupOptions) OpenAPIModelName() string { + return "com.github.openshift.api.openshiftcontrolplane.v1.PerGroupOptions" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ProjectConfig) OpenAPIModelName() string { + return "com.github.openshift.api.openshiftcontrolplane.v1.ProjectConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in RegistryLocation) OpenAPIModelName() string { + return "com.github.openshift.api.openshiftcontrolplane.v1.RegistryLocation" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ResourceQuotaControllerConfig) OpenAPIModelName() string { + return "com.github.openshift.api.openshiftcontrolplane.v1.ResourceQuotaControllerConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in RoutingConfig) OpenAPIModelName() string { + return "com.github.openshift.api.openshiftcontrolplane.v1.RoutingConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in SecurityAllocator) OpenAPIModelName() string { + return "com.github.openshift.api.openshiftcontrolplane.v1.SecurityAllocator" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ServiceAccountControllerConfig) OpenAPIModelName() string { + return "com.github.openshift.api.openshiftcontrolplane.v1.ServiceAccountControllerConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ServiceServingCert) OpenAPIModelName() string { + return "com.github.openshift.api.openshiftcontrolplane.v1.ServiceServingCert" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in SourceStrategyDefaultsConfig) OpenAPIModelName() string { + return "com.github.openshift.api.openshiftcontrolplane.v1.SourceStrategyDefaultsConfig" +} diff --git a/vendor/github.com/openshift/api/operator/v1/doc.go b/vendor/github.com/openshift/api/operator/v1/doc.go index 3de961a7fc..1aa50336ad 100644 --- a/vendor/github.com/openshift/api/operator/v1/doc.go +++ b/vendor/github.com/openshift/api/operator/v1/doc.go @@ -1,6 +1,7 @@ // +k8s:deepcopy-gen=package,register // +k8s:defaulter-gen=TypeMeta // +k8s:openapi-gen=true +// +k8s:openapi-model-package=com.github.openshift.api.operator.v1 // +kubebuilder:validation:Optional // +groupName=operator.openshift.io diff --git a/vendor/github.com/openshift/api/operator/v1/types_authentication.go b/vendor/github.com/openshift/api/operator/v1/types_authentication.go index 7cc22d1e4e..4d0e9f6d68 100644 --- a/vendor/github.com/openshift/api/operator/v1/types_authentication.go +++ b/vendor/github.com/openshift/api/operator/v1/types_authentication.go @@ -49,6 +49,11 @@ type OAuthAPIServerStatus struct { // +optional // +kubebuilder:validation:Minimum=0 LatestAvailableRevision int32 `json:"latestAvailableRevision,omitempty"` + + // encryptionStatus contains status reports for the KMS plugin health and its key rotation. + // +optional + // +openshift:enable:FeatureGate=KMSEncryption + EncryptionStatus KMSEncryptionStatus `json:"encryptionStatus,omitempty,omitzero"` } // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object diff --git a/vendor/github.com/openshift/api/operator/v1/types_csi_cluster_driver.go b/vendor/github.com/openshift/api/operator/v1/types_csi_cluster_driver.go index 53c71aabb6..51ecab70c8 100644 --- a/vendor/github.com/openshift/api/operator/v1/types_csi_cluster_driver.go +++ b/vendor/github.com/openshift/api/operator/v1/types_csi_cluster_driver.go @@ -21,6 +21,9 @@ import ( // +kubebuilder:subresource:status // +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/701 // +openshift:file-pattern=cvoRunLevel=0000_50,operatorName=csi-driver,operatorOrdering=01 +// +kubebuilder:validation:XValidation:rule="self.spec.?driverConfig.driverType.orValue('') == 'SecretsStore' ? self.metadata.name == 'secrets-store.csi.k8s.io' : true",message="driverType 'SecretsStore' requires metadata.name 'secrets-store.csi.k8s.io'" +// +kubebuilder:validation:XValidation:rule="self.metadata.name == 'secrets-store.csi.k8s.io' ? (!has(self.spec.driverConfig) || self.spec.driverConfig.driverType == 'SecretsStore') : true",message="metadata.name 'secrets-store.csi.k8s.io' requires driverType 'SecretsStore'" +// +kubebuilder:validation:XValidation:rule="oldSelf.spec.?driverConfig.?secretsStore.?tokenRequests.?type.orValue('') != 'Managed' || self.spec.?driverConfig.?secretsStore.?tokenRequests.?type.orValue('') == 'Managed'",message="tokenRequests type cannot be changed from Managed" // ClusterCSIDriver object allows management and configuration of a CSI driver operator // installed by default in OpenShift. Name of the object must be name of the CSI driver @@ -113,25 +116,27 @@ type ClusterCSIDriverSpec struct { } // CSIDriverType indicates type of CSI driver being configured. -// +kubebuilder:validation:Enum="";AWS;Azure;GCP;IBMCloud;vSphere +// +kubebuilder:validation:Enum="";AWS;Azure;GCP;IBMCloud;vSphere;SecretsStore type CSIDriverType string const ( - AWSDriverType CSIDriverType = "AWS" - AzureDriverType CSIDriverType = "Azure" - GCPDriverType CSIDriverType = "GCP" - IBMCloudDriverType CSIDriverType = "IBMCloud" - VSphereDriverType CSIDriverType = "vSphere" + AWSDriverType CSIDriverType = "AWS" + AzureDriverType CSIDriverType = "Azure" + GCPDriverType CSIDriverType = "GCP" + IBMCloudDriverType CSIDriverType = "IBMCloud" + VSphereDriverType CSIDriverType = "vSphere" + SecretsStoreDriverType CSIDriverType = "SecretsStore" ) // CSIDriverConfigSpec defines configuration spec that can be // used to optionally configure a specific CSI Driver. // +kubebuilder:validation:XValidation:rule="has(self.driverType) && self.driverType == 'IBMCloud' ? has(self.ibmcloud) : !has(self.ibmcloud)",message="ibmcloud must be set if driverType is 'IBMCloud', but remain unset otherwise" +// +kubebuilder:validation:XValidation:rule="has(self.driverType) && self.driverType == 'SecretsStore' ? has(self.secretsStore) : !has(self.secretsStore)",message="secretsStore must be set if driverType is 'SecretsStore', but remain unset otherwise" // +union type CSIDriverConfigSpec struct { // driverType indicates type of CSI driver for which the // driverConfig is being applied to. - // Valid values are: AWS, Azure, GCP, IBMCloud, vSphere and omitted. + // Valid values are: AWS, Azure, GCP, IBMCloud, vSphere, SecretsStore and omitted. // Consumers should treat unknown values as a NO-OP. // +required // +unionDiscriminator @@ -156,6 +161,10 @@ type CSIDriverConfigSpec struct { // vSphere is used to configure the vsphere CSI driver. // +optional VSphere *VSphereCSIDriverConfigSpec `json:"vSphere,omitempty"` + + // secretsStore is used to configure the Secrets Store CSI driver. + // +optional + SecretsStore SecretsStoreCSIDriverConfigSpec `json:"secretsStore,omitzero"` } // AWSCSIDriverConfigSpec defines properties that can be configured for the AWS CSI driver. @@ -163,7 +172,15 @@ type AWSCSIDriverConfigSpec struct { // kmsKeyARN sets the cluster default storage class to encrypt volumes with a user-defined KMS key, // rather than the default KMS key used by AWS. // The value may be either the ARN or Alias ARN of a KMS key. - // +kubebuilder:validation:Pattern:=`^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b|aws-iso-e|aws-iso-f):kms:[a-z0-9-]+:[0-9]{12}:(key|alias)\/.*$` + // + // The ARN must follow the format: arn::kms:::(key|alias)/, where: + // is the AWS partition (aws, aws-cn, aws-us-gov, aws-iso, aws-iso-b, aws-iso-e, aws-iso-f, or aws-eusc), + // is the AWS region, + // is a 12-digit numeric identifier for the AWS account, + // is the KMS key ID or alias name. + // + // +openshift:validation:FeatureGateAwareXValidation:featureGate="",rule=`matches(self, '^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b|aws-iso-e|aws-iso-f):kms:[a-z0-9-]+:[0-9]{12}:(key|alias)/.*$')`,message=`kmsKeyARN must be a valid AWS KMS key ARN in the format: arn::kms:::(key|alias)/` + // +openshift:validation:FeatureGateAwareXValidation:featureGate=AWSEuropeanSovereignCloudInstall,rule=`matches(self, '^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b|aws-iso-e|aws-iso-f|aws-eusc):kms:[a-z0-9-]+:[0-9]{12}:(key|alias)/.*$')`,message=`kmsKeyARN must be a valid AWS KMS key ARN in the format: arn::kms:::(key|alias)/` // +optional KMSKeyARN string `json:"kmsKeyARN,omitempty"` @@ -381,6 +398,146 @@ type VSphereCSIDriverConfigSpec struct { MaxAllowedBlockVolumesPerNode int32 `json:"maxAllowedBlockVolumesPerNode,omitempty"` } +// SecretsStoreCSIDriverConfigSpec defines properties that can be configured for the Secrets Store CSI driver. +// +kubebuilder:validation:MinProperties=1 +type SecretsStoreCSIDriverConfigSpec struct { + // secretRotation controls automatic secret rotation behavior. + // When omitted, secret rotation is enabled with a default poll interval of 2 minutes. + // +optional + SecretRotation SecretsStoreSecretRotation `json:"secretRotation,omitzero"` + + // tokenRequests controls service account token configuration for + // workload identity federation (WIF) with cloud providers. + // When omitted, the operator preserves any existing tokenRequests + // already configured on the CSIDriver object without modification. + // +optional + TokenRequests SecretsStoreTokenRequests `json:"tokenRequests,omitzero"` +} + +// TokenRequestsType determines how the operator manages the tokenRequests +// field on the storage.k8s.io CSIDriver object. +// +kubebuilder:validation:Enum=Managed;Unmanaged +type TokenRequestsType string + +const ( + // TokenRequestsManaged means the operator uses the audiences list + // as the sole source of truth for the CSIDriver.spec.tokenRequests field. + TokenRequestsManaged TokenRequestsType = "Managed" + + // TokenRequestsUnmanaged means the operator preserves any existing + // tokenRequests already configured on the CSIDriver object and does not + // overwrite them. + TokenRequestsUnmanaged TokenRequestsType = "Unmanaged" +) + +// SecretsStoreTokenRequests configures how service account tokens are +// provided to the Secrets Store CSI driver for workload identity federation. +// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'Managed' ? has(self.managed) : !has(self.managed)",message="managed must be set when type is 'Managed', and must not be set otherwise" +// +union +type SecretsStoreTokenRequests struct { + // type determines how the operator manages tokenRequests on the CSIDriver object. + // When "Unmanaged", existing tokenRequests on the CSIDriver are preserved + // and the managed field is not used. + // When "Managed", the operator sets tokenRequests from the audiences + // specified in the managed field, replacing any previously configured values. + // Once set to "Managed", type cannot be reverted back to "Unmanaged". + // +unionDiscriminator + // +required + Type TokenRequestsType `json:"type,omitempty"` + + // managed holds configuration for operator-managed tokenRequests. + // Only valid when type is "Managed". + // +optional + Managed ManagedTokenRequests `json:"managed,omitzero"` +} + +// ManagedTokenRequests holds the configuration for operator-managed +// service account token requests. +// +kubebuilder:validation:MinProperties=1 +type ManagedTokenRequests struct { + // audiences specifies service account token audiences that kubelet will + // provide to the CSI driver during NodePublishVolume calls. These tokens + // enable workload identity federation (WIF) with cloud providers such as + // AWS, Azure, and GCP. + // When empty, the operator clears all tokenRequests from the CSIDriver object. + // +optional + // +listType=map + // +listMapKey=audience + // +kubebuilder:validation:MinItems=0 + // +kubebuilder:validation:MaxItems=10 + Audiences *[]SecretsStoreTokenRequest `json:"audiences,omitempty"` +} + +// SecretRotationType determines the secret rotation behavior for the +// Secrets Store CSI driver. +// +kubebuilder:validation:Enum=None;Custom +type SecretRotationType string + +const ( + // SecretRotationNone disables automatic secret rotation. Secrets are only + // fetched at initial pod mount time. + SecretRotationNone SecretRotationType = "None" + + // SecretRotationCustom enables automatic secret rotation with the + // configuration specified in the custom field. + SecretRotationCustom SecretRotationType = "Custom" +) + +// SecretsStoreSecretRotation configures the automatic secret rotation behavior +// for the Secrets Store CSI driver. +// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'Custom' ? has(self.custom) : !has(self.custom)",message="custom must be set when type is 'Custom', and must not be set otherwise" +// +union +type SecretsStoreSecretRotation struct { + // type determines the secret rotation behavior. + // When "None", secret rotation is disabled and secrets are only fetched at + // initial pod mount time. + // When "Custom", secret rotation is enabled with the configuration specified + // in the custom field. + // +unionDiscriminator + // +required + Type SecretRotationType `json:"type,omitempty"` + + // custom holds the custom rotation configuration. + // Only valid when type is "Custom". + // +optional + Custom CustomSecretRotation `json:"custom,omitzero"` +} + +// CustomSecretRotation holds configuration for custom secret rotation behavior. +// +kubebuilder:validation:MinProperties=1 +type CustomSecretRotation struct { + // rotationPollIntervalSeconds is the minimum time in seconds between secret + // rotation attempts. The driver skips provider calls if less than this interval + // has elapsed since the last successful rotation. + // Must be at least 1 second and no more than 31560000 seconds (~1 year). + // When omitted, this means no opinion and the platform is left to choose a + // reasonable default, which is subject to change over time. + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=31560000 + // +optional + RotationPollIntervalSeconds int32 `json:"rotationPollIntervalSeconds,omitempty"` +} + +// SecretsStoreTokenRequest specifies a service account token audience configuration +// for workload identity federation (WIF) with the Secrets Store CSI driver. +type SecretsStoreTokenRequest struct { + // audience is the intended audience of the service account token. + // An empty string means the issued token will use the kube-apiserver's default APIAudiences. + // +kubebuilder:validation:MinLength=0 + // +kubebuilder:validation:MaxLength=253 + // +required + Audience *string `json:"audience,omitempty"` + + // expirationSeconds is the requested duration of validity of the service account token. + // The token issuer may return a token with a different validity duration. + // When omitted, the token expiration is determined by the kube-apiserver. + // Must be at least 600 seconds (10 minutes) and no more than 315360000 seconds (~10 years). + // +kubebuilder:validation:Minimum=600 + // +kubebuilder:validation:Maximum=315360000 + // +optional + ExpirationSeconds int32 `json:"expirationSeconds,omitempty"` +} + // ClusterCSIDriverStatus is the observed status of CSI driver operator type ClusterCSIDriverStatus struct { OperatorStatus `json:",inline"` diff --git a/vendor/github.com/openshift/api/operator/v1/types_etcd.go b/vendor/github.com/openshift/api/operator/v1/types_etcd.go index 252f3b3990..f2f1131036 100644 --- a/vendor/github.com/openshift/api/operator/v1/types_etcd.go +++ b/vendor/github.com/openshift/api/operator/v1/types_etcd.go @@ -42,11 +42,11 @@ type EtcdSpec struct { HardwareSpeed ControlPlaneHardwareSpeed `json:"controlPlaneHardwareSpeed"` // backendQuotaGiB sets the etcd backend storage size limit in gibibytes. - // The value should be an integer not less than 8 and not more than 32. + // The value should be an integer not less than 8 and not more than 16. // When not specified, the default value is 8. // +kubebuilder:default:=8 // +kubebuilder:validation:Minimum=8 - // +kubebuilder:validation:Maximum=32 + // +kubebuilder:validation:Maximum=16 // +kubebuilder:validation:XValidation:rule="self>=oldSelf",message="etcd backendQuotaGiB may not be decreased" // +openshift:enable:FeatureGate=EtcdBackendQuota // +default=8 diff --git a/vendor/github.com/openshift/api/operator/v1/types_ingress.go b/vendor/github.com/openshift/api/operator/v1/types_ingresscontroller.go similarity index 96% rename from vendor/github.com/openshift/api/operator/v1/types_ingress.go rename to vendor/github.com/openshift/api/operator/v1/types_ingresscontroller.go index d54352f2ce..52bfdede3e 100644 --- a/vendor/github.com/openshift/api/operator/v1/types_ingress.go +++ b/vendor/github.com/openshift/api/operator/v1/types_ingresscontroller.go @@ -898,8 +898,53 @@ type AWSNetworkLoadBalancerParameters struct { // +kubebuilder:validation:XValidation:rule=`self.all(x, self.exists_one(y, x == y))`,message="eipAllocations cannot contain duplicates" // +kubebuilder:validation:MaxItems=10 EIPAllocations []EIPAllocation `json:"eipAllocations"` + + // protocol specifies whether the Network Load Balancer uses PROXY + // protocol to forward connections to the IngressController. + // + // When set to "TCP", the NLB uses AWS's native client IP preservation. + // This may cause hairpin connection failures for internal load + // balancers when connections are made from pods to router pods on + // the same node. + // + // When set to "PROXY", the NLB disables native client IP preservation + // and uses PROXY protocol v2. The IngressController enables PROXY + // protocol on HAProxy so that it can parse PROXY protocol headers to + // obtain the original client IP. This avoids hairpin connection + // failures. + // + // The following values are valid for this field: + // + // * "TCP". + // * "PROXY". + // + // When omitted, this means the user has no opinion and the value is + // left to the platform to choose a reasonable default, which is subject to + // change over time. The current default is "PROXY". + // + // Note that changing this field may cause brief connection failures + // during the transition as the NLB attribute change and router rollout + // occur independently. + // + // +optional + Protocol NLBProtocol `json:"protocol,omitempty"` } +// NLBProtocol specifies whether the AWS Network Load Balancer uses +// PROXY protocol to forward connections to the IngressController. +// +kubebuilder:validation:Enum=TCP;PROXY +// +enum +type NLBProtocol string + +const ( + // NLBProtocolTCP instructs the NLB to forward connections using TCP + // without PROXY protocol. + NLBProtocolTCP NLBProtocol = "TCP" + // NLBProtocolProxy instructs the NLB to forward connections using + // PROXY protocol v2. + NLBProtocolProxy NLBProtocol = "PROXY" +) + // EIPAllocation is an ID for an Elastic IP (EIP) address that can be allocated to an ELB in the AWS environment. // Values must begin with `eipalloc-` followed by exactly 17 hexadecimal (`[0-9a-fA-F]`) characters. // + Explanation of the regex `^eipalloc-[0-9a-fA-F]{17}$` for validating value of the EIPAllocation: @@ -2034,6 +2079,7 @@ type IngressControllerTuningOptions struct { // processes in router containers with the following metric: // 'container_memory_working_set_bytes{container="router",namespace="openshift-ingress"}/container_processes{container="router",namespace="openshift-ingress"}'. // + // +kubebuilder:validation:XValidation:rule="self == 0 || self == -1 || (self >= 2000 && self <= 2000000)",message="maxConnections must be 0, -1, or between 2000 and 2000000" // +optional MaxConnections int32 `json:"maxConnections,omitempty"` @@ -2068,8 +2114,51 @@ type IngressControllerTuningOptions struct { // +kubebuilder:validation:Type:=string // +optional ReloadInterval metav1.Duration `json:"reloadInterval,omitempty"` + + // configurationManagement specifies how OpenShift router should update + // the HAProxy configuration. The following values are valid for this + // field: + // + // * "ForkAndReload". + // * "Dynamic". + // + // Omitting this field means that the user has no opinion and the + // platform may choose a reasonable default. This default is subject to + // change over time. The current default is "ForkAndReload". + // + // "ForkAndReload" means that OpenShift router should rewrite the + // HAProxy configuration file and instruct HAProxy to fork and reload. + // This is OpenShift router's traditional approach. + // + // "Dynamic" means that OpenShift router may use HAProxy's control + // socket for some configuration updates and fall back to fork and + // reload for other configuration updates. This is a newer approach, + // which may be less mature than ForkAndReload. This setting can + // improve load-balancing fairness and metrics accuracy and reduce CPU + // and memory usage if HAProxy has frequent configuration updates for + // route and endpoints updates. + // + // Note: The "Dynamic" option is currently experimental and should not + // be enabled on production clusters. + // + // +openshift:enable:FeatureGate=IngressControllerDynamicConfigurationManager + // +optional + ConfigurationManagement IngressControllerConfigurationManagement `json:"configurationManagement,omitempty"` } +// IngressControllerConfigurationManagement specifies whether always to use +// fork-and-reload to update the HAProxy configuration or whether to use +// HAProxy's control socket for some configuration updates. +// +// +enum +// +kubebuilder:validation:Enum=Dynamic;ForkAndReload +type IngressControllerConfigurationManagement string + +const ( + IngressControllerConfigurationManagementDynamic IngressControllerConfigurationManagement = "Dynamic" + IngressControllerConfigurationManagementForkAndReload IngressControllerConfigurationManagement = "ForkAndReload" +) + // HTTPEmptyRequestsPolicy indicates how HTTP connections for which no request // is received should be handled. // +kubebuilder:validation:Enum=Respond;Ignore diff --git a/vendor/github.com/openshift/api/operator/v1/types_kmsencryption.go b/vendor/github.com/openshift/api/operator/v1/types_kmsencryption.go new file mode 100644 index 0000000000..a5dcf7d334 --- /dev/null +++ b/vendor/github.com/openshift/api/operator/v1/types_kmsencryption.go @@ -0,0 +1,80 @@ +package v1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +// +kubebuilder:validation:Enum=Healthy;Unhealthy;Error +type KMSPluginHealthStatus string + +const ( + KMSPluginHealthStatusHealthy KMSPluginHealthStatus = "Healthy" + + KMSPluginHealthStatusUnhealthy KMSPluginHealthStatus = "Unhealthy" + + KMSPluginHealthStatusError KMSPluginHealthStatus = "Error" +) + +// +openshift:compatibility-gen:level=1 +type KMSPluginHealthReport struct { + + // nodeName is the name of the node this instance of the plugin runs on. + // The combination of nodeName and keyId makes this health report unique. + // The value must be a valid Kubernetes node name: a lowercase RFC 1123 subdomain + // consisting of lowercase alphanumeric characters, '-' or '.', starting and ending with + // an alphanumeric character, and be at most 253 characters in length. + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=253 + // +kubebuilder:validation:XValidation:rule="!format.dns1123Subdomain().validate(self).hasValue()",message="nodeName must be a lowercase RFC 1123 subdomain consisting of lowercase alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character" + // +required + NodeName string `json:"nodeName,omitempty"` + + // keyId is the encryption-key-secret id (kms-{keyId}.sock), a unique identifier of the plugin on that node. + // This is not a cryptographic key used to encrypt/decrypt any resources. + // The value must be between 1 and 512 characters. + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=512 + // +required + KeyId string `json:"keyId,omitempty"` + + // status contains a health indicator for the respective KMS plugin + // The field can have three states: healthy, unhealthy, error. + // With error and unhealthy containing additional information in Detail. + // +required + Status KMSPluginHealthStatus `json:"status,omitempty"` + + // lastCheckedTime is a timestamp of when the probe was last checked. + // +required + LastCheckedTime metav1.Time `json:"lastCheckedTime,omitempty"` + + // kekId refers to the remote KEK id from KMS v2 StatusResponse.key_id. + // This is not a cryptographic key, but a unique representation of the KEK. + // The value must be between 1 and 1024 characters. + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=1024 + // +required + KEKId string `json:"kekId,omitempty"` + + // detail contains additional error/health information for the respective KMS plugin. + // When omitted, no additional error or health information is provided. + // When set, the value must be between 1 and 1024 characters. + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=1024 + // +optional + Detail string `json:"detail,omitempty"` +} + +// +openshift:compatibility-gen:level=1 +// +kubebuilder:validation:MinProperties=1 +type KMSEncryptionStatus struct { + // healthReports contains all KMS plugin health reports. + // When omitted, no health reports are available. + // Each entry must have a unique combination of nodeName and keyId. + // +optional + // +kubebuilder:validation:MinItems=1 + // +kubebuilder:validation:MaxItems=200 + // +listType=map + // +listMapKey=nodeName + // +listMapKey=keyId + HealthReports []KMSPluginHealthReport `json:"healthReports,omitempty"` +} diff --git a/vendor/github.com/openshift/api/operator/v1/types_kubeapiserver.go b/vendor/github.com/openshift/api/operator/v1/types_kubeapiserver.go index 1461f11a12..31b0c201b4 100644 --- a/vendor/github.com/openshift/api/operator/v1/types_kubeapiserver.go +++ b/vendor/github.com/openshift/api/operator/v1/types_kubeapiserver.go @@ -63,6 +63,11 @@ type KubeAPIServerStatus struct { // +optional // +listType=atomic ServiceAccountIssuers []ServiceAccountIssuerStatus `json:"serviceAccountIssuers,omitempty"` + + // encryptionStatus contains status reports for the KMS plugin health and its key rotation. + // +optional + // +openshift:enable:FeatureGate=KMSEncryption + EncryptionStatus KMSEncryptionStatus `json:"encryptionStatus,omitempty,omitzero"` } type ServiceAccountIssuerStatus struct { diff --git a/vendor/github.com/openshift/api/operator/v1/types_network.go b/vendor/github.com/openshift/api/operator/v1/types_network.go index 1cf56f549b..cd2e2f9e38 100644 --- a/vendor/github.com/openshift/api/operator/v1/types_network.go +++ b/vendor/github.com/openshift/api/operator/v1/types_network.go @@ -398,6 +398,12 @@ type OpenShiftSDNConfig struct { // ovnKubernetesConfig contains the configuration parameters for networks // using the ovn-kubernetes network project +// +openshift:validation:FeatureGateAwareXValidation:featureGate=NoOverlayMode,rule="self.?transport.orValue('') == 'NoOverlay' ? self.?routeAdvertisements.orValue('') == 'Enabled' : true",message="routeAdvertisements must be Enabled when transport is NoOverlay" +// +openshift:validation:FeatureGateAwareXValidation:featureGate=NoOverlayMode,rule="self.?transport.orValue('') == 'NoOverlay' ? has(self.noOverlayConfig) : !has(self.noOverlayConfig)",message="noOverlayConfig must be set if transport is NoOverlay, and is forbidden otherwise" +// +openshift:validation:FeatureGateAwareXValidation:featureGate=NoOverlayMode,rule="self.?noOverlayConfig.routing.orValue('') == 'Managed' ? has(self.bgpManagedConfig) : true",message="bgpManagedConfig is required when noOverlayConfig.routing is Managed" +// +openshift:validation:FeatureGateAwareXValidation:featureGate=NoOverlayMode,rule="!has(self.transport) || self.transport == 'Geneve' || has(oldSelf.transport)",message="transport can only be set to Geneve after installation" +// +openshift:validation:FeatureGateAwareXValidation:featureGate=NoOverlayMode,rule="!has(oldSelf.transport) || has(self.transport)",message="transport may not be removed once set" +// +openshift:validation:FeatureGateAwareXValidation:featureGate=NoOverlayMode,rule="!has(oldSelf.noOverlayConfig) || has(self.noOverlayConfig)",message="noOverlayConfig may not be removed once set" type OVNKubernetesConfig struct { // mtu is the MTU to use for the tunnel interface. This must be 100 // bytes smaller than the uplink mtu. @@ -466,6 +472,38 @@ type OVNKubernetesConfig struct { // current default is "Disabled". // +optional RouteAdvertisements RouteAdvertisementsEnablement `json:"routeAdvertisements,omitempty"` + + // transport sets the transport mode for pods on the default network. + // Allowed values are "NoOverlay" and "Geneve". + // "NoOverlay" avoids tunnel encapsulation, routing pod traffic directly between nodes. + // "Geneve" encapsulates pod traffic using Geneve tunnels between nodes. + // When omitted, this means the user has no opinion and the platform chooses + // a reasonable default which is subject to change over time. + // The current default is "Geneve". + // "NoOverlay" can only be set at installation time and cannot be changed afterwards. + // "Geneve" may be set explicitly at any time to lock in the current default. + // +openshift:enable:FeatureGate=NoOverlayMode + // +kubebuilder:validation:Enum=NoOverlay;Geneve + // +openshift:validation:FeatureGateAwareXValidation:featureGate=NoOverlayMode,rule="self == oldSelf",message="transport is immutable once set" + // +optional + Transport TransportOption `json:"transport,omitempty"` + + // noOverlayConfig contains configuration for no-overlay mode. + // This configuration applies to the default network only. + // It is required when transport is "NoOverlay". + // When omitted, this means the user does not configure no-overlay mode options. + // +openshift:enable:FeatureGate=NoOverlayMode + // +optional + NoOverlayConfig NoOverlayConfig `json:"noOverlayConfig,omitzero,omitempty"` + + // bgpManagedConfig configures the BGP properties for networks (default network or CUDNs) + // in no-overlay mode that specify routing="Managed" in their noOverlayConfig. + // It is required when noOverlayConfig.routing is set to "Managed". + // When omitted, this means the user does not configure BGP for managed routing. + // This field can be set at installation time or on day 2, and can be modified at any time. + // +openshift:enable:FeatureGate=NoOverlayMode + // +optional + BGPManagedConfig BGPManagedConfig `json:"bgpManagedConfig,omitzero,omitempty"` } type IPv4OVNKubernetesConfig struct { @@ -896,3 +934,80 @@ type AdditionalRoutingCapabilities struct { // +kubebuilder:validation:XValidation:rule="self.all(x, self.exists_one(y, x == y))" Providers []RoutingCapabilitiesProvider `json:"providers"` } + +// TransportOption is the type for network transport options +type TransportOption string + +// SNATOption is the type for SNAT configuration options +type SNATOption string + +// RoutingOption is the type for routing configuration options +type RoutingOption string + +// BGPTopology is the type for BGP topology configuration +type BGPTopology string + +const ( + // TransportOptionNoOverlay indicates the network operates in no-overlay mode + TransportOptionNoOverlay TransportOption = "NoOverlay" + // TransportOptionGeneve indicates the network uses Geneve overlay + TransportOptionGeneve TransportOption = "Geneve" + + // SNATEnabled indicates outbound SNAT is enabled + SNATEnabled SNATOption = "Enabled" + // SNATDisabled indicates outbound SNAT is disabled + SNATDisabled SNATOption = "Disabled" + + // RoutingManaged indicates routing is managed by OVN-Kubernetes + RoutingManaged RoutingOption = "Managed" + // RoutingUnmanaged indicates routing is managed by users + RoutingUnmanaged RoutingOption = "Unmanaged" + + // BGPTopologyFullMesh indicates a full mesh BGP topology where every node peers directly with every other node + BGPTopologyFullMesh BGPTopology = "FullMesh" +) + +// NoOverlayConfig contains configuration options for networks operating in no-overlay mode. +type NoOverlayConfig struct { + // outboundSNAT defines the SNAT behavior for outbound traffic from pods. + // Allowed values are "Enabled" and "Disabled". + // When set to "Enabled", SNAT is performed on outbound traffic from pods. + // When set to "Disabled", SNAT is not performed and pod IPs are preserved in outbound traffic. + // This field is required when the network operates in no-overlay mode. + // This field can be set to any value at installation time and can be changed afterwards. + // +kubebuilder:validation:Enum=Enabled;Disabled + // +required + OutboundSNAT SNATOption `json:"outboundSNAT,omitempty"` + + // routing specifies whether the pod network routing is managed by OVN-Kubernetes or users. + // Allowed values are "Managed" and "Unmanaged". + // When set to "Managed", OVN-Kubernetes manages the pod network routing configuration through BGP. + // When set to "Unmanaged", users are responsible for configuring the pod network routing. + // This field is required when the network operates in no-overlay mode. + // This field is immutable once set. + // +kubebuilder:validation:Enum=Managed;Unmanaged + // +kubebuilder:validation:XValidation:rule="self == oldSelf",message="routing is immutable once set" + // +required + Routing RoutingOption `json:"routing,omitempty"` +} + +// BGPManagedConfig contains configuration options for BGP when routing is "Managed". +type BGPManagedConfig struct { + // asNumber is the 2-byte or 4-byte Autonomous System Number (ASN) + // to be used in the generated FRR configuration. + // Valid values are 1 to 4294967295. + // When omitted, this defaults to 64512. + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=4294967295 + // +default=64512 + // +optional + ASNumber int64 `json:"asNumber,omitempty"` + + // bgpTopology defines the BGP topology to be used. + // Allowed values are "FullMesh". + // When set to "FullMesh", every node peers directly with every other node via BGP. + // This field is required when BGPManagedConfig is specified. + // +kubebuilder:validation:Enum=FullMesh + // +required + BGPTopology BGPTopology `json:"bgpTopology,omitempty"` +} diff --git a/vendor/github.com/openshift/api/operator/v1/types_openshiftapiserver.go b/vendor/github.com/openshift/api/operator/v1/types_openshiftapiserver.go index a96e033cb7..c9d104ad2c 100644 --- a/vendor/github.com/openshift/api/operator/v1/types_openshiftapiserver.go +++ b/vendor/github.com/openshift/api/operator/v1/types_openshiftapiserver.go @@ -39,6 +39,11 @@ type OpenShiftAPIServerSpec struct { type OpenShiftAPIServerStatus struct { OperatorStatus `json:",inline"` + + // encryptionStatus contains status reports for the KMS plugin health and its key rotation. + // +optional + // +openshift:enable:FeatureGate=KMSEncryption + EncryptionStatus KMSEncryptionStatus `json:"encryptionStatus,omitempty,omitzero"` } // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.deepcopy.go b/vendor/github.com/openshift/api/operator/v1/zz_generated.deepcopy.go index 3bc6b81de4..0a6726b199 100644 --- a/vendor/github.com/openshift/api/operator/v1/zz_generated.deepcopy.go +++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.deepcopy.go @@ -338,7 +338,7 @@ func (in *AuthenticationSpec) DeepCopy() *AuthenticationSpec { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *AuthenticationStatus) DeepCopyInto(out *AuthenticationStatus) { *out = *in - out.OAuthAPIServer = in.OAuthAPIServer + in.OAuthAPIServer.DeepCopyInto(&out.OAuthAPIServer) in.OperatorStatus.DeepCopyInto(&out.OperatorStatus) return } @@ -390,6 +390,22 @@ func (in *AzureDiskEncryptionSet) DeepCopy() *AzureDiskEncryptionSet { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *BGPManagedConfig) DeepCopyInto(out *BGPManagedConfig) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BGPManagedConfig. +func (in *BGPManagedConfig) DeepCopy() *BGPManagedConfig { + if in == nil { + return nil + } + out := new(BGPManagedConfig) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *BootImageSkewEnforcementConfig) DeepCopyInto(out *BootImageSkewEnforcementConfig) { *out = *in @@ -453,6 +469,7 @@ func (in *CSIDriverConfigSpec) DeepCopyInto(out *CSIDriverConfigSpec) { *out = new(VSphereCSIDriverConfigSpec) (*in).DeepCopyInto(*out) } + in.SecretsStore.DeepCopyInto(&out.SecretsStore) return } @@ -1164,6 +1181,22 @@ func (in *ContainerLoggingDestinationParameters) DeepCopy() *ContainerLoggingDes return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CustomSecretRotation) DeepCopyInto(out *CustomSecretRotation) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CustomSecretRotation. +func (in *CustomSecretRotation) DeepCopy() *CustomSecretRotation { + if in == nil { + return nil + } + out := new(CustomSecretRotation) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *DNS) DeepCopyInto(out *DNS) { *out = *in @@ -2733,6 +2766,46 @@ func (in *IrreconcilableValidationOverrides) DeepCopy() *IrreconcilableValidatio return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *KMSEncryptionStatus) DeepCopyInto(out *KMSEncryptionStatus) { + *out = *in + if in.HealthReports != nil { + in, out := &in.HealthReports, &out.HealthReports + *out = make([]KMSPluginHealthReport, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KMSEncryptionStatus. +func (in *KMSEncryptionStatus) DeepCopy() *KMSEncryptionStatus { + if in == nil { + return nil + } + out := new(KMSEncryptionStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *KMSPluginHealthReport) DeepCopyInto(out *KMSPluginHealthReport) { + *out = *in + in.LastCheckedTime.DeepCopyInto(&out.LastCheckedTime) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KMSPluginHealthReport. +func (in *KMSPluginHealthReport) DeepCopy() *KMSPluginHealthReport { + if in == nil { + return nil + } + out := new(KMSPluginHealthReport) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *KubeAPIServer) DeepCopyInto(out *KubeAPIServer) { *out = *in @@ -2822,6 +2895,7 @@ func (in *KubeAPIServerStatus) DeepCopyInto(out *KubeAPIServerStatus) { (*in)[i].DeepCopyInto(&(*out)[i]) } } + in.EncryptionStatus.DeepCopyInto(&out.EncryptionStatus) return } @@ -3416,6 +3490,33 @@ func (in *ManagedBootImages) DeepCopy() *ManagedBootImages { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ManagedTokenRequests) DeepCopyInto(out *ManagedTokenRequests) { + *out = *in + if in.Audiences != nil { + in, out := &in.Audiences, &out.Audiences + *out = new([]SecretsStoreTokenRequest) + if **in != nil { + in, out := *in, *out + *out = make([]SecretsStoreTokenRequest, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ManagedTokenRequests. +func (in *ManagedTokenRequests) DeepCopy() *ManagedTokenRequests { + if in == nil { + return nil + } + out := new(ManagedTokenRequests) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *MyOperatorResource) DeepCopyInto(out *MyOperatorResource) { *out = *in @@ -3665,6 +3766,22 @@ func (in *NetworkStatus) DeepCopy() *NetworkStatus { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NoOverlayConfig) DeepCopyInto(out *NoOverlayConfig) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NoOverlayConfig. +func (in *NoOverlayConfig) DeepCopy() *NoOverlayConfig { + if in == nil { + return nil + } + out := new(NoOverlayConfig) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *NodeDisruptionPolicyClusterStatus) DeepCopyInto(out *NodeDisruptionPolicyClusterStatus) { *out = *in @@ -4006,6 +4123,7 @@ func (in *NodeStatus) DeepCopy() *NodeStatus { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *OAuthAPIServerStatus) DeepCopyInto(out *OAuthAPIServerStatus) { *out = *in + in.EncryptionStatus.DeepCopyInto(&out.EncryptionStatus) return } @@ -4158,6 +4276,8 @@ func (in *OVNKubernetesConfig) DeepCopyInto(out *OVNKubernetesConfig) { *out = new(IPv6OVNKubernetesConfig) **out = **in } + out.NoOverlayConfig = in.NoOverlayConfig + out.BGPManagedConfig = in.BGPManagedConfig return } @@ -4253,6 +4373,7 @@ func (in *OpenShiftAPIServerSpec) DeepCopy() *OpenShiftAPIServerSpec { func (in *OpenShiftAPIServerStatus) DeepCopyInto(out *OpenShiftAPIServerStatus) { *out = *in in.OperatorStatus.DeepCopyInto(&out.OperatorStatus) + in.EncryptionStatus.DeepCopyInto(&out.EncryptionStatus) return } @@ -4835,6 +4956,79 @@ func (in *SFlowConfig) DeepCopy() *SFlowConfig { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SecretsStoreCSIDriverConfigSpec) DeepCopyInto(out *SecretsStoreCSIDriverConfigSpec) { + *out = *in + out.SecretRotation = in.SecretRotation + in.TokenRequests.DeepCopyInto(&out.TokenRequests) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretsStoreCSIDriverConfigSpec. +func (in *SecretsStoreCSIDriverConfigSpec) DeepCopy() *SecretsStoreCSIDriverConfigSpec { + if in == nil { + return nil + } + out := new(SecretsStoreCSIDriverConfigSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SecretsStoreSecretRotation) DeepCopyInto(out *SecretsStoreSecretRotation) { + *out = *in + out.Custom = in.Custom + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretsStoreSecretRotation. +func (in *SecretsStoreSecretRotation) DeepCopy() *SecretsStoreSecretRotation { + if in == nil { + return nil + } + out := new(SecretsStoreSecretRotation) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SecretsStoreTokenRequest) DeepCopyInto(out *SecretsStoreTokenRequest) { + *out = *in + if in.Audience != nil { + in, out := &in.Audience, &out.Audience + *out = new(string) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretsStoreTokenRequest. +func (in *SecretsStoreTokenRequest) DeepCopy() *SecretsStoreTokenRequest { + if in == nil { + return nil + } + out := new(SecretsStoreTokenRequest) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SecretsStoreTokenRequests) DeepCopyInto(out *SecretsStoreTokenRequests) { + *out = *in + in.Managed.DeepCopyInto(&out.Managed) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretsStoreTokenRequests. +func (in *SecretsStoreTokenRequests) DeepCopy() *SecretsStoreTokenRequests { + if in == nil { + return nil + } + out := new(SecretsStoreTokenRequests) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *Server) DeepCopyInto(out *Server) { *out = *in diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/operator/v1/zz_generated.featuregated-crd-manifests.yaml index 1c552b0c0e..9edb02ec6e 100644 --- a/vendor/github.com/openshift/api/operator/v1/zz_generated.featuregated-crd-manifests.yaml +++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.featuregated-crd-manifests.yaml @@ -5,7 +5,8 @@ authentications.operator.openshift.io: CRDName: authentications.operator.openshift.io Capability: "" Category: "" - FeatureGates: [] + FeatureGates: + - KMSEncryption FilenameOperatorName: authentication FilenameOperatorOrdering: "01" FilenameRunLevel: "0000_50" @@ -69,6 +70,7 @@ clustercsidrivers.operator.openshift.io: Capability: "" Category: "" FeatureGates: + - AWSEuropeanSovereignCloudInstall - VSphereConfigurableMaxAllowedBlockVolumesPerNode FilenameOperatorName: csi-driver FilenameOperatorOrdering: "01" @@ -175,7 +177,9 @@ ingresscontrollers.operator.openshift.io: CRDName: ingresscontrollers.operator.openshift.io Capability: Ingress Category: "" - FeatureGates: [] + FeatureGates: + - IngressControllerDynamicConfigurationManager + - TLSGroupPreferences FilenameOperatorName: ingress FilenameOperatorOrdering: "00" FilenameRunLevel: "0000_50" @@ -219,6 +223,7 @@ kubeapiservers.operator.openshift.io: Category: coreoperators FeatureGates: - EventTTL + - KMSEncryption FilenameOperatorName: kube-apiserver FilenameOperatorOrdering: "01" FilenameRunLevel: "0000_20" @@ -326,7 +331,8 @@ networks.operator.openshift.io: CRDName: networks.operator.openshift.io Capability: "" Category: "" - FeatureGates: [] + FeatureGates: + - NoOverlayMode FilenameOperatorName: network FilenameOperatorOrdering: "01" FilenameRunLevel: "0000_70" @@ -372,7 +378,8 @@ openshiftapiservers.operator.openshift.io: CRDName: openshiftapiservers.operator.openshift.io Capability: "" Category: coreoperators - FeatureGates: [] + FeatureGates: + - KMSEncryption FilenameOperatorName: openshift-apiserver FilenameOperatorOrdering: "01" FilenameRunLevel: "0000_30" diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.model_name.go b/vendor/github.com/openshift/api/operator/v1/zz_generated.model_name.go new file mode 100644 index 0000000000..c6a047d2ce --- /dev/null +++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.model_name.go @@ -0,0 +1,1226 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Code generated by codegen. DO NOT EDIT. + +package v1 + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AWSCSIDriverConfigSpec) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.AWSCSIDriverConfigSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AWSClassicLoadBalancerParameters) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.AWSClassicLoadBalancerParameters" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AWSEFSVolumeMetrics) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.AWSEFSVolumeMetrics" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AWSEFSVolumeMetricsRecursiveWalkConfig) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.AWSEFSVolumeMetricsRecursiveWalkConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AWSLoadBalancerParameters) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.AWSLoadBalancerParameters" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AWSNetworkLoadBalancerParameters) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.AWSNetworkLoadBalancerParameters" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AWSSubnets) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.AWSSubnets" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AccessLogging) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.AccessLogging" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AddPage) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.AddPage" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AdditionalNetworkDefinition) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.AdditionalNetworkDefinition" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AdditionalRoutingCapabilities) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.AdditionalRoutingCapabilities" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in Authentication) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.Authentication" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AuthenticationList) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.AuthenticationList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AuthenticationSpec) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.AuthenticationSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AuthenticationStatus) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.AuthenticationStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AzureCSIDriverConfigSpec) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.AzureCSIDriverConfigSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AzureDiskEncryptionSet) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.AzureDiskEncryptionSet" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in BGPManagedConfig) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.BGPManagedConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in BootImageSkewEnforcementConfig) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.BootImageSkewEnforcementConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in BootImageSkewEnforcementStatus) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.BootImageSkewEnforcementStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in CSIDriverConfigSpec) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.CSIDriverConfigSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in CSISnapshotController) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.CSISnapshotController" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in CSISnapshotControllerList) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.CSISnapshotControllerList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in CSISnapshotControllerSpec) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.CSISnapshotControllerSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in CSISnapshotControllerStatus) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.CSISnapshotControllerStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in Capability) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.Capability" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in CapabilityVisibility) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.CapabilityVisibility" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ClientTLS) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.ClientTLS" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in CloudCredential) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.CloudCredential" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in CloudCredentialList) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.CloudCredentialList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in CloudCredentialSpec) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.CloudCredentialSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in CloudCredentialStatus) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.CloudCredentialStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ClusterBootImageAutomatic) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.ClusterBootImageAutomatic" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ClusterBootImageManual) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.ClusterBootImageManual" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ClusterCSIDriver) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.ClusterCSIDriver" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ClusterCSIDriverList) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.ClusterCSIDriverList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ClusterCSIDriverSpec) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.ClusterCSIDriverSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ClusterCSIDriverStatus) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.ClusterCSIDriverStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ClusterNetworkEntry) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.ClusterNetworkEntry" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in Config) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.Config" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ConfigList) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.ConfigList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ConfigMapFileReference) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.ConfigMapFileReference" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ConfigSpec) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.ConfigSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ConfigStatus) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.ConfigStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in Console) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.Console" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ConsoleConfigRoute) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.ConsoleConfigRoute" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ConsoleCustomization) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.ConsoleCustomization" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ConsoleList) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.ConsoleList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ConsoleProviders) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.ConsoleProviders" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ConsoleSpec) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.ConsoleSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ConsoleStatus) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.ConsoleStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ContainerLoggingDestinationParameters) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.ContainerLoggingDestinationParameters" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in CustomSecretRotation) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.CustomSecretRotation" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in DNS) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.DNS" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in DNSCache) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.DNSCache" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in DNSList) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.DNSList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in DNSNodePlacement) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.DNSNodePlacement" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in DNSOverTLSConfig) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.DNSOverTLSConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in DNSSpec) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.DNSSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in DNSStatus) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.DNSStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in DNSTransportConfig) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.DNSTransportConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in DefaultNetworkDefinition) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.DefaultNetworkDefinition" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in DeveloperConsoleCatalogCategory) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.DeveloperConsoleCatalogCategory" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in DeveloperConsoleCatalogCategoryMeta) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.DeveloperConsoleCatalogCategoryMeta" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in DeveloperConsoleCatalogCustomization) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.DeveloperConsoleCatalogCustomization" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in DeveloperConsoleCatalogTypes) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.DeveloperConsoleCatalogTypes" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in EgressIPConfig) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.EgressIPConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in EndpointPublishingStrategy) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.EndpointPublishingStrategy" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in Etcd) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.Etcd" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in EtcdList) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.EtcdList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in EtcdSpec) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.EtcdSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in EtcdStatus) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.EtcdStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ExportNetworkFlows) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.ExportNetworkFlows" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in FeaturesMigration) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.FeaturesMigration" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in FileReferenceSource) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.FileReferenceSource" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ForwardPlugin) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.ForwardPlugin" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in GCPCSIDriverConfigSpec) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.GCPCSIDriverConfigSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in GCPKMSKeyReference) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.GCPKMSKeyReference" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in GCPLoadBalancerParameters) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.GCPLoadBalancerParameters" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in GatewayConfig) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.GatewayConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in GatherStatus) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.GatherStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in GathererStatus) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.GathererStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in GenerationStatus) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.GenerationStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in HTTPCompressionPolicy) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.HTTPCompressionPolicy" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in HealthCheck) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.HealthCheck" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in HostNetworkStrategy) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.HostNetworkStrategy" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in HybridOverlayConfig) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.HybridOverlayConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in IBMCloudCSIDriverConfigSpec) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.IBMCloudCSIDriverConfigSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in IBMLoadBalancerParameters) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.IBMLoadBalancerParameters" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in IPAMConfig) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.IPAMConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in IPFIXConfig) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.IPFIXConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in IPsecConfig) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.IPsecConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in IPsecFullModeConfig) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.IPsecFullModeConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in IPv4GatewayConfig) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.IPv4GatewayConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in IPv4OVNKubernetesConfig) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.IPv4OVNKubernetesConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in IPv6GatewayConfig) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.IPv6GatewayConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in IPv6OVNKubernetesConfig) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.IPv6OVNKubernetesConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in Ingress) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.Ingress" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in IngressController) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.IngressController" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in IngressControllerCaptureHTTPCookie) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.IngressControllerCaptureHTTPCookie" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in IngressControllerCaptureHTTPCookieUnion) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.IngressControllerCaptureHTTPCookieUnion" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in IngressControllerCaptureHTTPHeader) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.IngressControllerCaptureHTTPHeader" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in IngressControllerCaptureHTTPHeaders) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.IngressControllerCaptureHTTPHeaders" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in IngressControllerHTTPHeader) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.IngressControllerHTTPHeader" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in IngressControllerHTTPHeaderActionUnion) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.IngressControllerHTTPHeaderActionUnion" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in IngressControllerHTTPHeaderActions) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.IngressControllerHTTPHeaderActions" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in IngressControllerHTTPHeaders) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.IngressControllerHTTPHeaders" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in IngressControllerHTTPUniqueIdHeaderPolicy) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.IngressControllerHTTPUniqueIdHeaderPolicy" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in IngressControllerList) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.IngressControllerList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in IngressControllerLogging) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.IngressControllerLogging" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in IngressControllerSetHTTPHeader) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.IngressControllerSetHTTPHeader" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in IngressControllerSpec) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.IngressControllerSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in IngressControllerStatus) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.IngressControllerStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in IngressControllerTuningOptions) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.IngressControllerTuningOptions" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in InsightsOperator) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.InsightsOperator" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in InsightsOperatorList) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.InsightsOperatorList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in InsightsOperatorSpec) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.InsightsOperatorSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in InsightsOperatorStatus) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.InsightsOperatorStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in InsightsReport) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.InsightsReport" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in IrreconcilableValidationOverrides) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.IrreconcilableValidationOverrides" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in KMSEncryptionStatus) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.KMSEncryptionStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in KMSPluginHealthReport) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.KMSPluginHealthReport" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in KubeAPIServer) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.KubeAPIServer" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in KubeAPIServerList) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.KubeAPIServerList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in KubeAPIServerSpec) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.KubeAPIServerSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in KubeAPIServerStatus) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.KubeAPIServerStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in KubeControllerManager) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.KubeControllerManager" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in KubeControllerManagerList) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.KubeControllerManagerList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in KubeControllerManagerSpec) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.KubeControllerManagerSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in KubeControllerManagerStatus) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.KubeControllerManagerStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in KubeScheduler) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.KubeScheduler" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in KubeSchedulerList) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.KubeSchedulerList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in KubeSchedulerSpec) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.KubeSchedulerSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in KubeSchedulerStatus) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.KubeSchedulerStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in KubeStorageVersionMigrator) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.KubeStorageVersionMigrator" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in KubeStorageVersionMigratorList) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.KubeStorageVersionMigratorList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in KubeStorageVersionMigratorSpec) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.KubeStorageVersionMigratorSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in KubeStorageVersionMigratorStatus) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.KubeStorageVersionMigratorStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in LoadBalancerStrategy) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.LoadBalancerStrategy" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in LoggingDestination) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.LoggingDestination" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in Logo) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.Logo" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MTUMigration) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.MTUMigration" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MTUMigrationValues) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.MTUMigrationValues" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MachineConfiguration) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.MachineConfiguration" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MachineConfigurationList) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.MachineConfigurationList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MachineConfigurationSpec) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.MachineConfigurationSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MachineConfigurationStatus) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.MachineConfigurationStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MachineManager) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.MachineManager" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MachineManagerSelector) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.MachineManagerSelector" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ManagedBootImages) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.ManagedBootImages" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ManagedTokenRequests) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.ManagedTokenRequests" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MyOperatorResource) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.MyOperatorResource" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MyOperatorResourceSpec) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.MyOperatorResourceSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in MyOperatorResourceStatus) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.MyOperatorResourceStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NetFlowConfig) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.NetFlowConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in Network) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.Network" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NetworkList) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.NetworkList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NetworkMigration) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.NetworkMigration" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NetworkSpec) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.NetworkSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NetworkStatus) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.NetworkStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NoOverlayConfig) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.NoOverlayConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NodeDisruptionPolicyClusterStatus) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.NodeDisruptionPolicyClusterStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NodeDisruptionPolicyConfig) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.NodeDisruptionPolicyConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NodeDisruptionPolicySpecAction) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.NodeDisruptionPolicySpecAction" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NodeDisruptionPolicySpecFile) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.NodeDisruptionPolicySpecFile" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NodeDisruptionPolicySpecSSHKey) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.NodeDisruptionPolicySpecSSHKey" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NodeDisruptionPolicySpecUnit) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.NodeDisruptionPolicySpecUnit" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NodeDisruptionPolicyStatus) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.NodeDisruptionPolicyStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NodeDisruptionPolicyStatusAction) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.NodeDisruptionPolicyStatusAction" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NodeDisruptionPolicyStatusFile) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.NodeDisruptionPolicyStatusFile" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NodeDisruptionPolicyStatusSSHKey) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.NodeDisruptionPolicyStatusSSHKey" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NodeDisruptionPolicyStatusUnit) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.NodeDisruptionPolicyStatusUnit" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NodePlacement) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.NodePlacement" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NodePortStrategy) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.NodePortStrategy" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NodeStatus) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.NodeStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OAuthAPIServerStatus) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.OAuthAPIServerStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OLM) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.OLM" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OLMList) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.OLMList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OLMSpec) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.OLMSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OLMStatus) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.OLMStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OVNKubernetesConfig) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.OVNKubernetesConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OpenShiftAPIServer) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.OpenShiftAPIServer" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OpenShiftAPIServerList) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.OpenShiftAPIServerList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OpenShiftAPIServerSpec) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.OpenShiftAPIServerSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OpenShiftAPIServerStatus) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.OpenShiftAPIServerStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OpenShiftControllerManager) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.OpenShiftControllerManager" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OpenShiftControllerManagerList) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.OpenShiftControllerManagerList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OpenShiftControllerManagerSpec) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.OpenShiftControllerManagerSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OpenShiftControllerManagerStatus) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.OpenShiftControllerManagerStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OpenShiftSDNConfig) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.OpenShiftSDNConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OpenStackLoadBalancerParameters) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.OpenStackLoadBalancerParameters" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OperatorCondition) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.OperatorCondition" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OperatorSpec) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.OperatorSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OperatorStatus) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.OperatorStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PartialSelector) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.PartialSelector" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in Perspective) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.Perspective" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PerspectiveVisibility) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.PerspectiveVisibility" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PinnedResourceReference) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.PinnedResourceReference" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PolicyAuditConfig) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.PolicyAuditConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PrivateStrategy) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.PrivateStrategy" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ProjectAccess) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.ProjectAccess" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ProviderLoadBalancerParameters) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.ProviderLoadBalancerParameters" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ProxyConfig) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.ProxyConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in QuickStarts) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.QuickStarts" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ReloadService) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.ReloadService" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ResourceAttributesAccessReview) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.ResourceAttributesAccessReview" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in RestartService) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.RestartService" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in RouteAdmissionPolicy) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.RouteAdmissionPolicy" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in SFlowConfig) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.SFlowConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in SecretsStoreCSIDriverConfigSpec) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.SecretsStoreCSIDriverConfigSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in SecretsStoreSecretRotation) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.SecretsStoreSecretRotation" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in SecretsStoreTokenRequest) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.SecretsStoreTokenRequest" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in SecretsStoreTokenRequests) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.SecretsStoreTokenRequests" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in Server) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.Server" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ServiceAccountIssuerStatus) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.ServiceAccountIssuerStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ServiceCA) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.ServiceCA" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ServiceCAList) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.ServiceCAList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ServiceCASpec) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.ServiceCASpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ServiceCAStatus) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.ServiceCAStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ServiceCatalogAPIServer) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.ServiceCatalogAPIServer" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ServiceCatalogAPIServerList) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.ServiceCatalogAPIServerList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ServiceCatalogAPIServerSpec) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.ServiceCatalogAPIServerSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ServiceCatalogAPIServerStatus) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.ServiceCatalogAPIServerStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ServiceCatalogControllerManager) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.ServiceCatalogControllerManager" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ServiceCatalogControllerManagerList) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.ServiceCatalogControllerManagerList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ServiceCatalogControllerManagerSpec) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.ServiceCatalogControllerManagerSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ServiceCatalogControllerManagerStatus) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.ServiceCatalogControllerManagerStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in SimpleMacvlanConfig) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.SimpleMacvlanConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in StaticIPAMAddresses) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.StaticIPAMAddresses" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in StaticIPAMConfig) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.StaticIPAMConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in StaticIPAMDNS) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.StaticIPAMDNS" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in StaticIPAMRoutes) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.StaticIPAMRoutes" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in StaticPodOperatorSpec) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.StaticPodOperatorSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in StaticPodOperatorStatus) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.StaticPodOperatorStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in StatuspageProvider) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.StatuspageProvider" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in Storage) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.Storage" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in StorageList) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.StorageList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in StorageSpec) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.StorageSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in StorageStatus) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.StorageStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in SyslogLoggingDestinationParameters) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.SyslogLoggingDestinationParameters" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in Theme) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.Theme" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in Upstream) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.Upstream" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in UpstreamResolvers) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.UpstreamResolvers" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in VSphereCSIDriverConfigSpec) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1.VSphereCSIDriverConfigSpec" +} diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go index 64aac26eb3..a79189ffc2 100644 --- a/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go @@ -137,6 +137,7 @@ func (AuthenticationStatus) SwaggerDoc() map[string]string { var map_OAuthAPIServerStatus = map[string]string{ "latestAvailableRevision": "latestAvailableRevision is the latest revision used as suffix of revisioned secrets like encryption-config. A new revision causes a new deployment of pods.", + "encryptionStatus": "encryptionStatus contains status reports for the KMS plugin health and its key rotation.", } func (OAuthAPIServerStatus) SwaggerDoc() map[string]string { @@ -466,7 +467,7 @@ func (Theme) SwaggerDoc() map[string]string { var map_AWSCSIDriverConfigSpec = map[string]string{ "": "AWSCSIDriverConfigSpec defines properties that can be configured for the AWS CSI driver.", - "kmsKeyARN": "kmsKeyARN sets the cluster default storage class to encrypt volumes with a user-defined KMS key, rather than the default KMS key used by AWS. The value may be either the ARN or Alias ARN of a KMS key.", + "kmsKeyARN": "kmsKeyARN sets the cluster default storage class to encrypt volumes with a user-defined KMS key, rather than the default KMS key used by AWS. The value may be either the ARN or Alias ARN of a KMS key.\n\nThe ARN must follow the format: arn::kms:::(key|alias)/, where: is the AWS partition (aws, aws-cn, aws-us-gov, aws-iso, aws-iso-b, aws-iso-e, aws-iso-f, or aws-eusc), is the AWS region, is a 12-digit numeric identifier for the AWS account, is the KMS key ID or alias name.", "efsVolumeMetrics": "efsVolumeMetrics sets the configuration for collecting metrics from EFS volumes used by the EFS CSI Driver.", } @@ -515,13 +516,14 @@ func (AzureDiskEncryptionSet) SwaggerDoc() map[string]string { } var map_CSIDriverConfigSpec = map[string]string{ - "": "CSIDriverConfigSpec defines configuration spec that can be used to optionally configure a specific CSI Driver.", - "driverType": "driverType indicates type of CSI driver for which the driverConfig is being applied to. Valid values are: AWS, Azure, GCP, IBMCloud, vSphere and omitted. Consumers should treat unknown values as a NO-OP.", - "aws": "aws is used to configure the AWS CSI driver.", - "azure": "azure is used to configure the Azure CSI driver.", - "gcp": "gcp is used to configure the GCP CSI driver.", - "ibmcloud": "ibmcloud is used to configure the IBM Cloud CSI driver.", - "vSphere": "vSphere is used to configure the vsphere CSI driver.", + "": "CSIDriverConfigSpec defines configuration spec that can be used to optionally configure a specific CSI Driver.", + "driverType": "driverType indicates type of CSI driver for which the driverConfig is being applied to. Valid values are: AWS, Azure, GCP, IBMCloud, vSphere, SecretsStore and omitted. Consumers should treat unknown values as a NO-OP.", + "aws": "aws is used to configure the AWS CSI driver.", + "azure": "azure is used to configure the Azure CSI driver.", + "gcp": "gcp is used to configure the GCP CSI driver.", + "ibmcloud": "ibmcloud is used to configure the IBM Cloud CSI driver.", + "vSphere": "vSphere is used to configure the vsphere CSI driver.", + "secretsStore": "secretsStore is used to configure the Secrets Store CSI driver.", } func (CSIDriverConfigSpec) SwaggerDoc() map[string]string { @@ -566,6 +568,15 @@ func (ClusterCSIDriverStatus) SwaggerDoc() map[string]string { return map_ClusterCSIDriverStatus } +var map_CustomSecretRotation = map[string]string{ + "": "CustomSecretRotation holds configuration for custom secret rotation behavior.", + "rotationPollIntervalSeconds": "rotationPollIntervalSeconds is the minimum time in seconds between secret rotation attempts. The driver skips provider calls if less than this interval has elapsed since the last successful rotation. Must be at least 1 second and no more than 31560000 seconds (~1 year). When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time.", +} + +func (CustomSecretRotation) SwaggerDoc() map[string]string { + return map_CustomSecretRotation +} + var map_GCPCSIDriverConfigSpec = map[string]string{ "": "GCPCSIDriverConfigSpec defines properties that can be configured for the GCP CSI driver.", "kmsKey": "kmsKey sets the cluster default storage class to encrypt volumes with customer-supplied encryption keys, rather than the default keys managed by GCP.", @@ -596,6 +607,55 @@ func (IBMCloudCSIDriverConfigSpec) SwaggerDoc() map[string]string { return map_IBMCloudCSIDriverConfigSpec } +var map_ManagedTokenRequests = map[string]string{ + "": "ManagedTokenRequests holds the configuration for operator-managed service account token requests.", + "audiences": "audiences specifies service account token audiences that kubelet will provide to the CSI driver during NodePublishVolume calls. These tokens enable workload identity federation (WIF) with cloud providers such as AWS, Azure, and GCP. When empty, the operator clears all tokenRequests from the CSIDriver object.", +} + +func (ManagedTokenRequests) SwaggerDoc() map[string]string { + return map_ManagedTokenRequests +} + +var map_SecretsStoreCSIDriverConfigSpec = map[string]string{ + "": "SecretsStoreCSIDriverConfigSpec defines properties that can be configured for the Secrets Store CSI driver.", + "secretRotation": "secretRotation controls automatic secret rotation behavior. When omitted, secret rotation is enabled with a default poll interval of 2 minutes.", + "tokenRequests": "tokenRequests controls service account token configuration for workload identity federation (WIF) with cloud providers. When omitted, the operator preserves any existing tokenRequests already configured on the CSIDriver object without modification.", +} + +func (SecretsStoreCSIDriverConfigSpec) SwaggerDoc() map[string]string { + return map_SecretsStoreCSIDriverConfigSpec +} + +var map_SecretsStoreSecretRotation = map[string]string{ + "": "SecretsStoreSecretRotation configures the automatic secret rotation behavior for the Secrets Store CSI driver.", + "type": "type determines the secret rotation behavior. When \"None\", secret rotation is disabled and secrets are only fetched at initial pod mount time. When \"Custom\", secret rotation is enabled with the configuration specified in the custom field.", + "custom": "custom holds the custom rotation configuration. Only valid when type is \"Custom\".", +} + +func (SecretsStoreSecretRotation) SwaggerDoc() map[string]string { + return map_SecretsStoreSecretRotation +} + +var map_SecretsStoreTokenRequest = map[string]string{ + "": "SecretsStoreTokenRequest specifies a service account token audience configuration for workload identity federation (WIF) with the Secrets Store CSI driver.", + "audience": "audience is the intended audience of the service account token. An empty string means the issued token will use the kube-apiserver's default APIAudiences.", + "expirationSeconds": "expirationSeconds is the requested duration of validity of the service account token. The token issuer may return a token with a different validity duration. When omitted, the token expiration is determined by the kube-apiserver. Must be at least 600 seconds (10 minutes) and no more than 315360000 seconds (~10 years).", +} + +func (SecretsStoreTokenRequest) SwaggerDoc() map[string]string { + return map_SecretsStoreTokenRequest +} + +var map_SecretsStoreTokenRequests = map[string]string{ + "": "SecretsStoreTokenRequests configures how service account tokens are provided to the Secrets Store CSI driver for workload identity federation.", + "type": "type determines how the operator manages tokenRequests on the CSIDriver object. When \"Unmanaged\", existing tokenRequests on the CSIDriver are preserved and the managed field is not used. When \"Managed\", the operator sets tokenRequests from the audiences specified in the managed field, replacing any previously configured values. Once set to \"Managed\", type cannot be reverted back to \"Unmanaged\".", + "managed": "managed holds configuration for operator-managed tokenRequests. Only valid when type is \"Managed\".", +} + +func (SecretsStoreTokenRequests) SwaggerDoc() map[string]string { + return map_SecretsStoreTokenRequests +} + var map_VSphereCSIDriverConfigSpec = map[string]string{ "": "VSphereCSIDriverConfigSpec defines properties that can be configured for vsphere CSI driver.", "topologyCategories": "topologyCategories indicates tag categories with which vcenter resources such as hostcluster or datacenter were tagged with. If cluster Infrastructure object has a topology, values specified in Infrastructure object will be used and modifications to topologyCategories will be rejected.", @@ -798,7 +858,7 @@ func (EtcdList) SwaggerDoc() map[string]string { var map_EtcdSpec = map[string]string{ "controlPlaneHardwareSpeed": "HardwareSpeed allows user to change the etcd tuning profile which configures the latency parameters for heartbeat interval and leader election timeouts allowing the cluster to tolerate longer round-trip-times between etcd members. Valid values are \"\", \"Standard\" and \"Slower\".\n\t\"\" means no opinion and the platform is left to choose a reasonable default\n\twhich is subject to change without notice.", - "backendQuotaGiB": "backendQuotaGiB sets the etcd backend storage size limit in gibibytes. The value should be an integer not less than 8 and not more than 32. When not specified, the default value is 8.", + "backendQuotaGiB": "backendQuotaGiB sets the etcd backend storage size limit in gibibytes. The value should be an integer not less than 8 and not more than 16. When not specified, the default value is 8.", } func (EtcdSpec) SwaggerDoc() map[string]string { @@ -830,6 +890,7 @@ var map_AWSNetworkLoadBalancerParameters = map[string]string{ "": "AWSNetworkLoadBalancerParameters holds configuration parameters for an AWS Network load balancer. For Example: Setting AWS EIPs https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html", "subnets": "subnets specifies the subnets to which the load balancer will attach. The subnets may be specified by either their ID or name. The total number of subnets is limited to 10.\n\nIn order for the load balancer to be provisioned with subnets, each subnet must exist, each subnet must be from a different availability zone, and the load balancer service must be recreated to pick up new values.\n\nWhen omitted from the spec, the subnets will be auto-discovered for each availability zone. Auto-discovered subnets are not reported in the status of the IngressController object.", "eipAllocations": "eipAllocations is a list of IDs for Elastic IP (EIP) addresses that are assigned to the Network Load Balancer. The following restrictions apply:\n\neipAllocations can only be used with external scope, not internal. An EIP can be allocated to only a single IngressController. The number of EIP allocations must match the number of subnets that are used for the load balancer. Each EIP allocation must be unique. A maximum of 10 EIP allocations are permitted.\n\nSee https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html for general information about configuration, characteristics, and limitations of Elastic IP addresses.", + "protocol": "protocol specifies whether the Network Load Balancer uses PROXY protocol to forward connections to the IngressController.\n\nWhen set to \"TCP\", the NLB uses AWS's native client IP preservation. This may cause hairpin connection failures for internal load balancers when connections are made from pods to router pods on the same node.\n\nWhen set to \"PROXY\", the NLB disables native client IP preservation and uses PROXY protocol v2. The IngressController enables PROXY protocol on HAProxy so that it can parse PROXY protocol headers to obtain the original client IP. This avoids hairpin connection failures.\n\nThe following values are valid for this field:\n\n* \"TCP\". * \"PROXY\".\n\nWhen omitted, this means the user has no opinion and the value is left to the platform to choose a reasonable default, which is subject to change over time. The current default is \"PROXY\".\n\nNote that changing this field may cause brief connection failures during the transition as the NLB attribute change and router rollout occur independently.", } func (AWSNetworkLoadBalancerParameters) SwaggerDoc() map[string]string { @@ -1121,6 +1182,7 @@ var map_IngressControllerTuningOptions = map[string]string{ "healthCheckInterval": "healthCheckInterval defines how long the router waits between two consecutive health checks on its configured backends. This value is applied globally as a default for all routes, but may be overridden per-route by the route annotation \"router.openshift.io/haproxy.health.check.interval\".\n\nExpects an unsigned duration string of decimal numbers, each with optional fraction and a unit suffix, eg \"300ms\", \"1.5h\" or \"2h45m\". Valid time units are \"ns\", \"us\" (or \"µs\" U+00B5 or \"μs\" U+03BC), \"ms\", \"s\", \"m\", \"h\".\n\nSetting this to less than 5s can cause excess traffic due to too frequent TCP health checks and accompanying SYN packet storms. Alternatively, setting this too high can result in increased latency, due to backend servers that are no longer available, but haven't yet been detected as such.\n\nAn empty or zero healthCheckInterval means no opinion and IngressController chooses a default, which is subject to change over time. Currently the default healthCheckInterval value is 5s.\n\nCurrently the minimum allowed value is 1s and the maximum allowed value is 2147483647ms (24.85 days). Both are subject to change over time.", "maxConnections": "maxConnections defines the maximum number of simultaneous connections that can be established per HAProxy process. Increasing this value allows each ingress controller pod to handle more connections but at the cost of additional system resources being consumed.\n\nPermitted values are: empty, 0, -1, and the range 2000-2000000.\n\nIf this field is empty or 0, the IngressController will use the default value of 50000, but the default is subject to change in future releases.\n\nIf the value is -1 then HAProxy will dynamically compute a maximum value based on the available ulimits in the running container. Selecting -1 (i.e., auto) will result in a large value being computed (~520000 on OpenShift >=4.10 clusters) and therefore each HAProxy process will incur significant memory usage compared to the current default of 50000.\n\nSetting a value that is greater than the current operating system limit will prevent the HAProxy process from starting.\n\nIf you choose a discrete value (e.g., 750000) and the router pod is migrated to a new node, there's no guarantee that that new node has identical ulimits configured. In such a scenario the pod would fail to start. If you have nodes with different ulimits configured (e.g., different tuned profiles) and you choose a discrete value then the guidance is to use -1 and let the value be computed dynamically at runtime.\n\nYou can monitor memory usage for router containers with the following metric: 'container_memory_working_set_bytes{container=\"router\",namespace=\"openshift-ingress\"}'.\n\nYou can monitor memory usage of individual HAProxy processes in router containers with the following metric: 'container_memory_working_set_bytes{container=\"router\",namespace=\"openshift-ingress\"}/container_processes{container=\"router\",namespace=\"openshift-ingress\"}'.", "reloadInterval": "reloadInterval defines the minimum interval at which the router is allowed to reload to accept new changes. Increasing this value can prevent the accumulation of HAProxy processes, depending on the scenario. Increasing this interval can also lessen load imbalance on a backend's servers when using the roundrobin balancing algorithm. Alternatively, decreasing this value may decrease latency since updates to HAProxy's configuration can take effect more quickly.\n\nThe value must be a time duration value; see . Currently, the minimum value allowed is 1s, and the maximum allowed value is 120s. Minimum and maximum allowed values may change in future versions of OpenShift. Note that if a duration outside of these bounds is provided, the value of reloadInterval will be capped/floored and not rejected (e.g. a duration of over 120s will be capped to 120s; the IngressController will not reject and replace this disallowed value with the default).\n\nA zero value for reloadInterval tells the IngressController to choose the default, which is currently 5s and subject to change without notice.\n\nThis field expects an unsigned duration string of decimal numbers, each with optional fraction and a unit suffix, e.g. \"300ms\", \"1.5h\" or \"2h45m\". Valid time units are \"ns\", \"us\" (or \"µs\" U+00B5 or \"μs\" U+03BC), \"ms\", \"s\", \"m\", \"h\".\n\nNote: Setting a value significantly larger than the default of 5s can cause latency in observing updates to routes and their endpoints. HAProxy's configuration will be reloaded less frequently, and newly created routes will not be served until the subsequent reload.", + "configurationManagement": "configurationManagement specifies how OpenShift router should update the HAProxy configuration. The following values are valid for this field:\n\n* \"ForkAndReload\". * \"Dynamic\".\n\nOmitting this field means that the user has no opinion and the platform may choose a reasonable default. This default is subject to change over time. The current default is \"ForkAndReload\".\n\n\"ForkAndReload\" means that OpenShift router should rewrite the HAProxy configuration file and instruct HAProxy to fork and reload. This is OpenShift router's traditional approach.\n\n\"Dynamic\" means that OpenShift router may use HAProxy's control socket for some configuration updates and fall back to fork and reload for other configuration updates. This is a newer approach, which may be less mature than ForkAndReload. This setting can improve load-balancing fairness and metrics accuracy and reduce CPU and memory usage if HAProxy has frequent configuration updates for route and endpoints updates.\n\nNote: The \"Dynamic\" option is currently experimental and should not be enabled on production clusters.", } func (IngressControllerTuningOptions) SwaggerDoc() map[string]string { @@ -1295,6 +1357,27 @@ func (InsightsReport) SwaggerDoc() map[string]string { return map_InsightsReport } +var map_KMSEncryptionStatus = map[string]string{ + "healthReports": "healthReports contains all KMS plugin health reports. When omitted, no health reports are available. Each entry must have a unique combination of nodeName and keyId.", +} + +func (KMSEncryptionStatus) SwaggerDoc() map[string]string { + return map_KMSEncryptionStatus +} + +var map_KMSPluginHealthReport = map[string]string{ + "nodeName": "nodeName is the name of the node this instance of the plugin runs on. The combination of nodeName and keyId makes this health report unique. The value must be a valid Kubernetes node name: a lowercase RFC 1123 subdomain consisting of lowercase alphanumeric characters, '-' or '.', starting and ending with an alphanumeric character, and be at most 253 characters in length.", + "keyId": "keyId is the encryption-key-secret id (kms-{keyId}.sock), a unique identifier of the plugin on that node. This is not a cryptographic key used to encrypt/decrypt any resources. The value must be between 1 and 512 characters.", + "status": "status contains a health indicator for the respective KMS plugin The field can have three states: healthy, unhealthy, error. With error and unhealthy containing additional information in Detail.", + "lastCheckedTime": "lastCheckedTime is a timestamp of when the probe was last checked.", + "kekId": "kekId refers to the remote KEK id from KMS v2 StatusResponse.key_id. This is not a cryptographic key, but a unique representation of the KEK. The value must be between 1 and 1024 characters.", + "detail": "detail contains additional error/health information for the respective KMS plugin. When omitted, no additional error or health information is provided. When set, the value must be between 1 and 1024 characters.", +} + +func (KMSPluginHealthReport) SwaggerDoc() map[string]string { + return map_KMSPluginHealthReport +} + var map_KubeAPIServer = map[string]string{ "": "KubeAPIServer provides information to configure an operator to manage kube-apiserver.\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", "metadata": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", @@ -1326,6 +1409,7 @@ func (KubeAPIServerSpec) SwaggerDoc() map[string]string { var map_KubeAPIServerStatus = map[string]string{ "serviceAccountIssuers": "serviceAccountIssuers tracks history of used service account issuers. The item without expiration time represents the currently used service account issuer. The other items represents service account issuers that were used previously and are still being trusted. The default expiration for the items is set by the platform and it defaults to 24h. see: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#service-account-token-volume-projection", + "encryptionStatus": "encryptionStatus contains status reports for the KMS plugin health and its key rotation.", } func (KubeAPIServerStatus) SwaggerDoc() map[string]string { @@ -1669,6 +1753,16 @@ func (AdditionalRoutingCapabilities) SwaggerDoc() map[string]string { return map_AdditionalRoutingCapabilities } +var map_BGPManagedConfig = map[string]string{ + "": "BGPManagedConfig contains configuration options for BGP when routing is \"Managed\".", + "asNumber": "asNumber is the 2-byte or 4-byte Autonomous System Number (ASN) to be used in the generated FRR configuration. Valid values are 1 to 4294967295. When omitted, this defaults to 64512.", + "bgpTopology": "bgpTopology defines the BGP topology to be used. Allowed values are \"FullMesh\". When set to \"FullMesh\", every node peers directly with every other node via BGP. This field is required when BGPManagedConfig is specified.", +} + +func (BGPManagedConfig) SwaggerDoc() map[string]string { + return map_BGPManagedConfig +} + var map_ClusterNetworkEntry = map[string]string{ "": "ClusterNetworkEntry is a subnet from which to allocate PodIPs. A network of size HostPrefix (in CIDR notation) will be allocated when nodes join the cluster. If the HostPrefix field is not used by the plugin, it can be left unset. Not all network providers support multiple ClusterNetworks", } @@ -1896,6 +1990,16 @@ func (NetworkStatus) SwaggerDoc() map[string]string { return map_NetworkStatus } +var map_NoOverlayConfig = map[string]string{ + "": "NoOverlayConfig contains configuration options for networks operating in no-overlay mode.", + "outboundSNAT": "outboundSNAT defines the SNAT behavior for outbound traffic from pods. Allowed values are \"Enabled\" and \"Disabled\". When set to \"Enabled\", SNAT is performed on outbound traffic from pods. When set to \"Disabled\", SNAT is not performed and pod IPs are preserved in outbound traffic. This field is required when the network operates in no-overlay mode. This field can be set to any value at installation time and can be changed afterwards.", + "routing": "routing specifies whether the pod network routing is managed by OVN-Kubernetes or users. Allowed values are \"Managed\" and \"Unmanaged\". When set to \"Managed\", OVN-Kubernetes manages the pod network routing configuration through BGP. When set to \"Unmanaged\", users are responsible for configuring the pod network routing. This field is required when the network operates in no-overlay mode. This field is immutable once set.", +} + +func (NoOverlayConfig) SwaggerDoc() map[string]string { + return map_NoOverlayConfig +} + var map_OVNKubernetesConfig = map[string]string{ "": "ovnKubernetesConfig contains the configuration parameters for networks using the ovn-kubernetes network project", "mtu": "mtu is the MTU to use for the tunnel interface. This must be 100 bytes smaller than the uplink mtu. Default is 1400", @@ -1910,6 +2014,9 @@ var map_OVNKubernetesConfig = map[string]string{ "ipv4": "ipv4 allows users to configure IP settings for IPv4 connections. When ommitted, this means no opinions and the default configuration is used. Check individual fields within ipv4 for details of default values.", "ipv6": "ipv6 allows users to configure IP settings for IPv6 connections. When ommitted, this means no opinions and the default configuration is used. Check individual fields within ipv4 for details of default values.", "routeAdvertisements": "routeAdvertisements determines if the functionality to advertise cluster network routes through a dynamic routing protocol, such as BGP, is enabled or not. This functionality is configured through the ovn-kubernetes RouteAdvertisements CRD. Requires the 'FRR' routing capability provider to be enabled as an additional routing capability. Allowed values are \"Enabled\", \"Disabled\" and ommited. When omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. The current default is \"Disabled\".", + "transport": "transport sets the transport mode for pods on the default network. Allowed values are \"NoOverlay\" and \"Geneve\". \"NoOverlay\" avoids tunnel encapsulation, routing pod traffic directly between nodes. \"Geneve\" encapsulates pod traffic using Geneve tunnels between nodes. When omitted, this means the user has no opinion and the platform chooses a reasonable default which is subject to change over time. The current default is \"Geneve\". \"NoOverlay\" can only be set at installation time and cannot be changed afterwards. \"Geneve\" may be set explicitly at any time to lock in the current default.", + "noOverlayConfig": "noOverlayConfig contains configuration for no-overlay mode. This configuration applies to the default network only. It is required when transport is \"NoOverlay\". When omitted, this means the user does not configure no-overlay mode options.", + "bgpManagedConfig": "bgpManagedConfig configures the BGP properties for networks (default network or CUDNs) in no-overlay mode that specify routing=\"Managed\" in their noOverlayConfig. It is required when noOverlayConfig.routing is set to \"Managed\". When omitted, this means the user does not configure BGP for managed routing. This field can be set at installation time or on day 2, and can be modified at any time.", } func (OVNKubernetesConfig) SwaggerDoc() map[string]string { @@ -2056,6 +2163,14 @@ func (OpenShiftAPIServerList) SwaggerDoc() map[string]string { return map_OpenShiftAPIServerList } +var map_OpenShiftAPIServerStatus = map[string]string{ + "encryptionStatus": "encryptionStatus contains status reports for the KMS plugin health and its key rotation.", +} + +func (OpenShiftAPIServerStatus) SwaggerDoc() map[string]string { + return map_OpenShiftAPIServerStatus +} + var map_OpenShiftControllerManager = map[string]string{ "": "OpenShiftControllerManager provides information to configure an operator to manage openshift-controller-manager.\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", "metadata": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", diff --git a/vendor/github.com/openshift/api/operator/v1alpha1/doc.go b/vendor/github.com/openshift/api/operator/v1alpha1/doc.go index 9d18719532..6a48bca3d9 100644 --- a/vendor/github.com/openshift/api/operator/v1alpha1/doc.go +++ b/vendor/github.com/openshift/api/operator/v1alpha1/doc.go @@ -1,6 +1,7 @@ // +k8s:deepcopy-gen=package,register // +k8s:defaulter-gen=TypeMeta // +k8s:openapi-gen=true +// +k8s:openapi-model-package=com.github.openshift.api.operator.v1alpha1 // +groupName=operator.openshift.io package v1alpha1 diff --git a/vendor/github.com/openshift/api/operator/v1alpha1/types_clusterapi.go b/vendor/github.com/openshift/api/operator/v1alpha1/types_clusterapi.go index 5816f93628..719893f8a5 100644 --- a/vendor/github.com/openshift/api/operator/v1alpha1/types_clusterapi.go +++ b/vendor/github.com/openshift/api/operator/v1alpha1/types_clusterapi.go @@ -20,6 +20,7 @@ import ( // Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. // +openshift:compatibility-gen:level=4 // +kubebuilder:validation:XValidation:rule="self.metadata.name == 'cluster'",message="clusterapi is a singleton, .metadata.name must be 'cluster'" +// +kubebuilder:validation:XValidation:rule="!has(oldSelf.status) || has(self.status)",message="status may not be removed once set" type ClusterAPI struct { metav1.TypeMeta `json:",inline"` @@ -78,6 +79,7 @@ type RevisionName string // ClusterAPIStatus describes the current state of the capi-operator. // +kubebuilder:validation:XValidation:rule="self.revisions.exists(r, r.name == self.desiredRevision && self.revisions.all(s, s.revision <= r.revision))",message="desiredRevision must be the name of the revision with the highest revision number" // +kubebuilder:validation:XValidation:rule="!has(self.currentRevision) || self.revisions.exists(r, r.name == self.currentRevision)",message="currentRevision must correspond to an entry in the revisions list" +// +kubebuilder:validation:XValidation:rule="!has(oldSelf.observedRevisionGeneration) || has(self.observedRevisionGeneration)",message="observedRevisionGeneration may not be unset once set" type ClusterAPIStatus struct { // currentRevision is the name of the most recently fully applied revision. // It is written by the installer controller. If it is absent, it indicates @@ -111,6 +113,15 @@ type ClusterAPIStatus struct { // +kubebuilder:validation:XValidation:rule="self.all(new, oldSelf.exists(old, old.name == new.name) || oldSelf.all(old, new.revision > old.revision))",message="new revisions must have a revision number greater than all existing revisions" // +kubebuilder:validation:XValidation:rule="oldSelf.all(old, !self.exists(new, new.name == old.name) || self.exists(new, new == old))",message="existing revisions are immutable, but may be removed" Revisions []ClusterAPIInstallerRevision `json:"revisions,omitempty"` + + // observedRevisionGeneration is the generation of the ClusterAPI object that was last observed by the revision controller. + // If specified it must be greater than or equal to 1, and less than 2^53. It may not decrease or be unset once set. + // + // +optional + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=9007199254740991 + // +kubebuilder:validation:XValidation:rule="self >= oldSelf",message="observedRevisionGeneration may not decrease" + ObservedRevisionGeneration int64 `json:"observedRevisionGeneration,omitempty"` } // +structType=atomic @@ -144,6 +155,17 @@ type ClusterAPIInstallerRevision struct { // +optional UnmanagedCustomResourceDefinitions []string `json:"unmanagedCustomResourceDefinitions,omitempty"` + // manifestSubstitutions is a list of envsubst style substitutions which + // will be applied to manifests in the revision during rendering. If + // defined it must not be empty, and may not contain more than 32 items. + // Each manifest substitution must have a unique key. + // +optional + // +listType=map + // +listMapKey=key + // +kubebuilder:validation:MinItems=1 + // +kubebuilder:validation:MaxItems=32 + ManifestSubstitutions []ClusterAPIInstallerRevisionManifestSubstitution `json:"manifestSubstitutions,omitempty"` + // components is a list of components which will be installed by this // revision. Components will be installed in the order they are listed. If // omitted no components will be installed. @@ -157,6 +179,29 @@ type ClusterAPIInstallerRevision struct { Components []ClusterAPIInstallerComponent `json:"components,omitempty"` } +// ClusterAPIInstallerRevisionManifestSubstitution defines an envsubst style +// substitution which will be applied to manifests in a revision during +// rendering. +type ClusterAPIInstallerRevisionManifestSubstitution struct { + // key is the name of the envsubst variable to substitute. It must be a + // valid envsubst variable name, consisting of letters, digits, and + // underscores, and must start with a letter or underscore. The key must + // not be empty, and must not exceed 255 characters. + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=255 + // +kubebuilder:validation:XValidation:rule="self.matches('^[A-Za-z_][A-Za-z0-9_]*$')",message="key must start with a letter or underscore, followed by letters, digits, or underscores" + Key string `json:"key,omitempty"` + + // value is the value to substitute for the envsubst variable. It may be + // empty, in which case the variable will be substituted with an empty + // string. The value must not exceed 4096 characters. + // +required + // +kubebuilder:validation:MinLength=0 + // +kubebuilder:validation:MaxLength=4096 + Value *string `json:"value,omitempty"` +} + // InstallerComponentType is the type of component to install. // +kubebuilder:validation:Enum=Image // +enum @@ -168,9 +213,24 @@ const ( ) // ClusterAPIInstallerComponent defines a component which will be installed by this revision. +type ClusterAPIInstallerComponent struct { + // name is the human-readable name of the component. The value has no + // effect, and will not be set if the component does not define a name in + // its manifests. If set it must consist of alphanumeric characters, or + // '-', and may not exceed 255 characters. + // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=255 + // +kubebuilder:validation:XValidation:rule="self.matches('^[A-Za-z0-9-]+$')",message="name must consist of alphanumeric characters or '-'" + Name string `json:"name,omitempty"` + + ClusterAPIInstallerComponentSource `json:",inline"` +} + +// ClusterAPIInstallerComponentSource defines the source of a component which will be installed by this revision. // +union // +kubebuilder:validation:XValidation:rule="self.type == 'Image' ? has(self.image) : !has(self.image)",message="image is required when type is Image, and forbidden otherwise" -type ClusterAPIInstallerComponent struct { +type ClusterAPIInstallerComponentSource struct { // type is the source type of the component. // The only valid value is Image. // When set to Image, the image field must be set and will define an image source for the component. diff --git a/vendor/github.com/openshift/api/operator/v1alpha1/zz_generated.deepcopy.go b/vendor/github.com/openshift/api/operator/v1alpha1/zz_generated.deepcopy.go index 1f3fd281e1..3c3dc8e7a5 100644 --- a/vendor/github.com/openshift/api/operator/v1alpha1/zz_generated.deepcopy.go +++ b/vendor/github.com/openshift/api/operator/v1alpha1/zz_generated.deepcopy.go @@ -61,7 +61,7 @@ func (in *ClusterAPI) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ClusterAPIInstallerComponent) DeepCopyInto(out *ClusterAPIInstallerComponent) { *out = *in - out.Image = in.Image + out.ClusterAPIInstallerComponentSource = in.ClusterAPIInstallerComponentSource return } @@ -91,6 +91,23 @@ func (in *ClusterAPIInstallerComponentImage) DeepCopy() *ClusterAPIInstallerComp return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ClusterAPIInstallerComponentSource) DeepCopyInto(out *ClusterAPIInstallerComponentSource) { + *out = *in + out.Image = in.Image + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterAPIInstallerComponentSource. +func (in *ClusterAPIInstallerComponentSource) DeepCopy() *ClusterAPIInstallerComponentSource { + if in == nil { + return nil + } + out := new(ClusterAPIInstallerComponentSource) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ClusterAPIInstallerRevision) DeepCopyInto(out *ClusterAPIInstallerRevision) { *out = *in @@ -99,6 +116,13 @@ func (in *ClusterAPIInstallerRevision) DeepCopyInto(out *ClusterAPIInstallerRevi *out = make([]string, len(*in)) copy(*out, *in) } + if in.ManifestSubstitutions != nil { + in, out := &in.ManifestSubstitutions, &out.ManifestSubstitutions + *out = make([]ClusterAPIInstallerRevisionManifestSubstitution, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } if in.Components != nil { in, out := &in.Components, &out.Components *out = make([]ClusterAPIInstallerComponent, len(*in)) @@ -117,6 +141,27 @@ func (in *ClusterAPIInstallerRevision) DeepCopy() *ClusterAPIInstallerRevision { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ClusterAPIInstallerRevisionManifestSubstitution) DeepCopyInto(out *ClusterAPIInstallerRevisionManifestSubstitution) { + *out = *in + if in.Value != nil { + in, out := &in.Value, &out.Value + *out = new(string) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterAPIInstallerRevisionManifestSubstitution. +func (in *ClusterAPIInstallerRevisionManifestSubstitution) DeepCopy() *ClusterAPIInstallerRevisionManifestSubstitution { + if in == nil { + return nil + } + out := new(ClusterAPIInstallerRevisionManifestSubstitution) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ClusterAPIList) DeepCopyInto(out *ClusterAPIList) { *out = *in diff --git a/vendor/github.com/openshift/api/operator/v1alpha1/zz_generated.model_name.go b/vendor/github.com/openshift/api/operator/v1alpha1/zz_generated.model_name.go new file mode 100644 index 0000000000..e3fe9897dd --- /dev/null +++ b/vendor/github.com/openshift/api/operator/v1alpha1/zz_generated.model_name.go @@ -0,0 +1,191 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Code generated by codegen. DO NOT EDIT. + +package v1alpha1 + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in BackupJobReference) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1alpha1.BackupJobReference" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ClusterAPI) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1alpha1.ClusterAPI" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ClusterAPIInstallerComponent) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1alpha1.ClusterAPIInstallerComponent" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ClusterAPIInstallerComponentImage) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1alpha1.ClusterAPIInstallerComponentImage" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ClusterAPIInstallerComponentSource) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1alpha1.ClusterAPIInstallerComponentSource" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ClusterAPIInstallerRevision) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1alpha1.ClusterAPIInstallerRevision" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ClusterAPIInstallerRevisionManifestSubstitution) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1alpha1.ClusterAPIInstallerRevisionManifestSubstitution" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ClusterAPIList) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1alpha1.ClusterAPIList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ClusterAPISpec) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1alpha1.ClusterAPISpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ClusterAPIStatus) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1alpha1.ClusterAPIStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ClusterVersionOperator) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1alpha1.ClusterVersionOperator" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ClusterVersionOperatorList) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1alpha1.ClusterVersionOperatorList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ClusterVersionOperatorSpec) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1alpha1.ClusterVersionOperatorSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ClusterVersionOperatorStatus) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1alpha1.ClusterVersionOperatorStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in DelegatedAuthentication) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1alpha1.DelegatedAuthentication" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in DelegatedAuthorization) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1alpha1.DelegatedAuthorization" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in EtcdBackup) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1alpha1.EtcdBackup" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in EtcdBackupList) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1alpha1.EtcdBackupList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in EtcdBackupSpec) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1alpha1.EtcdBackupSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in EtcdBackupStatus) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1alpha1.EtcdBackupStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in GenerationHistory) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1alpha1.GenerationHistory" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in GenericOperatorConfig) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1alpha1.GenericOperatorConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageContentSourcePolicy) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1alpha1.ImageContentSourcePolicy" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageContentSourcePolicyList) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1alpha1.ImageContentSourcePolicyList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ImageContentSourcePolicySpec) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1alpha1.ImageContentSourcePolicySpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in LoggingConfig) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1alpha1.LoggingConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in NodeStatus) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1alpha1.NodeStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OLM) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1alpha1.OLM" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OLMList) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1alpha1.OLMList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OLMSpec) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1alpha1.OLMSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OLMStatus) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1alpha1.OLMStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OperatorCondition) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1alpha1.OperatorCondition" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OperatorSpec) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1alpha1.OperatorSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OperatorStatus) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1alpha1.OperatorStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in RepositoryDigestMirrors) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1alpha1.RepositoryDigestMirrors" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in StaticPodOperatorStatus) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1alpha1.StaticPodOperatorStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in VersionAvailability) OpenAPIModelName() string { + return "com.github.openshift.api.operator.v1alpha1.VersionAvailability" +} diff --git a/vendor/github.com/openshift/api/operator/v1alpha1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/operator/v1alpha1/zz_generated.swagger_doc_generated.go index 92cef1421a..bf4117768d 100644 --- a/vendor/github.com/openshift/api/operator/v1alpha1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/operator/v1alpha1/zz_generated.swagger_doc_generated.go @@ -147,9 +147,8 @@ func (ClusterAPI) SwaggerDoc() map[string]string { } var map_ClusterAPIInstallerComponent = map[string]string{ - "": "ClusterAPIInstallerComponent defines a component which will be installed by this revision.", - "type": "type is the source type of the component. The only valid value is Image. When set to Image, the image field must be set and will define an image source for the component.", - "image": "image defines an image source for a component. The image must contain a /capi-operator-installer directory containing the component manifests.", + "": "ClusterAPIInstallerComponent defines a component which will be installed by this revision.", + "name": "name is the human-readable name of the component. The value has no effect, and will not be set if the component does not define a name in its manifests. If set it must consist of alphanumeric characters, or '-', and may not exceed 255 characters.", } func (ClusterAPIInstallerComponent) SwaggerDoc() map[string]string { @@ -166,11 +165,22 @@ func (ClusterAPIInstallerComponentImage) SwaggerDoc() map[string]string { return map_ClusterAPIInstallerComponentImage } +var map_ClusterAPIInstallerComponentSource = map[string]string{ + "": "ClusterAPIInstallerComponentSource defines the source of a component which will be installed by this revision.", + "type": "type is the source type of the component. The only valid value is Image. When set to Image, the image field must be set and will define an image source for the component.", + "image": "image defines an image source for a component. The image must contain a /capi-operator-installer directory containing the component manifests.", +} + +func (ClusterAPIInstallerComponentSource) SwaggerDoc() map[string]string { + return map_ClusterAPIInstallerComponentSource +} + var map_ClusterAPIInstallerRevision = map[string]string{ "name": "name is the name of a revision.", "revision": "revision is a monotonically increasing number that is assigned to a revision.", "contentID": "contentID uniquely identifies the content of this revision. The contentID must be between 1 and 255 characters long.", "unmanagedCustomResourceDefinitions": "unmanagedCustomResourceDefinitions is a list of the names of ClusterResourceDefinition (CRD) objects which are included in this revision, but which should not be installed or updated. If not set, all CRDs in the revision will be managed by the CAPI operator.", + "manifestSubstitutions": "manifestSubstitutions is a list of envsubst style substitutions which will be applied to manifests in the revision during rendering. If defined it must not be empty, and may not contain more than 32 items. Each manifest substitution must have a unique key.", "components": "components is a list of components which will be installed by this revision. Components will be installed in the order they are listed. If omitted no components will be installed.\n\nThe maximum number of components is 32.", } @@ -178,6 +188,16 @@ func (ClusterAPIInstallerRevision) SwaggerDoc() map[string]string { return map_ClusterAPIInstallerRevision } +var map_ClusterAPIInstallerRevisionManifestSubstitution = map[string]string{ + "": "ClusterAPIInstallerRevisionManifestSubstitution defines an envsubst style substitution which will be applied to manifests in a revision during rendering.", + "key": "key is the name of the envsubst variable to substitute. It must be a valid envsubst variable name, consisting of letters, digits, and underscores, and must start with a letter or underscore. The key must not be empty, and must not exceed 255 characters.", + "value": "value is the value to substitute for the envsubst variable. It may be empty, in which case the variable will be substituted with an empty string. The value must not exceed 4096 characters.", +} + +func (ClusterAPIInstallerRevisionManifestSubstitution) SwaggerDoc() map[string]string { + return map_ClusterAPIInstallerRevisionManifestSubstitution +} + var map_ClusterAPIList = map[string]string{ "": "ClusterAPIList contains a list of ClusterAPI configurations\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.", "metadata": "metadata is the standard list's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", @@ -198,10 +218,11 @@ func (ClusterAPISpec) SwaggerDoc() map[string]string { } var map_ClusterAPIStatus = map[string]string{ - "": "ClusterAPIStatus describes the current state of the capi-operator.", - "currentRevision": "currentRevision is the name of the most recently fully applied revision. It is written by the installer controller. If it is absent, it indicates that no revision has been fully applied yet. If set, currentRevision must correspond to an entry in the revisions list.", - "desiredRevision": "desiredRevision is the name of the desired revision. It is written by the revision controller. It must be set to the name of the entry in the revisions list with the highest revision number.", - "revisions": "revisions is a list of all currently active revisions. A revision is active until the installer controller updates currentRevision to a later revision. It is written by the revision controller.\n\nThe maximum number of revisions is 16. All revisions must have a unique name. All revisions must have a unique revision number. When adding a revision, the revision number must be greater than the highest revision number in the list. Revisions are immutable, although they can be deleted.", + "": "ClusterAPIStatus describes the current state of the capi-operator.", + "currentRevision": "currentRevision is the name of the most recently fully applied revision. It is written by the installer controller. If it is absent, it indicates that no revision has been fully applied yet. If set, currentRevision must correspond to an entry in the revisions list.", + "desiredRevision": "desiredRevision is the name of the desired revision. It is written by the revision controller. It must be set to the name of the entry in the revisions list with the highest revision number.", + "revisions": "revisions is a list of all currently active revisions. A revision is active until the installer controller updates currentRevision to a later revision. It is written by the revision controller.\n\nThe maximum number of revisions is 16. All revisions must have a unique name. All revisions must have a unique revision number. When adding a revision, the revision number must be greater than the highest revision number in the list. Revisions are immutable, although they can be deleted.", + "observedRevisionGeneration": "observedRevisionGeneration is the generation of the ClusterAPI object that was last observed by the revision controller. If specified it must be greater than or equal to 1, and less than 2^53. It may not decrease or be unset once set.", } func (ClusterAPIStatus) SwaggerDoc() map[string]string { diff --git a/vendor/github.com/openshift/api/operatorcontrolplane/v1alpha1/doc.go b/vendor/github.com/openshift/api/operatorcontrolplane/v1alpha1/doc.go index 73f55856a8..302abb3541 100644 --- a/vendor/github.com/openshift/api/operatorcontrolplane/v1alpha1/doc.go +++ b/vendor/github.com/openshift/api/operatorcontrolplane/v1alpha1/doc.go @@ -1,6 +1,7 @@ // +k8s:deepcopy-gen=package,register // +k8s:defaulter-gen=TypeMeta // +k8s:openapi-gen=true +// +k8s:openapi-model-package=com.github.openshift.api.operatorcontrolplane.v1alpha1 // +kubebuilder:validation:Optional // +groupName=controlplane.operator.openshift.io diff --git a/vendor/github.com/openshift/api/operatorcontrolplane/v1alpha1/zz_generated.model_name.go b/vendor/github.com/openshift/api/operatorcontrolplane/v1alpha1/zz_generated.model_name.go new file mode 100644 index 0000000000..87f0d3b3ce --- /dev/null +++ b/vendor/github.com/openshift/api/operatorcontrolplane/v1alpha1/zz_generated.model_name.go @@ -0,0 +1,41 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Code generated by codegen. DO NOT EDIT. + +package v1alpha1 + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in LogEntry) OpenAPIModelName() string { + return "com.github.openshift.api.operatorcontrolplane.v1alpha1.LogEntry" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OutageEntry) OpenAPIModelName() string { + return "com.github.openshift.api.operatorcontrolplane.v1alpha1.OutageEntry" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PodNetworkConnectivityCheck) OpenAPIModelName() string { + return "com.github.openshift.api.operatorcontrolplane.v1alpha1.PodNetworkConnectivityCheck" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PodNetworkConnectivityCheckCondition) OpenAPIModelName() string { + return "com.github.openshift.api.operatorcontrolplane.v1alpha1.PodNetworkConnectivityCheckCondition" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PodNetworkConnectivityCheckList) OpenAPIModelName() string { + return "com.github.openshift.api.operatorcontrolplane.v1alpha1.PodNetworkConnectivityCheckList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PodNetworkConnectivityCheckSpec) OpenAPIModelName() string { + return "com.github.openshift.api.operatorcontrolplane.v1alpha1.PodNetworkConnectivityCheckSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PodNetworkConnectivityCheckStatus) OpenAPIModelName() string { + return "com.github.openshift.api.operatorcontrolplane.v1alpha1.PodNetworkConnectivityCheckStatus" +} diff --git a/vendor/github.com/openshift/api/osin/v1/doc.go b/vendor/github.com/openshift/api/osin/v1/doc.go index b74dfc48ad..970c856a3b 100644 --- a/vendor/github.com/openshift/api/osin/v1/doc.go +++ b/vendor/github.com/openshift/api/osin/v1/doc.go @@ -1,6 +1,7 @@ // +k8s:deepcopy-gen=package,register // +k8s:defaulter-gen=TypeMeta // +k8s:openapi-gen=true +// +k8s:openapi-model-package=com.github.openshift.api.osin.v1 // +groupName=osin.config.openshift.io // Package v1 is the v1 version of the API. diff --git a/vendor/github.com/openshift/api/osin/v1/zz_generated.model_name.go b/vendor/github.com/openshift/api/osin/v1/zz_generated.model_name.go new file mode 100644 index 0000000000..1ac7911e26 --- /dev/null +++ b/vendor/github.com/openshift/api/osin/v1/zz_generated.model_name.go @@ -0,0 +1,121 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Code generated by codegen. DO NOT EDIT. + +package v1 + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AllowAllPasswordIdentityProvider) OpenAPIModelName() string { + return "com.github.openshift.api.osin.v1.AllowAllPasswordIdentityProvider" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in BasicAuthPasswordIdentityProvider) OpenAPIModelName() string { + return "com.github.openshift.api.osin.v1.BasicAuthPasswordIdentityProvider" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in DenyAllPasswordIdentityProvider) OpenAPIModelName() string { + return "com.github.openshift.api.osin.v1.DenyAllPasswordIdentityProvider" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in GitHubIdentityProvider) OpenAPIModelName() string { + return "com.github.openshift.api.osin.v1.GitHubIdentityProvider" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in GitLabIdentityProvider) OpenAPIModelName() string { + return "com.github.openshift.api.osin.v1.GitLabIdentityProvider" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in GoogleIdentityProvider) OpenAPIModelName() string { + return "com.github.openshift.api.osin.v1.GoogleIdentityProvider" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in GrantConfig) OpenAPIModelName() string { + return "com.github.openshift.api.osin.v1.GrantConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in HTPasswdPasswordIdentityProvider) OpenAPIModelName() string { + return "com.github.openshift.api.osin.v1.HTPasswdPasswordIdentityProvider" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in IdentityProvider) OpenAPIModelName() string { + return "com.github.openshift.api.osin.v1.IdentityProvider" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in KeystonePasswordIdentityProvider) OpenAPIModelName() string { + return "com.github.openshift.api.osin.v1.KeystonePasswordIdentityProvider" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in LDAPAttributeMapping) OpenAPIModelName() string { + return "com.github.openshift.api.osin.v1.LDAPAttributeMapping" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in LDAPPasswordIdentityProvider) OpenAPIModelName() string { + return "com.github.openshift.api.osin.v1.LDAPPasswordIdentityProvider" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OAuthConfig) OpenAPIModelName() string { + return "com.github.openshift.api.osin.v1.OAuthConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OAuthTemplates) OpenAPIModelName() string { + return "com.github.openshift.api.osin.v1.OAuthTemplates" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OpenIDClaims) OpenAPIModelName() string { + return "com.github.openshift.api.osin.v1.OpenIDClaims" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OpenIDIdentityProvider) OpenAPIModelName() string { + return "com.github.openshift.api.osin.v1.OpenIDIdentityProvider" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OpenIDURLs) OpenAPIModelName() string { + return "com.github.openshift.api.osin.v1.OpenIDURLs" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OsinServerConfig) OpenAPIModelName() string { + return "com.github.openshift.api.osin.v1.OsinServerConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in RequestHeaderIdentityProvider) OpenAPIModelName() string { + return "com.github.openshift.api.osin.v1.RequestHeaderIdentityProvider" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in SessionConfig) OpenAPIModelName() string { + return "com.github.openshift.api.osin.v1.SessionConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in SessionSecret) OpenAPIModelName() string { + return "com.github.openshift.api.osin.v1.SessionSecret" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in SessionSecrets) OpenAPIModelName() string { + return "com.github.openshift.api.osin.v1.SessionSecrets" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in TokenConfig) OpenAPIModelName() string { + return "com.github.openshift.api.osin.v1.TokenConfig" +} diff --git a/vendor/github.com/openshift/api/project/v1/doc.go b/vendor/github.com/openshift/api/project/v1/doc.go index 5bbd9d5ea7..28e4a99850 100644 --- a/vendor/github.com/openshift/api/project/v1/doc.go +++ b/vendor/github.com/openshift/api/project/v1/doc.go @@ -2,6 +2,7 @@ // +k8s:conversion-gen=github.com/openshift/origin/pkg/project/apis/project // +k8s:defaulter-gen=TypeMeta // +k8s:openapi-gen=true +// +k8s:openapi-model-package=com.github.openshift.api.project.v1 // +groupName=project.openshift.io // Package v1 is the v1 version of the API. diff --git a/vendor/github.com/openshift/api/project/v1/zz_generated.model_name.go b/vendor/github.com/openshift/api/project/v1/zz_generated.model_name.go new file mode 100644 index 0000000000..0500036aea --- /dev/null +++ b/vendor/github.com/openshift/api/project/v1/zz_generated.model_name.go @@ -0,0 +1,31 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Code generated by codegen. DO NOT EDIT. + +package v1 + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in Project) OpenAPIModelName() string { + return "com.github.openshift.api.project.v1.Project" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ProjectList) OpenAPIModelName() string { + return "com.github.openshift.api.project.v1.ProjectList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ProjectRequest) OpenAPIModelName() string { + return "com.github.openshift.api.project.v1.ProjectRequest" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ProjectSpec) OpenAPIModelName() string { + return "com.github.openshift.api.project.v1.ProjectSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ProjectStatus) OpenAPIModelName() string { + return "com.github.openshift.api.project.v1.ProjectStatus" +} diff --git a/vendor/github.com/openshift/api/quota/v1/doc.go b/vendor/github.com/openshift/api/quota/v1/doc.go index ae5c9c2c76..6808c1a243 100644 --- a/vendor/github.com/openshift/api/quota/v1/doc.go +++ b/vendor/github.com/openshift/api/quota/v1/doc.go @@ -2,6 +2,7 @@ // +k8s:conversion-gen=github.com/openshift/origin/pkg/quota/apis/quota // +k8s:defaulter-gen=TypeMeta // +k8s:openapi-gen=true +// +k8s:openapi-model-package=com.github.openshift.api.quota.v1 // +groupName=quota.openshift.io // Package v1 is the v1 version of the API. diff --git a/vendor/github.com/openshift/api/quota/v1/generated.proto b/vendor/github.com/openshift/api/quota/v1/generated.proto index fb7fed242a..998c594732 100644 --- a/vendor/github.com/openshift/api/quota/v1/generated.proto +++ b/vendor/github.com/openshift/api/quota/v1/generated.proto @@ -51,7 +51,7 @@ message AppliedClusterResourceQuotaList { // +kubebuilder:resource:path=clusterresourcequotas,scope=Cluster // +kubebuilder:subresource:status // +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/470 -// +openshift:file-pattern=cvoRunLevel=0000_03,operatorName=config-operator,operatorOrdering=01 +// +openshift:file-pattern=cvoRunLevel=0000_00,operatorName=apiserver,operatorOrdering=01 // +openshift:compatibility-gen:level=1 // +kubebuilder:metadata:annotations=release.openshift.io/bootstrap-required=true message ClusterResourceQuota { diff --git a/vendor/github.com/openshift/api/quota/v1/types.go b/vendor/github.com/openshift/api/quota/v1/types.go index 0cfb85f87e..9f60962146 100644 --- a/vendor/github.com/openshift/api/quota/v1/types.go +++ b/vendor/github.com/openshift/api/quota/v1/types.go @@ -17,7 +17,7 @@ import ( // +kubebuilder:resource:path=clusterresourcequotas,scope=Cluster // +kubebuilder:subresource:status // +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/470 -// +openshift:file-pattern=cvoRunLevel=0000_03,operatorName=config-operator,operatorOrdering=01 +// +openshift:file-pattern=cvoRunLevel=0000_00,operatorName=apiserver,operatorOrdering=01 // +openshift:compatibility-gen:level=1 // +kubebuilder:metadata:annotations=release.openshift.io/bootstrap-required=true type ClusterResourceQuota struct { diff --git a/vendor/github.com/openshift/api/quota/v1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/quota/v1/zz_generated.featuregated-crd-manifests.yaml index b0fae46f7d..1a56a512d7 100644 --- a/vendor/github.com/openshift/api/quota/v1/zz_generated.featuregated-crd-manifests.yaml +++ b/vendor/github.com/openshift/api/quota/v1/zz_generated.featuregated-crd-manifests.yaml @@ -6,9 +6,9 @@ clusterresourcequotas.quota.openshift.io: Capability: "" Category: "" FeatureGates: [] - FilenameOperatorName: config-operator + FilenameOperatorName: apiserver FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_03" + FilenameRunLevel: "0000_00" GroupName: quota.openshift.io HasStatus: true KindName: ClusterResourceQuota diff --git a/vendor/github.com/openshift/api/quota/v1/zz_generated.model_name.go b/vendor/github.com/openshift/api/quota/v1/zz_generated.model_name.go new file mode 100644 index 0000000000..537360b604 --- /dev/null +++ b/vendor/github.com/openshift/api/quota/v1/zz_generated.model_name.go @@ -0,0 +1,46 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Code generated by codegen. DO NOT EDIT. + +package v1 + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AppliedClusterResourceQuota) OpenAPIModelName() string { + return "com.github.openshift.api.quota.v1.AppliedClusterResourceQuota" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AppliedClusterResourceQuotaList) OpenAPIModelName() string { + return "com.github.openshift.api.quota.v1.AppliedClusterResourceQuotaList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ClusterResourceQuota) OpenAPIModelName() string { + return "com.github.openshift.api.quota.v1.ClusterResourceQuota" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ClusterResourceQuotaList) OpenAPIModelName() string { + return "com.github.openshift.api.quota.v1.ClusterResourceQuotaList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ClusterResourceQuotaSelector) OpenAPIModelName() string { + return "com.github.openshift.api.quota.v1.ClusterResourceQuotaSelector" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ClusterResourceQuotaSpec) OpenAPIModelName() string { + return "com.github.openshift.api.quota.v1.ClusterResourceQuotaSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ClusterResourceQuotaStatus) OpenAPIModelName() string { + return "com.github.openshift.api.quota.v1.ClusterResourceQuotaStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ResourceQuotaStatusByNamespace) OpenAPIModelName() string { + return "com.github.openshift.api.quota.v1.ResourceQuotaStatusByNamespace" +} diff --git a/vendor/github.com/openshift/api/route/v1/doc.go b/vendor/github.com/openshift/api/route/v1/doc.go index e56fbbd8d1..1fb4d95d42 100644 --- a/vendor/github.com/openshift/api/route/v1/doc.go +++ b/vendor/github.com/openshift/api/route/v1/doc.go @@ -2,6 +2,7 @@ // +k8s:conversion-gen=github.com/openshift/origin/pkg/route/apis/route // +k8s:defaulter-gen=TypeMeta // +k8s:openapi-gen=true +// +k8s:openapi-model-package=com.github.openshift.api.route.v1 // +groupName=route.openshift.io // Package v1 is the v1 version of the API. diff --git a/vendor/github.com/openshift/api/route/v1/zz_generated.model_name.go b/vendor/github.com/openshift/api/route/v1/zz_generated.model_name.go new file mode 100644 index 0000000000..cbdd33762f --- /dev/null +++ b/vendor/github.com/openshift/api/route/v1/zz_generated.model_name.go @@ -0,0 +1,86 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Code generated by codegen. DO NOT EDIT. + +package v1 + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in LocalObjectReference) OpenAPIModelName() string { + return "com.github.openshift.api.route.v1.LocalObjectReference" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in Route) OpenAPIModelName() string { + return "com.github.openshift.api.route.v1.Route" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in RouteHTTPHeader) OpenAPIModelName() string { + return "com.github.openshift.api.route.v1.RouteHTTPHeader" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in RouteHTTPHeaderActionUnion) OpenAPIModelName() string { + return "com.github.openshift.api.route.v1.RouteHTTPHeaderActionUnion" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in RouteHTTPHeaderActions) OpenAPIModelName() string { + return "com.github.openshift.api.route.v1.RouteHTTPHeaderActions" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in RouteHTTPHeaders) OpenAPIModelName() string { + return "com.github.openshift.api.route.v1.RouteHTTPHeaders" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in RouteIngress) OpenAPIModelName() string { + return "com.github.openshift.api.route.v1.RouteIngress" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in RouteIngressCondition) OpenAPIModelName() string { + return "com.github.openshift.api.route.v1.RouteIngressCondition" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in RouteList) OpenAPIModelName() string { + return "com.github.openshift.api.route.v1.RouteList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in RoutePort) OpenAPIModelName() string { + return "com.github.openshift.api.route.v1.RoutePort" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in RouteSetHTTPHeader) OpenAPIModelName() string { + return "com.github.openshift.api.route.v1.RouteSetHTTPHeader" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in RouteSpec) OpenAPIModelName() string { + return "com.github.openshift.api.route.v1.RouteSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in RouteStatus) OpenAPIModelName() string { + return "com.github.openshift.api.route.v1.RouteStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in RouteTargetReference) OpenAPIModelName() string { + return "com.github.openshift.api.route.v1.RouteTargetReference" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in RouterShard) OpenAPIModelName() string { + return "com.github.openshift.api.route.v1.RouterShard" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in TLSConfig) OpenAPIModelName() string { + return "com.github.openshift.api.route.v1.TLSConfig" +} diff --git a/vendor/github.com/openshift/api/samples/v1/doc.go b/vendor/github.com/openshift/api/samples/v1/doc.go index d63c96b778..3e392e7f65 100644 --- a/vendor/github.com/openshift/api/samples/v1/doc.go +++ b/vendor/github.com/openshift/api/samples/v1/doc.go @@ -1,6 +1,7 @@ // +k8s:deepcopy-gen=package,register // +k8s:defaulter-gen=TypeMeta // +k8s:openapi-gen=true +// +k8s:openapi-model-package=com.github.openshift.api.samples.v1 // +groupName=samples.operator.openshift.io // Package v1 ist he v1 version of the API. diff --git a/vendor/github.com/openshift/api/samples/v1/zz_generated.model_name.go b/vendor/github.com/openshift/api/samples/v1/zz_generated.model_name.go new file mode 100644 index 0000000000..bf37632ab9 --- /dev/null +++ b/vendor/github.com/openshift/api/samples/v1/zz_generated.model_name.go @@ -0,0 +1,31 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Code generated by codegen. DO NOT EDIT. + +package v1 + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in Config) OpenAPIModelName() string { + return "com.github.openshift.api.samples.v1.Config" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ConfigCondition) OpenAPIModelName() string { + return "com.github.openshift.api.samples.v1.ConfigCondition" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ConfigList) OpenAPIModelName() string { + return "com.github.openshift.api.samples.v1.ConfigList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ConfigSpec) OpenAPIModelName() string { + return "com.github.openshift.api.samples.v1.ConfigSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ConfigStatus) OpenAPIModelName() string { + return "com.github.openshift.api.samples.v1.ConfigStatus" +} diff --git a/vendor/github.com/openshift/api/security/v1/doc.go b/vendor/github.com/openshift/api/security/v1/doc.go index 44fe37eb2d..4379db030e 100644 --- a/vendor/github.com/openshift/api/security/v1/doc.go +++ b/vendor/github.com/openshift/api/security/v1/doc.go @@ -2,6 +2,7 @@ // +k8s:conversion-gen=github.com/openshift/origin/pkg/security/apis/security // +k8s:defaulter-gen=TypeMeta // +k8s:openapi-gen=true +// +k8s:openapi-model-package=com.github.openshift.api.security.v1 // +groupName=security.openshift.io // Package v1 is the v1 version of the API. diff --git a/vendor/github.com/openshift/api/security/v1/generated.proto b/vendor/github.com/openshift/api/security/v1/generated.proto index 933de5450e..bb8a37fc0f 100644 --- a/vendor/github.com/openshift/api/security/v1/generated.proto +++ b/vendor/github.com/openshift/api/security/v1/generated.proto @@ -246,7 +246,7 @@ message SecurityContextConstraints { optional bool allowPrivilegedContainer = 3; // defaultAddCapabilities is the default set of capabilities that will be added to the container - // unless the pod spec specifically drops the capability. You may not list a capabiility in both + // unless the pod spec specifically drops the capability. You may not list a capability in both // DefaultAddCapabilities and RequiredDropCapabilities. // +nullable // +listType=atomic @@ -302,7 +302,6 @@ message SecurityContextConstraints { // When "AllowHostLevel" is set, a pod author may set `hostUsers` to either `true` or `false`. // When "RequirePodLevel" is set, a pod author must set `hostUsers` to `false`. // When omitted, the default value is "AllowHostLevel". - // +openshift:enable:FeatureGate=UserNamespacesPodSecurityStandards // +kubebuilder:validation:Enum="AllowHostLevel";"RequirePodLevel" // +kubebuilder:default:="AllowHostLevel" // +default="AllowHostLevel" @@ -358,7 +357,7 @@ message SecurityContextConstraints { // seccompProfiles lists the allowed profiles that may be set for the pod or // container's seccomp annotations. An unset (nil) or empty value means that no profiles may - // be specifid by the pod or container. The wildcard '*' may be used to allow all profiles. When + // be specified by the pod or container. The wildcard '*' may be used to allow all profiles. When // used to generate a value for a pod the first non-wildcard profile will be used as // the default. // +nullable diff --git a/vendor/github.com/openshift/api/security/v1/types.go b/vendor/github.com/openshift/api/security/v1/types.go index fb491480d7..8972b0dd68 100644 --- a/vendor/github.com/openshift/api/security/v1/types.go +++ b/vendor/github.com/openshift/api/security/v1/types.go @@ -57,7 +57,7 @@ type SecurityContextConstraints struct { // allowPrivilegedContainer determines if a container can request to be run as privileged. AllowPrivilegedContainer bool `json:"allowPrivilegedContainer" protobuf:"varint,3,opt,name=allowPrivilegedContainer"` // defaultAddCapabilities is the default set of capabilities that will be added to the container - // unless the pod spec specifically drops the capability. You may not list a capabiility in both + // unless the pod spec specifically drops the capability. You may not list a capability in both // DefaultAddCapabilities and RequiredDropCapabilities. // +nullable // +listType=atomic @@ -103,7 +103,6 @@ type SecurityContextConstraints struct { // When "AllowHostLevel" is set, a pod author may set `hostUsers` to either `true` or `false`. // When "RequirePodLevel" is set, a pod author must set `hostUsers` to `false`. // When omitted, the default value is "AllowHostLevel". - // +openshift:enable:FeatureGate=UserNamespacesPodSecurityStandards // +kubebuilder:validation:Enum="AllowHostLevel";"RequirePodLevel" // +kubebuilder:default:="AllowHostLevel" // +default="AllowHostLevel" @@ -151,7 +150,7 @@ type SecurityContextConstraints struct { // seccompProfiles lists the allowed profiles that may be set for the pod or // container's seccomp annotations. An unset (nil) or empty value means that no profiles may - // be specifid by the pod or container. The wildcard '*' may be used to allow all profiles. When + // be specified by the pod or container. The wildcard '*' may be used to allow all profiles. When // used to generate a value for a pod the first non-wildcard profile will be used as // the default. // +nullable @@ -217,6 +216,7 @@ var ( FSTypeCSI FSType = "csi" FSTypeEphemeral FSType = "ephemeral" FSTypeImage FSType = "image" + FSTypeServiceAccountToken FSType = "serviceAccountToken" FSTypeAll FSType = "*" FSTypeNone FSType = "none" ) diff --git a/vendor/github.com/openshift/api/security/v1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/security/v1/zz_generated.featuregated-crd-manifests.yaml index 178c970780..86f78058a2 100644 --- a/vendor/github.com/openshift/api/security/v1/zz_generated.featuregated-crd-manifests.yaml +++ b/vendor/github.com/openshift/api/security/v1/zz_generated.featuregated-crd-manifests.yaml @@ -5,8 +5,7 @@ securitycontextconstraints.security.openshift.io: CRDName: securitycontextconstraints.security.openshift.io Capability: "" Category: "" - FeatureGates: - - UserNamespacesPodSecurityStandards + FeatureGates: [] FilenameOperatorName: config-operator FilenameOperatorOrdering: "01" FilenameRunLevel: "0000_03" diff --git a/vendor/github.com/openshift/api/security/v1/zz_generated.model_name.go b/vendor/github.com/openshift/api/security/v1/zz_generated.model_name.go new file mode 100644 index 0000000000..74df1ce104 --- /dev/null +++ b/vendor/github.com/openshift/api/security/v1/zz_generated.model_name.go @@ -0,0 +1,101 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Code generated by codegen. DO NOT EDIT. + +package v1 + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in AllowedFlexVolume) OpenAPIModelName() string { + return "com.github.openshift.api.security.v1.AllowedFlexVolume" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in FSGroupStrategyOptions) OpenAPIModelName() string { + return "com.github.openshift.api.security.v1.FSGroupStrategyOptions" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in IDRange) OpenAPIModelName() string { + return "com.github.openshift.api.security.v1.IDRange" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PodSecurityPolicyReview) OpenAPIModelName() string { + return "com.github.openshift.api.security.v1.PodSecurityPolicyReview" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PodSecurityPolicyReviewSpec) OpenAPIModelName() string { + return "com.github.openshift.api.security.v1.PodSecurityPolicyReviewSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PodSecurityPolicyReviewStatus) OpenAPIModelName() string { + return "com.github.openshift.api.security.v1.PodSecurityPolicyReviewStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PodSecurityPolicySelfSubjectReview) OpenAPIModelName() string { + return "com.github.openshift.api.security.v1.PodSecurityPolicySelfSubjectReview" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PodSecurityPolicySelfSubjectReviewSpec) OpenAPIModelName() string { + return "com.github.openshift.api.security.v1.PodSecurityPolicySelfSubjectReviewSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PodSecurityPolicySubjectReview) OpenAPIModelName() string { + return "com.github.openshift.api.security.v1.PodSecurityPolicySubjectReview" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PodSecurityPolicySubjectReviewSpec) OpenAPIModelName() string { + return "com.github.openshift.api.security.v1.PodSecurityPolicySubjectReviewSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in PodSecurityPolicySubjectReviewStatus) OpenAPIModelName() string { + return "com.github.openshift.api.security.v1.PodSecurityPolicySubjectReviewStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in RangeAllocation) OpenAPIModelName() string { + return "com.github.openshift.api.security.v1.RangeAllocation" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in RangeAllocationList) OpenAPIModelName() string { + return "com.github.openshift.api.security.v1.RangeAllocationList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in RunAsUserStrategyOptions) OpenAPIModelName() string { + return "com.github.openshift.api.security.v1.RunAsUserStrategyOptions" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in SELinuxContextStrategyOptions) OpenAPIModelName() string { + return "com.github.openshift.api.security.v1.SELinuxContextStrategyOptions" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in SecurityContextConstraints) OpenAPIModelName() string { + return "com.github.openshift.api.security.v1.SecurityContextConstraints" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in SecurityContextConstraintsList) OpenAPIModelName() string { + return "com.github.openshift.api.security.v1.SecurityContextConstraintsList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ServiceAccountPodSecurityPolicyReviewStatus) OpenAPIModelName() string { + return "com.github.openshift.api.security.v1.ServiceAccountPodSecurityPolicyReviewStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in SupplementalGroupsStrategyOptions) OpenAPIModelName() string { + return "com.github.openshift.api.security.v1.SupplementalGroupsStrategyOptions" +} diff --git a/vendor/github.com/openshift/api/security/v1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/security/v1/zz_generated.swagger_doc_generated.go index 29cddf7e64..67882a66e9 100644 --- a/vendor/github.com/openshift/api/security/v1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/security/v1/zz_generated.swagger_doc_generated.go @@ -171,7 +171,7 @@ var map_SecurityContextConstraints = map[string]string{ "metadata": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", "priority": "priority influences the sort order of SCCs when evaluating which SCCs to try first for a given pod request based on access in the Users and Groups fields. The higher the int, the higher priority. An unset value is considered a 0 priority. If scores for multiple SCCs are equal they will be sorted from most restrictive to least restrictive. If both priorities and restrictions are equal the SCCs will be sorted by name.", "allowPrivilegedContainer": "allowPrivilegedContainer determines if a container can request to be run as privileged.", - "defaultAddCapabilities": "defaultAddCapabilities is the default set of capabilities that will be added to the container unless the pod spec specifically drops the capability. You may not list a capabiility in both DefaultAddCapabilities and RequiredDropCapabilities.", + "defaultAddCapabilities": "defaultAddCapabilities is the default set of capabilities that will be added to the container unless the pod spec specifically drops the capability. You may not list a capability in both DefaultAddCapabilities and RequiredDropCapabilities.", "requiredDropCapabilities": "requiredDropCapabilities are the capabilities that will be dropped from the container. These are required to be dropped and cannot be added.", "allowedCapabilities": "allowedCapabilities is a list of capabilities that can be requested to add to the container. Capabilities in this field maybe added at the pod author's discretion. You must not list a capability in both AllowedCapabilities and RequiredDropCapabilities. To allow all capabilities you may use '*'.", "allowHostDirVolumePlugin": "allowHostDirVolumePlugin determines if the policy allow containers to use the HostDir volume plugin", @@ -191,7 +191,7 @@ var map_SecurityContextConstraints = map[string]string{ "readOnlyRootFilesystem": "readOnlyRootFilesystem when set to true will force containers to run with a read only root file system. If the container specifically requests to run with a non-read only root file system the SCC should deny the pod. If set to false the container may run with a read only root file system if it wishes but it will not be forced to.", "users": "The users who have permissions to use this security context constraints", "groups": "The groups that have permission to use this security context constraints", - "seccompProfiles": "seccompProfiles lists the allowed profiles that may be set for the pod or container's seccomp annotations. An unset (nil) or empty value means that no profiles may be specifid by the pod or container.\tThe wildcard '*' may be used to allow all profiles. When used to generate a value for a pod the first non-wildcard profile will be used as the default.", + "seccompProfiles": "seccompProfiles lists the allowed profiles that may be set for the pod or container's seccomp annotations. An unset (nil) or empty value means that no profiles may be specified by the pod or container.\tThe wildcard '*' may be used to allow all profiles. When used to generate a value for a pod the first non-wildcard profile will be used as the default.", "allowedUnsafeSysctls": "allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none. Each entry is either a plain sysctl name or ends in \"*\" in which case it is considered as a prefix of allowed sysctls. Single * means all unsafe sysctls are allowed. Kubelet has to whitelist all allowed unsafe sysctls explicitly to avoid rejection.\n\nExamples: e.g. \"foo/*\" allows \"foo/bar\", \"foo/baz\", etc. e.g. \"foo.*\" allows \"foo.bar\", \"foo.baz\", etc.", "forbiddenSysctls": "forbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none. Each entry is either a plain sysctl name or ends in \"*\" in which case it is considered as a prefix of forbidden sysctls. Single * means all sysctls are forbidden.\n\nExamples: e.g. \"foo/*\" forbids \"foo/bar\", \"foo/baz\", etc. e.g. \"foo.*\" forbids \"foo.bar\", \"foo.baz\", etc.", } diff --git a/vendor/github.com/openshift/api/servicecertsigner/v1alpha1/doc.go b/vendor/github.com/openshift/api/servicecertsigner/v1alpha1/doc.go index 6ce02bdb3e..1f9da25524 100644 --- a/vendor/github.com/openshift/api/servicecertsigner/v1alpha1/doc.go +++ b/vendor/github.com/openshift/api/servicecertsigner/v1alpha1/doc.go @@ -1,6 +1,7 @@ // +k8s:deepcopy-gen=package,register // +k8s:defaulter-gen=TypeMeta // +k8s:openapi-gen=true +// +k8s:openapi-model-package=com.github.openshift.api.servicecertsigner.v1alpha1 // +groupName=servicecertsigner.config.openshift.io package v1alpha1 diff --git a/vendor/github.com/openshift/api/servicecertsigner/v1alpha1/zz_generated.model_name.go b/vendor/github.com/openshift/api/servicecertsigner/v1alpha1/zz_generated.model_name.go new file mode 100644 index 0000000000..446c48afeb --- /dev/null +++ b/vendor/github.com/openshift/api/servicecertsigner/v1alpha1/zz_generated.model_name.go @@ -0,0 +1,26 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Code generated by codegen. DO NOT EDIT. + +package v1alpha1 + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ServiceCertSignerOperatorConfig) OpenAPIModelName() string { + return "com.github.openshift.api.servicecertsigner.v1alpha1.ServiceCertSignerOperatorConfig" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ServiceCertSignerOperatorConfigList) OpenAPIModelName() string { + return "com.github.openshift.api.servicecertsigner.v1alpha1.ServiceCertSignerOperatorConfigList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ServiceCertSignerOperatorConfigSpec) OpenAPIModelName() string { + return "com.github.openshift.api.servicecertsigner.v1alpha1.ServiceCertSignerOperatorConfigSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ServiceCertSignerOperatorConfigStatus) OpenAPIModelName() string { + return "com.github.openshift.api.servicecertsigner.v1alpha1.ServiceCertSignerOperatorConfigStatus" +} diff --git a/vendor/github.com/openshift/api/sharedresource/v1alpha1/doc.go b/vendor/github.com/openshift/api/sharedresource/v1alpha1/doc.go index 833dd7f12c..3fa2207b8b 100644 --- a/vendor/github.com/openshift/api/sharedresource/v1alpha1/doc.go +++ b/vendor/github.com/openshift/api/sharedresource/v1alpha1/doc.go @@ -1,6 +1,7 @@ // +k8s:deepcopy-gen=package,register // +k8s:defaulter-gen=TypeMeta // +k8s:openapi-gen=true +// +k8s:openapi-model-package=com.github.openshift.api.sharedresource.v1alpha1 // +groupName=sharedresource.openshift.io // Package v1alplha1 is the v1alpha1 version of the API. diff --git a/vendor/github.com/openshift/api/sharedresource/v1alpha1/zz_generated.model_name.go b/vendor/github.com/openshift/api/sharedresource/v1alpha1/zz_generated.model_name.go new file mode 100644 index 0000000000..d8c45a7aee --- /dev/null +++ b/vendor/github.com/openshift/api/sharedresource/v1alpha1/zz_generated.model_name.go @@ -0,0 +1,56 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Code generated by codegen. DO NOT EDIT. + +package v1alpha1 + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in SharedConfigMap) OpenAPIModelName() string { + return "com.github.openshift.api.sharedresource.v1alpha1.SharedConfigMap" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in SharedConfigMapList) OpenAPIModelName() string { + return "com.github.openshift.api.sharedresource.v1alpha1.SharedConfigMapList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in SharedConfigMapReference) OpenAPIModelName() string { + return "com.github.openshift.api.sharedresource.v1alpha1.SharedConfigMapReference" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in SharedConfigMapSpec) OpenAPIModelName() string { + return "com.github.openshift.api.sharedresource.v1alpha1.SharedConfigMapSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in SharedConfigMapStatus) OpenAPIModelName() string { + return "com.github.openshift.api.sharedresource.v1alpha1.SharedConfigMapStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in SharedSecret) OpenAPIModelName() string { + return "com.github.openshift.api.sharedresource.v1alpha1.SharedSecret" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in SharedSecretList) OpenAPIModelName() string { + return "com.github.openshift.api.sharedresource.v1alpha1.SharedSecretList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in SharedSecretReference) OpenAPIModelName() string { + return "com.github.openshift.api.sharedresource.v1alpha1.SharedSecretReference" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in SharedSecretSpec) OpenAPIModelName() string { + return "com.github.openshift.api.sharedresource.v1alpha1.SharedSecretSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in SharedSecretStatus) OpenAPIModelName() string { + return "com.github.openshift.api.sharedresource.v1alpha1.SharedSecretStatus" +} diff --git a/vendor/github.com/openshift/api/template/v1/doc.go b/vendor/github.com/openshift/api/template/v1/doc.go index 34f9f8d455..0cbca9f7e0 100644 --- a/vendor/github.com/openshift/api/template/v1/doc.go +++ b/vendor/github.com/openshift/api/template/v1/doc.go @@ -2,6 +2,7 @@ // +k8s:conversion-gen=github.com/openshift/origin/pkg/template/apis/template // +k8s:defaulter-gen=TypeMeta // +k8s:openapi-gen=true +// +k8s:openapi-model-package=com.github.openshift.api.template.v1 // +groupName=template.openshift.io // Package v1 is the v1 version of the API. diff --git a/vendor/github.com/openshift/api/template/v1/zz_generated.model_name.go b/vendor/github.com/openshift/api/template/v1/zz_generated.model_name.go new file mode 100644 index 0000000000..eb14ace8de --- /dev/null +++ b/vendor/github.com/openshift/api/template/v1/zz_generated.model_name.go @@ -0,0 +1,71 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Code generated by codegen. DO NOT EDIT. + +package v1 + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in BrokerTemplateInstance) OpenAPIModelName() string { + return "com.github.openshift.api.template.v1.BrokerTemplateInstance" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in BrokerTemplateInstanceList) OpenAPIModelName() string { + return "com.github.openshift.api.template.v1.BrokerTemplateInstanceList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in BrokerTemplateInstanceSpec) OpenAPIModelName() string { + return "com.github.openshift.api.template.v1.BrokerTemplateInstanceSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in Parameter) OpenAPIModelName() string { + return "com.github.openshift.api.template.v1.Parameter" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in Template) OpenAPIModelName() string { + return "com.github.openshift.api.template.v1.Template" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in TemplateInstance) OpenAPIModelName() string { + return "com.github.openshift.api.template.v1.TemplateInstance" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in TemplateInstanceCondition) OpenAPIModelName() string { + return "com.github.openshift.api.template.v1.TemplateInstanceCondition" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in TemplateInstanceList) OpenAPIModelName() string { + return "com.github.openshift.api.template.v1.TemplateInstanceList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in TemplateInstanceObject) OpenAPIModelName() string { + return "com.github.openshift.api.template.v1.TemplateInstanceObject" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in TemplateInstanceRequester) OpenAPIModelName() string { + return "com.github.openshift.api.template.v1.TemplateInstanceRequester" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in TemplateInstanceSpec) OpenAPIModelName() string { + return "com.github.openshift.api.template.v1.TemplateInstanceSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in TemplateInstanceStatus) OpenAPIModelName() string { + return "com.github.openshift.api.template.v1.TemplateInstanceStatus" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in TemplateList) OpenAPIModelName() string { + return "com.github.openshift.api.template.v1.TemplateList" +} diff --git a/vendor/github.com/openshift/api/user/v1/doc.go b/vendor/github.com/openshift/api/user/v1/doc.go index 42287095e2..a8c24927d6 100644 --- a/vendor/github.com/openshift/api/user/v1/doc.go +++ b/vendor/github.com/openshift/api/user/v1/doc.go @@ -2,6 +2,7 @@ // +k8s:conversion-gen=github.com/openshift/origin/pkg/user/apis/user // +k8s:defaulter-gen=TypeMeta // +k8s:openapi-gen=true +// +k8s:openapi-model-package=com.github.openshift.api.user.v1 // +groupName=user.openshift.io // Package v1 is the v1 version of the API. diff --git a/vendor/github.com/openshift/api/user/v1/zz_generated.model_name.go b/vendor/github.com/openshift/api/user/v1/zz_generated.model_name.go new file mode 100644 index 0000000000..1d59e2115d --- /dev/null +++ b/vendor/github.com/openshift/api/user/v1/zz_generated.model_name.go @@ -0,0 +1,41 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Code generated by codegen. DO NOT EDIT. + +package v1 + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in Group) OpenAPIModelName() string { + return "com.github.openshift.api.user.v1.Group" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in GroupList) OpenAPIModelName() string { + return "com.github.openshift.api.user.v1.GroupList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in Identity) OpenAPIModelName() string { + return "com.github.openshift.api.user.v1.Identity" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in IdentityList) OpenAPIModelName() string { + return "com.github.openshift.api.user.v1.IdentityList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in User) OpenAPIModelName() string { + return "com.github.openshift.api.user.v1.User" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in UserIdentityMapping) OpenAPIModelName() string { + return "com.github.openshift.api.user.v1.UserIdentityMapping" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in UserList) OpenAPIModelName() string { + return "com.github.openshift.api.user.v1.UserList" +} diff --git a/vendor/github.com/openshift/client-go/apps/applyconfigurations/internal/internal.go b/vendor/github.com/openshift/client-go/apps/applyconfigurations/internal/internal.go index d360fcba5e..437388ff7a 100644 --- a/vendor/github.com/openshift/client-go/apps/applyconfigurations/internal/internal.go +++ b/vendor/github.com/openshift/client-go/apps/applyconfigurations/internal/internal.go @@ -1510,6 +1510,11 @@ var schemaYAML = typed.YAMLObject(`types: - name: signerName type: scalar: string + - name: userAnnotations + type: + map: + elementType: + scalar: string - name: io.k8s.api.core.v1.PodDNSConfig map: fields: @@ -1805,6 +1810,9 @@ var schemaYAML = typed.YAMLObject(`types: elementRelationship: associative keys: - name + - name: workloadRef + type: + namedType: io.k8s.api.core.v1.WorkloadReference - name: io.k8s.api.core.v1.PodTemplateSpec map: fields: @@ -2503,6 +2511,20 @@ var schemaYAML = typed.YAMLObject(`types: - name: runAsUserName type: scalar: string +- name: io.k8s.api.core.v1.WorkloadReference + map: + fields: + - name: name + type: + scalar: string + default: "" + - name: podGroup + type: + scalar: string + default: "" + - name: podGroupReplicaKey + type: + scalar: string - name: io.k8s.apimachinery.pkg.api.resource.Quantity scalar: untyped - name: io.k8s.apimachinery.pkg.apis.meta.v1.FieldsV1 diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/apiserverencryption.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/apiserverencryption.go index f4214f6a9d..5a9af0cb27 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/apiserverencryption.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/apiserverencryption.go @@ -32,7 +32,7 @@ type APIServerEncryptionApplyConfiguration struct { // The Key Management Service (KMS) instance provides symmetric encryption and is responsible for // managing the lifecyle of the encryption keys outside of the control plane. // This allows integration with an external provider to manage the data encryption keys securely. - KMS *KMSConfigApplyConfiguration `json:"kms,omitempty"` + KMS *KMSPluginConfigApplyConfiguration `json:"kms,omitempty"` } // APIServerEncryptionApplyConfiguration constructs a declarative configuration of the APIServerEncryption type for use with @@ -52,7 +52,7 @@ func (b *APIServerEncryptionApplyConfiguration) WithType(value configv1.Encrypti // WithKMS sets the KMS field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the KMS field is set to the value of the last call. -func (b *APIServerEncryptionApplyConfiguration) WithKMS(value *KMSConfigApplyConfiguration) *APIServerEncryptionApplyConfiguration { +func (b *APIServerEncryptionApplyConfiguration) WithKMS(value *KMSPluginConfigApplyConfiguration) *APIServerEncryptionApplyConfiguration { b.KMS = value return b } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/apiserverspec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/apiserverspec.go index 5b674ae05d..42392a353e 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/apiserverspec.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/apiserverspec.go @@ -2,6 +2,10 @@ package v1 +import ( + configv1 "github.com/openshift/api/config/v1" +) + // APIServerSpecApplyConfiguration represents a declarative configuration of the APIServerSpec type for use // with apply. type APIServerSpecApplyConfiguration struct { @@ -26,6 +30,37 @@ type APIServerSpecApplyConfiguration struct { // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. // The current default is the Intermediate profile. TLSSecurityProfile *TLSSecurityProfileApplyConfiguration `json:"tlsSecurityProfile,omitempty"` + // tlsAdherence controls if components in the cluster adhere to the TLS security profile + // configured on this APIServer resource. + // + // Valid values are "LegacyAdheringComponentsOnly" and "StrictAllComponents". + // + // When set to "LegacyAdheringComponentsOnly", components that already honor the + // cluster-wide TLS profile continue to do so. Components that do not already honor + // it continue to use their individual TLS configurations. + // + // When set to "StrictAllComponents", all components must honor the configured TLS + // profile unless they have a component-specific TLS configuration that overrides + // it. This mode is recommended for security-conscious deployments and is required + // for certain compliance frameworks. + // + // Note: Some components such as Kubelet and IngressController have their own + // dedicated TLS configuration mechanisms via KubeletConfig and IngressController + // CRs respectively. When these component-specific TLS configurations are set, + // they take precedence over the cluster-wide tlsSecurityProfile. When not set, + // these components fall back to the cluster-wide default. + // + // Components that encounter an unknown value for tlsAdherence should treat it + // as "StrictAllComponents" and log a warning to ensure forward compatibility + // while defaulting to the more secure behavior. + // + // This field is optional. + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // The current default is LegacyAdheringComponentsOnly. + // + // Once set, this field may be changed to a different value, but may not be removed. + TLSAdherence *configv1.TLSAdherencePolicy `json:"tlsAdherence,omitempty"` // audit specifies the settings for audit configuration to be applied to all OpenShift-provided // API servers in the cluster. Audit *AuditApplyConfiguration `json:"audit,omitempty"` @@ -79,6 +114,14 @@ func (b *APIServerSpecApplyConfiguration) WithTLSSecurityProfile(value *TLSSecur return b } +// WithTLSAdherence sets the TLSAdherence field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the TLSAdherence field is set to the value of the last call. +func (b *APIServerSpecApplyConfiguration) WithTLSAdherence(value configv1.TLSAdherencePolicy) *APIServerSpecApplyConfiguration { + b.TLSAdherence = &value + return b +} + // WithAudit sets the Audit field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the Audit field is set to the value of the last call. diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/awsdnsspec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/awsdnsspec.go index ec57615082..457cb43aca 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/awsdnsspec.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/awsdnsspec.go @@ -10,6 +10,11 @@ type AWSDNSSpecApplyConfiguration struct { // privateZoneIAMRole contains the ARN of an IAM role that should be assumed when performing // operations on the cluster's private hosted zone specified in the cluster DNS config. // When left empty, no role should be assumed. + // + // The ARN must follow the format: arn::iam:::role/, where: + // is the AWS partition (aws, aws-cn, aws-us-gov, or aws-eusc), + // is a 12-digit numeric identifier for the AWS account, + // is the IAM role name. PrivateZoneIAMRole *string `json:"privateZoneIAMRole,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/awskmsconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/awskmsconfig.go deleted file mode 100644 index 483e570da2..0000000000 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/awskmsconfig.go +++ /dev/null @@ -1,42 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1 - -// AWSKMSConfigApplyConfiguration represents a declarative configuration of the AWSKMSConfig type for use -// with apply. -// -// AWSKMSConfig defines the KMS config specific to AWS KMS provider -type AWSKMSConfigApplyConfiguration struct { - // keyARN specifies the Amazon Resource Name (ARN) of the AWS KMS key used for encryption. - // The value must adhere to the format `arn:aws:kms:::key/`, where: - // - `` is the AWS region consisting of lowercase letters and hyphens followed by a number. - // - `` is a 12-digit numeric identifier for the AWS account. - // - `` is a unique identifier for the KMS key, consisting of lowercase hexadecimal characters and hyphens. - KeyARN *string `json:"keyARN,omitempty"` - // region specifies the AWS region where the KMS instance exists, and follows the format - // `--`, e.g.: `us-east-1`. - // Only lowercase letters and hyphens followed by numbers are allowed. - Region *string `json:"region,omitempty"` -} - -// AWSKMSConfigApplyConfiguration constructs a declarative configuration of the AWSKMSConfig type for use with -// apply. -func AWSKMSConfig() *AWSKMSConfigApplyConfiguration { - return &AWSKMSConfigApplyConfiguration{} -} - -// WithKeyARN sets the KeyARN field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the KeyARN field is set to the value of the last call. -func (b *AWSKMSConfigApplyConfiguration) WithKeyARN(value string) *AWSKMSConfigApplyConfiguration { - b.KeyARN = &value - return b -} - -// WithRegion sets the Region field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Region field is set to the value of the last call. -func (b *AWSKMSConfigApplyConfiguration) WithRegion(value string) *AWSKMSConfigApplyConfiguration { - b.Region = &value - return b -} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/clientcredentialconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/clientcredentialconfig.go new file mode 100644 index 0000000000..c23f4d5307 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/clientcredentialconfig.go @@ -0,0 +1,98 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +import ( + configv1 "github.com/openshift/api/config/v1" +) + +// ClientCredentialConfigApplyConfiguration represents a declarative configuration of the ClientCredentialConfig type for use +// with apply. +// +// ClientCredentialConfig configures the client credentials and token endpoint +// to use to get an access token via the OAuth2 client credentials grant flow. +type ClientCredentialConfigApplyConfiguration struct { + // clientID is a required client identifier to use during the OAuth2 client credentials flow. + // clientID must be at least 1 character in length, must not exceed 256 characters in length, + // and must only contain printable ASCII characters. + ClientID *string `json:"clientID,omitempty"` + // clientSecret is a required reference to a Secret in the openshift-config namespace to be used + // as the client secret during the OAuth2 client credentials flow. + // + // The key 'client-secret' is used to locate the client secret data in the Secret. + ClientSecret *ClientSecretSecretReferenceApplyConfiguration `json:"clientSecret,omitempty"` + // tokenEndpoint is a required URL to query for an access token using + // the client credential OAuth2 flow. + // tokenEndpoint must be at least 1 character in length and must not exceed 2048 characters in length. + // tokenEndpoint must be a valid HTTPS URL. + // tokenEndpoint must have a host and a path. + // tokenEndpoint must not contain query parameters, fragments, + // or user information (e.g., "user:password@host"). + TokenEndpoint *string `json:"tokenEndpoint,omitempty"` + // scopes is an optional list of OAuth2 scopes to request when obtaining + // an access token. + // + // If not specified, the token endpoint's default scopes + // will be used. + // + // When specified, there must be at least 1 entry and must not exceed 16 entries. + // Each entry must be at least 1 character in length and must not exceed 256 characters in length. + // Each entry must only contain printable ASCII characters, excluding spaces, double quotes and backslashes. + // Entries must be unique. + Scopes []configv1.OAuth2Scope `json:"scopes,omitempty"` + // tls is an optional field that allows configuring the TLS + // settings used to interact with the identity provider + // as an OAuth2 client. + // + // When omitted, system default TLS settings will be used + // for the OAuth2 client. + TLS *ExternalSourceTLSApplyConfiguration `json:"tls,omitempty"` +} + +// ClientCredentialConfigApplyConfiguration constructs a declarative configuration of the ClientCredentialConfig type for use with +// apply. +func ClientCredentialConfig() *ClientCredentialConfigApplyConfiguration { + return &ClientCredentialConfigApplyConfiguration{} +} + +// WithClientID sets the ClientID field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the ClientID field is set to the value of the last call. +func (b *ClientCredentialConfigApplyConfiguration) WithClientID(value string) *ClientCredentialConfigApplyConfiguration { + b.ClientID = &value + return b +} + +// WithClientSecret sets the ClientSecret field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the ClientSecret field is set to the value of the last call. +func (b *ClientCredentialConfigApplyConfiguration) WithClientSecret(value *ClientSecretSecretReferenceApplyConfiguration) *ClientCredentialConfigApplyConfiguration { + b.ClientSecret = value + return b +} + +// WithTokenEndpoint sets the TokenEndpoint field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the TokenEndpoint field is set to the value of the last call. +func (b *ClientCredentialConfigApplyConfiguration) WithTokenEndpoint(value string) *ClientCredentialConfigApplyConfiguration { + b.TokenEndpoint = &value + return b +} + +// WithScopes adds the given value to the Scopes field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Scopes field. +func (b *ClientCredentialConfigApplyConfiguration) WithScopes(values ...configv1.OAuth2Scope) *ClientCredentialConfigApplyConfiguration { + for i := range values { + b.Scopes = append(b.Scopes, values[i]) + } + return b +} + +// WithTLS sets the TLS field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the TLS field is set to the value of the last call. +func (b *ClientCredentialConfigApplyConfiguration) WithTLS(value *ExternalSourceTLSApplyConfiguration) *ClientCredentialConfigApplyConfiguration { + b.TLS = value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/clientsecretsecretreference.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/clientsecretsecretreference.go new file mode 100644 index 0000000000..5b2a8fe03f --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/clientsecretsecretreference.go @@ -0,0 +1,32 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +// ClientSecretSecretReferenceApplyConfiguration represents a declarative configuration of the ClientSecretSecretReference type for use +// with apply. +// +// ClientSecretSecretReference is a reference to a Secret in the openshift-config +// namespace that should be used for configuring the client secret to be +// used when sourcing claims from external sources with the client credential authentication flow. +type ClientSecretSecretReferenceApplyConfiguration struct { + // name is the required name of the Secret that exists in the openshift-config namespace. + // + // It must be at least 1 character in length, must not exceed 253 characters in length, + // must start and end with a lowercase alphanumeric character, and must only contain + // lowercase alphanumeric characters, '-' or '.'. + Name *string `json:"name,omitempty"` +} + +// ClientSecretSecretReferenceApplyConfiguration constructs a declarative configuration of the ClientSecretSecretReference type for use with +// apply. +func ClientSecretSecretReference() *ClientSecretSecretReferenceApplyConfiguration { + return &ClientSecretSecretReferenceApplyConfiguration{} +} + +// WithName sets the Name field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Name field is set to the value of the last call. +func (b *ClientSecretSecretReferenceApplyConfiguration) WithName(value string) *ClientSecretSecretReferenceApplyConfiguration { + b.Name = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/clusterimagepolicy.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/criocredentialproviderconfig.go similarity index 54% rename from vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/clusterimagepolicy.go rename to vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/criocredentialproviderconfig.go index 19a6917f99..94be7a1cda 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/clusterimagepolicy.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/criocredentialproviderconfig.go @@ -1,89 +1,97 @@ // Code generated by applyconfiguration-gen. DO NOT EDIT. -package v1alpha1 +package v1 import ( - configv1alpha1 "github.com/openshift/api/config/v1alpha1" + configv1 "github.com/openshift/api/config/v1" internal "github.com/openshift/client-go/config/applyconfigurations/internal" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + apismetav1 "k8s.io/apimachinery/pkg/apis/meta/v1" types "k8s.io/apimachinery/pkg/types" managedfields "k8s.io/apimachinery/pkg/util/managedfields" - v1 "k8s.io/client-go/applyconfigurations/meta/v1" + metav1 "k8s.io/client-go/applyconfigurations/meta/v1" ) -// ClusterImagePolicyApplyConfiguration represents a declarative configuration of the ClusterImagePolicy type for use +// CRIOCredentialProviderConfigApplyConfiguration represents a declarative configuration of the CRIOCredentialProviderConfig type for use // with apply. // -// # ClusterImagePolicy holds cluster-wide configuration for image signature verification +// CRIOCredentialProviderConfig holds cluster-wide singleton resource configurations for CRI-O credential provider, the name of this instance is "cluster". CRI-O credential provider is a binary shipped with CRI-O that provides a way to obtain container image pull credentials from external sources. +// For example, it can be used to fetch mirror registry credentials from secrets resources in the cluster within the same namespace the pod will be running in. +// CRIOCredentialProviderConfig configuration specifies the pod image sources registries that should trigger the CRI-O credential provider execution, which will resolve the CRI-O mirror configurations and obtain the necessary credentials for pod creation. +// Note: Configuration changes will only take effect after the kubelet restarts, which is automatically managed by the cluster during rollout. // -// Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. -type ClusterImagePolicyApplyConfiguration struct { - v1.TypeMetaApplyConfiguration `json:",inline"` +// The resource is a singleton named "cluster". +// +// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). +type CRIOCredentialProviderConfigApplyConfiguration struct { + metav1.TypeMetaApplyConfiguration `json:",inline"` // metadata is the standard object's metadata. // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata - *v1.ObjectMetaApplyConfiguration `json:"metadata,omitempty"` - // spec contains the configuration for the cluster image policy. - Spec *ClusterImagePolicySpecApplyConfiguration `json:"spec,omitempty"` - // status contains the observed state of the resource. - Status *ClusterImagePolicyStatusApplyConfiguration `json:"status,omitempty"` + *metav1.ObjectMetaApplyConfiguration `json:"metadata,omitempty"` + // spec defines the desired configuration of the CRI-O Credential Provider. + // This field is required and must be provided when creating the resource. + Spec *CRIOCredentialProviderConfigSpecApplyConfiguration `json:"spec,omitempty"` + // status represents the current state of the CRIOCredentialProviderConfig. + // When omitted or nil, it indicates that the status has not yet been set by the controller. + // The controller will populate this field with validation conditions and operational state. + Status *CRIOCredentialProviderConfigStatusApplyConfiguration `json:"status,omitempty"` } -// ClusterImagePolicy constructs a declarative configuration of the ClusterImagePolicy type for use with +// CRIOCredentialProviderConfig constructs a declarative configuration of the CRIOCredentialProviderConfig type for use with // apply. -func ClusterImagePolicy(name string) *ClusterImagePolicyApplyConfiguration { - b := &ClusterImagePolicyApplyConfiguration{} +func CRIOCredentialProviderConfig(name string) *CRIOCredentialProviderConfigApplyConfiguration { + b := &CRIOCredentialProviderConfigApplyConfiguration{} b.WithName(name) - b.WithKind("ClusterImagePolicy") - b.WithAPIVersion("config.openshift.io/v1alpha1") + b.WithKind("CRIOCredentialProviderConfig") + b.WithAPIVersion("config.openshift.io/v1") return b } -// ExtractClusterImagePolicyFrom extracts the applied configuration owned by fieldManager from -// clusterImagePolicy for the specified subresource. Pass an empty string for subresource to extract +// ExtractCRIOCredentialProviderConfigFrom extracts the applied configuration owned by fieldManager from +// cRIOCredentialProviderConfig for the specified subresource. Pass an empty string for subresource to extract // the main resource. Common subresources include "status", "scale", etc. -// clusterImagePolicy must be a unmodified ClusterImagePolicy API object that was retrieved from the Kubernetes API. -// ExtractClusterImagePolicyFrom provides a way to perform a extract/modify-in-place/apply workflow. +// cRIOCredentialProviderConfig must be a unmodified CRIOCredentialProviderConfig API object that was retrieved from the Kubernetes API. +// ExtractCRIOCredentialProviderConfigFrom provides a way to perform a extract/modify-in-place/apply workflow. // Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously // applied if another fieldManager has updated or force applied any of the previously applied fields. -func ExtractClusterImagePolicyFrom(clusterImagePolicy *configv1alpha1.ClusterImagePolicy, fieldManager string, subresource string) (*ClusterImagePolicyApplyConfiguration, error) { - b := &ClusterImagePolicyApplyConfiguration{} - err := managedfields.ExtractInto(clusterImagePolicy, internal.Parser().Type("com.github.openshift.api.config.v1alpha1.ClusterImagePolicy"), fieldManager, b, subresource) +func ExtractCRIOCredentialProviderConfigFrom(cRIOCredentialProviderConfig *configv1.CRIOCredentialProviderConfig, fieldManager string, subresource string) (*CRIOCredentialProviderConfigApplyConfiguration, error) { + b := &CRIOCredentialProviderConfigApplyConfiguration{} + err := managedfields.ExtractInto(cRIOCredentialProviderConfig, internal.Parser().Type("com.github.openshift.api.config.v1.CRIOCredentialProviderConfig"), fieldManager, b, subresource) if err != nil { return nil, err } - b.WithName(clusterImagePolicy.Name) + b.WithName(cRIOCredentialProviderConfig.Name) - b.WithKind("ClusterImagePolicy") - b.WithAPIVersion("config.openshift.io/v1alpha1") + b.WithKind("CRIOCredentialProviderConfig") + b.WithAPIVersion("config.openshift.io/v1") return b, nil } -// ExtractClusterImagePolicy extracts the applied configuration owned by fieldManager from -// clusterImagePolicy. If no managedFields are found in clusterImagePolicy for fieldManager, a -// ClusterImagePolicyApplyConfiguration is returned with only the Name, Namespace (if applicable), +// ExtractCRIOCredentialProviderConfig extracts the applied configuration owned by fieldManager from +// cRIOCredentialProviderConfig. If no managedFields are found in cRIOCredentialProviderConfig for fieldManager, a +// CRIOCredentialProviderConfigApplyConfiguration is returned with only the Name, Namespace (if applicable), // APIVersion and Kind populated. It is possible that no managed fields were found for because other // field managers have taken ownership of all the fields previously owned by fieldManager, or because // the fieldManager never owned fields any fields. -// clusterImagePolicy must be a unmodified ClusterImagePolicy API object that was retrieved from the Kubernetes API. -// ExtractClusterImagePolicy provides a way to perform a extract/modify-in-place/apply workflow. +// cRIOCredentialProviderConfig must be a unmodified CRIOCredentialProviderConfig API object that was retrieved from the Kubernetes API. +// ExtractCRIOCredentialProviderConfig provides a way to perform a extract/modify-in-place/apply workflow. // Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously // applied if another fieldManager has updated or force applied any of the previously applied fields. -func ExtractClusterImagePolicy(clusterImagePolicy *configv1alpha1.ClusterImagePolicy, fieldManager string) (*ClusterImagePolicyApplyConfiguration, error) { - return ExtractClusterImagePolicyFrom(clusterImagePolicy, fieldManager, "") +func ExtractCRIOCredentialProviderConfig(cRIOCredentialProviderConfig *configv1.CRIOCredentialProviderConfig, fieldManager string) (*CRIOCredentialProviderConfigApplyConfiguration, error) { + return ExtractCRIOCredentialProviderConfigFrom(cRIOCredentialProviderConfig, fieldManager, "") } -// ExtractClusterImagePolicyStatus extracts the applied configuration owned by fieldManager from -// clusterImagePolicy for the status subresource. -func ExtractClusterImagePolicyStatus(clusterImagePolicy *configv1alpha1.ClusterImagePolicy, fieldManager string) (*ClusterImagePolicyApplyConfiguration, error) { - return ExtractClusterImagePolicyFrom(clusterImagePolicy, fieldManager, "status") +// ExtractCRIOCredentialProviderConfigStatus extracts the applied configuration owned by fieldManager from +// cRIOCredentialProviderConfig for the status subresource. +func ExtractCRIOCredentialProviderConfigStatus(cRIOCredentialProviderConfig *configv1.CRIOCredentialProviderConfig, fieldManager string) (*CRIOCredentialProviderConfigApplyConfiguration, error) { + return ExtractCRIOCredentialProviderConfigFrom(cRIOCredentialProviderConfig, fieldManager, "status") } -func (b ClusterImagePolicyApplyConfiguration) IsApplyConfiguration() {} +func (b CRIOCredentialProviderConfigApplyConfiguration) IsApplyConfiguration() {} // WithKind sets the Kind field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the Kind field is set to the value of the last call. -func (b *ClusterImagePolicyApplyConfiguration) WithKind(value string) *ClusterImagePolicyApplyConfiguration { +func (b *CRIOCredentialProviderConfigApplyConfiguration) WithKind(value string) *CRIOCredentialProviderConfigApplyConfiguration { b.TypeMetaApplyConfiguration.Kind = &value return b } @@ -91,7 +99,7 @@ func (b *ClusterImagePolicyApplyConfiguration) WithKind(value string) *ClusterIm // WithAPIVersion sets the APIVersion field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the APIVersion field is set to the value of the last call. -func (b *ClusterImagePolicyApplyConfiguration) WithAPIVersion(value string) *ClusterImagePolicyApplyConfiguration { +func (b *CRIOCredentialProviderConfigApplyConfiguration) WithAPIVersion(value string) *CRIOCredentialProviderConfigApplyConfiguration { b.TypeMetaApplyConfiguration.APIVersion = &value return b } @@ -99,7 +107,7 @@ func (b *ClusterImagePolicyApplyConfiguration) WithAPIVersion(value string) *Clu // WithName sets the Name field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the Name field is set to the value of the last call. -func (b *ClusterImagePolicyApplyConfiguration) WithName(value string) *ClusterImagePolicyApplyConfiguration { +func (b *CRIOCredentialProviderConfigApplyConfiguration) WithName(value string) *CRIOCredentialProviderConfigApplyConfiguration { b.ensureObjectMetaApplyConfigurationExists() b.ObjectMetaApplyConfiguration.Name = &value return b @@ -108,7 +116,7 @@ func (b *ClusterImagePolicyApplyConfiguration) WithName(value string) *ClusterIm // WithGenerateName sets the GenerateName field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the GenerateName field is set to the value of the last call. -func (b *ClusterImagePolicyApplyConfiguration) WithGenerateName(value string) *ClusterImagePolicyApplyConfiguration { +func (b *CRIOCredentialProviderConfigApplyConfiguration) WithGenerateName(value string) *CRIOCredentialProviderConfigApplyConfiguration { b.ensureObjectMetaApplyConfigurationExists() b.ObjectMetaApplyConfiguration.GenerateName = &value return b @@ -117,7 +125,7 @@ func (b *ClusterImagePolicyApplyConfiguration) WithGenerateName(value string) *C // WithNamespace sets the Namespace field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the Namespace field is set to the value of the last call. -func (b *ClusterImagePolicyApplyConfiguration) WithNamespace(value string) *ClusterImagePolicyApplyConfiguration { +func (b *CRIOCredentialProviderConfigApplyConfiguration) WithNamespace(value string) *CRIOCredentialProviderConfigApplyConfiguration { b.ensureObjectMetaApplyConfigurationExists() b.ObjectMetaApplyConfiguration.Namespace = &value return b @@ -126,7 +134,7 @@ func (b *ClusterImagePolicyApplyConfiguration) WithNamespace(value string) *Clus // WithUID sets the UID field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the UID field is set to the value of the last call. -func (b *ClusterImagePolicyApplyConfiguration) WithUID(value types.UID) *ClusterImagePolicyApplyConfiguration { +func (b *CRIOCredentialProviderConfigApplyConfiguration) WithUID(value types.UID) *CRIOCredentialProviderConfigApplyConfiguration { b.ensureObjectMetaApplyConfigurationExists() b.ObjectMetaApplyConfiguration.UID = &value return b @@ -135,7 +143,7 @@ func (b *ClusterImagePolicyApplyConfiguration) WithUID(value types.UID) *Cluster // WithResourceVersion sets the ResourceVersion field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the ResourceVersion field is set to the value of the last call. -func (b *ClusterImagePolicyApplyConfiguration) WithResourceVersion(value string) *ClusterImagePolicyApplyConfiguration { +func (b *CRIOCredentialProviderConfigApplyConfiguration) WithResourceVersion(value string) *CRIOCredentialProviderConfigApplyConfiguration { b.ensureObjectMetaApplyConfigurationExists() b.ObjectMetaApplyConfiguration.ResourceVersion = &value return b @@ -144,7 +152,7 @@ func (b *ClusterImagePolicyApplyConfiguration) WithResourceVersion(value string) // WithGeneration sets the Generation field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the Generation field is set to the value of the last call. -func (b *ClusterImagePolicyApplyConfiguration) WithGeneration(value int64) *ClusterImagePolicyApplyConfiguration { +func (b *CRIOCredentialProviderConfigApplyConfiguration) WithGeneration(value int64) *CRIOCredentialProviderConfigApplyConfiguration { b.ensureObjectMetaApplyConfigurationExists() b.ObjectMetaApplyConfiguration.Generation = &value return b @@ -153,7 +161,7 @@ func (b *ClusterImagePolicyApplyConfiguration) WithGeneration(value int64) *Clus // WithCreationTimestamp sets the CreationTimestamp field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the CreationTimestamp field is set to the value of the last call. -func (b *ClusterImagePolicyApplyConfiguration) WithCreationTimestamp(value metav1.Time) *ClusterImagePolicyApplyConfiguration { +func (b *CRIOCredentialProviderConfigApplyConfiguration) WithCreationTimestamp(value apismetav1.Time) *CRIOCredentialProviderConfigApplyConfiguration { b.ensureObjectMetaApplyConfigurationExists() b.ObjectMetaApplyConfiguration.CreationTimestamp = &value return b @@ -162,7 +170,7 @@ func (b *ClusterImagePolicyApplyConfiguration) WithCreationTimestamp(value metav // WithDeletionTimestamp sets the DeletionTimestamp field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the DeletionTimestamp field is set to the value of the last call. -func (b *ClusterImagePolicyApplyConfiguration) WithDeletionTimestamp(value metav1.Time) *ClusterImagePolicyApplyConfiguration { +func (b *CRIOCredentialProviderConfigApplyConfiguration) WithDeletionTimestamp(value apismetav1.Time) *CRIOCredentialProviderConfigApplyConfiguration { b.ensureObjectMetaApplyConfigurationExists() b.ObjectMetaApplyConfiguration.DeletionTimestamp = &value return b @@ -171,7 +179,7 @@ func (b *ClusterImagePolicyApplyConfiguration) WithDeletionTimestamp(value metav // WithDeletionGracePeriodSeconds sets the DeletionGracePeriodSeconds field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the DeletionGracePeriodSeconds field is set to the value of the last call. -func (b *ClusterImagePolicyApplyConfiguration) WithDeletionGracePeriodSeconds(value int64) *ClusterImagePolicyApplyConfiguration { +func (b *CRIOCredentialProviderConfigApplyConfiguration) WithDeletionGracePeriodSeconds(value int64) *CRIOCredentialProviderConfigApplyConfiguration { b.ensureObjectMetaApplyConfigurationExists() b.ObjectMetaApplyConfiguration.DeletionGracePeriodSeconds = &value return b @@ -181,7 +189,7 @@ func (b *ClusterImagePolicyApplyConfiguration) WithDeletionGracePeriodSeconds(va // and returns the receiver, so that objects can be build by chaining "With" function invocations. // If called multiple times, the entries provided by each call will be put on the Labels field, // overwriting an existing map entries in Labels field with the same key. -func (b *ClusterImagePolicyApplyConfiguration) WithLabels(entries map[string]string) *ClusterImagePolicyApplyConfiguration { +func (b *CRIOCredentialProviderConfigApplyConfiguration) WithLabels(entries map[string]string) *CRIOCredentialProviderConfigApplyConfiguration { b.ensureObjectMetaApplyConfigurationExists() if b.ObjectMetaApplyConfiguration.Labels == nil && len(entries) > 0 { b.ObjectMetaApplyConfiguration.Labels = make(map[string]string, len(entries)) @@ -196,7 +204,7 @@ func (b *ClusterImagePolicyApplyConfiguration) WithLabels(entries map[string]str // and returns the receiver, so that objects can be build by chaining "With" function invocations. // If called multiple times, the entries provided by each call will be put on the Annotations field, // overwriting an existing map entries in Annotations field with the same key. -func (b *ClusterImagePolicyApplyConfiguration) WithAnnotations(entries map[string]string) *ClusterImagePolicyApplyConfiguration { +func (b *CRIOCredentialProviderConfigApplyConfiguration) WithAnnotations(entries map[string]string) *CRIOCredentialProviderConfigApplyConfiguration { b.ensureObjectMetaApplyConfigurationExists() if b.ObjectMetaApplyConfiguration.Annotations == nil && len(entries) > 0 { b.ObjectMetaApplyConfiguration.Annotations = make(map[string]string, len(entries)) @@ -210,7 +218,7 @@ func (b *ClusterImagePolicyApplyConfiguration) WithAnnotations(entries map[strin // WithOwnerReferences adds the given value to the OwnerReferences field in the declarative configuration // and returns the receiver, so that objects can be build by chaining "With" function invocations. // If called multiple times, values provided by each call will be appended to the OwnerReferences field. -func (b *ClusterImagePolicyApplyConfiguration) WithOwnerReferences(values ...*v1.OwnerReferenceApplyConfiguration) *ClusterImagePolicyApplyConfiguration { +func (b *CRIOCredentialProviderConfigApplyConfiguration) WithOwnerReferences(values ...*metav1.OwnerReferenceApplyConfiguration) *CRIOCredentialProviderConfigApplyConfiguration { b.ensureObjectMetaApplyConfigurationExists() for i := range values { if values[i] == nil { @@ -224,7 +232,7 @@ func (b *ClusterImagePolicyApplyConfiguration) WithOwnerReferences(values ...*v1 // WithFinalizers adds the given value to the Finalizers field in the declarative configuration // and returns the receiver, so that objects can be build by chaining "With" function invocations. // If called multiple times, values provided by each call will be appended to the Finalizers field. -func (b *ClusterImagePolicyApplyConfiguration) WithFinalizers(values ...string) *ClusterImagePolicyApplyConfiguration { +func (b *CRIOCredentialProviderConfigApplyConfiguration) WithFinalizers(values ...string) *CRIOCredentialProviderConfigApplyConfiguration { b.ensureObjectMetaApplyConfigurationExists() for i := range values { b.ObjectMetaApplyConfiguration.Finalizers = append(b.ObjectMetaApplyConfiguration.Finalizers, values[i]) @@ -232,16 +240,16 @@ func (b *ClusterImagePolicyApplyConfiguration) WithFinalizers(values ...string) return b } -func (b *ClusterImagePolicyApplyConfiguration) ensureObjectMetaApplyConfigurationExists() { +func (b *CRIOCredentialProviderConfigApplyConfiguration) ensureObjectMetaApplyConfigurationExists() { if b.ObjectMetaApplyConfiguration == nil { - b.ObjectMetaApplyConfiguration = &v1.ObjectMetaApplyConfiguration{} + b.ObjectMetaApplyConfiguration = &metav1.ObjectMetaApplyConfiguration{} } } // WithSpec sets the Spec field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the Spec field is set to the value of the last call. -func (b *ClusterImagePolicyApplyConfiguration) WithSpec(value *ClusterImagePolicySpecApplyConfiguration) *ClusterImagePolicyApplyConfiguration { +func (b *CRIOCredentialProviderConfigApplyConfiguration) WithSpec(value *CRIOCredentialProviderConfigSpecApplyConfiguration) *CRIOCredentialProviderConfigApplyConfiguration { b.Spec = value return b } @@ -249,29 +257,29 @@ func (b *ClusterImagePolicyApplyConfiguration) WithSpec(value *ClusterImagePolic // WithStatus sets the Status field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the Status field is set to the value of the last call. -func (b *ClusterImagePolicyApplyConfiguration) WithStatus(value *ClusterImagePolicyStatusApplyConfiguration) *ClusterImagePolicyApplyConfiguration { +func (b *CRIOCredentialProviderConfigApplyConfiguration) WithStatus(value *CRIOCredentialProviderConfigStatusApplyConfiguration) *CRIOCredentialProviderConfigApplyConfiguration { b.Status = value return b } // GetKind retrieves the value of the Kind field in the declarative configuration. -func (b *ClusterImagePolicyApplyConfiguration) GetKind() *string { +func (b *CRIOCredentialProviderConfigApplyConfiguration) GetKind() *string { return b.TypeMetaApplyConfiguration.Kind } // GetAPIVersion retrieves the value of the APIVersion field in the declarative configuration. -func (b *ClusterImagePolicyApplyConfiguration) GetAPIVersion() *string { +func (b *CRIOCredentialProviderConfigApplyConfiguration) GetAPIVersion() *string { return b.TypeMetaApplyConfiguration.APIVersion } // GetName retrieves the value of the Name field in the declarative configuration. -func (b *ClusterImagePolicyApplyConfiguration) GetName() *string { +func (b *CRIOCredentialProviderConfigApplyConfiguration) GetName() *string { b.ensureObjectMetaApplyConfigurationExists() return b.ObjectMetaApplyConfiguration.Name } // GetNamespace retrieves the value of the Namespace field in the declarative configuration. -func (b *ClusterImagePolicyApplyConfiguration) GetNamespace() *string { +func (b *CRIOCredentialProviderConfigApplyConfiguration) GetNamespace() *string { b.ensureObjectMetaApplyConfigurationExists() return b.ObjectMetaApplyConfiguration.Namespace } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/criocredentialproviderconfigspec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/criocredentialproviderconfigspec.go new file mode 100644 index 0000000000..4820041d74 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/criocredentialproviderconfigspec.go @@ -0,0 +1,72 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +import ( + configv1 "github.com/openshift/api/config/v1" +) + +// CRIOCredentialProviderConfigSpecApplyConfiguration represents a declarative configuration of the CRIOCredentialProviderConfigSpec type for use +// with apply. +// +// CRIOCredentialProviderConfigSpec defines the desired configuration of the CRI-O Credential Provider. +type CRIOCredentialProviderConfigSpecApplyConfiguration struct { + // matchImages is a list of string patterns used to determine whether + // the CRI-O credential provider should be invoked for a given image. This list is + // passed to the kubelet CredentialProviderConfig, and if any pattern matches + // the requested image, CRI-O credential provider will be invoked to obtain credentials for pulling + // that image or its mirrors. + // Depending on the platform, the CRI-O credential provider may be installed alongside an existing platform specific provider. + // Conflicts between the existing platform specific provider image match configuration and this list will be handled by + // the following precedence rule: credentials from built-in kubelet providers (e.g., ECR, GCR, ACR) take precedence over those + // from the CRIOCredentialProviderConfig when both match the same image. + // To avoid uncertainty, it is recommended to avoid configuring your private image patterns to overlap with + // existing platform specific provider config(e.g., the entries from https://github.com/openshift/machine-config-operator/blob/main/templates/common/aws/files/etc-kubernetes-credential-providers-ecr-credential-provider.yaml). + // You can check the resource's Status conditions + // to see if any entries were ignored due to exact matches with known built-in provider patterns. + // + // This field is optional, the items of the list must contain between 1 and 50 entries. + // The list is treated as a set, so duplicate entries are not allowed. + // + // For more details, see: + // https://kubernetes.io/docs/tasks/administer-cluster/kubelet-credential-provider/ + // https://github.com/cri-o/crio-credential-provider#architecture + // + // Each entry in matchImages is a pattern which can optionally contain a port and a path. Each entry must be no longer than 512 characters. + // Wildcards ('*') are supported for full subdomain labels, such as '*.k8s.io' or 'k8s.*.io', + // and for top-level domains, such as 'k8s.*' (which matches 'k8s.io' or 'k8s.net'). + // A global wildcard '*' (matching any domain) is not allowed. + // Wildcards may replace an entire hostname label (e.g., *.example.com), but they cannot appear within a label (e.g., f*oo.example.com) and are not allowed in the port or path. + // For example, 'example.*.com' is valid, but 'exa*mple.*.com' is not. + // Each wildcard matches only a single domain label, + // so '*.io' does **not** match '*.k8s.io'. + // + // A match exists between an image and a matchImage when all of the below are true: + // Both contain the same number of domain parts and each part matches. + // The URL path of an matchImages must be a prefix of the target image URL path. + // If the matchImages contains a port, then the port must match in the image as well. + // + // Example values of matchImages: + // - 123456789.dkr.ecr.us-east-1.amazonaws.com + // - *.azurecr.io + // - gcr.io + // - *.*.registry.io + // - registry.io:8080/path + MatchImages []configv1.MatchImage `json:"matchImages,omitempty"` +} + +// CRIOCredentialProviderConfigSpecApplyConfiguration constructs a declarative configuration of the CRIOCredentialProviderConfigSpec type for use with +// apply. +func CRIOCredentialProviderConfigSpec() *CRIOCredentialProviderConfigSpecApplyConfiguration { + return &CRIOCredentialProviderConfigSpecApplyConfiguration{} +} + +// WithMatchImages adds the given value to the MatchImages field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the MatchImages field. +func (b *CRIOCredentialProviderConfigSpecApplyConfiguration) WithMatchImages(values ...configv1.MatchImage) *CRIOCredentialProviderConfigSpecApplyConfiguration { + for i := range values { + b.MatchImages = append(b.MatchImages, values[i]) + } + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/criocredentialproviderconfigstatus.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/criocredentialproviderconfigstatus.go new file mode 100644 index 0000000000..903292fe8d --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/criocredentialproviderconfigstatus.go @@ -0,0 +1,41 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +import ( + metav1 "k8s.io/client-go/applyconfigurations/meta/v1" +) + +// CRIOCredentialProviderConfigStatusApplyConfiguration represents a declarative configuration of the CRIOCredentialProviderConfigStatus type for use +// with apply. +// +// CRIOCredentialProviderConfigStatus defines the observed state of CRIOCredentialProviderConfig +type CRIOCredentialProviderConfigStatusApplyConfiguration struct { + // conditions represent the latest available observations of the configuration state. + // When omitted, it indicates that no conditions have been reported yet. + // The maximum number of conditions is 16. + // Conditions are stored as a map keyed by condition type, ensuring uniqueness. + // + // Expected condition types include: + // "Validated": indicates whether the matchImages configuration is valid + Conditions []metav1.ConditionApplyConfiguration `json:"conditions,omitempty"` +} + +// CRIOCredentialProviderConfigStatusApplyConfiguration constructs a declarative configuration of the CRIOCredentialProviderConfigStatus type for use with +// apply. +func CRIOCredentialProviderConfigStatus() *CRIOCredentialProviderConfigStatusApplyConfiguration { + return &CRIOCredentialProviderConfigStatusApplyConfiguration{} +} + +// WithConditions adds the given value to the Conditions field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Conditions field. +func (b *CRIOCredentialProviderConfigStatusApplyConfiguration) WithConditions(values ...*metav1.ConditionApplyConfiguration) *CRIOCredentialProviderConfigStatusApplyConfiguration { + for i := range values { + if values[i] == nil { + panic("nil value passed to WithConditions") + } + b.Conditions = append(b.Conditions, *values[i]) + } + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/customtlsprofile.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/customtlsprofile.go index 7df6a4be9e..7b682ef205 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/customtlsprofile.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/customtlsprofile.go @@ -31,6 +31,16 @@ func (b *CustomTLSProfileApplyConfiguration) WithCiphers(values ...string) *Cust return b } +// WithGroups adds the given value to the Groups field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Groups field. +func (b *CustomTLSProfileApplyConfiguration) WithGroups(values ...configv1.TLSGroup) *CustomTLSProfileApplyConfiguration { + for i := range values { + b.TLSProfileSpecApplyConfiguration.Groups = append(b.TLSProfileSpecApplyConfiguration.Groups, values[i]) + } + return b +} + // WithMinTLSVersion sets the MinTLSVersion field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the MinTLSVersion field is set to the value of the last call. diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/externalclaimssource.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/externalclaimssource.go new file mode 100644 index 0000000000..143544e7cd --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/externalclaimssource.go @@ -0,0 +1,97 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +// ExternalClaimsSourceApplyConfiguration represents a declarative configuration of the ExternalClaimsSource type for use +// with apply. +// +// ExternalClaimsSource provides the configuration for a single external claim source. +type ExternalClaimsSourceApplyConfiguration struct { + // authentication is an optional field that configures how the apiserver authenticates with an external claims source. + // When not specified, anonymous authentication is used which means no 'Authorization' header + // is sent in the HTTP request to fetch the external claims. + Authentication *ExternalSourceAuthenticationApplyConfiguration `json:"authentication,omitempty"` + // tls is an optional field that configures the http client TLS + // settings when fetching external claims from this source. + // + // When omitted, system default TLS settings will be used + // for fetching claims from the external source. + TLS *ExternalSourceTLSApplyConfiguration `json:"tls,omitempty"` + // url is a required configuration of the URL + // for which the external claims are located. + URL *SourceURLApplyConfiguration `json:"url,omitempty"` + // mappings is a required list of the claim + // and response handling expression pairs + // that produces the claims from the external source. + // mappings must have at least 1 entry and must not exceed 16 entries. + // Entries must have a unique name across all external claim sources. + Mappings []SourcedClaimMappingApplyConfiguration `json:"mappings,omitempty"` + // predicates is an optional list of constraints in + // which claims should attempt to be fetched from this + // external source. + // + // When omitted, claims are always fetched + // from this external source. + // + // When specified, all predicates must evaluate to 'true' + // before claims are attempted to be fetched from this external source. + // predicates must have at least 1 entry and must not exceed 16 entries. + // Entries must have unique expressions. + Predicates []ExternalSourcePredicateApplyConfiguration `json:"predicates,omitempty"` +} + +// ExternalClaimsSourceApplyConfiguration constructs a declarative configuration of the ExternalClaimsSource type for use with +// apply. +func ExternalClaimsSource() *ExternalClaimsSourceApplyConfiguration { + return &ExternalClaimsSourceApplyConfiguration{} +} + +// WithAuthentication sets the Authentication field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Authentication field is set to the value of the last call. +func (b *ExternalClaimsSourceApplyConfiguration) WithAuthentication(value *ExternalSourceAuthenticationApplyConfiguration) *ExternalClaimsSourceApplyConfiguration { + b.Authentication = value + return b +} + +// WithTLS sets the TLS field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the TLS field is set to the value of the last call. +func (b *ExternalClaimsSourceApplyConfiguration) WithTLS(value *ExternalSourceTLSApplyConfiguration) *ExternalClaimsSourceApplyConfiguration { + b.TLS = value + return b +} + +// WithURL sets the URL field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the URL field is set to the value of the last call. +func (b *ExternalClaimsSourceApplyConfiguration) WithURL(value *SourceURLApplyConfiguration) *ExternalClaimsSourceApplyConfiguration { + b.URL = value + return b +} + +// WithMappings adds the given value to the Mappings field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Mappings field. +func (b *ExternalClaimsSourceApplyConfiguration) WithMappings(values ...*SourcedClaimMappingApplyConfiguration) *ExternalClaimsSourceApplyConfiguration { + for i := range values { + if values[i] == nil { + panic("nil value passed to WithMappings") + } + b.Mappings = append(b.Mappings, *values[i]) + } + return b +} + +// WithPredicates adds the given value to the Predicates field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Predicates field. +func (b *ExternalClaimsSourceApplyConfiguration) WithPredicates(values ...*ExternalSourcePredicateApplyConfiguration) *ExternalClaimsSourceApplyConfiguration { + for i := range values { + if values[i] == nil { + panic("nil value passed to WithPredicates") + } + b.Predicates = append(b.Predicates, *values[i]) + } + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/externalsourceauthentication.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/externalsourceauthentication.go new file mode 100644 index 0000000000..a2deb822e3 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/externalsourceauthentication.go @@ -0,0 +1,57 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +import ( + configv1 "github.com/openshift/api/config/v1" +) + +// ExternalSourceAuthenticationApplyConfiguration represents a declarative configuration of the ExternalSourceAuthentication type for use +// with apply. +// +// ExternalSourceAuthentication configures how the apiserver should attempt +// to authenticate with an external claims source. +type ExternalSourceAuthenticationApplyConfiguration struct { + // type is a required field that sets the type of + // authentication method used by the authenticator + // when fetching external claims. + // + // Allowed values are 'RequestProvidedToken' and 'ClientCredential'. + // + // When set to 'RequestProvidedToken', the authenticator will + // use the token provided to the kube-apiserver as part of the + // request to authenticate with the external claims source. + // + // When set to 'ClientCredential', the authenticator will + // use the configured client-id, client-secret, and token endpoint + // to fetch an access token using the OAuth2 client credentials grant + // flow. The fetched access token will then be used to authenticate + // with the external claims source. + Type *configv1.ExternalSourceAuthenticationType `json:"type,omitempty"` + // clientCredential configures the client credentials + // and token endpoint to use to get an access token. + // clientCredential is required when type is 'ClientCredential', and forbidden otherwise. + ClientCredential *ClientCredentialConfigApplyConfiguration `json:"clientCredential,omitempty"` +} + +// ExternalSourceAuthenticationApplyConfiguration constructs a declarative configuration of the ExternalSourceAuthentication type for use with +// apply. +func ExternalSourceAuthentication() *ExternalSourceAuthenticationApplyConfiguration { + return &ExternalSourceAuthenticationApplyConfiguration{} +} + +// WithType sets the Type field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Type field is set to the value of the last call. +func (b *ExternalSourceAuthenticationApplyConfiguration) WithType(value configv1.ExternalSourceAuthenticationType) *ExternalSourceAuthenticationApplyConfiguration { + b.Type = &value + return b +} + +// WithClientCredential sets the ClientCredential field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the ClientCredential field is set to the value of the last call. +func (b *ExternalSourceAuthenticationApplyConfiguration) WithClientCredential(value *ClientCredentialConfigApplyConfiguration) *ExternalSourceAuthenticationApplyConfiguration { + b.ClientCredential = value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/externalsourcecertificateauthorityconfigmapreference.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/externalsourcecertificateauthorityconfigmapreference.go new file mode 100644 index 0000000000..f1fb64e745 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/externalsourcecertificateauthorityconfigmapreference.go @@ -0,0 +1,34 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +// ExternalSourceCertificateAuthorityConfigMapReferenceApplyConfiguration represents a declarative configuration of the ExternalSourceCertificateAuthorityConfigMapReference type for use +// with apply. +// +// ExternalSourceCertificateAuthorityConfigMapReference is a reference to a ConfigMap in the openshift-config +// namespace that should be used for configuring the certificate authority to be +// used when sourcing claims from external sources. +type ExternalSourceCertificateAuthorityConfigMapReferenceApplyConfiguration struct { + // name is the required name of the ConfigMap that exists in the openshift-config namespace. + // The key "ca-bundle.crt" must be present and must contain the CA certificate to be used + // to verify the external source's TLS certificate. + // + // It must be at least 1 character in length, must not exceed 253 characters in length, + // must start and end with a lowercase alphanumeric character, and must only contain + // lowercase alphanumeric characters, '-' or '.'. + Name *string `json:"name,omitempty"` +} + +// ExternalSourceCertificateAuthorityConfigMapReferenceApplyConfiguration constructs a declarative configuration of the ExternalSourceCertificateAuthorityConfigMapReference type for use with +// apply. +func ExternalSourceCertificateAuthorityConfigMapReference() *ExternalSourceCertificateAuthorityConfigMapReferenceApplyConfiguration { + return &ExternalSourceCertificateAuthorityConfigMapReferenceApplyConfiguration{} +} + +// WithName sets the Name field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Name field is set to the value of the last call. +func (b *ExternalSourceCertificateAuthorityConfigMapReferenceApplyConfiguration) WithName(value string) *ExternalSourceCertificateAuthorityConfigMapReferenceApplyConfiguration { + b.Name = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/externalsourcepredicate.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/externalsourcepredicate.go new file mode 100644 index 0000000000..ade172deeb --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/externalsourcepredicate.go @@ -0,0 +1,43 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +// ExternalSourcePredicateApplyConfiguration represents a declarative configuration of the ExternalSourcePredicate type for use +// with apply. +// +// ExternalSourcePredicate configures a singular condition +// that must return true before the external source is queried +// to retrieve external claims. +type ExternalSourcePredicateApplyConfiguration struct { + // expression is a required CEL expression that + // is used to determine whether or not an external + // source should be used to fetch external claims. + // + // The expression must return a boolean value, + // where true means that the source should be consulted + // and false means that it should not. + // + // Claims from the token used for the request to the kube-apiserver + // are made available via the `claims` variable. + // + // The contents of the `claims` variable varies based on the claims that are + // present in the token being validated. It is the responsibility of those configuring this + // field to understand what claims the identity provider includes when issuing tokens. + // + // expression must be at least 1 character and must not exceed 1024 characters in length. + Expression *string `json:"expression,omitempty"` +} + +// ExternalSourcePredicateApplyConfiguration constructs a declarative configuration of the ExternalSourcePredicate type for use with +// apply. +func ExternalSourcePredicate() *ExternalSourcePredicateApplyConfiguration { + return &ExternalSourcePredicateApplyConfiguration{} +} + +// WithExpression sets the Expression field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Expression field is set to the value of the last call. +func (b *ExternalSourcePredicateApplyConfiguration) WithExpression(value string) *ExternalSourcePredicateApplyConfiguration { + b.Expression = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/externalsourcetls.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/externalsourcetls.go new file mode 100644 index 0000000000..a0b84ad6d5 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/externalsourcetls.go @@ -0,0 +1,30 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +// ExternalSourceTLSApplyConfiguration represents a declarative configuration of the ExternalSourceTLS type for use +// with apply. +// +// ExternalSourceTLS configures the TLS options that the apiserver uses as a client +// when making a request to the external claim source. +type ExternalSourceTLSApplyConfiguration struct { + // certificateAuthority is a required reference to a ConfigMap in the openshift-config + // namespace that contains the CA certificate to use to validate TLS connections with the external claims source. + // The key "ca-bundle.crt" must be present in the referenced ConfigMap and must contain the CA certificate to be used + // to verify the external source's TLS certificate. + CertificateAuthority *ExternalSourceCertificateAuthorityConfigMapReferenceApplyConfiguration `json:"certificateAuthority,omitempty"` +} + +// ExternalSourceTLSApplyConfiguration constructs a declarative configuration of the ExternalSourceTLS type for use with +// apply. +func ExternalSourceTLS() *ExternalSourceTLSApplyConfiguration { + return &ExternalSourceTLSApplyConfiguration{} +} + +// WithCertificateAuthority sets the CertificateAuthority field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the CertificateAuthority field is set to the value of the last call. +func (b *ExternalSourceTLSApplyConfiguration) WithCertificateAuthority(value *ExternalSourceCertificateAuthorityConfigMapReferenceApplyConfiguration) *ExternalSourceTLSApplyConfiguration { + b.CertificateAuthority = value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/infrastructurespec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/infrastructurespec.go index e48e1368b3..135e8568dd 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/infrastructurespec.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/infrastructurespec.go @@ -2,6 +2,10 @@ package v1 +import ( + configv1 "github.com/openshift/api/config/v1" +) + // InfrastructureSpecApplyConfiguration represents a declarative configuration of the InfrastructureSpec type for use // with apply. // @@ -23,6 +27,16 @@ type InfrastructureSpecApplyConfiguration struct { // platformSpec holds desired information specific to the underlying // infrastructure provider. PlatformSpec *PlatformSpecApplyConfiguration `json:"platformSpec,omitempty"` + // controlPlaneTopology expresses the desired topology configuration for control nodes. + // + // When status.controlPlaneTopology is 'SingleReplica' and spec.controlPlaneTopology is set to 'HighlyAvailable', + // a transition will be triggered to reconfigure the cluster from SingleReplica to HighlyAvailable. + // + // When left blank or status.controlPlaneTopology and spec.controlPlaneTopology are the same value, + // no changes are required and no transitions will be triggered. + // + // This value may be set to match status.controlPlaneTopology regardless of the current value. + ControlPlaneTopology *configv1.TopologyMode `json:"controlPlaneTopology,omitempty"` } // InfrastructureSpecApplyConfiguration constructs a declarative configuration of the InfrastructureSpec type for use with @@ -46,3 +60,11 @@ func (b *InfrastructureSpecApplyConfiguration) WithPlatformSpec(value *PlatformS b.PlatformSpec = value return b } + +// WithControlPlaneTopology sets the ControlPlaneTopology field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the ControlPlaneTopology field is set to the value of the last call. +func (b *InfrastructureSpecApplyConfiguration) WithControlPlaneTopology(value configv1.TopologyMode) *InfrastructureSpecApplyConfiguration { + b.ControlPlaneTopology = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/infrastructurestatus.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/infrastructurestatus.go index f5c63c6ae9..c01827c113 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/infrastructurestatus.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/infrastructurestatus.go @@ -42,6 +42,8 @@ type InfrastructureStatusApplyConfiguration struct { // and the operators should not configure the operand for highly-available operation // The 'External' mode indicates that the control plane is hosted externally to the cluster and that // its components are not visible within the cluster. + // The 'HighlyAvailableArbiter' mode indicates that the control plane will consist of 2 control-plane nodes + // that run conventional services and 1 smaller sized arbiter node that runs a bare minimum of services to maintain quorum. ControlPlaneTopology *configv1.TopologyMode `json:"controlPlaneTopology,omitempty"` // infrastructureTopology expresses the expectations for infrastructure services that do not run on control // plane nodes, usually indicated by a node selector for a `role` value diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/kmsconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/kmsconfig.go deleted file mode 100644 index 3590aae241..0000000000 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/kmsconfig.go +++ /dev/null @@ -1,44 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1 - -import ( - configv1 "github.com/openshift/api/config/v1" -) - -// KMSConfigApplyConfiguration represents a declarative configuration of the KMSConfig type for use -// with apply. -// -// KMSConfig defines the configuration for the KMS instance -// that will be used with KMSEncryptionProvider encryption -type KMSConfigApplyConfiguration struct { - // type defines the kind of platform for the KMS provider. - // Available provider types are AWS only. - Type *configv1.KMSProviderType `json:"type,omitempty"` - // aws defines the key config for using an AWS KMS instance - // for the encryption. The AWS KMS instance is managed - // by the user outside the purview of the control plane. - AWS *AWSKMSConfigApplyConfiguration `json:"aws,omitempty"` -} - -// KMSConfigApplyConfiguration constructs a declarative configuration of the KMSConfig type for use with -// apply. -func KMSConfig() *KMSConfigApplyConfiguration { - return &KMSConfigApplyConfiguration{} -} - -// WithType sets the Type field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Type field is set to the value of the last call. -func (b *KMSConfigApplyConfiguration) WithType(value configv1.KMSProviderType) *KMSConfigApplyConfiguration { - b.Type = &value - return b -} - -// WithAWS sets the AWS field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the AWS field is set to the value of the last call. -func (b *KMSConfigApplyConfiguration) WithAWS(value *AWSKMSConfigApplyConfiguration) *KMSConfigApplyConfiguration { - b.AWS = value - return b -} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/kmspluginconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/kmspluginconfig.go new file mode 100644 index 0000000000..fc266edc48 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/kmspluginconfig.go @@ -0,0 +1,46 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +import ( + configv1 "github.com/openshift/api/config/v1" +) + +// KMSPluginConfigApplyConfiguration represents a declarative configuration of the KMSPluginConfig type for use +// with apply. +// +// KMSPluginConfig defines the configuration for the KMS instance +// that will be used with KMS encryption +type KMSPluginConfigApplyConfiguration struct { + // type defines the kind of platform for the KMS provider. + // Allowed values are Vault. + // When set to Vault, the plugin connects to a HashiCorp Vault server for key management. + Type *configv1.KMSProviderType `json:"type,omitempty"` + // vault defines the configuration for the Vault KMS plugin. + // The plugin connects to a Vault Enterprise server that is managed + // by the user outside the purview of the control plane. + // This field must be set when type is Vault, and must be unset otherwise. + Vault *VaultKMSPluginConfigApplyConfiguration `json:"vault,omitempty"` +} + +// KMSPluginConfigApplyConfiguration constructs a declarative configuration of the KMSPluginConfig type for use with +// apply. +func KMSPluginConfig() *KMSPluginConfigApplyConfiguration { + return &KMSPluginConfigApplyConfiguration{} +} + +// WithType sets the Type field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Type field is set to the value of the last call. +func (b *KMSPluginConfigApplyConfiguration) WithType(value configv1.KMSProviderType) *KMSPluginConfigApplyConfiguration { + b.Type = &value + return b +} + +// WithVault sets the Vault field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Vault field is set to the value of the last call. +func (b *KMSPluginConfigApplyConfiguration) WithVault(value *VaultKMSPluginConfigApplyConfiguration) *KMSPluginConfigApplyConfiguration { + b.Vault = value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/networkobservabilityspec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/networkobservabilityspec.go new file mode 100644 index 0000000000..1ccd980764 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/networkobservabilityspec.go @@ -0,0 +1,33 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +import ( + configv1 "github.com/openshift/api/config/v1" +) + +// NetworkObservabilitySpecApplyConfiguration represents a declarative configuration of the NetworkObservabilitySpec type for use +// with apply. +// +// NetworkObservabilitySpec defines the configuration for network observability installation +type NetworkObservabilitySpecApplyConfiguration struct { + // installationPolicy controls whether network observability is installed during cluster deployment. + // Valid values are "InstallAndEnable" and "NoAction". + // When set to "InstallAndEnable", ensure that network observability will be installed and enabled on the cluster. If already installed, no action taken, but if it gets uninstalled, it will install it again. + // When set to "NoAction", nothing will be done regarding Network observability. + InstallationPolicy *configv1.NetworkObservabilityInstallationPolicy `json:"installationPolicy,omitempty"` +} + +// NetworkObservabilitySpecApplyConfiguration constructs a declarative configuration of the NetworkObservabilitySpec type for use with +// apply. +func NetworkObservabilitySpec() *NetworkObservabilitySpecApplyConfiguration { + return &NetworkObservabilitySpecApplyConfiguration{} +} + +// WithInstallationPolicy sets the InstallationPolicy field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the InstallationPolicy field is set to the value of the last call. +func (b *NetworkObservabilitySpecApplyConfiguration) WithInstallationPolicy(value configv1.NetworkObservabilityInstallationPolicy) *NetworkObservabilitySpecApplyConfiguration { + b.InstallationPolicy = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/networkspec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/networkspec.go index 4a3f9b7b89..27e7480ecf 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/networkspec.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/networkspec.go @@ -42,6 +42,10 @@ type NetworkSpecApplyConfiguration struct { // and the spec.disableNetworkDiagnostics flag in network.operator.openshift.io is set to true, // the network diagnostics feature will be disabled. NetworkDiagnostics *NetworkDiagnosticsApplyConfiguration `json:"networkDiagnostics,omitempty"` + // networkObservability is an optional field that configures network observability installation + // during cluster deployment (day-0). + // When omitted, unless this is a SNO cluster, network observability will be installed if not already present, after that, no action taken. + NetworkObservability *NetworkObservabilitySpecApplyConfiguration `json:"networkObservability,omitempty"` } // NetworkSpecApplyConfiguration constructs a declarative configuration of the NetworkSpec type for use with @@ -104,3 +108,11 @@ func (b *NetworkSpecApplyConfiguration) WithNetworkDiagnostics(value *NetworkDia b.NetworkDiagnostics = value return b } + +// WithNetworkObservability sets the NetworkObservability field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the NetworkObservability field is set to the value of the last call. +func (b *NetworkSpecApplyConfiguration) WithNetworkObservability(value *NetworkObservabilitySpecApplyConfiguration) *NetworkSpecApplyConfiguration { + b.NetworkObservability = value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/oidcprovider.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/oidcprovider.go index 6f5a249a70..4fb1c97ebc 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/oidcprovider.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/oidcprovider.go @@ -26,6 +26,27 @@ type OIDCProviderApplyConfiguration struct { // If any rule in the chain of rules evaluates to 'false', authentication will fail. // When specified, at least one rule must be specified and no more than 64 rules may be specified. UserValidationRules []TokenUserValidationRuleApplyConfiguration `json:"userValidationRules,omitempty"` + // externalClaimsSources is an optional field that can be used to configure + // sources, external to the token provided in a request, in which claims + // should be fetched from and made available to the claim mapping process + // that is used to build the identity of a token holder. + // + // For example, fetching additional user metadata from an OIDC provider's UserInfo endpoint. + // + // When not specified, only claims present in the token itself will be available + // in the claim mapping process. + // + // When specified, at least one external claim source must be specified and no more than 5 + // sources may be specified. + // All external claim sources must have unique claim mappings. + // When an external source responds and resolves additional claims successfully, they will + // be made available as claims during the claim mapping process. + // Externally sourced claims with the same name as a claim existing within the token will + // overwrite the claim data from the token with the externally sourced information. + // If an external source does not respond, responds with an error, or the additional + // claim data cannot be resolved from the response successfully it will not be + // included in the claim data passed to the claim mapping process. + ExternalClaimsSources []ExternalClaimsSourceApplyConfiguration `json:"externalClaimsSources,omitempty"` } // OIDCProviderApplyConfiguration constructs a declarative configuration of the OIDCProvider type for use with @@ -96,3 +117,16 @@ func (b *OIDCProviderApplyConfiguration) WithUserValidationRules(values ...*Toke } return b } + +// WithExternalClaimsSources adds the given value to the ExternalClaimsSources field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the ExternalClaimsSources field. +func (b *OIDCProviderApplyConfiguration) WithExternalClaimsSources(values ...*ExternalClaimsSourceApplyConfiguration) *OIDCProviderApplyConfiguration { + for i := range values { + if values[i] == nil { + panic("nil value passed to WithExternalClaimsSources") + } + b.ExternalClaimsSources = append(b.ExternalClaimsSources, *values[i]) + } + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/prefixedclaimmapping.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/prefixedclaimmapping.go index d9b0e87914..08ebf26a86 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/prefixedclaimmapping.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/prefixedclaimmapping.go @@ -11,7 +11,8 @@ type PrefixedClaimMappingApplyConfiguration struct { TokenClaimMappingApplyConfiguration `json:",inline"` // prefix is an optional field that configures the prefix that will be applied to the cluster identity attribute during the process of mapping JWT claims to cluster identity attributes. // - // When omitted (""), no prefix is applied to the cluster identity attribute. + // When omitted or set to an empty string (""), no prefix is applied to the cluster identity attribute. + // Must not be set to a non-empty value when expression is set. // // Example: if `prefix` is set to "myoidc:" and the `claim` in JWT contains an array of strings "a", "b" and "c", the mapping will result in an array of string "myoidc:a", "myoidc:b" and "myoidc:c". Prefix *string `json:"prefix,omitempty"` diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/registrysources.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/registrysources.go index 61fc436e6f..9fd5335dad 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/registrysources.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/registrysources.go @@ -8,12 +8,30 @@ package v1 // RegistrySources holds cluster-wide information about how to handle the registries config. type RegistrySourcesApplyConfiguration struct { // insecureRegistries are registries which do not have a valid TLS certificates or only support HTTP connections. + // Each entry must be a valid registry scope in the format hostname[:port][/path], + // optionally prefixed with "*." for wildcard subdomains (e.g., "*.example.com"). + // The hostname must consist of valid DNS labels separated by dots, where each label + // contains only alphanumeric characters and hyphens and does not start or end with a hyphen. + // Entries must not be empty, must not include tags (e.g., ":latest") or digests (e.g., "@sha256:..."), + // and must be at most 256 characters in length. The list may contain at most 1024 entries. InsecureRegistries []string `json:"insecureRegistries,omitempty"` // blockedRegistries cannot be used for image pull and push actions. All other registries are permitted. + // Each entry must be a valid registry scope in the format hostname[:port][/path], + // optionally prefixed with "*." for wildcard subdomains (e.g., "*.example.com"). + // The hostname must consist of valid DNS labels separated by dots, where each label + // contains only alphanumeric characters and hyphens and does not start or end with a hyphen. + // Entries must not be empty, must not include tags (e.g., ":latest") or digests (e.g., "@sha256:..."), + // and must be at most 256 characters in length. The list may contain at most 1024 entries. // // Only one of BlockedRegistries or AllowedRegistries may be set. BlockedRegistries []string `json:"blockedRegistries,omitempty"` // allowedRegistries are the only registries permitted for image pull and push actions. All other registries are denied. + // Each entry must be a valid registry scope in the format hostname[:port][/path], + // optionally prefixed with "*." for wildcard subdomains (e.g., "*.example.com"). + // The hostname must consist of valid DNS labels separated by dots, where each label + // contains only alphanumeric characters and hyphens and does not start or end with a hyphen. + // Entries must not be empty, must not include tags (e.g., ":latest") or digests (e.g., "@sha256:..."), + // and must be at most 256 characters in length. The list may contain at most 1024 entries. // // Only one of BlockedRegistries or AllowedRegistries may be set. AllowedRegistries []string `json:"allowedRegistries,omitempty"` diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/sourcedclaimmapping.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/sourcedclaimmapping.go new file mode 100644 index 0000000000..92c4dc24f7 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/sourcedclaimmapping.go @@ -0,0 +1,51 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +// SourcedClaimMappingApplyConfiguration represents a declarative configuration of the SourcedClaimMapping type for use +// with apply. +// +// SourcedClaimMapping configures the mapping behavior for a single external claim +// from the response the apiserver received from the external claim source. +type SourcedClaimMappingApplyConfiguration struct { + // name is a required name of the claim that + // will be produced and made available during + // the claim-to-identity mapping process. + // name must consist of only lowercase alpha characters and underscores ('_'). + // name must be at least 1 character and must not exceed 256 characters in length. + Name *string `json:"name,omitempty"` + // expression is a required CEL expression that + // will produce a value to be assigned to the claim. + // The full response body from the request to the + // external claim source is provided via the + // `response.body` variable. + // + // The contents of the `response.body` variable varies based on the response received + // from the external source. It is the responsibility of those configuring + // this expression to understand what is returned from the external source. + // + // expression must be at least 1 character and must not exceed 1024 characters in length. + Expression *string `json:"expression,omitempty"` +} + +// SourcedClaimMappingApplyConfiguration constructs a declarative configuration of the SourcedClaimMapping type for use with +// apply. +func SourcedClaimMapping() *SourcedClaimMappingApplyConfiguration { + return &SourcedClaimMappingApplyConfiguration{} +} + +// WithName sets the Name field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Name field is set to the value of the last call. +func (b *SourcedClaimMappingApplyConfiguration) WithName(value string) *SourcedClaimMappingApplyConfiguration { + b.Name = &value + return b +} + +// WithExpression sets the Expression field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Expression field is set to the value of the last call. +func (b *SourcedClaimMappingApplyConfiguration) WithExpression(value string) *SourcedClaimMappingApplyConfiguration { + b.Expression = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/sourceurl.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/sourceurl.go new file mode 100644 index 0000000000..b94a89f39c --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/sourceurl.go @@ -0,0 +1,67 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +// SourceURLApplyConfiguration represents a declarative configuration of the SourceURL type for use +// with apply. +// +// SourceURL configures the options used to build the URL that is queried for external claims. +type SourceURLApplyConfiguration struct { + // hostname is a required hostname for which the external claims are located. + // + // It must be a valid DNS subdomain name as per RFC1123. + // + // This means that it must start and end with a lowercase alphanumeric character, + // must only consist of lowercase alphanumeric characters, '-', and '.'. + // hostname may optionally specify a port in the format ':{port}'. + // If a port is specified it must not exceed 65535. + // + // hostname must be at least 1 character in length. + // When specifying a port, hostname must not exceed 259 characters in length. + // When not specifying a port, hostname must not exceed 253 characters in length. + Hostname *string `json:"hostname,omitempty"` + // pathExpression is a required CEL expression that returns a list + // of string values used to construct the URL path. + // Claims from the token used for the request to the kube-apiserver + // are made available via the `claims` variable. + // expression must be at least 1 character in length and must not exceed 1024 characters in length. + // + // Values in the returned list will be joined with the hostname using a forward slash + // (`/`) as a separator. Values in the returned list do not need to include the forward slash. + // If a forward slash is included in a returned value, it will be encoded as `%2F`. + // + // Example of a static path configuration: + // + // pathExpression: ['realms', 'k8s', 'protocol', 'openid-connect', 'userinfo'] + // + // The above example would resolve to the path: '/realms/k8s/protocol/openid-connect/userinfo' + // + // Example of a dynamic path configuration: + // + // pathExpression: "['admin', 'realms', 'k8s', 'users'] + [claims.sub] + ['groups']" + // + // Assuming 'claims.sub' is set to '12345', the above example would resolve to the path: '/admin/realms/k8s/users/12345/groups' + PathExpression *string `json:"pathExpression,omitempty"` +} + +// SourceURLApplyConfiguration constructs a declarative configuration of the SourceURL type for use with +// apply. +func SourceURL() *SourceURLApplyConfiguration { + return &SourceURLApplyConfiguration{} +} + +// WithHostname sets the Hostname field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Hostname field is set to the value of the last call. +func (b *SourceURLApplyConfiguration) WithHostname(value string) *SourceURLApplyConfiguration { + b.Hostname = &value + return b +} + +// WithPathExpression sets the PathExpression field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the PathExpression field is set to the value of the last call. +func (b *SourceURLApplyConfiguration) WithPathExpression(value string) *SourceURLApplyConfiguration { + b.PathExpression = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/tlsprofilespec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/tlsprofilespec.go index 5e34ffd5db..cbefaf5169 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/tlsprofilespec.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/tlsprofilespec.go @@ -21,6 +21,24 @@ type TLSProfileSpecApplyConfiguration struct { // TLS 1.3 cipher suites (e.g. TLS_AES_128_GCM_SHA256) are not configurable // and are always enabled when TLS 1.3 is negotiated. Ciphers []string `json:"ciphers,omitempty"` + // groups is an optional, ordered field used to specify the supported groups (formerly known as + // elliptic curves) that are used during the TLS handshake. The order of the groups represents + // a suggested preference, with the most preferred group first. Note that not all platform + // components honor the ordering: Go-based components use Go's internal preference order and + // treat this list as a filter of allowed groups rather than an ordered preference. + // Operators may remove entries their operands do not support. + // + // When omitted, this means no opinion and the platform is left to choose reasonable defaults which are + // subject to change over time and may be different per platform component depending on the underlying TLS + // libraries they use. If specified, the list must contain at least one and at most 7 groups, + // and each group must be unique. + // + // For example, to use X25519 and secp256r1 (yaml): + // + // groups: + // - X25519 + // - secp256r1 + Groups []configv1.TLSGroup `json:"groups,omitempty"` // minTLSVersion is used to specify the minimal version of the TLS protocol // that is negotiated during the TLS handshake. For example, to use TLS // versions 1.1, 1.2 and 1.3 (yaml): @@ -45,6 +63,16 @@ func (b *TLSProfileSpecApplyConfiguration) WithCiphers(values ...string) *TLSPro return b } +// WithGroups adds the given value to the Groups field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Groups field. +func (b *TLSProfileSpecApplyConfiguration) WithGroups(values ...configv1.TLSGroup) *TLSProfileSpecApplyConfiguration { + for i := range values { + b.Groups = append(b.Groups, values[i]) + } + return b +} + // WithMinTLSVersion sets the MinTLSVersion field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the MinTLSVersion field is set to the value of the last call. diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/tlssecurityprofile.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/tlssecurityprofile.go index dd57aad086..eab7cd4525 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/tlssecurityprofile.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/tlssecurityprofile.go @@ -15,10 +15,16 @@ type TLSSecurityProfileApplyConfiguration struct { // type is one of Old, Intermediate, Modern or Custom. Custom provides the // ability to specify individual TLS security profile parameters. // - // The profiles are based on version 5.7 of the Mozilla Server Side TLS - // configuration guidelines. The cipher lists consist of the configuration's - // "ciphersuites" followed by the Go-specific "ciphers" from the guidelines. - // See: https://ssl-config.mozilla.org/guidelines/5.7.json + // The cipher and groups lists in these profiles are based on version 5.8 of the + // Mozilla Server Side TLS configuration guidelines. + // See: https://ssl-config.mozilla.org/guidelines/5.8.json + // + // The groups are listed in suggested preference order, with the most preferred group first. + // Note that not all platform components honor the ordering: Go-based components use Go's + // internal preference order and treat this list as a filter of allowed groups rather than + // an ordered preference. + // Note that X25519MLKEM768 is a post-quantum hybrid group that is not + // FIPS-approved and should be ignored by components running in FIPS mode. // // The profiles are intent based, so they may change over time as new ciphers are // developed and existing ciphers are found to be insecure. Depending on @@ -27,6 +33,10 @@ type TLSSecurityProfileApplyConfiguration struct { // old is a TLS profile for use when services need to be accessed by very old // clients or libraries and should be used only as a last resort. // + // The supported groups list includes by default the following groups + // in suggested preference order (ordering may not be honored by all implementations): + // X25519MLKEM768, X25519, secp256r1, secp384r1. + // // This profile is equivalent to a Custom profile specified as: // minTLSVersion: VersionTLS10 // ciphers: @@ -43,11 +53,14 @@ type TLSSecurityProfileApplyConfiguration struct { // - ECDHE-RSA-AES128-SHA256 // - ECDHE-ECDSA-AES128-SHA // - ECDHE-RSA-AES128-SHA + // - ECDHE-ECDSA-AES256-SHA384 + // - ECDHE-RSA-AES256-SHA384 // - ECDHE-ECDSA-AES256-SHA // - ECDHE-RSA-AES256-SHA // - AES128-GCM-SHA256 // - AES256-GCM-SHA384 // - AES128-SHA256 + // - AES256-SHA256 // - AES128-SHA // - AES256-SHA // - DES-CBC3-SHA @@ -56,6 +69,10 @@ type TLSSecurityProfileApplyConfiguration struct { // legacy clients and want to remain highly secure while being compatible with // most clients currently in use. // + // The supported groups list includes by default the following groups + // in suggested preference order (ordering may not be honored by all implementations): + // X25519MLKEM768, X25519, secp256r1, secp384r1. + // // This profile is equivalent to a Custom profile specified as: // minTLSVersion: VersionTLS12 // ciphers: @@ -71,7 +88,9 @@ type TLSSecurityProfileApplyConfiguration struct { Intermediate *configv1.IntermediateTLSProfile `json:"intermediate,omitempty"` // modern is a TLS security profile for use with clients that support TLS 1.3 and // do not need backward compatibility for older clients. - // + // The supported groups list includes by default the following groups + // in suggested preference order (ordering may not be honored by all implementations): + // X25519MLKEM768, X25519, secp256r1, secp384r1. // This profile is equivalent to a Custom profile specified as: // minTLSVersion: VersionTLS13 // ciphers: @@ -80,8 +99,11 @@ type TLSSecurityProfileApplyConfiguration struct { // - TLS_CHACHA20_POLY1305_SHA256 Modern *configv1.ModernTLSProfile `json:"modern,omitempty"` // custom is a user-defined TLS security profile. Be extremely careful using a custom - // profile as invalid configurations can be catastrophic. An example custom profile - // looks like this: + // profile as invalid configurations can be catastrophic. + // + // The supported groups list for this profile is empty by default. + // + // An example custom profile looks like this: // // minTLSVersion: VersionTLS11 // ciphers: diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/update.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/update.go index 6151b6b13a..db1128deb5 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/update.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/update.go @@ -47,6 +47,19 @@ type UpdateApplyConfiguration struct { // acceptRisks must not contain more than 1000 entries. // Entries in this list must be unique. AcceptRisks []AcceptRiskApplyConfiguration `json:"acceptRisks,omitempty"` + // mode determines how an update should be processed. + // The only valid value is "Preflight". + // When omitted, the cluster performs a normal update by applying the specified version or image to the cluster. + // This is the standard update behavior. + // When set to "Preflight", the cluster runs compatibility checks against the target release without + // performing an actual update. Compatibility results, including any detected risks, are reported + // in status.conditionalUpdates and status.conditionalUpdateRisks alongside risks from the update + // recommendation service. + // This allows administrators to assess update readiness and address issues before committing to the update. + // Preflight mode is particularly useful for skip-level updates where upgrade compatibility needs to be + // verified across multiple minor versions. + // When mode is set to "Preflight", the same rules for version, image, and architecture apply as for normal updates. + Mode *configv1.UpdateMode `json:"mode,omitempty"` } // UpdateApplyConfiguration constructs a declarative configuration of the Update type for use with @@ -99,3 +112,11 @@ func (b *UpdateApplyConfiguration) WithAcceptRisks(values ...*AcceptRiskApplyCon } return b } + +// WithMode sets the Mode field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Mode field is set to the value of the last call. +func (b *UpdateApplyConfiguration) WithMode(value configv1.UpdateMode) *UpdateApplyConfiguration { + b.Mode = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/usernameclaimmapping.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/usernameclaimmapping.go index d33d6d71d8..8676ae891f 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/usernameclaimmapping.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/usernameclaimmapping.go @@ -29,11 +29,9 @@ type UsernameClaimMappingApplyConfiguration struct { // Allowed values are 'Prefix', 'NoPrefix', and omitted (not provided or an empty string). // // When set to 'Prefix', the value specified in the prefix field will be prepended to the value of the JWT claim. - // // The prefix field must be set when prefixPolicy is 'Prefix'. - // + // Must not be set to 'Prefix' when expression is set. // When set to 'NoPrefix', no prefix will be prepended to the value of the JWT claim. - // // When omitted, this means no opinion and the platform is left to choose any prefixes that are applied which is subject to change over time. // Currently, the platform prepends `{issuerURL}#` to the value of the JWT claim when the claim is not 'email'. // diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vaultapproleauthentication.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vaultapproleauthentication.go new file mode 100644 index 0000000000..9119cbe199 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vaultapproleauthentication.go @@ -0,0 +1,28 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +// VaultAppRoleAuthenticationApplyConfiguration represents a declarative configuration of the VaultAppRoleAuthentication type for use +// with apply. +// +// VaultAppRoleAuthentication defines the configuration for AppRole authentication with Vault. +type VaultAppRoleAuthenticationApplyConfiguration struct { + // secret references a secret in the openshift-config namespace containing + // the AppRole credentials used to authenticate with Vault. + // The referenced Secret must contain two keys: "role-id" for the AppRole Role ID and "secret-id" for the AppRole Secret ID. + Secret *VaultSecretReferenceApplyConfiguration `json:"secret,omitempty"` +} + +// VaultAppRoleAuthenticationApplyConfiguration constructs a declarative configuration of the VaultAppRoleAuthentication type for use with +// apply. +func VaultAppRoleAuthentication() *VaultAppRoleAuthenticationApplyConfiguration { + return &VaultAppRoleAuthenticationApplyConfiguration{} +} + +// WithSecret sets the Secret field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Secret field is set to the value of the last call. +func (b *VaultAppRoleAuthenticationApplyConfiguration) WithSecret(value *VaultSecretReferenceApplyConfiguration) *VaultAppRoleAuthenticationApplyConfiguration { + b.Secret = value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vaultauthentication.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vaultauthentication.go new file mode 100644 index 0000000000..466bbc7970 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vaultauthentication.go @@ -0,0 +1,43 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +import ( + configv1 "github.com/openshift/api/config/v1" +) + +// VaultAuthenticationApplyConfiguration represents a declarative configuration of the VaultAuthentication type for use +// with apply. +// +// VaultAuthentication defines the authentication method used to authenticate with Vault. +type VaultAuthenticationApplyConfiguration struct { + // type defines the authentication method used to authenticate with Vault. + // Allowed values are AppRole. + // When set to AppRole, the plugin uses AppRole credentials to authenticate with Vault. + Type *configv1.VaultAuthenticationType `json:"type,omitempty"` + // appRole defines the configuration for AppRole authentication. + // This field must be set when type is AppRole, and must be unset otherwise. + AppRole *VaultAppRoleAuthenticationApplyConfiguration `json:"appRole,omitempty"` +} + +// VaultAuthenticationApplyConfiguration constructs a declarative configuration of the VaultAuthentication type for use with +// apply. +func VaultAuthentication() *VaultAuthenticationApplyConfiguration { + return &VaultAuthenticationApplyConfiguration{} +} + +// WithType sets the Type field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Type field is set to the value of the last call. +func (b *VaultAuthenticationApplyConfiguration) WithType(value configv1.VaultAuthenticationType) *VaultAuthenticationApplyConfiguration { + b.Type = &value + return b +} + +// WithAppRole sets the AppRole field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the AppRole field is set to the value of the last call. +func (b *VaultAuthenticationApplyConfiguration) WithAppRole(value *VaultAppRoleAuthenticationApplyConfiguration) *VaultAuthenticationApplyConfiguration { + b.AppRole = value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vaultconfigmapreference.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vaultconfigmapreference.go new file mode 100644 index 0000000000..cb0e46af85 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vaultconfigmapreference.go @@ -0,0 +1,28 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +// VaultConfigMapReferenceApplyConfiguration represents a declarative configuration of the VaultConfigMapReference type for use +// with apply. +// +// VaultConfigMapReference references a ConfigMap in the openshift-config namespace. +type VaultConfigMapReferenceApplyConfiguration struct { + // name is the metadata.name of the referenced ConfigMap in the openshift-config namespace. + // The name must be a valid DNS subdomain name: it must contain no more than 253 characters, + // contain only lowercase alphanumeric characters, '-' or '.', and start and end with an alphanumeric character. + Name *string `json:"name,omitempty"` +} + +// VaultConfigMapReferenceApplyConfiguration constructs a declarative configuration of the VaultConfigMapReference type for use with +// apply. +func VaultConfigMapReference() *VaultConfigMapReferenceApplyConfiguration { + return &VaultConfigMapReferenceApplyConfiguration{} +} + +// WithName sets the Name field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Name field is set to the value of the last call. +func (b *VaultConfigMapReferenceApplyConfiguration) WithName(value string) *VaultConfigMapReferenceApplyConfiguration { + b.Name = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vaultkmspluginconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vaultkmspluginconfig.go new file mode 100644 index 0000000000..736095a27d --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vaultkmspluginconfig.go @@ -0,0 +1,123 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +// VaultKMSPluginConfigApplyConfiguration represents a declarative configuration of the VaultKMSPluginConfig type for use +// with apply. +// +// VaultKMSPluginConfig defines the KMS plugin configuration specific to Vault KMS +type VaultKMSPluginConfigApplyConfiguration struct { + // kmsPluginImage specifies the container image for the HashiCorp Vault KMS plugin. + // + // The image must be a fully qualified OCI image pull spec with a SHA256 digest. + // The format is: host[:port][/namespace]/name@sha256: + // where the digest must be 64 characters long and consist only of lowercase hexadecimal characters, a-f and 0-9. + // The total length must be between 75 and 447 characters. + // + // Short names (e.g., "vault-plugin" or "hashicorp/vault-plugin") are not allowed. + // The registry hostname must be included and must contain at least one dot. + // Image tags (e.g., ":latest", ":v1.0.0") are not allowed. + // + // Consult the OpenShift documentation for compatible plugin versions with your cluster version, + // then obtain the image digest for that version from HashiCorp's container registry. + // + // For disconnected environments, mirror the plugin image to an accessible registry + // and reference the mirrored location with its digest. + KMSPluginImage *string `json:"kmsPluginImage,omitempty"` + // vaultAddress specifies the address of the HashiCorp Vault instance. + // The value must be a valid HTTPS URL containing only scheme, host, and optional port. + // Paths, user info, query parameters, and fragments are not allowed. + // + // Format: https://hostname[:port] + // Example: https://vault.example.com:8200 + // + // The value must be between 1 and 512 characters. + VaultAddress *string `json:"vaultAddress,omitempty"` + // vaultNamespace specifies the Vault namespace where the Transit secrets engine is mounted. + // This is only applicable for Vault Enterprise installations. + // When this field is not set, no namespace is used. + // + // The value must be between 1 and 4096 characters. + // The namespace cannot end with a forward slash, cannot contain spaces, and cannot be one of the reserved strings: root, sys, audit, auth, cubbyhole, or identity. + VaultNamespace *string `json:"vaultNamespace,omitempty"` + // tls contains the TLS configuration for connecting to the Vault server. + // When this field is not set, system default TLS settings are used. + TLS *VaultTLSConfigApplyConfiguration `json:"tls,omitempty"` + // authentication defines the authentication method used to authenticate with Vault. + Authentication *VaultAuthenticationApplyConfiguration `json:"authentication,omitempty"` + // transitMount specifies the mount path of the Vault Transit engine. + // + // The transit mount must be between 1 and 1024 characters, cannot start or + // end with a forward slash, cannot contain consecutive forward slashes, and + // must only contain RFC 3986 unreserved characters (alphanumeric, hyphen, + // period, underscore, tilde) and forward slashes as path separators. + TransitMount *string `json:"transitMount,omitempty"` + // transitKey specifies the name of the encryption key in Vault's Transit engine. + // This key is used to encrypt and decrypt data. + // + // The transit key must be between 1 and 512 characters, cannot contain forward slashes, + // and must only contain alphanumeric characters, hyphens, periods, and underscores. + TransitKey *string `json:"transitKey,omitempty"` +} + +// VaultKMSPluginConfigApplyConfiguration constructs a declarative configuration of the VaultKMSPluginConfig type for use with +// apply. +func VaultKMSPluginConfig() *VaultKMSPluginConfigApplyConfiguration { + return &VaultKMSPluginConfigApplyConfiguration{} +} + +// WithKMSPluginImage sets the KMSPluginImage field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the KMSPluginImage field is set to the value of the last call. +func (b *VaultKMSPluginConfigApplyConfiguration) WithKMSPluginImage(value string) *VaultKMSPluginConfigApplyConfiguration { + b.KMSPluginImage = &value + return b +} + +// WithVaultAddress sets the VaultAddress field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the VaultAddress field is set to the value of the last call. +func (b *VaultKMSPluginConfigApplyConfiguration) WithVaultAddress(value string) *VaultKMSPluginConfigApplyConfiguration { + b.VaultAddress = &value + return b +} + +// WithVaultNamespace sets the VaultNamespace field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the VaultNamespace field is set to the value of the last call. +func (b *VaultKMSPluginConfigApplyConfiguration) WithVaultNamespace(value string) *VaultKMSPluginConfigApplyConfiguration { + b.VaultNamespace = &value + return b +} + +// WithTLS sets the TLS field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the TLS field is set to the value of the last call. +func (b *VaultKMSPluginConfigApplyConfiguration) WithTLS(value *VaultTLSConfigApplyConfiguration) *VaultKMSPluginConfigApplyConfiguration { + b.TLS = value + return b +} + +// WithAuthentication sets the Authentication field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Authentication field is set to the value of the last call. +func (b *VaultKMSPluginConfigApplyConfiguration) WithAuthentication(value *VaultAuthenticationApplyConfiguration) *VaultKMSPluginConfigApplyConfiguration { + b.Authentication = value + return b +} + +// WithTransitMount sets the TransitMount field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the TransitMount field is set to the value of the last call. +func (b *VaultKMSPluginConfigApplyConfiguration) WithTransitMount(value string) *VaultKMSPluginConfigApplyConfiguration { + b.TransitMount = &value + return b +} + +// WithTransitKey sets the TransitKey field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the TransitKey field is set to the value of the last call. +func (b *VaultKMSPluginConfigApplyConfiguration) WithTransitKey(value string) *VaultKMSPluginConfigApplyConfiguration { + b.TransitKey = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vaultsecretreference.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vaultsecretreference.go new file mode 100644 index 0000000000..5918611ed7 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vaultsecretreference.go @@ -0,0 +1,28 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +// VaultSecretReferenceApplyConfiguration represents a declarative configuration of the VaultSecretReference type for use +// with apply. +// +// VaultSecretReference references a secret in the openshift-config namespace. +type VaultSecretReferenceApplyConfiguration struct { + // name is the metadata.name of the referenced secret in the openshift-config namespace. + // The name must be a valid DNS subdomain name: it must contain no more than 253 characters, + // contain only lowercase alphanumeric characters, '-' or '.', and start and end with an alphanumeric character. + Name *string `json:"name,omitempty"` +} + +// VaultSecretReferenceApplyConfiguration constructs a declarative configuration of the VaultSecretReference type for use with +// apply. +func VaultSecretReference() *VaultSecretReferenceApplyConfiguration { + return &VaultSecretReferenceApplyConfiguration{} +} + +// WithName sets the Name field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Name field is set to the value of the last call. +func (b *VaultSecretReferenceApplyConfiguration) WithName(value string) *VaultSecretReferenceApplyConfiguration { + b.Name = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vaulttlsconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vaulttlsconfig.go new file mode 100644 index 0000000000..04bf8c3bf1 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vaulttlsconfig.go @@ -0,0 +1,58 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +// VaultTLSConfigApplyConfiguration represents a declarative configuration of the VaultTLSConfig type for use +// with apply. +// +// VaultTLSConfig contains TLS configuration for connecting to Vault. +type VaultTLSConfigApplyConfiguration struct { + // caBundle references a ConfigMap in the openshift-config namespace containing + // the CA certificate bundle used to verify the TLS connection to the Vault server. + // The referenced ConfigMap must contain the CA bundle in the key "ca-bundle.crt". + // When this field is not set, the system's trusted CA certificates are used. + // + // The namespace for the ConfigMap is openshift-config. + // + // Example ConfigMap: + // apiVersion: v1 + // kind: ConfigMap + // metadata: + // name: vault-ca-bundle + // namespace: openshift-config + // data: + // ca-bundle.crt: | + // -----BEGIN CERTIFICATE----- + // ... + // -----END CERTIFICATE----- + CABundle *VaultConfigMapReferenceApplyConfiguration `json:"caBundle,omitempty"` + // serverName specifies the Server Name Indication (SNI) to use when connecting to Vault via TLS. + // This is useful when the Vault server's hostname doesn't match its TLS certificate. + // When this field is not set, the hostname from vaultAddress is used for SNI. + // + // The value must be a valid DNS hostname: it must contain no more than 253 characters, + // contain only lowercase alphanumeric characters, '-' or '.', and start and end with an alphanumeric character. + ServerName *string `json:"serverName,omitempty"` +} + +// VaultTLSConfigApplyConfiguration constructs a declarative configuration of the VaultTLSConfig type for use with +// apply. +func VaultTLSConfig() *VaultTLSConfigApplyConfiguration { + return &VaultTLSConfigApplyConfiguration{} +} + +// WithCABundle sets the CABundle field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the CABundle field is set to the value of the last call. +func (b *VaultTLSConfigApplyConfiguration) WithCABundle(value *VaultConfigMapReferenceApplyConfiguration) *VaultTLSConfigApplyConfiguration { + b.CABundle = value + return b +} + +// WithServerName sets the ServerName field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the ServerName field is set to the value of the last call. +func (b *VaultTLSConfigApplyConfiguration) WithServerName(value string) *VaultTLSConfigApplyConfiguration { + b.ServerName = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vsphereplatformspec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vsphereplatformspec.go index f8037b67a1..4f31602e52 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vsphereplatformspec.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vsphereplatformspec.go @@ -14,10 +14,11 @@ import ( // use these fields for configuration. type VSpherePlatformSpecApplyConfiguration struct { // vcenters holds the connection details for services to communicate with vCenter. - // Currently, only a single vCenter is supported, but in tech preview 3 vCenters are supported. + // Up to 3 vCenters are supported. // Once the cluster has been installed, you are unable to change the current number of defined - // vCenters except in the case where the cluster has been upgraded from a version of OpenShift - // where the vsphere platform spec was not present. You may make modifications to the existing + // vCenters except when 1.) the cluster has been upgraded from a version of OpenShift + // where the vsphere platform spec was not present or 2.) in TechPreview you are able to add and + // remove vCenters but may not remove all vCenters. You may make modifications to the existing // vCenters that are defined in the vcenters list in order to match with any added or modified // failure domains. // --- diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/additionalalertmanagerconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/additionalalertmanagerconfig.go new file mode 100644 index 0000000000..6a699cd82a --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/additionalalertmanagerconfig.go @@ -0,0 +1,119 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "github.com/openshift/api/config/v1alpha1" +) + +// AdditionalAlertmanagerConfigApplyConfiguration represents a declarative configuration of the AdditionalAlertmanagerConfig type for use +// with apply. +// +// AdditionalAlertmanagerConfig represents configuration for additional Alertmanager instances. +// The `AdditionalAlertmanagerConfig` resource defines settings for how a +// component communicates with additional Alertmanager instances. +type AdditionalAlertmanagerConfigApplyConfiguration struct { + // name is a unique identifier for this Alertmanager configuration entry. + // The name must be a valid DNS subdomain (RFC 1123): lowercase alphanumeric characters, + // hyphens, or periods, and must start and end with an alphanumeric character. + // Minimum length is 1 character (empty string is invalid). + // Maximum length is 253 characters. + Name *string `json:"name,omitempty"` + // authorization configures the authentication method for Alertmanager connections. + // Supports bearer token authentication. When omitted, no authentication is used. + Authorization *AuthorizationConfigApplyConfiguration `json:"authorization,omitempty"` + // pathPrefix defines an optional URL path prefix to prepend to the Alertmanager API endpoints. + // For example, if your Alertmanager is behind a reverse proxy at "/alertmanager/", + // set this to "/alertmanager" so requests go to "/alertmanager/api/v1/alerts" instead of "/api/v1/alerts". + // This is commonly needed when Alertmanager is deployed behind ingress controllers or load balancers. + // When no prefix is needed, omit this field; do not set it to "/" as that would produce paths with double slashes (e.g. "//api/v1/alerts"). + // Must start with "/", must not end with "/", and must not be exactly "/". + // Must not contain query strings ("?") or fragments ("#"). + PathPrefix *string `json:"pathPrefix,omitempty"` + // scheme defines the URL scheme to use when communicating with Alertmanager + // instances. + // Possible values are `HTTP` or `HTTPS`. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The current default value is `HTTP`. + Scheme *configv1alpha1.AlertmanagerScheme `json:"scheme,omitempty"` + // staticConfigs is a list of statically configured Alertmanager endpoints in the form + // of `:`. Each entry must be a valid hostname, IPv4 address, or IPv6 address + // (in brackets) followed by a colon and a valid port number (1-65535). + // Examples: "alertmanager.example.com:9093", "192.168.1.100:9093", "[::1]:9093" + // At least one endpoint must be specified (minimum 1, maximum 10 endpoints). + // Each entry must be unique and non-empty (empty string is invalid). + StaticConfigs []string `json:"staticConfigs,omitempty"` + // timeoutSeconds defines the timeout in seconds for requests to Alertmanager. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // Currently the default is 10 seconds. + // Minimum value is 1 second. + // Maximum value is 600 seconds (10 minutes). + TimeoutSeconds *int32 `json:"timeoutSeconds,omitempty"` + // tlsConfig defines the TLS settings to use for Alertmanager connections. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + TLSConfig *TLSConfigApplyConfiguration `json:"tlsConfig,omitempty"` +} + +// AdditionalAlertmanagerConfigApplyConfiguration constructs a declarative configuration of the AdditionalAlertmanagerConfig type for use with +// apply. +func AdditionalAlertmanagerConfig() *AdditionalAlertmanagerConfigApplyConfiguration { + return &AdditionalAlertmanagerConfigApplyConfiguration{} +} + +// WithName sets the Name field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Name field is set to the value of the last call. +func (b *AdditionalAlertmanagerConfigApplyConfiguration) WithName(value string) *AdditionalAlertmanagerConfigApplyConfiguration { + b.Name = &value + return b +} + +// WithAuthorization sets the Authorization field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Authorization field is set to the value of the last call. +func (b *AdditionalAlertmanagerConfigApplyConfiguration) WithAuthorization(value *AuthorizationConfigApplyConfiguration) *AdditionalAlertmanagerConfigApplyConfiguration { + b.Authorization = value + return b +} + +// WithPathPrefix sets the PathPrefix field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the PathPrefix field is set to the value of the last call. +func (b *AdditionalAlertmanagerConfigApplyConfiguration) WithPathPrefix(value string) *AdditionalAlertmanagerConfigApplyConfiguration { + b.PathPrefix = &value + return b +} + +// WithScheme sets the Scheme field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Scheme field is set to the value of the last call. +func (b *AdditionalAlertmanagerConfigApplyConfiguration) WithScheme(value configv1alpha1.AlertmanagerScheme) *AdditionalAlertmanagerConfigApplyConfiguration { + b.Scheme = &value + return b +} + +// WithStaticConfigs adds the given value to the StaticConfigs field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the StaticConfigs field. +func (b *AdditionalAlertmanagerConfigApplyConfiguration) WithStaticConfigs(values ...string) *AdditionalAlertmanagerConfigApplyConfiguration { + for i := range values { + b.StaticConfigs = append(b.StaticConfigs, values[i]) + } + return b +} + +// WithTimeoutSeconds sets the TimeoutSeconds field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the TimeoutSeconds field is set to the value of the last call. +func (b *AdditionalAlertmanagerConfigApplyConfiguration) WithTimeoutSeconds(value int32) *AdditionalAlertmanagerConfigApplyConfiguration { + b.TimeoutSeconds = &value + return b +} + +// WithTLSConfig sets the TLSConfig field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the TLSConfig field is set to the value of the last call. +func (b *AdditionalAlertmanagerConfigApplyConfiguration) WithTLSConfig(value *TLSConfigApplyConfiguration) *AdditionalAlertmanagerConfigApplyConfiguration { + b.TLSConfig = value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/alertmanagercustomconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/alertmanagercustomconfig.go index ebc4e4a6be..37c93f7e15 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/alertmanagercustomconfig.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/alertmanagercustomconfig.go @@ -13,8 +13,23 @@ import ( // AlertmanagerCustomConfig represents the configuration for a custom Alertmanager deployment. // alertmanagerCustomConfig provides configuration options for the default Alertmanager instance // that runs in the `openshift-monitoring` namespace. Use this configuration to control -// whether the default Alertmanager is deployed, how it logs, and how its pods are scheduled. +// whether user-defined namespaces are selected for AlertmanagerConfig lookups, how it logs, +// and how its pods are scheduled. type AlertmanagerCustomConfigApplyConfiguration struct { + // userAlertmanagerConfigSelection is an optional field that controls whether user-defined + // namespaces can be selected for AlertmanagerConfig lookups on the platform Alertmanager + // instance in the `openshift-monitoring` namespace. + // Valid values are Selectable and None. + // When set to Selectable, the platform Alertmanager discovers AlertmanagerConfig resources + // in user-defined namespaces. This is equivalent to `enableUserAlertmanagerConfig: true` in + // the cluster-monitoring-config ConfigMap. + // When set to None, user-defined namespaces are not selected for AlertmanagerConfig lookups + // on the platform Alertmanager. This is equivalent to `enableUserAlertmanagerConfig: false` + // in the cluster-monitoring-config ConfigMap. + // This setting only applies when the user-workload monitoring Alertmanager is not enabled. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The current default value is `None`. + UserAlertmanagerConfigSelection *configv1alpha1.UserAlertmanagerConfigSelection `json:"userAlertmanagerConfigSelection,omitempty"` // logLevel defines the verbosity of logs emitted by Alertmanager. // This field allows users to control the amount and severity of logs generated, which can be useful // for debugging issues or reducing noise in production environments. @@ -47,7 +62,7 @@ type AlertmanagerCustomConfigApplyConfiguration struct { // - name: memory // request: 40Mi // limit: null - // Maximum length for this list is 10. + // Maximum length for this list is 5. // Minimum length for this list is 1. // Each resource name must be unique within this list. Resources []ContainerResourceApplyConfiguration `json:"resources,omitempty"` @@ -90,12 +105,10 @@ type AlertmanagerCustomConfigApplyConfiguration struct { // Minimum length for this list is 1. // Entries must have unique topologyKey and whenUnsatisfiable pairs. TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` - // volumeClaimTemplate Defines persistent storage for Alertmanager. Use this setting to - // configure the persistent volume claim, including storage class, volume - // size, and name. + // volumeClaimTemplate defines persistent storage for Alertmanager. Use this setting to + // configure the persistent volume claim, including storage class and volume size. // If omitted, the Pod uses ephemeral storage and alert data will not persist // across restarts. - // This field is optional. VolumeClaimTemplate *v1.PersistentVolumeClaim `json:"volumeClaimTemplate,omitempty"` } @@ -105,6 +118,14 @@ func AlertmanagerCustomConfig() *AlertmanagerCustomConfigApplyConfiguration { return &AlertmanagerCustomConfigApplyConfiguration{} } +// WithUserAlertmanagerConfigSelection sets the UserAlertmanagerConfigSelection field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the UserAlertmanagerConfigSelection field is set to the value of the last call. +func (b *AlertmanagerCustomConfigApplyConfiguration) WithUserAlertmanagerConfigSelection(value configv1alpha1.UserAlertmanagerConfigSelection) *AlertmanagerCustomConfigApplyConfiguration { + b.UserAlertmanagerConfigSelection = &value + return b +} + // WithLogLevel sets the LogLevel field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the LogLevel field is set to the value of the last call. diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/authorizationconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/authorizationconfig.go new file mode 100644 index 0000000000..87d7c7eefe --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/authorizationconfig.go @@ -0,0 +1,44 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "github.com/openshift/api/config/v1alpha1" +) + +// AuthorizationConfigApplyConfiguration represents a declarative configuration of the AuthorizationConfig type for use +// with apply. +// +// AuthorizationConfig defines the authentication method for Alertmanager connections. +type AuthorizationConfigApplyConfiguration struct { + // type specifies the authentication type to use. + // Valid value is "BearerToken" (bearer token authentication). + // When set to BearerToken, the bearerToken field must be specified. + Type *configv1alpha1.AuthorizationType `json:"type,omitempty"` + // bearerToken defines the secret reference containing the bearer token. + // Required when type is "BearerToken", and forbidden otherwise. + // The secret must exist in the openshift-monitoring namespace. + BearerToken *SecretKeySelectorApplyConfiguration `json:"bearerToken,omitempty"` +} + +// AuthorizationConfigApplyConfiguration constructs a declarative configuration of the AuthorizationConfig type for use with +// apply. +func AuthorizationConfig() *AuthorizationConfigApplyConfiguration { + return &AuthorizationConfigApplyConfiguration{} +} + +// WithType sets the Type field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Type field is set to the value of the last call. +func (b *AuthorizationConfigApplyConfiguration) WithType(value configv1alpha1.AuthorizationType) *AuthorizationConfigApplyConfiguration { + b.Type = &value + return b +} + +// WithBearerToken sets the BearerToken field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the BearerToken field is set to the value of the last call. +func (b *AuthorizationConfigApplyConfiguration) WithBearerToken(value *SecretKeySelectorApplyConfiguration) *AuthorizationConfigApplyConfiguration { + b.BearerToken = value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/basicauth.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/basicauth.go new file mode 100644 index 0000000000..efad66668a --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/basicauth.go @@ -0,0 +1,38 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// BasicAuthApplyConfiguration represents a declarative configuration of the BasicAuth type for use +// with apply. +// +// BasicAuth defines basic authentication settings for the remote write endpoint URL. +type BasicAuthApplyConfiguration struct { + // username defines the secret reference containing the username for basic authentication. + // The secret must exist in the openshift-monitoring namespace. + Username *SecretKeySelectorApplyConfiguration `json:"username,omitempty"` + // password defines the secret reference containing the password for basic authentication. + // The secret must exist in the openshift-monitoring namespace. + Password *SecretKeySelectorApplyConfiguration `json:"password,omitempty"` +} + +// BasicAuthApplyConfiguration constructs a declarative configuration of the BasicAuth type for use with +// apply. +func BasicAuth() *BasicAuthApplyConfiguration { + return &BasicAuthApplyConfiguration{} +} + +// WithUsername sets the Username field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Username field is set to the value of the last call. +func (b *BasicAuthApplyConfiguration) WithUsername(value *SecretKeySelectorApplyConfiguration) *BasicAuthApplyConfiguration { + b.Username = value + return b +} + +// WithPassword sets the Password field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Password field is set to the value of the last call. +func (b *BasicAuthApplyConfiguration) WithPassword(value *SecretKeySelectorApplyConfiguration) *BasicAuthApplyConfiguration { + b.Password = value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/clusterimagepolicyspec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/clusterimagepolicyspec.go deleted file mode 100644 index 135aa592aa..0000000000 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/clusterimagepolicyspec.go +++ /dev/null @@ -1,53 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - configv1alpha1 "github.com/openshift/api/config/v1alpha1" -) - -// ClusterImagePolicySpecApplyConfiguration represents a declarative configuration of the ClusterImagePolicySpec type for use -// with apply. -// -// CLusterImagePolicySpec is the specification of the ClusterImagePolicy custom resource. -type ClusterImagePolicySpecApplyConfiguration struct { - // scopes defines the list of image identities assigned to a policy. Each item refers to a scope in a registry implementing the "Docker Registry HTTP API V2". - // Scopes matching individual images are named Docker references in the fully expanded form, either using a tag or digest. For example, docker.io/library/busybox:latest (not busybox:latest). - // More general scopes are prefixes of individual-image scopes, and specify a repository (by omitting the tag or digest), a repository - // namespace, or a registry host (by only specifying the host name and possibly a port number) or a wildcard expression starting with `*.`, for matching all subdomains (not including a port number). - // Wildcards are only supported for subdomain matching, and may not be used in the middle of the host, i.e. *.example.com is a valid case, but example*.*.com is not. - // If multiple scopes match a given image, only the policy requirements for the most specific scope apply. The policy requirements for more general scopes are ignored. - // In addition to setting a policy appropriate for your own deployed applications, make sure that a policy on the OpenShift image repositories - // quay.io/openshift-release-dev/ocp-release, quay.io/openshift-release-dev/ocp-v4.0-art-dev (or on a more general scope) allows deployment of the OpenShift images required for cluster operation. - // If a scope is configured in both the ClusterImagePolicy and the ImagePolicy, or if the scope in ImagePolicy is nested under one of the scopes from the ClusterImagePolicy, only the policy from the ClusterImagePolicy will be applied. - // For additional details about the format, please refer to the document explaining the docker transport field, - // which can be found at: https://github.com/containers/image/blob/main/docs/containers-policy.json.5.md#docker - Scopes []configv1alpha1.ImageScope `json:"scopes,omitempty"` - // policy contains configuration to allow scopes to be verified, and defines how - // images not matching the verification policy will be treated. - Policy *ImageSigstoreVerificationPolicyApplyConfiguration `json:"policy,omitempty"` -} - -// ClusterImagePolicySpecApplyConfiguration constructs a declarative configuration of the ClusterImagePolicySpec type for use with -// apply. -func ClusterImagePolicySpec() *ClusterImagePolicySpecApplyConfiguration { - return &ClusterImagePolicySpecApplyConfiguration{} -} - -// WithScopes adds the given value to the Scopes field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, values provided by each call will be appended to the Scopes field. -func (b *ClusterImagePolicySpecApplyConfiguration) WithScopes(values ...configv1alpha1.ImageScope) *ClusterImagePolicySpecApplyConfiguration { - for i := range values { - b.Scopes = append(b.Scopes, values[i]) - } - return b -} - -// WithPolicy sets the Policy field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Policy field is set to the value of the last call. -func (b *ClusterImagePolicySpecApplyConfiguration) WithPolicy(value *ImageSigstoreVerificationPolicyApplyConfiguration) *ClusterImagePolicySpecApplyConfiguration { - b.Policy = value - return b -} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/clusterimagepolicystatus.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/clusterimagepolicystatus.go deleted file mode 100644 index e01b2cac34..0000000000 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/clusterimagepolicystatus.go +++ /dev/null @@ -1,33 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1 "k8s.io/client-go/applyconfigurations/meta/v1" -) - -// ClusterImagePolicyStatusApplyConfiguration represents a declarative configuration of the ClusterImagePolicyStatus type for use -// with apply. -type ClusterImagePolicyStatusApplyConfiguration struct { - // conditions provide details on the status of this API Resource. - Conditions []v1.ConditionApplyConfiguration `json:"conditions,omitempty"` -} - -// ClusterImagePolicyStatusApplyConfiguration constructs a declarative configuration of the ClusterImagePolicyStatus type for use with -// apply. -func ClusterImagePolicyStatus() *ClusterImagePolicyStatusApplyConfiguration { - return &ClusterImagePolicyStatusApplyConfiguration{} -} - -// WithConditions adds the given value to the Conditions field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, values provided by each call will be appended to the Conditions field. -func (b *ClusterImagePolicyStatusApplyConfiguration) WithConditions(values ...*v1.ConditionApplyConfiguration) *ClusterImagePolicyStatusApplyConfiguration { - for i := range values { - if values[i] == nil { - panic("nil value passed to WithConditions") - } - b.Conditions = append(b.Conditions, *values[i]) - } - return b -} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/clustermonitoringspec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/clustermonitoringspec.go index 53f29c3fdc..288edad61f 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/clustermonitoringspec.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/clustermonitoringspec.go @@ -18,6 +18,18 @@ type ClusterMonitoringSpecApplyConfiguration struct { // When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. // The current default value is `DefaultConfig`. AlertmanagerConfig *AlertmanagerConfigApplyConfiguration `json:"alertmanagerConfig,omitempty"` + // prometheusConfig provides configuration options for the default platform Prometheus instance + // that runs in the `openshift-monitoring` namespace. This configuration applies only to the + // platform Prometheus instance; user-workload Prometheus instances are configured separately. + // + // This field allows you to customize how the platform Prometheus is deployed and operated, including: + // - Pod scheduling (node selectors, tolerations, topology spread constraints) + // - Resource allocation (CPU, memory requests/limits) + // - Retention policies (how long metrics are stored) + // - External integrations (remote write, additional alertmanagers) + // + // This field is optional. When omitted, the platform chooses reasonable defaults, which may change over time. + PrometheusConfig *PrometheusConfigApplyConfiguration `json:"prometheusConfig,omitempty"` // metricsServerConfig is an optional field that can be used to configure the Kubernetes Metrics Server that runs in the openshift-monitoring namespace. // Specifically, it can configure how the Metrics Server instance is deployed, pod scheduling, its audit policy and log verbosity. // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. @@ -33,6 +45,44 @@ type ClusterMonitoringSpecApplyConfiguration struct { // between API versions. // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. PrometheusOperatorAdmissionWebhookConfig *PrometheusOperatorAdmissionWebhookConfigApplyConfiguration `json:"prometheusOperatorAdmissionWebhookConfig,omitempty"` + // openShiftStateMetricsConfig is an optional field that can be used to configure the openshift-state-metrics + // agent that runs in the openshift-monitoring namespace. The openshift-state-metrics agent generates metrics + // about the state of OpenShift-specific Kubernetes objects, such as routes, builds, and deployments. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + OpenShiftStateMetricsConfig *OpenShiftStateMetricsConfigApplyConfiguration `json:"openShiftStateMetricsConfig,omitempty"` + // telemeterClientConfig is an optional field that can be used to configure the Telemeter Client + // component that runs in the openshift-monitoring namespace. The Telemeter Client collects + // selected monitoring metrics and forwards them to Red Hat for telemetry purposes. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // When set, at least one field must be specified within telemeterClientConfig. + TelemeterClientConfig *TelemeterClientConfigApplyConfiguration `json:"telemeterClientConfig,omitempty"` + // thanosQuerierConfig is an optional field that can be used to configure the Thanos Querier + // component that runs in the openshift-monitoring namespace. The Thanos Querier provides + // a global query view by aggregating and deduplicating metrics from multiple Prometheus instances. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The current default deploys the Thanos Querier on linux nodes with 5m CPU and 12Mi memory + // requests, and no custom tolerations or topology spread constraints. + // When set, at least one field must be specified within thanosQuerierConfig. + ThanosQuerierConfig *ThanosQuerierConfigApplyConfiguration `json:"thanosQuerierConfig,omitempty"` + // nodeExporterConfig is an optional field that can be used to configure the node-exporter agent + // that runs as a DaemonSet in the openshift-monitoring namespace. The node-exporter agent collects + // hardware and OS-level metrics from every node in the cluster. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + NodeExporterConfig *NodeExporterConfigApplyConfiguration `json:"nodeExporterConfig,omitempty"` + // monitoringPluginConfig is an optional field that can be used to configure the monitoring plugin + // that runs as a dynamic plugin of the OpenShift web console. The monitoring plugin provides + // the monitoring UI in the OpenShift web console for visualizing metrics, alerts, and dashboards. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The current default deploys the monitoring-plugin as a single-replica Deployment + // on linux nodes with 10m CPU and 50Mi memory requests, and no custom tolerations + // or topology spread constraints. + // When set, at least one field must be specified within monitoringPluginConfig. + MonitoringPluginConfig *MonitoringPluginConfigApplyConfiguration `json:"monitoringPluginConfig,omitempty"` + // kubeStateMetricsConfig is an optional field that can be used to configure the kube-state-metrics + // agent that runs in the openshift-monitoring namespace. kube-state-metrics generates metrics about + // the state of Kubernetes objects such as Deployments, Nodes, and Pods. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + KubeStateMetricsConfig *KubeStateMetricsConfigApplyConfiguration `json:"kubeStateMetricsConfig,omitempty"` } // ClusterMonitoringSpecApplyConfiguration constructs a declarative configuration of the ClusterMonitoringSpec type for use with @@ -57,6 +107,14 @@ func (b *ClusterMonitoringSpecApplyConfiguration) WithAlertmanagerConfig(value * return b } +// WithPrometheusConfig sets the PrometheusConfig field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the PrometheusConfig field is set to the value of the last call. +func (b *ClusterMonitoringSpecApplyConfiguration) WithPrometheusConfig(value *PrometheusConfigApplyConfiguration) *ClusterMonitoringSpecApplyConfiguration { + b.PrometheusConfig = value + return b +} + // WithMetricsServerConfig sets the MetricsServerConfig field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the MetricsServerConfig field is set to the value of the last call. @@ -80,3 +138,51 @@ func (b *ClusterMonitoringSpecApplyConfiguration) WithPrometheusOperatorAdmissio b.PrometheusOperatorAdmissionWebhookConfig = value return b } + +// WithOpenShiftStateMetricsConfig sets the OpenShiftStateMetricsConfig field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the OpenShiftStateMetricsConfig field is set to the value of the last call. +func (b *ClusterMonitoringSpecApplyConfiguration) WithOpenShiftStateMetricsConfig(value *OpenShiftStateMetricsConfigApplyConfiguration) *ClusterMonitoringSpecApplyConfiguration { + b.OpenShiftStateMetricsConfig = value + return b +} + +// WithTelemeterClientConfig sets the TelemeterClientConfig field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the TelemeterClientConfig field is set to the value of the last call. +func (b *ClusterMonitoringSpecApplyConfiguration) WithTelemeterClientConfig(value *TelemeterClientConfigApplyConfiguration) *ClusterMonitoringSpecApplyConfiguration { + b.TelemeterClientConfig = value + return b +} + +// WithThanosQuerierConfig sets the ThanosQuerierConfig field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the ThanosQuerierConfig field is set to the value of the last call. +func (b *ClusterMonitoringSpecApplyConfiguration) WithThanosQuerierConfig(value *ThanosQuerierConfigApplyConfiguration) *ClusterMonitoringSpecApplyConfiguration { + b.ThanosQuerierConfig = value + return b +} + +// WithNodeExporterConfig sets the NodeExporterConfig field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the NodeExporterConfig field is set to the value of the last call. +func (b *ClusterMonitoringSpecApplyConfiguration) WithNodeExporterConfig(value *NodeExporterConfigApplyConfiguration) *ClusterMonitoringSpecApplyConfiguration { + b.NodeExporterConfig = value + return b +} + +// WithMonitoringPluginConfig sets the MonitoringPluginConfig field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the MonitoringPluginConfig field is set to the value of the last call. +func (b *ClusterMonitoringSpecApplyConfiguration) WithMonitoringPluginConfig(value *MonitoringPluginConfigApplyConfiguration) *ClusterMonitoringSpecApplyConfiguration { + b.MonitoringPluginConfig = value + return b +} + +// WithKubeStateMetricsConfig sets the KubeStateMetricsConfig field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the KubeStateMetricsConfig field is set to the value of the last call. +func (b *ClusterMonitoringSpecApplyConfiguration) WithKubeStateMetricsConfig(value *KubeStateMetricsConfigApplyConfiguration) *ClusterMonitoringSpecApplyConfiguration { + b.KubeStateMetricsConfig = value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/containerresource.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/containerresource.go index d600828b01..2240e1b154 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/containerresource.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/containerresource.go @@ -9,6 +9,12 @@ import ( // ContainerResourceApplyConfiguration represents a declarative configuration of the ContainerResource type for use // with apply. // +// MaxItems on []ContainerResource fields is kept at 5 to stay within the +// Kubernetes CRD CEL validation cost budget (StaticEstimatedCRDCostLimit). +// The quantity() CEL function has a high fixed estimated cost per invocation, +// and the limit-vs-request comparison rule is costed per maxItems per location. +// With multiple structs in ClusterMonitoringSpec embedding []ContainerResource, +// maxItems > 5 causes the total estimated rule cost to exceed the budget. // ContainerResource defines a single resource requirement for a container. type ContainerResourceApplyConfiguration struct { // name of the resource (e.g. "cpu", "memory", "hugepages-2Mi"). @@ -18,6 +24,7 @@ type ContainerResourceApplyConfiguration struct { // request is the minimum amount of the resource required (e.g. "2Mi", "1Gi"). // This field is optional. // When limit is specified, request cannot be greater than limit. + // The value must be greater than 0 when specified. Request *resource.Quantity `json:"request,omitempty"` // limit is the maximum amount of the resource allowed (e.g. "2Mi", "1Gi"). // This field is optional. diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/dropequalactionconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/dropequalactionconfig.go new file mode 100644 index 0000000000..1e0a8e0014 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/dropequalactionconfig.go @@ -0,0 +1,29 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// DropEqualActionConfigApplyConfiguration represents a declarative configuration of the DropEqualActionConfig type for use +// with apply. +// +// DropEqualActionConfig configures the DropEqual action. +// Drops targets for which the concatenated source_labels do match the value of target_label. +// Requires Prometheus >= v2.41.0. +type DropEqualActionConfigApplyConfiguration struct { + // targetLabel is the label name whose value is compared to the concatenated source_labels; targets that match are dropped. + // Must be between 1 and 128 characters in length. + TargetLabel *string `json:"targetLabel,omitempty"` +} + +// DropEqualActionConfigApplyConfiguration constructs a declarative configuration of the DropEqualActionConfig type for use with +// apply. +func DropEqualActionConfig() *DropEqualActionConfigApplyConfiguration { + return &DropEqualActionConfigApplyConfiguration{} +} + +// WithTargetLabel sets the TargetLabel field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the TargetLabel field is set to the value of the last call. +func (b *DropEqualActionConfigApplyConfiguration) WithTargetLabel(value string) *DropEqualActionConfigApplyConfiguration { + b.TargetLabel = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/hashmodactionconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/hashmodactionconfig.go new file mode 100644 index 0000000000..453795b42b --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/hashmodactionconfig.go @@ -0,0 +1,40 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// HashModActionConfigApplyConfiguration represents a declarative configuration of the HashModActionConfig type for use +// with apply. +// +// HashModActionConfig configures the HashMod action. +// target_label is set to the modulus of a hash of the concatenated source_labels (target = hash % modulus). +type HashModActionConfigApplyConfiguration struct { + // targetLabel is the label name where the hash modulus result is written. + // Must be between 1 and 128 characters in length. + TargetLabel *string `json:"targetLabel,omitempty"` + // modulus is the divisor applied to the hash of the concatenated source label values (target = hash % modulus). + // Required when using the HashMod action so the intended behavior is explicit. + // Must be between 1 and 1000000. + Modulus *int64 `json:"modulus,omitempty"` +} + +// HashModActionConfigApplyConfiguration constructs a declarative configuration of the HashModActionConfig type for use with +// apply. +func HashModActionConfig() *HashModActionConfigApplyConfiguration { + return &HashModActionConfigApplyConfiguration{} +} + +// WithTargetLabel sets the TargetLabel field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the TargetLabel field is set to the value of the last call. +func (b *HashModActionConfigApplyConfiguration) WithTargetLabel(value string) *HashModActionConfigApplyConfiguration { + b.TargetLabel = &value + return b +} + +// WithModulus sets the Modulus field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Modulus field is set to the value of the last call. +func (b *HashModActionConfigApplyConfiguration) WithModulus(value int64) *HashModActionConfigApplyConfiguration { + b.Modulus = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicyfulciocawithrekorrootoftrust.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicyfulciocawithrekorrootoftrust.go deleted file mode 100644 index c9299e5000..0000000000 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicyfulciocawithrekorrootoftrust.go +++ /dev/null @@ -1,52 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -// ImagePolicyFulcioCAWithRekorRootOfTrustApplyConfiguration represents a declarative configuration of the ImagePolicyFulcioCAWithRekorRootOfTrust type for use -// with apply. -// -// ImagePolicyFulcioCAWithRekorRootOfTrust defines the root of trust based on the Fulcio certificate and the Rekor public key. -type ImagePolicyFulcioCAWithRekorRootOfTrustApplyConfiguration struct { - // fulcioCAData contains inline base64-encoded data for the PEM format fulcio CA. - // fulcioCAData must be at most 8192 characters. - FulcioCAData []byte `json:"fulcioCAData,omitempty"` - // rekorKeyData contains inline base64-encoded data for the PEM format from the Rekor public key. - // rekorKeyData must be at most 8192 characters. - RekorKeyData []byte `json:"rekorKeyData,omitempty"` - // fulcioSubject specifies OIDC issuer and the email of the Fulcio authentication configuration. - FulcioSubject *PolicyFulcioSubjectApplyConfiguration `json:"fulcioSubject,omitempty"` -} - -// ImagePolicyFulcioCAWithRekorRootOfTrustApplyConfiguration constructs a declarative configuration of the ImagePolicyFulcioCAWithRekorRootOfTrust type for use with -// apply. -func ImagePolicyFulcioCAWithRekorRootOfTrust() *ImagePolicyFulcioCAWithRekorRootOfTrustApplyConfiguration { - return &ImagePolicyFulcioCAWithRekorRootOfTrustApplyConfiguration{} -} - -// WithFulcioCAData adds the given value to the FulcioCAData field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, values provided by each call will be appended to the FulcioCAData field. -func (b *ImagePolicyFulcioCAWithRekorRootOfTrustApplyConfiguration) WithFulcioCAData(values ...byte) *ImagePolicyFulcioCAWithRekorRootOfTrustApplyConfiguration { - for i := range values { - b.FulcioCAData = append(b.FulcioCAData, values[i]) - } - return b -} - -// WithRekorKeyData adds the given value to the RekorKeyData field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, values provided by each call will be appended to the RekorKeyData field. -func (b *ImagePolicyFulcioCAWithRekorRootOfTrustApplyConfiguration) WithRekorKeyData(values ...byte) *ImagePolicyFulcioCAWithRekorRootOfTrustApplyConfiguration { - for i := range values { - b.RekorKeyData = append(b.RekorKeyData, values[i]) - } - return b -} - -// WithFulcioSubject sets the FulcioSubject field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the FulcioSubject field is set to the value of the last call. -func (b *ImagePolicyFulcioCAWithRekorRootOfTrustApplyConfiguration) WithFulcioSubject(value *PolicyFulcioSubjectApplyConfiguration) *ImagePolicyFulcioCAWithRekorRootOfTrustApplyConfiguration { - b.FulcioSubject = value - return b -} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicypkirootoftrust.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicypkirootoftrust.go deleted file mode 100644 index 42c3c0aa7c..0000000000 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicypkirootoftrust.go +++ /dev/null @@ -1,51 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -// ImagePolicyPKIRootOfTrustApplyConfiguration represents a declarative configuration of the ImagePolicyPKIRootOfTrust type for use -// with apply. -// -// ImagePolicyPKIRootOfTrust defines the root of trust based on Root CA(s) and corresponding intermediate certificates. -type ImagePolicyPKIRootOfTrustApplyConfiguration struct { - // caRootsData contains base64-encoded data of a certificate bundle PEM file, which contains one or more CA roots in the PEM format. The total length of the data must not exceed 8192 characters. - CertificateAuthorityRootsData []byte `json:"caRootsData,omitempty"` - // caIntermediatesData contains base64-encoded data of a certificate bundle PEM file, which contains one or more intermediate certificates in the PEM format. The total length of the data must not exceed 8192 characters. - // caIntermediatesData requires caRootsData to be set. - CertificateAuthorityIntermediatesData []byte `json:"caIntermediatesData,omitempty"` - // pkiCertificateSubject defines the requirements imposed on the subject to which the certificate was issued. - PKICertificateSubject *PKICertificateSubjectApplyConfiguration `json:"pkiCertificateSubject,omitempty"` -} - -// ImagePolicyPKIRootOfTrustApplyConfiguration constructs a declarative configuration of the ImagePolicyPKIRootOfTrust type for use with -// apply. -func ImagePolicyPKIRootOfTrust() *ImagePolicyPKIRootOfTrustApplyConfiguration { - return &ImagePolicyPKIRootOfTrustApplyConfiguration{} -} - -// WithCertificateAuthorityRootsData adds the given value to the CertificateAuthorityRootsData field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, values provided by each call will be appended to the CertificateAuthorityRootsData field. -func (b *ImagePolicyPKIRootOfTrustApplyConfiguration) WithCertificateAuthorityRootsData(values ...byte) *ImagePolicyPKIRootOfTrustApplyConfiguration { - for i := range values { - b.CertificateAuthorityRootsData = append(b.CertificateAuthorityRootsData, values[i]) - } - return b -} - -// WithCertificateAuthorityIntermediatesData adds the given value to the CertificateAuthorityIntermediatesData field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, values provided by each call will be appended to the CertificateAuthorityIntermediatesData field. -func (b *ImagePolicyPKIRootOfTrustApplyConfiguration) WithCertificateAuthorityIntermediatesData(values ...byte) *ImagePolicyPKIRootOfTrustApplyConfiguration { - for i := range values { - b.CertificateAuthorityIntermediatesData = append(b.CertificateAuthorityIntermediatesData, values[i]) - } - return b -} - -// WithPKICertificateSubject sets the PKICertificateSubject field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the PKICertificateSubject field is set to the value of the last call. -func (b *ImagePolicyPKIRootOfTrustApplyConfiguration) WithPKICertificateSubject(value *PKICertificateSubjectApplyConfiguration) *ImagePolicyPKIRootOfTrustApplyConfiguration { - b.PKICertificateSubject = value - return b -} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicypublickeyrootoftrust.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicypublickeyrootoftrust.go deleted file mode 100644 index 317b1be6ad..0000000000 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicypublickeyrootoftrust.go +++ /dev/null @@ -1,42 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -// ImagePolicyPublicKeyRootOfTrustApplyConfiguration represents a declarative configuration of the ImagePolicyPublicKeyRootOfTrust type for use -// with apply. -// -// ImagePolicyPublicKeyRootOfTrust defines the root of trust based on a sigstore public key. -type ImagePolicyPublicKeyRootOfTrustApplyConfiguration struct { - // keyData contains inline base64-encoded data for the PEM format public key. - // KeyData must be at most 8192 characters. - KeyData []byte `json:"keyData,omitempty"` - // rekorKeyData contains inline base64-encoded data for the PEM format from the Rekor public key. - // rekorKeyData must be at most 8192 characters. - RekorKeyData []byte `json:"rekorKeyData,omitempty"` -} - -// ImagePolicyPublicKeyRootOfTrustApplyConfiguration constructs a declarative configuration of the ImagePolicyPublicKeyRootOfTrust type for use with -// apply. -func ImagePolicyPublicKeyRootOfTrust() *ImagePolicyPublicKeyRootOfTrustApplyConfiguration { - return &ImagePolicyPublicKeyRootOfTrustApplyConfiguration{} -} - -// WithKeyData adds the given value to the KeyData field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, values provided by each call will be appended to the KeyData field. -func (b *ImagePolicyPublicKeyRootOfTrustApplyConfiguration) WithKeyData(values ...byte) *ImagePolicyPublicKeyRootOfTrustApplyConfiguration { - for i := range values { - b.KeyData = append(b.KeyData, values[i]) - } - return b -} - -// WithRekorKeyData adds the given value to the RekorKeyData field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, values provided by each call will be appended to the RekorKeyData field. -func (b *ImagePolicyPublicKeyRootOfTrustApplyConfiguration) WithRekorKeyData(values ...byte) *ImagePolicyPublicKeyRootOfTrustApplyConfiguration { - for i := range values { - b.RekorKeyData = append(b.RekorKeyData, values[i]) - } - return b -} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicyspec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicyspec.go deleted file mode 100644 index 0d8cbf64b7..0000000000 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicyspec.go +++ /dev/null @@ -1,53 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - configv1alpha1 "github.com/openshift/api/config/v1alpha1" -) - -// ImagePolicySpecApplyConfiguration represents a declarative configuration of the ImagePolicySpec type for use -// with apply. -// -// ImagePolicySpec is the specification of the ImagePolicy CRD. -type ImagePolicySpecApplyConfiguration struct { - // scopes defines the list of image identities assigned to a policy. Each item refers to a scope in a registry implementing the "Docker Registry HTTP API V2". - // Scopes matching individual images are named Docker references in the fully expanded form, either using a tag or digest. For example, docker.io/library/busybox:latest (not busybox:latest). - // More general scopes are prefixes of individual-image scopes, and specify a repository (by omitting the tag or digest), a repository - // namespace, or a registry host (by only specifying the host name and possibly a port number) or a wildcard expression starting with `*.`, for matching all subdomains (not including a port number). - // Wildcards are only supported for subdomain matching, and may not be used in the middle of the host, i.e. *.example.com is a valid case, but example*.*.com is not. - // If multiple scopes match a given image, only the policy requirements for the most specific scope apply. The policy requirements for more general scopes are ignored. - // In addition to setting a policy appropriate for your own deployed applications, make sure that a policy on the OpenShift image repositories - // quay.io/openshift-release-dev/ocp-release, quay.io/openshift-release-dev/ocp-v4.0-art-dev (or on a more general scope) allows deployment of the OpenShift images required for cluster operation. - // If a scope is configured in both the ClusterImagePolicy and the ImagePolicy, or if the scope in ImagePolicy is nested under one of the scopes from the ClusterImagePolicy, only the policy from the ClusterImagePolicy will be applied. - // For additional details about the format, please refer to the document explaining the docker transport field, - // which can be found at: https://github.com/containers/image/blob/main/docs/containers-policy.json.5.md#docker - Scopes []configv1alpha1.ImageScope `json:"scopes,omitempty"` - // policy contains configuration to allow scopes to be verified, and defines how - // images not matching the verification policy will be treated. - Policy *ImageSigstoreVerificationPolicyApplyConfiguration `json:"policy,omitempty"` -} - -// ImagePolicySpecApplyConfiguration constructs a declarative configuration of the ImagePolicySpec type for use with -// apply. -func ImagePolicySpec() *ImagePolicySpecApplyConfiguration { - return &ImagePolicySpecApplyConfiguration{} -} - -// WithScopes adds the given value to the Scopes field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, values provided by each call will be appended to the Scopes field. -func (b *ImagePolicySpecApplyConfiguration) WithScopes(values ...configv1alpha1.ImageScope) *ImagePolicySpecApplyConfiguration { - for i := range values { - b.Scopes = append(b.Scopes, values[i]) - } - return b -} - -// WithPolicy sets the Policy field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Policy field is set to the value of the last call. -func (b *ImagePolicySpecApplyConfiguration) WithPolicy(value *ImageSigstoreVerificationPolicyApplyConfiguration) *ImagePolicySpecApplyConfiguration { - b.Policy = value - return b -} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicystatus.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicystatus.go deleted file mode 100644 index 59fc118561..0000000000 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicystatus.go +++ /dev/null @@ -1,33 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1 "k8s.io/client-go/applyconfigurations/meta/v1" -) - -// ImagePolicyStatusApplyConfiguration represents a declarative configuration of the ImagePolicyStatus type for use -// with apply. -type ImagePolicyStatusApplyConfiguration struct { - // conditions provide details on the status of this API Resource. - Conditions []v1.ConditionApplyConfiguration `json:"conditions,omitempty"` -} - -// ImagePolicyStatusApplyConfiguration constructs a declarative configuration of the ImagePolicyStatus type for use with -// apply. -func ImagePolicyStatus() *ImagePolicyStatusApplyConfiguration { - return &ImagePolicyStatusApplyConfiguration{} -} - -// WithConditions adds the given value to the Conditions field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, values provided by each call will be appended to the Conditions field. -func (b *ImagePolicyStatusApplyConfiguration) WithConditions(values ...*v1.ConditionApplyConfiguration) *ImagePolicyStatusApplyConfiguration { - for i := range values { - if values[i] == nil { - panic("nil value passed to WithConditions") - } - b.Conditions = append(b.Conditions, *values[i]) - } - return b -} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagesigstoreverificationpolicy.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagesigstoreverificationpolicy.go deleted file mode 100644 index 3fa4e27478..0000000000 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagesigstoreverificationpolicy.go +++ /dev/null @@ -1,36 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -// ImageSigstoreVerificationPolicyApplyConfiguration represents a declarative configuration of the ImageSigstoreVerificationPolicy type for use -// with apply. -// -// ImageSigstoreVerificationPolicy defines the verification policy for the items in the scopes list. -type ImageSigstoreVerificationPolicyApplyConfiguration struct { - // rootOfTrust specifies the root of trust for the policy. - RootOfTrust *PolicyRootOfTrustApplyConfiguration `json:"rootOfTrust,omitempty"` - // signedIdentity specifies what image identity the signature claims about the image. The required matchPolicy field specifies the approach used in the verification process to verify the identity in the signature and the actual image identity, the default matchPolicy is "MatchRepoDigestOrExact". - SignedIdentity *PolicyIdentityApplyConfiguration `json:"signedIdentity,omitempty"` -} - -// ImageSigstoreVerificationPolicyApplyConfiguration constructs a declarative configuration of the ImageSigstoreVerificationPolicy type for use with -// apply. -func ImageSigstoreVerificationPolicy() *ImageSigstoreVerificationPolicyApplyConfiguration { - return &ImageSigstoreVerificationPolicyApplyConfiguration{} -} - -// WithRootOfTrust sets the RootOfTrust field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the RootOfTrust field is set to the value of the last call. -func (b *ImageSigstoreVerificationPolicyApplyConfiguration) WithRootOfTrust(value *PolicyRootOfTrustApplyConfiguration) *ImageSigstoreVerificationPolicyApplyConfiguration { - b.RootOfTrust = value - return b -} - -// WithSignedIdentity sets the SignedIdentity field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the SignedIdentity field is set to the value of the last call. -func (b *ImageSigstoreVerificationPolicyApplyConfiguration) WithSignedIdentity(value *PolicyIdentityApplyConfiguration) *ImageSigstoreVerificationPolicyApplyConfiguration { - b.SignedIdentity = value - return b -} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/keepequalactionconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/keepequalactionconfig.go new file mode 100644 index 0000000000..a560a662a8 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/keepequalactionconfig.go @@ -0,0 +1,29 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// KeepEqualActionConfigApplyConfiguration represents a declarative configuration of the KeepEqualActionConfig type for use +// with apply. +// +// KeepEqualActionConfig configures the KeepEqual action. +// Drops targets for which the concatenated source_labels do not match the value of target_label. +// Requires Prometheus >= v2.41.0. +type KeepEqualActionConfigApplyConfiguration struct { + // targetLabel is the label name whose value is compared to the concatenated source_labels; targets that do not match are dropped. + // Must be between 1 and 128 characters in length. + TargetLabel *string `json:"targetLabel,omitempty"` +} + +// KeepEqualActionConfigApplyConfiguration constructs a declarative configuration of the KeepEqualActionConfig type for use with +// apply. +func KeepEqualActionConfig() *KeepEqualActionConfigApplyConfiguration { + return &KeepEqualActionConfigApplyConfiguration{} +} + +// WithTargetLabel sets the TargetLabel field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the TargetLabel field is set to the value of the last call. +func (b *KeepEqualActionConfigApplyConfiguration) WithTargetLabel(value string) *KeepEqualActionConfigApplyConfiguration { + b.TargetLabel = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/kubestatemetricsconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/kubestatemetricsconfig.go new file mode 100644 index 0000000000..ed850ef346 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/kubestatemetricsconfig.go @@ -0,0 +1,145 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1 "k8s.io/api/core/v1" +) + +// KubeStateMetricsConfigApplyConfiguration represents a declarative configuration of the KubeStateMetricsConfig type for use +// with apply. +// +// KubeStateMetricsConfig provides configuration options for the kube-state-metrics agent +// that runs in the `openshift-monitoring` namespace. kube-state-metrics generates metrics +// about the state of Kubernetes objects such as Deployments, Nodes, and Pods. +type KubeStateMetricsConfigApplyConfiguration struct { + // nodeSelector defines the nodes on which the Pods are scheduled. + // nodeSelector is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // The current default value is `kubernetes.io/os: linux`. + // When specified, nodeSelector must contain at least 1 entry and must not contain more than 10 entries. + NodeSelector map[string]string `json:"nodeSelector,omitempty"` + // resources defines the compute resource requests and limits for the kube-state-metrics container. + // This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. + // When not specified, defaults are used by the platform. Requests cannot exceed limits. + // This field is optional. + // More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + // This is a simplified API that maps to Kubernetes ResourceRequirements. + // The current default values are: + // resources: + // - name: cpu + // request: 4m + // limit: null + // - name: memory + // request: 40Mi + // limit: null + // Maximum length for this list is 5. + // Minimum length for this list is 1. + // Each resource name must be unique within this list. + Resources []ContainerResourceApplyConfiguration `json:"resources,omitempty"` + // tolerations defines tolerations for the pods. + // tolerations is optional. + // + // When omitted, no tolerations are applied. This default is subject to change over time. + // When specified, tolerations must contain at least 1 entry and must not contain more than 10 entries. + // Each toleration's operator, when specified, must be either "Exists" or "Equal". + // Each toleration's effect, when specified, must be one of "NoSchedule", "PreferNoSchedule", or "NoExecute". + // An empty or unset effect means match all effects. + Tolerations []v1.Toleration `json:"tolerations,omitempty"` + // topologySpreadConstraints defines rules for how kube-state-metrics Pods should be distributed + // across topology domains such as zones, nodes, or other user-defined labels. + // topologySpreadConstraints is optional. + // This helps improve high availability and resource efficiency by avoiding placing + // too many replicas in the same failure domain. + // + // This field maps directly to the `topologySpreadConstraints` field in the Pod spec. + // When omitted, no topology spread constraints are applied. This default is subject to change over time. + // When specified, topologySpreadConstraints must contain at least 1 entry and must not contain more than 10 entries. + // Entries must have unique topologyKey and whenUnsatisfiable pairs. + // Each entry's whenUnsatisfiable must be either "DoNotSchedule" or "ScheduleAnyway". + // Each entry's maxSkew must be at least 1. + // When minDomains is specified, it must be at least 1 and whenUnsatisfiable must be "DoNotSchedule". + TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` + // additionalResourceLabels defines additional Kubernetes resource labels to expose as metrics + // in kube-state-metrics. + // Currently, only "Job" and "CronJob" resources are supported due to cardinality concerns. + // Each entry specifies a resource name and a list of Kubernetes label names to expose. + // Use "*" in the labels list to expose all labels for a given resource. + // additionalResourceLabels is optional. + // When omitted, no additional Kubernetes object labels are exposed as metrics + // by kube-state-metrics beyond its built-in metric labels (e.g. namespace, job_name). + // Use this field to opt in to exposing specific Kubernetes labels as metric labels + // for the supported resource types. + // Minimum length for this list is 1. + // Maximum length for this list is 2. + // Each resource name must be unique within this list. + AdditionalResourceLabels []KubeStateMetricsResourceLabelsApplyConfiguration `json:"additionalResourceLabels,omitempty"` +} + +// KubeStateMetricsConfigApplyConfiguration constructs a declarative configuration of the KubeStateMetricsConfig type for use with +// apply. +func KubeStateMetricsConfig() *KubeStateMetricsConfigApplyConfiguration { + return &KubeStateMetricsConfigApplyConfiguration{} +} + +// WithNodeSelector puts the entries into the NodeSelector field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, the entries provided by each call will be put on the NodeSelector field, +// overwriting an existing map entries in NodeSelector field with the same key. +func (b *KubeStateMetricsConfigApplyConfiguration) WithNodeSelector(entries map[string]string) *KubeStateMetricsConfigApplyConfiguration { + if b.NodeSelector == nil && len(entries) > 0 { + b.NodeSelector = make(map[string]string, len(entries)) + } + for k, v := range entries { + b.NodeSelector[k] = v + } + return b +} + +// WithResources adds the given value to the Resources field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Resources field. +func (b *KubeStateMetricsConfigApplyConfiguration) WithResources(values ...*ContainerResourceApplyConfiguration) *KubeStateMetricsConfigApplyConfiguration { + for i := range values { + if values[i] == nil { + panic("nil value passed to WithResources") + } + b.Resources = append(b.Resources, *values[i]) + } + return b +} + +// WithTolerations adds the given value to the Tolerations field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Tolerations field. +func (b *KubeStateMetricsConfigApplyConfiguration) WithTolerations(values ...v1.Toleration) *KubeStateMetricsConfigApplyConfiguration { + for i := range values { + b.Tolerations = append(b.Tolerations, values[i]) + } + return b +} + +// WithTopologySpreadConstraints adds the given value to the TopologySpreadConstraints field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the TopologySpreadConstraints field. +func (b *KubeStateMetricsConfigApplyConfiguration) WithTopologySpreadConstraints(values ...v1.TopologySpreadConstraint) *KubeStateMetricsConfigApplyConfiguration { + for i := range values { + b.TopologySpreadConstraints = append(b.TopologySpreadConstraints, values[i]) + } + return b +} + +// WithAdditionalResourceLabels adds the given value to the AdditionalResourceLabels field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the AdditionalResourceLabels field. +func (b *KubeStateMetricsConfigApplyConfiguration) WithAdditionalResourceLabels(values ...*KubeStateMetricsResourceLabelsApplyConfiguration) *KubeStateMetricsConfigApplyConfiguration { + for i := range values { + if values[i] == nil { + panic("nil value passed to WithAdditionalResourceLabels") + } + b.AdditionalResourceLabels = append(b.AdditionalResourceLabels, *values[i]) + } + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/kubestatemetricsresourcelabels.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/kubestatemetricsresourcelabels.go new file mode 100644 index 0000000000..8b4de02a9a --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/kubestatemetricsresourcelabels.go @@ -0,0 +1,53 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "github.com/openshift/api/config/v1alpha1" +) + +// KubeStateMetricsResourceLabelsApplyConfiguration represents a declarative configuration of the KubeStateMetricsResourceLabels type for use +// with apply. +// +// KubeStateMetricsResourceLabels defines which Kubernetes labels to expose as metrics +// for a given resource type in kube-state-metrics. +type KubeStateMetricsResourceLabelsApplyConfiguration struct { + // resource is the Kubernetes resource name whose labels should be exposed as metrics. + // Currently, only "Job" and "CronJob" are supported due to cardinality concerns. + // Valid values are "Job" and "CronJob". + // This field is required. + Resource *configv1alpha1.KubeStateMetricsResourceName `json:"resource,omitempty"` + // labels is the list of Kubernetes label names to expose as metrics for this resource. + // Use "*" to expose all labels for the specified resource. + // When "*" is specified, it must be the only entry in the list; mixing "*" with + // specific label names is not allowed. + // This field is required. + // Each label name must be unique within this list. + // Minimum length for this list is 1. + // Maximum length for this list is 50. + Labels []configv1alpha1.KubeStateMetricsLabelName `json:"labels,omitempty"` +} + +// KubeStateMetricsResourceLabelsApplyConfiguration constructs a declarative configuration of the KubeStateMetricsResourceLabels type for use with +// apply. +func KubeStateMetricsResourceLabels() *KubeStateMetricsResourceLabelsApplyConfiguration { + return &KubeStateMetricsResourceLabelsApplyConfiguration{} +} + +// WithResource sets the Resource field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Resource field is set to the value of the last call. +func (b *KubeStateMetricsResourceLabelsApplyConfiguration) WithResource(value configv1alpha1.KubeStateMetricsResourceName) *KubeStateMetricsResourceLabelsApplyConfiguration { + b.Resource = &value + return b +} + +// WithLabels adds the given value to the Labels field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Labels field. +func (b *KubeStateMetricsResourceLabelsApplyConfiguration) WithLabels(values ...configv1alpha1.KubeStateMetricsLabelName) *KubeStateMetricsResourceLabelsApplyConfiguration { + for i := range values { + b.Labels = append(b.Labels, values[i]) + } + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/label.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/label.go new file mode 100644 index 0000000000..d1710cc9ab --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/label.go @@ -0,0 +1,39 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// LabelApplyConfiguration represents a declarative configuration of the Label type for use +// with apply. +// +// Label represents a key/value pair for external labels. +type LabelApplyConfiguration struct { + // key is the name of the label. + // Prometheus supports UTF-8 label names, so any valid UTF-8 string is allowed. + // Must be between 1 and 128 characters in length. + Key *string `json:"key,omitempty"` + // value is the value of the label. + // Must be between 1 and 128 characters in length. + Value *string `json:"value,omitempty"` +} + +// LabelApplyConfiguration constructs a declarative configuration of the Label type for use with +// apply. +func Label() *LabelApplyConfiguration { + return &LabelApplyConfiguration{} +} + +// WithKey sets the Key field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Key field is set to the value of the last call. +func (b *LabelApplyConfiguration) WithKey(value string) *LabelApplyConfiguration { + b.Key = &value + return b +} + +// WithValue sets the Value field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Value field is set to the value of the last call. +func (b *LabelApplyConfiguration) WithValue(value string) *LabelApplyConfiguration { + b.Value = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/labelmapactionconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/labelmapactionconfig.go new file mode 100644 index 0000000000..a16bd78779 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/labelmapactionconfig.go @@ -0,0 +1,30 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// LabelMapActionConfigApplyConfiguration represents a declarative configuration of the LabelMapActionConfig type for use +// with apply. +// +// LabelMapActionConfig configures the LabelMap action. +// Regex is matched against all source label names (not just source_labels). Matching label values are copied to new label names given by replacement, with match group references (${1}, ${2}, ...) substituted. +type LabelMapActionConfigApplyConfiguration struct { + // replacement is the template for new label names; match group references (${1}, ${2}, ...) are substituted from the matched label name. + // Required when using the LabelMap action so the intended behavior is explicit and the platform does not need to apply defaults. + // Use "$1" for the first capture group, "$2" for the second, etc. + // Must be between 1 and 255 characters in length. Empty string is invalid as it would produce invalid label names. + Replacement *string `json:"replacement,omitempty"` +} + +// LabelMapActionConfigApplyConfiguration constructs a declarative configuration of the LabelMapActionConfig type for use with +// apply. +func LabelMapActionConfig() *LabelMapActionConfigApplyConfiguration { + return &LabelMapActionConfigApplyConfiguration{} +} + +// WithReplacement sets the Replacement field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Replacement field is set to the value of the last call. +func (b *LabelMapActionConfigApplyConfiguration) WithReplacement(value string) *LabelMapActionConfigApplyConfiguration { + b.Replacement = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/lowercaseactionconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/lowercaseactionconfig.go new file mode 100644 index 0000000000..17fa48139a --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/lowercaseactionconfig.go @@ -0,0 +1,29 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// LowercaseActionConfigApplyConfiguration represents a declarative configuration of the LowercaseActionConfig type for use +// with apply. +// +// LowercaseActionConfig configures the Lowercase action. +// Maps the concatenated source_labels to their lower case and writes to target_label. +// Requires Prometheus >= v2.36.0. +type LowercaseActionConfigApplyConfiguration struct { + // targetLabel is the label name where the lower-cased value is written. + // Must be between 1 and 128 characters in length. + TargetLabel *string `json:"targetLabel,omitempty"` +} + +// LowercaseActionConfigApplyConfiguration constructs a declarative configuration of the LowercaseActionConfig type for use with +// apply. +func LowercaseActionConfig() *LowercaseActionConfigApplyConfiguration { + return &LowercaseActionConfigApplyConfiguration{} +} + +// WithTargetLabel sets the TargetLabel field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the TargetLabel field is set to the value of the last call. +func (b *LowercaseActionConfigApplyConfiguration) WithTargetLabel(value string) *LowercaseActionConfigApplyConfiguration { + b.TargetLabel = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/metadataconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/metadataconfig.go new file mode 100644 index 0000000000..f8e1627816 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/metadataconfig.go @@ -0,0 +1,42 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "github.com/openshift/api/config/v1alpha1" +) + +// MetadataConfigApplyConfiguration represents a declarative configuration of the MetadataConfig type for use +// with apply. +// +// MetadataConfig defines whether and how to send series metadata to remote write storage. +type MetadataConfigApplyConfiguration struct { + // sendPolicy specifies whether to send metadata and how it is configured. + // Default: send metadata using platform-chosen defaults (e.g. send interval 30 seconds). + // Custom: send metadata using the settings in the custom field. + SendPolicy *configv1alpha1.MetadataConfigSendPolicy `json:"sendPolicy,omitempty"` + // custom defines custom metadata send settings. Required when sendPolicy is Custom (must have at least one property), and forbidden when sendPolicy is Default. + Custom *MetadataConfigCustomApplyConfiguration `json:"custom,omitempty"` +} + +// MetadataConfigApplyConfiguration constructs a declarative configuration of the MetadataConfig type for use with +// apply. +func MetadataConfig() *MetadataConfigApplyConfiguration { + return &MetadataConfigApplyConfiguration{} +} + +// WithSendPolicy sets the SendPolicy field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the SendPolicy field is set to the value of the last call. +func (b *MetadataConfigApplyConfiguration) WithSendPolicy(value configv1alpha1.MetadataConfigSendPolicy) *MetadataConfigApplyConfiguration { + b.SendPolicy = &value + return b +} + +// WithCustom sets the Custom field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Custom field is set to the value of the last call. +func (b *MetadataConfigApplyConfiguration) WithCustom(value *MetadataConfigCustomApplyConfiguration) *MetadataConfigApplyConfiguration { + b.Custom = value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/metadataconfigcustom.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/metadataconfigcustom.go new file mode 100644 index 0000000000..3f5e050697 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/metadataconfigcustom.go @@ -0,0 +1,29 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// MetadataConfigCustomApplyConfiguration represents a declarative configuration of the MetadataConfigCustom type for use +// with apply. +// +// MetadataConfigCustom defines custom settings for sending series metadata when sendPolicy is Custom. +// At least one property must be set when sendPolicy is Custom (e.g. sendIntervalSeconds). +type MetadataConfigCustomApplyConfiguration struct { + // sendIntervalSeconds is the interval in seconds at which metadata is sent. + // When omitted, the platform chooses a reasonable default (e.g. 30 seconds). + // Minimum value is 1 second. Maximum value is 86400 seconds (24 hours). + SendIntervalSeconds *int32 `json:"sendIntervalSeconds,omitempty"` +} + +// MetadataConfigCustomApplyConfiguration constructs a declarative configuration of the MetadataConfigCustom type for use with +// apply. +func MetadataConfigCustom() *MetadataConfigCustomApplyConfiguration { + return &MetadataConfigCustomApplyConfiguration{} +} + +// WithSendIntervalSeconds sets the SendIntervalSeconds field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the SendIntervalSeconds field is set to the value of the last call. +func (b *MetadataConfigCustomApplyConfiguration) WithSendIntervalSeconds(value int32) *MetadataConfigCustomApplyConfiguration { + b.SendIntervalSeconds = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/metricsserverconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/metricsserverconfig.go index ea4d945563..bc77df9d2f 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/metricsserverconfig.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/metricsserverconfig.go @@ -58,7 +58,7 @@ type MetricsServerConfigApplyConfiguration struct { // - name: memory // request: 40Mi // limit: null - // Maximum length for this list is 10. + // Maximum length for this list is 5. // Minimum length for this list is 1. // Each resource name must be unique within this list. Resources []ContainerResourceApplyConfiguration `json:"resources,omitempty"` diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/monitoringpluginconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/monitoringpluginconfig.go new file mode 100644 index 0000000000..6f10b30e5d --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/monitoringpluginconfig.go @@ -0,0 +1,112 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1 "k8s.io/api/core/v1" +) + +// MonitoringPluginConfigApplyConfiguration represents a declarative configuration of the MonitoringPluginConfig type for use +// with apply. +// +// MonitoringPluginConfig provides configuration options for the monitoring plugin +// that runs as a dynamic plugin of the OpenShift web console. +// The monitoring plugin provides the monitoring UI in the OpenShift web console +// for visualizing metrics, alerts, and dashboards. +// At least one field must be specified; an empty monitoringPluginConfig object is not allowed. +type MonitoringPluginConfigApplyConfiguration struct { + // nodeSelector defines the nodes on which the Pods are scheduled. + // nodeSelector is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // The current default value is `kubernetes.io/os: linux`. + // When specified, nodeSelector must contain at least 1 entry and must not contain more than 10 entries. + NodeSelector map[string]string `json:"nodeSelector,omitempty"` + // resources defines the compute resource requests and limits for the monitoring-plugin container. + // This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. + // When not specified, defaults are used by the platform. Requests cannot exceed limits. + // This field is optional. + // More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + // This is a simplified API that maps to Kubernetes ResourceRequirements. + // The current default values are: + // resources: + // - name: cpu + // request: 10m + // - name: memory + // request: 50Mi + // + // When specified, resources must contain at least 1 entry and must not exceed 5 entries. + Resources []ContainerResourceApplyConfiguration `json:"resources,omitempty"` + // tolerations defines the tolerations required for the monitoring-plugin Pods. + // This field is optional. + // + // When omitted, the monitoring-plugin Pods will not have any tolerations, which + // means they will only be scheduled on nodes with no taints. + // When specified, tolerations must contain at least 1 entry and must not contain more than 10 entries. + Tolerations []v1.Toleration `json:"tolerations,omitempty"` + // topologySpreadConstraints defines rules for how monitoring-plugin Pods should be distributed + // across topology domains such as zones, nodes, or other user-defined labels. + // topologySpreadConstraints is optional. + // This helps improve high availability and resource efficiency by avoiding placing + // too many replicas in the same failure domain. + // + // When omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. + // This field maps directly to the `topologySpreadConstraints` field in the Pod spec. + // Default is empty list. + // When specified, this list must contain at least 1 entry and must not exceed 10 entries. + TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` +} + +// MonitoringPluginConfigApplyConfiguration constructs a declarative configuration of the MonitoringPluginConfig type for use with +// apply. +func MonitoringPluginConfig() *MonitoringPluginConfigApplyConfiguration { + return &MonitoringPluginConfigApplyConfiguration{} +} + +// WithNodeSelector puts the entries into the NodeSelector field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, the entries provided by each call will be put on the NodeSelector field, +// overwriting an existing map entries in NodeSelector field with the same key. +func (b *MonitoringPluginConfigApplyConfiguration) WithNodeSelector(entries map[string]string) *MonitoringPluginConfigApplyConfiguration { + if b.NodeSelector == nil && len(entries) > 0 { + b.NodeSelector = make(map[string]string, len(entries)) + } + for k, v := range entries { + b.NodeSelector[k] = v + } + return b +} + +// WithResources adds the given value to the Resources field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Resources field. +func (b *MonitoringPluginConfigApplyConfiguration) WithResources(values ...*ContainerResourceApplyConfiguration) *MonitoringPluginConfigApplyConfiguration { + for i := range values { + if values[i] == nil { + panic("nil value passed to WithResources") + } + b.Resources = append(b.Resources, *values[i]) + } + return b +} + +// WithTolerations adds the given value to the Tolerations field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Tolerations field. +func (b *MonitoringPluginConfigApplyConfiguration) WithTolerations(values ...v1.Toleration) *MonitoringPluginConfigApplyConfiguration { + for i := range values { + b.Tolerations = append(b.Tolerations, values[i]) + } + return b +} + +// WithTopologySpreadConstraints adds the given value to the TopologySpreadConstraints field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the TopologySpreadConstraints field. +func (b *MonitoringPluginConfigApplyConfiguration) WithTopologySpreadConstraints(values ...v1.TopologySpreadConstraint) *MonitoringPluginConfigApplyConfiguration { + for i := range values { + b.TopologySpreadConstraints = append(b.TopologySpreadConstraints, values[i]) + } + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectorbuddyinfoconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectorbuddyinfoconfig.go new file mode 100644 index 0000000000..ba6cedbf2a --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectorbuddyinfoconfig.go @@ -0,0 +1,37 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "github.com/openshift/api/config/v1alpha1" +) + +// NodeExporterCollectorBuddyInfoConfigApplyConfiguration represents a declarative configuration of the NodeExporterCollectorBuddyInfoConfig type for use +// with apply. +// +// NodeExporterCollectorBuddyInfoConfig provides configuration for the buddyinfo collector +// of the node-exporter agent. The buddyinfo collector collects statistics about memory fragmentation +// from the node_buddyinfo_blocks metric using data from /proc/buddyinfo. +// It is disabled by default. +type NodeExporterCollectorBuddyInfoConfigApplyConfiguration struct { + // collectionPolicy declares whether the buddyinfo collector collects metrics. + // This field is required. + // Valid values are "Collect" and "DoNotCollect". + // When set to "Collect", the buddyinfo collector is active and memory fragmentation statistics are collected. + // When set to "DoNotCollect", the buddyinfo collector is inactive. + CollectionPolicy *configv1alpha1.NodeExporterCollectorCollectionPolicy `json:"collectionPolicy,omitempty"` +} + +// NodeExporterCollectorBuddyInfoConfigApplyConfiguration constructs a declarative configuration of the NodeExporterCollectorBuddyInfoConfig type for use with +// apply. +func NodeExporterCollectorBuddyInfoConfig() *NodeExporterCollectorBuddyInfoConfigApplyConfiguration { + return &NodeExporterCollectorBuddyInfoConfigApplyConfiguration{} +} + +// WithCollectionPolicy sets the CollectionPolicy field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the CollectionPolicy field is set to the value of the last call. +func (b *NodeExporterCollectorBuddyInfoConfigApplyConfiguration) WithCollectionPolicy(value configv1alpha1.NodeExporterCollectorCollectionPolicy) *NodeExporterCollectorBuddyInfoConfigApplyConfiguration { + b.CollectionPolicy = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectorconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectorconfig.go new file mode 100644 index 0000000000..ce8b83e065 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectorconfig.go @@ -0,0 +1,184 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// NodeExporterCollectorConfigApplyConfiguration represents a declarative configuration of the NodeExporterCollectorConfig type for use +// with apply. +// +// NodeExporterCollectorConfig defines settings for individual collectors +// of the node-exporter agent. Each collector can be individually set to collect or not collect metrics. +// At least one collector must be specified. +type NodeExporterCollectorConfigApplyConfiguration struct { + // cpuFreq configures the cpufreq collector, which collects CPU frequency statistics. + // cpuFreq is optional. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, + // which is subject to change over time. The current default is disabled. + // Consider enabling when you need to observe CPU frequency scaling; expect higher CPU usage on + // many-core nodes when collectionPolicy is Collect. + CpuFreq *NodeExporterCollectorCpufreqConfigApplyConfiguration `json:"cpuFreq,omitempty"` + // tcpStat configures the tcpstat collector, which collects TCP connection statistics. + // tcpStat is optional. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, + // which is subject to change over time. The current default is disabled. + // Enable when debugging TCP connection behavior or capacity at the node level. + TcpStat *NodeExporterCollectorTcpStatConfigApplyConfiguration `json:"tcpStat,omitempty"` + // ethtool configures the ethtool collector, which collects ethernet device statistics. + // ethtool is optional. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, + // which is subject to change over time. The current default is disabled. + // Enable when you need NIC driver-level ethtool metrics beyond generic netdev counters. + Ethtool *NodeExporterCollectorEthtoolConfigApplyConfiguration `json:"ethtool,omitempty"` + // netDev configures the netdev collector, which collects network device statistics. + // netDev is optional. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, + // which is subject to change over time. The current default is enabled. + // Turn off if you must reduce per-interface metric cardinality on hosts with many virtual interfaces. + NetDev *NodeExporterCollectorNetDevConfigApplyConfiguration `json:"netDev,omitempty"` + // netClass configures the netclass collector, which collects information about network devices. + // netClass is optional. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, + // which is subject to change over time. The current default is enabled with netlink mode active. + // Use statsGatherer when sysfs vs netlink implementation matters or when matching node_exporter tuning. + NetClass *NodeExporterCollectorNetClassConfigApplyConfiguration `json:"netClass,omitempty"` + // buddyInfo configures the buddyinfo collector, which collects statistics about memory + // fragmentation from the node_buddyinfo_blocks metric. This metric collects data from /proc/buddyinfo. + // buddyInfo is optional. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, + // which is subject to change over time. The current default is disabled. + // Enable when investigating kernel memory fragmentation; typically for advanced troubleshooting only. + BuddyInfo *NodeExporterCollectorBuddyInfoConfigApplyConfiguration `json:"buddyInfo,omitempty"` + // mountStats configures the mountstats collector, which collects statistics about NFS volume + // I/O activities. + // mountStats is optional. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, + // which is subject to change over time. The current default is disabled. + // Enabling this collector may produce metrics with high cardinality. If you enable this + // collector, closely monitor the prometheus-k8s deployment for excessive memory usage. + // Enable when you care about per-mount NFS client statistics. + MountStats *NodeExporterCollectorMountStatsConfigApplyConfiguration `json:"mountStats,omitempty"` + // ksmd configures the ksmd collector, which collects statistics from the kernel same-page + // merger daemon. + // ksmd is optional. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, + // which is subject to change over time. The current default is disabled. + // Enable on nodes where KSM is in use and you want visibility into merging activity. + Ksmd *NodeExporterCollectorKSMDConfigApplyConfiguration `json:"ksmd,omitempty"` + // processes configures the processes collector, which collects statistics from processes and + // threads running in the system. + // processes is optional. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, + // which is subject to change over time. The current default is disabled. + // Enable for process/thread-level insight; can be expensive on busy nodes. + Processes *NodeExporterCollectorProcessesConfigApplyConfiguration `json:"processes,omitempty"` + // systemd configures the systemd collector, which collects statistics on the systemd daemon + // and its managed services. + // systemd is optional. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, + // which is subject to change over time. The current default is disabled. + // Enabling this collector with a long list of selected units may produce metrics with high + // cardinality. If you enable this collector, closely monitor the prometheus-k8s deployment + // for excessive memory usage. + // Enable when you need metrics for specific units; scope units carefully. + Systemd *NodeExporterCollectorSystemdConfigApplyConfiguration `json:"systemd,omitempty"` + // softirqs configures the softirqs collector, which exposes detailed softirq statistics + // from /proc/softirqs. + // softirqs is optional. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, + // which is subject to change over time. The current default is disabled. + // Enable when you need visibility into kernel softirq processing across CPUs. + Softirqs *NodeExporterCollectorSoftirqsConfigApplyConfiguration `json:"softirqs,omitempty"` +} + +// NodeExporterCollectorConfigApplyConfiguration constructs a declarative configuration of the NodeExporterCollectorConfig type for use with +// apply. +func NodeExporterCollectorConfig() *NodeExporterCollectorConfigApplyConfiguration { + return &NodeExporterCollectorConfigApplyConfiguration{} +} + +// WithCpuFreq sets the CpuFreq field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the CpuFreq field is set to the value of the last call. +func (b *NodeExporterCollectorConfigApplyConfiguration) WithCpuFreq(value *NodeExporterCollectorCpufreqConfigApplyConfiguration) *NodeExporterCollectorConfigApplyConfiguration { + b.CpuFreq = value + return b +} + +// WithTcpStat sets the TcpStat field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the TcpStat field is set to the value of the last call. +func (b *NodeExporterCollectorConfigApplyConfiguration) WithTcpStat(value *NodeExporterCollectorTcpStatConfigApplyConfiguration) *NodeExporterCollectorConfigApplyConfiguration { + b.TcpStat = value + return b +} + +// WithEthtool sets the Ethtool field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Ethtool field is set to the value of the last call. +func (b *NodeExporterCollectorConfigApplyConfiguration) WithEthtool(value *NodeExporterCollectorEthtoolConfigApplyConfiguration) *NodeExporterCollectorConfigApplyConfiguration { + b.Ethtool = value + return b +} + +// WithNetDev sets the NetDev field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the NetDev field is set to the value of the last call. +func (b *NodeExporterCollectorConfigApplyConfiguration) WithNetDev(value *NodeExporterCollectorNetDevConfigApplyConfiguration) *NodeExporterCollectorConfigApplyConfiguration { + b.NetDev = value + return b +} + +// WithNetClass sets the NetClass field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the NetClass field is set to the value of the last call. +func (b *NodeExporterCollectorConfigApplyConfiguration) WithNetClass(value *NodeExporterCollectorNetClassConfigApplyConfiguration) *NodeExporterCollectorConfigApplyConfiguration { + b.NetClass = value + return b +} + +// WithBuddyInfo sets the BuddyInfo field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the BuddyInfo field is set to the value of the last call. +func (b *NodeExporterCollectorConfigApplyConfiguration) WithBuddyInfo(value *NodeExporterCollectorBuddyInfoConfigApplyConfiguration) *NodeExporterCollectorConfigApplyConfiguration { + b.BuddyInfo = value + return b +} + +// WithMountStats sets the MountStats field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the MountStats field is set to the value of the last call. +func (b *NodeExporterCollectorConfigApplyConfiguration) WithMountStats(value *NodeExporterCollectorMountStatsConfigApplyConfiguration) *NodeExporterCollectorConfigApplyConfiguration { + b.MountStats = value + return b +} + +// WithKsmd sets the Ksmd field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Ksmd field is set to the value of the last call. +func (b *NodeExporterCollectorConfigApplyConfiguration) WithKsmd(value *NodeExporterCollectorKSMDConfigApplyConfiguration) *NodeExporterCollectorConfigApplyConfiguration { + b.Ksmd = value + return b +} + +// WithProcesses sets the Processes field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Processes field is set to the value of the last call. +func (b *NodeExporterCollectorConfigApplyConfiguration) WithProcesses(value *NodeExporterCollectorProcessesConfigApplyConfiguration) *NodeExporterCollectorConfigApplyConfiguration { + b.Processes = value + return b +} + +// WithSystemd sets the Systemd field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Systemd field is set to the value of the last call. +func (b *NodeExporterCollectorConfigApplyConfiguration) WithSystemd(value *NodeExporterCollectorSystemdConfigApplyConfiguration) *NodeExporterCollectorConfigApplyConfiguration { + b.Systemd = value + return b +} + +// WithSoftirqs sets the Softirqs field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Softirqs field is set to the value of the last call. +func (b *NodeExporterCollectorConfigApplyConfiguration) WithSoftirqs(value *NodeExporterCollectorSoftirqsConfigApplyConfiguration) *NodeExporterCollectorConfigApplyConfiguration { + b.Softirqs = value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectorcpufreqconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectorcpufreqconfig.go new file mode 100644 index 0000000000..65fe3f11fe --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectorcpufreqconfig.go @@ -0,0 +1,36 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "github.com/openshift/api/config/v1alpha1" +) + +// NodeExporterCollectorCpufreqConfigApplyConfiguration represents a declarative configuration of the NodeExporterCollectorCpufreqConfig type for use +// with apply. +// +// NodeExporterCollectorCpufreqConfig provides configuration for the cpufreq collector +// of the node-exporter agent. The cpufreq collector collects CPU frequency statistics. +// It is disabled by default. +type NodeExporterCollectorCpufreqConfigApplyConfiguration struct { + // collectionPolicy declares whether the cpufreq collector collects metrics. + // This field is required. + // Valid values are "Collect" and "DoNotCollect". + // When set to "Collect", the cpufreq collector is active and CPU frequency statistics are collected. + // When set to "DoNotCollect", the cpufreq collector is inactive. + CollectionPolicy *configv1alpha1.NodeExporterCollectorCollectionPolicy `json:"collectionPolicy,omitempty"` +} + +// NodeExporterCollectorCpufreqConfigApplyConfiguration constructs a declarative configuration of the NodeExporterCollectorCpufreqConfig type for use with +// apply. +func NodeExporterCollectorCpufreqConfig() *NodeExporterCollectorCpufreqConfigApplyConfiguration { + return &NodeExporterCollectorCpufreqConfigApplyConfiguration{} +} + +// WithCollectionPolicy sets the CollectionPolicy field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the CollectionPolicy field is set to the value of the last call. +func (b *NodeExporterCollectorCpufreqConfigApplyConfiguration) WithCollectionPolicy(value configv1alpha1.NodeExporterCollectorCollectionPolicy) *NodeExporterCollectorCpufreqConfigApplyConfiguration { + b.CollectionPolicy = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectorethtoolconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectorethtoolconfig.go new file mode 100644 index 0000000000..396477c1f0 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectorethtoolconfig.go @@ -0,0 +1,36 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "github.com/openshift/api/config/v1alpha1" +) + +// NodeExporterCollectorEthtoolConfigApplyConfiguration represents a declarative configuration of the NodeExporterCollectorEthtoolConfig type for use +// with apply. +// +// NodeExporterCollectorEthtoolConfig provides configuration for the ethtool collector +// of the node-exporter agent. The ethtool collector collects ethernet device statistics. +// It is disabled by default. +type NodeExporterCollectorEthtoolConfigApplyConfiguration struct { + // collectionPolicy declares whether the ethtool collector collects metrics. + // This field is required. + // Valid values are "Collect" and "DoNotCollect". + // When set to "Collect", the ethtool collector is active and ethernet device statistics are collected. + // When set to "DoNotCollect", the ethtool collector is inactive. + CollectionPolicy *configv1alpha1.NodeExporterCollectorCollectionPolicy `json:"collectionPolicy,omitempty"` +} + +// NodeExporterCollectorEthtoolConfigApplyConfiguration constructs a declarative configuration of the NodeExporterCollectorEthtoolConfig type for use with +// apply. +func NodeExporterCollectorEthtoolConfig() *NodeExporterCollectorEthtoolConfigApplyConfiguration { + return &NodeExporterCollectorEthtoolConfigApplyConfiguration{} +} + +// WithCollectionPolicy sets the CollectionPolicy field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the CollectionPolicy field is set to the value of the last call. +func (b *NodeExporterCollectorEthtoolConfigApplyConfiguration) WithCollectionPolicy(value configv1alpha1.NodeExporterCollectorCollectionPolicy) *NodeExporterCollectorEthtoolConfigApplyConfiguration { + b.CollectionPolicy = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectorksmdconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectorksmdconfig.go new file mode 100644 index 0000000000..fc0ac015a1 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectorksmdconfig.go @@ -0,0 +1,37 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "github.com/openshift/api/config/v1alpha1" +) + +// NodeExporterCollectorKSMDConfigApplyConfiguration represents a declarative configuration of the NodeExporterCollectorKSMDConfig type for use +// with apply. +// +// NodeExporterCollectorKSMDConfig provides configuration for the ksmd collector +// of the node-exporter agent. The ksmd collector collects statistics from the kernel +// same-page merger daemon. +// It is disabled by default. +type NodeExporterCollectorKSMDConfigApplyConfiguration struct { + // collectionPolicy declares whether the ksmd collector collects metrics. + // This field is required. + // Valid values are "Collect" and "DoNotCollect". + // When set to "Collect", the ksmd collector is active and kernel same-page merger statistics are collected. + // When set to "DoNotCollect", the ksmd collector is inactive. + CollectionPolicy *configv1alpha1.NodeExporterCollectorCollectionPolicy `json:"collectionPolicy,omitempty"` +} + +// NodeExporterCollectorKSMDConfigApplyConfiguration constructs a declarative configuration of the NodeExporterCollectorKSMDConfig type for use with +// apply. +func NodeExporterCollectorKSMDConfig() *NodeExporterCollectorKSMDConfigApplyConfiguration { + return &NodeExporterCollectorKSMDConfigApplyConfiguration{} +} + +// WithCollectionPolicy sets the CollectionPolicy field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the CollectionPolicy field is set to the value of the last call. +func (b *NodeExporterCollectorKSMDConfigApplyConfiguration) WithCollectionPolicy(value configv1alpha1.NodeExporterCollectorCollectionPolicy) *NodeExporterCollectorKSMDConfigApplyConfiguration { + b.CollectionPolicy = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectormountstatsconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectormountstatsconfig.go new file mode 100644 index 0000000000..306bb851aa --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectormountstatsconfig.go @@ -0,0 +1,38 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "github.com/openshift/api/config/v1alpha1" +) + +// NodeExporterCollectorMountStatsConfigApplyConfiguration represents a declarative configuration of the NodeExporterCollectorMountStatsConfig type for use +// with apply. +// +// NodeExporterCollectorMountStatsConfig provides configuration for the mountstats collector +// of the node-exporter agent. The mountstats collector collects statistics about NFS volume I/O activities. +// It is disabled by default. +// Enabling this collector may produce metrics with high cardinality. If you enable this +// collector, closely monitor the prometheus-k8s deployment for excessive memory usage. +type NodeExporterCollectorMountStatsConfigApplyConfiguration struct { + // collectionPolicy declares whether the mountstats collector collects metrics. + // This field is required. + // Valid values are "Collect" and "DoNotCollect". + // When set to "Collect", the mountstats collector is active and NFS volume I/O statistics are collected. + // When set to "DoNotCollect", the mountstats collector is inactive. + CollectionPolicy *configv1alpha1.NodeExporterCollectorCollectionPolicy `json:"collectionPolicy,omitempty"` +} + +// NodeExporterCollectorMountStatsConfigApplyConfiguration constructs a declarative configuration of the NodeExporterCollectorMountStatsConfig type for use with +// apply. +func NodeExporterCollectorMountStatsConfig() *NodeExporterCollectorMountStatsConfigApplyConfiguration { + return &NodeExporterCollectorMountStatsConfigApplyConfiguration{} +} + +// WithCollectionPolicy sets the CollectionPolicy field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the CollectionPolicy field is set to the value of the last call. +func (b *NodeExporterCollectorMountStatsConfigApplyConfiguration) WithCollectionPolicy(value configv1alpha1.NodeExporterCollectorCollectionPolicy) *NodeExporterCollectorMountStatsConfigApplyConfiguration { + b.CollectionPolicy = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectornetclasscollectconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectornetclasscollectconfig.go new file mode 100644 index 0000000000..321c7c6679 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectornetclasscollectconfig.go @@ -0,0 +1,36 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "github.com/openshift/api/config/v1alpha1" +) + +// NodeExporterCollectorNetClassCollectConfigApplyConfiguration represents a declarative configuration of the NodeExporterCollectorNetClassCollectConfig type for use +// with apply. +// +// NodeExporterCollectorNetClassCollectConfig holds configuration options for the netclass collector +// when it is actively collecting metrics. At least one field must be specified. +type NodeExporterCollectorNetClassCollectConfigApplyConfiguration struct { + // statsGatherer selects which implementation the netclass collector uses to gather statistics (sysfs or netlink). + // statsGatherer is optional. + // Valid values are "Sysfs" and "Netlink". + // When set to "Netlink", the netlink implementation is used; when set to "Sysfs", the sysfs implementation is used. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, + // which is subject to change over time. The current default is Netlink. + StatsGatherer *configv1alpha1.NodeExporterNetclassStatsGatherer `json:"statsGatherer,omitempty"` +} + +// NodeExporterCollectorNetClassCollectConfigApplyConfiguration constructs a declarative configuration of the NodeExporterCollectorNetClassCollectConfig type for use with +// apply. +func NodeExporterCollectorNetClassCollectConfig() *NodeExporterCollectorNetClassCollectConfigApplyConfiguration { + return &NodeExporterCollectorNetClassCollectConfigApplyConfiguration{} +} + +// WithStatsGatherer sets the StatsGatherer field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the StatsGatherer field is set to the value of the last call. +func (b *NodeExporterCollectorNetClassCollectConfigApplyConfiguration) WithStatsGatherer(value configv1alpha1.NodeExporterNetclassStatsGatherer) *NodeExporterCollectorNetClassCollectConfigApplyConfiguration { + b.StatsGatherer = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectornetclassconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectornetclassconfig.go new file mode 100644 index 0000000000..2fe2a6a5ba --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectornetclassconfig.go @@ -0,0 +1,53 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "github.com/openshift/api/config/v1alpha1" +) + +// NodeExporterCollectorNetClassConfigApplyConfiguration represents a declarative configuration of the NodeExporterCollectorNetClassConfig type for use +// with apply. +// +// NodeExporterCollectorNetClassConfig provides configuration for the netclass collector +// of the node-exporter agent. The netclass collector collects information about network devices +// such as network speed, MTU, and carrier status. +// It is enabled by default. +// When collectionPolicy is DoNotCollect, the collect field must not be set. +type NodeExporterCollectorNetClassConfigApplyConfiguration struct { + // collectionPolicy declares whether the netclass collector collects metrics. + // This field is required. + // Valid values are "Collect" and "DoNotCollect". + // When set to "Collect", the netclass collector is active and network class information is collected. + // When set to "DoNotCollect", the netclass collector is inactive and the corresponding metrics become unavailable. + // When set to "DoNotCollect", the collect field must not be set. + CollectionPolicy *configv1alpha1.NodeExporterCollectorCollectionPolicy `json:"collectionPolicy,omitempty"` + // collect contains configuration options that apply only when the netclass collector is actively collecting metrics + // (i.e. when collectionPolicy is Collect). + // collect is optional and may be omitted even when collectionPolicy is Collect. + // collect may only be set when collectionPolicy is Collect. + // When set, at least one field must be specified within collect. + Collect *NodeExporterCollectorNetClassCollectConfigApplyConfiguration `json:"collect,omitempty"` +} + +// NodeExporterCollectorNetClassConfigApplyConfiguration constructs a declarative configuration of the NodeExporterCollectorNetClassConfig type for use with +// apply. +func NodeExporterCollectorNetClassConfig() *NodeExporterCollectorNetClassConfigApplyConfiguration { + return &NodeExporterCollectorNetClassConfigApplyConfiguration{} +} + +// WithCollectionPolicy sets the CollectionPolicy field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the CollectionPolicy field is set to the value of the last call. +func (b *NodeExporterCollectorNetClassConfigApplyConfiguration) WithCollectionPolicy(value configv1alpha1.NodeExporterCollectorCollectionPolicy) *NodeExporterCollectorNetClassConfigApplyConfiguration { + b.CollectionPolicy = &value + return b +} + +// WithCollect sets the Collect field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Collect field is set to the value of the last call. +func (b *NodeExporterCollectorNetClassConfigApplyConfiguration) WithCollect(value *NodeExporterCollectorNetClassCollectConfigApplyConfiguration) *NodeExporterCollectorNetClassConfigApplyConfiguration { + b.Collect = value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectornetdevconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectornetdevconfig.go new file mode 100644 index 0000000000..b5bbe4c86e --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectornetdevconfig.go @@ -0,0 +1,37 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "github.com/openshift/api/config/v1alpha1" +) + +// NodeExporterCollectorNetDevConfigApplyConfiguration represents a declarative configuration of the NodeExporterCollectorNetDevConfig type for use +// with apply. +// +// NodeExporterCollectorNetDevConfig provides configuration for the netdev collector +// of the node-exporter agent. The netdev collector collects network device statistics +// such as bytes, packets, errors, and drops per device. +// It is enabled by default. +type NodeExporterCollectorNetDevConfigApplyConfiguration struct { + // collectionPolicy declares whether the netdev collector collects metrics. + // This field is required. + // Valid values are "Collect" and "DoNotCollect". + // When set to "Collect", the netdev collector is active and network device statistics are collected. + // When set to "DoNotCollect", the netdev collector is inactive and the corresponding metrics become unavailable. + CollectionPolicy *configv1alpha1.NodeExporterCollectorCollectionPolicy `json:"collectionPolicy,omitempty"` +} + +// NodeExporterCollectorNetDevConfigApplyConfiguration constructs a declarative configuration of the NodeExporterCollectorNetDevConfig type for use with +// apply. +func NodeExporterCollectorNetDevConfig() *NodeExporterCollectorNetDevConfigApplyConfiguration { + return &NodeExporterCollectorNetDevConfigApplyConfiguration{} +} + +// WithCollectionPolicy sets the CollectionPolicy field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the CollectionPolicy field is set to the value of the last call. +func (b *NodeExporterCollectorNetDevConfigApplyConfiguration) WithCollectionPolicy(value configv1alpha1.NodeExporterCollectorCollectionPolicy) *NodeExporterCollectorNetDevConfigApplyConfiguration { + b.CollectionPolicy = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectorprocessesconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectorprocessesconfig.go new file mode 100644 index 0000000000..71cf2fb59c --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectorprocessesconfig.go @@ -0,0 +1,37 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "github.com/openshift/api/config/v1alpha1" +) + +// NodeExporterCollectorProcessesConfigApplyConfiguration represents a declarative configuration of the NodeExporterCollectorProcessesConfig type for use +// with apply. +// +// NodeExporterCollectorProcessesConfig provides configuration for the processes collector +// of the node-exporter agent. The processes collector collects statistics from processes and threads +// running in the system. +// It is disabled by default. +type NodeExporterCollectorProcessesConfigApplyConfiguration struct { + // collectionPolicy declares whether the processes collector collects metrics. + // This field is required. + // Valid values are "Collect" and "DoNotCollect". + // When set to "Collect", the processes collector is active and process/thread statistics are collected. + // When set to "DoNotCollect", the processes collector is inactive. + CollectionPolicy *configv1alpha1.NodeExporterCollectorCollectionPolicy `json:"collectionPolicy,omitempty"` +} + +// NodeExporterCollectorProcessesConfigApplyConfiguration constructs a declarative configuration of the NodeExporterCollectorProcessesConfig type for use with +// apply. +func NodeExporterCollectorProcessesConfig() *NodeExporterCollectorProcessesConfigApplyConfiguration { + return &NodeExporterCollectorProcessesConfigApplyConfiguration{} +} + +// WithCollectionPolicy sets the CollectionPolicy field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the CollectionPolicy field is set to the value of the last call. +func (b *NodeExporterCollectorProcessesConfigApplyConfiguration) WithCollectionPolicy(value configv1alpha1.NodeExporterCollectorCollectionPolicy) *NodeExporterCollectorProcessesConfigApplyConfiguration { + b.CollectionPolicy = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectorsoftirqsconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectorsoftirqsconfig.go new file mode 100644 index 0000000000..4f9936bc1c --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectorsoftirqsconfig.go @@ -0,0 +1,37 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "github.com/openshift/api/config/v1alpha1" +) + +// NodeExporterCollectorSoftirqsConfigApplyConfiguration represents a declarative configuration of the NodeExporterCollectorSoftirqsConfig type for use +// with apply. +// +// NodeExporterCollectorSoftirqsConfig provides configuration for the softirqs collector +// of the node-exporter agent. The softirqs collector exposes detailed softirq statistics +// from /proc/softirqs. +// It is disabled by default. +type NodeExporterCollectorSoftirqsConfigApplyConfiguration struct { + // collectionPolicy declares whether the softirqs collector collects metrics. + // This field is required. + // Valid values are "Collect" and "DoNotCollect". + // When set to "Collect", the softirqs collector is active and softirq statistics are collected. + // When set to "DoNotCollect", the softirqs collector is inactive. + CollectionPolicy *configv1alpha1.NodeExporterCollectorCollectionPolicy `json:"collectionPolicy,omitempty"` +} + +// NodeExporterCollectorSoftirqsConfigApplyConfiguration constructs a declarative configuration of the NodeExporterCollectorSoftirqsConfig type for use with +// apply. +func NodeExporterCollectorSoftirqsConfig() *NodeExporterCollectorSoftirqsConfigApplyConfiguration { + return &NodeExporterCollectorSoftirqsConfigApplyConfiguration{} +} + +// WithCollectionPolicy sets the CollectionPolicy field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the CollectionPolicy field is set to the value of the last call. +func (b *NodeExporterCollectorSoftirqsConfigApplyConfiguration) WithCollectionPolicy(value configv1alpha1.NodeExporterCollectorCollectionPolicy) *NodeExporterCollectorSoftirqsConfigApplyConfiguration { + b.CollectionPolicy = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectorsystemdcollectconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectorsystemdcollectconfig.go new file mode 100644 index 0000000000..647f7efc0a --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectorsystemdcollectconfig.go @@ -0,0 +1,40 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "github.com/openshift/api/config/v1alpha1" +) + +// NodeExporterCollectorSystemdCollectConfigApplyConfiguration represents a declarative configuration of the NodeExporterCollectorSystemdCollectConfig type for use +// with apply. +// +// NodeExporterCollectorSystemdCollectConfig holds configuration options for the systemd collector +// when it is actively collecting metrics. At least one field must be specified. +type NodeExporterCollectorSystemdCollectConfigApplyConfiguration struct { + // units is a list of regular expression patterns that match systemd units to be included + // by the systemd collector. + // units is optional. + // By default, the list is empty, so the collector exposes no metrics for systemd units. + // Each entry is a regular expression pattern and must be at least 1 character and at most 1024 characters. + // Maximum length for this list is 50. + // Minimum length for this list is 1. + // Entries in this list must be unique. + Units []configv1alpha1.NodeExporterSystemdUnit `json:"units,omitempty"` +} + +// NodeExporterCollectorSystemdCollectConfigApplyConfiguration constructs a declarative configuration of the NodeExporterCollectorSystemdCollectConfig type for use with +// apply. +func NodeExporterCollectorSystemdCollectConfig() *NodeExporterCollectorSystemdCollectConfigApplyConfiguration { + return &NodeExporterCollectorSystemdCollectConfigApplyConfiguration{} +} + +// WithUnits adds the given value to the Units field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Units field. +func (b *NodeExporterCollectorSystemdCollectConfigApplyConfiguration) WithUnits(values ...configv1alpha1.NodeExporterSystemdUnit) *NodeExporterCollectorSystemdCollectConfigApplyConfiguration { + for i := range values { + b.Units = append(b.Units, values[i]) + } + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectorsystemdconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectorsystemdconfig.go new file mode 100644 index 0000000000..a1422798de --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectorsystemdconfig.go @@ -0,0 +1,55 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "github.com/openshift/api/config/v1alpha1" +) + +// NodeExporterCollectorSystemdConfigApplyConfiguration represents a declarative configuration of the NodeExporterCollectorSystemdConfig type for use +// with apply. +// +// NodeExporterCollectorSystemdConfig provides configuration for the systemd collector +// of the node-exporter agent. The systemd collector collects statistics on the systemd daemon +// and its managed services. +// It is disabled by default. +// Enabling this collector with a long list of selected units may produce metrics with high +// cardinality. If you enable this collector, closely monitor the prometheus-k8s deployment +// for excessive memory usage. +// When collectionPolicy is DoNotCollect, the collect field must not be set. +type NodeExporterCollectorSystemdConfigApplyConfiguration struct { + // collectionPolicy declares whether the systemd collector collects metrics. + // This field is required. + // Valid values are "Collect" and "DoNotCollect". + // When set to "Collect", the systemd collector is active and systemd unit statistics are collected. + // When set to "DoNotCollect", the systemd collector is inactive and the collect field must not be set. + CollectionPolicy *configv1alpha1.NodeExporterCollectorCollectionPolicy `json:"collectionPolicy,omitempty"` + // collect contains configuration options that apply only when the systemd collector is actively collecting metrics + // (i.e. when collectionPolicy is Collect). + // collect is optional and may be omitted even when collectionPolicy is Collect. + // collect may only be set when collectionPolicy is Collect. + // When set, at least one field must be specified within collect. + Collect *NodeExporterCollectorSystemdCollectConfigApplyConfiguration `json:"collect,omitempty"` +} + +// NodeExporterCollectorSystemdConfigApplyConfiguration constructs a declarative configuration of the NodeExporterCollectorSystemdConfig type for use with +// apply. +func NodeExporterCollectorSystemdConfig() *NodeExporterCollectorSystemdConfigApplyConfiguration { + return &NodeExporterCollectorSystemdConfigApplyConfiguration{} +} + +// WithCollectionPolicy sets the CollectionPolicy field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the CollectionPolicy field is set to the value of the last call. +func (b *NodeExporterCollectorSystemdConfigApplyConfiguration) WithCollectionPolicy(value configv1alpha1.NodeExporterCollectorCollectionPolicy) *NodeExporterCollectorSystemdConfigApplyConfiguration { + b.CollectionPolicy = &value + return b +} + +// WithCollect sets the Collect field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Collect field is set to the value of the last call. +func (b *NodeExporterCollectorSystemdConfigApplyConfiguration) WithCollect(value *NodeExporterCollectorSystemdCollectConfigApplyConfiguration) *NodeExporterCollectorSystemdConfigApplyConfiguration { + b.Collect = value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectortcpstatconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectortcpstatconfig.go new file mode 100644 index 0000000000..20f77e8808 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectortcpstatconfig.go @@ -0,0 +1,36 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "github.com/openshift/api/config/v1alpha1" +) + +// NodeExporterCollectorTcpStatConfigApplyConfiguration represents a declarative configuration of the NodeExporterCollectorTcpStatConfig type for use +// with apply. +// +// NodeExporterCollectorTcpStatConfig provides configuration for the tcpstat collector +// of the node-exporter agent. The tcpstat collector collects TCP connection statistics. +// It is disabled by default. +type NodeExporterCollectorTcpStatConfigApplyConfiguration struct { + // collectionPolicy declares whether the tcpstat collector collects metrics. + // This field is required. + // Valid values are "Collect" and "DoNotCollect". + // When set to "Collect", the tcpstat collector is active and TCP connection statistics are collected. + // When set to "DoNotCollect", the tcpstat collector is inactive. + CollectionPolicy *configv1alpha1.NodeExporterCollectorCollectionPolicy `json:"collectionPolicy,omitempty"` +} + +// NodeExporterCollectorTcpStatConfigApplyConfiguration constructs a declarative configuration of the NodeExporterCollectorTcpStatConfig type for use with +// apply. +func NodeExporterCollectorTcpStatConfig() *NodeExporterCollectorTcpStatConfigApplyConfiguration { + return &NodeExporterCollectorTcpStatConfigApplyConfiguration{} +} + +// WithCollectionPolicy sets the CollectionPolicy field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the CollectionPolicy field is set to the value of the last call. +func (b *NodeExporterCollectorTcpStatConfigApplyConfiguration) WithCollectionPolicy(value configv1alpha1.NodeExporterCollectorCollectionPolicy) *NodeExporterCollectorTcpStatConfigApplyConfiguration { + b.CollectionPolicy = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexporterconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexporterconfig.go new file mode 100644 index 0000000000..a4a250fc24 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexporterconfig.go @@ -0,0 +1,115 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "github.com/openshift/api/config/v1alpha1" +) + +// NodeExporterConfigApplyConfiguration represents a declarative configuration of the NodeExporterConfig type for use +// with apply. +// +// NodeExporterConfig provides configuration options for the node-exporter agent +// that runs as a DaemonSet in the `openshift-monitoring` namespace. The node-exporter agent collects +// hardware and OS-level metrics from every node in the cluster, including CPU, memory, disk, and +// network statistics. +// At least one field must be specified. +type NodeExporterConfigApplyConfiguration struct { + // resources defines the compute resource requests and limits for the node-exporter container. + // This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. + // When not specified, defaults are used by the platform. Requests cannot exceed limits. + // This field is optional. + // More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + // This is a simplified API that maps to Kubernetes ResourceRequirements. + // The current default values are: + // resources: + // - name: cpu + // request: 8m + // limit: null + // - name: memory + // request: 32Mi + // limit: null + // --- + // maxItems is set to 5 to stay within the Kubernetes CRD CEL validation cost budget. + // See the MaxItems comment near the ContainerResource type definition for details. + // Minimum length for this list is 1. + // Each resource name must be unique within this list. + Resources []ContainerResourceApplyConfiguration `json:"resources,omitempty"` + // collectors configures which node-exporter metric collectors are enabled. + // collectors is optional. + // Each collector can be individually enabled or disabled. Some collectors may have + // additional configuration options. + // + // When omitted, this means no opinion and the platform is left to choose a reasonable + // default, which is subject to change over time. + Collectors *NodeExporterCollectorConfigApplyConfiguration `json:"collectors,omitempty"` + // maxProcs sets the target number of CPUs on which the node-exporter process will run. + // maxProcs is optional. + // Use this setting to override the default value, which is set either to 4 or to the number + // of CPUs on the host, whichever is smaller. + // The default value is computed at runtime and set via the GOMAXPROCS environment variable before + // node-exporter is launched. + // If a kernel deadlock occurs or if performance degrades when reading from sysfs concurrently, + // you can change this value to 1, which limits node-exporter to running on one CPU. + // For nodes with a high CPU count, setting the limit to a low number saves resources by preventing + // Go routines from being scheduled to run on all CPUs. However, I/O performance degrades if the + // maxProcs value is set too low and there are many metrics to collect. + // The minimum value is 1 and the maximum value is 1024. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, + // which is subject to change over time. The current default is min(4, number of host CPUs). + MaxProcs *int32 `json:"maxProcs,omitempty"` + // ignoredNetworkDevices is a list of regular expression patterns that match network devices + // to be excluded from the relevant collector configuration such as netdev, netclass, and ethtool. + // ignoredNetworkDevices is optional. + // + // When omitted, the Cluster Monitoring Operator uses a predefined list of devices to be excluded + // to minimize the impact on memory usage. + // When set as an empty list, no devices are excluded. + // If you modify this setting, monitor the prometheus-k8s deployment closely for excessive memory usage. + // Maximum length for this list is 50. + // Each entry must be at least 1 character and at most 1024 characters long. + IgnoredNetworkDevices *[]configv1alpha1.NodeExporterIgnoredNetworkDevice `json:"ignoredNetworkDevices,omitempty"` +} + +// NodeExporterConfigApplyConfiguration constructs a declarative configuration of the NodeExporterConfig type for use with +// apply. +func NodeExporterConfig() *NodeExporterConfigApplyConfiguration { + return &NodeExporterConfigApplyConfiguration{} +} + +// WithResources adds the given value to the Resources field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Resources field. +func (b *NodeExporterConfigApplyConfiguration) WithResources(values ...*ContainerResourceApplyConfiguration) *NodeExporterConfigApplyConfiguration { + for i := range values { + if values[i] == nil { + panic("nil value passed to WithResources") + } + b.Resources = append(b.Resources, *values[i]) + } + return b +} + +// WithCollectors sets the Collectors field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Collectors field is set to the value of the last call. +func (b *NodeExporterConfigApplyConfiguration) WithCollectors(value *NodeExporterCollectorConfigApplyConfiguration) *NodeExporterConfigApplyConfiguration { + b.Collectors = value + return b +} + +// WithMaxProcs sets the MaxProcs field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the MaxProcs field is set to the value of the last call. +func (b *NodeExporterConfigApplyConfiguration) WithMaxProcs(value int32) *NodeExporterConfigApplyConfiguration { + b.MaxProcs = &value + return b +} + +// WithIgnoredNetworkDevices sets the IgnoredNetworkDevices field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the IgnoredNetworkDevices field is set to the value of the last call. +func (b *NodeExporterConfigApplyConfiguration) WithIgnoredNetworkDevices(value []configv1alpha1.NodeExporterIgnoredNetworkDevice) *NodeExporterConfigApplyConfiguration { + b.IgnoredNetworkDevices = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/oauth2.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/oauth2.go new file mode 100644 index 0000000000..d58cc3e513 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/oauth2.go @@ -0,0 +1,82 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// OAuth2ApplyConfiguration represents a declarative configuration of the OAuth2 type for use +// with apply. +// +// OAuth2 defines OAuth2 authentication settings for the remote write endpoint. +type OAuth2ApplyConfiguration struct { + // clientId defines the secret reference containing the OAuth2 client ID. + // The secret must exist in the openshift-monitoring namespace. + ClientID *SecretKeySelectorApplyConfiguration `json:"clientId,omitempty"` + // clientSecret defines the secret reference containing the OAuth2 client secret. + // The secret must exist in the openshift-monitoring namespace. + ClientSecret *SecretKeySelectorApplyConfiguration `json:"clientSecret,omitempty"` + // tokenUrl is the URL to fetch the token from. + // Must be a valid URL with http or https scheme. + // Must be between 1 and 2048 characters in length. + TokenURL *string `json:"tokenUrl,omitempty"` + // scopes is a list of OAuth2 scopes to request. + // When omitted, no scopes are requested. + // Maximum of 20 scopes can be specified. + // Each scope must be between 1 and 256 characters. + Scopes []string `json:"scopes,omitempty"` + // endpointParams defines additional parameters to append to the token URL. + // When omitted, no additional parameters are sent. + // Maximum of 20 parameters can be specified. Entries must have unique names (name is the list key). + EndpointParams []OAuth2EndpointParamApplyConfiguration `json:"endpointParams,omitempty"` +} + +// OAuth2ApplyConfiguration constructs a declarative configuration of the OAuth2 type for use with +// apply. +func OAuth2() *OAuth2ApplyConfiguration { + return &OAuth2ApplyConfiguration{} +} + +// WithClientID sets the ClientID field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the ClientID field is set to the value of the last call. +func (b *OAuth2ApplyConfiguration) WithClientID(value *SecretKeySelectorApplyConfiguration) *OAuth2ApplyConfiguration { + b.ClientID = value + return b +} + +// WithClientSecret sets the ClientSecret field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the ClientSecret field is set to the value of the last call. +func (b *OAuth2ApplyConfiguration) WithClientSecret(value *SecretKeySelectorApplyConfiguration) *OAuth2ApplyConfiguration { + b.ClientSecret = value + return b +} + +// WithTokenURL sets the TokenURL field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the TokenURL field is set to the value of the last call. +func (b *OAuth2ApplyConfiguration) WithTokenURL(value string) *OAuth2ApplyConfiguration { + b.TokenURL = &value + return b +} + +// WithScopes adds the given value to the Scopes field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Scopes field. +func (b *OAuth2ApplyConfiguration) WithScopes(values ...string) *OAuth2ApplyConfiguration { + for i := range values { + b.Scopes = append(b.Scopes, values[i]) + } + return b +} + +// WithEndpointParams adds the given value to the EndpointParams field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the EndpointParams field. +func (b *OAuth2ApplyConfiguration) WithEndpointParams(values ...*OAuth2EndpointParamApplyConfiguration) *OAuth2ApplyConfiguration { + for i := range values { + if values[i] == nil { + panic("nil value passed to WithEndpointParams") + } + b.EndpointParams = append(b.EndpointParams, *values[i]) + } + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/oauth2endpointparam.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/oauth2endpointparam.go new file mode 100644 index 0000000000..8372d30f8c --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/oauth2endpointparam.go @@ -0,0 +1,39 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// OAuth2EndpointParamApplyConfiguration represents a declarative configuration of the OAuth2EndpointParam type for use +// with apply. +// +// OAuth2EndpointParam defines a name/value parameter for the OAuth2 token URL. +type OAuth2EndpointParamApplyConfiguration struct { + // name is the parameter name. Must be between 1 and 256 characters. + Name *string `json:"name,omitempty"` + // value is the optional parameter value. When omitted, the query parameter is applied as ?name (no value). + // When set (including to the empty string), it is applied as ?name=value. Empty string may be used when the + // external system expects a parameter with an empty value (e.g. ?parameter=""). + // Must be between 0 and 2048 characters when present (aligned with common URL length recommendations). + Value *string `json:"value,omitempty"` +} + +// OAuth2EndpointParamApplyConfiguration constructs a declarative configuration of the OAuth2EndpointParam type for use with +// apply. +func OAuth2EndpointParam() *OAuth2EndpointParamApplyConfiguration { + return &OAuth2EndpointParamApplyConfiguration{} +} + +// WithName sets the Name field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Name field is set to the value of the last call. +func (b *OAuth2EndpointParamApplyConfiguration) WithName(value string) *OAuth2EndpointParamApplyConfiguration { + b.Name = &value + return b +} + +// WithValue sets the Value field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Value field is set to the value of the last call. +func (b *OAuth2EndpointParamApplyConfiguration) WithValue(value string) *OAuth2EndpointParamApplyConfiguration { + b.Value = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/openshiftstatemetricsconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/openshiftstatemetricsconfig.go new file mode 100644 index 0000000000..daef85c244 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/openshiftstatemetricsconfig.go @@ -0,0 +1,117 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1 "k8s.io/api/core/v1" +) + +// OpenShiftStateMetricsConfigApplyConfiguration represents a declarative configuration of the OpenShiftStateMetricsConfig type for use +// with apply. +// +// OpenShiftStateMetricsConfig provides configuration options for the openshift-state-metrics agent +// that runs in the `openshift-monitoring` namespace. The openshift-state-metrics agent generates +// metrics about the state of OpenShift-specific Kubernetes objects, such as routes, builds, and deployments. +type OpenShiftStateMetricsConfigApplyConfiguration struct { + // nodeSelector defines the nodes on which the Pods are scheduled. + // nodeSelector is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // The current default value is `kubernetes.io/os: linux`. + // When specified, nodeSelector must contain at least 1 entry and must not contain more than 10 entries. + NodeSelector map[string]string `json:"nodeSelector,omitempty"` + // resources defines the compute resource requests and limits for the openshift-state-metrics container. + // This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. + // When not specified, defaults are used by the platform. Requests cannot exceed limits. + // This field is optional. + // More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + // This is a simplified API that maps to Kubernetes ResourceRequirements. + // The current default values are: + // resources: + // - name: cpu + // request: 1m + // limit: null + // - name: memory + // request: 32Mi + // limit: null + // Maximum length for this list is 5. + // Minimum length for this list is 1. + // Each resource name must be unique within this list. + Resources []ContainerResourceApplyConfiguration `json:"resources,omitempty"` + // tolerations defines tolerations for the pods. + // tolerations is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // Defaults are empty/unset. + // Maximum length for this list is 10. + // Minimum length for this list is 1. + Tolerations []v1.Toleration `json:"tolerations,omitempty"` + // topologySpreadConstraints defines rules for how openshift-state-metrics Pods should be distributed + // across topology domains such as zones, nodes, or other user-defined labels. + // topologySpreadConstraints is optional. + // This helps improve high availability and resource efficiency by avoiding placing + // too many replicas in the same failure domain. + // + // When omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. + // This field maps directly to the `topologySpreadConstraints` field in the Pod spec. + // Default is empty list. + // Maximum length for this list is 10. + // Minimum length for this list is 1. + // Entries must have unique topologyKey and whenUnsatisfiable pairs. + TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` +} + +// OpenShiftStateMetricsConfigApplyConfiguration constructs a declarative configuration of the OpenShiftStateMetricsConfig type for use with +// apply. +func OpenShiftStateMetricsConfig() *OpenShiftStateMetricsConfigApplyConfiguration { + return &OpenShiftStateMetricsConfigApplyConfiguration{} +} + +// WithNodeSelector puts the entries into the NodeSelector field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, the entries provided by each call will be put on the NodeSelector field, +// overwriting an existing map entries in NodeSelector field with the same key. +func (b *OpenShiftStateMetricsConfigApplyConfiguration) WithNodeSelector(entries map[string]string) *OpenShiftStateMetricsConfigApplyConfiguration { + if b.NodeSelector == nil && len(entries) > 0 { + b.NodeSelector = make(map[string]string, len(entries)) + } + for k, v := range entries { + b.NodeSelector[k] = v + } + return b +} + +// WithResources adds the given value to the Resources field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Resources field. +func (b *OpenShiftStateMetricsConfigApplyConfiguration) WithResources(values ...*ContainerResourceApplyConfiguration) *OpenShiftStateMetricsConfigApplyConfiguration { + for i := range values { + if values[i] == nil { + panic("nil value passed to WithResources") + } + b.Resources = append(b.Resources, *values[i]) + } + return b +} + +// WithTolerations adds the given value to the Tolerations field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Tolerations field. +func (b *OpenShiftStateMetricsConfigApplyConfiguration) WithTolerations(values ...v1.Toleration) *OpenShiftStateMetricsConfigApplyConfiguration { + for i := range values { + b.Tolerations = append(b.Tolerations, values[i]) + } + return b +} + +// WithTopologySpreadConstraints adds the given value to the TopologySpreadConstraints field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the TopologySpreadConstraints field. +func (b *OpenShiftStateMetricsConfigApplyConfiguration) WithTopologySpreadConstraints(values ...v1.TopologySpreadConstraint) *OpenShiftStateMetricsConfigApplyConfiguration { + for i := range values { + b.TopologySpreadConstraints = append(b.TopologySpreadConstraints, values[i]) + } + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/pkicertificatesubject.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/pkicertificatesubject.go deleted file mode 100644 index c9c93a2806..0000000000 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/pkicertificatesubject.go +++ /dev/null @@ -1,39 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -// PKICertificateSubjectApplyConfiguration represents a declarative configuration of the PKICertificateSubject type for use -// with apply. -// -// PKICertificateSubject defines the requirements imposed on the subject to which the certificate was issued. -type PKICertificateSubjectApplyConfiguration struct { - // email specifies the expected email address imposed on the subject to which the certificate was issued, and must match the email address listed in the Subject Alternative Name (SAN) field of the certificate. - // The email should be a valid email address and at most 320 characters in length. - Email *string `json:"email,omitempty"` - // hostname specifies the expected hostname imposed on the subject to which the certificate was issued, and it must match the hostname listed in the Subject Alternative Name (SAN) DNS field of the certificate. - // The hostname should be a valid dns 1123 subdomain name, optionally prefixed by '*.', and at most 253 characters in length. - // It should consist only of lowercase alphanumeric characters, hyphens, periods and the optional preceding asterisk. - Hostname *string `json:"hostname,omitempty"` -} - -// PKICertificateSubjectApplyConfiguration constructs a declarative configuration of the PKICertificateSubject type for use with -// apply. -func PKICertificateSubject() *PKICertificateSubjectApplyConfiguration { - return &PKICertificateSubjectApplyConfiguration{} -} - -// WithEmail sets the Email field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Email field is set to the value of the last call. -func (b *PKICertificateSubjectApplyConfiguration) WithEmail(value string) *PKICertificateSubjectApplyConfiguration { - b.Email = &value - return b -} - -// WithHostname sets the Hostname field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Hostname field is set to the value of the last call. -func (b *PKICertificateSubjectApplyConfiguration) WithHostname(value string) *PKICertificateSubjectApplyConfiguration { - b.Hostname = &value - return b -} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policyfulciosubject.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policyfulciosubject.go deleted file mode 100644 index 5c7bd5ed9e..0000000000 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policyfulciosubject.go +++ /dev/null @@ -1,38 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -// PolicyFulcioSubjectApplyConfiguration represents a declarative configuration of the PolicyFulcioSubject type for use -// with apply. -// -// PolicyFulcioSubject defines the OIDC issuer and the email of the Fulcio authentication configuration. -type PolicyFulcioSubjectApplyConfiguration struct { - // oidcIssuer contains the expected OIDC issuer. It will be verified that the Fulcio-issued certificate contains a (Fulcio-defined) certificate extension pointing at this OIDC issuer URL. When Fulcio issues certificates, it includes a value based on an URL inside the client-provided ID token. - // Example: "https://expected.OIDC.issuer/" - OIDCIssuer *string `json:"oidcIssuer,omitempty"` - // signedEmail holds the email address the the Fulcio certificate is issued for. - // Example: "expected-signing-user@example.com" - SignedEmail *string `json:"signedEmail,omitempty"` -} - -// PolicyFulcioSubjectApplyConfiguration constructs a declarative configuration of the PolicyFulcioSubject type for use with -// apply. -func PolicyFulcioSubject() *PolicyFulcioSubjectApplyConfiguration { - return &PolicyFulcioSubjectApplyConfiguration{} -} - -// WithOIDCIssuer sets the OIDCIssuer field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the OIDCIssuer field is set to the value of the last call. -func (b *PolicyFulcioSubjectApplyConfiguration) WithOIDCIssuer(value string) *PolicyFulcioSubjectApplyConfiguration { - b.OIDCIssuer = &value - return b -} - -// WithSignedEmail sets the SignedEmail field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the SignedEmail field is set to the value of the last call. -func (b *PolicyFulcioSubjectApplyConfiguration) WithSignedEmail(value string) *PolicyFulcioSubjectApplyConfiguration { - b.SignedEmail = &value - return b -} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policyidentity.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policyidentity.go deleted file mode 100644 index 822e756774..0000000000 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policyidentity.go +++ /dev/null @@ -1,57 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - configv1alpha1 "github.com/openshift/api/config/v1alpha1" -) - -// PolicyIdentityApplyConfiguration represents a declarative configuration of the PolicyIdentity type for use -// with apply. -// -// PolicyIdentity defines image identity the signature claims about the image. When omitted, the default matchPolicy is "MatchRepoDigestOrExact". -type PolicyIdentityApplyConfiguration struct { - // matchPolicy sets the type of matching to be used. - // Valid values are "MatchRepoDigestOrExact", "MatchRepository", "ExactRepository", "RemapIdentity". When omitted, the default value is "MatchRepoDigestOrExact". - // If set matchPolicy to ExactRepository, then the exactRepository must be specified. - // If set matchPolicy to RemapIdentity, then the remapIdentity must be specified. - // "MatchRepoDigestOrExact" means that the identity in the signature must be in the same repository as the image identity if the image identity is referenced by a digest. Otherwise, the identity in the signature must be the same as the image identity. - // "MatchRepository" means that the identity in the signature must be in the same repository as the image identity. - // "ExactRepository" means that the identity in the signature must be in the same repository as a specific identity specified by "repository". - // "RemapIdentity" means that the signature must be in the same as the remapped image identity. Remapped image identity is obtained by replacing the "prefix" with the specified “signedPrefix” if the the image identity matches the specified remapPrefix. - MatchPolicy *configv1alpha1.IdentityMatchPolicy `json:"matchPolicy,omitempty"` - // exactRepository is required if matchPolicy is set to "ExactRepository". - PolicyMatchExactRepository *PolicyMatchExactRepositoryApplyConfiguration `json:"exactRepository,omitempty"` - // remapIdentity is required if matchPolicy is set to "RemapIdentity". - PolicyMatchRemapIdentity *PolicyMatchRemapIdentityApplyConfiguration `json:"remapIdentity,omitempty"` -} - -// PolicyIdentityApplyConfiguration constructs a declarative configuration of the PolicyIdentity type for use with -// apply. -func PolicyIdentity() *PolicyIdentityApplyConfiguration { - return &PolicyIdentityApplyConfiguration{} -} - -// WithMatchPolicy sets the MatchPolicy field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the MatchPolicy field is set to the value of the last call. -func (b *PolicyIdentityApplyConfiguration) WithMatchPolicy(value configv1alpha1.IdentityMatchPolicy) *PolicyIdentityApplyConfiguration { - b.MatchPolicy = &value - return b -} - -// WithPolicyMatchExactRepository sets the PolicyMatchExactRepository field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the PolicyMatchExactRepository field is set to the value of the last call. -func (b *PolicyIdentityApplyConfiguration) WithPolicyMatchExactRepository(value *PolicyMatchExactRepositoryApplyConfiguration) *PolicyIdentityApplyConfiguration { - b.PolicyMatchExactRepository = value - return b -} - -// WithPolicyMatchRemapIdentity sets the PolicyMatchRemapIdentity field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the PolicyMatchRemapIdentity field is set to the value of the last call. -func (b *PolicyIdentityApplyConfiguration) WithPolicyMatchRemapIdentity(value *PolicyMatchRemapIdentityApplyConfiguration) *PolicyIdentityApplyConfiguration { - b.PolicyMatchRemapIdentity = value - return b -} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policymatchexactrepository.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policymatchexactrepository.go deleted file mode 100644 index 6420b8ed9e..0000000000 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policymatchexactrepository.go +++ /dev/null @@ -1,29 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - configv1alpha1 "github.com/openshift/api/config/v1alpha1" -) - -// PolicyMatchExactRepositoryApplyConfiguration represents a declarative configuration of the PolicyMatchExactRepository type for use -// with apply. -type PolicyMatchExactRepositoryApplyConfiguration struct { - // repository is the reference of the image identity to be matched. - // The value should be a repository name (by omitting the tag or digest) in a registry implementing the "Docker Registry HTTP API V2". For example, docker.io/library/busybox - Repository *configv1alpha1.IdentityRepositoryPrefix `json:"repository,omitempty"` -} - -// PolicyMatchExactRepositoryApplyConfiguration constructs a declarative configuration of the PolicyMatchExactRepository type for use with -// apply. -func PolicyMatchExactRepository() *PolicyMatchExactRepositoryApplyConfiguration { - return &PolicyMatchExactRepositoryApplyConfiguration{} -} - -// WithRepository sets the Repository field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Repository field is set to the value of the last call. -func (b *PolicyMatchExactRepositoryApplyConfiguration) WithRepository(value configv1alpha1.IdentityRepositoryPrefix) *PolicyMatchExactRepositoryApplyConfiguration { - b.Repository = &value - return b -} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policymatchremapidentity.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policymatchremapidentity.go deleted file mode 100644 index 0b1a5098fa..0000000000 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policymatchremapidentity.go +++ /dev/null @@ -1,45 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - configv1alpha1 "github.com/openshift/api/config/v1alpha1" -) - -// PolicyMatchRemapIdentityApplyConfiguration represents a declarative configuration of the PolicyMatchRemapIdentity type for use -// with apply. -type PolicyMatchRemapIdentityApplyConfiguration struct { - // prefix is the prefix of the image identity to be matched. - // If the image identity matches the specified prefix, that prefix is replaced by the specified “signedPrefix” (otherwise it is used as unchanged and no remapping takes place). - // This useful when verifying signatures for a mirror of some other repository namespace that preserves the vendor’s repository structure. - // The prefix and signedPrefix values can be either host[:port] values (matching exactly the same host[:port], string), repository namespaces, - // or repositories (i.e. they must not contain tags/digests), and match as prefixes of the fully expanded form. - // For example, docker.io/library/busybox (not busybox) to specify that single repository, or docker.io/library (not an empty string) to specify the parent namespace of docker.io/library/busybox. - Prefix *configv1alpha1.IdentityRepositoryPrefix `json:"prefix,omitempty"` - // signedPrefix is the prefix of the image identity to be matched in the signature. The format is the same as "prefix". The values can be either host[:port] values (matching exactly the same host[:port], string), repository namespaces, - // or repositories (i.e. they must not contain tags/digests), and match as prefixes of the fully expanded form. - // For example, docker.io/library/busybox (not busybox) to specify that single repository, or docker.io/library (not an empty string) to specify the parent namespace of docker.io/library/busybox. - SignedPrefix *configv1alpha1.IdentityRepositoryPrefix `json:"signedPrefix,omitempty"` -} - -// PolicyMatchRemapIdentityApplyConfiguration constructs a declarative configuration of the PolicyMatchRemapIdentity type for use with -// apply. -func PolicyMatchRemapIdentity() *PolicyMatchRemapIdentityApplyConfiguration { - return &PolicyMatchRemapIdentityApplyConfiguration{} -} - -// WithPrefix sets the Prefix field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Prefix field is set to the value of the last call. -func (b *PolicyMatchRemapIdentityApplyConfiguration) WithPrefix(value configv1alpha1.IdentityRepositoryPrefix) *PolicyMatchRemapIdentityApplyConfiguration { - b.Prefix = &value - return b -} - -// WithSignedPrefix sets the SignedPrefix field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the SignedPrefix field is set to the value of the last call. -func (b *PolicyMatchRemapIdentityApplyConfiguration) WithSignedPrefix(value configv1alpha1.IdentityRepositoryPrefix) *PolicyMatchRemapIdentityApplyConfiguration { - b.SignedPrefix = &value - return b -} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policyrootoftrust.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policyrootoftrust.go deleted file mode 100644 index b7a1877fc4..0000000000 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policyrootoftrust.go +++ /dev/null @@ -1,65 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - configv1alpha1 "github.com/openshift/api/config/v1alpha1" -) - -// PolicyRootOfTrustApplyConfiguration represents a declarative configuration of the PolicyRootOfTrust type for use -// with apply. -// -// PolicyRootOfTrust defines the root of trust based on the selected policyType. -type PolicyRootOfTrustApplyConfiguration struct { - // policyType serves as the union's discriminator. Users are required to assign a value to this field, choosing one of the policy types that define the root of trust. - // "PublicKey" indicates that the policy relies on a sigstore publicKey and may optionally use a Rekor verification. - // "FulcioCAWithRekor" indicates that the policy is based on the Fulcio certification and incorporates a Rekor verification. - // "PKI" indicates that the policy is based on the certificates from Bring Your Own Public Key Infrastructure (BYOPKI). This value is enabled by turning on the SigstoreImageVerificationPKI feature gate. - PolicyType *configv1alpha1.PolicyType `json:"policyType,omitempty"` - // publicKey defines the root of trust based on a sigstore public key. - PublicKey *ImagePolicyPublicKeyRootOfTrustApplyConfiguration `json:"publicKey,omitempty"` - // fulcioCAWithRekor defines the root of trust based on the Fulcio certificate and the Rekor public key. - // For more information about Fulcio and Rekor, please refer to the document at: - // https://github.com/sigstore/fulcio and https://github.com/sigstore/rekor - FulcioCAWithRekor *ImagePolicyFulcioCAWithRekorRootOfTrustApplyConfiguration `json:"fulcioCAWithRekor,omitempty"` - // pki defines the root of trust based on Bring Your Own Public Key Infrastructure (BYOPKI) Root CA(s) and corresponding intermediate certificates. - PKI *ImagePolicyPKIRootOfTrustApplyConfiguration `json:"pki,omitempty"` -} - -// PolicyRootOfTrustApplyConfiguration constructs a declarative configuration of the PolicyRootOfTrust type for use with -// apply. -func PolicyRootOfTrust() *PolicyRootOfTrustApplyConfiguration { - return &PolicyRootOfTrustApplyConfiguration{} -} - -// WithPolicyType sets the PolicyType field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the PolicyType field is set to the value of the last call. -func (b *PolicyRootOfTrustApplyConfiguration) WithPolicyType(value configv1alpha1.PolicyType) *PolicyRootOfTrustApplyConfiguration { - b.PolicyType = &value - return b -} - -// WithPublicKey sets the PublicKey field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the PublicKey field is set to the value of the last call. -func (b *PolicyRootOfTrustApplyConfiguration) WithPublicKey(value *ImagePolicyPublicKeyRootOfTrustApplyConfiguration) *PolicyRootOfTrustApplyConfiguration { - b.PublicKey = value - return b -} - -// WithFulcioCAWithRekor sets the FulcioCAWithRekor field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the FulcioCAWithRekor field is set to the value of the last call. -func (b *PolicyRootOfTrustApplyConfiguration) WithFulcioCAWithRekor(value *ImagePolicyFulcioCAWithRekorRootOfTrustApplyConfiguration) *PolicyRootOfTrustApplyConfiguration { - b.FulcioCAWithRekor = value - return b -} - -// WithPKI sets the PKI field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the PKI field is set to the value of the last call. -func (b *PolicyRootOfTrustApplyConfiguration) WithPKI(value *ImagePolicyPKIRootOfTrustApplyConfiguration) *PolicyRootOfTrustApplyConfiguration { - b.PKI = value - return b -} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/prometheusconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/prometheusconfig.go new file mode 100644 index 0000000000..2565d5e49c --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/prometheusconfig.go @@ -0,0 +1,282 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "github.com/openshift/api/config/v1alpha1" + v1 "k8s.io/api/core/v1" +) + +// PrometheusConfigApplyConfiguration represents a declarative configuration of the PrometheusConfig type for use +// with apply. +// +// PrometheusConfig provides configuration options for the Prometheus instance. +// Use this configuration to control +// Prometheus deployment, pod scheduling, resource allocation, retention policies, and external integrations. +type PrometheusConfigApplyConfiguration struct { + // additionalAlertmanagerConfigs configures additional Alertmanager instances that receive alerts from + // the Prometheus component. This is useful for organizations that need to: + // - Send alerts to external monitoring systems (like PagerDuty, Slack, or custom webhooks) + // - Route different types of alerts to different teams or systems + // - Integrate with existing enterprise alerting infrastructure + // - Maintain separate alert routing for compliance or organizational requirements + // When omitted, no additional Alertmanager instances are configured (default behavior). + // When provided, at least one configuration must be specified (minimum 1, maximum 10 items). + // Entries must have unique names (name is the list key). + AdditionalAlertmanagerConfigs []AdditionalAlertmanagerConfigApplyConfiguration `json:"additionalAlertmanagerConfigs,omitempty"` + // enforcedBodySizeLimitBytes enforces a body size limit (in bytes) for Prometheus scraped metrics. + // If a scraped target's body response is larger than the limit, the scrape will fail. + // This helps protect Prometheus from targets that return excessively large responses. + // The value is specified in bytes (e.g., 4194304 for 4MB, 1073741824 for 1GB). + // When omitted, the Cluster Monitoring Operator automatically calculates an appropriate + // limit based on cluster capacity. Set an explicit value to override the automatic calculation. + // Minimum value is 10240 (10kB). + // Maximum value is 1073741824 (1GB). + EnforcedBodySizeLimitBytes *int64 `json:"enforcedBodySizeLimitBytes,omitempty"` + // externalLabels defines labels to be attached to time series and alerts + // when communicating with external systems such as federation, remote storage, + // and Alertmanager. These labels are not stored with metrics on disk; they are + // only added when data leaves Prometheus (e.g., during federation queries, + // remote write, or alert notifications). + // At least 1 label must be specified when set, with a maximum of 50 labels allowed. + // Each label key must be unique within this list. + // When omitted, no external labels are applied. + ExternalLabels []LabelApplyConfiguration `json:"externalLabels,omitempty"` + // logLevel defines the verbosity of logs emitted by Prometheus. + // This field allows users to control the amount and severity of logs generated, which can be useful + // for debugging issues or reducing noise in production environments. + // Allowed values are Error, Warn, Info, and Debug. + // When set to Error, only errors will be logged. + // When set to Warn, both warnings and errors will be logged. + // When set to Info, general information, warnings, and errors will all be logged. + // When set to Debug, detailed debugging information will be logged. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. + // The current default value is `Info`. + LogLevel *configv1alpha1.LogLevel `json:"logLevel,omitempty"` + // nodeSelector defines the nodes on which the Pods are scheduled. + // nodeSelector is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // The current default value is `kubernetes.io/os: linux`. + // When specified, nodeSelector must contain at least one key-value pair (minimum of 1) + // and must not contain more than 10 entries. + NodeSelector map[string]string `json:"nodeSelector,omitempty"` + // queryLogFile specifies the file to which PromQL queries are logged. + // This setting can be either a filename, in which + // case the queries are saved to an `emptyDir` volume + // at `/var/log/prometheus`, or a full path to a location where + // an `emptyDir` volume will be mounted and the queries saved. + // Writing to `/dev/stderr`, `/dev/stdout` or `/dev/null` is supported, but + // writing to any other `/dev/` path is not supported. Relative paths are + // also not supported. + // By default, PromQL queries are not logged. + // Must be an absolute path starting with `/` or a simple filename without path separators. + // Must not contain consecutive slashes, end with a slash, or include '..' path traversal. + // Must contain only alphanumeric characters, '.', '_', '-', or '/'. + // Must be between 1 and 255 characters in length. + QueryLogFile *string `json:"queryLogFile,omitempty"` + // remoteWrite defines the remote write configuration, including URL, authentication, and relabeling settings. + // Remote write allows Prometheus to send metrics it collects to external long-term storage systems. + // When omitted, no remote write endpoints are configured. + // When provided, at least one configuration must be specified (minimum 1, maximum 10 items). + // Entries must have unique names (name is the list key). + RemoteWrite []RemoteWriteSpecApplyConfiguration `json:"remoteWrite,omitempty"` + // resources defines the compute resource requests and limits for the Prometheus container. + // This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. + // When not specified, defaults are used by the platform. Requests cannot exceed limits. + // This field is optional. + // More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + // This is a simplified API that maps to Kubernetes ResourceRequirements. + // The current default values are: + // resources: + // - name: cpu + // request: 4m + // limit: null + // - name: memory + // request: 40Mi + // limit: null + // Maximum length for this list is 5. + // Minimum length for this list is 1. + // Each resource name must be unique within this list. + Resources []ContainerResourceApplyConfiguration `json:"resources,omitempty"` + // retention configures how long Prometheus retains metrics data and how much storage it can use. + // When omitted, the platform chooses reasonable defaults (currently 15d retention, no size limit). + Retention *RetentionApplyConfiguration `json:"retention,omitempty"` + // tolerations defines tolerations for the pods. + // tolerations is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // Defaults are empty/unset. + // Maximum length for this list is 10 + // Minimum length for this list is 1 + Tolerations []v1.Toleration `json:"tolerations,omitempty"` + // topologySpreadConstraints defines rules for how Prometheus Pods should be distributed + // across topology domains such as zones, nodes, or other user-defined labels. + // topologySpreadConstraints is optional. + // This helps improve high availability and resource efficiency by avoiding placing + // too many replicas in the same failure domain. + // + // When omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. + // This field maps directly to the `topologySpreadConstraints` field in the Pod spec. + // Default is empty list. + // Maximum length for this list is 10. + // Minimum length for this list is 1 + // Entries must have unique topologyKey and whenUnsatisfiable pairs. + TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` + // collectionProfile defines the metrics collection profile that Prometheus uses to collect + // metrics from the platform components. Supported values are `Full` or + // `Minimal`. In the `Full` profile (default), Prometheus collects all + // metrics that are exposed by the platform components. In the `Minimal` + // profile, Prometheus only collects metrics necessary for the default + // platform alerts, recording rules, telemetry and console dashboards. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The default value is `Full`. + CollectionProfile *configv1alpha1.CollectionProfile `json:"collectionProfile,omitempty"` + // volumeClaimTemplate defines persistent storage for Prometheus. Use this setting to + // configure the persistent volume claim, including storage class and volume size. + // If omitted, the Pod uses ephemeral storage and Prometheus data will not persist + // across restarts. + VolumeClaimTemplate *v1.PersistentVolumeClaim `json:"volumeClaimTemplate,omitempty"` +} + +// PrometheusConfigApplyConfiguration constructs a declarative configuration of the PrometheusConfig type for use with +// apply. +func PrometheusConfig() *PrometheusConfigApplyConfiguration { + return &PrometheusConfigApplyConfiguration{} +} + +// WithAdditionalAlertmanagerConfigs adds the given value to the AdditionalAlertmanagerConfigs field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the AdditionalAlertmanagerConfigs field. +func (b *PrometheusConfigApplyConfiguration) WithAdditionalAlertmanagerConfigs(values ...*AdditionalAlertmanagerConfigApplyConfiguration) *PrometheusConfigApplyConfiguration { + for i := range values { + if values[i] == nil { + panic("nil value passed to WithAdditionalAlertmanagerConfigs") + } + b.AdditionalAlertmanagerConfigs = append(b.AdditionalAlertmanagerConfigs, *values[i]) + } + return b +} + +// WithEnforcedBodySizeLimitBytes sets the EnforcedBodySizeLimitBytes field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the EnforcedBodySizeLimitBytes field is set to the value of the last call. +func (b *PrometheusConfigApplyConfiguration) WithEnforcedBodySizeLimitBytes(value int64) *PrometheusConfigApplyConfiguration { + b.EnforcedBodySizeLimitBytes = &value + return b +} + +// WithExternalLabels adds the given value to the ExternalLabels field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the ExternalLabels field. +func (b *PrometheusConfigApplyConfiguration) WithExternalLabels(values ...*LabelApplyConfiguration) *PrometheusConfigApplyConfiguration { + for i := range values { + if values[i] == nil { + panic("nil value passed to WithExternalLabels") + } + b.ExternalLabels = append(b.ExternalLabels, *values[i]) + } + return b +} + +// WithLogLevel sets the LogLevel field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the LogLevel field is set to the value of the last call. +func (b *PrometheusConfigApplyConfiguration) WithLogLevel(value configv1alpha1.LogLevel) *PrometheusConfigApplyConfiguration { + b.LogLevel = &value + return b +} + +// WithNodeSelector puts the entries into the NodeSelector field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, the entries provided by each call will be put on the NodeSelector field, +// overwriting an existing map entries in NodeSelector field with the same key. +func (b *PrometheusConfigApplyConfiguration) WithNodeSelector(entries map[string]string) *PrometheusConfigApplyConfiguration { + if b.NodeSelector == nil && len(entries) > 0 { + b.NodeSelector = make(map[string]string, len(entries)) + } + for k, v := range entries { + b.NodeSelector[k] = v + } + return b +} + +// WithQueryLogFile sets the QueryLogFile field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the QueryLogFile field is set to the value of the last call. +func (b *PrometheusConfigApplyConfiguration) WithQueryLogFile(value string) *PrometheusConfigApplyConfiguration { + b.QueryLogFile = &value + return b +} + +// WithRemoteWrite adds the given value to the RemoteWrite field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the RemoteWrite field. +func (b *PrometheusConfigApplyConfiguration) WithRemoteWrite(values ...*RemoteWriteSpecApplyConfiguration) *PrometheusConfigApplyConfiguration { + for i := range values { + if values[i] == nil { + panic("nil value passed to WithRemoteWrite") + } + b.RemoteWrite = append(b.RemoteWrite, *values[i]) + } + return b +} + +// WithResources adds the given value to the Resources field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Resources field. +func (b *PrometheusConfigApplyConfiguration) WithResources(values ...*ContainerResourceApplyConfiguration) *PrometheusConfigApplyConfiguration { + for i := range values { + if values[i] == nil { + panic("nil value passed to WithResources") + } + b.Resources = append(b.Resources, *values[i]) + } + return b +} + +// WithRetention sets the Retention field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Retention field is set to the value of the last call. +func (b *PrometheusConfigApplyConfiguration) WithRetention(value *RetentionApplyConfiguration) *PrometheusConfigApplyConfiguration { + b.Retention = value + return b +} + +// WithTolerations adds the given value to the Tolerations field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Tolerations field. +func (b *PrometheusConfigApplyConfiguration) WithTolerations(values ...v1.Toleration) *PrometheusConfigApplyConfiguration { + for i := range values { + b.Tolerations = append(b.Tolerations, values[i]) + } + return b +} + +// WithTopologySpreadConstraints adds the given value to the TopologySpreadConstraints field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the TopologySpreadConstraints field. +func (b *PrometheusConfigApplyConfiguration) WithTopologySpreadConstraints(values ...v1.TopologySpreadConstraint) *PrometheusConfigApplyConfiguration { + for i := range values { + b.TopologySpreadConstraints = append(b.TopologySpreadConstraints, values[i]) + } + return b +} + +// WithCollectionProfile sets the CollectionProfile field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the CollectionProfile field is set to the value of the last call. +func (b *PrometheusConfigApplyConfiguration) WithCollectionProfile(value configv1alpha1.CollectionProfile) *PrometheusConfigApplyConfiguration { + b.CollectionProfile = &value + return b +} + +// WithVolumeClaimTemplate sets the VolumeClaimTemplate field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the VolumeClaimTemplate field is set to the value of the last call. +func (b *PrometheusConfigApplyConfiguration) WithVolumeClaimTemplate(value v1.PersistentVolumeClaim) *PrometheusConfigApplyConfiguration { + b.VolumeClaimTemplate = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/prometheusoperatoradmissionwebhookconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/prometheusoperatoradmissionwebhookconfig.go index b35fb15fef..9eadb023ec 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/prometheusoperatoradmissionwebhookconfig.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/prometheusoperatoradmissionwebhookconfig.go @@ -29,7 +29,7 @@ type PrometheusOperatorAdmissionWebhookConfigApplyConfiguration struct { // - name: memory // request: 30Mi // limit: null - // Maximum length for this list is 10. + // Maximum length for this list is 5. // Minimum length for this list is 1. // Each resource name must be unique within this list. Resources []ContainerResourceApplyConfiguration `json:"resources,omitempty"` diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/prometheusoperatorconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/prometheusoperatorconfig.go index 2612926255..a0bac703d0 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/prometheusoperatorconfig.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/prometheusoperatorconfig.go @@ -46,7 +46,7 @@ type PrometheusOperatorConfigApplyConfiguration struct { // - name: memory // request: 40Mi // limit: null - // Maximum length for this list is 10. + // Maximum length for this list is 5. // Minimum length for this list is 1. // Each resource name must be unique within this list. Resources []ContainerResourceApplyConfiguration `json:"resources,omitempty"` diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/prometheusremotewriteheader.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/prometheusremotewriteheader.go new file mode 100644 index 0000000000..53e21d1f9d --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/prometheusremotewriteheader.go @@ -0,0 +1,40 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// PrometheusRemoteWriteHeaderApplyConfiguration represents a declarative configuration of the PrometheusRemoteWriteHeader type for use +// with apply. +// +// PrometheusRemoteWriteHeader defines a custom HTTP header for remote write requests. +// The header name must not be one of the reserved headers set by Prometheus (Host, Authorization, Content-Encoding, Content-Type, X-Prometheus-Remote-Write-Version, User-Agent, Connection, Keep-Alive, Proxy-Authenticate, Proxy-Authorization, WWW-Authenticate). +// Header names must contain only case-insensitive alphanumeric characters, hyphens (-), and underscores (_); other characters (e.g. emoji) are rejected by validation. +// Validation is enforced on the Headers field in RemoteWriteSpec. +type PrometheusRemoteWriteHeaderApplyConfiguration struct { + // name is the HTTP header name. Must not be a reserved header (see type documentation). + // Must contain only alphanumeric characters, hyphens, and underscores; invalid characters are rejected. Must be between 1 and 256 characters. + Name *string `json:"name,omitempty"` + // value is the HTTP header value. Must be at most 4096 characters. + Value *string `json:"value,omitempty"` +} + +// PrometheusRemoteWriteHeaderApplyConfiguration constructs a declarative configuration of the PrometheusRemoteWriteHeader type for use with +// apply. +func PrometheusRemoteWriteHeader() *PrometheusRemoteWriteHeaderApplyConfiguration { + return &PrometheusRemoteWriteHeaderApplyConfiguration{} +} + +// WithName sets the Name field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Name field is set to the value of the last call. +func (b *PrometheusRemoteWriteHeaderApplyConfiguration) WithName(value string) *PrometheusRemoteWriteHeaderApplyConfiguration { + b.Name = &value + return b +} + +// WithValue sets the Value field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Value field is set to the value of the last call. +func (b *PrometheusRemoteWriteHeaderApplyConfiguration) WithValue(value string) *PrometheusRemoteWriteHeaderApplyConfiguration { + b.Value = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/queueconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/queueconfig.go new file mode 100644 index 0000000000..a24ff44ace --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/queueconfig.go @@ -0,0 +1,129 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "github.com/openshift/api/config/v1alpha1" +) + +// QueueConfigApplyConfiguration represents a declarative configuration of the QueueConfig type for use +// with apply. +// +// QueueConfig allows tuning configuration for remote write queue parameters. +// Configure this when you need to control throughput, backpressure, or retry behavior—for example to avoid overloading the remote endpoint, to reduce memory usage, or to tune for high-cardinality workloads. Consider capacity, maxShards, and batchSendDeadlineSeconds for throughput; minBackoffMilliseconds and maxBackoffMilliseconds for retries; and rateLimitedAction when the remote returns HTTP 429. +type QueueConfigApplyConfiguration struct { + // capacity is the number of samples to buffer per shard before we start dropping them. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The default value is 10000. + // Minimum value is 1. + // Maximum value is 1000000. + Capacity *int32 `json:"capacity,omitempty"` + // maxShards is the maximum number of shards, i.e. amount of concurrency. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The default value is 200. + // Minimum value is 1. + // Maximum value is 10000. + MaxShards *int32 `json:"maxShards,omitempty"` + // minShards is the minimum number of shards, i.e. amount of concurrency. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The default value is 1. + // Minimum value is 1. + // Maximum value is 10000. + MinShards *int32 `json:"minShards,omitempty"` + // maxSamplesPerSend is the maximum number of samples per send. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The default value is 1000. + // Minimum value is 1. + // Maximum value is 100000. + MaxSamplesPerSend *int32 `json:"maxSamplesPerSend,omitempty"` + // batchSendDeadlineSeconds is the maximum time in seconds a sample will wait in buffer before being sent. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // Minimum value is 1 second. + // Maximum value is 3600 seconds (1 hour). + BatchSendDeadlineSeconds *int32 `json:"batchSendDeadlineSeconds,omitempty"` + // minBackoffMilliseconds is the minimum retry delay in milliseconds. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // Minimum value is 1 millisecond. + // Maximum value is 3600000 milliseconds (1 hour). + MinBackoffMilliseconds *int32 `json:"minBackoffMilliseconds,omitempty"` + // maxBackoffMilliseconds is the maximum retry delay in milliseconds. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // Minimum value is 1 millisecond. + // Maximum value is 3600000 milliseconds (1 hour). + MaxBackoffMilliseconds *int32 `json:"maxBackoffMilliseconds,omitempty"` + // rateLimitedAction controls what to do when the remote write endpoint returns HTTP 429 (Too Many Requests). + // When omitted, no retries are performed on rate limit responses. + // When set to "Retry", Prometheus will retry such requests using the backoff settings above. + // Valid value when set is "Retry". + RateLimitedAction *configv1alpha1.RateLimitedAction `json:"rateLimitedAction,omitempty"` +} + +// QueueConfigApplyConfiguration constructs a declarative configuration of the QueueConfig type for use with +// apply. +func QueueConfig() *QueueConfigApplyConfiguration { + return &QueueConfigApplyConfiguration{} +} + +// WithCapacity sets the Capacity field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Capacity field is set to the value of the last call. +func (b *QueueConfigApplyConfiguration) WithCapacity(value int32) *QueueConfigApplyConfiguration { + b.Capacity = &value + return b +} + +// WithMaxShards sets the MaxShards field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the MaxShards field is set to the value of the last call. +func (b *QueueConfigApplyConfiguration) WithMaxShards(value int32) *QueueConfigApplyConfiguration { + b.MaxShards = &value + return b +} + +// WithMinShards sets the MinShards field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the MinShards field is set to the value of the last call. +func (b *QueueConfigApplyConfiguration) WithMinShards(value int32) *QueueConfigApplyConfiguration { + b.MinShards = &value + return b +} + +// WithMaxSamplesPerSend sets the MaxSamplesPerSend field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the MaxSamplesPerSend field is set to the value of the last call. +func (b *QueueConfigApplyConfiguration) WithMaxSamplesPerSend(value int32) *QueueConfigApplyConfiguration { + b.MaxSamplesPerSend = &value + return b +} + +// WithBatchSendDeadlineSeconds sets the BatchSendDeadlineSeconds field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the BatchSendDeadlineSeconds field is set to the value of the last call. +func (b *QueueConfigApplyConfiguration) WithBatchSendDeadlineSeconds(value int32) *QueueConfigApplyConfiguration { + b.BatchSendDeadlineSeconds = &value + return b +} + +// WithMinBackoffMilliseconds sets the MinBackoffMilliseconds field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the MinBackoffMilliseconds field is set to the value of the last call. +func (b *QueueConfigApplyConfiguration) WithMinBackoffMilliseconds(value int32) *QueueConfigApplyConfiguration { + b.MinBackoffMilliseconds = &value + return b +} + +// WithMaxBackoffMilliseconds sets the MaxBackoffMilliseconds field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the MaxBackoffMilliseconds field is set to the value of the last call. +func (b *QueueConfigApplyConfiguration) WithMaxBackoffMilliseconds(value int32) *QueueConfigApplyConfiguration { + b.MaxBackoffMilliseconds = &value + return b +} + +// WithRateLimitedAction sets the RateLimitedAction field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the RateLimitedAction field is set to the value of the last call. +func (b *QueueConfigApplyConfiguration) WithRateLimitedAction(value configv1alpha1.RateLimitedAction) *QueueConfigApplyConfiguration { + b.RateLimitedAction = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/relabelactionconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/relabelactionconfig.go new file mode 100644 index 0000000000..cfcfc7b5cc --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/relabelactionconfig.go @@ -0,0 +1,135 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "github.com/openshift/api/config/v1alpha1" +) + +// RelabelActionConfigApplyConfiguration represents a declarative configuration of the RelabelActionConfig type for use +// with apply. +// +// RelabelActionConfig represents the action to perform and its configuration. +// Exactly one action-specific configuration must be specified based on the action type. +type RelabelActionConfigApplyConfiguration struct { + // type specifies the action to perform on the matched labels. + // Allowed values are Replace, Lowercase, Uppercase, Keep, Drop, KeepEqual, DropEqual, HashMod, LabelMap, LabelDrop, LabelKeep. + // + // When set to Replace, regex is matched against the concatenated source_labels; target_label is set to replacement with match group references (${1}, ${2}, ...) substituted. If regex does not match, no replacement takes place. + // + // When set to Lowercase, the concatenated source_labels are mapped to their lower case. Requires Prometheus >= v2.36.0. + // + // When set to Uppercase, the concatenated source_labels are mapped to their upper case. Requires Prometheus >= v2.36.0. + // + // When set to Keep, targets for which regex does not match the concatenated source_labels are dropped. + // + // When set to Drop, targets for which regex matches the concatenated source_labels are dropped. + // + // When set to KeepEqual, targets for which the concatenated source_labels do not match target_label are dropped. Requires Prometheus >= v2.41.0. + // + // When set to DropEqual, targets for which the concatenated source_labels do match target_label are dropped. Requires Prometheus >= v2.41.0. + // + // When set to HashMod, target_label is set to the modulus of a hash of the concatenated source_labels. + // + // When set to LabelMap, regex is matched against all source label names (not just source_labels); matching label values are copied to new names given by replacement with ${1}, ${2}, ... substituted. + // + // When set to LabelDrop, regex is matched against all label names; any label that matches is removed. + // + // When set to LabelKeep, regex is matched against all label names; any label that does not match is removed. + Type *configv1alpha1.RelabelAction `json:"type,omitempty"` + // replace configures the Replace action. + // Required when type is Replace, and forbidden otherwise. + Replace *ReplaceActionConfigApplyConfiguration `json:"replace,omitempty"` + // hashMod configures the HashMod action. + // Required when type is HashMod, and forbidden otherwise. + HashMod *HashModActionConfigApplyConfiguration `json:"hashMod,omitempty"` + // labelMap configures the LabelMap action. + // Required when type is LabelMap, and forbidden otherwise. + LabelMap *LabelMapActionConfigApplyConfiguration `json:"labelMap,omitempty"` + // lowercase configures the Lowercase action. + // Required when type is Lowercase, and forbidden otherwise. + // Requires Prometheus >= v2.36.0. + Lowercase *LowercaseActionConfigApplyConfiguration `json:"lowercase,omitempty"` + // uppercase configures the Uppercase action. + // Required when type is Uppercase, and forbidden otherwise. + // Requires Prometheus >= v2.36.0. + Uppercase *UppercaseActionConfigApplyConfiguration `json:"uppercase,omitempty"` + // keepEqual configures the KeepEqual action. + // Required when type is KeepEqual, and forbidden otherwise. + // Requires Prometheus >= v2.41.0. + KeepEqual *KeepEqualActionConfigApplyConfiguration `json:"keepEqual,omitempty"` + // dropEqual configures the DropEqual action. + // Required when type is DropEqual, and forbidden otherwise. + // Requires Prometheus >= v2.41.0. + DropEqual *DropEqualActionConfigApplyConfiguration `json:"dropEqual,omitempty"` +} + +// RelabelActionConfigApplyConfiguration constructs a declarative configuration of the RelabelActionConfig type for use with +// apply. +func RelabelActionConfig() *RelabelActionConfigApplyConfiguration { + return &RelabelActionConfigApplyConfiguration{} +} + +// WithType sets the Type field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Type field is set to the value of the last call. +func (b *RelabelActionConfigApplyConfiguration) WithType(value configv1alpha1.RelabelAction) *RelabelActionConfigApplyConfiguration { + b.Type = &value + return b +} + +// WithReplace sets the Replace field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Replace field is set to the value of the last call. +func (b *RelabelActionConfigApplyConfiguration) WithReplace(value *ReplaceActionConfigApplyConfiguration) *RelabelActionConfigApplyConfiguration { + b.Replace = value + return b +} + +// WithHashMod sets the HashMod field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the HashMod field is set to the value of the last call. +func (b *RelabelActionConfigApplyConfiguration) WithHashMod(value *HashModActionConfigApplyConfiguration) *RelabelActionConfigApplyConfiguration { + b.HashMod = value + return b +} + +// WithLabelMap sets the LabelMap field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the LabelMap field is set to the value of the last call. +func (b *RelabelActionConfigApplyConfiguration) WithLabelMap(value *LabelMapActionConfigApplyConfiguration) *RelabelActionConfigApplyConfiguration { + b.LabelMap = value + return b +} + +// WithLowercase sets the Lowercase field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Lowercase field is set to the value of the last call. +func (b *RelabelActionConfigApplyConfiguration) WithLowercase(value *LowercaseActionConfigApplyConfiguration) *RelabelActionConfigApplyConfiguration { + b.Lowercase = value + return b +} + +// WithUppercase sets the Uppercase field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Uppercase field is set to the value of the last call. +func (b *RelabelActionConfigApplyConfiguration) WithUppercase(value *UppercaseActionConfigApplyConfiguration) *RelabelActionConfigApplyConfiguration { + b.Uppercase = value + return b +} + +// WithKeepEqual sets the KeepEqual field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the KeepEqual field is set to the value of the last call. +func (b *RelabelActionConfigApplyConfiguration) WithKeepEqual(value *KeepEqualActionConfigApplyConfiguration) *RelabelActionConfigApplyConfiguration { + b.KeepEqual = value + return b +} + +// WithDropEqual sets the DropEqual field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the DropEqual field is set to the value of the last call. +func (b *RelabelActionConfigApplyConfiguration) WithDropEqual(value *DropEqualActionConfigApplyConfiguration) *RelabelActionConfigApplyConfiguration { + b.DropEqual = value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/relabelconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/relabelconfig.go new file mode 100644 index 0000000000..efe191727e --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/relabelconfig.go @@ -0,0 +1,89 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// RelabelConfigApplyConfiguration represents a declarative configuration of the RelabelConfig type for use +// with apply. +// +// RelabelConfig represents a relabeling rule. +type RelabelConfigApplyConfiguration struct { + // name is a unique identifier for this relabel configuration. + // Must contain only alphanumeric characters, hyphens, and underscores. + // Must be between 1 and 63 characters in length. + Name *string `json:"name,omitempty"` + // sourceLabels specifies which label names to extract from each series for this relabeling rule. + // The values of these labels are joined together using the configured separator, + // and the resulting string is then matched against the regular expression. + // If a referenced label does not exist on a series, Prometheus substitutes an empty string. + // When omitted, the rule operates without extracting source labels (useful for actions like labelmap). + // Minimum of 1 and maximum of 10 source labels can be specified, each between 1 and 128 characters. + // Each entry must be unique. + // Label names beginning with "__" (two underscores) are reserved for internal Prometheus use and are not allowed. + // Label names SHOULD start with a letter (a-z, A-Z) or underscore (_), followed by zero or more letters, digits (0-9), or underscores for best compatibility. + // While Prometheus supports UTF-8 characters in label names (since v3.0.0), using the recommended character set + // ensures better compatibility with the wider ecosystem (tooling, third-party instrumentation, etc.). + SourceLabels []string `json:"sourceLabels,omitempty"` + // separator is the character sequence used to join source label values. + // Common examples: ";", ",", "::", "|||". + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The default value is ";". + // Must be between 1 and 5 characters in length when specified. + Separator *string `json:"separator,omitempty"` + // regex is the regular expression to match against the concatenated source label values. + // Must be a valid RE2 regular expression (https://github.com/google/re2/wiki/Syntax). + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The default value is "(.*)" to match everything. + // Must be between 1 and 1000 characters in length when specified. + Regex *string `json:"regex,omitempty"` + // action defines the action to perform on the matched labels and its configuration. + // Exactly one action-specific configuration must be specified based on the action type. + Action *RelabelActionConfigApplyConfiguration `json:"action,omitempty"` +} + +// RelabelConfigApplyConfiguration constructs a declarative configuration of the RelabelConfig type for use with +// apply. +func RelabelConfig() *RelabelConfigApplyConfiguration { + return &RelabelConfigApplyConfiguration{} +} + +// WithName sets the Name field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Name field is set to the value of the last call. +func (b *RelabelConfigApplyConfiguration) WithName(value string) *RelabelConfigApplyConfiguration { + b.Name = &value + return b +} + +// WithSourceLabels adds the given value to the SourceLabels field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the SourceLabels field. +func (b *RelabelConfigApplyConfiguration) WithSourceLabels(values ...string) *RelabelConfigApplyConfiguration { + for i := range values { + b.SourceLabels = append(b.SourceLabels, values[i]) + } + return b +} + +// WithSeparator sets the Separator field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Separator field is set to the value of the last call. +func (b *RelabelConfigApplyConfiguration) WithSeparator(value string) *RelabelConfigApplyConfiguration { + b.Separator = &value + return b +} + +// WithRegex sets the Regex field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Regex field is set to the value of the last call. +func (b *RelabelConfigApplyConfiguration) WithRegex(value string) *RelabelConfigApplyConfiguration { + b.Regex = &value + return b +} + +// WithAction sets the Action field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Action field is set to the value of the last call. +func (b *RelabelConfigApplyConfiguration) WithAction(value *RelabelActionConfigApplyConfiguration) *RelabelConfigApplyConfiguration { + b.Action = value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/remotewriteauthorization.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/remotewriteauthorization.go new file mode 100644 index 0000000000..c32870d760 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/remotewriteauthorization.go @@ -0,0 +1,100 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "github.com/openshift/api/config/v1alpha1" + v1 "k8s.io/api/core/v1" +) + +// RemoteWriteAuthorizationApplyConfiguration represents a declarative configuration of the RemoteWriteAuthorization type for use +// with apply. +// +// RemoteWriteAuthorization defines the authorization method for a remote write endpoint. +// Exactly one of the nested configs must be set according to the type discriminator. +type RemoteWriteAuthorizationApplyConfiguration struct { + // type specifies the authorization method to use. + // Allowed values are BearerToken, BasicAuth, OAuth2, SigV4, SafeAuthorization, ServiceAccount. + // + // When set to BearerToken, the bearer token is read from a Secret referenced by the bearerToken field. + // + // When set to BasicAuth, HTTP basic authentication is used; the basicAuth field (username and password from Secrets) must be set. + // + // When set to OAuth2, OAuth2 client credentials flow is used; the oauth2 field (clientId, clientSecret, tokenUrl) must be set. + // + // When set to SigV4, AWS Signature Version 4 is used for authentication; the sigv4 field must be set. + // + // When set to SafeAuthorization, credentials are read from a single Secret key (Prometheus SafeAuthorization pattern). The secret key typically contains a Bearer token. Use the safeAuthorization field. + // + // When set to ServiceAccount, the pod's service account token is used for machine identity. No additional field is required; the operator configures the token path. + Type *configv1alpha1.RemoteWriteAuthorizationType `json:"type,omitempty"` + // safeAuthorization defines the secret reference containing the credentials for authentication (e.g. Bearer token). + // Required when type is "SafeAuthorization", and forbidden otherwise. Maps to Prometheus SafeAuthorization. The secret must exist in the openshift-monitoring namespace. + SafeAuthorization *v1.SecretKeySelector `json:"safeAuthorization,omitempty"` + // bearerToken defines the secret reference containing the bearer token. + // Required when type is "BearerToken", and forbidden otherwise. + BearerToken *SecretKeySelectorApplyConfiguration `json:"bearerToken,omitempty"` + // basicAuth defines HTTP basic authentication credentials. + // Required when type is "BasicAuth", and forbidden otherwise. + BasicAuth *BasicAuthApplyConfiguration `json:"basicAuth,omitempty"` + // oauth2 defines OAuth2 client credentials authentication. + // Required when type is "OAuth2", and forbidden otherwise. + OAuth2 *OAuth2ApplyConfiguration `json:"oauth2,omitempty"` + // sigv4 defines AWS Signature Version 4 authentication. + // Required when type is "SigV4", and forbidden otherwise. + Sigv4 *Sigv4ApplyConfiguration `json:"sigv4,omitempty"` +} + +// RemoteWriteAuthorizationApplyConfiguration constructs a declarative configuration of the RemoteWriteAuthorization type for use with +// apply. +func RemoteWriteAuthorization() *RemoteWriteAuthorizationApplyConfiguration { + return &RemoteWriteAuthorizationApplyConfiguration{} +} + +// WithType sets the Type field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Type field is set to the value of the last call. +func (b *RemoteWriteAuthorizationApplyConfiguration) WithType(value configv1alpha1.RemoteWriteAuthorizationType) *RemoteWriteAuthorizationApplyConfiguration { + b.Type = &value + return b +} + +// WithSafeAuthorization sets the SafeAuthorization field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the SafeAuthorization field is set to the value of the last call. +func (b *RemoteWriteAuthorizationApplyConfiguration) WithSafeAuthorization(value v1.SecretKeySelector) *RemoteWriteAuthorizationApplyConfiguration { + b.SafeAuthorization = &value + return b +} + +// WithBearerToken sets the BearerToken field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the BearerToken field is set to the value of the last call. +func (b *RemoteWriteAuthorizationApplyConfiguration) WithBearerToken(value *SecretKeySelectorApplyConfiguration) *RemoteWriteAuthorizationApplyConfiguration { + b.BearerToken = value + return b +} + +// WithBasicAuth sets the BasicAuth field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the BasicAuth field is set to the value of the last call. +func (b *RemoteWriteAuthorizationApplyConfiguration) WithBasicAuth(value *BasicAuthApplyConfiguration) *RemoteWriteAuthorizationApplyConfiguration { + b.BasicAuth = value + return b +} + +// WithOAuth2 sets the OAuth2 field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the OAuth2 field is set to the value of the last call. +func (b *RemoteWriteAuthorizationApplyConfiguration) WithOAuth2(value *OAuth2ApplyConfiguration) *RemoteWriteAuthorizationApplyConfiguration { + b.OAuth2 = value + return b +} + +// WithSigv4 sets the Sigv4 field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Sigv4 field is set to the value of the last call. +func (b *RemoteWriteAuthorizationApplyConfiguration) WithSigv4(value *Sigv4ApplyConfiguration) *RemoteWriteAuthorizationApplyConfiguration { + b.Sigv4 = value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/remotewritespec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/remotewritespec.go new file mode 100644 index 0000000000..cbb3c0dbcf --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/remotewritespec.go @@ -0,0 +1,175 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "github.com/openshift/api/config/v1alpha1" +) + +// RemoteWriteSpecApplyConfiguration represents a declarative configuration of the RemoteWriteSpec type for use +// with apply. +// +// RemoteWriteSpec represents configuration for remote write endpoints. +type RemoteWriteSpecApplyConfiguration struct { + // url is the URL of the remote write endpoint. + // Must be a valid URL with http or https scheme and a non-empty hostname. + // Query parameters, fragments, and user information (e.g. user:password@host) are not allowed. + // Empty string is invalid. Must be between 1 and 2048 characters in length. + URL *string `json:"url,omitempty"` + // name is a required identifier for this remote write configuration (name is the list key for the remoteWrite list). + // This name is used in metrics and logging to differentiate remote write queues. + // Must contain only alphanumeric characters, hyphens, and underscores. + // Must be between 1 and 63 characters in length. + Name *string `json:"name,omitempty"` + // authorization defines the authorization method for the remote write endpoint. + // When omitted, no authorization is performed. + // When set, type must be one of BearerToken, BasicAuth, OAuth2, SigV4, SafeAuthorization, or ServiceAccount; the corresponding nested config must be set (ServiceAccount has no config). + AuthorizationConfig *RemoteWriteAuthorizationApplyConfiguration `json:"authorization,omitempty"` + // headers specifies the custom HTTP headers to be sent along with each remote write request. + // Sending custom headers makes the configuration of a proxy in between optional and helps the + // receiver recognize the given source better. + // Clients MAY allow users to send custom HTTP headers; they MUST NOT allow users to configure + // them in such a way as to send reserved headers. Headers set by Prometheus cannot be overwritten. + // When omitted, no custom headers are sent. + // Maximum of 50 headers can be specified. Each header name must be unique. + // Each header name must contain only alphanumeric characters, hyphens, and underscores, and must not be a reserved Prometheus header (Host, Authorization, Content-Encoding, Content-Type, X-Prometheus-Remote-Write-Version, User-Agent, Connection, Keep-Alive, Proxy-Authenticate, Proxy-Authorization, WWW-Authenticate). + Headers []PrometheusRemoteWriteHeaderApplyConfiguration `json:"headers,omitempty"` + // metadataConfig configures the sending of series metadata to remote storage. + // When omitted, no metadata is sent. + // When set to sendPolicy: Default, metadata is sent using platform-chosen defaults (e.g. send interval 30 seconds). + // When set to sendPolicy: Custom, metadata is sent using the settings in the custom field (e.g. custom.sendIntervalSeconds). + MetadataConfig *MetadataConfigApplyConfiguration `json:"metadataConfig,omitempty"` + // proxyUrl defines an optional proxy URL. + // If the cluster-wide proxy is enabled, it replaces the proxyUrl setting. + // The cluster-wide proxy supports both HTTP and HTTPS proxies, with HTTPS taking precedence. + // When omitted, no proxy is used. + // Must be a valid URL with http or https scheme. + // Must be between 1 and 2048 characters in length. + ProxyURL *string `json:"proxyUrl,omitempty"` + // queueConfig allows tuning configuration for remote write queue parameters. + // When omitted, default queue configuration is used. + QueueConfig *QueueConfigApplyConfiguration `json:"queueConfig,omitempty"` + // remoteTimeoutSeconds defines the timeout in seconds for requests to the remote write endpoint. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // Minimum value is 1 second. + // Maximum value is 600 seconds (10 minutes). + RemoteTimeoutSeconds *int32 `json:"remoteTimeoutSeconds,omitempty"` + // exemplarsMode controls whether exemplars are sent via remote write. + // Valid values are "Send", "DoNotSend" and omitted. + // When set to "Send", Prometheus is configured to store a maximum of 100,000 exemplars in memory and send them with remote write. + // Note that this setting only applies to user-defined monitoring. It is not applicable to default in-cluster monitoring. + // When omitted or set to "DoNotSend", exemplars are not sent. + ExemplarsMode *configv1alpha1.ExemplarsMode `json:"exemplarsMode,omitempty"` + // tlsConfig defines TLS authentication settings for the remote write endpoint. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + TLSConfig *TLSConfigApplyConfiguration `json:"tlsConfig,omitempty"` + // writeRelabelConfigs is a list of relabeling rules to apply before sending data to the remote endpoint. + // When omitted, no relabeling is performed and all metrics are sent as-is. + // Minimum of 1 and maximum of 10 relabeling rules can be specified. + // Each rule must have a unique name. + WriteRelabelConfigs []RelabelConfigApplyConfiguration `json:"writeRelabelConfigs,omitempty"` +} + +// RemoteWriteSpecApplyConfiguration constructs a declarative configuration of the RemoteWriteSpec type for use with +// apply. +func RemoteWriteSpec() *RemoteWriteSpecApplyConfiguration { + return &RemoteWriteSpecApplyConfiguration{} +} + +// WithURL sets the URL field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the URL field is set to the value of the last call. +func (b *RemoteWriteSpecApplyConfiguration) WithURL(value string) *RemoteWriteSpecApplyConfiguration { + b.URL = &value + return b +} + +// WithName sets the Name field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Name field is set to the value of the last call. +func (b *RemoteWriteSpecApplyConfiguration) WithName(value string) *RemoteWriteSpecApplyConfiguration { + b.Name = &value + return b +} + +// WithAuthorizationConfig sets the AuthorizationConfig field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the AuthorizationConfig field is set to the value of the last call. +func (b *RemoteWriteSpecApplyConfiguration) WithAuthorizationConfig(value *RemoteWriteAuthorizationApplyConfiguration) *RemoteWriteSpecApplyConfiguration { + b.AuthorizationConfig = value + return b +} + +// WithHeaders adds the given value to the Headers field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Headers field. +func (b *RemoteWriteSpecApplyConfiguration) WithHeaders(values ...*PrometheusRemoteWriteHeaderApplyConfiguration) *RemoteWriteSpecApplyConfiguration { + for i := range values { + if values[i] == nil { + panic("nil value passed to WithHeaders") + } + b.Headers = append(b.Headers, *values[i]) + } + return b +} + +// WithMetadataConfig sets the MetadataConfig field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the MetadataConfig field is set to the value of the last call. +func (b *RemoteWriteSpecApplyConfiguration) WithMetadataConfig(value *MetadataConfigApplyConfiguration) *RemoteWriteSpecApplyConfiguration { + b.MetadataConfig = value + return b +} + +// WithProxyURL sets the ProxyURL field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the ProxyURL field is set to the value of the last call. +func (b *RemoteWriteSpecApplyConfiguration) WithProxyURL(value string) *RemoteWriteSpecApplyConfiguration { + b.ProxyURL = &value + return b +} + +// WithQueueConfig sets the QueueConfig field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the QueueConfig field is set to the value of the last call. +func (b *RemoteWriteSpecApplyConfiguration) WithQueueConfig(value *QueueConfigApplyConfiguration) *RemoteWriteSpecApplyConfiguration { + b.QueueConfig = value + return b +} + +// WithRemoteTimeoutSeconds sets the RemoteTimeoutSeconds field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the RemoteTimeoutSeconds field is set to the value of the last call. +func (b *RemoteWriteSpecApplyConfiguration) WithRemoteTimeoutSeconds(value int32) *RemoteWriteSpecApplyConfiguration { + b.RemoteTimeoutSeconds = &value + return b +} + +// WithExemplarsMode sets the ExemplarsMode field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the ExemplarsMode field is set to the value of the last call. +func (b *RemoteWriteSpecApplyConfiguration) WithExemplarsMode(value configv1alpha1.ExemplarsMode) *RemoteWriteSpecApplyConfiguration { + b.ExemplarsMode = &value + return b +} + +// WithTLSConfig sets the TLSConfig field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the TLSConfig field is set to the value of the last call. +func (b *RemoteWriteSpecApplyConfiguration) WithTLSConfig(value *TLSConfigApplyConfiguration) *RemoteWriteSpecApplyConfiguration { + b.TLSConfig = value + return b +} + +// WithWriteRelabelConfigs adds the given value to the WriteRelabelConfigs field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the WriteRelabelConfigs field. +func (b *RemoteWriteSpecApplyConfiguration) WithWriteRelabelConfigs(values ...*RelabelConfigApplyConfiguration) *RemoteWriteSpecApplyConfiguration { + for i := range values { + if values[i] == nil { + panic("nil value passed to WithWriteRelabelConfigs") + } + b.WriteRelabelConfigs = append(b.WriteRelabelConfigs, *values[i]) + } + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/replaceactionconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/replaceactionconfig.go new file mode 100644 index 0000000000..7b9766c11b --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/replaceactionconfig.go @@ -0,0 +1,41 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// ReplaceActionConfigApplyConfiguration represents a declarative configuration of the ReplaceActionConfig type for use +// with apply. +// +// ReplaceActionConfig configures the Replace action. +// Regex is matched against the concatenated source_labels; target_label is set to replacement with match group references (${1}, ${2}, ...) substituted. No replacement if regex does not match. +type ReplaceActionConfigApplyConfiguration struct { + // targetLabel is the label name where the replacement result is written. + // Must be between 1 and 128 characters in length. + TargetLabel *string `json:"targetLabel,omitempty"` + // replacement is the value written to target_label when regex matches; match group references (${1}, ${2}, ...) are substituted. + // Required when using the Replace action so the intended behavior is explicit and the platform does not need to apply defaults. + // Use "$1" for the first capture group, "$2" for the second, etc. Use an empty string ("") to explicitly clear the target label value. + // Must be between 0 and 255 characters in length. + Replacement *string `json:"replacement,omitempty"` +} + +// ReplaceActionConfigApplyConfiguration constructs a declarative configuration of the ReplaceActionConfig type for use with +// apply. +func ReplaceActionConfig() *ReplaceActionConfigApplyConfiguration { + return &ReplaceActionConfigApplyConfiguration{} +} + +// WithTargetLabel sets the TargetLabel field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the TargetLabel field is set to the value of the last call. +func (b *ReplaceActionConfigApplyConfiguration) WithTargetLabel(value string) *ReplaceActionConfigApplyConfiguration { + b.TargetLabel = &value + return b +} + +// WithReplacement sets the Replacement field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Replacement field is set to the value of the last call. +func (b *ReplaceActionConfigApplyConfiguration) WithReplacement(value string) *ReplaceActionConfigApplyConfiguration { + b.Replacement = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/retention.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/retention.go new file mode 100644 index 0000000000..2c999b21da --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/retention.go @@ -0,0 +1,54 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// RetentionApplyConfiguration represents a declarative configuration of the Retention type for use +// with apply. +// +// Retention configures how long Prometheus retains metrics data and how much storage it can use. +type RetentionApplyConfiguration struct { + // duration is an optional field that specifies how long Prometheus retains metrics data. + // Valid values are Prometheus-style duration strings with unit suffixes y, w, d, h, m, s, or ms + // (for example, "15d", "24h", or "5d1h30m"). Each unit value must be a positive integer. + // Composite durations must follow the fixed unit order y, w, d, h, m, s, ms. + // Must be at least 1 character and at most 64 characters. + // When set to "0", time-based retention is disabled. This is the only supported form for disabling + // time-based retention; other zero-duration representations such as "0d", "0h", or "0y" are rejected. + // Prometheus automatically deletes data older than this duration. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The current default value is `15d`. + Duration *string `json:"duration,omitempty"` + // size is an optional field that specifies the maximum storage size that Prometheus + // can use for data blocks and the write-ahead log (WAL). + // Valid values are byte-size strings with an optional decimal prefix and a unit suffix B, KB, MB, GB, + // TB, EB, PB, or their binary equivalents KiB, MiB, GiB, TiB, EiB, PiB (for example, "500MiB", "10GiB"). + // The numeric value must be greater than zero. + // Must be at least 1 character and at most 32 characters. + // When set to "0", no size limit is enforced. This is the only supported form for disabling size-based + // retention; other zero-size representations such as "0B" or "0MiB" are rejected. + // When the limit is reached, Prometheus deletes oldest data first. + // When omitted, no size limit is enforced and Prometheus uses available PersistentVolume capacity. + Size *string `json:"size,omitempty"` +} + +// RetentionApplyConfiguration constructs a declarative configuration of the Retention type for use with +// apply. +func Retention() *RetentionApplyConfiguration { + return &RetentionApplyConfiguration{} +} + +// WithDuration sets the Duration field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Duration field is set to the value of the last call. +func (b *RetentionApplyConfiguration) WithDuration(value string) *RetentionApplyConfiguration { + b.Duration = &value + return b +} + +// WithSize sets the Size field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Size field is set to the value of the last call. +func (b *RetentionApplyConfiguration) WithSize(value string) *RetentionApplyConfiguration { + b.Size = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/secretkeyselector.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/secretkeyselector.go new file mode 100644 index 0000000000..a824180eda --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/secretkeyselector.go @@ -0,0 +1,40 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// SecretKeySelectorApplyConfiguration represents a declarative configuration of the SecretKeySelector type for use +// with apply. +// +// SecretKeySelector selects a key of a Secret in the `openshift-monitoring` namespace. +type SecretKeySelectorApplyConfiguration struct { + // name is the name of the secret in the `openshift-monitoring` namespace to select from. + // Must be a valid Kubernetes secret name (lowercase alphanumeric, '-' or '.', start/end with alphanumeric). + // Must be between 1 and 253 characters in length. + Name *string `json:"name,omitempty"` + // key is the key of the secret to select from. + // Must consist of alphanumeric characters, '-', '_', or '.'. + // Must be between 1 and 253 characters in length. + Key *string `json:"key,omitempty"` +} + +// SecretKeySelectorApplyConfiguration constructs a declarative configuration of the SecretKeySelector type for use with +// apply. +func SecretKeySelector() *SecretKeySelectorApplyConfiguration { + return &SecretKeySelectorApplyConfiguration{} +} + +// WithName sets the Name field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Name field is set to the value of the last call. +func (b *SecretKeySelectorApplyConfiguration) WithName(value string) *SecretKeySelectorApplyConfiguration { + b.Name = &value + return b +} + +// WithKey sets the Key field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Key field is set to the value of the last call. +func (b *SecretKeySelectorApplyConfiguration) WithKey(value string) *SecretKeySelectorApplyConfiguration { + b.Key = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/sigv4.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/sigv4.go new file mode 100644 index 0000000000..e0e37c4fdb --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/sigv4.go @@ -0,0 +1,78 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// Sigv4ApplyConfiguration represents a declarative configuration of the Sigv4 type for use +// with apply. +// +// Sigv4 defines AWS Signature Version 4 authentication settings. +// At least one of region, accessKey/secretKey, profile, or roleArn must be set so the platform can perform authentication. +type Sigv4ApplyConfiguration struct { + // region is the AWS region. + // When omitted, the region is derived from the environment or instance metadata. + // Must be between 1 and 128 characters. + Region *string `json:"region,omitempty"` + // accessKey defines the secret reference containing the AWS access key ID. + // The secret must exist in the openshift-monitoring namespace. + // When omitted, the access key is derived from the environment or instance metadata. + AccessKey *SecretKeySelectorApplyConfiguration `json:"accessKey,omitempty"` + // secretKey defines the secret reference containing the AWS secret access key. + // The secret must exist in the openshift-monitoring namespace. + // When omitted, the secret key is derived from the environment or instance metadata. + SecretKey *SecretKeySelectorApplyConfiguration `json:"secretKey,omitempty"` + // profile is the named AWS profile used to authenticate. + // When omitted, the default profile is used. + // Must be between 1 and 128 characters. + Profile *string `json:"profile,omitempty"` + // roleArn is the AWS Role ARN, an alternative to using AWS API keys. + // When omitted, API keys are used for authentication. + // Must be a valid AWS ARN format (e.g., "arn:aws:iam::123456789012:role/MyRole"). + // Must be between 1 and 512 characters. + RoleArn *string `json:"roleArn,omitempty"` +} + +// Sigv4ApplyConfiguration constructs a declarative configuration of the Sigv4 type for use with +// apply. +func Sigv4() *Sigv4ApplyConfiguration { + return &Sigv4ApplyConfiguration{} +} + +// WithRegion sets the Region field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Region field is set to the value of the last call. +func (b *Sigv4ApplyConfiguration) WithRegion(value string) *Sigv4ApplyConfiguration { + b.Region = &value + return b +} + +// WithAccessKey sets the AccessKey field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the AccessKey field is set to the value of the last call. +func (b *Sigv4ApplyConfiguration) WithAccessKey(value *SecretKeySelectorApplyConfiguration) *Sigv4ApplyConfiguration { + b.AccessKey = value + return b +} + +// WithSecretKey sets the SecretKey field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the SecretKey field is set to the value of the last call. +func (b *Sigv4ApplyConfiguration) WithSecretKey(value *SecretKeySelectorApplyConfiguration) *Sigv4ApplyConfiguration { + b.SecretKey = value + return b +} + +// WithProfile sets the Profile field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Profile field is set to the value of the last call. +func (b *Sigv4ApplyConfiguration) WithProfile(value string) *Sigv4ApplyConfiguration { + b.Profile = &value + return b +} + +// WithRoleArn sets the RoleArn field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the RoleArn field is set to the value of the last call. +func (b *Sigv4ApplyConfiguration) WithRoleArn(value string) *Sigv4ApplyConfiguration { + b.RoleArn = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/telemeterclientconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/telemeterclientconfig.go new file mode 100644 index 0000000000..9d4c5cc331 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/telemeterclientconfig.go @@ -0,0 +1,118 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1 "k8s.io/api/core/v1" +) + +// TelemeterClientConfigApplyConfiguration represents a declarative configuration of the TelemeterClientConfig type for use +// with apply. +// +// TelemeterClientConfig provides configuration options for the Telemeter Client component +// that runs in the `openshift-monitoring` namespace. The Telemeter Client collects selected +// monitoring metrics and forwards them to Red Hat for telemetry purposes. +// At least one field must be specified. +type TelemeterClientConfigApplyConfiguration struct { + // nodeSelector defines the nodes on which the Pods are scheduled. + // nodeSelector is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // The current default value is `kubernetes.io/os: linux`. + // When specified, nodeSelector must contain at least 1 entry and must not contain more than 10 entries. + NodeSelector map[string]string `json:"nodeSelector,omitempty"` + // resources defines the compute resource requests and limits for the Telemeter Client container. + // This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. + // When not specified, defaults are used by the platform. Requests cannot exceed limits. + // This field is optional. + // More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + // This is a simplified API that maps to Kubernetes ResourceRequirements. + // The current default values are: + // resources: + // - name: cpu + // request: 1m + // limit: null + // - name: memory + // request: 40Mi + // limit: null + // Maximum length for this list is 5. + // Minimum length for this list is 1. + // Each resource name must be unique within this list. + Resources []ContainerResourceApplyConfiguration `json:"resources,omitempty"` + // tolerations defines tolerations for the pods. + // tolerations is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // Defaults are empty/unset. + // Maximum length for this list is 10. + // Minimum length for this list is 1. + Tolerations []v1.Toleration `json:"tolerations,omitempty"` + // topologySpreadConstraints defines rules for how Telemeter Client Pods should be distributed + // across topology domains such as zones, nodes, or other user-defined labels. + // topologySpreadConstraints is optional. + // This helps improve high availability and resource efficiency by avoiding placing + // too many replicas in the same failure domain. + // + // When omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. + // This field maps directly to the `topologySpreadConstraints` field in the Pod spec. + // Default is empty list. + // Maximum length for this list is 10. + // Minimum length for this list is 1. + // Entries must have unique topologyKey and whenUnsatisfiable pairs. + TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` +} + +// TelemeterClientConfigApplyConfiguration constructs a declarative configuration of the TelemeterClientConfig type for use with +// apply. +func TelemeterClientConfig() *TelemeterClientConfigApplyConfiguration { + return &TelemeterClientConfigApplyConfiguration{} +} + +// WithNodeSelector puts the entries into the NodeSelector field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, the entries provided by each call will be put on the NodeSelector field, +// overwriting an existing map entries in NodeSelector field with the same key. +func (b *TelemeterClientConfigApplyConfiguration) WithNodeSelector(entries map[string]string) *TelemeterClientConfigApplyConfiguration { + if b.NodeSelector == nil && len(entries) > 0 { + b.NodeSelector = make(map[string]string, len(entries)) + } + for k, v := range entries { + b.NodeSelector[k] = v + } + return b +} + +// WithResources adds the given value to the Resources field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Resources field. +func (b *TelemeterClientConfigApplyConfiguration) WithResources(values ...*ContainerResourceApplyConfiguration) *TelemeterClientConfigApplyConfiguration { + for i := range values { + if values[i] == nil { + panic("nil value passed to WithResources") + } + b.Resources = append(b.Resources, *values[i]) + } + return b +} + +// WithTolerations adds the given value to the Tolerations field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Tolerations field. +func (b *TelemeterClientConfigApplyConfiguration) WithTolerations(values ...v1.Toleration) *TelemeterClientConfigApplyConfiguration { + for i := range values { + b.Tolerations = append(b.Tolerations, values[i]) + } + return b +} + +// WithTopologySpreadConstraints adds the given value to the TopologySpreadConstraints field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the TopologySpreadConstraints field. +func (b *TelemeterClientConfigApplyConfiguration) WithTopologySpreadConstraints(values ...v1.TopologySpreadConstraint) *TelemeterClientConfigApplyConfiguration { + for i := range values { + b.TopologySpreadConstraints = append(b.TopologySpreadConstraints, values[i]) + } + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/thanosquerierconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/thanosquerierconfig.go new file mode 100644 index 0000000000..9210a0a308 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/thanosquerierconfig.go @@ -0,0 +1,167 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "github.com/openshift/api/config/v1alpha1" + v1 "k8s.io/api/core/v1" +) + +// ThanosQuerierConfigApplyConfiguration represents a declarative configuration of the ThanosQuerierConfig type for use +// with apply. +// +// ThanosQuerierConfig provides configuration options for the Thanos Querier component +// that runs in the `openshift-monitoring` namespace. +// At least one field must be specified; an empty thanosQuerierConfig object is not allowed. +type ThanosQuerierConfigApplyConfiguration struct { + // logLevel defines the verbosity of logs emitted by Thanos Querier. + // logLevel is optional. + // Allowed values are Error, Warn, Info, and Debug. + // When set to Error, only errors will be logged. + // When set to Warn, both warnings and errors will be logged. + // When set to Info, general information, warnings, and errors will all be logged. + // When set to Debug, detailed debugging information will be logged. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. + // The current default value is `Info`. + LogLevel *configv1alpha1.LogLevel `json:"logLevel,omitempty"` + // requestLogging configures request logging for Thanos Querier. + // requestLogging is optional. + // When provided, the policy field within is required. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. + // The current default behavior is to not log any requests. + RequestLogging *ThanosQuerierRequestLoggingConfigApplyConfiguration `json:"requestLogging,omitempty"` + // crossOriginRequestPolicy configures the CORS (Cross-Origin Resource Sharing) policy + // for Thanos Querier's HTTP endpoints. + // crossOriginRequestPolicy is optional. + // Valid values are "AllowAll" and "DenyAll". + // When set to "AllowAll", CORS headers are added to responses, allowing cross-origin requests from any domain. + // When set to "DenyAll", no CORS headers are added and cross-origin requests are rejected by the browser. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. + // The current default value is "DenyAll". + CrossOriginRequestPolicy *configv1alpha1.CrossOriginRequestPolicy `json:"crossOriginRequestPolicy,omitempty"` + // nodeSelector defines the nodes on which the Pods are scheduled. + // nodeSelector is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // The current default value is `kubernetes.io/os: linux`. + // When specified, nodeSelector must contain at least 1 entry and must not contain more than 10 entries. + NodeSelector map[string]string `json:"nodeSelector,omitempty"` + // resources defines the compute resource requests and limits for the Thanos Querier container. + // resources is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // Requests cannot exceed limits. + // More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + // This is a simplified API that maps to Kubernetes ResourceRequirements. + // The current default values are: + // resources: + // - name: cpu + // request: 5m + // - name: memory + // request: 12Mi + // Maximum length for this list is 5. + // Minimum length for this list is 1. + // Each resource name must be unique within this list. + Resources []ContainerResourceApplyConfiguration `json:"resources,omitempty"` + // tolerations defines tolerations for the pods. + // tolerations is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // Defaults are empty/unset. + // Maximum length for this list is 10. + // Minimum length for this list is 1. + Tolerations []v1.Toleration `json:"tolerations,omitempty"` + // topologySpreadConstraints defines rules for how Thanos Querier Pods should be distributed + // across topology domains such as zones, nodes, or other user-defined labels. + // topologySpreadConstraints is optional. + // This helps improve high availability and resource efficiency by avoiding placing + // too many replicas in the same failure domain. + // + // When omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. + // This field maps directly to the `topologySpreadConstraints` field in the Pod spec. + // Defaults are empty/unset. + // Maximum length for this list is 10. + // Minimum length for this list is 1. + // Entries must have unique topologyKey and whenUnsatisfiable pairs. + TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` +} + +// ThanosQuerierConfigApplyConfiguration constructs a declarative configuration of the ThanosQuerierConfig type for use with +// apply. +func ThanosQuerierConfig() *ThanosQuerierConfigApplyConfiguration { + return &ThanosQuerierConfigApplyConfiguration{} +} + +// WithLogLevel sets the LogLevel field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the LogLevel field is set to the value of the last call. +func (b *ThanosQuerierConfigApplyConfiguration) WithLogLevel(value configv1alpha1.LogLevel) *ThanosQuerierConfigApplyConfiguration { + b.LogLevel = &value + return b +} + +// WithRequestLogging sets the RequestLogging field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the RequestLogging field is set to the value of the last call. +func (b *ThanosQuerierConfigApplyConfiguration) WithRequestLogging(value *ThanosQuerierRequestLoggingConfigApplyConfiguration) *ThanosQuerierConfigApplyConfiguration { + b.RequestLogging = value + return b +} + +// WithCrossOriginRequestPolicy sets the CrossOriginRequestPolicy field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the CrossOriginRequestPolicy field is set to the value of the last call. +func (b *ThanosQuerierConfigApplyConfiguration) WithCrossOriginRequestPolicy(value configv1alpha1.CrossOriginRequestPolicy) *ThanosQuerierConfigApplyConfiguration { + b.CrossOriginRequestPolicy = &value + return b +} + +// WithNodeSelector puts the entries into the NodeSelector field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, the entries provided by each call will be put on the NodeSelector field, +// overwriting an existing map entries in NodeSelector field with the same key. +func (b *ThanosQuerierConfigApplyConfiguration) WithNodeSelector(entries map[string]string) *ThanosQuerierConfigApplyConfiguration { + if b.NodeSelector == nil && len(entries) > 0 { + b.NodeSelector = make(map[string]string, len(entries)) + } + for k, v := range entries { + b.NodeSelector[k] = v + } + return b +} + +// WithResources adds the given value to the Resources field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Resources field. +func (b *ThanosQuerierConfigApplyConfiguration) WithResources(values ...*ContainerResourceApplyConfiguration) *ThanosQuerierConfigApplyConfiguration { + for i := range values { + if values[i] == nil { + panic("nil value passed to WithResources") + } + b.Resources = append(b.Resources, *values[i]) + } + return b +} + +// WithTolerations adds the given value to the Tolerations field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Tolerations field. +func (b *ThanosQuerierConfigApplyConfiguration) WithTolerations(values ...v1.Toleration) *ThanosQuerierConfigApplyConfiguration { + for i := range values { + b.Tolerations = append(b.Tolerations, values[i]) + } + return b +} + +// WithTopologySpreadConstraints adds the given value to the TopologySpreadConstraints field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the TopologySpreadConstraints field. +func (b *ThanosQuerierConfigApplyConfiguration) WithTopologySpreadConstraints(values ...v1.TopologySpreadConstraint) *ThanosQuerierConfigApplyConfiguration { + for i := range values { + b.TopologySpreadConstraints = append(b.TopologySpreadConstraints, values[i]) + } + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/thanosquerierrequestloggingconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/thanosquerierrequestloggingconfig.go new file mode 100644 index 0000000000..d9a6264426 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/thanosquerierrequestloggingconfig.go @@ -0,0 +1,34 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "github.com/openshift/api/config/v1alpha1" +) + +// ThanosQuerierRequestLoggingConfigApplyConfiguration represents a declarative configuration of the ThanosQuerierRequestLoggingConfig type for use +// with apply. +// +// ThanosQuerierRequestLoggingConfig configures request logging for Thanos Querier. +type ThanosQuerierRequestLoggingConfigApplyConfiguration struct { + // policy determines which HTTP and gRPC requests are logged by Thanos Querier. + // Valid values are "AllRequests" and "NoRequests". + // When set to "AllRequests", every request received by Thanos Querier is logged with method, path, and response status. + // The log level for request logs is derived from the logLevel field. + // When set to "NoRequests", request logging is turned off. + Policy *configv1alpha1.RequestLoggingPolicy `json:"policy,omitempty"` +} + +// ThanosQuerierRequestLoggingConfigApplyConfiguration constructs a declarative configuration of the ThanosQuerierRequestLoggingConfig type for use with +// apply. +func ThanosQuerierRequestLoggingConfig() *ThanosQuerierRequestLoggingConfigApplyConfiguration { + return &ThanosQuerierRequestLoggingConfigApplyConfiguration{} +} + +// WithPolicy sets the Policy field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Policy field is set to the value of the last call. +func (b *ThanosQuerierRequestLoggingConfigApplyConfiguration) WithPolicy(value configv1alpha1.RequestLoggingPolicy) *ThanosQuerierRequestLoggingConfigApplyConfiguration { + b.Policy = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/tlsconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/tlsconfig.go new file mode 100644 index 0000000000..dc74026618 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/tlsconfig.go @@ -0,0 +1,81 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "github.com/openshift/api/config/v1alpha1" +) + +// TLSConfigApplyConfiguration represents a declarative configuration of the TLSConfig type for use +// with apply. +// +// TLSConfig represents TLS configuration for Alertmanager connections. +// At least one TLS configuration option must be specified. +// For mutual TLS (mTLS), both cert and key must be specified together, or both omitted. +type TLSConfigApplyConfiguration struct { + // ca is an optional CA certificate to use for TLS connections. + // When omitted, the system's default CA bundle is used. + CA *SecretKeySelectorApplyConfiguration `json:"ca,omitempty"` + // cert is an optional client certificate to use for mutual TLS connections. + // When omitted, no client certificate is presented. + Cert *SecretKeySelectorApplyConfiguration `json:"cert,omitempty"` + // key is an optional client key to use for mutual TLS connections. + // When omitted, no client key is used. + Key *SecretKeySelectorApplyConfiguration `json:"key,omitempty"` + // serverName is an optional server name to use for TLS connections. + // When specified, must be a valid DNS subdomain as per RFC 1123. + // When omitted, the server name is derived from the URL. + // Must be between 1 and 253 characters in length. + ServerName *string `json:"serverName,omitempty"` + // certificateVerification determines the policy for TLS certificate verification. + // Allowed values are "Verify" (performs certificate verification, secure) and "SkipVerify" (skips verification, insecure). + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The default value is "Verify". + CertificateVerification *configv1alpha1.CertificateVerificationType `json:"certificateVerification,omitempty"` +} + +// TLSConfigApplyConfiguration constructs a declarative configuration of the TLSConfig type for use with +// apply. +func TLSConfig() *TLSConfigApplyConfiguration { + return &TLSConfigApplyConfiguration{} +} + +// WithCA sets the CA field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the CA field is set to the value of the last call. +func (b *TLSConfigApplyConfiguration) WithCA(value *SecretKeySelectorApplyConfiguration) *TLSConfigApplyConfiguration { + b.CA = value + return b +} + +// WithCert sets the Cert field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Cert field is set to the value of the last call. +func (b *TLSConfigApplyConfiguration) WithCert(value *SecretKeySelectorApplyConfiguration) *TLSConfigApplyConfiguration { + b.Cert = value + return b +} + +// WithKey sets the Key field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Key field is set to the value of the last call. +func (b *TLSConfigApplyConfiguration) WithKey(value *SecretKeySelectorApplyConfiguration) *TLSConfigApplyConfiguration { + b.Key = value + return b +} + +// WithServerName sets the ServerName field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the ServerName field is set to the value of the last call. +func (b *TLSConfigApplyConfiguration) WithServerName(value string) *TLSConfigApplyConfiguration { + b.ServerName = &value + return b +} + +// WithCertificateVerification sets the CertificateVerification field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the CertificateVerification field is set to the value of the last call. +func (b *TLSConfigApplyConfiguration) WithCertificateVerification(value configv1alpha1.CertificateVerificationType) *TLSConfigApplyConfiguration { + b.CertificateVerification = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/uppercaseactionconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/uppercaseactionconfig.go new file mode 100644 index 0000000000..6d3a6a804a --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/uppercaseactionconfig.go @@ -0,0 +1,29 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// UppercaseActionConfigApplyConfiguration represents a declarative configuration of the UppercaseActionConfig type for use +// with apply. +// +// UppercaseActionConfig configures the Uppercase action. +// Maps the concatenated source_labels to their upper case and writes to target_label. +// Requires Prometheus >= v2.36.0. +type UppercaseActionConfigApplyConfiguration struct { + // targetLabel is the label name where the upper-cased value is written. + // Must be between 1 and 128 characters in length. + TargetLabel *string `json:"targetLabel,omitempty"` +} + +// UppercaseActionConfigApplyConfiguration constructs a declarative configuration of the UppercaseActionConfig type for use with +// apply. +func UppercaseActionConfig() *UppercaseActionConfigApplyConfiguration { + return &UppercaseActionConfigApplyConfiguration{} +} + +// WithTargetLabel sets the TargetLabel field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the TargetLabel field is set to the value of the last call. +func (b *UppercaseActionConfigApplyConfiguration) WithTargetLabel(value string) *UppercaseActionConfigApplyConfiguration { + b.TargetLabel = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/internal/internal.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/internal/internal.go index 8c2fd43b21..2251f8427e 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/internal/internal.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/internal/internal.go @@ -49,7 +49,8 @@ var schemaYAML = typed.YAMLObject(`types: fields: - name: kms type: - namedType: com.github.openshift.api.config.v1.KMSConfig + namedType: com.github.openshift.api.config.v1.KMSPluginConfig + default: {} - name: type type: scalar: string @@ -105,6 +106,9 @@ var schemaYAML = typed.YAMLObject(`types: type: namedType: com.github.openshift.api.config.v1.APIServerServingCerts default: {} + - name: tlsAdherence + type: + scalar: string - name: tlsSecurityProfile type: namedType: com.github.openshift.api.config.v1.TLSSecurityProfile @@ -136,17 +140,6 @@ var schemaYAML = typed.YAMLObject(`types: default: "" unions: - discriminator: type -- name: com.github.openshift.api.config.v1.AWSKMSConfig - map: - fields: - - name: keyARN - type: - scalar: string - default: "" - - name: region - type: - scalar: string - default: "" - name: com.github.openshift.api.config.v1.AWSPlatformSpec map: fields: @@ -568,6 +561,45 @@ var schemaYAML = typed.YAMLObject(`types: type: namedType: com.github.openshift.api.config.v1.BuildOverrides default: {} +- name: com.github.openshift.api.config.v1.CRIOCredentialProviderConfig + scalar: untyped + list: + elementType: + namedType: __untyped_atomic_ + elementRelationship: atomic + map: + elementType: + namedType: __untyped_deduced_ + elementRelationship: separable +- name: com.github.openshift.api.config.v1.ClientCredentialConfig + map: + fields: + - name: clientID + type: + scalar: string + - name: clientSecret + type: + namedType: com.github.openshift.api.config.v1.ClientSecretSecretReference + default: {} + - name: scopes + type: + list: + elementType: + scalar: string + elementRelationship: associative + - name: tls + type: + namedType: com.github.openshift.api.config.v1.ExternalSourceTLS + default: {} + - name: tokenEndpoint + type: + scalar: string +- name: com.github.openshift.api.config.v1.ClientSecretSecretReference + map: + fields: + - name: name + type: + scalar: string - name: com.github.openshift.api.config.v1.CloudControllerManagerStatus map: fields: @@ -1128,6 +1160,12 @@ var schemaYAML = typed.YAMLObject(`types: elementType: scalar: string elementRelationship: atomic + - name: groups + type: + list: + elementType: + scalar: string + elementRelationship: associative - name: minTLSVersion type: scalar: string @@ -1236,6 +1274,37 @@ var schemaYAML = typed.YAMLObject(`types: - name: ingressIP type: scalar: string +- name: com.github.openshift.api.config.v1.ExternalClaimsSource + map: + fields: + - name: authentication + type: + namedType: com.github.openshift.api.config.v1.ExternalSourceAuthentication + default: {} + - name: mappings + type: + list: + elementType: + namedType: com.github.openshift.api.config.v1.SourcedClaimMapping + elementRelationship: associative + keys: + - name + - name: predicates + type: + list: + elementType: + namedType: com.github.openshift.api.config.v1.ExternalSourcePredicate + elementRelationship: associative + keys: + - expression + - name: tls + type: + namedType: com.github.openshift.api.config.v1.ExternalSourceTLS + default: {} + - name: url + type: + namedType: com.github.openshift.api.config.v1.SourceURL + default: {} - name: com.github.openshift.api.config.v1.ExternalIPConfig map: fields: @@ -1277,6 +1346,35 @@ var schemaYAML = typed.YAMLObject(`types: type: namedType: com.github.openshift.api.config.v1.CloudControllerManagerStatus default: {} +- name: com.github.openshift.api.config.v1.ExternalSourceAuthentication + map: + fields: + - name: clientCredential + type: + namedType: com.github.openshift.api.config.v1.ClientCredentialConfig + default: {} + - name: type + type: + scalar: string +- name: com.github.openshift.api.config.v1.ExternalSourceCertificateAuthorityConfigMapReference + map: + fields: + - name: name + type: + scalar: string +- name: com.github.openshift.api.config.v1.ExternalSourcePredicate + map: + fields: + - name: expression + type: + scalar: string +- name: com.github.openshift.api.config.v1.ExternalSourceTLS + map: + fields: + - name: certificateAuthority + type: + namedType: com.github.openshift.api.config.v1.ExternalSourceCertificateAuthorityConfigMapReference + default: {} - name: com.github.openshift.api.config.v1.ExtraMapping map: fields: @@ -1995,6 +2093,9 @@ var schemaYAML = typed.YAMLObject(`types: type: namedType: com.github.openshift.api.config.v1.ConfigMapFileReference default: {} + - name: controlPlaneTopology + type: + scalar: string - name: platformSpec type: namedType: com.github.openshift.api.config.v1.PlatformSpec @@ -2152,21 +2253,22 @@ var schemaYAML = typed.YAMLObject(`types: elementType: namedType: __untyped_deduced_ elementRelationship: separable -- name: com.github.openshift.api.config.v1.KMSConfig +- name: com.github.openshift.api.config.v1.KMSPluginConfig map: fields: - - name: aws - type: - namedType: com.github.openshift.api.config.v1.AWSKMSConfig - name: type type: scalar: string default: "" + - name: vault + type: + namedType: com.github.openshift.api.config.v1.VaultKMSPluginConfig + default: {} unions: - discriminator: type fields: - - fieldName: aws - discriminatorValue: AWS + - fieldName: vault + discriminatorValue: Vault - name: com.github.openshift.api.config.v1.KeystoneIdentityProvider map: fields: @@ -2384,6 +2486,12 @@ var schemaYAML = typed.YAMLObject(`types: - name: networkType type: scalar: string +- name: com.github.openshift.api.config.v1.NetworkObservabilitySpec + map: + fields: + - name: installationPolicy + type: + scalar: string - name: com.github.openshift.api.config.v1.NetworkSpec map: fields: @@ -2400,6 +2508,10 @@ var schemaYAML = typed.YAMLObject(`types: type: namedType: com.github.openshift.api.config.v1.NetworkDiagnostics default: {} + - name: networkObservability + type: + namedType: com.github.openshift.api.config.v1.NetworkObservabilitySpec + default: {} - name: networkType type: scalar: string @@ -2762,6 +2874,12 @@ var schemaYAML = typed.YAMLObject(`types: elementType: namedType: com.github.openshift.api.config.v1.TokenClaimValidationRule elementRelationship: atomic + - name: externalClaimsSources + type: + list: + elementType: + namedType: com.github.openshift.api.config.v1.ExternalClaimsSource + elementRelationship: atomic - name: issuer type: namedType: com.github.openshift.api.config.v1.TokenIssuer @@ -3645,6 +3763,24 @@ var schemaYAML = typed.YAMLObject(`types: type: scalar: string default: "" +- name: com.github.openshift.api.config.v1.SourceURL + map: + fields: + - name: hostname + type: + scalar: string + - name: pathExpression + type: + scalar: string +- name: com.github.openshift.api.config.v1.SourcedClaimMapping + map: + fields: + - name: expression + type: + scalar: string + - name: name + type: + scalar: string - name: com.github.openshift.api.config.v1.Storage map: fields: @@ -3826,6 +3962,9 @@ var schemaYAML = typed.YAMLObject(`types: type: scalar: string default: "" + - name: mode + type: + scalar: string - name: version type: scalar: string @@ -4119,6 +4258,76 @@ var schemaYAML = typed.YAMLObject(`types: type: scalar: string default: "" +- name: com.github.openshift.api.config.v1.VaultAppRoleAuthentication + map: + fields: + - name: secret + type: + namedType: com.github.openshift.api.config.v1.VaultSecretReference + default: {} +- name: com.github.openshift.api.config.v1.VaultAuthentication + map: + fields: + - name: appRole + type: + namedType: com.github.openshift.api.config.v1.VaultAppRoleAuthentication + default: {} + - name: type + type: + scalar: string + unions: + - discriminator: type + fields: + - fieldName: appRole + discriminatorValue: AppRole +- name: com.github.openshift.api.config.v1.VaultConfigMapReference + map: + fields: + - name: name + type: + scalar: string +- name: com.github.openshift.api.config.v1.VaultKMSPluginConfig + map: + fields: + - name: authentication + type: + namedType: com.github.openshift.api.config.v1.VaultAuthentication + default: {} + - name: kmsPluginImage + type: + scalar: string + - name: tls + type: + namedType: com.github.openshift.api.config.v1.VaultTLSConfig + default: {} + - name: transitKey + type: + scalar: string + - name: transitMount + type: + scalar: string + - name: vaultAddress + type: + scalar: string + - name: vaultNamespace + type: + scalar: string +- name: com.github.openshift.api.config.v1.VaultSecretReference + map: + fields: + - name: name + type: + scalar: string +- name: com.github.openshift.api.config.v1.VaultTLSConfig + map: + fields: + - name: caBundle + type: + namedType: com.github.openshift.api.config.v1.VaultConfigMapReference + default: {} + - name: serverName + type: + scalar: string - name: com.github.openshift.api.config.v1.WebhookTokenAuthenticator map: fields: @@ -4126,6 +4335,35 @@ var schemaYAML = typed.YAMLObject(`types: type: namedType: com.github.openshift.api.config.v1.SecretNameReference default: {} +- name: com.github.openshift.api.config.v1alpha1.AdditionalAlertmanagerConfig + map: + fields: + - name: authorization + type: + namedType: com.github.openshift.api.config.v1alpha1.AuthorizationConfig + default: {} + - name: name + type: + scalar: string + - name: pathPrefix + type: + scalar: string + - name: scheme + type: + scalar: string + - name: staticConfigs + type: + list: + elementType: + scalar: string + elementRelationship: associative + - name: timeoutSeconds + type: + scalar: numeric + - name: tlsConfig + type: + namedType: com.github.openshift.api.config.v1alpha1.TLSConfig + default: {} - name: com.github.openshift.api.config.v1alpha1.AlertmanagerConfig map: fields: @@ -4176,6 +4414,9 @@ var schemaYAML = typed.YAMLObject(`types: keys: - topologyKey - whenUnsatisfiable + - name: userAlertmanagerConfigSelection + type: + scalar: string - name: volumeClaimTemplate type: namedType: io.k8s.api.core.v1.PersistentVolumeClaim @@ -4185,6 +4426,21 @@ var schemaYAML = typed.YAMLObject(`types: - name: profile type: scalar: string +- name: com.github.openshift.api.config.v1alpha1.AuthorizationConfig + map: + fields: + - name: bearerToken + type: + namedType: com.github.openshift.api.config.v1alpha1.SecretKeySelector + default: {} + - name: type + type: + scalar: string + unions: + - discriminator: type + fields: + - fieldName: bearerToken + discriminatorValue: BearerToken - name: com.github.openshift.api.config.v1alpha1.Backup map: fields: @@ -4225,6 +4481,17 @@ var schemaYAML = typed.YAMLObject(`types: elementType: namedType: __untyped_deduced_ elementRelationship: separable +- name: com.github.openshift.api.config.v1alpha1.BasicAuth + map: + fields: + - name: password + type: + namedType: com.github.openshift.api.config.v1alpha1.SecretKeySelector + default: {} + - name: username + type: + namedType: com.github.openshift.api.config.v1alpha1.SecretKeySelector + default: {} - name: com.github.openshift.api.config.v1alpha1.CRIOCredentialProviderConfig map: fields: @@ -4265,16 +4532,6 @@ var schemaYAML = typed.YAMLObject(`types: elementRelationship: associative keys: - type -- name: com.github.openshift.api.config.v1alpha1.CategoryOverride - map: - fields: - - name: certificate - type: - namedType: com.github.openshift.api.config.v1alpha1.CertificateConfig - default: {} - - name: name - type: - scalar: string - name: com.github.openshift.api.config.v1alpha1.CertificateConfig map: fields: @@ -4282,22 +4539,7 @@ var schemaYAML = typed.YAMLObject(`types: type: namedType: com.github.openshift.api.config.v1alpha1.KeyConfig default: {} -- name: com.github.openshift.api.config.v1alpha1.CertificateOverride - map: - fields: - - name: category - type: - namedType: com.github.openshift.api.config.v1alpha1.CategoryOverride - default: {} - - name: type - type: - scalar: string - unions: - - discriminator: type - fields: - - fieldName: category - discriminatorValue: Category -- name: com.github.openshift.api.config.v1alpha1.ClusterImagePolicy +- name: com.github.openshift.api.config.v1alpha1.ClusterMonitoring map: fields: - name: apiVersion @@ -4312,72 +4554,59 @@ var schemaYAML = typed.YAMLObject(`types: default: {} - name: spec type: - namedType: com.github.openshift.api.config.v1alpha1.ClusterImagePolicySpec + namedType: com.github.openshift.api.config.v1alpha1.ClusterMonitoringSpec default: {} - name: status type: - namedType: com.github.openshift.api.config.v1alpha1.ClusterImagePolicyStatus + namedType: com.github.openshift.api.config.v1alpha1.ClusterMonitoringStatus default: {} -- name: com.github.openshift.api.config.v1alpha1.ClusterImagePolicySpec +- name: com.github.openshift.api.config.v1alpha1.ClusterMonitoringSpec map: fields: - - name: policy + - name: alertmanagerConfig type: - namedType: com.github.openshift.api.config.v1alpha1.ImageSigstoreVerificationPolicy + namedType: com.github.openshift.api.config.v1alpha1.AlertmanagerConfig default: {} - - name: scopes + - name: kubeStateMetricsConfig type: - list: - elementType: - scalar: string - elementRelationship: associative -- name: com.github.openshift.api.config.v1alpha1.ClusterImagePolicyStatus - map: - fields: - - name: conditions + namedType: com.github.openshift.api.config.v1alpha1.KubeStateMetricsConfig + default: {} + - name: metricsServerConfig type: - list: - elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Condition - elementRelationship: associative - keys: - - type -- name: com.github.openshift.api.config.v1alpha1.ClusterMonitoring - map: - fields: - - name: apiVersion - type: - scalar: string - - name: kind - type: - scalar: string - - name: metadata + namedType: com.github.openshift.api.config.v1alpha1.MetricsServerConfig + default: {} + - name: monitoringPluginConfig type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: com.github.openshift.api.config.v1alpha1.MonitoringPluginConfig default: {} - - name: spec + - name: nodeExporterConfig type: - namedType: com.github.openshift.api.config.v1alpha1.ClusterMonitoringSpec + namedType: com.github.openshift.api.config.v1alpha1.NodeExporterConfig default: {} - - name: status + - name: openShiftStateMetricsConfig type: - namedType: com.github.openshift.api.config.v1alpha1.ClusterMonitoringStatus + namedType: com.github.openshift.api.config.v1alpha1.OpenShiftStateMetricsConfig default: {} -- name: com.github.openshift.api.config.v1alpha1.ClusterMonitoringSpec - map: - fields: - - name: alertmanagerConfig + - name: prometheusConfig type: - namedType: com.github.openshift.api.config.v1alpha1.AlertmanagerConfig + namedType: com.github.openshift.api.config.v1alpha1.PrometheusConfig default: {} - - name: metricsServerConfig + - name: prometheusOperatorAdmissionWebhookConfig type: - namedType: com.github.openshift.api.config.v1alpha1.MetricsServerConfig + namedType: com.github.openshift.api.config.v1alpha1.PrometheusOperatorAdmissionWebhookConfig default: {} - name: prometheusOperatorConfig type: namedType: com.github.openshift.api.config.v1alpha1.PrometheusOperatorConfig default: {} + - name: telemeterClientConfig + type: + namedType: com.github.openshift.api.config.v1alpha1.TelemeterClientConfig + default: {} + - name: thanosQuerierConfig + type: + namedType: com.github.openshift.api.config.v1alpha1.ThanosQuerierConfig + default: {} - name: userDefined type: namedType: com.github.openshift.api.config.v1alpha1.UserDefinedMonitoring @@ -4409,16 +4638,22 @@ var schemaYAML = typed.YAMLObject(`types: - name: com.github.openshift.api.config.v1alpha1.CustomPKIPolicy map: fields: + - name: clientCertificates + type: + namedType: com.github.openshift.api.config.v1alpha1.CertificateConfig + default: {} - name: defaults type: namedType: com.github.openshift.api.config.v1alpha1.DefaultCertificateConfig default: {} - - name: overrides + - name: servingCertificates type: - list: - elementType: - namedType: com.github.openshift.api.config.v1alpha1.CertificateOverride - elementRelationship: atomic + namedType: com.github.openshift.api.config.v1alpha1.CertificateConfig + default: {} + - name: signerCertificates + type: + namedType: com.github.openshift.api.config.v1alpha1.CertificateConfig + default: {} - name: com.github.openshift.api.config.v1alpha1.DefaultCertificateConfig map: fields: @@ -4426,6 +4661,12 @@ var schemaYAML = typed.YAMLObject(`types: type: namedType: com.github.openshift.api.config.v1alpha1.KeyConfig default: {} +- name: com.github.openshift.api.config.v1alpha1.DropEqualActionConfig + map: + fields: + - name: targetLabel + type: + scalar: string - name: com.github.openshift.api.config.v1alpha1.ECDSAKeyConfig map: fields: @@ -4466,97 +4707,15 @@ var schemaYAML = typed.YAMLObject(`types: - name: storage type: namedType: com.github.openshift.api.config.v1alpha1.Storage -- name: com.github.openshift.api.config.v1alpha1.ImagePolicy - map: - fields: - - name: apiVersion - type: - scalar: string - - name: kind - type: - scalar: string - - name: metadata - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta - default: {} - - name: spec - type: - namedType: com.github.openshift.api.config.v1alpha1.ImagePolicySpec - default: {} - - name: status - type: - namedType: com.github.openshift.api.config.v1alpha1.ImagePolicyStatus - default: {} -- name: com.github.openshift.api.config.v1alpha1.ImagePolicyFulcioCAWithRekorRootOfTrust - map: - fields: - - name: fulcioCAData - type: - scalar: string - - name: fulcioSubject - type: - namedType: com.github.openshift.api.config.v1alpha1.PolicyFulcioSubject - default: {} - - name: rekorKeyData - type: - scalar: string -- name: com.github.openshift.api.config.v1alpha1.ImagePolicyPKIRootOfTrust - map: - fields: - - name: caIntermediatesData - type: - scalar: string - - name: caRootsData - type: - scalar: string - - name: pkiCertificateSubject - type: - namedType: com.github.openshift.api.config.v1alpha1.PKICertificateSubject - default: {} -- name: com.github.openshift.api.config.v1alpha1.ImagePolicyPublicKeyRootOfTrust +- name: com.github.openshift.api.config.v1alpha1.HashModActionConfig map: fields: - - name: keyData + - name: modulus type: - scalar: string - - name: rekorKeyData + scalar: numeric + - name: targetLabel type: scalar: string -- name: com.github.openshift.api.config.v1alpha1.ImagePolicySpec - map: - fields: - - name: policy - type: - namedType: com.github.openshift.api.config.v1alpha1.ImageSigstoreVerificationPolicy - default: {} - - name: scopes - type: - list: - elementType: - scalar: string - elementRelationship: associative -- name: com.github.openshift.api.config.v1alpha1.ImagePolicyStatus - map: - fields: - - name: conditions - type: - list: - elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Condition - elementRelationship: associative - keys: - - type -- name: com.github.openshift.api.config.v1alpha1.ImageSigstoreVerificationPolicy - map: - fields: - - name: rootOfTrust - type: - namedType: com.github.openshift.api.config.v1alpha1.PolicyRootOfTrust - default: {} - - name: signedIdentity - type: - namedType: com.github.openshift.api.config.v1alpha1.PolicyIdentity - default: {} - name: com.github.openshift.api.config.v1alpha1.InsightsDataGather map: fields: @@ -4597,6 +4756,12 @@ var schemaYAML = typed.YAMLObject(`types: elementType: namedType: __untyped_deduced_ elementRelationship: separable +- name: com.github.openshift.api.config.v1alpha1.KeepEqualActionConfig + map: + fields: + - name: targetLabel + type: + scalar: string - name: com.github.openshift.api.config.v1alpha1.KeyConfig map: fields: @@ -4618,13 +4783,17 @@ var schemaYAML = typed.YAMLObject(`types: discriminatorValue: ECDSA - fieldName: rsa discriminatorValue: RSA -- name: com.github.openshift.api.config.v1alpha1.MetricsServerConfig +- name: com.github.openshift.api.config.v1alpha1.KubeStateMetricsConfig map: fields: - - name: audit + - name: additionalResourceLabels type: - namedType: com.github.openshift.api.config.v1alpha1.Audit - default: {} + list: + elementType: + namedType: com.github.openshift.api.config.v1alpha1.KubeStateMetricsResourceLabels + elementRelationship: associative + keys: + - resource - name: nodeSelector type: map: @@ -4653,154 +4822,62 @@ var schemaYAML = typed.YAMLObject(`types: keys: - topologyKey - whenUnsatisfiable - - name: verbosity - type: - scalar: string -- name: com.github.openshift.api.config.v1alpha1.PKI - map: - fields: - - name: apiVersion - type: - scalar: string - - name: kind - type: - scalar: string - - name: metadata - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta - default: {} - - name: spec - type: - namedType: com.github.openshift.api.config.v1alpha1.PKISpec - default: {} -- name: com.github.openshift.api.config.v1alpha1.PKICertificateManagement - map: - fields: - - name: custom - type: - namedType: com.github.openshift.api.config.v1alpha1.CustomPKIPolicy - default: {} - - name: mode - type: - scalar: string - unions: - - discriminator: mode - fields: - - fieldName: custom - discriminatorValue: Custom -- name: com.github.openshift.api.config.v1alpha1.PKICertificateSubject - map: - fields: - - name: email - type: - scalar: string - - name: hostname - type: - scalar: string -- name: com.github.openshift.api.config.v1alpha1.PKISpec - map: - fields: - - name: certificateManagement - type: - namedType: com.github.openshift.api.config.v1alpha1.PKICertificateManagement - default: {} -- name: com.github.openshift.api.config.v1alpha1.PersistentVolumeClaimReference - map: - fields: - - name: name - type: - scalar: string - default: "" -- name: com.github.openshift.api.config.v1alpha1.PersistentVolumeConfig +- name: com.github.openshift.api.config.v1alpha1.KubeStateMetricsResourceLabels map: fields: - - name: claim + - name: labels type: - namedType: com.github.openshift.api.config.v1alpha1.PersistentVolumeClaimReference - default: {} - - name: mountPath + list: + elementType: + scalar: string + elementRelationship: associative + - name: resource type: scalar: string -- name: com.github.openshift.api.config.v1alpha1.PolicyFulcioSubject +- name: com.github.openshift.api.config.v1alpha1.Label map: fields: - - name: oidcIssuer + - name: key type: scalar: string - default: "" - - name: signedEmail + - name: value type: scalar: string - default: "" -- name: com.github.openshift.api.config.v1alpha1.PolicyIdentity +- name: com.github.openshift.api.config.v1alpha1.LabelMapActionConfig map: fields: - - name: exactRepository - type: - namedType: com.github.openshift.api.config.v1alpha1.PolicyMatchExactRepository - - name: matchPolicy + - name: replacement type: scalar: string - default: "" - - name: remapIdentity - type: - namedType: com.github.openshift.api.config.v1alpha1.PolicyMatchRemapIdentity - unions: - - discriminator: matchPolicy - fields: - - fieldName: exactRepository - discriminatorValue: PolicyMatchExactRepository - - fieldName: remapIdentity - discriminatorValue: PolicyMatchRemapIdentity -- name: com.github.openshift.api.config.v1alpha1.PolicyMatchExactRepository +- name: com.github.openshift.api.config.v1alpha1.LowercaseActionConfig map: fields: - - name: repository + - name: targetLabel type: scalar: string - default: "" -- name: com.github.openshift.api.config.v1alpha1.PolicyMatchRemapIdentity +- name: com.github.openshift.api.config.v1alpha1.MetadataConfig map: fields: - - name: prefix + - name: custom type: - scalar: string - default: "" - - name: signedPrefix + namedType: com.github.openshift.api.config.v1alpha1.MetadataConfigCustom + default: {} + - name: sendPolicy type: scalar: string - default: "" -- name: com.github.openshift.api.config.v1alpha1.PolicyRootOfTrust +- name: com.github.openshift.api.config.v1alpha1.MetadataConfigCustom map: fields: - - name: fulcioCAWithRekor - type: - namedType: com.github.openshift.api.config.v1alpha1.ImagePolicyFulcioCAWithRekorRootOfTrust - - name: pki - type: - namedType: com.github.openshift.api.config.v1alpha1.ImagePolicyPKIRootOfTrust - - name: policyType - type: - scalar: string - default: "" - - name: publicKey + - name: sendIntervalSeconds type: - namedType: com.github.openshift.api.config.v1alpha1.ImagePolicyPublicKeyRootOfTrust - unions: - - discriminator: policyType - fields: - - fieldName: fulcioCAWithRekor - discriminatorValue: FulcioCAWithRekor - - fieldName: pki - discriminatorValue: PKI - - fieldName: publicKey - discriminatorValue: PublicKey -- name: com.github.openshift.api.config.v1alpha1.PrometheusOperatorConfig + scalar: numeric +- name: com.github.openshift.api.config.v1alpha1.MetricsServerConfig map: fields: - - name: logLevel + - name: audit type: - scalar: string + namedType: com.github.openshift.api.config.v1alpha1.Audit + default: {} - name: nodeSelector type: map: @@ -4829,12 +4906,683 @@ var schemaYAML = typed.YAMLObject(`types: keys: - topologyKey - whenUnsatisfiable -- name: com.github.openshift.api.config.v1alpha1.RSAKeyConfig + - name: verbosity + type: + scalar: string +- name: com.github.openshift.api.config.v1alpha1.MonitoringPluginConfig + map: + fields: + - name: nodeSelector + type: + map: + elementType: + scalar: string + - name: resources + type: + list: + elementType: + namedType: com.github.openshift.api.config.v1alpha1.ContainerResource + elementRelationship: associative + keys: + - name + - name: tolerations + type: + list: + elementType: + namedType: io.k8s.api.core.v1.Toleration + elementRelationship: atomic + - name: topologySpreadConstraints + type: + list: + elementType: + namedType: io.k8s.api.core.v1.TopologySpreadConstraint + elementRelationship: associative + keys: + - topologyKey + - whenUnsatisfiable +- name: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorBuddyInfoConfig + map: + fields: + - name: collectionPolicy + type: + scalar: string +- name: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorConfig + map: + fields: + - name: buddyInfo + type: + namedType: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorBuddyInfoConfig + default: {} + - name: cpuFreq + type: + namedType: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorCpufreqConfig + default: {} + - name: ethtool + type: + namedType: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorEthtoolConfig + default: {} + - name: ksmd + type: + namedType: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorKSMDConfig + default: {} + - name: mountStats + type: + namedType: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorMountStatsConfig + default: {} + - name: netClass + type: + namedType: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorNetClassConfig + default: {} + - name: netDev + type: + namedType: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorNetDevConfig + default: {} + - name: processes + type: + namedType: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorProcessesConfig + default: {} + - name: softirqs + type: + namedType: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorSoftirqsConfig + default: {} + - name: systemd + type: + namedType: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorSystemdConfig + default: {} + - name: tcpStat + type: + namedType: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorTcpStatConfig + default: {} +- name: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorCpufreqConfig + map: + fields: + - name: collectionPolicy + type: + scalar: string +- name: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorEthtoolConfig + map: + fields: + - name: collectionPolicy + type: + scalar: string +- name: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorKSMDConfig + map: + fields: + - name: collectionPolicy + type: + scalar: string +- name: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorMountStatsConfig + map: + fields: + - name: collectionPolicy + type: + scalar: string +- name: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorNetClassCollectConfig + map: + fields: + - name: statsGatherer + type: + scalar: string +- name: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorNetClassConfig + map: + fields: + - name: collect + type: + namedType: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorNetClassCollectConfig + default: {} + - name: collectionPolicy + type: + scalar: string + unions: + - discriminator: collectionPolicy + fields: + - fieldName: collect + discriminatorValue: Collect +- name: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorNetDevConfig + map: + fields: + - name: collectionPolicy + type: + scalar: string +- name: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorProcessesConfig + map: + fields: + - name: collectionPolicy + type: + scalar: string +- name: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorSoftirqsConfig + map: + fields: + - name: collectionPolicy + type: + scalar: string +- name: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorSystemdCollectConfig + map: + fields: + - name: units + type: + list: + elementType: + scalar: string + elementRelationship: associative +- name: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorSystemdConfig + map: + fields: + - name: collect + type: + namedType: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorSystemdCollectConfig + default: {} + - name: collectionPolicy + type: + scalar: string + unions: + - discriminator: collectionPolicy + fields: + - fieldName: collect + discriminatorValue: Collect +- name: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorTcpStatConfig + map: + fields: + - name: collectionPolicy + type: + scalar: string +- name: com.github.openshift.api.config.v1alpha1.NodeExporterConfig + map: + fields: + - name: collectors + type: + namedType: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorConfig + default: {} + - name: ignoredNetworkDevices + type: + list: + elementType: + scalar: string + elementRelationship: associative + - name: maxProcs + type: + scalar: numeric + - name: resources + type: + list: + elementType: + namedType: com.github.openshift.api.config.v1alpha1.ContainerResource + elementRelationship: associative + keys: + - name +- name: com.github.openshift.api.config.v1alpha1.OAuth2 + map: + fields: + - name: clientId + type: + namedType: com.github.openshift.api.config.v1alpha1.SecretKeySelector + default: {} + - name: clientSecret + type: + namedType: com.github.openshift.api.config.v1alpha1.SecretKeySelector + default: {} + - name: endpointParams + type: + list: + elementType: + namedType: com.github.openshift.api.config.v1alpha1.OAuth2EndpointParam + elementRelationship: associative + keys: + - name + - name: scopes + type: + list: + elementType: + scalar: string + elementRelationship: atomic + - name: tokenUrl + type: + scalar: string +- name: com.github.openshift.api.config.v1alpha1.OAuth2EndpointParam + map: + fields: + - name: name + type: + scalar: string + - name: value + type: + scalar: string +- name: com.github.openshift.api.config.v1alpha1.OpenShiftStateMetricsConfig + map: + fields: + - name: nodeSelector + type: + map: + elementType: + scalar: string + - name: resources + type: + list: + elementType: + namedType: com.github.openshift.api.config.v1alpha1.ContainerResource + elementRelationship: associative + keys: + - name + - name: tolerations + type: + list: + elementType: + namedType: io.k8s.api.core.v1.Toleration + elementRelationship: atomic + - name: topologySpreadConstraints + type: + list: + elementType: + namedType: io.k8s.api.core.v1.TopologySpreadConstraint + elementRelationship: associative + keys: + - topologyKey + - whenUnsatisfiable +- name: com.github.openshift.api.config.v1alpha1.PKI + map: + fields: + - name: apiVersion + type: + scalar: string + - name: kind + type: + scalar: string + - name: metadata + type: + namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + default: {} + - name: spec + type: + namedType: com.github.openshift.api.config.v1alpha1.PKISpec + default: {} +- name: com.github.openshift.api.config.v1alpha1.PKICertificateManagement + map: + fields: + - name: custom + type: + namedType: com.github.openshift.api.config.v1alpha1.CustomPKIPolicy + default: {} + - name: mode + type: + scalar: string + unions: + - discriminator: mode + fields: + - fieldName: custom + discriminatorValue: Custom +- name: com.github.openshift.api.config.v1alpha1.PKISpec + map: + fields: + - name: certificateManagement + type: + namedType: com.github.openshift.api.config.v1alpha1.PKICertificateManagement + default: {} +- name: com.github.openshift.api.config.v1alpha1.PersistentVolumeClaimReference + map: + fields: + - name: name + type: + scalar: string + default: "" +- name: com.github.openshift.api.config.v1alpha1.PersistentVolumeConfig + map: + fields: + - name: claim + type: + namedType: com.github.openshift.api.config.v1alpha1.PersistentVolumeClaimReference + default: {} + - name: mountPath + type: + scalar: string +- name: com.github.openshift.api.config.v1alpha1.PrometheusConfig + map: + fields: + - name: additionalAlertmanagerConfigs + type: + list: + elementType: + namedType: com.github.openshift.api.config.v1alpha1.AdditionalAlertmanagerConfig + elementRelationship: associative + keys: + - name + - name: collectionProfile + type: + scalar: string + - name: enforcedBodySizeLimitBytes + type: + scalar: numeric + - name: externalLabels + type: + list: + elementType: + namedType: com.github.openshift.api.config.v1alpha1.Label + elementRelationship: associative + keys: + - key + - name: logLevel + type: + scalar: string + - name: nodeSelector + type: + map: + elementType: + scalar: string + - name: queryLogFile + type: + scalar: string + - name: remoteWrite + type: + list: + elementType: + namedType: com.github.openshift.api.config.v1alpha1.RemoteWriteSpec + elementRelationship: associative + keys: + - name + - name: resources + type: + list: + elementType: + namedType: com.github.openshift.api.config.v1alpha1.ContainerResource + elementRelationship: associative + keys: + - name + - name: retention + type: + namedType: com.github.openshift.api.config.v1alpha1.Retention + default: {} + - name: tolerations + type: + list: + elementType: + namedType: io.k8s.api.core.v1.Toleration + elementRelationship: atomic + - name: topologySpreadConstraints + type: + list: + elementType: + namedType: io.k8s.api.core.v1.TopologySpreadConstraint + elementRelationship: associative + keys: + - topologyKey + - whenUnsatisfiable + - name: volumeClaimTemplate + type: + namedType: io.k8s.api.core.v1.PersistentVolumeClaim +- name: com.github.openshift.api.config.v1alpha1.PrometheusOperatorAdmissionWebhookConfig + map: + fields: + - name: resources + type: + list: + elementType: + namedType: com.github.openshift.api.config.v1alpha1.ContainerResource + elementRelationship: associative + keys: + - name + - name: topologySpreadConstraints + type: + list: + elementType: + namedType: io.k8s.api.core.v1.TopologySpreadConstraint + elementRelationship: associative + keys: + - topologyKey + - whenUnsatisfiable +- name: com.github.openshift.api.config.v1alpha1.PrometheusOperatorConfig + map: + fields: + - name: logLevel + type: + scalar: string + - name: nodeSelector + type: + map: + elementType: + scalar: string + - name: resources + type: + list: + elementType: + namedType: com.github.openshift.api.config.v1alpha1.ContainerResource + elementRelationship: associative + keys: + - name + - name: tolerations + type: + list: + elementType: + namedType: io.k8s.api.core.v1.Toleration + elementRelationship: atomic + - name: topologySpreadConstraints + type: + list: + elementType: + namedType: io.k8s.api.core.v1.TopologySpreadConstraint + elementRelationship: associative + keys: + - topologyKey + - whenUnsatisfiable +- name: com.github.openshift.api.config.v1alpha1.PrometheusRemoteWriteHeader + map: + fields: + - name: name + type: + scalar: string + - name: value + type: + scalar: string +- name: com.github.openshift.api.config.v1alpha1.QueueConfig + map: + fields: + - name: batchSendDeadlineSeconds + type: + scalar: numeric + - name: capacity + type: + scalar: numeric + - name: maxBackoffMilliseconds + type: + scalar: numeric + - name: maxSamplesPerSend + type: + scalar: numeric + - name: maxShards + type: + scalar: numeric + - name: minBackoffMilliseconds + type: + scalar: numeric + - name: minShards + type: + scalar: numeric + - name: rateLimitedAction + type: + scalar: string +- name: com.github.openshift.api.config.v1alpha1.RSAKeyConfig map: fields: - name: keySize type: scalar: numeric +- name: com.github.openshift.api.config.v1alpha1.RelabelActionConfig + map: + fields: + - name: dropEqual + type: + namedType: com.github.openshift.api.config.v1alpha1.DropEqualActionConfig + default: {} + - name: hashMod + type: + namedType: com.github.openshift.api.config.v1alpha1.HashModActionConfig + default: {} + - name: keepEqual + type: + namedType: com.github.openshift.api.config.v1alpha1.KeepEqualActionConfig + default: {} + - name: labelMap + type: + namedType: com.github.openshift.api.config.v1alpha1.LabelMapActionConfig + default: {} + - name: lowercase + type: + namedType: com.github.openshift.api.config.v1alpha1.LowercaseActionConfig + default: {} + - name: replace + type: + namedType: com.github.openshift.api.config.v1alpha1.ReplaceActionConfig + default: {} + - name: type + type: + scalar: string + - name: uppercase + type: + namedType: com.github.openshift.api.config.v1alpha1.UppercaseActionConfig + default: {} + unions: + - discriminator: type + fields: + - fieldName: dropEqual + discriminatorValue: DropEqual + - fieldName: hashMod + discriminatorValue: HashMod + - fieldName: keepEqual + discriminatorValue: KeepEqual + - fieldName: labelMap + discriminatorValue: LabelMap + - fieldName: lowercase + discriminatorValue: Lowercase + - fieldName: replace + discriminatorValue: Replace + - fieldName: uppercase + discriminatorValue: Uppercase +- name: com.github.openshift.api.config.v1alpha1.RelabelConfig + map: + fields: + - name: action + type: + namedType: com.github.openshift.api.config.v1alpha1.RelabelActionConfig + default: {} + - name: name + type: + scalar: string + - name: regex + type: + scalar: string + - name: separator + type: + scalar: string + - name: sourceLabels + type: + list: + elementType: + scalar: string + elementRelationship: associative +- name: com.github.openshift.api.config.v1alpha1.RemoteWriteAuthorization + map: + fields: + - name: basicAuth + type: + namedType: com.github.openshift.api.config.v1alpha1.BasicAuth + default: {} + - name: bearerToken + type: + namedType: com.github.openshift.api.config.v1alpha1.SecretKeySelector + default: {} + - name: oauth2 + type: + namedType: com.github.openshift.api.config.v1alpha1.OAuth2 + default: {} + - name: safeAuthorization + type: + namedType: io.k8s.api.core.v1.SecretKeySelector + - name: sigv4 + type: + namedType: com.github.openshift.api.config.v1alpha1.Sigv4 + default: {} + - name: type + type: + scalar: string + unions: + - discriminator: type + fields: + - fieldName: basicAuth + discriminatorValue: BasicAuth + - fieldName: bearerToken + discriminatorValue: BearerToken + - fieldName: oauth2 + discriminatorValue: OAuth2 + - fieldName: safeAuthorization + discriminatorValue: SafeAuthorization + - fieldName: sigv4 + discriminatorValue: Sigv4 +- name: com.github.openshift.api.config.v1alpha1.RemoteWriteSpec + map: + fields: + - name: authorization + type: + namedType: com.github.openshift.api.config.v1alpha1.RemoteWriteAuthorization + default: {} + - name: exemplarsMode + type: + scalar: string + - name: headers + type: + list: + elementType: + namedType: com.github.openshift.api.config.v1alpha1.PrometheusRemoteWriteHeader + elementRelationship: associative + keys: + - name + - name: metadataConfig + type: + namedType: com.github.openshift.api.config.v1alpha1.MetadataConfig + default: {} + - name: name + type: + scalar: string + - name: proxyUrl + type: + scalar: string + - name: queueConfig + type: + namedType: com.github.openshift.api.config.v1alpha1.QueueConfig + default: {} + - name: remoteTimeoutSeconds + type: + scalar: numeric + - name: tlsConfig + type: + namedType: com.github.openshift.api.config.v1alpha1.TLSConfig + default: {} + - name: url + type: + scalar: string + - name: writeRelabelConfigs + type: + list: + elementType: + namedType: com.github.openshift.api.config.v1alpha1.RelabelConfig + elementRelationship: associative + keys: + - name +- name: com.github.openshift.api.config.v1alpha1.ReplaceActionConfig + map: + fields: + - name: replacement + type: + scalar: string + - name: targetLabel + type: + scalar: string +- name: com.github.openshift.api.config.v1alpha1.Retention + map: + fields: + - name: duration + type: + scalar: string + - name: size + type: + scalar: string - name: com.github.openshift.api.config.v1alpha1.RetentionNumberConfig map: fields: @@ -4869,6 +5617,36 @@ var schemaYAML = typed.YAMLObject(`types: type: scalar: numeric default: 0 +- name: com.github.openshift.api.config.v1alpha1.SecretKeySelector + map: + fields: + - name: key + type: + scalar: string + - name: name + type: + scalar: string + elementRelationship: atomic +- name: com.github.openshift.api.config.v1alpha1.Sigv4 + map: + fields: + - name: accessKey + type: + namedType: com.github.openshift.api.config.v1alpha1.SecretKeySelector + default: {} + - name: profile + type: + scalar: string + - name: region + type: + scalar: string + - name: roleArn + type: + scalar: string + - name: secretKey + type: + namedType: com.github.openshift.api.config.v1alpha1.SecretKeySelector + default: {} - name: com.github.openshift.api.config.v1alpha1.Storage map: fields: @@ -4879,6 +5657,111 @@ var schemaYAML = typed.YAMLObject(`types: type: scalar: string default: "" +- name: com.github.openshift.api.config.v1alpha1.TLSConfig + map: + fields: + - name: ca + type: + namedType: com.github.openshift.api.config.v1alpha1.SecretKeySelector + default: {} + - name: cert + type: + namedType: com.github.openshift.api.config.v1alpha1.SecretKeySelector + default: {} + - name: certificateVerification + type: + scalar: string + - name: key + type: + namedType: com.github.openshift.api.config.v1alpha1.SecretKeySelector + default: {} + - name: serverName + type: + scalar: string +- name: com.github.openshift.api.config.v1alpha1.TelemeterClientConfig + map: + fields: + - name: nodeSelector + type: + map: + elementType: + scalar: string + - name: resources + type: + list: + elementType: + namedType: com.github.openshift.api.config.v1alpha1.ContainerResource + elementRelationship: associative + keys: + - name + - name: tolerations + type: + list: + elementType: + namedType: io.k8s.api.core.v1.Toleration + elementRelationship: atomic + - name: topologySpreadConstraints + type: + list: + elementType: + namedType: io.k8s.api.core.v1.TopologySpreadConstraint + elementRelationship: associative + keys: + - topologyKey + - whenUnsatisfiable +- name: com.github.openshift.api.config.v1alpha1.ThanosQuerierConfig + map: + fields: + - name: crossOriginRequestPolicy + type: + scalar: string + - name: logLevel + type: + scalar: string + - name: nodeSelector + type: + map: + elementType: + scalar: string + - name: requestLogging + type: + namedType: com.github.openshift.api.config.v1alpha1.ThanosQuerierRequestLoggingConfig + default: {} + - name: resources + type: + list: + elementType: + namedType: com.github.openshift.api.config.v1alpha1.ContainerResource + elementRelationship: associative + keys: + - name + - name: tolerations + type: + list: + elementType: + namedType: io.k8s.api.core.v1.Toleration + elementRelationship: atomic + - name: topologySpreadConstraints + type: + list: + elementType: + namedType: io.k8s.api.core.v1.TopologySpreadConstraint + elementRelationship: associative + keys: + - topologyKey + - whenUnsatisfiable +- name: com.github.openshift.api.config.v1alpha1.ThanosQuerierRequestLoggingConfig + map: + fields: + - name: policy + type: + scalar: string +- name: com.github.openshift.api.config.v1alpha1.UppercaseActionConfig + map: + fields: + - name: targetLabel + type: + scalar: string - name: com.github.openshift.api.config.v1alpha1.UserDefinedMonitoring map: fields: diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/utils.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/utils.go index 420c06ad22..e849c0e45c 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/utils.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/utils.go @@ -50,8 +50,6 @@ func ForKind(kind schema.GroupVersionKind) interface{} { return &configv1.AWSDNSSpecApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("AWSIngressSpec"): return &configv1.AWSIngressSpecApplyConfiguration{} - case v1.SchemeGroupVersion.WithKind("AWSKMSConfig"): - return &configv1.AWSKMSConfigApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("AWSPlatformSpec"): return &configv1.AWSPlatformSpecApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("AWSPlatformStatus"): @@ -80,6 +78,10 @@ func ForKind(kind schema.GroupVersionKind) interface{} { return &configv1.BuildOverridesApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("BuildSpec"): return &configv1.BuildSpecApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("ClientCredentialConfig"): + return &configv1.ClientCredentialConfigApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("ClientSecretSecretReference"): + return &configv1.ClientSecretSecretReferenceApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("CloudControllerManagerStatus"): return &configv1.CloudControllerManagerStatusApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("CloudLoadBalancerConfig"): @@ -134,6 +136,12 @@ func ForKind(kind schema.GroupVersionKind) interface{} { return &configv1.ConsoleSpecApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("ConsoleStatus"): return &configv1.ConsoleStatusApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("CRIOCredentialProviderConfig"): + return &configv1.CRIOCredentialProviderConfigApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("CRIOCredentialProviderConfigSpec"): + return &configv1.CRIOCredentialProviderConfigSpecApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("CRIOCredentialProviderConfigStatus"): + return &configv1.CRIOCredentialProviderConfigStatusApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("Custom"): return &configv1.CustomApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("CustomFeatureGates"): @@ -152,6 +160,8 @@ func ForKind(kind schema.GroupVersionKind) interface{} { return &configv1.DNSZoneApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("EquinixMetalPlatformStatus"): return &configv1.EquinixMetalPlatformStatusApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("ExternalClaimsSource"): + return &configv1.ExternalClaimsSourceApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("ExternalIPConfig"): return &configv1.ExternalIPConfigApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("ExternalIPPolicy"): @@ -160,6 +170,14 @@ func ForKind(kind schema.GroupVersionKind) interface{} { return &configv1.ExternalPlatformSpecApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("ExternalPlatformStatus"): return &configv1.ExternalPlatformStatusApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("ExternalSourceAuthentication"): + return &configv1.ExternalSourceAuthenticationApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("ExternalSourceCertificateAuthorityConfigMapReference"): + return &configv1.ExternalSourceCertificateAuthorityConfigMapReferenceApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("ExternalSourcePredicate"): + return &configv1.ExternalSourcePredicateApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("ExternalSourceTLS"): + return &configv1.ExternalSourceTLSApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("ExtraMapping"): return &configv1.ExtraMappingApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("FeatureGate"): @@ -266,8 +284,8 @@ func ForKind(kind schema.GroupVersionKind) interface{} { return &configv1.InsightsDataGatherSpecApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("KeystoneIdentityProvider"): return &configv1.KeystoneIdentityProviderApplyConfiguration{} - case v1.SchemeGroupVersion.WithKind("KMSConfig"): - return &configv1.KMSConfigApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("KMSPluginConfig"): + return &configv1.KMSPluginConfigApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("KubevirtPlatformStatus"): return &configv1.KubevirtPlatformStatusApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("LDAPAttributeMapping"): @@ -292,6 +310,8 @@ func ForKind(kind schema.GroupVersionKind) interface{} { return &configv1.NetworkDiagnosticsTargetPlacementApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("NetworkMigration"): return &configv1.NetworkMigrationApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("NetworkObservabilitySpec"): + return &configv1.NetworkObservabilitySpecApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("NetworkSpec"): return &configv1.NetworkSpecApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("NetworkStatus"): @@ -418,6 +438,10 @@ func ForKind(kind schema.GroupVersionKind) interface{} { return &configv1.SecretNameReferenceApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("SignatureStore"): return &configv1.SignatureStoreApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("SourcedClaimMapping"): + return &configv1.SourcedClaimMappingApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("SourceURL"): + return &configv1.SourceURLApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("Storage"): return &configv1.StorageApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("TemplateReference"): @@ -452,6 +476,18 @@ func ForKind(kind schema.GroupVersionKind) interface{} { return &configv1.UsernameClaimMappingApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("UsernamePrefix"): return &configv1.UsernamePrefixApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("VaultAppRoleAuthentication"): + return &configv1.VaultAppRoleAuthenticationApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("VaultAuthentication"): + return &configv1.VaultAuthenticationApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("VaultConfigMapReference"): + return &configv1.VaultConfigMapReferenceApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("VaultKMSPluginConfig"): + return &configv1.VaultKMSPluginConfigApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("VaultSecretReference"): + return &configv1.VaultSecretReferenceApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("VaultTLSConfig"): + return &configv1.VaultTLSConfigApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("VSphereFailureDomainHostGroup"): return &configv1.VSphereFailureDomainHostGroupApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("VSphereFailureDomainRegionAffinity"): @@ -478,24 +514,24 @@ func ForKind(kind schema.GroupVersionKind) interface{} { return &configv1.WebhookTokenAuthenticatorApplyConfiguration{} // Group=config.openshift.io, Version=v1alpha1 + case v1alpha1.SchemeGroupVersion.WithKind("AdditionalAlertmanagerConfig"): + return &configv1alpha1.AdditionalAlertmanagerConfigApplyConfiguration{} case v1alpha1.SchemeGroupVersion.WithKind("AlertmanagerConfig"): return &configv1alpha1.AlertmanagerConfigApplyConfiguration{} case v1alpha1.SchemeGroupVersion.WithKind("AlertmanagerCustomConfig"): return &configv1alpha1.AlertmanagerCustomConfigApplyConfiguration{} case v1alpha1.SchemeGroupVersion.WithKind("Audit"): return &configv1alpha1.AuditApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("AuthorizationConfig"): + return &configv1alpha1.AuthorizationConfigApplyConfiguration{} case v1alpha1.SchemeGroupVersion.WithKind("Backup"): return &configv1alpha1.BackupApplyConfiguration{} case v1alpha1.SchemeGroupVersion.WithKind("BackupSpec"): return &configv1alpha1.BackupSpecApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("BasicAuth"): + return &configv1alpha1.BasicAuthApplyConfiguration{} case v1alpha1.SchemeGroupVersion.WithKind("CertificateConfig"): return &configv1alpha1.CertificateConfigApplyConfiguration{} - case v1alpha1.SchemeGroupVersion.WithKind("ClusterImagePolicy"): - return &configv1alpha1.ClusterImagePolicyApplyConfiguration{} - case v1alpha1.SchemeGroupVersion.WithKind("ClusterImagePolicySpec"): - return &configv1alpha1.ClusterImagePolicySpecApplyConfiguration{} - case v1alpha1.SchemeGroupVersion.WithKind("ClusterImagePolicyStatus"): - return &configv1alpha1.ClusterImagePolicyStatusApplyConfiguration{} case v1alpha1.SchemeGroupVersion.WithKind("ClusterMonitoring"): return &configv1alpha1.ClusterMonitoringApplyConfiguration{} case v1alpha1.SchemeGroupVersion.WithKind("ClusterMonitoringSpec"): @@ -512,34 +548,78 @@ func ForKind(kind schema.GroupVersionKind) interface{} { return &configv1alpha1.CustomPKIPolicyApplyConfiguration{} case v1alpha1.SchemeGroupVersion.WithKind("DefaultCertificateConfig"): return &configv1alpha1.DefaultCertificateConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("DropEqualActionConfig"): + return &configv1alpha1.DropEqualActionConfigApplyConfiguration{} case v1alpha1.SchemeGroupVersion.WithKind("ECDSAKeyConfig"): return &configv1alpha1.ECDSAKeyConfigApplyConfiguration{} case v1alpha1.SchemeGroupVersion.WithKind("EtcdBackupSpec"): return &configv1alpha1.EtcdBackupSpecApplyConfiguration{} case v1alpha1.SchemeGroupVersion.WithKind("GatherConfig"): return &configv1alpha1.GatherConfigApplyConfiguration{} - case v1alpha1.SchemeGroupVersion.WithKind("ImagePolicy"): - return &configv1alpha1.ImagePolicyApplyConfiguration{} - case v1alpha1.SchemeGroupVersion.WithKind("ImagePolicyFulcioCAWithRekorRootOfTrust"): - return &configv1alpha1.ImagePolicyFulcioCAWithRekorRootOfTrustApplyConfiguration{} - case v1alpha1.SchemeGroupVersion.WithKind("ImagePolicyPKIRootOfTrust"): - return &configv1alpha1.ImagePolicyPKIRootOfTrustApplyConfiguration{} - case v1alpha1.SchemeGroupVersion.WithKind("ImagePolicyPublicKeyRootOfTrust"): - return &configv1alpha1.ImagePolicyPublicKeyRootOfTrustApplyConfiguration{} - case v1alpha1.SchemeGroupVersion.WithKind("ImagePolicySpec"): - return &configv1alpha1.ImagePolicySpecApplyConfiguration{} - case v1alpha1.SchemeGroupVersion.WithKind("ImagePolicyStatus"): - return &configv1alpha1.ImagePolicyStatusApplyConfiguration{} - case v1alpha1.SchemeGroupVersion.WithKind("ImageSigstoreVerificationPolicy"): - return &configv1alpha1.ImageSigstoreVerificationPolicyApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("HashModActionConfig"): + return &configv1alpha1.HashModActionConfigApplyConfiguration{} case v1alpha1.SchemeGroupVersion.WithKind("InsightsDataGather"): return &configv1alpha1.InsightsDataGatherApplyConfiguration{} case v1alpha1.SchemeGroupVersion.WithKind("InsightsDataGatherSpec"): return &configv1alpha1.InsightsDataGatherSpecApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("KeepEqualActionConfig"): + return &configv1alpha1.KeepEqualActionConfigApplyConfiguration{} case v1alpha1.SchemeGroupVersion.WithKind("KeyConfig"): return &configv1alpha1.KeyConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("KubeStateMetricsConfig"): + return &configv1alpha1.KubeStateMetricsConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("KubeStateMetricsResourceLabels"): + return &configv1alpha1.KubeStateMetricsResourceLabelsApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("Label"): + return &configv1alpha1.LabelApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("LabelMapActionConfig"): + return &configv1alpha1.LabelMapActionConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("LowercaseActionConfig"): + return &configv1alpha1.LowercaseActionConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("MetadataConfig"): + return &configv1alpha1.MetadataConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("MetadataConfigCustom"): + return &configv1alpha1.MetadataConfigCustomApplyConfiguration{} case v1alpha1.SchemeGroupVersion.WithKind("MetricsServerConfig"): return &configv1alpha1.MetricsServerConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("MonitoringPluginConfig"): + return &configv1alpha1.MonitoringPluginConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("NodeExporterCollectorBuddyInfoConfig"): + return &configv1alpha1.NodeExporterCollectorBuddyInfoConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("NodeExporterCollectorConfig"): + return &configv1alpha1.NodeExporterCollectorConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("NodeExporterCollectorCpufreqConfig"): + return &configv1alpha1.NodeExporterCollectorCpufreqConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("NodeExporterCollectorEthtoolConfig"): + return &configv1alpha1.NodeExporterCollectorEthtoolConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("NodeExporterCollectorKSMDConfig"): + return &configv1alpha1.NodeExporterCollectorKSMDConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("NodeExporterCollectorMountStatsConfig"): + return &configv1alpha1.NodeExporterCollectorMountStatsConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("NodeExporterCollectorNetClassCollectConfig"): + return &configv1alpha1.NodeExporterCollectorNetClassCollectConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("NodeExporterCollectorNetClassConfig"): + return &configv1alpha1.NodeExporterCollectorNetClassConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("NodeExporterCollectorNetDevConfig"): + return &configv1alpha1.NodeExporterCollectorNetDevConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("NodeExporterCollectorProcessesConfig"): + return &configv1alpha1.NodeExporterCollectorProcessesConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("NodeExporterCollectorSoftirqsConfig"): + return &configv1alpha1.NodeExporterCollectorSoftirqsConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("NodeExporterCollectorSystemdCollectConfig"): + return &configv1alpha1.NodeExporterCollectorSystemdCollectConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("NodeExporterCollectorSystemdConfig"): + return &configv1alpha1.NodeExporterCollectorSystemdConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("NodeExporterCollectorTcpStatConfig"): + return &configv1alpha1.NodeExporterCollectorTcpStatConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("NodeExporterConfig"): + return &configv1alpha1.NodeExporterConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("OAuth2"): + return &configv1alpha1.OAuth2ApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("OAuth2EndpointParam"): + return &configv1alpha1.OAuth2EndpointParamApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("OpenShiftStateMetricsConfig"): + return &configv1alpha1.OpenShiftStateMetricsConfigApplyConfiguration{} case v1alpha1.SchemeGroupVersion.WithKind("PersistentVolumeClaimReference"): return &configv1alpha1.PersistentVolumeClaimReferenceApplyConfiguration{} case v1alpha1.SchemeGroupVersion.WithKind("PersistentVolumeConfig"): @@ -548,26 +628,32 @@ func ForKind(kind schema.GroupVersionKind) interface{} { return &configv1alpha1.PKIApplyConfiguration{} case v1alpha1.SchemeGroupVersion.WithKind("PKICertificateManagement"): return &configv1alpha1.PKICertificateManagementApplyConfiguration{} - case v1alpha1.SchemeGroupVersion.WithKind("PKICertificateSubject"): - return &configv1alpha1.PKICertificateSubjectApplyConfiguration{} case v1alpha1.SchemeGroupVersion.WithKind("PKIProfile"): return &configv1alpha1.PKIProfileApplyConfiguration{} case v1alpha1.SchemeGroupVersion.WithKind("PKISpec"): return &configv1alpha1.PKISpecApplyConfiguration{} - case v1alpha1.SchemeGroupVersion.WithKind("PolicyFulcioSubject"): - return &configv1alpha1.PolicyFulcioSubjectApplyConfiguration{} - case v1alpha1.SchemeGroupVersion.WithKind("PolicyIdentity"): - return &configv1alpha1.PolicyIdentityApplyConfiguration{} - case v1alpha1.SchemeGroupVersion.WithKind("PolicyMatchExactRepository"): - return &configv1alpha1.PolicyMatchExactRepositoryApplyConfiguration{} - case v1alpha1.SchemeGroupVersion.WithKind("PolicyMatchRemapIdentity"): - return &configv1alpha1.PolicyMatchRemapIdentityApplyConfiguration{} - case v1alpha1.SchemeGroupVersion.WithKind("PolicyRootOfTrust"): - return &configv1alpha1.PolicyRootOfTrustApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("PrometheusConfig"): + return &configv1alpha1.PrometheusConfigApplyConfiguration{} case v1alpha1.SchemeGroupVersion.WithKind("PrometheusOperatorAdmissionWebhookConfig"): return &configv1alpha1.PrometheusOperatorAdmissionWebhookConfigApplyConfiguration{} case v1alpha1.SchemeGroupVersion.WithKind("PrometheusOperatorConfig"): return &configv1alpha1.PrometheusOperatorConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("PrometheusRemoteWriteHeader"): + return &configv1alpha1.PrometheusRemoteWriteHeaderApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("QueueConfig"): + return &configv1alpha1.QueueConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("RelabelActionConfig"): + return &configv1alpha1.RelabelActionConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("RelabelConfig"): + return &configv1alpha1.RelabelConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("RemoteWriteAuthorization"): + return &configv1alpha1.RemoteWriteAuthorizationApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("RemoteWriteSpec"): + return &configv1alpha1.RemoteWriteSpecApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("ReplaceActionConfig"): + return &configv1alpha1.ReplaceActionConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("Retention"): + return &configv1alpha1.RetentionApplyConfiguration{} case v1alpha1.SchemeGroupVersion.WithKind("RetentionNumberConfig"): return &configv1alpha1.RetentionNumberConfigApplyConfiguration{} case v1alpha1.SchemeGroupVersion.WithKind("RetentionPolicy"): @@ -576,8 +662,22 @@ func ForKind(kind schema.GroupVersionKind) interface{} { return &configv1alpha1.RetentionSizeConfigApplyConfiguration{} case v1alpha1.SchemeGroupVersion.WithKind("RSAKeyConfig"): return &configv1alpha1.RSAKeyConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("SecretKeySelector"): + return &configv1alpha1.SecretKeySelectorApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("Sigv4"): + return &configv1alpha1.Sigv4ApplyConfiguration{} case v1alpha1.SchemeGroupVersion.WithKind("Storage"): return &configv1alpha1.StorageApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("TelemeterClientConfig"): + return &configv1alpha1.TelemeterClientConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("ThanosQuerierConfig"): + return &configv1alpha1.ThanosQuerierConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("ThanosQuerierRequestLoggingConfig"): + return &configv1alpha1.ThanosQuerierRequestLoggingConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("TLSConfig"): + return &configv1alpha1.TLSConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("UppercaseActionConfig"): + return &configv1alpha1.UppercaseActionConfigApplyConfiguration{} case v1alpha1.SchemeGroupVersion.WithKind("UserDefinedMonitoring"): return &configv1alpha1.UserDefinedMonitoringApplyConfiguration{} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/config_client.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/config_client.go index afce6aef52..6235cd977b 100644 --- a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/config_client.go +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/config_client.go @@ -15,6 +15,7 @@ type ConfigV1Interface interface { APIServersGetter AuthenticationsGetter BuildsGetter + CRIOCredentialProviderConfigsGetter ClusterImagePoliciesGetter ClusterOperatorsGetter ClusterVersionsGetter @@ -55,6 +56,10 @@ func (c *ConfigV1Client) Builds() BuildInterface { return newBuilds(c) } +func (c *ConfigV1Client) CRIOCredentialProviderConfigs() CRIOCredentialProviderConfigInterface { + return newCRIOCredentialProviderConfigs(c) +} + func (c *ConfigV1Client) ClusterImagePolicies() ClusterImagePolicyInterface { return newClusterImagePolicies(c) } diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/criocredentialproviderconfig.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/criocredentialproviderconfig.go new file mode 100644 index 0000000000..69272fac40 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/criocredentialproviderconfig.go @@ -0,0 +1,58 @@ +// Code generated by client-gen. DO NOT EDIT. + +package v1 + +import ( + context "context" + + configv1 "github.com/openshift/api/config/v1" + applyconfigurationsconfigv1 "github.com/openshift/client-go/config/applyconfigurations/config/v1" + scheme "github.com/openshift/client-go/config/clientset/versioned/scheme" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + gentype "k8s.io/client-go/gentype" +) + +// CRIOCredentialProviderConfigsGetter has a method to return a CRIOCredentialProviderConfigInterface. +// A group's client should implement this interface. +type CRIOCredentialProviderConfigsGetter interface { + CRIOCredentialProviderConfigs() CRIOCredentialProviderConfigInterface +} + +// CRIOCredentialProviderConfigInterface has methods to work with CRIOCredentialProviderConfig resources. +type CRIOCredentialProviderConfigInterface interface { + Create(ctx context.Context, cRIOCredentialProviderConfig *configv1.CRIOCredentialProviderConfig, opts metav1.CreateOptions) (*configv1.CRIOCredentialProviderConfig, error) + Update(ctx context.Context, cRIOCredentialProviderConfig *configv1.CRIOCredentialProviderConfig, opts metav1.UpdateOptions) (*configv1.CRIOCredentialProviderConfig, error) + // Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). + UpdateStatus(ctx context.Context, cRIOCredentialProviderConfig *configv1.CRIOCredentialProviderConfig, opts metav1.UpdateOptions) (*configv1.CRIOCredentialProviderConfig, error) + Delete(ctx context.Context, name string, opts metav1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts metav1.DeleteOptions, listOpts metav1.ListOptions) error + Get(ctx context.Context, name string, opts metav1.GetOptions) (*configv1.CRIOCredentialProviderConfig, error) + List(ctx context.Context, opts metav1.ListOptions) (*configv1.CRIOCredentialProviderConfigList, error) + Watch(ctx context.Context, opts metav1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts metav1.PatchOptions, subresources ...string) (result *configv1.CRIOCredentialProviderConfig, err error) + Apply(ctx context.Context, cRIOCredentialProviderConfig *applyconfigurationsconfigv1.CRIOCredentialProviderConfigApplyConfiguration, opts metav1.ApplyOptions) (result *configv1.CRIOCredentialProviderConfig, err error) + // Add a +genclient:noStatus comment above the type to avoid generating ApplyStatus(). + ApplyStatus(ctx context.Context, cRIOCredentialProviderConfig *applyconfigurationsconfigv1.CRIOCredentialProviderConfigApplyConfiguration, opts metav1.ApplyOptions) (result *configv1.CRIOCredentialProviderConfig, err error) + CRIOCredentialProviderConfigExpansion +} + +// cRIOCredentialProviderConfigs implements CRIOCredentialProviderConfigInterface +type cRIOCredentialProviderConfigs struct { + *gentype.ClientWithListAndApply[*configv1.CRIOCredentialProviderConfig, *configv1.CRIOCredentialProviderConfigList, *applyconfigurationsconfigv1.CRIOCredentialProviderConfigApplyConfiguration] +} + +// newCRIOCredentialProviderConfigs returns a CRIOCredentialProviderConfigs +func newCRIOCredentialProviderConfigs(c *ConfigV1Client) *cRIOCredentialProviderConfigs { + return &cRIOCredentialProviderConfigs{ + gentype.NewClientWithListAndApply[*configv1.CRIOCredentialProviderConfig, *configv1.CRIOCredentialProviderConfigList, *applyconfigurationsconfigv1.CRIOCredentialProviderConfigApplyConfiguration]( + "criocredentialproviderconfigs", + c.RESTClient(), + scheme.ParameterCodec, + "", + func() *configv1.CRIOCredentialProviderConfig { return &configv1.CRIOCredentialProviderConfig{} }, + func() *configv1.CRIOCredentialProviderConfigList { return &configv1.CRIOCredentialProviderConfigList{} }, + ), + } +} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_config_client.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_config_client.go index b5a1a52573..5fb7425da0 100644 --- a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_config_client.go +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_config_client.go @@ -24,6 +24,10 @@ func (c *FakeConfigV1) Builds() v1.BuildInterface { return newFakeBuilds(c) } +func (c *FakeConfigV1) CRIOCredentialProviderConfigs() v1.CRIOCredentialProviderConfigInterface { + return newFakeCRIOCredentialProviderConfigs(c) +} + func (c *FakeConfigV1) ClusterImagePolicies() v1.ClusterImagePolicyInterface { return newFakeClusterImagePolicies(c) } diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_criocredentialproviderconfig.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_criocredentialproviderconfig.go new file mode 100644 index 0000000000..d4c3fd7f1c --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_criocredentialproviderconfig.go @@ -0,0 +1,37 @@ +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1 "github.com/openshift/api/config/v1" + configv1 "github.com/openshift/client-go/config/applyconfigurations/config/v1" + typedconfigv1 "github.com/openshift/client-go/config/clientset/versioned/typed/config/v1" + gentype "k8s.io/client-go/gentype" +) + +// fakeCRIOCredentialProviderConfigs implements CRIOCredentialProviderConfigInterface +type fakeCRIOCredentialProviderConfigs struct { + *gentype.FakeClientWithListAndApply[*v1.CRIOCredentialProviderConfig, *v1.CRIOCredentialProviderConfigList, *configv1.CRIOCredentialProviderConfigApplyConfiguration] + Fake *FakeConfigV1 +} + +func newFakeCRIOCredentialProviderConfigs(fake *FakeConfigV1) typedconfigv1.CRIOCredentialProviderConfigInterface { + return &fakeCRIOCredentialProviderConfigs{ + gentype.NewFakeClientWithListAndApply[*v1.CRIOCredentialProviderConfig, *v1.CRIOCredentialProviderConfigList, *configv1.CRIOCredentialProviderConfigApplyConfiguration]( + fake.Fake, + "", + v1.SchemeGroupVersion.WithResource("criocredentialproviderconfigs"), + v1.SchemeGroupVersion.WithKind("CRIOCredentialProviderConfig"), + func() *v1.CRIOCredentialProviderConfig { return &v1.CRIOCredentialProviderConfig{} }, + func() *v1.CRIOCredentialProviderConfigList { return &v1.CRIOCredentialProviderConfigList{} }, + func(dst, src *v1.CRIOCredentialProviderConfigList) { dst.ListMeta = src.ListMeta }, + func(list *v1.CRIOCredentialProviderConfigList) []*v1.CRIOCredentialProviderConfig { + return gentype.ToPointerSlice(list.Items) + }, + func(list *v1.CRIOCredentialProviderConfigList, items []*v1.CRIOCredentialProviderConfig) { + list.Items = gentype.FromPointerSlice(items) + }, + ), + fake, + } +} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/generated_expansion.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/generated_expansion.go index 27c5fd110b..0f3e44588f 100644 --- a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/generated_expansion.go +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/generated_expansion.go @@ -8,6 +8,8 @@ type AuthenticationExpansion interface{} type BuildExpansion interface{} +type CRIOCredentialProviderConfigExpansion interface{} + type ClusterImagePolicyExpansion interface{} type ClusterOperatorExpansion interface{} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/clusterimagepolicy.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/clusterimagepolicy.go deleted file mode 100644 index 8391f7b40e..0000000000 --- a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/clusterimagepolicy.go +++ /dev/null @@ -1,58 +0,0 @@ -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - context "context" - - configv1alpha1 "github.com/openshift/api/config/v1alpha1" - applyconfigurationsconfigv1alpha1 "github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1" - scheme "github.com/openshift/client-go/config/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - gentype "k8s.io/client-go/gentype" -) - -// ClusterImagePoliciesGetter has a method to return a ClusterImagePolicyInterface. -// A group's client should implement this interface. -type ClusterImagePoliciesGetter interface { - ClusterImagePolicies() ClusterImagePolicyInterface -} - -// ClusterImagePolicyInterface has methods to work with ClusterImagePolicy resources. -type ClusterImagePolicyInterface interface { - Create(ctx context.Context, clusterImagePolicy *configv1alpha1.ClusterImagePolicy, opts v1.CreateOptions) (*configv1alpha1.ClusterImagePolicy, error) - Update(ctx context.Context, clusterImagePolicy *configv1alpha1.ClusterImagePolicy, opts v1.UpdateOptions) (*configv1alpha1.ClusterImagePolicy, error) - // Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). - UpdateStatus(ctx context.Context, clusterImagePolicy *configv1alpha1.ClusterImagePolicy, opts v1.UpdateOptions) (*configv1alpha1.ClusterImagePolicy, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*configv1alpha1.ClusterImagePolicy, error) - List(ctx context.Context, opts v1.ListOptions) (*configv1alpha1.ClusterImagePolicyList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *configv1alpha1.ClusterImagePolicy, err error) - Apply(ctx context.Context, clusterImagePolicy *applyconfigurationsconfigv1alpha1.ClusterImagePolicyApplyConfiguration, opts v1.ApplyOptions) (result *configv1alpha1.ClusterImagePolicy, err error) - // Add a +genclient:noStatus comment above the type to avoid generating ApplyStatus(). - ApplyStatus(ctx context.Context, clusterImagePolicy *applyconfigurationsconfigv1alpha1.ClusterImagePolicyApplyConfiguration, opts v1.ApplyOptions) (result *configv1alpha1.ClusterImagePolicy, err error) - ClusterImagePolicyExpansion -} - -// clusterImagePolicies implements ClusterImagePolicyInterface -type clusterImagePolicies struct { - *gentype.ClientWithListAndApply[*configv1alpha1.ClusterImagePolicy, *configv1alpha1.ClusterImagePolicyList, *applyconfigurationsconfigv1alpha1.ClusterImagePolicyApplyConfiguration] -} - -// newClusterImagePolicies returns a ClusterImagePolicies -func newClusterImagePolicies(c *ConfigV1alpha1Client) *clusterImagePolicies { - return &clusterImagePolicies{ - gentype.NewClientWithListAndApply[*configv1alpha1.ClusterImagePolicy, *configv1alpha1.ClusterImagePolicyList, *applyconfigurationsconfigv1alpha1.ClusterImagePolicyApplyConfiguration]( - "clusterimagepolicies", - c.RESTClient(), - scheme.ParameterCodec, - "", - func() *configv1alpha1.ClusterImagePolicy { return &configv1alpha1.ClusterImagePolicy{} }, - func() *configv1alpha1.ClusterImagePolicyList { return &configv1alpha1.ClusterImagePolicyList{} }, - ), - } -} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/config_client.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/config_client.go index ce3b84174d..23ba9a19c0 100644 --- a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/config_client.go +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/config_client.go @@ -14,9 +14,7 @@ type ConfigV1alpha1Interface interface { RESTClient() rest.Interface BackupsGetter CRIOCredentialProviderConfigsGetter - ClusterImagePoliciesGetter ClusterMonitoringsGetter - ImagePoliciesGetter InsightsDataGathersGetter PKIsGetter } @@ -34,18 +32,10 @@ func (c *ConfigV1alpha1Client) CRIOCredentialProviderConfigs() CRIOCredentialPro return newCRIOCredentialProviderConfigs(c) } -func (c *ConfigV1alpha1Client) ClusterImagePolicies() ClusterImagePolicyInterface { - return newClusterImagePolicies(c) -} - func (c *ConfigV1alpha1Client) ClusterMonitorings() ClusterMonitoringInterface { return newClusterMonitorings(c) } -func (c *ConfigV1alpha1Client) ImagePolicies(namespace string) ImagePolicyInterface { - return newImagePolicies(c, namespace) -} - func (c *ConfigV1alpha1Client) InsightsDataGathers() InsightsDataGatherInterface { return newInsightsDataGathers(c) } diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/fake/fake_clusterimagepolicy.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/fake/fake_clusterimagepolicy.go deleted file mode 100644 index 50d94e1a91..0000000000 --- a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/fake/fake_clusterimagepolicy.go +++ /dev/null @@ -1,37 +0,0 @@ -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - v1alpha1 "github.com/openshift/api/config/v1alpha1" - configv1alpha1 "github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1" - typedconfigv1alpha1 "github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1" - gentype "k8s.io/client-go/gentype" -) - -// fakeClusterImagePolicies implements ClusterImagePolicyInterface -type fakeClusterImagePolicies struct { - *gentype.FakeClientWithListAndApply[*v1alpha1.ClusterImagePolicy, *v1alpha1.ClusterImagePolicyList, *configv1alpha1.ClusterImagePolicyApplyConfiguration] - Fake *FakeConfigV1alpha1 -} - -func newFakeClusterImagePolicies(fake *FakeConfigV1alpha1) typedconfigv1alpha1.ClusterImagePolicyInterface { - return &fakeClusterImagePolicies{ - gentype.NewFakeClientWithListAndApply[*v1alpha1.ClusterImagePolicy, *v1alpha1.ClusterImagePolicyList, *configv1alpha1.ClusterImagePolicyApplyConfiguration]( - fake.Fake, - "", - v1alpha1.SchemeGroupVersion.WithResource("clusterimagepolicies"), - v1alpha1.SchemeGroupVersion.WithKind("ClusterImagePolicy"), - func() *v1alpha1.ClusterImagePolicy { return &v1alpha1.ClusterImagePolicy{} }, - func() *v1alpha1.ClusterImagePolicyList { return &v1alpha1.ClusterImagePolicyList{} }, - func(dst, src *v1alpha1.ClusterImagePolicyList) { dst.ListMeta = src.ListMeta }, - func(list *v1alpha1.ClusterImagePolicyList) []*v1alpha1.ClusterImagePolicy { - return gentype.ToPointerSlice(list.Items) - }, - func(list *v1alpha1.ClusterImagePolicyList, items []*v1alpha1.ClusterImagePolicy) { - list.Items = gentype.FromPointerSlice(items) - }, - ), - fake, - } -} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go index ab264f559b..381179df9c 100644 --- a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go @@ -20,18 +20,10 @@ func (c *FakeConfigV1alpha1) CRIOCredentialProviderConfigs() v1alpha1.CRIOCreden return newFakeCRIOCredentialProviderConfigs(c) } -func (c *FakeConfigV1alpha1) ClusterImagePolicies() v1alpha1.ClusterImagePolicyInterface { - return newFakeClusterImagePolicies(c) -} - func (c *FakeConfigV1alpha1) ClusterMonitorings() v1alpha1.ClusterMonitoringInterface { return newFakeClusterMonitorings(c) } -func (c *FakeConfigV1alpha1) ImagePolicies(namespace string) v1alpha1.ImagePolicyInterface { - return newFakeImagePolicies(c, namespace) -} - func (c *FakeConfigV1alpha1) InsightsDataGathers() v1alpha1.InsightsDataGatherInterface { return newFakeInsightsDataGathers(c) } diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/fake/fake_imagepolicy.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/fake/fake_imagepolicy.go deleted file mode 100644 index 9bf6cb9c04..0000000000 --- a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/fake/fake_imagepolicy.go +++ /dev/null @@ -1,37 +0,0 @@ -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - v1alpha1 "github.com/openshift/api/config/v1alpha1" - configv1alpha1 "github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1" - typedconfigv1alpha1 "github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1" - gentype "k8s.io/client-go/gentype" -) - -// fakeImagePolicies implements ImagePolicyInterface -type fakeImagePolicies struct { - *gentype.FakeClientWithListAndApply[*v1alpha1.ImagePolicy, *v1alpha1.ImagePolicyList, *configv1alpha1.ImagePolicyApplyConfiguration] - Fake *FakeConfigV1alpha1 -} - -func newFakeImagePolicies(fake *FakeConfigV1alpha1, namespace string) typedconfigv1alpha1.ImagePolicyInterface { - return &fakeImagePolicies{ - gentype.NewFakeClientWithListAndApply[*v1alpha1.ImagePolicy, *v1alpha1.ImagePolicyList, *configv1alpha1.ImagePolicyApplyConfiguration]( - fake.Fake, - namespace, - v1alpha1.SchemeGroupVersion.WithResource("imagepolicies"), - v1alpha1.SchemeGroupVersion.WithKind("ImagePolicy"), - func() *v1alpha1.ImagePolicy { return &v1alpha1.ImagePolicy{} }, - func() *v1alpha1.ImagePolicyList { return &v1alpha1.ImagePolicyList{} }, - func(dst, src *v1alpha1.ImagePolicyList) { dst.ListMeta = src.ListMeta }, - func(list *v1alpha1.ImagePolicyList) []*v1alpha1.ImagePolicy { - return gentype.ToPointerSlice(list.Items) - }, - func(list *v1alpha1.ImagePolicyList, items []*v1alpha1.ImagePolicy) { - list.Items = gentype.FromPointerSlice(items) - }, - ), - fake, - } -} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/generated_expansion.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/generated_expansion.go index 3908fe8d17..bc1f603194 100644 --- a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/generated_expansion.go +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/generated_expansion.go @@ -6,12 +6,8 @@ type BackupExpansion interface{} type CRIOCredentialProviderConfigExpansion interface{} -type ClusterImagePolicyExpansion interface{} - type ClusterMonitoringExpansion interface{} -type ImagePolicyExpansion interface{} - type InsightsDataGatherExpansion interface{} type PKIExpansion interface{} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/imagepolicy.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/imagepolicy.go deleted file mode 100644 index a893efeea7..0000000000 --- a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/imagepolicy.go +++ /dev/null @@ -1,58 +0,0 @@ -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - context "context" - - configv1alpha1 "github.com/openshift/api/config/v1alpha1" - applyconfigurationsconfigv1alpha1 "github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1" - scheme "github.com/openshift/client-go/config/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - gentype "k8s.io/client-go/gentype" -) - -// ImagePoliciesGetter has a method to return a ImagePolicyInterface. -// A group's client should implement this interface. -type ImagePoliciesGetter interface { - ImagePolicies(namespace string) ImagePolicyInterface -} - -// ImagePolicyInterface has methods to work with ImagePolicy resources. -type ImagePolicyInterface interface { - Create(ctx context.Context, imagePolicy *configv1alpha1.ImagePolicy, opts v1.CreateOptions) (*configv1alpha1.ImagePolicy, error) - Update(ctx context.Context, imagePolicy *configv1alpha1.ImagePolicy, opts v1.UpdateOptions) (*configv1alpha1.ImagePolicy, error) - // Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). - UpdateStatus(ctx context.Context, imagePolicy *configv1alpha1.ImagePolicy, opts v1.UpdateOptions) (*configv1alpha1.ImagePolicy, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*configv1alpha1.ImagePolicy, error) - List(ctx context.Context, opts v1.ListOptions) (*configv1alpha1.ImagePolicyList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *configv1alpha1.ImagePolicy, err error) - Apply(ctx context.Context, imagePolicy *applyconfigurationsconfigv1alpha1.ImagePolicyApplyConfiguration, opts v1.ApplyOptions) (result *configv1alpha1.ImagePolicy, err error) - // Add a +genclient:noStatus comment above the type to avoid generating ApplyStatus(). - ApplyStatus(ctx context.Context, imagePolicy *applyconfigurationsconfigv1alpha1.ImagePolicyApplyConfiguration, opts v1.ApplyOptions) (result *configv1alpha1.ImagePolicy, err error) - ImagePolicyExpansion -} - -// imagePolicies implements ImagePolicyInterface -type imagePolicies struct { - *gentype.ClientWithListAndApply[*configv1alpha1.ImagePolicy, *configv1alpha1.ImagePolicyList, *applyconfigurationsconfigv1alpha1.ImagePolicyApplyConfiguration] -} - -// newImagePolicies returns a ImagePolicies -func newImagePolicies(c *ConfigV1alpha1Client, namespace string) *imagePolicies { - return &imagePolicies{ - gentype.NewClientWithListAndApply[*configv1alpha1.ImagePolicy, *configv1alpha1.ImagePolicyList, *applyconfigurationsconfigv1alpha1.ImagePolicyApplyConfiguration]( - "imagepolicies", - c.RESTClient(), - scheme.ParameterCodec, - namespace, - func() *configv1alpha1.ImagePolicy { return &configv1alpha1.ImagePolicy{} }, - func() *configv1alpha1.ImagePolicyList { return &configv1alpha1.ImagePolicyList{} }, - ), - } -} diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/internal/internal.go b/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/internal/internal.go index 68c67d527f..d73a44a705 100644 --- a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/internal/internal.go +++ b/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/internal/internal.go @@ -103,6 +103,16 @@ var schemaYAML = typed.YAMLObject(`types: elementType: namedType: __untyped_deduced_ elementRelationship: separable +- name: com.github.openshift.api.machineconfiguration.v1.OSImageStream + scalar: untyped + list: + elementType: + namedType: __untyped_atomic_ + elementRelationship: atomic + map: + elementType: + namedType: __untyped_deduced_ + elementRelationship: separable - name: com.github.openshift.api.machineconfiguration.v1.PinnedImageSet scalar: untyped list: @@ -187,112 +197,6 @@ var schemaYAML = typed.YAMLObject(`types: elementRelationship: associative keys: - name -- name: com.github.openshift.api.machineconfiguration.v1alpha1.MCOObjectReference - map: - fields: - - name: name - type: - scalar: string - default: "" -- name: com.github.openshift.api.machineconfiguration.v1alpha1.MachineConfigNode - map: - fields: - - name: apiVersion - type: - scalar: string - - name: kind - type: - scalar: string - - name: metadata - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta - default: {} - - name: spec - type: - namedType: com.github.openshift.api.machineconfiguration.v1alpha1.MachineConfigNodeSpec - default: {} - - name: status - type: - namedType: com.github.openshift.api.machineconfiguration.v1alpha1.MachineConfigNodeStatus - default: {} -- name: com.github.openshift.api.machineconfiguration.v1alpha1.MachineConfigNodeSpec - map: - fields: - - name: configVersion - type: - namedType: com.github.openshift.api.machineconfiguration.v1alpha1.MachineConfigNodeSpecMachineConfigVersion - default: {} - - name: node - type: - namedType: com.github.openshift.api.machineconfiguration.v1alpha1.MCOObjectReference - default: {} - - name: pool - type: - namedType: com.github.openshift.api.machineconfiguration.v1alpha1.MCOObjectReference - default: {} -- name: com.github.openshift.api.machineconfiguration.v1alpha1.MachineConfigNodeSpecMachineConfigVersion - map: - fields: - - name: desired - type: - scalar: string - default: "" -- name: com.github.openshift.api.machineconfiguration.v1alpha1.MachineConfigNodeStatus - map: - fields: - - name: conditions - type: - list: - elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Condition - elementRelationship: associative - keys: - - type - - name: configVersion - type: - namedType: com.github.openshift.api.machineconfiguration.v1alpha1.MachineConfigNodeStatusMachineConfigVersion - default: {} - - name: observedGeneration - type: - scalar: numeric - - name: pinnedImageSets - type: - list: - elementType: - namedType: com.github.openshift.api.machineconfiguration.v1alpha1.MachineConfigNodeStatusPinnedImageSet - elementRelationship: associative - keys: - - name -- name: com.github.openshift.api.machineconfiguration.v1alpha1.MachineConfigNodeStatusMachineConfigVersion - map: - fields: - - name: current - type: - scalar: string - default: "" - - name: desired - type: - scalar: string - default: "" -- name: com.github.openshift.api.machineconfiguration.v1alpha1.MachineConfigNodeStatusPinnedImageSet - map: - fields: - - name: currentGeneration - type: - scalar: numeric - - name: desiredGeneration - type: - scalar: numeric - - name: lastFailedGeneration - type: - scalar: numeric - - name: lastFailedGenerationError - type: - scalar: string - - name: name - type: - scalar: string - default: "" - name: com.github.openshift.api.machineconfiguration.v1alpha1.OSImageStream map: fields: @@ -345,55 +249,6 @@ var schemaYAML = typed.YAMLObject(`types: - name: defaultStream type: scalar: string -- name: com.github.openshift.api.machineconfiguration.v1alpha1.PinnedImageRef - map: - fields: - - name: name - type: - scalar: string -- name: com.github.openshift.api.machineconfiguration.v1alpha1.PinnedImageSet - map: - fields: - - name: apiVersion - type: - scalar: string - - name: kind - type: - scalar: string - - name: metadata - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta - default: {} - - name: spec - type: - namedType: com.github.openshift.api.machineconfiguration.v1alpha1.PinnedImageSetSpec - default: {} - - name: status - type: - namedType: com.github.openshift.api.machineconfiguration.v1alpha1.PinnedImageSetStatus - default: {} -- name: com.github.openshift.api.machineconfiguration.v1alpha1.PinnedImageSetSpec - map: - fields: - - name: pinnedImages - type: - list: - elementType: - namedType: com.github.openshift.api.machineconfiguration.v1alpha1.PinnedImageRef - elementRelationship: associative - keys: - - name -- name: com.github.openshift.api.machineconfiguration.v1alpha1.PinnedImageSetStatus - map: - fields: - - name: conditions - type: - list: - elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Condition - elementRelationship: associative - keys: - - type - name: io.k8s.apimachinery.pkg.apis.meta.v1.Condition map: fields: diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1/kubeletconfigspec.go b/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1/kubeletconfigspec.go index 5080d07266..a3617b2c2b 100644 --- a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1/kubeletconfigspec.go +++ b/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1/kubeletconfigspec.go @@ -11,21 +11,32 @@ import ( // KubeletConfigSpecApplyConfiguration represents a declarative configuration of the KubeletConfigSpec type for use // with apply. // -// KubeletConfigSpec defines the desired state of KubeletConfig +// KubeletConfigSpec configures the kubelet running on cluster nodes. type KubeletConfigSpecApplyConfiguration struct { - AutoSizingReserved *bool `json:"autoSizingReserved,omitempty"` - LogLevel *int32 `json:"logLevel,omitempty"` - // machineConfigPoolSelector selects which pools the KubeletConfig shoud apply to. - // A nil selector will result in no pools being selected. + // autoSizingReserved controls whether system-reserved CPU and memory are automatically + // calculated based on each node's installed capacity. When set to true, this prevents node failure + // from resource starvation of system components (kubelet, CRI-O) without manual configuration. + // When omitted, this means the user has no opinion and the platform is left to choose a reasonable default, + // which is subject to change over time. The current default is true for worker nodes and false for control plane nodes. + // When set to false, automatic resource reservation is disabled and manual settings must be configured. + AutoSizingReserved *bool `json:"autoSizingReserved,omitempty"` + // logLevel sets the kubelet log verbosity, controlling the amount of detail in kubelet logs. + // Valid values range from 0 (minimal logging) to 10 (maximum verbosity with trace-level detail). + // Higher log levels may impact node performance. When omitted, the platform chooses a reasonable default, + // which is subject to change over time. The current default is 2 (standard informational logging). + LogLevel *int32 `json:"logLevel,omitempty"` + // machineConfigPoolSelector selects which pools the KubeletConfig should apply to. + // When omitted or set to an empty selector {}, no pools are selected, which is equivalent + // to not matching any MachineConfigPool. MachineConfigPoolSelector *metav1.LabelSelectorApplyConfiguration `json:"machineConfigPoolSelector,omitempty"` - // kubeletConfig fields are defined in kubernetes upstream. Please refer to the types defined in the version/commit used by - // OpenShift of the upstream kubernetes. It's important to note that, since the fields of the kubelet configuration are directly fetched from - // upstream the validation of those values is handled directly by the kubelet. Please refer to the upstream version of the relevant kubernetes - // for the valid values of these fields. Invalid values of the kubelet configuration fields may render cluster nodes unusable. + // kubeletConfig contains upstream Kubernetes kubelet configuration fields. + // Values are validated by the kubelet itself. Invalid values may render nodes unusable. + // Refer to OpenShift documentation for the Kubernetes version corresponding to your + // OpenShift release to find valid kubelet configuration options. KubeletConfig *runtime.RawExtension `json:"kubeletConfig,omitempty"` - // If unset, the default is based on the apiservers.config.openshift.io/cluster resource. - // Note that only Old and Intermediate profiles are currently supported, and - // the maximum available minTLSVersion is VersionTLS12. + // tlsSecurityProfile configures TLS settings for the kubelet. + // When omitted, the TLS configuration defaults to the value from apiservers.config.openshift.io/cluster. + // When specified, the type field can be set to either "Old", "Intermediate", "Modern", "Custom" or omitted for backward compatibility. TLSSecurityProfile *configv1.TLSSecurityProfile `json:"tlsSecurityProfile,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1/machineconfignodestatus.go b/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1/machineconfignodestatus.go index a3f0874801..e2e8c1e476 100644 --- a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1/machineconfignodestatus.go +++ b/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1/machineconfignodestatus.go @@ -17,6 +17,7 @@ type MachineConfigNodeStatusApplyConfiguration struct { // and PinnedImageSetsDegraded. // The following types are only available when the ImageModeStatusReporting feature gate is enabled: ImagePulledFromRegistry, // AppliedOSImage, AppliedFiles + // The following types are only available when the NoRegistryClusterInstall feature gate is enabled: InternalReleaseImageDegraded Conditions []metav1.ConditionApplyConfiguration `json:"conditions,omitempty"` // observedGeneration represents the generation of the MachineConfigNode object observed by the Machine Config Operator's controller. // This field is updated when the controller observes a change to the desiredConfig in the configVersion of the machine config node spec. diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1/machineconfignodestatusinternalreleaseimageref.go b/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1/machineconfignodestatusinternalreleaseimageref.go index ee59cb1aad..8f337ab583 100644 --- a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1/machineconfignodestatusinternalreleaseimageref.go +++ b/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1/machineconfignodestatusinternalreleaseimageref.go @@ -27,6 +27,8 @@ type MachineConfigNodeStatusInternalReleaseImageRefApplyConfiguration struct { // image is an OCP release image referenced by digest. // The format of the image pull spec is: host[:port][/namespace]/name@sha256:, // where the digest must be 64 characters long, and consist only of lowercase hexadecimal characters, a-f and 0-9. + // The host must be either exactly "localhost" or a dot-qualified domain name. + // Single-label hosts other than "localhost" are not permitted. // The length of the whole spec must be between 1 to 447 characters. // The field is optional, and it will be provided after a release will be successfully installed. Image *string `json:"image,omitempty"` diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicy.go b/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1/osimagestream.go similarity index 60% rename from vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicy.go rename to vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1/osimagestream.go index 68a813c1af..b3bcd62832 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicy.go +++ b/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1/osimagestream.go @@ -1,91 +1,94 @@ // Code generated by applyconfiguration-gen. DO NOT EDIT. -package v1alpha1 +package v1 import ( - configv1alpha1 "github.com/openshift/api/config/v1alpha1" - internal "github.com/openshift/client-go/config/applyconfigurations/internal" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + machineconfigurationv1 "github.com/openshift/api/machineconfiguration/v1" + internal "github.com/openshift/client-go/machineconfiguration/applyconfigurations/internal" + apismetav1 "k8s.io/apimachinery/pkg/apis/meta/v1" types "k8s.io/apimachinery/pkg/types" managedfields "k8s.io/apimachinery/pkg/util/managedfields" - v1 "k8s.io/client-go/applyconfigurations/meta/v1" + metav1 "k8s.io/client-go/applyconfigurations/meta/v1" ) -// ImagePolicyApplyConfiguration represents a declarative configuration of the ImagePolicy type for use +// OSImageStreamApplyConfiguration represents a declarative configuration of the OSImageStream type for use // with apply. // -// # ImagePolicy holds namespace-wide configuration for image signature verification +// OSImageStream describes a set of streams and associated images available +// for the MachineConfigPools to be used as base OS images. // -// Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. -type ImagePolicyApplyConfiguration struct { - v1.TypeMetaApplyConfiguration `json:",inline"` +// The resource is a singleton named "cluster". +// +// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). +type OSImageStreamApplyConfiguration struct { + metav1.TypeMetaApplyConfiguration `json:",inline"` // metadata is the standard object's metadata. // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata - *v1.ObjectMetaApplyConfiguration `json:"metadata,omitempty"` - // spec holds user settable values for configuration - Spec *ImagePolicySpecApplyConfiguration `json:"spec,omitempty"` - // status contains the observed state of the resource. - Status *ImagePolicyStatusApplyConfiguration `json:"status,omitempty"` + *metav1.ObjectMetaApplyConfiguration `json:"metadata,omitempty"` + // spec contains the desired OSImageStream config configuration. + Spec *OSImageStreamSpecApplyConfiguration `json:"spec,omitempty"` + // status describes the last observed state of this OSImageStream. + // Populated by the MachineConfigOperator after reading release metadata. + // When not present, the controller has not yet reconciled this resource. + Status *OSImageStreamStatusApplyConfiguration `json:"status,omitempty"` } -// ImagePolicy constructs a declarative configuration of the ImagePolicy type for use with +// OSImageStream constructs a declarative configuration of the OSImageStream type for use with // apply. -func ImagePolicy(name, namespace string) *ImagePolicyApplyConfiguration { - b := &ImagePolicyApplyConfiguration{} +func OSImageStream(name string) *OSImageStreamApplyConfiguration { + b := &OSImageStreamApplyConfiguration{} b.WithName(name) - b.WithNamespace(namespace) - b.WithKind("ImagePolicy") - b.WithAPIVersion("config.openshift.io/v1alpha1") + b.WithKind("OSImageStream") + b.WithAPIVersion("machineconfiguration.openshift.io/v1") return b } -// ExtractImagePolicyFrom extracts the applied configuration owned by fieldManager from -// imagePolicy for the specified subresource. Pass an empty string for subresource to extract +// ExtractOSImageStreamFrom extracts the applied configuration owned by fieldManager from +// oSImageStream for the specified subresource. Pass an empty string for subresource to extract // the main resource. Common subresources include "status", "scale", etc. -// imagePolicy must be a unmodified ImagePolicy API object that was retrieved from the Kubernetes API. -// ExtractImagePolicyFrom provides a way to perform a extract/modify-in-place/apply workflow. +// oSImageStream must be a unmodified OSImageStream API object that was retrieved from the Kubernetes API. +// ExtractOSImageStreamFrom provides a way to perform a extract/modify-in-place/apply workflow. // Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously // applied if another fieldManager has updated or force applied any of the previously applied fields. -func ExtractImagePolicyFrom(imagePolicy *configv1alpha1.ImagePolicy, fieldManager string, subresource string) (*ImagePolicyApplyConfiguration, error) { - b := &ImagePolicyApplyConfiguration{} - err := managedfields.ExtractInto(imagePolicy, internal.Parser().Type("com.github.openshift.api.config.v1alpha1.ImagePolicy"), fieldManager, b, subresource) +func ExtractOSImageStreamFrom(oSImageStream *machineconfigurationv1.OSImageStream, fieldManager string, subresource string) (*OSImageStreamApplyConfiguration, error) { + b := &OSImageStreamApplyConfiguration{} + err := managedfields.ExtractInto(oSImageStream, internal.Parser().Type("com.github.openshift.api.machineconfiguration.v1.OSImageStream"), fieldManager, b, subresource) if err != nil { return nil, err } - b.WithName(imagePolicy.Name) - b.WithNamespace(imagePolicy.Namespace) + b.WithName(oSImageStream.Name) - b.WithKind("ImagePolicy") - b.WithAPIVersion("config.openshift.io/v1alpha1") + b.WithKind("OSImageStream") + b.WithAPIVersion("machineconfiguration.openshift.io/v1") return b, nil } -// ExtractImagePolicy extracts the applied configuration owned by fieldManager from -// imagePolicy. If no managedFields are found in imagePolicy for fieldManager, a -// ImagePolicyApplyConfiguration is returned with only the Name, Namespace (if applicable), +// ExtractOSImageStream extracts the applied configuration owned by fieldManager from +// oSImageStream. If no managedFields are found in oSImageStream for fieldManager, a +// OSImageStreamApplyConfiguration is returned with only the Name, Namespace (if applicable), // APIVersion and Kind populated. It is possible that no managed fields were found for because other // field managers have taken ownership of all the fields previously owned by fieldManager, or because // the fieldManager never owned fields any fields. -// imagePolicy must be a unmodified ImagePolicy API object that was retrieved from the Kubernetes API. -// ExtractImagePolicy provides a way to perform a extract/modify-in-place/apply workflow. +// oSImageStream must be a unmodified OSImageStream API object that was retrieved from the Kubernetes API. +// ExtractOSImageStream provides a way to perform a extract/modify-in-place/apply workflow. // Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously // applied if another fieldManager has updated or force applied any of the previously applied fields. -func ExtractImagePolicy(imagePolicy *configv1alpha1.ImagePolicy, fieldManager string) (*ImagePolicyApplyConfiguration, error) { - return ExtractImagePolicyFrom(imagePolicy, fieldManager, "") +func ExtractOSImageStream(oSImageStream *machineconfigurationv1.OSImageStream, fieldManager string) (*OSImageStreamApplyConfiguration, error) { + return ExtractOSImageStreamFrom(oSImageStream, fieldManager, "") } -// ExtractImagePolicyStatus extracts the applied configuration owned by fieldManager from -// imagePolicy for the status subresource. -func ExtractImagePolicyStatus(imagePolicy *configv1alpha1.ImagePolicy, fieldManager string) (*ImagePolicyApplyConfiguration, error) { - return ExtractImagePolicyFrom(imagePolicy, fieldManager, "status") +// ExtractOSImageStreamStatus extracts the applied configuration owned by fieldManager from +// oSImageStream for the status subresource. +func ExtractOSImageStreamStatus(oSImageStream *machineconfigurationv1.OSImageStream, fieldManager string) (*OSImageStreamApplyConfiguration, error) { + return ExtractOSImageStreamFrom(oSImageStream, fieldManager, "status") } -func (b ImagePolicyApplyConfiguration) IsApplyConfiguration() {} +func (b OSImageStreamApplyConfiguration) IsApplyConfiguration() {} // WithKind sets the Kind field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the Kind field is set to the value of the last call. -func (b *ImagePolicyApplyConfiguration) WithKind(value string) *ImagePolicyApplyConfiguration { +func (b *OSImageStreamApplyConfiguration) WithKind(value string) *OSImageStreamApplyConfiguration { b.TypeMetaApplyConfiguration.Kind = &value return b } @@ -93,7 +96,7 @@ func (b *ImagePolicyApplyConfiguration) WithKind(value string) *ImagePolicyApply // WithAPIVersion sets the APIVersion field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the APIVersion field is set to the value of the last call. -func (b *ImagePolicyApplyConfiguration) WithAPIVersion(value string) *ImagePolicyApplyConfiguration { +func (b *OSImageStreamApplyConfiguration) WithAPIVersion(value string) *OSImageStreamApplyConfiguration { b.TypeMetaApplyConfiguration.APIVersion = &value return b } @@ -101,7 +104,7 @@ func (b *ImagePolicyApplyConfiguration) WithAPIVersion(value string) *ImagePolic // WithName sets the Name field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the Name field is set to the value of the last call. -func (b *ImagePolicyApplyConfiguration) WithName(value string) *ImagePolicyApplyConfiguration { +func (b *OSImageStreamApplyConfiguration) WithName(value string) *OSImageStreamApplyConfiguration { b.ensureObjectMetaApplyConfigurationExists() b.ObjectMetaApplyConfiguration.Name = &value return b @@ -110,7 +113,7 @@ func (b *ImagePolicyApplyConfiguration) WithName(value string) *ImagePolicyApply // WithGenerateName sets the GenerateName field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the GenerateName field is set to the value of the last call. -func (b *ImagePolicyApplyConfiguration) WithGenerateName(value string) *ImagePolicyApplyConfiguration { +func (b *OSImageStreamApplyConfiguration) WithGenerateName(value string) *OSImageStreamApplyConfiguration { b.ensureObjectMetaApplyConfigurationExists() b.ObjectMetaApplyConfiguration.GenerateName = &value return b @@ -119,7 +122,7 @@ func (b *ImagePolicyApplyConfiguration) WithGenerateName(value string) *ImagePol // WithNamespace sets the Namespace field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the Namespace field is set to the value of the last call. -func (b *ImagePolicyApplyConfiguration) WithNamespace(value string) *ImagePolicyApplyConfiguration { +func (b *OSImageStreamApplyConfiguration) WithNamespace(value string) *OSImageStreamApplyConfiguration { b.ensureObjectMetaApplyConfigurationExists() b.ObjectMetaApplyConfiguration.Namespace = &value return b @@ -128,7 +131,7 @@ func (b *ImagePolicyApplyConfiguration) WithNamespace(value string) *ImagePolicy // WithUID sets the UID field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the UID field is set to the value of the last call. -func (b *ImagePolicyApplyConfiguration) WithUID(value types.UID) *ImagePolicyApplyConfiguration { +func (b *OSImageStreamApplyConfiguration) WithUID(value types.UID) *OSImageStreamApplyConfiguration { b.ensureObjectMetaApplyConfigurationExists() b.ObjectMetaApplyConfiguration.UID = &value return b @@ -137,7 +140,7 @@ func (b *ImagePolicyApplyConfiguration) WithUID(value types.UID) *ImagePolicyApp // WithResourceVersion sets the ResourceVersion field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the ResourceVersion field is set to the value of the last call. -func (b *ImagePolicyApplyConfiguration) WithResourceVersion(value string) *ImagePolicyApplyConfiguration { +func (b *OSImageStreamApplyConfiguration) WithResourceVersion(value string) *OSImageStreamApplyConfiguration { b.ensureObjectMetaApplyConfigurationExists() b.ObjectMetaApplyConfiguration.ResourceVersion = &value return b @@ -146,7 +149,7 @@ func (b *ImagePolicyApplyConfiguration) WithResourceVersion(value string) *Image // WithGeneration sets the Generation field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the Generation field is set to the value of the last call. -func (b *ImagePolicyApplyConfiguration) WithGeneration(value int64) *ImagePolicyApplyConfiguration { +func (b *OSImageStreamApplyConfiguration) WithGeneration(value int64) *OSImageStreamApplyConfiguration { b.ensureObjectMetaApplyConfigurationExists() b.ObjectMetaApplyConfiguration.Generation = &value return b @@ -155,7 +158,7 @@ func (b *ImagePolicyApplyConfiguration) WithGeneration(value int64) *ImagePolicy // WithCreationTimestamp sets the CreationTimestamp field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the CreationTimestamp field is set to the value of the last call. -func (b *ImagePolicyApplyConfiguration) WithCreationTimestamp(value metav1.Time) *ImagePolicyApplyConfiguration { +func (b *OSImageStreamApplyConfiguration) WithCreationTimestamp(value apismetav1.Time) *OSImageStreamApplyConfiguration { b.ensureObjectMetaApplyConfigurationExists() b.ObjectMetaApplyConfiguration.CreationTimestamp = &value return b @@ -164,7 +167,7 @@ func (b *ImagePolicyApplyConfiguration) WithCreationTimestamp(value metav1.Time) // WithDeletionTimestamp sets the DeletionTimestamp field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the DeletionTimestamp field is set to the value of the last call. -func (b *ImagePolicyApplyConfiguration) WithDeletionTimestamp(value metav1.Time) *ImagePolicyApplyConfiguration { +func (b *OSImageStreamApplyConfiguration) WithDeletionTimestamp(value apismetav1.Time) *OSImageStreamApplyConfiguration { b.ensureObjectMetaApplyConfigurationExists() b.ObjectMetaApplyConfiguration.DeletionTimestamp = &value return b @@ -173,7 +176,7 @@ func (b *ImagePolicyApplyConfiguration) WithDeletionTimestamp(value metav1.Time) // WithDeletionGracePeriodSeconds sets the DeletionGracePeriodSeconds field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the DeletionGracePeriodSeconds field is set to the value of the last call. -func (b *ImagePolicyApplyConfiguration) WithDeletionGracePeriodSeconds(value int64) *ImagePolicyApplyConfiguration { +func (b *OSImageStreamApplyConfiguration) WithDeletionGracePeriodSeconds(value int64) *OSImageStreamApplyConfiguration { b.ensureObjectMetaApplyConfigurationExists() b.ObjectMetaApplyConfiguration.DeletionGracePeriodSeconds = &value return b @@ -183,7 +186,7 @@ func (b *ImagePolicyApplyConfiguration) WithDeletionGracePeriodSeconds(value int // and returns the receiver, so that objects can be build by chaining "With" function invocations. // If called multiple times, the entries provided by each call will be put on the Labels field, // overwriting an existing map entries in Labels field with the same key. -func (b *ImagePolicyApplyConfiguration) WithLabels(entries map[string]string) *ImagePolicyApplyConfiguration { +func (b *OSImageStreamApplyConfiguration) WithLabels(entries map[string]string) *OSImageStreamApplyConfiguration { b.ensureObjectMetaApplyConfigurationExists() if b.ObjectMetaApplyConfiguration.Labels == nil && len(entries) > 0 { b.ObjectMetaApplyConfiguration.Labels = make(map[string]string, len(entries)) @@ -198,7 +201,7 @@ func (b *ImagePolicyApplyConfiguration) WithLabels(entries map[string]string) *I // and returns the receiver, so that objects can be build by chaining "With" function invocations. // If called multiple times, the entries provided by each call will be put on the Annotations field, // overwriting an existing map entries in Annotations field with the same key. -func (b *ImagePolicyApplyConfiguration) WithAnnotations(entries map[string]string) *ImagePolicyApplyConfiguration { +func (b *OSImageStreamApplyConfiguration) WithAnnotations(entries map[string]string) *OSImageStreamApplyConfiguration { b.ensureObjectMetaApplyConfigurationExists() if b.ObjectMetaApplyConfiguration.Annotations == nil && len(entries) > 0 { b.ObjectMetaApplyConfiguration.Annotations = make(map[string]string, len(entries)) @@ -212,7 +215,7 @@ func (b *ImagePolicyApplyConfiguration) WithAnnotations(entries map[string]strin // WithOwnerReferences adds the given value to the OwnerReferences field in the declarative configuration // and returns the receiver, so that objects can be build by chaining "With" function invocations. // If called multiple times, values provided by each call will be appended to the OwnerReferences field. -func (b *ImagePolicyApplyConfiguration) WithOwnerReferences(values ...*v1.OwnerReferenceApplyConfiguration) *ImagePolicyApplyConfiguration { +func (b *OSImageStreamApplyConfiguration) WithOwnerReferences(values ...*metav1.OwnerReferenceApplyConfiguration) *OSImageStreamApplyConfiguration { b.ensureObjectMetaApplyConfigurationExists() for i := range values { if values[i] == nil { @@ -226,7 +229,7 @@ func (b *ImagePolicyApplyConfiguration) WithOwnerReferences(values ...*v1.OwnerR // WithFinalizers adds the given value to the Finalizers field in the declarative configuration // and returns the receiver, so that objects can be build by chaining "With" function invocations. // If called multiple times, values provided by each call will be appended to the Finalizers field. -func (b *ImagePolicyApplyConfiguration) WithFinalizers(values ...string) *ImagePolicyApplyConfiguration { +func (b *OSImageStreamApplyConfiguration) WithFinalizers(values ...string) *OSImageStreamApplyConfiguration { b.ensureObjectMetaApplyConfigurationExists() for i := range values { b.ObjectMetaApplyConfiguration.Finalizers = append(b.ObjectMetaApplyConfiguration.Finalizers, values[i]) @@ -234,16 +237,16 @@ func (b *ImagePolicyApplyConfiguration) WithFinalizers(values ...string) *ImageP return b } -func (b *ImagePolicyApplyConfiguration) ensureObjectMetaApplyConfigurationExists() { +func (b *OSImageStreamApplyConfiguration) ensureObjectMetaApplyConfigurationExists() { if b.ObjectMetaApplyConfiguration == nil { - b.ObjectMetaApplyConfiguration = &v1.ObjectMetaApplyConfiguration{} + b.ObjectMetaApplyConfiguration = &metav1.ObjectMetaApplyConfiguration{} } } // WithSpec sets the Spec field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the Spec field is set to the value of the last call. -func (b *ImagePolicyApplyConfiguration) WithSpec(value *ImagePolicySpecApplyConfiguration) *ImagePolicyApplyConfiguration { +func (b *OSImageStreamApplyConfiguration) WithSpec(value *OSImageStreamSpecApplyConfiguration) *OSImageStreamApplyConfiguration { b.Spec = value return b } @@ -251,29 +254,29 @@ func (b *ImagePolicyApplyConfiguration) WithSpec(value *ImagePolicySpecApplyConf // WithStatus sets the Status field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the Status field is set to the value of the last call. -func (b *ImagePolicyApplyConfiguration) WithStatus(value *ImagePolicyStatusApplyConfiguration) *ImagePolicyApplyConfiguration { +func (b *OSImageStreamApplyConfiguration) WithStatus(value *OSImageStreamStatusApplyConfiguration) *OSImageStreamApplyConfiguration { b.Status = value return b } // GetKind retrieves the value of the Kind field in the declarative configuration. -func (b *ImagePolicyApplyConfiguration) GetKind() *string { +func (b *OSImageStreamApplyConfiguration) GetKind() *string { return b.TypeMetaApplyConfiguration.Kind } // GetAPIVersion retrieves the value of the APIVersion field in the declarative configuration. -func (b *ImagePolicyApplyConfiguration) GetAPIVersion() *string { +func (b *OSImageStreamApplyConfiguration) GetAPIVersion() *string { return b.TypeMetaApplyConfiguration.APIVersion } // GetName retrieves the value of the Name field in the declarative configuration. -func (b *ImagePolicyApplyConfiguration) GetName() *string { +func (b *OSImageStreamApplyConfiguration) GetName() *string { b.ensureObjectMetaApplyConfigurationExists() return b.ObjectMetaApplyConfiguration.Name } // GetNamespace retrieves the value of the Namespace field in the declarative configuration. -func (b *ImagePolicyApplyConfiguration) GetNamespace() *string { +func (b *OSImageStreamApplyConfiguration) GetNamespace() *string { b.ensureObjectMetaApplyConfigurationExists() return b.ObjectMetaApplyConfiguration.Namespace } diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1/osimagestreamset.go b/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1/osimagestreamset.go new file mode 100644 index 0000000000..6a97e59a4f --- /dev/null +++ b/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1/osimagestreamset.go @@ -0,0 +1,68 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +import ( + machineconfigurationv1 "github.com/openshift/api/machineconfiguration/v1" +) + +// OSImageStreamSetApplyConfiguration represents a declarative configuration of the OSImageStreamSet type for use +// with apply. +type OSImageStreamSetApplyConfiguration struct { + // name is the required identifier of the stream. + // + // name is determined by the operator based on the OCI label of the + // discovered OS or Extension Image. + // + // Must be a valid RFC 1123 subdomain between 1 and 253 characters in length, + // consisting of lowercase alphanumeric characters, hyphens ('-'), and periods ('.'). + Name *string `json:"name,omitempty"` + // osImage is a required OS Image referenced by digest. + // + // osImage contains the immutable, fundamental operating system components, including the kernel + // and base utilities, that define the core environment for the node's host operating system. + // + // The format of the image pull spec is: host[:port][/namespace]/name@sha256:, + // where the digest must be 64 characters long, and consist only of lowercase hexadecimal characters, a-f and 0-9. + // The length of the whole spec must be between 1 to 447 characters. + OSImage *machineconfigurationv1.ImageDigestFormat `json:"osImage,omitempty"` + // osExtensionsImage is a required OS Extensions Image referenced by digest. + // + // osExtensionsImage bundles the extra repositories used to enable extensions, augmenting + // the base operating system without modifying the underlying immutable osImage. + // + // The format of the image pull spec is: host[:port][/namespace]/name@sha256:, + // where the digest must be 64 characters long, and consist only of lowercase hexadecimal characters, a-f and 0-9. + // The length of the whole spec must be between 1 to 447 characters. + OSExtensionsImage *machineconfigurationv1.ImageDigestFormat `json:"osExtensionsImage,omitempty"` +} + +// OSImageStreamSetApplyConfiguration constructs a declarative configuration of the OSImageStreamSet type for use with +// apply. +func OSImageStreamSet() *OSImageStreamSetApplyConfiguration { + return &OSImageStreamSetApplyConfiguration{} +} + +// WithName sets the Name field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Name field is set to the value of the last call. +func (b *OSImageStreamSetApplyConfiguration) WithName(value string) *OSImageStreamSetApplyConfiguration { + b.Name = &value + return b +} + +// WithOSImage sets the OSImage field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the OSImage field is set to the value of the last call. +func (b *OSImageStreamSetApplyConfiguration) WithOSImage(value machineconfigurationv1.ImageDigestFormat) *OSImageStreamSetApplyConfiguration { + b.OSImage = &value + return b +} + +// WithOSExtensionsImage sets the OSExtensionsImage field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the OSExtensionsImage field is set to the value of the last call. +func (b *OSImageStreamSetApplyConfiguration) WithOSExtensionsImage(value machineconfigurationv1.ImageDigestFormat) *OSImageStreamSetApplyConfiguration { + b.OSExtensionsImage = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1/osimagestreamspec.go b/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1/osimagestreamspec.go new file mode 100644 index 0000000000..a37de31111 --- /dev/null +++ b/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1/osimagestreamspec.go @@ -0,0 +1,49 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +// OSImageStreamSpecApplyConfiguration represents a declarative configuration of the OSImageStreamSpec type for use +// with apply. +// +// OSImageStreamSpec defines the desired state of a OSImageStream. +type OSImageStreamSpecApplyConfiguration struct { + // defaultStream is the desired name of the stream that should be used as the + // default when no specific stream is requested by a MachineConfigPool. + // + // This field is set by the installer during installation. Users may need to + // update it if the currently selected stream is no longer available, for + // example when the stream has reached its End of Life. + // The MachineConfigOperator uses this value to determine which stream from + // status.availableStreams to apply as the default for MachineConfigPools + // that do not specify a stream override. + // + // When status.availableStreams has been populated by the operator, updating + // this field requires that the new value references the name of one of the + // streams in status.availableStreams. Status-only updates by the operator + // are not subject to this constraint, allowing the operator to update + // availableStreams independently of this field. + // During initial creation, before the operator has populated status, any + // valid value is accepted. + // + // For upgrade scenarios where the source OCP version doesn't have this CRD + // the MCO creates and populates the OSImageStream cluster singleton setting + // this field with the proper value based on the source OCP version. + // + // It must be a valid RFC 1123 subdomain between 1 and 253 characters in length, + // consisting of lowercase alphanumeric characters, hyphens ('-'), and periods ('.'). + DefaultStream *string `json:"defaultStream,omitempty"` +} + +// OSImageStreamSpecApplyConfiguration constructs a declarative configuration of the OSImageStreamSpec type for use with +// apply. +func OSImageStreamSpec() *OSImageStreamSpecApplyConfiguration { + return &OSImageStreamSpecApplyConfiguration{} +} + +// WithDefaultStream sets the DefaultStream field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the DefaultStream field is set to the value of the last call. +func (b *OSImageStreamSpecApplyConfiguration) WithDefaultStream(value string) *OSImageStreamSpecApplyConfiguration { + b.DefaultStream = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1/osimagestreamstatus.go b/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1/osimagestreamstatus.go new file mode 100644 index 0000000000..de695fc704 --- /dev/null +++ b/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1/osimagestreamstatus.go @@ -0,0 +1,49 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +// OSImageStreamStatusApplyConfiguration represents a declarative configuration of the OSImageStreamStatus type for use +// with apply. +// +// OSImageStreamStatus describes the current state of a OSImageStream +type OSImageStreamStatusApplyConfiguration struct { + // availableStreams is a list of the available OS Image Streams that can be + // used as the base image for MachineConfigPools. + // availableStreams is required, must have at least one item, must not exceed + // 100 items, and must have unique entries keyed on the name field. + AvailableStreams []OSImageStreamSetApplyConfiguration `json:"availableStreams,omitempty"` + // defaultStream is the name of the stream that should be used as the default + // when no specific stream is requested by a MachineConfigPool. + // + // It must be a valid RFC 1123 subdomain between 1 and 253 characters in length, + // consisting of lowercase alphanumeric characters, hyphens ('-'), and periods ('.'), + // and must reference the name of one of the streams in availableStreams. + DefaultStream *string `json:"defaultStream,omitempty"` +} + +// OSImageStreamStatusApplyConfiguration constructs a declarative configuration of the OSImageStreamStatus type for use with +// apply. +func OSImageStreamStatus() *OSImageStreamStatusApplyConfiguration { + return &OSImageStreamStatusApplyConfiguration{} +} + +// WithAvailableStreams adds the given value to the AvailableStreams field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the AvailableStreams field. +func (b *OSImageStreamStatusApplyConfiguration) WithAvailableStreams(values ...*OSImageStreamSetApplyConfiguration) *OSImageStreamStatusApplyConfiguration { + for i := range values { + if values[i] == nil { + panic("nil value passed to WithAvailableStreams") + } + b.AvailableStreams = append(b.AvailableStreams, *values[i]) + } + return b +} + +// WithDefaultStream sets the DefaultStream field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the DefaultStream field is set to the value of the last call. +func (b *OSImageStreamStatusApplyConfiguration) WithDefaultStream(value string) *OSImageStreamStatusApplyConfiguration { + b.DefaultStream = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/machineconfignode.go b/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/machineconfignode.go deleted file mode 100644 index f1e9f7cbae..0000000000 --- a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/machineconfignode.go +++ /dev/null @@ -1,275 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - machineconfigurationv1alpha1 "github.com/openshift/api/machineconfiguration/v1alpha1" - internal "github.com/openshift/client-go/machineconfiguration/applyconfigurations/internal" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - managedfields "k8s.io/apimachinery/pkg/util/managedfields" - v1 "k8s.io/client-go/applyconfigurations/meta/v1" -) - -// MachineConfigNodeApplyConfiguration represents a declarative configuration of the MachineConfigNode type for use -// with apply. -// -// MachineConfigNode describes the health of the Machines on the system -// Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. -type MachineConfigNodeApplyConfiguration struct { - v1.TypeMetaApplyConfiguration `json:",inline"` - // metadata is the standard object metadata. - *v1.ObjectMetaApplyConfiguration `json:"metadata,omitempty"` - // spec describes the configuration of the machine config node. - Spec *MachineConfigNodeSpecApplyConfiguration `json:"spec,omitempty"` - // status describes the last observed state of this machine config node. - Status *MachineConfigNodeStatusApplyConfiguration `json:"status,omitempty"` -} - -// MachineConfigNode constructs a declarative configuration of the MachineConfigNode type for use with -// apply. -func MachineConfigNode(name string) *MachineConfigNodeApplyConfiguration { - b := &MachineConfigNodeApplyConfiguration{} - b.WithName(name) - b.WithKind("MachineConfigNode") - b.WithAPIVersion("machineconfiguration.openshift.io/v1alpha1") - return b -} - -// ExtractMachineConfigNodeFrom extracts the applied configuration owned by fieldManager from -// machineConfigNode for the specified subresource. Pass an empty string for subresource to extract -// the main resource. Common subresources include "status", "scale", etc. -// machineConfigNode must be a unmodified MachineConfigNode API object that was retrieved from the Kubernetes API. -// ExtractMachineConfigNodeFrom provides a way to perform a extract/modify-in-place/apply workflow. -// Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously -// applied if another fieldManager has updated or force applied any of the previously applied fields. -func ExtractMachineConfigNodeFrom(machineConfigNode *machineconfigurationv1alpha1.MachineConfigNode, fieldManager string, subresource string) (*MachineConfigNodeApplyConfiguration, error) { - b := &MachineConfigNodeApplyConfiguration{} - err := managedfields.ExtractInto(machineConfigNode, internal.Parser().Type("com.github.openshift.api.machineconfiguration.v1alpha1.MachineConfigNode"), fieldManager, b, subresource) - if err != nil { - return nil, err - } - b.WithName(machineConfigNode.Name) - - b.WithKind("MachineConfigNode") - b.WithAPIVersion("machineconfiguration.openshift.io/v1alpha1") - return b, nil -} - -// ExtractMachineConfigNode extracts the applied configuration owned by fieldManager from -// machineConfigNode. If no managedFields are found in machineConfigNode for fieldManager, a -// MachineConfigNodeApplyConfiguration is returned with only the Name, Namespace (if applicable), -// APIVersion and Kind populated. It is possible that no managed fields were found for because other -// field managers have taken ownership of all the fields previously owned by fieldManager, or because -// the fieldManager never owned fields any fields. -// machineConfigNode must be a unmodified MachineConfigNode API object that was retrieved from the Kubernetes API. -// ExtractMachineConfigNode provides a way to perform a extract/modify-in-place/apply workflow. -// Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously -// applied if another fieldManager has updated or force applied any of the previously applied fields. -func ExtractMachineConfigNode(machineConfigNode *machineconfigurationv1alpha1.MachineConfigNode, fieldManager string) (*MachineConfigNodeApplyConfiguration, error) { - return ExtractMachineConfigNodeFrom(machineConfigNode, fieldManager, "") -} - -// ExtractMachineConfigNodeStatus extracts the applied configuration owned by fieldManager from -// machineConfigNode for the status subresource. -func ExtractMachineConfigNodeStatus(machineConfigNode *machineconfigurationv1alpha1.MachineConfigNode, fieldManager string) (*MachineConfigNodeApplyConfiguration, error) { - return ExtractMachineConfigNodeFrom(machineConfigNode, fieldManager, "status") -} - -func (b MachineConfigNodeApplyConfiguration) IsApplyConfiguration() {} - -// WithKind sets the Kind field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Kind field is set to the value of the last call. -func (b *MachineConfigNodeApplyConfiguration) WithKind(value string) *MachineConfigNodeApplyConfiguration { - b.TypeMetaApplyConfiguration.Kind = &value - return b -} - -// WithAPIVersion sets the APIVersion field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the APIVersion field is set to the value of the last call. -func (b *MachineConfigNodeApplyConfiguration) WithAPIVersion(value string) *MachineConfigNodeApplyConfiguration { - b.TypeMetaApplyConfiguration.APIVersion = &value - return b -} - -// WithName sets the Name field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Name field is set to the value of the last call. -func (b *MachineConfigNodeApplyConfiguration) WithName(value string) *MachineConfigNodeApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.ObjectMetaApplyConfiguration.Name = &value - return b -} - -// WithGenerateName sets the GenerateName field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the GenerateName field is set to the value of the last call. -func (b *MachineConfigNodeApplyConfiguration) WithGenerateName(value string) *MachineConfigNodeApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.ObjectMetaApplyConfiguration.GenerateName = &value - return b -} - -// WithNamespace sets the Namespace field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Namespace field is set to the value of the last call. -func (b *MachineConfigNodeApplyConfiguration) WithNamespace(value string) *MachineConfigNodeApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.ObjectMetaApplyConfiguration.Namespace = &value - return b -} - -// WithUID sets the UID field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the UID field is set to the value of the last call. -func (b *MachineConfigNodeApplyConfiguration) WithUID(value types.UID) *MachineConfigNodeApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.ObjectMetaApplyConfiguration.UID = &value - return b -} - -// WithResourceVersion sets the ResourceVersion field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the ResourceVersion field is set to the value of the last call. -func (b *MachineConfigNodeApplyConfiguration) WithResourceVersion(value string) *MachineConfigNodeApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.ObjectMetaApplyConfiguration.ResourceVersion = &value - return b -} - -// WithGeneration sets the Generation field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Generation field is set to the value of the last call. -func (b *MachineConfigNodeApplyConfiguration) WithGeneration(value int64) *MachineConfigNodeApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.ObjectMetaApplyConfiguration.Generation = &value - return b -} - -// WithCreationTimestamp sets the CreationTimestamp field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the CreationTimestamp field is set to the value of the last call. -func (b *MachineConfigNodeApplyConfiguration) WithCreationTimestamp(value metav1.Time) *MachineConfigNodeApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.ObjectMetaApplyConfiguration.CreationTimestamp = &value - return b -} - -// WithDeletionTimestamp sets the DeletionTimestamp field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the DeletionTimestamp field is set to the value of the last call. -func (b *MachineConfigNodeApplyConfiguration) WithDeletionTimestamp(value metav1.Time) *MachineConfigNodeApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.ObjectMetaApplyConfiguration.DeletionTimestamp = &value - return b -} - -// WithDeletionGracePeriodSeconds sets the DeletionGracePeriodSeconds field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the DeletionGracePeriodSeconds field is set to the value of the last call. -func (b *MachineConfigNodeApplyConfiguration) WithDeletionGracePeriodSeconds(value int64) *MachineConfigNodeApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.ObjectMetaApplyConfiguration.DeletionGracePeriodSeconds = &value - return b -} - -// WithLabels puts the entries into the Labels field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, the entries provided by each call will be put on the Labels field, -// overwriting an existing map entries in Labels field with the same key. -func (b *MachineConfigNodeApplyConfiguration) WithLabels(entries map[string]string) *MachineConfigNodeApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - if b.ObjectMetaApplyConfiguration.Labels == nil && len(entries) > 0 { - b.ObjectMetaApplyConfiguration.Labels = make(map[string]string, len(entries)) - } - for k, v := range entries { - b.ObjectMetaApplyConfiguration.Labels[k] = v - } - return b -} - -// WithAnnotations puts the entries into the Annotations field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, the entries provided by each call will be put on the Annotations field, -// overwriting an existing map entries in Annotations field with the same key. -func (b *MachineConfigNodeApplyConfiguration) WithAnnotations(entries map[string]string) *MachineConfigNodeApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - if b.ObjectMetaApplyConfiguration.Annotations == nil && len(entries) > 0 { - b.ObjectMetaApplyConfiguration.Annotations = make(map[string]string, len(entries)) - } - for k, v := range entries { - b.ObjectMetaApplyConfiguration.Annotations[k] = v - } - return b -} - -// WithOwnerReferences adds the given value to the OwnerReferences field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, values provided by each call will be appended to the OwnerReferences field. -func (b *MachineConfigNodeApplyConfiguration) WithOwnerReferences(values ...*v1.OwnerReferenceApplyConfiguration) *MachineConfigNodeApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - for i := range values { - if values[i] == nil { - panic("nil value passed to WithOwnerReferences") - } - b.ObjectMetaApplyConfiguration.OwnerReferences = append(b.ObjectMetaApplyConfiguration.OwnerReferences, *values[i]) - } - return b -} - -// WithFinalizers adds the given value to the Finalizers field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, values provided by each call will be appended to the Finalizers field. -func (b *MachineConfigNodeApplyConfiguration) WithFinalizers(values ...string) *MachineConfigNodeApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - for i := range values { - b.ObjectMetaApplyConfiguration.Finalizers = append(b.ObjectMetaApplyConfiguration.Finalizers, values[i]) - } - return b -} - -func (b *MachineConfigNodeApplyConfiguration) ensureObjectMetaApplyConfigurationExists() { - if b.ObjectMetaApplyConfiguration == nil { - b.ObjectMetaApplyConfiguration = &v1.ObjectMetaApplyConfiguration{} - } -} - -// WithSpec sets the Spec field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Spec field is set to the value of the last call. -func (b *MachineConfigNodeApplyConfiguration) WithSpec(value *MachineConfigNodeSpecApplyConfiguration) *MachineConfigNodeApplyConfiguration { - b.Spec = value - return b -} - -// WithStatus sets the Status field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Status field is set to the value of the last call. -func (b *MachineConfigNodeApplyConfiguration) WithStatus(value *MachineConfigNodeStatusApplyConfiguration) *MachineConfigNodeApplyConfiguration { - b.Status = value - return b -} - -// GetKind retrieves the value of the Kind field in the declarative configuration. -func (b *MachineConfigNodeApplyConfiguration) GetKind() *string { - return b.TypeMetaApplyConfiguration.Kind -} - -// GetAPIVersion retrieves the value of the APIVersion field in the declarative configuration. -func (b *MachineConfigNodeApplyConfiguration) GetAPIVersion() *string { - return b.TypeMetaApplyConfiguration.APIVersion -} - -// GetName retrieves the value of the Name field in the declarative configuration. -func (b *MachineConfigNodeApplyConfiguration) GetName() *string { - b.ensureObjectMetaApplyConfigurationExists() - return b.ObjectMetaApplyConfiguration.Name -} - -// GetNamespace retrieves the value of the Namespace field in the declarative configuration. -func (b *MachineConfigNodeApplyConfiguration) GetNamespace() *string { - b.ensureObjectMetaApplyConfigurationExists() - return b.ObjectMetaApplyConfiguration.Namespace -} diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/machineconfignodespec.go b/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/machineconfignodespec.go deleted file mode 100644 index 3de85558ce..0000000000 --- a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/machineconfignodespec.go +++ /dev/null @@ -1,49 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -// MachineConfigNodeSpecApplyConfiguration represents a declarative configuration of the MachineConfigNodeSpec type for use -// with apply. -// -// MachineConfigNodeSpec describes the MachineConfigNode we are managing. -type MachineConfigNodeSpecApplyConfiguration struct { - // node contains a reference to the node for this machine config node. - Node *MCOObjectReferenceApplyConfiguration `json:"node,omitempty"` - // pool contains a reference to the machine config pool that this machine config node's - // referenced node belongs to. - Pool *MCOObjectReferenceApplyConfiguration `json:"pool,omitempty"` - // configVersion holds the desired config version for the node targeted by this machine config node resource. - // The desired version represents the machine config the node will attempt to update to and gets set before the machine config operator validates - // the new machine config against the current machine config. - ConfigVersion *MachineConfigNodeSpecMachineConfigVersionApplyConfiguration `json:"configVersion,omitempty"` -} - -// MachineConfigNodeSpecApplyConfiguration constructs a declarative configuration of the MachineConfigNodeSpec type for use with -// apply. -func MachineConfigNodeSpec() *MachineConfigNodeSpecApplyConfiguration { - return &MachineConfigNodeSpecApplyConfiguration{} -} - -// WithNode sets the Node field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Node field is set to the value of the last call. -func (b *MachineConfigNodeSpecApplyConfiguration) WithNode(value *MCOObjectReferenceApplyConfiguration) *MachineConfigNodeSpecApplyConfiguration { - b.Node = value - return b -} - -// WithPool sets the Pool field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Pool field is set to the value of the last call. -func (b *MachineConfigNodeSpecApplyConfiguration) WithPool(value *MCOObjectReferenceApplyConfiguration) *MachineConfigNodeSpecApplyConfiguration { - b.Pool = value - return b -} - -// WithConfigVersion sets the ConfigVersion field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the ConfigVersion field is set to the value of the last call. -func (b *MachineConfigNodeSpecApplyConfiguration) WithConfigVersion(value *MachineConfigNodeSpecMachineConfigVersionApplyConfiguration) *MachineConfigNodeSpecApplyConfiguration { - b.ConfigVersion = value - return b -} diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/machineconfignodespecmachineconfigversion.go b/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/machineconfignodespecmachineconfigversion.go deleted file mode 100644 index fea4b34d07..0000000000 --- a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/machineconfignodespecmachineconfigversion.go +++ /dev/null @@ -1,35 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -// MachineConfigNodeSpecMachineConfigVersionApplyConfiguration represents a declarative configuration of the MachineConfigNodeSpecMachineConfigVersion type for use -// with apply. -// -// MachineConfigNodeSpecMachineConfigVersion holds the desired config version for the current observed machine config node. -// When Current is not equal to Desired, the MachineConfigOperator is in an upgrade phase and the machine config node will -// take account of upgrade related events. Otherwise, they will be ignored given that certain operations -// happen both during the MCO's upgrade mode and the daily operations mode. -type MachineConfigNodeSpecMachineConfigVersionApplyConfiguration struct { - // desired is the name of the machine config that the the node should be upgraded to. - // This value is set when the machine config pool generates a new version of its rendered configuration. - // When this value is changed, the machine config daemon starts the node upgrade process. - // This value gets set in the machine config node spec once the machine config has been targeted for upgrade and before it is validated. - // Must be a lowercase RFC-1123 subdomain name (https://tools.ietf.org/html/rfc1123) consisting - // of only lowercase alphanumeric characters, hyphens (-), and periods (.), and must start and end - // with an alphanumeric character, and be at most 253 characters in length. - Desired *string `json:"desired,omitempty"` -} - -// MachineConfigNodeSpecMachineConfigVersionApplyConfiguration constructs a declarative configuration of the MachineConfigNodeSpecMachineConfigVersion type for use with -// apply. -func MachineConfigNodeSpecMachineConfigVersion() *MachineConfigNodeSpecMachineConfigVersionApplyConfiguration { - return &MachineConfigNodeSpecMachineConfigVersionApplyConfiguration{} -} - -// WithDesired sets the Desired field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Desired field is set to the value of the last call. -func (b *MachineConfigNodeSpecMachineConfigVersionApplyConfiguration) WithDesired(value string) *MachineConfigNodeSpecMachineConfigVersionApplyConfiguration { - b.Desired = &value - return b -} diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/machineconfignodestatus.go b/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/machineconfignodestatus.go deleted file mode 100644 index 30a2ea48d2..0000000000 --- a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/machineconfignodestatus.go +++ /dev/null @@ -1,71 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1 "k8s.io/client-go/applyconfigurations/meta/v1" -) - -// MachineConfigNodeStatusApplyConfiguration represents a declarative configuration of the MachineConfigNodeStatus type for use -// with apply. -// -// MachineConfigNodeStatus holds the reported information on a particular machine config node. -type MachineConfigNodeStatusApplyConfiguration struct { - // conditions represent the observations of a machine config node's current state. - Conditions []v1.ConditionApplyConfiguration `json:"conditions,omitempty"` - // observedGeneration represents the generation of the MachineConfigNode object observed by the Machine Config Operator's controller. - // This field is updated when the controller observes a change to the desiredConfig in the configVersion of the machine config node spec. - ObservedGeneration *int64 `json:"observedGeneration,omitempty"` - // configVersion describes the current and desired machine config version for this node. - ConfigVersion *MachineConfigNodeStatusMachineConfigVersionApplyConfiguration `json:"configVersion,omitempty"` - // pinnedImageSets describes the current and desired pinned image sets for this node. - PinnedImageSets []MachineConfigNodeStatusPinnedImageSetApplyConfiguration `json:"pinnedImageSets,omitempty"` -} - -// MachineConfigNodeStatusApplyConfiguration constructs a declarative configuration of the MachineConfigNodeStatus type for use with -// apply. -func MachineConfigNodeStatus() *MachineConfigNodeStatusApplyConfiguration { - return &MachineConfigNodeStatusApplyConfiguration{} -} - -// WithConditions adds the given value to the Conditions field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, values provided by each call will be appended to the Conditions field. -func (b *MachineConfigNodeStatusApplyConfiguration) WithConditions(values ...*v1.ConditionApplyConfiguration) *MachineConfigNodeStatusApplyConfiguration { - for i := range values { - if values[i] == nil { - panic("nil value passed to WithConditions") - } - b.Conditions = append(b.Conditions, *values[i]) - } - return b -} - -// WithObservedGeneration sets the ObservedGeneration field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the ObservedGeneration field is set to the value of the last call. -func (b *MachineConfigNodeStatusApplyConfiguration) WithObservedGeneration(value int64) *MachineConfigNodeStatusApplyConfiguration { - b.ObservedGeneration = &value - return b -} - -// WithConfigVersion sets the ConfigVersion field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the ConfigVersion field is set to the value of the last call. -func (b *MachineConfigNodeStatusApplyConfiguration) WithConfigVersion(value *MachineConfigNodeStatusMachineConfigVersionApplyConfiguration) *MachineConfigNodeStatusApplyConfiguration { - b.ConfigVersion = value - return b -} - -// WithPinnedImageSets adds the given value to the PinnedImageSets field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, values provided by each call will be appended to the PinnedImageSets field. -func (b *MachineConfigNodeStatusApplyConfiguration) WithPinnedImageSets(values ...*MachineConfigNodeStatusPinnedImageSetApplyConfiguration) *MachineConfigNodeStatusApplyConfiguration { - for i := range values { - if values[i] == nil { - panic("nil value passed to WithPinnedImageSets") - } - b.PinnedImageSets = append(b.PinnedImageSets, *values[i]) - } - return b -} diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/machineconfignodestatusmachineconfigversion.go b/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/machineconfignodestatusmachineconfigversion.go deleted file mode 100644 index d2cbf4ac4e..0000000000 --- a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/machineconfignodestatusmachineconfigversion.go +++ /dev/null @@ -1,50 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -// MachineConfigNodeStatusMachineConfigVersionApplyConfiguration represents a declarative configuration of the MachineConfigNodeStatusMachineConfigVersion type for use -// with apply. -// -// MachineConfigNodeStatusMachineConfigVersion holds the current and desired config versions as last updated in the MCN status. -// When the current and desired versions do not match, the machine config pool is processing an upgrade and the machine config node will -// monitor the upgrade process. -// When the current and desired versions do match, the machine config node will ignore these events given that certain operations -// happen both during the MCO's upgrade mode and the daily operations mode. -type MachineConfigNodeStatusMachineConfigVersionApplyConfiguration struct { - // current is the name of the machine config currently in use on the node. - // This value is updated once the machine config daemon has completed the update of the configuration for the node. - // This value should match the desired version unless an upgrade is in progress. - // Must be a lowercase RFC-1123 subdomain name (https://tools.ietf.org/html/rfc1123) consisting - // of only lowercase alphanumeric characters, hyphens (-), and periods (.), and must start and end - // with an alphanumeric character, and be at most 253 characters in length. - Current *string `json:"current,omitempty"` - // desired is the MachineConfig the node wants to upgrade to. - // This value gets set in the machine config node status once the machine config has been validated - // against the current machine config. - // Must be a lowercase RFC-1123 subdomain name (https://tools.ietf.org/html/rfc1123) consisting - // of only lowercase alphanumeric characters, hyphens (-), and periods (.), and must start and end - // with an alphanumeric character, and be at most 253 characters in length. - Desired *string `json:"desired,omitempty"` -} - -// MachineConfigNodeStatusMachineConfigVersionApplyConfiguration constructs a declarative configuration of the MachineConfigNodeStatusMachineConfigVersion type for use with -// apply. -func MachineConfigNodeStatusMachineConfigVersion() *MachineConfigNodeStatusMachineConfigVersionApplyConfiguration { - return &MachineConfigNodeStatusMachineConfigVersionApplyConfiguration{} -} - -// WithCurrent sets the Current field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Current field is set to the value of the last call. -func (b *MachineConfigNodeStatusMachineConfigVersionApplyConfiguration) WithCurrent(value string) *MachineConfigNodeStatusMachineConfigVersionApplyConfiguration { - b.Current = &value - return b -} - -// WithDesired sets the Desired field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Desired field is set to the value of the last call. -func (b *MachineConfigNodeStatusMachineConfigVersionApplyConfiguration) WithDesired(value string) *MachineConfigNodeStatusMachineConfigVersionApplyConfiguration { - b.Desired = &value - return b -} diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/machineconfignodestatuspinnedimageset.go b/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/machineconfignodestatuspinnedimageset.go deleted file mode 100644 index 0fb280a094..0000000000 --- a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/machineconfignodestatuspinnedimageset.go +++ /dev/null @@ -1,70 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -// MachineConfigNodeStatusPinnedImageSetApplyConfiguration represents a declarative configuration of the MachineConfigNodeStatusPinnedImageSet type for use -// with apply. -// -// MachineConfigNodeStatusPinnedImageSet holds information about the current, desired, and failed pinned image sets for the observed machine config node. -type MachineConfigNodeStatusPinnedImageSetApplyConfiguration struct { - // name is the name of the pinned image set. - // Must be a lowercase RFC-1123 subdomain name (https://tools.ietf.org/html/rfc1123) consisting - // of only lowercase alphanumeric characters, hyphens (-), and periods (.), and must start and end - // with an alphanumeric character, and be at most 253 characters in length. - Name *string `json:"name,omitempty"` - // currentGeneration is the generation of the pinned image set that has most recently been successfully pulled and pinned on this node. - CurrentGeneration *int32 `json:"currentGeneration,omitempty"` - // desiredGeneration is the generation of the pinned image set that is targeted to be pulled and pinned on this node. - DesiredGeneration *int32 `json:"desiredGeneration,omitempty"` - // lastFailedGeneration is the generation of the most recent pinned image set that failed to be pulled and pinned on this node. - LastFailedGeneration *int32 `json:"lastFailedGeneration,omitempty"` - // lastFailedGenerationError is the error explaining why the desired images failed to be pulled and pinned. - // The error is an empty string if the image pull and pin is successful. - LastFailedGenerationError *string `json:"lastFailedGenerationError,omitempty"` -} - -// MachineConfigNodeStatusPinnedImageSetApplyConfiguration constructs a declarative configuration of the MachineConfigNodeStatusPinnedImageSet type for use with -// apply. -func MachineConfigNodeStatusPinnedImageSet() *MachineConfigNodeStatusPinnedImageSetApplyConfiguration { - return &MachineConfigNodeStatusPinnedImageSetApplyConfiguration{} -} - -// WithName sets the Name field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Name field is set to the value of the last call. -func (b *MachineConfigNodeStatusPinnedImageSetApplyConfiguration) WithName(value string) *MachineConfigNodeStatusPinnedImageSetApplyConfiguration { - b.Name = &value - return b -} - -// WithCurrentGeneration sets the CurrentGeneration field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the CurrentGeneration field is set to the value of the last call. -func (b *MachineConfigNodeStatusPinnedImageSetApplyConfiguration) WithCurrentGeneration(value int32) *MachineConfigNodeStatusPinnedImageSetApplyConfiguration { - b.CurrentGeneration = &value - return b -} - -// WithDesiredGeneration sets the DesiredGeneration field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the DesiredGeneration field is set to the value of the last call. -func (b *MachineConfigNodeStatusPinnedImageSetApplyConfiguration) WithDesiredGeneration(value int32) *MachineConfigNodeStatusPinnedImageSetApplyConfiguration { - b.DesiredGeneration = &value - return b -} - -// WithLastFailedGeneration sets the LastFailedGeneration field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the LastFailedGeneration field is set to the value of the last call. -func (b *MachineConfigNodeStatusPinnedImageSetApplyConfiguration) WithLastFailedGeneration(value int32) *MachineConfigNodeStatusPinnedImageSetApplyConfiguration { - b.LastFailedGeneration = &value - return b -} - -// WithLastFailedGenerationError sets the LastFailedGenerationError field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the LastFailedGenerationError field is set to the value of the last call. -func (b *MachineConfigNodeStatusPinnedImageSetApplyConfiguration) WithLastFailedGenerationError(value string) *MachineConfigNodeStatusPinnedImageSetApplyConfiguration { - b.LastFailedGenerationError = &value - return b -} diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/mcoobjectreference.go b/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/mcoobjectreference.go deleted file mode 100644 index a44d851dc7..0000000000 --- a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/mcoobjectreference.go +++ /dev/null @@ -1,31 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -// MCOObjectReferenceApplyConfiguration represents a declarative configuration of the MCOObjectReference type for use -// with apply. -// -// MCOObjectReference holds information about an object the MCO either owns -// or modifies in some way -type MCOObjectReferenceApplyConfiguration struct { - // name is the name of the object being referenced. For example, this can represent a machine - // config pool or node name. - // Must be a lowercase RFC-1123 subdomain name (https://tools.ietf.org/html/rfc1123) consisting - // of only lowercase alphanumeric characters, hyphens (-), and periods (.), and must start and end - // with an alphanumeric character, and be at most 253 characters in length. - Name *string `json:"name,omitempty"` -} - -// MCOObjectReferenceApplyConfiguration constructs a declarative configuration of the MCOObjectReference type for use with -// apply. -func MCOObjectReference() *MCOObjectReferenceApplyConfiguration { - return &MCOObjectReferenceApplyConfiguration{} -} - -// WithName sets the Name field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Name field is set to the value of the last call. -func (b *MCOObjectReferenceApplyConfiguration) WithName(value string) *MCOObjectReferenceApplyConfiguration { - b.Name = &value - return b -} diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/osimagestreamspec.go b/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/osimagestreamspec.go index 8cc71a367c..c9979e8dd6 100644 --- a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/osimagestreamspec.go +++ b/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/osimagestreamspec.go @@ -26,6 +26,7 @@ type OSImageStreamSpecApplyConfiguration struct { // valid value is accepted. // // When omitted, the operator determines the default stream automatically. + // Once set, this field cannot be removed. // // It must be a valid RFC 1123 subdomain between 1 and 253 characters in length, // consisting of lowercase alphanumeric characters, hyphens ('-'), and periods ('.'). diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/pinnedimageref.go b/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/pinnedimageref.go deleted file mode 100644 index a7c9110d9a..0000000000 --- a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/pinnedimageref.go +++ /dev/null @@ -1,31 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - machineconfigurationv1alpha1 "github.com/openshift/api/machineconfiguration/v1alpha1" -) - -// PinnedImageRefApplyConfiguration represents a declarative configuration of the PinnedImageRef type for use -// with apply. -type PinnedImageRefApplyConfiguration struct { - // name is an OCI Image referenced by digest. - // The format of the image pull spec is: host[:port][/namespace]/name@sha256:, - // where the digest must be 64 characters long, and consist only of lowercase hexadecimal characters, a-f and 0-9. - // The length of the whole spec must be between 1 to 447 characters. - Name *machineconfigurationv1alpha1.ImageDigestFormat `json:"name,omitempty"` -} - -// PinnedImageRefApplyConfiguration constructs a declarative configuration of the PinnedImageRef type for use with -// apply. -func PinnedImageRef() *PinnedImageRefApplyConfiguration { - return &PinnedImageRefApplyConfiguration{} -} - -// WithName sets the Name field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Name field is set to the value of the last call. -func (b *PinnedImageRefApplyConfiguration) WithName(value machineconfigurationv1alpha1.ImageDigestFormat) *PinnedImageRefApplyConfiguration { - b.Name = &value - return b -} diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/pinnedimageset.go b/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/pinnedimageset.go deleted file mode 100644 index 933222ce6f..0000000000 --- a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/pinnedimageset.go +++ /dev/null @@ -1,276 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - machineconfigurationv1alpha1 "github.com/openshift/api/machineconfiguration/v1alpha1" - internal "github.com/openshift/client-go/machineconfiguration/applyconfigurations/internal" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - managedfields "k8s.io/apimachinery/pkg/util/managedfields" - v1 "k8s.io/client-go/applyconfigurations/meta/v1" -) - -// PinnedImageSetApplyConfiguration represents a declarative configuration of the PinnedImageSet type for use -// with apply. -// -// PinnedImageSet describes a set of images that should be pinned by CRI-O and -// pulled to the nodes which are members of the declared MachineConfigPools. -// -// Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. -type PinnedImageSetApplyConfiguration struct { - v1.TypeMetaApplyConfiguration `json:",inline"` - *v1.ObjectMetaApplyConfiguration `json:"metadata,omitempty"` - // spec describes the configuration of this pinned image set. - Spec *PinnedImageSetSpecApplyConfiguration `json:"spec,omitempty"` - // status describes the last observed state of this pinned image set. - Status *PinnedImageSetStatusApplyConfiguration `json:"status,omitempty"` -} - -// PinnedImageSet constructs a declarative configuration of the PinnedImageSet type for use with -// apply. -func PinnedImageSet(name string) *PinnedImageSetApplyConfiguration { - b := &PinnedImageSetApplyConfiguration{} - b.WithName(name) - b.WithKind("PinnedImageSet") - b.WithAPIVersion("machineconfiguration.openshift.io/v1alpha1") - return b -} - -// ExtractPinnedImageSetFrom extracts the applied configuration owned by fieldManager from -// pinnedImageSet for the specified subresource. Pass an empty string for subresource to extract -// the main resource. Common subresources include "status", "scale", etc. -// pinnedImageSet must be a unmodified PinnedImageSet API object that was retrieved from the Kubernetes API. -// ExtractPinnedImageSetFrom provides a way to perform a extract/modify-in-place/apply workflow. -// Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously -// applied if another fieldManager has updated or force applied any of the previously applied fields. -func ExtractPinnedImageSetFrom(pinnedImageSet *machineconfigurationv1alpha1.PinnedImageSet, fieldManager string, subresource string) (*PinnedImageSetApplyConfiguration, error) { - b := &PinnedImageSetApplyConfiguration{} - err := managedfields.ExtractInto(pinnedImageSet, internal.Parser().Type("com.github.openshift.api.machineconfiguration.v1alpha1.PinnedImageSet"), fieldManager, b, subresource) - if err != nil { - return nil, err - } - b.WithName(pinnedImageSet.Name) - - b.WithKind("PinnedImageSet") - b.WithAPIVersion("machineconfiguration.openshift.io/v1alpha1") - return b, nil -} - -// ExtractPinnedImageSet extracts the applied configuration owned by fieldManager from -// pinnedImageSet. If no managedFields are found in pinnedImageSet for fieldManager, a -// PinnedImageSetApplyConfiguration is returned with only the Name, Namespace (if applicable), -// APIVersion and Kind populated. It is possible that no managed fields were found for because other -// field managers have taken ownership of all the fields previously owned by fieldManager, or because -// the fieldManager never owned fields any fields. -// pinnedImageSet must be a unmodified PinnedImageSet API object that was retrieved from the Kubernetes API. -// ExtractPinnedImageSet provides a way to perform a extract/modify-in-place/apply workflow. -// Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously -// applied if another fieldManager has updated or force applied any of the previously applied fields. -func ExtractPinnedImageSet(pinnedImageSet *machineconfigurationv1alpha1.PinnedImageSet, fieldManager string) (*PinnedImageSetApplyConfiguration, error) { - return ExtractPinnedImageSetFrom(pinnedImageSet, fieldManager, "") -} - -// ExtractPinnedImageSetStatus extracts the applied configuration owned by fieldManager from -// pinnedImageSet for the status subresource. -func ExtractPinnedImageSetStatus(pinnedImageSet *machineconfigurationv1alpha1.PinnedImageSet, fieldManager string) (*PinnedImageSetApplyConfiguration, error) { - return ExtractPinnedImageSetFrom(pinnedImageSet, fieldManager, "status") -} - -func (b PinnedImageSetApplyConfiguration) IsApplyConfiguration() {} - -// WithKind sets the Kind field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Kind field is set to the value of the last call. -func (b *PinnedImageSetApplyConfiguration) WithKind(value string) *PinnedImageSetApplyConfiguration { - b.TypeMetaApplyConfiguration.Kind = &value - return b -} - -// WithAPIVersion sets the APIVersion field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the APIVersion field is set to the value of the last call. -func (b *PinnedImageSetApplyConfiguration) WithAPIVersion(value string) *PinnedImageSetApplyConfiguration { - b.TypeMetaApplyConfiguration.APIVersion = &value - return b -} - -// WithName sets the Name field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Name field is set to the value of the last call. -func (b *PinnedImageSetApplyConfiguration) WithName(value string) *PinnedImageSetApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.ObjectMetaApplyConfiguration.Name = &value - return b -} - -// WithGenerateName sets the GenerateName field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the GenerateName field is set to the value of the last call. -func (b *PinnedImageSetApplyConfiguration) WithGenerateName(value string) *PinnedImageSetApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.ObjectMetaApplyConfiguration.GenerateName = &value - return b -} - -// WithNamespace sets the Namespace field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Namespace field is set to the value of the last call. -func (b *PinnedImageSetApplyConfiguration) WithNamespace(value string) *PinnedImageSetApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.ObjectMetaApplyConfiguration.Namespace = &value - return b -} - -// WithUID sets the UID field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the UID field is set to the value of the last call. -func (b *PinnedImageSetApplyConfiguration) WithUID(value types.UID) *PinnedImageSetApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.ObjectMetaApplyConfiguration.UID = &value - return b -} - -// WithResourceVersion sets the ResourceVersion field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the ResourceVersion field is set to the value of the last call. -func (b *PinnedImageSetApplyConfiguration) WithResourceVersion(value string) *PinnedImageSetApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.ObjectMetaApplyConfiguration.ResourceVersion = &value - return b -} - -// WithGeneration sets the Generation field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Generation field is set to the value of the last call. -func (b *PinnedImageSetApplyConfiguration) WithGeneration(value int64) *PinnedImageSetApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.ObjectMetaApplyConfiguration.Generation = &value - return b -} - -// WithCreationTimestamp sets the CreationTimestamp field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the CreationTimestamp field is set to the value of the last call. -func (b *PinnedImageSetApplyConfiguration) WithCreationTimestamp(value metav1.Time) *PinnedImageSetApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.ObjectMetaApplyConfiguration.CreationTimestamp = &value - return b -} - -// WithDeletionTimestamp sets the DeletionTimestamp field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the DeletionTimestamp field is set to the value of the last call. -func (b *PinnedImageSetApplyConfiguration) WithDeletionTimestamp(value metav1.Time) *PinnedImageSetApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.ObjectMetaApplyConfiguration.DeletionTimestamp = &value - return b -} - -// WithDeletionGracePeriodSeconds sets the DeletionGracePeriodSeconds field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the DeletionGracePeriodSeconds field is set to the value of the last call. -func (b *PinnedImageSetApplyConfiguration) WithDeletionGracePeriodSeconds(value int64) *PinnedImageSetApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.ObjectMetaApplyConfiguration.DeletionGracePeriodSeconds = &value - return b -} - -// WithLabels puts the entries into the Labels field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, the entries provided by each call will be put on the Labels field, -// overwriting an existing map entries in Labels field with the same key. -func (b *PinnedImageSetApplyConfiguration) WithLabels(entries map[string]string) *PinnedImageSetApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - if b.ObjectMetaApplyConfiguration.Labels == nil && len(entries) > 0 { - b.ObjectMetaApplyConfiguration.Labels = make(map[string]string, len(entries)) - } - for k, v := range entries { - b.ObjectMetaApplyConfiguration.Labels[k] = v - } - return b -} - -// WithAnnotations puts the entries into the Annotations field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, the entries provided by each call will be put on the Annotations field, -// overwriting an existing map entries in Annotations field with the same key. -func (b *PinnedImageSetApplyConfiguration) WithAnnotations(entries map[string]string) *PinnedImageSetApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - if b.ObjectMetaApplyConfiguration.Annotations == nil && len(entries) > 0 { - b.ObjectMetaApplyConfiguration.Annotations = make(map[string]string, len(entries)) - } - for k, v := range entries { - b.ObjectMetaApplyConfiguration.Annotations[k] = v - } - return b -} - -// WithOwnerReferences adds the given value to the OwnerReferences field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, values provided by each call will be appended to the OwnerReferences field. -func (b *PinnedImageSetApplyConfiguration) WithOwnerReferences(values ...*v1.OwnerReferenceApplyConfiguration) *PinnedImageSetApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - for i := range values { - if values[i] == nil { - panic("nil value passed to WithOwnerReferences") - } - b.ObjectMetaApplyConfiguration.OwnerReferences = append(b.ObjectMetaApplyConfiguration.OwnerReferences, *values[i]) - } - return b -} - -// WithFinalizers adds the given value to the Finalizers field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, values provided by each call will be appended to the Finalizers field. -func (b *PinnedImageSetApplyConfiguration) WithFinalizers(values ...string) *PinnedImageSetApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - for i := range values { - b.ObjectMetaApplyConfiguration.Finalizers = append(b.ObjectMetaApplyConfiguration.Finalizers, values[i]) - } - return b -} - -func (b *PinnedImageSetApplyConfiguration) ensureObjectMetaApplyConfigurationExists() { - if b.ObjectMetaApplyConfiguration == nil { - b.ObjectMetaApplyConfiguration = &v1.ObjectMetaApplyConfiguration{} - } -} - -// WithSpec sets the Spec field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Spec field is set to the value of the last call. -func (b *PinnedImageSetApplyConfiguration) WithSpec(value *PinnedImageSetSpecApplyConfiguration) *PinnedImageSetApplyConfiguration { - b.Spec = value - return b -} - -// WithStatus sets the Status field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Status field is set to the value of the last call. -func (b *PinnedImageSetApplyConfiguration) WithStatus(value *PinnedImageSetStatusApplyConfiguration) *PinnedImageSetApplyConfiguration { - b.Status = value - return b -} - -// GetKind retrieves the value of the Kind field in the declarative configuration. -func (b *PinnedImageSetApplyConfiguration) GetKind() *string { - return b.TypeMetaApplyConfiguration.Kind -} - -// GetAPIVersion retrieves the value of the APIVersion field in the declarative configuration. -func (b *PinnedImageSetApplyConfiguration) GetAPIVersion() *string { - return b.TypeMetaApplyConfiguration.APIVersion -} - -// GetName retrieves the value of the Name field in the declarative configuration. -func (b *PinnedImageSetApplyConfiguration) GetName() *string { - b.ensureObjectMetaApplyConfigurationExists() - return b.ObjectMetaApplyConfiguration.Name -} - -// GetNamespace retrieves the value of the Namespace field in the declarative configuration. -func (b *PinnedImageSetApplyConfiguration) GetNamespace() *string { - b.ensureObjectMetaApplyConfigurationExists() - return b.ObjectMetaApplyConfiguration.Namespace -} diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/pinnedimagesetspec.go b/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/pinnedimagesetspec.go deleted file mode 100644 index f970e753de..0000000000 --- a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/pinnedimagesetspec.go +++ /dev/null @@ -1,43 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -// PinnedImageSetSpecApplyConfiguration represents a declarative configuration of the PinnedImageSetSpec type for use -// with apply. -// -// PinnedImageSetSpec defines the desired state of a PinnedImageSet. -type PinnedImageSetSpecApplyConfiguration struct { - // pinnedImages is a list of OCI Image referenced by digest that should be - // pinned and pre-loaded by the nodes of a MachineConfigPool. - // Translates into a new file inside the /etc/crio/crio.conf.d directory - // with content similar to this: - // - // pinned_images = [ - // "quay.io/openshift-release-dev/ocp-release@sha256:...", - // "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:...", - // "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:...", - // ... - // ] - // - // These image references should all be by digest, tags aren't allowed. - PinnedImages []PinnedImageRefApplyConfiguration `json:"pinnedImages,omitempty"` -} - -// PinnedImageSetSpecApplyConfiguration constructs a declarative configuration of the PinnedImageSetSpec type for use with -// apply. -func PinnedImageSetSpec() *PinnedImageSetSpecApplyConfiguration { - return &PinnedImageSetSpecApplyConfiguration{} -} - -// WithPinnedImages adds the given value to the PinnedImages field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, values provided by each call will be appended to the PinnedImages field. -func (b *PinnedImageSetSpecApplyConfiguration) WithPinnedImages(values ...*PinnedImageRefApplyConfiguration) *PinnedImageSetSpecApplyConfiguration { - for i := range values { - if values[i] == nil { - panic("nil value passed to WithPinnedImages") - } - b.PinnedImages = append(b.PinnedImages, *values[i]) - } - return b -} diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/pinnedimagesetstatus.go b/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/pinnedimagesetstatus.go deleted file mode 100644 index ecd50b2853..0000000000 --- a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/pinnedimagesetstatus.go +++ /dev/null @@ -1,35 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1 "k8s.io/client-go/applyconfigurations/meta/v1" -) - -// PinnedImageSetStatusApplyConfiguration represents a declarative configuration of the PinnedImageSetStatus type for use -// with apply. -// -// PinnedImageSetStatus describes the current state of a PinnedImageSet. -type PinnedImageSetStatusApplyConfiguration struct { - // conditions represent the observations of a pinned image set's current state. - Conditions []v1.ConditionApplyConfiguration `json:"conditions,omitempty"` -} - -// PinnedImageSetStatusApplyConfiguration constructs a declarative configuration of the PinnedImageSetStatus type for use with -// apply. -func PinnedImageSetStatus() *PinnedImageSetStatusApplyConfiguration { - return &PinnedImageSetStatusApplyConfiguration{} -} - -// WithConditions adds the given value to the Conditions field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, values provided by each call will be appended to the Conditions field. -func (b *PinnedImageSetStatusApplyConfiguration) WithConditions(values ...*v1.ConditionApplyConfiguration) *PinnedImageSetStatusApplyConfiguration { - for i := range values { - if values[i] == nil { - panic("nil value passed to WithConditions") - } - b.Conditions = append(b.Conditions, *values[i]) - } - return b -} diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1/generated_expansion.go b/vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1/generated_expansion.go index c326255951..bd8ab6e162 100644 --- a/vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1/generated_expansion.go +++ b/vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1/generated_expansion.go @@ -18,4 +18,6 @@ type MachineOSBuildExpansion interface{} type MachineOSConfigExpansion interface{} +type OSImageStreamExpansion interface{} + type PinnedImageSetExpansion interface{} diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1/machineconfiguration_client.go b/vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1/machineconfiguration_client.go index a30fc68430..8d661ff173 100644 --- a/vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1/machineconfiguration_client.go +++ b/vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1/machineconfiguration_client.go @@ -20,6 +20,7 @@ type MachineconfigurationV1Interface interface { MachineConfigPoolsGetter MachineOSBuildsGetter MachineOSConfigsGetter + OSImageStreamsGetter PinnedImageSetsGetter } @@ -60,6 +61,10 @@ func (c *MachineconfigurationV1Client) MachineOSConfigs() MachineOSConfigInterfa return newMachineOSConfigs(c) } +func (c *MachineconfigurationV1Client) OSImageStreams() OSImageStreamInterface { + return newOSImageStreams(c) +} + func (c *MachineconfigurationV1Client) PinnedImageSets() PinnedImageSetInterface { return newPinnedImageSets(c) } diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1/osimagestream.go b/vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1/osimagestream.go new file mode 100644 index 0000000000..1643bbf04f --- /dev/null +++ b/vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1/osimagestream.go @@ -0,0 +1,58 @@ +// Code generated by client-gen. DO NOT EDIT. + +package v1 + +import ( + context "context" + + machineconfigurationv1 "github.com/openshift/api/machineconfiguration/v1" + applyconfigurationsmachineconfigurationv1 "github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1" + scheme "github.com/openshift/client-go/machineconfiguration/clientset/versioned/scheme" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + gentype "k8s.io/client-go/gentype" +) + +// OSImageStreamsGetter has a method to return a OSImageStreamInterface. +// A group's client should implement this interface. +type OSImageStreamsGetter interface { + OSImageStreams() OSImageStreamInterface +} + +// OSImageStreamInterface has methods to work with OSImageStream resources. +type OSImageStreamInterface interface { + Create(ctx context.Context, oSImageStream *machineconfigurationv1.OSImageStream, opts metav1.CreateOptions) (*machineconfigurationv1.OSImageStream, error) + Update(ctx context.Context, oSImageStream *machineconfigurationv1.OSImageStream, opts metav1.UpdateOptions) (*machineconfigurationv1.OSImageStream, error) + // Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). + UpdateStatus(ctx context.Context, oSImageStream *machineconfigurationv1.OSImageStream, opts metav1.UpdateOptions) (*machineconfigurationv1.OSImageStream, error) + Delete(ctx context.Context, name string, opts metav1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts metav1.DeleteOptions, listOpts metav1.ListOptions) error + Get(ctx context.Context, name string, opts metav1.GetOptions) (*machineconfigurationv1.OSImageStream, error) + List(ctx context.Context, opts metav1.ListOptions) (*machineconfigurationv1.OSImageStreamList, error) + Watch(ctx context.Context, opts metav1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts metav1.PatchOptions, subresources ...string) (result *machineconfigurationv1.OSImageStream, err error) + Apply(ctx context.Context, oSImageStream *applyconfigurationsmachineconfigurationv1.OSImageStreamApplyConfiguration, opts metav1.ApplyOptions) (result *machineconfigurationv1.OSImageStream, err error) + // Add a +genclient:noStatus comment above the type to avoid generating ApplyStatus(). + ApplyStatus(ctx context.Context, oSImageStream *applyconfigurationsmachineconfigurationv1.OSImageStreamApplyConfiguration, opts metav1.ApplyOptions) (result *machineconfigurationv1.OSImageStream, err error) + OSImageStreamExpansion +} + +// oSImageStreams implements OSImageStreamInterface +type oSImageStreams struct { + *gentype.ClientWithListAndApply[*machineconfigurationv1.OSImageStream, *machineconfigurationv1.OSImageStreamList, *applyconfigurationsmachineconfigurationv1.OSImageStreamApplyConfiguration] +} + +// newOSImageStreams returns a OSImageStreams +func newOSImageStreams(c *MachineconfigurationV1Client) *oSImageStreams { + return &oSImageStreams{ + gentype.NewClientWithListAndApply[*machineconfigurationv1.OSImageStream, *machineconfigurationv1.OSImageStreamList, *applyconfigurationsmachineconfigurationv1.OSImageStreamApplyConfiguration]( + "osimagestreams", + c.RESTClient(), + scheme.ParameterCodec, + "", + func() *machineconfigurationv1.OSImageStream { return &machineconfigurationv1.OSImageStream{} }, + func() *machineconfigurationv1.OSImageStreamList { return &machineconfigurationv1.OSImageStreamList{} }, + ), + } +} diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1alpha1/generated_expansion.go b/vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1alpha1/generated_expansion.go index 33be914914..bac8beb74b 100644 --- a/vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1alpha1/generated_expansion.go +++ b/vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1alpha1/generated_expansion.go @@ -4,8 +4,4 @@ package v1alpha1 type InternalReleaseImageExpansion interface{} -type MachineConfigNodeExpansion interface{} - type OSImageStreamExpansion interface{} - -type PinnedImageSetExpansion interface{} diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1alpha1/machineconfignode.go b/vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1alpha1/machineconfignode.go deleted file mode 100644 index d84721cb07..0000000000 --- a/vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1alpha1/machineconfignode.go +++ /dev/null @@ -1,62 +0,0 @@ -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - context "context" - - machineconfigurationv1alpha1 "github.com/openshift/api/machineconfiguration/v1alpha1" - applyconfigurationsmachineconfigurationv1alpha1 "github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1" - scheme "github.com/openshift/client-go/machineconfiguration/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - gentype "k8s.io/client-go/gentype" -) - -// MachineConfigNodesGetter has a method to return a MachineConfigNodeInterface. -// A group's client should implement this interface. -type MachineConfigNodesGetter interface { - MachineConfigNodes() MachineConfigNodeInterface -} - -// MachineConfigNodeInterface has methods to work with MachineConfigNode resources. -type MachineConfigNodeInterface interface { - Create(ctx context.Context, machineConfigNode *machineconfigurationv1alpha1.MachineConfigNode, opts v1.CreateOptions) (*machineconfigurationv1alpha1.MachineConfigNode, error) - Update(ctx context.Context, machineConfigNode *machineconfigurationv1alpha1.MachineConfigNode, opts v1.UpdateOptions) (*machineconfigurationv1alpha1.MachineConfigNode, error) - // Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). - UpdateStatus(ctx context.Context, machineConfigNode *machineconfigurationv1alpha1.MachineConfigNode, opts v1.UpdateOptions) (*machineconfigurationv1alpha1.MachineConfigNode, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*machineconfigurationv1alpha1.MachineConfigNode, error) - List(ctx context.Context, opts v1.ListOptions) (*machineconfigurationv1alpha1.MachineConfigNodeList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *machineconfigurationv1alpha1.MachineConfigNode, err error) - Apply(ctx context.Context, machineConfigNode *applyconfigurationsmachineconfigurationv1alpha1.MachineConfigNodeApplyConfiguration, opts v1.ApplyOptions) (result *machineconfigurationv1alpha1.MachineConfigNode, err error) - // Add a +genclient:noStatus comment above the type to avoid generating ApplyStatus(). - ApplyStatus(ctx context.Context, machineConfigNode *applyconfigurationsmachineconfigurationv1alpha1.MachineConfigNodeApplyConfiguration, opts v1.ApplyOptions) (result *machineconfigurationv1alpha1.MachineConfigNode, err error) - MachineConfigNodeExpansion -} - -// machineConfigNodes implements MachineConfigNodeInterface -type machineConfigNodes struct { - *gentype.ClientWithListAndApply[*machineconfigurationv1alpha1.MachineConfigNode, *machineconfigurationv1alpha1.MachineConfigNodeList, *applyconfigurationsmachineconfigurationv1alpha1.MachineConfigNodeApplyConfiguration] -} - -// newMachineConfigNodes returns a MachineConfigNodes -func newMachineConfigNodes(c *MachineconfigurationV1alpha1Client) *machineConfigNodes { - return &machineConfigNodes{ - gentype.NewClientWithListAndApply[*machineconfigurationv1alpha1.MachineConfigNode, *machineconfigurationv1alpha1.MachineConfigNodeList, *applyconfigurationsmachineconfigurationv1alpha1.MachineConfigNodeApplyConfiguration]( - "machineconfignodes", - c.RESTClient(), - scheme.ParameterCodec, - "", - func() *machineconfigurationv1alpha1.MachineConfigNode { - return &machineconfigurationv1alpha1.MachineConfigNode{} - }, - func() *machineconfigurationv1alpha1.MachineConfigNodeList { - return &machineconfigurationv1alpha1.MachineConfigNodeList{} - }, - ), - } -} diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1alpha1/machineconfiguration_client.go b/vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1alpha1/machineconfiguration_client.go index 70682ef210..9fefd7bad0 100644 --- a/vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1alpha1/machineconfiguration_client.go +++ b/vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1alpha1/machineconfiguration_client.go @@ -13,9 +13,7 @@ import ( type MachineconfigurationV1alpha1Interface interface { RESTClient() rest.Interface InternalReleaseImagesGetter - MachineConfigNodesGetter OSImageStreamsGetter - PinnedImageSetsGetter } // MachineconfigurationV1alpha1Client is used to interact with features provided by the machineconfiguration.openshift.io group. @@ -27,18 +25,10 @@ func (c *MachineconfigurationV1alpha1Client) InternalReleaseImages() InternalRel return newInternalReleaseImages(c) } -func (c *MachineconfigurationV1alpha1Client) MachineConfigNodes() MachineConfigNodeInterface { - return newMachineConfigNodes(c) -} - func (c *MachineconfigurationV1alpha1Client) OSImageStreams() OSImageStreamInterface { return newOSImageStreams(c) } -func (c *MachineconfigurationV1alpha1Client) PinnedImageSets() PinnedImageSetInterface { - return newPinnedImageSets(c) -} - // NewForConfig creates a new MachineconfigurationV1alpha1Client for the given config. // NewForConfig is equivalent to NewForConfigAndClient(c, httpClient), // where httpClient was generated with rest.HTTPClientFor(c). diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1alpha1/pinnedimageset.go b/vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1alpha1/pinnedimageset.go deleted file mode 100644 index d6aa0f3a26..0000000000 --- a/vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1alpha1/pinnedimageset.go +++ /dev/null @@ -1,62 +0,0 @@ -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - context "context" - - machineconfigurationv1alpha1 "github.com/openshift/api/machineconfiguration/v1alpha1" - applyconfigurationsmachineconfigurationv1alpha1 "github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1" - scheme "github.com/openshift/client-go/machineconfiguration/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - gentype "k8s.io/client-go/gentype" -) - -// PinnedImageSetsGetter has a method to return a PinnedImageSetInterface. -// A group's client should implement this interface. -type PinnedImageSetsGetter interface { - PinnedImageSets() PinnedImageSetInterface -} - -// PinnedImageSetInterface has methods to work with PinnedImageSet resources. -type PinnedImageSetInterface interface { - Create(ctx context.Context, pinnedImageSet *machineconfigurationv1alpha1.PinnedImageSet, opts v1.CreateOptions) (*machineconfigurationv1alpha1.PinnedImageSet, error) - Update(ctx context.Context, pinnedImageSet *machineconfigurationv1alpha1.PinnedImageSet, opts v1.UpdateOptions) (*machineconfigurationv1alpha1.PinnedImageSet, error) - // Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). - UpdateStatus(ctx context.Context, pinnedImageSet *machineconfigurationv1alpha1.PinnedImageSet, opts v1.UpdateOptions) (*machineconfigurationv1alpha1.PinnedImageSet, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*machineconfigurationv1alpha1.PinnedImageSet, error) - List(ctx context.Context, opts v1.ListOptions) (*machineconfigurationv1alpha1.PinnedImageSetList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *machineconfigurationv1alpha1.PinnedImageSet, err error) - Apply(ctx context.Context, pinnedImageSet *applyconfigurationsmachineconfigurationv1alpha1.PinnedImageSetApplyConfiguration, opts v1.ApplyOptions) (result *machineconfigurationv1alpha1.PinnedImageSet, err error) - // Add a +genclient:noStatus comment above the type to avoid generating ApplyStatus(). - ApplyStatus(ctx context.Context, pinnedImageSet *applyconfigurationsmachineconfigurationv1alpha1.PinnedImageSetApplyConfiguration, opts v1.ApplyOptions) (result *machineconfigurationv1alpha1.PinnedImageSet, err error) - PinnedImageSetExpansion -} - -// pinnedImageSets implements PinnedImageSetInterface -type pinnedImageSets struct { - *gentype.ClientWithListAndApply[*machineconfigurationv1alpha1.PinnedImageSet, *machineconfigurationv1alpha1.PinnedImageSetList, *applyconfigurationsmachineconfigurationv1alpha1.PinnedImageSetApplyConfiguration] -} - -// newPinnedImageSets returns a PinnedImageSets -func newPinnedImageSets(c *MachineconfigurationV1alpha1Client) *pinnedImageSets { - return &pinnedImageSets{ - gentype.NewClientWithListAndApply[*machineconfigurationv1alpha1.PinnedImageSet, *machineconfigurationv1alpha1.PinnedImageSetList, *applyconfigurationsmachineconfigurationv1alpha1.PinnedImageSetApplyConfiguration]( - "pinnedimagesets", - c.RESTClient(), - scheme.ParameterCodec, - "", - func() *machineconfigurationv1alpha1.PinnedImageSet { - return &machineconfigurationv1alpha1.PinnedImageSet{} - }, - func() *machineconfigurationv1alpha1.PinnedImageSetList { - return &machineconfigurationv1alpha1.PinnedImageSetList{} - }, - ), - } -} diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/internal/internal.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/internal/internal.go index 13bc4fc94f..a7f34e2640 100644 --- a/vendor/github.com/openshift/client-go/operator/applyconfigurations/internal/internal.go +++ b/vendor/github.com/openshift/client-go/operator/applyconfigurations/internal/internal.go @@ -49,6 +49,12 @@ var schemaYAML = typed.YAMLObject(`types: elementType: scalar: string elementRelationship: atomic + - name: groups + type: + list: + elementType: + scalar: string + elementRelationship: associative - name: minTLSVersion type: scalar: string @@ -105,6 +111,12 @@ var schemaYAML = typed.YAMLObject(`types: elementType: scalar: string elementRelationship: atomic + - name: groups + type: + list: + elementType: + scalar: string + elementRelationship: associative - name: minTLSVersion type: scalar: string @@ -389,6 +401,16 @@ var schemaYAML = typed.YAMLObject(`types: type: scalar: string default: "" +- name: com.github.openshift.api.operator.v1.BGPManagedConfig + map: + fields: + - name: asNumber + type: + scalar: numeric + default: 64512 + - name: bgpTopology + type: + scalar: string - name: com.github.openshift.api.operator.v1.BootImageSkewEnforcementConfig map: fields: @@ -1966,6 +1988,9 @@ var schemaYAML = typed.YAMLObject(`types: - name: clientTimeout type: namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Duration + - name: configurationManagement + type: + scalar: string - name: connectTimeout type: namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Duration @@ -2106,6 +2131,39 @@ var schemaYAML = typed.YAMLObject(`types: elementType: scalar: string elementRelationship: associative +- name: com.github.openshift.api.operator.v1.KMSEncryptionStatus + map: + fields: + - name: healthReports + type: + list: + elementType: + namedType: com.github.openshift.api.operator.v1.KMSPluginHealthReport + elementRelationship: associative + keys: + - nodeName + - keyId +- name: com.github.openshift.api.operator.v1.KMSPluginHealthReport + map: + fields: + - name: detail + type: + scalar: string + - name: kekId + type: + scalar: string + - name: keyId + type: + scalar: string + - name: lastCheckedTime + type: + namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time + - name: nodeName + type: + scalar: string + - name: status + type: + scalar: string - name: com.github.openshift.api.operator.v1.KubeAPIServer map: fields: @@ -2170,6 +2228,10 @@ var schemaYAML = typed.YAMLObject(`types: elementRelationship: associative keys: - type + - name: encryptionStatus + type: + namedType: com.github.openshift.api.operator.v1.KMSEncryptionStatus + default: {} - name: generations type: list: @@ -2837,6 +2899,15 @@ var schemaYAML = typed.YAMLObject(`types: - name: version type: scalar: string +- name: com.github.openshift.api.operator.v1.NoOverlayConfig + map: + fields: + - name: outboundSNAT + type: + scalar: string + - name: routing + type: + scalar: string - name: com.github.openshift.api.operator.v1.NodeDisruptionPolicyClusterStatus map: fields: @@ -3055,6 +3126,10 @@ var schemaYAML = typed.YAMLObject(`types: - name: com.github.openshift.api.operator.v1.OAuthAPIServerStatus map: fields: + - name: encryptionStatus + type: + namedType: com.github.openshift.api.operator.v1.KMSEncryptionStatus + default: {} - name: latestAvailableRevision type: scalar: numeric @@ -3136,6 +3211,10 @@ var schemaYAML = typed.YAMLObject(`types: - name: com.github.openshift.api.operator.v1.OVNKubernetesConfig map: fields: + - name: bgpManagedConfig + type: + namedType: com.github.openshift.api.operator.v1.BGPManagedConfig + default: {} - name: egressIPConfig type: namedType: com.github.openshift.api.operator.v1.EgressIPConfig @@ -3163,12 +3242,19 @@ var schemaYAML = typed.YAMLObject(`types: - name: mtu type: scalar: numeric + - name: noOverlayConfig + type: + namedType: com.github.openshift.api.operator.v1.NoOverlayConfig + default: {} - name: policyAuditConfig type: namedType: com.github.openshift.api.operator.v1.PolicyAuditConfig - name: routeAdvertisements type: scalar: string + - name: transport + type: + scalar: string - name: v4InternalSubnet type: scalar: string @@ -3226,6 +3312,10 @@ var schemaYAML = typed.YAMLObject(`types: elementRelationship: associative keys: - type + - name: encryptionStatus + type: + namedType: com.github.openshift.api.operator.v1.KMSEncryptionStatus + default: {} - name: generations type: list: @@ -4088,6 +4178,9 @@ var schemaYAML = typed.YAMLObject(`types: type: namedType: com.github.openshift.api.operator.v1alpha1.ClusterAPIInstallerComponentImage default: {} + - name: name + type: + scalar: string - name: type type: scalar: string @@ -4117,6 +4210,14 @@ var schemaYAML = typed.YAMLObject(`types: - name: contentID type: scalar: string + - name: manifestSubstitutions + type: + list: + elementType: + namedType: com.github.openshift.api.operator.v1alpha1.ClusterAPIInstallerRevisionManifestSubstitution + elementRelationship: associative + keys: + - key - name: name type: scalar: string @@ -4130,6 +4231,15 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string elementRelationship: atomic elementRelationship: atomic +- name: com.github.openshift.api.operator.v1alpha1.ClusterAPIInstallerRevisionManifestSubstitution + map: + fields: + - name: key + type: + scalar: string + - name: value + type: + scalar: string - name: com.github.openshift.api.operator.v1alpha1.ClusterAPISpec map: fields: @@ -4148,6 +4258,9 @@ var schemaYAML = typed.YAMLObject(`types: - name: desiredRevision type: scalar: string + - name: observedRevisionGeneration + type: + scalar: numeric - name: revisions type: list: diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/awscsidriverconfigspec.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/awscsidriverconfigspec.go index 9274b84ad6..f527a9312a 100644 --- a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/awscsidriverconfigspec.go +++ b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/awscsidriverconfigspec.go @@ -10,6 +10,12 @@ type AWSCSIDriverConfigSpecApplyConfiguration struct { // kmsKeyARN sets the cluster default storage class to encrypt volumes with a user-defined KMS key, // rather than the default KMS key used by AWS. // The value may be either the ARN or Alias ARN of a KMS key. + // + // The ARN must follow the format: arn::kms:::(key|alias)/, where: + // is the AWS partition (aws, aws-cn, aws-us-gov, aws-iso, aws-iso-b, aws-iso-e, aws-iso-f, or aws-eusc), + // is the AWS region, + // is a 12-digit numeric identifier for the AWS account, + // is the KMS key ID or alias name. KMSKeyARN *string `json:"kmsKeyARN,omitempty"` // efsVolumeMetrics sets the configuration for collecting metrics from EFS volumes used by the EFS CSI Driver. EFSVolumeMetrics *AWSEFSVolumeMetricsApplyConfiguration `json:"efsVolumeMetrics,omitempty"` diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/awsnetworkloadbalancerparameters.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/awsnetworkloadbalancerparameters.go index 3785c6995e..40cd5a65b0 100644 --- a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/awsnetworkloadbalancerparameters.go +++ b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/awsnetworkloadbalancerparameters.go @@ -38,6 +38,33 @@ type AWSNetworkLoadBalancerParametersApplyConfiguration struct { // See https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html for general // information about configuration, characteristics, and limitations of Elastic IP addresses. EIPAllocations []operatorv1.EIPAllocation `json:"eipAllocations,omitempty"` + // protocol specifies whether the Network Load Balancer uses PROXY + // protocol to forward connections to the IngressController. + // + // When set to "TCP", the NLB uses AWS's native client IP preservation. + // This may cause hairpin connection failures for internal load + // balancers when connections are made from pods to router pods on + // the same node. + // + // When set to "PROXY", the NLB disables native client IP preservation + // and uses PROXY protocol v2. The IngressController enables PROXY + // protocol on HAProxy so that it can parse PROXY protocol headers to + // obtain the original client IP. This avoids hairpin connection + // failures. + // + // The following values are valid for this field: + // + // * "TCP". + // * "PROXY". + // + // When omitted, this means the user has no opinion and the value is + // left to the platform to choose a reasonable default, which is subject to + // change over time. The current default is "PROXY". + // + // Note that changing this field may cause brief connection failures + // during the transition as the NLB attribute change and router rollout + // occur independently. + Protocol *operatorv1.NLBProtocol `json:"protocol,omitempty"` } // AWSNetworkLoadBalancerParametersApplyConfiguration constructs a declarative configuration of the AWSNetworkLoadBalancerParameters type for use with @@ -63,3 +90,11 @@ func (b *AWSNetworkLoadBalancerParametersApplyConfiguration) WithEIPAllocations( } return b } + +// WithProtocol sets the Protocol field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Protocol field is set to the value of the last call. +func (b *AWSNetworkLoadBalancerParametersApplyConfiguration) WithProtocol(value operatorv1.NLBProtocol) *AWSNetworkLoadBalancerParametersApplyConfiguration { + b.Protocol = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/bgpmanagedconfig.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/bgpmanagedconfig.go new file mode 100644 index 0000000000..071ac3fc23 --- /dev/null +++ b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/bgpmanagedconfig.go @@ -0,0 +1,46 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +import ( + operatorv1 "github.com/openshift/api/operator/v1" +) + +// BGPManagedConfigApplyConfiguration represents a declarative configuration of the BGPManagedConfig type for use +// with apply. +// +// BGPManagedConfig contains configuration options for BGP when routing is "Managed". +type BGPManagedConfigApplyConfiguration struct { + // asNumber is the 2-byte or 4-byte Autonomous System Number (ASN) + // to be used in the generated FRR configuration. + // Valid values are 1 to 4294967295. + // When omitted, this defaults to 64512. + ASNumber *int64 `json:"asNumber,omitempty"` + // bgpTopology defines the BGP topology to be used. + // Allowed values are "FullMesh". + // When set to "FullMesh", every node peers directly with every other node via BGP. + // This field is required when BGPManagedConfig is specified. + BGPTopology *operatorv1.BGPTopology `json:"bgpTopology,omitempty"` +} + +// BGPManagedConfigApplyConfiguration constructs a declarative configuration of the BGPManagedConfig type for use with +// apply. +func BGPManagedConfig() *BGPManagedConfigApplyConfiguration { + return &BGPManagedConfigApplyConfiguration{} +} + +// WithASNumber sets the ASNumber field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the ASNumber field is set to the value of the last call. +func (b *BGPManagedConfigApplyConfiguration) WithASNumber(value int64) *BGPManagedConfigApplyConfiguration { + b.ASNumber = &value + return b +} + +// WithBGPTopology sets the BGPTopology field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the BGPTopology field is set to the value of the last call. +func (b *BGPManagedConfigApplyConfiguration) WithBGPTopology(value operatorv1.BGPTopology) *BGPManagedConfigApplyConfiguration { + b.BGPTopology = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/csidriverconfigspec.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/csidriverconfigspec.go index 215a65371c..4ff829f8a7 100644 --- a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/csidriverconfigspec.go +++ b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/csidriverconfigspec.go @@ -14,7 +14,7 @@ import ( type CSIDriverConfigSpecApplyConfiguration struct { // driverType indicates type of CSI driver for which the // driverConfig is being applied to. - // Valid values are: AWS, Azure, GCP, IBMCloud, vSphere and omitted. + // Valid values are: AWS, Azure, GCP, IBMCloud, vSphere, SecretsStore and omitted. // Consumers should treat unknown values as a NO-OP. DriverType *operatorv1.CSIDriverType `json:"driverType,omitempty"` // aws is used to configure the AWS CSI driver. @@ -27,6 +27,8 @@ type CSIDriverConfigSpecApplyConfiguration struct { IBMCloud *IBMCloudCSIDriverConfigSpecApplyConfiguration `json:"ibmcloud,omitempty"` // vSphere is used to configure the vsphere CSI driver. VSphere *VSphereCSIDriverConfigSpecApplyConfiguration `json:"vSphere,omitempty"` + // secretsStore is used to configure the Secrets Store CSI driver. + SecretsStore *SecretsStoreCSIDriverConfigSpecApplyConfiguration `json:"secretsStore,omitempty"` } // CSIDriverConfigSpecApplyConfiguration constructs a declarative configuration of the CSIDriverConfigSpec type for use with @@ -82,3 +84,11 @@ func (b *CSIDriverConfigSpecApplyConfiguration) WithVSphere(value *VSphereCSIDri b.VSphere = value return b } + +// WithSecretsStore sets the SecretsStore field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the SecretsStore field is set to the value of the last call. +func (b *CSIDriverConfigSpecApplyConfiguration) WithSecretsStore(value *SecretsStoreCSIDriverConfigSpecApplyConfiguration) *CSIDriverConfigSpecApplyConfiguration { + b.SecretsStore = value + return b +} diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/customsecretrotation.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/customsecretrotation.go new file mode 100644 index 0000000000..1dd976a86a --- /dev/null +++ b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/customsecretrotation.go @@ -0,0 +1,31 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +// CustomSecretRotationApplyConfiguration represents a declarative configuration of the CustomSecretRotation type for use +// with apply. +// +// CustomSecretRotation holds configuration for custom secret rotation behavior. +type CustomSecretRotationApplyConfiguration struct { + // rotationPollIntervalSeconds is the minimum time in seconds between secret + // rotation attempts. The driver skips provider calls if less than this interval + // has elapsed since the last successful rotation. + // Must be at least 1 second and no more than 31560000 seconds (~1 year). + // When omitted, this means no opinion and the platform is left to choose a + // reasonable default, which is subject to change over time. + RotationPollIntervalSeconds *int32 `json:"rotationPollIntervalSeconds,omitempty"` +} + +// CustomSecretRotationApplyConfiguration constructs a declarative configuration of the CustomSecretRotation type for use with +// apply. +func CustomSecretRotation() *CustomSecretRotationApplyConfiguration { + return &CustomSecretRotationApplyConfiguration{} +} + +// WithRotationPollIntervalSeconds sets the RotationPollIntervalSeconds field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the RotationPollIntervalSeconds field is set to the value of the last call. +func (b *CustomSecretRotationApplyConfiguration) WithRotationPollIntervalSeconds(value int32) *CustomSecretRotationApplyConfiguration { + b.RotationPollIntervalSeconds = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/etcdspec.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/etcdspec.go index c3f57e5165..5b685313a2 100644 --- a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/etcdspec.go +++ b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/etcdspec.go @@ -19,7 +19,7 @@ type EtcdSpecApplyConfiguration struct { // which is subject to change without notice. HardwareSpeed *operatorv1.ControlPlaneHardwareSpeed `json:"controlPlaneHardwareSpeed,omitempty"` // backendQuotaGiB sets the etcd backend storage size limit in gibibytes. - // The value should be an integer not less than 8 and not more than 32. + // The value should be an integer not less than 8 and not more than 16. // When not specified, the default value is 8. BackendQuotaGiB *int32 `json:"backendQuotaGiB,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/ingresscontrollertuningoptions.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/ingresscontrollertuningoptions.go index 831ef5130e..d62c99282a 100644 --- a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/ingresscontrollertuningoptions.go +++ b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/ingresscontrollertuningoptions.go @@ -3,6 +3,7 @@ package v1 import ( + operatorv1 "github.com/openshift/api/operator/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) @@ -209,6 +210,32 @@ type IngressControllerTuningOptionsApplyConfiguration struct { // be reloaded less frequently, and newly created routes will not be served until the // subsequent reload. ReloadInterval *metav1.Duration `json:"reloadInterval,omitempty"` + // configurationManagement specifies how OpenShift router should update + // the HAProxy configuration. The following values are valid for this + // field: + // + // * "ForkAndReload". + // * "Dynamic". + // + // Omitting this field means that the user has no opinion and the + // platform may choose a reasonable default. This default is subject to + // change over time. The current default is "ForkAndReload". + // + // "ForkAndReload" means that OpenShift router should rewrite the + // HAProxy configuration file and instruct HAProxy to fork and reload. + // This is OpenShift router's traditional approach. + // + // "Dynamic" means that OpenShift router may use HAProxy's control + // socket for some configuration updates and fall back to fork and + // reload for other configuration updates. This is a newer approach, + // which may be less mature than ForkAndReload. This setting can + // improve load-balancing fairness and metrics accuracy and reduce CPU + // and memory usage if HAProxy has frequent configuration updates for + // route and endpoints updates. + // + // Note: The "Dynamic" option is currently experimental and should not + // be enabled on production clusters. + ConfigurationManagement *operatorv1.IngressControllerConfigurationManagement `json:"configurationManagement,omitempty"` } // IngressControllerTuningOptionsApplyConfiguration constructs a declarative configuration of the IngressControllerTuningOptions type for use with @@ -328,3 +355,11 @@ func (b *IngressControllerTuningOptionsApplyConfiguration) WithReloadInterval(va b.ReloadInterval = &value return b } + +// WithConfigurationManagement sets the ConfigurationManagement field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the ConfigurationManagement field is set to the value of the last call. +func (b *IngressControllerTuningOptionsApplyConfiguration) WithConfigurationManagement(value operatorv1.IngressControllerConfigurationManagement) *IngressControllerTuningOptionsApplyConfiguration { + b.ConfigurationManagement = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/kmsencryptionstatus.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/kmsencryptionstatus.go new file mode 100644 index 0000000000..34297c2140 --- /dev/null +++ b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/kmsencryptionstatus.go @@ -0,0 +1,31 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +// KMSEncryptionStatusApplyConfiguration represents a declarative configuration of the KMSEncryptionStatus type for use +// with apply. +type KMSEncryptionStatusApplyConfiguration struct { + // healthReports contains all KMS plugin health reports. + // When omitted, no health reports are available. + // Each entry must have a unique combination of nodeName and keyId. + HealthReports []KMSPluginHealthReportApplyConfiguration `json:"healthReports,omitempty"` +} + +// KMSEncryptionStatusApplyConfiguration constructs a declarative configuration of the KMSEncryptionStatus type for use with +// apply. +func KMSEncryptionStatus() *KMSEncryptionStatusApplyConfiguration { + return &KMSEncryptionStatusApplyConfiguration{} +} + +// WithHealthReports adds the given value to the HealthReports field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the HealthReports field. +func (b *KMSEncryptionStatusApplyConfiguration) WithHealthReports(values ...*KMSPluginHealthReportApplyConfiguration) *KMSEncryptionStatusApplyConfiguration { + for i := range values { + if values[i] == nil { + panic("nil value passed to WithHealthReports") + } + b.HealthReports = append(b.HealthReports, *values[i]) + } + return b +} diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/kmspluginhealthreport.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/kmspluginhealthreport.go new file mode 100644 index 0000000000..40d8eac773 --- /dev/null +++ b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/kmspluginhealthreport.go @@ -0,0 +1,91 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +import ( + operatorv1 "github.com/openshift/api/operator/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +// KMSPluginHealthReportApplyConfiguration represents a declarative configuration of the KMSPluginHealthReport type for use +// with apply. +type KMSPluginHealthReportApplyConfiguration struct { + // nodeName is the name of the node this instance of the plugin runs on. + // The combination of nodeName and keyId makes this health report unique. + // The value must be a valid Kubernetes node name: a lowercase RFC 1123 subdomain + // consisting of lowercase alphanumeric characters, '-' or '.', starting and ending with + // an alphanumeric character, and be at most 253 characters in length. + NodeName *string `json:"nodeName,omitempty"` + // keyId is the encryption-key-secret id (kms-{keyId}.sock), a unique identifier of the plugin on that node. + // This is not a cryptographic key used to encrypt/decrypt any resources. + // The value must be between 1 and 512 characters. + KeyId *string `json:"keyId,omitempty"` + // status contains a health indicator for the respective KMS plugin + // The field can have three states: healthy, unhealthy, error. + // With error and unhealthy containing additional information in Detail. + Status *operatorv1.KMSPluginHealthStatus `json:"status,omitempty"` + // lastCheckedTime is a timestamp of when the probe was last checked. + LastCheckedTime *metav1.Time `json:"lastCheckedTime,omitempty"` + // kekId refers to the remote KEK id from KMS v2 StatusResponse.key_id. + // This is not a cryptographic key, but a unique representation of the KEK. + // The value must be between 1 and 1024 characters. + KEKId *string `json:"kekId,omitempty"` + // detail contains additional error/health information for the respective KMS plugin. + // When omitted, no additional error or health information is provided. + // When set, the value must be between 1 and 1024 characters. + Detail *string `json:"detail,omitempty"` +} + +// KMSPluginHealthReportApplyConfiguration constructs a declarative configuration of the KMSPluginHealthReport type for use with +// apply. +func KMSPluginHealthReport() *KMSPluginHealthReportApplyConfiguration { + return &KMSPluginHealthReportApplyConfiguration{} +} + +// WithNodeName sets the NodeName field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the NodeName field is set to the value of the last call. +func (b *KMSPluginHealthReportApplyConfiguration) WithNodeName(value string) *KMSPluginHealthReportApplyConfiguration { + b.NodeName = &value + return b +} + +// WithKeyId sets the KeyId field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the KeyId field is set to the value of the last call. +func (b *KMSPluginHealthReportApplyConfiguration) WithKeyId(value string) *KMSPluginHealthReportApplyConfiguration { + b.KeyId = &value + return b +} + +// WithStatus sets the Status field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Status field is set to the value of the last call. +func (b *KMSPluginHealthReportApplyConfiguration) WithStatus(value operatorv1.KMSPluginHealthStatus) *KMSPluginHealthReportApplyConfiguration { + b.Status = &value + return b +} + +// WithLastCheckedTime sets the LastCheckedTime field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the LastCheckedTime field is set to the value of the last call. +func (b *KMSPluginHealthReportApplyConfiguration) WithLastCheckedTime(value metav1.Time) *KMSPluginHealthReportApplyConfiguration { + b.LastCheckedTime = &value + return b +} + +// WithKEKId sets the KEKId field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the KEKId field is set to the value of the last call. +func (b *KMSPluginHealthReportApplyConfiguration) WithKEKId(value string) *KMSPluginHealthReportApplyConfiguration { + b.KEKId = &value + return b +} + +// WithDetail sets the Detail field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Detail field is set to the value of the last call. +func (b *KMSPluginHealthReportApplyConfiguration) WithDetail(value string) *KMSPluginHealthReportApplyConfiguration { + b.Detail = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/kubeapiserverstatus.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/kubeapiserverstatus.go index b6b6bd8664..c6eec2ce4f 100644 --- a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/kubeapiserverstatus.go +++ b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/kubeapiserverstatus.go @@ -12,6 +12,8 @@ type KubeAPIServerStatusApplyConfiguration struct { // The default expiration for the items is set by the platform and it defaults to 24h. // see: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#service-account-token-volume-projection ServiceAccountIssuers []ServiceAccountIssuerStatusApplyConfiguration `json:"serviceAccountIssuers,omitempty"` + // encryptionStatus contains status reports for the KMS plugin health and its key rotation. + EncryptionStatus *KMSEncryptionStatusApplyConfiguration `json:"encryptionStatus,omitempty"` } // KubeAPIServerStatusApplyConfiguration constructs a declarative configuration of the KubeAPIServerStatus type for use with @@ -111,3 +113,11 @@ func (b *KubeAPIServerStatusApplyConfiguration) WithServiceAccountIssuers(values } return b } + +// WithEncryptionStatus sets the EncryptionStatus field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the EncryptionStatus field is set to the value of the last call. +func (b *KubeAPIServerStatusApplyConfiguration) WithEncryptionStatus(value *KMSEncryptionStatusApplyConfiguration) *KubeAPIServerStatusApplyConfiguration { + b.EncryptionStatus = value + return b +} diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/managedtokenrequests.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/managedtokenrequests.go new file mode 100644 index 0000000000..5b65a6628d --- /dev/null +++ b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/managedtokenrequests.go @@ -0,0 +1,43 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +// ManagedTokenRequestsApplyConfiguration represents a declarative configuration of the ManagedTokenRequests type for use +// with apply. +// +// ManagedTokenRequests holds the configuration for operator-managed +// service account token requests. +type ManagedTokenRequestsApplyConfiguration struct { + // audiences specifies service account token audiences that kubelet will + // provide to the CSI driver during NodePublishVolume calls. These tokens + // enable workload identity federation (WIF) with cloud providers such as + // AWS, Azure, and GCP. + // When empty, the operator clears all tokenRequests from the CSIDriver object. + Audiences *[]SecretsStoreTokenRequestApplyConfiguration `json:"audiences,omitempty"` +} + +// ManagedTokenRequestsApplyConfiguration constructs a declarative configuration of the ManagedTokenRequests type for use with +// apply. +func ManagedTokenRequests() *ManagedTokenRequestsApplyConfiguration { + return &ManagedTokenRequestsApplyConfiguration{} +} + +func (b *ManagedTokenRequestsApplyConfiguration) ensureSecretsStoreTokenRequestApplyConfigurationExists() { + if b.Audiences == nil { + b.Audiences = &[]SecretsStoreTokenRequestApplyConfiguration{} + } +} + +// WithAudiences adds the given value to the Audiences field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Audiences field. +func (b *ManagedTokenRequestsApplyConfiguration) WithAudiences(values ...*SecretsStoreTokenRequestApplyConfiguration) *ManagedTokenRequestsApplyConfiguration { + b.ensureSecretsStoreTokenRequestApplyConfigurationExists() + for i := range values { + if values[i] == nil { + panic("nil value passed to WithAudiences") + } + *b.Audiences = append(*b.Audiences, *values[i]) + } + return b +} diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/nooverlayconfig.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/nooverlayconfig.go new file mode 100644 index 0000000000..0feb3009ea --- /dev/null +++ b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/nooverlayconfig.go @@ -0,0 +1,50 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +import ( + operatorv1 "github.com/openshift/api/operator/v1" +) + +// NoOverlayConfigApplyConfiguration represents a declarative configuration of the NoOverlayConfig type for use +// with apply. +// +// NoOverlayConfig contains configuration options for networks operating in no-overlay mode. +type NoOverlayConfigApplyConfiguration struct { + // outboundSNAT defines the SNAT behavior for outbound traffic from pods. + // Allowed values are "Enabled" and "Disabled". + // When set to "Enabled", SNAT is performed on outbound traffic from pods. + // When set to "Disabled", SNAT is not performed and pod IPs are preserved in outbound traffic. + // This field is required when the network operates in no-overlay mode. + // This field can be set to any value at installation time and can be changed afterwards. + OutboundSNAT *operatorv1.SNATOption `json:"outboundSNAT,omitempty"` + // routing specifies whether the pod network routing is managed by OVN-Kubernetes or users. + // Allowed values are "Managed" and "Unmanaged". + // When set to "Managed", OVN-Kubernetes manages the pod network routing configuration through BGP. + // When set to "Unmanaged", users are responsible for configuring the pod network routing. + // This field is required when the network operates in no-overlay mode. + // This field is immutable once set. + Routing *operatorv1.RoutingOption `json:"routing,omitempty"` +} + +// NoOverlayConfigApplyConfiguration constructs a declarative configuration of the NoOverlayConfig type for use with +// apply. +func NoOverlayConfig() *NoOverlayConfigApplyConfiguration { + return &NoOverlayConfigApplyConfiguration{} +} + +// WithOutboundSNAT sets the OutboundSNAT field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the OutboundSNAT field is set to the value of the last call. +func (b *NoOverlayConfigApplyConfiguration) WithOutboundSNAT(value operatorv1.SNATOption) *NoOverlayConfigApplyConfiguration { + b.OutboundSNAT = &value + return b +} + +// WithRouting sets the Routing field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Routing field is set to the value of the last call. +func (b *NoOverlayConfigApplyConfiguration) WithRouting(value operatorv1.RoutingOption) *NoOverlayConfigApplyConfiguration { + b.Routing = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/oauthapiserverstatus.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/oauthapiserverstatus.go index 381d4a7e7b..1ccbf802f2 100644 --- a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/oauthapiserverstatus.go +++ b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/oauthapiserverstatus.go @@ -8,6 +8,8 @@ type OAuthAPIServerStatusApplyConfiguration struct { // latestAvailableRevision is the latest revision used as suffix of revisioned // secrets like encryption-config. A new revision causes a new deployment of pods. LatestAvailableRevision *int32 `json:"latestAvailableRevision,omitempty"` + // encryptionStatus contains status reports for the KMS plugin health and its key rotation. + EncryptionStatus *KMSEncryptionStatusApplyConfiguration `json:"encryptionStatus,omitempty"` } // OAuthAPIServerStatusApplyConfiguration constructs a declarative configuration of the OAuthAPIServerStatus type for use with @@ -23,3 +25,11 @@ func (b *OAuthAPIServerStatusApplyConfiguration) WithLatestAvailableRevision(val b.LatestAvailableRevision = &value return b } + +// WithEncryptionStatus sets the EncryptionStatus field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the EncryptionStatus field is set to the value of the last call. +func (b *OAuthAPIServerStatusApplyConfiguration) WithEncryptionStatus(value *KMSEncryptionStatusApplyConfiguration) *OAuthAPIServerStatusApplyConfiguration { + b.EncryptionStatus = value + return b +} diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/openshiftapiserverstatus.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/openshiftapiserverstatus.go index 776701d546..3a68909d54 100644 --- a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/openshiftapiserverstatus.go +++ b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/openshiftapiserverstatus.go @@ -6,6 +6,8 @@ package v1 // with apply. type OpenShiftAPIServerStatusApplyConfiguration struct { OperatorStatusApplyConfiguration `json:",inline"` + // encryptionStatus contains status reports for the KMS plugin health and its key rotation. + EncryptionStatus *KMSEncryptionStatusApplyConfiguration `json:"encryptionStatus,omitempty"` } // OpenShiftAPIServerStatusApplyConfiguration constructs a declarative configuration of the OpenShiftAPIServerStatus type for use with @@ -71,3 +73,11 @@ func (b *OpenShiftAPIServerStatusApplyConfiguration) WithGenerations(values ...* } return b } + +// WithEncryptionStatus sets the EncryptionStatus field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the EncryptionStatus field is set to the value of the last call. +func (b *OpenShiftAPIServerStatusApplyConfiguration) WithEncryptionStatus(value *KMSEncryptionStatusApplyConfiguration) *OpenShiftAPIServerStatusApplyConfiguration { + b.EncryptionStatus = value + return b +} diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/ovnkubernetesconfig.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/ovnkubernetesconfig.go index 6a2d864421..ead45f83b5 100644 --- a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/ovnkubernetesconfig.go +++ b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/ovnkubernetesconfig.go @@ -62,6 +62,27 @@ type OVNKubernetesConfigApplyConfiguration struct { // reasonable defaults. These defaults are subject to change over time. The // current default is "Disabled". RouteAdvertisements *operatorv1.RouteAdvertisementsEnablement `json:"routeAdvertisements,omitempty"` + // transport sets the transport mode for pods on the default network. + // Allowed values are "NoOverlay" and "Geneve". + // "NoOverlay" avoids tunnel encapsulation, routing pod traffic directly between nodes. + // "Geneve" encapsulates pod traffic using Geneve tunnels between nodes. + // When omitted, this means the user has no opinion and the platform chooses + // a reasonable default which is subject to change over time. + // The current default is "Geneve". + // "NoOverlay" can only be set at installation time and cannot be changed afterwards. + // "Geneve" may be set explicitly at any time to lock in the current default. + Transport *operatorv1.TransportOption `json:"transport,omitempty"` + // noOverlayConfig contains configuration for no-overlay mode. + // This configuration applies to the default network only. + // It is required when transport is "NoOverlay". + // When omitted, this means the user does not configure no-overlay mode options. + NoOverlayConfig *NoOverlayConfigApplyConfiguration `json:"noOverlayConfig,omitempty"` + // bgpManagedConfig configures the BGP properties for networks (default network or CUDNs) + // in no-overlay mode that specify routing="Managed" in their noOverlayConfig. + // It is required when noOverlayConfig.routing is set to "Managed". + // When omitted, this means the user does not configure BGP for managed routing. + // This field can be set at installation time or on day 2, and can be modified at any time. + BGPManagedConfig *BGPManagedConfigApplyConfiguration `json:"bgpManagedConfig,omitempty"` } // OVNKubernetesConfigApplyConfiguration constructs a declarative configuration of the OVNKubernetesConfig type for use with @@ -165,3 +186,27 @@ func (b *OVNKubernetesConfigApplyConfiguration) WithRouteAdvertisements(value op b.RouteAdvertisements = &value return b } + +// WithTransport sets the Transport field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Transport field is set to the value of the last call. +func (b *OVNKubernetesConfigApplyConfiguration) WithTransport(value operatorv1.TransportOption) *OVNKubernetesConfigApplyConfiguration { + b.Transport = &value + return b +} + +// WithNoOverlayConfig sets the NoOverlayConfig field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the NoOverlayConfig field is set to the value of the last call. +func (b *OVNKubernetesConfigApplyConfiguration) WithNoOverlayConfig(value *NoOverlayConfigApplyConfiguration) *OVNKubernetesConfigApplyConfiguration { + b.NoOverlayConfig = value + return b +} + +// WithBGPManagedConfig sets the BGPManagedConfig field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the BGPManagedConfig field is set to the value of the last call. +func (b *OVNKubernetesConfigApplyConfiguration) WithBGPManagedConfig(value *BGPManagedConfigApplyConfiguration) *OVNKubernetesConfigApplyConfiguration { + b.BGPManagedConfig = value + return b +} diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/secretsstorecsidriverconfigspec.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/secretsstorecsidriverconfigspec.go new file mode 100644 index 0000000000..145aa90709 --- /dev/null +++ b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/secretsstorecsidriverconfigspec.go @@ -0,0 +1,40 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +// SecretsStoreCSIDriverConfigSpecApplyConfiguration represents a declarative configuration of the SecretsStoreCSIDriverConfigSpec type for use +// with apply. +// +// SecretsStoreCSIDriverConfigSpec defines properties that can be configured for the Secrets Store CSI driver. +type SecretsStoreCSIDriverConfigSpecApplyConfiguration struct { + // secretRotation controls automatic secret rotation behavior. + // When omitted, secret rotation is enabled with a default poll interval of 2 minutes. + SecretRotation *SecretsStoreSecretRotationApplyConfiguration `json:"secretRotation,omitempty"` + // tokenRequests controls service account token configuration for + // workload identity federation (WIF) with cloud providers. + // When omitted, the operator preserves any existing tokenRequests + // already configured on the CSIDriver object without modification. + TokenRequests *SecretsStoreTokenRequestsApplyConfiguration `json:"tokenRequests,omitempty"` +} + +// SecretsStoreCSIDriverConfigSpecApplyConfiguration constructs a declarative configuration of the SecretsStoreCSIDriverConfigSpec type for use with +// apply. +func SecretsStoreCSIDriverConfigSpec() *SecretsStoreCSIDriverConfigSpecApplyConfiguration { + return &SecretsStoreCSIDriverConfigSpecApplyConfiguration{} +} + +// WithSecretRotation sets the SecretRotation field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the SecretRotation field is set to the value of the last call. +func (b *SecretsStoreCSIDriverConfigSpecApplyConfiguration) WithSecretRotation(value *SecretsStoreSecretRotationApplyConfiguration) *SecretsStoreCSIDriverConfigSpecApplyConfiguration { + b.SecretRotation = value + return b +} + +// WithTokenRequests sets the TokenRequests field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the TokenRequests field is set to the value of the last call. +func (b *SecretsStoreCSIDriverConfigSpecApplyConfiguration) WithTokenRequests(value *SecretsStoreTokenRequestsApplyConfiguration) *SecretsStoreCSIDriverConfigSpecApplyConfiguration { + b.TokenRequests = value + return b +} diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/secretsstoresecretrotation.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/secretsstoresecretrotation.go new file mode 100644 index 0000000000..0624fe9c67 --- /dev/null +++ b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/secretsstoresecretrotation.go @@ -0,0 +1,46 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +import ( + operatorv1 "github.com/openshift/api/operator/v1" +) + +// SecretsStoreSecretRotationApplyConfiguration represents a declarative configuration of the SecretsStoreSecretRotation type for use +// with apply. +// +// SecretsStoreSecretRotation configures the automatic secret rotation behavior +// for the Secrets Store CSI driver. +type SecretsStoreSecretRotationApplyConfiguration struct { + // type determines the secret rotation behavior. + // When "None", secret rotation is disabled and secrets are only fetched at + // initial pod mount time. + // When "Custom", secret rotation is enabled with the configuration specified + // in the custom field. + Type *operatorv1.SecretRotationType `json:"type,omitempty"` + // custom holds the custom rotation configuration. + // Only valid when type is "Custom". + Custom *CustomSecretRotationApplyConfiguration `json:"custom,omitempty"` +} + +// SecretsStoreSecretRotationApplyConfiguration constructs a declarative configuration of the SecretsStoreSecretRotation type for use with +// apply. +func SecretsStoreSecretRotation() *SecretsStoreSecretRotationApplyConfiguration { + return &SecretsStoreSecretRotationApplyConfiguration{} +} + +// WithType sets the Type field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Type field is set to the value of the last call. +func (b *SecretsStoreSecretRotationApplyConfiguration) WithType(value operatorv1.SecretRotationType) *SecretsStoreSecretRotationApplyConfiguration { + b.Type = &value + return b +} + +// WithCustom sets the Custom field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Custom field is set to the value of the last call. +func (b *SecretsStoreSecretRotationApplyConfiguration) WithCustom(value *CustomSecretRotationApplyConfiguration) *SecretsStoreSecretRotationApplyConfiguration { + b.Custom = value + return b +} diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/secretsstoretokenrequest.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/secretsstoretokenrequest.go new file mode 100644 index 0000000000..b8eb7597f7 --- /dev/null +++ b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/secretsstoretokenrequest.go @@ -0,0 +1,41 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +// SecretsStoreTokenRequestApplyConfiguration represents a declarative configuration of the SecretsStoreTokenRequest type for use +// with apply. +// +// SecretsStoreTokenRequest specifies a service account token audience configuration +// for workload identity federation (WIF) with the Secrets Store CSI driver. +type SecretsStoreTokenRequestApplyConfiguration struct { + // audience is the intended audience of the service account token. + // An empty string means the issued token will use the kube-apiserver's default APIAudiences. + Audience *string `json:"audience,omitempty"` + // expirationSeconds is the requested duration of validity of the service account token. + // The token issuer may return a token with a different validity duration. + // When omitted, the token expiration is determined by the kube-apiserver. + // Must be at least 600 seconds (10 minutes) and no more than 315360000 seconds (~10 years). + ExpirationSeconds *int32 `json:"expirationSeconds,omitempty"` +} + +// SecretsStoreTokenRequestApplyConfiguration constructs a declarative configuration of the SecretsStoreTokenRequest type for use with +// apply. +func SecretsStoreTokenRequest() *SecretsStoreTokenRequestApplyConfiguration { + return &SecretsStoreTokenRequestApplyConfiguration{} +} + +// WithAudience sets the Audience field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Audience field is set to the value of the last call. +func (b *SecretsStoreTokenRequestApplyConfiguration) WithAudience(value string) *SecretsStoreTokenRequestApplyConfiguration { + b.Audience = &value + return b +} + +// WithExpirationSeconds sets the ExpirationSeconds field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the ExpirationSeconds field is set to the value of the last call. +func (b *SecretsStoreTokenRequestApplyConfiguration) WithExpirationSeconds(value int32) *SecretsStoreTokenRequestApplyConfiguration { + b.ExpirationSeconds = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/secretsstoretokenrequests.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/secretsstoretokenrequests.go new file mode 100644 index 0000000000..ea9ac415de --- /dev/null +++ b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/secretsstoretokenrequests.go @@ -0,0 +1,47 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +import ( + operatorv1 "github.com/openshift/api/operator/v1" +) + +// SecretsStoreTokenRequestsApplyConfiguration represents a declarative configuration of the SecretsStoreTokenRequests type for use +// with apply. +// +// SecretsStoreTokenRequests configures how service account tokens are +// provided to the Secrets Store CSI driver for workload identity federation. +type SecretsStoreTokenRequestsApplyConfiguration struct { + // type determines how the operator manages tokenRequests on the CSIDriver object. + // When "Unmanaged", existing tokenRequests on the CSIDriver are preserved + // and the managed field is not used. + // When "Managed", the operator sets tokenRequests from the audiences + // specified in the managed field, replacing any previously configured values. + // Once set to "Managed", type cannot be reverted back to "Unmanaged". + Type *operatorv1.TokenRequestsType `json:"type,omitempty"` + // managed holds configuration for operator-managed tokenRequests. + // Only valid when type is "Managed". + Managed *ManagedTokenRequestsApplyConfiguration `json:"managed,omitempty"` +} + +// SecretsStoreTokenRequestsApplyConfiguration constructs a declarative configuration of the SecretsStoreTokenRequests type for use with +// apply. +func SecretsStoreTokenRequests() *SecretsStoreTokenRequestsApplyConfiguration { + return &SecretsStoreTokenRequestsApplyConfiguration{} +} + +// WithType sets the Type field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Type field is set to the value of the last call. +func (b *SecretsStoreTokenRequestsApplyConfiguration) WithType(value operatorv1.TokenRequestsType) *SecretsStoreTokenRequestsApplyConfiguration { + b.Type = &value + return b +} + +// WithManaged sets the Managed field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Managed field is set to the value of the last call. +func (b *SecretsStoreTokenRequestsApplyConfiguration) WithManaged(value *ManagedTokenRequestsApplyConfiguration) *SecretsStoreTokenRequestsApplyConfiguration { + b.Managed = value + return b +} diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1alpha1/clusterapiinstallercomponent.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1alpha1/clusterapiinstallercomponent.go index 1de725d88e..17044ff5cf 100644 --- a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1alpha1/clusterapiinstallercomponent.go +++ b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1alpha1/clusterapiinstallercomponent.go @@ -11,13 +11,12 @@ import ( // // ClusterAPIInstallerComponent defines a component which will be installed by this revision. type ClusterAPIInstallerComponentApplyConfiguration struct { - // type is the source type of the component. - // The only valid value is Image. - // When set to Image, the image field must be set and will define an image source for the component. - Type *operatorv1alpha1.InstallerComponentType `json:"type,omitempty"` - // image defines an image source for a component. The image must contain a - // /capi-operator-installer directory containing the component manifests. - Image *ClusterAPIInstallerComponentImageApplyConfiguration `json:"image,omitempty"` + // name is the human-readable name of the component. The value has no + // effect, and will not be set if the component does not define a name in + // its manifests. If set it must consist of alphanumeric characters, or + // '-', and may not exceed 255 characters. + Name *string `json:"name,omitempty"` + ClusterAPIInstallerComponentSourceApplyConfiguration `json:",inline"` } // ClusterAPIInstallerComponentApplyConfiguration constructs a declarative configuration of the ClusterAPIInstallerComponent type for use with @@ -26,11 +25,19 @@ func ClusterAPIInstallerComponent() *ClusterAPIInstallerComponentApplyConfigurat return &ClusterAPIInstallerComponentApplyConfiguration{} } +// WithName sets the Name field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Name field is set to the value of the last call. +func (b *ClusterAPIInstallerComponentApplyConfiguration) WithName(value string) *ClusterAPIInstallerComponentApplyConfiguration { + b.Name = &value + return b +} + // WithType sets the Type field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the Type field is set to the value of the last call. func (b *ClusterAPIInstallerComponentApplyConfiguration) WithType(value operatorv1alpha1.InstallerComponentType) *ClusterAPIInstallerComponentApplyConfiguration { - b.Type = &value + b.ClusterAPIInstallerComponentSourceApplyConfiguration.Type = &value return b } @@ -38,6 +45,6 @@ func (b *ClusterAPIInstallerComponentApplyConfiguration) WithType(value operator // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the Image field is set to the value of the last call. func (b *ClusterAPIInstallerComponentApplyConfiguration) WithImage(value *ClusterAPIInstallerComponentImageApplyConfiguration) *ClusterAPIInstallerComponentApplyConfiguration { - b.Image = value + b.ClusterAPIInstallerComponentSourceApplyConfiguration.Image = value return b } diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1alpha1/clusterapiinstallercomponentsource.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1alpha1/clusterapiinstallercomponentsource.go new file mode 100644 index 0000000000..03f0ac94ee --- /dev/null +++ b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1alpha1/clusterapiinstallercomponentsource.go @@ -0,0 +1,43 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + operatorv1alpha1 "github.com/openshift/api/operator/v1alpha1" +) + +// ClusterAPIInstallerComponentSourceApplyConfiguration represents a declarative configuration of the ClusterAPIInstallerComponentSource type for use +// with apply. +// +// ClusterAPIInstallerComponentSource defines the source of a component which will be installed by this revision. +type ClusterAPIInstallerComponentSourceApplyConfiguration struct { + // type is the source type of the component. + // The only valid value is Image. + // When set to Image, the image field must be set and will define an image source for the component. + Type *operatorv1alpha1.InstallerComponentType `json:"type,omitempty"` + // image defines an image source for a component. The image must contain a + // /capi-operator-installer directory containing the component manifests. + Image *ClusterAPIInstallerComponentImageApplyConfiguration `json:"image,omitempty"` +} + +// ClusterAPIInstallerComponentSourceApplyConfiguration constructs a declarative configuration of the ClusterAPIInstallerComponentSource type for use with +// apply. +func ClusterAPIInstallerComponentSource() *ClusterAPIInstallerComponentSourceApplyConfiguration { + return &ClusterAPIInstallerComponentSourceApplyConfiguration{} +} + +// WithType sets the Type field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Type field is set to the value of the last call. +func (b *ClusterAPIInstallerComponentSourceApplyConfiguration) WithType(value operatorv1alpha1.InstallerComponentType) *ClusterAPIInstallerComponentSourceApplyConfiguration { + b.Type = &value + return b +} + +// WithImage sets the Image field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Image field is set to the value of the last call. +func (b *ClusterAPIInstallerComponentSourceApplyConfiguration) WithImage(value *ClusterAPIInstallerComponentImageApplyConfiguration) *ClusterAPIInstallerComponentSourceApplyConfiguration { + b.Image = value + return b +} diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1alpha1/clusterapiinstallerrevision.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1alpha1/clusterapiinstallerrevision.go index fbd3687f68..1206e0825c 100644 --- a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1alpha1/clusterapiinstallerrevision.go +++ b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1alpha1/clusterapiinstallerrevision.go @@ -21,6 +21,11 @@ type ClusterAPIInstallerRevisionApplyConfiguration struct { // revision, but which should not be installed or updated. If not set, all // CRDs in the revision will be managed by the CAPI operator. UnmanagedCustomResourceDefinitions []string `json:"unmanagedCustomResourceDefinitions,omitempty"` + // manifestSubstitutions is a list of envsubst style substitutions which + // will be applied to manifests in the revision during rendering. If + // defined it must not be empty, and may not contain more than 32 items. + // Each manifest substitution must have a unique key. + ManifestSubstitutions []ClusterAPIInstallerRevisionManifestSubstitutionApplyConfiguration `json:"manifestSubstitutions,omitempty"` // components is a list of components which will be installed by this // revision. Components will be installed in the order they are listed. If // omitted no components will be installed. @@ -69,6 +74,19 @@ func (b *ClusterAPIInstallerRevisionApplyConfiguration) WithUnmanagedCustomResou return b } +// WithManifestSubstitutions adds the given value to the ManifestSubstitutions field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the ManifestSubstitutions field. +func (b *ClusterAPIInstallerRevisionApplyConfiguration) WithManifestSubstitutions(values ...*ClusterAPIInstallerRevisionManifestSubstitutionApplyConfiguration) *ClusterAPIInstallerRevisionApplyConfiguration { + for i := range values { + if values[i] == nil { + panic("nil value passed to WithManifestSubstitutions") + } + b.ManifestSubstitutions = append(b.ManifestSubstitutions, *values[i]) + } + return b +} + // WithComponents adds the given value to the Components field in the declarative configuration // and returns the receiver, so that objects can be build by chaining "With" function invocations. // If called multiple times, values provided by each call will be appended to the Components field. diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1alpha1/clusterapiinstallerrevisionmanifestsubstitution.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1alpha1/clusterapiinstallerrevisionmanifestsubstitution.go new file mode 100644 index 0000000000..1731b5cb3b --- /dev/null +++ b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1alpha1/clusterapiinstallerrevisionmanifestsubstitution.go @@ -0,0 +1,43 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// ClusterAPIInstallerRevisionManifestSubstitutionApplyConfiguration represents a declarative configuration of the ClusterAPIInstallerRevisionManifestSubstitution type for use +// with apply. +// +// ClusterAPIInstallerRevisionManifestSubstitution defines an envsubst style +// substitution which will be applied to manifests in a revision during +// rendering. +type ClusterAPIInstallerRevisionManifestSubstitutionApplyConfiguration struct { + // key is the name of the envsubst variable to substitute. It must be a + // valid envsubst variable name, consisting of letters, digits, and + // underscores, and must start with a letter or underscore. The key must + // not be empty, and must not exceed 255 characters. + Key *string `json:"key,omitempty"` + // value is the value to substitute for the envsubst variable. It may be + // empty, in which case the variable will be substituted with an empty + // string. The value must not exceed 4096 characters. + Value *string `json:"value,omitempty"` +} + +// ClusterAPIInstallerRevisionManifestSubstitutionApplyConfiguration constructs a declarative configuration of the ClusterAPIInstallerRevisionManifestSubstitution type for use with +// apply. +func ClusterAPIInstallerRevisionManifestSubstitution() *ClusterAPIInstallerRevisionManifestSubstitutionApplyConfiguration { + return &ClusterAPIInstallerRevisionManifestSubstitutionApplyConfiguration{} +} + +// WithKey sets the Key field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Key field is set to the value of the last call. +func (b *ClusterAPIInstallerRevisionManifestSubstitutionApplyConfiguration) WithKey(value string) *ClusterAPIInstallerRevisionManifestSubstitutionApplyConfiguration { + b.Key = &value + return b +} + +// WithValue sets the Value field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Value field is set to the value of the last call. +func (b *ClusterAPIInstallerRevisionManifestSubstitutionApplyConfiguration) WithValue(value string) *ClusterAPIInstallerRevisionManifestSubstitutionApplyConfiguration { + b.Value = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1alpha1/clusterapistatus.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1alpha1/clusterapistatus.go index a684c0a6ce..300921f5bd 100644 --- a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1alpha1/clusterapistatus.go +++ b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1alpha1/clusterapistatus.go @@ -30,6 +30,9 @@ type ClusterAPIStatusApplyConfiguration struct { // When adding a revision, the revision number must be greater than the highest revision number in the list. // Revisions are immutable, although they can be deleted. Revisions []ClusterAPIInstallerRevisionApplyConfiguration `json:"revisions,omitempty"` + // observedRevisionGeneration is the generation of the ClusterAPI object that was last observed by the revision controller. + // If specified it must be greater than or equal to 1, and less than 2^53. It may not decrease or be unset once set. + ObservedRevisionGeneration *int64 `json:"observedRevisionGeneration,omitempty"` } // ClusterAPIStatusApplyConfiguration constructs a declarative configuration of the ClusterAPIStatus type for use with @@ -66,3 +69,11 @@ func (b *ClusterAPIStatusApplyConfiguration) WithRevisions(values ...*ClusterAPI } return b } + +// WithObservedRevisionGeneration sets the ObservedRevisionGeneration field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the ObservedRevisionGeneration field is set to the value of the last call. +func (b *ClusterAPIStatusApplyConfiguration) WithObservedRevisionGeneration(value int64) *ClusterAPIStatusApplyConfiguration { + b.ObservedRevisionGeneration = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/utils.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/utils.go index 3d08f40d09..cd03dd84d0 100644 --- a/vendor/github.com/openshift/client-go/operator/applyconfigurations/utils.go +++ b/vendor/github.com/openshift/client-go/operator/applyconfigurations/utils.go @@ -50,6 +50,8 @@ func ForKind(kind schema.GroupVersionKind) interface{} { return &operatorv1.AzureCSIDriverConfigSpecApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("AzureDiskEncryptionSet"): return &operatorv1.AzureDiskEncryptionSetApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("BGPManagedConfig"): + return &operatorv1.BGPManagedConfigApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("BootImageSkewEnforcementConfig"): return &operatorv1.BootImageSkewEnforcementConfigApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("BootImageSkewEnforcementStatus"): @@ -108,6 +110,8 @@ func ForKind(kind schema.GroupVersionKind) interface{} { return &operatorv1.CSISnapshotControllerSpecApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("CSISnapshotControllerStatus"): return &operatorv1.CSISnapshotControllerStatusApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("CustomSecretRotation"): + return &operatorv1.CustomSecretRotationApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("DefaultNetworkDefinition"): return &operatorv1.DefaultNetworkDefinitionApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("DeveloperConsoleCatalogCategory"): @@ -234,6 +238,10 @@ func ForKind(kind schema.GroupVersionKind) interface{} { return &operatorv1.IPv6OVNKubernetesConfigApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("IrreconcilableValidationOverrides"): return &operatorv1.IrreconcilableValidationOverridesApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("KMSEncryptionStatus"): + return &operatorv1.KMSEncryptionStatusApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("KMSPluginHealthReport"): + return &operatorv1.KMSPluginHealthReportApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("KubeAPIServer"): return &operatorv1.KubeAPIServerApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("KubeAPIServerSpec"): @@ -276,6 +284,8 @@ func ForKind(kind schema.GroupVersionKind) interface{} { return &operatorv1.MachineManagerSelectorApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("ManagedBootImages"): return &operatorv1.ManagedBootImagesApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("ManagedTokenRequests"): + return &operatorv1.ManagedTokenRequestsApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("MTUMigration"): return &operatorv1.MTUMigrationApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("MTUMigrationValues"): @@ -318,6 +328,8 @@ func ForKind(kind schema.GroupVersionKind) interface{} { return &operatorv1.NodePortStrategyApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("NodeStatus"): return &operatorv1.NodeStatusApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("NoOverlayConfig"): + return &operatorv1.NoOverlayConfigApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("OAuthAPIServerStatus"): return &operatorv1.OAuthAPIServerStatusApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("OLM"): @@ -378,6 +390,14 @@ func ForKind(kind schema.GroupVersionKind) interface{} { return &operatorv1.RestartServiceApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("RouteAdmissionPolicy"): return &operatorv1.RouteAdmissionPolicyApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("SecretsStoreCSIDriverConfigSpec"): + return &operatorv1.SecretsStoreCSIDriverConfigSpecApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("SecretsStoreSecretRotation"): + return &operatorv1.SecretsStoreSecretRotationApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("SecretsStoreTokenRequest"): + return &operatorv1.SecretsStoreTokenRequestApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("SecretsStoreTokenRequests"): + return &operatorv1.SecretsStoreTokenRequestsApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("Server"): return &operatorv1.ServerApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("ServiceAccountIssuerStatus"): @@ -444,8 +464,12 @@ func ForKind(kind schema.GroupVersionKind) interface{} { return &operatorv1alpha1.ClusterAPIInstallerComponentApplyConfiguration{} case v1alpha1.SchemeGroupVersion.WithKind("ClusterAPIInstallerComponentImage"): return &operatorv1alpha1.ClusterAPIInstallerComponentImageApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("ClusterAPIInstallerComponentSource"): + return &operatorv1alpha1.ClusterAPIInstallerComponentSourceApplyConfiguration{} case v1alpha1.SchemeGroupVersion.WithKind("ClusterAPIInstallerRevision"): return &operatorv1alpha1.ClusterAPIInstallerRevisionApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("ClusterAPIInstallerRevisionManifestSubstitution"): + return &operatorv1alpha1.ClusterAPIInstallerRevisionManifestSubstitutionApplyConfiguration{} case v1alpha1.SchemeGroupVersion.WithKind("ClusterAPISpec"): return &operatorv1alpha1.ClusterAPISpecApplyConfiguration{} case v1alpha1.SchemeGroupVersion.WithKind("ClusterAPIStatus"): diff --git a/vendor/github.com/openshift/client-go/security/applyconfigurations/security/v1/securitycontextconstraints.go b/vendor/github.com/openshift/client-go/security/applyconfigurations/security/v1/securitycontextconstraints.go index d2e392506f..b5bd21b51f 100644 --- a/vendor/github.com/openshift/client-go/security/applyconfigurations/security/v1/securitycontextconstraints.go +++ b/vendor/github.com/openshift/client-go/security/applyconfigurations/security/v1/securitycontextconstraints.go @@ -38,7 +38,7 @@ type SecurityContextConstraintsApplyConfiguration struct { // allowPrivilegedContainer determines if a container can request to be run as privileged. AllowPrivilegedContainer *bool `json:"allowPrivilegedContainer,omitempty"` // defaultAddCapabilities is the default set of capabilities that will be added to the container - // unless the pod spec specifically drops the capability. You may not list a capabiility in both + // unless the pod spec specifically drops the capability. You may not list a capability in both // DefaultAddCapabilities and RequiredDropCapabilities. DefaultAddCapabilities []corev1.Capability `json:"defaultAddCapabilities,omitempty"` // requiredDropCapabilities are the capabilities that will be dropped from the container. These @@ -99,7 +99,7 @@ type SecurityContextConstraintsApplyConfiguration struct { Groups []string `json:"groups,omitempty"` // seccompProfiles lists the allowed profiles that may be set for the pod or // container's seccomp annotations. An unset (nil) or empty value means that no profiles may - // be specifid by the pod or container. The wildcard '*' may be used to allow all profiles. When + // be specified by the pod or container. The wildcard '*' may be used to allow all profiles. When // used to generate a value for a pod the first non-wildcard profile will be used as // the default. SeccompProfiles []string `json:"seccompProfiles,omitempty"` diff --git a/vendor/k8s.io/kube-openapi/pkg/internal/serialization.go b/vendor/k8s.io/kube-openapi/pkg/internal/serialization.go index 7393bacf70..5d8ee9aa41 100644 --- a/vendor/k8s.io/kube-openapi/pkg/internal/serialization.go +++ b/vendor/k8s.io/kube-openapi/pkg/internal/serialization.go @@ -24,7 +24,7 @@ import ( // DeterministicMarshal calls the jsonv2 library with the deterministic // flag in order to have stable marshaling. func DeterministicMarshal(in any) ([]byte, error) { - return jsonv2.MarshalOptions{Deterministic: true}.Marshal(jsonv2.EncodeOptions{}, in) + return jsonv2.Marshal(in, jsonv2.Deterministic(true)) } // JSONRefFromMap populates a json reference object if the map v contains a $ref key. diff --git a/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/README.md b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/README.md index 0349adf69d..937c398005 100644 --- a/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/README.md +++ b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/README.md @@ -7,17 +7,24 @@ This module hosts an experimental implementation of v2 `encoding/json`. The API is unstable and breaking changes will regularly be made. Do not depend on this in publicly available modules. +Any commits that make breaking API or behavior changes will be marked +with the string "WARNING: " near the top of the commit message. +It is your responsibility to inspect the list of commit changes +when upgrading the module. Not all breaking changes will lead to build failures. + +A [proposal to include this module in Go as `encoding/json/v2` and `encoding/json/jsontext`](https://github.com/golang/go/issues/71497) has been started on the Go Github project on 2025-01-30. Please provide your feedback there. + ## Goals and objectives * **Mostly backwards compatible:** If possible, v2 should aim to be _mostly_ compatible with v1 in terms of both API and default behavior to ease migration. For example, the `Marshal` and `Unmarshal` functions are the most widely used declarations in the v1 package. It seems sensible for equivalent functionality -in v2 to be named the same and have the same signature. +in v2 to be named the same and have a mostly compatible signature. Behaviorally, we should aim for 95% to 99% backwards compatibility. We do not aim for 100% compatibility since we want the freedom to break certain behaviors that are now considered to have been a mistake. -We may provide options that can bring the v2 implementation to 100% compatibility, +Options exist that can bring the v2 implementation to 100% compatibility, but it will not be the default. * **More flexible:** There is a @@ -96,26 +103,32 @@ Syntax deals with the structural representation of JSON (as specified in Semantics deals with the meaning of syntactic data as usable application data. The `Encoder` and `Decoder` types are streaming tokenizers concerned with the -packing or parsing of JSON data. They operate on `Token` and `RawValue` types +packing or parsing of JSON data. They operate on `Token` and `Value` types which represent the common data structures that are representable in JSON. `Encoder` and `Decoder` do not aim to provide any interpretation of the data. -Functions like `Marshal`, `MarshalFull`, `MarshalNext`, `Unmarshal`, -`UnmarshalFull`, and `UnmarshalNext` provide semantic meaning by correlating +Functions like `Marshal`, `MarshalWrite`, `MarshalEncode`, `Unmarshal`, +`UnmarshalRead`, and `UnmarshalDecode` provide semantic meaning by correlating any arbitrary Go type with some JSON representation of that type (as stored in data types like `[]byte`, `io.Writer`, `io.Reader`, `Encoder`, or `Decoder`). ![API overview](api.png) -This diagram provides a high-level overview of the v2 `json` package. +This diagram provides a high-level overview of the v2 `json` and `jsontext` packages. Purple blocks represent types, while blue blocks represent functions or methods. The arrows and their direction represent the approximate flow of data. The bottom half of the diagram contains functionality that is only concerned -with syntax, while the upper half contains functionality that assigns -semantic meaning to syntactic data handled by the bottom half. +with syntax (implemented by the `jsontext` package), +while the upper half contains functionality that assigns +semantic meaning to syntactic data handled by the bottom half +(as implemented by the v2 `json` package). In contrast to v1 `encoding/json`, options are represented as separate types rather than being setter methods on the `Encoder` or `Decoder` types. +Some options affects JSON serialization at the syntactic layer, +while others affect it at the semantic layer. +Some options only affect JSON when decoding, +while others affect JSON while encoding. ## Behavior changes @@ -128,194 +141,35 @@ This table shows an overview of the changes: | v1 | v2 | Details | | -- | -- | ------- | -| JSON object members are unmarshaled into a Go struct using a **case-insensitive name match**. | JSON object members are unmarshaled into a Go struct using a **case-sensitive name match**. | [CaseSensitivity](/diff_test.go#:~:text=TestCaseSensitivity) | -| When marshaling a Go struct, a struct field marked as `omitempty` is omitted if **the field value is an empty Go value**, which is defined as false, 0, a nil pointer, a nil interface value, and any empty array, slice, map, or string. | When marshaling a Go struct, a struct field marked as `omitempty` is omitted if **the field value would encode as an empty JSON value**, which is defined as a JSON null, or an empty JSON string, object, or array. | [OmitEmptyOption](/diff_test.go#:~:text=TestOmitEmptyOption) | -| The `string` option **does affect** Go bools. | The `string` option **does not affect** Go bools. | [StringOption](/diff_test.go#:~:text=TestStringOption) | -| The `string` option **does not recursively affect** sub-values of the Go field value. | The `string` option **does recursively affect** sub-values of the Go field value. | [StringOption](/diff_test.go#:~:text=TestStringOption) | -| The `string` option **sometimes accepts** a JSON null escaped within a JSON string. | The `string` option **never accepts** a JSON null escaped within a JSON string. | [StringOption](/diff_test.go#:~:text=TestStringOption) | -| A nil Go slice is marshaled as a **JSON null**. | A nil Go slice is marshaled as an **empty JSON array**. | [NilSlicesAndMaps](/diff_test.go#:~:text=TestNilSlicesAndMaps) | -| A nil Go map is marshaled as a **JSON null**. | A nil Go map is marshaled as an **empty JSON object**. | [NilSlicesAndMaps](/diff_test.go#:~:text=TestNilSlicesAndMaps) | -| A Go array may be unmarshaled from a **JSON array of any length**. | A Go array must be unmarshaled from a **JSON array of the same length**. | [Arrays](/diff_test.go#:~:text=Arrays) | -| A Go byte array is represented as a **JSON array of JSON numbers**. | A Go byte array is represented as a **Base64-encoded JSON string**. | [ByteArrays](/diff_test.go#:~:text=TestByteArrays) | -| `MarshalJSON` and `UnmarshalJSON` methods declared on a pointer receiver are **inconsistently called**. | `MarshalJSON` and `UnmarshalJSON` methods declared on a pointer receiver are **consistently called**. | [PointerReceiver](/diff_test.go#:~:text=TestPointerReceiver) | -| A Go map is marshaled in a **deterministic order**. | A Go map is marshaled in a **non-deterministic order**. | [MapDeterminism](/diff_test.go#:~:text=TestMapDeterminism) | -| JSON strings are encoded **with HTML-specific characters being escaped**. | JSON strings are encoded **without any characters being escaped** (unless necessary). | [EscapeHTML](/diff_test.go#:~:text=TestEscapeHTML) | -| When marshaling, invalid UTF-8 within a Go string **are silently replaced**. | When marshaling, invalid UTF-8 within a Go string **results in an error**. | [InvalidUTF8](/diff_test.go#:~:text=TestInvalidUTF8) | -| When unmarshaling, invalid UTF-8 within a JSON string **are silently replaced**. | When unmarshaling, invalid UTF-8 within a JSON string **results in an error**. | [InvalidUTF8](/diff_test.go#:~:text=TestInvalidUTF8) | -| When marshaling, **an error does not occur** if the output JSON value contains objects with duplicate names. | When marshaling, **an error does occur** if the output JSON value contains objects with duplicate names. | [DuplicateNames](/diff_test.go#:~:text=TestDuplicateNames) | -| When unmarshaling, **an error does not occur** if the input JSON value contains objects with duplicate names. | When unmarshaling, **an error does occur** if the input JSON value contains objects with duplicate names. | [DuplicateNames](/diff_test.go#:~:text=TestDuplicateNames) | -| Unmarshaling a JSON null into a non-empty Go value **inconsistently clears the value or does nothing**. | Unmarshaling a JSON null into a non-empty Go value **always clears the value**. | [MergeNull](/diff_test.go#:~:text=TestMergeNull) | -| Unmarshaling a JSON value into a non-empty Go value **follows inconsistent and bizarre behavior**. | Unmarshaling a JSON value into a non-empty Go value **always merges if the input is an object, and otherwise replaces**. | [MergeComposite](/diff_test.go#:~:text=TestMergeComposite) | -| A `time.Duration` is represented as a **JSON number containing the decimal number of nanoseconds**. | A `time.Duration` is represented as a **JSON string containing the formatted duration (e.g., "1h2m3.456s")**. | [TimeDurations](/diff_test.go#:~:text=TestTimeDurations) | -| Unmarshaling a JSON number into a Go float beyond its representation **results in an error**. | Unmarshaling a JSON number into a Go float beyond its representation **uses the closest representable value (e.g., ±`math.MaxFloat`)**. | [MaxFloats](/diff_test.go#:~:text=TestMaxFloats) | -| A Go struct with only unexported fields **can be serialized**. | A Go struct with only unexported fields **cannot be serialized**. | [EmptyStructs](/diff_test.go#:~:text=TestEmptyStructs) | -| A Go struct that embeds an unexported struct type **can sometimes be serialized**. | A Go struct that embeds an unexported struct type **cannot be serialized**. | [EmbedUnexported](/diff_test.go#:~:text=TestEmbedUnexported) | - -See [diff_test.go](/diff_test.go) for details about every change. +| JSON object members are unmarshaled into a Go struct using a **case-insensitive name match**. | JSON object members are unmarshaled into a Go struct using a **case-sensitive name match**. | [CaseSensitivity](/v1/diff_test.go#:~:text=TestCaseSensitivity) | +| When marshaling a Go struct, a struct field marked as `omitempty` is omitted if **the field value is an empty Go value**, which is defined as false, 0, a nil pointer, a nil interface value, and any empty array, slice, map, or string. | When marshaling a Go struct, a struct field marked as `omitempty` is omitted if **the field value would encode as an empty JSON value**, which is defined as a JSON null, or an empty JSON string, object, or array. | [OmitEmptyOption](/v1/diff_test.go#:~:text=TestOmitEmptyOption) | +| The `string` option **does affect** Go strings and bools. | The `string` option **does not affect** Go strings or bools. | [StringOption](/v1/diff_test.go#:~:text=TestStringOption) | +| The `string` option **does not recursively affect** sub-values of the Go field value. | The `string` option **does recursively affect** sub-values of the Go field value. | [StringOption](/v1/diff_test.go#:~:text=TestStringOption) | +| The `string` option **sometimes accepts** a JSON null escaped within a JSON string. | The `string` option **never accepts** a JSON null escaped within a JSON string. | [StringOption](/v1/diff_test.go#:~:text=TestStringOption) | +| A nil Go slice is marshaled as a **JSON null**. | A nil Go slice is marshaled as an **empty JSON array**. | [NilSlicesAndMaps](/v1/diff_test.go#:~:text=TestNilSlicesAndMaps) | +| A nil Go map is marshaled as a **JSON null**. | A nil Go map is marshaled as an **empty JSON object**. | [NilSlicesAndMaps](/v1/diff_test.go#:~:text=TestNilSlicesAndMaps) | +| A Go array may be unmarshaled from a **JSON array of any length**. | A Go array must be unmarshaled from a **JSON array of the same length**. | [Arrays](/v1/diff_test.go#:~:text=Arrays) | +| A Go byte array is represented as a **JSON array of JSON numbers**. | A Go byte array is represented as a **Base64-encoded JSON string**. | [ByteArrays](/v1/diff_test.go#:~:text=TestByteArrays) | +| `MarshalJSON` and `UnmarshalJSON` methods declared on a pointer receiver are **inconsistently called**. | `MarshalJSON` and `UnmarshalJSON` methods declared on a pointer receiver are **consistently called**. | [PointerReceiver](/v1/diff_test.go#:~:text=TestPointerReceiver) | +| A Go map is marshaled in a **deterministic order**. | A Go map is marshaled in a **non-deterministic order**. | [MapDeterminism](/v1/diff_test.go#:~:text=TestMapDeterminism) | +| JSON strings are encoded **with HTML-specific characters being escaped**. | JSON strings are encoded **without any characters being escaped** (unless necessary). | [EscapeHTML](/v1/diff_test.go#:~:text=TestEscapeHTML) | +| When marshaling, invalid UTF-8 within a Go string **are silently replaced**. | When marshaling, invalid UTF-8 within a Go string **results in an error**. | [InvalidUTF8](/v1/diff_test.go#:~:text=TestInvalidUTF8) | +| When unmarshaling, invalid UTF-8 within a JSON string **are silently replaced**. | When unmarshaling, invalid UTF-8 within a JSON string **results in an error**. | [InvalidUTF8](/v1/diff_test.go#:~:text=TestInvalidUTF8) | +| When marshaling, **an error does not occur** if the output JSON value contains objects with duplicate names. | When marshaling, **an error does occur** if the output JSON value contains objects with duplicate names. | [DuplicateNames](/v1/diff_test.go#:~:text=TestDuplicateNames) | +| When unmarshaling, **an error does not occur** if the input JSON value contains objects with duplicate names. | When unmarshaling, **an error does occur** if the input JSON value contains objects with duplicate names. | [DuplicateNames](/v1/diff_test.go#:~:text=TestDuplicateNames) | +| Unmarshaling a JSON null into a non-empty Go value **inconsistently clears the value or does nothing**. | Unmarshaling a JSON null into a non-empty Go value **always clears the value**. | [MergeNull](/v1/diff_test.go#:~:text=TestMergeNull) | +| Unmarshaling a JSON value into a non-empty Go value **follows inconsistent and bizarre behavior**. | Unmarshaling a JSON value into a non-empty Go value **always merges if the input is an object, and otherwise replaces**. | [MergeComposite](/v1/diff_test.go#:~:text=TestMergeComposite) | +| A `time.Duration` is represented as a **JSON number containing the decimal number of nanoseconds**. | A `time.Duration` has no default representation in v2 (see [#71631](https://golang.org/issue/71631)) and results in an error. | | +| A Go struct with only unexported fields **can be serialized**. | A Go struct with only unexported fields **cannot be serialized**. | [EmptyStructs](/v1/diff_test.go#:~:text=TestEmptyStructs) | + +See [diff_test.go](/v1/diff_test.go) for details about every change. ## Performance -One of the goals of the v2 module is to be more performant than v1. - -Each of the charts below show the performance across -several different JSON implementations: - -* `JSONv1` is `encoding/json` at `v1.18.2` -* `JSONv2` is `github.com/go-json-experiment/json` at `v0.0.0-20220524042235-dd8be80fc4a7` -* `JSONIterator` is `github.com/json-iterator/go` at `v1.1.12` -* `SegmentJSON` is `github.com/segmentio/encoding/json` at `v0.3.5` -* `GoJSON` is `github.com/goccy/go-json` at `v0.9.7` -* `SonicJSON` is `github.com/bytedance/sonic` at `v1.3.0` - -Benchmarks were run across various datasets: - -* `CanadaGeometry` is a GeoJSON (RFC 7946) representation of Canada. - It contains many JSON arrays of arrays of two-element arrays of numbers. -* `CITMCatalog` contains many JSON objects using numeric names. -* `SyntheaFHIR` is sample JSON data from the healthcare industry. - It contains many nested JSON objects with mostly string values, - where the set of unique string values is relatively small. -* `TwitterStatus` is the JSON response from the Twitter API. - It contains a mix of all different JSON kinds, where string values - are a mix of both single-byte ASCII and multi-byte Unicode. -* `GolangSource` is a simple tree representing the Go source code. - It contains many nested JSON objects, each with the same schema. -* `StringUnicode` contains many strings with multi-byte Unicode runes. - -All of the implementations other than `JSONv1` and `JSONv2` make -extensive use of `unsafe`. As such, we expect those to generally be faster, -but at the cost of memory and type safety. `SonicJSON` goes a step even further -and uses just-in-time compilation to generate machine code specialized -for the Go type being marshaled or unmarshaled. -Also, `SonicJSON` does not validate JSON strings for valid UTF-8, -and so gains a notable performance boost on datasets with multi-byte Unicode. -Benchmarks are performed based on the default marshal and unmarshal behavior -of each package. Note that `JSONv2` aims to be safe and correct by default, -which may not be the most performant strategy. - -`JSONv2` has several semantic changes relative to `JSONv1` that -impacts performance: - -1. When marshaling, `JSONv2` no longer sorts the keys of a Go map. - This will improve performance. -2. When marshaling or unmarshaling, `JSONv2` always checks - to make sure JSON object names are unique. - This will hurt performance, but is more correct. -3. When marshaling or unmarshaling, `JSONv2` always - shallow copies the underlying value for a Go interface and - shallow copies the key and value for entries in a Go map. - This is done to keep the value as addressable so that `JSONv2` can - call methods and functions that operate on a pointer receiver. - This will hurt performance, but is more correct. - -All of the charts are unit-less since the values are normalized -relative to `JSONv1`, which is why `JSONv1` always has a value of 1. -A lower value is better (i.e., runs faster). - -Benchmarks were performed on an AMD Ryzen 9 5900X. - -The code for the benchmarks is located at -https://github.com/go-json-experiment/jsonbench. - -### Marshal Performance - -#### Concrete types - -![Benchmark Marshal Concrete](benchmark-marshal-concrete.png) - -* This compares marshal performance when serializing - [from concrete types](/testdata_test.go). -* The `JSONv1` implementation is close to optimal (without the use of `unsafe`). -* Relative to `JSONv1`, `JSONv2` is generally as fast or slightly faster. -* Relative to `JSONIterator`, `JSONv2` is up to 1.3x faster. -* Relative to `SegmentJSON`, `JSONv2` is up to 1.8x slower. -* Relative to `GoJSON`, `JSONv2` is up to 2.0x slower. -* Relative to `SonicJSON`, `JSONv2` is about 1.8x to 3.2x slower - (ignoring `StringUnicode` since `SonicJSON` does not validate UTF-8). -* For `JSONv1` and `JSONv2`, marshaling from concrete types is - mostly limited by the performance of Go reflection. - -#### Interface types - -![Benchmark Marshal Interface](benchmark-marshal-interface.png) - -* This compares marshal performance when serializing from - `any`, `map[string]any`, and `[]any` types. -* Relative to `JSONv1`, `JSONv2` is about 1.5x to 4.2x faster. -* Relative to `JSONIterator`, `JSONv2` is about 1.1x to 2.4x faster. -* Relative to `SegmentJSON`, `JSONv2` is about 1.2x to 1.8x faster. -* Relative to `GoJSON`, `JSONv2` is about 1.1x to 2.5x faster. -* Relative to `SonicJSON`, `JSONv2` is up to 1.5x slower - (ignoring `StringUnicode` since `SonicJSON` does not validate UTF-8). -* `JSONv2` is faster than the alternatives. - One advantange is because it does not sort the keys for a `map[string]any`, - while alternatives (except `SonicJSON` and `JSONIterator`) do sort the keys. - -#### RawValue types - -![Benchmark Marshal Rawvalue](benchmark-marshal-rawvalue.png) - -* This compares performance when marshaling from a `json.RawValue`. - This mostly exercises the underlying encoder and - hides the cost of Go reflection. -* Relative to `JSONv1`, `JSONv2` is about 3.5x to 7.8x faster. -* `JSONIterator` is blazingly fast because - [it does not validate whether the raw value is valid](https://go.dev/play/p/bun9IXQCKRe) - and simply copies it to the output. -* Relative to `SegmentJSON`, `JSONv2` is about 1.5x to 2.7x faster. -* Relative to `GoJSON`, `JSONv2` is up to 2.2x faster. -* Relative to `SonicJSON`, `JSONv2` is up to 1.5x faster. -* Aside from `JSONIterator`, `JSONv2` is generally the fastest. - -### Unmarshal Performance - -#### Concrete types - -![Benchmark Unmarshal Concrete](benchmark-unmarshal-concrete.png) - -* This compares unmarshal performance when deserializing - [into concrete types](/testdata_test.go). -* Relative to `JSONv1`, `JSONv2` is about 1.8x to 5.7x faster. -* Relative to `JSONIterator`, `JSONv2` is about 1.1x to 1.6x slower. -* Relative to `SegmentJSON`, `JSONv2` is up to 2.5x slower. -* Relative to `GoJSON`, `JSONv2` is about 1.4x to 2.1x slower. -* Relative to `SonicJSON`, `JSONv2` is up to 4.0x slower - (ignoring `StringUnicode` since `SonicJSON` does not validate UTF-8). -* For `JSONv1` and `JSONv2`, unmarshaling into concrete types is - mostly limited by the performance of Go reflection. - -#### Interface types - -![Benchmark Unmarshal Interface](benchmark-unmarshal-interface.png) - -* This compares unmarshal performance when deserializing into - `any`, `map[string]any`, and `[]any` types. -* Relative to `JSONv1`, `JSONv2` is about 1.tx to 4.3x faster. -* Relative to `JSONIterator`, `JSONv2` is up to 1.5x faster. -* Relative to `SegmentJSON`, `JSONv2` is about 1.5 to 3.7x faster. -* Relative to `GoJSON`, `JSONv2` is up to 1.3x faster. -* Relative to `SonicJSON`, `JSONv2` is up to 1.5x slower - (ignoring `StringUnicode` since `SonicJSON` does not validate UTF-8). -* Aside from `SonicJSON`, `JSONv2` is generally just as fast - or faster than all the alternatives. - -#### RawValue types - -![Benchmark Unmarshal Rawvalue](benchmark-unmarshal-rawvalue.png) - -* This compares performance when unmarshaling into a `json.RawValue`. - This mostly exercises the underlying decoder and - hides away most of the cost of Go reflection. -* Relative to `JSONv1`, `JSONv2` is about 8.3x to 17.0x faster. -* Relative to `JSONIterator`, `JSONv2` is up to 2.0x faster. -* Relative to `SegmentJSON`, `JSONv2` is up to 1.6x faster or 1.7x slower. -* Relative to `GoJSON`, `JSONv2` is up to 1.9x faster or 2.1x slower. -* Relative to `SonicJSON`, `JSONv2` is up to 2.0x faster - (ignoring `StringUnicode` since `SonicJSON` does not validate UTF-8). -* `JSONv1` takes a - [lexical scanning approach](https://talks.golang.org/2011/lex.slide#1), - which performs a virtual function call for every byte of input. - In contrast, `JSONv2` makes heavy use of iterative and linear parsing logic - (with extra complexity to resume parsing when encountering segmented buffers). -* `JSONv2` is comparable to the alternatives that use `unsafe`. - Generally it is faster, but sometimes it is slower. +One of the goals of the v2 module is to be more performant than v1, +but not at the expense of correctness. +In general, v2 is at performance parity with v1 for marshaling, +but dramatically faster for unmarshaling. + +See https://github.com/go-json-experiment/jsonbench for benchmarks +comparing v2 with v1 and a number of other popular JSON implementations. diff --git a/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/alias.go b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/alias.go new file mode 100644 index 0000000000..fbf256d528 --- /dev/null +++ b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/alias.go @@ -0,0 +1,967 @@ +// Copyright 2025 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +// Code generated by alias_gen.go; DO NOT EDIT. + +//go:build goexperiment.jsonv2 && go1.25 + +// Package json implements semantic processing of JSON as specified in RFC 8259. +// JSON is a simple data interchange format that can represent +// primitive data types such as booleans, strings, and numbers, +// in addition to structured data types such as objects and arrays. +// +// [Marshal] and [Unmarshal] encode and decode Go values +// to/from JSON text contained within a []byte. +// [MarshalWrite] and [UnmarshalRead] operate on JSON text +// by writing to or reading from an [io.Writer] or [io.Reader]. +// [MarshalEncode] and [UnmarshalDecode] operate on JSON text +// by encoding to or decoding from a [jsontext.Encoder] or [jsontext.Decoder]. +// [Options] may be passed to each of the marshal or unmarshal functions +// to configure the semantic behavior of marshaling and unmarshaling +// (i.e., alter how JSON data is understood as Go data and vice versa). +// [jsontext.Options] may also be passed to the marshal or unmarshal functions +// to configure the syntactic behavior of encoding or decoding. +// +// The data types of JSON are mapped to/from the data types of Go based on +// the closest logical equivalent between the two type systems. For example, +// a JSON boolean corresponds with a Go bool, +// a JSON string corresponds with a Go string, +// a JSON number corresponds with a Go int, uint or float, +// a JSON array corresponds with a Go slice or array, and +// a JSON object corresponds with a Go struct or map. +// See the documentation on [Marshal] and [Unmarshal] for a comprehensive list +// of how the JSON and Go type systems correspond. +// +// Arbitrary Go types can customize their JSON representation by implementing +// [Marshaler], [MarshalerTo], [Unmarshaler], or [UnmarshalerFrom]. +// This provides authors of Go types with control over how their types are +// serialized as JSON. Alternatively, users can implement functions that match +// [MarshalFunc], [MarshalToFunc], [UnmarshalFunc], or [UnmarshalFromFunc] +// to specify the JSON representation for arbitrary types. +// This provides callers of JSON functionality with control over +// how any arbitrary type is serialized as JSON. +// +// # JSON Representation of Go structs +// +// A Go struct is naturally represented as a JSON object, +// where each Go struct field corresponds with a JSON object member. +// When marshaling, all Go struct fields are recursively encoded in depth-first +// order as JSON object members except those that are ignored or omitted. +// When unmarshaling, JSON object members are recursively decoded +// into the corresponding Go struct fields. +// Object members that do not match any struct fields, +// also known as “unknown members”, are ignored by default or rejected +// if [RejectUnknownMembers] is specified. +// +// The representation of each struct field can be customized in the +// "json" struct field tag, where the tag is a comma separated list of options. +// As a special case, if the entire tag is `json:"-"`, +// then the field is ignored with regard to its JSON representation. +// Some options also have equivalent behavior controlled by a caller-specified [Options]. +// Field-specified options take precedence over caller-specified options. +// +// The first option is the JSON object name override for the Go struct field. +// If the name is not specified, then the Go struct field name +// is used as the JSON object name. JSON names containing commas or quotes, +// or names identical to "" or "-", can be specified using +// a single-quoted string literal, where the syntax is identical to +// the Go grammar for a double-quoted string literal, +// but instead uses single quotes as the delimiters. +// By default, unmarshaling uses case-sensitive matching to identify +// the Go struct field associated with a JSON object name. +// +// After the name, the following tag options are supported: +// +// - omitzero: When marshaling, the "omitzero" option specifies that +// the struct field should be omitted if the field value is zero +// as determined by the "IsZero() bool" method if present, +// otherwise based on whether the field is the zero Go value. +// This option has no effect when unmarshaling. +// +// - omitempty: When marshaling, the "omitempty" option specifies that +// the struct field should be omitted if the field value would have been +// encoded as a JSON null, empty string, empty object, or empty array. +// This option has no effect when unmarshaling. +// +// - string: The "string" option specifies that [StringifyNumbers] +// be set when marshaling or unmarshaling a struct field value. +// This causes numeric types to be encoded as a JSON number +// within a JSON string, and to be decoded from a JSON string +// containing the JSON number without any surrounding whitespace. +// This extra level of encoding is often necessary since +// many JSON parsers cannot precisely represent 64-bit integers. +// +// - case: When unmarshaling, the "case" option specifies how +// JSON object names are matched with the JSON name for Go struct fields. +// The option is a key-value pair specified as "case:value" where +// the value must either be 'ignore' or 'strict'. +// The 'ignore' value specifies that matching is case-insensitive +// where dashes and underscores are also ignored. If multiple fields match, +// the first declared field in breadth-first order takes precedence. +// The 'strict' value specifies that matching is case-sensitive. +// This takes precedence over the [MatchCaseInsensitiveNames] option. +// +// - inline: The "inline" option specifies that +// the JSON representable content of this field type is to be promoted +// as if they were specified in the parent struct. +// It is the JSON equivalent of Go struct embedding. +// A Go embedded field is implicitly inlined unless an explicit JSON name +// is specified. The inlined field must be a Go struct +// (that does not implement any JSON methods), [jsontext.Value], +// map[~string]T, or an unnamed pointer to such types. When marshaling, +// inlined fields from a pointer type are omitted if it is nil. +// Inlined fields of type [jsontext.Value] and map[~string]T are called +// “inlined fallbacks” as they can represent all possible +// JSON object members not directly handled by the parent struct. +// Only one inlined fallback field may be specified in a struct, +// while many non-fallback fields may be specified. This option +// must not be specified with any other option (including the JSON name). +// +// - unknown: The "unknown" option is a specialized variant +// of the inlined fallback to indicate that this Go struct field +// contains any number of unknown JSON object members. The field type must +// be a [jsontext.Value], map[~string]T, or an unnamed pointer to such types. +// If [DiscardUnknownMembers] is specified when marshaling, +// the contents of this field are ignored. +// If [RejectUnknownMembers] is specified when unmarshaling, +// any unknown object members are rejected regardless of whether +// an inlined fallback with the "unknown" option exists. This option +// must not be specified with any other option (including the JSON name). +// +// - format: The "format" option specifies a format flag +// used to specialize the formatting of the field value. +// The option is a key-value pair specified as "format:value" where +// the value must be either a literal consisting of letters and numbers +// (e.g., "format:RFC3339") or a single-quoted string literal +// (e.g., "format:'2006-01-02'"). The interpretation of the format flag +// is determined by the struct field type. +// +// The "omitzero" and "omitempty" options are mostly semantically identical. +// The former is defined in terms of the Go type system, +// while the latter in terms of the JSON type system. +// Consequently they behave differently in some circumstances. +// For example, only a nil slice or map is omitted under "omitzero", while +// an empty slice or map is omitted under "omitempty" regardless of nilness. +// The "omitzero" option is useful for types with a well-defined zero value +// (e.g., [net/netip.Addr]) or have an IsZero method (e.g., [time.Time.IsZero]). +// +// Every Go struct corresponds to a list of JSON representable fields +// which is constructed by performing a breadth-first search over +// all struct fields (excluding unexported or ignored fields), +// where the search recursively descends into inlined structs. +// The set of non-inlined fields in a struct must have unique JSON names. +// If multiple fields all have the same JSON name, then the one +// at shallowest depth takes precedence and the other fields at deeper depths +// are excluded from the list of JSON representable fields. +// If multiple fields at the shallowest depth have the same JSON name, +// but exactly one is explicitly tagged with a JSON name, +// then that field takes precedence and all others are excluded from the list. +// This is analogous to Go visibility rules for struct field selection +// with embedded struct types. +// +// Marshaling or unmarshaling a non-empty struct +// without any JSON representable fields results in a [SemanticError]. +// Unexported fields must not have any `json` tags except for `json:"-"`. +// +// # Security Considerations +// +// JSON is frequently used as a data interchange format to communicate +// between different systems, possibly implemented in different languages. +// For interoperability and security reasons, it is important that +// all implementations agree upon the semantic meaning of the data. +// +// [For example, suppose we have two micro-services.] +// The first service is responsible for authenticating a JSON request, +// while the second service is responsible for executing the request +// (having assumed that the prior service authenticated the request). +// If an attacker were able to maliciously craft a JSON request such that +// both services believe that the same request is from different users, +// it could bypass the authenticator with valid credentials for one user, +// but maliciously perform an action on behalf of a different user. +// +// According to RFC 8259, there unfortunately exist many JSON texts +// that are syntactically valid but semantically ambiguous. +// For example, the standard does not define how to interpret duplicate +// names within an object. +// +// The v1 [encoding/json] and [encoding/json/v2] packages +// interpret some inputs in different ways. In particular: +// +// - The standard specifies that JSON must be encoded using UTF-8. +// By default, v1 replaces invalid bytes of UTF-8 in JSON strings +// with the Unicode replacement character, +// while v2 rejects inputs with invalid UTF-8. +// To change the default, specify the [jsontext.AllowInvalidUTF8] option. +// The replacement of invalid UTF-8 is a form of data corruption +// that alters the precise meaning of strings. +// +// - The standard does not specify a particular behavior when +// duplicate names are encountered within a JSON object, +// which means that different implementations may behave differently. +// By default, v1 allows for the presence of duplicate names, +// while v2 rejects duplicate names. +// To change the default, specify the [jsontext.AllowDuplicateNames] option. +// If allowed, object members are processed in the order they are observed, +// meaning that later values will replace or be merged into prior values, +// depending on the Go value type. +// +// - The standard defines a JSON object as an unordered collection of name/value pairs. +// While ordering can be observed through the underlying [jsontext] API, +// both v1 and v2 generally avoid exposing the ordering. +// No application should semantically depend on the order of object members. +// Allowing duplicate names is a vector through which ordering of members +// can accidentally be observed and depended upon. +// +// - The standard suggests that JSON object names are typically compared +// based on equality of the sequence of Unicode code points, +// which implies that comparing names is often case-sensitive. +// When unmarshaling a JSON object into a Go struct, +// by default, v1 uses a (loose) case-insensitive match on the name, +// while v2 uses a (strict) case-sensitive match on the name. +// To change the default, specify the [MatchCaseInsensitiveNames] option. +// The use of case-insensitive matching provides another vector through +// which duplicate names can occur. Allowing case-insensitive matching +// means that v1 or v2 might interpret JSON objects differently from most +// other JSON implementations (which typically use a case-sensitive match). +// +// - The standard does not specify a particular behavior when +// an unknown name in a JSON object is encountered. +// When unmarshaling a JSON object into a Go struct, by default +// both v1 and v2 ignore unknown names and their corresponding values. +// To change the default, specify the [RejectUnknownMembers] option. +// +// - The standard suggests that implementations may use a float64 +// to represent a JSON number. Consequently, large JSON integers +// may lose precision when stored as a floating-point type. +// Both v1 and v2 correctly preserve precision when marshaling and +// unmarshaling a concrete integer type. However, even if v1 and v2 +// preserve precision for concrete types, other JSON implementations +// may not be able to preserve precision for outputs produced by v1 or v2. +// The `string` tag option can be used to specify that an integer type +// is to be quoted within a JSON string to avoid loss of precision. +// Furthermore, v1 and v2 may still lose precision when unmarshaling +// into an any interface value, where unmarshal uses a float64 +// by default to represent a JSON number. +// To change the default, specify the [WithUnmarshalers] option +// with a custom unmarshaler that pre-populates the interface value +// with a concrete Go type that can preserve precision. +// +// RFC 8785 specifies a canonical form for any JSON text, +// which explicitly defines specific behaviors that RFC 8259 leaves undefined. +// In theory, if a text can successfully [jsontext.Value.Canonicalize] +// without changing the semantic meaning of the data, then it provides a +// greater degree of confidence that the data is more secure and interoperable. +// +// The v2 API generally chooses more secure defaults than v1, +// but care should still be taken with large integers or unknown members. +// +// [For example, suppose we have two micro-services.]: https://www.youtube.com/watch?v=avilmOcHKHE&t=1057s +package json + +import ( + "encoding/json/jsontext" + "encoding/json/v2" + "io" +) + +// Marshal serializes a Go value as a []byte according to the provided +// marshal and encode options (while ignoring unmarshal or decode options). +// It does not terminate the output with a newline. +// +// Type-specific marshal functions and methods take precedence +// over the default representation of a value. +// Functions or methods that operate on *T are only called when encoding +// a value of type T (by taking its address) or a non-nil value of *T. +// Marshal ensures that a value is always addressable +// (by boxing it on the heap if necessary) so that +// these functions and methods can be consistently called. For performance, +// it is recommended that Marshal be passed a non-nil pointer to the value. +// +// The input value is encoded as JSON according the following rules: +// +// - If any type-specific functions in a [WithMarshalers] option match +// the value type, then those functions are called to encode the value. +// If all applicable functions return [SkipFunc], +// then the value is encoded according to subsequent rules. +// +// - If the value type implements [MarshalerTo], +// then the MarshalJSONTo method is called to encode the value. +// +// - If the value type implements [Marshaler], +// then the MarshalJSON method is called to encode the value. +// +// - If the value type implements [encoding.TextAppender], +// then the AppendText method is called to encode the value and +// subsequently encode its result as a JSON string. +// +// - If the value type implements [encoding.TextMarshaler], +// then the MarshalText method is called to encode the value and +// subsequently encode its result as a JSON string. +// +// - Otherwise, the value is encoded according to the value's type +// as described in detail below. +// +// Most Go types have a default JSON representation. +// Certain types support specialized formatting according to +// a format flag optionally specified in the Go struct tag +// for the struct field that contains the current value +// (see the “JSON Representation of Go structs” section for more details). +// +// The representation of each type is as follows: +// +// - A Go boolean is encoded as a JSON boolean (e.g., true or false). +// It does not support any custom format flags. +// +// - A Go string is encoded as a JSON string. +// It does not support any custom format flags. +// +// - A Go []byte or [N]byte is encoded as a JSON string containing +// the binary value encoded using RFC 4648. +// If the format is "base64" or unspecified, then this uses RFC 4648, section 4. +// If the format is "base64url", then this uses RFC 4648, section 5. +// If the format is "base32", then this uses RFC 4648, section 6. +// If the format is "base32hex", then this uses RFC 4648, section 7. +// If the format is "base16" or "hex", then this uses RFC 4648, section 8. +// If the format is "array", then the bytes value is encoded as a JSON array +// where each byte is recursively JSON-encoded as each JSON array element. +// +// - A Go integer is encoded as a JSON number without fractions or exponents. +// If [StringifyNumbers] is specified or encoding a JSON object name, +// then the JSON number is encoded within a JSON string. +// It does not support any custom format flags. +// +// - A Go float is encoded as a JSON number. +// If [StringifyNumbers] is specified or encoding a JSON object name, +// then the JSON number is encoded within a JSON string. +// If the format is "nonfinite", then NaN, +Inf, and -Inf are encoded as +// the JSON strings "NaN", "Infinity", and "-Infinity", respectively. +// Otherwise, the presence of non-finite numbers results in a [SemanticError]. +// +// - A Go map is encoded as a JSON object, where each Go map key and value +// is recursively encoded as a name and value pair in the JSON object. +// The Go map key must encode as a JSON string, otherwise this results +// in a [SemanticError]. The Go map is traversed in a non-deterministic order. +// For deterministic encoding, consider using the [Deterministic] option. +// If the format is "emitnull", then a nil map is encoded as a JSON null. +// If the format is "emitempty", then a nil map is encoded as an empty JSON object, +// regardless of whether [FormatNilMapAsNull] is specified. +// Otherwise by default, a nil map is encoded as an empty JSON object. +// +// - A Go struct is encoded as a JSON object. +// See the “JSON Representation of Go structs” section +// in the package-level documentation for more details. +// +// - A Go slice is encoded as a JSON array, where each Go slice element +// is recursively JSON-encoded as the elements of the JSON array. +// If the format is "emitnull", then a nil slice is encoded as a JSON null. +// If the format is "emitempty", then a nil slice is encoded as an empty JSON array, +// regardless of whether [FormatNilSliceAsNull] is specified. +// Otherwise by default, a nil slice is encoded as an empty JSON array. +// +// - A Go array is encoded as a JSON array, where each Go array element +// is recursively JSON-encoded as the elements of the JSON array. +// The JSON array length is always identical to the Go array length. +// It does not support any custom format flags. +// +// - A Go pointer is encoded as a JSON null if nil, otherwise it is +// the recursively JSON-encoded representation of the underlying value. +// Format flags are forwarded to the encoding of the underlying value. +// +// - A Go interface is encoded as a JSON null if nil, otherwise it is +// the recursively JSON-encoded representation of the underlying value. +// It does not support any custom format flags. +// +// - A Go [time.Time] is encoded as a JSON string containing the timestamp +// formatted in RFC 3339 with nanosecond precision. +// If the format matches one of the format constants declared +// in the time package (e.g., RFC1123), then that format is used. +// If the format is "unix", "unixmilli", "unixmicro", or "unixnano", +// then the timestamp is encoded as a possibly fractional JSON number +// of the number of seconds (or milliseconds, microseconds, or nanoseconds) +// since the Unix epoch, which is January 1st, 1970 at 00:00:00 UTC. +// To avoid a fractional component, round the timestamp to the relevant unit. +// Otherwise, the format is used as-is with [time.Time.Format] if non-empty. +// +// - A Go [time.Duration] currently has no default representation and +// requires an explicit format to be specified. +// If the format is "sec", "milli", "micro", or "nano", +// then the duration is encoded as a possibly fractional JSON number +// of the number of seconds (or milliseconds, microseconds, or nanoseconds). +// To avoid a fractional component, round the duration to the relevant unit. +// If the format is "units", it is encoded as a JSON string formatted using +// [time.Duration.String] (e.g., "1h30m" for 1 hour 30 minutes). +// If the format is "iso8601", it is encoded as a JSON string using the +// ISO 8601 standard for durations (e.g., "PT1H30M" for 1 hour 30 minutes) +// using only accurate units of hours, minutes, and seconds. +// +// - All other Go types (e.g., complex numbers, channels, and functions) +// have no default representation and result in a [SemanticError]. +// +// JSON cannot represent cyclic data structures and Marshal does not handle them. +// Passing cyclic structures will result in an error. +func Marshal(in any, opts ...Options) (out []byte, err error) { + return json.Marshal(in, opts...) +} + +// MarshalWrite serializes a Go value into an [io.Writer] according to the provided +// marshal and encode options (while ignoring unmarshal or decode options). +// It does not terminate the output with a newline. +// See [Marshal] for details about the conversion of a Go value into JSON. +func MarshalWrite(out io.Writer, in any, opts ...Options) (err error) { + return json.MarshalWrite(out, in, opts...) +} + +// MarshalEncode serializes a Go value into an [jsontext.Encoder] according to +// the provided marshal options (while ignoring unmarshal, encode, or decode options). +// Any marshal-relevant options already specified on the [jsontext.Encoder] +// take lower precedence than the set of options provided by the caller. +// Unlike [Marshal] and [MarshalWrite], encode options are ignored because +// they must have already been specified on the provided [jsontext.Encoder]. +// +// See [Marshal] for details about the conversion of a Go value into JSON. +func MarshalEncode(out *jsontext.Encoder, in any, opts ...Options) (err error) { + return json.MarshalEncode(out, in, opts...) +} + +// Unmarshal decodes a []byte input into a Go value according to the provided +// unmarshal and decode options (while ignoring marshal or encode options). +// The input must be a single JSON value with optional whitespace interspersed. +// The output must be a non-nil pointer. +// +// Type-specific unmarshal functions and methods take precedence +// over the default representation of a value. +// Functions or methods that operate on *T are only called when decoding +// a value of type T (by taking its address) or a non-nil value of *T. +// Unmarshal ensures that a value is always addressable +// (by boxing it on the heap if necessary) so that +// these functions and methods can be consistently called. +// +// The input is decoded into the output according the following rules: +// +// - If any type-specific functions in a [WithUnmarshalers] option match +// the value type, then those functions are called to decode the JSON +// value. If all applicable functions return [SkipFunc], +// then the input is decoded according to subsequent rules. +// +// - If the value type implements [UnmarshalerFrom], +// then the UnmarshalJSONFrom method is called to decode the JSON value. +// +// - If the value type implements [Unmarshaler], +// then the UnmarshalJSON method is called to decode the JSON value. +// +// - If the value type implements [encoding.TextUnmarshaler], +// then the input is decoded as a JSON string and +// the UnmarshalText method is called with the decoded string value. +// This fails with a [SemanticError] if the input is not a JSON string. +// +// - Otherwise, the JSON value is decoded according to the value's type +// as described in detail below. +// +// Most Go types have a default JSON representation. +// Certain types support specialized formatting according to +// a format flag optionally specified in the Go struct tag +// for the struct field that contains the current value +// (see the “JSON Representation of Go structs” section for more details). +// A JSON null may be decoded into every supported Go value where +// it is equivalent to storing the zero value of the Go value. +// If the input JSON kind is not handled by the current Go value type, +// then this fails with a [SemanticError]. Unless otherwise specified, +// the decoded value replaces any pre-existing value. +// +// The representation of each type is as follows: +// +// - A Go boolean is decoded from a JSON boolean (e.g., true or false). +// It does not support any custom format flags. +// +// - A Go string is decoded from a JSON string. +// It does not support any custom format flags. +// +// - A Go []byte or [N]byte is decoded from a JSON string +// containing the binary value encoded using RFC 4648. +// If the format is "base64" or unspecified, then this uses RFC 4648, section 4. +// If the format is "base64url", then this uses RFC 4648, section 5. +// If the format is "base32", then this uses RFC 4648, section 6. +// If the format is "base32hex", then this uses RFC 4648, section 7. +// If the format is "base16" or "hex", then this uses RFC 4648, section 8. +// If the format is "array", then the Go slice or array is decoded from a +// JSON array where each JSON element is recursively decoded for each byte. +// When decoding into a non-nil []byte, the slice length is reset to zero +// and the decoded input is appended to it. +// When decoding into a [N]byte, the input must decode to exactly N bytes, +// otherwise it fails with a [SemanticError]. +// +// - A Go integer is decoded from a JSON number. +// It must be decoded from a JSON string containing a JSON number +// if [StringifyNumbers] is specified or decoding a JSON object name. +// It fails with a [SemanticError] if the JSON number +// has a fractional or exponent component. +// It also fails if it overflows the representation of the Go integer type. +// It does not support any custom format flags. +// +// - A Go float is decoded from a JSON number. +// It must be decoded from a JSON string containing a JSON number +// if [StringifyNumbers] is specified or decoding a JSON object name. +// It fails if it overflows the representation of the Go float type. +// If the format is "nonfinite", then the JSON strings +// "NaN", "Infinity", and "-Infinity" are decoded as NaN, +Inf, and -Inf. +// Otherwise, the presence of such strings results in a [SemanticError]. +// +// - A Go map is decoded from a JSON object, +// where each JSON object name and value pair is recursively decoded +// as the Go map key and value. Maps are not cleared. +// If the Go map is nil, then a new map is allocated to decode into. +// If the decoded key matches an existing Go map entry, the entry value +// is reused by decoding the JSON object value into it. +// The formats "emitnull" and "emitempty" have no effect when decoding. +// +// - A Go struct is decoded from a JSON object. +// See the “JSON Representation of Go structs” section +// in the package-level documentation for more details. +// +// - A Go slice is decoded from a JSON array, where each JSON element +// is recursively decoded and appended to the Go slice. +// Before appending into a Go slice, a new slice is allocated if it is nil, +// otherwise the slice length is reset to zero. +// The formats "emitnull" and "emitempty" have no effect when decoding. +// +// - A Go array is decoded from a JSON array, where each JSON array element +// is recursively decoded as each corresponding Go array element. +// Each Go array element is zeroed before decoding into it. +// It fails with a [SemanticError] if the JSON array does not contain +// the exact same number of elements as the Go array. +// It does not support any custom format flags. +// +// - A Go pointer is decoded based on the JSON kind and underlying Go type. +// If the input is a JSON null, then this stores a nil pointer. +// Otherwise, it allocates a new underlying value if the pointer is nil, +// and recursively JSON decodes into the underlying value. +// Format flags are forwarded to the decoding of the underlying type. +// +// - A Go interface is decoded based on the JSON kind and underlying Go type. +// If the input is a JSON null, then this stores a nil interface value. +// Otherwise, a nil interface value of an empty interface type is initialized +// with a zero Go bool, string, float64, map[string]any, or []any if the +// input is a JSON boolean, string, number, object, or array, respectively. +// If the interface value is still nil, then this fails with a [SemanticError] +// since decoding could not determine an appropriate Go type to decode into. +// For example, unmarshaling into a nil io.Reader fails since +// there is no concrete type to populate the interface value with. +// Otherwise an underlying value exists and it recursively decodes +// the JSON input into it. It does not support any custom format flags. +// +// - A Go [time.Time] is decoded from a JSON string containing the time +// formatted in RFC 3339 with nanosecond precision. +// If the format matches one of the format constants declared in +// the time package (e.g., RFC1123), then that format is used for parsing. +// If the format is "unix", "unixmilli", "unixmicro", or "unixnano", +// then the timestamp is decoded from an optionally fractional JSON number +// of the number of seconds (or milliseconds, microseconds, or nanoseconds) +// since the Unix epoch, which is January 1st, 1970 at 00:00:00 UTC. +// Otherwise, the format is used as-is with [time.Time.Parse] if non-empty. +// +// - A Go [time.Duration] currently has no default representation and +// requires an explicit format to be specified. +// If the format is "sec", "milli", "micro", or "nano", +// then the duration is decoded from an optionally fractional JSON number +// of the number of seconds (or milliseconds, microseconds, or nanoseconds). +// If the format is "units", it is decoded from a JSON string parsed using +// [time.ParseDuration] (e.g., "1h30m" for 1 hour 30 minutes). +// If the format is "iso8601", it is decoded from a JSON string using the +// ISO 8601 standard for durations (e.g., "PT1H30M" for 1 hour 30 minutes) +// accepting only accurate units of hours, minutes, or seconds. +// +// - All other Go types (e.g., complex numbers, channels, and functions) +// have no default representation and result in a [SemanticError]. +// +// In general, unmarshaling follows merge semantics (similar to RFC 7396) +// where the decoded Go value replaces the destination value +// for any JSON kind other than an object. +// For JSON objects, the input object is merged into the destination value +// where matching object members recursively apply merge semantics. +func Unmarshal(in []byte, out any, opts ...Options) (err error) { + return json.Unmarshal(in, out, opts...) +} + +// UnmarshalRead deserializes a Go value from an [io.Reader] according to the +// provided unmarshal and decode options (while ignoring marshal or encode options). +// The input must be a single JSON value with optional whitespace interspersed. +// It consumes the entirety of [io.Reader] until [io.EOF] is encountered, +// without reporting an error for EOF. The output must be a non-nil pointer. +// See [Unmarshal] for details about the conversion of JSON into a Go value. +func UnmarshalRead(in io.Reader, out any, opts ...Options) (err error) { + return json.UnmarshalRead(in, out, opts...) +} + +// UnmarshalDecode deserializes a Go value from a [jsontext.Decoder] according to +// the provided unmarshal options (while ignoring marshal, encode, or decode options). +// Any unmarshal options already specified on the [jsontext.Decoder] +// take lower precedence than the set of options provided by the caller. +// Unlike [Unmarshal] and [UnmarshalRead], decode options are ignored because +// they must have already been specified on the provided [jsontext.Decoder]. +// +// The input may be a stream of one or more JSON values, +// where this only unmarshals the next JSON value in the stream. +// The output must be a non-nil pointer. +// See [Unmarshal] for details about the conversion of JSON into a Go value. +func UnmarshalDecode(in *jsontext.Decoder, out any, opts ...Options) (err error) { + return json.UnmarshalDecode(in, out, opts...) +} + +// Marshalers is a list of functions that may override the marshal behavior +// of specific types. Populate [WithMarshalers] to use it with +// [Marshal], [MarshalWrite], or [MarshalEncode]. +// A nil *Marshalers is equivalent to an empty list. +// There are no exported fields or methods on Marshalers. +type Marshalers = json.Marshalers + +// JoinMarshalers constructs a flattened list of marshal functions. +// If multiple functions in the list are applicable for a value of a given type, +// then those earlier in the list take precedence over those that come later. +// If a function returns [SkipFunc], then the next applicable function is called, +// otherwise the default marshaling behavior is used. +// +// For example: +// +// m1 := JoinMarshalers(f1, f2) +// m2 := JoinMarshalers(f0, m1, f3) // equivalent to m3 +// m3 := JoinMarshalers(f0, f1, f2, f3) // equivalent to m2 +func JoinMarshalers(ms ...*Marshalers) *Marshalers { + return json.JoinMarshalers(ms...) +} + +// Unmarshalers is a list of functions that may override the unmarshal behavior +// of specific types. Populate [WithUnmarshalers] to use it with +// [Unmarshal], [UnmarshalRead], or [UnmarshalDecode]. +// A nil *Unmarshalers is equivalent to an empty list. +// There are no exported fields or methods on Unmarshalers. +type Unmarshalers = json.Unmarshalers + +// JoinUnmarshalers constructs a flattened list of unmarshal functions. +// If multiple functions in the list are applicable for a value of a given type, +// then those earlier in the list take precedence over those that come later. +// If a function returns [SkipFunc], then the next applicable function is called, +// otherwise the default unmarshaling behavior is used. +// +// For example: +// +// u1 := JoinUnmarshalers(f1, f2) +// u2 := JoinUnmarshalers(f0, u1, f3) // equivalent to u3 +// u3 := JoinUnmarshalers(f0, f1, f2, f3) // equivalent to u2 +func JoinUnmarshalers(us ...*Unmarshalers) *Unmarshalers { + return json.JoinUnmarshalers(us...) +} + +// MarshalFunc constructs a type-specific marshaler that +// specifies how to marshal values of type T. +// T can be any type except a named pointer. +// The function is always provided with a non-nil pointer value +// if T is an interface or pointer type. +// +// The function must marshal exactly one JSON value. +// The value of T must not be retained outside the function call. +// It may not return [SkipFunc]. +func MarshalFunc[T any](fn func(T) ([]byte, error)) *Marshalers { + return json.MarshalFunc[T](fn) +} + +// MarshalToFunc constructs a type-specific marshaler that +// specifies how to marshal values of type T. +// T can be any type except a named pointer. +// The function is always provided with a non-nil pointer value +// if T is an interface or pointer type. +// +// The function must marshal exactly one JSON value by calling write methods +// on the provided encoder. It may return [SkipFunc] such that marshaling can +// move on to the next marshal function. However, no mutable method calls may +// be called on the encoder if [SkipFunc] is returned. +// The pointer to [jsontext.Encoder] and the value of T +// must not be retained outside the function call. +func MarshalToFunc[T any](fn func(*jsontext.Encoder, T) error) *Marshalers { + return json.MarshalToFunc[T](fn) +} + +// UnmarshalFunc constructs a type-specific unmarshaler that +// specifies how to unmarshal values of type T. +// T must be an unnamed pointer or an interface type. +// The function is always provided with a non-nil pointer value. +// +// The function must unmarshal exactly one JSON value. +// The input []byte must not be mutated. +// The input []byte and value T must not be retained outside the function call. +// It may not return [SkipFunc]. +func UnmarshalFunc[T any](fn func([]byte, T) error) *Unmarshalers { + return json.UnmarshalFunc[T](fn) +} + +// UnmarshalFromFunc constructs a type-specific unmarshaler that +// specifies how to unmarshal values of type T. +// T must be an unnamed pointer or an interface type. +// The function is always provided with a non-nil pointer value. +// +// The function must unmarshal exactly one JSON value by calling read methods +// on the provided decoder. It may return [SkipFunc] such that unmarshaling can +// move on to the next unmarshal function. However, no mutable method calls may +// be called on the decoder if [SkipFunc] is returned. +// The pointer to [jsontext.Decoder] and the value of T +// must not be retained outside the function call. +func UnmarshalFromFunc[T any](fn func(*jsontext.Decoder, T) error) *Unmarshalers { + return json.UnmarshalFromFunc[T](fn) +} + +// Marshaler is implemented by types that can marshal themselves. +// It is recommended that types implement [MarshalerTo] unless the implementation +// is trying to avoid a hard dependency on the "jsontext" package. +// +// It is recommended that implementations return a buffer that is safe +// for the caller to retain and potentially mutate. +type Marshaler = json.Marshaler + +// MarshalerTo is implemented by types that can marshal themselves. +// It is recommended that types implement MarshalerTo instead of [Marshaler] +// since this is both more performant and flexible. +// If a type implements both Marshaler and MarshalerTo, +// then MarshalerTo takes precedence. In such a case, both implementations +// should aim to have equivalent behavior for the default marshal options. +// +// The implementation must write only one JSON value to the Encoder and +// must not retain the pointer to [jsontext.Encoder]. +type MarshalerTo = json.MarshalerTo + +// Unmarshaler is implemented by types that can unmarshal themselves. +// It is recommended that types implement [UnmarshalerFrom] unless the implementation +// is trying to avoid a hard dependency on the "jsontext" package. +// +// The input can be assumed to be a valid encoding of a JSON value +// if called from unmarshal functionality in this package. +// UnmarshalJSON must copy the JSON data if it is retained after returning. +// It is recommended that UnmarshalJSON implement merge semantics when +// unmarshaling into a pre-populated value. +// +// Implementations must not retain or mutate the input []byte. +type Unmarshaler = json.Unmarshaler + +// UnmarshalerFrom is implemented by types that can unmarshal themselves. +// It is recommended that types implement UnmarshalerFrom instead of [Unmarshaler] +// since this is both more performant and flexible. +// If a type implements both Unmarshaler and UnmarshalerFrom, +// then UnmarshalerFrom takes precedence. In such a case, both implementations +// should aim to have equivalent behavior for the default unmarshal options. +// +// The implementation must read only one JSON value from the Decoder. +// It is recommended that UnmarshalJSONFrom implement merge semantics when +// unmarshaling into a pre-populated value. +// +// Implementations must not retain the pointer to [jsontext.Decoder]. +type UnmarshalerFrom = json.UnmarshalerFrom + +// ErrUnknownName indicates that a JSON object member could not be +// unmarshaled because the name is not known to the target Go struct. +// This error is directly wrapped within a [SemanticError] when produced. +// +// The name of an unknown JSON object member can be extracted as: +// +// err := ... +// var serr json.SemanticError +// if errors.As(err, &serr) && serr.Err == json.ErrUnknownName { +// ptr := serr.JSONPointer // JSON pointer to unknown name +// name := ptr.LastToken() // unknown name itself +// ... +// } +// +// This error is only returned if [RejectUnknownMembers] is true. +var ErrUnknownName = json.ErrUnknownName + +// SemanticError describes an error determining the meaning +// of JSON data as Go data or vice-versa. +// +// The contents of this error as produced by this package may change over time. +type SemanticError = json.SemanticError + +// Options configure [Marshal], [MarshalWrite], [MarshalEncode], +// [Unmarshal], [UnmarshalRead], and [UnmarshalDecode] with specific features. +// Each function takes in a variadic list of options, where properties +// set in later options override the value of previously set properties. +// +// The Options type is identical to [encoding/json.Options] and +// [encoding/json/jsontext.Options]. Options from the other packages can +// be used interchangeably with functionality in this package. +// +// Options represent either a singular option or a set of options. +// It can be functionally thought of as a Go map of option properties +// (even though the underlying implementation avoids Go maps for performance). +// +// The constructors (e.g., [Deterministic]) return a singular option value: +// +// opt := Deterministic(true) +// +// which is analogous to creating a single entry map: +// +// opt := Options{"Deterministic": true} +// +// [JoinOptions] composes multiple options values to together: +// +// out := JoinOptions(opts...) +// +// which is analogous to making a new map and copying the options over: +// +// out := make(Options) +// for _, m := range opts { +// for k, v := range m { +// out[k] = v +// } +// } +// +// [GetOption] looks up the value of options parameter: +// +// v, ok := GetOption(opts, Deterministic) +// +// which is analogous to a Go map lookup: +// +// v, ok := Options["Deterministic"] +// +// There is a single Options type, which is used with both marshal and unmarshal. +// Some options affect both operations, while others only affect one operation: +// +// - [StringifyNumbers] affects marshaling and unmarshaling +// - [Deterministic] affects marshaling only +// - [FormatNilSliceAsNull] affects marshaling only +// - [FormatNilMapAsNull] affects marshaling only +// - [OmitZeroStructFields] affects marshaling only +// - [MatchCaseInsensitiveNames] affects marshaling and unmarshaling +// - [DiscardUnknownMembers] affects marshaling only +// - [RejectUnknownMembers] affects unmarshaling only +// - [WithMarshalers] affects marshaling only +// - [WithUnmarshalers] affects unmarshaling only +// +// Options that do not affect a particular operation are ignored. +type Options = json.Options + +// JoinOptions coalesces the provided list of options into a single Options. +// Properties set in later options override the value of previously set properties. +func JoinOptions(srcs ...Options) Options { + return json.JoinOptions(srcs...) +} + +// GetOption returns the value stored in opts with the provided setter, +// reporting whether the value is present. +// +// Example usage: +// +// v, ok := json.GetOption(opts, json.Deterministic) +// +// Options are most commonly introspected to alter the JSON representation of +// [MarshalerTo.MarshalJSONTo] and [UnmarshalerFrom.UnmarshalJSONFrom] methods, and +// [MarshalToFunc] and [UnmarshalFromFunc] functions. +// In such cases, the presence bit should generally be ignored. +func GetOption[T any](opts Options, setter func(T) Options) (T, bool) { + return json.GetOption[T](opts, setter) +} + +// DefaultOptionsV2 is the full set of all options that define v2 semantics. +// It is equivalent to all options under [Options], [encoding/json.Options], +// and [encoding/json/jsontext.Options] being set to false or the zero value, +// except for the options related to whitespace formatting. +func DefaultOptionsV2() Options { + return json.DefaultOptionsV2() +} + +// StringifyNumbers specifies that numeric Go types should be marshaled +// as a JSON string containing the equivalent JSON number value. +// When unmarshaling, numeric Go types are parsed from a JSON string +// containing the JSON number without any surrounding whitespace. +// +// According to RFC 8259, section 6, a JSON implementation may choose to +// limit the representation of a JSON number to an IEEE 754 binary64 value. +// This may cause decoders to lose precision for int64 and uint64 types. +// Quoting JSON numbers as a JSON string preserves the exact precision. +// +// This affects either marshaling or unmarshaling. +func StringifyNumbers(v bool) Options { + return json.StringifyNumbers(v) +} + +// Deterministic specifies that the same input value will be serialized +// as the exact same output bytes. Different processes of +// the same program will serialize equal values to the same bytes, +// but different versions of the same program are not guaranteed +// to produce the exact same sequence of bytes. +// +// This only affects marshaling and is ignored when unmarshaling. +func Deterministic(v bool) Options { + return json.Deterministic(v) +} + +// FormatNilSliceAsNull specifies that a nil Go slice should marshal as a +// JSON null instead of the default representation as an empty JSON array +// (or an empty JSON string in the case of ~[]byte). +// Slice fields explicitly marked with `format:emitempty` still marshal +// as an empty JSON array. +// +// This only affects marshaling and is ignored when unmarshaling. +func FormatNilSliceAsNull(v bool) Options { + return json.FormatNilSliceAsNull(v) +} + +// FormatNilMapAsNull specifies that a nil Go map should marshal as a +// JSON null instead of the default representation as an empty JSON object. +// Map fields explicitly marked with `format:emitempty` still marshal +// as an empty JSON object. +// +// This only affects marshaling and is ignored when unmarshaling. +func FormatNilMapAsNull(v bool) Options { + return json.FormatNilMapAsNull(v) +} + +// OmitZeroStructFields specifies that a Go struct should marshal in such a way +// that all struct fields that are zero are omitted from the marshaled output +// if the value is zero as determined by the "IsZero() bool" method if present, +// otherwise based on whether the field is the zero Go value. +// This is semantically equivalent to specifying the `omitzero` tag option +// on every field in a Go struct. +// +// This only affects marshaling and is ignored when unmarshaling. +func OmitZeroStructFields(v bool) Options { + return json.OmitZeroStructFields(v) +} + +// MatchCaseInsensitiveNames specifies that JSON object members are matched +// against Go struct fields using a case-insensitive match of the name. +// Go struct fields explicitly marked with `case:strict` or `case:ignore` +// always use case-sensitive (or case-insensitive) name matching, +// regardless of the value of this option. +// +// This affects either marshaling or unmarshaling. +// For marshaling, this option may alter the detection of duplicate names +// (assuming [jsontext.AllowDuplicateNames] is false) from inlined fields +// if it matches one of the declared fields in the Go struct. +func MatchCaseInsensitiveNames(v bool) Options { + return json.MatchCaseInsensitiveNames(v) +} + +// RejectUnknownMembers specifies that unknown members should be rejected +// when unmarshaling a JSON object, regardless of whether there is a field +// to store unknown members. +// +// This only affects unmarshaling and is ignored when marshaling. +func RejectUnknownMembers(v bool) Options { + return json.RejectUnknownMembers(v) +} + +// WithMarshalers specifies a list of type-specific marshalers to use, +// which can be used to override the default marshal behavior for values +// of particular types. +// +// This only affects marshaling and is ignored when unmarshaling. +func WithMarshalers(v *Marshalers) Options { + return json.WithMarshalers(v) +} + +// WithUnmarshalers specifies a list of type-specific unmarshalers to use, +// which can be used to override the default unmarshal behavior for values +// of particular types. +// +// This only affects unmarshaling and is ignored when marshaling. +func WithUnmarshalers(v *Unmarshalers) Options { + return json.WithUnmarshalers(v) +} diff --git a/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/arshal.go b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/arshal.go index e6c6216ff3..85d5303891 100644 --- a/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/arshal.go +++ b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/arshal.go @@ -2,112 +2,70 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. +//go:build !goexperiment.jsonv2 || !go1.25 + package json import ( - "errors" + "bytes" + "encoding" "io" "reflect" + "slices" + "strings" "sync" -) + "time" -// MarshalOptions configures how Go data is serialized as JSON data. -// The zero value is equivalent to the default marshal settings. -type MarshalOptions struct { - requireKeyedLiterals - nonComparable - - // Marshalers is a list of type-specific marshalers to use. - Marshalers *Marshalers - - // StringifyNumbers specifies that numeric Go types should be serialized - // as a JSON string containing the equivalent JSON number value. - // - // According to RFC 8259, section 6, a JSON implementation may choose to - // limit the representation of a JSON number to an IEEE 754 binary64 value. - // This may cause decoders to lose precision for int64 and uint64 types. - // Escaping JSON numbers as a JSON string preserves the exact precision. - StringifyNumbers bool - - // DiscardUnknownMembers specifies that marshaling should ignore any - // JSON object members stored in Go struct fields dedicated to storing - // unknown JSON object members. - DiscardUnknownMembers bool - - // Deterministic specifies that the same input value will be serialized - // as the exact same output bytes. Different processes of - // the same program will serialize equal values to the same bytes, - // but different versions of the same program are not guaranteed - // to produce the exact same sequence of bytes. - Deterministic bool - - // formatDepth is the depth at which we respect the format flag. - formatDepth int - // format is custom formatting for the value at the specified depth. - format string -} + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal" + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal/jsonflags" + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal/jsonopts" + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext" +) -// Marshal serializes a Go value as a []byte with default options. -// It is a thin wrapper over MarshalOptions.Marshal. -func Marshal(in any) (out []byte, err error) { - return MarshalOptions{}.Marshal(EncodeOptions{}, in) -} +// Reference encoding and time packages to assist pkgsite +// in being able to hotlink references to those packages. +var ( + _ encoding.TextMarshaler + _ encoding.TextAppender + _ encoding.TextUnmarshaler + _ time.Time + _ time.Duration +) -// MarshalFull serializes a Go value into an io.Writer with default options. -// It is a thin wrapper over MarshalOptions.MarshalFull. -func MarshalFull(out io.Writer, in any) error { - return MarshalOptions{}.MarshalFull(EncodeOptions{}, out, in) -} +// export exposes internal functionality of the "jsontext" package. +var export = jsontext.Internal.Export(&internal.AllowInternalUse) // Marshal serializes a Go value as a []byte according to the provided -// marshal and encode options. It does not terminate the output with a newline. -// See MarshalNext for details about the conversion of a Go value into JSON. -func (mo MarshalOptions) Marshal(eo EncodeOptions, in any) (out []byte, err error) { - enc := getBufferedEncoder(eo) - defer putBufferedEncoder(enc) - enc.options.omitTopLevelNewline = true - err = mo.MarshalNext(enc, in) - // TODO(https://go.dev/issue/45038): Use bytes.Clone. - return append([]byte(nil), enc.buf...), err -} - -// MarshalFull serializes a Go value into an io.Writer according to the provided -// marshal and encode options. It does not terminate the output with a newline. -// See MarshalNext for details about the conversion of a Go value into JSON. -func (mo MarshalOptions) MarshalFull(eo EncodeOptions, out io.Writer, in any) error { - enc := getStreamingEncoder(out, eo) - defer putStreamingEncoder(enc) - enc.options.omitTopLevelNewline = true - err := mo.MarshalNext(enc, in) - return err -} - -// MarshalNext encodes a Go value as the next JSON value according to -// the provided marshal options. +// marshal and encode options (while ignoring unmarshal or decode options). +// It does not terminate the output with a newline. // // Type-specific marshal functions and methods take precedence // over the default representation of a value. // Functions or methods that operate on *T are only called when encoding // a value of type T (by taking its address) or a non-nil value of *T. -// MarshalNext ensures that a value is always addressable +// Marshal ensures that a value is always addressable // (by boxing it on the heap if necessary) so that // these functions and methods can be consistently called. For performance, -// it is recommended that MarshalNext be passed a non-nil pointer to the value. +// it is recommended that Marshal be passed a non-nil pointer to the value. // // The input value is encoded as JSON according the following rules: // -// - If any type-specific functions in MarshalOptions.Marshalers match +// - If any type-specific functions in a [WithMarshalers] option match // the value type, then those functions are called to encode the value. -// If all applicable functions return SkipFunc, +// If all applicable functions return [SkipFunc], // then the value is encoded according to subsequent rules. // -// - If the value type implements MarshalerV2, -// then the MarshalNextJSON method is called to encode the value. +// - If the value type implements [MarshalerTo], +// then the MarshalJSONTo method is called to encode the value. // -// - If the value type implements MarshalerV1, +// - If the value type implements [Marshaler], // then the MarshalJSON method is called to encode the value. // -// - If the value type implements encoding.TextMarshaler, +// - If the value type implements [encoding.TextAppender], +// then the AppendText method is called to encode the value and +// subsequently encode its result as a JSON string. +// +// - If the value type implements [encoding.TextMarshaler], // then the MarshalText method is called to encode the value and // subsequently encode its result as a JSON string. // @@ -139,25 +97,25 @@ func (mo MarshalOptions) MarshalFull(eo EncodeOptions, out io.Writer, in any) er // where each byte is recursively JSON-encoded as each JSON array element. // // - A Go integer is encoded as a JSON number without fractions or exponents. -// If MarshalOptions.StringifyNumbers is specified, then the JSON number is -// encoded within a JSON string. It does not support any custom format -// flags. +// If [StringifyNumbers] is specified or encoding a JSON object name, +// then the JSON number is encoded within a JSON string. +// It does not support any custom format flags. // // - A Go float is encoded as a JSON number. -// If MarshalOptions.StringifyNumbers is specified, +// If [StringifyNumbers] is specified or encoding a JSON object name, // then the JSON number is encoded within a JSON string. // If the format is "nonfinite", then NaN, +Inf, and -Inf are encoded as // the JSON strings "NaN", "Infinity", and "-Infinity", respectively. -// Otherwise, the presence of non-finite numbers results in a SemanticError. +// Otherwise, the presence of non-finite numbers results in a [SemanticError]. // // - A Go map is encoded as a JSON object, where each Go map key and value // is recursively encoded as a name and value pair in the JSON object. // The Go map key must encode as a JSON string, otherwise this results -// in a SemanticError. When encoding keys, MarshalOptions.StringifyNumbers -// is automatically applied so that numeric keys encode as JSON strings. -// The Go map is traversed in a non-deterministic order. -// For deterministic encoding, consider using RawValue.Canonicalize. +// in a [SemanticError]. The Go map is traversed in a non-deterministic order. +// For deterministic encoding, consider using the [Deterministic] option. // If the format is "emitnull", then a nil map is encoded as a JSON null. +// If the format is "emitempty", then a nil map is encoded as an empty JSON object, +// regardless of whether [FormatNilMapAsNull] is specified. // Otherwise by default, a nil map is encoded as an empty JSON object. // // - A Go struct is encoded as a JSON object. @@ -167,6 +125,8 @@ func (mo MarshalOptions) MarshalFull(eo EncodeOptions, out io.Writer, in any) er // - A Go slice is encoded as a JSON array, where each Go slice element // is recursively JSON-encoded as the elements of the JSON array. // If the format is "emitnull", then a nil slice is encoded as a JSON null. +// If the format is "emitempty", then a nil slice is encoded as an empty JSON array, +// regardless of whether [FormatNilSliceAsNull] is specified. // Otherwise by default, a nil slice is encoded as an empty JSON array. // // - A Go array is encoded as a JSON array, where each Go array element @@ -182,148 +142,144 @@ func (mo MarshalOptions) MarshalFull(eo EncodeOptions, out io.Writer, in any) er // the recursively JSON-encoded representation of the underlying value. // It does not support any custom format flags. // -// - A Go time.Time is encoded as a JSON string containing the timestamp -// formatted in RFC 3339 with nanosecond resolution. +// - A Go [time.Time] is encoded as a JSON string containing the timestamp +// formatted in RFC 3339 with nanosecond precision. // If the format matches one of the format constants declared // in the time package (e.g., RFC1123), then that format is used. -// Otherwise, the format is used as-is with time.Time.Format if non-empty. -// -// - A Go time.Duration is encoded as a JSON string containing the duration -// formatted according to time.Duration.String. -// If the format is "nanos", it is encoded as a JSON number -// containing the number of nanoseconds in the duration. +// If the format is "unix", "unixmilli", "unixmicro", or "unixnano", +// then the timestamp is encoded as a possibly fractional JSON number +// of the number of seconds (or milliseconds, microseconds, or nanoseconds) +// since the Unix epoch, which is January 1st, 1970 at 00:00:00 UTC. +// To avoid a fractional component, round the timestamp to the relevant unit. +// Otherwise, the format is used as-is with [time.Time.Format] if non-empty. +// +// - A Go [time.Duration] currently has no default representation and +// requires an explicit format to be specified. +// If the format is "sec", "milli", "micro", or "nano", +// then the duration is encoded as a possibly fractional JSON number +// of the number of seconds (or milliseconds, microseconds, or nanoseconds). +// To avoid a fractional component, round the duration to the relevant unit. +// If the format is "units", it is encoded as a JSON string formatted using +// [time.Duration.String] (e.g., "1h30m" for 1 hour 30 minutes). +// If the format is "iso8601", it is encoded as a JSON string using the +// ISO 8601 standard for durations (e.g., "PT1H30M" for 1 hour 30 minutes) +// using only accurate units of hours, minutes, and seconds. // // - All other Go types (e.g., complex numbers, channels, and functions) -// have no default representation and result in a SemanticError. +// have no default representation and result in a [SemanticError]. // -// JSON cannot represent cyclic data structures and -// MarshalNext does not handle them. +// JSON cannot represent cyclic data structures and Marshal does not handle them. // Passing cyclic structures will result in an error. -func (mo MarshalOptions) MarshalNext(out *Encoder, in any) error { +func Marshal(in any, opts ...Options) (out []byte, err error) { + enc := export.GetBufferedEncoder(opts...) + defer export.PutBufferedEncoder(enc) + xe := export.Encoder(enc) + xe.Flags.Set(jsonflags.OmitTopLevelNewline | 1) + err = marshalEncode(enc, in, &xe.Struct) + if err != nil && xe.Flags.Get(jsonflags.ReportErrorsWithLegacySemantics) { + return nil, internal.TransformMarshalError(in, err) + } + return bytes.Clone(xe.Buf), err +} + +// MarshalWrite serializes a Go value into an [io.Writer] according to the provided +// marshal and encode options (while ignoring unmarshal or decode options). +// It does not terminate the output with a newline. +// See [Marshal] for details about the conversion of a Go value into JSON. +func MarshalWrite(out io.Writer, in any, opts ...Options) (err error) { + enc := export.GetStreamingEncoder(out, opts...) + defer export.PutStreamingEncoder(enc) + xe := export.Encoder(enc) + xe.Flags.Set(jsonflags.OmitTopLevelNewline | 1) + err = marshalEncode(enc, in, &xe.Struct) + if err != nil && xe.Flags.Get(jsonflags.ReportErrorsWithLegacySemantics) { + return internal.TransformMarshalError(in, err) + } + return err +} + +// MarshalEncode serializes a Go value into an [jsontext.Encoder] according to +// the provided marshal options (while ignoring unmarshal, encode, or decode options). +// Any marshal-relevant options already specified on the [jsontext.Encoder] +// take lower precedence than the set of options provided by the caller. +// Unlike [Marshal] and [MarshalWrite], encode options are ignored because +// they must have already been specified on the provided [jsontext.Encoder]. +// +// See [Marshal] for details about the conversion of a Go value into JSON. +func MarshalEncode(out *jsontext.Encoder, in any, opts ...Options) (err error) { + xe := export.Encoder(out) + if len(opts) > 0 { + optsOriginal := xe.Struct + defer func() { xe.Struct = optsOriginal }() + xe.Struct.JoinWithoutCoderOptions(opts...) + } + err = marshalEncode(out, in, &xe.Struct) + if err != nil && xe.Flags.Get(jsonflags.ReportErrorsWithLegacySemantics) { + return internal.TransformMarshalError(in, err) + } + return err +} + +func marshalEncode(out *jsontext.Encoder, in any, mo *jsonopts.Struct) (err error) { v := reflect.ValueOf(in) if !v.IsValid() || (v.Kind() == reflect.Pointer && v.IsNil()) { - return out.WriteToken(Null) + return out.WriteToken(jsontext.Null) } // Shallow copy non-pointer values to obtain an addressable value. // It is beneficial to performance to always pass pointers to avoid this. - if v.Kind() != reflect.Pointer { + forceAddr := v.Kind() != reflect.Pointer + if forceAddr { v2 := reflect.New(v.Type()) v2.Elem().Set(v) v = v2 } - va := addressableValue{v.Elem()} // dereferenced pointer is always addressable + va := addressableValue{v.Elem(), forceAddr} // dereferenced pointer is always addressable t := va.Type() // Lookup and call the marshal function for this type. marshal := lookupArshaler(t).marshal if mo.Marshalers != nil { - marshal, _ = mo.Marshalers.lookup(marshal, t) + marshal, _ = mo.Marshalers.(*Marshalers).lookup(marshal, t) } - if err := marshal(mo, out, va); err != nil { - if !out.options.AllowDuplicateNames { - out.tokens.invalidateDisabledNamespaces() + if err := marshal(out, va, mo); err != nil { + if !mo.Flags.Get(jsonflags.AllowDuplicateNames) { + export.Encoder(out).Tokens.InvalidateDisabledNamespaces() } return err } return nil } -// UnmarshalOptions configures how JSON data is deserialized as Go data. -// The zero value is equivalent to the default unmarshal settings. -type UnmarshalOptions struct { - requireKeyedLiterals - nonComparable - - // Unmarshalers is a list of type-specific unmarshalers to use. - Unmarshalers *Unmarshalers - - // StringifyNumbers specifies that numeric Go types can be deserialized - // from either a JSON number or a JSON string containing a JSON number - // without any surrounding whitespace. - StringifyNumbers bool - - // RejectUnknownMembers specifies that unknown members should be rejected - // when unmarshaling a JSON object, regardless of whether there is a field - // to store unknown members. - RejectUnknownMembers bool - - // formatDepth is the depth at which we respect the format flag. - formatDepth int - // format is custom formatting for the value at the specified depth. - format string -} - -// Unmarshal deserializes a Go value from a []byte with default options. -// It is a thin wrapper over UnmarshalOptions.Unmarshal. -func Unmarshal(in []byte, out any) error { - return UnmarshalOptions{}.Unmarshal(DecodeOptions{}, in, out) -} - -// UnmarshalFull deserializes a Go value from an io.Reader with default options. -// It is a thin wrapper over UnmarshalOptions.UnmarshalFull. -func UnmarshalFull(in io.Reader, out any) error { - return UnmarshalOptions{}.UnmarshalFull(DecodeOptions{}, in, out) -} - -// Unmarshal deserializes a Go value from a []byte according to the -// provided unmarshal and decode options. The output must be a non-nil pointer. +// Unmarshal decodes a []byte input into a Go value according to the provided +// unmarshal and decode options (while ignoring marshal or encode options). // The input must be a single JSON value with optional whitespace interspersed. -// See UnmarshalNext for details about the conversion of JSON into a Go value. -func (uo UnmarshalOptions) Unmarshal(do DecodeOptions, in []byte, out any) error { - dec := getBufferedDecoder(in, do) - defer putBufferedDecoder(dec) - return uo.unmarshalFull(dec, out) -} - -// UnmarshalFull deserializes a Go value from an io.Reader according to the -// provided unmarshal and decode options. The output must be a non-nil pointer. -// The input must be a single JSON value with optional whitespace interspersed. -// It consumes the entirety of io.Reader until io.EOF is encountered. -// See UnmarshalNext for details about the conversion of JSON into a Go value. -func (uo UnmarshalOptions) UnmarshalFull(do DecodeOptions, in io.Reader, out any) error { - dec := getStreamingDecoder(in, do) - defer putStreamingDecoder(dec) - return uo.unmarshalFull(dec, out) -} -func (uo UnmarshalOptions) unmarshalFull(in *Decoder, out any) error { - switch err := uo.UnmarshalNext(in, out); err { - case nil: - return in.checkEOF() - case io.EOF: - return io.ErrUnexpectedEOF - default: - return err - } -} - -// UnmarshalNext decodes the next JSON value into a Go value according to -// the provided unmarshal options. The output must be a non-nil pointer. +// The output must be a non-nil pointer. // // Type-specific unmarshal functions and methods take precedence // over the default representation of a value. // Functions or methods that operate on *T are only called when decoding // a value of type T (by taking its address) or a non-nil value of *T. -// UnmarshalNext ensures that a value is always addressable +// Unmarshal ensures that a value is always addressable // (by boxing it on the heap if necessary) so that // these functions and methods can be consistently called. // // The input is decoded into the output according the following rules: // -// - If any type-specific functions in UnmarshalOptions.Unmarshalers match +// - If any type-specific functions in a [WithUnmarshalers] option match // the value type, then those functions are called to decode the JSON -// value. If all applicable functions return SkipFunc, +// value. If all applicable functions return [SkipFunc], // then the input is decoded according to subsequent rules. // -// - If the value type implements UnmarshalerV2, -// then the UnmarshalNextJSON method is called to decode the JSON value. +// - If the value type implements [UnmarshalerFrom], +// then the UnmarshalJSONFrom method is called to decode the JSON value. // -// - If the value type implements UnmarshalerV1, +// - If the value type implements [Unmarshaler], // then the UnmarshalJSON method is called to decode the JSON value. // -// - If the value type implements encoding.TextUnmarshaler, +// - If the value type implements [encoding.TextUnmarshaler], // then the input is decoded as a JSON string and // the UnmarshalText method is called with the decoded string value. -// This fails with a SemanticError if the input is not a JSON string. +// This fails with a [SemanticError] if the input is not a JSON string. // // - Otherwise, the JSON value is decoded according to the value's type // as described in detail below. @@ -336,7 +292,7 @@ func (uo UnmarshalOptions) unmarshalFull(in *Decoder, out any) error { // A JSON null may be decoded into every supported Go value where // it is equivalent to storing the zero value of the Go value. // If the input JSON kind is not handled by the current Go value type, -// then this fails with a SemanticError. Unless otherwise specified, +// then this fails with a [SemanticError]. Unless otherwise specified, // the decoded value replaces any pre-existing value. // // The representation of each type is as follows: @@ -359,33 +315,31 @@ func (uo UnmarshalOptions) unmarshalFull(in *Decoder, out any) error { // When decoding into a non-nil []byte, the slice length is reset to zero // and the decoded input is appended to it. // When decoding into a [N]byte, the input must decode to exactly N bytes, -// otherwise it fails with a SemanticError. +// otherwise it fails with a [SemanticError]. // // - A Go integer is decoded from a JSON number. -// It may also be decoded from a JSON string containing a JSON number -// if UnmarshalOptions.StringifyNumbers is specified. -// It fails with a SemanticError if the JSON number +// It must be decoded from a JSON string containing a JSON number +// if [StringifyNumbers] is specified or decoding a JSON object name. +// It fails with a [SemanticError] if the JSON number // has a fractional or exponent component. // It also fails if it overflows the representation of the Go integer type. // It does not support any custom format flags. // // - A Go float is decoded from a JSON number. -// It may also be decoded from a JSON string containing a JSON number -// if UnmarshalOptions.StringifyNumbers is specified. -// The JSON number is parsed as the closest representable Go float value. +// It must be decoded from a JSON string containing a JSON number +// if [StringifyNumbers] is specified or decoding a JSON object name. +// It fails if it overflows the representation of the Go float type. // If the format is "nonfinite", then the JSON strings // "NaN", "Infinity", and "-Infinity" are decoded as NaN, +Inf, and -Inf. -// Otherwise, the presence of such strings results in a SemanticError. +// Otherwise, the presence of such strings results in a [SemanticError]. // // - A Go map is decoded from a JSON object, // where each JSON object name and value pair is recursively decoded -// as the Go map key and value. When decoding keys, -// UnmarshalOptions.StringifyNumbers is automatically applied so that -// numeric keys can decode from JSON strings. Maps are not cleared. +// as the Go map key and value. Maps are not cleared. // If the Go map is nil, then a new map is allocated to decode into. // If the decoded key matches an existing Go map entry, the entry value // is reused by decoding the JSON object value into it. -// The only supported format is "emitnull" and has no effect when decoding. +// The formats "emitnull" and "emitempty" have no effect when decoding. // // - A Go struct is decoded from a JSON object. // See the “JSON Representation of Go structs” section @@ -395,12 +349,12 @@ func (uo UnmarshalOptions) unmarshalFull(in *Decoder, out any) error { // is recursively decoded and appended to the Go slice. // Before appending into a Go slice, a new slice is allocated if it is nil, // otherwise the slice length is reset to zero. -// The only supported format is "emitnull" and has no effect when decoding. +// The formats "emitnull" and "emitempty" have no effect when decoding. // // - A Go array is decoded from a JSON array, where each JSON array element // is recursively decoded as each corresponding Go array element. // Each Go array element is zeroed before decoding into it. -// It fails with a SemanticError if the JSON array does not contain +// It fails with a [SemanticError] if the JSON array does not contain // the exact same number of elements as the Go array. // It does not support any custom format flags. // @@ -415,59 +369,133 @@ func (uo UnmarshalOptions) unmarshalFull(in *Decoder, out any) error { // Otherwise, a nil interface value of an empty interface type is initialized // with a zero Go bool, string, float64, map[string]any, or []any if the // input is a JSON boolean, string, number, object, or array, respectively. -// If the interface value is still nil, then this fails with a SemanticError +// If the interface value is still nil, then this fails with a [SemanticError] // since decoding could not determine an appropriate Go type to decode into. // For example, unmarshaling into a nil io.Reader fails since // there is no concrete type to populate the interface value with. // Otherwise an underlying value exists and it recursively decodes // the JSON input into it. It does not support any custom format flags. // -// - A Go time.Time is decoded from a JSON string containing the time -// formatted in RFC 3339 with nanosecond resolution. +// - A Go [time.Time] is decoded from a JSON string containing the time +// formatted in RFC 3339 with nanosecond precision. // If the format matches one of the format constants declared in // the time package (e.g., RFC1123), then that format is used for parsing. -// Otherwise, the format is used as-is with time.Time.Parse if non-empty. -// -// - A Go time.Duration is decoded from a JSON string by -// passing the decoded string to time.ParseDuration. -// If the format is "nanos", it is instead decoded from a JSON number -// containing the number of nanoseconds in the duration. +// If the format is "unix", "unixmilli", "unixmicro", or "unixnano", +// then the timestamp is decoded from an optionally fractional JSON number +// of the number of seconds (or milliseconds, microseconds, or nanoseconds) +// since the Unix epoch, which is January 1st, 1970 at 00:00:00 UTC. +// Otherwise, the format is used as-is with [time.Time.Parse] if non-empty. +// +// - A Go [time.Duration] currently has no default representation and +// requires an explicit format to be specified. +// If the format is "sec", "milli", "micro", or "nano", +// then the duration is decoded from an optionally fractional JSON number +// of the number of seconds (or milliseconds, microseconds, or nanoseconds). +// If the format is "units", it is decoded from a JSON string parsed using +// [time.ParseDuration] (e.g., "1h30m" for 1 hour 30 minutes). +// If the format is "iso8601", it is decoded from a JSON string using the +// ISO 8601 standard for durations (e.g., "PT1H30M" for 1 hour 30 minutes) +// accepting only accurate units of hours, minutes, or seconds. // // - All other Go types (e.g., complex numbers, channels, and functions) -// have no default representation and result in a SemanticError. +// have no default representation and result in a [SemanticError]. // // In general, unmarshaling follows merge semantics (similar to RFC 7396) // where the decoded Go value replaces the destination value // for any JSON kind other than an object. // For JSON objects, the input object is merged into the destination value // where matching object members recursively apply merge semantics. -func (uo UnmarshalOptions) UnmarshalNext(in *Decoder, out any) error { +func Unmarshal(in []byte, out any, opts ...Options) (err error) { + dec := export.GetBufferedDecoder(in, opts...) + defer export.PutBufferedDecoder(dec) + xd := export.Decoder(dec) + err = unmarshalDecode(dec, out, &xd.Struct, true) + if err != nil && xd.Flags.Get(jsonflags.ReportErrorsWithLegacySemantics) { + return internal.TransformUnmarshalError(out, err) + } + return err +} + +// UnmarshalRead deserializes a Go value from an [io.Reader] according to the +// provided unmarshal and decode options (while ignoring marshal or encode options). +// The input must be a single JSON value with optional whitespace interspersed. +// It consumes the entirety of [io.Reader] until [io.EOF] is encountered, +// without reporting an error for EOF. The output must be a non-nil pointer. +// See [Unmarshal] for details about the conversion of JSON into a Go value. +func UnmarshalRead(in io.Reader, out any, opts ...Options) (err error) { + dec := export.GetStreamingDecoder(in, opts...) + defer export.PutStreamingDecoder(dec) + xd := export.Decoder(dec) + err = unmarshalDecode(dec, out, &xd.Struct, true) + if err != nil && xd.Flags.Get(jsonflags.ReportErrorsWithLegacySemantics) { + return internal.TransformUnmarshalError(out, err) + } + return err +} + +// UnmarshalDecode deserializes a Go value from a [jsontext.Decoder] according to +// the provided unmarshal options (while ignoring marshal, encode, or decode options). +// Any unmarshal options already specified on the [jsontext.Decoder] +// take lower precedence than the set of options provided by the caller. +// Unlike [Unmarshal] and [UnmarshalRead], decode options are ignored because +// they must have already been specified on the provided [jsontext.Decoder]. +// +// The input may be a stream of one or more JSON values, +// where this only unmarshals the next JSON value in the stream. +// The output must be a non-nil pointer. +// See [Unmarshal] for details about the conversion of JSON into a Go value. +func UnmarshalDecode(in *jsontext.Decoder, out any, opts ...Options) (err error) { + xd := export.Decoder(in) + if len(opts) > 0 { + optsOriginal := xd.Struct + defer func() { xd.Struct = optsOriginal }() + xd.Struct.JoinWithoutCoderOptions(opts...) + } + err = unmarshalDecode(in, out, &xd.Struct, false) + if err != nil && xd.Flags.Get(jsonflags.ReportErrorsWithLegacySemantics) { + return internal.TransformUnmarshalError(out, err) + } + return err +} + +func unmarshalDecode(in *jsontext.Decoder, out any, uo *jsonopts.Struct, last bool) (err error) { v := reflect.ValueOf(out) - if !v.IsValid() || v.Kind() != reflect.Pointer || v.IsNil() { - var t reflect.Type - if v.IsValid() { - t = v.Type() - if t.Kind() == reflect.Pointer { - t = t.Elem() + if v.Kind() != reflect.Pointer || v.IsNil() { + return &SemanticError{action: "unmarshal", GoType: reflect.TypeOf(out), Err: internal.ErrNonNilReference} + } + va := addressableValue{v.Elem(), false} // dereferenced pointer is always addressable + t := va.Type() + + // In legacy semantics, the entirety of the next JSON value + // was validated before attempting to unmarshal it. + if uo.Flags.Get(jsonflags.ReportErrorsWithLegacySemantics) { + if err := export.Decoder(in).CheckNextValue(last); err != nil { + if err == io.EOF && last { + offset := in.InputOffset() + int64(len(in.UnreadBuffer())) + return &jsontext.SyntacticError{ByteOffset: offset, Err: io.ErrUnexpectedEOF} } + return err } - err := errors.New("value must be passed as a non-nil pointer reference") - return &SemanticError{action: "unmarshal", GoType: t, Err: err} } - va := addressableValue{v.Elem()} // dereferenced pointer is always addressable - t := va.Type() // Lookup and call the unmarshal function for this type. unmarshal := lookupArshaler(t).unmarshal if uo.Unmarshalers != nil { - unmarshal, _ = uo.Unmarshalers.lookup(unmarshal, t) + unmarshal, _ = uo.Unmarshalers.(*Unmarshalers).lookup(unmarshal, t) } - if err := unmarshal(uo, in, va); err != nil { - if !in.options.AllowDuplicateNames { - in.tokens.invalidateDisabledNamespaces() + if err := unmarshal(in, va, uo); err != nil { + if !uo.Flags.Get(jsonflags.AllowDuplicateNames) { + export.Decoder(in).Tokens.InvalidateDisabledNamespaces() + } + if err == io.EOF && last { + offset := in.InputOffset() + int64(len(in.UnreadBuffer())) + return &jsontext.SyntacticError{ByteOffset: offset, Err: io.ErrUnexpectedEOF} } return err } + if last { + return export.Decoder(in).CheckEOF() + } return nil } @@ -477,17 +505,31 @@ func (uo UnmarshalOptions) UnmarshalNext(in *Decoder, out any) error { // There is no compile magic that enforces this property, // but rather the need to construct this type makes it easier to examine each // construction site to ensure that this property is upheld. -type addressableValue struct{ reflect.Value } +type addressableValue struct { + reflect.Value + + // forcedAddr reports whether this value is addressable + // only through the use of [newAddressableValue]. + // This is only used for [jsonflags.CallMethodsWithLegacySemantics]. + forcedAddr bool +} // newAddressableValue constructs a new addressable value of type t. func newAddressableValue(t reflect.Type) addressableValue { - return addressableValue{reflect.New(t).Elem()} + return addressableValue{reflect.New(t).Elem(), true} } +// TODO: Remove *jsonopts.Struct argument from [marshaler] and [unmarshaler]. +// This can be directly accessed on the encoder or decoder. + // All marshal and unmarshal behavior is implemented using these signatures. +// The *jsonopts.Struct argument is guaranteed to identical to or at least +// a strict super-set of the options in Encoder.Struct or Decoder.Struct. +// It is identical for Marshal, Unmarshal, MarshalWrite, and UnmarshalRead. +// It is a super-set for MarshalEncode and UnmarshalDecode. type ( - marshaler = func(MarshalOptions, *Encoder, addressableValue) error - unmarshaler = func(UnmarshalOptions, *Decoder, addressableValue) error + marshaler = func(*jsontext.Encoder, addressableValue, *jsonopts.Struct) error + unmarshaler = func(*jsontext.Decoder, addressableValue, *jsonopts.Struct) error ) type arshaler struct { @@ -511,3 +553,28 @@ func lookupArshaler(t reflect.Type) *arshaler { v, _ := lookupArshalerCache.LoadOrStore(t, fncs) return v.(*arshaler) } + +var stringsPools = &sync.Pool{New: func() any { return new(stringSlice) }} + +type stringSlice []string + +// getStrings returns a non-nil pointer to a slice with length n. +func getStrings(n int) *stringSlice { + s := stringsPools.Get().(*stringSlice) + if cap(*s) < n { + *s = make([]string, n) + } + *s = (*s)[:n] + return s +} + +func putStrings(s *stringSlice) { + if cap(*s) > 1<<10 { + *s = nil // avoid pinning arbitrarily large amounts of memory + } + stringsPools.Put(s) +} + +func (ss *stringSlice) Sort() { + slices.SortFunc(*ss, func(x, y string) int { return strings.Compare(x, y) }) +} diff --git a/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/arshal_any.go b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/arshal_any.go index c62b1f3203..22ed430fb5 100644 --- a/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/arshal_any.go +++ b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/arshal_any.go @@ -2,49 +2,73 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. +//go:build !goexperiment.jsonv2 || !go1.25 + package json -import "reflect" +import ( + "cmp" + "math" + "reflect" + "strconv" + + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal" + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal/jsonflags" + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal/jsonopts" + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal/jsonwire" + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext" +) -// This files contains an optimized marshal and unmarshal implementation +// This file contains an optimized marshal and unmarshal implementation // for the any type. This type is often used when the Go program has // no knowledge of the JSON schema. This is a common enough occurrence // to justify the complexity of adding logic for this. -func marshalValueAny(mo MarshalOptions, enc *Encoder, val any) error { +// marshalValueAny marshals a Go any as a JSON value. +// This assumes that there are no special formatting directives +// for any possible nested value. +func marshalValueAny(enc *jsontext.Encoder, val any, mo *jsonopts.Struct) error { switch val := val.(type) { case nil: - return enc.WriteToken(Null) + return enc.WriteToken(jsontext.Null) case bool: - return enc.WriteToken(Bool(val)) + return enc.WriteToken(jsontext.Bool(val)) case string: - return enc.WriteToken(String(val)) + return enc.WriteToken(jsontext.String(val)) case float64: - return enc.WriteToken(Float(val)) + if math.IsNaN(val) || math.IsInf(val, 0) { + break // use default logic below + } + return enc.WriteToken(jsontext.Float(val)) case map[string]any: - return marshalObjectAny(mo, enc, val) + return marshalObjectAny(enc, val, mo) case []any: - return marshalArrayAny(mo, enc, val) - default: - v := newAddressableValue(reflect.TypeOf(val)) - v.Set(reflect.ValueOf(val)) - marshal := lookupArshaler(v.Type()).marshal - if mo.Marshalers != nil { - marshal, _ = mo.Marshalers.lookup(marshal, v.Type()) - } - return marshal(mo, enc, v) + return marshalArrayAny(enc, val, mo) } + + v := newAddressableValue(reflect.TypeOf(val)) + v.Set(reflect.ValueOf(val)) + marshal := lookupArshaler(v.Type()).marshal + if mo.Marshalers != nil { + marshal, _ = mo.Marshalers.(*Marshalers).lookup(marshal, v.Type()) + } + return marshal(enc, v, mo) } -func unmarshalValueAny(uo UnmarshalOptions, dec *Decoder) (any, error) { +// unmarshalValueAny unmarshals a JSON value as a Go any. +// This assumes that there are no special formatting directives +// for any possible nested value. +// Duplicate names must be rejected since this does not implement merging. +func unmarshalValueAny(dec *jsontext.Decoder, uo *jsonopts.Struct) (any, error) { switch k := dec.PeekKind(); k { case '{': - return unmarshalObjectAny(uo, dec) + return unmarshalObjectAny(dec, uo) case '[': - return unmarshalArrayAny(uo, dec) + return unmarshalArrayAny(dec, uo) default: - var flags valueFlags - val, err := dec.readValue(&flags) + xd := export.Decoder(dec) + var flags jsonwire.ValueFlags + val, err := xd.ReadValue(&flags) if err != nil { return nil, err } @@ -56,13 +80,19 @@ func unmarshalValueAny(uo UnmarshalOptions, dec *Decoder) (any, error) { case 't': return true, nil case '"': - val = unescapeStringMayCopy(val, flags.isVerbatim()) - if dec.stringCache == nil { - dec.stringCache = new(stringCache) + val = jsonwire.UnquoteMayCopy(val, flags.IsVerbatim()) + if xd.StringCache == nil { + xd.StringCache = new(stringCache) } - return dec.stringCache.make(val), nil + return makeString(xd.StringCache, val), nil case '0': - fv, _ := parseFloat(val, 64) // ignore error since readValue guarantees val is valid + if uo.Flags.Get(jsonflags.UnmarshalAnyWithRawNumber) { + return internal.RawNumberOf(val), nil + } + fv, ok := jsonwire.ParseFloat(val, 64) + if !ok { + return fv, newUnmarshalErrorAfterWithValue(dec, float64Type, strconv.ErrRange) + } return fv, nil default: panic("BUG: invalid kind: " + k.String()) @@ -70,41 +100,49 @@ func unmarshalValueAny(uo UnmarshalOptions, dec *Decoder) (any, error) { } } -func marshalObjectAny(mo MarshalOptions, enc *Encoder, obj map[string]any) error { +// marshalObjectAny marshals a Go map[string]any as a JSON object +// (or as a JSON null if nil and [jsonflags.FormatNilMapAsNull]). +func marshalObjectAny(enc *jsontext.Encoder, obj map[string]any, mo *jsonopts.Struct) error { // Check for cycles. - if enc.tokens.depth() > startDetectingCyclesAfter { + xe := export.Encoder(enc) + if xe.Tokens.Depth() > startDetectingCyclesAfter { v := reflect.ValueOf(obj) - if err := enc.seenPointers.visit(v); err != nil { - return err + if err := visitPointer(&xe.SeenPointers, v); err != nil { + return newMarshalErrorBefore(enc, mapStringAnyType, err) } - defer enc.seenPointers.leave(v) + defer leavePointer(&xe.SeenPointers, v) } - // Optimize for marshaling an empty map without any preceding whitespace. - if len(obj) == 0 && !enc.options.multiline && !enc.tokens.last.needObjectName() { - enc.buf = enc.tokens.mayAppendDelim(enc.buf, '{') - enc.buf = append(enc.buf, "{}"...) - enc.tokens.last.increment() - if enc.needFlush() { - return enc.flush() + // Handle empty maps. + if len(obj) == 0 { + if mo.Flags.Get(jsonflags.FormatNilMapAsNull) && obj == nil { + return enc.WriteToken(jsontext.Null) + } + // Optimize for marshaling an empty map without any preceding whitespace. + if !mo.Flags.Get(jsonflags.AnyWhitespace) && !xe.Tokens.Last.NeedObjectName() { + xe.Buf = append(xe.Tokens.MayAppendDelim(xe.Buf, '{'), "{}"...) + xe.Tokens.Last.Increment() + if xe.NeedFlush() { + return xe.Flush() + } + return nil } - return nil } - if err := enc.WriteToken(ObjectStart); err != nil { + if err := enc.WriteToken(jsontext.BeginObject); err != nil { return err } // A Go map guarantees that each entry has a unique key // The only possibility of duplicates is due to invalid UTF-8. - if !enc.options.AllowInvalidUTF8 { - enc.tokens.last.disableNamespace() + if !mo.Flags.Get(jsonflags.AllowInvalidUTF8) { + xe.Tokens.Last.DisableNamespace() } - if !mo.Deterministic || len(obj) <= 1 { + if !mo.Flags.Get(jsonflags.Deterministic) || len(obj) <= 1 { for name, val := range obj { - if err := enc.WriteToken(String(name)); err != nil { + if err := enc.WriteToken(jsontext.String(name)); err != nil { return err } - if err := marshalValueAny(mo, enc, val); err != nil { + if err := marshalValueAny(enc, val, mo); err != nil { return err } } @@ -117,122 +155,133 @@ func marshalObjectAny(mo MarshalOptions, enc *Encoder, obj map[string]any) error } names.Sort() for _, name := range *names { - if err := enc.WriteToken(String(name)); err != nil { + if err := enc.WriteToken(jsontext.String(name)); err != nil { return err } - if err := marshalValueAny(mo, enc, obj[name]); err != nil { + if err := marshalValueAny(enc, obj[name], mo); err != nil { return err } } putStrings(names) } - if err := enc.WriteToken(ObjectEnd); err != nil { + if err := enc.WriteToken(jsontext.EndObject); err != nil { return err } return nil } -func unmarshalObjectAny(uo UnmarshalOptions, dec *Decoder) (map[string]any, error) { - tok, err := dec.ReadToken() - if err != nil { +// unmarshalObjectAny unmarshals a JSON object as a Go map[string]any. +// It panics if not decoding a JSON object. +func unmarshalObjectAny(dec *jsontext.Decoder, uo *jsonopts.Struct) (map[string]any, error) { + switch tok, err := dec.ReadToken(); { + case err != nil: return nil, err + case tok.Kind() != '{': + panic("BUG: invalid kind: " + tok.Kind().String()) } - k := tok.Kind() - switch k { - case 'n': - return nil, nil - case '{': - obj := make(map[string]any) - // A Go map guarantees that each entry has a unique key - // The only possibility of duplicates is due to invalid UTF-8. - if !dec.options.AllowInvalidUTF8 { - dec.tokens.last.disableNamespace() - } - for dec.PeekKind() != '}' { - tok, err := dec.ReadToken() - if err != nil { - return obj, err - } - name := tok.String() + obj := make(map[string]any) + // A Go map guarantees that each entry has a unique key + // The only possibility of duplicates is due to invalid UTF-8. + if !uo.Flags.Get(jsonflags.AllowInvalidUTF8) { + export.Decoder(dec).Tokens.Last.DisableNamespace() + } + var errUnmarshal error + for dec.PeekKind() != '}' { + tok, err := dec.ReadToken() + if err != nil { + return obj, err + } + name := tok.String() - // Manually check for duplicate names. - if _, ok := obj[name]; ok { - name := dec.previousBuffer() - err := &SyntacticError{str: "duplicate name " + string(name) + " in object"} - return obj, err.withOffset(dec.InputOffset() - int64(len(name))) - } + // Manually check for duplicate names. + if _, ok := obj[name]; ok { + // TODO: Unread the object name. + name := export.Decoder(dec).PreviousTokenOrValue() + err := newDuplicateNameError(dec.StackPointer(), nil, dec.InputOffset()-len64(name)) + return obj, err + } - val, err := unmarshalValueAny(uo, dec) - obj[name] = val - if err != nil { + val, err := unmarshalValueAny(dec, uo) + obj[name] = val + if err != nil { + if isFatalError(err, uo.Flags) { return obj, err } + errUnmarshal = cmp.Or(err, errUnmarshal) } - if _, err := dec.ReadToken(); err != nil { - return obj, err - } - return obj, nil } - return nil, &SemanticError{action: "unmarshal", JSONKind: k, GoType: mapStringAnyType} + if _, err := dec.ReadToken(); err != nil { + return obj, err + } + return obj, errUnmarshal } -func marshalArrayAny(mo MarshalOptions, enc *Encoder, arr []any) error { +// marshalArrayAny marshals a Go []any as a JSON array +// (or as a JSON null if nil and [jsonflags.FormatNilSliceAsNull]). +func marshalArrayAny(enc *jsontext.Encoder, arr []any, mo *jsonopts.Struct) error { // Check for cycles. - if enc.tokens.depth() > startDetectingCyclesAfter { + xe := export.Encoder(enc) + if xe.Tokens.Depth() > startDetectingCyclesAfter { v := reflect.ValueOf(arr) - if err := enc.seenPointers.visit(v); err != nil { - return err + if err := visitPointer(&xe.SeenPointers, v); err != nil { + return newMarshalErrorBefore(enc, sliceAnyType, err) } - defer enc.seenPointers.leave(v) + defer leavePointer(&xe.SeenPointers, v) } - // Optimize for marshaling an empty slice without any preceding whitespace. - if len(arr) == 0 && !enc.options.multiline && !enc.tokens.last.needObjectName() { - enc.buf = enc.tokens.mayAppendDelim(enc.buf, '[') - enc.buf = append(enc.buf, "[]"...) - enc.tokens.last.increment() - if enc.needFlush() { - return enc.flush() + // Handle empty slices. + if len(arr) == 0 { + if mo.Flags.Get(jsonflags.FormatNilSliceAsNull) && arr == nil { + return enc.WriteToken(jsontext.Null) + } + // Optimize for marshaling an empty slice without any preceding whitespace. + if !mo.Flags.Get(jsonflags.AnyWhitespace) && !xe.Tokens.Last.NeedObjectName() { + xe.Buf = append(xe.Tokens.MayAppendDelim(xe.Buf, '['), "[]"...) + xe.Tokens.Last.Increment() + if xe.NeedFlush() { + return xe.Flush() + } + return nil } - return nil } - if err := enc.WriteToken(ArrayStart); err != nil { + if err := enc.WriteToken(jsontext.BeginArray); err != nil { return err } for _, val := range arr { - if err := marshalValueAny(mo, enc, val); err != nil { + if err := marshalValueAny(enc, val, mo); err != nil { return err } } - if err := enc.WriteToken(ArrayEnd); err != nil { + if err := enc.WriteToken(jsontext.EndArray); err != nil { return err } return nil } -func unmarshalArrayAny(uo UnmarshalOptions, dec *Decoder) ([]any, error) { - tok, err := dec.ReadToken() - if err != nil { +// unmarshalArrayAny unmarshals a JSON array as a Go []any. +// It panics if not decoding a JSON array. +func unmarshalArrayAny(dec *jsontext.Decoder, uo *jsonopts.Struct) ([]any, error) { + switch tok, err := dec.ReadToken(); { + case err != nil: return nil, err + case tok.Kind() != '[': + panic("BUG: invalid kind: " + tok.Kind().String()) } - k := tok.Kind() - switch k { - case 'n': - return nil, nil - case '[': - arr := []any{} - for dec.PeekKind() != ']' { - val, err := unmarshalValueAny(uo, dec) - arr = append(arr, val) - if err != nil { + arr := []any{} + var errUnmarshal error + for dec.PeekKind() != ']' { + val, err := unmarshalValueAny(dec, uo) + arr = append(arr, val) + if err != nil { + if isFatalError(err, uo.Flags) { return arr, err } + errUnmarshal = cmp.Or(errUnmarshal, err) } - if _, err := dec.ReadToken(); err != nil { - return arr, err - } - return arr, nil } - return nil, &SemanticError{action: "unmarshal", JSONKind: k, GoType: sliceAnyType} + if _, err := dec.ReadToken(); err != nil { + return arr, err + } + return arr, errUnmarshal } diff --git a/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/arshal_default.go b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/arshal_default.go index fd26eba352..64d2b7a9b6 100644 --- a/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/arshal_default.go +++ b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/arshal_default.go @@ -2,10 +2,14 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. +//go:build !goexperiment.jsonv2 || !go1.25 + package json import ( "bytes" + "cmp" + "encoding" "encoding/base32" "encoding/base64" "encoding/hex" @@ -13,9 +17,16 @@ import ( "fmt" "math" "reflect" - "sort" + "slices" "strconv" + "strings" "sync" + + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal" + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal/jsonflags" + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal/jsonopts" + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal/jsonwire" + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext" ) // optimizeCommon specifies whether to use optimizations targeted for certain @@ -25,44 +36,56 @@ const optimizeCommon = true var ( // Most natural Go type that correspond with each JSON type. - anyType = reflect.TypeOf((*any)(nil)).Elem() // JSON value - boolType = reflect.TypeOf((*bool)(nil)).Elem() // JSON bool - stringType = reflect.TypeOf((*string)(nil)).Elem() // JSON string - float64Type = reflect.TypeOf((*float64)(nil)).Elem() // JSON number - mapStringAnyType = reflect.TypeOf((*map[string]any)(nil)).Elem() // JSON object - sliceAnyType = reflect.TypeOf((*[]any)(nil)).Elem() // JSON array - - bytesType = reflect.TypeOf((*[]byte)(nil)).Elem() - emptyStructType = reflect.TypeOf((*struct{})(nil)).Elem() + anyType = reflect.TypeFor[any]() // JSON value + boolType = reflect.TypeFor[bool]() // JSON bool + stringType = reflect.TypeFor[string]() // JSON string + float64Type = reflect.TypeFor[float64]() // JSON number + mapStringAnyType = reflect.TypeFor[map[string]any]() // JSON object + sliceAnyType = reflect.TypeFor[[]any]() // JSON array + + bytesType = reflect.TypeFor[[]byte]() + emptyStructType = reflect.TypeFor[struct{}]() ) const startDetectingCyclesAfter = 1000 -type seenPointers map[typedPointer]struct{} +type seenPointers = map[any]struct{} type typedPointer struct { typ reflect.Type ptr any // always stores unsafe.Pointer, but avoids depending on unsafe + len int // remember slice length to avoid false positives } -// visit visits pointer p of type t, reporting an error if seen before. +// visitPointer visits pointer p of type t, reporting an error if seen before. // If successfully visited, then the caller must eventually call leave. -func (m *seenPointers) visit(v reflect.Value) error { - p := typedPointer{v.Type(), v.UnsafePointer()} +func visitPointer(m *seenPointers, v reflect.Value) error { + p := typedPointer{v.Type(), v.UnsafePointer(), sliceLen(v)} if _, ok := (*m)[p]; ok { - return &SemanticError{action: "marshal", GoType: p.typ, Err: errors.New("encountered a cycle")} + return internal.ErrCycle } if *m == nil { - *m = make(map[typedPointer]struct{}) + *m = make(seenPointers) } (*m)[p] = struct{}{} return nil } -func (m *seenPointers) leave(v reflect.Value) { - p := typedPointer{v.Type(), v.UnsafePointer()} +func leavePointer(m *seenPointers, v reflect.Value) { + p := typedPointer{v.Type(), v.UnsafePointer(), sliceLen(v)} delete(*m, p) } +func sliceLen(v reflect.Value) int { + if v.Kind() == reflect.Slice { + return v.Len() + } + return 0 +} + +func len64[Bytes ~[]byte | ~string](in Bytes) int64 { + return int64(len(in)) +} + func makeDefaultArshaler(t reflect.Type) *arshaler { switch t.Kind() { case reflect.Bool: @@ -71,7 +94,7 @@ func makeDefaultArshaler(t reflect.Type) *arshaler { return makeStringArshaler(t) case reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64: return makeIntArshaler(t) - case reflect.Uint, reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64: + case reflect.Uint, reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64, reflect.Uintptr: return makeUintArshaler(t) case reflect.Float32, reflect.Float64: return makeFloatArshaler(t) @@ -81,13 +104,13 @@ func makeDefaultArshaler(t reflect.Type) *arshaler { return makeStructArshaler(t) case reflect.Slice: fncs := makeSliceArshaler(t) - if t.AssignableTo(bytesType) { + if t.Elem().Kind() == reflect.Uint8 { return makeBytesArshaler(t, fncs) } return fncs case reflect.Array: fncs := makeArrayArshaler(t) - if reflect.SliceOf(t.Elem()).AssignableTo(bytesType) { + if t.Elem().Kind() == reflect.Uint8 { return makeBytesArshaler(t, fncs) } return fncs @@ -102,31 +125,35 @@ func makeDefaultArshaler(t reflect.Type) *arshaler { func makeBoolArshaler(t reflect.Type) *arshaler { var fncs arshaler - fncs.marshal = func(mo MarshalOptions, enc *Encoder, va addressableValue) error { - if mo.format != "" && mo.formatDepth == enc.tokens.depth() { - return newInvalidFormatError("marshal", t, mo.format) + fncs.marshal = func(enc *jsontext.Encoder, va addressableValue, mo *jsonopts.Struct) error { + xe := export.Encoder(enc) + if mo.Format != "" && mo.FormatDepth == xe.Tokens.Depth() { + return newInvalidFormatError(enc, t) } // Optimize for marshaling without preceding whitespace. - if optimizeCommon && !enc.options.multiline && !enc.tokens.last.needObjectName() { - enc.buf = enc.tokens.mayAppendDelim(enc.buf, 't') - if va.Bool() { - enc.buf = append(enc.buf, "true"...) - } else { - enc.buf = append(enc.buf, "false"...) - } - enc.tokens.last.increment() - if enc.needFlush() { - return enc.flush() + if optimizeCommon && !mo.Flags.Get(jsonflags.AnyWhitespace|jsonflags.StringifyBoolsAndStrings) && !xe.Tokens.Last.NeedObjectName() { + xe.Buf = strconv.AppendBool(xe.Tokens.MayAppendDelim(xe.Buf, 't'), va.Bool()) + xe.Tokens.Last.Increment() + if xe.NeedFlush() { + return xe.Flush() } return nil } - return enc.WriteToken(Bool(va.Bool())) + if mo.Flags.Get(jsonflags.StringifyBoolsAndStrings) { + if va.Bool() { + return enc.WriteToken(jsontext.String("true")) + } else { + return enc.WriteToken(jsontext.String("false")) + } + } + return enc.WriteToken(jsontext.Bool(va.Bool())) } - fncs.unmarshal = func(uo UnmarshalOptions, dec *Decoder, va addressableValue) error { - if uo.format != "" && uo.formatDepth == dec.tokens.depth() { - return newInvalidFormatError("unmarshal", t, uo.format) + fncs.unmarshal = func(dec *jsontext.Decoder, va addressableValue, uo *jsonopts.Struct) error { + xd := export.Decoder(dec) + if uo.Format != "" && uo.FormatDepth == xd.Tokens.Depth() { + return newInvalidFormatError(dec, t) } tok, err := dec.ReadToken() if err != nil { @@ -135,187 +162,267 @@ func makeBoolArshaler(t reflect.Type) *arshaler { k := tok.Kind() switch k { case 'n': - va.SetBool(false) + if !uo.Flags.Get(jsonflags.MergeWithLegacySemantics) { + va.SetBool(false) + } return nil case 't', 'f': - va.SetBool(tok.Bool()) - return nil + if !uo.Flags.Get(jsonflags.StringifyBoolsAndStrings) { + va.SetBool(tok.Bool()) + return nil + } + case '"': + if uo.Flags.Get(jsonflags.StringifyBoolsAndStrings) { + switch tok.String() { + case "true": + va.SetBool(true) + case "false": + va.SetBool(false) + default: + if uo.Flags.Get(jsonflags.StringifyWithLegacySemantics) && tok.String() == "null" { + if !uo.Flags.Get(jsonflags.MergeWithLegacySemantics) { + va.SetBool(false) + } + return nil + } + return newUnmarshalErrorAfterWithValue(dec, t, strconv.ErrSyntax) + } + return nil + } } - return &SemanticError{action: "unmarshal", JSONKind: k, GoType: t} + return newUnmarshalErrorAfterWithSkipping(dec, t, nil) } return &fncs } func makeStringArshaler(t reflect.Type) *arshaler { var fncs arshaler - fncs.marshal = func(mo MarshalOptions, enc *Encoder, va addressableValue) error { - if mo.format != "" && mo.formatDepth == enc.tokens.depth() { - return newInvalidFormatError("marshal", t, mo.format) + fncs.marshal = func(enc *jsontext.Encoder, va addressableValue, mo *jsonopts.Struct) error { + xe := export.Encoder(enc) + if mo.Format != "" && mo.FormatDepth == xe.Tokens.Depth() { + return newInvalidFormatError(enc, t) } - return enc.WriteToken(String(va.String())) + + // Optimize for marshaling without preceding whitespace. + s := va.String() + if optimizeCommon && !mo.Flags.Get(jsonflags.AnyWhitespace|jsonflags.StringifyBoolsAndStrings) && !xe.Tokens.Last.NeedObjectName() { + b := xe.Buf + b = xe.Tokens.MayAppendDelim(b, '"') + b, err := jsonwire.AppendQuote(b, s, &mo.Flags) + if err == nil { + xe.Buf = b + xe.Tokens.Last.Increment() + if xe.NeedFlush() { + return xe.Flush() + } + return nil + } + // Otherwise, the string contains invalid UTF-8, + // so let the logic below construct the proper error. + } + + if mo.Flags.Get(jsonflags.StringifyBoolsAndStrings) { + b, err := jsonwire.AppendQuote(nil, s, &mo.Flags) + if err != nil { + return newMarshalErrorBefore(enc, t, &jsontext.SyntacticError{Err: err}) + } + q, err := jsontext.AppendQuote(nil, b) + if err != nil { + panic("BUG: second AppendQuote should never fail: " + err.Error()) + } + return enc.WriteValue(q) + } + return enc.WriteToken(jsontext.String(s)) } - fncs.unmarshal = func(uo UnmarshalOptions, dec *Decoder, va addressableValue) error { - if uo.format != "" && uo.formatDepth == dec.tokens.depth() { - return newInvalidFormatError("unmarshal", t, uo.format) + fncs.unmarshal = func(dec *jsontext.Decoder, va addressableValue, uo *jsonopts.Struct) error { + xd := export.Decoder(dec) + if uo.Format != "" && uo.FormatDepth == xd.Tokens.Depth() { + return newInvalidFormatError(dec, t) } - var flags valueFlags - val, err := dec.readValue(&flags) + var flags jsonwire.ValueFlags + val, err := xd.ReadValue(&flags) if err != nil { return err } k := val.Kind() switch k { case 'n': - va.SetString("") + if !uo.Flags.Get(jsonflags.MergeWithLegacySemantics) { + va.SetString("") + } return nil case '"': - val = unescapeStringMayCopy(val, flags.isVerbatim()) - if dec.stringCache == nil { - dec.stringCache = new(stringCache) + val = jsonwire.UnquoteMayCopy(val, flags.IsVerbatim()) + if uo.Flags.Get(jsonflags.StringifyBoolsAndStrings) { + val, err = jsontext.AppendUnquote(nil, val) + if err != nil { + return newUnmarshalErrorAfter(dec, t, err) + } + if uo.Flags.Get(jsonflags.StringifyWithLegacySemantics) && string(val) == "null" { + if !uo.Flags.Get(jsonflags.MergeWithLegacySemantics) { + va.SetString("") + } + return nil + } } - str := dec.stringCache.make(val) + if xd.StringCache == nil { + xd.StringCache = new(stringCache) + } + str := makeString(xd.StringCache, val) va.SetString(str) return nil } - return &SemanticError{action: "unmarshal", JSONKind: k, GoType: t} + return newUnmarshalErrorAfter(dec, t, nil) } return &fncs } var ( - encodeBase16 = func(dst, src []byte) { hex.Encode(dst, src) } - encodeBase32 = base32.StdEncoding.Encode - encodeBase32Hex = base32.HexEncoding.Encode - encodeBase64 = base64.StdEncoding.Encode - encodeBase64URL = base64.URLEncoding.Encode - encodedLenBase16 = hex.EncodedLen - encodedLenBase32 = base32.StdEncoding.EncodedLen - encodedLenBase32Hex = base32.HexEncoding.EncodedLen - encodedLenBase64 = base64.StdEncoding.EncodedLen - encodedLenBase64URL = base64.URLEncoding.EncodedLen - decodeBase16 = hex.Decode - decodeBase32 = base32.StdEncoding.Decode - decodeBase32Hex = base32.HexEncoding.Decode - decodeBase64 = base64.StdEncoding.Decode - decodeBase64URL = base64.URLEncoding.Decode - decodedLenBase16 = hex.DecodedLen - decodedLenBase32 = base32.StdEncoding.WithPadding(base32.NoPadding).DecodedLen - decodedLenBase32Hex = base32.HexEncoding.WithPadding(base32.NoPadding).DecodedLen - decodedLenBase64 = base64.StdEncoding.WithPadding(base64.NoPadding).DecodedLen - decodedLenBase64URL = base64.URLEncoding.WithPadding(base64.NoPadding).DecodedLen + appendEncodeBase16 = hex.AppendEncode + appendEncodeBase32 = base32.StdEncoding.AppendEncode + appendEncodeBase32Hex = base32.HexEncoding.AppendEncode + appendEncodeBase64 = base64.StdEncoding.AppendEncode + appendEncodeBase64URL = base64.URLEncoding.AppendEncode + encodedLenBase16 = hex.EncodedLen + encodedLenBase32 = base32.StdEncoding.EncodedLen + encodedLenBase32Hex = base32.HexEncoding.EncodedLen + encodedLenBase64 = base64.StdEncoding.EncodedLen + encodedLenBase64URL = base64.URLEncoding.EncodedLen + appendDecodeBase16 = hex.AppendDecode + appendDecodeBase32 = base32.StdEncoding.AppendDecode + appendDecodeBase32Hex = base32.HexEncoding.AppendDecode + appendDecodeBase64 = base64.StdEncoding.AppendDecode + appendDecodeBase64URL = base64.URLEncoding.AppendDecode ) func makeBytesArshaler(t reflect.Type, fncs *arshaler) *arshaler { - // NOTE: This handles both []byte and [N]byte. - marshalDefault := fncs.marshal - fncs.marshal = func(mo MarshalOptions, enc *Encoder, va addressableValue) error { - encode, encodedLen := encodeBase64, encodedLenBase64 - if mo.format != "" && mo.formatDepth == enc.tokens.depth() { - switch mo.format { + // NOTE: This handles both []~byte and [N]~byte. + // The v2 default is to treat a []namedByte as equivalent to []T + // since being able to convert []namedByte to []byte relies on + // dubious Go reflection behavior (see https://go.dev/issue/24746). + // For v1 emulation, we use jsonflags.FormatBytesWithLegacySemantics + // to forcibly treat []namedByte as a []byte. + marshalArray := fncs.marshal + isNamedByte := t.Elem().PkgPath() != "" + hasMarshaler := implementsAny(t.Elem(), allMarshalerTypes...) + fncs.marshal = func(enc *jsontext.Encoder, va addressableValue, mo *jsonopts.Struct) error { + if !mo.Flags.Get(jsonflags.FormatBytesWithLegacySemantics) && isNamedByte { + return marshalArray(enc, va, mo) // treat as []T or [N]T + } + xe := export.Encoder(enc) + appendEncode := appendEncodeBase64 + if mo.Format != "" && mo.FormatDepth == xe.Tokens.Depth() { + switch mo.Format { case "base64": - encode, encodedLen = encodeBase64, encodedLenBase64 + appendEncode = appendEncodeBase64 case "base64url": - encode, encodedLen = encodeBase64URL, encodedLenBase64URL + appendEncode = appendEncodeBase64URL case "base32": - encode, encodedLen = encodeBase32, encodedLenBase32 + appendEncode = appendEncodeBase32 case "base32hex": - encode, encodedLen = encodeBase32Hex, encodedLenBase32Hex + appendEncode = appendEncodeBase32Hex case "base16", "hex": - encode, encodedLen = encodeBase16, encodedLenBase16 + appendEncode = appendEncodeBase16 case "array": - mo.format = "" - return marshalDefault(mo, enc, va) + mo.Format = "" + return marshalArray(enc, va, mo) default: - return newInvalidFormatError("marshal", t, mo.format) + return newInvalidFormatError(enc, t) } + } else if mo.Flags.Get(jsonflags.FormatByteArrayAsArray) && va.Kind() == reflect.Array { + return marshalArray(enc, va, mo) + } else if mo.Flags.Get(jsonflags.FormatBytesWithLegacySemantics) && hasMarshaler { + return marshalArray(enc, va, mo) } - val := enc.UnusedBuffer() - b := va.Bytes() - n := len(`"`) + encodedLen(len(b)) + len(`"`) - if cap(val) < n { - val = make([]byte, n) - } else { - val = val[:n] + if mo.Flags.Get(jsonflags.FormatNilSliceAsNull) && va.Kind() == reflect.Slice && va.IsNil() { + // TODO: Provide a "emitempty" format override? + return enc.WriteToken(jsontext.Null) } - val[0] = '"' - encode(val[len(`"`):len(val)-len(`"`)], b) - val[len(val)-1] = '"' - return enc.WriteValue(val) + return xe.AppendRaw('"', true, func(b []byte) ([]byte, error) { + return appendEncode(b, va.Bytes()), nil + }) } - unmarshalDefault := fncs.unmarshal - fncs.unmarshal = func(uo UnmarshalOptions, dec *Decoder, va addressableValue) error { - decode, decodedLen, encodedLen := decodeBase64, decodedLenBase64, encodedLenBase64 - if uo.format != "" && uo.formatDepth == dec.tokens.depth() { - switch uo.format { + unmarshalArray := fncs.unmarshal + fncs.unmarshal = func(dec *jsontext.Decoder, va addressableValue, uo *jsonopts.Struct) error { + if !uo.Flags.Get(jsonflags.FormatBytesWithLegacySemantics) && isNamedByte { + return unmarshalArray(dec, va, uo) // treat as []T or [N]T + } + xd := export.Decoder(dec) + appendDecode, encodedLen := appendDecodeBase64, encodedLenBase64 + if uo.Format != "" && uo.FormatDepth == xd.Tokens.Depth() { + switch uo.Format { case "base64": - decode, decodedLen, encodedLen = decodeBase64, decodedLenBase64, encodedLenBase64 + appendDecode, encodedLen = appendDecodeBase64, encodedLenBase64 case "base64url": - decode, decodedLen, encodedLen = decodeBase64URL, decodedLenBase64URL, encodedLenBase64URL + appendDecode, encodedLen = appendDecodeBase64URL, encodedLenBase64URL case "base32": - decode, decodedLen, encodedLen = decodeBase32, decodedLenBase32, encodedLenBase32 + appendDecode, encodedLen = appendDecodeBase32, encodedLenBase32 case "base32hex": - decode, decodedLen, encodedLen = decodeBase32Hex, decodedLenBase32Hex, encodedLenBase32Hex + appendDecode, encodedLen = appendDecodeBase32Hex, encodedLenBase32Hex case "base16", "hex": - decode, decodedLen, encodedLen = decodeBase16, decodedLenBase16, encodedLenBase16 + appendDecode, encodedLen = appendDecodeBase16, encodedLenBase16 case "array": - uo.format = "" - return unmarshalDefault(uo, dec, va) + uo.Format = "" + return unmarshalArray(dec, va, uo) default: - return newInvalidFormatError("unmarshal", t, uo.format) + return newInvalidFormatError(dec, t) } + } else if uo.Flags.Get(jsonflags.FormatByteArrayAsArray) && va.Kind() == reflect.Array { + return unmarshalArray(dec, va, uo) + } else if uo.Flags.Get(jsonflags.FormatBytesWithLegacySemantics) && dec.PeekKind() == '[' { + return unmarshalArray(dec, va, uo) } - var flags valueFlags - val, err := dec.readValue(&flags) + var flags jsonwire.ValueFlags + val, err := xd.ReadValue(&flags) if err != nil { return err } k := val.Kind() switch k { case 'n': - va.Set(reflect.Zero(t)) + if !uo.Flags.Get(jsonflags.MergeWithLegacySemantics) || va.Kind() != reflect.Array { + va.SetZero() + } return nil case '"': - val = unescapeStringMayCopy(val, flags.isVerbatim()) - - // For base64 and base32, decodedLen computes the maximum output size - // when given the original input size. To compute the exact size, - // adjust the input size by excluding trailing padding characters. - // This is unnecessary for base16, but also harmless. - n := len(val) - for n > 0 && val[n-1] == '=' { - n-- - } - n = decodedLen(n) - b := va.Bytes() - if va.Kind() == reflect.Array { - if n != len(b) { - err := fmt.Errorf("decoded base64 length of %d mismatches array length of %d", n, len(b)) - return &SemanticError{action: "unmarshal", JSONKind: k, GoType: t, Err: err} - } - } else { - if b == nil || cap(b) < n { - b = make([]byte, n) - } else { - b = b[:n] - } + // NOTE: The v2 default is to strictly comply with RFC 4648. + // Section 3.2 specifies that padding is required. + // Section 3.3 specifies that non-alphabet characters + // (e.g., '\r' or '\n') must be rejected. + // Section 3.5 specifies that unnecessary non-zero bits in + // the last quantum may be rejected. Since this is optional, + // we do not reject such inputs. + val = jsonwire.UnquoteMayCopy(val, flags.IsVerbatim()) + b, err := appendDecode(va.Bytes()[:0], val) + if err != nil { + return newUnmarshalErrorAfter(dec, t, err) } - n2, err := decode(b, val) - if err == nil && len(val) != encodedLen(n2) { + if len(val) != encodedLen(len(b)) && !uo.Flags.Get(jsonflags.ParseBytesWithLooseRFC4648) { // TODO(https://go.dev/issue/53845): RFC 4648, section 3.3, // specifies that non-alphabet characters must be rejected. // Unfortunately, the "base32" and "base64" packages allow // '\r' and '\n' characters by default. - err = errors.New("illegal data at input byte " + strconv.Itoa(bytes.IndexAny(val, "\r\n"))) + i := bytes.IndexAny(val, "\r\n") + err := fmt.Errorf("illegal character %s at offset %d", jsonwire.QuoteRune(val[i:]), i) + return newUnmarshalErrorAfter(dec, t, err) } - if err != nil { - return &SemanticError{action: "unmarshal", JSONKind: k, GoType: t, Err: err} - } - if va.Kind() == reflect.Slice { + + if va.Kind() == reflect.Array { + dst := va.Bytes() + clear(dst[copy(dst, b):]) // noop if len(b) <= len(dst) + if len(b) != len(dst) && !uo.Flags.Get(jsonflags.UnmarshalArrayFromAnyLength) { + err := fmt.Errorf("decoded length of %d mismatches array length of %d", len(b), len(dst)) + return newUnmarshalErrorAfter(dec, t, err) + } + } else { + if b == nil { + b = []byte{} + } va.SetBytes(b) } return nil } - return &SemanticError{action: "unmarshal", JSONKind: k, GoType: t} + return newUnmarshalErrorAfter(dec, t, nil) } return fncs } @@ -323,64 +430,77 @@ func makeBytesArshaler(t reflect.Type, fncs *arshaler) *arshaler { func makeIntArshaler(t reflect.Type) *arshaler { var fncs arshaler bits := t.Bits() - fncs.marshal = func(mo MarshalOptions, enc *Encoder, va addressableValue) error { - if mo.format != "" && mo.formatDepth == enc.tokens.depth() { - return newInvalidFormatError("marshal", t, mo.format) + fncs.marshal = func(enc *jsontext.Encoder, va addressableValue, mo *jsonopts.Struct) error { + xe := export.Encoder(enc) + if mo.Format != "" && mo.FormatDepth == xe.Tokens.Depth() { + return newInvalidFormatError(enc, t) } // Optimize for marshaling without preceding whitespace or string escaping. - if optimizeCommon && !enc.options.multiline && !mo.StringifyNumbers && !enc.tokens.last.needObjectName() { - enc.buf = enc.tokens.mayAppendDelim(enc.buf, '0') - enc.buf = strconv.AppendInt(enc.buf, va.Int(), 10) - enc.tokens.last.increment() - if enc.needFlush() { - return enc.flush() + if optimizeCommon && !mo.Flags.Get(jsonflags.AnyWhitespace|jsonflags.StringifyNumbers) && !xe.Tokens.Last.NeedObjectName() { + xe.Buf = strconv.AppendInt(xe.Tokens.MayAppendDelim(xe.Buf, '0'), va.Int(), 10) + xe.Tokens.Last.Increment() + if xe.NeedFlush() { + return xe.Flush() } return nil } - x := math.Float64frombits(uint64(va.Int())) - return enc.writeNumber(x, rawIntNumber, mo.StringifyNumbers) + k := stringOrNumberKind(xe.Tokens.Last.NeedObjectName() || mo.Flags.Get(jsonflags.StringifyNumbers)) + return xe.AppendRaw(k, true, func(b []byte) ([]byte, error) { + return strconv.AppendInt(b, va.Int(), 10), nil + }) } - fncs.unmarshal = func(uo UnmarshalOptions, dec *Decoder, va addressableValue) error { - if uo.format != "" && uo.formatDepth == dec.tokens.depth() { - return newInvalidFormatError("unmarshal", t, uo.format) - } - var flags valueFlags - val, err := dec.readValue(&flags) + fncs.unmarshal = func(dec *jsontext.Decoder, va addressableValue, uo *jsonopts.Struct) error { + xd := export.Decoder(dec) + if uo.Format != "" && uo.FormatDepth == xd.Tokens.Depth() { + return newInvalidFormatError(dec, t) + } + stringify := xd.Tokens.Last.NeedObjectName() || uo.Flags.Get(jsonflags.StringifyNumbers) + var flags jsonwire.ValueFlags + val, err := xd.ReadValue(&flags) if err != nil { return err } k := val.Kind() switch k { case 'n': - va.SetInt(0) + if !uo.Flags.Get(jsonflags.MergeWithLegacySemantics) { + va.SetInt(0) + } return nil case '"': - if !uo.StringifyNumbers { + if !stringify { break } - val = unescapeStringMayCopy(val, flags.isVerbatim()) + val = jsonwire.UnquoteMayCopy(val, flags.IsVerbatim()) + if uo.Flags.Get(jsonflags.StringifyWithLegacySemantics) && string(val) == "null" { + if !uo.Flags.Get(jsonflags.MergeWithLegacySemantics) { + va.SetInt(0) + } + return nil + } fallthrough case '0': + if stringify && k == '0' { + break + } var negOffset int - neg := val[0] == '-' + neg := len(val) > 0 && val[0] == '-' if neg { negOffset = 1 } - n, ok := parseDecUint(val[negOffset:]) + n, ok := jsonwire.ParseUint(val[negOffset:]) maxInt := uint64(1) << (bits - 1) overflow := (neg && n > maxInt) || (!neg && n > maxInt-1) if !ok { if n != math.MaxUint64 { - err := fmt.Errorf("cannot parse %q as signed integer: %w", val, strconv.ErrSyntax) - return &SemanticError{action: "unmarshal", JSONKind: k, GoType: t, Err: err} + return newUnmarshalErrorAfterWithValue(dec, t, strconv.ErrSyntax) } overflow = true } if overflow { - err := fmt.Errorf("cannot parse %q as signed integer: %w", val, strconv.ErrRange) - return &SemanticError{action: "unmarshal", JSONKind: k, GoType: t, Err: err} + return newUnmarshalErrorAfterWithValue(dec, t, strconv.ErrRange) } if neg { va.SetInt(int64(-n)) @@ -389,7 +509,7 @@ func makeIntArshaler(t reflect.Type) *arshaler { } return nil } - return &SemanticError{action: "unmarshal", JSONKind: k, GoType: t} + return newUnmarshalErrorAfter(dec, t, nil) } return &fncs } @@ -397,64 +517,77 @@ func makeIntArshaler(t reflect.Type) *arshaler { func makeUintArshaler(t reflect.Type) *arshaler { var fncs arshaler bits := t.Bits() - fncs.marshal = func(mo MarshalOptions, enc *Encoder, va addressableValue) error { - if mo.format != "" && mo.formatDepth == enc.tokens.depth() { - return newInvalidFormatError("marshal", t, mo.format) + fncs.marshal = func(enc *jsontext.Encoder, va addressableValue, mo *jsonopts.Struct) error { + xe := export.Encoder(enc) + if mo.Format != "" && mo.FormatDepth == xe.Tokens.Depth() { + return newInvalidFormatError(enc, t) } // Optimize for marshaling without preceding whitespace or string escaping. - if optimizeCommon && !enc.options.multiline && !mo.StringifyNumbers && !enc.tokens.last.needObjectName() { - enc.buf = enc.tokens.mayAppendDelim(enc.buf, '0') - enc.buf = strconv.AppendUint(enc.buf, va.Uint(), 10) - enc.tokens.last.increment() - if enc.needFlush() { - return enc.flush() + if optimizeCommon && !mo.Flags.Get(jsonflags.AnyWhitespace|jsonflags.StringifyNumbers) && !xe.Tokens.Last.NeedObjectName() { + xe.Buf = strconv.AppendUint(xe.Tokens.MayAppendDelim(xe.Buf, '0'), va.Uint(), 10) + xe.Tokens.Last.Increment() + if xe.NeedFlush() { + return xe.Flush() } return nil } - x := math.Float64frombits(va.Uint()) - return enc.writeNumber(x, rawUintNumber, mo.StringifyNumbers) + k := stringOrNumberKind(xe.Tokens.Last.NeedObjectName() || mo.Flags.Get(jsonflags.StringifyNumbers)) + return xe.AppendRaw(k, true, func(b []byte) ([]byte, error) { + return strconv.AppendUint(b, va.Uint(), 10), nil + }) } - fncs.unmarshal = func(uo UnmarshalOptions, dec *Decoder, va addressableValue) error { - if uo.format != "" && uo.formatDepth == dec.tokens.depth() { - return newInvalidFormatError("unmarshal", t, uo.format) - } - var flags valueFlags - val, err := dec.readValue(&flags) + fncs.unmarshal = func(dec *jsontext.Decoder, va addressableValue, uo *jsonopts.Struct) error { + xd := export.Decoder(dec) + if uo.Format != "" && uo.FormatDepth == xd.Tokens.Depth() { + return newInvalidFormatError(dec, t) + } + stringify := xd.Tokens.Last.NeedObjectName() || uo.Flags.Get(jsonflags.StringifyNumbers) + var flags jsonwire.ValueFlags + val, err := xd.ReadValue(&flags) if err != nil { return err } k := val.Kind() switch k { case 'n': - va.SetUint(0) + if !uo.Flags.Get(jsonflags.MergeWithLegacySemantics) { + va.SetUint(0) + } return nil case '"': - if !uo.StringifyNumbers { + if !stringify { break } - val = unescapeStringMayCopy(val, flags.isVerbatim()) + val = jsonwire.UnquoteMayCopy(val, flags.IsVerbatim()) + if uo.Flags.Get(jsonflags.StringifyWithLegacySemantics) && string(val) == "null" { + if !uo.Flags.Get(jsonflags.MergeWithLegacySemantics) { + va.SetUint(0) + } + return nil + } fallthrough case '0': - n, ok := parseDecUint(val) + if stringify && k == '0' { + break + } + n, ok := jsonwire.ParseUint(val) maxUint := uint64(1) << bits overflow := n > maxUint-1 if !ok { if n != math.MaxUint64 { - err := fmt.Errorf("cannot parse %q as unsigned integer: %w", val, strconv.ErrSyntax) - return &SemanticError{action: "unmarshal", JSONKind: k, GoType: t, Err: err} + return newUnmarshalErrorAfterWithValue(dec, t, strconv.ErrSyntax) } overflow = true } if overflow { - err := fmt.Errorf("cannot parse %q as unsigned integer: %w", val, strconv.ErrRange) - return &SemanticError{action: "unmarshal", JSONKind: k, GoType: t, Err: err} + return newUnmarshalErrorAfterWithValue(dec, t, strconv.ErrRange) } va.SetUint(n) return nil } - return &SemanticError{action: "unmarshal", JSONKind: k, GoType: t} + return newUnmarshalErrorAfter(dec, t, nil) } return &fncs } @@ -462,59 +595,66 @@ func makeUintArshaler(t reflect.Type) *arshaler { func makeFloatArshaler(t reflect.Type) *arshaler { var fncs arshaler bits := t.Bits() - fncs.marshal = func(mo MarshalOptions, enc *Encoder, va addressableValue) error { + fncs.marshal = func(enc *jsontext.Encoder, va addressableValue, mo *jsonopts.Struct) error { + xe := export.Encoder(enc) var allowNonFinite bool - if mo.format != "" && mo.formatDepth == enc.tokens.depth() { - if mo.format == "nonfinite" { + if mo.Format != "" && mo.FormatDepth == xe.Tokens.Depth() { + if mo.Format == "nonfinite" { allowNonFinite = true } else { - return newInvalidFormatError("marshal", t, mo.format) + return newInvalidFormatError(enc, t) } } fv := va.Float() if math.IsNaN(fv) || math.IsInf(fv, 0) { if !allowNonFinite { - err := fmt.Errorf("invalid value: %v", fv) - return &SemanticError{action: "marshal", GoType: t, Err: err} + err := fmt.Errorf("unsupported value: %v", fv) + return newMarshalErrorBefore(enc, t, err) } - return enc.WriteToken(Float(fv)) + return enc.WriteToken(jsontext.Float(fv)) } // Optimize for marshaling without preceding whitespace or string escaping. - if optimizeCommon && !enc.options.multiline && !mo.StringifyNumbers && !enc.tokens.last.needObjectName() { - enc.buf = enc.tokens.mayAppendDelim(enc.buf, '0') - enc.buf = appendNumber(enc.buf, fv, bits) - enc.tokens.last.increment() - if enc.needFlush() { - return enc.flush() + if optimizeCommon && !mo.Flags.Get(jsonflags.AnyWhitespace|jsonflags.StringifyNumbers) && !xe.Tokens.Last.NeedObjectName() { + xe.Buf = jsonwire.AppendFloat(xe.Tokens.MayAppendDelim(xe.Buf, '0'), fv, bits) + xe.Tokens.Last.Increment() + if xe.NeedFlush() { + return xe.Flush() } return nil } - return enc.writeNumber(fv, bits, mo.StringifyNumbers) + k := stringOrNumberKind(xe.Tokens.Last.NeedObjectName() || mo.Flags.Get(jsonflags.StringifyNumbers)) + return xe.AppendRaw(k, true, func(b []byte) ([]byte, error) { + return jsonwire.AppendFloat(b, va.Float(), bits), nil + }) } - fncs.unmarshal = func(uo UnmarshalOptions, dec *Decoder, va addressableValue) error { + fncs.unmarshal = func(dec *jsontext.Decoder, va addressableValue, uo *jsonopts.Struct) error { + xd := export.Decoder(dec) var allowNonFinite bool - if uo.format != "" && uo.formatDepth == dec.tokens.depth() { - if uo.format == "nonfinite" { + if uo.Format != "" && uo.FormatDepth == xd.Tokens.Depth() { + if uo.Format == "nonfinite" { allowNonFinite = true } else { - return newInvalidFormatError("unmarshal", t, uo.format) + return newInvalidFormatError(dec, t) } } - var flags valueFlags - val, err := dec.readValue(&flags) + stringify := xd.Tokens.Last.NeedObjectName() || uo.Flags.Get(jsonflags.StringifyNumbers) + var flags jsonwire.ValueFlags + val, err := xd.ReadValue(&flags) if err != nil { return err } k := val.Kind() switch k { case 'n': - va.SetFloat(0) + if !uo.Flags.Get(jsonflags.MergeWithLegacySemantics) { + va.SetFloat(0) + } return nil case '"': - val = unescapeStringMayCopy(val, flags.isVerbatim()) + val = jsonwire.UnquoteMayCopy(val, flags.IsVerbatim()) if allowNonFinite { switch string(val) { case "NaN": @@ -528,24 +668,31 @@ func makeFloatArshaler(t reflect.Type) *arshaler { return nil } } - if !uo.StringifyNumbers { + if !stringify { break } - if n, err := consumeNumber(val); n != len(val) || err != nil { - err := fmt.Errorf("cannot parse %q as JSON number: %w", val, strconv.ErrSyntax) - return &SemanticError{action: "unmarshal", JSONKind: k, GoType: t, Err: err} + if uo.Flags.Get(jsonflags.StringifyWithLegacySemantics) && string(val) == "null" { + if !uo.Flags.Get(jsonflags.MergeWithLegacySemantics) { + va.SetFloat(0) + } + return nil + } + if n, err := jsonwire.ConsumeNumber(val); n != len(val) || err != nil { + return newUnmarshalErrorAfterWithValue(dec, t, strconv.ErrSyntax) } fallthrough case '0': - // NOTE: Floating-point parsing is by nature a lossy operation. - // We never report an overflow condition since we can always - // round the input to the closest representable finite value. - // For extremely large numbers, the closest value is ±MaxFloat. - fv, _ := parseFloat(val, bits) + if stringify && k == '0' { + break + } + fv, ok := jsonwire.ParseFloat(val, bits) va.SetFloat(fv) + if !ok { + return newUnmarshalErrorAfterWithValue(dec, t, strconv.ErrRange) + } return nil } - return &SemanticError{action: "unmarshal", JSONKind: k, GoType: t} + return newUnmarshalErrorAfter(dec, t, nil) } return &fncs } @@ -568,54 +715,61 @@ func makeMapArshaler(t reflect.Type) *arshaler { keyFncs = lookupArshaler(t.Key()) valFncs = lookupArshaler(t.Elem()) } - fncs.marshal = func(mo MarshalOptions, enc *Encoder, va addressableValue) error { + nillableLegacyKey := t.Key().Kind() == reflect.Pointer && + implementsAny(t.Key(), textMarshalerType, textAppenderType) + fncs.marshal = func(enc *jsontext.Encoder, va addressableValue, mo *jsonopts.Struct) error { // Check for cycles. - if enc.tokens.depth() > startDetectingCyclesAfter { - if err := enc.seenPointers.visit(va.Value); err != nil { - return err - } - defer enc.seenPointers.leave(va.Value) - } - - if mo.format != "" && mo.formatDepth == enc.tokens.depth() { - if mo.format == "emitnull" { - if va.IsNil() { - return enc.WriteToken(Null) - } - mo.format = "" - } else { - return newInvalidFormatError("marshal", t, mo.format) + xe := export.Encoder(enc) + if xe.Tokens.Depth() > startDetectingCyclesAfter { + if err := visitPointer(&xe.SeenPointers, va.Value); err != nil { + return newMarshalErrorBefore(enc, t, err) + } + defer leavePointer(&xe.SeenPointers, va.Value) + } + + emitNull := mo.Flags.Get(jsonflags.FormatNilMapAsNull) + if mo.Format != "" && mo.FormatDepth == xe.Tokens.Depth() { + switch mo.Format { + case "emitnull": + emitNull = true + mo.Format = "" + case "emitempty": + emitNull = false + mo.Format = "" + default: + return newInvalidFormatError(enc, t) } } - // Optimize for marshaling an empty map without any preceding whitespace. + // Handle empty maps. n := va.Len() - if optimizeCommon && n == 0 && !enc.options.multiline && !enc.tokens.last.needObjectName() { - enc.buf = enc.tokens.mayAppendDelim(enc.buf, '{') - enc.buf = append(enc.buf, "{}"...) - enc.tokens.last.increment() - if enc.needFlush() { - return enc.flush() + if n == 0 { + if emitNull && va.IsNil() { + return enc.WriteToken(jsontext.Null) + } + // Optimize for marshaling an empty map without any preceding whitespace. + if optimizeCommon && !mo.Flags.Get(jsonflags.AnyWhitespace) && !xe.Tokens.Last.NeedObjectName() { + xe.Buf = append(xe.Tokens.MayAppendDelim(xe.Buf, '{'), "{}"...) + xe.Tokens.Last.Increment() + if xe.NeedFlush() { + return xe.Flush() + } + return nil } - return nil } once.Do(init) - if err := enc.WriteToken(ObjectStart); err != nil { + if err := enc.WriteToken(jsontext.BeginObject); err != nil { return err } if n > 0 { - // Handle maps with numeric key types by stringifying them. - mko := mo - mko.StringifyNumbers = true - nonDefaultKey := keyFncs.nonDefault marshalKey := keyFncs.marshal marshalVal := valFncs.marshal if mo.Marshalers != nil { var ok bool - marshalKey, ok = mo.Marshalers.lookup(marshalKey, t.Key()) - marshalVal, _ = mo.Marshalers.lookup(marshalVal, t.Elem()) + marshalKey, ok = mo.Marshalers.(*Marshalers).lookup(marshalKey, t.Key()) + marshalVal, _ = mo.Marshalers.(*Marshalers).lookup(marshalVal, t.Elem()) nonDefaultKey = nonDefaultKey || ok } k := newAddressableValue(t.Key()) @@ -624,22 +778,29 @@ func makeMapArshaler(t reflect.Type) *arshaler { // A Go map guarantees that each entry has a unique key. // As such, disable the expensive duplicate name check if we know // that every Go key will serialize as a unique JSON string. - if !nonDefaultKey && mapKeyWithUniqueRepresentation(k.Kind(), enc.options.AllowInvalidUTF8) { - enc.tokens.last.disableNamespace() + if !nonDefaultKey && mapKeyWithUniqueRepresentation(k.Kind(), mo.Flags.Get(jsonflags.AllowInvalidUTF8)) { + xe.Tokens.Last.DisableNamespace() } switch { - case !mo.Deterministic || n <= 1: + case !mo.Flags.Get(jsonflags.Deterministic) || n <= 1: for iter := va.Value.MapRange(); iter.Next(); { k.SetIterKey(iter) - if err := marshalKey(mko, enc, k); err != nil { - // TODO: If err is errMissingName, then wrap it as a - // SemanticError since this key type cannot be serialized - // as a JSON string. - return err + err := marshalKey(enc, k, mo) + if err != nil { + if mo.Flags.Get(jsonflags.CallMethodsWithLegacySemantics) && + errors.Is(err, jsontext.ErrNonStringName) && nillableLegacyKey && k.IsNil() { + err = enc.WriteToken(jsontext.String("")) + } + if err != nil { + if serr, ok := err.(*jsontext.SyntacticError); ok && serr.Err == jsontext.ErrNonStringName { + err = newMarshalErrorBefore(enc, k.Type(), err) + } + return err + } } v.SetIterValue(iter) - if err := marshalVal(mo, enc, v); err != nil { + if err := marshalVal(enc, v, mo); err != nil { return err } } @@ -651,13 +812,13 @@ func makeMapArshaler(t reflect.Type) *arshaler { } names.Sort() for _, name := range *names { - if err := enc.WriteToken(String(name)); err != nil { + if err := enc.WriteToken(jsontext.String(name)); err != nil { return err } // TODO(https://go.dev/issue/57061): Use v.SetMapIndexOf. k.SetString(name) v.Set(va.MapIndex(k.Value)) - if err := marshalVal(mo, enc, v); err != nil { + if err := marshalVal(enc, v, mo); err != nil { return err } } @@ -666,52 +827,62 @@ func makeMapArshaler(t reflect.Type) *arshaler { type member struct { name string // unquoted name key addressableValue + val addressableValue } members := make([]member, n) keys := reflect.MakeSlice(reflect.SliceOf(t.Key()), n, n) + vals := reflect.MakeSlice(reflect.SliceOf(t.Elem()), n, n) for i, iter := 0, va.Value.MapRange(); i < n && iter.Next(); i++ { // Marshal the member name. - k := addressableValue{keys.Index(i)} // indexed slice element is always addressable + k := addressableValue{keys.Index(i), true} // indexed slice element is always addressable k.SetIterKey(iter) - if err := marshalKey(mko, enc, k); err != nil { - // TODO: If err is errMissingName, then wrap it as a - // SemanticError since this key type cannot be serialized - // as a JSON string. - return err + v := addressableValue{vals.Index(i), true} // indexed slice element is always addressable + v.SetIterValue(iter) + err := marshalKey(enc, k, mo) + if err != nil { + if mo.Flags.Get(jsonflags.CallMethodsWithLegacySemantics) && + errors.Is(err, jsontext.ErrNonStringName) && nillableLegacyKey && k.IsNil() { + err = enc.WriteToken(jsontext.String("")) + } + if err != nil { + if serr, ok := err.(*jsontext.SyntacticError); ok && serr.Err == jsontext.ErrNonStringName { + err = newMarshalErrorBefore(enc, k.Type(), err) + } + return err + } } - name := enc.unwriteOnlyObjectMemberName() - members[i] = member{name, k} + name := xe.UnwriteOnlyObjectMemberName() + members[i] = member{name, k, v} } // TODO: If AllowDuplicateNames is enabled, then sort according // to reflect.Value as well if the names are equal. // See internal/fmtsort. - // TODO(https://go.dev/issue/47619): Use slices.SortFunc instead. - sort.Slice(members, func(i, j int) bool { - return lessUTF16(members[i].name, members[j].name) + slices.SortFunc(members, func(x, y member) int { + return strings.Compare(x.name, y.name) }) for _, member := range members { - if err := enc.WriteToken(String(member.name)); err != nil { + if err := enc.WriteToken(jsontext.String(member.name)); err != nil { return err } - // TODO(https://go.dev/issue/57061): Use v.SetMapIndexOf. - v.Set(va.MapIndex(member.key.Value)) - if err := marshalVal(mo, enc, v); err != nil { + if err := marshalVal(enc, member.val, mo); err != nil { return err } } } } - if err := enc.WriteToken(ObjectEnd); err != nil { + if err := enc.WriteToken(jsontext.EndObject); err != nil { return err } return nil } - fncs.unmarshal = func(uo UnmarshalOptions, dec *Decoder, va addressableValue) error { - if uo.format != "" && uo.formatDepth == dec.tokens.depth() { - if uo.format == "emitnull" { - uo.format = "" // only relevant for marshaling - } else { - return newInvalidFormatError("unmarshal", t, uo.format) + fncs.unmarshal = func(dec *jsontext.Decoder, va addressableValue, uo *jsonopts.Struct) error { + xd := export.Decoder(dec) + if uo.Format != "" && uo.FormatDepth == xd.Tokens.Depth() { + switch uo.Format { + case "emitnull", "emitempty": + uo.Format = "" // only relevant for marshaling + default: + return newInvalidFormatError(dec, t) } } tok, err := dec.ReadToken() @@ -721,7 +892,7 @@ func makeMapArshaler(t reflect.Type) *arshaler { k := tok.Kind() switch k { case 'n': - va.Set(reflect.Zero(t)) + va.SetZero() return nil case '{': once.Do(init) @@ -729,17 +900,13 @@ func makeMapArshaler(t reflect.Type) *arshaler { va.Set(reflect.MakeMap(t)) } - // Handle maps with numeric key types by stringifying them. - uko := uo - uko.StringifyNumbers = true - nonDefaultKey := keyFncs.nonDefault unmarshalKey := keyFncs.unmarshal unmarshalVal := valFncs.unmarshal if uo.Unmarshalers != nil { var ok bool - unmarshalKey, ok = uo.Unmarshalers.lookup(unmarshalKey, t.Key()) - unmarshalVal, _ = uo.Unmarshalers.lookup(unmarshalVal, t.Elem()) + unmarshalKey, ok = uo.Unmarshalers.(*Unmarshalers).lookup(unmarshalKey, t.Key()) + unmarshalVal, _ = uo.Unmarshalers.(*Unmarshalers).lookup(unmarshalVal, t.Elem()) nonDefaultKey = nonDefaultKey || ok } k := newAddressableValue(t.Key()) @@ -751,8 +918,8 @@ func makeMapArshaler(t reflect.Type) *arshaler { // will be rejected as duplicates since they semantically refer // to the same Go value. This is an unusual interaction // between syntax and semantics, but is more correct. - if !nonDefaultKey && mapKeyWithUniqueRepresentation(k.Kind(), dec.options.AllowInvalidUTF8) { - dec.tokens.last.disableNamespace() + if !nonDefaultKey && mapKeyWithUniqueRepresentation(k.Kind(), uo.Flags.Get(jsonflags.AllowInvalidUTF8)) { + xd.Tokens.Last.DisableNamespace() } // In the rare case where the map is not already empty, @@ -760,46 +927,72 @@ func makeMapArshaler(t reflect.Type) *arshaler { // since existing presence alone is insufficient to indicate // whether the input had a duplicate name. var seen reflect.Value - if !dec.options.AllowDuplicateNames && va.Len() > 0 { + if !uo.Flags.Get(jsonflags.AllowDuplicateNames) && va.Len() > 0 { seen = reflect.MakeMap(reflect.MapOf(k.Type(), emptyStructType)) } + var errUnmarshal error for dec.PeekKind() != '}' { - k.Set(reflect.Zero(t.Key())) - if err := unmarshalKey(uko, dec, k); err != nil { - return err + // Unmarshal the map entry key. + k.SetZero() + err := unmarshalKey(dec, k, uo) + if err != nil { + if isFatalError(err, uo.Flags) { + return err + } + if err := dec.SkipValue(); err != nil { + return err + } + errUnmarshal = cmp.Or(errUnmarshal, err) + continue } if k.Kind() == reflect.Interface && !k.IsNil() && !k.Elem().Type().Comparable() { - err := fmt.Errorf("invalid incomparable key type %v", k.Elem().Type()) - return &SemanticError{action: "unmarshal", GoType: t, Err: err} + err := newUnmarshalErrorAfter(dec, t, fmt.Errorf("invalid incomparable key type %v", k.Elem().Type())) + if !uo.Flags.Get(jsonflags.ReportErrorsWithLegacySemantics) { + return err + } + if err2 := dec.SkipValue(); err2 != nil { + return err2 + } + errUnmarshal = cmp.Or(errUnmarshal, err) + continue } + // Check if a pre-existing map entry value exists for this key. if v2 := va.MapIndex(k.Value); v2.IsValid() { - if !dec.options.AllowDuplicateNames && (!seen.IsValid() || seen.MapIndex(k.Value).IsValid()) { + if !uo.Flags.Get(jsonflags.AllowDuplicateNames) && (!seen.IsValid() || seen.MapIndex(k.Value).IsValid()) { // TODO: Unread the object name. - name := dec.previousBuffer() - err := &SyntacticError{str: "duplicate name " + string(name) + " in object"} - return err.withOffset(dec.InputOffset() - int64(len(name))) + name := xd.PreviousTokenOrValue() + return newDuplicateNameError(dec.StackPointer(), nil, dec.InputOffset()-len64(name)) + } + if !uo.Flags.Get(jsonflags.MergeWithLegacySemantics) { + v.Set(v2) + } else { + v.SetZero() } - v.Set(v2) } else { - v.Set(reflect.Zero(v.Type())) + v.SetZero() } - err := unmarshalVal(uo, dec, v) + + // Unmarshal the map entry value. + err = unmarshalVal(dec, v, uo) va.SetMapIndex(k.Value, v.Value) if seen.IsValid() { seen.SetMapIndex(k.Value, reflect.Zero(emptyStructType)) } if err != nil { - return err + if isFatalError(err, uo.Flags) { + return err + } + errUnmarshal = cmp.Or(errUnmarshal, err) } } if _, err := dec.ReadToken(); err != nil { return err } - return nil + return errUnmarshal } - return &SemanticError{action: "unmarshal", JSONKind: k, GoType: t} + return newUnmarshalErrorAfterWithSkipping(dec, t, nil) } return &fncs } @@ -812,7 +1005,7 @@ func mapKeyWithUniqueRepresentation(k reflect.Kind, allowInvalidUTF8 bool) bool switch k { case reflect.Bool, reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64, - reflect.Uint, reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64: + reflect.Uint, reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64, reflect.Uintptr: return true case reflect.String: // For strings, we have to be careful since names with invalid UTF-8 @@ -825,6 +1018,8 @@ func mapKeyWithUniqueRepresentation(k reflect.Kind, allowInvalidUTF8 bool) bool } } +var errNilField = errors.New("cannot set embedded pointer to unexported struct type") + func makeStructArshaler(t reflect.Type) *arshaler { // NOTE: The logic below disables namespaces for tracking duplicate names // and does the tracking locally with an efficient bit-set based on which @@ -839,27 +1034,26 @@ func makeStructArshaler(t reflect.Type) *arshaler { init := func() { fields, errInit = makeStructFields(t) } - fncs.marshal = func(mo MarshalOptions, enc *Encoder, va addressableValue) error { - if mo.format != "" && mo.formatDepth == enc.tokens.depth() { - return newInvalidFormatError("marshal", t, mo.format) + fncs.marshal = func(enc *jsontext.Encoder, va addressableValue, mo *jsonopts.Struct) error { + xe := export.Encoder(enc) + if mo.Format != "" && mo.FormatDepth == xe.Tokens.Depth() { + return newInvalidFormatError(enc, t) } once.Do(init) - if errInit != nil { - err := *errInit // shallow copy SemanticError - err.action = "marshal" - return &err + if errInit != nil && !mo.Flags.Get(jsonflags.ReportErrorsWithLegacySemantics) { + return newMarshalErrorBefore(enc, errInit.GoType, errInit.Err) } - if err := enc.WriteToken(ObjectStart); err != nil { + if err := enc.WriteToken(jsontext.BeginObject); err != nil { return err } var seenIdxs uintSet prevIdx := -1 - enc.tokens.last.disableNamespace() // we manually ensure unique names below + xe.Tokens.Last.DisableNamespace() // we manually ensure unique names below for i := range fields.flattened { f := &fields.flattened[i] - v := addressableValue{va.Field(f.index[0])} // addressable if struct value is addressable - if len(f.index) > 1 { - v = v.fieldByIndex(f.index[1:], false) + v := addressableValue{va.Field(f.index0), va.forcedAddr} // addressable if struct value is addressable + if len(f.index) > 0 { + v = v.fieldByIndex(f.index, false) if !v.IsValid() { continue // implies a nil inlined field } @@ -867,7 +1061,13 @@ func makeStructArshaler(t reflect.Type) *arshaler { // OmitZero skips the field if the Go value is zero, // which we can determine up front without calling the marshaler. - if f.omitzero && ((f.isZero == nil && v.IsZero()) || (f.isZero != nil && f.isZero(v))) { + if (f.omitzero || mo.Flags.Get(jsonflags.OmitZeroStructFields)) && + ((f.isZero == nil && v.IsZero()) || (f.isZero != nil && f.isZero(v))) { + continue + } + + // Check for the legacy definition of omitempty. + if f.omitempty && mo.Flags.Get(jsonflags.OmitEmptyWithLegacySemantics) && isLegacyEmpty(v) { continue } @@ -875,14 +1075,15 @@ func makeStructArshaler(t reflect.Type) *arshaler { nonDefault := f.fncs.nonDefault if mo.Marshalers != nil { var ok bool - marshal, ok = mo.Marshalers.lookup(marshal, f.typ) + marshal, ok = mo.Marshalers.(*Marshalers).lookup(marshal, f.typ) nonDefault = nonDefault || ok } // OmitEmpty skips the field if the marshaled JSON value is empty, // which we can know up front if there are no custom marshalers, // otherwise we must marshal the value and unwrite it if empty. - if f.omitempty && !nonDefault && f.isEmpty != nil && f.isEmpty(v) { + if f.omitempty && !mo.Flags.Get(jsonflags.OmitEmptyWithLegacySemantics) && + !nonDefault && f.isEmpty != nil && f.isEmpty(v) { continue // fast path for omitempty } @@ -898,50 +1099,60 @@ func makeStructArshaler(t reflect.Type) *arshaler { // 5. There is no possibility of an error occurring. if optimizeCommon { // Append any delimiters or optional whitespace. - if enc.tokens.last.length() > 0 { - enc.buf = append(enc.buf, ',') + b := xe.Buf + if xe.Tokens.Last.Length() > 0 { + b = append(b, ',') + if mo.Flags.Get(jsonflags.SpaceAfterComma) { + b = append(b, ' ') + } } - if enc.options.multiline { - enc.buf = enc.appendIndent(enc.buf, enc.tokens.needIndent('"')) + if mo.Flags.Get(jsonflags.Multiline) { + b = xe.AppendIndent(b, xe.Tokens.NeedIndent('"')) } // Append the token to the output and to the state machine. - n0 := len(enc.buf) // offset before calling appendString - if enc.options.EscapeRune == nil { - enc.buf = append(enc.buf, f.quotedName...) + n0 := len(b) // offset before calling AppendQuote + if !f.nameNeedEscape { + b = append(b, f.quotedName...) } else { - enc.buf, _ = appendString(enc.buf, f.name, false, enc.options.EscapeRune) + b, _ = jsonwire.AppendQuote(b, f.name, &mo.Flags) } - if !enc.options.AllowDuplicateNames { - enc.names.replaceLastQuotedOffset(n0) - } - enc.tokens.last.increment() + xe.Buf = b + xe.Names.ReplaceLastQuotedOffset(n0) + xe.Tokens.Last.Increment() } else { - if err := enc.WriteToken(String(f.name)); err != nil { + if err := enc.WriteToken(jsontext.String(f.name)); err != nil { return err } } // Write the object member value. - mo2 := mo + flagsOriginal := mo.Flags if f.string { - mo2.StringifyNumbers = true + if !mo.Flags.Get(jsonflags.StringifyWithLegacySemantics) { + mo.Flags.Set(jsonflags.StringifyNumbers | 1) + } else if canLegacyStringify(f.typ) { + mo.Flags.Set(jsonflags.StringifyNumbers | jsonflags.StringifyBoolsAndStrings | 1) + } } if f.format != "" { - mo2.formatDepth = enc.tokens.depth() - mo2.format = f.format + mo.FormatDepth = xe.Tokens.Depth() + mo.Format = f.format } - if err := marshal(mo2, enc, v); err != nil { + err := marshal(enc, v, mo) + mo.Flags = flagsOriginal + mo.Format = "" + if err != nil { return err } // Try unwriting the member if empty (slow path for omitempty). - if f.omitempty { + if f.omitempty && !mo.Flags.Get(jsonflags.OmitEmptyWithLegacySemantics) { var prevName *string if prevIdx >= 0 { prevName = &fields.flattened[prevIdx].name } - if enc.unwriteEmptyObjectMember(prevName) { + if xe.UnwriteEmptyObjectMember(prevName) { continue } } @@ -949,23 +1160,23 @@ func makeStructArshaler(t reflect.Type) *arshaler { // Remember the previous written object member. // The set of seen fields only needs to be updated to detect // duplicate names with those from the inlined fallback. - if !enc.options.AllowDuplicateNames && fields.inlinedFallback != nil { + if !mo.Flags.Get(jsonflags.AllowDuplicateNames) && fields.inlinedFallback != nil { seenIdxs.insert(uint(f.id)) } prevIdx = f.id } - if fields.inlinedFallback != nil && !(mo.DiscardUnknownMembers && fields.inlinedFallback.unknown) { + if fields.inlinedFallback != nil && !(mo.Flags.Get(jsonflags.DiscardUnknownMembers) && fields.inlinedFallback.unknown) { var insertUnquotedName func([]byte) bool - if !enc.options.AllowDuplicateNames { + if !mo.Flags.Get(jsonflags.AllowDuplicateNames) { insertUnquotedName = func(name []byte) bool { // Check that the name from inlined fallback does not match // one of the previously marshaled names from known fields. - if foldedFields := fields.byFoldedName[string(foldName(name))]; len(foldedFields) > 0 { + if foldedFields := fields.lookupByFoldedName(name); len(foldedFields) > 0 { if f := fields.byActualName[string(name)]; f != nil { return seenIdxs.insert(uint(f.id)) } for _, f := range foldedFields { - if f.nocase { + if f.matchFoldedName(name, &mo.Flags) { return seenIdxs.insert(uint(f.id)) } } @@ -973,21 +1184,22 @@ func makeStructArshaler(t reflect.Type) *arshaler { // Check that the name does not match any other name // previously marshaled from the inlined fallback. - return enc.namespaces.last().insertUnquoted(name) + return xe.Namespaces.Last().InsertUnquoted(name) } } - if err := marshalInlinedFallbackAll(mo, enc, va, fields.inlinedFallback, insertUnquotedName); err != nil { + if err := marshalInlinedFallbackAll(enc, va, mo, fields.inlinedFallback, insertUnquotedName); err != nil { return err } } - if err := enc.WriteToken(ObjectEnd); err != nil { + if err := enc.WriteToken(jsontext.EndObject); err != nil { return err } return nil } - fncs.unmarshal = func(uo UnmarshalOptions, dec *Decoder, va addressableValue) error { - if uo.format != "" && uo.formatDepth == dec.tokens.depth() { - return newInvalidFormatError("unmarshal", t, uo.format) + fncs.unmarshal = func(dec *jsontext.Decoder, va addressableValue, uo *jsonopts.Struct) error { + xd := export.Decoder(dec) + if uo.Format != "" && uo.FormatDepth == xd.Tokens.Depth() { + return newInvalidFormatError(dec, t) } tok, err := dec.ReadToken() if err != nil { @@ -996,41 +1208,45 @@ func makeStructArshaler(t reflect.Type) *arshaler { k := tok.Kind() switch k { case 'n': - va.Set(reflect.Zero(t)) + if !uo.Flags.Get(jsonflags.MergeWithLegacySemantics) { + va.SetZero() + } return nil case '{': once.Do(init) - if errInit != nil { - err := *errInit // shallow copy SemanticError - err.action = "unmarshal" - return &err + if errInit != nil && !uo.Flags.Get(jsonflags.ReportErrorsWithLegacySemantics) { + return newUnmarshalErrorAfter(dec, errInit.GoType, errInit.Err) } var seenIdxs uintSet - dec.tokens.last.disableNamespace() + xd.Tokens.Last.DisableNamespace() + var errUnmarshal error for dec.PeekKind() != '}' { // Process the object member name. - var flags valueFlags - val, err := dec.readValue(&flags) + var flags jsonwire.ValueFlags + val, err := xd.ReadValue(&flags) if err != nil { return err } - name := unescapeStringMayCopy(val, flags.isVerbatim()) + name := jsonwire.UnquoteMayCopy(val, flags.IsVerbatim()) f := fields.byActualName[string(name)] if f == nil { - for _, f2 := range fields.byFoldedName[string(foldName(name))] { - if f2.nocase { + for _, f2 := range fields.lookupByFoldedName(name) { + if f2.matchFoldedName(name, &uo.Flags) { f = f2 break } } if f == nil { - if uo.RejectUnknownMembers && (fields.inlinedFallback == nil || fields.inlinedFallback.unknown) { - return &SemanticError{action: "unmarshal", GoType: t, Err: fmt.Errorf("unknown name %s", val)} + if uo.Flags.Get(jsonflags.RejectUnknownMembers) && (fields.inlinedFallback == nil || fields.inlinedFallback.unknown) { + err := newUnmarshalErrorAfter(dec, t, ErrUnknownName) + if !uo.Flags.Get(jsonflags.ReportErrorsWithLegacySemantics) { + return err + } + errUnmarshal = cmp.Or(errUnmarshal, err) } - if !dec.options.AllowDuplicateNames && !dec.namespaces.last().insertUnquoted(name) { + if !uo.Flags.Get(jsonflags.AllowDuplicateNames) && !xd.Namespaces.Last().InsertUnquoted(name) { // TODO: Unread the object name. - err := &SyntacticError{str: "duplicate name " + string(val) + " in object"} - return err.withOffset(dec.InputOffset() - int64(len(val))) + return newDuplicateNameError(dec.StackPointer(), nil, dec.InputOffset()-len64(val)) } if fields.inlinedFallback == nil { @@ -1040,46 +1256,68 @@ func makeStructArshaler(t reflect.Type) *arshaler { } } else { // Marshal into value capable of storing arbitrary object members. - if err := unmarshalInlinedFallbackNext(uo, dec, va, fields.inlinedFallback, val, name); err != nil { - return err + if err := unmarshalInlinedFallbackNext(dec, va, uo, fields.inlinedFallback, val, name); err != nil { + if isFatalError(err, uo.Flags) { + return err + } + errUnmarshal = cmp.Or(errUnmarshal, err) } } continue } } - if !dec.options.AllowDuplicateNames && !seenIdxs.insert(uint(f.id)) { + if !uo.Flags.Get(jsonflags.AllowDuplicateNames) && !seenIdxs.insert(uint(f.id)) { // TODO: Unread the object name. - err := &SyntacticError{str: "duplicate name " + string(val) + " in object"} - return err.withOffset(dec.InputOffset() - int64(len(val))) + return newDuplicateNameError(dec.StackPointer(), nil, dec.InputOffset()-len64(val)) } // Process the object member value. unmarshal := f.fncs.unmarshal if uo.Unmarshalers != nil { - unmarshal, _ = uo.Unmarshalers.lookup(unmarshal, f.typ) + unmarshal, _ = uo.Unmarshalers.(*Unmarshalers).lookup(unmarshal, f.typ) } - uo2 := uo + flagsOriginal := uo.Flags if f.string { - uo2.StringifyNumbers = true + if !uo.Flags.Get(jsonflags.StringifyWithLegacySemantics) { + uo.Flags.Set(jsonflags.StringifyNumbers | 1) + } else if canLegacyStringify(f.typ) { + uo.Flags.Set(jsonflags.StringifyNumbers | jsonflags.StringifyBoolsAndStrings | 1) + } } if f.format != "" { - uo2.formatDepth = dec.tokens.depth() - uo2.format = f.format + uo.FormatDepth = xd.Tokens.Depth() + uo.Format = f.format } - v := addressableValue{va.Field(f.index[0])} // addressable if struct value is addressable - if len(f.index) > 1 { - v = v.fieldByIndex(f.index[1:], true) + v := addressableValue{va.Field(f.index0), va.forcedAddr} // addressable if struct value is addressable + if len(f.index) > 0 { + v = v.fieldByIndex(f.index, true) + if !v.IsValid() { + err := newUnmarshalErrorBefore(dec, t, errNilField) + if !uo.Flags.Get(jsonflags.ReportErrorsWithLegacySemantics) { + return err + } + errUnmarshal = cmp.Or(errUnmarshal, err) + unmarshal = func(dec *jsontext.Decoder, _ addressableValue, _ *jsonopts.Struct) error { + return dec.SkipValue() + } + } } - if err := unmarshal(uo2, dec, v); err != nil { - return err + err = unmarshal(dec, v, uo) + uo.Flags = flagsOriginal + uo.Format = "" + if err != nil { + if isFatalError(err, uo.Flags) { + return err + } + errUnmarshal = cmp.Or(errUnmarshal, err) } } if _, err := dec.ReadToken(); err != nil { return err } - return nil + return errUnmarshal } - return &SemanticError{action: "unmarshal", JSONKind: k, GoType: t} + return newUnmarshalErrorAfterWithSkipping(dec, t, nil) } return &fncs } @@ -1090,7 +1328,7 @@ func (va addressableValue) fieldByIndex(index []int, mayAlloc bool) addressableV if !va.IsValid() { return va } - va = addressableValue{va.Field(i)} // addressable if struct value is addressable + va = addressableValue{va.Field(i), va.forcedAddr} // addressable if struct value is addressable } return va } @@ -1098,16 +1336,55 @@ func (va addressableValue) fieldByIndex(index []int, mayAlloc bool) addressableV func (va addressableValue) indirect(mayAlloc bool) addressableValue { if va.Kind() == reflect.Pointer { if va.IsNil() { - if !mayAlloc { + if !mayAlloc || !va.CanSet() { return addressableValue{} } va.Set(reflect.New(va.Type().Elem())) } - va = addressableValue{va.Elem()} // dereferenced pointer is always addressable + va = addressableValue{va.Elem(), false} // dereferenced pointer is always addressable } return va } +// isLegacyEmpty reports whether a value is empty according to the v1 definition. +func isLegacyEmpty(v addressableValue) bool { + // Equivalent to encoding/json.isEmptyValue@v1.21.0. + switch v.Kind() { + case reflect.Bool: + return v.Bool() == false + case reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64: + return v.Int() == 0 + case reflect.Uint, reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64, reflect.Uintptr: + return v.Uint() == 0 + case reflect.Float32, reflect.Float64: + return v.Float() == 0 + case reflect.String, reflect.Map, reflect.Slice, reflect.Array: + return v.Len() == 0 + case reflect.Pointer, reflect.Interface: + return v.IsNil() + } + return false +} + +// canLegacyStringify reports whether t can be stringified according to v1, +// where t is a bool, string, or number (or unnamed pointer to such). +// In v1, the `string` option does not apply recursively to nested types within +// a composite Go type (e.g., an array, slice, struct, map, or interface). +func canLegacyStringify(t reflect.Type) bool { + // Based on encoding/json.typeFields#L1126-L1143@v1.23.0 + if t.Name() == "" && t.Kind() == reflect.Ptr { + t = t.Elem() + } + switch t.Kind() { + case reflect.Bool, reflect.String, + reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64, + reflect.Uint, reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64, reflect.Uintptr, + reflect.Float32, reflect.Float64: + return true + } + return false +} + func makeSliceArshaler(t reflect.Type) *arshaler { var fncs arshaler var ( @@ -1117,64 +1394,75 @@ func makeSliceArshaler(t reflect.Type) *arshaler { init := func() { valFncs = lookupArshaler(t.Elem()) } - fncs.marshal = func(mo MarshalOptions, enc *Encoder, va addressableValue) error { + fncs.marshal = func(enc *jsontext.Encoder, va addressableValue, mo *jsonopts.Struct) error { // Check for cycles. - if enc.tokens.depth() > startDetectingCyclesAfter { - if err := enc.seenPointers.visit(va.Value); err != nil { - return err - } - defer enc.seenPointers.leave(va.Value) - } - - if mo.format != "" && mo.formatDepth == enc.tokens.depth() { - if mo.format == "emitnull" { - if va.IsNil() { - return enc.WriteToken(Null) - } - mo.format = "" - } else { - return newInvalidFormatError("marshal", t, mo.format) + xe := export.Encoder(enc) + if xe.Tokens.Depth() > startDetectingCyclesAfter { + if err := visitPointer(&xe.SeenPointers, va.Value); err != nil { + return newMarshalErrorBefore(enc, t, err) + } + defer leavePointer(&xe.SeenPointers, va.Value) + } + + emitNull := mo.Flags.Get(jsonflags.FormatNilSliceAsNull) + if mo.Format != "" && mo.FormatDepth == xe.Tokens.Depth() { + switch mo.Format { + case "emitnull": + emitNull = true + mo.Format = "" + case "emitempty": + emitNull = false + mo.Format = "" + default: + return newInvalidFormatError(enc, t) } } - // Optimize for marshaling an empty slice without any preceding whitespace. + // Handle empty slices. n := va.Len() - if optimizeCommon && n == 0 && !enc.options.multiline && !enc.tokens.last.needObjectName() { - enc.buf = enc.tokens.mayAppendDelim(enc.buf, '[') - enc.buf = append(enc.buf, "[]"...) - enc.tokens.last.increment() - if enc.needFlush() { - return enc.flush() + if n == 0 { + if emitNull && va.IsNil() { + return enc.WriteToken(jsontext.Null) + } + // Optimize for marshaling an empty slice without any preceding whitespace. + if optimizeCommon && !mo.Flags.Get(jsonflags.AnyWhitespace) && !xe.Tokens.Last.NeedObjectName() { + xe.Buf = append(xe.Tokens.MayAppendDelim(xe.Buf, '['), "[]"...) + xe.Tokens.Last.Increment() + if xe.NeedFlush() { + return xe.Flush() + } + return nil } - return nil } once.Do(init) - if err := enc.WriteToken(ArrayStart); err != nil { + if err := enc.WriteToken(jsontext.BeginArray); err != nil { return err } marshal := valFncs.marshal if mo.Marshalers != nil { - marshal, _ = mo.Marshalers.lookup(marshal, t.Elem()) + marshal, _ = mo.Marshalers.(*Marshalers).lookup(marshal, t.Elem()) } - for i := 0; i < n; i++ { - v := addressableValue{va.Index(i)} // indexed slice element is always addressable - if err := marshal(mo, enc, v); err != nil { + for i := range n { + v := addressableValue{va.Index(i), false} // indexed slice element is always addressable + if err := marshal(enc, v, mo); err != nil { return err } } - if err := enc.WriteToken(ArrayEnd); err != nil { + if err := enc.WriteToken(jsontext.EndArray); err != nil { return err } return nil } emptySlice := reflect.MakeSlice(t, 0, 0) - fncs.unmarshal = func(uo UnmarshalOptions, dec *Decoder, va addressableValue) error { - if uo.format != "" && uo.formatDepth == dec.tokens.depth() { - if uo.format == "emitnull" { - uo.format = "" // only relevant for marshaling - } else { - return newInvalidFormatError("unmarshal", t, uo.format) + fncs.unmarshal = func(dec *jsontext.Decoder, va addressableValue, uo *jsonopts.Struct) error { + xd := export.Decoder(dec) + if uo.Format != "" && uo.FormatDepth == xd.Tokens.Depth() { + switch uo.Format { + case "emitnull", "emitempty": + uo.Format = "" // only relevant for marshaling + default: + return newInvalidFormatError(dec, t) } } @@ -1185,13 +1473,13 @@ func makeSliceArshaler(t reflect.Type) *arshaler { k := tok.Kind() switch k { case 'n': - va.Set(reflect.Zero(t)) + va.SetZero() return nil case '[': once.Do(init) unmarshal := valFncs.unmarshal if uo.Unmarshalers != nil { - unmarshal, _ = uo.Unmarshalers.lookup(unmarshal, t.Elem()) + unmarshal, _ = uo.Unmarshalers.(*Unmarshalers).lookup(unmarshal, t.Elem()) } mustZero := true // we do not know the cleanliness of unused capacity cap := va.Cap() @@ -1199,22 +1487,25 @@ func makeSliceArshaler(t reflect.Type) *arshaler { va.SetLen(cap) } var i int + var errUnmarshal error for dec.PeekKind() != ']' { if i == cap { - // TODO(https://go.dev/issue/48000): Use reflect.Value.Append. - va.Set(reflect.Append(va.Value, reflect.Zero(t.Elem()))) + va.Value.Grow(1) cap = va.Cap() va.SetLen(cap) - mustZero = false // append guarantees that unused capacity is zero-initialized + mustZero = false // reflect.Value.Grow ensures new capacity is zero-initialized } - v := addressableValue{va.Index(i)} // indexed slice element is always addressable + v := addressableValue{va.Index(i), false} // indexed slice element is always addressable i++ - if mustZero { - v.Set(reflect.Zero(t.Elem())) + if mustZero && !uo.Flags.Get(jsonflags.MergeWithLegacySemantics) { + v.SetZero() } - if err := unmarshal(uo, dec, v); err != nil { - va.SetLen(i) - return err + if err := unmarshal(dec, v, uo); err != nil { + if isFatalError(err, uo.Flags) { + va.SetLen(i) + return err + } + errUnmarshal = cmp.Or(errUnmarshal, err) } } if i == 0 { @@ -1225,13 +1516,16 @@ func makeSliceArshaler(t reflect.Type) *arshaler { if _, err := dec.ReadToken(); err != nil { return err } - return nil + return errUnmarshal } - return &SemanticError{action: "unmarshal", JSONKind: k, GoType: t} + return newUnmarshalErrorAfterWithSkipping(dec, t, nil) } return &fncs } +var errArrayUnderflow = errors.New("too few array elements") +var errArrayOverflow = errors.New("too many array elements") + func makeArrayArshaler(t reflect.Type) *arshaler { var fncs arshaler var ( @@ -1242,32 +1536,34 @@ func makeArrayArshaler(t reflect.Type) *arshaler { valFncs = lookupArshaler(t.Elem()) } n := t.Len() - fncs.marshal = func(mo MarshalOptions, enc *Encoder, va addressableValue) error { - if mo.format != "" && mo.formatDepth == enc.tokens.depth() { - return newInvalidFormatError("marshal", t, mo.format) + fncs.marshal = func(enc *jsontext.Encoder, va addressableValue, mo *jsonopts.Struct) error { + xe := export.Encoder(enc) + if mo.Format != "" && mo.FormatDepth == xe.Tokens.Depth() { + return newInvalidFormatError(enc, t) } once.Do(init) - if err := enc.WriteToken(ArrayStart); err != nil { + if err := enc.WriteToken(jsontext.BeginArray); err != nil { return err } marshal := valFncs.marshal if mo.Marshalers != nil { - marshal, _ = mo.Marshalers.lookup(marshal, t.Elem()) + marshal, _ = mo.Marshalers.(*Marshalers).lookup(marshal, t.Elem()) } - for i := 0; i < n; i++ { - v := addressableValue{va.Index(i)} // indexed array element is addressable if array is addressable - if err := marshal(mo, enc, v); err != nil { + for i := range n { + v := addressableValue{va.Index(i), va.forcedAddr} // indexed array element is addressable if array is addressable + if err := marshal(enc, v, mo); err != nil { return err } } - if err := enc.WriteToken(ArrayEnd); err != nil { + if err := enc.WriteToken(jsontext.EndArray); err != nil { return err } return nil } - fncs.unmarshal = func(uo UnmarshalOptions, dec *Decoder, va addressableValue) error { - if uo.format != "" && uo.formatDepth == dec.tokens.depth() { - return newInvalidFormatError("unmarshal", t, uo.format) + fncs.unmarshal = func(dec *jsontext.Decoder, va addressableValue, uo *jsonopts.Struct) error { + xd := export.Decoder(dec) + if uo.Format != "" && uo.FormatDepth == xd.Tokens.Depth() { + return newInvalidFormatError(dec, t) } tok, err := dec.ReadToken() if err != nil { @@ -1276,37 +1572,51 @@ func makeArrayArshaler(t reflect.Type) *arshaler { k := tok.Kind() switch k { case 'n': - va.Set(reflect.Zero(t)) + if !uo.Flags.Get(jsonflags.MergeWithLegacySemantics) { + va.SetZero() + } return nil case '[': once.Do(init) unmarshal := valFncs.unmarshal if uo.Unmarshalers != nil { - unmarshal, _ = uo.Unmarshalers.lookup(unmarshal, t.Elem()) + unmarshal, _ = uo.Unmarshalers.(*Unmarshalers).lookup(unmarshal, t.Elem()) } var i int + var errUnmarshal error for dec.PeekKind() != ']' { if i >= n { - err := errors.New("too many array elements") - return &SemanticError{action: "unmarshal", GoType: t, Err: err} + if err := dec.SkipValue(); err != nil { + return err + } + err = errArrayOverflow + continue } - v := addressableValue{va.Index(i)} // indexed array element is addressable if array is addressable - v.Set(reflect.Zero(v.Type())) - if err := unmarshal(uo, dec, v); err != nil { - return err + v := addressableValue{va.Index(i), va.forcedAddr} // indexed array element is addressable if array is addressable + if !uo.Flags.Get(jsonflags.MergeWithLegacySemantics) { + v.SetZero() + } + if err := unmarshal(dec, v, uo); err != nil { + if isFatalError(err, uo.Flags) { + return err + } + errUnmarshal = cmp.Or(errUnmarshal, err) } i++ } + for ; i < n; i++ { + va.Index(i).SetZero() + err = errArrayUnderflow + } if _, err := dec.ReadToken(); err != nil { return err } - if i < n { - err := errors.New("too few array elements") - return &SemanticError{action: "unmarshal", GoType: t, Err: err} + if err != nil && !uo.Flags.Get(jsonflags.UnmarshalArrayFromAnyLength) { + return newUnmarshalErrorAfter(dec, t, err) } - return nil + return errUnmarshal } - return &SemanticError{action: "unmarshal", JSONKind: k, GoType: t} + return newUnmarshalErrorAfterWithSkipping(dec, t, nil) } return &fncs } @@ -1320,46 +1630,62 @@ func makePointerArshaler(t reflect.Type) *arshaler { init := func() { valFncs = lookupArshaler(t.Elem()) } - fncs.marshal = func(mo MarshalOptions, enc *Encoder, va addressableValue) error { + fncs.marshal = func(enc *jsontext.Encoder, va addressableValue, mo *jsonopts.Struct) error { // Check for cycles. - if enc.tokens.depth() > startDetectingCyclesAfter { - if err := enc.seenPointers.visit(va.Value); err != nil { - return err + xe := export.Encoder(enc) + if xe.Tokens.Depth() > startDetectingCyclesAfter { + if err := visitPointer(&xe.SeenPointers, va.Value); err != nil { + return newMarshalErrorBefore(enc, t, err) } - defer enc.seenPointers.leave(va.Value) + defer leavePointer(&xe.SeenPointers, va.Value) } - // NOTE: MarshalOptions.format is forwarded to underlying marshal. + // NOTE: Struct.Format is forwarded to underlying marshal. if va.IsNil() { - return enc.WriteToken(Null) + return enc.WriteToken(jsontext.Null) } once.Do(init) marshal := valFncs.marshal if mo.Marshalers != nil { - marshal, _ = mo.Marshalers.lookup(marshal, t.Elem()) + marshal, _ = mo.Marshalers.(*Marshalers).lookup(marshal, t.Elem()) } - v := addressableValue{va.Elem()} // dereferenced pointer is always addressable - return marshal(mo, enc, v) + v := addressableValue{va.Elem(), false} // dereferenced pointer is always addressable + return marshal(enc, v, mo) } - fncs.unmarshal = func(uo UnmarshalOptions, dec *Decoder, va addressableValue) error { - // NOTE: UnmarshalOptions.format is forwarded to underlying unmarshal. + fncs.unmarshal = func(dec *jsontext.Decoder, va addressableValue, uo *jsonopts.Struct) error { + // NOTE: Struct.Format is forwarded to underlying unmarshal. if dec.PeekKind() == 'n' { if _, err := dec.ReadToken(); err != nil { return err } - va.Set(reflect.Zero(t)) + va.SetZero() return nil } once.Do(init) unmarshal := valFncs.unmarshal if uo.Unmarshalers != nil { - unmarshal, _ = uo.Unmarshalers.lookup(unmarshal, t.Elem()) + unmarshal, _ = uo.Unmarshalers.(*Unmarshalers).lookup(unmarshal, t.Elem()) } if va.IsNil() { va.Set(reflect.New(t.Elem())) } - v := addressableValue{va.Elem()} // dereferenced pointer is always addressable - return unmarshal(uo, dec, v) + v := addressableValue{va.Elem(), false} // dereferenced pointer is always addressable + if err := unmarshal(dec, v, uo); err != nil { + return err + } + if uo.Flags.Get(jsonflags.StringifyWithLegacySemantics) && + uo.Flags.Get(jsonflags.StringifyNumbers|jsonflags.StringifyBoolsAndStrings) { + // A JSON null quoted within a JSON string should take effect + // within the pointer value, rather than the indirect value. + // + // TODO: This does not correctly handle escaped nulls + // (e.g., "\u006e\u0075\u006c\u006c"), but is good enough + // for such an esoteric use case of the `string` option. + if string(export.Decoder(dec).PreviousTokenOrValue()) == `"null"` { + va.SetZero() + } + } + return nil } return &fncs } @@ -1370,34 +1696,82 @@ func makeInterfaceArshaler(t reflect.Type) *arshaler { // store them back into the interface afterwards. var fncs arshaler - fncs.marshal = func(mo MarshalOptions, enc *Encoder, va addressableValue) error { - if mo.format != "" && mo.formatDepth == enc.tokens.depth() { - return newInvalidFormatError("marshal", t, mo.format) + var whichMarshaler reflect.Type + for _, iface := range allMarshalerTypes { + if t.Implements(iface) { + whichMarshaler = t + break + } + } + fncs.marshal = func(enc *jsontext.Encoder, va addressableValue, mo *jsonopts.Struct) error { + xe := export.Encoder(enc) + if mo.Format != "" && mo.FormatDepth == xe.Tokens.Depth() { + return newInvalidFormatError(enc, t) } if va.IsNil() { - return enc.WriteToken(Null) + return enc.WriteToken(jsontext.Null) + } else if mo.Flags.Get(jsonflags.CallMethodsWithLegacySemantics) && whichMarshaler != nil { + // The marshaler for a pointer never calls the method on a nil receiver. + // Wrap the nil pointer within a struct type so that marshal + // instead appears on a value receiver and may be called. + if va.Elem().Kind() == reflect.Pointer && va.Elem().IsNil() { + v2 := newAddressableValue(whichMarshaler) + switch whichMarshaler { + case jsonMarshalerToType: + v2.Set(reflect.ValueOf(struct{ MarshalerTo }{va.Elem().Interface().(MarshalerTo)})) + case jsonMarshalerType: + v2.Set(reflect.ValueOf(struct{ Marshaler }{va.Elem().Interface().(Marshaler)})) + case textAppenderType: + v2.Set(reflect.ValueOf(struct{ encoding.TextAppender }{va.Elem().Interface().(encoding.TextAppender)})) + case textMarshalerType: + v2.Set(reflect.ValueOf(struct{ encoding.TextMarshaler }{va.Elem().Interface().(encoding.TextMarshaler)})) + } + va = v2 + } } v := newAddressableValue(va.Elem().Type()) v.Set(va.Elem()) marshal := lookupArshaler(v.Type()).marshal if mo.Marshalers != nil { - marshal, _ = mo.Marshalers.lookup(marshal, v.Type()) + marshal, _ = mo.Marshalers.(*Marshalers).lookup(marshal, v.Type()) } // Optimize for the any type if there are no special options. - if optimizeCommon && t == anyType && !mo.StringifyNumbers && mo.format == "" && (mo.Marshalers == nil || !mo.Marshalers.fromAny) { - return marshalValueAny(mo, enc, va.Elem().Interface()) + if optimizeCommon && + t == anyType && !mo.Flags.Get(jsonflags.StringifyNumbers|jsonflags.StringifyBoolsAndStrings) && mo.Format == "" && + (mo.Marshalers == nil || !mo.Marshalers.(*Marshalers).fromAny) { + return marshalValueAny(enc, va.Elem().Interface(), mo) } - return marshal(mo, enc, v) + return marshal(enc, v, mo) } - fncs.unmarshal = func(uo UnmarshalOptions, dec *Decoder, va addressableValue) error { - if uo.format != "" && uo.formatDepth == dec.tokens.depth() { - return newInvalidFormatError("unmarshal", t, uo.format) + fncs.unmarshal = func(dec *jsontext.Decoder, va addressableValue, uo *jsonopts.Struct) error { + xd := export.Decoder(dec) + if uo.Format != "" && uo.FormatDepth == xd.Tokens.Depth() { + return newInvalidFormatError(dec, t) + } + if uo.Flags.Get(jsonflags.MergeWithLegacySemantics) && !va.IsNil() { + // Legacy merge behavior is difficult to explain. + // In general, it only merges for non-nil pointer kinds. + // As a special case, unmarshaling a JSON null into a pointer + // sets a concrete nil pointer of the underlying type + // (rather than setting the interface value itself to nil). + e := va.Elem() + if e.Kind() == reflect.Pointer && !e.IsNil() { + if dec.PeekKind() == 'n' && e.Elem().Kind() == reflect.Pointer { + if _, err := dec.ReadToken(); err != nil { + return err + } + va.Elem().Elem().SetZero() + return nil + } + } else { + va.SetZero() + } } if dec.PeekKind() == 'n' { if _, err := dec.ReadToken(); err != nil { return err } - va.Set(reflect.Zero(t)) + va.SetZero() return nil } var v addressableValue @@ -1407,8 +1781,10 @@ func makeInterfaceArshaler(t reflect.Type) *arshaler { // are always unmarshaled into an any value as Go strings. // Duplicate name check must be enforced since unmarshalValueAny // does not implement merge semantics. - if optimizeCommon && t == anyType && uo.format == "" && (uo.Unmarshalers == nil || !uo.Unmarshalers.fromAny) && !dec.options.AllowDuplicateNames { - v, err := unmarshalValueAny(uo, dec) + if optimizeCommon && + t == anyType && !uo.Flags.Get(jsonflags.AllowDuplicateNames) && uo.Format == "" && + (uo.Unmarshalers == nil || !uo.Unmarshalers.(*Unmarshalers).fromAny) { + v, err := unmarshalValueAny(dec, uo) // We must check for nil interface values up front. // See https://go.dev/issue/52310. if v != nil { @@ -1419,8 +1795,7 @@ func makeInterfaceArshaler(t reflect.Type) *arshaler { k := dec.PeekKind() if !isAnyType(t) { - err := errors.New("cannot derive concrete type for non-empty interface") - return &SemanticError{action: "unmarshal", JSONKind: k, GoType: t, Err: err} + return newUnmarshalErrorBeforeWithSkipping(dec, t, internal.ErrNilInterface) } switch k { case 'f', 't': @@ -1428,7 +1803,11 @@ func makeInterfaceArshaler(t reflect.Type) *arshaler { case '"': v = newAddressableValue(stringType) case '0': - v = newAddressableValue(float64Type) + if uo.Flags.Get(jsonflags.UnmarshalAnyWithRawNumber) { + v = addressableValue{reflect.ValueOf(internal.NewRawNumber()).Elem(), true} + } else { + v = newAddressableValue(float64Type) + } case '{': v = newAddressableValue(mapStringAnyType) case '[': @@ -1450,9 +1829,9 @@ func makeInterfaceArshaler(t reflect.Type) *arshaler { } unmarshal := lookupArshaler(v.Type()).unmarshal if uo.Unmarshalers != nil { - unmarshal, _ = uo.Unmarshalers.lookup(unmarshal, v.Type()) + unmarshal, _ = uo.Unmarshalers.(*Unmarshalers).lookup(unmarshal, v.Type()) } - err := unmarshal(uo, dec, v) + err := unmarshal(dec, v, uo) va.Set(v.Value) return err } @@ -1470,16 +1849,62 @@ func isAnyType(t reflect.Type) bool { func makeInvalidArshaler(t reflect.Type) *arshaler { var fncs arshaler - fncs.marshal = func(mo MarshalOptions, enc *Encoder, va addressableValue) error { - return &SemanticError{action: "marshal", GoType: t} + fncs.marshal = func(enc *jsontext.Encoder, va addressableValue, mo *jsonopts.Struct) error { + return newMarshalErrorBefore(enc, t, nil) } - fncs.unmarshal = func(uo UnmarshalOptions, dec *Decoder, va addressableValue) error { - return &SemanticError{action: "unmarshal", GoType: t} + fncs.unmarshal = func(dec *jsontext.Decoder, va addressableValue, uo *jsonopts.Struct) error { + return newUnmarshalErrorBefore(dec, t, nil) } return &fncs } -func newInvalidFormatError(action string, t reflect.Type, format string) error { - err := fmt.Errorf("invalid format flag: %q", format) - return &SemanticError{action: action, GoType: t, Err: err} +func stringOrNumberKind(isString bool) jsontext.Kind { + if isString { + return '"' + } else { + return '0' + } +} + +type uintSet64 uint64 + +func (s uintSet64) has(i uint) bool { return s&(1< 0 } +func (s *uintSet64) set(i uint) { *s |= 1 << i } + +// uintSet is a set of unsigned integers. +// It is optimized for most integers being close to zero. +type uintSet struct { + lo uintSet64 + hi []uintSet64 +} + +// has reports whether i is in the set. +func (s *uintSet) has(i uint) bool { + if i < 64 { + return s.lo.has(i) + } else { + i -= 64 + iHi, iLo := int(i/64), i%64 + return iHi < len(s.hi) && s.hi[iHi].has(iLo) + } +} + +// insert inserts i into the set and reports whether it was the first insertion. +func (s *uintSet) insert(i uint) bool { + // TODO: Make this inlinable at least for the lower 64-bit case. + if i < 64 { + has := s.lo.has(i) + s.lo.set(i) + return !has + } else { + i -= 64 + iHi, iLo := int(i/64), i%64 + if iHi >= len(s.hi) { + s.hi = append(s.hi, make([]uintSet64, iHi+1-len(s.hi))...) + s.hi = s.hi[:cap(s.hi)] + } + has := s.hi[iHi].has(iLo) + s.hi[iHi].set(iLo) + return !has + } } diff --git a/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/arshal_funcs.go b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/arshal_funcs.go index 8a4e700839..1f5d018689 100644 --- a/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/arshal_funcs.go +++ b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/arshal_funcs.go @@ -2,6 +2,8 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. +//go:build !goexperiment.jsonv2 || !go1.25 + package json import ( @@ -9,62 +11,75 @@ import ( "fmt" "reflect" "sync" + + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal" + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal/jsonflags" + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal/jsonopts" + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext" ) -// SkipFunc may be returned by MarshalFuncV2 and UnmarshalFuncV2 functions. +// SkipFunc may be returned by [MarshalToFunc] and [UnmarshalFromFunc] functions. // // Any function that returns SkipFunc must not cause observable side effects -// on the provided Encoder or Decoder. For example, it is permissible to call -// Decoder.PeekKind, but not permissible to call Decoder.ReadToken or -// Encoder.WriteToken since such methods mutate the state. -const SkipFunc = jsonError("skip function") +// on the provided [jsontext.Encoder] or [jsontext.Decoder]. +// For example, it is permissible to call [jsontext.Decoder.PeekKind], +// but not permissible to call [jsontext.Decoder.ReadToken] or +// [jsontext.Encoder.WriteToken] since such methods mutate the state. +var SkipFunc = errors.New("json: skip function") + +var errSkipMutation = errors.New("must not read or write any tokens when skipping") +var errNonSingularValue = errors.New("must read or write exactly one value") // Marshalers is a list of functions that may override the marshal behavior -// of specific types. Populate MarshalOptions.Marshalers to use it. +// of specific types. Populate [WithMarshalers] to use it with +// [Marshal], [MarshalWrite], or [MarshalEncode]. // A nil *Marshalers is equivalent to an empty list. +// There are no exported fields or methods on Marshalers. type Marshalers = typedMarshalers -// NewMarshalers constructs a flattened list of marshal functions. +// JoinMarshalers constructs a flattened list of marshal functions. // If multiple functions in the list are applicable for a value of a given type, // then those earlier in the list take precedence over those that come later. -// If a function returns SkipFunc, then the next applicable function is called, +// If a function returns [SkipFunc], then the next applicable function is called, // otherwise the default marshaling behavior is used. // // For example: // -// m1 := NewMarshalers(f1, f2) -// m2 := NewMarshalers(f0, m1, f3) // equivalent to m3 -// m3 := NewMarshalers(f0, f1, f2, f3) // equivalent to m2 -func NewMarshalers(ms ...*Marshalers) *Marshalers { +// m1 := JoinMarshalers(f1, f2) +// m2 := JoinMarshalers(f0, m1, f3) // equivalent to m3 +// m3 := JoinMarshalers(f0, f1, f2, f3) // equivalent to m2 +func JoinMarshalers(ms ...*Marshalers) *Marshalers { return newMarshalers(ms...) } // Unmarshalers is a list of functions that may override the unmarshal behavior -// of specific types. Populate UnmarshalOptions.Unmarshalers to use it. +// of specific types. Populate [WithUnmarshalers] to use it with +// [Unmarshal], [UnmarshalRead], or [UnmarshalDecode]. // A nil *Unmarshalers is equivalent to an empty list. +// There are no exported fields or methods on Unmarshalers. type Unmarshalers = typedUnmarshalers -// NewUnmarshalers constructs a flattened list of unmarshal functions. +// JoinUnmarshalers constructs a flattened list of unmarshal functions. // If multiple functions in the list are applicable for a value of a given type, // then those earlier in the list take precedence over those that come later. -// If a function returns SkipFunc, then the next applicable function is called, +// If a function returns [SkipFunc], then the next applicable function is called, // otherwise the default unmarshaling behavior is used. // // For example: // -// u1 := NewUnmarshalers(f1, f2) -// u2 := NewUnmarshalers(f0, u1, f3) // equivalent to u3 -// u3 := NewUnmarshalers(f0, f1, f2, f3) // equivalent to u2 -func NewUnmarshalers(us ...*Unmarshalers) *Unmarshalers { +// u1 := JoinUnmarshalers(f1, f2) +// u2 := JoinUnmarshalers(f0, u1, f3) // equivalent to u3 +// u3 := JoinUnmarshalers(f0, f1, f2, f3) // equivalent to u2 +func JoinUnmarshalers(us ...*Unmarshalers) *Unmarshalers { return newUnmarshalers(us...) } -type typedMarshalers = typedArshalers[MarshalOptions, Encoder] -type typedUnmarshalers = typedArshalers[UnmarshalOptions, Decoder] -type typedArshalers[Options, Coder any] struct { +type typedMarshalers = typedArshalers[jsontext.Encoder] +type typedUnmarshalers = typedArshalers[jsontext.Decoder] +type typedArshalers[Coder any] struct { nonComparable - fncVals []typedArshaler[Options, Coder] + fncVals []typedArshaler[Coder] fncCache sync.Map // map[reflect.Type]arshaler // fromAny reports whether any of Go types used to represent arbitrary JSON @@ -78,18 +93,18 @@ type typedArshalers[Options, Coder any] struct { // if this is true. fromAny bool } -type typedMarshaler = typedArshaler[MarshalOptions, Encoder] -type typedUnmarshaler = typedArshaler[UnmarshalOptions, Decoder] -type typedArshaler[Options, Coder any] struct { +type typedMarshaler = typedArshaler[jsontext.Encoder] +type typedUnmarshaler = typedArshaler[jsontext.Decoder] +type typedArshaler[Coder any] struct { typ reflect.Type - fnc func(Options, *Coder, addressableValue) error + fnc func(*Coder, addressableValue, *jsonopts.Struct) error maySkip bool } func newMarshalers(ms ...*Marshalers) *Marshalers { return newTypedArshalers(ms...) } func newUnmarshalers(us ...*Unmarshalers) *Unmarshalers { return newTypedArshalers(us...) } -func newTypedArshalers[Options, Coder any](as ...*typedArshalers[Options, Coder]) *typedArshalers[Options, Coder] { - var a typedArshalers[Options, Coder] +func newTypedArshalers[Coder any](as ...*typedArshalers[Coder]) *typedArshalers[Coder] { + var a typedArshalers[Coder] for _, a2 := range as { if a2 != nil { a.fncVals = append(a.fncVals, a2.fncVals...) @@ -102,7 +117,7 @@ func newTypedArshalers[Options, Coder any](as ...*typedArshalers[Options, Coder] return &a } -func (a *typedArshalers[Options, Coder]) lookup(fnc func(Options, *Coder, addressableValue) error, t reflect.Type) (func(Options, *Coder, addressableValue) error, bool) { +func (a *typedArshalers[Coder]) lookup(fnc func(*Coder, addressableValue, *jsonopts.Struct) error, t reflect.Type) (func(*Coder, addressableValue, *jsonopts.Struct) error, bool) { if a == nil { return fnc, false } @@ -110,12 +125,12 @@ func (a *typedArshalers[Options, Coder]) lookup(fnc func(Options, *Coder, addres if v == nil { return fnc, false } - return v.(func(Options, *Coder, addressableValue) error), true + return v.(func(*Coder, addressableValue, *jsonopts.Struct) error), true } // Collect a list of arshalers that can be called for this type. // This list may be longer than 1 since some arshalers can be skipped. - var fncs []func(Options, *Coder, addressableValue) error + var fncs []func(*Coder, addressableValue, *jsonopts.Struct) error for _, fncVal := range a.fncVals { if !castableTo(t, fncVal.typ) { continue @@ -133,21 +148,21 @@ func (a *typedArshalers[Options, Coder]) lookup(fnc func(Options, *Coder, addres // Construct an arshaler that may call every applicable arshaler. fncDefault := fnc - fnc = func(o Options, c *Coder, v addressableValue) error { + fnc = func(c *Coder, v addressableValue, o *jsonopts.Struct) error { for _, fnc := range fncs { - if err := fnc(o, c, v); err != SkipFunc { + if err := fnc(c, v, o); err != SkipFunc { return err // may be nil or non-nil } } - return fncDefault(o, c, v) + return fncDefault(c, v, o) } // Use the first stored so duplicate work can be garbage collected. v, _ := a.fncCache.LoadOrStore(t, fnc) - return v.(func(Options, *Coder, addressableValue) error), true + return v.(func(*Coder, addressableValue, *jsonopts.Struct) error), true } -// MarshalFuncV1 constructs a type-specific marshaler that +// MarshalFunc constructs a type-specific marshaler that // specifies how to marshal values of type T. // T can be any type except a named pointer. // The function is always provided with a non-nil pointer value @@ -155,22 +170,30 @@ func (a *typedArshalers[Options, Coder]) lookup(fnc func(Options, *Coder, addres // // The function must marshal exactly one JSON value. // The value of T must not be retained outside the function call. -// It may not return SkipFunc. -func MarshalFuncV1[T any](fn func(T) ([]byte, error)) *Marshalers { - t := reflect.TypeOf((*T)(nil)).Elem() +// It may not return [SkipFunc]. +func MarshalFunc[T any](fn func(T) ([]byte, error)) *Marshalers { + t := reflect.TypeFor[T]() assertCastableTo(t, true) typFnc := typedMarshaler{ typ: t, - fnc: func(mo MarshalOptions, enc *Encoder, va addressableValue) error { + fnc: func(enc *jsontext.Encoder, va addressableValue, mo *jsonopts.Struct) error { val, err := fn(va.castTo(t).Interface().(T)) if err != nil { err = wrapSkipFunc(err, "marshal function of type func(T) ([]byte, error)") - // TODO: Avoid wrapping semantic errors. - return &SemanticError{action: "marshal", GoType: t, Err: err} + if mo.Flags.Get(jsonflags.ReportErrorsWithLegacySemantics) { + return internal.NewMarshalerError(va.Addr().Interface(), err, "MarshalFunc") // unlike unmarshal, always wrapped + } + err = newMarshalErrorBefore(enc, t, err) + return collapseSemanticErrors(err) } if err := enc.WriteValue(val); err != nil { - // TODO: Avoid wrapping semantic or I/O errors. - return &SemanticError{action: "marshal", JSONKind: RawValue(val).Kind(), GoType: t, Err: err} + if mo.Flags.Get(jsonflags.ReportErrorsWithLegacySemantics) { + return internal.NewMarshalerError(va.Addr().Interface(), err, "MarshalFunc") // unlike unmarshal, always wrapped + } + if isSyntacticError(err) { + err = newMarshalErrorBefore(enc, t, err) + } + return err } return nil }, @@ -178,39 +201,47 @@ func MarshalFuncV1[T any](fn func(T) ([]byte, error)) *Marshalers { return &Marshalers{fncVals: []typedMarshaler{typFnc}, fromAny: castableToFromAny(t)} } -// MarshalFuncV2 constructs a type-specific marshaler that +// MarshalToFunc constructs a type-specific marshaler that // specifies how to marshal values of type T. // T can be any type except a named pointer. // The function is always provided with a non-nil pointer value // if T is an interface or pointer type. // // The function must marshal exactly one JSON value by calling write methods -// on the provided encoder. It may return SkipFunc such that marshaling can +// on the provided encoder. It may return [SkipFunc] such that marshaling can // move on to the next marshal function. However, no mutable method calls may -// be called on the encoder if SkipFunc is returned. -// The pointer to Encoder and the value of T must not be retained -// outside the function call. -func MarshalFuncV2[T any](fn func(MarshalOptions, *Encoder, T) error) *Marshalers { - t := reflect.TypeOf((*T)(nil)).Elem() +// be called on the encoder if [SkipFunc] is returned. +// The pointer to [jsontext.Encoder] and the value of T +// must not be retained outside the function call. +func MarshalToFunc[T any](fn func(*jsontext.Encoder, T) error) *Marshalers { + t := reflect.TypeFor[T]() assertCastableTo(t, true) typFnc := typedMarshaler{ typ: t, - fnc: func(mo MarshalOptions, enc *Encoder, va addressableValue) error { - prevDepth, prevLength := enc.tokens.depthLength() - err := fn(mo, enc, va.castTo(t).Interface().(T)) - currDepth, currLength := enc.tokens.depthLength() + fnc: func(enc *jsontext.Encoder, va addressableValue, mo *jsonopts.Struct) error { + xe := export.Encoder(enc) + prevDepth, prevLength := xe.Tokens.DepthLength() + xe.Flags.Set(jsonflags.WithinArshalCall | 1) + err := fn(enc, va.castTo(t).Interface().(T)) + xe.Flags.Set(jsonflags.WithinArshalCall | 0) + currDepth, currLength := xe.Tokens.DepthLength() if err == nil && (prevDepth != currDepth || prevLength+1 != currLength) { - err = errors.New("must write exactly one JSON value") + err = errNonSingularValue } if err != nil { if err == SkipFunc { if prevDepth == currDepth && prevLength == currLength { return SkipFunc } - err = errors.New("must not write any JSON tokens when skipping") + err = errSkipMutation } - // TODO: Avoid wrapping semantic or I/O errors. - return &SemanticError{action: "marshal", GoType: t, Err: err} + if mo.Flags.Get(jsonflags.ReportErrorsWithLegacySemantics) { + return internal.NewMarshalerError(va.Addr().Interface(), err, "MarshalToFunc") // unlike unmarshal, always wrapped + } + if !export.IsIOError(err) { + err = newSemanticErrorWithPosition(enc, t, prevDepth, prevLength, err) + } + return err } return nil }, @@ -219,7 +250,7 @@ func MarshalFuncV2[T any](fn func(MarshalOptions, *Encoder, T) error) *Marshaler return &Marshalers{fncVals: []typedMarshaler{typFnc}, fromAny: castableToFromAny(t)} } -// UnmarshalFuncV1 constructs a type-specific unmarshaler that +// UnmarshalFunc constructs a type-specific unmarshaler that // specifies how to unmarshal values of type T. // T must be an unnamed pointer or an interface type. // The function is always provided with a non-nil pointer value. @@ -227,13 +258,13 @@ func MarshalFuncV2[T any](fn func(MarshalOptions, *Encoder, T) error) *Marshaler // The function must unmarshal exactly one JSON value. // The input []byte must not be mutated. // The input []byte and value T must not be retained outside the function call. -// It may not return SkipFunc. -func UnmarshalFuncV1[T any](fn func([]byte, T) error) *Unmarshalers { - t := reflect.TypeOf((*T)(nil)).Elem() +// It may not return [SkipFunc]. +func UnmarshalFunc[T any](fn func([]byte, T) error) *Unmarshalers { + t := reflect.TypeFor[T]() assertCastableTo(t, false) typFnc := typedUnmarshaler{ typ: t, - fnc: func(uo UnmarshalOptions, dec *Decoder, va addressableValue) error { + fnc: func(dec *jsontext.Decoder, va addressableValue, uo *jsonopts.Struct) error { val, err := dec.ReadValue() if err != nil { return err // must be a syntactic or I/O error @@ -241,8 +272,11 @@ func UnmarshalFuncV1[T any](fn func([]byte, T) error) *Unmarshalers { err = fn(val, va.castTo(t).Interface().(T)) if err != nil { err = wrapSkipFunc(err, "unmarshal function of type func([]byte, T) error") - // TODO: Avoid wrapping semantic, syntactic, or I/O errors. - return &SemanticError{action: "unmarshal", JSONKind: val.Kind(), GoType: t, Err: err} + if uo.Flags.Get(jsonflags.ReportErrorsWithLegacySemantics) { + return err // unlike marshal, never wrapped + } + err = newUnmarshalErrorAfter(dec, t, err) + return collapseSemanticErrors(err) } return nil }, @@ -250,38 +284,49 @@ func UnmarshalFuncV1[T any](fn func([]byte, T) error) *Unmarshalers { return &Unmarshalers{fncVals: []typedUnmarshaler{typFnc}, fromAny: castableToFromAny(t)} } -// UnmarshalFuncV2 constructs a type-specific unmarshaler that +// UnmarshalFromFunc constructs a type-specific unmarshaler that // specifies how to unmarshal values of type T. // T must be an unnamed pointer or an interface type. // The function is always provided with a non-nil pointer value. // // The function must unmarshal exactly one JSON value by calling read methods -// on the provided decoder. It may return SkipFunc such that unmarshaling can +// on the provided decoder. It may return [SkipFunc] such that unmarshaling can // move on to the next unmarshal function. However, no mutable method calls may -// be called on the decoder if SkipFunc is returned. -// The pointer to Decoder and the value of T must not be retained -// outside the function call. -func UnmarshalFuncV2[T any](fn func(UnmarshalOptions, *Decoder, T) error) *Unmarshalers { - t := reflect.TypeOf((*T)(nil)).Elem() +// be called on the decoder if [SkipFunc] is returned. +// The pointer to [jsontext.Decoder] and the value of T +// must not be retained outside the function call. +func UnmarshalFromFunc[T any](fn func(*jsontext.Decoder, T) error) *Unmarshalers { + t := reflect.TypeFor[T]() assertCastableTo(t, false) typFnc := typedUnmarshaler{ typ: t, - fnc: func(uo UnmarshalOptions, dec *Decoder, va addressableValue) error { - prevDepth, prevLength := dec.tokens.depthLength() - err := fn(uo, dec, va.castTo(t).Interface().(T)) - currDepth, currLength := dec.tokens.depthLength() + fnc: func(dec *jsontext.Decoder, va addressableValue, uo *jsonopts.Struct) error { + xd := export.Decoder(dec) + prevDepth, prevLength := xd.Tokens.DepthLength() + xd.Flags.Set(jsonflags.WithinArshalCall | 1) + err := fn(dec, va.castTo(t).Interface().(T)) + xd.Flags.Set(jsonflags.WithinArshalCall | 0) + currDepth, currLength := xd.Tokens.DepthLength() if err == nil && (prevDepth != currDepth || prevLength+1 != currLength) { - err = errors.New("must read exactly one JSON value") + err = errNonSingularValue } if err != nil { if err == SkipFunc { if prevDepth == currDepth && prevLength == currLength { return SkipFunc } - err = errors.New("must not read any JSON tokens when skipping") + err = errSkipMutation + } + if uo.Flags.Get(jsonflags.ReportErrorsWithLegacySemantics) { + if err2 := xd.SkipUntil(prevDepth, prevLength+1); err2 != nil { + return err2 + } + return err // unlike marshal, never wrapped + } + if !isSyntacticError(err) && !export.IsIOError(err) { + err = newSemanticErrorWithPosition(dec, t, prevDepth, prevLength, err) } - // TODO: Avoid wrapping semantic, syntactic, or I/O errors. - return &SemanticError{action: "unmarshal", GoType: t, Err: err} + return err } return nil }, diff --git a/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/arshal_inlined.go b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/arshal_inlined.go index 258a98247d..f73ed32405 100644 --- a/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/arshal_inlined.go +++ b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/arshal_inlined.go @@ -2,12 +2,20 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. +//go:build !goexperiment.jsonv2 || !go1.25 + package json import ( "bytes" "errors" + "io" "reflect" + + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal/jsonflags" + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal/jsonopts" + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal/jsonwire" + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext" ) // This package supports "inlining" a Go struct field, where the contents @@ -18,18 +26,20 @@ import ( // nested struct are virtually hoisted up to the parent struct using rules // similar to how Go embedding works (but operating within the JSON namespace). // -// However, inlined fields may also be of a Go map type with a string key -// or a RawValue. Such inlined fields are called "fallback" fields since they +// However, inlined fields may also be of a Go map type with a string key or +// a jsontext.Value. Such inlined fields are called "fallback" fields since they // represent any arbitrary JSON object member. Explicitly named fields take // precedence over the inlined fallback. Only one inlined fallback is allowed. -var rawValueType = reflect.TypeOf((*RawValue)(nil)).Elem() +var errRawInlinedNotObject = errors.New("inlined raw value must be a JSON object") + +var jsontextValueType = reflect.TypeFor[jsontext.Value]() // marshalInlinedFallbackAll marshals all the members in an inlined fallback. -func marshalInlinedFallbackAll(mo MarshalOptions, enc *Encoder, va addressableValue, f *structField, insertUnquotedName func([]byte) bool) error { - v := addressableValue{va.Field(f.index[0])} // addressable if struct value is addressable - if len(f.index) > 1 { - v = v.fieldByIndex(f.index[1:], false) +func marshalInlinedFallbackAll(enc *jsontext.Encoder, va addressableValue, mo *jsonopts.Struct, f *structField, insertUnquotedName func([]byte) bool) error { + v := addressableValue{va.Field(f.index0), va.forcedAddr} // addressable if struct value is addressable + if len(f.index) > 0 { + v = v.fieldByIndex(f.index, false) if !v.IsValid() { return nil // implies a nil inlined field } @@ -39,34 +49,39 @@ func marshalInlinedFallbackAll(mo MarshalOptions, enc *Encoder, va addressableVa return nil } - if v.Type() == rawValueType { - b := v.Interface().(RawValue) + if v.Type() == jsontextValueType { + // TODO(https://go.dev/issue/62121): Use reflect.Value.AssertTo. + b := *v.Addr().Interface().(*jsontext.Value) if len(b) == 0 { // TODO: Should this be nil? What if it were all whitespace? return nil } - dec := getBufferedDecoder(b, DecodeOptions{AllowDuplicateNames: true, AllowInvalidUTF8: true}) - defer putBufferedDecoder(dec) + dec := export.GetBufferedDecoder(b) + defer export.PutBufferedDecoder(dec) + xd := export.Decoder(dec) + xd.Flags.Set(jsonflags.AllowDuplicateNames | jsonflags.AllowInvalidUTF8 | 1) tok, err := dec.ReadToken() if err != nil { - return &SemanticError{action: "marshal", GoType: rawValueType, Err: err} + if err == io.EOF { + err = io.ErrUnexpectedEOF + } + return newMarshalErrorBefore(enc, v.Type(), err) } if tok.Kind() != '{' { - err := errors.New("inlined raw value must be a JSON object") - return &SemanticError{action: "marshal", JSONKind: tok.Kind(), GoType: rawValueType, Err: err} + return newMarshalErrorBefore(enc, v.Type(), errRawInlinedNotObject) } for dec.PeekKind() != '}' { // Parse the JSON object name. - var flags valueFlags - val, err := dec.readValue(&flags) + var flags jsonwire.ValueFlags + val, err := xd.ReadValue(&flags) if err != nil { - return &SemanticError{action: "marshal", GoType: rawValueType, Err: err} + return newMarshalErrorBefore(enc, v.Type(), err) } if insertUnquotedName != nil { - name := unescapeStringMayCopy(val, flags.isVerbatim()) + name := jsonwire.UnquoteMayCopy(val, flags.IsVerbatim()) if !insertUnquotedName(name) { - return &SyntacticError{str: "duplicate name " + string(val) + " in object"} + return newDuplicateNameError(enc.StackPointer().Parent(), val, enc.OutputOffset()) } } if err := enc.WriteValue(val); err != nil { @@ -74,55 +89,55 @@ func marshalInlinedFallbackAll(mo MarshalOptions, enc *Encoder, va addressableVa } // Parse the JSON object value. - val, err = dec.readValue(&flags) + val, err = xd.ReadValue(&flags) if err != nil { - return &SemanticError{action: "marshal", GoType: rawValueType, Err: err} + return newMarshalErrorBefore(enc, v.Type(), err) } if err := enc.WriteValue(val); err != nil { return err } } if _, err := dec.ReadToken(); err != nil { - return &SemanticError{action: "marshal", GoType: rawValueType, Err: err} + return newMarshalErrorBefore(enc, v.Type(), err) } - if err := dec.checkEOF(); err != nil { - return &SemanticError{action: "marshal", GoType: rawValueType, Err: err} + if err := xd.CheckEOF(); err != nil { + return newMarshalErrorBefore(enc, v.Type(), err) } return nil } else { - m := v // must be a map[string]V + m := v // must be a map[~string]V n := m.Len() if n == 0 { return nil } - mk := newAddressableValue(stringType) + mk := newAddressableValue(m.Type().Key()) mv := newAddressableValue(m.Type().Elem()) marshalKey := func(mk addressableValue) error { - b, err := appendString(enc.UnusedBuffer(), mk.String(), !enc.options.AllowInvalidUTF8, nil) + b, err := jsonwire.AppendQuote(enc.AvailableBuffer(), mk.String(), &mo.Flags) if err != nil { - return err + return newMarshalErrorBefore(enc, m.Type().Key(), err) } if insertUnquotedName != nil { isVerbatim := bytes.IndexByte(b, '\\') < 0 - name := unescapeStringMayCopy(b, isVerbatim) + name := jsonwire.UnquoteMayCopy(b, isVerbatim) if !insertUnquotedName(name) { - return &SyntacticError{str: "duplicate name " + string(b) + " in object"} + return newDuplicateNameError(enc.StackPointer().Parent(), b, enc.OutputOffset()) } } return enc.WriteValue(b) } marshalVal := f.fncs.marshal if mo.Marshalers != nil { - marshalVal, _ = mo.Marshalers.lookup(marshalVal, mv.Type()) + marshalVal, _ = mo.Marshalers.(*Marshalers).lookup(marshalVal, mv.Type()) } - if !mo.Deterministic || n <= 1 { + if !mo.Flags.Get(jsonflags.Deterministic) || n <= 1 { for iter := m.MapRange(); iter.Next(); { mk.SetIterKey(iter) if err := marshalKey(mk); err != nil { return err } mv.Set(iter.Value()) - if err := marshalVal(mo, enc, mv); err != nil { + if err := marshalVal(enc, mv, mo); err != nil { return err } } @@ -140,7 +155,7 @@ func marshalInlinedFallbackAll(mo MarshalOptions, enc *Encoder, va addressableVa } // TODO(https://go.dev/issue/57061): Use mv.SetMapIndexOf. mv.Set(m.MapIndex(mk.Value)) - if err := marshalVal(mo, enc, mv); err != nil { + if err := marshalVal(enc, mv, mo); err != nil { return err } } @@ -151,59 +166,61 @@ func marshalInlinedFallbackAll(mo MarshalOptions, enc *Encoder, va addressableVa } // unmarshalInlinedFallbackNext unmarshals only the next member in an inlined fallback. -func unmarshalInlinedFallbackNext(uo UnmarshalOptions, dec *Decoder, va addressableValue, f *structField, quotedName, unquotedName []byte) error { - v := addressableValue{va.Field(f.index[0])} // addressable if struct value is addressable - if len(f.index) > 1 { - v = v.fieldByIndex(f.index[1:], true) +func unmarshalInlinedFallbackNext(dec *jsontext.Decoder, va addressableValue, uo *jsonopts.Struct, f *structField, quotedName, unquotedName []byte) error { + v := addressableValue{va.Field(f.index0), va.forcedAddr} // addressable if struct value is addressable + if len(f.index) > 0 { + v = v.fieldByIndex(f.index, true) } v = v.indirect(true) - if v.Type() == rawValueType { - b := v.Addr().Interface().(*RawValue) + if v.Type() == jsontextValueType { + b := v.Addr().Interface().(*jsontext.Value) if len(*b) == 0 { // TODO: Should this be nil? What if it were all whitespace? *b = append(*b, '{') } else { - *b = trimSuffixWhitespace(*b) - if hasSuffixByte(*b, '}') { + *b = jsonwire.TrimSuffixWhitespace(*b) + if jsonwire.HasSuffixByte(*b, '}') { // TODO: When merging into an object for the first time, // should we verify that it is valid? - *b = trimSuffixByte(*b, '}') - *b = trimSuffixWhitespace(*b) - if !hasSuffixByte(*b, ',') && !hasSuffixByte(*b, '{') { + *b = jsonwire.TrimSuffixByte(*b, '}') + *b = jsonwire.TrimSuffixWhitespace(*b) + if !jsonwire.HasSuffixByte(*b, ',') && !jsonwire.HasSuffixByte(*b, '{') { *b = append(*b, ',') } } else { - err := errors.New("inlined raw value must be a JSON object") - return &SemanticError{action: "unmarshal", GoType: rawValueType, Err: err} + return newUnmarshalErrorAfterWithSkipping(dec, v.Type(), errRawInlinedNotObject) } } *b = append(*b, quotedName...) *b = append(*b, ':') - rawValue, err := dec.ReadValue() + val, err := dec.ReadValue() if err != nil { return err } - *b = append(*b, rawValue...) + *b = append(*b, val...) *b = append(*b, '}') return nil } else { name := string(unquotedName) // TODO: Intern this? - m := v // must be a map[string]V + m := v // must be a map[~string]V if m.IsNil() { m.Set(reflect.MakeMap(m.Type())) } mk := reflect.ValueOf(name) - mv := newAddressableValue(v.Type().Elem()) // TODO: Cache across calls? + if mkt := m.Type().Key(); mkt != stringType { + mk = mk.Convert(mkt) + } + mv := newAddressableValue(m.Type().Elem()) // TODO: Cache across calls? if v2 := m.MapIndex(mk); v2.IsValid() { mv.Set(v2) } unmarshal := f.fncs.unmarshal if uo.Unmarshalers != nil { - unmarshal, _ = uo.Unmarshalers.lookup(unmarshal, mv.Type()) + unmarshal, _ = uo.Unmarshalers.(*Unmarshalers).lookup(unmarshal, mv.Type()) } - err := unmarshal(uo, dec, mv) + err := unmarshal(dec, mv, uo) m.SetMapIndex(mk, mv.Value) if err != nil { return err diff --git a/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/arshal_methods.go b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/arshal_methods.go index 20899c868c..d6736342ba 100644 --- a/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/arshal_methods.go +++ b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/arshal_methods.go @@ -2,53 +2,68 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. +//go:build !goexperiment.jsonv2 || !go1.25 + package json import ( "encoding" "errors" "reflect" + + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal" + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal/jsonflags" + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal/jsonopts" + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal/jsonwire" + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext" ) +var errNonStringValue = errors.New("JSON value must be string type") + // Interfaces for custom serialization. var ( - jsonMarshalerV1Type = reflect.TypeOf((*MarshalerV1)(nil)).Elem() - jsonMarshalerV2Type = reflect.TypeOf((*MarshalerV2)(nil)).Elem() - jsonUnmarshalerV1Type = reflect.TypeOf((*UnmarshalerV1)(nil)).Elem() - jsonUnmarshalerV2Type = reflect.TypeOf((*UnmarshalerV2)(nil)).Elem() - textMarshalerType = reflect.TypeOf((*encoding.TextMarshaler)(nil)).Elem() - textUnmarshalerType = reflect.TypeOf((*encoding.TextUnmarshaler)(nil)).Elem() + jsonMarshalerType = reflect.TypeFor[Marshaler]() + jsonMarshalerToType = reflect.TypeFor[MarshalerTo]() + jsonUnmarshalerType = reflect.TypeFor[Unmarshaler]() + jsonUnmarshalerFromType = reflect.TypeFor[UnmarshalerFrom]() + textAppenderType = reflect.TypeFor[encoding.TextAppender]() + textMarshalerType = reflect.TypeFor[encoding.TextMarshaler]() + textUnmarshalerType = reflect.TypeFor[encoding.TextUnmarshaler]() + + allMarshalerTypes = []reflect.Type{jsonMarshalerToType, jsonMarshalerType, textAppenderType, textMarshalerType} + allUnmarshalerTypes = []reflect.Type{jsonUnmarshalerFromType, jsonUnmarshalerType, textUnmarshalerType} + allMethodTypes = append(allMarshalerTypes, allUnmarshalerTypes...) ) -// MarshalerV1 is implemented by types that can marshal themselves. -// It is recommended that types implement MarshalerV2 unless the implementation +// Marshaler is implemented by types that can marshal themselves. +// It is recommended that types implement [MarshalerTo] unless the implementation // is trying to avoid a hard dependency on the "jsontext" package. // // It is recommended that implementations return a buffer that is safe // for the caller to retain and potentially mutate. -type MarshalerV1 interface { +type Marshaler interface { MarshalJSON() ([]byte, error) } -// MarshalerV2 is implemented by types that can marshal themselves. -// It is recommended that types implement MarshalerV2 instead of MarshalerV1 +// MarshalerTo is implemented by types that can marshal themselves. +// It is recommended that types implement MarshalerTo instead of [Marshaler] // since this is both more performant and flexible. -// If a type implements both MarshalerV1 and MarshalerV2, -// then MarshalerV2 takes precedence. In such a case, both implementations +// If a type implements both Marshaler and MarshalerTo, +// then MarshalerTo takes precedence. In such a case, both implementations // should aim to have equivalent behavior for the default marshal options. // // The implementation must write only one JSON value to the Encoder and -// must not retain the pointer to Encoder. -type MarshalerV2 interface { - MarshalNextJSON(MarshalOptions, *Encoder) error +// must not retain the pointer to [jsontext.Encoder]. +type MarshalerTo interface { + MarshalJSONTo(*jsontext.Encoder) error - // TODO: Should users call the MarshalOptions.MarshalNext method or + // TODO: Should users call the MarshalEncode function or // should/can they call this method directly? Does it matter? } -// UnmarshalerV1 is implemented by types that can unmarshal themselves. -// It is recommended that types implement UnmarshalerV2 unless -// the implementation is trying to avoid a hard dependency on this package. +// Unmarshaler is implemented by types that can unmarshal themselves. +// It is recommended that types implement [UnmarshalerFrom] unless the implementation +// is trying to avoid a hard dependency on the "jsontext" package. // // The input can be assumed to be a valid encoding of a JSON value // if called from unmarshal functionality in this package. @@ -57,26 +72,26 @@ type MarshalerV2 interface { // unmarshaling into a pre-populated value. // // Implementations must not retain or mutate the input []byte. -type UnmarshalerV1 interface { +type Unmarshaler interface { UnmarshalJSON([]byte) error } -// UnmarshalerV2 is implemented by types that can unmarshal themselves. -// It is recommended that types implement UnmarshalerV2 instead of UnmarshalerV1 +// UnmarshalerFrom is implemented by types that can unmarshal themselves. +// It is recommended that types implement UnmarshalerFrom instead of [Unmarshaler] // since this is both more performant and flexible. -// If a type implements both UnmarshalerV1 and UnmarshalerV2, -// then UnmarshalerV2 takes precedence. In such a case, both implementations +// If a type implements both Unmarshaler and UnmarshalerFrom, +// then UnmarshalerFrom takes precedence. In such a case, both implementations // should aim to have equivalent behavior for the default unmarshal options. // // The implementation must read only one JSON value from the Decoder. -// It is recommended that UnmarshalNextJSON implement merge semantics when +// It is recommended that UnmarshalJSONFrom implement merge semantics when // unmarshaling into a pre-populated value. // -// Implementations must not retain the pointer to Decoder. -type UnmarshalerV2 interface { - UnmarshalNextJSON(UnmarshalOptions, *Decoder) error +// Implementations must not retain the pointer to [jsontext.Decoder]. +type UnmarshalerFrom interface { + UnmarshalJSONFrom(*jsontext.Decoder) error - // TODO: Should users call the UnmarshalOptions.UnmarshalNext method or + // TODO: Should users call the UnmarshalDecode function or // should/can they call this method directly? Does it matter? } @@ -88,114 +103,205 @@ func makeMethodArshaler(fncs *arshaler, t reflect.Type) *arshaler { return fncs } - // Handle custom marshaler. - switch which, needAddr := implementsWhich(t, jsonMarshalerV2Type, jsonMarshalerV1Type, textMarshalerType); which { - case jsonMarshalerV2Type: + if needAddr, ok := implements(t, textMarshalerType); ok { fncs.nonDefault = true - fncs.marshal = func(mo MarshalOptions, enc *Encoder, va addressableValue) error { - prevDepth, prevLength := enc.tokens.depthLength() - err := va.addrWhen(needAddr).Interface().(MarshalerV2).MarshalNextJSON(mo, enc) - currDepth, currLength := enc.tokens.depthLength() - if (prevDepth != currDepth || prevLength+1 != currLength) && err == nil { - err = errors.New("must write exactly one JSON value") + prevMarshal := fncs.marshal + fncs.marshal = func(enc *jsontext.Encoder, va addressableValue, mo *jsonopts.Struct) error { + if mo.Flags.Get(jsonflags.CallMethodsWithLegacySemantics) && + (needAddr && va.forcedAddr) { + return prevMarshal(enc, va, mo) } - if err != nil { + marshaler := va.Addr().Interface().(encoding.TextMarshaler) + if err := export.Encoder(enc).AppendRaw('"', false, func(b []byte) ([]byte, error) { + b2, err := marshaler.MarshalText() + return append(b, b2...), err + }); err != nil { err = wrapSkipFunc(err, "marshal method") - // TODO: Avoid wrapping semantic or I/O errors. - return &SemanticError{action: "marshal", GoType: t, Err: err} + if mo.Flags.Get(jsonflags.ReportErrorsWithLegacySemantics) { + return internal.NewMarshalerError(va.Addr().Interface(), err, "MarshalText") // unlike unmarshal, always wrapped + } + if !isSemanticError(err) && !export.IsIOError(err) { + err = newMarshalErrorBefore(enc, t, err) + } + return err } return nil } - case jsonMarshalerV1Type: + } + + if needAddr, ok := implements(t, textAppenderType); ok { fncs.nonDefault = true - fncs.marshal = func(mo MarshalOptions, enc *Encoder, va addressableValue) error { - marshaler := va.addrWhen(needAddr).Interface().(MarshalerV1) - val, err := marshaler.MarshalJSON() - if err != nil { - err = wrapSkipFunc(err, "marshal method") - // TODO: Avoid wrapping semantic errors. - return &SemanticError{action: "marshal", GoType: t, Err: err} + prevMarshal := fncs.marshal + fncs.marshal = func(enc *jsontext.Encoder, va addressableValue, mo *jsonopts.Struct) (err error) { + if mo.Flags.Get(jsonflags.CallMethodsWithLegacySemantics) && + (needAddr && va.forcedAddr) { + return prevMarshal(enc, va, mo) } - if err := enc.WriteValue(val); err != nil { - // TODO: Avoid wrapping semantic or I/O errors. - return &SemanticError{action: "marshal", JSONKind: RawValue(val).Kind(), GoType: t, Err: err} + appender := va.Addr().Interface().(encoding.TextAppender) + if err := export.Encoder(enc).AppendRaw('"', false, appender.AppendText); err != nil { + err = wrapSkipFunc(err, "append method") + if mo.Flags.Get(jsonflags.ReportErrorsWithLegacySemantics) { + return internal.NewMarshalerError(va.Addr().Interface(), err, "AppendText") // unlike unmarshal, always wrapped + } + if !isSemanticError(err) && !export.IsIOError(err) { + err = newMarshalErrorBefore(enc, t, err) + } + return err } return nil } - case textMarshalerType: + } + + if needAddr, ok := implements(t, jsonMarshalerType); ok { fncs.nonDefault = true - fncs.marshal = func(mo MarshalOptions, enc *Encoder, va addressableValue) error { - marshaler := va.addrWhen(needAddr).Interface().(encoding.TextMarshaler) - s, err := marshaler.MarshalText() - if err != nil { - err = wrapSkipFunc(err, "marshal method") - // TODO: Avoid wrapping semantic errors. - return &SemanticError{action: "marshal", JSONKind: '"', GoType: t, Err: err} + prevMarshal := fncs.marshal + fncs.marshal = func(enc *jsontext.Encoder, va addressableValue, mo *jsonopts.Struct) error { + if mo.Flags.Get(jsonflags.CallMethodsWithLegacySemantics) && + ((needAddr && va.forcedAddr) || export.Encoder(enc).Tokens.Last.NeedObjectName()) { + return prevMarshal(enc, va, mo) } - val := enc.UnusedBuffer() - val, err = appendString(val, string(s), true, nil) + marshaler := va.Addr().Interface().(Marshaler) + val, err := marshaler.MarshalJSON() if err != nil { - return &SemanticError{action: "marshal", JSONKind: '"', GoType: t, Err: err} + err = wrapSkipFunc(err, "marshal method") + if mo.Flags.Get(jsonflags.ReportErrorsWithLegacySemantics) { + return internal.NewMarshalerError(va.Addr().Interface(), err, "MarshalJSON") // unlike unmarshal, always wrapped + } + err = newMarshalErrorBefore(enc, t, err) + return collapseSemanticErrors(err) } if err := enc.WriteValue(val); err != nil { - // TODO: Avoid wrapping syntactic or I/O errors. - return &SemanticError{action: "marshal", JSONKind: '"', GoType: t, Err: err} + if mo.Flags.Get(jsonflags.ReportErrorsWithLegacySemantics) { + return internal.NewMarshalerError(va.Addr().Interface(), err, "MarshalJSON") // unlike unmarshal, always wrapped + } + if isSyntacticError(err) { + err = newMarshalErrorBefore(enc, t, err) + } + return err } return nil } } - // Handle custom unmarshaler. - switch which, needAddr := implementsWhich(t, jsonUnmarshalerV2Type, jsonUnmarshalerV1Type, textUnmarshalerType); which { - case jsonUnmarshalerV2Type: + if needAddr, ok := implements(t, jsonMarshalerToType); ok { fncs.nonDefault = true - fncs.unmarshal = func(uo UnmarshalOptions, dec *Decoder, va addressableValue) error { - prevDepth, prevLength := dec.tokens.depthLength() - err := va.addrWhen(needAddr).Interface().(UnmarshalerV2).UnmarshalNextJSON(uo, dec) - currDepth, currLength := dec.tokens.depthLength() + prevMarshal := fncs.marshal + fncs.marshal = func(enc *jsontext.Encoder, va addressableValue, mo *jsonopts.Struct) error { + if mo.Flags.Get(jsonflags.CallMethodsWithLegacySemantics) && + ((needAddr && va.forcedAddr) || export.Encoder(enc).Tokens.Last.NeedObjectName()) { + return prevMarshal(enc, va, mo) + } + xe := export.Encoder(enc) + prevDepth, prevLength := xe.Tokens.DepthLength() + xe.Flags.Set(jsonflags.WithinArshalCall | 1) + err := va.Addr().Interface().(MarshalerTo).MarshalJSONTo(enc) + xe.Flags.Set(jsonflags.WithinArshalCall | 0) + currDepth, currLength := xe.Tokens.DepthLength() if (prevDepth != currDepth || prevLength+1 != currLength) && err == nil { - err = errors.New("must read exactly one JSON value") + err = errNonSingularValue } if err != nil { + err = wrapSkipFunc(err, "marshal method") + if mo.Flags.Get(jsonflags.ReportErrorsWithLegacySemantics) { + return internal.NewMarshalerError(va.Addr().Interface(), err, "MarshalJSONTo") // unlike unmarshal, always wrapped + } + if !export.IsIOError(err) { + err = newSemanticErrorWithPosition(enc, t, prevDepth, prevLength, err) + } + return err + } + return nil + } + } + + if _, ok := implements(t, textUnmarshalerType); ok { + fncs.nonDefault = true + fncs.unmarshal = func(dec *jsontext.Decoder, va addressableValue, uo *jsonopts.Struct) error { + xd := export.Decoder(dec) + var flags jsonwire.ValueFlags + val, err := xd.ReadValue(&flags) + if err != nil { + return err // must be a syntactic or I/O error + } + if val.Kind() == 'n' { + if !uo.Flags.Get(jsonflags.MergeWithLegacySemantics) { + va.SetZero() + } + return nil + } + if val.Kind() != '"' { + return newUnmarshalErrorAfter(dec, t, errNonStringValue) + } + s := jsonwire.UnquoteMayCopy(val, flags.IsVerbatim()) + unmarshaler := va.Addr().Interface().(encoding.TextUnmarshaler) + if err := unmarshaler.UnmarshalText(s); err != nil { err = wrapSkipFunc(err, "unmarshal method") - // TODO: Avoid wrapping semantic, syntactic, or I/O errors. - return &SemanticError{action: "unmarshal", GoType: t, Err: err} + if uo.Flags.Get(jsonflags.ReportErrorsWithLegacySemantics) { + return err // unlike marshal, never wrapped + } + if !isSemanticError(err) && !isSyntacticError(err) && !export.IsIOError(err) { + err = newUnmarshalErrorAfter(dec, t, err) + } + return err } return nil } - case jsonUnmarshalerV1Type: + } + + if _, ok := implements(t, jsonUnmarshalerType); ok { fncs.nonDefault = true - fncs.unmarshal = func(uo UnmarshalOptions, dec *Decoder, va addressableValue) error { + prevUnmarshal := fncs.unmarshal + fncs.unmarshal = func(dec *jsontext.Decoder, va addressableValue, uo *jsonopts.Struct) error { + if uo.Flags.Get(jsonflags.CallMethodsWithLegacySemantics) && + export.Decoder(dec).Tokens.Last.NeedObjectName() { + return prevUnmarshal(dec, va, uo) + } val, err := dec.ReadValue() if err != nil { return err // must be a syntactic or I/O error } - unmarshaler := va.addrWhen(needAddr).Interface().(UnmarshalerV1) + unmarshaler := va.Addr().Interface().(Unmarshaler) if err := unmarshaler.UnmarshalJSON(val); err != nil { err = wrapSkipFunc(err, "unmarshal method") - // TODO: Avoid wrapping semantic, syntactic, or I/O errors. - return &SemanticError{action: "unmarshal", JSONKind: val.Kind(), GoType: t, Err: err} + if uo.Flags.Get(jsonflags.ReportErrorsWithLegacySemantics) { + return err // unlike marshal, never wrapped + } + err = newUnmarshalErrorAfter(dec, t, err) + return collapseSemanticErrors(err) } return nil } - case textUnmarshalerType: + } + + if _, ok := implements(t, jsonUnmarshalerFromType); ok { fncs.nonDefault = true - fncs.unmarshal = func(uo UnmarshalOptions, dec *Decoder, va addressableValue) error { - var flags valueFlags - val, err := dec.readValue(&flags) - if err != nil { - return err // must be a syntactic or I/O error + prevUnmarshal := fncs.unmarshal + fncs.unmarshal = func(dec *jsontext.Decoder, va addressableValue, uo *jsonopts.Struct) error { + if uo.Flags.Get(jsonflags.CallMethodsWithLegacySemantics) && + export.Decoder(dec).Tokens.Last.NeedObjectName() { + return prevUnmarshal(dec, va, uo) } - if val.Kind() != '"' { - err = errors.New("JSON value must be string type") - return &SemanticError{action: "unmarshal", JSONKind: val.Kind(), GoType: t, Err: err} + xd := export.Decoder(dec) + prevDepth, prevLength := xd.Tokens.DepthLength() + xd.Flags.Set(jsonflags.WithinArshalCall | 1) + err := va.Addr().Interface().(UnmarshalerFrom).UnmarshalJSONFrom(dec) + xd.Flags.Set(jsonflags.WithinArshalCall | 0) + currDepth, currLength := xd.Tokens.DepthLength() + if (prevDepth != currDepth || prevLength+1 != currLength) && err == nil { + err = errNonSingularValue } - s := unescapeStringMayCopy(val, flags.isVerbatim()) - unmarshaler := va.addrWhen(needAddr).Interface().(encoding.TextUnmarshaler) - if err := unmarshaler.UnmarshalText(s); err != nil { + if err != nil { err = wrapSkipFunc(err, "unmarshal method") - // TODO: Avoid wrapping semantic, syntactic, or I/O errors. - return &SemanticError{action: "unmarshal", JSONKind: val.Kind(), GoType: t, Err: err} + if uo.Flags.Get(jsonflags.ReportErrorsWithLegacySemantics) { + if err2 := xd.SkipUntil(prevDepth, prevLength+1); err2 != nil { + return err2 + } + return err // unlike marshal, never wrapped + } + if !isSyntacticError(err) && !export.IsIOError(err) { + err = newSemanticErrorWithPosition(dec, t, prevDepth, prevLength, err) + } + return err } return nil } @@ -204,26 +310,28 @@ func makeMethodArshaler(fncs *arshaler, t reflect.Type) *arshaler { return fncs } -// implementsWhich is like t.Implements(ifaceType) for a list of interfaces, +// implementsAny is like t.Implements(ifaceType) for a list of interfaces, // but checks whether either t or reflect.PointerTo(t) implements the interface. -// It returns the first interface type that matches and whether a value of t -// needs to be addressed first before it implements the interface. -func implementsWhich(t reflect.Type, ifaceTypes ...reflect.Type) (which reflect.Type, needAddr bool) { +func implementsAny(t reflect.Type, ifaceTypes ...reflect.Type) bool { for _, ifaceType := range ifaceTypes { - switch { - case t.Implements(ifaceType): - return ifaceType, false - case reflect.PointerTo(t).Implements(ifaceType): - return ifaceType, true + if _, ok := implements(t, ifaceType); ok { + return true } } - return nil, false + return false } -// addrWhen returns va.Addr if addr is specified, otherwise it returns itself. -func (va addressableValue) addrWhen(addr bool) reflect.Value { - if addr { - return va.Addr() +// implements is like t.Implements(ifaceType) but checks whether +// either t or reflect.PointerTo(t) implements the interface. +// It also reports whether the value needs to be addressed +// in order to satisfy the interface. +func implements(t, ifaceType reflect.Type) (needAddr, ok bool) { + switch { + case t.Implements(ifaceType): + return false, true + case reflect.PointerTo(t).Implements(ifaceType): + return true, true + default: + return false, false } - return va.Value } diff --git a/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/arshal_time.go b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/arshal_time.go index fc8d5b0070..4d328ebee3 100644 --- a/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/arshal_time.go +++ b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/arshal_time.go @@ -2,23 +2,36 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. +//go:build !goexperiment.jsonv2 || !go1.25 + package json import ( + "bytes" + "cmp" "errors" "fmt" + "math" + "math/bits" "reflect" + "strconv" "strings" "time" + + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal" + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal/jsonflags" + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal/jsonopts" + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal/jsonwire" + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext" ) var ( - timeDurationType = reflect.TypeOf((*time.Duration)(nil)).Elem() - timeTimeType = reflect.TypeOf((*time.Time)(nil)).Elem() + timeDurationType = reflect.TypeFor[time.Duration]() + timeTimeType = reflect.TypeFor[time.Time]() ) func makeTimeArshaler(fncs *arshaler, t reflect.Type) *arshaler { - // Ideally, time types would implement MarshalerV2 and UnmarshalerV2, + // Ideally, time types would implement MarshalerTo and UnmarshalerFrom, // but that would incur a dependency on package json from package time. // Given how widely used time is, it is more acceptable that we incur a // dependency on time from json. @@ -29,213 +42,736 @@ func makeTimeArshaler(fncs *arshaler, t reflect.Type) *arshaler { switch t { case timeDurationType: fncs.nonDefault = true - marshalNanos := fncs.marshal - fncs.marshal = func(mo MarshalOptions, enc *Encoder, va addressableValue) error { - if mo.format != "" && mo.formatDepth == enc.tokens.depth() { - if mo.format == "nanos" { - mo.format = "" - return marshalNanos(mo, enc, va) - } else { - return newInvalidFormatError("marshal", t, mo.format) + marshalNano := fncs.marshal + fncs.marshal = func(enc *jsontext.Encoder, va addressableValue, mo *jsonopts.Struct) error { + xe := export.Encoder(enc) + var m durationArshaler + if mo.Format != "" && mo.FormatDepth == xe.Tokens.Depth() { + if !m.initFormat(mo.Format) { + return newInvalidFormatError(enc, t) } + } else if mo.Flags.Get(jsonflags.FormatDurationAsNano) { + return marshalNano(enc, va, mo) + } else { + // TODO(https://go.dev/issue/71631): Decide on default duration representation. + return newMarshalErrorBefore(enc, t, errors.New("no default representation (see https://go.dev/issue/71631); specify an explicit format")) } - td := va.Interface().(time.Duration) - b := enc.UnusedBuffer() - b = append(b, '"') - b = append(b, td.String()...) // never contains special characters - b = append(b, '"') - return enc.WriteValue(b) - } - unmarshalNanos := fncs.unmarshal - fncs.unmarshal = func(uo UnmarshalOptions, dec *Decoder, va addressableValue) error { - // TODO: Should there be a flag that specifies that we can unmarshal - // from either form since there would be no ambiguity? - if uo.format != "" && uo.formatDepth == dec.tokens.depth() { - if uo.format == "nanos" { - uo.format = "" - return unmarshalNanos(uo, dec, va) - } else { - return newInvalidFormatError("unmarshal", t, uo.format) + // TODO(https://go.dev/issue/62121): Use reflect.Value.AssertTo. + m.td = *va.Addr().Interface().(*time.Duration) + k := stringOrNumberKind(!m.isNumeric() || xe.Tokens.Last.NeedObjectName() || mo.Flags.Get(jsonflags.StringifyNumbers)) + if err := xe.AppendRaw(k, true, m.appendMarshal); err != nil { + if !isSyntacticError(err) && !export.IsIOError(err) { + err = newMarshalErrorBefore(enc, t, err) + } + return err + } + return nil + } + unmarshalNano := fncs.unmarshal + fncs.unmarshal = func(dec *jsontext.Decoder, va addressableValue, uo *jsonopts.Struct) error { + xd := export.Decoder(dec) + var u durationArshaler + if uo.Format != "" && uo.FormatDepth == xd.Tokens.Depth() { + if !u.initFormat(uo.Format) { + return newInvalidFormatError(dec, t) } + } else if uo.Flags.Get(jsonflags.FormatDurationAsNano) { + return unmarshalNano(dec, va, uo) + } else { + // TODO(https://go.dev/issue/71631): Decide on default duration representation. + return newUnmarshalErrorBeforeWithSkipping(dec, t, errors.New("no default representation (see https://go.dev/issue/71631); specify an explicit format")) } - var flags valueFlags + stringify := !u.isNumeric() || xd.Tokens.Last.NeedObjectName() || uo.Flags.Get(jsonflags.StringifyNumbers) + var flags jsonwire.ValueFlags td := va.Addr().Interface().(*time.Duration) - val, err := dec.readValue(&flags) + val, err := xd.ReadValue(&flags) if err != nil { return err } switch k := val.Kind(); k { case 'n': - *td = time.Duration(0) + if !uo.Flags.Get(jsonflags.MergeWithLegacySemantics) { + *td = time.Duration(0) + } return nil case '"': - val = unescapeStringMayCopy(val, flags.isVerbatim()) - td2, err := time.ParseDuration(string(val)) - if err != nil { - return &SemanticError{action: "unmarshal", JSONKind: k, GoType: t, Err: err} + if !stringify { + break + } + val = jsonwire.UnquoteMayCopy(val, flags.IsVerbatim()) + if err := u.unmarshal(val); err != nil { + return newUnmarshalErrorAfter(dec, t, err) } - *td = td2 + *td = u.td + return nil + case '0': + if stringify { + break + } + if err := u.unmarshal(val); err != nil { + return newUnmarshalErrorAfter(dec, t, err) + } + *td = u.td return nil - default: - return &SemanticError{action: "unmarshal", JSONKind: k, GoType: t} } + return newUnmarshalErrorAfter(dec, t, nil) } case timeTimeType: fncs.nonDefault = true - fncs.marshal = func(mo MarshalOptions, enc *Encoder, va addressableValue) error { - format := time.RFC3339Nano - isRFC3339 := true - if mo.format != "" && mo.formatDepth == enc.tokens.depth() { - var err error - format, isRFC3339, err = checkTimeFormat(mo.format) - if err != nil { - return &SemanticError{action: "marshal", GoType: t, Err: err} + fncs.marshal = func(enc *jsontext.Encoder, va addressableValue, mo *jsonopts.Struct) (err error) { + xe := export.Encoder(enc) + var m timeArshaler + if mo.Format != "" && mo.FormatDepth == xe.Tokens.Depth() { + if !m.initFormat(mo.Format) { + return newInvalidFormatError(enc, t) } } - tt := va.Interface().(time.Time) - b := enc.UnusedBuffer() - b = append(b, '"') - b = tt.AppendFormat(b, format) - b = append(b, '"') - if isRFC3339 { - // Not all Go timestamps can be represented as valid RFC 3339. - // Explicitly check for these edge cases. - // See https://go.dev/issue/4556 and https://go.dev/issue/54580. - var err error - switch b := b[len(`"`) : len(b)-len(`"`)]; { - case b[len("9999")] != '-': // year must be exactly 4 digits wide - err = errors.New("year outside of range [0,9999]") - case b[len(b)-1] != 'Z': - c := b[len(b)-len("Z07:00")] - if ('0' <= c && c <= '9') || parseDec2(b[len(b)-len("07:00"):]) >= 24 { - err = errors.New("timezone hour outside of range [0,23]") - } + // TODO(https://go.dev/issue/62121): Use reflect.Value.AssertTo. + m.tt = *va.Addr().Interface().(*time.Time) + k := stringOrNumberKind(!m.isNumeric() || xe.Tokens.Last.NeedObjectName() || mo.Flags.Get(jsonflags.StringifyNumbers)) + if err := xe.AppendRaw(k, !m.hasCustomFormat(), m.appendMarshal); err != nil { + if mo.Flags.Get(jsonflags.ReportErrorsWithLegacySemantics) { + return internal.NewMarshalerError(va.Addr().Interface(), err, "MarshalJSON") // unlike unmarshal, always wrapped } - if err != nil { - return &SemanticError{action: "marshal", GoType: t, Err: err} + if !isSyntacticError(err) && !export.IsIOError(err) { + err = newMarshalErrorBefore(enc, t, err) } - return enc.WriteValue(b) // RFC 3339 never needs JSON escaping - } - // The format may contain special characters that need escaping. - // Verify that the result is a valid JSON string (common case), - // otherwise escape the string correctly (slower case). - if consumeSimpleString(b) != len(b) { - b, _ = appendString(nil, string(b[len(`"`):len(b)-len(`"`)]), true, nil) + return err } - return enc.WriteValue(b) + return nil } - fncs.unmarshal = func(uo UnmarshalOptions, dec *Decoder, va addressableValue) error { - format := time.RFC3339 - isRFC3339 := true - if uo.format != "" && uo.formatDepth == dec.tokens.depth() { - var err error - format, isRFC3339, err = checkTimeFormat(uo.format) - if err != nil { - return &SemanticError{action: "unmarshal", GoType: t, Err: err} + fncs.unmarshal = func(dec *jsontext.Decoder, va addressableValue, uo *jsonopts.Struct) (err error) { + xd := export.Decoder(dec) + var u timeArshaler + if uo.Format != "" && uo.FormatDepth == xd.Tokens.Depth() { + if !u.initFormat(uo.Format) { + return newInvalidFormatError(dec, t) } + } else if uo.Flags.Get(jsonflags.ParseTimeWithLooseRFC3339) { + u.looseRFC3339 = true } - var flags valueFlags + stringify := !u.isNumeric() || xd.Tokens.Last.NeedObjectName() || uo.Flags.Get(jsonflags.StringifyNumbers) + var flags jsonwire.ValueFlags tt := va.Addr().Interface().(*time.Time) - val, err := dec.readValue(&flags) + val, err := xd.ReadValue(&flags) if err != nil { return err } - k := val.Kind() - switch k { + switch k := val.Kind(); k { case 'n': - *tt = time.Time{} + if !uo.Flags.Get(jsonflags.MergeWithLegacySemantics) { + *tt = time.Time{} + } return nil case '"': - val = unescapeStringMayCopy(val, flags.isVerbatim()) - tt2, err := time.Parse(format, string(val)) - if isRFC3339 && err == nil { - // TODO(https://go.dev/issue/54580): RFC 3339 specifies - // the exact grammar of a valid timestamp. However, - // the parsing functionality in "time" is too loose and - // incorrectly accepts invalid timestamps as valid. - // Remove these manual checks when "time" checks it for us. - newParseError := func(layout, value, layoutElem, valueElem, message string) error { - return &time.ParseError{Layout: layout, Value: value, LayoutElem: layoutElem, ValueElem: valueElem, Message: message} - } - switch { - case val[len("2006-01-02T")+1] == ':': // hour must be two digits - err = newParseError(format, string(val), "15", string(val[len("2006-01-02T"):][:1]), "") - case val[len("2006-01-02T15:04:05")] == ',': // sub-second separator must be a period - err = newParseError(format, string(val), ".", ",", "") - case val[len(val)-1] != 'Z': - switch { - case parseDec2(val[len(val)-len("07:00"):]) >= 24: // timezone hour must be in range - err = newParseError(format, string(val), "Z07:00", string(val[len(val)-len("Z07:00"):]), ": timezone hour out of range") - case parseDec2(val[len(val)-len("00"):]) >= 60: // timezone minute must be in range - err = newParseError(format, string(val), "Z07:00", string(val[len(val)-len("Z07:00"):]), ": timezone minute out of range") - } + if !stringify { + break + } + val = jsonwire.UnquoteMayCopy(val, flags.IsVerbatim()) + if err := u.unmarshal(val); err != nil { + if uo.Flags.Get(jsonflags.ReportErrorsWithLegacySemantics) { + return err // unlike marshal, never wrapped } + return newUnmarshalErrorAfter(dec, t, err) + } + *tt = u.tt + return nil + case '0': + if stringify { + break } - if err != nil { - return &SemanticError{action: "unmarshal", JSONKind: k, GoType: t, Err: err} + if err := u.unmarshal(val); err != nil { + if uo.Flags.Get(jsonflags.ReportErrorsWithLegacySemantics) { + return err // unlike marshal, never wrapped + } + return newUnmarshalErrorAfter(dec, t, err) } - *tt = tt2 + *tt = u.tt return nil - default: - return &SemanticError{action: "unmarshal", JSONKind: k, GoType: t} } + return newUnmarshalErrorAfter(dec, t, nil) } } return fncs } -func checkTimeFormat(format string) (string, bool, error) { +type durationArshaler struct { + td time.Duration + + // base records the representation where: + // - 0 uses time.Duration.String + // - 1e0, 1e3, 1e6, or 1e9 use a decimal encoding of the duration as + // nanoseconds, microseconds, milliseconds, or seconds. + // - 8601 uses ISO 8601 + base uint64 +} + +func (a *durationArshaler) initFormat(format string) (ok bool) { + switch format { + case "units": + a.base = 0 + case "sec": + a.base = 1e9 + case "milli": + a.base = 1e6 + case "micro": + a.base = 1e3 + case "nano": + a.base = 1e0 + case "iso8601": + a.base = 8601 + default: + return false + } + return true +} + +func (a *durationArshaler) isNumeric() bool { + return a.base != 0 && a.base != 8601 +} + +func (a *durationArshaler) appendMarshal(b []byte) ([]byte, error) { + switch a.base { + case 0: + return append(b, a.td.String()...), nil + case 8601: + return appendDurationISO8601(b, a.td), nil + default: + return appendDurationBase10(b, a.td, a.base), nil + } +} + +func (a *durationArshaler) unmarshal(b []byte) (err error) { + switch a.base { + case 0: + a.td, err = time.ParseDuration(string(b)) + case 8601: + a.td, err = parseDurationISO8601(b) + default: + a.td, err = parseDurationBase10(b, a.base) + } + return err +} + +type timeArshaler struct { + tt time.Time + + // base records the representation where: + // - 0 uses RFC 3339 encoding of the timestamp + // - 1e0, 1e3, 1e6, or 1e9 use a decimal encoding of the timestamp as + // seconds, milliseconds, microseconds, or nanoseconds since Unix epoch. + // - math.MaxUint uses time.Time.Format to encode the timestamp + base uint64 + format string // time format passed to time.Parse + + looseRFC3339 bool +} + +func (a *timeArshaler) initFormat(format string) bool { // We assume that an exported constant in the time package will // always start with an uppercase ASCII letter. - if len(format) > 0 && 'A' <= format[0] && format[0] <= 'Z' { - switch format { - case "ANSIC": - return time.ANSIC, false, nil - case "UnixDate": - return time.UnixDate, false, nil - case "RubyDate": - return time.RubyDate, false, nil - case "RFC822": - return time.RFC822, false, nil - case "RFC822Z": - return time.RFC822Z, false, nil - case "RFC850": - return time.RFC850, false, nil - case "RFC1123": - return time.RFC1123, false, nil - case "RFC1123Z": - return time.RFC1123Z, false, nil - case "RFC3339": - return time.RFC3339, true, nil - case "RFC3339Nano": - return time.RFC3339Nano, true, nil - case "Kitchen": - return time.Kitchen, false, nil - case "Stamp": - return time.Stamp, false, nil - case "StampMilli": - return time.StampMilli, false, nil - case "StampMicro": - return time.StampMicro, false, nil - case "StampNano": - return time.StampNano, false, nil - default: - // Reject any format that is an exported Go identifier in case - // new format constants are added to the time package. - if strings.TrimFunc(format, isLetterOrDigit) == "" { - return "", false, fmt.Errorf("undefined format layout: %v", format) + if len(format) == 0 { + return false + } + a.base = math.MaxUint // implies custom format + if c := format[0]; !('a' <= c && c <= 'z') && !('A' <= c && c <= 'Z') { + a.format = format + return true + } + switch format { + case "ANSIC": + a.format = time.ANSIC + case "UnixDate": + a.format = time.UnixDate + case "RubyDate": + a.format = time.RubyDate + case "RFC822": + a.format = time.RFC822 + case "RFC822Z": + a.format = time.RFC822Z + case "RFC850": + a.format = time.RFC850 + case "RFC1123": + a.format = time.RFC1123 + case "RFC1123Z": + a.format = time.RFC1123Z + case "RFC3339": + a.base = 0 + a.format = time.RFC3339 + case "RFC3339Nano": + a.base = 0 + a.format = time.RFC3339Nano + case "Kitchen": + a.format = time.Kitchen + case "Stamp": + a.format = time.Stamp + case "StampMilli": + a.format = time.StampMilli + case "StampMicro": + a.format = time.StampMicro + case "StampNano": + a.format = time.StampNano + case "DateTime": + a.format = time.DateTime + case "DateOnly": + a.format = time.DateOnly + case "TimeOnly": + a.format = time.TimeOnly + case "unix": + a.base = 1e0 + case "unixmilli": + a.base = 1e3 + case "unixmicro": + a.base = 1e6 + case "unixnano": + a.base = 1e9 + default: + // Reject any Go identifier in case new constants are supported. + if strings.TrimFunc(format, isLetterOrDigit) == "" { + return false + } + a.format = format + } + return true +} + +func (a *timeArshaler) isNumeric() bool { + return int(a.base) > 0 +} + +func (a *timeArshaler) hasCustomFormat() bool { + return a.base == math.MaxUint +} + +func (a *timeArshaler) appendMarshal(b []byte) ([]byte, error) { + switch a.base { + case 0: + format := cmp.Or(a.format, time.RFC3339Nano) + n0 := len(b) + b = a.tt.AppendFormat(b, format) + // Not all Go timestamps can be represented as valid RFC 3339. + // Explicitly check for these edge cases. + // See https://go.dev/issue/4556 and https://go.dev/issue/54580. + switch b := b[n0:]; { + case b[len("9999")] != '-': // year must be exactly 4 digits wide + return b, errors.New("year outside of range [0,9999]") + case b[len(b)-1] != 'Z': + c := b[len(b)-len("Z07:00")] + if ('0' <= c && c <= '9') || parseDec2(b[len(b)-len("07:00"):]) >= 24 { + return b, errors.New("timezone hour outside of range [0,23]") + } + } + return b, nil + case math.MaxUint: + return a.tt.AppendFormat(b, a.format), nil + default: + return appendTimeUnix(b, a.tt, a.base), nil + } +} + +func (a *timeArshaler) unmarshal(b []byte) (err error) { + switch a.base { + case 0: + // Use time.Time.UnmarshalText to avoid possible string allocation. + if err := a.tt.UnmarshalText(b); err != nil { + return err + } + // TODO(https://go.dev/issue/57912): + // RFC 3339 specifies the grammar for a valid timestamp. + // However, the parsing functionality in "time" is too loose and + // incorrectly accepts invalid timestamps as valid. + // Remove these manual checks when "time" checks it for us. + newParseError := func(layout, value, layoutElem, valueElem, message string) error { + return &time.ParseError{Layout: layout, Value: value, LayoutElem: layoutElem, ValueElem: valueElem, Message: message} + } + switch { + case a.looseRFC3339: + return nil + case b[len("2006-01-02T")+1] == ':': // hour must be two digits + return newParseError(time.RFC3339, string(b), "15", string(b[len("2006-01-02T"):][:1]), "") + case b[len("2006-01-02T15:04:05")] == ',': // sub-second separator must be a period + return newParseError(time.RFC3339, string(b), ".", ",", "") + case b[len(b)-1] != 'Z': + switch { + case parseDec2(b[len(b)-len("07:00"):]) >= 24: // timezone hour must be in range + return newParseError(time.RFC3339, string(b), "Z07:00", string(b[len(b)-len("Z07:00"):]), ": timezone hour out of range") + case parseDec2(b[len(b)-len("00"):]) >= 60: // timezone minute must be in range + return newParseError(time.RFC3339, string(b), "Z07:00", string(b[len(b)-len("Z07:00"):]), ": timezone minute out of range") + } + } + return nil + case math.MaxUint: + a.tt, err = time.Parse(a.format, string(b)) + return err + default: + a.tt, err = parseTimeUnix(b, a.base) + return err + } +} + +// appendDurationBase10 appends d formatted as a decimal fractional number, +// where pow10 is a power-of-10 used to scale down the number. +func appendDurationBase10(b []byte, d time.Duration, pow10 uint64) []byte { + b, n := mayAppendDurationSign(b, d) // append sign + whole, frac := bits.Div64(0, n, uint64(pow10)) // compute whole and frac fields + b = strconv.AppendUint(b, whole, 10) // append whole field + return appendFracBase10(b, frac, pow10) // append frac field +} + +// parseDurationBase10 parses d from a decimal fractional number, +// where pow10 is a power-of-10 used to scale up the number. +func parseDurationBase10(b []byte, pow10 uint64) (time.Duration, error) { + suffix, neg := consumeSign(b, false) // consume sign + wholeBytes, fracBytes := bytesCutByte(suffix, '.', true) // consume whole and frac fields + whole, okWhole := jsonwire.ParseUint(wholeBytes) // parse whole field; may overflow + frac, okFrac := parseFracBase10(fracBytes, pow10) // parse frac field + hi, lo := bits.Mul64(whole, uint64(pow10)) // overflow if hi > 0 + sum, co := bits.Add64(lo, uint64(frac), 0) // overflow if co > 0 + switch d := mayApplyDurationSign(sum, neg); { // overflow if neg != (d < 0) + case (!okWhole && whole != math.MaxUint64) || !okFrac: + return 0, fmt.Errorf("invalid duration %q: %w", b, strconv.ErrSyntax) + case !okWhole || hi > 0 || co > 0 || neg != (d < 0): + return 0, fmt.Errorf("invalid duration %q: %w", b, strconv.ErrRange) + default: + return d, nil + } +} + +// appendDurationISO8601 appends an ISO 8601 duration with a restricted grammar, +// where leading and trailing zeroes and zero-value designators are omitted. +// It only uses hour, minute, and second designators since ISO 8601 defines +// those as being "accurate", while year, month, week, and day are "nominal". +func appendDurationISO8601(b []byte, d time.Duration) []byte { + if d == 0 { + return append(b, "PT0S"...) + } + b, n := mayAppendDurationSign(b, d) + b = append(b, "PT"...) + n, nsec := bits.Div64(0, n, 1e9) // compute nsec field + n, sec := bits.Div64(0, n, 60) // compute sec field + hour, min := bits.Div64(0, n, 60) // compute hour and min fields + if hour > 0 { + b = append(strconv.AppendUint(b, hour, 10), 'H') + } + if min > 0 { + b = append(strconv.AppendUint(b, min, 10), 'M') + } + if sec > 0 || nsec > 0 { + b = append(appendFracBase10(strconv.AppendUint(b, sec, 10), nsec, 1e9), 'S') + } + return b +} + +// daysPerYear is the exact average number of days in a year according to +// the Gregorian calender, which has an extra day each year that is +// a multiple of 4, unless it is evenly divisible by 100 but not by 400. +// This does not take into account leap seconds, which are not deterministic. +const daysPerYear = 365.2425 + +var errInaccurateDateUnits = errors.New("inaccurate year, month, week, or day units") + +// parseDurationISO8601 parses a duration according to ISO 8601-1:2019, +// section 5.5.2.2 and 5.5.2.3 with the following restrictions or extensions: +// +// - A leading minus sign is permitted for negative duration according +// to ISO 8601-2:2019, section 4.4.1.9. We do not permit negative values +// for each "time scale component", which is permitted by section 4.4.1.1, +// but rarely supported by parsers. +// +// - A leading plus sign is permitted (and ignored). +// This is not required by ISO 8601, but not forbidden either. +// There is some precedent for this as it is supported by the principle of +// duration arithmetic as specified in ISO 8601-2-2019, section 14.1. +// Of note, the JavaScript grammar for ISO 8601 permits a leading plus sign. +// +// - A fractional value is only permitted for accurate units +// (i.e., hour, minute, and seconds) in the last time component, +// which is permissible by ISO 8601-1:2019, section 5.5.2.3. +// +// - Both periods ('.') and commas (',') are supported as the separator +// between the integer part and fraction part of a number, +// as specified in ISO 8601-1:2019, section 3.2.6. +// While ISO 8601 recommends comma as the default separator, +// most formatters uses a period. +// +// - Leading zeros are ignored. This is not required by ISO 8601, +// but also not forbidden by the standard. Many parsers support this. +// +// - Lowercase designators are supported. This is not required by ISO 8601, +// but also not forbidden by the standard. Many parsers support this. +// +// If the nominal units of year, month, week, or day are present, +// this produces a best-effort value and also reports [errInaccurateDateUnits]. +// +// The accepted grammar is identical to JavaScript's Duration: +// +// https://tc39.es/proposal-temporal/#prod-Duration +// +// We follow JavaScript's grammar as JSON itself is derived from JavaScript. +// The Temporal.Duration.toJSON method is guaranteed to produce an output +// that can be parsed by this function so long as arithmetic in JavaScript +// do not use a largestUnit value higher than "hours" (which is the default). +// Even if it does, this will do a best-effort parsing with inaccurate units, +// but report [errInaccurateDateUnits]. +func parseDurationISO8601(b []byte) (time.Duration, error) { + var invalid, overflow, inaccurate, sawFrac bool + var sumNanos, n, co uint64 + + // cutBytes is like [bytes.Cut], but uses either c0 or c1 as the separator. + cutBytes := func(b []byte, c0, c1 byte) (prefix, suffix []byte, ok bool) { + for i, c := range b { + if c == c0 || c == c1 { + return b[:i], b[i+1:], true + } + } + return b, nil, false + } + + // mayParseUnit attempts to parse another date or time number + // identified by the desHi and desLo unit characters. + // If the part is absent for current unit, it returns b as is. + mayParseUnit := func(b []byte, desHi, desLo byte, unit time.Duration) []byte { + number, suffix, ok := cutBytes(b, desHi, desLo) + if !ok || sawFrac { + return b // designator is not present or already saw fraction, which can only be in the last component + } + + // Parse the number. + // A fraction allowed for the accurate units in the last part. + whole, frac, ok := cutBytes(number, '.', ',') + if ok { + sawFrac = true + invalid = invalid || len(frac) == len("") || unit > time.Hour + if unit == time.Second { + n, ok = parsePaddedBase10(frac, uint64(time.Second)) + invalid = invalid || !ok + } else { + f, err := strconv.ParseFloat("0."+string(frac), 64) + invalid = invalid || err != nil || len(bytes.Trim(frac[len("."):], "0123456789")) > 0 + n = uint64(math.Round(f * float64(unit))) // never overflows since f is within [0..1] + } + sumNanos, co = bits.Add64(sumNanos, n, 0) // overflow if co > 0 + overflow = overflow || co > 0 + } + for len(whole) > 1 && whole[0] == '0' { + whole = whole[len("0"):] // trim leading zeros + } + n, ok := jsonwire.ParseUint(whole) // overflow if !ok && MaxUint64 + hi, lo := bits.Mul64(n, uint64(unit)) // overflow if hi > 0 + sumNanos, co = bits.Add64(sumNanos, lo, 0) // overflow if co > 0 + invalid = invalid || (!ok && n != math.MaxUint64) + overflow = overflow || (!ok && n == math.MaxUint64) || hi > 0 || co > 0 + inaccurate = inaccurate || unit > time.Hour + return suffix + } + + suffix, neg := consumeSign(b, true) + prefix, suffix, okP := cutBytes(suffix, 'P', 'p') + durDate, durTime, okT := cutBytes(suffix, 'T', 't') + invalid = invalid || len(prefix) > 0 || !okP || (okT && len(durTime) == 0) || len(durDate)+len(durTime) == 0 + if len(durDate) > 0 { // nominal portion of the duration + durDate = mayParseUnit(durDate, 'Y', 'y', time.Duration(daysPerYear*24*60*60*1e9)) + durDate = mayParseUnit(durDate, 'M', 'm', time.Duration(daysPerYear/12*24*60*60*1e9)) + durDate = mayParseUnit(durDate, 'W', 'w', time.Duration(7*24*60*60*1e9)) + durDate = mayParseUnit(durDate, 'D', 'd', time.Duration(24*60*60*1e9)) + invalid = invalid || len(durDate) > 0 // unknown elements + } + if len(durTime) > 0 { // accurate portion of the duration + durTime = mayParseUnit(durTime, 'H', 'h', time.Duration(60*60*1e9)) + durTime = mayParseUnit(durTime, 'M', 'm', time.Duration(60*1e9)) + durTime = mayParseUnit(durTime, 'S', 's', time.Duration(1e9)) + invalid = invalid || len(durTime) > 0 // unknown elements + } + d := mayApplyDurationSign(sumNanos, neg) + overflow = overflow || (neg != (d < 0) && d != 0) // overflows signed duration + + switch { + case invalid: + return 0, fmt.Errorf("invalid ISO 8601 duration %q: %w", b, strconv.ErrSyntax) + case overflow: + return 0, fmt.Errorf("invalid ISO 8601 duration %q: %w", b, strconv.ErrRange) + case inaccurate: + return d, fmt.Errorf("invalid ISO 8601 duration %q: %w", b, errInaccurateDateUnits) + default: + return d, nil + } +} + +// mayAppendDurationSign appends a negative sign if n is negative. +func mayAppendDurationSign(b []byte, d time.Duration) ([]byte, uint64) { + if d < 0 { + b = append(b, '-') + d *= -1 + } + return b, uint64(d) +} + +// mayApplyDurationSign inverts n if neg is specified. +func mayApplyDurationSign(n uint64, neg bool) time.Duration { + if neg { + return -1 * time.Duration(n) + } else { + return +1 * time.Duration(n) + } +} + +// appendTimeUnix appends t formatted as a decimal fractional number, +// where pow10 is a power-of-10 used to scale up the number. +func appendTimeUnix(b []byte, t time.Time, pow10 uint64) []byte { + sec, nsec := t.Unix(), int64(t.Nanosecond()) + if sec < 0 { + b = append(b, '-') + sec, nsec = negateSecNano(sec, nsec) + } + switch { + case pow10 == 1e0: // fast case where units is in seconds + b = strconv.AppendUint(b, uint64(sec), 10) + return appendFracBase10(b, uint64(nsec), 1e9) + case uint64(sec) < 1e9: // intermediate case where units is not seconds, but no overflow + b = strconv.AppendUint(b, uint64(sec)*uint64(pow10)+uint64(uint64(nsec)/(1e9/pow10)), 10) + return appendFracBase10(b, (uint64(nsec)*pow10)%1e9, 1e9) + default: // slow case where units is not seconds and overflow would occur + b = strconv.AppendUint(b, uint64(sec), 10) + b = appendPaddedBase10(b, uint64(nsec)/(1e9/pow10), pow10) + return appendFracBase10(b, (uint64(nsec)*pow10)%1e9, 1e9) + } +} + +// parseTimeUnix parses t formatted as a decimal fractional number, +// where pow10 is a power-of-10 used to scale down the number. +func parseTimeUnix(b []byte, pow10 uint64) (time.Time, error) { + suffix, neg := consumeSign(b, false) // consume sign + wholeBytes, fracBytes := bytesCutByte(suffix, '.', true) // consume whole and frac fields + whole, okWhole := jsonwire.ParseUint(wholeBytes) // parse whole field; may overflow + frac, okFrac := parseFracBase10(fracBytes, 1e9/pow10) // parse frac field + var sec, nsec int64 + switch { + case pow10 == 1e0: // fast case where units is in seconds + sec = int64(whole) // check overflow later after negation + nsec = int64(frac) // cannot overflow + case okWhole: // intermediate case where units is not seconds, but no overflow + sec = int64(whole / pow10) // check overflow later after negation + nsec = int64((whole%pow10)*(1e9/pow10) + frac) // cannot overflow + case !okWhole && whole == math.MaxUint64: // slow case where units is not seconds and overflow occurred + width := int(math.Log10(float64(pow10))) // compute len(strconv.Itoa(pow10-1)) + whole, okWhole = jsonwire.ParseUint(wholeBytes[:len(wholeBytes)-width]) // parse the upper whole field + mid, _ := parsePaddedBase10(wholeBytes[len(wholeBytes)-width:], pow10) // parse the lower whole field + sec = int64(whole) // check overflow later after negation + nsec = int64(mid*(1e9/pow10) + frac) // cannot overflow + } + if neg { + sec, nsec = negateSecNano(sec, nsec) + } + switch t := time.Unix(sec, nsec).UTC(); { + case (!okWhole && whole != math.MaxUint64) || !okFrac: + return time.Time{}, fmt.Errorf("invalid time %q: %w", b, strconv.ErrSyntax) + case !okWhole || neg != (t.Unix() < 0): + return time.Time{}, fmt.Errorf("invalid time %q: %w", b, strconv.ErrRange) + default: + return t, nil + } +} + +// negateSecNano negates a Unix timestamp, where nsec must be within [0, 1e9). +func negateSecNano(sec, nsec int64) (int64, int64) { + sec = ^sec // twos-complement negation (i.e., -1*sec + 1) + nsec = -nsec + 1e9 // negate nsec and add 1e9 (which is the extra +1 from sec negation) + sec += int64(nsec / 1e9) // handle possible overflow of nsec if it started as zero + nsec %= 1e9 // ensure nsec stays within [0, 1e9) + return sec, nsec +} + +// appendFracBase10 appends the fraction of n/max10, +// where max10 is a power-of-10 that is larger than n. +func appendFracBase10(b []byte, n, max10 uint64) []byte { + if n == 0 { + return b + } + return bytes.TrimRight(appendPaddedBase10(append(b, '.'), n, max10), "0") +} + +// parseFracBase10 parses the fraction of n/max10, +// where max10 is a power-of-10 that is larger than n. +func parseFracBase10(b []byte, max10 uint64) (n uint64, ok bool) { + switch { + case len(b) == 0: + return 0, true + case len(b) < len(".0") || b[0] != '.': + return 0, false + } + return parsePaddedBase10(b[len("."):], max10) +} + +// appendPaddedBase10 appends a zero-padded encoding of n, +// where max10 is a power-of-10 that is larger than n. +func appendPaddedBase10(b []byte, n, max10 uint64) []byte { + if n < max10/10 { + // Formatting of n is shorter than log10(max10), + // so add max10/10 to ensure the length is equal to log10(max10). + i := len(b) + b = strconv.AppendUint(b, n+max10/10, 10) + b[i]-- // subtract the addition of max10/10 + return b + } + return strconv.AppendUint(b, n, 10) +} + +// parsePaddedBase10 parses b as the zero-padded encoding of n, +// where max10 is a power-of-10 that is larger than n. +// Truncated suffix is treated as implicit zeros. +// Extended suffix is ignored, but verified to contain only digits. +func parsePaddedBase10(b []byte, max10 uint64) (n uint64, ok bool) { + pow10 := uint64(1) + for pow10 < max10 { + n *= 10 + if len(b) > 0 { + if b[0] < '0' || '9' < b[0] { + return n, false } + n += uint64(b[0] - '0') + b = b[1:] + } + pow10 *= 10 + } + if len(b) > 0 && len(bytes.TrimRight(b, "0123456789")) > 0 { + return n, false // trailing characters are not digits + } + return n, true +} + +// consumeSign consumes an optional leading negative or positive sign. +func consumeSign(b []byte, allowPlus bool) ([]byte, bool) { + if len(b) > 0 { + if b[0] == '-' { + return b[len("-"):], true + } else if b[0] == '+' && allowPlus { + return b[len("+"):], false + } + } + return b, false +} + +// bytesCutByte is similar to bytes.Cut(b, []byte{c}), +// except c may optionally be included as part of the suffix. +func bytesCutByte(b []byte, c byte, include bool) ([]byte, []byte) { + if i := bytes.IndexByte(b, c); i >= 0 { + if include { + return b[:i], b[i:] } + return b[:i], b[i+1:] } - return format, false, nil + return b, nil } // parseDec2 parses b as an unsigned, base-10, 2-digit number. -// It panics if len(b) < 2. The result is undefined if digits are not base-10. +// The result is undefined if digits are not base-10. func parseDec2(b []byte) byte { + if len(b) < 2 { + return 0 + } return 10*(b[0]-'0') + (b[1] - '0') } diff --git a/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/decode.go b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/decode.go deleted file mode 100644 index 0d68b32338..0000000000 --- a/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/decode.go +++ /dev/null @@ -1,1655 +0,0 @@ -// Copyright 2020 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package json - -import ( - "bytes" - "errors" - "io" - "math" - "strconv" - "unicode/utf16" - "unicode/utf8" -) - -// NOTE: The logic for decoding is complicated by the fact that reading from -// an io.Reader into a temporary buffer means that the buffer may contain a -// truncated portion of some valid input, requiring the need to fetch more data. -// -// This file is structured in the following way: -// -// - consumeXXX functions parse an exact JSON token from a []byte. -// If the buffer appears truncated, then it returns io.ErrUnexpectedEOF. -// The consumeSimpleXXX functions are so named because they only handle -// a subset of the grammar for the JSON token being parsed. -// They do not handle the full grammar to keep these functions inlineable. -// -// - Decoder.consumeXXX methods parse the next JSON token from Decoder.buf, -// automatically fetching more input if necessary. These methods take -// a position relative to the start of Decoder.buf as an argument and -// return the end of the consumed JSON token as a position, -// also relative to the start of Decoder.buf. -// -// - In the event of an I/O errors or state machine violations, -// the implementation avoids mutating the state of Decoder -// (aside from the book-keeping needed to implement Decoder.fetch). -// For this reason, only Decoder.ReadToken and Decoder.ReadValue are -// responsible for updated Decoder.prevStart and Decoder.prevEnd. -// -// - For performance, much of the implementation uses the pattern of calling -// the inlineable consumeXXX functions first, and if more work is necessary, -// then it calls the slower Decoder.consumeXXX methods. -// TODO: Revisit this pattern if the Go compiler provides finer control -// over exactly which calls are inlined or not. - -// DecodeOptions configures how JSON decoding operates. -// The zero value is equivalent to the default settings, -// which is compliant with both RFC 7493 and RFC 8259. -type DecodeOptions struct { - requireKeyedLiterals - nonComparable - - // AllowDuplicateNames specifies that JSON objects may contain - // duplicate member names. Disabling the duplicate name check may provide - // computational and performance benefits, but breaks compliance with - // RFC 7493, section 2.3. The input will still be compliant with RFC 8259, - // which leaves the handling of duplicate names as unspecified behavior. - AllowDuplicateNames bool - - // AllowInvalidUTF8 specifies that JSON strings may contain invalid UTF-8, - // which will be mangled as the Unicode replacement character, U+FFFD. - // This causes the decoder to break compliance with - // RFC 7493, section 2.1, and RFC 8259, section 8.1. - AllowInvalidUTF8 bool -} - -// Decoder is a streaming decoder for raw JSON tokens and values. -// It is used to read a stream of top-level JSON values, -// each separated by optional whitespace characters. -// -// ReadToken and ReadValue calls may be interleaved. -// For example, the following JSON value: -// -// {"name":"value","array":[null,false,true,3.14159],"object":{"k":"v"}} -// -// can be parsed with the following calls (ignoring errors for brevity): -// -// d.ReadToken() // { -// d.ReadToken() // "name" -// d.ReadToken() // "value" -// d.ReadValue() // "array" -// d.ReadToken() // [ -// d.ReadToken() // null -// d.ReadToken() // false -// d.ReadValue() // true -// d.ReadToken() // 3.14159 -// d.ReadToken() // ] -// d.ReadValue() // "object" -// d.ReadValue() // {"k":"v"} -// d.ReadToken() // } -// -// The above is one of many possible sequence of calls and -// may not represent the most sensible method to call for any given token/value. -// For example, it is probably more common to call ReadToken to obtain a -// string token for object names. -type Decoder struct { - state - decodeBuffer - options DecodeOptions - - stringCache *stringCache // only used when unmarshaling -} - -// decodeBuffer is a buffer split into 4 segments: -// -// - buf[0:prevEnd] // already read portion of the buffer -// - buf[prevStart:prevEnd] // previously read value -// - buf[prevEnd:len(buf)] // unread portion of the buffer -// - buf[len(buf):cap(buf)] // unused portion of the buffer -// -// Invariants: -// -// 0 ≤ prevStart ≤ prevEnd ≤ len(buf) ≤ cap(buf) -type decodeBuffer struct { - peekPos int // non-zero if valid offset into buf for start of next token - peekErr error // implies peekPos is -1 - - buf []byte // may alias rd if it is a bytes.Buffer - prevStart int - prevEnd int - - // baseOffset is added to prevStart and prevEnd to obtain - // the absolute offset relative to the start of io.Reader stream. - baseOffset int64 - - rd io.Reader -} - -// NewDecoder constructs a new streaming decoder reading from r. -// -// If r is a bytes.Buffer, then the decoder parses directly from the buffer -// without first copying the contents to an intermediate buffer. -// Additional writes to the buffer must not occur while the decoder is in use. -func NewDecoder(r io.Reader) *Decoder { - return DecodeOptions{}.NewDecoder(r) -} - -// NewDecoder constructs a new streaming decoder reading from r -// configured with the provided options. -func (o DecodeOptions) NewDecoder(r io.Reader) *Decoder { - d := new(Decoder) - o.ResetDecoder(d, r) - return d -} - -// ResetDecoder resets a decoder such that it is reading afresh from r and -// configured with the provided options. -func (o DecodeOptions) ResetDecoder(d *Decoder, r io.Reader) { - if d == nil { - panic("json: invalid nil Decoder") - } - if r == nil { - panic("json: invalid nil io.Reader") - } - d.reset(nil, r, o) -} - -func (d *Decoder) reset(b []byte, r io.Reader, o DecodeOptions) { - d.state.reset() - d.decodeBuffer = decodeBuffer{buf: b, rd: r} - d.options = o -} - -// Reset resets a decoder such that it is reading afresh from r but -// keep any pre-existing decoder options. -func (d *Decoder) Reset(r io.Reader) { - d.options.ResetDecoder(d, r) -} - -var errBufferWriteAfterNext = errors.New("invalid bytes.Buffer.Write call after calling bytes.Buffer.Next") - -// fetch reads at least 1 byte from the underlying io.Reader. -// It returns io.ErrUnexpectedEOF if zero bytes were read and io.EOF was seen. -func (d *Decoder) fetch() error { - if d.rd == nil { - return io.ErrUnexpectedEOF - } - - // Inform objectNameStack that we are about to fetch new buffer content. - d.names.copyQuotedBuffer(d.buf) - - // Specialize bytes.Buffer for better performance. - if bb, ok := d.rd.(*bytes.Buffer); ok { - switch { - case bb.Len() == 0: - return io.ErrUnexpectedEOF - case len(d.buf) == 0: - d.buf = bb.Next(bb.Len()) // "read" all data in the buffer - return nil - default: - // This only occurs if a partially filled bytes.Buffer was provided - // and more data is written to it while Decoder is reading from it. - // This practice will lead to data corruption since future writes - // may overwrite the contents of the current buffer. - // - // The user is trying to use a bytes.Buffer as a pipe, - // but a bytes.Buffer is poor implementation of a pipe, - // the purpose-built io.Pipe should be used instead. - return &ioError{action: "read", err: errBufferWriteAfterNext} - } - } - - // Allocate initial buffer if empty. - if cap(d.buf) == 0 { - d.buf = make([]byte, 0, 64) - } - - // Check whether to grow the buffer. - const maxBufferSize = 4 << 10 - const growthSizeFactor = 2 // higher value is faster - const growthRateFactor = 2 // higher value is slower - // By default, grow if below the maximum buffer size. - grow := cap(d.buf) <= maxBufferSize/growthSizeFactor - // Growing can be expensive, so only grow - // if a sufficient number of bytes have been processed. - grow = grow && int64(cap(d.buf)) < d.previousOffsetEnd()/growthRateFactor - // If prevStart==0, then fetch was called in order to fetch more data - // to finish consuming a large JSON value contiguously. - // Grow if less than 25% of the remaining capacity is available. - // Note that this may cause the input buffer to exceed maxBufferSize. - grow = grow || (d.prevStart == 0 && len(d.buf) >= 3*cap(d.buf)/4) - - if grow { - // Allocate a new buffer and copy the contents of the old buffer over. - // TODO: Provide a hard limit on the maximum internal buffer size? - buf := make([]byte, 0, cap(d.buf)*growthSizeFactor) - d.buf = append(buf, d.buf[d.prevStart:]...) - } else { - // Move unread portion of the data to the front. - n := copy(d.buf[:cap(d.buf)], d.buf[d.prevStart:]) - d.buf = d.buf[:n] - } - d.baseOffset += int64(d.prevStart) - d.prevEnd -= d.prevStart - d.prevStart = 0 - - // Read more data into the internal buffer. - for { - n, err := d.rd.Read(d.buf[len(d.buf):cap(d.buf)]) - switch { - case n > 0: - d.buf = d.buf[:len(d.buf)+n] - return nil // ignore errors if any bytes are read - case err == io.EOF: - return io.ErrUnexpectedEOF - case err != nil: - return &ioError{action: "read", err: err} - default: - continue // Read returned (0, nil) - } - } -} - -const invalidateBufferByte = '#' // invalid starting character for JSON grammar - -// invalidatePreviousRead invalidates buffers returned by Peek and Read calls -// so that the first byte is an invalid character. -// This Hyrum-proofs the API against faulty application code that assumes -// values returned by ReadValue remain valid past subsequent Read calls. -func (d *decodeBuffer) invalidatePreviousRead() { - // Avoid mutating the buffer if d.rd is nil which implies that d.buf - // is provided by the user code and may not expect mutations. - isBytesBuffer := func(r io.Reader) bool { - _, ok := r.(*bytes.Buffer) - return ok - } - if d.rd != nil && !isBytesBuffer(d.rd) && d.prevStart < d.prevEnd && uint(d.prevStart) < uint(len(d.buf)) { - d.buf[d.prevStart] = invalidateBufferByte - d.prevStart = d.prevEnd - } -} - -// needMore reports whether there are no more unread bytes. -func (d *decodeBuffer) needMore(pos int) bool { - // NOTE: The arguments and logic are kept simple to keep this inlineable. - return pos == len(d.buf) -} - -// injectSyntacticErrorWithPosition wraps a SyntacticError with the position, -// otherwise it returns the error as is. -// It takes a position relative to the start of the start of d.buf. -func (d *decodeBuffer) injectSyntacticErrorWithPosition(err error, pos int) error { - if serr, ok := err.(*SyntacticError); ok { - return serr.withOffset(d.baseOffset + int64(pos)) - } - return err -} - -func (d *decodeBuffer) previousOffsetStart() int64 { return d.baseOffset + int64(d.prevStart) } -func (d *decodeBuffer) previousOffsetEnd() int64 { return d.baseOffset + int64(d.prevEnd) } -func (d *decodeBuffer) previousBuffer() []byte { return d.buf[d.prevStart:d.prevEnd] } -func (d *decodeBuffer) unreadBuffer() []byte { return d.buf[d.prevEnd:len(d.buf)] } - -// PeekKind retrieves the next token kind, but does not advance the read offset. -// It returns 0 if there are no more tokens. -func (d *Decoder) PeekKind() Kind { - // Check whether we have a cached peek result. - if d.peekPos > 0 { - return Kind(d.buf[d.peekPos]).normalize() - } - - var err error - d.invalidatePreviousRead() - pos := d.prevEnd - - // Consume leading whitespace. - pos += consumeWhitespace(d.buf[pos:]) - if d.needMore(pos) { - if pos, err = d.consumeWhitespace(pos); err != nil { - if err == io.ErrUnexpectedEOF && d.tokens.depth() == 1 { - err = io.EOF // EOF possibly if no Tokens present after top-level value - } - d.peekPos, d.peekErr = -1, err - return invalidKind - } - } - - // Consume colon or comma. - var delim byte - if c := d.buf[pos]; c == ':' || c == ',' { - delim = c - pos += 1 - pos += consumeWhitespace(d.buf[pos:]) - if d.needMore(pos) { - if pos, err = d.consumeWhitespace(pos); err != nil { - d.peekPos, d.peekErr = -1, err - return invalidKind - } - } - } - next := Kind(d.buf[pos]).normalize() - if d.tokens.needDelim(next) != delim { - pos = d.prevEnd // restore position to right after leading whitespace - pos += consumeWhitespace(d.buf[pos:]) - err = d.tokens.checkDelim(delim, next) - err = d.injectSyntacticErrorWithPosition(err, pos) - d.peekPos, d.peekErr = -1, err - return invalidKind - } - - // This may set peekPos to zero, which is indistinguishable from - // the uninitialized state. While a small hit to performance, it is correct - // since ReadValue and ReadToken will disregard the cached result and - // recompute the next kind. - d.peekPos, d.peekErr = pos, nil - return next -} - -// SkipValue is semantically equivalent to calling ReadValue and discarding -// the result except that memory is not wasted trying to hold the entire result. -func (d *Decoder) SkipValue() error { - switch d.PeekKind() { - case '{', '[': - // For JSON objects and arrays, keep skipping all tokens - // until the depth matches the starting depth. - depth := d.tokens.depth() - for { - if _, err := d.ReadToken(); err != nil { - return err - } - if depth >= d.tokens.depth() { - return nil - } - } - default: - // Trying to skip a value when the next token is a '}' or ']' - // will result in an error being returned here. - if _, err := d.ReadValue(); err != nil { - return err - } - return nil - } -} - -// ReadToken reads the next Token, advancing the read offset. -// The returned token is only valid until the next Peek, Read, or Skip call. -// It returns io.EOF if there are no more tokens. -func (d *Decoder) ReadToken() (Token, error) { - // Determine the next kind. - var err error - var next Kind - pos := d.peekPos - if pos != 0 { - // Use cached peek result. - if d.peekErr != nil { - err := d.peekErr - d.peekPos, d.peekErr = 0, nil // possibly a transient I/O error - return Token{}, err - } - next = Kind(d.buf[pos]).normalize() - d.peekPos = 0 // reset cache - } else { - d.invalidatePreviousRead() - pos = d.prevEnd - - // Consume leading whitespace. - pos += consumeWhitespace(d.buf[pos:]) - if d.needMore(pos) { - if pos, err = d.consumeWhitespace(pos); err != nil { - if err == io.ErrUnexpectedEOF && d.tokens.depth() == 1 { - err = io.EOF // EOF possibly if no Tokens present after top-level value - } - return Token{}, err - } - } - - // Consume colon or comma. - var delim byte - if c := d.buf[pos]; c == ':' || c == ',' { - delim = c - pos += 1 - pos += consumeWhitespace(d.buf[pos:]) - if d.needMore(pos) { - if pos, err = d.consumeWhitespace(pos); err != nil { - return Token{}, err - } - } - } - next = Kind(d.buf[pos]).normalize() - if d.tokens.needDelim(next) != delim { - pos = d.prevEnd // restore position to right after leading whitespace - pos += consumeWhitespace(d.buf[pos:]) - err = d.tokens.checkDelim(delim, next) - return Token{}, d.injectSyntacticErrorWithPosition(err, pos) - } - } - - // Handle the next token. - var n int - switch next { - case 'n': - if consumeNull(d.buf[pos:]) == 0 { - pos, err = d.consumeLiteral(pos, "null") - if err != nil { - return Token{}, d.injectSyntacticErrorWithPosition(err, pos) - } - } else { - pos += len("null") - } - if err = d.tokens.appendLiteral(); err != nil { - return Token{}, d.injectSyntacticErrorWithPosition(err, pos-len("null")) // report position at start of literal - } - d.prevStart, d.prevEnd = pos, pos - return Null, nil - - case 'f': - if consumeFalse(d.buf[pos:]) == 0 { - pos, err = d.consumeLiteral(pos, "false") - if err != nil { - return Token{}, d.injectSyntacticErrorWithPosition(err, pos) - } - } else { - pos += len("false") - } - if err = d.tokens.appendLiteral(); err != nil { - return Token{}, d.injectSyntacticErrorWithPosition(err, pos-len("false")) // report position at start of literal - } - d.prevStart, d.prevEnd = pos, pos - return False, nil - - case 't': - if consumeTrue(d.buf[pos:]) == 0 { - pos, err = d.consumeLiteral(pos, "true") - if err != nil { - return Token{}, d.injectSyntacticErrorWithPosition(err, pos) - } - } else { - pos += len("true") - } - if err = d.tokens.appendLiteral(); err != nil { - return Token{}, d.injectSyntacticErrorWithPosition(err, pos-len("true")) // report position at start of literal - } - d.prevStart, d.prevEnd = pos, pos - return True, nil - - case '"': - var flags valueFlags // TODO: Preserve this in Token? - if n = consumeSimpleString(d.buf[pos:]); n == 0 { - oldAbsPos := d.baseOffset + int64(pos) - pos, err = d.consumeString(&flags, pos) - newAbsPos := d.baseOffset + int64(pos) - n = int(newAbsPos - oldAbsPos) - if err != nil { - return Token{}, d.injectSyntacticErrorWithPosition(err, pos) - } - } else { - pos += n - } - if !d.options.AllowDuplicateNames && d.tokens.last.needObjectName() { - if !d.tokens.last.isValidNamespace() { - return Token{}, errInvalidNamespace - } - if d.tokens.last.isActiveNamespace() && !d.namespaces.last().insertQuoted(d.buf[pos-n:pos], flags.isVerbatim()) { - err = &SyntacticError{str: "duplicate name " + string(d.buf[pos-n:pos]) + " in object"} - return Token{}, d.injectSyntacticErrorWithPosition(err, pos-n) // report position at start of string - } - d.names.replaceLastQuotedOffset(pos - n) // only replace if insertQuoted succeeds - } - if err = d.tokens.appendString(); err != nil { - return Token{}, d.injectSyntacticErrorWithPosition(err, pos-n) // report position at start of string - } - d.prevStart, d.prevEnd = pos-n, pos - return Token{raw: &d.decodeBuffer, num: uint64(d.previousOffsetStart())}, nil - - case '0': - // NOTE: Since JSON numbers are not self-terminating, - // we need to make sure that the next byte is not part of a number. - if n = consumeSimpleNumber(d.buf[pos:]); n == 0 || d.needMore(pos+n) { - oldAbsPos := d.baseOffset + int64(pos) - pos, err = d.consumeNumber(pos) - newAbsPos := d.baseOffset + int64(pos) - n = int(newAbsPos - oldAbsPos) - if err != nil { - return Token{}, d.injectSyntacticErrorWithPosition(err, pos) - } - } else { - pos += n - } - if err = d.tokens.appendNumber(); err != nil { - return Token{}, d.injectSyntacticErrorWithPosition(err, pos-n) // report position at start of number - } - d.prevStart, d.prevEnd = pos-n, pos - return Token{raw: &d.decodeBuffer, num: uint64(d.previousOffsetStart())}, nil - - case '{': - if err = d.tokens.pushObject(); err != nil { - return Token{}, d.injectSyntacticErrorWithPosition(err, pos) - } - if !d.options.AllowDuplicateNames { - d.names.push() - d.namespaces.push() - } - pos += 1 - d.prevStart, d.prevEnd = pos, pos - return ObjectStart, nil - - case '}': - if err = d.tokens.popObject(); err != nil { - return Token{}, d.injectSyntacticErrorWithPosition(err, pos) - } - if !d.options.AllowDuplicateNames { - d.names.pop() - d.namespaces.pop() - } - pos += 1 - d.prevStart, d.prevEnd = pos, pos - return ObjectEnd, nil - - case '[': - if err = d.tokens.pushArray(); err != nil { - return Token{}, d.injectSyntacticErrorWithPosition(err, pos) - } - pos += 1 - d.prevStart, d.prevEnd = pos, pos - return ArrayStart, nil - - case ']': - if err = d.tokens.popArray(); err != nil { - return Token{}, d.injectSyntacticErrorWithPosition(err, pos) - } - pos += 1 - d.prevStart, d.prevEnd = pos, pos - return ArrayEnd, nil - - default: - err = newInvalidCharacterError(d.buf[pos:], "at start of token") - return Token{}, d.injectSyntacticErrorWithPosition(err, pos) - } -} - -type valueFlags uint - -const ( - _ valueFlags = (1 << iota) / 2 // powers of two starting with zero - - stringNonVerbatim // string cannot be naively treated as valid UTF-8 - stringNonCanonical // string not formatted according to RFC 8785, section 3.2.2.2. - // TODO: Track whether a number is a non-integer? -) - -func (f *valueFlags) set(f2 valueFlags) { *f |= f2 } -func (f valueFlags) isVerbatim() bool { return f&stringNonVerbatim == 0 } -func (f valueFlags) isCanonical() bool { return f&stringNonCanonical == 0 } - -// ReadValue returns the next raw JSON value, advancing the read offset. -// The value is stripped of any leading or trailing whitespace. -// The returned value is only valid until the next Peek, Read, or Skip call and -// may not be mutated while the Decoder remains in use. -// If the decoder is currently at the end token for an object or array, -// then it reports a SyntacticError and the internal state remains unchanged. -// It returns io.EOF if there are no more values. -func (d *Decoder) ReadValue() (RawValue, error) { - var flags valueFlags - return d.readValue(&flags) -} -func (d *Decoder) readValue(flags *valueFlags) (RawValue, error) { - // Determine the next kind. - var err error - var next Kind - pos := d.peekPos - if pos != 0 { - // Use cached peek result. - if d.peekErr != nil { - err := d.peekErr - d.peekPos, d.peekErr = 0, nil // possibly a transient I/O error - return nil, err - } - next = Kind(d.buf[pos]).normalize() - d.peekPos = 0 // reset cache - } else { - d.invalidatePreviousRead() - pos = d.prevEnd - - // Consume leading whitespace. - pos += consumeWhitespace(d.buf[pos:]) - if d.needMore(pos) { - if pos, err = d.consumeWhitespace(pos); err != nil { - if err == io.ErrUnexpectedEOF && d.tokens.depth() == 1 { - err = io.EOF // EOF possibly if no Tokens present after top-level value - } - return nil, err - } - } - - // Consume colon or comma. - var delim byte - if c := d.buf[pos]; c == ':' || c == ',' { - delim = c - pos += 1 - pos += consumeWhitespace(d.buf[pos:]) - if d.needMore(pos) { - if pos, err = d.consumeWhitespace(pos); err != nil { - return nil, err - } - } - } - next = Kind(d.buf[pos]).normalize() - if d.tokens.needDelim(next) != delim { - pos = d.prevEnd // restore position to right after leading whitespace - pos += consumeWhitespace(d.buf[pos:]) - err = d.tokens.checkDelim(delim, next) - return nil, d.injectSyntacticErrorWithPosition(err, pos) - } - } - - // Handle the next value. - oldAbsPos := d.baseOffset + int64(pos) - pos, err = d.consumeValue(flags, pos) - newAbsPos := d.baseOffset + int64(pos) - n := int(newAbsPos - oldAbsPos) - if err != nil { - return nil, d.injectSyntacticErrorWithPosition(err, pos) - } - switch next { - case 'n', 't', 'f': - err = d.tokens.appendLiteral() - case '"': - if !d.options.AllowDuplicateNames && d.tokens.last.needObjectName() { - if !d.tokens.last.isValidNamespace() { - err = errInvalidNamespace - break - } - if d.tokens.last.isActiveNamespace() && !d.namespaces.last().insertQuoted(d.buf[pos-n:pos], flags.isVerbatim()) { - err = &SyntacticError{str: "duplicate name " + string(d.buf[pos-n:pos]) + " in object"} - break - } - d.names.replaceLastQuotedOffset(pos - n) // only replace if insertQuoted succeeds - } - err = d.tokens.appendString() - case '0': - err = d.tokens.appendNumber() - case '{': - if err = d.tokens.pushObject(); err != nil { - break - } - if err = d.tokens.popObject(); err != nil { - panic("BUG: popObject should never fail immediately after pushObject: " + err.Error()) - } - case '[': - if err = d.tokens.pushArray(); err != nil { - break - } - if err = d.tokens.popArray(); err != nil { - panic("BUG: popArray should never fail immediately after pushArray: " + err.Error()) - } - } - if err != nil { - return nil, d.injectSyntacticErrorWithPosition(err, pos-n) // report position at start of value - } - d.prevEnd = pos - d.prevStart = pos - n - return d.buf[pos-n : pos : pos], nil -} - -// checkEOF verifies that the input has no more data. -func (d *Decoder) checkEOF() error { - switch pos, err := d.consumeWhitespace(d.prevEnd); err { - case nil: - return newInvalidCharacterError(d.buf[pos:], "after top-level value") - case io.ErrUnexpectedEOF: - return nil - default: - return err - } -} - -// consumeWhitespace consumes all whitespace starting at d.buf[pos:]. -// It returns the new position in d.buf immediately after the last whitespace. -// If it returns nil, there is guaranteed to at least be one unread byte. -// -// The following pattern is common in this implementation: -// -// pos += consumeWhitespace(d.buf[pos:]) -// if d.needMore(pos) { -// if pos, err = d.consumeWhitespace(pos); err != nil { -// return ... -// } -// } -// -// It is difficult to simplify this without sacrificing performance since -// consumeWhitespace must be inlined. The body of the if statement is -// executed only in rare situations where we need to fetch more data. -// Since fetching may return an error, we also need to check the error. -func (d *Decoder) consumeWhitespace(pos int) (newPos int, err error) { - for { - pos += consumeWhitespace(d.buf[pos:]) - if d.needMore(pos) { - absPos := d.baseOffset + int64(pos) - err = d.fetch() // will mutate d.buf and invalidate pos - pos = int(absPos - d.baseOffset) - if err != nil { - return pos, err - } - continue - } - return pos, nil - } -} - -// consumeValue consumes a single JSON value starting at d.buf[pos:]. -// It returns the new position in d.buf immediately after the value. -func (d *Decoder) consumeValue(flags *valueFlags, pos int) (newPos int, err error) { - for { - var n int - var err error - switch next := Kind(d.buf[pos]).normalize(); next { - case 'n': - if n = consumeNull(d.buf[pos:]); n == 0 { - n, err = consumeLiteral(d.buf[pos:], "null") - } - case 'f': - if n = consumeFalse(d.buf[pos:]); n == 0 { - n, err = consumeLiteral(d.buf[pos:], "false") - } - case 't': - if n = consumeTrue(d.buf[pos:]); n == 0 { - n, err = consumeLiteral(d.buf[pos:], "true") - } - case '"': - if n = consumeSimpleString(d.buf[pos:]); n == 0 { - return d.consumeString(flags, pos) - } - case '0': - // NOTE: Since JSON numbers are not self-terminating, - // we need to make sure that the next byte is not part of a number. - if n = consumeSimpleNumber(d.buf[pos:]); n == 0 || d.needMore(pos+n) { - return d.consumeNumber(pos) - } - case '{': - return d.consumeObject(flags, pos) - case '[': - return d.consumeArray(flags, pos) - default: - return pos, newInvalidCharacterError(d.buf[pos:], "at start of value") - } - if err == io.ErrUnexpectedEOF { - absPos := d.baseOffset + int64(pos) - err = d.fetch() // will mutate d.buf and invalidate pos - pos = int(absPos - d.baseOffset) - if err != nil { - return pos, err - } - continue - } - return pos + n, err - } -} - -// consumeLiteral consumes a single JSON literal starting at d.buf[pos:]. -// It returns the new position in d.buf immediately after the literal. -func (d *Decoder) consumeLiteral(pos int, lit string) (newPos int, err error) { - for { - n, err := consumeLiteral(d.buf[pos:], lit) - if err == io.ErrUnexpectedEOF { - absPos := d.baseOffset + int64(pos) - err = d.fetch() // will mutate d.buf and invalidate pos - pos = int(absPos - d.baseOffset) - if err != nil { - return pos, err - } - continue - } - return pos + n, err - } -} - -// consumeString consumes a single JSON string starting at d.buf[pos:]. -// It returns the new position in d.buf immediately after the string. -func (d *Decoder) consumeString(flags *valueFlags, pos int) (newPos int, err error) { - var n int - for { - n, err = consumeStringResumable(flags, d.buf[pos:], n, !d.options.AllowInvalidUTF8) - if err == io.ErrUnexpectedEOF { - absPos := d.baseOffset + int64(pos) - err = d.fetch() // will mutate d.buf and invalidate pos - pos = int(absPos - d.baseOffset) - if err != nil { - return pos, err - } - continue - } - return pos + n, err - } -} - -// consumeNumber consumes a single JSON number starting at d.buf[pos:]. -// It returns the new position in d.buf immediately after the number. -func (d *Decoder) consumeNumber(pos int) (newPos int, err error) { - var n int - var state consumeNumberState - for { - n, state, err = consumeNumberResumable(d.buf[pos:], n, state) - // NOTE: Since JSON numbers are not self-terminating, - // we need to make sure that the next byte is not part of a number. - if err == io.ErrUnexpectedEOF || d.needMore(pos+n) { - mayTerminate := err == nil - absPos := d.baseOffset + int64(pos) - err = d.fetch() // will mutate d.buf and invalidate pos - pos = int(absPos - d.baseOffset) - if err != nil { - if mayTerminate && err == io.ErrUnexpectedEOF { - return pos + n, nil - } - return pos, err - } - continue - } - return pos + n, err - } -} - -// consumeObject consumes a single JSON object starting at d.buf[pos:]. -// It returns the new position in d.buf immediately after the object. -func (d *Decoder) consumeObject(flags *valueFlags, pos int) (newPos int, err error) { - var n int - var names *objectNamespace - if !d.options.AllowDuplicateNames { - d.namespaces.push() - defer d.namespaces.pop() - names = d.namespaces.last() - } - - // Handle before start. - if d.buf[pos] != '{' { - panic("BUG: consumeObject must be called with a buffer that starts with '{'") - } - pos++ - - // Handle after start. - pos += consumeWhitespace(d.buf[pos:]) - if d.needMore(pos) { - if pos, err = d.consumeWhitespace(pos); err != nil { - return pos, err - } - } - if d.buf[pos] == '}' { - pos++ - return pos, nil - } - - for { - // Handle before name. - pos += consumeWhitespace(d.buf[pos:]) - if d.needMore(pos) { - if pos, err = d.consumeWhitespace(pos); err != nil { - return pos, err - } - } - var flags2 valueFlags - if n = consumeSimpleString(d.buf[pos:]); n == 0 { - oldAbsPos := d.baseOffset + int64(pos) - pos, err = d.consumeString(&flags2, pos) - newAbsPos := d.baseOffset + int64(pos) - n = int(newAbsPos - oldAbsPos) - flags.set(flags2) - if err != nil { - return pos, err - } - } else { - pos += n - } - if !d.options.AllowDuplicateNames && !names.insertQuoted(d.buf[pos-n:pos], flags2.isVerbatim()) { - return pos - n, &SyntacticError{str: "duplicate name " + string(d.buf[pos-n:pos]) + " in object"} - } - - // Handle after name. - pos += consumeWhitespace(d.buf[pos:]) - if d.needMore(pos) { - if pos, err = d.consumeWhitespace(pos); err != nil { - return pos, err - } - } - if d.buf[pos] != ':' { - return pos, newInvalidCharacterError(d.buf[pos:], "after object name (expecting ':')") - } - pos++ - - // Handle before value. - pos += consumeWhitespace(d.buf[pos:]) - if d.needMore(pos) { - if pos, err = d.consumeWhitespace(pos); err != nil { - return pos, err - } - } - pos, err = d.consumeValue(flags, pos) - if err != nil { - return pos, err - } - - // Handle after value. - pos += consumeWhitespace(d.buf[pos:]) - if d.needMore(pos) { - if pos, err = d.consumeWhitespace(pos); err != nil { - return pos, err - } - } - switch d.buf[pos] { - case ',': - pos++ - continue - case '}': - pos++ - return pos, nil - default: - return pos, newInvalidCharacterError(d.buf[pos:], "after object value (expecting ',' or '}')") - } - } -} - -// consumeArray consumes a single JSON array starting at d.buf[pos:]. -// It returns the new position in d.buf immediately after the array. -func (d *Decoder) consumeArray(flags *valueFlags, pos int) (newPos int, err error) { - // Handle before start. - if d.buf[pos] != '[' { - panic("BUG: consumeArray must be called with a buffer that starts with '['") - } - pos++ - - // Handle after start. - pos += consumeWhitespace(d.buf[pos:]) - if d.needMore(pos) { - if pos, err = d.consumeWhitespace(pos); err != nil { - return pos, err - } - } - if d.buf[pos] == ']' { - pos++ - return pos, nil - } - - for { - // Handle before value. - pos += consumeWhitespace(d.buf[pos:]) - if d.needMore(pos) { - if pos, err = d.consumeWhitespace(pos); err != nil { - return pos, err - } - } - pos, err = d.consumeValue(flags, pos) - if err != nil { - return pos, err - } - - // Handle after value. - pos += consumeWhitespace(d.buf[pos:]) - if d.needMore(pos) { - if pos, err = d.consumeWhitespace(pos); err != nil { - return pos, err - } - } - switch d.buf[pos] { - case ',': - pos++ - continue - case ']': - pos++ - return pos, nil - default: - return pos, newInvalidCharacterError(d.buf[pos:], "after array value (expecting ',' or ']')") - } - } -} - -// InputOffset returns the current input byte offset. It gives the location -// of the next byte immediately after the most recently returned token or value. -// The number of bytes actually read from the underlying io.Reader may be more -// than this offset due to internal buffering effects. -func (d *Decoder) InputOffset() int64 { - return d.previousOffsetEnd() -} - -// UnreadBuffer returns the data remaining in the unread buffer, -// which may contain zero or more bytes. -// The returned buffer must not be mutated while Decoder continues to be used. -// The buffer contents are valid until the next Peek, Read, or Skip call. -func (d *Decoder) UnreadBuffer() []byte { - return d.unreadBuffer() -} - -// StackDepth returns the depth of the state machine for read JSON data. -// Each level on the stack represents a nested JSON object or array. -// It is incremented whenever an ObjectStart or ArrayStart token is encountered -// and decremented whenever an ObjectEnd or ArrayEnd token is encountered. -// The depth is zero-indexed, where zero represents the top-level JSON value. -func (d *Decoder) StackDepth() int { - // NOTE: Keep in sync with Encoder.StackDepth. - return d.tokens.depth() - 1 -} - -// StackIndex returns information about the specified stack level. -// It must be a number between 0 and StackDepth, inclusive. -// For each level, it reports the kind: -// -// - 0 for a level of zero, -// - '{' for a level representing a JSON object, and -// - '[' for a level representing a JSON array. -// -// It also reports the length of that JSON object or array. -// Each name and value in a JSON object is counted separately, -// so the effective number of members would be half the length. -// A complete JSON object must have an even length. -func (d *Decoder) StackIndex(i int) (Kind, int) { - // NOTE: Keep in sync with Encoder.StackIndex. - switch s := d.tokens.index(i); { - case i > 0 && s.isObject(): - return '{', s.length() - case i > 0 && s.isArray(): - return '[', s.length() - default: - return 0, s.length() - } -} - -// StackPointer returns a JSON Pointer (RFC 6901) to the most recently read value. -// Object names are only present if AllowDuplicateNames is false, otherwise -// object members are represented using their index within the object. -func (d *Decoder) StackPointer() string { - d.names.copyQuotedBuffer(d.buf) - return string(d.appendStackPointer(nil)) -} - -// consumeWhitespace consumes leading JSON whitespace per RFC 7159, section 2. -func consumeWhitespace(b []byte) (n int) { - // NOTE: The arguments and logic are kept simple to keep this inlineable. - for len(b) > n && (b[n] == ' ' || b[n] == '\t' || b[n] == '\r' || b[n] == '\n') { - n++ - } - return n -} - -// consumeNull consumes the next JSON null literal per RFC 7159, section 3. -// It returns 0 if it is invalid, in which case consumeLiteral should be used. -func consumeNull(b []byte) int { - // NOTE: The arguments and logic are kept simple to keep this inlineable. - const literal = "null" - if len(b) >= len(literal) && string(b[:len(literal)]) == literal { - return len(literal) - } - return 0 -} - -// consumeFalse consumes the next JSON false literal per RFC 7159, section 3. -// It returns 0 if it is invalid, in which case consumeLiteral should be used. -func consumeFalse(b []byte) int { - // NOTE: The arguments and logic are kept simple to keep this inlineable. - const literal = "false" - if len(b) >= len(literal) && string(b[:len(literal)]) == literal { - return len(literal) - } - return 0 -} - -// consumeTrue consumes the next JSON true literal per RFC 7159, section 3. -// It returns 0 if it is invalid, in which case consumeLiteral should be used. -func consumeTrue(b []byte) int { - // NOTE: The arguments and logic are kept simple to keep this inlineable. - const literal = "true" - if len(b) >= len(literal) && string(b[:len(literal)]) == literal { - return len(literal) - } - return 0 -} - -// consumeLiteral consumes the next JSON literal per RFC 7159, section 3. -// If the input appears truncated, it returns io.ErrUnexpectedEOF. -func consumeLiteral(b []byte, lit string) (n int, err error) { - for i := 0; i < len(b) && i < len(lit); i++ { - if b[i] != lit[i] { - return i, newInvalidCharacterError(b[i:], "within literal "+lit+" (expecting "+strconv.QuoteRune(rune(lit[i]))+")") - } - } - if len(b) < len(lit) { - return len(b), io.ErrUnexpectedEOF - } - return len(lit), nil -} - -// consumeSimpleString consumes the next JSON string per RFC 7159, section 7 -// but is limited to the grammar for an ASCII string without escape sequences. -// It returns 0 if it is invalid or more complicated than a simple string, -// in which case consumeString should be called. -func consumeSimpleString(b []byte) (n int) { - // NOTE: The arguments and logic are kept simple to keep this inlineable. - if len(b) > 0 && b[0] == '"' { - n++ - for len(b) > n && (' ' <= b[n] && b[n] != '\\' && b[n] != '"' && b[n] < utf8.RuneSelf) { - n++ - } - if len(b) > n && b[n] == '"' { - n++ - return n - } - } - return 0 -} - -// consumeString consumes the next JSON string per RFC 7159, section 7. -// If validateUTF8 is false, then this allows the presence of invalid UTF-8 -// characters within the string itself. -// It reports the number of bytes consumed and whether an error was encountered. -// If the input appears truncated, it returns io.ErrUnexpectedEOF. -func consumeString(flags *valueFlags, b []byte, validateUTF8 bool) (n int, err error) { - return consumeStringResumable(flags, b, 0, validateUTF8) -} - -// consumeStringResumable is identical to consumeString but supports resuming -// from a previous call that returned io.ErrUnexpectedEOF. -func consumeStringResumable(flags *valueFlags, b []byte, resumeOffset int, validateUTF8 bool) (n int, err error) { - // Consume the leading double quote. - switch { - case resumeOffset > 0: - n = resumeOffset // already handled the leading quote - case uint(len(b)) == 0: - return n, io.ErrUnexpectedEOF - case b[0] == '"': - n++ - default: - return n, newInvalidCharacterError(b[n:], `at start of string (expecting '"')`) - } - - // Consume every character in the string. - for uint(len(b)) > uint(n) { - // Optimize for long sequences of unescaped characters. - noEscape := func(c byte) bool { - return c < utf8.RuneSelf && ' ' <= c && c != '\\' && c != '"' - } - for uint(len(b)) > uint(n) && noEscape(b[n]) { - n++ - } - if uint(len(b)) <= uint(n) { - return n, io.ErrUnexpectedEOF - } - - // Check for terminating double quote. - if b[n] == '"' { - n++ - return n, nil - } - - switch r, rn := utf8.DecodeRune(b[n:]); { - // Handle UTF-8 encoded byte sequence. - // Due to specialized handling of ASCII above, we know that - // all normal sequences at this point must be 2 bytes or larger. - case rn > 1: - n += rn - // Handle escape sequence. - case r == '\\': - flags.set(stringNonVerbatim) - resumeOffset = n - if uint(len(b)) < uint(n+2) { - return resumeOffset, io.ErrUnexpectedEOF - } - switch r := b[n+1]; r { - case '/': - // Forward slash is the only character with 3 representations. - // Per RFC 8785, section 3.2.2.2., this must not be escaped. - flags.set(stringNonCanonical) - n += 2 - case '"', '\\', 'b', 'f', 'n', 'r', 't': - n += 2 - case 'u': - if uint(len(b)) < uint(n+6) { - if !hasEscapeSequencePrefix(b[n:]) { - flags.set(stringNonCanonical) - return n, &SyntacticError{str: "invalid escape sequence " + strconv.Quote(string(b[n:])) + " within string"} - } - return resumeOffset, io.ErrUnexpectedEOF - } - v1, ok := parseHexUint16(b[n+2 : n+6]) - if !ok { - flags.set(stringNonCanonical) - return n, &SyntacticError{str: "invalid escape sequence " + strconv.Quote(string(b[n:n+6])) + " within string"} - } - // Only certain control characters can use the \uFFFF notation - // for canonical formatting (per RFC 8785, section 3.2.2.2.). - switch v1 { - // \uFFFF notation not permitted for these characters. - case '\b', '\f', '\n', '\r', '\t': - flags.set(stringNonCanonical) - default: - // \uFFFF notation only permitted for control characters. - if v1 >= ' ' { - flags.set(stringNonCanonical) - } else { - // \uFFFF notation must be lower case. - for _, c := range b[n+2 : n+6] { - if 'A' <= c && c <= 'F' { - flags.set(stringNonCanonical) - } - } - } - } - n += 6 - - if validateUTF8 && utf16.IsSurrogate(rune(v1)) { - if uint(len(b)) >= uint(n+2) && (b[n] != '\\' || b[n+1] != 'u') { - return n, &SyntacticError{str: "invalid unpaired surrogate half within string"} - } - if uint(len(b)) < uint(n+6) { - if !hasEscapeSequencePrefix(b[n:]) { - flags.set(stringNonCanonical) - return n, &SyntacticError{str: "invalid escape sequence " + strconv.Quote(string(b[n:])) + " within string"} - } - return resumeOffset, io.ErrUnexpectedEOF - } - v2, ok := parseHexUint16(b[n+2 : n+6]) - if !ok { - return n, &SyntacticError{str: "invalid escape sequence " + strconv.Quote(string(b[n:n+6])) + " within string"} - } - if utf16.DecodeRune(rune(v1), rune(v2)) == utf8.RuneError { - return n, &SyntacticError{str: "invalid surrogate pair in string"} - } - n += 6 - } - default: - flags.set(stringNonCanonical) - return n, &SyntacticError{str: "invalid escape sequence " + strconv.Quote(string(b[n:n+2])) + " within string"} - } - // Handle invalid UTF-8. - case r == utf8.RuneError: - if !utf8.FullRune(b[n:]) { - return n, io.ErrUnexpectedEOF - } - flags.set(stringNonVerbatim | stringNonCanonical) - if validateUTF8 { - return n, &SyntacticError{str: "invalid UTF-8 within string"} - } - n++ - // Handle invalid control characters. - case r < ' ': - flags.set(stringNonVerbatim | stringNonCanonical) - return n, newInvalidCharacterError(b[n:], "within string (expecting non-control character)") - default: - panic("BUG: unhandled character " + quoteRune(b[n:])) - } - } - return n, io.ErrUnexpectedEOF -} - -// hasEscapeSequencePrefix reports whether b is possibly -// the truncated prefix of a \uFFFF escape sequence. -func hasEscapeSequencePrefix(b []byte) bool { - for i, c := range b { - switch { - case i == 0 && c != '\\': - return false - case i == 1 && c != 'u': - return false - case i >= 2 && i < 6 && !('0' <= c && c <= '9') && !('a' <= c && c <= 'f') && !('A' <= c && c <= 'F'): - return false - } - } - return true -} - -// unescapeString appends the unescaped form of a JSON string in src to dst. -// Any invalid UTF-8 within the string will be replaced with utf8.RuneError. -// The input must be an entire JSON string with no surrounding whitespace. -func unescapeString(dst, src []byte) (v []byte, ok bool) { - // Consume leading double quote. - if uint(len(src)) == 0 || src[0] != '"' { - return dst, false - } - i, n := 1, 1 - - // Consume every character until completion. - for uint(len(src)) > uint(n) { - // Optimize for long sequences of unescaped characters. - noEscape := func(c byte) bool { - return c < utf8.RuneSelf && ' ' <= c && c != '\\' && c != '"' - } - for uint(len(src)) > uint(n) && noEscape(src[n]) { - n++ - } - if uint(len(src)) <= uint(n) { - break - } - - // Check for terminating double quote. - if src[n] == '"' { - dst = append(dst, src[i:n]...) - n++ - return dst, len(src) == n - } - - switch r, rn := utf8.DecodeRune(src[n:]); { - // Handle UTF-8 encoded byte sequence. - // Due to specialized handling of ASCII above, we know that - // all normal sequences at this point must be 2 bytes or larger. - case rn > 1: - n += rn - // Handle escape sequence. - case r == '\\': - dst = append(dst, src[i:n]...) - if r < ' ' { - return dst, false // invalid control character or unescaped quote - } - - // Handle escape sequence. - if uint(len(src)) < uint(n+2) { - return dst, false // truncated escape sequence - } - switch r := src[n+1]; r { - case '"', '\\', '/': - dst = append(dst, r) - n += 2 - case 'b': - dst = append(dst, '\b') - n += 2 - case 'f': - dst = append(dst, '\f') - n += 2 - case 'n': - dst = append(dst, '\n') - n += 2 - case 'r': - dst = append(dst, '\r') - n += 2 - case 't': - dst = append(dst, '\t') - n += 2 - case 'u': - if uint(len(src)) < uint(n+6) { - return dst, false // truncated escape sequence - } - v1, ok := parseHexUint16(src[n+2 : n+6]) - if !ok { - return dst, false // invalid escape sequence - } - n += 6 - - // Check whether this is a surrogate half. - r := rune(v1) - if utf16.IsSurrogate(r) { - r = utf8.RuneError // assume failure unless the following succeeds - if uint(len(src)) >= uint(n+6) && src[n+0] == '\\' && src[n+1] == 'u' { - if v2, ok := parseHexUint16(src[n+2 : n+6]); ok { - if r = utf16.DecodeRune(rune(v1), rune(v2)); r != utf8.RuneError { - n += 6 - } - } - } - } - - dst = utf8.AppendRune(dst, r) - default: - return dst, false // invalid escape sequence - } - i = n - // Handle invalid UTF-8. - case r == utf8.RuneError: - // NOTE: An unescaped string may be longer than the escaped string - // because invalid UTF-8 bytes are being replaced. - dst = append(dst, src[i:n]...) - dst = append(dst, "\uFFFD"...) - n += rn - i = n - // Handle invalid control characters. - case r < ' ': - dst = append(dst, src[i:n]...) - return dst, false // invalid control character or unescaped quote - default: - panic("BUG: unhandled character " + quoteRune(src[n:])) - } - } - dst = append(dst, src[i:n]...) - return dst, false // truncated input -} - -// unescapeStringMayCopy returns the unescaped form of b. -// If there are no escaped characters, the output is simply a subslice of -// the input with the surrounding quotes removed. -// Otherwise, a new buffer is allocated for the output. -func unescapeStringMayCopy(b []byte, isVerbatim bool) []byte { - // NOTE: The arguments and logic are kept simple to keep this inlineable. - if isVerbatim { - return b[len(`"`) : len(b)-len(`"`)] - } - b, _ = unescapeString(make([]byte, 0, len(b)), b) - return b -} - -// consumeSimpleNumber consumes the next JSON number per RFC 7159, section 6 -// but is limited to the grammar for a positive integer. -// It returns 0 if it is invalid or more complicated than a simple integer, -// in which case consumeNumber should be called. -func consumeSimpleNumber(b []byte) (n int) { - // NOTE: The arguments and logic are kept simple to keep this inlineable. - if len(b) > 0 { - if b[0] == '0' { - n++ - } else if '1' <= b[0] && b[0] <= '9' { - n++ - for len(b) > n && ('0' <= b[n] && b[n] <= '9') { - n++ - } - } else { - return 0 - } - if len(b) == n || !(b[n] == '.' || b[n] == 'e' || b[n] == 'E') { - return n - } - } - return 0 -} - -type consumeNumberState uint - -const ( - consumeNumberInit consumeNumberState = iota - beforeIntegerDigits - withinIntegerDigits - beforeFractionalDigits - withinFractionalDigits - beforeExponentDigits - withinExponentDigits -) - -// consumeNumber consumes the next JSON number per RFC 7159, section 6. -// It reports the number of bytes consumed and whether an error was encountered. -// If the input appears truncated, it returns io.ErrUnexpectedEOF. -// -// Note that JSON numbers are not self-terminating. -// If the entire input is consumed, then the caller needs to consider whether -// there may be subsequent unread data that may still be part of this number. -func consumeNumber(b []byte) (n int, err error) { - n, _, err = consumeNumberResumable(b, 0, consumeNumberInit) - return n, err -} - -// consumeNumberResumable is identical to consumeNumber but supports resuming -// from a previous call that returned io.ErrUnexpectedEOF. -func consumeNumberResumable(b []byte, resumeOffset int, state consumeNumberState) (n int, _ consumeNumberState, err error) { - // Jump to the right state when resuming from a partial consumption. - n = resumeOffset - if state > consumeNumberInit { - switch state { - case withinIntegerDigits, withinFractionalDigits, withinExponentDigits: - // Consume leading digits. - for len(b) > n && ('0' <= b[n] && b[n] <= '9') { - n++ - } - if len(b) == n { - return n, state, nil // still within the same state - } - state++ // switches "withinX" to "beforeY" where Y is the state after X - } - switch state { - case beforeIntegerDigits: - goto beforeInteger - case beforeFractionalDigits: - goto beforeFractional - case beforeExponentDigits: - goto beforeExponent - default: - return n, state, nil - } - } - - // Consume required integer component (with optional minus sign). -beforeInteger: - resumeOffset = n - if len(b) > 0 && b[0] == '-' { - n++ - } - switch { - case len(b) == n: - return resumeOffset, beforeIntegerDigits, io.ErrUnexpectedEOF - case b[n] == '0': - n++ - state = beforeFractionalDigits - case '1' <= b[n] && b[n] <= '9': - n++ - for len(b) > n && ('0' <= b[n] && b[n] <= '9') { - n++ - } - state = withinIntegerDigits - default: - return n, state, newInvalidCharacterError(b[n:], "within number (expecting digit)") - } - - // Consume optional fractional component. -beforeFractional: - if len(b) > n && b[n] == '.' { - resumeOffset = n - n++ - switch { - case len(b) == n: - return resumeOffset, beforeFractionalDigits, io.ErrUnexpectedEOF - case '0' <= b[n] && b[n] <= '9': - n++ - default: - return n, state, newInvalidCharacterError(b[n:], "within number (expecting digit)") - } - for len(b) > n && ('0' <= b[n] && b[n] <= '9') { - n++ - } - state = withinFractionalDigits - } - - // Consume optional exponent component. -beforeExponent: - if len(b) > n && (b[n] == 'e' || b[n] == 'E') { - resumeOffset = n - n++ - if len(b) > n && (b[n] == '-' || b[n] == '+') { - n++ - } - switch { - case len(b) == n: - return resumeOffset, beforeExponentDigits, io.ErrUnexpectedEOF - case '0' <= b[n] && b[n] <= '9': - n++ - default: - return n, state, newInvalidCharacterError(b[n:], "within number (expecting digit)") - } - for len(b) > n && ('0' <= b[n] && b[n] <= '9') { - n++ - } - state = withinExponentDigits - } - - return n, state, nil -} - -// parseHexUint16 is similar to strconv.ParseUint, -// but operates directly on []byte and is optimized for base-16. -// See https://go.dev/issue/42429. -func parseHexUint16(b []byte) (v uint16, ok bool) { - if len(b) != 4 { - return 0, false - } - for _, c := range b[:4] { - switch { - case '0' <= c && c <= '9': - c = c - '0' - case 'a' <= c && c <= 'f': - c = 10 + c - 'a' - case 'A' <= c && c <= 'F': - c = 10 + c - 'A' - default: - return 0, false - } - v = v*16 + uint16(c) - } - return v, true -} - -// parseDecUint is similar to strconv.ParseUint, -// but operates directly on []byte and is optimized for base-10. -// If the number is syntactically valid but overflows uint64, -// then it returns (math.MaxUint64, false). -// See https://go.dev/issue/42429. -func parseDecUint(b []byte) (v uint64, ok bool) { - // Overflow logic is based on strconv/atoi.go:138-149 from Go1.15, where: - // - cutoff is equal to math.MaxUint64/10+1, and - // - the n1 > maxVal check is unnecessary - // since maxVal is equivalent to math.MaxUint64. - var n int - var overflow bool - for len(b) > n && ('0' <= b[n] && b[n] <= '9') { - overflow = overflow || v >= math.MaxUint64/10+1 - v *= 10 - - v1 := v + uint64(b[n]-'0') - overflow = overflow || v1 < v - v = v1 - - n++ - } - if n == 0 || len(b) != n { - return 0, false - } - if overflow { - return math.MaxUint64, false - } - return v, true -} - -// parseFloat parses a floating point number according to the Go float grammar. -// Note that the JSON number grammar is a strict subset. -// -// If the number overflows the finite representation of a float, -// then we return MaxFloat since any finite value will always be infinitely -// more accurate at representing another finite value than an infinite value. -func parseFloat(b []byte, bits int) (v float64, ok bool) { - // Fast path for exact integer numbers which fit in the - // 24-bit or 53-bit significand of a float32 or float64. - var negLen int // either 0 or 1 - if len(b) > 0 && b[0] == '-' { - negLen = 1 - } - u, ok := parseDecUint(b[negLen:]) - if ok && ((bits == 32 && u <= 1<<24) || (bits == 64 && u <= 1<<53)) { - return math.Copysign(float64(u), float64(-1*negLen)), true - } - - // Note that the []byte->string conversion unfortunately allocates. - // See https://go.dev/issue/42429 for more information. - fv, err := strconv.ParseFloat(string(b), bits) - if math.IsInf(fv, 0) { - switch { - case bits == 32 && math.IsInf(fv, +1): - return +math.MaxFloat32, true - case bits == 64 && math.IsInf(fv, +1): - return +math.MaxFloat64, true - case bits == 32 && math.IsInf(fv, -1): - return -math.MaxFloat32, true - case bits == 64 && math.IsInf(fv, -1): - return -math.MaxFloat64, true - } - } - return fv, err == nil -} diff --git a/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/doc.go b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/doc.go index e4eefa3de9..a463168589 100644 --- a/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/doc.go +++ b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/doc.go @@ -2,61 +2,43 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// Package json implements serialization of JSON -// as specified in RFC 4627, RFC 7159, RFC 7493, RFC 8259, and RFC 8785. +//go:build !goexperiment.jsonv2 || !go1.25 + +// Package json implements semantic processing of JSON as specified in RFC 8259. // JSON is a simple data interchange format that can represent // primitive data types such as booleans, strings, and numbers, // in addition to structured data types such as objects and arrays. // -// # Terminology -// -// This package uses the terms "encode" and "decode" for syntactic functionality -// that is concerned with processing JSON based on its grammar, and -// uses the terms "marshal" and "unmarshal" for semantic functionality -// that determines the meaning of JSON values as Go values and vice-versa. -// It aims to provide a clear distinction between functionality that -// is purely concerned with encoding versus that of marshaling. -// For example, one can directly encode a stream of JSON tokens without -// needing to marshal a concrete Go value representing them. -// Similarly, one can decode a stream of JSON tokens without -// needing to unmarshal them into a concrete Go value. -// -// This package uses JSON terminology when discussing JSON, which may differ -// from related concepts in Go or elsewhere in computing literature. -// -// - A JSON "object" refers to an unordered collection of name/value members. -// - A JSON "array" refers to an ordered sequence of elements. -// - A JSON "value" refers to either a literal (i.e., null, false, or true), -// string, number, object, or array. -// -// See RFC 8259 for more information. -// -// # Specifications -// -// Relevant specifications include RFC 4627, RFC 7159, RFC 7493, RFC 8259, -// and RFC 8785. Each RFC is generally a stricter subset of another RFC. -// In increasing order of strictness: -// -// - RFC 4627 and RFC 7159 do not require (but recommend) the use of UTF-8 -// and also do not require (but recommend) that object names be unique. -// - RFC 8259 requires the use of UTF-8, -// but does not require (but recommends) that object names be unique. -// - RFC 7493 requires the use of UTF-8 -// and also requires that object names be unique. -// - RFC 8785 defines a canonical representation. It requires the use of UTF-8 -// and also requires that object names be unique and in a specific ordering. -// It specifies exactly how strings and numbers must be formatted. -// -// The primary difference between RFC 4627 and RFC 7159 is that the former -// restricted top-level values to only JSON objects and arrays, while -// RFC 7159 and subsequent RFCs permit top-level values to additionally be -// JSON nulls, booleans, strings, or numbers. -// -// By default, this package operates on RFC 7493, but can be configured -// to operate according to the other RFC specifications. -// RFC 7493 is a stricter subset of RFC 8259 and fully compliant with it. -// In particular, it makes specific choices about behavior that RFC 8259 -// leaves as undefined in order to ensure greater interoperability. +// [Marshal] and [Unmarshal] encode and decode Go values +// to/from JSON text contained within a []byte. +// [MarshalWrite] and [UnmarshalRead] operate on JSON text +// by writing to or reading from an [io.Writer] or [io.Reader]. +// [MarshalEncode] and [UnmarshalDecode] operate on JSON text +// by encoding to or decoding from a [jsontext.Encoder] or [jsontext.Decoder]. +// [Options] may be passed to each of the marshal or unmarshal functions +// to configure the semantic behavior of marshaling and unmarshaling +// (i.e., alter how JSON data is understood as Go data and vice versa). +// [jsontext.Options] may also be passed to the marshal or unmarshal functions +// to configure the syntactic behavior of encoding or decoding. +// +// The data types of JSON are mapped to/from the data types of Go based on +// the closest logical equivalent between the two type systems. For example, +// a JSON boolean corresponds with a Go bool, +// a JSON string corresponds with a Go string, +// a JSON number corresponds with a Go int, uint or float, +// a JSON array corresponds with a Go slice or array, and +// a JSON object corresponds with a Go struct or map. +// See the documentation on [Marshal] and [Unmarshal] for a comprehensive list +// of how the JSON and Go type systems correspond. +// +// Arbitrary Go types can customize their JSON representation by implementing +// [Marshaler], [MarshalerTo], [Unmarshaler], or [UnmarshalerFrom]. +// This provides authors of Go types with control over how their types are +// serialized as JSON. Alternatively, users can implement functions that match +// [MarshalFunc], [MarshalToFunc], [UnmarshalFunc], or [UnmarshalFromFunc] +// to specify the JSON representation for arbitrary types. +// This provides callers of JSON functionality with control over +// how any arbitrary type is serialized as JSON. // // # JSON Representation of Go structs // @@ -68,12 +50,14 @@ // into the corresponding Go struct fields. // Object members that do not match any struct fields, // also known as “unknown members”, are ignored by default or rejected -// if UnmarshalOptions.RejectUnknownMembers is specified. +// if [RejectUnknownMembers] is specified. // // The representation of each struct field can be customized in the // "json" struct field tag, where the tag is a comma separated list of options. // As a special case, if the entire tag is `json:"-"`, // then the field is ignored with regard to its JSON representation. +// Some options also have equivalent behavior controlled by a caller-specified [Options]. +// Field-specified options take precedence over caller-specified options. // // The first option is the JSON object name override for the Go struct field. // If the name is not specified, then the Go struct field name @@ -98,21 +82,23 @@ // encoded as a JSON null, empty string, empty object, or empty array. // This option has no effect when unmarshaling. // -// - string: The "string" option specifies that -// MarshalOptions.StringifyNumbers and UnmarshalOptions.StringifyNumbers +// - string: The "string" option specifies that [StringifyNumbers] // be set when marshaling or unmarshaling a struct field value. // This causes numeric types to be encoded as a JSON number -// within a JSON string, and to be decoded from either a JSON number or -// a JSON string containing a JSON number. +// within a JSON string, and to be decoded from a JSON string +// containing the JSON number without any surrounding whitespace. // This extra level of encoding is often necessary since // many JSON parsers cannot precisely represent 64-bit integers. // -// - nocase: When unmarshaling, the "nocase" option specifies that -// if the JSON object name does not exactly match the JSON name -// for any of the struct fields, then it attempts to match the struct field -// using a case-insensitive match that also ignores dashes and underscores. -// If multiple fields match, the first declared field in breadth-first order -// takes precedence. This option has no effect when marshaling. +// - case: When unmarshaling, the "case" option specifies how +// JSON object names are matched with the JSON name for Go struct fields. +// The option is a key-value pair specified as "case:value" where +// the value must either be 'ignore' or 'strict'. +// The 'ignore' value specifies that matching is case-insensitive +// where dashes and underscores are also ignored. If multiple fields match, +// the first declared field in breadth-first order takes precedence. +// The 'strict' value specifies that matching is case-sensitive. +// This takes precedence over the [MatchCaseInsensitiveNames] option. // // - inline: The "inline" option specifies that // the JSON representable content of this field type is to be promoted @@ -120,10 +106,10 @@ // It is the JSON equivalent of Go struct embedding. // A Go embedded field is implicitly inlined unless an explicit JSON name // is specified. The inlined field must be a Go struct -// (that does not implement any JSON methods), RawValue, map[string]T, -// or an unnamed pointer to such types. When marshaling, +// (that does not implement any JSON methods), [jsontext.Value], +// map[~string]T, or an unnamed pointer to such types. When marshaling, // inlined fields from a pointer type are omitted if it is nil. -// Inlined fields of type RawValue and map[string]T are called +// Inlined fields of type [jsontext.Value] and map[~string]T are called // “inlined fallbacks” as they can represent all possible // JSON object members not directly handled by the parent struct. // Only one inlined fallback field may be specified in a struct, @@ -132,11 +118,11 @@ // // - unknown: The "unknown" option is a specialized variant // of the inlined fallback to indicate that this Go struct field -// contains any number of unknown JSON object members. The field type -// must be a RawValue, map[string]T, or an unnamed pointer to such types. -// If MarshalOptions.DiscardUnknownMembers is specified when marshaling, +// contains any number of unknown JSON object members. The field type must +// be a [jsontext.Value], map[~string]T, or an unnamed pointer to such types. +// If [DiscardUnknownMembers] is specified when marshaling, // the contents of this field are ignored. -// If UnmarshalOptions.RejectUnknownMembers is specified when unmarshaling, +// If [RejectUnknownMembers] is specified when unmarshaling, // any unknown object members are rejected regardless of whether // an inlined fallback with the "unknown" option exists. This option // must not be specified with any other option (including the JSON name). @@ -156,7 +142,7 @@ // For example, only a nil slice or map is omitted under "omitzero", while // an empty slice or map is omitted under "omitempty" regardless of nilness. // The "omitzero" option is useful for types with a well-defined zero value -// (e.g., netip.Addr) or have an IsZero method (e.g., time.Time). +// (e.g., [net/netip.Addr]) or have an IsZero method (e.g., [time.Time.IsZero]). // // Every Go struct corresponds to a list of JSON representable fields // which is constructed by performing a breadth-first search over @@ -167,12 +153,108 @@ // at shallowest depth takes precedence and the other fields at deeper depths // are excluded from the list of JSON representable fields. // If multiple fields at the shallowest depth have the same JSON name, -// then all of those fields are excluded from the list. This is analogous to -// Go visibility rules for struct field selection with embedded struct types. +// but exactly one is explicitly tagged with a JSON name, +// then that field takes precedence and all others are excluded from the list. +// This is analogous to Go visibility rules for struct field selection +// with embedded struct types. // // Marshaling or unmarshaling a non-empty struct -// without any JSON representable fields results in a SemanticError. +// without any JSON representable fields results in a [SemanticError]. // Unexported fields must not have any `json` tags except for `json:"-"`. +// +// # Security Considerations +// +// JSON is frequently used as a data interchange format to communicate +// between different systems, possibly implemented in different languages. +// For interoperability and security reasons, it is important that +// all implementations agree upon the semantic meaning of the data. +// +// [For example, suppose we have two micro-services.] +// The first service is responsible for authenticating a JSON request, +// while the second service is responsible for executing the request +// (having assumed that the prior service authenticated the request). +// If an attacker were able to maliciously craft a JSON request such that +// both services believe that the same request is from different users, +// it could bypass the authenticator with valid credentials for one user, +// but maliciously perform an action on behalf of a different user. +// +// According to RFC 8259, there unfortunately exist many JSON texts +// that are syntactically valid but semantically ambiguous. +// For example, the standard does not define how to interpret duplicate +// names within an object. +// +// The v1 [encoding/json] and [encoding/json/v2] packages +// interpret some inputs in different ways. In particular: +// +// - The standard specifies that JSON must be encoded using UTF-8. +// By default, v1 replaces invalid bytes of UTF-8 in JSON strings +// with the Unicode replacement character, +// while v2 rejects inputs with invalid UTF-8. +// To change the default, specify the [jsontext.AllowInvalidUTF8] option. +// The replacement of invalid UTF-8 is a form of data corruption +// that alters the precise meaning of strings. +// +// - The standard does not specify a particular behavior when +// duplicate names are encountered within a JSON object, +// which means that different implementations may behave differently. +// By default, v1 allows for the presence of duplicate names, +// while v2 rejects duplicate names. +// To change the default, specify the [jsontext.AllowDuplicateNames] option. +// If allowed, object members are processed in the order they are observed, +// meaning that later values will replace or be merged into prior values, +// depending on the Go value type. +// +// - The standard defines a JSON object as an unordered collection of name/value pairs. +// While ordering can be observed through the underlying [jsontext] API, +// both v1 and v2 generally avoid exposing the ordering. +// No application should semantically depend on the order of object members. +// Allowing duplicate names is a vector through which ordering of members +// can accidentally be observed and depended upon. +// +// - The standard suggests that JSON object names are typically compared +// based on equality of the sequence of Unicode code points, +// which implies that comparing names is often case-sensitive. +// When unmarshaling a JSON object into a Go struct, +// by default, v1 uses a (loose) case-insensitive match on the name, +// while v2 uses a (strict) case-sensitive match on the name. +// To change the default, specify the [MatchCaseInsensitiveNames] option. +// The use of case-insensitive matching provides another vector through +// which duplicate names can occur. Allowing case-insensitive matching +// means that v1 or v2 might interpret JSON objects differently from most +// other JSON implementations (which typically use a case-sensitive match). +// +// - The standard does not specify a particular behavior when +// an unknown name in a JSON object is encountered. +// When unmarshaling a JSON object into a Go struct, by default +// both v1 and v2 ignore unknown names and their corresponding values. +// To change the default, specify the [RejectUnknownMembers] option. +// +// - The standard suggests that implementations may use a float64 +// to represent a JSON number. Consequently, large JSON integers +// may lose precision when stored as a floating-point type. +// Both v1 and v2 correctly preserve precision when marshaling and +// unmarshaling a concrete integer type. However, even if v1 and v2 +// preserve precision for concrete types, other JSON implementations +// may not be able to preserve precision for outputs produced by v1 or v2. +// The `string` tag option can be used to specify that an integer type +// is to be quoted within a JSON string to avoid loss of precision. +// Furthermore, v1 and v2 may still lose precision when unmarshaling +// into an any interface value, where unmarshal uses a float64 +// by default to represent a JSON number. +// To change the default, specify the [WithUnmarshalers] option +// with a custom unmarshaler that pre-populates the interface value +// with a concrete Go type that can preserve precision. +// +// RFC 8785 specifies a canonical form for any JSON text, +// which explicitly defines specific behaviors that RFC 8259 leaves undefined. +// In theory, if a text can successfully [jsontext.Value.Canonicalize] +// without changing the semantic meaning of the data, then it provides a +// greater degree of confidence that the data is more secure and interoperable. +// +// The v2 API generally chooses more secure defaults than v1, +// but care should still be taken with large integers or unknown members. +// +// [For example, suppose we have two micro-services.]: https://www.youtube.com/watch?v=avilmOcHKHE&t=1057s package json // requireKeyedLiterals can be embedded in a struct to require keyed literals. diff --git a/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/encode.go b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/encode.go deleted file mode 100644 index 5b81ca15af..0000000000 --- a/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/encode.go +++ /dev/null @@ -1,1170 +0,0 @@ -// Copyright 2020 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package json - -import ( - "bytes" - "io" - "math" - "math/bits" - "strconv" - "unicode/utf16" - "unicode/utf8" -) - -// EncodeOptions configures how JSON encoding operates. -// The zero value is equivalent to the default settings, -// which is compliant with both RFC 7493 and RFC 8259. -type EncodeOptions struct { - requireKeyedLiterals - nonComparable - - // multiline specifies whether the encoder should emit multiline output. - multiline bool - - // omitTopLevelNewline specifies whether to omit the newline - // that is appended after every top-level JSON value when streaming. - omitTopLevelNewline bool - - // AllowDuplicateNames specifies that JSON objects may contain - // duplicate member names. Disabling the duplicate name check may provide - // performance benefits, but breaks compliance with RFC 7493, section 2.3. - // The output will still be compliant with RFC 8259, - // which leaves the handling of duplicate names as unspecified behavior. - AllowDuplicateNames bool - - // AllowInvalidUTF8 specifies that JSON strings may contain invalid UTF-8, - // which will be mangled as the Unicode replacement character, U+FFFD. - // This causes the encoder to break compliance with - // RFC 7493, section 2.1, and RFC 8259, section 8.1. - AllowInvalidUTF8 bool - - // preserveRawStrings specifies that WriteToken and WriteValue should not - // reformat any JSON string, but keep the formatting verbatim. - preserveRawStrings bool - - // canonicalizeNumbers specifies that WriteToken and WriteValue should - // reformat any JSON numbers according to RFC 8785, section 3.2.2.3. - canonicalizeNumbers bool - - // EscapeRune reports whether the provided character should be escaped - // as a hexadecimal Unicode codepoint (e.g., \ufffd). - // If nil, the shortest and simplest encoding will be used, - // which is also the formatting specified by RFC 8785, section 3.2.2.2. - EscapeRune func(rune) bool - - // Indent (if non-empty) specifies that the encoder should emit multiline - // output where each element in a JSON object or array begins on a new, - // indented line beginning with the indent prefix followed by one or more - // copies of indent according to the indentation nesting. - // It may only be composed of space or tab characters. - Indent string - - // IndentPrefix is prepended to each line within a JSON object or array. - // The purpose of the indent prefix is to encode data that can more easily - // be embedded inside other formatted JSON data. - // It may only be composed of space or tab characters. - // It is ignored if Indent is empty. - IndentPrefix string -} - -// Encoder is a streaming encoder from raw JSON tokens and values. -// It is used to write a stream of top-level JSON values, -// each terminated with a newline character. -// -// WriteToken and WriteValue calls may be interleaved. -// For example, the following JSON value: -// -// {"name":"value","array":[null,false,true,3.14159],"object":{"k":"v"}} -// -// can be composed with the following calls (ignoring errors for brevity): -// -// e.WriteToken(ObjectStart) // { -// e.WriteToken(String("name")) // "name" -// e.WriteToken(String("value")) // "value" -// e.WriteValue(RawValue(`"array"`)) // "array" -// e.WriteToken(ArrayStart) // [ -// e.WriteToken(Null) // null -// e.WriteToken(False) // false -// e.WriteValue(RawValue("true")) // true -// e.WriteToken(Float(3.14159)) // 3.14159 -// e.WriteToken(ArrayEnd) // ] -// e.WriteValue(RawValue(`"object"`)) // "object" -// e.WriteValue(RawValue(`{"k":"v"}`)) // {"k":"v"} -// e.WriteToken(ObjectEnd) // } -// -// The above is one of many possible sequence of calls and -// may not represent the most sensible method to call for any given token/value. -// For example, it is probably more common to call WriteToken with a string -// for object names. -type Encoder struct { - state - encodeBuffer - options EncodeOptions - - seenPointers seenPointers // only used when marshaling -} - -// encodeBuffer is a buffer split into 2 segments: -// -// - buf[0:len(buf)] // written (but unflushed) portion of the buffer -// - buf[len(buf):cap(buf)] // unused portion of the buffer -type encodeBuffer struct { - buf []byte // may alias wr if it is a bytes.Buffer - - // baseOffset is added to len(buf) to obtain the absolute offset - // relative to the start of io.Writer stream. - baseOffset int64 - - wr io.Writer - - // maxValue is the approximate maximum RawValue size passed to WriteValue. - maxValue int - // unusedCache is the buffer returned by the UnusedBuffer method. - unusedCache []byte - // bufStats is statistics about buffer utilization. - // It is only used with pooled encoders in pools.go. - bufStats bufferStatistics -} - -// NewEncoder constructs a new streaming encoder writing to w. -func NewEncoder(w io.Writer) *Encoder { - return EncodeOptions{}.NewEncoder(w) -} - -// NewEncoder constructs a new streaming encoder writing to w -// configured with the provided options. -// It flushes the internal buffer when the buffer is sufficiently full or -// when a top-level value has been written. -// -// If w is a bytes.Buffer, then the encoder appends directly into the buffer -// without copying the contents from an intermediate buffer. -func (o EncodeOptions) NewEncoder(w io.Writer) *Encoder { - e := new(Encoder) - o.ResetEncoder(e, w) - return e -} - -// ResetEncoder resets an encoder such that it is writing afresh to w and -// configured with the provided options. -func (o EncodeOptions) ResetEncoder(e *Encoder, w io.Writer) { - if e == nil { - panic("json: invalid nil Encoder") - } - if w == nil { - panic("json: invalid nil io.Writer") - } - e.reset(nil, w, o) -} - -func (e *Encoder) reset(b []byte, w io.Writer, o EncodeOptions) { - if len(o.Indent) > 0 { - o.multiline = true - if s := trimLeftSpaceTab(o.IndentPrefix); len(s) > 0 { - panic("json: invalid character " + quoteRune([]byte(s)) + " in indent prefix") - } - if s := trimLeftSpaceTab(o.Indent); len(s) > 0 { - panic("json: invalid character " + quoteRune([]byte(s)) + " in indent") - } - } - e.state.reset() - e.encodeBuffer = encodeBuffer{buf: b, wr: w, bufStats: e.bufStats} - e.options = o - if bb, ok := w.(*bytes.Buffer); ok && bb != nil { - e.buf = bb.Bytes()[bb.Len():] // alias the unused buffer of bb - } -} - -// Reset resets an encoder such that it is writing afresh to w but -// keeps any pre-existing encoder options. -func (e *Encoder) Reset(w io.Writer) { - e.options.ResetEncoder(e, w) -} - -// needFlush determines whether to flush at this point. -func (e *Encoder) needFlush() bool { - // NOTE: This function is carefully written to be inlineable. - - // Avoid flushing if e.wr is nil since there is no underlying writer. - // Flush if less than 25% of the capacity remains. - // Flushing at some constant fraction ensures that the buffer stops growing - // so long as the largest Token or Value fits within that unused capacity. - return e.wr != nil && (e.tokens.depth() == 1 || len(e.buf) > 3*cap(e.buf)/4) -} - -// flush flushes the buffer to the underlying io.Writer. -// It may append a trailing newline after the top-level value. -func (e *Encoder) flush() error { - if e.wr == nil || e.avoidFlush() { - return nil - } - - // In streaming mode, always emit a newline after the top-level value. - if e.tokens.depth() == 1 && !e.options.omitTopLevelNewline { - e.buf = append(e.buf, '\n') - } - - // Inform objectNameStack that we are about to flush the buffer content. - e.names.copyQuotedBuffer(e.buf) - - // Specialize bytes.Buffer for better performance. - if bb, ok := e.wr.(*bytes.Buffer); ok { - // If e.buf already aliases the internal buffer of bb, - // then the Write call simply increments the internal offset, - // otherwise Write operates as expected. - // See https://go.dev/issue/42986. - n, _ := bb.Write(e.buf) // never fails unless bb is nil - e.baseOffset += int64(n) - - // If the internal buffer of bytes.Buffer is too small, - // append operations elsewhere in the Encoder may grow the buffer. - // This would be semantically correct, but hurts performance. - // As such, ensure 25% of the current length is always available - // to reduce the probability that other appends must allocate. - if avail := bb.Cap() - bb.Len(); avail < bb.Len()/4 { - bb.Grow(avail + 1) - } - - e.buf = bb.Bytes()[bb.Len():] // alias the unused buffer of bb - return nil - } - - // Flush the internal buffer to the underlying io.Writer. - n, err := e.wr.Write(e.buf) - e.baseOffset += int64(n) - if err != nil { - // In the event of an error, preserve the unflushed portion. - // Thus, write errors aren't fatal so long as the io.Writer - // maintains consistent state after errors. - if n > 0 { - e.buf = e.buf[:copy(e.buf, e.buf[n:])] - } - return &ioError{action: "write", err: err} - } - e.buf = e.buf[:0] - - // Check whether to grow the buffer. - // Note that cap(e.buf) may already exceed maxBufferSize since - // an append elsewhere already grew it to store a large token. - const maxBufferSize = 4 << 10 - const growthSizeFactor = 2 // higher value is faster - const growthRateFactor = 2 // higher value is slower - // By default, grow if below the maximum buffer size. - grow := cap(e.buf) <= maxBufferSize/growthSizeFactor - // Growing can be expensive, so only grow - // if a sufficient number of bytes have been processed. - grow = grow && int64(cap(e.buf)) < e.previousOffsetEnd()/growthRateFactor - if grow { - e.buf = make([]byte, 0, cap(e.buf)*growthSizeFactor) - } - - return nil -} - -func (e *encodeBuffer) previousOffsetEnd() int64 { return e.baseOffset + int64(len(e.buf)) } -func (e *encodeBuffer) unflushedBuffer() []byte { return e.buf } - -// avoidFlush indicates whether to avoid flushing to ensure there is always -// enough in the buffer to unwrite the last object member if it were empty. -func (e *Encoder) avoidFlush() bool { - switch { - case e.tokens.last.length() == 0: - // Never flush after ObjectStart or ArrayStart since we don't know yet - // if the object or array will end up being empty. - return true - case e.tokens.last.needObjectValue(): - // Never flush before the object value since we don't know yet - // if the object value will end up being empty. - return true - case e.tokens.last.needObjectName() && len(e.buf) >= 2: - // Never flush after the object value if it does turn out to be empty. - switch string(e.buf[len(e.buf)-2:]) { - case `ll`, `""`, `{}`, `[]`: // last two bytes of every empty value - return true - } - } - return false -} - -// unwriteEmptyObjectMember unwrites the last object member if it is empty -// and reports whether it performed an unwrite operation. -func (e *Encoder) unwriteEmptyObjectMember(prevName *string) bool { - if last := e.tokens.last; !last.isObject() || !last.needObjectName() || last.length() == 0 { - panic("BUG: must be called on an object after writing a value") - } - - // The flushing logic is modified to never flush a trailing empty value. - // The encoder never writes trailing whitespace eagerly. - b := e.unflushedBuffer() - - // Detect whether the last value was empty. - var n int - if len(b) >= 3 { - switch string(b[len(b)-2:]) { - case "ll": // last two bytes of `null` - n = len(`null`) - case `""`: - // It is possible for a non-empty string to have `""` as a suffix - // if the second to the last quote was escaped. - if b[len(b)-3] == '\\' { - return false // e.g., `"\""` is not empty - } - n = len(`""`) - case `{}`: - n = len(`{}`) - case `[]`: - n = len(`[]`) - } - } - if n == 0 { - return false - } - - // Unwrite the value, whitespace, colon, name, whitespace, and comma. - b = b[:len(b)-n] - b = trimSuffixWhitespace(b) - b = trimSuffixByte(b, ':') - b = trimSuffixString(b) - b = trimSuffixWhitespace(b) - b = trimSuffixByte(b, ',') - e.buf = b // store back truncated unflushed buffer - - // Undo state changes. - e.tokens.last.decrement() // for object member value - e.tokens.last.decrement() // for object member name - if !e.options.AllowDuplicateNames { - if e.tokens.last.isActiveNamespace() { - e.namespaces.last().removeLast() - } - e.names.clearLast() - if prevName != nil { - e.names.copyQuotedBuffer(e.buf) // required by objectNameStack.replaceLastUnquotedName - e.names.replaceLastUnquotedName(*prevName) - } - } - return true -} - -// unwriteOnlyObjectMemberName unwrites the only object member name -// and returns the unquoted name. -func (e *Encoder) unwriteOnlyObjectMemberName() string { - if last := e.tokens.last; !last.isObject() || last.length() != 1 { - panic("BUG: must be called on an object after writing first name") - } - - // Unwrite the name and whitespace. - b := trimSuffixString(e.buf) - isVerbatim := bytes.IndexByte(e.buf[len(b):], '\\') < 0 - name := string(unescapeStringMayCopy(e.buf[len(b):], isVerbatim)) - e.buf = trimSuffixWhitespace(b) - - // Undo state changes. - e.tokens.last.decrement() - if !e.options.AllowDuplicateNames { - if e.tokens.last.isActiveNamespace() { - e.namespaces.last().removeLast() - } - e.names.clearLast() - } - return name -} - -func trimSuffixWhitespace(b []byte) []byte { - // NOTE: The arguments and logic are kept simple to keep this inlineable. - n := len(b) - 1 - for n >= 0 && (b[n] == ' ' || b[n] == '\t' || b[n] == '\r' || b[n] == '\n') { - n-- - } - return b[:n+1] -} - -func trimSuffixString(b []byte) []byte { - // NOTE: The arguments and logic are kept simple to keep this inlineable. - if len(b) > 0 && b[len(b)-1] == '"' { - b = b[:len(b)-1] - } - for len(b) >= 2 && !(b[len(b)-1] == '"' && b[len(b)-2] != '\\') { - b = b[:len(b)-1] // trim all characters except an unescaped quote - } - if len(b) > 0 && b[len(b)-1] == '"' { - b = b[:len(b)-1] - } - return b -} - -func hasSuffixByte(b []byte, c byte) bool { - // NOTE: The arguments and logic are kept simple to keep this inlineable. - return len(b) > 0 && b[len(b)-1] == c -} - -func trimSuffixByte(b []byte, c byte) []byte { - // NOTE: The arguments and logic are kept simple to keep this inlineable. - if len(b) > 0 && b[len(b)-1] == c { - return b[:len(b)-1] - } - return b -} - -// WriteToken writes the next token and advances the internal write offset. -// -// The provided token kind must be consistent with the JSON grammar. -// For example, it is an error to provide a number when the encoder -// is expecting an object name (which is always a string), or -// to provide an end object delimiter when the encoder is finishing an array. -// If the provided token is invalid, then it reports a SyntacticError and -// the internal state remains unchanged. -func (e *Encoder) WriteToken(t Token) error { - k := t.Kind() - b := e.buf // use local variable to avoid mutating e in case of error - - // Append any delimiters or optional whitespace. - b = e.tokens.mayAppendDelim(b, k) - if e.options.multiline { - b = e.appendWhitespace(b, k) - } - - // Append the token to the output and to the state machine. - var err error - switch k { - case 'n': - b = append(b, "null"...) - err = e.tokens.appendLiteral() - case 'f': - b = append(b, "false"...) - err = e.tokens.appendLiteral() - case 't': - b = append(b, "true"...) - err = e.tokens.appendLiteral() - case '"': - n0 := len(b) // offset before calling t.appendString - if b, err = t.appendString(b, !e.options.AllowInvalidUTF8, e.options.preserveRawStrings, e.options.EscapeRune); err != nil { - break - } - if !e.options.AllowDuplicateNames && e.tokens.last.needObjectName() { - if !e.tokens.last.isValidNamespace() { - err = errInvalidNamespace - break - } - if e.tokens.last.isActiveNamespace() && !e.namespaces.last().insertQuoted(b[n0:], false) { - err = &SyntacticError{str: "duplicate name " + string(b[n0:]) + " in object"} - break - } - e.names.replaceLastQuotedOffset(n0) // only replace if insertQuoted succeeds - } - err = e.tokens.appendString() - case '0': - if b, err = t.appendNumber(b, e.options.canonicalizeNumbers); err != nil { - break - } - err = e.tokens.appendNumber() - case '{': - b = append(b, '{') - if err = e.tokens.pushObject(); err != nil { - break - } - if !e.options.AllowDuplicateNames { - e.names.push() - e.namespaces.push() - } - case '}': - b = append(b, '}') - if err = e.tokens.popObject(); err != nil { - break - } - if !e.options.AllowDuplicateNames { - e.names.pop() - e.namespaces.pop() - } - case '[': - b = append(b, '[') - err = e.tokens.pushArray() - case ']': - b = append(b, ']') - err = e.tokens.popArray() - default: - return &SyntacticError{str: "invalid json.Token"} - } - if err != nil { - return err - } - - // Finish off the buffer and store it back into e. - e.buf = b - if e.needFlush() { - return e.flush() - } - return nil -} - -const ( - rawIntNumber = -1 - rawUintNumber = -2 -) - -// writeNumber is specialized version of WriteToken, but optimized for numbers. -// As a special-case, if bits is -1 or -2, it will treat v as -// the raw-encoded bits of an int64 or uint64, respectively. -// It is only called from arshal_default.go. -func (e *Encoder) writeNumber(v float64, bits int, quote bool) error { - b := e.buf // use local variable to avoid mutating e in case of error - - // Append any delimiters or optional whitespace. - b = e.tokens.mayAppendDelim(b, '0') - if e.options.multiline { - b = e.appendWhitespace(b, '0') - } - - if quote { - // Append the value to the output. - n0 := len(b) // offset before appending the number - b = append(b, '"') - switch bits { - case rawIntNumber: - b = strconv.AppendInt(b, int64(math.Float64bits(v)), 10) - case rawUintNumber: - b = strconv.AppendUint(b, uint64(math.Float64bits(v)), 10) - default: - b = appendNumber(b, v, bits) - } - b = append(b, '"') - - // Escape the string if necessary. - if e.options.EscapeRune != nil { - b2 := append(e.unusedCache, b[n0+len(`"`):len(b)-len(`"`)]...) - b, _ = appendString(b[:n0], string(b2), false, e.options.EscapeRune) - e.unusedCache = b2[:0] - } - - // Update the state machine. - if !e.options.AllowDuplicateNames && e.tokens.last.needObjectName() { - if !e.tokens.last.isValidNamespace() { - return errInvalidNamespace - } - if e.tokens.last.isActiveNamespace() && !e.namespaces.last().insertQuoted(b[n0:], false) { - return &SyntacticError{str: "duplicate name " + string(b[n0:]) + " in object"} - } - e.names.replaceLastQuotedOffset(n0) // only replace if insertQuoted succeeds - } - if err := e.tokens.appendString(); err != nil { - return err - } - } else { - switch bits { - case rawIntNumber: - b = strconv.AppendInt(b, int64(math.Float64bits(v)), 10) - case rawUintNumber: - b = strconv.AppendUint(b, uint64(math.Float64bits(v)), 10) - default: - b = appendNumber(b, v, bits) - } - if err := e.tokens.appendNumber(); err != nil { - return err - } - } - - // Finish off the buffer and store it back into e. - e.buf = b - if e.needFlush() { - return e.flush() - } - return nil -} - -// WriteValue writes the next raw value and advances the internal write offset. -// The Encoder does not simply copy the provided value verbatim, but -// parses it to ensure that it is syntactically valid and reformats it -// according to how the Encoder is configured to format whitespace and strings. -// -// The provided value kind must be consistent with the JSON grammar -// (see examples on Encoder.WriteToken). If the provided value is invalid, -// then it reports a SyntacticError and the internal state remains unchanged. -func (e *Encoder) WriteValue(v RawValue) error { - e.maxValue |= len(v) // bitwise OR is a fast approximation of max - - k := v.Kind() - b := e.buf // use local variable to avoid mutating e in case of error - - // Append any delimiters or optional whitespace. - b = e.tokens.mayAppendDelim(b, k) - if e.options.multiline { - b = e.appendWhitespace(b, k) - } - - // Append the value the output. - var err error - v = v[consumeWhitespace(v):] - n0 := len(b) // offset before calling e.reformatValue - b, v, err = e.reformatValue(b, v, e.tokens.depth()) - if err != nil { - return err - } - v = v[consumeWhitespace(v):] - if len(v) > 0 { - return newInvalidCharacterError(v[0:], "after top-level value") - } - - // Append the kind to the state machine. - switch k { - case 'n', 'f', 't': - err = e.tokens.appendLiteral() - case '"': - if !e.options.AllowDuplicateNames && e.tokens.last.needObjectName() { - if !e.tokens.last.isValidNamespace() { - err = errInvalidNamespace - break - } - if e.tokens.last.isActiveNamespace() && !e.namespaces.last().insertQuoted(b[n0:], false) { - err = &SyntacticError{str: "duplicate name " + string(b[n0:]) + " in object"} - break - } - e.names.replaceLastQuotedOffset(n0) // only replace if insertQuoted succeeds - } - err = e.tokens.appendString() - case '0': - err = e.tokens.appendNumber() - case '{': - if err = e.tokens.pushObject(); err != nil { - break - } - if err = e.tokens.popObject(); err != nil { - panic("BUG: popObject should never fail immediately after pushObject: " + err.Error()) - } - case '[': - if err = e.tokens.pushArray(); err != nil { - break - } - if err = e.tokens.popArray(); err != nil { - panic("BUG: popArray should never fail immediately after pushArray: " + err.Error()) - } - } - if err != nil { - return err - } - - // Finish off the buffer and store it back into e. - e.buf = b - if e.needFlush() { - return e.flush() - } - return nil -} - -// appendWhitespace appends whitespace that immediately precedes the next token. -func (e *Encoder) appendWhitespace(b []byte, next Kind) []byte { - if e.tokens.needDelim(next) == ':' { - return append(b, ' ') - } else { - return e.appendIndent(b, e.tokens.needIndent(next)) - } -} - -// appendIndent appends the appropriate number of indentation characters -// for the current nested level, n. -func (e *Encoder) appendIndent(b []byte, n int) []byte { - if n == 0 { - return b - } - b = append(b, '\n') - b = append(b, e.options.IndentPrefix...) - for ; n > 1; n-- { - b = append(b, e.options.Indent...) - } - return b -} - -// reformatValue parses a JSON value from the start of src and -// appends it to the end of dst, reformatting whitespace and strings as needed. -// It returns the updated versions of dst and src. -func (e *Encoder) reformatValue(dst []byte, src RawValue, depth int) ([]byte, RawValue, error) { - // TODO: Should this update valueFlags as input? - if len(src) == 0 { - return dst, src, io.ErrUnexpectedEOF - } - var n int - var err error - switch k := Kind(src[0]).normalize(); k { - case 'n': - if n = consumeNull(src); n == 0 { - n, err = consumeLiteral(src, "null") - } - case 'f': - if n = consumeFalse(src); n == 0 { - n, err = consumeLiteral(src, "false") - } - case 't': - if n = consumeTrue(src); n == 0 { - n, err = consumeLiteral(src, "true") - } - case '"': - if n := consumeSimpleString(src); n > 0 && e.options.EscapeRune == nil { - dst, src = append(dst, src[:n]...), src[n:] // copy simple strings verbatim - return dst, src, nil - } - return reformatString(dst, src, !e.options.AllowInvalidUTF8, e.options.preserveRawStrings, e.options.EscapeRune) - case '0': - if n := consumeSimpleNumber(src); n > 0 && !e.options.canonicalizeNumbers { - dst, src = append(dst, src[:n]...), src[n:] // copy simple numbers verbatim - return dst, src, nil - } - return reformatNumber(dst, src, e.options.canonicalizeNumbers) - case '{': - return e.reformatObject(dst, src, depth) - case '[': - return e.reformatArray(dst, src, depth) - default: - return dst, src, newInvalidCharacterError(src, "at start of value") - } - if err != nil { - return dst, src, err - } - dst, src = append(dst, src[:n]...), src[n:] - return dst, src, nil -} - -// reformatObject parses a JSON object from the start of src and -// appends it to the end of src, reformatting whitespace and strings as needed. -// It returns the updated versions of dst and src. -func (e *Encoder) reformatObject(dst []byte, src RawValue, depth int) ([]byte, RawValue, error) { - // Append object start. - if src[0] != '{' { - panic("BUG: reformatObject must be called with a buffer that starts with '{'") - } - dst, src = append(dst, '{'), src[1:] - - // Append (possible) object end. - src = src[consumeWhitespace(src):] - if len(src) == 0 { - return dst, src, io.ErrUnexpectedEOF - } - if src[0] == '}' { - dst, src = append(dst, '}'), src[1:] - return dst, src, nil - } - - var err error - var names *objectNamespace - if !e.options.AllowDuplicateNames { - e.namespaces.push() - defer e.namespaces.pop() - names = e.namespaces.last() - } - depth++ - for { - // Append optional newline and indentation. - if e.options.multiline { - dst = e.appendIndent(dst, depth) - } - - // Append object name. - src = src[consumeWhitespace(src):] - if len(src) == 0 { - return dst, src, io.ErrUnexpectedEOF - } - n0 := len(dst) // offset before calling reformatString - n := consumeSimpleString(src) - if n > 0 && e.options.EscapeRune == nil { - dst, src = append(dst, src[:n]...), src[n:] // copy simple strings verbatim - } else { - dst, src, err = reformatString(dst, src, !e.options.AllowInvalidUTF8, e.options.preserveRawStrings, e.options.EscapeRune) - } - if err != nil { - return dst, src, err - } - if !e.options.AllowDuplicateNames && !names.insertQuoted(dst[n0:], false) { - return dst, src, &SyntacticError{str: "duplicate name " + string(dst[n0:]) + " in object"} - } - - // Append colon. - src = src[consumeWhitespace(src):] - if len(src) == 0 { - return dst, src, io.ErrUnexpectedEOF - } - if src[0] != ':' { - return dst, src, newInvalidCharacterError(src, "after object name (expecting ':')") - } - dst, src = append(dst, ':'), src[1:] - if e.options.multiline { - dst = append(dst, ' ') - } - - // Append object value. - src = src[consumeWhitespace(src):] - if len(src) == 0 { - return dst, src, io.ErrUnexpectedEOF - } - dst, src, err = e.reformatValue(dst, src, depth) - if err != nil { - return dst, src, err - } - - // Append comma or object end. - src = src[consumeWhitespace(src):] - if len(src) == 0 { - return dst, src, io.ErrUnexpectedEOF - } - switch src[0] { - case ',': - dst, src = append(dst, ','), src[1:] - continue - case '}': - if e.options.multiline { - dst = e.appendIndent(dst, depth-1) - } - dst, src = append(dst, '}'), src[1:] - return dst, src, nil - default: - return dst, src, newInvalidCharacterError(src, "after object value (expecting ',' or '}')") - } - } -} - -// reformatArray parses a JSON array from the start of src and -// appends it to the end of dst, reformatting whitespace and strings as needed. -// It returns the updated versions of dst and src. -func (e *Encoder) reformatArray(dst []byte, src RawValue, depth int) ([]byte, RawValue, error) { - // Append array start. - if src[0] != '[' { - panic("BUG: reformatArray must be called with a buffer that starts with '['") - } - dst, src = append(dst, '['), src[1:] - - // Append (possible) array end. - src = src[consumeWhitespace(src):] - if len(src) == 0 { - return dst, src, io.ErrUnexpectedEOF - } - if src[0] == ']' { - dst, src = append(dst, ']'), src[1:] - return dst, src, nil - } - - var err error - depth++ - for { - // Append optional newline and indentation. - if e.options.multiline { - dst = e.appendIndent(dst, depth) - } - - // Append array value. - src = src[consumeWhitespace(src):] - if len(src) == 0 { - return dst, src, io.ErrUnexpectedEOF - } - dst, src, err = e.reformatValue(dst, src, depth) - if err != nil { - return dst, src, err - } - - // Append comma or array end. - src = src[consumeWhitespace(src):] - if len(src) == 0 { - return dst, src, io.ErrUnexpectedEOF - } - switch src[0] { - case ',': - dst, src = append(dst, ','), src[1:] - continue - case ']': - if e.options.multiline { - dst = e.appendIndent(dst, depth-1) - } - dst, src = append(dst, ']'), src[1:] - return dst, src, nil - default: - return dst, src, newInvalidCharacterError(src, "after array value (expecting ',' or ']')") - } - } -} - -// OutputOffset returns the current output byte offset. It gives the location -// of the next byte immediately after the most recently written token or value. -// The number of bytes actually written to the underlying io.Writer may be less -// than this offset due to internal buffering effects. -func (e *Encoder) OutputOffset() int64 { - return e.previousOffsetEnd() -} - -// UnusedBuffer returns a zero-length buffer with a possible non-zero capacity. -// This buffer is intended to be used to populate a RawValue -// being passed to an immediately succeeding WriteValue call. -// -// Example usage: -// -// b := d.UnusedBuffer() -// b = append(b, '"') -// b = appendString(b, v) // append the string formatting of v -// b = append(b, '"') -// ... := d.WriteValue(b) -// -// It is the user's responsibility to ensure that the value is valid JSON. -func (e *Encoder) UnusedBuffer() []byte { - // NOTE: We don't return e.buf[len(e.buf):cap(e.buf)] since WriteValue would - // need to take special care to avoid mangling the data while reformatting. - // WriteValue can't easily identify whether the input RawValue aliases e.buf - // without using unsafe.Pointer. Thus, we just return a different buffer. - // Should this ever alias e.buf, we need to consider how it operates with - // the specialized performance optimization for bytes.Buffer. - n := 1 << bits.Len(uint(e.maxValue|63)) // fast approximation for max length - if cap(e.unusedCache) < n { - e.unusedCache = make([]byte, 0, n) - } - return e.unusedCache -} - -// StackDepth returns the depth of the state machine for written JSON data. -// Each level on the stack represents a nested JSON object or array. -// It is incremented whenever an ObjectStart or ArrayStart token is encountered -// and decremented whenever an ObjectEnd or ArrayEnd token is encountered. -// The depth is zero-indexed, where zero represents the top-level JSON value. -func (e *Encoder) StackDepth() int { - // NOTE: Keep in sync with Decoder.StackDepth. - return e.tokens.depth() - 1 -} - -// StackIndex returns information about the specified stack level. -// It must be a number between 0 and StackDepth, inclusive. -// For each level, it reports the kind: -// -// - 0 for a level of zero, -// - '{' for a level representing a JSON object, and -// - '[' for a level representing a JSON array. -// -// It also reports the length of that JSON object or array. -// Each name and value in a JSON object is counted separately, -// so the effective number of members would be half the length. -// A complete JSON object must have an even length. -func (e *Encoder) StackIndex(i int) (Kind, int) { - // NOTE: Keep in sync with Decoder.StackIndex. - switch s := e.tokens.index(i); { - case i > 0 && s.isObject(): - return '{', s.length() - case i > 0 && s.isArray(): - return '[', s.length() - default: - return 0, s.length() - } -} - -// StackPointer returns a JSON Pointer (RFC 6901) to the most recently written value. -// Object names are only present if AllowDuplicateNames is false, otherwise -// object members are represented using their index within the object. -func (e *Encoder) StackPointer() string { - e.names.copyQuotedBuffer(e.buf) - return string(e.appendStackPointer(nil)) -} - -// appendString appends src to dst as a JSON string per RFC 7159, section 7. -// -// If validateUTF8 is specified, this rejects input that contains invalid UTF-8 -// otherwise invalid bytes are replaced with the Unicode replacement character. -// If escapeRune is provided, it specifies which runes to escape using -// hexadecimal sequences. If nil, the shortest representable form is used, -// which is also the canonical form for strings (RFC 8785, section 3.2.2.2). -// -// Note that this API allows full control over the formatting of strings -// except for whether a forward solidus '/' may be formatted as '\/' and -// the casing of hexadecimal Unicode escape sequences. -func appendString(dst []byte, src string, validateUTF8 bool, escapeRune func(rune) bool) ([]byte, error) { - appendEscapedASCII := func(dst []byte, c byte) []byte { - switch c { - case '"', '\\': - dst = append(dst, '\\', c) - case '\b': - dst = append(dst, "\\b"...) - case '\f': - dst = append(dst, "\\f"...) - case '\n': - dst = append(dst, "\\n"...) - case '\r': - dst = append(dst, "\\r"...) - case '\t': - dst = append(dst, "\\t"...) - default: - dst = append(dst, "\\u"...) - dst = appendHexUint16(dst, uint16(c)) - } - return dst - } - appendEscapedUnicode := func(dst []byte, r rune) []byte { - if r1, r2 := utf16.EncodeRune(r); r1 != '\ufffd' && r2 != '\ufffd' { - dst = append(dst, "\\u"...) - dst = appendHexUint16(dst, uint16(r1)) - dst = append(dst, "\\u"...) - dst = appendHexUint16(dst, uint16(r2)) - } else { - dst = append(dst, "\\u"...) - dst = appendHexUint16(dst, uint16(r)) - } - return dst - } - - // Optimize for when escapeRune is nil. - if escapeRune == nil { - var i, n int - dst = append(dst, '"') - for uint(len(src)) > uint(n) { - // Handle single-byte ASCII. - if c := src[n]; c < utf8.RuneSelf { - n++ - if c < ' ' || c == '"' || c == '\\' { - dst = append(dst, src[i:n-1]...) - dst = appendEscapedASCII(dst, c) - i = n - } - continue - } - - // Handle multi-byte Unicode. - _, rn := utf8.DecodeRuneInString(src[n:]) - n += rn - if rn == 1 { // must be utf8.RuneError since we already checked for single-byte ASCII - dst = append(dst, src[i:n-rn]...) - if validateUTF8 { - return dst, &SyntacticError{str: "invalid UTF-8 within string"} - } - dst = append(dst, "\ufffd"...) - i = n - } - } - dst = append(dst, src[i:n]...) - dst = append(dst, '"') - return dst, nil - } - - // Slower implementation for when escapeRune is non-nil. - var i, n int - dst = append(dst, '"') - for uint(len(src)) > uint(n) { - switch r, rn := utf8.DecodeRuneInString(src[n:]); { - case r == utf8.RuneError && rn == 1: - dst = append(dst, src[i:n]...) - if validateUTF8 { - return dst, &SyntacticError{str: "invalid UTF-8 within string"} - } - if escapeRune('\ufffd') { - dst = append(dst, `\ufffd`...) - } else { - dst = append(dst, "\ufffd"...) - } - n += rn - i = n - case escapeRune(r): - dst = append(dst, src[i:n]...) - dst = appendEscapedUnicode(dst, r) - n += rn - i = n - case r < ' ' || r == '"' || r == '\\': - dst = append(dst, src[i:n]...) - dst = appendEscapedASCII(dst, byte(r)) - n += rn - i = n - default: - n += rn - } - } - dst = append(dst, src[i:n]...) - dst = append(dst, '"') - return dst, nil -} - -// reformatString consumes a JSON string from src and appends it to dst, -// reformatting it if necessary for the given escapeRune parameter. -// It returns the appended output and the remainder of the input. -func reformatString(dst, src []byte, validateUTF8, preserveRaw bool, escapeRune func(rune) bool) ([]byte, []byte, error) { - // TODO: Should this update valueFlags as input? - var flags valueFlags - n, err := consumeString(&flags, src, validateUTF8) - if err != nil { - return dst, src[n:], err - } - if preserveRaw || (escapeRune == nil && flags.isCanonical()) { - dst = append(dst, src[:n]...) // copy the string verbatim - return dst, src[n:], nil - } - - // TODO: Implement a direct, raw-to-raw reformat for strings. - // If the escapeRune option would have resulted in no changes to the output, - // it would be faster to simply append src to dst without going through - // an intermediary representation in a separate buffer. - b, _ := unescapeString(make([]byte, 0, n), src[:n]) - dst, _ = appendString(dst, string(b), validateUTF8, escapeRune) - return dst, src[n:], nil -} - -// appendNumber appends src to dst as a JSON number per RFC 7159, section 6. -// It formats numbers similar to the ES6 number-to-string conversion. -// See https://go.dev/issue/14135. -// -// The output is identical to ECMA-262, 6th edition, section 7.1.12.1 and with -// RFC 8785, section 3.2.2.3 for 64-bit floating-point numbers except for -0, -// which is formatted as -0 instead of just 0. -// -// For 32-bit floating-point numbers, -// the output is a 32-bit equivalent of the algorithm. -// Note that ECMA-262 specifies no algorithm for 32-bit numbers. -func appendNumber(dst []byte, src float64, bits int) []byte { - if bits == 32 { - src = float64(float32(src)) - } - - abs := math.Abs(src) - fmt := byte('f') - if abs != 0 { - if bits == 64 && (float64(abs) < 1e-6 || float64(abs) >= 1e21) || - bits == 32 && (float32(abs) < 1e-6 || float32(abs) >= 1e21) { - fmt = 'e' - } - } - dst = strconv.AppendFloat(dst, src, fmt, -1, bits) - if fmt == 'e' { - // Clean up e-09 to e-9. - n := len(dst) - if n >= 4 && dst[n-4] == 'e' && dst[n-3] == '-' && dst[n-2] == '0' { - dst[n-2] = dst[n-1] - dst = dst[:n-1] - } - } - return dst -} - -// reformatNumber consumes a JSON string from src and appends it to dst, -// canonicalizing it if specified. -// It returns the appended output and the remainder of the input. -func reformatNumber(dst, src []byte, canonicalize bool) ([]byte, []byte, error) { - n, err := consumeNumber(src) - if err != nil { - return dst, src[n:], err - } - if !canonicalize { - dst = append(dst, src[:n]...) // copy the number verbatim - return dst, src[n:], nil - } - - // Canonicalize the number per RFC 8785, section 3.2.2.3. - // As an optimization, we can copy integer numbers below 2⁵³ verbatim. - const maxExactIntegerDigits = 16 // len(strconv.AppendUint(nil, 1<<53, 10)) - if n < maxExactIntegerDigits && consumeSimpleNumber(src[:n]) == n { - dst = append(dst, src[:n]...) // copy the number verbatim - return dst, src[n:], nil - } - fv, _ := strconv.ParseFloat(string(src[:n]), 64) - switch { - case fv == 0: - fv = 0 // normalize negative zero as just zero - case math.IsInf(fv, +1): - fv = +math.MaxFloat64 - case math.IsInf(fv, -1): - fv = -math.MaxFloat64 - } - return appendNumber(dst, fv, 64), src[n:], nil -} - -// appendHexUint16 appends src to dst as a 4-byte hexadecimal number. -func appendHexUint16(dst []byte, src uint16) []byte { - dst = append(dst, "0000"[1+(bits.Len16(src)-1)/4:]...) - dst = strconv.AppendUint(dst, uint64(src), 16) - return dst -} diff --git a/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/errors.go b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/errors.go index 35be8601ea..5b5d5f93aa 100644 --- a/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/errors.go +++ b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/errors.go @@ -2,43 +2,61 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. +//go:build !goexperiment.jsonv2 || !go1.25 + package json import ( + "cmp" "errors" + "fmt" "reflect" "strconv" "strings" - "unicode/utf8" -) + "sync" -const errorPrefix = "json: " + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal/jsonflags" + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal/jsonopts" + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal/jsonwire" + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext" +) -// Error matches errors returned by this package according to errors.Is. -const Error = jsonError("json error") +// ErrUnknownName indicates that a JSON object member could not be +// unmarshaled because the name is not known to the target Go struct. +// This error is directly wrapped within a [SemanticError] when produced. +// +// The name of an unknown JSON object member can be extracted as: +// +// err := ... +// var serr json.SemanticError +// if errors.As(err, &serr) && serr.Err == json.ErrUnknownName { +// ptr := serr.JSONPointer // JSON pointer to unknown name +// name := ptr.LastToken() // unknown name itself +// ... +// } +// +// This error is only returned if [RejectUnknownMembers] is true. +var ErrUnknownName = errors.New("unknown object member name") -type jsonError string +const errorPrefix = "json: " -func (e jsonError) Error() string { - return string(e) -} -func (e jsonError) Is(target error) bool { - return e == target || target == Error +func isSemanticError(err error) bool { + _, ok := err.(*SemanticError) + return ok } -type ioError struct { - action string // either "read" or "write" - err error +func isSyntacticError(err error) bool { + _, ok := err.(*jsontext.SyntacticError) + return ok } -func (e *ioError) Error() string { - return errorPrefix + e.action + " error: " + e.err.Error() -} -func (e *ioError) Unwrap() error { - return e.err -} -func (e *ioError) Is(target error) bool { - return e == target || target == Error || errors.Is(e.err, target) +// isFatalError reports whether this error must terminate asharling. +// All errors are considered fatal unless operating under +// [jsonflags.ReportErrorsWithLegacySemantics] in which case only +// syntactic errors and I/O errors are considered fatal. +func isFatalError(err error, flags jsonflags.Flags) bool { + return !flags.Get(jsonflags.ReportErrorsWithLegacySemantics) || + isSyntacticError(err) || export.IsIOError(err) } // SemanticError describes an error determining the meaning @@ -55,10 +73,13 @@ type SemanticError struct { ByteOffset int64 // JSONPointer indicates that an error occurred within this JSON value // as indicated using the JSON Pointer notation (see RFC 6901). - JSONPointer string + JSONPointer jsontext.Pointer // JSONKind is the JSON kind that could not be handled. - JSONKind Kind // may be zero if unknown + JSONKind jsontext.Kind // may be zero if unknown + // JSONValue is the JSON number or string that could not be unmarshaled. + // It is not populated during marshaling. + JSONValue jsontext.Value // may be nil if irrelevant or unknown // GoType is the Go type that could not be handled. GoType reflect.Type // may be nil if unknown @@ -66,18 +87,228 @@ type SemanticError struct { Err error // may be nil } -func (e *SemanticError) Error() string { - var sb strings.Builder - sb.WriteString(errorPrefix) +// coder is implemented by [jsontext.Encoder] or [jsontext.Decoder]. +type coder interface { + StackPointer() jsontext.Pointer + Options() Options +} + +// newInvalidFormatError wraps err in a SemanticError because +// the current type t cannot handle the provided options format. +// This error must be called before producing or consuming the next value. +// +// If [jsonflags.ReportErrorsWithLegacySemantics] is specified, +// then this automatically skips the next value when unmarshaling +// to ensure that the value is fully consumed. +func newInvalidFormatError(c coder, t reflect.Type) error { + err := fmt.Errorf("invalid format flag %q", c.Options().(*jsonopts.Struct).Format) + switch c := c.(type) { + case *jsontext.Encoder: + err = newMarshalErrorBefore(c, t, err) + case *jsontext.Decoder: + err = newUnmarshalErrorBeforeWithSkipping(c, t, err) + } + return err +} + +// newMarshalErrorBefore wraps err in a SemanticError assuming that e +// is positioned right before the next token or value, which causes an error. +func newMarshalErrorBefore(e *jsontext.Encoder, t reflect.Type, err error) error { + return &SemanticError{action: "marshal", GoType: t, Err: err, + ByteOffset: e.OutputOffset() + int64(export.Encoder(e).CountNextDelimWhitespace()), + JSONPointer: jsontext.Pointer(export.Encoder(e).AppendStackPointer(nil, +1))} +} + +// newUnmarshalErrorBefore wraps err in a SemanticError assuming that d +// is positioned right before the next token or value, which causes an error. +// It does not record the next JSON kind as this error is used to indicate +// the receiving Go value is invalid to unmarshal into (and not a JSON error). +// However, if [jsonflags.ReportErrorsWithLegacySemantics] is specified, +// then it does record the next JSON kind for historical reporting reasons. +func newUnmarshalErrorBefore(d *jsontext.Decoder, t reflect.Type, err error) error { + var k jsontext.Kind + if export.Decoder(d).Flags.Get(jsonflags.ReportErrorsWithLegacySemantics) { + k = d.PeekKind() + } + return &SemanticError{action: "unmarshal", GoType: t, Err: err, + ByteOffset: d.InputOffset() + int64(export.Decoder(d).CountNextDelimWhitespace()), + JSONPointer: jsontext.Pointer(export.Decoder(d).AppendStackPointer(nil, +1)), + JSONKind: k} +} + +// newUnmarshalErrorBeforeWithSkipping is like [newUnmarshalErrorBefore], +// but automatically skips the next value if +// [jsonflags.ReportErrorsWithLegacySemantics] is specified. +func newUnmarshalErrorBeforeWithSkipping(d *jsontext.Decoder, t reflect.Type, err error) error { + err = newUnmarshalErrorBefore(d, t, err) + if export.Decoder(d).Flags.Get(jsonflags.ReportErrorsWithLegacySemantics) { + if err2 := export.Decoder(d).SkipValue(); err2 != nil { + return err2 + } + } + return err +} + +// newUnmarshalErrorAfter wraps err in a SemanticError assuming that d +// is positioned right after the previous token or value, which caused an error. +func newUnmarshalErrorAfter(d *jsontext.Decoder, t reflect.Type, err error) error { + tokOrVal := export.Decoder(d).PreviousTokenOrValue() + return &SemanticError{action: "unmarshal", GoType: t, Err: err, + ByteOffset: d.InputOffset() - int64(len(tokOrVal)), + JSONPointer: jsontext.Pointer(export.Decoder(d).AppendStackPointer(nil, -1)), + JSONKind: jsontext.Value(tokOrVal).Kind()} +} + +// newUnmarshalErrorAfter wraps err in a SemanticError assuming that d +// is positioned right after the previous token or value, which caused an error. +// It also stores a copy of the last JSON value if it is a string or number. +func newUnmarshalErrorAfterWithValue(d *jsontext.Decoder, t reflect.Type, err error) error { + serr := newUnmarshalErrorAfter(d, t, err).(*SemanticError) + if serr.JSONKind == '"' || serr.JSONKind == '0' { + serr.JSONValue = jsontext.Value(export.Decoder(d).PreviousTokenOrValue()).Clone() + } + return serr +} + +// newUnmarshalErrorAfterWithSkipping is like [newUnmarshalErrorAfter], +// but automatically skips the remainder of the current value if +// [jsonflags.ReportErrorsWithLegacySemantics] is specified. +func newUnmarshalErrorAfterWithSkipping(d *jsontext.Decoder, t reflect.Type, err error) error { + err = newUnmarshalErrorAfter(d, t, err) + if export.Decoder(d).Flags.Get(jsonflags.ReportErrorsWithLegacySemantics) { + if err2 := export.Decoder(d).SkipValueRemainder(); err2 != nil { + return err2 + } + } + return err +} + +// newSemanticErrorWithPosition wraps err in a SemanticError assuming that +// the error occurred at the provided depth, and length. +// If err is already a SemanticError, then position information is only +// injected if it is currently unpopulated. +// +// If the position is unpopulated, it is ambiguous where the error occurred +// in the user code, whether it was before or after the current position. +// For the byte offset, we assume that the error occurred before the last read +// token or value when decoding, or before the next value when encoding. +// For the JSON pointer, we point to the parent object or array unless +// we can be certain that it happened with an object member. +// +// This is used to annotate errors returned by user-provided +// v2 MarshalJSON or UnmarshalJSON methods or functions. +func newSemanticErrorWithPosition(c coder, t reflect.Type, prevDepth int, prevLength int64, err error) error { + serr, _ := err.(*SemanticError) + if serr == nil { + serr = &SemanticError{Err: err} + } + var currDepth int + var currLength int64 + var coderState interface{ AppendStackPointer([]byte, int) []byte } + var offset int64 + switch c := c.(type) { + case *jsontext.Encoder: + e := export.Encoder(c) + serr.action = cmp.Or(serr.action, "marshal") + currDepth, currLength = e.Tokens.DepthLength() + offset = c.OutputOffset() + int64(export.Encoder(c).CountNextDelimWhitespace()) + coderState = e + case *jsontext.Decoder: + d := export.Decoder(c) + serr.action = cmp.Or(serr.action, "unmarshal") + currDepth, currLength = d.Tokens.DepthLength() + tokOrVal := d.PreviousTokenOrValue() + offset = c.InputOffset() - int64(len(tokOrVal)) + if (prevDepth == currDepth && prevLength == currLength) || len(tokOrVal) == 0 { + // If no Read method was called in the user-defined method or + // if the Peek method was called, then use the offset of the next value. + offset = c.InputOffset() + int64(export.Decoder(c).CountNextDelimWhitespace()) + } + coderState = d + } + serr.ByteOffset = cmp.Or(serr.ByteOffset, offset) + if serr.JSONPointer == "" { + where := 0 // default to ambiguous positioning + switch { + case prevDepth == currDepth && prevLength+0 == currLength: + where = +1 + case prevDepth == currDepth && prevLength+1 == currLength: + where = -1 + } + serr.JSONPointer = jsontext.Pointer(coderState.AppendStackPointer(nil, where)) + } + serr.GoType = cmp.Or(serr.GoType, t) + return serr +} + +// collapseSemanticErrors collapses double SemanticErrors at the outer levels +// into a single SemanticError by preserving the inner error, +// but prepending the ByteOffset and JSONPointer with the outer error. +// +// For example: +// +// collapseSemanticErrors(&SemanticError{ +// ByteOffset: len64(`[0,{"alpha":[0,1,`), +// JSONPointer: "/1/alpha/2", +// GoType: reflect.TypeFor[outerType](), +// Err: &SemanticError{ +// ByteOffset: len64(`{"foo":"bar","fizz":[0,`), +// JSONPointer: "/fizz/1", +// GoType: reflect.TypeFor[innerType](), +// Err: ..., +// }, +// }) +// +// results in: +// +// &SemanticError{ +// ByteOffset: len64(`[0,{"alpha":[0,1,`) + len64(`{"foo":"bar","fizz":[0,`), +// JSONPointer: "/1/alpha/2" + "/fizz/1", +// GoType: reflect.TypeFor[innerType](), +// Err: ..., +// } +// +// This is used to annotate errors returned by user-provided +// v1 MarshalJSON or UnmarshalJSON methods with precise position information +// if they themselves happened to return a SemanticError. +// Since MarshalJSON and UnmarshalJSON are not operating on the root JSON value, +// their positioning must be relative to the nested JSON value +// returned by UnmarshalJSON or passed to MarshalJSON. +// Therefore, we can construct an absolute position by concatenating +// the outer with the inner positions. +// +// Note that we do not use collapseSemanticErrors with user-provided functions +// that take in an [jsontext.Encoder] or [jsontext.Decoder] since they contain +// methods to report position relative to the root JSON value. +// We assume user-constructed errors are correctly precise about position. +func collapseSemanticErrors(err error) error { + if serr1, ok := err.(*SemanticError); ok { + if serr2, ok := serr1.Err.(*SemanticError); ok { + serr2.ByteOffset = serr1.ByteOffset + serr2.ByteOffset + serr2.JSONPointer = serr1.JSONPointer + serr2.JSONPointer + *serr1 = *serr2 + } + } + return err +} - // Hyrum-proof the error message by deliberately switching between - // two equivalent renderings of the same error message. - // The randomization is tied to the Hyrum-proofing already applied - // on map iteration in Go. +// errorModalVerb is a modal verb like "cannot" or "unable to". +// +// Once per process, Hyrum-proof the error message by deliberately +// switching between equivalent renderings of the same error message. +// The randomization is tied to the Hyrum-proofing already applied +// on map iteration in Go. +var errorModalVerb = sync.OnceValue(func() string { for phrase := range map[string]struct{}{"cannot": {}, "unable to": {}} { - sb.WriteString(phrase) - break // use whichever phrase we get in the first iteration + return phrase // use whichever phrase we get in the first iteration } + return "" +}) + +func (e *SemanticError) Error() string { + var sb strings.Builder + sb.WriteString(errorPrefix) + sb.WriteString(errorModalVerb()) // Format action. var preposition string @@ -94,7 +325,6 @@ func (e *SemanticError) Error() string { } // Format JSON kind. - var omitPreposition bool switch e.JSONKind { case 'n': sb.WriteString(" JSON null") @@ -109,75 +339,92 @@ func (e *SemanticError) Error() string { case '[', ']': sb.WriteString(" JSON array") default: - omitPreposition = true + if e.action == "" { + preposition = "" + } + } + if len(e.JSONValue) > 0 && len(e.JSONValue) < 100 { + sb.WriteByte(' ') + sb.Write(e.JSONValue) } // Format Go type. if e.GoType != nil { - if !omitPreposition { - sb.WriteString(preposition) + typeString := e.GoType.String() + if len(typeString) > 100 { + // An excessively long type string most likely occurs for + // an anonymous struct declaration with many fields. + // Reduce the noise by just printing the kind, + // and optionally prepending it with the package name + // if the struct happens to include an unexported field. + typeString = e.GoType.Kind().String() + if e.GoType.Kind() == reflect.Struct && e.GoType.Name() == "" { + for i := range e.GoType.NumField() { + if pkgPath := e.GoType.Field(i).PkgPath; pkgPath != "" { + typeString = pkgPath[strings.LastIndexByte(pkgPath, '/')+len("/"):] + ".struct" + break + } + } + } + } + sb.WriteString(preposition) + sb.WriteString(" Go ") + sb.WriteString(typeString) + } + + // Special handling for unknown names. + if e.Err == ErrUnknownName { + sb.WriteString(": ") + sb.WriteString(ErrUnknownName.Error()) + sb.WriteString(" ") + sb.WriteString(strconv.Quote(e.JSONPointer.LastToken())) + if parent := e.JSONPointer.Parent(); parent != "" { + sb.WriteString(" within ") + sb.WriteString(strconv.Quote(jsonwire.TruncatePointer(string(parent), 100))) } - sb.WriteString(" Go value of type ") - sb.WriteString(e.GoType.String()) + return sb.String() } // Format where. - switch { + // Avoid printing if it overlaps with a wrapped SyntacticError. + switch serr, _ := e.Err.(*jsontext.SyntacticError); { case e.JSONPointer != "": - sb.WriteString(" within JSON value at ") - sb.WriteString(strconv.Quote(e.JSONPointer)) + if serr == nil || !e.JSONPointer.Contains(serr.JSONPointer) { + sb.WriteString(" within ") + sb.WriteString(strconv.Quote(jsonwire.TruncatePointer(string(e.JSONPointer), 100))) + } case e.ByteOffset > 0: - sb.WriteString(" after byte offset ") - sb.WriteString(strconv.FormatInt(e.ByteOffset, 10)) + if serr == nil || !(e.ByteOffset <= serr.ByteOffset) { + sb.WriteString(" after offset ") + sb.WriteString(strconv.FormatInt(e.ByteOffset, 10)) + } } // Format underlying error. if e.Err != nil { + errString := e.Err.Error() + if isSyntacticError(e.Err) { + errString = strings.TrimPrefix(errString, "jsontext: ") + } sb.WriteString(": ") - sb.WriteString(e.Err.Error()) + sb.WriteString(errString) } return sb.String() } -func (e *SemanticError) Is(target error) bool { - return e == target || target == Error || errors.Is(e.Err, target) -} + func (e *SemanticError) Unwrap() error { return e.Err } -// SyntacticError is a description of a syntactic error that occurred when -// encoding or decoding JSON according to the grammar. -// -// The contents of this error as produced by this package may change over time. -type SyntacticError struct { - requireKeyedLiterals - nonComparable - - // ByteOffset indicates that an error occurred after this byte offset. - ByteOffset int64 - str string -} - -func (e *SyntacticError) Error() string { - return errorPrefix + e.str -} -func (e *SyntacticError) Is(target error) bool { - return e == target || target == Error -} -func (e *SyntacticError) withOffset(pos int64) error { - return &SyntacticError{ByteOffset: pos, str: e.str} -} - -func newInvalidCharacterError(prefix []byte, where string) *SyntacticError { - what := quoteRune(prefix) - return &SyntacticError{str: "invalid character " + what + " " + where} -} - -func quoteRune(b []byte) string { - r, n := utf8.DecodeRune(b) - if r == utf8.RuneError && n == 1 { - return `'\x` + strconv.FormatUint(uint64(b[0]), 16) + `'` +func newDuplicateNameError(ptr jsontext.Pointer, quotedName []byte, offset int64) error { + if quotedName != nil { + name, _ := jsonwire.AppendUnquote(nil, quotedName) + ptr = ptr.AppendToken(string(name)) + } + return &jsontext.SyntacticError{ + ByteOffset: offset, + JSONPointer: ptr, + Err: jsontext.ErrDuplicateName, } - return strconv.QuoteRune(r) } diff --git a/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/fields.go b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/fields.go index c0ee361668..045c6988a6 100644 --- a/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/fields.go +++ b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/fields.go @@ -2,27 +2,31 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. +//go:build !goexperiment.jsonv2 || !go1.25 + package json import ( + "cmp" "errors" "fmt" "io" "reflect" - "sort" + "slices" "strconv" "strings" "unicode" "unicode/utf8" -) -var errIgnoredField = errors.New("ignored field") + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal/jsonflags" + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal/jsonwire" +) type isZeroer interface { IsZero() bool } -var isZeroerType = reflect.TypeOf((*isZeroer)(nil)).Elem() +var isZeroerType = reflect.TypeFor[isZeroer]() type structFields struct { flattened []structField // listed in depth-first ordering @@ -31,9 +35,37 @@ type structFields struct { inlinedFallback *structField } +// reindex recomputes index to avoid bounds check during runtime. +// +// During the construction of each [structField] in [makeStructFields], +// the index field is 0-indexed. However, before it returns, +// the 0th field is stored in index0 and index stores the remainder. +func (sf *structFields) reindex() { + reindex := func(f *structField) { + f.index0 = f.index[0] + f.index = f.index[1:] + if len(f.index) == 0 { + f.index = nil // avoid pinning the backing slice + } + } + for i := range sf.flattened { + reindex(&sf.flattened[i]) + } + if sf.inlinedFallback != nil { + reindex(sf.inlinedFallback) + } +} + +// lookupByFoldedName looks up name by a case-insensitive match +// that also ignores the presence of dashes and underscores. +func (fs *structFields) lookupByFoldedName(name []byte) []*structField { + return fs.byFoldedName[string(foldName(name))] +} + type structField struct { id int // unique numeric ID in breadth-first ordering - index []int // index into a struct according to reflect.Type.FieldByIndex + index0 int // 0th index into a struct according to [reflect.Type.FieldByIndex] + index []int // 1st index and remainder according to [reflect.Type.FieldByIndex] typ reflect.Type fncs *arshaler isZero func(addressableValue) bool @@ -41,18 +73,12 @@ type structField struct { fieldOptions } -func makeStructFields(root reflect.Type) (structFields, *SemanticError) { - var fs structFields - fs.byActualName = make(map[string]*structField, root.NumField()) - fs.byFoldedName = make(map[string][]*structField, root.NumField()) +var errNoExportedFields = errors.New("Go struct has no exported fields") - // ambiguous is a sentinel value to indicate that at least two fields - // at the same depth have the same name, and thus cancel each other out. - // This follows the same rules as selecting a field on embedded structs - // where the shallowest field takes precedence. If more than one field - // exists at the shallowest depth, then the selection is illegal. - // See https://go.dev/ref/spec#Selectors. - ambiguous := new(structField) +func makeStructFields(root reflect.Type) (fs structFields, serr *SemanticError) { + orErrorf := func(serr *SemanticError, t reflect.Type, f string, a ...any) *SemanticError { + return cmp.Or(serr, &SemanticError{GoType: t, Err: fmt.Errorf(f, a...)}) + } // Setup a queue for a breath-first search. var queueIndex int @@ -66,6 +92,7 @@ func makeStructFields(root reflect.Type) (structFields, *SemanticError) { // Perform a breadth-first search over all reachable fields. // This ensures that len(f.index) will be monotonically increasing. + var allFields, inlinedFallbacks []structField for queueIndex < len(queue) { qe := queue[queueIndex] queueIndex++ @@ -75,16 +102,16 @@ func makeStructFields(root reflect.Type) (structFields, *SemanticError) { namesIndex := make(map[string]int) // index of each field with a given JSON object name in current struct var hasAnyJSONTag bool // whether any Go struct field has a `json` tag var hasAnyJSONField bool // whether any JSON serializable fields exist in current struct - for i := 0; i < t.NumField(); i++ { + for i := range t.NumField() { sf := t.Field(i) _, hasTag := sf.Tag.Lookup("json") hasAnyJSONTag = hasAnyJSONTag || hasTag - options, err := parseFieldOptions(sf) + options, ignored, err := parseFieldOptions(sf) if err != nil { - if err == errIgnoredField { - continue - } - return structFields{}, &SemanticError{GoType: t, Err: err} + serr = cmp.Or(serr, &SemanticError{GoType: t, Err: err}) + } + if ignored { + continue } hasAnyJSONField = true f := structField{ @@ -96,84 +123,104 @@ func makeStructFields(root reflect.Type) (structFields, *SemanticError) { fieldOptions: options, } if sf.Anonymous && !f.hasName { - f.inline = true // implied by use of Go embedding without an explicit name + if indirectType(f.typ).Kind() != reflect.Struct { + serr = orErrorf(serr, t, "embedded Go struct field %s of non-struct type must be explicitly given a JSON name", sf.Name) + } else { + f.inline = true // implied by use of Go embedding without an explicit name + } } if f.inline || f.unknown { // Handle an inlined field that serializes to/from // zero or more JSON object members. - if f.inline && f.unknown { - err := fmt.Errorf("Go struct field %s cannot have both `inline` and `unknown` specified", sf.Name) - return structFields{}, &SemanticError{GoType: t, Err: err} - } switch f.fieldOptions { case fieldOptions{name: f.name, quotedName: f.quotedName, inline: true}: case fieldOptions{name: f.name, quotedName: f.quotedName, unknown: true}: + case fieldOptions{name: f.name, quotedName: f.quotedName, inline: true, unknown: true}: + serr = orErrorf(serr, t, "Go struct field %s cannot have both `inline` and `unknown` specified", sf.Name) + f.inline = false // let `unknown` take precedence default: - err := fmt.Errorf("Go struct field %s cannot have any options other than `inline` or `unknown` specified", sf.Name) - return structFields{}, &SemanticError{GoType: t, Err: err} + serr = orErrorf(serr, t, "Go struct field %s cannot have any options other than `inline` or `unknown` specified", sf.Name) + if f.hasName { + continue // invalid inlined field; treat as ignored + } + f.fieldOptions = fieldOptions{name: f.name, quotedName: f.quotedName, inline: f.inline, unknown: f.unknown} + if f.inline && f.unknown { + f.inline = false // let `unknown` take precedence + } } - // Unwrap one level of pointer indirection similar to how Go - // only allows embedding either T or *T, but not **T. - tf := f.typ - if tf.Kind() == reflect.Pointer && tf.Name() == "" { - tf = tf.Elem() - } // Reject any types with custom serialization otherwise // it becomes impossible to know what sub-fields to inline. - if which, _ := implementsWhich(tf, - jsonMarshalerV2Type, jsonMarshalerV1Type, textMarshalerType, - jsonUnmarshalerV2Type, jsonUnmarshalerV1Type, textUnmarshalerType, - ); which != nil && tf != rawValueType { - err := fmt.Errorf("inlined Go struct field %s of type %s must not implement JSON marshal or unmarshal methods", sf.Name, tf) - return structFields{}, &SemanticError{GoType: t, Err: err} + tf := indirectType(f.typ) + if implementsAny(tf, allMethodTypes...) && tf != jsontextValueType { + serr = orErrorf(serr, t, "inlined Go struct field %s of type %s must not implement marshal or unmarshal methods", sf.Name, tf) } // Handle an inlined field that serializes to/from // a finite number of JSON object members backed by a Go struct. if tf.Kind() == reflect.Struct { if f.unknown { - err := fmt.Errorf("inlined Go struct field %s of type %s with `unknown` tag must be a Go map of string key or a json.RawValue", sf.Name, tf) - return structFields{}, &SemanticError{GoType: t, Err: err} + serr = orErrorf(serr, t, "inlined Go struct field %s of type %s with `unknown` tag must be a Go map of string key or a jsontext.Value", sf.Name, tf) + continue // invalid inlined field; treat as ignored } if qe.visitChildren { queue = append(queue, queueEntry{tf, f.index, !seen[tf]}) } seen[tf] = true continue + } else if !sf.IsExported() { + serr = orErrorf(serr, t, "inlined Go struct field %s is not exported", sf.Name) + continue // invalid inlined field; treat as ignored } // Handle an inlined field that serializes to/from any number of - // JSON object members back by a Go map or RawValue. + // JSON object members back by a Go map or jsontext.Value. switch { - case tf == rawValueType: + case tf == jsontextValueType: f.fncs = nil // specially handled in arshal_inlined.go - case tf.Kind() == reflect.Map && tf.Key() == stringType: + case tf.Kind() == reflect.Map && tf.Key().Kind() == reflect.String: + if implementsAny(tf.Key(), allMethodTypes...) { + serr = orErrorf(serr, t, "inlined map field %s of type %s must have a string key that does not implement marshal or unmarshal methods", sf.Name, tf) + continue // invalid inlined field; treat as ignored + } f.fncs = lookupArshaler(tf.Elem()) default: - err := fmt.Errorf("inlined Go struct field %s of type %s must be a Go struct, Go map of string key, or json.RawValue", sf.Name, tf) - return structFields{}, &SemanticError{GoType: t, Err: err} + serr = orErrorf(serr, t, "inlined Go struct field %s of type %s must be a Go struct, Go map of string key, or jsontext.Value", sf.Name, tf) + continue // invalid inlined field; treat as ignored } // Reject multiple inlined fallback fields within the same struct. if inlinedFallbackIndex >= 0 { - err := fmt.Errorf("inlined Go struct fields %s and %s cannot both be a Go map or json.RawValue", t.Field(inlinedFallbackIndex).Name, sf.Name) - return structFields{}, &SemanticError{GoType: t, Err: err} + serr = orErrorf(serr, t, "inlined Go struct fields %s and %s cannot both be a Go map or jsontext.Value", t.Field(inlinedFallbackIndex).Name, sf.Name) + // Still append f to inlinedFallbacks as there is still a + // check for a dominant inlined fallback before returning. } inlinedFallbackIndex = i - // Multiple inlined fallback fields across different structs - // follow the same precedence rules as Go struct embedding. - if fs.inlinedFallback == nil { - fs.inlinedFallback = &f // store first occurrence at lowest depth - } else if len(fs.inlinedFallback.index) == len(f.index) { - fs.inlinedFallback = ambiguous // at least two occurrences at same depth - } + inlinedFallbacks = append(inlinedFallbacks, f) } else { // Handle normal Go struct field that serializes to/from // a single JSON object member. + // Unexported fields cannot be serialized except for + // embedded fields of a struct type, + // which might promote exported fields of their own. + if !sf.IsExported() { + tf := indirectType(f.typ) + if !(sf.Anonymous && tf.Kind() == reflect.Struct) { + serr = orErrorf(serr, t, "Go struct field %s is not exported", sf.Name) + continue + } + // Unfortunately, methods on the unexported field + // still cannot be called. + if implementsAny(tf, allMethodTypes...) || + (f.omitzero && implementsAny(tf, isZeroerType)) { + serr = orErrorf(serr, t, "Go struct field %s is not exported for method calls", sf.Name) + continue + } + } + // Provide a function that uses a type's IsZero method. switch { case sf.Type.Kind() == reflect.Interface && sf.Type.Implements(isZeroerType): @@ -202,29 +249,17 @@ func makeStructFields(root reflect.Type) (structFields, *SemanticError) { f.isEmpty = func(va addressableValue) bool { return va.IsNil() } } - f.id = len(fs.flattened) - f.fncs = lookupArshaler(sf.Type) - fs.flattened = append(fs.flattened, f) - - // Reject user-specified names with invalid UTF-8. - if !utf8.ValidString(f.name) { - err := fmt.Errorf("Go struct field %s has JSON object name %q with invalid UTF-8", sf.Name, f.name) - return structFields{}, &SemanticError{GoType: t, Err: err} - } // Reject multiple fields with same name within the same struct. if j, ok := namesIndex[f.name]; ok { - err := fmt.Errorf("Go struct fields %s and %s conflict over JSON object name %q", t.Field(j).Name, sf.Name, f.name) - return structFields{}, &SemanticError{GoType: t, Err: err} + serr = orErrorf(serr, t, "Go struct fields %s and %s conflict over JSON object name %q", t.Field(j).Name, sf.Name, f.name) + // Still append f to allFields as there is still a + // check for a dominant field before returning. } namesIndex[f.name] = i - // Multiple fields of the same name across different structs - // follow the same precedence rules as Go struct embedding. - if f2 := fs.byActualName[f.name]; f2 == nil { - fs.byActualName[f.name] = &fs.flattened[len(fs.flattened)-1] // store first occurrence at lowest depth - } else if len(f2.index) == len(f.index) { - fs.byActualName[f.name] = ambiguous // at least two occurrences at same depth - } + f.id = len(allFields) + f.fncs = lookupArshaler(sf.Type) + allFields = append(allFields, f) } } @@ -239,58 +274,58 @@ func makeStructFields(root reflect.Type) (structFields, *SemanticError) { // errors returned by errors.New would fail to serialize. isEmptyStruct := t.NumField() == 0 if !isEmptyStruct && !hasAnyJSONTag && !hasAnyJSONField { - err := errors.New("Go struct has no exported fields") - return structFields{}, &SemanticError{GoType: t, Err: err} + serr = cmp.Or(serr, &SemanticError{GoType: t, Err: errNoExportedFields}) } } - // Remove all fields that are duplicates. - // This may move elements forward to fill the holes from removed fields. - var n int - for _, f := range fs.flattened { - switch f2 := fs.byActualName[f.name]; { - case f2 == ambiguous: - delete(fs.byActualName, f.name) - case f2 == nil: - continue // may be nil due to previous delete - // TODO(https://go.dev/issue/45955): Use slices.Equal. - case reflect.DeepEqual(f.index, f2.index): - f.id = n - fs.flattened[n] = f - fs.byActualName[f.name] = &fs.flattened[n] // fix pointer to new location + // Sort the fields by exact name (breaking ties by depth and + // then by presence of an explicitly provided JSON name). + // Select the dominant field from each set of fields with the same name. + // If multiple fields have the same name, then the dominant field + // is the one that exists alone at the shallowest depth, + // or the one that is uniquely tagged with a JSON name. + // Otherwise, no dominant field exists for the set. + flattened := allFields[:0] + slices.SortStableFunc(allFields, func(x, y structField) int { + return cmp.Or( + strings.Compare(x.name, y.name), + cmp.Compare(len(x.index), len(y.index)), + boolsCompare(!x.hasName, !y.hasName)) + }) + for len(allFields) > 0 { + n := 1 // number of fields with the same exact name + for n < len(allFields) && allFields[n-1].name == allFields[n].name { n++ } + if n == 1 || len(allFields[0].index) != len(allFields[1].index) || allFields[0].hasName != allFields[1].hasName { + flattened = append(flattened, allFields[0]) // only keep field if there is a dominant field + } + allFields = allFields[n:] } - fs.flattened = fs.flattened[:n] - if fs.inlinedFallback == ambiguous { - fs.inlinedFallback = nil - } - if len(fs.flattened) != len(fs.byActualName) { - panic(fmt.Sprintf("BUG: flattened list of fields mismatches fields mapped by name: %d != %d", len(fs.flattened), len(fs.byActualName))) + + // Sort the fields according to a breadth-first ordering + // so that we can re-number IDs with the smallest possible values. + // This optimizes use of uintSet such that it fits in the 64-entry bit set. + slices.SortFunc(flattened, func(x, y structField) int { + return cmp.Compare(x.id, y.id) + }) + for i := range flattened { + flattened[i].id = i } - // Sort the fields according to a depth-first ordering. - // This operation will cause pointers in byActualName to become incorrect, - // which we will correct in another loop shortly thereafter. - sort.Slice(fs.flattened, func(i, j int) bool { - si := fs.flattened[i].index - sj := fs.flattened[j].index - for len(si) > 0 && len(sj) > 0 { - switch { - case si[0] < sj[0]: - return true - case si[0] > sj[0]: - return false - default: - si = si[1:] - sj = sj[1:] - } - } - return len(si) < len(sj) + // Sort the fields according to a depth-first ordering + // as the typical order that fields are marshaled. + slices.SortFunc(flattened, func(x, y structField) int { + return slices.Compare(x.index, y.index) }) - // Recompute the mapping of fields in the byActualName map. + // Compute the mapping of fields in the byActualName map. // Pre-fold all names so that we can lookup folded names quickly. + fs = structFields{ + flattened: flattened, + byActualName: make(map[string]*structField, len(flattened)), + byFoldedName: make(map[string][]*structField, len(flattened)), + } for i, f := range fs.flattened { foldedName := string(foldName([]byte(f.name))) fs.byActualName[f.name] = &fs.flattened[i] @@ -298,58 +333,99 @@ func makeStructFields(root reflect.Type) (structFields, *SemanticError) { } for foldedName, fields := range fs.byFoldedName { if len(fields) > 1 { - // The precedence order for conflicting nocase names + // The precedence order for conflicting ignoreCase names // is by breadth-first order, rather than depth-first order. - sort.Slice(fields, func(i, j int) bool { - return fields[i].id < fields[j].id + slices.SortFunc(fields, func(x, y *structField) int { + return cmp.Compare(x.id, y.id) }) fs.byFoldedName[foldedName] = fields } } + if n := len(inlinedFallbacks); n == 1 || (n > 1 && len(inlinedFallbacks[0].index) != len(inlinedFallbacks[1].index)) { + fs.inlinedFallback = &inlinedFallbacks[0] // dominant inlined fallback field + } + fs.reindex() + return fs, serr +} + +// indirectType unwraps one level of pointer indirection +// similar to how Go only allows embedding either T or *T, +// but not **T or P (which is a named pointer). +func indirectType(t reflect.Type) reflect.Type { + if t.Kind() == reflect.Pointer && t.Name() == "" { + t = t.Elem() + } + return t +} - return fs, nil +// matchFoldedName matches a case-insensitive name depending on the options. +// It assumes that foldName(f.name) == foldName(name). +// +// Case-insensitive matching is used if the `case:ignore` tag option is specified +// or the MatchCaseInsensitiveNames call option is specified +// (and the `case:strict` tag option is not specified). +// Functionally, the `case:ignore` and `case:strict` tag options take precedence. +// +// The v1 definition of case-insensitivity operated under strings.EqualFold +// and would strictly compare dashes and underscores, +// while the v2 definition would ignore the presence of dashes and underscores. +// Thus, if the MatchCaseSensitiveDelimiter call option is specified, +// the match is further restricted to using strings.EqualFold. +func (f *structField) matchFoldedName(name []byte, flags *jsonflags.Flags) bool { + if f.casing == caseIgnore || (flags.Get(jsonflags.MatchCaseInsensitiveNames) && f.casing != caseStrict) { + if !flags.Get(jsonflags.MatchCaseSensitiveDelimiter) || strings.EqualFold(string(name), f.name) { + return true + } + } + return false } +const ( + caseIgnore = 1 + caseStrict = 2 +) + type fieldOptions struct { - name string - quotedName string // quoted name per RFC 8785, section 3.2.2.2. - hasName bool - nocase bool - inline bool - unknown bool - omitzero bool - omitempty bool - string bool - format string + name string + quotedName string // quoted name per RFC 8785, section 3.2.2.2. + hasName bool + nameNeedEscape bool + casing int8 // either 0, caseIgnore, or caseStrict + inline bool + unknown bool + omitzero bool + omitempty bool + string bool + format string } // parseFieldOptions parses the `json` tag in a Go struct field as // a structured set of options configuring parameters such as // the JSON member name and other features. -// As a special case, it returns errIgnoredField if the field is ignored. -func parseFieldOptions(sf reflect.StructField) (out fieldOptions, err error) { +func parseFieldOptions(sf reflect.StructField) (out fieldOptions, ignored bool, err error) { tag, hasTag := sf.Tag.Lookup("json") + tagOrig := tag // Check whether this field is explicitly ignored. if tag == "-" { - return fieldOptions{}, errIgnoredField + return fieldOptions{}, true, nil } - // Check whether this field is unexported. - if !sf.IsExported() { - // In contrast to v1, v2 no longer forwards exported fields from - // embedded fields of unexported types since Go reflection does not - // allow the same set of operations that are available in normal cases - // of purely exported fields. - // See https://go.dev/issue/21357 and https://go.dev/issue/24153. - if sf.Anonymous { - return fieldOptions{}, fmt.Errorf("embedded Go struct field %s of an unexported type must be explicitly ignored with a `json:\"-\"` tag", sf.Type.Name()) - } + // Check whether this field is unexported and not embedded, + // which Go reflection cannot mutate for the sake of serialization. + // + // An embedded field of an unexported type is still capable of + // forwarding exported fields, which may be JSON serialized. + // This technically operates on the edge of what is permissible by + // the Go language, but the most recent decision is to permit this. + // + // See https://go.dev/issue/24153 and https://go.dev/issue/32772. + if !sf.IsExported() && !sf.Anonymous { // Tag options specified on an unexported field suggests user error. if hasTag { - return fieldOptions{}, fmt.Errorf("unexported Go struct field %s cannot have non-ignored `json:%q` tag", sf.Name, tag) + err = cmp.Or(err, fmt.Errorf("unexported Go struct field %s cannot have non-ignored `json:%q` tag", sf.Name, tag)) } - return fieldOptions{}, errIgnoredField + return fieldOptions{}, true, err } // Determine the JSON member name for this Go field. A user-specified name @@ -362,20 +438,38 @@ func parseFieldOptions(sf reflect.StructField) (out fieldOptions, err error) { n := len(tag) - len(strings.TrimLeftFunc(tag, func(r rune) bool { return !strings.ContainsRune(",\\'\"`", r) // reserve comma, backslash, and quotes })) - opt := tag[:n] - if n == 0 { - // Allow a single quoted string for arbitrary names. - opt, n, err = consumeTagOption(tag) - if err != nil { - return fieldOptions{}, fmt.Errorf("Go struct field %s has malformed `json` tag: %v", sf.Name, err) + name := tag[:n] + + // If the next character is not a comma, then the name is either + // malformed (if n > 0) or a single-quoted name. + // In either case, call consumeTagOption to handle it further. + var err2 error + if !strings.HasPrefix(tag[n:], ",") && len(name) != len(tag) { + name, n, err2 = consumeTagOption(tag) + if err2 != nil { + err = cmp.Or(err, fmt.Errorf("Go struct field %s has malformed `json` tag: %v", sf.Name, err2)) } } - out.hasName = true - out.name = opt + if !utf8.ValidString(name) { + err = cmp.Or(err, fmt.Errorf("Go struct field %s has JSON object name %q with invalid UTF-8", sf.Name, name)) + name = string([]rune(name)) // replace invalid UTF-8 with utf8.RuneError + } + if name == "-" && tag[0] == '-' { + defer func() { // defer to let other errors take precedence + err = cmp.Or(err, fmt.Errorf("Go struct field %s has JSON object name %q; either "+ + "use `json:\"-\"` to ignore the field or "+ + "use `json:\"'-'%s` to specify %q as the name", sf.Name, out.name, strings.TrimPrefix(strconv.Quote(tagOrig), `"-`), name)) + }() + } + if err2 == nil { + out.hasName = true + out.name = name + } tag = tag[n:] } - b, _ := appendString(nil, out.name, false, nil) + b, _ := jsonwire.AppendQuote(nil, out.name, &jsonflags.Flags{}) out.quotedName = string(b) + out.nameNeedEscape = jsonwire.NeedEscape(out.name) // Handle any additional tag options (if any). var wasFormat bool @@ -383,29 +477,53 @@ func parseFieldOptions(sf reflect.StructField) (out fieldOptions, err error) { for len(tag) > 0 { // Consume comma delimiter. if tag[0] != ',' { - return fieldOptions{}, fmt.Errorf("Go struct field %s has malformed `json` tag: invalid character %q before next option (expecting ',')", sf.Name, tag[0]) - } - tag = tag[len(","):] - if len(tag) == 0 { - return fieldOptions{}, fmt.Errorf("Go struct field %s has malformed `json` tag: invalid trailing ',' character", sf.Name) + err = cmp.Or(err, fmt.Errorf("Go struct field %s has malformed `json` tag: invalid character %q before next option (expecting ',')", sf.Name, tag[0])) + } else { + tag = tag[len(","):] + if len(tag) == 0 { + err = cmp.Or(err, fmt.Errorf("Go struct field %s has malformed `json` tag: invalid trailing ',' character", sf.Name)) + break + } } // Consume and process the tag option. - opt, n, err := consumeTagOption(tag) - if err != nil { - return fieldOptions{}, fmt.Errorf("Go struct field %s has malformed `json` tag: %v", sf.Name, err) + opt, n, err2 := consumeTagOption(tag) + if err2 != nil { + err = cmp.Or(err, fmt.Errorf("Go struct field %s has malformed `json` tag: %v", sf.Name, err2)) } rawOpt := tag[:n] tag = tag[n:] switch { case wasFormat: - return fieldOptions{}, fmt.Errorf("Go struct field %s has `format` tag option that was not specified last", sf.Name) + err = cmp.Or(err, fmt.Errorf("Go struct field %s has `format` tag option that was not specified last", sf.Name)) case strings.HasPrefix(rawOpt, "'") && strings.TrimFunc(opt, isLetterOrDigit) == "": - return fieldOptions{}, fmt.Errorf("Go struct field %s has unnecessarily quoted appearance of `%s` tag option; specify `%s` instead", sf.Name, rawOpt, opt) + err = cmp.Or(err, fmt.Errorf("Go struct field %s has unnecessarily quoted appearance of `%s` tag option; specify `%s` instead", sf.Name, rawOpt, opt)) } switch opt { - case "nocase": - out.nocase = true + case "case": + if !strings.HasPrefix(tag, ":") { + err = cmp.Or(err, fmt.Errorf("Go struct field %s is missing value for `case` tag option; specify `case:ignore` or `case:strict` instead", sf.Name)) + break + } + tag = tag[len(":"):] + opt, n, err2 := consumeTagOption(tag) + if err2 != nil { + err = cmp.Or(err, fmt.Errorf("Go struct field %s has malformed value for `case` tag option: %v", sf.Name, err2)) + break + } + rawOpt := tag[:n] + tag = tag[n:] + if strings.HasPrefix(rawOpt, "'") { + err = cmp.Or(err, fmt.Errorf("Go struct field %s has unnecessarily quoted appearance of `case:%s` tag option; specify `case:%s` instead", sf.Name, rawOpt, opt)) + } + switch opt { + case "ignore": + out.casing |= caseIgnore + case "strict": + out.casing |= caseStrict + default: + err = cmp.Or(err, fmt.Errorf("Go struct field %s has unknown `case:%s` tag value", sf.Name, rawOpt)) + } case "inline": out.inline = true case "unknown": @@ -418,12 +536,14 @@ func parseFieldOptions(sf reflect.StructField) (out fieldOptions, err error) { out.string = true case "format": if !strings.HasPrefix(tag, ":") { - return fieldOptions{}, fmt.Errorf("Go struct field %s is missing value for `format` tag option", sf.Name) + err = cmp.Or(err, fmt.Errorf("Go struct field %s is missing value for `format` tag option", sf.Name)) + break } tag = tag[len(":"):] - opt, n, err := consumeTagOption(tag) - if err != nil { - return fieldOptions{}, fmt.Errorf("Go struct field %s has malformed value for `format` tag option: %v", sf.Name, err) + opt, n, err2 := consumeTagOption(tag) + if err2 != nil { + err = cmp.Or(err, fmt.Errorf("Go struct field %s has malformed value for `format` tag option: %v", sf.Name, err2)) + break } tag = tag[n:] out.format = opt @@ -433,8 +553,8 @@ func parseFieldOptions(sf reflect.StructField) (out fieldOptions, err error) { // This catches invalid mutants such as "omitEmpty" or "omit_empty". normOpt := strings.ReplaceAll(strings.ToLower(opt), "_", "") switch normOpt { - case "nocase", "inline", "unknown", "omitzero", "omitempty", "string", "format": - return fieldOptions{}, fmt.Errorf("Go struct field %s has invalid appearance of `%s` tag option; specify `%s` instead", sf.Name, opt, normOpt) + case "case", "inline", "unknown", "omitzero", "omitempty", "string", "format": + err = cmp.Or(err, fmt.Errorf("Go struct field %s has invalid appearance of `%s` tag option; specify `%s` instead", sf.Name, opt, normOpt)) } // NOTE: Everything else is ignored. This does not mean it is @@ -443,15 +563,28 @@ func parseFieldOptions(sf reflect.StructField) (out fieldOptions, err error) { } // Reject duplicates. - if seenOpts[opt] { - return fieldOptions{}, fmt.Errorf("Go struct field %s has duplicate appearance of `%s` tag option", sf.Name, rawOpt) + switch { + case out.casing == caseIgnore|caseStrict: + err = cmp.Or(err, fmt.Errorf("Go struct field %s cannot have both `case:ignore` and `case:strict` tag options", sf.Name)) + case seenOpts[opt]: + err = cmp.Or(err, fmt.Errorf("Go struct field %s has duplicate appearance of `%s` tag option", sf.Name, rawOpt)) } seenOpts[opt] = true } - return out, nil + return out, false, err } +// consumeTagOption consumes the next option, +// which is either a Go identifier or a single-quoted string. +// If the next option is invalid, it returns all of in until the next comma, +// and reports an error. func consumeTagOption(in string) (string, int, error) { + // For legacy compatibility with v1, assume options are comma-separated. + i := strings.IndexByte(in, ',') + if i < 0 { + i = len(in) + } + switch r, _ := utf8.DecodeRuneInString(in); { // Option as a Go identifier. case r == '_' || unicode.IsLetter(r): @@ -486,7 +619,7 @@ func consumeTagOption(in string) (string, int, error) { n += len(`'`) out, err := strconv.Unquote(string(b)) if err != nil { - return "", 0, fmt.Errorf("invalid single-quoted string: %s", in[:n]) + return in[:i], i, fmt.Errorf("invalid single-quoted string: %s", in[:n]) } return out, n, nil } @@ -496,14 +629,26 @@ func consumeTagOption(in string) (string, int, error) { if n > 10 { n = 10 // limit the amount of context printed in the error } - return "", 0, fmt.Errorf("single-quoted string not terminated: %s...", in[:n]) + return in[:i], i, fmt.Errorf("single-quoted string not terminated: %s...", in[:n]) case len(in) == 0: - return "", 0, io.ErrUnexpectedEOF + return in[:i], i, io.ErrUnexpectedEOF default: - return "", 0, fmt.Errorf("invalid character %q at start of option (expecting Unicode letter or single quote)", r) + return in[:i], i, fmt.Errorf("invalid character %q at start of option (expecting Unicode letter or single quote)", r) } } func isLetterOrDigit(r rune) bool { return r == '_' || unicode.IsLetter(r) || unicode.IsNumber(r) } + +// boolsCompare compares x and y, ordering false before true. +func boolsCompare(x, y bool) int { + switch { + case !x && y: + return -1 + default: + return 0 + case x && !y: + return +1 + } +} diff --git a/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/fold.go b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/fold.go index 9ab735814c..973f52e73a 100644 --- a/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/fold.go +++ b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/fold.go @@ -2,6 +2,8 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. +//go:build !goexperiment.jsonv2 || !go1.25 + package json import ( diff --git a/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/intern.go b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/intern.go index 700a56db0b..1bfb8ca633 100644 --- a/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/intern.go +++ b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/intern.go @@ -2,6 +2,8 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. +//go:build !goexperiment.jsonv2 || !go1.25 + package json import ( @@ -10,12 +12,12 @@ import ( ) // stringCache is a cache for strings converted from a []byte. -type stringCache [256]string // 256*unsafe.Sizeof(string("")) => 4KiB +type stringCache = [256]string // 256*unsafe.Sizeof(string("")) => 4KiB -// make returns the string form of b. +// makeString returns the string form of b. // It returns a pre-allocated string from c if present, otherwise // it allocates a new string, inserts it into the cache, and returns it. -func (c *stringCache) make(b []byte) string { +func makeString(c *stringCache, b []byte) string { const ( minCachedLen = 2 // single byte strings are already interned by the runtime maxCachedLen = 256 // large enough for UUIDs, IPv6 addresses, SHA-256 checksums, etc. diff --git a/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal/internal.go b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal/internal.go new file mode 100644 index 0000000000..00b43fa307 --- /dev/null +++ b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal/internal.go @@ -0,0 +1,42 @@ +// Copyright 2023 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +//go:build !goexperiment.jsonv2 || !go1.25 + +package internal + +import "errors" + +// NotForPublicUse is a marker type that an API is for internal use only. +// It does not perfectly prevent usage of that API, but helps to restrict usage. +// Anything with this marker is not covered by the Go compatibility agreement. +type NotForPublicUse struct{} + +// AllowInternalUse is passed from "json" to "jsontext" to authenticate +// that the caller can have access to internal functionality. +var AllowInternalUse NotForPublicUse + +// Sentinel error values internally shared between jsonv1 and jsonv2. +var ( + ErrCycle = errors.New("encountered a cycle") + ErrNonNilReference = errors.New("value must be passed as a non-nil pointer reference") + ErrNilInterface = errors.New("cannot derive concrete type for nil interface with finite type set") +) + +var ( + // TransformMarshalError converts a v2 error into a v1 error. + // It is called only at the top-level of a Marshal function. + TransformMarshalError func(any, error) error + // NewMarshalerError constructs a jsonv1.MarshalerError. + // It is called after a user-defined Marshal method/function fails. + NewMarshalerError func(any, error, string) error + // TransformUnmarshalError converts a v2 error into a v1 error. + // It is called only at the top-level of a Unmarshal function. + TransformUnmarshalError func(any, error) error + + // NewRawNumber returns new(jsonv1.Number). + NewRawNumber func() any + // RawNumberOf returns jsonv1.Number(b). + RawNumberOf func(b []byte) any +) diff --git a/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal/jsonflags/flags.go b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal/jsonflags/flags.go new file mode 100644 index 0000000000..36300011e7 --- /dev/null +++ b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal/jsonflags/flags.go @@ -0,0 +1,215 @@ +// Copyright 2023 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +//go:build !goexperiment.jsonv2 || !go1.25 + +// jsonflags implements all the optional boolean flags. +// These flags are shared across both "json", "jsontext", and "jsonopts". +package jsonflags + +import "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal" + +// Bools represents zero or more boolean flags, all set to true or false. +// The least-significant bit is the boolean value of all flags in the set. +// The remaining bits identify which particular flags. +// +// In common usage, this is OR'd with 0 or 1. For example: +// - (AllowInvalidUTF8 | 0) means "AllowInvalidUTF8 is false" +// - (Multiline | Indent | 1) means "Multiline and Indent are true" +type Bools uint64 + +func (Bools) JSONOptions(internal.NotForPublicUse) {} + +const ( + // AllFlags is the set of all flags. + AllFlags = AllCoderFlags | AllArshalV2Flags | AllArshalV1Flags + + // AllCoderFlags is the set of all encoder/decoder flags. + AllCoderFlags = (maxCoderFlag - 1) - initFlag + + // AllArshalV2Flags is the set of all v2 marshal/unmarshal flags. + AllArshalV2Flags = (maxArshalV2Flag - 1) - (maxCoderFlag - 1) + + // AllArshalV1Flags is the set of all v1 marshal/unmarshal flags. + AllArshalV1Flags = (maxArshalV1Flag - 1) - (maxArshalV2Flag - 1) + + // NonBooleanFlags is the set of non-boolean flags, + // where the value is some other concrete Go type. + // The value of the flag is stored within jsonopts.Struct. + NonBooleanFlags = 0 | + Indent | + IndentPrefix | + ByteLimit | + DepthLimit | + Marshalers | + Unmarshalers + + // DefaultV1Flags is the set of booleans flags that default to true under + // v1 semantics. None of the non-boolean flags differ between v1 and v2. + DefaultV1Flags = 0 | + AllowDuplicateNames | + AllowInvalidUTF8 | + EscapeForHTML | + EscapeForJS | + PreserveRawStrings | + Deterministic | + FormatNilMapAsNull | + FormatNilSliceAsNull | + MatchCaseInsensitiveNames | + CallMethodsWithLegacySemantics | + FormatByteArrayAsArray | + FormatBytesWithLegacySemantics | + FormatDurationAsNano | + MatchCaseSensitiveDelimiter | + MergeWithLegacySemantics | + OmitEmptyWithLegacySemantics | + ParseBytesWithLooseRFC4648 | + ParseTimeWithLooseRFC3339 | + ReportErrorsWithLegacySemantics | + StringifyWithLegacySemantics | + UnmarshalArrayFromAnyLength + + // AnyWhitespace reports whether the encoded output might have any whitespace. + AnyWhitespace = Multiline | SpaceAfterColon | SpaceAfterComma + + // WhitespaceFlags is the set of flags related to whitespace formatting. + // In contrast to AnyWhitespace, this includes Indent and IndentPrefix + // as those settings take no effect if Multiline is false. + WhitespaceFlags = AnyWhitespace | Indent | IndentPrefix + + // AnyEscape is the set of flags related to escaping in a JSON string. + AnyEscape = EscapeForHTML | EscapeForJS + + // CanonicalizeNumbers is the set of flags related to raw number canonicalization. + CanonicalizeNumbers = CanonicalizeRawInts | CanonicalizeRawFloats +) + +// Encoder and decoder flags. +const ( + initFlag Bools = 1 << iota // reserved for the boolean value itself + + AllowDuplicateNames // encode or decode + AllowInvalidUTF8 // encode or decode + WithinArshalCall // encode or decode; for internal use by json.Marshal and json.Unmarshal + OmitTopLevelNewline // encode only; for internal use by json.Marshal and json.MarshalWrite + PreserveRawStrings // encode only + CanonicalizeRawInts // encode only + CanonicalizeRawFloats // encode only + ReorderRawObjects // encode only + EscapeForHTML // encode only + EscapeForJS // encode only + Multiline // encode only + SpaceAfterColon // encode only + SpaceAfterComma // encode only + Indent // encode only; non-boolean flag + IndentPrefix // encode only; non-boolean flag + ByteLimit // encode or decode; non-boolean flag + DepthLimit // encode or decode; non-boolean flag + + maxCoderFlag +) + +// Marshal and Unmarshal flags (for v2). +const ( + _ Bools = (maxCoderFlag >> 1) << iota + + StringifyNumbers // marshal or unmarshal + Deterministic // marshal only + FormatNilMapAsNull // marshal only + FormatNilSliceAsNull // marshal only + OmitZeroStructFields // marshal only + MatchCaseInsensitiveNames // marshal or unmarshal + DiscardUnknownMembers // marshal only + RejectUnknownMembers // unmarshal only + Marshalers // marshal only; non-boolean flag + Unmarshalers // unmarshal only; non-boolean flag + + maxArshalV2Flag +) + +// Marshal and Unmarshal flags (for v1). +const ( + _ Bools = (maxArshalV2Flag >> 1) << iota + + CallMethodsWithLegacySemantics // marshal or unmarshal + FormatByteArrayAsArray // marshal or unmarshal + FormatBytesWithLegacySemantics // marshal or unmarshal + FormatDurationAsNano // marshal or unmarshal + MatchCaseSensitiveDelimiter // marshal or unmarshal + MergeWithLegacySemantics // unmarshal + OmitEmptyWithLegacySemantics // marshal + ParseBytesWithLooseRFC4648 // unmarshal + ParseTimeWithLooseRFC3339 // unmarshal + ReportErrorsWithLegacySemantics // marshal or unmarshal + StringifyWithLegacySemantics // marshal or unmarshal + StringifyBoolsAndStrings // marshal or unmarshal; for internal use by jsonv2.makeStructArshaler + UnmarshalAnyWithRawNumber // unmarshal; for internal use by jsonv1.Decoder.UseNumber + UnmarshalArrayFromAnyLength // unmarshal + + maxArshalV1Flag +) + +// bitsUsed is the number of bits used in the 64-bit boolean flags +const bitsUsed = 42 + +// Static compile check that bitsUsed and maxArshalV1Flag are in sync. +const _ = uint64((1< 0b_110_11011 + dst.Values &= ^src.Presence // e.g., 0b_1000_0011 & 0b_1010_0101 -> 0b_100_00001 + dst.Values |= src.Values // e.g., 0b_1000_0001 | 0b_1001_0010 -> 0b_100_10011 +} + +// Set sets both the presence and value for the provided bool (or set of bools). +func (fs *Flags) Set(f Bools) { + // Select out the bits for the flag identifiers (everything except LSB), + // then set the presence for all the identifier bits (using OR), + // then invert the identifier bits to clear out the values (using AND-NOT), + // then copy over all the identifier bits to the value if LSB is 1. + // e.g., fs := Flags{Presence: 0b_0101_0010, Value: 0b_0001_0010} + // e.g., f := 0b_1001_0001 + id := uint64(f) &^ uint64(1) // e.g., 0b_1001_0001 & 0b_1111_1110 -> 0b_1001_0000 + fs.Presence |= id // e.g., 0b_0101_0010 | 0b_1001_0000 -> 0b_1101_0011 + fs.Values &= ^id // e.g., 0b_0001_0010 & 0b_0110_1111 -> 0b_0000_0010 + fs.Values |= uint64(f&1) * id // e.g., 0b_0000_0010 | 0b_1001_0000 -> 0b_1001_0010 +} + +// Get reports whether the bool (or any of the bools) is true. +// This is generally only used with a singular bool. +// The value bit of f (i.e., the LSB) is ignored. +func (fs Flags) Get(f Bools) bool { + return fs.Values&uint64(f) > 0 +} + +// Has reports whether the bool (or any of the bools) is set. +// The value bit of f (i.e., the LSB) is ignored. +func (fs Flags) Has(f Bools) bool { + return fs.Presence&uint64(f) > 0 +} + +// Clear clears both the presence and value for the provided bool or bools. +// The value bit of f (i.e., the LSB) is ignored. +func (fs *Flags) Clear(f Bools) { + // Invert f to produce a mask to clear all bits in f (using AND). + // e.g., fs := Flags{Presence: 0b_0101_0010, Value: 0b_0001_0010} + // e.g., f := 0b_0001_1000 + mask := uint64(^f) // e.g., 0b_0001_1000 -> 0b_1110_0111 + fs.Presence &= mask // e.g., 0b_0101_0010 & 0b_1110_0111 -> 0b_0100_0010 + fs.Values &= mask // e.g., 0b_0001_0010 & 0b_1110_0111 -> 0b_0000_0010 +} diff --git a/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal/jsonopts/options.go b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal/jsonopts/options.go new file mode 100644 index 0000000000..c4fc8dba8c --- /dev/null +++ b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal/jsonopts/options.go @@ -0,0 +1,202 @@ +// Copyright 2023 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +//go:build !goexperiment.jsonv2 || !go1.25 + +package jsonopts + +import ( + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal" + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal/jsonflags" +) + +// Options is the common options type shared across json packages. +type Options interface { + // JSONOptions is exported so related json packages can implement Options. + JSONOptions(internal.NotForPublicUse) +} + +// Struct is the combination of all options in struct form. +// This is efficient to pass down the call stack and to query. +type Struct struct { + Flags jsonflags.Flags + + CoderValues + ArshalValues +} + +type CoderValues struct { + Indent string // jsonflags.Indent + IndentPrefix string // jsonflags.IndentPrefix + ByteLimit int64 // jsonflags.ByteLimit + DepthLimit int // jsonflags.DepthLimit +} + +type ArshalValues struct { + // The Marshalers and Unmarshalers fields use the any type to avoid a + // concrete dependency on *json.Marshalers and *json.Unmarshalers, + // which would in turn create a dependency on the "reflect" package. + + Marshalers any // jsonflags.Marshalers + Unmarshalers any // jsonflags.Unmarshalers + + Format string + FormatDepth int +} + +// DefaultOptionsV2 is the set of all options that define default v2 behavior. +var DefaultOptionsV2 = Struct{ + Flags: jsonflags.Flags{ + Presence: uint64(jsonflags.AllFlags & ^jsonflags.WhitespaceFlags), + Values: uint64(0), + }, +} + +// DefaultOptionsV1 is the set of all options that define default v1 behavior. +var DefaultOptionsV1 = Struct{ + Flags: jsonflags.Flags{ + Presence: uint64(jsonflags.AllFlags & ^jsonflags.WhitespaceFlags), + Values: uint64(jsonflags.DefaultV1Flags), + }, +} + +func (*Struct) JSONOptions(internal.NotForPublicUse) {} + +// GetUnknownOption is injected by the "json" package to handle Options +// declared in that package so that "jsonopts" can handle them. +var GetUnknownOption = func(Struct, Options) (any, bool) { panic("unknown option") } + +func GetOption[T any](opts Options, setter func(T) Options) (T, bool) { + // Collapse the options to *Struct to simplify lookup. + structOpts, ok := opts.(*Struct) + if !ok { + var structOpts2 Struct + structOpts2.Join(opts) + structOpts = &structOpts2 + } + + // Lookup the option based on the return value of the setter. + var zero T + switch opt := setter(zero).(type) { + case jsonflags.Bools: + v := structOpts.Flags.Get(opt) + ok := structOpts.Flags.Has(opt) + return any(v).(T), ok + case Indent: + if !structOpts.Flags.Has(jsonflags.Indent) { + return zero, false + } + return any(structOpts.Indent).(T), true + case IndentPrefix: + if !structOpts.Flags.Has(jsonflags.IndentPrefix) { + return zero, false + } + return any(structOpts.IndentPrefix).(T), true + case ByteLimit: + if !structOpts.Flags.Has(jsonflags.ByteLimit) { + return zero, false + } + return any(structOpts.ByteLimit).(T), true + case DepthLimit: + if !structOpts.Flags.Has(jsonflags.DepthLimit) { + return zero, false + } + return any(structOpts.DepthLimit).(T), true + default: + v, ok := GetUnknownOption(*structOpts, opt) + return v.(T), ok + } +} + +// JoinUnknownOption is injected by the "json" package to handle Options +// declared in that package so that "jsonopts" can handle them. +var JoinUnknownOption = func(Struct, Options) Struct { panic("unknown option") } + +func (dst *Struct) Join(srcs ...Options) { + dst.join(false, srcs...) +} + +func (dst *Struct) JoinWithoutCoderOptions(srcs ...Options) { + dst.join(true, srcs...) +} + +func (dst *Struct) join(excludeCoderOptions bool, srcs ...Options) { + for _, src := range srcs { + switch src := src.(type) { + case nil: + continue + case jsonflags.Bools: + if excludeCoderOptions { + src &= ^jsonflags.AllCoderFlags + } + dst.Flags.Set(src) + case Indent: + if excludeCoderOptions { + continue + } + dst.Flags.Set(jsonflags.Multiline | jsonflags.Indent | 1) + dst.Indent = string(src) + case IndentPrefix: + if excludeCoderOptions { + continue + } + dst.Flags.Set(jsonflags.Multiline | jsonflags.IndentPrefix | 1) + dst.IndentPrefix = string(src) + case ByteLimit: + if excludeCoderOptions { + continue + } + dst.Flags.Set(jsonflags.ByteLimit | 1) + dst.ByteLimit = int64(src) + case DepthLimit: + if excludeCoderOptions { + continue + } + dst.Flags.Set(jsonflags.DepthLimit | 1) + dst.DepthLimit = int(src) + case *Struct: + srcFlags := src.Flags // shallow copy the flags + if excludeCoderOptions { + srcFlags.Clear(jsonflags.AllCoderFlags) + } + dst.Flags.Join(srcFlags) + if srcFlags.Has(jsonflags.NonBooleanFlags) { + if srcFlags.Has(jsonflags.Indent) { + dst.Indent = src.Indent + } + if srcFlags.Has(jsonflags.IndentPrefix) { + dst.IndentPrefix = src.IndentPrefix + } + if srcFlags.Has(jsonflags.ByteLimit) { + dst.ByteLimit = src.ByteLimit + } + if srcFlags.Has(jsonflags.DepthLimit) { + dst.DepthLimit = src.DepthLimit + } + if srcFlags.Has(jsonflags.Marshalers) { + dst.Marshalers = src.Marshalers + } + if srcFlags.Has(jsonflags.Unmarshalers) { + dst.Unmarshalers = src.Unmarshalers + } + } + default: + *dst = JoinUnknownOption(*dst, src) + } + } +} + +type ( + Indent string // jsontext.WithIndent + IndentPrefix string // jsontext.WithIndentPrefix + ByteLimit int64 // jsontext.WithByteLimit + DepthLimit int // jsontext.WithDepthLimit + // type for jsonflags.Marshalers declared in "json" package + // type for jsonflags.Unmarshalers declared in "json" package +) + +func (Indent) JSONOptions(internal.NotForPublicUse) {} +func (IndentPrefix) JSONOptions(internal.NotForPublicUse) {} +func (ByteLimit) JSONOptions(internal.NotForPublicUse) {} +func (DepthLimit) JSONOptions(internal.NotForPublicUse) {} diff --git a/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal/jsonwire/decode.go b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal/jsonwire/decode.go new file mode 100644 index 0000000000..6a5acb8ec0 --- /dev/null +++ b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal/jsonwire/decode.go @@ -0,0 +1,629 @@ +// Copyright 2023 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +//go:build !goexperiment.jsonv2 || !go1.25 + +package jsonwire + +import ( + "io" + "math" + "slices" + "strconv" + "unicode/utf16" + "unicode/utf8" +) + +type ValueFlags uint + +const ( + _ ValueFlags = (1 << iota) / 2 // powers of two starting with zero + + stringNonVerbatim // string cannot be naively treated as valid UTF-8 + stringNonCanonical // string not formatted according to RFC 8785, section 3.2.2.2. + // TODO: Track whether a number is a non-integer? +) + +func (f *ValueFlags) Join(f2 ValueFlags) { *f |= f2 } +func (f ValueFlags) IsVerbatim() bool { return f&stringNonVerbatim == 0 } +func (f ValueFlags) IsCanonical() bool { return f&stringNonCanonical == 0 } + +// ConsumeWhitespace consumes leading JSON whitespace per RFC 7159, section 2. +func ConsumeWhitespace(b []byte) (n int) { + // NOTE: The arguments and logic are kept simple to keep this inlinable. + for len(b) > n && (b[n] == ' ' || b[n] == '\t' || b[n] == '\r' || b[n] == '\n') { + n++ + } + return n +} + +// ConsumeNull consumes the next JSON null literal per RFC 7159, section 3. +// It returns 0 if it is invalid, in which case consumeLiteral should be used. +func ConsumeNull(b []byte) int { + // NOTE: The arguments and logic are kept simple to keep this inlinable. + const literal = "null" + if len(b) >= len(literal) && string(b[:len(literal)]) == literal { + return len(literal) + } + return 0 +} + +// ConsumeFalse consumes the next JSON false literal per RFC 7159, section 3. +// It returns 0 if it is invalid, in which case consumeLiteral should be used. +func ConsumeFalse(b []byte) int { + // NOTE: The arguments and logic are kept simple to keep this inlinable. + const literal = "false" + if len(b) >= len(literal) && string(b[:len(literal)]) == literal { + return len(literal) + } + return 0 +} + +// ConsumeTrue consumes the next JSON true literal per RFC 7159, section 3. +// It returns 0 if it is invalid, in which case consumeLiteral should be used. +func ConsumeTrue(b []byte) int { + // NOTE: The arguments and logic are kept simple to keep this inlinable. + const literal = "true" + if len(b) >= len(literal) && string(b[:len(literal)]) == literal { + return len(literal) + } + return 0 +} + +// ConsumeLiteral consumes the next JSON literal per RFC 7159, section 3. +// If the input appears truncated, it returns io.ErrUnexpectedEOF. +func ConsumeLiteral(b []byte, lit string) (n int, err error) { + for i := 0; i < len(b) && i < len(lit); i++ { + if b[i] != lit[i] { + return i, NewInvalidCharacterError(b[i:], "in literal "+lit+" (expecting "+strconv.QuoteRune(rune(lit[i]))+")") + } + } + if len(b) < len(lit) { + return len(b), io.ErrUnexpectedEOF + } + return len(lit), nil +} + +// ConsumeSimpleString consumes the next JSON string per RFC 7159, section 7 +// but is limited to the grammar for an ASCII string without escape sequences. +// It returns 0 if it is invalid or more complicated than a simple string, +// in which case consumeString should be called. +// +// It rejects '<', '>', and '&' for compatibility reasons since these were +// always escaped in the v1 implementation. Thus, if this function reports +// non-zero then we know that the string would be encoded the same way +// under both v1 or v2 escape semantics. +func ConsumeSimpleString(b []byte) (n int) { + // NOTE: The arguments and logic are kept simple to keep this inlinable. + if len(b) > 0 && b[0] == '"' { + n++ + for len(b) > n && b[n] < utf8.RuneSelf && escapeASCII[b[n]] == 0 { + n++ + } + if uint(len(b)) > uint(n) && b[n] == '"' { + n++ + return n + } + } + return 0 +} + +// ConsumeString consumes the next JSON string per RFC 7159, section 7. +// If validateUTF8 is false, then this allows the presence of invalid UTF-8 +// characters within the string itself. +// It reports the number of bytes consumed and whether an error was encountered. +// If the input appears truncated, it returns io.ErrUnexpectedEOF. +func ConsumeString(flags *ValueFlags, b []byte, validateUTF8 bool) (n int, err error) { + return ConsumeStringResumable(flags, b, 0, validateUTF8) +} + +// ConsumeStringResumable is identical to consumeString but supports resuming +// from a previous call that returned io.ErrUnexpectedEOF. +func ConsumeStringResumable(flags *ValueFlags, b []byte, resumeOffset int, validateUTF8 bool) (n int, err error) { + // Consume the leading double quote. + switch { + case resumeOffset > 0: + n = resumeOffset // already handled the leading quote + case uint(len(b)) == 0: + return n, io.ErrUnexpectedEOF + case b[0] == '"': + n++ + default: + return n, NewInvalidCharacterError(b[n:], `at start of string (expecting '"')`) + } + + // Consume every character in the string. + for uint(len(b)) > uint(n) { + // Optimize for long sequences of unescaped characters. + noEscape := func(c byte) bool { + return c < utf8.RuneSelf && ' ' <= c && c != '\\' && c != '"' + } + for uint(len(b)) > uint(n) && noEscape(b[n]) { + n++ + } + if uint(len(b)) <= uint(n) { + return n, io.ErrUnexpectedEOF + } + + // Check for terminating double quote. + if b[n] == '"' { + n++ + return n, nil + } + + switch r, rn := utf8.DecodeRune(b[n:]); { + // Handle UTF-8 encoded byte sequence. + // Due to specialized handling of ASCII above, we know that + // all normal sequences at this point must be 2 bytes or larger. + case rn > 1: + n += rn + // Handle escape sequence. + case r == '\\': + flags.Join(stringNonVerbatim) + resumeOffset = n + if uint(len(b)) < uint(n+2) { + return resumeOffset, io.ErrUnexpectedEOF + } + switch r := b[n+1]; r { + case '/': + // Forward slash is the only character with 3 representations. + // Per RFC 8785, section 3.2.2.2., this must not be escaped. + flags.Join(stringNonCanonical) + n += 2 + case '"', '\\', 'b', 'f', 'n', 'r', 't': + n += 2 + case 'u': + if uint(len(b)) < uint(n+6) { + if hasEscapedUTF16Prefix(b[n:], false) { + return resumeOffset, io.ErrUnexpectedEOF + } + flags.Join(stringNonCanonical) + return n, NewInvalidEscapeSequenceError(b[n:]) + } + v1, ok := parseHexUint16(b[n+2 : n+6]) + if !ok { + flags.Join(stringNonCanonical) + return n, NewInvalidEscapeSequenceError(b[n : n+6]) + } + // Only certain control characters can use the \uFFFF notation + // for canonical formatting (per RFC 8785, section 3.2.2.2.). + switch v1 { + // \uFFFF notation not permitted for these characters. + case '\b', '\f', '\n', '\r', '\t': + flags.Join(stringNonCanonical) + default: + // \uFFFF notation only permitted for control characters. + if v1 >= ' ' { + flags.Join(stringNonCanonical) + } else { + // \uFFFF notation must be lower case. + for _, c := range b[n+2 : n+6] { + if 'A' <= c && c <= 'F' { + flags.Join(stringNonCanonical) + } + } + } + } + n += 6 + + r := rune(v1) + if validateUTF8 && utf16.IsSurrogate(r) { + if uint(len(b)) < uint(n+6) { + if hasEscapedUTF16Prefix(b[n:], true) { + return resumeOffset, io.ErrUnexpectedEOF + } + flags.Join(stringNonCanonical) + return n - 6, NewInvalidEscapeSequenceError(b[n-6:]) + } else if v2, ok := parseHexUint16(b[n+2 : n+6]); b[n] != '\\' || b[n+1] != 'u' || !ok { + flags.Join(stringNonCanonical) + return n - 6, NewInvalidEscapeSequenceError(b[n-6 : n+6]) + } else if r = utf16.DecodeRune(rune(v1), rune(v2)); r == utf8.RuneError { + flags.Join(stringNonCanonical) + return n - 6, NewInvalidEscapeSequenceError(b[n-6 : n+6]) + } else { + n += 6 + } + } + default: + flags.Join(stringNonCanonical) + return n, NewInvalidEscapeSequenceError(b[n : n+2]) + } + // Handle invalid UTF-8. + case r == utf8.RuneError: + if !utf8.FullRune(b[n:]) { + return n, io.ErrUnexpectedEOF + } + flags.Join(stringNonVerbatim | stringNonCanonical) + if validateUTF8 { + return n, ErrInvalidUTF8 + } + n++ + // Handle invalid control characters. + case r < ' ': + flags.Join(stringNonVerbatim | stringNonCanonical) + return n, NewInvalidCharacterError(b[n:], "in string (expecting non-control character)") + default: + panic("BUG: unhandled character " + QuoteRune(b[n:])) + } + } + return n, io.ErrUnexpectedEOF +} + +// AppendUnquote appends the unescaped form of a JSON string in src to dst. +// Any invalid UTF-8 within the string will be replaced with utf8.RuneError, +// but the error will be specified as having encountered such an error. +// The input must be an entire JSON string with no surrounding whitespace. +func AppendUnquote[Bytes ~[]byte | ~string](dst []byte, src Bytes) (v []byte, err error) { + dst = slices.Grow(dst, len(src)) + + // Consume the leading double quote. + var i, n int + switch { + case uint(len(src)) == 0: + return dst, io.ErrUnexpectedEOF + case src[0] == '"': + i, n = 1, 1 + default: + return dst, NewInvalidCharacterError(src, `at start of string (expecting '"')`) + } + + // Consume every character in the string. + for uint(len(src)) > uint(n) { + // Optimize for long sequences of unescaped characters. + noEscape := func(c byte) bool { + return c < utf8.RuneSelf && ' ' <= c && c != '\\' && c != '"' + } + for uint(len(src)) > uint(n) && noEscape(src[n]) { + n++ + } + if uint(len(src)) <= uint(n) { + dst = append(dst, src[i:n]...) + return dst, io.ErrUnexpectedEOF + } + + // Check for terminating double quote. + if src[n] == '"' { + dst = append(dst, src[i:n]...) + n++ + if n < len(src) { + err = NewInvalidCharacterError(src[n:], "after string value") + } + return dst, err + } + + switch r, rn := utf8.DecodeRuneInString(string(truncateMaxUTF8(src[n:]))); { + // Handle UTF-8 encoded byte sequence. + // Due to specialized handling of ASCII above, we know that + // all normal sequences at this point must be 2 bytes or larger. + case rn > 1: + n += rn + // Handle escape sequence. + case r == '\\': + dst = append(dst, src[i:n]...) + + // Handle escape sequence. + if uint(len(src)) < uint(n+2) { + return dst, io.ErrUnexpectedEOF + } + switch r := src[n+1]; r { + case '"', '\\', '/': + dst = append(dst, r) + n += 2 + case 'b': + dst = append(dst, '\b') + n += 2 + case 'f': + dst = append(dst, '\f') + n += 2 + case 'n': + dst = append(dst, '\n') + n += 2 + case 'r': + dst = append(dst, '\r') + n += 2 + case 't': + dst = append(dst, '\t') + n += 2 + case 'u': + if uint(len(src)) < uint(n+6) { + if hasEscapedUTF16Prefix(src[n:], false) { + return dst, io.ErrUnexpectedEOF + } + return dst, NewInvalidEscapeSequenceError(src[n:]) + } + v1, ok := parseHexUint16(src[n+2 : n+6]) + if !ok { + return dst, NewInvalidEscapeSequenceError(src[n : n+6]) + } + n += 6 + + // Check whether this is a surrogate half. + r := rune(v1) + if utf16.IsSurrogate(r) { + r = utf8.RuneError // assume failure unless the following succeeds + if uint(len(src)) < uint(n+6) { + if hasEscapedUTF16Prefix(src[n:], true) { + return utf8.AppendRune(dst, r), io.ErrUnexpectedEOF + } + err = NewInvalidEscapeSequenceError(src[n-6:]) + } else if v2, ok := parseHexUint16(src[n+2 : n+6]); src[n] != '\\' || src[n+1] != 'u' || !ok { + err = NewInvalidEscapeSequenceError(src[n-6 : n+6]) + } else if r = utf16.DecodeRune(rune(v1), rune(v2)); r == utf8.RuneError { + err = NewInvalidEscapeSequenceError(src[n-6 : n+6]) + } else { + n += 6 + } + } + + dst = utf8.AppendRune(dst, r) + default: + return dst, NewInvalidEscapeSequenceError(src[n : n+2]) + } + i = n + // Handle invalid UTF-8. + case r == utf8.RuneError: + dst = append(dst, src[i:n]...) + if !utf8.FullRuneInString(string(truncateMaxUTF8(src[n:]))) { + return dst, io.ErrUnexpectedEOF + } + // NOTE: An unescaped string may be longer than the escaped string + // because invalid UTF-8 bytes are being replaced. + dst = append(dst, "\uFFFD"...) + n += rn + i = n + err = ErrInvalidUTF8 + // Handle invalid control characters. + case r < ' ': + dst = append(dst, src[i:n]...) + return dst, NewInvalidCharacterError(src[n:], "in string (expecting non-control character)") + default: + panic("BUG: unhandled character " + QuoteRune(src[n:])) + } + } + dst = append(dst, src[i:n]...) + return dst, io.ErrUnexpectedEOF +} + +// hasEscapedUTF16Prefix reports whether b is possibly +// the truncated prefix of a \uFFFF escape sequence. +func hasEscapedUTF16Prefix[Bytes ~[]byte | ~string](b Bytes, lowerSurrogateHalf bool) bool { + for i := range len(b) { + switch c := b[i]; { + case i == 0 && c != '\\': + return false + case i == 1 && c != 'u': + return false + case i == 2 && lowerSurrogateHalf && c != 'd' && c != 'D': + return false // not within ['\uDC00':'\uDFFF'] + case i == 3 && lowerSurrogateHalf && !('c' <= c && c <= 'f') && !('C' <= c && c <= 'F'): + return false // not within ['\uDC00':'\uDFFF'] + case i >= 2 && i < 6 && !('0' <= c && c <= '9') && !('a' <= c && c <= 'f') && !('A' <= c && c <= 'F'): + return false + } + } + return true +} + +// UnquoteMayCopy returns the unescaped form of b. +// If there are no escaped characters, the output is simply a subslice of +// the input with the surrounding quotes removed. +// Otherwise, a new buffer is allocated for the output. +// It assumes the input is valid. +func UnquoteMayCopy(b []byte, isVerbatim bool) []byte { + // NOTE: The arguments and logic are kept simple to keep this inlinable. + if isVerbatim { + return b[len(`"`) : len(b)-len(`"`)] + } + b, _ = AppendUnquote(nil, b) + return b +} + +// ConsumeSimpleNumber consumes the next JSON number per RFC 7159, section 6 +// but is limited to the grammar for a positive integer. +// It returns 0 if it is invalid or more complicated than a simple integer, +// in which case consumeNumber should be called. +func ConsumeSimpleNumber(b []byte) (n int) { + // NOTE: The arguments and logic are kept simple to keep this inlinable. + if len(b) > 0 { + if b[0] == '0' { + n++ + } else if '1' <= b[0] && b[0] <= '9' { + n++ + for len(b) > n && ('0' <= b[n] && b[n] <= '9') { + n++ + } + } else { + return 0 + } + if uint(len(b)) <= uint(n) || (b[n] != '.' && b[n] != 'e' && b[n] != 'E') { + return n + } + } + return 0 +} + +type ConsumeNumberState uint + +const ( + consumeNumberInit ConsumeNumberState = iota + beforeIntegerDigits + withinIntegerDigits + beforeFractionalDigits + withinFractionalDigits + beforeExponentDigits + withinExponentDigits +) + +// ConsumeNumber consumes the next JSON number per RFC 7159, section 6. +// It reports the number of bytes consumed and whether an error was encountered. +// If the input appears truncated, it returns io.ErrUnexpectedEOF. +// +// Note that JSON numbers are not self-terminating. +// If the entire input is consumed, then the caller needs to consider whether +// there may be subsequent unread data that may still be part of this number. +func ConsumeNumber(b []byte) (n int, err error) { + n, _, err = ConsumeNumberResumable(b, 0, consumeNumberInit) + return n, err +} + +// ConsumeNumberResumable is identical to consumeNumber but supports resuming +// from a previous call that returned io.ErrUnexpectedEOF. +func ConsumeNumberResumable(b []byte, resumeOffset int, state ConsumeNumberState) (n int, _ ConsumeNumberState, err error) { + // Jump to the right state when resuming from a partial consumption. + n = resumeOffset + if state > consumeNumberInit { + switch state { + case withinIntegerDigits, withinFractionalDigits, withinExponentDigits: + // Consume leading digits. + for uint(len(b)) > uint(n) && ('0' <= b[n] && b[n] <= '9') { + n++ + } + if uint(len(b)) <= uint(n) { + return n, state, nil // still within the same state + } + state++ // switches "withinX" to "beforeY" where Y is the state after X + } + switch state { + case beforeIntegerDigits: + goto beforeInteger + case beforeFractionalDigits: + goto beforeFractional + case beforeExponentDigits: + goto beforeExponent + default: + return n, state, nil + } + } + + // Consume required integer component (with optional minus sign). +beforeInteger: + resumeOffset = n + if uint(len(b)) > 0 && b[0] == '-' { + n++ + } + switch { + case uint(len(b)) <= uint(n): + return resumeOffset, beforeIntegerDigits, io.ErrUnexpectedEOF + case b[n] == '0': + n++ + state = beforeFractionalDigits + case '1' <= b[n] && b[n] <= '9': + n++ + for uint(len(b)) > uint(n) && ('0' <= b[n] && b[n] <= '9') { + n++ + } + state = withinIntegerDigits + default: + return n, state, NewInvalidCharacterError(b[n:], "in number (expecting digit)") + } + + // Consume optional fractional component. +beforeFractional: + if uint(len(b)) > uint(n) && b[n] == '.' { + resumeOffset = n + n++ + switch { + case uint(len(b)) <= uint(n): + return resumeOffset, beforeFractionalDigits, io.ErrUnexpectedEOF + case '0' <= b[n] && b[n] <= '9': + n++ + default: + return n, state, NewInvalidCharacterError(b[n:], "in number (expecting digit)") + } + for uint(len(b)) > uint(n) && ('0' <= b[n] && b[n] <= '9') { + n++ + } + state = withinFractionalDigits + } + + // Consume optional exponent component. +beforeExponent: + if uint(len(b)) > uint(n) && (b[n] == 'e' || b[n] == 'E') { + resumeOffset = n + n++ + if uint(len(b)) > uint(n) && (b[n] == '-' || b[n] == '+') { + n++ + } + switch { + case uint(len(b)) <= uint(n): + return resumeOffset, beforeExponentDigits, io.ErrUnexpectedEOF + case '0' <= b[n] && b[n] <= '9': + n++ + default: + return n, state, NewInvalidCharacterError(b[n:], "in number (expecting digit)") + } + for uint(len(b)) > uint(n) && ('0' <= b[n] && b[n] <= '9') { + n++ + } + state = withinExponentDigits + } + + return n, state, nil +} + +// parseHexUint16 is similar to strconv.ParseUint, +// but operates directly on []byte and is optimized for base-16. +// See https://go.dev/issue/42429. +func parseHexUint16[Bytes ~[]byte | ~string](b Bytes) (v uint16, ok bool) { + if len(b) != 4 { + return 0, false + } + for i := range 4 { + c := b[i] + switch { + case '0' <= c && c <= '9': + c = c - '0' + case 'a' <= c && c <= 'f': + c = 10 + c - 'a' + case 'A' <= c && c <= 'F': + c = 10 + c - 'A' + default: + return 0, false + } + v = v*16 + uint16(c) + } + return v, true +} + +// ParseUint parses b as a decimal unsigned integer according to +// a strict subset of the JSON number grammar, returning the value if valid. +// It returns (0, false) if there is a syntax error and +// returns (math.MaxUint64, false) if there is an overflow. +func ParseUint(b []byte) (v uint64, ok bool) { + const unsafeWidth = 20 // len(fmt.Sprint(uint64(math.MaxUint64))) + var n int + for ; len(b) > n && ('0' <= b[n] && b[n] <= '9'); n++ { + v = 10*v + uint64(b[n]-'0') + } + switch { + case n == 0 || len(b) != n || (b[0] == '0' && string(b) != "0"): + return 0, false + case n >= unsafeWidth && (b[0] != '1' || v < 1e19 || n > unsafeWidth): + return math.MaxUint64, false + } + return v, true +} + +// ParseFloat parses a floating point number according to the Go float grammar. +// Note that the JSON number grammar is a strict subset. +// +// If the number overflows the finite representation of a float, +// then we return MaxFloat since any finite value will always be infinitely +// more accurate at representing another finite value than an infinite value. +func ParseFloat(b []byte, bits int) (v float64, ok bool) { + fv, err := strconv.ParseFloat(string(b), bits) + if math.IsInf(fv, 0) { + switch { + case bits == 32 && math.IsInf(fv, +1): + fv = +math.MaxFloat32 + case bits == 64 && math.IsInf(fv, +1): + fv = +math.MaxFloat64 + case bits == 32 && math.IsInf(fv, -1): + fv = -math.MaxFloat32 + case bits == 64 && math.IsInf(fv, -1): + fv = -math.MaxFloat64 + } + } + return fv, err == nil +} diff --git a/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal/jsonwire/encode.go b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal/jsonwire/encode.go new file mode 100644 index 0000000000..e74ed713ea --- /dev/null +++ b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal/jsonwire/encode.go @@ -0,0 +1,290 @@ +// Copyright 2023 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +//go:build !goexperiment.jsonv2 || !go1.25 + +package jsonwire + +import ( + "math" + "slices" + "strconv" + "unicode/utf16" + "unicode/utf8" + + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal/jsonflags" +) + +// escapeASCII reports whether the ASCII character needs to be escaped. +// It conservatively assumes EscapeForHTML. +var escapeASCII = [...]uint8{ + 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, // escape control characters + 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, // escape control characters + 0, 0, 1, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, // escape '"' and '&' + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 1, 0, // escape '<' and '>' + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, // escape '\\' + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, +} + +// NeedEscape reports whether src needs escaping of any characters. +// It conservatively assumes EscapeForHTML and EscapeForJS. +// It reports true for inputs with invalid UTF-8. +func NeedEscape[Bytes ~[]byte | ~string](src Bytes) bool { + var i int + for uint(len(src)) > uint(i) { + if c := src[i]; c < utf8.RuneSelf { + if escapeASCII[c] > 0 { + return true + } + i++ + } else { + r, rn := utf8.DecodeRuneInString(string(truncateMaxUTF8(src[i:]))) + if r == utf8.RuneError || r == '\u2028' || r == '\u2029' { + return true + } + i += rn + } + } + return false +} + +// AppendQuote appends src to dst as a JSON string per RFC 7159, section 7. +// +// It takes in flags and respects the following: +// - EscapeForHTML escapes '<', '>', and '&'. +// - EscapeForJS escapes '\u2028' and '\u2029'. +// - AllowInvalidUTF8 avoids reporting an error for invalid UTF-8. +// +// Regardless of whether AllowInvalidUTF8 is specified, +// invalid bytes are replaced with the Unicode replacement character ('\ufffd'). +// If no escape flags are set, then the shortest representable form is used, +// which is also the canonical form for strings (RFC 8785, section 3.2.2.2). +func AppendQuote[Bytes ~[]byte | ~string](dst []byte, src Bytes, flags *jsonflags.Flags) ([]byte, error) { + var i, n int + var hasInvalidUTF8 bool + dst = slices.Grow(dst, len(`"`)+len(src)+len(`"`)) + dst = append(dst, '"') + for uint(len(src)) > uint(n) { + if c := src[n]; c < utf8.RuneSelf { + // Handle single-byte ASCII. + n++ + if escapeASCII[c] == 0 { + continue // no escaping possibly needed + } + // Handle escaping of single-byte ASCII. + if !(c == '<' || c == '>' || c == '&') || flags.Get(jsonflags.EscapeForHTML) { + dst = append(dst, src[i:n-1]...) + dst = appendEscapedASCII(dst, c) + i = n + } + } else { + // Handle multi-byte Unicode. + r, rn := utf8.DecodeRuneInString(string(truncateMaxUTF8(src[n:]))) + n += rn + if r != utf8.RuneError && r != '\u2028' && r != '\u2029' { + continue // no escaping possibly needed + } + // Handle escaping of multi-byte Unicode. + switch { + case isInvalidUTF8(r, rn): + hasInvalidUTF8 = true + dst = append(dst, src[i:n-rn]...) + dst = append(dst, "\ufffd"...) + i = n + case (r == '\u2028' || r == '\u2029') && flags.Get(jsonflags.EscapeForJS): + dst = append(dst, src[i:n-rn]...) + dst = appendEscapedUnicode(dst, r) + i = n + } + } + } + dst = append(dst, src[i:n]...) + dst = append(dst, '"') + if hasInvalidUTF8 && !flags.Get(jsonflags.AllowInvalidUTF8) { + return dst, ErrInvalidUTF8 + } + return dst, nil +} + +func appendEscapedASCII(dst []byte, c byte) []byte { + switch c { + case '"', '\\': + dst = append(dst, '\\', c) + case '\b': + dst = append(dst, "\\b"...) + case '\f': + dst = append(dst, "\\f"...) + case '\n': + dst = append(dst, "\\n"...) + case '\r': + dst = append(dst, "\\r"...) + case '\t': + dst = append(dst, "\\t"...) + default: + dst = appendEscapedUTF16(dst, uint16(c)) + } + return dst +} + +func appendEscapedUnicode(dst []byte, r rune) []byte { + if r1, r2 := utf16.EncodeRune(r); r1 != '\ufffd' && r2 != '\ufffd' { + dst = appendEscapedUTF16(dst, uint16(r1)) + dst = appendEscapedUTF16(dst, uint16(r2)) + } else { + dst = appendEscapedUTF16(dst, uint16(r)) + } + return dst +} + +func appendEscapedUTF16(dst []byte, x uint16) []byte { + const hex = "0123456789abcdef" + return append(dst, '\\', 'u', hex[(x>>12)&0xf], hex[(x>>8)&0xf], hex[(x>>4)&0xf], hex[(x>>0)&0xf]) +} + +// ReformatString consumes a JSON string from src and appends it to dst, +// reformatting it if necessary according to the specified flags. +// It returns the appended output and the number of consumed input bytes. +func ReformatString(dst, src []byte, flags *jsonflags.Flags) ([]byte, int, error) { + // TODO: Should this update ValueFlags as input? + var valFlags ValueFlags + n, err := ConsumeString(&valFlags, src, !flags.Get(jsonflags.AllowInvalidUTF8)) + if err != nil { + return dst, n, err + } + + // If the output requires no special escapes, and the input + // is already in canonical form or should be preserved verbatim, + // then directly copy the input to the output. + if !flags.Get(jsonflags.AnyEscape) && + (valFlags.IsCanonical() || flags.Get(jsonflags.PreserveRawStrings)) { + dst = append(dst, src[:n]...) // copy the string verbatim + return dst, n, nil + } + + // Under [jsonflags.PreserveRawStrings], any pre-escaped sequences + // remain escaped, however we still need to respect the + // [jsonflags.EscapeForHTML] and [jsonflags.EscapeForJS] options. + if flags.Get(jsonflags.PreserveRawStrings) { + var i, lastAppendIndex int + for i < n { + if c := src[i]; c < utf8.RuneSelf { + if (c == '<' || c == '>' || c == '&') && flags.Get(jsonflags.EscapeForHTML) { + dst = append(dst, src[lastAppendIndex:i]...) + dst = appendEscapedASCII(dst, c) + lastAppendIndex = i + 1 + } + i++ + } else { + r, rn := utf8.DecodeRune(truncateMaxUTF8(src[i:])) + if (r == '\u2028' || r == '\u2029') && flags.Get(jsonflags.EscapeForJS) { + dst = append(dst, src[lastAppendIndex:i]...) + dst = appendEscapedUnicode(dst, r) + lastAppendIndex = i + rn + } + i += rn + } + } + return append(dst, src[lastAppendIndex:n]...), n, nil + } + + // The input contains characters that might need escaping, + // unnecessary escape sequences, or invalid UTF-8. + // Perform a round-trip unquote and quote to properly reformat + // these sequences according the current flags. + b, _ := AppendUnquote(nil, src[:n]) + dst, _ = AppendQuote(dst, b, flags) + return dst, n, nil +} + +// AppendFloat appends src to dst as a JSON number per RFC 7159, section 6. +// It formats numbers similar to the ES6 number-to-string conversion. +// See https://go.dev/issue/14135. +// +// The output is identical to ECMA-262, 6th edition, section 7.1.12.1 and with +// RFC 8785, section 3.2.2.3 for 64-bit floating-point numbers except for -0, +// which is formatted as -0 instead of just 0. +// +// For 32-bit floating-point numbers, +// the output is a 32-bit equivalent of the algorithm. +// Note that ECMA-262 specifies no algorithm for 32-bit numbers. +func AppendFloat(dst []byte, src float64, bits int) []byte { + if bits == 32 { + src = float64(float32(src)) + } + + abs := math.Abs(src) + fmt := byte('f') + if abs != 0 { + if bits == 64 && (float64(abs) < 1e-6 || float64(abs) >= 1e21) || + bits == 32 && (float32(abs) < 1e-6 || float32(abs) >= 1e21) { + fmt = 'e' + } + } + dst = strconv.AppendFloat(dst, src, fmt, -1, bits) + if fmt == 'e' { + // Clean up e-09 to e-9. + n := len(dst) + if n >= 4 && dst[n-4] == 'e' && dst[n-3] == '-' && dst[n-2] == '0' { + dst[n-2] = dst[n-1] + dst = dst[:n-1] + } + } + return dst +} + +// ReformatNumber consumes a JSON string from src and appends it to dst, +// canonicalizing it if specified. +// It returns the appended output and the number of consumed input bytes. +func ReformatNumber(dst, src []byte, flags *jsonflags.Flags) ([]byte, int, error) { + n, err := ConsumeNumber(src) + if err != nil { + return dst, n, err + } + if !flags.Get(jsonflags.CanonicalizeNumbers) { + dst = append(dst, src[:n]...) // copy the number verbatim + return dst, n, nil + } + + // Identify the kind of number. + var isFloat bool + for _, c := range src[:n] { + if c == '.' || c == 'e' || c == 'E' { + isFloat = true // has fraction or exponent + break + } + } + + // Check if need to canonicalize this kind of number. + switch { + case string(src[:n]) == "-0": + break // canonicalize -0 as 0 regardless of kind + case isFloat: + if !flags.Get(jsonflags.CanonicalizeRawFloats) { + dst = append(dst, src[:n]...) // copy the number verbatim + return dst, n, nil + } + default: + // As an optimization, we can copy integer numbers below 2⁵³ verbatim + // since the canonical form is always identical. + const maxExactIntegerDigits = 16 // len(strconv.AppendUint(nil, 1<<53, 10)) + if !flags.Get(jsonflags.CanonicalizeRawInts) || n < maxExactIntegerDigits { + dst = append(dst, src[:n]...) // copy the number verbatim + return dst, n, nil + } + } + + // Parse and reformat the number (which uses a canonical format). + fv, _ := strconv.ParseFloat(string(src[:n]), 64) + switch { + case fv == 0: + fv = 0 // normalize negative zero as just zero + case math.IsInf(fv, +1): + fv = +math.MaxFloat64 + case math.IsInf(fv, -1): + fv = -math.MaxFloat64 + } + return AppendFloat(dst, fv, 64), n, nil +} diff --git a/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal/jsonwire/wire.go b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal/jsonwire/wire.go new file mode 100644 index 0000000000..a0622c65b8 --- /dev/null +++ b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal/jsonwire/wire.go @@ -0,0 +1,217 @@ +// Copyright 2023 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +//go:build !goexperiment.jsonv2 || !go1.25 + +// Package jsonwire implements stateless functionality for handling JSON text. +package jsonwire + +import ( + "cmp" + "errors" + "strconv" + "strings" + "unicode" + "unicode/utf16" + "unicode/utf8" +) + +// TrimSuffixWhitespace trims JSON from the end of b. +func TrimSuffixWhitespace(b []byte) []byte { + // NOTE: The arguments and logic are kept simple to keep this inlinable. + n := len(b) - 1 + for n >= 0 && (b[n] == ' ' || b[n] == '\t' || b[n] == '\r' || b[n] == '\n') { + n-- + } + return b[:n+1] +} + +// TrimSuffixString trims a valid JSON string at the end of b. +// The behavior is undefined if there is not a valid JSON string present. +func TrimSuffixString(b []byte) []byte { + // NOTE: The arguments and logic are kept simple to keep this inlinable. + if len(b) > 0 && b[len(b)-1] == '"' { + b = b[:len(b)-1] + } + for len(b) >= 2 && !(b[len(b)-1] == '"' && b[len(b)-2] != '\\') { + b = b[:len(b)-1] // trim all characters except an unescaped quote + } + if len(b) > 0 && b[len(b)-1] == '"' { + b = b[:len(b)-1] + } + return b +} + +// HasSuffixByte reports whether b ends with c. +func HasSuffixByte(b []byte, c byte) bool { + // NOTE: The arguments and logic are kept simple to keep this inlinable. + return len(b) > 0 && b[len(b)-1] == c +} + +// TrimSuffixByte removes c from the end of b if it is present. +func TrimSuffixByte(b []byte, c byte) []byte { + // NOTE: The arguments and logic are kept simple to keep this inlinable. + if len(b) > 0 && b[len(b)-1] == c { + return b[:len(b)-1] + } + return b +} + +// QuoteRune quotes the first rune in the input. +func QuoteRune[Bytes ~[]byte | ~string](b Bytes) string { + r, n := utf8.DecodeRuneInString(string(truncateMaxUTF8(b))) + if r == utf8.RuneError && n == 1 { + return `'\x` + strconv.FormatUint(uint64(b[0]), 16) + `'` + } + return strconv.QuoteRune(r) +} + +// CompareUTF16 lexicographically compares x to y according +// to the UTF-16 codepoints of the UTF-8 encoded input strings. +// This implements the ordering specified in RFC 8785, section 3.2.3. +func CompareUTF16[Bytes ~[]byte | ~string](x, y Bytes) int { + // NOTE: This is an optimized, mostly allocation-free implementation + // of CompareUTF16Simple in wire_test.go. FuzzCompareUTF16 verifies that the + // two implementations agree on the result of comparing any two strings. + isUTF16Self := func(r rune) bool { + return ('\u0000' <= r && r <= '\uD7FF') || ('\uE000' <= r && r <= '\uFFFF') + } + + for { + if len(x) == 0 || len(y) == 0 { + return cmp.Compare(len(x), len(y)) + } + + // ASCII fast-path. + if x[0] < utf8.RuneSelf || y[0] < utf8.RuneSelf { + if x[0] != y[0] { + return cmp.Compare(x[0], y[0]) + } + x, y = x[1:], y[1:] + continue + } + + // Decode next pair of runes as UTF-8. + rx, nx := utf8.DecodeRuneInString(string(truncateMaxUTF8(x))) + ry, ny := utf8.DecodeRuneInString(string(truncateMaxUTF8(y))) + + selfx := isUTF16Self(rx) + selfy := isUTF16Self(ry) + switch { + // The x rune is a single UTF-16 codepoint, while + // the y rune is a surrogate pair of UTF-16 codepoints. + case selfx && !selfy: + ry, _ = utf16.EncodeRune(ry) + // The y rune is a single UTF-16 codepoint, while + // the x rune is a surrogate pair of UTF-16 codepoints. + case selfy && !selfx: + rx, _ = utf16.EncodeRune(rx) + } + if rx != ry { + return cmp.Compare(rx, ry) + } + + // Check for invalid UTF-8, in which case, + // we just perform a byte-for-byte comparison. + if isInvalidUTF8(rx, nx) || isInvalidUTF8(ry, ny) { + if x[0] != y[0] { + return cmp.Compare(x[0], y[0]) + } + } + x, y = x[nx:], y[ny:] + } +} + +// truncateMaxUTF8 truncates b such it contains at least one rune. +// +// The utf8 package currently lacks generic variants, which complicates +// generic functions that operates on either []byte or string. +// As a hack, we always call the utf8 function operating on strings, +// but always truncate the input such that the result is identical. +// +// Example usage: +// +// utf8.DecodeRuneInString(string(truncateMaxUTF8(b))) +// +// Converting a []byte to a string is stack allocated since +// truncateMaxUTF8 guarantees that the []byte is short. +func truncateMaxUTF8[Bytes ~[]byte | ~string](b Bytes) Bytes { + // TODO(https://go.dev/issue/56948): Remove this function and + // instead directly call generic utf8 functions wherever used. + if len(b) > utf8.UTFMax { + return b[:utf8.UTFMax] + } + return b +} + +// TODO(https://go.dev/issue/70547): Use utf8.ErrInvalid instead. +var ErrInvalidUTF8 = errors.New("invalid UTF-8") + +func NewInvalidCharacterError[Bytes ~[]byte | ~string](prefix Bytes, where string) error { + what := QuoteRune(prefix) + return errors.New("invalid character " + what + " " + where) +} + +func NewInvalidEscapeSequenceError[Bytes ~[]byte | ~string](what Bytes) error { + label := "escape sequence" + if len(what) > 6 { + label = "surrogate pair" + } + needEscape := strings.IndexFunc(string(what), func(r rune) bool { + return r == '`' || r == utf8.RuneError || unicode.IsSpace(r) || !unicode.IsPrint(r) + }) >= 0 + if needEscape { + return errors.New("invalid " + label + " " + strconv.Quote(string(what)) + " in string") + } else { + return errors.New("invalid " + label + " `" + string(what) + "` in string") + } +} + +// TruncatePointer optionally truncates the JSON pointer, +// enforcing that the length roughly does not exceed n. +func TruncatePointer(s string, n int) string { + if len(s) <= n { + return s + } + i := n / 2 + j := len(s) - n/2 + + // Avoid truncating a name if there are multiple names present. + if k := strings.LastIndexByte(s[:i], '/'); k > 0 { + i = k + } + if k := strings.IndexByte(s[j:], '/'); k >= 0 { + j += k + len("/") + } + + // Avoid truncation in the middle of a UTF-8 rune. + for i > 0 && isInvalidUTF8(utf8.DecodeLastRuneInString(s[:i])) { + i-- + } + for j < len(s) && isInvalidUTF8(utf8.DecodeRuneInString(s[j:])) { + j++ + } + + // Determine the right middle fragment to use. + var middle string + switch strings.Count(s[i:j], "/") { + case 0: + middle = "…" + case 1: + middle = "…/…" + default: + middle = "…/…/…" + } + if strings.HasPrefix(s[i:j], "/") && middle != "…" { + middle = strings.TrimPrefix(middle, "…") + } + if strings.HasSuffix(s[i:j], "/") && middle != "…" { + middle = strings.TrimSuffix(middle, "…") + } + return s[:i] + middle + s[j:] +} + +func isInvalidUTF8(r rune, rn int) bool { + return r == utf8.RuneError && rn == 1 +} diff --git a/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext/alias.go b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext/alias.go new file mode 100644 index 0000000000..dc18d5d55d --- /dev/null +++ b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext/alias.go @@ -0,0 +1,536 @@ +// Copyright 2025 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +// Code generated by alias_gen.go; DO NOT EDIT. + +//go:build goexperiment.jsonv2 && go1.25 + +// Package jsontext implements syntactic processing of JSON +// as specified in RFC 4627, RFC 7159, RFC 7493, RFC 8259, and RFC 8785. +// JSON is a simple data interchange format that can represent +// primitive data types such as booleans, strings, and numbers, +// in addition to structured data types such as objects and arrays. +// +// The [Encoder] and [Decoder] types are used to encode or decode +// a stream of JSON tokens or values. +// +// # Tokens and Values +// +// A JSON token refers to the basic structural elements of JSON: +// +// - a JSON literal (i.e., null, true, or false) +// - a JSON string (e.g., "hello, world!") +// - a JSON number (e.g., 123.456) +// - a begin or end delimiter for a JSON object (i.e., '{' or '}') +// - a begin or end delimiter for a JSON array (i.e., '[' or ']') +// +// A JSON token is represented by the [Token] type in Go. Technically, +// there are two additional structural characters (i.e., ':' and ','), +// but there is no [Token] representation for them since their presence +// can be inferred by the structure of the JSON grammar itself. +// For example, there must always be an implicit colon between +// the name and value of a JSON object member. +// +// A JSON value refers to a complete unit of JSON data: +// +// - a JSON literal, string, or number +// - a JSON object (e.g., `{"name":"value"}`) +// - a JSON array (e.g., `[1,2,3,]`) +// +// A JSON value is represented by the [Value] type in Go and is a []byte +// containing the raw textual representation of the value. There is some overlap +// between tokens and values as both contain literals, strings, and numbers. +// However, only a value can represent the entirety of a JSON object or array. +// +// The [Encoder] and [Decoder] types contain methods to read or write the next +// [Token] or [Value] in a sequence. They maintain a state machine to validate +// whether the sequence of JSON tokens and/or values produces a valid JSON. +// [Options] may be passed to the [NewEncoder] or [NewDecoder] constructors +// to configure the syntactic behavior of encoding and decoding. +// +// # Terminology +// +// The terms "encode" and "decode" are used for syntactic functionality +// that is concerned with processing JSON based on its grammar, and +// the terms "marshal" and "unmarshal" are used for semantic functionality +// that determines the meaning of JSON values as Go values and vice-versa. +// This package (i.e., [jsontext]) deals with JSON at a syntactic layer, +// while [encoding/json/v2] deals with JSON at a semantic layer. +// The goal is to provide a clear distinction between functionality that +// is purely concerned with encoding versus that of marshaling. +// For example, one can directly encode a stream of JSON tokens without +// needing to marshal a concrete Go value representing them. +// Similarly, one can decode a stream of JSON tokens without +// needing to unmarshal them into a concrete Go value. +// +// This package uses JSON terminology when discussing JSON, which may differ +// from related concepts in Go or elsewhere in computing literature. +// +// - a JSON "object" refers to an unordered collection of name/value members. +// - a JSON "array" refers to an ordered sequence of elements. +// - a JSON "value" refers to either a literal (i.e., null, false, or true), +// string, number, object, or array. +// +// See RFC 8259 for more information. +// +// # Specifications +// +// Relevant specifications include RFC 4627, RFC 7159, RFC 7493, RFC 8259, +// and RFC 8785. Each RFC is generally a stricter subset of another RFC. +// In increasing order of strictness: +// +// - RFC 4627 and RFC 7159 do not require (but recommend) the use of UTF-8 +// and also do not require (but recommend) that object names be unique. +// - RFC 8259 requires the use of UTF-8, +// but does not require (but recommends) that object names be unique. +// - RFC 7493 requires the use of UTF-8 +// and also requires that object names be unique. +// - RFC 8785 defines a canonical representation. It requires the use of UTF-8 +// and also requires that object names be unique and in a specific ordering. +// It specifies exactly how strings and numbers must be formatted. +// +// The primary difference between RFC 4627 and RFC 7159 is that the former +// restricted top-level values to only JSON objects and arrays, while +// RFC 7159 and subsequent RFCs permit top-level values to additionally be +// JSON nulls, booleans, strings, or numbers. +// +// By default, this package operates on RFC 7493, but can be configured +// to operate according to the other RFC specifications. +// RFC 7493 is a stricter subset of RFC 8259 and fully compliant with it. +// In particular, it makes specific choices about behavior that RFC 8259 +// leaves as undefined in order to ensure greater interoperability. +// +// # Security Considerations +// +// See the "Security Considerations" section in [encoding/json/v2]. +package jsontext + +import ( + "encoding/json/jsontext" + "io" +) + +// Decoder is a streaming decoder for raw JSON tokens and values. +// It is used to read a stream of top-level JSON values, +// each separated by optional whitespace characters. +// +// [Decoder.ReadToken] and [Decoder.ReadValue] calls may be interleaved. +// For example, the following JSON value: +// +// {"name":"value","array":[null,false,true,3.14159],"object":{"k":"v"}} +// +// can be parsed with the following calls (ignoring errors for brevity): +// +// d.ReadToken() // { +// d.ReadToken() // "name" +// d.ReadToken() // "value" +// d.ReadValue() // "array" +// d.ReadToken() // [ +// d.ReadToken() // null +// d.ReadToken() // false +// d.ReadValue() // true +// d.ReadToken() // 3.14159 +// d.ReadToken() // ] +// d.ReadValue() // "object" +// d.ReadValue() // {"k":"v"} +// d.ReadToken() // } +// +// The above is one of many possible sequence of calls and +// may not represent the most sensible method to call for any given token/value. +// For example, it is probably more common to call [Decoder.ReadToken] to obtain a +// string token for object names. +type Decoder = jsontext.Decoder + +// NewDecoder constructs a new streaming decoder reading from r. +// +// If r is a [bytes.Buffer], then the decoder parses directly from the buffer +// without first copying the contents to an intermediate buffer. +// Additional writes to the buffer must not occur while the decoder is in use. +func NewDecoder(r io.Reader, opts ...Options) *Decoder { + return jsontext.NewDecoder(r, opts...) +} + +// Encoder is a streaming encoder from raw JSON tokens and values. +// It is used to write a stream of top-level JSON values, +// each terminated with a newline character. +// +// [Encoder.WriteToken] and [Encoder.WriteValue] calls may be interleaved. +// For example, the following JSON value: +// +// {"name":"value","array":[null,false,true,3.14159],"object":{"k":"v"}} +// +// can be composed with the following calls (ignoring errors for brevity): +// +// e.WriteToken(BeginObject) // { +// e.WriteToken(String("name")) // "name" +// e.WriteToken(String("value")) // "value" +// e.WriteValue(Value(`"array"`)) // "array" +// e.WriteToken(BeginArray) // [ +// e.WriteToken(Null) // null +// e.WriteToken(False) // false +// e.WriteValue(Value("true")) // true +// e.WriteToken(Float(3.14159)) // 3.14159 +// e.WriteToken(EndArray) // ] +// e.WriteValue(Value(`"object"`)) // "object" +// e.WriteValue(Value(`{"k":"v"}`)) // {"k":"v"} +// e.WriteToken(EndObject) // } +// +// The above is one of many possible sequence of calls and +// may not represent the most sensible method to call for any given token/value. +// For example, it is probably more common to call [Encoder.WriteToken] with a string +// for object names. +type Encoder = jsontext.Encoder + +// NewEncoder constructs a new streaming encoder writing to w +// configured with the provided options. +// It flushes the internal buffer when the buffer is sufficiently full or +// when a top-level value has been written. +// +// If w is a [bytes.Buffer], then the encoder appends directly into the buffer +// without copying the contents from an intermediate buffer. +func NewEncoder(w io.Writer, opts ...Options) *Encoder { + return jsontext.NewEncoder(w, opts...) +} + +// SyntacticError is a description of a syntactic error that occurred when +// encoding or decoding JSON according to the grammar. +// +// The contents of this error as produced by this package may change over time. +type SyntacticError = jsontext.SyntacticError + +// Options configures [NewEncoder], [Encoder.Reset], [NewDecoder], +// and [Decoder.Reset] with specific features. +// Each function takes in a variadic list of options, where properties +// set in latter options override the value of previously set properties. +// +// There is a single Options type, which is used with both encoding and decoding. +// Some options affect both operations, while others only affect one operation: +// +// - [AllowDuplicateNames] affects encoding and decoding +// - [AllowInvalidUTF8] affects encoding and decoding +// - [EscapeForHTML] affects encoding only +// - [EscapeForJS] affects encoding only +// - [PreserveRawStrings] affects encoding only +// - [CanonicalizeRawInts] affects encoding only +// - [CanonicalizeRawFloats] affects encoding only +// - [ReorderRawObjects] affects encoding only +// - [SpaceAfterColon] affects encoding only +// - [SpaceAfterComma] affects encoding only +// - [Multiline] affects encoding only +// - [WithIndent] affects encoding only +// - [WithIndentPrefix] affects encoding only +// +// Options that do not affect a particular operation are ignored. +// +// The Options type is identical to [encoding/json.Options] and +// [encoding/json/v2.Options]. Options from the other packages may +// be passed to functionality in this package, but are ignored. +// Options from this package may be used with the other packages. +type Options = jsontext.Options + +// AllowDuplicateNames specifies that JSON objects may contain +// duplicate member names. Disabling the duplicate name check may provide +// performance benefits, but breaks compliance with RFC 7493, section 2.3. +// The input or output will still be compliant with RFC 8259, +// which leaves the handling of duplicate names as unspecified behavior. +// +// This affects either encoding or decoding. +func AllowDuplicateNames(v bool) Options { + return jsontext.AllowDuplicateNames(v) +} + +// AllowInvalidUTF8 specifies that JSON strings may contain invalid UTF-8, +// which will be mangled as the Unicode replacement character, U+FFFD. +// This causes the encoder or decoder to break compliance with +// RFC 7493, section 2.1, and RFC 8259, section 8.1. +// +// This affects either encoding or decoding. +func AllowInvalidUTF8(v bool) Options { + return jsontext.AllowInvalidUTF8(v) +} + +// EscapeForHTML specifies that '<', '>', and '&' characters within JSON strings +// should be escaped as a hexadecimal Unicode codepoint (e.g., \u003c) so that +// the output is safe to embed within HTML. +// +// This only affects encoding and is ignored when decoding. +func EscapeForHTML(v bool) Options { + return jsontext.EscapeForHTML(v) +} + +// EscapeForJS specifies that U+2028 and U+2029 characters within JSON strings +// should be escaped as a hexadecimal Unicode codepoint (e.g., \u2028) so that +// the output is valid to embed within JavaScript. See RFC 8259, section 12. +// +// This only affects encoding and is ignored when decoding. +func EscapeForJS(v bool) Options { + return jsontext.EscapeForJS(v) +} + +// PreserveRawStrings specifies that when encoding a raw JSON string in a +// [Token] or [Value], pre-escaped sequences +// in a JSON string are preserved to the output. +// However, raw strings still respect [EscapeForHTML] and [EscapeForJS] +// such that the relevant characters are escaped. +// If [AllowInvalidUTF8] is enabled, bytes of invalid UTF-8 +// are preserved to the output. +// +// This only affects encoding and is ignored when decoding. +func PreserveRawStrings(v bool) Options { + return jsontext.PreserveRawStrings(v) +} + +// CanonicalizeRawInts specifies that when encoding a raw JSON +// integer number (i.e., a number without a fraction and exponent) in a +// [Token] or [Value], the number is canonicalized +// according to RFC 8785, section 3.2.2.3. As a special case, +// the number -0 is canonicalized as 0. +// +// JSON numbers are treated as IEEE 754 double precision numbers. +// Any numbers with precision beyond what is representable by that form +// will lose their precision when canonicalized. For example, +// integer values beyond ±2⁵³ will lose their precision. +// For example, 1234567890123456789 is formatted as 1234567890123456800. +// +// This only affects encoding and is ignored when decoding. +func CanonicalizeRawInts(v bool) Options { + return jsontext.CanonicalizeRawInts(v) +} + +// CanonicalizeRawFloats specifies that when encoding a raw JSON +// floating-point number (i.e., a number with a fraction or exponent) in a +// [Token] or [Value], the number is canonicalized +// according to RFC 8785, section 3.2.2.3. As a special case, +// the number -0 is canonicalized as 0. +// +// JSON numbers are treated as IEEE 754 double precision numbers. +// It is safe to canonicalize a serialized single precision number and +// parse it back as a single precision number and expect the same value. +// If a number exceeds ±1.7976931348623157e+308, which is the maximum +// finite number, then it saturated at that value and formatted as such. +// +// This only affects encoding and is ignored when decoding. +func CanonicalizeRawFloats(v bool) Options { + return jsontext.CanonicalizeRawFloats(v) +} + +// ReorderRawObjects specifies that when encoding a raw JSON object in a +// [Value], the object members are reordered according to +// RFC 8785, section 3.2.3. +// +// This only affects encoding and is ignored when decoding. +func ReorderRawObjects(v bool) Options { + return jsontext.ReorderRawObjects(v) +} + +// SpaceAfterColon specifies that the JSON output should emit a space character +// after each colon separator following a JSON object name. +// If false, then no space character appears after the colon separator. +// +// This only affects encoding and is ignored when decoding. +func SpaceAfterColon(v bool) Options { + return jsontext.SpaceAfterColon(v) +} + +// SpaceAfterComma specifies that the JSON output should emit a space character +// after each comma separator following a JSON object value or array element. +// If false, then no space character appears after the comma separator. +// +// This only affects encoding and is ignored when decoding. +func SpaceAfterComma(v bool) Options { + return jsontext.SpaceAfterComma(v) +} + +// Multiline specifies that the JSON output should expand to multiple lines, +// where every JSON object member or JSON array element appears on +// a new, indented line according to the nesting depth. +// +// If [SpaceAfterColon] is not specified, then the default is true. +// If [SpaceAfterComma] is not specified, then the default is false. +// If [WithIndent] is not specified, then the default is "\t". +// +// If set to false, then the output is a single-line, +// where the only whitespace emitted is determined by the current +// values of [SpaceAfterColon] and [SpaceAfterComma]. +// +// This only affects encoding and is ignored when decoding. +func Multiline(v bool) Options { + return jsontext.Multiline(v) +} + +// WithIndent specifies that the encoder should emit multiline output +// where each element in a JSON object or array begins on a new, indented line +// beginning with the indent prefix (see [WithIndentPrefix]) +// followed by one or more copies of indent according to the nesting depth. +// The indent must only be composed of space or tab characters. +// +// If the intent to emit indented output without a preference for +// the particular indent string, then use [Multiline] instead. +// +// This only affects encoding and is ignored when decoding. +// Use of this option implies [Multiline] being set to true. +func WithIndent(indent string) Options { + return jsontext.WithIndent(indent) +} + +// WithIndentPrefix specifies that the encoder should emit multiline output +// where each element in a JSON object or array begins on a new, indented line +// beginning with the indent prefix followed by one or more copies of indent +// (see [WithIndent]) according to the nesting depth. +// The prefix must only be composed of space or tab characters. +// +// This only affects encoding and is ignored when decoding. +// Use of this option implies [Multiline] being set to true. +func WithIndentPrefix(prefix string) Options { + return jsontext.WithIndentPrefix(prefix) +} + +// AppendQuote appends a double-quoted JSON string literal representing src +// to dst and returns the extended buffer. +// It uses the minimal string representation per RFC 8785, section 3.2.2.2. +// Invalid UTF-8 bytes are replaced with the Unicode replacement character +// and an error is returned at the end indicating the presence of invalid UTF-8. +// The dst must not overlap with the src. +func AppendQuote[Bytes ~[]byte | ~string](dst []byte, src Bytes) ([]byte, error) { + return jsontext.AppendQuote[Bytes](dst, src) +} + +// AppendUnquote appends the decoded interpretation of src as a +// double-quoted JSON string literal to dst and returns the extended buffer. +// The input src must be a JSON string without any surrounding whitespace. +// Invalid UTF-8 bytes are replaced with the Unicode replacement character +// and an error is returned at the end indicating the presence of invalid UTF-8. +// Any trailing bytes after the JSON string literal results in an error. +// The dst must not overlap with the src. +func AppendUnquote[Bytes ~[]byte | ~string](dst []byte, src Bytes) ([]byte, error) { + return jsontext.AppendUnquote[Bytes](dst, src) +} + +// ErrDuplicateName indicates that a JSON token could not be +// encoded or decoded because it results in a duplicate JSON object name. +// This error is directly wrapped within a [SyntacticError] when produced. +// +// The name of a duplicate JSON object member can be extracted as: +// +// err := ... +// var serr jsontext.SyntacticError +// if errors.As(err, &serr) && serr.Err == jsontext.ErrDuplicateName { +// ptr := serr.JSONPointer // JSON pointer to duplicate name +// name := ptr.LastToken() // duplicate name itself +// ... +// } +// +// This error is only returned if [AllowDuplicateNames] is false. +var ErrDuplicateName = jsontext.ErrDuplicateName + +// ErrNonStringName indicates that a JSON token could not be +// encoded or decoded because it is not a string, +// as required for JSON object names according to RFC 8259, section 4. +// This error is directly wrapped within a [SyntacticError] when produced. +var ErrNonStringName = jsontext.ErrNonStringName + +// Pointer is a JSON Pointer (RFC 6901) that references a particular JSON value +// relative to the root of the top-level JSON value. +// +// A Pointer is a slash-separated list of tokens, where each token is +// either a JSON object name or an index to a JSON array element +// encoded as a base-10 integer value. +// It is impossible to distinguish between an array index and an object name +// (that happens to be an base-10 encoded integer) without also knowing +// the structure of the top-level JSON value that the pointer refers to. +// +// There is exactly one representation of a pointer to a particular value, +// so comparability of Pointer values is equivalent to checking whether +// they both point to the exact same value. +type Pointer = jsontext.Pointer + +// Token represents a lexical JSON token, which may be one of the following: +// - a JSON literal (i.e., null, true, or false) +// - a JSON string (e.g., "hello, world!") +// - a JSON number (e.g., 123.456) +// - a begin or end delimiter for a JSON object (i.e., { or } ) +// - a begin or end delimiter for a JSON array (i.e., [ or ] ) +// +// A Token cannot represent entire array or object values, while a [Value] can. +// There is no Token to represent commas and colons since +// these structural tokens can be inferred from the surrounding context. +type Token = jsontext.Token + +var ( + Null = jsontext.Null + False = jsontext.False + True = jsontext.True + BeginObject = jsontext.BeginObject + EndObject = jsontext.EndObject + BeginArray = jsontext.BeginArray + EndArray = jsontext.EndArray +) + +// Bool constructs a Token representing a JSON boolean. +func Bool(b bool) Token { + return jsontext.Bool(b) +} + +// String constructs a Token representing a JSON string. +// The provided string should contain valid UTF-8, otherwise invalid characters +// may be mangled as the Unicode replacement character. +func String(s string) Token { + return jsontext.String(s) +} + +// Float constructs a Token representing a JSON number. +// The values NaN, +Inf, and -Inf will be represented +// as a JSON string with the values "NaN", "Infinity", and "-Infinity". +func Float(n float64) Token { + return jsontext.Float(n) +} + +// Int constructs a Token representing a JSON number from an int64. +func Int(n int64) Token { + return jsontext.Int(n) +} + +// Uint constructs a Token representing a JSON number from a uint64. +func Uint(n uint64) Token { + return jsontext.Uint(n) +} + +// Kind represents each possible JSON token kind with a single byte, +// which is conveniently the first byte of that kind's grammar +// with the restriction that numbers always be represented with '0': +// +// - 'n': null +// - 'f': false +// - 't': true +// - '"': string +// - '0': number +// - '{': object begin +// - '}': object end +// - '[': array begin +// - ']': array end +// +// An invalid kind is usually represented using 0, +// but may be non-zero due to invalid JSON data. +type Kind = jsontext.Kind + +// AppendFormat formats the JSON value in src and appends it to dst +// according to the specified options. +// See [Value.Format] for more details about the formatting behavior. +// +// The dst and src may overlap. +// If an error is reported, then the entirety of src is appended to dst. +func AppendFormat(dst, src []byte, opts ...Options) ([]byte, error) { + return jsontext.AppendFormat(dst, src, opts...) +} + +// Value represents a single raw JSON value, which may be one of the following: +// - a JSON literal (i.e., null, true, or false) +// - a JSON string (e.g., "hello, world!") +// - a JSON number (e.g., 123.456) +// - an entire JSON object (e.g., {"fizz":"buzz"} ) +// - an entire JSON array (e.g., [1,2,3] ) +// +// Value can represent entire array or object values, while [Token] cannot. +// Value may contain leading and/or trailing whitespace. +type Value = jsontext.Value diff --git a/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext/decode.go b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext/decode.go new file mode 100644 index 0000000000..7e847de373 --- /dev/null +++ b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext/decode.go @@ -0,0 +1,1179 @@ +// Copyright 2020 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +//go:build !goexperiment.jsonv2 || !go1.25 + +package jsontext + +import ( + "bytes" + "errors" + "io" + + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal/jsonflags" + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal/jsonopts" + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal/jsonwire" +) + +// NOTE: The logic for decoding is complicated by the fact that reading from +// an io.Reader into a temporary buffer means that the buffer may contain a +// truncated portion of some valid input, requiring the need to fetch more data. +// +// This file is structured in the following way: +// +// - consumeXXX functions parse an exact JSON token from a []byte. +// If the buffer appears truncated, then it returns io.ErrUnexpectedEOF. +// The consumeSimpleXXX functions are so named because they only handle +// a subset of the grammar for the JSON token being parsed. +// They do not handle the full grammar to keep these functions inlinable. +// +// - Decoder.consumeXXX methods parse the next JSON token from Decoder.buf, +// automatically fetching more input if necessary. These methods take +// a position relative to the start of Decoder.buf as an argument and +// return the end of the consumed JSON token as a position, +// also relative to the start of Decoder.buf. +// +// - In the event of an I/O errors or state machine violations, +// the implementation avoids mutating the state of Decoder +// (aside from the book-keeping needed to implement Decoder.fetch). +// For this reason, only Decoder.ReadToken and Decoder.ReadValue are +// responsible for updated Decoder.prevStart and Decoder.prevEnd. +// +// - For performance, much of the implementation uses the pattern of calling +// the inlinable consumeXXX functions first, and if more work is necessary, +// then it calls the slower Decoder.consumeXXX methods. +// TODO: Revisit this pattern if the Go compiler provides finer control +// over exactly which calls are inlined or not. + +// Decoder is a streaming decoder for raw JSON tokens and values. +// It is used to read a stream of top-level JSON values, +// each separated by optional whitespace characters. +// +// [Decoder.ReadToken] and [Decoder.ReadValue] calls may be interleaved. +// For example, the following JSON value: +// +// {"name":"value","array":[null,false,true,3.14159],"object":{"k":"v"}} +// +// can be parsed with the following calls (ignoring errors for brevity): +// +// d.ReadToken() // { +// d.ReadToken() // "name" +// d.ReadToken() // "value" +// d.ReadValue() // "array" +// d.ReadToken() // [ +// d.ReadToken() // null +// d.ReadToken() // false +// d.ReadValue() // true +// d.ReadToken() // 3.14159 +// d.ReadToken() // ] +// d.ReadValue() // "object" +// d.ReadValue() // {"k":"v"} +// d.ReadToken() // } +// +// The above is one of many possible sequence of calls and +// may not represent the most sensible method to call for any given token/value. +// For example, it is probably more common to call [Decoder.ReadToken] to obtain a +// string token for object names. +type Decoder struct { + s decoderState +} + +// decoderState is the low-level state of Decoder. +// It has exported fields and method for use by the "json" package. +type decoderState struct { + state + decodeBuffer + jsonopts.Struct + + StringCache *[256]string // only used when unmarshaling; identical to json.stringCache +} + +// decodeBuffer is a buffer split into 4 segments: +// +// - buf[0:prevEnd] // already read portion of the buffer +// - buf[prevStart:prevEnd] // previously read value +// - buf[prevEnd:len(buf)] // unread portion of the buffer +// - buf[len(buf):cap(buf)] // unused portion of the buffer +// +// Invariants: +// +// 0 ≤ prevStart ≤ prevEnd ≤ len(buf) ≤ cap(buf) +type decodeBuffer struct { + peekPos int // non-zero if valid offset into buf for start of next token + peekErr error // implies peekPos is -1 + + buf []byte // may alias rd if it is a bytes.Buffer + prevStart int + prevEnd int + + // baseOffset is added to prevStart and prevEnd to obtain + // the absolute offset relative to the start of io.Reader stream. + baseOffset int64 + + rd io.Reader +} + +// NewDecoder constructs a new streaming decoder reading from r. +// +// If r is a [bytes.Buffer], then the decoder parses directly from the buffer +// without first copying the contents to an intermediate buffer. +// Additional writes to the buffer must not occur while the decoder is in use. +func NewDecoder(r io.Reader, opts ...Options) *Decoder { + d := new(Decoder) + d.Reset(r, opts...) + return d +} + +// Reset resets a decoder such that it is reading afresh from r and +// configured with the provided options. Reset must not be called on an +// a Decoder passed to the [encoding/json/v2.UnmarshalerFrom.UnmarshalJSONFrom] method +// or the [encoding/json/v2.UnmarshalFromFunc] function. +func (d *Decoder) Reset(r io.Reader, opts ...Options) { + switch { + case d == nil: + panic("jsontext: invalid nil Decoder") + case r == nil: + panic("jsontext: invalid nil io.Reader") + case d.s.Flags.Get(jsonflags.WithinArshalCall): + panic("jsontext: cannot reset Decoder passed to json.UnmarshalerFrom") + } + // Reuse the buffer if it does not alias a previous [bytes.Buffer]. + b := d.s.buf[:0] + if _, ok := d.s.rd.(*bytes.Buffer); ok { + b = nil + } + d.s.reset(b, r, opts...) +} + +func (d *decoderState) reset(b []byte, r io.Reader, opts ...Options) { + d.state.reset() + d.decodeBuffer = decodeBuffer{buf: b, rd: r} + opts2 := jsonopts.Struct{} // avoid mutating d.Struct in case it is part of opts + opts2.Join(opts...) + d.Struct = opts2 +} + +// Options returns the options used to construct the encoder and +// may additionally contain semantic options passed to a +// [encoding/json/v2.UnmarshalDecode] call. +// +// If operating within +// a [encoding/json/v2.UnmarshalerFrom.UnmarshalJSONFrom] method call or +// a [encoding/json/v2.UnmarshalFromFunc] function call, +// then the returned options are only valid within the call. +func (d *Decoder) Options() Options { + return &d.s.Struct +} + +var errBufferWriteAfterNext = errors.New("invalid bytes.Buffer.Write call after calling bytes.Buffer.Next") + +// fetch reads at least 1 byte from the underlying io.Reader. +// It returns io.ErrUnexpectedEOF if zero bytes were read and io.EOF was seen. +func (d *decoderState) fetch() error { + if d.rd == nil { + return io.ErrUnexpectedEOF + } + + // Inform objectNameStack that we are about to fetch new buffer content. + d.Names.copyQuotedBuffer(d.buf) + + // Specialize bytes.Buffer for better performance. + if bb, ok := d.rd.(*bytes.Buffer); ok { + switch { + case bb.Len() == 0: + return io.ErrUnexpectedEOF + case len(d.buf) == 0: + d.buf = bb.Next(bb.Len()) // "read" all data in the buffer + return nil + default: + // This only occurs if a partially filled bytes.Buffer was provided + // and more data is written to it while Decoder is reading from it. + // This practice will lead to data corruption since future writes + // may overwrite the contents of the current buffer. + // + // The user is trying to use a bytes.Buffer as a pipe, + // but a bytes.Buffer is poor implementation of a pipe, + // the purpose-built io.Pipe should be used instead. + return &ioError{action: "read", err: errBufferWriteAfterNext} + } + } + + // Allocate initial buffer if empty. + if cap(d.buf) == 0 { + d.buf = make([]byte, 0, 64) + } + + // Check whether to grow the buffer. + const maxBufferSize = 4 << 10 + const growthSizeFactor = 2 // higher value is faster + const growthRateFactor = 2 // higher value is slower + // By default, grow if below the maximum buffer size. + grow := cap(d.buf) <= maxBufferSize/growthSizeFactor + // Growing can be expensive, so only grow + // if a sufficient number of bytes have been processed. + grow = grow && int64(cap(d.buf)) < d.previousOffsetEnd()/growthRateFactor + // If prevStart==0, then fetch was called in order to fetch more data + // to finish consuming a large JSON value contiguously. + // Grow if less than 25% of the remaining capacity is available. + // Note that this may cause the input buffer to exceed maxBufferSize. + grow = grow || (d.prevStart == 0 && len(d.buf) >= 3*cap(d.buf)/4) + + if grow { + // Allocate a new buffer and copy the contents of the old buffer over. + // TODO: Provide a hard limit on the maximum internal buffer size? + buf := make([]byte, 0, cap(d.buf)*growthSizeFactor) + d.buf = append(buf, d.buf[d.prevStart:]...) + } else { + // Move unread portion of the data to the front. + n := copy(d.buf[:cap(d.buf)], d.buf[d.prevStart:]) + d.buf = d.buf[:n] + } + d.baseOffset += int64(d.prevStart) + d.prevEnd -= d.prevStart + d.prevStart = 0 + + // Read more data into the internal buffer. + for { + n, err := d.rd.Read(d.buf[len(d.buf):cap(d.buf)]) + switch { + case n > 0: + d.buf = d.buf[:len(d.buf)+n] + return nil // ignore errors if any bytes are read + case err == io.EOF: + return io.ErrUnexpectedEOF + case err != nil: + return &ioError{action: "read", err: err} + default: + continue // Read returned (0, nil) + } + } +} + +const invalidateBufferByte = '#' // invalid starting character for JSON grammar + +// invalidatePreviousRead invalidates buffers returned by Peek and Read calls +// so that the first byte is an invalid character. +// This Hyrum-proofs the API against faulty application code that assumes +// values returned by ReadValue remain valid past subsequent Read calls. +func (d *decodeBuffer) invalidatePreviousRead() { + // Avoid mutating the buffer if d.rd is nil which implies that d.buf + // is provided by the user code and may not expect mutations. + isBytesBuffer := func(r io.Reader) bool { + _, ok := r.(*bytes.Buffer) + return ok + } + if d.rd != nil && !isBytesBuffer(d.rd) && d.prevStart < d.prevEnd && uint(d.prevStart) < uint(len(d.buf)) { + d.buf[d.prevStart] = invalidateBufferByte + d.prevStart = d.prevEnd + } +} + +// needMore reports whether there are no more unread bytes. +func (d *decodeBuffer) needMore(pos int) bool { + // NOTE: The arguments and logic are kept simple to keep this inlinable. + return pos == len(d.buf) +} + +func (d *decodeBuffer) offsetAt(pos int) int64 { return d.baseOffset + int64(pos) } +func (d *decodeBuffer) previousOffsetStart() int64 { return d.baseOffset + int64(d.prevStart) } +func (d *decodeBuffer) previousOffsetEnd() int64 { return d.baseOffset + int64(d.prevEnd) } +func (d *decodeBuffer) previousBuffer() []byte { return d.buf[d.prevStart:d.prevEnd] } +func (d *decodeBuffer) unreadBuffer() []byte { return d.buf[d.prevEnd:len(d.buf)] } + +// PreviousTokenOrValue returns the previously read token or value +// unless it has been invalidated by a call to PeekKind. +// If a token is just a delimiter, then this returns a 1-byte buffer. +// This method is used for error reporting at the semantic layer. +func (d *decodeBuffer) PreviousTokenOrValue() []byte { + b := d.previousBuffer() + // If peek was called, then the previous token or buffer is invalidated. + if d.peekPos > 0 || len(b) > 0 && b[0] == invalidateBufferByte { + return nil + } + // ReadToken does not preserve the buffer for null, bools, or delimiters. + // Manually re-construct that buffer. + if len(b) == 0 { + b = d.buf[:d.prevEnd] // entirety of the previous buffer + for _, tok := range []string{"null", "false", "true", "{", "}", "[", "]"} { + if len(b) >= len(tok) && string(b[len(b)-len(tok):]) == tok { + return b[len(b)-len(tok):] + } + } + } + return b +} + +// PeekKind retrieves the next token kind, but does not advance the read offset. +// +// It returns 0 if an error occurs. Any such error is cached until +// the next read call and it is the caller's responsibility to eventually +// follow up a PeekKind call with a read call. +func (d *Decoder) PeekKind() Kind { + return d.s.PeekKind() +} +func (d *decoderState) PeekKind() Kind { + // Check whether we have a cached peek result. + if d.peekPos > 0 { + return Kind(d.buf[d.peekPos]).normalize() + } + + var err error + d.invalidatePreviousRead() + pos := d.prevEnd + + // Consume leading whitespace. + pos += jsonwire.ConsumeWhitespace(d.buf[pos:]) + if d.needMore(pos) { + if pos, err = d.consumeWhitespace(pos); err != nil { + if err == io.ErrUnexpectedEOF && d.Tokens.Depth() == 1 { + err = io.EOF // EOF possibly if no Tokens present after top-level value + } + d.peekPos, d.peekErr = -1, wrapSyntacticError(d, err, pos, 0) + return invalidKind + } + } + + // Consume colon or comma. + var delim byte + if c := d.buf[pos]; c == ':' || c == ',' { + delim = c + pos += 1 + pos += jsonwire.ConsumeWhitespace(d.buf[pos:]) + if d.needMore(pos) { + if pos, err = d.consumeWhitespace(pos); err != nil { + err = wrapSyntacticError(d, err, pos, 0) + d.peekPos, d.peekErr = -1, d.checkDelimBeforeIOError(delim, err) + return invalidKind + } + } + } + next := Kind(d.buf[pos]).normalize() + if d.Tokens.needDelim(next) != delim { + d.peekPos, d.peekErr = -1, d.checkDelim(delim, next) + return invalidKind + } + + // This may set peekPos to zero, which is indistinguishable from + // the uninitialized state. While a small hit to performance, it is correct + // since ReadValue and ReadToken will disregard the cached result and + // recompute the next kind. + d.peekPos, d.peekErr = pos, nil + return next +} + +// checkDelimBeforeIOError checks whether the delim is even valid +// before returning an IO error, which occurs after the delim. +func (d *decoderState) checkDelimBeforeIOError(delim byte, err error) error { + // Since an IO error occurred, we do not know what the next kind is. + // However, knowing the next kind is necessary to validate + // whether the current delim is at least potentially valid. + // Since a JSON string is always valid as the next token, + // conservatively assume that is the next kind for validation. + const next = Kind('"') + if d.Tokens.needDelim(next) != delim { + err = d.checkDelim(delim, next) + } + return err +} + +// CountNextDelimWhitespace counts the number of upcoming bytes of +// delimiter or whitespace characters. +// This method is used for error reporting at the semantic layer. +func (d *decoderState) CountNextDelimWhitespace() int { + d.PeekKind() // populate unreadBuffer + return len(d.unreadBuffer()) - len(bytes.TrimLeft(d.unreadBuffer(), ",: \n\r\t")) +} + +// checkDelim checks whether delim is valid for the given next kind. +func (d *decoderState) checkDelim(delim byte, next Kind) error { + where := "at start of value" + switch d.Tokens.needDelim(next) { + case delim: + return nil + case ':': + where = "after object name (expecting ':')" + case ',': + if d.Tokens.Last.isObject() { + where = "after object value (expecting ',' or '}')" + } else { + where = "after array element (expecting ',' or ']')" + } + } + pos := d.prevEnd // restore position to right after leading whitespace + pos += jsonwire.ConsumeWhitespace(d.buf[pos:]) + err := jsonwire.NewInvalidCharacterError(d.buf[pos:], where) + return wrapSyntacticError(d, err, pos, 0) +} + +// SkipValue is semantically equivalent to calling [Decoder.ReadValue] and discarding +// the result except that memory is not wasted trying to hold the entire result. +func (d *Decoder) SkipValue() error { + return d.s.SkipValue() +} +func (d *decoderState) SkipValue() error { + switch d.PeekKind() { + case '{', '[': + // For JSON objects and arrays, keep skipping all tokens + // until the depth matches the starting depth. + depth := d.Tokens.Depth() + for { + if _, err := d.ReadToken(); err != nil { + return err + } + if depth >= d.Tokens.Depth() { + return nil + } + } + default: + // Trying to skip a value when the next token is a '}' or ']' + // will result in an error being returned here. + var flags jsonwire.ValueFlags + if _, err := d.ReadValue(&flags); err != nil { + return err + } + return nil + } +} + +// SkipValueRemainder skips the remainder of a value +// after reading a '{' or '[' token. +func (d *decoderState) SkipValueRemainder() error { + if d.Tokens.Depth()-1 > 0 && d.Tokens.Last.Length() == 0 { + for n := d.Tokens.Depth(); d.Tokens.Depth() >= n; { + if _, err := d.ReadToken(); err != nil { + return err + } + } + } + return nil +} + +// SkipUntil skips all tokens until the state machine +// is at or past the specified depth and length. +func (d *decoderState) SkipUntil(depth int, length int64) error { + for d.Tokens.Depth() > depth || (d.Tokens.Depth() == depth && d.Tokens.Last.Length() < length) { + if _, err := d.ReadToken(); err != nil { + return err + } + } + return nil +} + +// ReadToken reads the next [Token], advancing the read offset. +// The returned token is only valid until the next Peek, Read, or Skip call. +// It returns [io.EOF] if there are no more tokens. +func (d *Decoder) ReadToken() (Token, error) { + return d.s.ReadToken() +} +func (d *decoderState) ReadToken() (Token, error) { + // Determine the next kind. + var err error + var next Kind + pos := d.peekPos + if pos != 0 { + // Use cached peek result. + if d.peekErr != nil { + err := d.peekErr + d.peekPos, d.peekErr = 0, nil // possibly a transient I/O error + return Token{}, err + } + next = Kind(d.buf[pos]).normalize() + d.peekPos = 0 // reset cache + } else { + d.invalidatePreviousRead() + pos = d.prevEnd + + // Consume leading whitespace. + pos += jsonwire.ConsumeWhitespace(d.buf[pos:]) + if d.needMore(pos) { + if pos, err = d.consumeWhitespace(pos); err != nil { + if err == io.ErrUnexpectedEOF && d.Tokens.Depth() == 1 { + err = io.EOF // EOF possibly if no Tokens present after top-level value + } + return Token{}, wrapSyntacticError(d, err, pos, 0) + } + } + + // Consume colon or comma. + var delim byte + if c := d.buf[pos]; c == ':' || c == ',' { + delim = c + pos += 1 + pos += jsonwire.ConsumeWhitespace(d.buf[pos:]) + if d.needMore(pos) { + if pos, err = d.consumeWhitespace(pos); err != nil { + err = wrapSyntacticError(d, err, pos, 0) + return Token{}, d.checkDelimBeforeIOError(delim, err) + } + } + } + next = Kind(d.buf[pos]).normalize() + if d.Tokens.needDelim(next) != delim { + return Token{}, d.checkDelim(delim, next) + } + } + + // Handle the next token. + var n int + switch next { + case 'n': + if jsonwire.ConsumeNull(d.buf[pos:]) == 0 { + pos, err = d.consumeLiteral(pos, "null") + if err != nil { + return Token{}, wrapSyntacticError(d, err, pos, +1) + } + } else { + pos += len("null") + } + if err = d.Tokens.appendLiteral(); err != nil { + return Token{}, wrapSyntacticError(d, err, pos-len("null"), +1) // report position at start of literal + } + d.prevStart, d.prevEnd = pos, pos + return Null, nil + + case 'f': + if jsonwire.ConsumeFalse(d.buf[pos:]) == 0 { + pos, err = d.consumeLiteral(pos, "false") + if err != nil { + return Token{}, wrapSyntacticError(d, err, pos, +1) + } + } else { + pos += len("false") + } + if err = d.Tokens.appendLiteral(); err != nil { + return Token{}, wrapSyntacticError(d, err, pos-len("false"), +1) // report position at start of literal + } + d.prevStart, d.prevEnd = pos, pos + return False, nil + + case 't': + if jsonwire.ConsumeTrue(d.buf[pos:]) == 0 { + pos, err = d.consumeLiteral(pos, "true") + if err != nil { + return Token{}, wrapSyntacticError(d, err, pos, +1) + } + } else { + pos += len("true") + } + if err = d.Tokens.appendLiteral(); err != nil { + return Token{}, wrapSyntacticError(d, err, pos-len("true"), +1) // report position at start of literal + } + d.prevStart, d.prevEnd = pos, pos + return True, nil + + case '"': + var flags jsonwire.ValueFlags // TODO: Preserve this in Token? + if n = jsonwire.ConsumeSimpleString(d.buf[pos:]); n == 0 { + oldAbsPos := d.baseOffset + int64(pos) + pos, err = d.consumeString(&flags, pos) + newAbsPos := d.baseOffset + int64(pos) + n = int(newAbsPos - oldAbsPos) + if err != nil { + return Token{}, wrapSyntacticError(d, err, pos, +1) + } + } else { + pos += n + } + if d.Tokens.Last.NeedObjectName() { + if !d.Flags.Get(jsonflags.AllowDuplicateNames) { + if !d.Tokens.Last.isValidNamespace() { + return Token{}, wrapSyntacticError(d, errInvalidNamespace, pos-n, +1) + } + if d.Tokens.Last.isActiveNamespace() && !d.Namespaces.Last().insertQuoted(d.buf[pos-n:pos], flags.IsVerbatim()) { + err = wrapWithObjectName(ErrDuplicateName, d.buf[pos-n:pos]) + return Token{}, wrapSyntacticError(d, err, pos-n, +1) // report position at start of string + } + } + d.Names.ReplaceLastQuotedOffset(pos - n) // only replace if insertQuoted succeeds + } + if err = d.Tokens.appendString(); err != nil { + return Token{}, wrapSyntacticError(d, err, pos-n, +1) // report position at start of string + } + d.prevStart, d.prevEnd = pos-n, pos + return Token{raw: &d.decodeBuffer, num: uint64(d.previousOffsetStart())}, nil + + case '0': + // NOTE: Since JSON numbers are not self-terminating, + // we need to make sure that the next byte is not part of a number. + if n = jsonwire.ConsumeSimpleNumber(d.buf[pos:]); n == 0 || d.needMore(pos+n) { + oldAbsPos := d.baseOffset + int64(pos) + pos, err = d.consumeNumber(pos) + newAbsPos := d.baseOffset + int64(pos) + n = int(newAbsPos - oldAbsPos) + if err != nil { + return Token{}, wrapSyntacticError(d, err, pos, +1) + } + } else { + pos += n + } + if err = d.Tokens.appendNumber(); err != nil { + return Token{}, wrapSyntacticError(d, err, pos-n, +1) // report position at start of number + } + d.prevStart, d.prevEnd = pos-n, pos + return Token{raw: &d.decodeBuffer, num: uint64(d.previousOffsetStart())}, nil + + case '{': + if err = d.Tokens.pushObject(); err != nil { + return Token{}, wrapSyntacticError(d, err, pos, +1) + } + d.Names.push() + if !d.Flags.Get(jsonflags.AllowDuplicateNames) { + d.Namespaces.push() + } + pos += 1 + d.prevStart, d.prevEnd = pos, pos + return BeginObject, nil + + case '}': + if err = d.Tokens.popObject(); err != nil { + return Token{}, wrapSyntacticError(d, err, pos, +1) + } + d.Names.pop() + if !d.Flags.Get(jsonflags.AllowDuplicateNames) { + d.Namespaces.pop() + } + pos += 1 + d.prevStart, d.prevEnd = pos, pos + return EndObject, nil + + case '[': + if err = d.Tokens.pushArray(); err != nil { + return Token{}, wrapSyntacticError(d, err, pos, +1) + } + pos += 1 + d.prevStart, d.prevEnd = pos, pos + return BeginArray, nil + + case ']': + if err = d.Tokens.popArray(); err != nil { + return Token{}, wrapSyntacticError(d, err, pos, +1) + } + pos += 1 + d.prevStart, d.prevEnd = pos, pos + return EndArray, nil + + default: + err = jsonwire.NewInvalidCharacterError(d.buf[pos:], "at start of value") + return Token{}, wrapSyntacticError(d, err, pos, +1) + } +} + +// ReadValue returns the next raw JSON value, advancing the read offset. +// The value is stripped of any leading or trailing whitespace and +// contains the exact bytes of the input, which may contain invalid UTF-8 +// if [AllowInvalidUTF8] is specified. +// +// The returned value is only valid until the next Peek, Read, or Skip call and +// may not be mutated while the Decoder remains in use. +// If the decoder is currently at the end token for an object or array, +// then it reports a [SyntacticError] and the internal state remains unchanged. +// It returns [io.EOF] if there are no more values. +func (d *Decoder) ReadValue() (Value, error) { + var flags jsonwire.ValueFlags + return d.s.ReadValue(&flags) +} +func (d *decoderState) ReadValue(flags *jsonwire.ValueFlags) (Value, error) { + // Determine the next kind. + var err error + var next Kind + pos := d.peekPos + if pos != 0 { + // Use cached peek result. + if d.peekErr != nil { + err := d.peekErr + d.peekPos, d.peekErr = 0, nil // possibly a transient I/O error + return nil, err + } + next = Kind(d.buf[pos]).normalize() + d.peekPos = 0 // reset cache + } else { + d.invalidatePreviousRead() + pos = d.prevEnd + + // Consume leading whitespace. + pos += jsonwire.ConsumeWhitespace(d.buf[pos:]) + if d.needMore(pos) { + if pos, err = d.consumeWhitespace(pos); err != nil { + if err == io.ErrUnexpectedEOF && d.Tokens.Depth() == 1 { + err = io.EOF // EOF possibly if no Tokens present after top-level value + } + return nil, wrapSyntacticError(d, err, pos, 0) + } + } + + // Consume colon or comma. + var delim byte + if c := d.buf[pos]; c == ':' || c == ',' { + delim = c + pos += 1 + pos += jsonwire.ConsumeWhitespace(d.buf[pos:]) + if d.needMore(pos) { + if pos, err = d.consumeWhitespace(pos); err != nil { + err = wrapSyntacticError(d, err, pos, 0) + return nil, d.checkDelimBeforeIOError(delim, err) + } + } + } + next = Kind(d.buf[pos]).normalize() + if d.Tokens.needDelim(next) != delim { + return nil, d.checkDelim(delim, next) + } + } + + // Handle the next value. + oldAbsPos := d.baseOffset + int64(pos) + pos, err = d.consumeValue(flags, pos, d.Tokens.Depth()) + newAbsPos := d.baseOffset + int64(pos) + n := int(newAbsPos - oldAbsPos) + if err != nil { + return nil, wrapSyntacticError(d, err, pos, +1) + } + switch next { + case 'n', 't', 'f': + err = d.Tokens.appendLiteral() + case '"': + if d.Tokens.Last.NeedObjectName() { + if !d.Flags.Get(jsonflags.AllowDuplicateNames) { + if !d.Tokens.Last.isValidNamespace() { + err = errInvalidNamespace + break + } + if d.Tokens.Last.isActiveNamespace() && !d.Namespaces.Last().insertQuoted(d.buf[pos-n:pos], flags.IsVerbatim()) { + err = wrapWithObjectName(ErrDuplicateName, d.buf[pos-n:pos]) + break + } + } + d.Names.ReplaceLastQuotedOffset(pos - n) // only replace if insertQuoted succeeds + } + err = d.Tokens.appendString() + case '0': + err = d.Tokens.appendNumber() + case '{': + if err = d.Tokens.pushObject(); err != nil { + break + } + if err = d.Tokens.popObject(); err != nil { + panic("BUG: popObject should never fail immediately after pushObject: " + err.Error()) + } + case '[': + if err = d.Tokens.pushArray(); err != nil { + break + } + if err = d.Tokens.popArray(); err != nil { + panic("BUG: popArray should never fail immediately after pushArray: " + err.Error()) + } + } + if err != nil { + return nil, wrapSyntacticError(d, err, pos-n, +1) // report position at start of value + } + d.prevEnd = pos + d.prevStart = pos - n + return d.buf[pos-n : pos : pos], nil +} + +// CheckNextValue checks whether the next value is syntactically valid, +// but does not advance the read offset. +// If last, it verifies that the stream cleanly terminates with [io.EOF]. +func (d *decoderState) CheckNextValue(last bool) error { + d.PeekKind() // populates d.peekPos and d.peekErr + pos, err := d.peekPos, d.peekErr + d.peekPos, d.peekErr = 0, nil + if err != nil { + return err + } + + var flags jsonwire.ValueFlags + if pos, err := d.consumeValue(&flags, pos, d.Tokens.Depth()); err != nil { + return wrapSyntacticError(d, err, pos, +1) + } else if last { + return d.checkEOF(pos) + } + return nil +} + +// CheckEOF verifies that the input has no more data. +func (d *decoderState) CheckEOF() error { + return d.checkEOF(d.prevEnd) +} +func (d *decoderState) checkEOF(pos int) error { + switch pos, err := d.consumeWhitespace(pos); err { + case nil: + err := jsonwire.NewInvalidCharacterError(d.buf[pos:], "after top-level value") + return wrapSyntacticError(d, err, pos, 0) + case io.ErrUnexpectedEOF: + return nil + default: + return err + } +} + +// consumeWhitespace consumes all whitespace starting at d.buf[pos:]. +// It returns the new position in d.buf immediately after the last whitespace. +// If it returns nil, there is guaranteed to at least be one unread byte. +// +// The following pattern is common in this implementation: +// +// pos += jsonwire.ConsumeWhitespace(d.buf[pos:]) +// if d.needMore(pos) { +// if pos, err = d.consumeWhitespace(pos); err != nil { +// return ... +// } +// } +// +// It is difficult to simplify this without sacrificing performance since +// consumeWhitespace must be inlined. The body of the if statement is +// executed only in rare situations where we need to fetch more data. +// Since fetching may return an error, we also need to check the error. +func (d *decoderState) consumeWhitespace(pos int) (newPos int, err error) { + for { + pos += jsonwire.ConsumeWhitespace(d.buf[pos:]) + if d.needMore(pos) { + absPos := d.baseOffset + int64(pos) + err = d.fetch() // will mutate d.buf and invalidate pos + pos = int(absPos - d.baseOffset) + if err != nil { + return pos, err + } + continue + } + return pos, nil + } +} + +// consumeValue consumes a single JSON value starting at d.buf[pos:]. +// It returns the new position in d.buf immediately after the value. +func (d *decoderState) consumeValue(flags *jsonwire.ValueFlags, pos, depth int) (newPos int, err error) { + for { + var n int + var err error + switch next := Kind(d.buf[pos]).normalize(); next { + case 'n': + if n = jsonwire.ConsumeNull(d.buf[pos:]); n == 0 { + n, err = jsonwire.ConsumeLiteral(d.buf[pos:], "null") + } + case 'f': + if n = jsonwire.ConsumeFalse(d.buf[pos:]); n == 0 { + n, err = jsonwire.ConsumeLiteral(d.buf[pos:], "false") + } + case 't': + if n = jsonwire.ConsumeTrue(d.buf[pos:]); n == 0 { + n, err = jsonwire.ConsumeLiteral(d.buf[pos:], "true") + } + case '"': + if n = jsonwire.ConsumeSimpleString(d.buf[pos:]); n == 0 { + return d.consumeString(flags, pos) + } + case '0': + // NOTE: Since JSON numbers are not self-terminating, + // we need to make sure that the next byte is not part of a number. + if n = jsonwire.ConsumeSimpleNumber(d.buf[pos:]); n == 0 || d.needMore(pos+n) { + return d.consumeNumber(pos) + } + case '{': + return d.consumeObject(flags, pos, depth) + case '[': + return d.consumeArray(flags, pos, depth) + default: + if (d.Tokens.Last.isObject() && next == ']') || (d.Tokens.Last.isArray() && next == '}') { + return pos, errMismatchDelim + } + return pos, jsonwire.NewInvalidCharacterError(d.buf[pos:], "at start of value") + } + if err == io.ErrUnexpectedEOF { + absPos := d.baseOffset + int64(pos) + err = d.fetch() // will mutate d.buf and invalidate pos + pos = int(absPos - d.baseOffset) + if err != nil { + return pos + n, err + } + continue + } + return pos + n, err + } +} + +// consumeLiteral consumes a single JSON literal starting at d.buf[pos:]. +// It returns the new position in d.buf immediately after the literal. +func (d *decoderState) consumeLiteral(pos int, lit string) (newPos int, err error) { + for { + n, err := jsonwire.ConsumeLiteral(d.buf[pos:], lit) + if err == io.ErrUnexpectedEOF { + absPos := d.baseOffset + int64(pos) + err = d.fetch() // will mutate d.buf and invalidate pos + pos = int(absPos - d.baseOffset) + if err != nil { + return pos + n, err + } + continue + } + return pos + n, err + } +} + +// consumeString consumes a single JSON string starting at d.buf[pos:]. +// It returns the new position in d.buf immediately after the string. +func (d *decoderState) consumeString(flags *jsonwire.ValueFlags, pos int) (newPos int, err error) { + var n int + for { + n, err = jsonwire.ConsumeStringResumable(flags, d.buf[pos:], n, !d.Flags.Get(jsonflags.AllowInvalidUTF8)) + if err == io.ErrUnexpectedEOF { + absPos := d.baseOffset + int64(pos) + err = d.fetch() // will mutate d.buf and invalidate pos + pos = int(absPos - d.baseOffset) + if err != nil { + return pos + n, err + } + continue + } + return pos + n, err + } +} + +// consumeNumber consumes a single JSON number starting at d.buf[pos:]. +// It returns the new position in d.buf immediately after the number. +func (d *decoderState) consumeNumber(pos int) (newPos int, err error) { + var n int + var state jsonwire.ConsumeNumberState + for { + n, state, err = jsonwire.ConsumeNumberResumable(d.buf[pos:], n, state) + // NOTE: Since JSON numbers are not self-terminating, + // we need to make sure that the next byte is not part of a number. + if err == io.ErrUnexpectedEOF || d.needMore(pos+n) { + mayTerminate := err == nil + absPos := d.baseOffset + int64(pos) + err = d.fetch() // will mutate d.buf and invalidate pos + pos = int(absPos - d.baseOffset) + if err != nil { + if mayTerminate && err == io.ErrUnexpectedEOF { + return pos + n, nil + } + return pos, err + } + continue + } + return pos + n, err + } +} + +// consumeObject consumes a single JSON object starting at d.buf[pos:]. +// It returns the new position in d.buf immediately after the object. +func (d *decoderState) consumeObject(flags *jsonwire.ValueFlags, pos, depth int) (newPos int, err error) { + var n int + var names *objectNamespace + if !d.Flags.Get(jsonflags.AllowDuplicateNames) { + d.Namespaces.push() + defer d.Namespaces.pop() + names = d.Namespaces.Last() + } + + // Handle before start. + if uint(pos) >= uint(len(d.buf)) || d.buf[pos] != '{' { + panic("BUG: consumeObject must be called with a buffer that starts with '{'") + } else if depth == maxNestingDepth+1 { + return pos, errMaxDepth + } + pos++ + + // Handle after start. + pos += jsonwire.ConsumeWhitespace(d.buf[pos:]) + if d.needMore(pos) { + if pos, err = d.consumeWhitespace(pos); err != nil { + return pos, err + } + } + if d.buf[pos] == '}' { + pos++ + return pos, nil + } + + depth++ + for { + // Handle before name. + pos += jsonwire.ConsumeWhitespace(d.buf[pos:]) + if d.needMore(pos) { + if pos, err = d.consumeWhitespace(pos); err != nil { + return pos, err + } + } + var flags2 jsonwire.ValueFlags + if n = jsonwire.ConsumeSimpleString(d.buf[pos:]); n == 0 { + oldAbsPos := d.baseOffset + int64(pos) + pos, err = d.consumeString(&flags2, pos) + newAbsPos := d.baseOffset + int64(pos) + n = int(newAbsPos - oldAbsPos) + flags.Join(flags2) + if err != nil { + return pos, err + } + } else { + pos += n + } + quotedName := d.buf[pos-n : pos] + if !d.Flags.Get(jsonflags.AllowDuplicateNames) && !names.insertQuoted(quotedName, flags2.IsVerbatim()) { + return pos - n, wrapWithObjectName(ErrDuplicateName, quotedName) + } + + // Handle after name. + pos += jsonwire.ConsumeWhitespace(d.buf[pos:]) + if d.needMore(pos) { + if pos, err = d.consumeWhitespace(pos); err != nil { + return pos, wrapWithObjectName(err, quotedName) + } + } + if d.buf[pos] != ':' { + err := jsonwire.NewInvalidCharacterError(d.buf[pos:], "after object name (expecting ':')") + return pos, wrapWithObjectName(err, quotedName) + } + pos++ + + // Handle before value. + pos += jsonwire.ConsumeWhitespace(d.buf[pos:]) + if d.needMore(pos) { + if pos, err = d.consumeWhitespace(pos); err != nil { + return pos, wrapWithObjectName(err, quotedName) + } + } + pos, err = d.consumeValue(flags, pos, depth) + if err != nil { + return pos, wrapWithObjectName(err, quotedName) + } + + // Handle after value. + pos += jsonwire.ConsumeWhitespace(d.buf[pos:]) + if d.needMore(pos) { + if pos, err = d.consumeWhitespace(pos); err != nil { + return pos, err + } + } + switch d.buf[pos] { + case ',': + pos++ + continue + case '}': + pos++ + return pos, nil + default: + return pos, jsonwire.NewInvalidCharacterError(d.buf[pos:], "after object value (expecting ',' or '}')") + } + } +} + +// consumeArray consumes a single JSON array starting at d.buf[pos:]. +// It returns the new position in d.buf immediately after the array. +func (d *decoderState) consumeArray(flags *jsonwire.ValueFlags, pos, depth int) (newPos int, err error) { + // Handle before start. + if uint(pos) >= uint(len(d.buf)) || d.buf[pos] != '[' { + panic("BUG: consumeArray must be called with a buffer that starts with '['") + } else if depth == maxNestingDepth+1 { + return pos, errMaxDepth + } + pos++ + + // Handle after start. + pos += jsonwire.ConsumeWhitespace(d.buf[pos:]) + if d.needMore(pos) { + if pos, err = d.consumeWhitespace(pos); err != nil { + return pos, err + } + } + if d.buf[pos] == ']' { + pos++ + return pos, nil + } + + var idx int64 + depth++ + for { + // Handle before value. + pos += jsonwire.ConsumeWhitespace(d.buf[pos:]) + if d.needMore(pos) { + if pos, err = d.consumeWhitespace(pos); err != nil { + return pos, err + } + } + pos, err = d.consumeValue(flags, pos, depth) + if err != nil { + return pos, wrapWithArrayIndex(err, idx) + } + + // Handle after value. + pos += jsonwire.ConsumeWhitespace(d.buf[pos:]) + if d.needMore(pos) { + if pos, err = d.consumeWhitespace(pos); err != nil { + return pos, err + } + } + switch d.buf[pos] { + case ',': + pos++ + idx++ + continue + case ']': + pos++ + return pos, nil + default: + return pos, jsonwire.NewInvalidCharacterError(d.buf[pos:], "after array element (expecting ',' or ']')") + } + } +} + +// InputOffset returns the current input byte offset. It gives the location +// of the next byte immediately after the most recently returned token or value. +// The number of bytes actually read from the underlying [io.Reader] may be more +// than this offset due to internal buffering effects. +func (d *Decoder) InputOffset() int64 { + return d.s.previousOffsetEnd() +} + +// UnreadBuffer returns the data remaining in the unread buffer, +// which may contain zero or more bytes. +// The returned buffer must not be mutated while Decoder continues to be used. +// The buffer contents are valid until the next Peek, Read, or Skip call. +func (d *Decoder) UnreadBuffer() []byte { + return d.s.unreadBuffer() +} + +// StackDepth returns the depth of the state machine for read JSON data. +// Each level on the stack represents a nested JSON object or array. +// It is incremented whenever an [BeginObject] or [BeginArray] token is encountered +// and decremented whenever an [EndObject] or [EndArray] token is encountered. +// The depth is zero-indexed, where zero represents the top-level JSON value. +func (d *Decoder) StackDepth() int { + // NOTE: Keep in sync with Encoder.StackDepth. + return d.s.Tokens.Depth() - 1 +} + +// StackIndex returns information about the specified stack level. +// It must be a number between 0 and [Decoder.StackDepth], inclusive. +// For each level, it reports the kind: +// +// - 0 for a level of zero, +// - '{' for a level representing a JSON object, and +// - '[' for a level representing a JSON array. +// +// It also reports the length of that JSON object or array. +// Each name and value in a JSON object is counted separately, +// so the effective number of members would be half the length. +// A complete JSON object must have an even length. +func (d *Decoder) StackIndex(i int) (Kind, int64) { + // NOTE: Keep in sync with Encoder.StackIndex. + switch s := d.s.Tokens.index(i); { + case i > 0 && s.isObject(): + return '{', s.Length() + case i > 0 && s.isArray(): + return '[', s.Length() + default: + return 0, s.Length() + } +} + +// StackPointer returns a JSON Pointer (RFC 6901) to the most recently read value. +func (d *Decoder) StackPointer() Pointer { + return Pointer(d.s.AppendStackPointer(nil, -1)) +} + +func (d *decoderState) AppendStackPointer(b []byte, where int) []byte { + d.Names.copyQuotedBuffer(d.buf) + return d.state.appendStackPointer(b, where) +} diff --git a/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext/doc.go b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext/doc.go new file mode 100644 index 0000000000..22081df053 --- /dev/null +++ b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext/doc.go @@ -0,0 +1,111 @@ +// Copyright 2023 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +//go:build !goexperiment.jsonv2 || !go1.25 + +// Package jsontext implements syntactic processing of JSON +// as specified in RFC 4627, RFC 7159, RFC 7493, RFC 8259, and RFC 8785. +// JSON is a simple data interchange format that can represent +// primitive data types such as booleans, strings, and numbers, +// in addition to structured data types such as objects and arrays. +// +// The [Encoder] and [Decoder] types are used to encode or decode +// a stream of JSON tokens or values. +// +// # Tokens and Values +// +// A JSON token refers to the basic structural elements of JSON: +// +// - a JSON literal (i.e., null, true, or false) +// - a JSON string (e.g., "hello, world!") +// - a JSON number (e.g., 123.456) +// - a begin or end delimiter for a JSON object (i.e., '{' or '}') +// - a begin or end delimiter for a JSON array (i.e., '[' or ']') +// +// A JSON token is represented by the [Token] type in Go. Technically, +// there are two additional structural characters (i.e., ':' and ','), +// but there is no [Token] representation for them since their presence +// can be inferred by the structure of the JSON grammar itself. +// For example, there must always be an implicit colon between +// the name and value of a JSON object member. +// +// A JSON value refers to a complete unit of JSON data: +// +// - a JSON literal, string, or number +// - a JSON object (e.g., `{"name":"value"}`) +// - a JSON array (e.g., `[1,2,3,]`) +// +// A JSON value is represented by the [Value] type in Go and is a []byte +// containing the raw textual representation of the value. There is some overlap +// between tokens and values as both contain literals, strings, and numbers. +// However, only a value can represent the entirety of a JSON object or array. +// +// The [Encoder] and [Decoder] types contain methods to read or write the next +// [Token] or [Value] in a sequence. They maintain a state machine to validate +// whether the sequence of JSON tokens and/or values produces a valid JSON. +// [Options] may be passed to the [NewEncoder] or [NewDecoder] constructors +// to configure the syntactic behavior of encoding and decoding. +// +// # Terminology +// +// The terms "encode" and "decode" are used for syntactic functionality +// that is concerned with processing JSON based on its grammar, and +// the terms "marshal" and "unmarshal" are used for semantic functionality +// that determines the meaning of JSON values as Go values and vice-versa. +// This package (i.e., [jsontext]) deals with JSON at a syntactic layer, +// while [encoding/json/v2] deals with JSON at a semantic layer. +// The goal is to provide a clear distinction between functionality that +// is purely concerned with encoding versus that of marshaling. +// For example, one can directly encode a stream of JSON tokens without +// needing to marshal a concrete Go value representing them. +// Similarly, one can decode a stream of JSON tokens without +// needing to unmarshal them into a concrete Go value. +// +// This package uses JSON terminology when discussing JSON, which may differ +// from related concepts in Go or elsewhere in computing literature. +// +// - a JSON "object" refers to an unordered collection of name/value members. +// - a JSON "array" refers to an ordered sequence of elements. +// - a JSON "value" refers to either a literal (i.e., null, false, or true), +// string, number, object, or array. +// +// See RFC 8259 for more information. +// +// # Specifications +// +// Relevant specifications include RFC 4627, RFC 7159, RFC 7493, RFC 8259, +// and RFC 8785. Each RFC is generally a stricter subset of another RFC. +// In increasing order of strictness: +// +// - RFC 4627 and RFC 7159 do not require (but recommend) the use of UTF-8 +// and also do not require (but recommend) that object names be unique. +// - RFC 8259 requires the use of UTF-8, +// but does not require (but recommends) that object names be unique. +// - RFC 7493 requires the use of UTF-8 +// and also requires that object names be unique. +// - RFC 8785 defines a canonical representation. It requires the use of UTF-8 +// and also requires that object names be unique and in a specific ordering. +// It specifies exactly how strings and numbers must be formatted. +// +// The primary difference between RFC 4627 and RFC 7159 is that the former +// restricted top-level values to only JSON objects and arrays, while +// RFC 7159 and subsequent RFCs permit top-level values to additionally be +// JSON nulls, booleans, strings, or numbers. +// +// By default, this package operates on RFC 7493, but can be configured +// to operate according to the other RFC specifications. +// RFC 7493 is a stricter subset of RFC 8259 and fully compliant with it. +// In particular, it makes specific choices about behavior that RFC 8259 +// leaves as undefined in order to ensure greater interoperability. +// +// # Security Considerations +// +// See the "Security Considerations" section in [encoding/json/v2]. +package jsontext + +// requireKeyedLiterals can be embedded in a struct to require keyed literals. +type requireKeyedLiterals struct{} + +// nonComparable can be embedded in a struct to prevent comparability. +type nonComparable [0]func() diff --git a/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext/encode.go b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext/encode.go new file mode 100644 index 0000000000..c2e88045ad --- /dev/null +++ b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext/encode.go @@ -0,0 +1,977 @@ +// Copyright 2020 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +//go:build !goexperiment.jsonv2 || !go1.25 + +package jsontext + +import ( + "bytes" + "io" + "math/bits" + + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal/jsonflags" + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal/jsonopts" + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal/jsonwire" +) + +// Encoder is a streaming encoder from raw JSON tokens and values. +// It is used to write a stream of top-level JSON values, +// each terminated with a newline character. +// +// [Encoder.WriteToken] and [Encoder.WriteValue] calls may be interleaved. +// For example, the following JSON value: +// +// {"name":"value","array":[null,false,true,3.14159],"object":{"k":"v"}} +// +// can be composed with the following calls (ignoring errors for brevity): +// +// e.WriteToken(BeginObject) // { +// e.WriteToken(String("name")) // "name" +// e.WriteToken(String("value")) // "value" +// e.WriteValue(Value(`"array"`)) // "array" +// e.WriteToken(BeginArray) // [ +// e.WriteToken(Null) // null +// e.WriteToken(False) // false +// e.WriteValue(Value("true")) // true +// e.WriteToken(Float(3.14159)) // 3.14159 +// e.WriteToken(EndArray) // ] +// e.WriteValue(Value(`"object"`)) // "object" +// e.WriteValue(Value(`{"k":"v"}`)) // {"k":"v"} +// e.WriteToken(EndObject) // } +// +// The above is one of many possible sequence of calls and +// may not represent the most sensible method to call for any given token/value. +// For example, it is probably more common to call [Encoder.WriteToken] with a string +// for object names. +type Encoder struct { + s encoderState +} + +// encoderState is the low-level state of Encoder. +// It has exported fields and method for use by the "json" package. +type encoderState struct { + state + encodeBuffer + jsonopts.Struct + + SeenPointers map[any]struct{} // only used when marshaling; identical to json.seenPointers +} + +// encodeBuffer is a buffer split into 2 segments: +// +// - buf[0:len(buf)] // written (but unflushed) portion of the buffer +// - buf[len(buf):cap(buf)] // unused portion of the buffer +type encodeBuffer struct { + Buf []byte // may alias wr if it is a bytes.Buffer + + // baseOffset is added to len(buf) to obtain the absolute offset + // relative to the start of io.Writer stream. + baseOffset int64 + + wr io.Writer + + // maxValue is the approximate maximum Value size passed to WriteValue. + maxValue int + // availBuffer is the buffer returned by the AvailableBuffer method. + availBuffer []byte // always has zero length + // bufStats is statistics about buffer utilization. + // It is only used with pooled encoders in pools.go. + bufStats bufferStatistics +} + +// NewEncoder constructs a new streaming encoder writing to w +// configured with the provided options. +// It flushes the internal buffer when the buffer is sufficiently full or +// when a top-level value has been written. +// +// If w is a [bytes.Buffer], then the encoder appends directly into the buffer +// without copying the contents from an intermediate buffer. +func NewEncoder(w io.Writer, opts ...Options) *Encoder { + e := new(Encoder) + e.Reset(w, opts...) + return e +} + +// Reset resets an encoder such that it is writing afresh to w and +// configured with the provided options. Reset must not be called on +// a Encoder passed to the [encoding/json/v2.MarshalerTo.MarshalJSONTo] method +// or the [encoding/json/v2.MarshalToFunc] function. +func (e *Encoder) Reset(w io.Writer, opts ...Options) { + switch { + case e == nil: + panic("jsontext: invalid nil Encoder") + case w == nil: + panic("jsontext: invalid nil io.Writer") + case e.s.Flags.Get(jsonflags.WithinArshalCall): + panic("jsontext: cannot reset Encoder passed to json.MarshalerTo") + } + // Reuse the buffer if it does not alias a previous [bytes.Buffer]. + b := e.s.Buf[:0] + if _, ok := e.s.wr.(*bytes.Buffer); ok { + b = nil + } + e.s.reset(b, w, opts...) +} + +func (e *encoderState) reset(b []byte, w io.Writer, opts ...Options) { + e.state.reset() + e.encodeBuffer = encodeBuffer{Buf: b, wr: w, availBuffer: e.availBuffer, bufStats: e.bufStats} + if bb, ok := w.(*bytes.Buffer); ok && bb != nil { + e.Buf = bb.AvailableBuffer() // alias the unused buffer of bb + } + opts2 := jsonopts.Struct{} // avoid mutating e.Struct in case it is part of opts + opts2.Join(opts...) + e.Struct = opts2 + if e.Flags.Get(jsonflags.Multiline) { + if !e.Flags.Has(jsonflags.SpaceAfterColon) { + e.Flags.Set(jsonflags.SpaceAfterColon | 1) + } + if !e.Flags.Has(jsonflags.SpaceAfterComma) { + e.Flags.Set(jsonflags.SpaceAfterComma | 0) + } + if !e.Flags.Has(jsonflags.Indent) { + e.Flags.Set(jsonflags.Indent | 1) + e.Indent = "\t" + } + } +} + +// Options returns the options used to construct the decoder and +// may additionally contain semantic options passed to a +// [encoding/json/v2.MarshalEncode] call. +// +// If operating within +// a [encoding/json/v2.MarshalerTo.MarshalJSONTo] method call or +// a [encoding/json/v2.MarshalToFunc] function call, +// then the returned options are only valid within the call. +func (e *Encoder) Options() Options { + return &e.s.Struct +} + +// NeedFlush determines whether to flush at this point. +func (e *encoderState) NeedFlush() bool { + // NOTE: This function is carefully written to be inlinable. + + // Avoid flushing if e.wr is nil since there is no underlying writer. + // Flush if less than 25% of the capacity remains. + // Flushing at some constant fraction ensures that the buffer stops growing + // so long as the largest Token or Value fits within that unused capacity. + return e.wr != nil && (e.Tokens.Depth() == 1 || len(e.Buf) > 3*cap(e.Buf)/4) +} + +// Flush flushes the buffer to the underlying io.Writer. +// It may append a trailing newline after the top-level value. +func (e *encoderState) Flush() error { + if e.wr == nil || e.avoidFlush() { + return nil + } + + // In streaming mode, always emit a newline after the top-level value. + if e.Tokens.Depth() == 1 && !e.Flags.Get(jsonflags.OmitTopLevelNewline) { + e.Buf = append(e.Buf, '\n') + } + + // Inform objectNameStack that we are about to flush the buffer content. + e.Names.copyQuotedBuffer(e.Buf) + + // Specialize bytes.Buffer for better performance. + if bb, ok := e.wr.(*bytes.Buffer); ok { + // If e.buf already aliases the internal buffer of bb, + // then the Write call simply increments the internal offset, + // otherwise Write operates as expected. + // See https://go.dev/issue/42986. + n, _ := bb.Write(e.Buf) // never fails unless bb is nil + e.baseOffset += int64(n) + + // If the internal buffer of bytes.Buffer is too small, + // append operations elsewhere in the Encoder may grow the buffer. + // This would be semantically correct, but hurts performance. + // As such, ensure 25% of the current length is always available + // to reduce the probability that other appends must allocate. + if avail := bb.Available(); avail < bb.Len()/4 { + bb.Grow(avail + 1) + } + + e.Buf = bb.AvailableBuffer() + return nil + } + + // Flush the internal buffer to the underlying io.Writer. + n, err := e.wr.Write(e.Buf) + e.baseOffset += int64(n) + if err != nil { + // In the event of an error, preserve the unflushed portion. + // Thus, write errors aren't fatal so long as the io.Writer + // maintains consistent state after errors. + if n > 0 { + e.Buf = e.Buf[:copy(e.Buf, e.Buf[n:])] + } + return &ioError{action: "write", err: err} + } + e.Buf = e.Buf[:0] + + // Check whether to grow the buffer. + // Note that cap(e.buf) may already exceed maxBufferSize since + // an append elsewhere already grew it to store a large token. + const maxBufferSize = 4 << 10 + const growthSizeFactor = 2 // higher value is faster + const growthRateFactor = 2 // higher value is slower + // By default, grow if below the maximum buffer size. + grow := cap(e.Buf) <= maxBufferSize/growthSizeFactor + // Growing can be expensive, so only grow + // if a sufficient number of bytes have been processed. + grow = grow && int64(cap(e.Buf)) < e.previousOffsetEnd()/growthRateFactor + if grow { + e.Buf = make([]byte, 0, cap(e.Buf)*growthSizeFactor) + } + + return nil +} +func (d *encodeBuffer) offsetAt(pos int) int64 { return d.baseOffset + int64(pos) } +func (e *encodeBuffer) previousOffsetEnd() int64 { return e.baseOffset + int64(len(e.Buf)) } +func (e *encodeBuffer) unflushedBuffer() []byte { return e.Buf } + +// avoidFlush indicates whether to avoid flushing to ensure there is always +// enough in the buffer to unwrite the last object member if it were empty. +func (e *encoderState) avoidFlush() bool { + switch { + case e.Tokens.Last.Length() == 0: + // Never flush after BeginObject or BeginArray since we don't know yet + // if the object or array will end up being empty. + return true + case e.Tokens.Last.needObjectValue(): + // Never flush before the object value since we don't know yet + // if the object value will end up being empty. + return true + case e.Tokens.Last.NeedObjectName() && len(e.Buf) >= 2: + // Never flush after the object value if it does turn out to be empty. + switch string(e.Buf[len(e.Buf)-2:]) { + case `ll`, `""`, `{}`, `[]`: // last two bytes of every empty value + return true + } + } + return false +} + +// UnwriteEmptyObjectMember unwrites the last object member if it is empty +// and reports whether it performed an unwrite operation. +func (e *encoderState) UnwriteEmptyObjectMember(prevName *string) bool { + if last := e.Tokens.Last; !last.isObject() || !last.NeedObjectName() || last.Length() == 0 { + panic("BUG: must be called on an object after writing a value") + } + + // The flushing logic is modified to never flush a trailing empty value. + // The encoder never writes trailing whitespace eagerly. + b := e.unflushedBuffer() + + // Detect whether the last value was empty. + var n int + if len(b) >= 3 { + switch string(b[len(b)-2:]) { + case "ll": // last two bytes of `null` + n = len(`null`) + case `""`: + // It is possible for a non-empty string to have `""` as a suffix + // if the second to the last quote was escaped. + if b[len(b)-3] == '\\' { + return false // e.g., `"\""` is not empty + } + n = len(`""`) + case `{}`: + n = len(`{}`) + case `[]`: + n = len(`[]`) + } + } + if n == 0 { + return false + } + + // Unwrite the value, whitespace, colon, name, whitespace, and comma. + b = b[:len(b)-n] + b = jsonwire.TrimSuffixWhitespace(b) + b = jsonwire.TrimSuffixByte(b, ':') + b = jsonwire.TrimSuffixString(b) + b = jsonwire.TrimSuffixWhitespace(b) + b = jsonwire.TrimSuffixByte(b, ',') + e.Buf = b // store back truncated unflushed buffer + + // Undo state changes. + e.Tokens.Last.decrement() // for object member value + e.Tokens.Last.decrement() // for object member name + if !e.Flags.Get(jsonflags.AllowDuplicateNames) { + if e.Tokens.Last.isActiveNamespace() { + e.Namespaces.Last().removeLast() + } + } + e.Names.clearLast() + if prevName != nil { + e.Names.copyQuotedBuffer(e.Buf) // required by objectNameStack.replaceLastUnquotedName + e.Names.replaceLastUnquotedName(*prevName) + } + return true +} + +// UnwriteOnlyObjectMemberName unwrites the only object member name +// and returns the unquoted name. +func (e *encoderState) UnwriteOnlyObjectMemberName() string { + if last := e.Tokens.Last; !last.isObject() || last.Length() != 1 { + panic("BUG: must be called on an object after writing first name") + } + + // Unwrite the name and whitespace. + b := jsonwire.TrimSuffixString(e.Buf) + isVerbatim := bytes.IndexByte(e.Buf[len(b):], '\\') < 0 + name := string(jsonwire.UnquoteMayCopy(e.Buf[len(b):], isVerbatim)) + e.Buf = jsonwire.TrimSuffixWhitespace(b) + + // Undo state changes. + e.Tokens.Last.decrement() + if !e.Flags.Get(jsonflags.AllowDuplicateNames) { + if e.Tokens.Last.isActiveNamespace() { + e.Namespaces.Last().removeLast() + } + } + e.Names.clearLast() + return name +} + +// WriteToken writes the next token and advances the internal write offset. +// +// The provided token kind must be consistent with the JSON grammar. +// For example, it is an error to provide a number when the encoder +// is expecting an object name (which is always a string), or +// to provide an end object delimiter when the encoder is finishing an array. +// If the provided token is invalid, then it reports a [SyntacticError] and +// the internal state remains unchanged. The offset reported +// in [SyntacticError] will be relative to the [Encoder.OutputOffset]. +func (e *Encoder) WriteToken(t Token) error { + return e.s.WriteToken(t) +} +func (e *encoderState) WriteToken(t Token) error { + k := t.Kind() + b := e.Buf // use local variable to avoid mutating e in case of error + + // Append any delimiters or optional whitespace. + b = e.Tokens.MayAppendDelim(b, k) + if e.Flags.Get(jsonflags.AnyWhitespace) { + b = e.appendWhitespace(b, k) + } + pos := len(b) // offset before the token + + // Append the token to the output and to the state machine. + var err error + switch k { + case 'n': + b = append(b, "null"...) + err = e.Tokens.appendLiteral() + case 'f': + b = append(b, "false"...) + err = e.Tokens.appendLiteral() + case 't': + b = append(b, "true"...) + err = e.Tokens.appendLiteral() + case '"': + if b, err = t.appendString(b, &e.Flags); err != nil { + break + } + if e.Tokens.Last.NeedObjectName() { + if !e.Flags.Get(jsonflags.AllowDuplicateNames) { + if !e.Tokens.Last.isValidNamespace() { + err = errInvalidNamespace + break + } + if e.Tokens.Last.isActiveNamespace() && !e.Namespaces.Last().insertQuoted(b[pos:], false) { + err = wrapWithObjectName(ErrDuplicateName, b[pos:]) + break + } + } + e.Names.ReplaceLastQuotedOffset(pos) // only replace if insertQuoted succeeds + } + err = e.Tokens.appendString() + case '0': + if b, err = t.appendNumber(b, &e.Flags); err != nil { + break + } + err = e.Tokens.appendNumber() + case '{': + b = append(b, '{') + if err = e.Tokens.pushObject(); err != nil { + break + } + e.Names.push() + if !e.Flags.Get(jsonflags.AllowDuplicateNames) { + e.Namespaces.push() + } + case '}': + b = append(b, '}') + if err = e.Tokens.popObject(); err != nil { + break + } + e.Names.pop() + if !e.Flags.Get(jsonflags.AllowDuplicateNames) { + e.Namespaces.pop() + } + case '[': + b = append(b, '[') + err = e.Tokens.pushArray() + case ']': + b = append(b, ']') + err = e.Tokens.popArray() + default: + err = errInvalidToken + } + if err != nil { + return wrapSyntacticError(e, err, pos, +1) + } + + // Finish off the buffer and store it back into e. + e.Buf = b + if e.NeedFlush() { + return e.Flush() + } + return nil +} + +// AppendRaw appends either a raw string (without double quotes) or number. +// Specify safeASCII if the string output is guaranteed to be ASCII +// without any characters (including '<', '>', and '&') that need escaping, +// otherwise this will validate whether the string needs escaping. +// The appended bytes for a JSON number must be valid. +// +// This is a specialized implementation of Encoder.WriteValue +// that allows appending directly into the buffer. +// It is only called from marshal logic in the "json" package. +func (e *encoderState) AppendRaw(k Kind, safeASCII bool, appendFn func([]byte) ([]byte, error)) error { + b := e.Buf // use local variable to avoid mutating e in case of error + + // Append any delimiters or optional whitespace. + b = e.Tokens.MayAppendDelim(b, k) + if e.Flags.Get(jsonflags.AnyWhitespace) { + b = e.appendWhitespace(b, k) + } + pos := len(b) // offset before the token + + var err error + switch k { + case '"': + // Append directly into the encoder buffer by assuming that + // most of the time none of the characters need escaping. + b = append(b, '"') + if b, err = appendFn(b); err != nil { + return err + } + b = append(b, '"') + + // Check whether we need to escape the string and if necessary + // copy it to a scratch buffer and then escape it back. + isVerbatim := safeASCII || !jsonwire.NeedEscape(b[pos+len(`"`):len(b)-len(`"`)]) + if !isVerbatim { + var err error + b2 := append(e.availBuffer, b[pos+len(`"`):len(b)-len(`"`)]...) + b, err = jsonwire.AppendQuote(b[:pos], string(b2), &e.Flags) + e.availBuffer = b2[:0] + if err != nil { + return wrapSyntacticError(e, err, pos, +1) + } + } + + // Update the state machine. + if e.Tokens.Last.NeedObjectName() { + if !e.Flags.Get(jsonflags.AllowDuplicateNames) { + if !e.Tokens.Last.isValidNamespace() { + return wrapSyntacticError(e, err, pos, +1) + } + if e.Tokens.Last.isActiveNamespace() && !e.Namespaces.Last().insertQuoted(b[pos:], isVerbatim) { + err = wrapWithObjectName(ErrDuplicateName, b[pos:]) + return wrapSyntacticError(e, err, pos, +1) + } + } + e.Names.ReplaceLastQuotedOffset(pos) // only replace if insertQuoted succeeds + } + if err := e.Tokens.appendString(); err != nil { + return wrapSyntacticError(e, err, pos, +1) + } + case '0': + if b, err = appendFn(b); err != nil { + return err + } + if err := e.Tokens.appendNumber(); err != nil { + return wrapSyntacticError(e, err, pos, +1) + } + default: + panic("BUG: invalid kind") + } + + // Finish off the buffer and store it back into e. + e.Buf = b + if e.NeedFlush() { + return e.Flush() + } + return nil +} + +// WriteValue writes the next raw value and advances the internal write offset. +// The Encoder does not simply copy the provided value verbatim, but +// parses it to ensure that it is syntactically valid and reformats it +// according to how the Encoder is configured to format whitespace and strings. +// If [AllowInvalidUTF8] is specified, then any invalid UTF-8 is mangled +// as the Unicode replacement character, U+FFFD. +// +// The provided value kind must be consistent with the JSON grammar +// (see examples on [Encoder.WriteToken]). If the provided value is invalid, +// then it reports a [SyntacticError] and the internal state remains unchanged. +// The offset reported in [SyntacticError] will be relative to the +// [Encoder.OutputOffset] plus the offset into v of any encountered syntax error. +func (e *Encoder) WriteValue(v Value) error { + return e.s.WriteValue(v) +} +func (e *encoderState) WriteValue(v Value) error { + e.maxValue |= len(v) // bitwise OR is a fast approximation of max + + k := v.Kind() + b := e.Buf // use local variable to avoid mutating e in case of error + + // Append any delimiters or optional whitespace. + b = e.Tokens.MayAppendDelim(b, k) + if e.Flags.Get(jsonflags.AnyWhitespace) { + b = e.appendWhitespace(b, k) + } + pos := len(b) // offset before the value + + // Append the value the output. + var n int + n += jsonwire.ConsumeWhitespace(v[n:]) + b, m, err := e.reformatValue(b, v[n:], e.Tokens.Depth()) + if err != nil { + return wrapSyntacticError(e, err, pos+n+m, +1) + } + n += m + n += jsonwire.ConsumeWhitespace(v[n:]) + if len(v) > n { + err = jsonwire.NewInvalidCharacterError(v[n:], "after top-level value") + return wrapSyntacticError(e, err, pos+n, 0) + } + + // Append the kind to the state machine. + switch k { + case 'n', 'f', 't': + err = e.Tokens.appendLiteral() + case '"': + if e.Tokens.Last.NeedObjectName() { + if !e.Flags.Get(jsonflags.AllowDuplicateNames) { + if !e.Tokens.Last.isValidNamespace() { + err = errInvalidNamespace + break + } + if e.Tokens.Last.isActiveNamespace() && !e.Namespaces.Last().insertQuoted(b[pos:], false) { + err = wrapWithObjectName(ErrDuplicateName, b[pos:]) + break + } + } + e.Names.ReplaceLastQuotedOffset(pos) // only replace if insertQuoted succeeds + } + err = e.Tokens.appendString() + case '0': + err = e.Tokens.appendNumber() + case '{': + if err = e.Tokens.pushObject(); err != nil { + break + } + if err = e.Tokens.popObject(); err != nil { + panic("BUG: popObject should never fail immediately after pushObject: " + err.Error()) + } + if e.Flags.Get(jsonflags.ReorderRawObjects) { + mustReorderObjects(b[pos:]) + } + case '[': + if err = e.Tokens.pushArray(); err != nil { + break + } + if err = e.Tokens.popArray(); err != nil { + panic("BUG: popArray should never fail immediately after pushArray: " + err.Error()) + } + if e.Flags.Get(jsonflags.ReorderRawObjects) { + mustReorderObjects(b[pos:]) + } + } + if err != nil { + return wrapSyntacticError(e, err, pos, +1) + } + + // Finish off the buffer and store it back into e. + e.Buf = b + if e.NeedFlush() { + return e.Flush() + } + return nil +} + +// CountNextDelimWhitespace counts the number of bytes of delimiter and +// whitespace bytes assuming the upcoming token is a JSON value. +// This method is used for error reporting at the semantic layer. +func (e *encoderState) CountNextDelimWhitespace() (n int) { + const next = Kind('"') // arbitrary kind as next JSON value + delim := e.Tokens.needDelim(next) + if delim > 0 { + n += len(",") | len(":") + } + if delim == ':' { + if e.Flags.Get(jsonflags.SpaceAfterColon) { + n += len(" ") + } + } else { + if delim == ',' && e.Flags.Get(jsonflags.SpaceAfterComma) { + n += len(" ") + } + if e.Flags.Get(jsonflags.Multiline) { + if m := e.Tokens.NeedIndent(next); m > 0 { + n += len("\n") + len(e.IndentPrefix) + (m-1)*len(e.Indent) + } + } + } + return n +} + +// appendWhitespace appends whitespace that immediately precedes the next token. +func (e *encoderState) appendWhitespace(b []byte, next Kind) []byte { + if delim := e.Tokens.needDelim(next); delim == ':' { + if e.Flags.Get(jsonflags.SpaceAfterColon) { + b = append(b, ' ') + } + } else { + if delim == ',' && e.Flags.Get(jsonflags.SpaceAfterComma) { + b = append(b, ' ') + } + if e.Flags.Get(jsonflags.Multiline) { + b = e.AppendIndent(b, e.Tokens.NeedIndent(next)) + } + } + return b +} + +// AppendIndent appends the appropriate number of indentation characters +// for the current nested level, n. +func (e *encoderState) AppendIndent(b []byte, n int) []byte { + if n == 0 { + return b + } + b = append(b, '\n') + b = append(b, e.IndentPrefix...) + for ; n > 1; n-- { + b = append(b, e.Indent...) + } + return b +} + +// reformatValue parses a JSON value from the start of src and +// appends it to the end of dst, reformatting whitespace and strings as needed. +// It returns the extended dst buffer and the number of consumed input bytes. +func (e *encoderState) reformatValue(dst []byte, src Value, depth int) ([]byte, int, error) { + // TODO: Should this update ValueFlags as input? + if len(src) == 0 { + return dst, 0, io.ErrUnexpectedEOF + } + switch k := Kind(src[0]).normalize(); k { + case 'n': + if jsonwire.ConsumeNull(src) == 0 { + n, err := jsonwire.ConsumeLiteral(src, "null") + return dst, n, err + } + return append(dst, "null"...), len("null"), nil + case 'f': + if jsonwire.ConsumeFalse(src) == 0 { + n, err := jsonwire.ConsumeLiteral(src, "false") + return dst, n, err + } + return append(dst, "false"...), len("false"), nil + case 't': + if jsonwire.ConsumeTrue(src) == 0 { + n, err := jsonwire.ConsumeLiteral(src, "true") + return dst, n, err + } + return append(dst, "true"...), len("true"), nil + case '"': + if n := jsonwire.ConsumeSimpleString(src); n > 0 { + dst = append(dst, src[:n]...) // copy simple strings verbatim + return dst, n, nil + } + return jsonwire.ReformatString(dst, src, &e.Flags) + case '0': + if n := jsonwire.ConsumeSimpleNumber(src); n > 0 && !e.Flags.Get(jsonflags.CanonicalizeNumbers) { + dst = append(dst, src[:n]...) // copy simple numbers verbatim + return dst, n, nil + } + return jsonwire.ReformatNumber(dst, src, &e.Flags) + case '{': + return e.reformatObject(dst, src, depth) + case '[': + return e.reformatArray(dst, src, depth) + default: + return dst, 0, jsonwire.NewInvalidCharacterError(src, "at start of value") + } +} + +// reformatObject parses a JSON object from the start of src and +// appends it to the end of src, reformatting whitespace and strings as needed. +// It returns the extended dst buffer and the number of consumed input bytes. +func (e *encoderState) reformatObject(dst []byte, src Value, depth int) ([]byte, int, error) { + // Append object begin. + if len(src) == 0 || src[0] != '{' { + panic("BUG: reformatObject must be called with a buffer that starts with '{'") + } else if depth == maxNestingDepth+1 { + return dst, 0, errMaxDepth + } + dst = append(dst, '{') + n := len("{") + + // Append (possible) object end. + n += jsonwire.ConsumeWhitespace(src[n:]) + if uint(len(src)) <= uint(n) { + return dst, n, io.ErrUnexpectedEOF + } + if src[n] == '}' { + dst = append(dst, '}') + n += len("}") + return dst, n, nil + } + + var err error + var names *objectNamespace + if !e.Flags.Get(jsonflags.AllowDuplicateNames) { + e.Namespaces.push() + defer e.Namespaces.pop() + names = e.Namespaces.Last() + } + depth++ + for { + // Append optional newline and indentation. + if e.Flags.Get(jsonflags.Multiline) { + dst = e.AppendIndent(dst, depth) + } + + // Append object name. + n += jsonwire.ConsumeWhitespace(src[n:]) + if uint(len(src)) <= uint(n) { + return dst, n, io.ErrUnexpectedEOF + } + m := jsonwire.ConsumeSimpleString(src[n:]) + isVerbatim := m > 0 + if isVerbatim { + dst = append(dst, src[n:n+m]...) + } else { + dst, m, err = jsonwire.ReformatString(dst, src[n:], &e.Flags) + if err != nil { + return dst, n + m, err + } + } + quotedName := src[n : n+m] + if !e.Flags.Get(jsonflags.AllowDuplicateNames) && !names.insertQuoted(quotedName, isVerbatim) { + return dst, n, wrapWithObjectName(ErrDuplicateName, quotedName) + } + n += m + + // Append colon. + n += jsonwire.ConsumeWhitespace(src[n:]) + if uint(len(src)) <= uint(n) { + return dst, n, wrapWithObjectName(io.ErrUnexpectedEOF, quotedName) + } + if src[n] != ':' { + err = jsonwire.NewInvalidCharacterError(src[n:], "after object name (expecting ':')") + return dst, n, wrapWithObjectName(err, quotedName) + } + dst = append(dst, ':') + n += len(":") + if e.Flags.Get(jsonflags.SpaceAfterColon) { + dst = append(dst, ' ') + } + + // Append object value. + n += jsonwire.ConsumeWhitespace(src[n:]) + if uint(len(src)) <= uint(n) { + return dst, n, wrapWithObjectName(io.ErrUnexpectedEOF, quotedName) + } + dst, m, err = e.reformatValue(dst, src[n:], depth) + if err != nil { + return dst, n + m, wrapWithObjectName(err, quotedName) + } + n += m + + // Append comma or object end. + n += jsonwire.ConsumeWhitespace(src[n:]) + if uint(len(src)) <= uint(n) { + return dst, n, io.ErrUnexpectedEOF + } + switch src[n] { + case ',': + dst = append(dst, ',') + if e.Flags.Get(jsonflags.SpaceAfterComma) { + dst = append(dst, ' ') + } + n += len(",") + continue + case '}': + if e.Flags.Get(jsonflags.Multiline) { + dst = e.AppendIndent(dst, depth-1) + } + dst = append(dst, '}') + n += len("}") + return dst, n, nil + default: + return dst, n, jsonwire.NewInvalidCharacterError(src[n:], "after object value (expecting ',' or '}')") + } + } +} + +// reformatArray parses a JSON array from the start of src and +// appends it to the end of dst, reformatting whitespace and strings as needed. +// It returns the extended dst buffer and the number of consumed input bytes. +func (e *encoderState) reformatArray(dst []byte, src Value, depth int) ([]byte, int, error) { + // Append array begin. + if len(src) == 0 || src[0] != '[' { + panic("BUG: reformatArray must be called with a buffer that starts with '['") + } else if depth == maxNestingDepth+1 { + return dst, 0, errMaxDepth + } + dst = append(dst, '[') + n := len("[") + + // Append (possible) array end. + n += jsonwire.ConsumeWhitespace(src[n:]) + if uint(len(src)) <= uint(n) { + return dst, n, io.ErrUnexpectedEOF + } + if src[n] == ']' { + dst = append(dst, ']') + n += len("]") + return dst, n, nil + } + + var idx int64 + var err error + depth++ + for { + // Append optional newline and indentation. + if e.Flags.Get(jsonflags.Multiline) { + dst = e.AppendIndent(dst, depth) + } + + // Append array value. + n += jsonwire.ConsumeWhitespace(src[n:]) + if uint(len(src)) <= uint(n) { + return dst, n, io.ErrUnexpectedEOF + } + var m int + dst, m, err = e.reformatValue(dst, src[n:], depth) + if err != nil { + return dst, n + m, wrapWithArrayIndex(err, idx) + } + n += m + + // Append comma or array end. + n += jsonwire.ConsumeWhitespace(src[n:]) + if uint(len(src)) <= uint(n) { + return dst, n, io.ErrUnexpectedEOF + } + switch src[n] { + case ',': + dst = append(dst, ',') + if e.Flags.Get(jsonflags.SpaceAfterComma) { + dst = append(dst, ' ') + } + n += len(",") + idx++ + continue + case ']': + if e.Flags.Get(jsonflags.Multiline) { + dst = e.AppendIndent(dst, depth-1) + } + dst = append(dst, ']') + n += len("]") + return dst, n, nil + default: + return dst, n, jsonwire.NewInvalidCharacterError(src[n:], "after array value (expecting ',' or ']')") + } + } +} + +// OutputOffset returns the current output byte offset. It gives the location +// of the next byte immediately after the most recently written token or value. +// The number of bytes actually written to the underlying [io.Writer] may be less +// than this offset due to internal buffering effects. +func (e *Encoder) OutputOffset() int64 { + return e.s.previousOffsetEnd() +} + +// AvailableBuffer returns a zero-length buffer with a possible non-zero capacity. +// This buffer is intended to be used to populate a [Value] +// being passed to an immediately succeeding [Encoder.WriteValue] call. +// +// Example usage: +// +// b := d.AvailableBuffer() +// b = append(b, '"') +// b = appendString(b, v) // append the string formatting of v +// b = append(b, '"') +// ... := d.WriteValue(b) +// +// It is the user's responsibility to ensure that the value is valid JSON. +func (e *Encoder) AvailableBuffer() []byte { + // NOTE: We don't return e.buf[len(e.buf):cap(e.buf)] since WriteValue would + // need to take special care to avoid mangling the data while reformatting. + // WriteValue can't easily identify whether the input Value aliases e.buf + // without using unsafe.Pointer. Thus, we just return a different buffer. + // Should this ever alias e.buf, we need to consider how it operates with + // the specialized performance optimization for bytes.Buffer. + n := 1 << bits.Len(uint(e.s.maxValue|63)) // fast approximation for max length + if cap(e.s.availBuffer) < n { + e.s.availBuffer = make([]byte, 0, n) + } + return e.s.availBuffer +} + +// StackDepth returns the depth of the state machine for written JSON data. +// Each level on the stack represents a nested JSON object or array. +// It is incremented whenever an [BeginObject] or [BeginArray] token is encountered +// and decremented whenever an [EndObject] or [EndArray] token is encountered. +// The depth is zero-indexed, where zero represents the top-level JSON value. +func (e *Encoder) StackDepth() int { + // NOTE: Keep in sync with Decoder.StackDepth. + return e.s.Tokens.Depth() - 1 +} + +// StackIndex returns information about the specified stack level. +// It must be a number between 0 and [Encoder.StackDepth], inclusive. +// For each level, it reports the kind: +// +// - 0 for a level of zero, +// - '{' for a level representing a JSON object, and +// - '[' for a level representing a JSON array. +// +// It also reports the length of that JSON object or array. +// Each name and value in a JSON object is counted separately, +// so the effective number of members would be half the length. +// A complete JSON object must have an even length. +func (e *Encoder) StackIndex(i int) (Kind, int64) { + // NOTE: Keep in sync with Decoder.StackIndex. + switch s := e.s.Tokens.index(i); { + case i > 0 && s.isObject(): + return '{', s.Length() + case i > 0 && s.isArray(): + return '[', s.Length() + default: + return 0, s.Length() + } +} + +// StackPointer returns a JSON Pointer (RFC 6901) to the most recently written value. +func (e *Encoder) StackPointer() Pointer { + return Pointer(e.s.AppendStackPointer(nil, -1)) +} + +func (e *encoderState) AppendStackPointer(b []byte, where int) []byte { + e.Names.copyQuotedBuffer(e.Buf) + return e.state.appendStackPointer(b, where) +} diff --git a/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext/errors.go b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext/errors.go new file mode 100644 index 0000000000..3c53151b3f --- /dev/null +++ b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext/errors.go @@ -0,0 +1,182 @@ +// Copyright 2020 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +//go:build !goexperiment.jsonv2 || !go1.25 + +package jsontext + +import ( + "bytes" + "io" + "strconv" + + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal/jsonwire" +) + +const errorPrefix = "jsontext: " + +type ioError struct { + action string // either "read" or "write" + err error +} + +func (e *ioError) Error() string { + return errorPrefix + e.action + " error: " + e.err.Error() +} +func (e *ioError) Unwrap() error { + return e.err +} + +// SyntacticError is a description of a syntactic error that occurred when +// encoding or decoding JSON according to the grammar. +// +// The contents of this error as produced by this package may change over time. +type SyntacticError struct { + requireKeyedLiterals + nonComparable + + // ByteOffset indicates that an error occurred after this byte offset. + ByteOffset int64 + // JSONPointer indicates that an error occurred within this JSON value + // as indicated using the JSON Pointer notation (see RFC 6901). + JSONPointer Pointer + + // Err is the underlying error. + Err error +} + +// wrapSyntacticError wraps an error and annotates it with a precise location +// using the provided [encoderState] or [decoderState]. +// If err is an [ioError] or [io.EOF], then it is not wrapped. +// +// It takes a relative offset pos that can be resolved into +// an absolute offset using state.offsetAt. +// +// It takes a where that specify how the JSON pointer is derived. +// If the underlying error is a [pointerSuffixError], +// then the suffix is appended to the derived pointer. +func wrapSyntacticError(state interface { + offsetAt(pos int) int64 + AppendStackPointer(b []byte, where int) []byte +}, err error, pos, where int) error { + if _, ok := err.(*ioError); err == io.EOF || ok { + return err + } + offset := state.offsetAt(pos) + ptr := state.AppendStackPointer(nil, where) + if serr, ok := err.(*pointerSuffixError); ok { + ptr = serr.appendPointer(ptr) + err = serr.error + } + if d, ok := state.(*decoderState); ok && err == errMismatchDelim { + where := "at start of value" + if len(d.Tokens.Stack) > 0 && d.Tokens.Last.Length() > 0 { + switch { + case d.Tokens.Last.isArray(): + where = "after array element (expecting ',' or ']')" + ptr = []byte(Pointer(ptr).Parent()) // problem is with parent array + case d.Tokens.Last.isObject(): + where = "after object value (expecting ',' or '}')" + ptr = []byte(Pointer(ptr).Parent()) // problem is with parent object + } + } + err = jsonwire.NewInvalidCharacterError(d.buf[pos:], where) + } + return &SyntacticError{ByteOffset: offset, JSONPointer: Pointer(ptr), Err: err} +} + +func (e *SyntacticError) Error() string { + pointer := e.JSONPointer + offset := e.ByteOffset + b := []byte(errorPrefix) + if e.Err != nil { + b = append(b, e.Err.Error()...) + if e.Err == ErrDuplicateName { + b = strconv.AppendQuote(append(b, ' '), pointer.LastToken()) + pointer = pointer.Parent() + offset = 0 // not useful to print offset for duplicate names + } + } else { + b = append(b, "syntactic error"...) + } + if pointer != "" { + b = strconv.AppendQuote(append(b, " within "...), jsonwire.TruncatePointer(string(pointer), 100)) + } + if offset > 0 { + b = strconv.AppendInt(append(b, " after offset "...), offset, 10) + } + return string(b) +} + +func (e *SyntacticError) Unwrap() error { + return e.Err +} + +// pointerSuffixError represents a JSON pointer suffix to be appended +// to [SyntacticError.JSONPointer]. It is an internal error type +// used within this package and does not appear in the public API. +// +// This type is primarily used to annotate errors in Encoder.WriteValue +// and Decoder.ReadValue with precise positions. +// At the time WriteValue or ReadValue is called, a JSON pointer to the +// upcoming value can be constructed using the Encoder/Decoder state. +// However, tracking pointers within values during normal operation +// would incur a performance penalty in the error-free case. +// +// To provide precise error locations without this overhead, +// the error is wrapped with object names or array indices +// as the call stack is popped when an error occurs. +// Since this happens in reverse order, pointerSuffixError holds +// the pointer in reverse and is only later reversed when appending to +// the pointer prefix. +// +// For example, if the encoder is at "/alpha/bravo/charlie" +// and an error occurs in WriteValue at "/xray/yankee/zulu", then +// the final pointer should be "/alpha/bravo/charlie/xray/yankee/zulu". +// +// As pointerSuffixError is populated during the error return path, +// it first contains "/zulu", then "/zulu/yankee", +// and finally "/zulu/yankee/xray". +// These tokens are reversed and concatenated to "/alpha/bravo/charlie" +// to form the full pointer. +type pointerSuffixError struct { + error + + // reversePointer is a JSON pointer, but with each token in reverse order. + reversePointer []byte +} + +// wrapWithObjectName wraps err with a JSON object name access, +// which must be a valid quoted JSON string. +func wrapWithObjectName(err error, quotedName []byte) error { + serr, _ := err.(*pointerSuffixError) + if serr == nil { + serr = &pointerSuffixError{error: err} + } + name := jsonwire.UnquoteMayCopy(quotedName, false) + serr.reversePointer = appendEscapePointerName(append(serr.reversePointer, '/'), name) + return serr +} + +// wrapWithArrayIndex wraps err with a JSON array index access. +func wrapWithArrayIndex(err error, index int64) error { + serr, _ := err.(*pointerSuffixError) + if serr == nil { + serr = &pointerSuffixError{error: err} + } + serr.reversePointer = strconv.AppendUint(append(serr.reversePointer, '/'), uint64(index), 10) + return serr +} + +// appendPointer appends the path encoded in e to the end of pointer. +func (e *pointerSuffixError) appendPointer(pointer []byte) []byte { + // Copy each token in reversePointer to the end of pointer in reverse order. + // Double reversal means that the appended suffix is now in forward order. + bi, bo := e.reversePointer, pointer + for len(bi) > 0 { + i := bytes.LastIndexByte(bi, '/') + bi, bo = bi[:i], append(bo, bi[i:]...) + } + return bo +} diff --git a/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext/export.go b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext/export.go new file mode 100644 index 0000000000..0d6dc58c06 --- /dev/null +++ b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext/export.go @@ -0,0 +1,77 @@ +// Copyright 2023 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +//go:build !goexperiment.jsonv2 || !go1.25 + +package jsontext + +import ( + "io" + + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal" +) + +// Internal is for internal use only. +// This is exempt from the Go compatibility agreement. +var Internal exporter + +type exporter struct{} + +// Export exposes internal functionality from "jsontext" to "json". +// This cannot be dynamically called by other packages since +// they cannot obtain a reference to the internal.AllowInternalUse value. +func (exporter) Export(p *internal.NotForPublicUse) export { + if p != &internal.AllowInternalUse { + panic("unauthorized call to Export") + } + return export{} +} + +// The export type exposes functionality to packages with visibility to +// the internal.AllowInternalUse variable. The "json" package uses this +// to modify low-level state in the Encoder and Decoder types. +// It mutates the state directly instead of calling ReadToken or WriteToken +// since this is more performant. The public APIs need to track state to ensure +// that users are constructing a valid JSON value, but the "json" implementation +// guarantees that it emits valid JSON by the structure of the code itself. +type export struct{} + +// Encoder returns a pointer to the underlying encoderState. +func (export) Encoder(e *Encoder) *encoderState { return &e.s } + +// Decoder returns a pointer to the underlying decoderState. +func (export) Decoder(d *Decoder) *decoderState { return &d.s } + +func (export) GetBufferedEncoder(o ...Options) *Encoder { + return getBufferedEncoder(o...) +} +func (export) PutBufferedEncoder(e *Encoder) { + putBufferedEncoder(e) +} + +func (export) GetStreamingEncoder(w io.Writer, o ...Options) *Encoder { + return getStreamingEncoder(w, o...) +} +func (export) PutStreamingEncoder(e *Encoder) { + putStreamingEncoder(e) +} + +func (export) GetBufferedDecoder(b []byte, o ...Options) *Decoder { + return getBufferedDecoder(b, o...) +} +func (export) PutBufferedDecoder(d *Decoder) { + putBufferedDecoder(d) +} + +func (export) GetStreamingDecoder(r io.Reader, o ...Options) *Decoder { + return getStreamingDecoder(r, o...) +} +func (export) PutStreamingDecoder(d *Decoder) { + putStreamingDecoder(d) +} + +func (export) IsIOError(err error) bool { + _, ok := err.(*ioError) + return ok +} diff --git a/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext/options.go b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext/options.go new file mode 100644 index 0000000000..d22d0635d8 --- /dev/null +++ b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext/options.go @@ -0,0 +1,304 @@ +// Copyright 2023 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +//go:build !goexperiment.jsonv2 || !go1.25 + +package jsontext + +import ( + "strings" + + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal/jsonflags" + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal/jsonopts" + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal/jsonwire" +) + +// Options configures [NewEncoder], [Encoder.Reset], [NewDecoder], +// and [Decoder.Reset] with specific features. +// Each function takes in a variadic list of options, where properties +// set in latter options override the value of previously set properties. +// +// There is a single Options type, which is used with both encoding and decoding. +// Some options affect both operations, while others only affect one operation: +// +// - [AllowDuplicateNames] affects encoding and decoding +// - [AllowInvalidUTF8] affects encoding and decoding +// - [EscapeForHTML] affects encoding only +// - [EscapeForJS] affects encoding only +// - [PreserveRawStrings] affects encoding only +// - [CanonicalizeRawInts] affects encoding only +// - [CanonicalizeRawFloats] affects encoding only +// - [ReorderRawObjects] affects encoding only +// - [SpaceAfterColon] affects encoding only +// - [SpaceAfterComma] affects encoding only +// - [Multiline] affects encoding only +// - [WithIndent] affects encoding only +// - [WithIndentPrefix] affects encoding only +// +// Options that do not affect a particular operation are ignored. +// +// The Options type is identical to [encoding/json.Options] and +// [encoding/json/v2.Options]. Options from the other packages may +// be passed to functionality in this package, but are ignored. +// Options from this package may be used with the other packages. +type Options = jsonopts.Options + +// AllowDuplicateNames specifies that JSON objects may contain +// duplicate member names. Disabling the duplicate name check may provide +// performance benefits, but breaks compliance with RFC 7493, section 2.3. +// The input or output will still be compliant with RFC 8259, +// which leaves the handling of duplicate names as unspecified behavior. +// +// This affects either encoding or decoding. +func AllowDuplicateNames(v bool) Options { + if v { + return jsonflags.AllowDuplicateNames | 1 + } else { + return jsonflags.AllowDuplicateNames | 0 + } +} + +// AllowInvalidUTF8 specifies that JSON strings may contain invalid UTF-8, +// which will be mangled as the Unicode replacement character, U+FFFD. +// This causes the encoder or decoder to break compliance with +// RFC 7493, section 2.1, and RFC 8259, section 8.1. +// +// This affects either encoding or decoding. +func AllowInvalidUTF8(v bool) Options { + if v { + return jsonflags.AllowInvalidUTF8 | 1 + } else { + return jsonflags.AllowInvalidUTF8 | 0 + } +} + +// EscapeForHTML specifies that '<', '>', and '&' characters within JSON strings +// should be escaped as a hexadecimal Unicode codepoint (e.g., \u003c) so that +// the output is safe to embed within HTML. +// +// This only affects encoding and is ignored when decoding. +func EscapeForHTML(v bool) Options { + if v { + return jsonflags.EscapeForHTML | 1 + } else { + return jsonflags.EscapeForHTML | 0 + } +} + +// EscapeForJS specifies that U+2028 and U+2029 characters within JSON strings +// should be escaped as a hexadecimal Unicode codepoint (e.g., \u2028) so that +// the output is valid to embed within JavaScript. See RFC 8259, section 12. +// +// This only affects encoding and is ignored when decoding. +func EscapeForJS(v bool) Options { + if v { + return jsonflags.EscapeForJS | 1 + } else { + return jsonflags.EscapeForJS | 0 + } +} + +// PreserveRawStrings specifies that when encoding a raw JSON string in a +// [Token] or [Value], pre-escaped sequences +// in a JSON string are preserved to the output. +// However, raw strings still respect [EscapeForHTML] and [EscapeForJS] +// such that the relevant characters are escaped. +// If [AllowInvalidUTF8] is enabled, bytes of invalid UTF-8 +// are preserved to the output. +// +// This only affects encoding and is ignored when decoding. +func PreserveRawStrings(v bool) Options { + if v { + return jsonflags.PreserveRawStrings | 1 + } else { + return jsonflags.PreserveRawStrings | 0 + } +} + +// CanonicalizeRawInts specifies that when encoding a raw JSON +// integer number (i.e., a number without a fraction and exponent) in a +// [Token] or [Value], the number is canonicalized +// according to RFC 8785, section 3.2.2.3. As a special case, +// the number -0 is canonicalized as 0. +// +// JSON numbers are treated as IEEE 754 double precision numbers. +// Any numbers with precision beyond what is representable by that form +// will lose their precision when canonicalized. For example, +// integer values beyond ±2⁵³ will lose their precision. +// For example, 1234567890123456789 is formatted as 1234567890123456800. +// +// This only affects encoding and is ignored when decoding. +func CanonicalizeRawInts(v bool) Options { + if v { + return jsonflags.CanonicalizeRawInts | 1 + } else { + return jsonflags.CanonicalizeRawInts | 0 + } +} + +// CanonicalizeRawFloats specifies that when encoding a raw JSON +// floating-point number (i.e., a number with a fraction or exponent) in a +// [Token] or [Value], the number is canonicalized +// according to RFC 8785, section 3.2.2.3. As a special case, +// the number -0 is canonicalized as 0. +// +// JSON numbers are treated as IEEE 754 double precision numbers. +// It is safe to canonicalize a serialized single precision number and +// parse it back as a single precision number and expect the same value. +// If a number exceeds ±1.7976931348623157e+308, which is the maximum +// finite number, then it saturated at that value and formatted as such. +// +// This only affects encoding and is ignored when decoding. +func CanonicalizeRawFloats(v bool) Options { + if v { + return jsonflags.CanonicalizeRawFloats | 1 + } else { + return jsonflags.CanonicalizeRawFloats | 0 + } +} + +// ReorderRawObjects specifies that when encoding a raw JSON object in a +// [Value], the object members are reordered according to +// RFC 8785, section 3.2.3. +// +// This only affects encoding and is ignored when decoding. +func ReorderRawObjects(v bool) Options { + if v { + return jsonflags.ReorderRawObjects | 1 + } else { + return jsonflags.ReorderRawObjects | 0 + } +} + +// SpaceAfterColon specifies that the JSON output should emit a space character +// after each colon separator following a JSON object name. +// If false, then no space character appears after the colon separator. +// +// This only affects encoding and is ignored when decoding. +func SpaceAfterColon(v bool) Options { + if v { + return jsonflags.SpaceAfterColon | 1 + } else { + return jsonflags.SpaceAfterColon | 0 + } +} + +// SpaceAfterComma specifies that the JSON output should emit a space character +// after each comma separator following a JSON object value or array element. +// If false, then no space character appears after the comma separator. +// +// This only affects encoding and is ignored when decoding. +func SpaceAfterComma(v bool) Options { + if v { + return jsonflags.SpaceAfterComma | 1 + } else { + return jsonflags.SpaceAfterComma | 0 + } +} + +// Multiline specifies that the JSON output should expand to multiple lines, +// where every JSON object member or JSON array element appears on +// a new, indented line according to the nesting depth. +// +// If [SpaceAfterColon] is not specified, then the default is true. +// If [SpaceAfterComma] is not specified, then the default is false. +// If [WithIndent] is not specified, then the default is "\t". +// +// If set to false, then the output is a single-line, +// where the only whitespace emitted is determined by the current +// values of [SpaceAfterColon] and [SpaceAfterComma]. +// +// This only affects encoding and is ignored when decoding. +func Multiline(v bool) Options { + if v { + return jsonflags.Multiline | 1 + } else { + return jsonflags.Multiline | 0 + } +} + +// WithIndent specifies that the encoder should emit multiline output +// where each element in a JSON object or array begins on a new, indented line +// beginning with the indent prefix (see [WithIndentPrefix]) +// followed by one or more copies of indent according to the nesting depth. +// The indent must only be composed of space or tab characters. +// +// If the intent to emit indented output without a preference for +// the particular indent string, then use [Multiline] instead. +// +// This only affects encoding and is ignored when decoding. +// Use of this option implies [Multiline] being set to true. +func WithIndent(indent string) Options { + // Fast-path: Return a constant for common indents, which avoids allocating. + // These are derived from analyzing the Go module proxy on 2023-07-01. + switch indent { + case "\t": + return jsonopts.Indent("\t") // ~14k usages + case " ": + return jsonopts.Indent(" ") // ~18k usages + case " ": + return jsonopts.Indent(" ") // ~1.7k usages + case " ": + return jsonopts.Indent(" ") // ~52k usages + case " ": + return jsonopts.Indent(" ") // ~12k usages + case "": + return jsonopts.Indent("") // ~1.5k usages + } + + // Otherwise, allocate for this unique value. + if s := strings.Trim(indent, " \t"); len(s) > 0 { + panic("json: invalid character " + jsonwire.QuoteRune(s) + " in indent") + } + return jsonopts.Indent(indent) +} + +// WithIndentPrefix specifies that the encoder should emit multiline output +// where each element in a JSON object or array begins on a new, indented line +// beginning with the indent prefix followed by one or more copies of indent +// (see [WithIndent]) according to the nesting depth. +// The prefix must only be composed of space or tab characters. +// +// This only affects encoding and is ignored when decoding. +// Use of this option implies [Multiline] being set to true. +func WithIndentPrefix(prefix string) Options { + if s := strings.Trim(prefix, " \t"); len(s) > 0 { + panic("json: invalid character " + jsonwire.QuoteRune(s) + " in indent prefix") + } + return jsonopts.IndentPrefix(prefix) +} + +/* +// TODO(https://go.dev/issue/56733): Implement WithByteLimit and WithDepthLimit. +// Remember to also update the "Security Considerations" section. + +// WithByteLimit sets a limit on the number of bytes of input or output bytes +// that may be consumed or produced for each top-level JSON value. +// If a [Decoder] or [Encoder] method call would need to consume/produce +// more than a total of n bytes to make progress on the top-level JSON value, +// then the call will report an error. +// Whitespace before and within the top-level value are counted against the limit. +// Whitespace after a top-level value are counted against the limit +// for the next top-level value. +// +// A non-positive limit is equivalent to no limit at all. +// If unspecified, the default limit is no limit at all. +// This affects either encoding or decoding. +func WithByteLimit(n int64) Options { + return jsonopts.ByteLimit(max(n, 0)) +} + +// WithDepthLimit sets a limit on the maximum depth of JSON nesting +// that may be consumed or produced for each top-level JSON value. +// If a [Decoder] or [Encoder] method call would need to consume or produce +// a depth greater than n to make progress on the top-level JSON value, +// then the call will report an error. +// +// A non-positive limit is equivalent to no limit at all. +// If unspecified, the default limit is 10000. +// This affects either encoding or decoding. +func WithDepthLimit(n int) Options { + return jsonopts.DepthLimit(max(n, 0)) +} +*/ diff --git a/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/pools.go b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext/pools.go similarity index 64% rename from vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/pools.go rename to vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext/pools.go index 60e93270fb..cf59d99b92 100644 --- a/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/pools.go +++ b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext/pools.go @@ -2,13 +2,14 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -package json +//go:build !goexperiment.jsonv2 || !go1.25 + +package jsontext import ( "bytes" "io" "math/bits" - "sort" "sync" ) @@ -40,16 +41,16 @@ type bufferStatistics struct { prevLen int // length of previous buffer } -func getBufferedEncoder(o EncodeOptions) *Encoder { +func getBufferedEncoder(opts ...Options) *Encoder { e := bufferedEncoderPool.Get().(*Encoder) - if e.buf == nil { + if e.s.Buf == nil { // Round up to nearest 2ⁿ to make best use of malloc size classes. // See runtime/sizeclasses.go on Go1.15. // Logical OR with 63 to ensure 64 as the minimum buffer size. - n := 1 << bits.Len(uint(e.bufStats.prevLen|63)) - e.buf = make([]byte, 0, n) + n := 1 << bits.Len(uint(e.s.bufStats.prevLen|63)) + e.s.Buf = make([]byte, 0, n) } - e.reset(e.buf[:0], nil, o) + e.s.reset(e.s.Buf[:0], nil, opts...) return e } func putBufferedEncoder(e *Encoder) { @@ -68,37 +69,37 @@ func putBufferedEncoder(e *Encoder) { // // See https://go.dev/issue/27735. switch { - case cap(e.buf) <= 4<<10: // always recycle buffers smaller than 4KiB - e.bufStats.strikes = 0 - case cap(e.buf)/4 <= len(e.buf): // at least 25% utilization - e.bufStats.strikes = 0 - case e.bufStats.strikes < 4: // at most 4 strikes - e.bufStats.strikes++ + case cap(e.s.Buf) <= 4<<10: // always recycle buffers smaller than 4KiB + e.s.bufStats.strikes = 0 + case cap(e.s.Buf)/4 <= len(e.s.Buf): // at least 25% utilization + e.s.bufStats.strikes = 0 + case e.s.bufStats.strikes < 4: // at most 4 strikes + e.s.bufStats.strikes++ default: // discard the buffer; too large and too often under-utilized - e.bufStats.strikes = 0 - e.bufStats.prevLen = len(e.buf) // heuristic for size to allocate next time - e.buf = nil + e.s.bufStats.strikes = 0 + e.s.bufStats.prevLen = len(e.s.Buf) // heuristic for size to allocate next time + e.s.Buf = nil } bufferedEncoderPool.Put(e) } -func getStreamingEncoder(w io.Writer, o EncodeOptions) *Encoder { +func getStreamingEncoder(w io.Writer, opts ...Options) *Encoder { if _, ok := w.(*bytes.Buffer); ok { e := bytesBufferEncoderPool.Get().(*Encoder) - e.reset(nil, w, o) // buffer taken from bytes.Buffer + e.s.reset(nil, w, opts...) // buffer taken from bytes.Buffer return e } else { e := streamingEncoderPool.Get().(*Encoder) - e.reset(e.buf[:0], w, o) // preserve existing buffer + e.s.reset(e.s.Buf[:0], w, opts...) // preserve existing buffer return e } } func putStreamingEncoder(e *Encoder) { - if _, ok := e.wr.(*bytes.Buffer); ok { + if _, ok := e.s.wr.(*bytes.Buffer); ok { bytesBufferEncoderPool.Put(e) } else { - if cap(e.buf) > 64<<10 { - e.buf = nil // avoid pinning arbitrarily large amounts of memory + if cap(e.s.Buf) > 64<<10 { + e.s.Buf = nil // avoid pinning arbitrarily large amounts of memory } streamingEncoderPool.Put(e) } @@ -119,64 +120,33 @@ var ( bytesBufferDecoderPool = bufferedDecoderPool ) -func getBufferedDecoder(b []byte, o DecodeOptions) *Decoder { +func getBufferedDecoder(b []byte, opts ...Options) *Decoder { d := bufferedDecoderPool.Get().(*Decoder) - d.reset(b, nil, o) + d.s.reset(b, nil, opts...) return d } func putBufferedDecoder(d *Decoder) { bufferedDecoderPool.Put(d) } -func getStreamingDecoder(r io.Reader, o DecodeOptions) *Decoder { +func getStreamingDecoder(r io.Reader, opts ...Options) *Decoder { if _, ok := r.(*bytes.Buffer); ok { d := bytesBufferDecoderPool.Get().(*Decoder) - d.reset(nil, r, o) // buffer taken from bytes.Buffer + d.s.reset(nil, r, opts...) // buffer taken from bytes.Buffer return d } else { d := streamingDecoderPool.Get().(*Decoder) - d.reset(d.buf[:0], r, o) // preserve existing buffer + d.s.reset(d.s.buf[:0], r, opts...) // preserve existing buffer return d } } func putStreamingDecoder(d *Decoder) { - if _, ok := d.rd.(*bytes.Buffer); ok { + if _, ok := d.s.rd.(*bytes.Buffer); ok { bytesBufferDecoderPool.Put(d) } else { - if cap(d.buf) > 64<<10 { - d.buf = nil // avoid pinning arbitrarily large amounts of memory + if cap(d.s.buf) > 64<<10 { + d.s.buf = nil // avoid pinning arbitrarily large amounts of memory } streamingDecoderPool.Put(d) } } - -var stringsPools = &sync.Pool{New: func() any { return new(stringSlice) }} - -type stringSlice []string - -// getStrings returns a non-nil pointer to a slice with length n. -func getStrings(n int) *stringSlice { - s := stringsPools.Get().(*stringSlice) - if cap(*s) < n { - *s = make([]string, n) - } - *s = (*s)[:n] - return s -} - -func putStrings(s *stringSlice) { - if cap(*s) > 1<<10 { - *s = nil // avoid pinning arbitrarily large amounts of memory - } - stringsPools.Put(s) -} - -// Sort sorts the string slice according to RFC 8785, section 3.2.3. -func (ss *stringSlice) Sort() { - // TODO(https://go.dev/issue/47619): Use slices.SortFunc instead. - sort.Sort(ss) -} - -func (ss *stringSlice) Len() int { return len(*ss) } -func (ss *stringSlice) Less(i, j int) bool { return lessUTF16((*ss)[i], (*ss)[j]) } -func (ss *stringSlice) Swap(i, j int) { (*ss)[i], (*ss)[j] = (*ss)[j], (*ss)[i] } diff --git a/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext/quote.go b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext/quote.go new file mode 100644 index 0000000000..a4353be3af --- /dev/null +++ b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext/quote.go @@ -0,0 +1,41 @@ +// Copyright 2023 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +//go:build !goexperiment.jsonv2 || !go1.25 + +package jsontext + +import ( + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal/jsonflags" + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal/jsonwire" +) + +// AppendQuote appends a double-quoted JSON string literal representing src +// to dst and returns the extended buffer. +// It uses the minimal string representation per RFC 8785, section 3.2.2.2. +// Invalid UTF-8 bytes are replaced with the Unicode replacement character +// and an error is returned at the end indicating the presence of invalid UTF-8. +// The dst must not overlap with the src. +func AppendQuote[Bytes ~[]byte | ~string](dst []byte, src Bytes) ([]byte, error) { + dst, err := jsonwire.AppendQuote(dst, src, &jsonflags.Flags{}) + if err != nil { + err = &SyntacticError{Err: err} + } + return dst, err +} + +// AppendUnquote appends the decoded interpretation of src as a +// double-quoted JSON string literal to dst and returns the extended buffer. +// The input src must be a JSON string without any surrounding whitespace. +// Invalid UTF-8 bytes are replaced with the Unicode replacement character +// and an error is returned at the end indicating the presence of invalid UTF-8. +// Any trailing bytes after the JSON string literal results in an error. +// The dst must not overlap with the src. +func AppendUnquote[Bytes ~[]byte | ~string](dst []byte, src Bytes) ([]byte, error) { + dst, err := jsonwire.AppendUnquote(dst, src) + if err != nil { + err = &SyntacticError{Err: err} + } + return dst, err +} diff --git a/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/state.go b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext/state.go similarity index 63% rename from vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/state.go rename to vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext/state.go index ee14c753fe..6f1aa8e217 100644 --- a/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/state.go +++ b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext/state.go @@ -2,81 +2,216 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -package json +//go:build !goexperiment.jsonv2 || !go1.25 + +package jsontext import ( + "errors" + "iter" "math" "strconv" + "strings" + "unicode/utf8" + + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal/jsonwire" ) +// ErrDuplicateName indicates that a JSON token could not be +// encoded or decoded because it results in a duplicate JSON object name. +// This error is directly wrapped within a [SyntacticError] when produced. +// +// The name of a duplicate JSON object member can be extracted as: +// +// err := ... +// var serr jsontext.SyntacticError +// if errors.As(err, &serr) && serr.Err == jsontext.ErrDuplicateName { +// ptr := serr.JSONPointer // JSON pointer to duplicate name +// name := ptr.LastToken() // duplicate name itself +// ... +// } +// +// This error is only returned if [AllowDuplicateNames] is false. +var ErrDuplicateName = errors.New("duplicate object member name") + +// ErrNonStringName indicates that a JSON token could not be +// encoded or decoded because it is not a string, +// as required for JSON object names according to RFC 8259, section 4. +// This error is directly wrapped within a [SyntacticError] when produced. +var ErrNonStringName = errors.New("object member name must be a string") + var ( - errMissingName = &SyntacticError{str: "missing string for object name"} - errMissingColon = &SyntacticError{str: "missing character ':' after object name"} - errMissingValue = &SyntacticError{str: "missing value after object name"} - errMissingComma = &SyntacticError{str: "missing character ',' after object or array value"} - errMismatchDelim = &SyntacticError{str: "mismatching structural token for object or array"} + errMissingValue = errors.New("missing value after object name") + errMismatchDelim = errors.New("mismatching structural token for object or array") + errMaxDepth = errors.New("exceeded max depth") + + errInvalidNamespace = errors.New("object namespace is in an invalid state") ) -const errInvalidNamespace = jsonError("object namespace is in an invalid state") +// Per RFC 8259, section 9, implementations may enforce a maximum depth. +// Such a limit is necessary to prevent stack overflows. +const maxNestingDepth = 10000 type state struct { - // tokens validates whether the next token kind is valid. - tokens stateMachine + // Tokens validates whether the next token kind is valid. + Tokens stateMachine - // names is a stack of object names. - // Not used if AllowDuplicateNames is true. - names objectNameStack + // Names is a stack of object names. + Names objectNameStack - // namespaces is a stack of object namespaces. + // Namespaces is a stack of object namespaces. // For performance reasons, Encoder or Decoder may not update this // if Marshal or Unmarshal is able to track names in a more efficient way. // See makeMapArshaler and makeStructArshaler. // Not used if AllowDuplicateNames is true. - namespaces objectNamespaceStack + Namespaces objectNamespaceStack +} + +// needObjectValue reports whether the next token should be an object value. +// This method is used by [wrapSyntacticError]. +func (s *state) needObjectValue() bool { + return s.Tokens.Last.needObjectValue() } func (s *state) reset() { - s.tokens.reset() - s.names.reset() - s.namespaces.reset() + s.Tokens.reset() + s.Names.reset() + s.Namespaces.reset() +} + +// Pointer is a JSON Pointer (RFC 6901) that references a particular JSON value +// relative to the root of the top-level JSON value. +// +// A Pointer is a slash-separated list of tokens, where each token is +// either a JSON object name or an index to a JSON array element +// encoded as a base-10 integer value. +// It is impossible to distinguish between an array index and an object name +// (that happens to be an base-10 encoded integer) without also knowing +// the structure of the top-level JSON value that the pointer refers to. +// +// There is exactly one representation of a pointer to a particular value, +// so comparability of Pointer values is equivalent to checking whether +// they both point to the exact same value. +type Pointer string + +// IsValid reports whether p is a valid JSON Pointer according to RFC 6901. +// Note that the concatenation of two valid pointers produces a valid pointer. +func (p Pointer) IsValid() bool { + for i, r := range p { + switch { + case r == '~' && (i+1 == len(p) || (p[i+1] != '0' && p[i+1] != '1')): + return false // invalid escape + case r == '\ufffd' && !strings.HasPrefix(string(p[i:]), "\ufffd"): + return false // invalid UTF-8 + } + } + return len(p) == 0 || p[0] == '/' +} + +// Contains reports whether the JSON value that p points to +// is equal to or contains the JSON value that pc points to. +func (p Pointer) Contains(pc Pointer) bool { + // Invariant: len(p) <= len(pc) if p.Contains(pc) + suffix, ok := strings.CutPrefix(string(pc), string(p)) + return ok && (suffix == "" || suffix[0] == '/') +} + +// Parent strips off the last token and returns the remaining pointer. +// The parent of an empty p is an empty string. +func (p Pointer) Parent() Pointer { + return p[:max(strings.LastIndexByte(string(p), '/'), 0)] +} + +// LastToken returns the last token in the pointer. +// The last token of an empty p is an empty string. +func (p Pointer) LastToken() string { + last := p[max(strings.LastIndexByte(string(p), '/'), 0):] + return unescapePointerToken(strings.TrimPrefix(string(last), "/")) +} + +// AppendToken appends a token to the end of p and returns the full pointer. +func (p Pointer) AppendToken(tok string) Pointer { + return Pointer(appendEscapePointerName([]byte(p+"/"), tok)) +} + +// TODO: Add Pointer.AppendTokens, +// but should this take in a ...string or an iter.Seq[string]? + +// Tokens returns an iterator over the reference tokens in the JSON pointer, +// starting from the first token until the last token (unless stopped early). +func (p Pointer) Tokens() iter.Seq[string] { + return func(yield func(string) bool) { + for len(p) > 0 { + p = Pointer(strings.TrimPrefix(string(p), "/")) + i := min(uint(strings.IndexByte(string(p), '/')), uint(len(p))) + if !yield(unescapePointerToken(string(p)[:i])) { + return + } + p = p[i:] + } + } +} + +func unescapePointerToken(token string) string { + if strings.Contains(token, "~") { + // Per RFC 6901, section 3, unescape '~' and '/' characters. + token = strings.ReplaceAll(token, "~1", "/") + token = strings.ReplaceAll(token, "~0", "~") + } + return token } // appendStackPointer appends a JSON Pointer (RFC 6901) to the current value. -// The returned pointer is only accurate if s.names is populated, -// otherwise it uses the numeric index as the object member name. +// +// - If where is -1, then it points to the previously processed token. +// +// - If where is 0, then it points to the parent JSON object or array, +// or an object member if in-between an object member key and value. +// This is useful when the position is ambiguous whether +// we are interested in the previous or next token, or +// when we are uncertain whether the next token +// continues or terminates the current object or array. +// +// - If where is +1, then it points to the next expected value, +// assuming that it continues the current JSON object or array. +// As a special case, if the next token is a JSON object name, +// then it points to the parent JSON object. // // Invariant: Must call s.names.copyQuotedBuffer beforehand. -func (s state) appendStackPointer(b []byte) []byte { +func (s state) appendStackPointer(b []byte, where int) []byte { var objectDepth int - for i := 1; i < s.tokens.depth(); i++ { - e := s.tokens.index(i) - if e.length() == 0 { - break // empty object or array + for i := 1; i < s.Tokens.Depth(); i++ { + e := s.Tokens.index(i) + arrayDelta := -1 // by default point to previous array element + if isLast := i == s.Tokens.Depth()-1; isLast { + switch { + case where < 0 && e.Length() == 0 || where == 0 && !e.needObjectValue() || where > 0 && e.NeedObjectName(): + return b + case where > 0 && e.isArray(): + arrayDelta = 0 // point to next array element + } } - b = append(b, '/') switch { case e.isObject(): - if objectDepth < s.names.length() { - for _, c := range s.names.getUnquoted(objectDepth) { - // Per RFC 6901, section 3, escape '~' and '/' characters. - switch c { - case '~': - b = append(b, "~0"...) - case '/': - b = append(b, "~1"...) - default: - b = append(b, c) - } - } - } else { - // Since the names stack is unpopulated, the name is unknown. - // As a best-effort replacement, use the numeric member index. - // While inaccurate, it produces a syntactically valid pointer. - b = strconv.AppendUint(b, uint64((e.length()-1)/2), 10) - } + b = appendEscapePointerName(append(b, '/'), s.Names.getUnquoted(objectDepth)) objectDepth++ case e.isArray(): - b = strconv.AppendUint(b, uint64(e.length()-1), 10) + b = strconv.AppendUint(append(b, '/'), uint64(e.Length()+int64(arrayDelta)), 10) + } + } + return b +} + +func appendEscapePointerName[Bytes ~[]byte | ~string](b []byte, name Bytes) []byte { + for _, r := range string(name) { + // Per RFC 6901, section 3, escape '~' and '/' characters. + switch r { + case '~': + b = append(b, "~0"...) + case '/': + b = append(b, "~1"...) + default: + b = utf8.AppendRune(b, r) } } return b @@ -92,54 +227,54 @@ func (s state) appendStackPointer(b []byte) []byte { // The top-level virtual JSON array is special in that it doesn't require commas // between each JSON value. // -// For performance, most methods are carefully written to be inlineable. +// For performance, most methods are carefully written to be inlinable. // The zero value is a valid state machine ready for use. type stateMachine struct { - stack []stateEntry - last stateEntry + Stack []stateEntry + Last stateEntry } // reset resets the state machine. // The machine always starts with a minimum depth of 1. func (m *stateMachine) reset() { - m.stack = m.stack[:0] - if cap(m.stack) > 1<<10 { - m.stack = nil + m.Stack = m.Stack[:0] + if cap(m.Stack) > 1<<10 { + m.Stack = nil } - m.last = stateTypeArray + m.Last = stateTypeArray } -// depth is the current nested depth of JSON objects and arrays. +// Depth is the current nested depth of JSON objects and arrays. // It is one-indexed (i.e., top-level values have a depth of 1). -func (m stateMachine) depth() int { - return len(m.stack) + 1 +func (m stateMachine) Depth() int { + return len(m.Stack) + 1 } // index returns a reference to the ith entry. // It is only valid until the next push method call. func (m *stateMachine) index(i int) *stateEntry { - if i == len(m.stack) { - return &m.last + if i == len(m.Stack) { + return &m.Last } - return &m.stack[i] + return &m.Stack[i] } -// depthLength reports the current nested depth and +// DepthLength reports the current nested depth and // the length of the last JSON object or array. -func (m stateMachine) depthLength() (int, int) { - return m.depth(), m.last.length() +func (m stateMachine) DepthLength() (int, int64) { + return m.Depth(), m.Last.Length() } // appendLiteral appends a JSON literal as the next token in the sequence. // If an error is returned, the state is not mutated. func (m *stateMachine) appendLiteral() error { switch { - case m.last.needObjectName(): - return errMissingName - case !m.last.isValidNamespace(): + case m.Last.NeedObjectName(): + return ErrNonStringName + case !m.Last.isValidNamespace(): return errInvalidNamespace default: - m.last.increment() + m.Last.Increment() return nil } } @@ -148,10 +283,10 @@ func (m *stateMachine) appendLiteral() error { // If an error is returned, the state is not mutated. func (m *stateMachine) appendString() error { switch { - case !m.last.isValidNamespace(): + case !m.Last.isValidNamespace(): return errInvalidNamespace default: - m.last.increment() + m.Last.Increment() return nil } } @@ -162,18 +297,20 @@ func (m *stateMachine) appendNumber() error { return m.appendLiteral() } -// pushObject appends a JSON start object token as next in the sequence. +// pushObject appends a JSON begin object token as next in the sequence. // If an error is returned, the state is not mutated. func (m *stateMachine) pushObject() error { switch { - case m.last.needObjectName(): - return errMissingName - case !m.last.isValidNamespace(): + case m.Last.NeedObjectName(): + return ErrNonStringName + case !m.Last.isValidNamespace(): return errInvalidNamespace + case len(m.Stack) == maxNestingDepth: + return errMaxDepth default: - m.last.increment() - m.stack = append(m.stack, m.last) - m.last = stateTypeObject + m.Last.Increment() + m.Stack = append(m.Stack, m.Last) + m.Last = stateTypeObject return nil } } @@ -182,31 +319,33 @@ func (m *stateMachine) pushObject() error { // If an error is returned, the state is not mutated. func (m *stateMachine) popObject() error { switch { - case !m.last.isObject(): + case !m.Last.isObject(): return errMismatchDelim - case m.last.needObjectValue(): + case m.Last.needObjectValue(): return errMissingValue - case !m.last.isValidNamespace(): + case !m.Last.isValidNamespace(): return errInvalidNamespace default: - m.last = m.stack[len(m.stack)-1] - m.stack = m.stack[:len(m.stack)-1] + m.Last = m.Stack[len(m.Stack)-1] + m.Stack = m.Stack[:len(m.Stack)-1] return nil } } -// pushArray appends a JSON start array token as next in the sequence. +// pushArray appends a JSON begin array token as next in the sequence. // If an error is returned, the state is not mutated. func (m *stateMachine) pushArray() error { switch { - case m.last.needObjectName(): - return errMissingName - case !m.last.isValidNamespace(): + case m.Last.NeedObjectName(): + return ErrNonStringName + case !m.Last.isValidNamespace(): return errInvalidNamespace + case len(m.Stack) == maxNestingDepth: + return errMaxDepth default: - m.last.increment() - m.stack = append(m.stack, m.last) - m.last = stateTypeArray + m.Last.Increment() + m.Stack = append(m.Stack, m.Last) + m.Last = stateTypeArray return nil } } @@ -215,43 +354,43 @@ func (m *stateMachine) pushArray() error { // If an error is returned, the state is not mutated. func (m *stateMachine) popArray() error { switch { - case !m.last.isArray() || len(m.stack) == 0: // forbid popping top-level virtual JSON array + case !m.Last.isArray() || len(m.Stack) == 0: // forbid popping top-level virtual JSON array return errMismatchDelim - case !m.last.isValidNamespace(): + case !m.Last.isValidNamespace(): return errInvalidNamespace default: - m.last = m.stack[len(m.stack)-1] - m.stack = m.stack[:len(m.stack)-1] + m.Last = m.Stack[len(m.Stack)-1] + m.Stack = m.Stack[:len(m.Stack)-1] return nil } } -// needIndent reports whether indent whitespace should be injected. +// NeedIndent reports whether indent whitespace should be injected. // A zero value means that no whitespace should be injected. // A positive value means '\n', indentPrefix, and (n-1) copies of indentBody // should be appended to the output immediately before the next token. -func (m stateMachine) needIndent(next Kind) (n int) { +func (m stateMachine) NeedIndent(next Kind) (n int) { willEnd := next == '}' || next == ']' switch { - case m.depth() == 1: + case m.Depth() == 1: return 0 // top-level values are never indented - case m.last.length() == 0 && willEnd: + case m.Last.Length() == 0 && willEnd: return 0 // an empty object or array is never indented - case m.last.length() == 0 || m.last.needImplicitComma(next): - return m.depth() + case m.Last.Length() == 0 || m.Last.needImplicitComma(next): + return m.Depth() case willEnd: - return m.depth() - 1 + return m.Depth() - 1 default: return 0 } } -// mayAppendDelim appends a colon or comma that may precede the next token. -func (m stateMachine) mayAppendDelim(b []byte, next Kind) []byte { +// MayAppendDelim appends a colon or comma that may precede the next token. +func (m stateMachine) MayAppendDelim(b []byte, next Kind) []byte { switch { - case m.last.needImplicitColon(): + case m.Last.needImplicitColon(): return append(b, ':') - case m.last.needImplicitComma(next) && len(m.stack) != 0: // comma not needed for top-level values + case m.Last.needImplicitComma(next) && len(m.Stack) != 0: // comma not needed for top-level values return append(b, ',') default: return b @@ -263,39 +402,24 @@ func (m stateMachine) mayAppendDelim(b []byte, next Kind) []byte { // A zero value means no delimiter should be emitted. func (m stateMachine) needDelim(next Kind) (delim byte) { switch { - case m.last.needImplicitColon(): + case m.Last.needImplicitColon(): return ':' - case m.last.needImplicitComma(next) && len(m.stack) != 0: // comma not needed for top-level values + case m.Last.needImplicitComma(next) && len(m.Stack) != 0: // comma not needed for top-level values return ',' default: return 0 } } -// checkDelim reports whether the specified delimiter should be there given -// the kind of the next token that appears immediately afterwards. -func (m stateMachine) checkDelim(delim byte, next Kind) error { - switch needDelim := m.needDelim(next); { - case needDelim == delim: - return nil - case needDelim == ':': - return errMissingColon - case needDelim == ',': - return errMissingComma - default: - return newInvalidCharacterError([]byte{delim}, "before next token") - } -} - -// invalidateDisabledNamespaces marks all disabled namespaces as invalid. +// InvalidateDisabledNamespaces marks all disabled namespaces as invalid. // // For efficiency, Marshal and Unmarshal may disable namespaces since there are // more efficient ways to track duplicate names. However, if an error occurs, // the namespaces in Encoder or Decoder will be left in an inconsistent state. // Mark the namespaces as invalid so that future method calls on // Encoder or Decoder will return an error. -func (m *stateMachine) invalidateDisabledNamespaces() { - for i := 0; i < m.depth(); i++ { +func (m *stateMachine) InvalidateDisabledNamespaces() { + for i := range m.Depth() { e := m.index(i) if !e.isActiveNamespace() { e.invalidateNamespace() @@ -329,10 +453,10 @@ const ( stateCountEven stateEntry = 0x0000_0000_0000_0000 ) -// length reports the number of elements in the JSON object or array. +// Length reports the number of elements in the JSON object or array. // Each name and value in an object entry is treated as a separate element. -func (e stateEntry) length() int { - return int(e & stateCountMask) +func (e stateEntry) Length() int64 { + return int64(e & stateCountMask) } // isObject reports whether this is a JSON object. @@ -345,9 +469,9 @@ func (e stateEntry) isArray() bool { return e&stateTypeMask == stateTypeArray } -// needObjectName reports whether the next token must be a JSON string, +// NeedObjectName reports whether the next token must be a JSON string, // which is necessary for JSON object names. -func (e stateEntry) needObjectName() bool { +func (e stateEntry) NeedObjectName() bool { return e&(stateTypeMask|stateCountLSBMask) == stateTypeObject|stateCountEven } @@ -367,13 +491,13 @@ func (e stateEntry) needObjectValue() bool { // which always occurs after a value in a JSON object or array // before the next value (or name). func (e stateEntry) needImplicitComma(next Kind) bool { - return !e.needObjectValue() && e.length() > 0 && next != '}' && next != ']' + return !e.needObjectValue() && e.Length() > 0 && next != '}' && next != ']' } -// increment increments the number of elements for the current object or array. +// Increment increments the number of elements for the current object or array. // This assumes that overflow won't practically be an issue since // 1< 0 { startOffset = ns.offsets[i-1] } - if n := consumeSimpleString(quotedName); n > 0 { + if n := jsonwire.ConsumeSimpleString(quotedName); n > 0 { ns.unquotedNames = append(ns.unquotedNames[:startOffset], quotedName[len(`"`):n-len(`"`)]...) } else { - ns.unquotedNames, _ = unescapeString(ns.unquotedNames[:startOffset], quotedName) + ns.unquotedNames, _ = jsonwire.AppendUnquote(ns.unquotedNames[:startOffset], quotedName) } ns.offsets[i] = len(ns.unquotedNames) } @@ -565,14 +689,14 @@ func (nss *objectNamespaceStack) reset() { func (nss *objectNamespaceStack) push() { if cap(*nss) > len(*nss) { *nss = (*nss)[:len(*nss)+1] - nss.last().reset() + nss.Last().reset() } else { *nss = append(*nss, objectNamespace{}) } } -// last returns a pointer to the last JSON object namespace. -func (nss objectNamespaceStack) last() *objectNamespace { +// Last returns a pointer to the last JSON object namespace. +func (nss objectNamespaceStack) Last() *objectNamespace { return &nss[len(nss)-1] } @@ -641,13 +765,13 @@ func (ns *objectNamespace) insertQuoted(name []byte, isVerbatim bool) bool { } return ns.insert(name, !isVerbatim) } -func (ns *objectNamespace) insertUnquoted(name []byte) bool { +func (ns *objectNamespace) InsertUnquoted(name []byte) bool { return ns.insert(name, false) } func (ns *objectNamespace) insert(name []byte, quoted bool) bool { var allNames []byte if quoted { - allNames, _ = unescapeString(ns.allUnquotedNames, name) + allNames, _ = jsonwire.AppendUnquote(ns.allUnquotedNames, name) } else { allNames = append(ns.allUnquotedNames, name...) } @@ -702,46 +826,3 @@ func (ns *objectNamespace) removeLast() { ns.allUnquotedNames = ns.allUnquotedNames[:ns.endOffsets[ns.length()-1]] } } - -type uintSet64 uint64 - -func (s uintSet64) has(i uint) bool { return s&(1< 0 } -func (s *uintSet64) set(i uint) { *s |= 1 << i } - -// uintSet is a set of unsigned integers. -// It is optimized for most integers being close to zero. -type uintSet struct { - lo uintSet64 - hi []uintSet64 -} - -// has reports whether i is in the set. -func (s *uintSet) has(i uint) bool { - if i < 64 { - return s.lo.has(i) - } else { - i -= 64 - iHi, iLo := int(i/64), i%64 - return iHi < len(s.hi) && s.hi[iHi].has(iLo) - } -} - -// insert inserts i into the set and reports whether it was the first insertion. -func (s *uintSet) insert(i uint) bool { - // TODO: Make this inlineable at least for the lower 64-bit case. - if i < 64 { - has := s.lo.has(i) - s.lo.set(i) - return !has - } else { - i -= 64 - iHi, iLo := int(i/64), i%64 - if iHi >= len(s.hi) { - s.hi = append(s.hi, make([]uintSet64, iHi+1-len(s.hi))...) - s.hi = s.hi[:cap(s.hi)] - } - has := s.hi[iHi].has(iLo) - s.hi[iHi].set(iLo) - return !has - } -} diff --git a/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/token.go b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext/token.go similarity index 87% rename from vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/token.go rename to vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext/token.go index 9acba7dadf..3e87c91402 100644 --- a/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/token.go +++ b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext/token.go @@ -2,11 +2,18 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -package json +//go:build !goexperiment.jsonv2 || !go1.25 + +package jsontext import ( + "bytes" + "errors" "math" "strconv" + + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal/jsonflags" + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal/jsonwire" ) // NOTE: Token is analogous to v1 json.Token. @@ -17,17 +24,19 @@ const ( maxUint64 = math.MaxUint64 minUint64 = 0 // for consistency and readability purposes - invalidTokenPanic = "invalid json.Token; it has been voided by a subsequent json.Decoder call" + invalidTokenPanic = "invalid jsontext.Token; it has been voided by a subsequent json.Decoder call" ) +var errInvalidToken = errors.New("invalid jsontext.Token") + // Token represents a lexical JSON token, which may be one of the following: // - a JSON literal (i.e., null, true, or false) // - a JSON string (e.g., "hello, world!") // - a JSON number (e.g., 123.456) -// - a start or end delimiter for a JSON object (i.e., { or } ) -// - a start or end delimiter for a JSON array (i.e., [ or ] ) +// - a begin or end delimiter for a JSON object (i.e., { or } ) +// - a begin or end delimiter for a JSON array (i.e., [ or ] ) // -// A Token cannot represent entire array or object values, while a RawValue can. +// A Token cannot represent entire array or object values, while a [Value] can. // There is no Token to represent commas and colons since // these structural tokens can be inferred from the surrounding context. type Token struct { @@ -87,10 +96,10 @@ var ( False Token = rawToken("false") True Token = rawToken("true") - ObjectStart Token = rawToken("{") - ObjectEnd Token = rawToken("}") - ArrayStart Token = rawToken("[") - ArrayEnd Token = rawToken("]") + BeginObject Token = rawToken("{") + EndObject Token = rawToken("}") + BeginArray Token = rawToken("[") + EndArray Token = rawToken("]") zeroString Token = rawToken(`""`) zeroNumber Token = rawToken(`0`) @@ -156,7 +165,7 @@ func Uint(n uint64) Token { } // Clone makes a copy of the Token such that its value remains valid -// even after a subsequent Decoder.Read call. +// even after a subsequent [Decoder.Read] call. func (t Token) Clone() Token { // TODO: Allow caller to avoid any allocations? if raw := t.raw; raw != nil { @@ -169,22 +178,21 @@ func (t Token) Clone() Token { return False case True.raw: return True - case ObjectStart.raw: - return ObjectStart - case ObjectEnd.raw: - return ObjectEnd - case ArrayStart.raw: - return ArrayStart - case ArrayEnd.raw: - return ArrayEnd + case BeginObject.raw: + return BeginObject + case EndObject.raw: + return EndObject + case BeginArray.raw: + return BeginArray + case EndArray.raw: + return EndArray } } if uint64(raw.previousOffsetStart()) != t.num { panic(invalidTokenPanic) } - // TODO(https://go.dev/issue/45038): Use bytes.Clone. - buf := append([]byte(nil), raw.previousBuffer()...) + buf := bytes.Clone(raw.previousBuffer()) return Token{raw: &decodeBuffer{buf: buf, prevStart: 0, prevEnd: len(buf)}} } return t @@ -205,20 +213,20 @@ func (t Token) Bool() bool { // appendString appends a JSON string to dst and returns it. // It panics if t is not a JSON string. -func (t Token) appendString(dst []byte, validateUTF8, preserveRaw bool, escapeRune func(rune) bool) ([]byte, error) { +func (t Token) appendString(dst []byte, flags *jsonflags.Flags) ([]byte, error) { if raw := t.raw; raw != nil { // Handle raw string value. buf := raw.previousBuffer() if Kind(buf[0]) == '"' { - if escapeRune == nil && consumeSimpleString(buf) == len(buf) { + if jsonwire.ConsumeSimpleString(buf) == len(buf) { return append(dst, buf...), nil } - dst, _, err := reformatString(dst, buf, validateUTF8, preserveRaw, escapeRune) + dst, _, err := jsonwire.ReformatString(dst, buf, flags) return dst, err } } else if len(t.str) != 0 && t.num == 0 { // Handle exact string value. - return appendString(dst, t.str, validateUTF8, escapeRune) + return jsonwire.AppendQuote(dst, t.str, flags) } panic("invalid JSON token kind: " + t.Kind().String()) @@ -244,9 +252,9 @@ func (t Token) string() (string, []byte) { } buf := raw.previousBuffer() if buf[0] == '"' { - // TODO: Preserve valueFlags in Token? - isVerbatim := consumeSimpleString(buf) == len(buf) - return "", unescapeStringMayCopy(buf, isVerbatim) + // TODO: Preserve ValueFlags in Token? + isVerbatim := jsonwire.ConsumeSimpleString(buf) == len(buf) + return "", jsonwire.UnquoteMayCopy(buf, isVerbatim) } // Handle tokens that are not JSON strings for fmt.Stringer. return "", buf @@ -258,34 +266,31 @@ func (t Token) string() (string, []byte) { if t.num > 0 { switch t.str[0] { case 'f': - return string(appendNumber(nil, math.Float64frombits(t.num), 64)), nil + return string(jsonwire.AppendFloat(nil, math.Float64frombits(t.num), 64)), nil case 'i': return strconv.FormatInt(int64(t.num), 10), nil case 'u': return strconv.FormatUint(uint64(t.num), 10), nil } } - return "", nil + return "", nil } // appendNumber appends a JSON number to dst and returns it. // It panics if t is not a JSON number. -func (t Token) appendNumber(dst []byte, canonicalize bool) ([]byte, error) { +func (t Token) appendNumber(dst []byte, flags *jsonflags.Flags) ([]byte, error) { if raw := t.raw; raw != nil { // Handle raw number value. buf := raw.previousBuffer() if Kind(buf[0]).normalize() == '0' { - if !canonicalize { - return append(dst, buf...), nil - } - dst, _, err := reformatNumber(dst, buf, canonicalize) + dst, _, err := jsonwire.ReformatNumber(dst, buf, flags) return dst, err } } else if t.num != 0 { // Handle exact number value. switch t.str[0] { case 'f': - return appendNumber(dst, math.Float64frombits(t.num), 64), nil + return jsonwire.AppendFloat(dst, math.Float64frombits(t.num), 64), nil case 'i': return strconv.AppendInt(dst, int64(t.num), 10), nil case 'u': @@ -308,7 +313,7 @@ func (t Token) Float() float64 { } buf := raw.previousBuffer() if Kind(buf[0]).normalize() == '0' { - fv, _ := parseFloat(buf, 64) + fv, _ := jsonwire.ParseFloat(buf, 64) return fv } } else if t.num != 0 { @@ -354,7 +359,7 @@ func (t Token) Int() int64 { if len(buf) > 0 && buf[0] == '-' { neg, buf = true, buf[1:] } - if numAbs, ok := parseDecUint(buf); ok { + if numAbs, ok := jsonwire.ParseUint(buf); ok { if neg { if numAbs > -minInt64 { return minInt64 @@ -415,7 +420,7 @@ func (t Token) Uint() uint64 { if len(buf) > 0 && buf[0] == '-' { neg, buf = true, buf[1:] } - if num, ok := parseDecUint(buf); ok { + if num, ok := jsonwire.ParseUint(buf); ok { if neg { return minUint64 } @@ -476,9 +481,9 @@ func (t Token) Kind() Kind { // - 't': true // - '"': string // - '0': number -// - '{': object start +// - '{': object begin // - '}': object end -// - '[': array start +// - '[': array begin // - ']': array end // // An invalid kind is usually represented using 0, @@ -509,7 +514,7 @@ func (k Kind) String() string { case ']': return "]" default: - return "" + return "" } } diff --git a/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext/value.go b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext/value.go new file mode 100644 index 0000000000..f29f323561 --- /dev/null +++ b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext/value.go @@ -0,0 +1,395 @@ +// Copyright 2020 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +//go:build !goexperiment.jsonv2 || !go1.25 + +package jsontext + +import ( + "bytes" + "errors" + "io" + "slices" + "sync" + + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal/jsonflags" + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal/jsonwire" +) + +// NOTE: Value is analogous to v1 json.RawMessage. + +// AppendFormat formats the JSON value in src and appends it to dst +// according to the specified options. +// See [Value.Format] for more details about the formatting behavior. +// +// The dst and src may overlap. +// If an error is reported, then the entirety of src is appended to dst. +func AppendFormat(dst, src []byte, opts ...Options) ([]byte, error) { + e := getBufferedEncoder(opts...) + defer putBufferedEncoder(e) + e.s.Flags.Set(jsonflags.OmitTopLevelNewline | 1) + if err := e.s.WriteValue(src); err != nil { + return append(dst, src...), err + } + return append(dst, e.s.Buf...), nil +} + +// Value represents a single raw JSON value, which may be one of the following: +// - a JSON literal (i.e., null, true, or false) +// - a JSON string (e.g., "hello, world!") +// - a JSON number (e.g., 123.456) +// - an entire JSON object (e.g., {"fizz":"buzz"} ) +// - an entire JSON array (e.g., [1,2,3] ) +// +// Value can represent entire array or object values, while [Token] cannot. +// Value may contain leading and/or trailing whitespace. +type Value []byte + +// Clone returns a copy of v. +func (v Value) Clone() Value { + return bytes.Clone(v) +} + +// String returns the string formatting of v. +func (v Value) String() string { + if v == nil { + return "null" + } + return string(v) +} + +// IsValid reports whether the raw JSON value is syntactically valid +// according to the specified options. +// +// By default (if no options are specified), it validates according to RFC 7493. +// It verifies whether the input is properly encoded as UTF-8, +// that escape sequences within strings decode to valid Unicode codepoints, and +// that all names in each object are unique. +// It does not verify whether numbers are representable within the limits +// of any common numeric type (e.g., float64, int64, or uint64). +// +// Relevant options include: +// - [AllowDuplicateNames] +// - [AllowInvalidUTF8] +// +// All other options are ignored. +func (v Value) IsValid(opts ...Options) bool { + // TODO: Document support for [WithByteLimit] and [WithDepthLimit]. + d := getBufferedDecoder(v, opts...) + defer putBufferedDecoder(d) + _, errVal := d.ReadValue() + _, errEOF := d.ReadToken() + return errVal == nil && errEOF == io.EOF +} + +// Format formats the raw JSON value in place. +// +// By default (if no options are specified), it validates according to RFC 7493 +// and produces the minimal JSON representation, where +// all whitespace is elided and JSON strings use the shortest encoding. +// +// Relevant options include: +// - [AllowDuplicateNames] +// - [AllowInvalidUTF8] +// - [EscapeForHTML] +// - [EscapeForJS] +// - [PreserveRawStrings] +// - [CanonicalizeRawInts] +// - [CanonicalizeRawFloats] +// - [ReorderRawObjects] +// - [SpaceAfterColon] +// - [SpaceAfterComma] +// - [Multiline] +// - [WithIndent] +// - [WithIndentPrefix] +// +// All other options are ignored. +// +// It is guaranteed to succeed if the value is valid according to the same options. +// If the value is already formatted, then the buffer is not mutated. +func (v *Value) Format(opts ...Options) error { + // TODO: Document support for [WithByteLimit] and [WithDepthLimit]. + return v.format(opts, nil) +} + +// format accepts two []Options to avoid the allocation appending them together. +// It is equivalent to v.Format(append(opts1, opts2...)...). +func (v *Value) format(opts1, opts2 []Options) error { + e := getBufferedEncoder(opts1...) + defer putBufferedEncoder(e) + e.s.Join(opts2...) + e.s.Flags.Set(jsonflags.OmitTopLevelNewline | 1) + if err := e.s.WriteValue(*v); err != nil { + return err + } + if !bytes.Equal(*v, e.s.Buf) { + *v = append((*v)[:0], e.s.Buf...) + } + return nil +} + +// Compact removes all whitespace from the raw JSON value. +// +// It does not reformat JSON strings or numbers to use any other representation. +// To maximize the set of JSON values that can be formatted, +// this permits values with duplicate names and invalid UTF-8. +// +// Compact is equivalent to calling [Value.Format] with the following options: +// - [AllowDuplicateNames](true) +// - [AllowInvalidUTF8](true) +// - [PreserveRawStrings](true) +// +// Any options specified by the caller are applied after the initial set +// and may deliberately override prior options. +func (v *Value) Compact(opts ...Options) error { + return v.format([]Options{ + AllowDuplicateNames(true), + AllowInvalidUTF8(true), + PreserveRawStrings(true), + }, opts) +} + +// Indent reformats the whitespace in the raw JSON value so that each element +// in a JSON object or array begins on a indented line according to the nesting. +// +// It does not reformat JSON strings or numbers to use any other representation. +// To maximize the set of JSON values that can be formatted, +// this permits values with duplicate names and invalid UTF-8. +// +// Indent is equivalent to calling [Value.Format] with the following options: +// - [AllowDuplicateNames](true) +// - [AllowInvalidUTF8](true) +// - [PreserveRawStrings](true) +// - [Multiline](true) +// +// Any options specified by the caller are applied after the initial set +// and may deliberately override prior options. +func (v *Value) Indent(opts ...Options) error { + return v.format([]Options{ + AllowDuplicateNames(true), + AllowInvalidUTF8(true), + PreserveRawStrings(true), + Multiline(true), + }, opts) +} + +// Canonicalize canonicalizes the raw JSON value according to the +// JSON Canonicalization Scheme (JCS) as defined by RFC 8785 +// where it produces a stable representation of a JSON value. +// +// JSON strings are formatted to use their minimal representation, +// JSON numbers are formatted as double precision numbers according +// to some stable serialization algorithm. +// JSON object members are sorted in ascending order by name. +// All whitespace is removed. +// +// The output stability is dependent on the stability of the application data +// (see RFC 8785, Appendix E). It cannot produce stable output from +// fundamentally unstable input. For example, if the JSON value +// contains ephemeral data (e.g., a frequently changing timestamp), +// then the value is still unstable regardless of whether this is called. +// +// Canonicalize is equivalent to calling [Value.Format] with the following options: +// - [CanonicalizeRawInts](true) +// - [CanonicalizeRawFloats](true) +// - [ReorderRawObjects](true) +// +// Any options specified by the caller are applied after the initial set +// and may deliberately override prior options. +// +// Note that JCS treats all JSON numbers as IEEE 754 double precision numbers. +// Any numbers with precision beyond what is representable by that form +// will lose their precision when canonicalized. For example, integer values +// beyond ±2⁵³ will lose their precision. To preserve the original representation +// of JSON integers, additionally set [CanonicalizeRawInts] to false: +// +// v.Canonicalize(jsontext.CanonicalizeRawInts(false)) +func (v *Value) Canonicalize(opts ...Options) error { + return v.format([]Options{ + CanonicalizeRawInts(true), + CanonicalizeRawFloats(true), + ReorderRawObjects(true), + }, opts) +} + +// MarshalJSON returns v as the JSON encoding of v. +// It returns the stored value as the raw JSON output without any validation. +// If v is nil, then this returns a JSON null. +func (v Value) MarshalJSON() ([]byte, error) { + // NOTE: This matches the behavior of v1 json.RawMessage.MarshalJSON. + if v == nil { + return []byte("null"), nil + } + return v, nil +} + +// UnmarshalJSON sets v as the JSON encoding of b. +// It stores a copy of the provided raw JSON input without any validation. +func (v *Value) UnmarshalJSON(b []byte) error { + // NOTE: This matches the behavior of v1 json.RawMessage.UnmarshalJSON. + if v == nil { + return errors.New("jsontext.Value: UnmarshalJSON on nil pointer") + } + *v = append((*v)[:0], b...) + return nil +} + +// Kind returns the starting token kind. +// For a valid value, this will never include '}' or ']'. +func (v Value) Kind() Kind { + if v := v[jsonwire.ConsumeWhitespace(v):]; len(v) > 0 { + return Kind(v[0]).normalize() + } + return invalidKind +} + +const commaAndWhitespace = ", \n\r\t" + +type objectMember struct { + // name is the unquoted name. + name []byte // e.g., "name" + // buffer is the entirety of the raw JSON object member + // starting from right after the previous member (or opening '{') + // until right after the member value. + buffer []byte // e.g., `, \n\r\t"name": "value"` +} + +func (x objectMember) Compare(y objectMember) int { + if c := jsonwire.CompareUTF16(x.name, y.name); c != 0 { + return c + } + // With [AllowDuplicateNames] or [AllowInvalidUTF8], + // names could be identical, so also sort using the member value. + return jsonwire.CompareUTF16( + bytes.TrimLeft(x.buffer, commaAndWhitespace), + bytes.TrimLeft(y.buffer, commaAndWhitespace)) +} + +var objectMemberPool = sync.Pool{New: func() any { return new([]objectMember) }} + +func getObjectMembers() *[]objectMember { + ns := objectMemberPool.Get().(*[]objectMember) + *ns = (*ns)[:0] + return ns +} +func putObjectMembers(ns *[]objectMember) { + if cap(*ns) < 1<<10 { + clear(*ns) // avoid pinning name and buffer + objectMemberPool.Put(ns) + } +} + +// mustReorderObjects reorders in-place all object members in a JSON value, +// which must be valid otherwise it panics. +func mustReorderObjects(b []byte) { + // Obtain a buffered encoder just to use its internal buffer as + // a scratch buffer for reordering object members. + e2 := getBufferedEncoder() + defer putBufferedEncoder(e2) + + // Disable unnecessary checks to syntactically parse the JSON value. + d := getBufferedDecoder(b) + defer putBufferedDecoder(d) + d.s.Flags.Set(jsonflags.AllowDuplicateNames | jsonflags.AllowInvalidUTF8 | 1) + mustReorderObjectsFromDecoder(d, &e2.s.Buf) // per RFC 8785, section 3.2.3 +} + +// mustReorderObjectsFromDecoder recursively reorders all object members in place +// according to the ordering specified in RFC 8785, section 3.2.3. +// +// Pre-conditions: +// - The value is valid (i.e., no decoder errors should ever occur). +// - Initial call is provided a Decoder reading from the start of v. +// +// Post-conditions: +// - Exactly one JSON value is read from the Decoder. +// - All fully-parsed JSON objects are reordered by directly moving +// the members in the value buffer. +// +// The runtime is approximately O(n·log(n)) + O(m·log(m)), +// where n is len(v) and m is the total number of object members. +func mustReorderObjectsFromDecoder(d *Decoder, scratch *[]byte) { + switch tok, err := d.ReadToken(); tok.Kind() { + case '{': + // Iterate and collect the name and offsets for every object member. + members := getObjectMembers() + defer putObjectMembers(members) + var prevMember objectMember + isSorted := true + + beforeBody := d.InputOffset() // offset after '{' + for d.PeekKind() != '}' { + beforeName := d.InputOffset() + var flags jsonwire.ValueFlags + name, _ := d.s.ReadValue(&flags) + name = jsonwire.UnquoteMayCopy(name, flags.IsVerbatim()) + mustReorderObjectsFromDecoder(d, scratch) + afterValue := d.InputOffset() + + currMember := objectMember{name, d.s.buf[beforeName:afterValue]} + if isSorted && len(*members) > 0 { + isSorted = objectMember.Compare(prevMember, currMember) < 0 + } + *members = append(*members, currMember) + prevMember = currMember + } + afterBody := d.InputOffset() // offset before '}' + d.ReadToken() + + // Sort the members; return early if it's already sorted. + if isSorted { + return + } + firstBufferBeforeSorting := (*members)[0].buffer + slices.SortFunc(*members, objectMember.Compare) + firstBufferAfterSorting := (*members)[0].buffer + + // Append the reordered members to a new buffer, + // then copy the reordered members back over the original members. + // Avoid swapping in place since each member may be a different size + // where moving a member over a smaller member may corrupt the data + // for subsequent members before they have been moved. + // + // The following invariant must hold: + // sum([m.after-m.before for m in members]) == afterBody-beforeBody + commaAndWhitespacePrefix := func(b []byte) []byte { + return b[:len(b)-len(bytes.TrimLeft(b, commaAndWhitespace))] + } + sorted := (*scratch)[:0] + for i, member := range *members { + switch { + case i == 0 && &member.buffer[0] != &firstBufferBeforeSorting[0]: + // First member after sorting is not the first member before sorting, + // so use the prefix of the first member before sorting. + sorted = append(sorted, commaAndWhitespacePrefix(firstBufferBeforeSorting)...) + sorted = append(sorted, bytes.TrimLeft(member.buffer, commaAndWhitespace)...) + case i != 0 && &member.buffer[0] == &firstBufferBeforeSorting[0]: + // Later member after sorting is the first member before sorting, + // so use the prefix of the first member after sorting. + sorted = append(sorted, commaAndWhitespacePrefix(firstBufferAfterSorting)...) + sorted = append(sorted, bytes.TrimLeft(member.buffer, commaAndWhitespace)...) + default: + sorted = append(sorted, member.buffer...) + } + } + if int(afterBody-beforeBody) != len(sorted) { + panic("BUG: length invariant violated") + } + copy(d.s.buf[beforeBody:afterBody], sorted) + + // Update scratch buffer to the largest amount ever used. + if len(sorted) > len(*scratch) { + *scratch = sorted + } + case '[': + for d.PeekKind() != ']' { + mustReorderObjectsFromDecoder(d, scratch) + } + d.ReadToken() + default: + if err != nil { + panic("BUG: " + err.Error()) + } + } +} diff --git a/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/migrate.sh b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/migrate.sh new file mode 100644 index 0000000000..9c34f26eb9 --- /dev/null +++ b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/migrate.sh @@ -0,0 +1,48 @@ +#!/usr/bin/env bash + +GOROOT=${1:-../go} +JSONROOT="." + +cp $JSONROOT/alias_gen.go $JSONROOT/alias_gen.go.bak +rm -r $JSONROOT/*.go $JSONROOT/internal $JSONROOT/jsontext $JSONROOT/v1 +mv $JSONROOT/alias_gen.go.bak $JSONROOT/alias_gen.go +cp -r $GOROOT/src/encoding/json/v2/*.go $JSONROOT/ +cp -r $GOROOT/src/encoding/json/internal/ $JSONROOT/internal/ +cp -r $GOROOT/src/encoding/json/jsontext/ $JSONROOT/jsontext/ +mkdir $JSONROOT/v1 +for X in $GOROOT/src/encoding/json/v2_*.go; do + cp $X $JSONROOT/v1/$(basename $X | sed "s/v2_//") +done +cd $JSONROOT +for X in $(git ls-files --cached --others --exclude-standard | grep ".*[.]go$"); do + if [ ! -e "$X" ]; then + continue + fi + sed -i 's/go:build goexperiment.jsonv2$/go:build !goexperiment.jsonv2 || !go1.25/' $X + sed -i 's|"encoding/json/v2"|"github.com/go-json-experiment/json"|' $X + sed -i 's|"encoding/json/internal"|"github.com/go-json-experiment/json/internal"|' $X + sed -i 's|"encoding/json/internal/jsonflags"|"github.com/go-json-experiment/json/internal/jsonflags"|' $X + sed -i 's|"encoding/json/internal/jsonopts"|"github.com/go-json-experiment/json/internal/jsonopts"|' $X + sed -i 's|"encoding/json/internal/jsontest"|"github.com/go-json-experiment/json/internal/jsontest"|' $X + sed -i 's|"encoding/json/internal/jsonwire"|"github.com/go-json-experiment/json/internal/jsonwire"|' $X + sed -i 's|"encoding/json/jsontext"|"github.com/go-json-experiment/json/jsontext"|' $X + sed -i 's|"encoding/json"|"github.com/go-json-experiment/json/v1"|' $X + sed -i 's|"internal/zstd"|"github.com/go-json-experiment/json/internal/zstd"|' $X + goimports -w $X +done +sed -i 's/v2[.]struct/json.struct/' $JSONROOT/errors_test.go +sed -i 's|jsonv1 "github.com/go-json-experiment/json/v1"|jsonv1 "encoding/json"|' $JSONROOT/bench_test.go + +# TODO(go1.25): Remove test that relies on "synctest" that is not available yet. +sed -i '/Issue #73733/,+17d' $JSONROOT/v1/encode_test.go +goimports -w $JSONROOT/v1/encode_test.go + +# Remove documentation that only makes sense within the stdlib. +sed -i '/This package .* is experimental/,+4d' $JSONROOT/doc.go +sed -i '/This package .* is experimental/,+4d' $JSONROOT/jsontext/doc.go + +git checkout internal/zstd # we still need local copy of zstd for testing + +go run alias_gen.go "encoding/json" $JSONROOT/v1 +go run alias_gen.go "encoding/json/v2" $JSONROOT +go run alias_gen.go "encoding/json/jsontext" $JSONROOT/jsontext diff --git a/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/options.go b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/options.go new file mode 100644 index 0000000000..de401b0de8 --- /dev/null +++ b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/options.go @@ -0,0 +1,289 @@ +// Copyright 2023 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +//go:build !goexperiment.jsonv2 || !go1.25 + +package json + +import ( + "fmt" + + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal" + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal/jsonflags" + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal/jsonopts" +) + +// Options configure [Marshal], [MarshalWrite], [MarshalEncode], +// [Unmarshal], [UnmarshalRead], and [UnmarshalDecode] with specific features. +// Each function takes in a variadic list of options, where properties +// set in later options override the value of previously set properties. +// +// The Options type is identical to [encoding/json.Options] and +// [encoding/json/jsontext.Options]. Options from the other packages can +// be used interchangeably with functionality in this package. +// +// Options represent either a singular option or a set of options. +// It can be functionally thought of as a Go map of option properties +// (even though the underlying implementation avoids Go maps for performance). +// +// The constructors (e.g., [Deterministic]) return a singular option value: +// +// opt := Deterministic(true) +// +// which is analogous to creating a single entry map: +// +// opt := Options{"Deterministic": true} +// +// [JoinOptions] composes multiple options values to together: +// +// out := JoinOptions(opts...) +// +// which is analogous to making a new map and copying the options over: +// +// out := make(Options) +// for _, m := range opts { +// for k, v := range m { +// out[k] = v +// } +// } +// +// [GetOption] looks up the value of options parameter: +// +// v, ok := GetOption(opts, Deterministic) +// +// which is analogous to a Go map lookup: +// +// v, ok := Options["Deterministic"] +// +// There is a single Options type, which is used with both marshal and unmarshal. +// Some options affect both operations, while others only affect one operation: +// +// - [StringifyNumbers] affects marshaling and unmarshaling +// - [Deterministic] affects marshaling only +// - [FormatNilSliceAsNull] affects marshaling only +// - [FormatNilMapAsNull] affects marshaling only +// - [OmitZeroStructFields] affects marshaling only +// - [MatchCaseInsensitiveNames] affects marshaling and unmarshaling +// - [DiscardUnknownMembers] affects marshaling only +// - [RejectUnknownMembers] affects unmarshaling only +// - [WithMarshalers] affects marshaling only +// - [WithUnmarshalers] affects unmarshaling only +// +// Options that do not affect a particular operation are ignored. +type Options = jsonopts.Options + +// JoinOptions coalesces the provided list of options into a single Options. +// Properties set in later options override the value of previously set properties. +func JoinOptions(srcs ...Options) Options { + var dst jsonopts.Struct + dst.Join(srcs...) + return &dst +} + +// GetOption returns the value stored in opts with the provided setter, +// reporting whether the value is present. +// +// Example usage: +// +// v, ok := json.GetOption(opts, json.Deterministic) +// +// Options are most commonly introspected to alter the JSON representation of +// [MarshalerTo.MarshalJSONTo] and [UnmarshalerFrom.UnmarshalJSONFrom] methods, and +// [MarshalToFunc] and [UnmarshalFromFunc] functions. +// In such cases, the presence bit should generally be ignored. +func GetOption[T any](opts Options, setter func(T) Options) (T, bool) { + return jsonopts.GetOption(opts, setter) +} + +// DefaultOptionsV2 is the full set of all options that define v2 semantics. +// It is equivalent to all options under [Options], [encoding/json.Options], +// and [encoding/json/jsontext.Options] being set to false or the zero value, +// except for the options related to whitespace formatting. +func DefaultOptionsV2() Options { + return &jsonopts.DefaultOptionsV2 +} + +// StringifyNumbers specifies that numeric Go types should be marshaled +// as a JSON string containing the equivalent JSON number value. +// When unmarshaling, numeric Go types are parsed from a JSON string +// containing the JSON number without any surrounding whitespace. +// +// According to RFC 8259, section 6, a JSON implementation may choose to +// limit the representation of a JSON number to an IEEE 754 binary64 value. +// This may cause decoders to lose precision for int64 and uint64 types. +// Quoting JSON numbers as a JSON string preserves the exact precision. +// +// This affects either marshaling or unmarshaling. +func StringifyNumbers(v bool) Options { + if v { + return jsonflags.StringifyNumbers | 1 + } else { + return jsonflags.StringifyNumbers | 0 + } +} + +// Deterministic specifies that the same input value will be serialized +// as the exact same output bytes. Different processes of +// the same program will serialize equal values to the same bytes, +// but different versions of the same program are not guaranteed +// to produce the exact same sequence of bytes. +// +// This only affects marshaling and is ignored when unmarshaling. +func Deterministic(v bool) Options { + if v { + return jsonflags.Deterministic | 1 + } else { + return jsonflags.Deterministic | 0 + } +} + +// FormatNilSliceAsNull specifies that a nil Go slice should marshal as a +// JSON null instead of the default representation as an empty JSON array +// (or an empty JSON string in the case of ~[]byte). +// Slice fields explicitly marked with `format:emitempty` still marshal +// as an empty JSON array. +// +// This only affects marshaling and is ignored when unmarshaling. +func FormatNilSliceAsNull(v bool) Options { + if v { + return jsonflags.FormatNilSliceAsNull | 1 + } else { + return jsonflags.FormatNilSliceAsNull | 0 + } +} + +// FormatNilMapAsNull specifies that a nil Go map should marshal as a +// JSON null instead of the default representation as an empty JSON object. +// Map fields explicitly marked with `format:emitempty` still marshal +// as an empty JSON object. +// +// This only affects marshaling and is ignored when unmarshaling. +func FormatNilMapAsNull(v bool) Options { + if v { + return jsonflags.FormatNilMapAsNull | 1 + } else { + return jsonflags.FormatNilMapAsNull | 0 + } +} + +// OmitZeroStructFields specifies that a Go struct should marshal in such a way +// that all struct fields that are zero are omitted from the marshaled output +// if the value is zero as determined by the "IsZero() bool" method if present, +// otherwise based on whether the field is the zero Go value. +// This is semantically equivalent to specifying the `omitzero` tag option +// on every field in a Go struct. +// +// This only affects marshaling and is ignored when unmarshaling. +func OmitZeroStructFields(v bool) Options { + if v { + return jsonflags.OmitZeroStructFields | 1 + } else { + return jsonflags.OmitZeroStructFields | 0 + } +} + +// MatchCaseInsensitiveNames specifies that JSON object members are matched +// against Go struct fields using a case-insensitive match of the name. +// Go struct fields explicitly marked with `case:strict` or `case:ignore` +// always use case-sensitive (or case-insensitive) name matching, +// regardless of the value of this option. +// +// This affects either marshaling or unmarshaling. +// For marshaling, this option may alter the detection of duplicate names +// (assuming [jsontext.AllowDuplicateNames] is false) from inlined fields +// if it matches one of the declared fields in the Go struct. +func MatchCaseInsensitiveNames(v bool) Options { + if v { + return jsonflags.MatchCaseInsensitiveNames | 1 + } else { + return jsonflags.MatchCaseInsensitiveNames | 0 + } +} + +// DiscardUnknownMembers specifies that marshaling should ignore any +// JSON object members stored in Go struct fields dedicated to storing +// unknown JSON object members. +// +// This only affects marshaling and is ignored when unmarshaling. +func DiscardUnknownMembers(v bool) Options { + if v { + return jsonflags.DiscardUnknownMembers | 1 + } else { + return jsonflags.DiscardUnknownMembers | 0 + } +} + +// RejectUnknownMembers specifies that unknown members should be rejected +// when unmarshaling a JSON object, regardless of whether there is a field +// to store unknown members. +// +// This only affects unmarshaling and is ignored when marshaling. +func RejectUnknownMembers(v bool) Options { + if v { + return jsonflags.RejectUnknownMembers | 1 + } else { + return jsonflags.RejectUnknownMembers | 0 + } +} + +// WithMarshalers specifies a list of type-specific marshalers to use, +// which can be used to override the default marshal behavior for values +// of particular types. +// +// This only affects marshaling and is ignored when unmarshaling. +func WithMarshalers(v *Marshalers) Options { + return (*marshalersOption)(v) +} + +// WithUnmarshalers specifies a list of type-specific unmarshalers to use, +// which can be used to override the default unmarshal behavior for values +// of particular types. +// +// This only affects unmarshaling and is ignored when marshaling. +func WithUnmarshalers(v *Unmarshalers) Options { + return (*unmarshalersOption)(v) +} + +// These option types are declared here instead of "jsonopts" +// to avoid a dependency on "reflect" from "jsonopts". +type ( + marshalersOption Marshalers + unmarshalersOption Unmarshalers +) + +func (*marshalersOption) JSONOptions(internal.NotForPublicUse) {} +func (*unmarshalersOption) JSONOptions(internal.NotForPublicUse) {} + +// Inject support into "jsonopts" to handle these types. +func init() { + jsonopts.GetUnknownOption = func(src jsonopts.Struct, zero jsonopts.Options) (any, bool) { + switch zero.(type) { + case *marshalersOption: + if !src.Flags.Has(jsonflags.Marshalers) { + return (*Marshalers)(nil), false + } + return src.Marshalers.(*Marshalers), true + case *unmarshalersOption: + if !src.Flags.Has(jsonflags.Unmarshalers) { + return (*Unmarshalers)(nil), false + } + return src.Unmarshalers.(*Unmarshalers), true + default: + panic(fmt.Sprintf("unknown option %T", zero)) + } + } + jsonopts.JoinUnknownOption = func(dst jsonopts.Struct, src jsonopts.Options) jsonopts.Struct { + switch src := src.(type) { + case *marshalersOption: + dst.Flags.Set(jsonflags.Marshalers | 1) + dst.Marshalers = (*Marshalers)(src) + case *unmarshalersOption: + dst.Flags.Set(jsonflags.Unmarshalers | 1) + dst.Unmarshalers = (*Unmarshalers)(src) + default: + panic(fmt.Sprintf("unknown option %T", src)) + } + return dst + } +} diff --git a/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/value.go b/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/value.go deleted file mode 100644 index e0bd1b31d7..0000000000 --- a/vendor/k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/value.go +++ /dev/null @@ -1,381 +0,0 @@ -// Copyright 2020 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package json - -import ( - "bytes" - "errors" - "io" - "sort" - "sync" - "unicode/utf16" - "unicode/utf8" -) - -// NOTE: RawValue is analogous to v1 json.RawMessage. - -// RawValue represents a single raw JSON value, which may be one of the following: -// - a JSON literal (i.e., null, true, or false) -// - a JSON string (e.g., "hello, world!") -// - a JSON number (e.g., 123.456) -// - an entire JSON object (e.g., {"fizz":"buzz"} ) -// - an entire JSON array (e.g., [1,2,3] ) -// -// RawValue can represent entire array or object values, while Token cannot. -// RawValue may contain leading and/or trailing whitespace. -type RawValue []byte - -// Clone returns a copy of v. -func (v RawValue) Clone() RawValue { - if v == nil { - return nil - } - return append(RawValue{}, v...) -} - -// String returns the string formatting of v. -func (v RawValue) String() string { - if v == nil { - return "null" - } - return string(v) -} - -// IsValid reports whether the raw JSON value is syntactically valid -// according to RFC 7493. -// -// It verifies whether the input is properly encoded as UTF-8, -// that escape sequences within strings decode to valid Unicode codepoints, and -// that all names in each object are unique. -// It does not verify whether numbers are representable within the limits -// of any common numeric type (e.g., float64, int64, or uint64). -func (v RawValue) IsValid() bool { - d := getBufferedDecoder(v, DecodeOptions{}) - defer putBufferedDecoder(d) - _, errVal := d.ReadValue() - _, errEOF := d.ReadToken() - return errVal == nil && errEOF == io.EOF -} - -// Compact removes all whitespace from the raw JSON value. -// -// It does not reformat JSON strings to use any other representation. -// It is guaranteed to succeed if the input is valid. -// If the value is already compacted, then the buffer is not mutated. -func (v *RawValue) Compact() error { - return v.reformat(false, false, "", "") -} - -// Indent reformats the whitespace in the raw JSON value so that each element -// in a JSON object or array begins on a new, indented line beginning with -// prefix followed by one or more copies of indent according to the nesting. -// The value does not begin with the prefix nor any indention, -// to make it easier to embed inside other formatted JSON data. -// -// It does not reformat JSON strings to use any other representation. -// It is guaranteed to succeed if the input is valid. -// If the value is already indented properly, then the buffer is not mutated. -func (v *RawValue) Indent(prefix, indent string) error { - return v.reformat(false, true, prefix, indent) -} - -// Canonicalize canonicalizes the raw JSON value according to the -// JSON Canonicalization Scheme (JCS) as defined by RFC 8785 -// where it produces a stable representation of a JSON value. -// -// The output stability is dependent on the stability of the application data -// (see RFC 8785, Appendix E). It cannot produce stable output from -// fundamentally unstable input. For example, if the JSON value -// contains ephemeral data (e.g., a frequently changing timestamp), -// then the value is still unstable regardless of whether this is called. -// -// Note that JCS treats all JSON numbers as IEEE 754 double precision numbers. -// Any numbers with precision beyond what is representable by that form -// will lose their precision when canonicalized. For example, integer values -// beyond ±2⁵³ will lose their precision. It is recommended that -// int64 and uint64 data types be represented as a JSON string. -// -// It is guaranteed to succeed if the input is valid. -// If the value is already canonicalized, then the buffer is not mutated. -func (v *RawValue) Canonicalize() error { - return v.reformat(true, false, "", "") -} - -// TODO: Instead of implementing the v1 Marshaler/Unmarshaler, -// consider implementing the v2 versions instead. - -// MarshalJSON returns v as the JSON encoding of v. -// It returns the stored value as the raw JSON output without any validation. -// If v is nil, then this returns a JSON null. -func (v RawValue) MarshalJSON() ([]byte, error) { - // NOTE: This matches the behavior of v1 json.RawMessage.MarshalJSON. - if v == nil { - return []byte("null"), nil - } - return v, nil -} - -// UnmarshalJSON sets v as the JSON encoding of b. -// It stores a copy of the provided raw JSON input without any validation. -func (v *RawValue) UnmarshalJSON(b []byte) error { - // NOTE: This matches the behavior of v1 json.RawMessage.UnmarshalJSON. - if v == nil { - return errors.New("json.RawValue: UnmarshalJSON on nil pointer") - } - *v = append((*v)[:0], b...) - return nil -} - -// Kind returns the starting token kind. -// For a valid value, this will never include '}' or ']'. -func (v RawValue) Kind() Kind { - if v := v[consumeWhitespace(v):]; len(v) > 0 { - return Kind(v[0]).normalize() - } - return invalidKind -} - -func (v *RawValue) reformat(canonical, multiline bool, prefix, indent string) error { - var eo EncodeOptions - if canonical { - eo.AllowInvalidUTF8 = false // per RFC 8785, section 3.2.4 - eo.AllowDuplicateNames = false // per RFC 8785, section 3.1 - eo.canonicalizeNumbers = true // per RFC 8785, section 3.2.2.3 - eo.EscapeRune = nil // per RFC 8785, section 3.2.2.2 - eo.multiline = false // per RFC 8785, section 3.2.1 - } else { - if s := trimLeftSpaceTab(prefix); len(s) > 0 { - panic("json: invalid character " + quoteRune([]byte(s)) + " in indent prefix") - } - if s := trimLeftSpaceTab(indent); len(s) > 0 { - panic("json: invalid character " + quoteRune([]byte(s)) + " in indent") - } - eo.AllowInvalidUTF8 = true - eo.AllowDuplicateNames = true - eo.preserveRawStrings = true - eo.multiline = multiline // in case indent is empty - eo.IndentPrefix = prefix - eo.Indent = indent - } - eo.omitTopLevelNewline = true - - // Write the entire value to reformat all tokens and whitespace. - e := getBufferedEncoder(eo) - defer putBufferedEncoder(e) - if err := e.WriteValue(*v); err != nil { - return err - } - - // For canonical output, we may need to reorder object members. - if canonical { - // Obtain a buffered encoder just to use its internal buffer as - // a scratch buffer in reorderObjects for reordering object members. - e2 := getBufferedEncoder(EncodeOptions{}) - defer putBufferedEncoder(e2) - - // Disable redundant checks performed earlier during encoding. - d := getBufferedDecoder(e.buf, DecodeOptions{AllowInvalidUTF8: true, AllowDuplicateNames: true}) - defer putBufferedDecoder(d) - reorderObjects(d, &e2.buf) // per RFC 8785, section 3.2.3 - } - - // Store the result back into the value if different. - if !bytes.Equal(*v, e.buf) { - *v = append((*v)[:0], e.buf...) - } - return nil -} - -func trimLeftSpaceTab(s string) string { - for i, r := range s { - switch r { - case ' ', '\t': - default: - return s[i:] - } - } - return "" -} - -type memberName struct { - // name is the unescaped name. - name []byte - // before and after are byte offsets into Decoder.buf that represents - // the entire name/value pair. It may contain leading commas. - before, after int64 -} - -var memberNamePool = sync.Pool{New: func() any { return new(memberNames) }} - -func getMemberNames() *memberNames { - ns := memberNamePool.Get().(*memberNames) - *ns = (*ns)[:0] - return ns -} -func putMemberNames(ns *memberNames) { - if cap(*ns) < 1<<10 { - for i := range *ns { - (*ns)[i] = memberName{} // avoid pinning name - } - memberNamePool.Put(ns) - } -} - -type memberNames []memberName - -func (m *memberNames) Len() int { return len(*m) } -func (m *memberNames) Less(i, j int) bool { return lessUTF16((*m)[i].name, (*m)[j].name) } -func (m *memberNames) Swap(i, j int) { (*m)[i], (*m)[j] = (*m)[j], (*m)[i] } - -// reorderObjects recursively reorders all object members in place -// according to the ordering specified in RFC 8785, section 3.2.3. -// -// Pre-conditions: -// - The value is valid (i.e., no decoder errors should ever occur). -// - The value is compact (i.e., no whitespace is present). -// - Initial call is provided a Decoder reading from the start of v. -// -// Post-conditions: -// - Exactly one JSON value is read from the Decoder. -// - All fully-parsed JSON objects are reordered by directly moving -// the members in the value buffer. -// -// The runtime is approximately O(n·log(n)) + O(m·log(m)), -// where n is len(v) and m is the total number of object members. -func reorderObjects(d *Decoder, scratch *[]byte) { - switch tok, _ := d.ReadToken(); tok.Kind() { - case '{': - // Iterate and collect the name and offsets for every object member. - members := getMemberNames() - defer putMemberNames(members) - var prevName []byte - isSorted := true - - beforeBody := d.InputOffset() // offset after '{' - for d.PeekKind() != '}' { - beforeName := d.InputOffset() - var flags valueFlags - name, _ := d.readValue(&flags) - name = unescapeStringMayCopy(name, flags.isVerbatim()) - reorderObjects(d, scratch) - afterValue := d.InputOffset() - - if isSorted && len(*members) > 0 { - isSorted = lessUTF16(prevName, []byte(name)) - } - *members = append(*members, memberName{name, beforeName, afterValue}) - prevName = name - } - afterBody := d.InputOffset() // offset before '}' - d.ReadToken() - - // Sort the members; return early if it's already sorted. - if isSorted { - return - } - // TODO(https://go.dev/issue/47619): Use slices.Sort. - sort.Sort(members) - - // Append the reordered members to a new buffer, - // then copy the reordered members back over the original members. - // Avoid swapping in place since each member may be a different size - // where moving a member over a smaller member may corrupt the data - // for subsequent members before they have been moved. - // - // The following invariant must hold: - // sum([m.after-m.before for m in members]) == afterBody-beforeBody - sorted := (*scratch)[:0] - for i, member := range *members { - if d.buf[member.before] == ',' { - member.before++ // trim leading comma - } - sorted = append(sorted, d.buf[member.before:member.after]...) - if i < len(*members)-1 { - sorted = append(sorted, ',') // append trailing comma - } - } - if int(afterBody-beforeBody) != len(sorted) { - panic("BUG: length invariant violated") - } - copy(d.buf[beforeBody:afterBody], sorted) - - // Update scratch buffer to the largest amount ever used. - if len(sorted) > len(*scratch) { - *scratch = sorted - } - case '[': - for d.PeekKind() != ']' { - reorderObjects(d, scratch) - } - d.ReadToken() - } -} - -// lessUTF16 reports whether x is lexicographically less than y according -// to the UTF-16 codepoints of the UTF-8 encoded input strings. -// This implements the ordering specified in RFC 8785, section 3.2.3. -// The inputs must be valid UTF-8, otherwise this may panic. -func lessUTF16[Bytes []byte | string](x, y Bytes) bool { - // NOTE: This is an optimized, allocation-free implementation - // of lessUTF16Simple in fuzz_test.go. FuzzLessUTF16 verifies that the - // two implementations agree on the result of comparing any two strings. - - isUTF16Self := func(r rune) bool { - return ('\u0000' <= r && r <= '\uD7FF') || ('\uE000' <= r && r <= '\uFFFF') - } - - var invalidUTF8 bool - x0, y0 := x, y - for { - if len(x) == 0 || len(y) == 0 { - if len(x) == len(y) && invalidUTF8 { - return string(x0) < string(y0) - } - return len(x) < len(y) - } - - // ASCII fast-path. - if x[0] < utf8.RuneSelf || y[0] < utf8.RuneSelf { - if x[0] != y[0] { - return x[0] < y[0] - } - x, y = x[1:], y[1:] - continue - } - - // Decode next pair of runes as UTF-8. - // TODO(https://go.dev/issue/56948): Use a generic implementation - // of utf8.DecodeRune, or rely on a compiler optimization to statically - // hide the cost of a type switch (https://go.dev/issue/57072). - var rx, ry rune - var nx, ny int - switch any(x).(type) { - case string: - rx, nx = utf8.DecodeRuneInString(string(x)) - ry, ny = utf8.DecodeRuneInString(string(y)) - case []byte: - rx, nx = utf8.DecodeRune([]byte(x)) - ry, ny = utf8.DecodeRune([]byte(y)) - } - - selfx := isUTF16Self(rx) - selfy := isUTF16Self(ry) - switch { - // The x rune is a single UTF-16 codepoint, while - // the y rune is a surrogate pair of UTF-16 codepoints. - case selfx && !selfy: - ry, _ = utf16.EncodeRune(ry) - // The y rune is a single UTF-16 codepoint, while - // the x rune is a surrogate pair of UTF-16 codepoints. - case selfy && !selfx: - rx, _ = utf16.EncodeRune(rx) - } - if rx != ry { - return rx < ry - } - invalidUTF8 = invalidUTF8 || (rx == utf8.RuneError && nx == 1) || (ry == utf8.RuneError && ny == 1) - x, y = x[nx:], y[ny:] - } -} diff --git a/vendor/k8s.io/kube-openapi/pkg/schemaconv/openapi.go b/vendor/k8s.io/kube-openapi/pkg/schemaconv/openapi.go index 81280aae64..6067ee03d2 100644 --- a/vendor/k8s.io/kube-openapi/pkg/schemaconv/openapi.go +++ b/vendor/k8s.io/kube-openapi/pkg/schemaconv/openapi.go @@ -140,7 +140,7 @@ func (c *convert) makeOpenAPIRef(specSchema *spec.Schema) schema.TypeRef { // to deduplicate) mapRelationship, err := getMapElementRelationship(specSchema.Extensions) if err != nil { - c.reportError(err.Error()) + c.reportError("%v", err) } if len(mapRelationship) > 0 { @@ -212,7 +212,7 @@ func (c *convert) parseObject(s *spec.Schema) *schema.Map { relationship, err := getMapElementRelationship(s.Extensions) if err != nil { - c.reportError(err.Error()) + c.reportError("%v", err) } return &schema.Map{ @@ -225,7 +225,7 @@ func (c *convert) parseObject(s *spec.Schema) *schema.Map { func (c *convert) parseList(s *spec.Schema) *schema.List { relationship, mapKeys, err := getListElementRelationship(s.Extensions) if err != nil { - c.reportError(err.Error()) + c.reportError("%v", err) } elementType := func() schema.TypeRef { if s.Items != nil { diff --git a/vendor/k8s.io/kube-openapi/pkg/schemaconv/proto_models.go b/vendor/k8s.io/kube-openapi/pkg/schemaconv/proto_models.go index e40f6056e7..6a8b9f44ac 100644 --- a/vendor/k8s.io/kube-openapi/pkg/schemaconv/proto_models.go +++ b/vendor/k8s.io/kube-openapi/pkg/schemaconv/proto_models.go @@ -72,7 +72,7 @@ func (c *convert) makeRef(model proto.Schema, preserveUnknownFields bool) schema mapRelationship, err := getMapElementRelationship(model.GetExtensions()) if err != nil { - c.reportError(err.Error()) + c.reportError("%v", err) } // empty string means unset. @@ -114,7 +114,7 @@ func (c *convert) VisitKind(k *proto.Kind) { unions, err := makeUnions(k.GetExtensions()) if err != nil { - c.reportError(err.Error()) + c.reportError("%v", err) return } // TODO: We should check that the fields and discriminator @@ -129,14 +129,14 @@ func (c *convert) VisitKind(k *proto.Kind) { a.Map.ElementRelationship, err = getMapElementRelationship(k.GetExtensions()) if err != nil { - c.reportError(err.Error()) + c.reportError("%v", err) } } func (c *convert) VisitArray(a *proto.Array) { relationship, mapKeys, err := getListElementRelationship(a.GetExtensions()) if err != nil { - c.reportError(err.Error()) + c.reportError("%v", err) } atom := c.top() @@ -150,7 +150,7 @@ func (c *convert) VisitArray(a *proto.Array) { func (c *convert) VisitMap(m *proto.Map) { relationship, err := getMapElementRelationship(m.GetExtensions()) if err != nil { - c.reportError(err.Error()) + c.reportError("%v", err) } a := c.top() diff --git a/vendor/k8s.io/kube-openapi/pkg/spec3/encoding.go b/vendor/k8s.io/kube-openapi/pkg/spec3/encoding.go index 1f62c6e772..1b3dfff1d1 100644 --- a/vendor/k8s.io/kube-openapi/pkg/spec3/encoding.go +++ b/vendor/k8s.io/kube-openapi/pkg/spec3/encoding.go @@ -22,6 +22,7 @@ import ( "github.com/go-openapi/swag" "k8s.io/kube-openapi/pkg/internal" jsonv2 "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json" + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext" "k8s.io/kube-openapi/pkg/validation/spec" ) @@ -46,14 +47,14 @@ func (e *Encoding) MarshalJSON() ([]byte, error) { return swag.ConcatJSON(b1, b2), nil } -func (e *Encoding) MarshalNextJSON(opts jsonv2.MarshalOptions, enc *jsonv2.Encoder) error { +func (e *Encoding) MarshalJSONTo(enc *jsontext.Encoder) error { var x struct { EncodingProps encodingPropsOmitZero `json:",inline"` - spec.Extensions + Extensions spec.Extensions `json:",inline"` } x.Extensions = internal.SanitizeExtensions(e.Extensions) x.EncodingProps = encodingPropsOmitZero(e.EncodingProps) - return opts.MarshalNext(enc, x) + return jsonv2.MarshalEncode(enc, x) } func (e *Encoding) UnmarshalJSON(data []byte) error { @@ -69,12 +70,12 @@ func (e *Encoding) UnmarshalJSON(data []byte) error { return nil } -func (e *Encoding) UnmarshalNextJSON(opts jsonv2.UnmarshalOptions, dec *jsonv2.Decoder) error { +func (e *Encoding) UnmarshalJSONFrom(dec *jsontext.Decoder) error { var x struct { - spec.Extensions + Extensions spec.Extensions `json:",inline"` EncodingProps } - if err := opts.UnmarshalNext(dec, &x); err != nil { + if err := jsonv2.UnmarshalDecode(dec, &x); err != nil { return err } diff --git a/vendor/k8s.io/kube-openapi/pkg/spec3/example.go b/vendor/k8s.io/kube-openapi/pkg/spec3/example.go index 8834a92e6d..3edb104929 100644 --- a/vendor/k8s.io/kube-openapi/pkg/spec3/example.go +++ b/vendor/k8s.io/kube-openapi/pkg/spec3/example.go @@ -22,6 +22,7 @@ import ( "github.com/go-openapi/swag" "k8s.io/kube-openapi/pkg/internal" jsonv2 "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json" + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext" "k8s.io/kube-openapi/pkg/validation/spec" ) @@ -53,16 +54,16 @@ func (e *Example) MarshalJSON() ([]byte, error) { } return swag.ConcatJSON(b1, b2, b3), nil } -func (e *Example) MarshalNextJSON(opts jsonv2.MarshalOptions, enc *jsonv2.Encoder) error { +func (e *Example) MarshalJSONTo(enc *jsontext.Encoder) error { var x struct { Ref string `json:"$ref,omitempty"` ExampleProps `json:",inline"` - spec.Extensions + Extensions spec.Extensions `json:",inline"` } x.Ref = e.Refable.Ref.String() x.Extensions = internal.SanitizeExtensions(e.Extensions) x.ExampleProps = e.ExampleProps - return opts.MarshalNext(enc, x) + return jsonv2.MarshalEncode(enc, x) } func (e *Example) UnmarshalJSON(data []byte) error { @@ -81,12 +82,12 @@ func (e *Example) UnmarshalJSON(data []byte) error { return nil } -func (e *Example) UnmarshalNextJSON(opts jsonv2.UnmarshalOptions, dec *jsonv2.Decoder) error { +func (e *Example) UnmarshalJSONFrom(dec *jsontext.Decoder) error { var x struct { - spec.Extensions + Extensions spec.Extensions `json:",inline"` ExampleProps } - if err := opts.UnmarshalNext(dec, &x); err != nil { + if err := jsonv2.UnmarshalDecode(dec, &x); err != nil { return err } if err := internal.JSONRefFromMap(&e.Ref.Ref, x.Extensions); err != nil { diff --git a/vendor/k8s.io/kube-openapi/pkg/spec3/external_documentation.go b/vendor/k8s.io/kube-openapi/pkg/spec3/external_documentation.go index f0515496e4..7a83c53c09 100644 --- a/vendor/k8s.io/kube-openapi/pkg/spec3/external_documentation.go +++ b/vendor/k8s.io/kube-openapi/pkg/spec3/external_documentation.go @@ -22,6 +22,7 @@ import ( "github.com/go-openapi/swag" "k8s.io/kube-openapi/pkg/internal" jsonv2 "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json" + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext" "k8s.io/kube-openapi/pkg/validation/spec" ) @@ -53,14 +54,14 @@ func (e *ExternalDocumentation) MarshalJSON() ([]byte, error) { return swag.ConcatJSON(b1, b2), nil } -func (e *ExternalDocumentation) MarshalNextJSON(opts jsonv2.MarshalOptions, enc *jsonv2.Encoder) error { +func (e *ExternalDocumentation) MarshalJSONTo(enc *jsontext.Encoder) error { var x struct { ExternalDocumentationProps `json:",inline"` - spec.Extensions + Extensions spec.Extensions `json:",inline"` } x.Extensions = internal.SanitizeExtensions(e.Extensions) x.ExternalDocumentationProps = e.ExternalDocumentationProps - return opts.MarshalNext(enc, x) + return jsonv2.MarshalEncode(enc, x) } func (e *ExternalDocumentation) UnmarshalJSON(data []byte) error { @@ -76,12 +77,12 @@ func (e *ExternalDocumentation) UnmarshalJSON(data []byte) error { return nil } -func (e *ExternalDocumentation) UnmarshalNextJSON(opts jsonv2.UnmarshalOptions, dec *jsonv2.Decoder) error { +func (e *ExternalDocumentation) UnmarshalJSONFrom(dec *jsontext.Decoder) error { var x struct { - spec.Extensions + Extensions spec.Extensions `json:",inline"` ExternalDocumentationProps } - if err := opts.UnmarshalNext(dec, &x); err != nil { + if err := jsonv2.UnmarshalDecode(dec, &x); err != nil { return err } e.Extensions = internal.SanitizeExtensions(x.Extensions) diff --git a/vendor/k8s.io/kube-openapi/pkg/spec3/header.go b/vendor/k8s.io/kube-openapi/pkg/spec3/header.go index 9ea30628ce..475817f666 100644 --- a/vendor/k8s.io/kube-openapi/pkg/spec3/header.go +++ b/vendor/k8s.io/kube-openapi/pkg/spec3/header.go @@ -22,6 +22,7 @@ import ( "github.com/go-openapi/swag" "k8s.io/kube-openapi/pkg/internal" jsonv2 "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json" + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext" "k8s.io/kube-openapi/pkg/validation/spec" ) @@ -54,16 +55,16 @@ func (h *Header) MarshalJSON() ([]byte, error) { return swag.ConcatJSON(b1, b2, b3), nil } -func (h *Header) MarshalNextJSON(opts jsonv2.MarshalOptions, enc *jsonv2.Encoder) error { +func (h *Header) MarshalJSONTo(enc *jsontext.Encoder) error { var x struct { Ref string `json:"$ref,omitempty"` HeaderProps headerPropsOmitZero `json:",inline"` - spec.Extensions + Extensions spec.Extensions `json:",inline"` } x.Ref = h.Refable.Ref.String() x.Extensions = internal.SanitizeExtensions(h.Extensions) x.HeaderProps = headerPropsOmitZero(h.HeaderProps) - return opts.MarshalNext(enc, x) + return jsonv2.MarshalEncode(enc, x) } func (h *Header) UnmarshalJSON(data []byte) error { @@ -83,12 +84,12 @@ func (h *Header) UnmarshalJSON(data []byte) error { return nil } -func (h *Header) UnmarshalNextJSON(opts jsonv2.UnmarshalOptions, dec *jsonv2.Decoder) error { +func (h *Header) UnmarshalJSONFrom(dec *jsontext.Decoder) error { var x struct { - spec.Extensions + Extensions spec.Extensions `json:",inline"` HeaderProps } - if err := opts.UnmarshalNext(dec, &x); err != nil { + if err := jsonv2.UnmarshalDecode(dec, &x); err != nil { return err } if err := internal.JSONRefFromMap(&h.Ref.Ref, x.Extensions); err != nil { diff --git a/vendor/k8s.io/kube-openapi/pkg/spec3/media_type.go b/vendor/k8s.io/kube-openapi/pkg/spec3/media_type.go index 47eef1edb0..c9062b2386 100644 --- a/vendor/k8s.io/kube-openapi/pkg/spec3/media_type.go +++ b/vendor/k8s.io/kube-openapi/pkg/spec3/media_type.go @@ -22,6 +22,7 @@ import ( "github.com/go-openapi/swag" "k8s.io/kube-openapi/pkg/internal" jsonv2 "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json" + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext" "k8s.io/kube-openapi/pkg/validation/spec" ) @@ -49,14 +50,14 @@ func (m *MediaType) MarshalJSON() ([]byte, error) { return swag.ConcatJSON(b1, b2), nil } -func (e *MediaType) MarshalNextJSON(opts jsonv2.MarshalOptions, enc *jsonv2.Encoder) error { +func (e *MediaType) MarshalJSONTo(enc *jsontext.Encoder) error { var x struct { MediaTypeProps mediaTypePropsOmitZero `json:",inline"` - spec.Extensions + Extensions spec.Extensions `json:",inline"` } x.Extensions = internal.SanitizeExtensions(e.Extensions) x.MediaTypeProps = mediaTypePropsOmitZero(e.MediaTypeProps) - return opts.MarshalNext(enc, x) + return jsonv2.MarshalEncode(enc, x) } func (m *MediaType) UnmarshalJSON(data []byte) error { @@ -72,12 +73,12 @@ func (m *MediaType) UnmarshalJSON(data []byte) error { return nil } -func (m *MediaType) UnmarshalNextJSON(opts jsonv2.UnmarshalOptions, dec *jsonv2.Decoder) error { +func (m *MediaType) UnmarshalJSONFrom(dec *jsontext.Decoder) error { var x struct { - spec.Extensions + Extensions spec.Extensions `json:",inline"` MediaTypeProps } - if err := opts.UnmarshalNext(dec, &x); err != nil { + if err := jsonv2.UnmarshalDecode(dec, &x); err != nil { return err } m.Extensions = internal.SanitizeExtensions(x.Extensions) diff --git a/vendor/k8s.io/kube-openapi/pkg/spec3/operation.go b/vendor/k8s.io/kube-openapi/pkg/spec3/operation.go index f1e1025479..8219b29d0b 100644 --- a/vendor/k8s.io/kube-openapi/pkg/spec3/operation.go +++ b/vendor/k8s.io/kube-openapi/pkg/spec3/operation.go @@ -22,6 +22,7 @@ import ( "github.com/go-openapi/swag" "k8s.io/kube-openapi/pkg/internal" jsonv2 "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json" + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext" "k8s.io/kube-openapi/pkg/validation/spec" ) @@ -49,14 +50,14 @@ func (o *Operation) MarshalJSON() ([]byte, error) { return swag.ConcatJSON(b1, b2), nil } -func (o *Operation) MarshalNextJSON(opts jsonv2.MarshalOptions, enc *jsonv2.Encoder) error { +func (o *Operation) MarshalJSONTo(enc *jsontext.Encoder) error { var x struct { - spec.Extensions + Extensions spec.Extensions `json:",inline"` OperationProps operationPropsOmitZero `json:",inline"` } x.Extensions = internal.SanitizeExtensions(o.Extensions) x.OperationProps = operationPropsOmitZero(o.OperationProps) - return opts.MarshalNext(enc, x) + return jsonv2.MarshalEncode(enc, x) } // UnmarshalJSON hydrates this items instance with the data from JSON @@ -70,12 +71,12 @@ func (o *Operation) UnmarshalJSON(data []byte) error { return json.Unmarshal(data, &o.VendorExtensible) } -func (o *Operation) UnmarshalNextJSON(opts jsonv2.UnmarshalOptions, dec *jsonv2.Decoder) error { +func (o *Operation) UnmarshalJSONFrom(dec *jsontext.Decoder) error { var x struct { - spec.Extensions + Extensions spec.Extensions `json:",inline"` OperationProps } - if err := opts.UnmarshalNext(dec, &x); err != nil { + if err := jsonv2.UnmarshalDecode(dec, &x); err != nil { return err } o.Extensions = internal.SanitizeExtensions(x.Extensions) diff --git a/vendor/k8s.io/kube-openapi/pkg/spec3/parameter.go b/vendor/k8s.io/kube-openapi/pkg/spec3/parameter.go index ada7edb637..a5e7d46c48 100644 --- a/vendor/k8s.io/kube-openapi/pkg/spec3/parameter.go +++ b/vendor/k8s.io/kube-openapi/pkg/spec3/parameter.go @@ -22,6 +22,7 @@ import ( "github.com/go-openapi/swag" "k8s.io/kube-openapi/pkg/internal" jsonv2 "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json" + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext" "k8s.io/kube-openapi/pkg/validation/spec" ) @@ -54,16 +55,16 @@ func (p *Parameter) MarshalJSON() ([]byte, error) { return swag.ConcatJSON(b1, b2, b3), nil } -func (p *Parameter) MarshalNextJSON(opts jsonv2.MarshalOptions, enc *jsonv2.Encoder) error { +func (p *Parameter) MarshalJSONTo(enc *jsontext.Encoder) error { var x struct { Ref string `json:"$ref,omitempty"` ParameterProps parameterPropsOmitZero `json:",inline"` - spec.Extensions + Extensions spec.Extensions `json:",inline"` } x.Ref = p.Refable.Ref.String() x.Extensions = internal.SanitizeExtensions(p.Extensions) x.ParameterProps = parameterPropsOmitZero(p.ParameterProps) - return opts.MarshalNext(enc, x) + return jsonv2.MarshalEncode(enc, x) } func (p *Parameter) UnmarshalJSON(data []byte) error { @@ -84,12 +85,12 @@ func (p *Parameter) UnmarshalJSON(data []byte) error { return nil } -func (p *Parameter) UnmarshalNextJSON(opts jsonv2.UnmarshalOptions, dec *jsonv2.Decoder) error { +func (p *Parameter) UnmarshalJSONFrom(dec *jsontext.Decoder) error { var x struct { - spec.Extensions + Extensions spec.Extensions `json:",inline"` ParameterProps } - if err := opts.UnmarshalNext(dec, &x); err != nil { + if err := jsonv2.UnmarshalDecode(dec, &x); err != nil { return err } if err := internal.JSONRefFromMap(&p.Ref.Ref, x.Extensions); err != nil { diff --git a/vendor/k8s.io/kube-openapi/pkg/spec3/path.go b/vendor/k8s.io/kube-openapi/pkg/spec3/path.go index 16fbbb4dd9..cb04cf0f9d 100644 --- a/vendor/k8s.io/kube-openapi/pkg/spec3/path.go +++ b/vendor/k8s.io/kube-openapi/pkg/spec3/path.go @@ -24,6 +24,7 @@ import ( "github.com/go-openapi/swag" "k8s.io/kube-openapi/pkg/internal" jsonv2 "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json" + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext" "k8s.io/kube-openapi/pkg/validation/spec" ) @@ -57,7 +58,7 @@ func (p *Paths) MarshalJSON() ([]byte, error) { return concated, nil } -func (p *Paths) MarshalNextJSON(opts jsonv2.MarshalOptions, enc *jsonv2.Encoder) error { +func (p *Paths) MarshalJSONTo(enc *jsontext.Encoder) error { m := make(map[string]any, len(p.Extensions)+len(p.Paths)) for k, v := range p.Extensions { if internal.IsExtensionKey(k) { @@ -69,7 +70,7 @@ func (p *Paths) MarshalNextJSON(opts jsonv2.MarshalOptions, enc *jsonv2.Encoder) m[k] = v } } - return opts.MarshalNext(enc, m) + return jsonv2.MarshalEncode(enc, m) } // UnmarshalJSON hydrates this items instance with the data from JSON @@ -106,7 +107,7 @@ func (p *Paths) UnmarshalJSON(data []byte) error { return nil } -func (p *Paths) UnmarshalNextJSON(opts jsonv2.UnmarshalOptions, dec *jsonv2.Decoder) error { +func (p *Paths) UnmarshalJSONFrom(dec *jsontext.Decoder) error { tok, err := dec.ReadToken() if err != nil { return err @@ -129,7 +130,7 @@ func (p *Paths) UnmarshalNextJSON(opts jsonv2.UnmarshalOptions, dec *jsonv2.Deco switch k := tok.String(); { case internal.IsExtensionKey(k): var ext any - if err := opts.UnmarshalNext(dec, &ext); err != nil { + if err := jsonv2.UnmarshalDecode(dec, &ext); err != nil { return err } @@ -139,7 +140,7 @@ func (p *Paths) UnmarshalNextJSON(opts jsonv2.UnmarshalOptions, dec *jsonv2.Deco p.Extensions[k] = ext case len(k) > 0 && k[0] == '/': pi := Path{} - if err := opts.UnmarshalNext(dec, &pi); err != nil { + if err := jsonv2.UnmarshalDecode(dec, &pi); err != nil { return err } @@ -188,16 +189,16 @@ func (p *Path) MarshalJSON() ([]byte, error) { return swag.ConcatJSON(b1, b2, b3), nil } -func (p *Path) MarshalNextJSON(opts jsonv2.MarshalOptions, enc *jsonv2.Encoder) error { +func (p *Path) MarshalJSONTo(enc *jsontext.Encoder) error { var x struct { - Ref string `json:"$ref,omitempty"` - spec.Extensions + Ref string `json:"$ref,omitempty"` + Extensions spec.Extensions `json:",inline"` PathProps } x.Ref = p.Refable.Ref.String() x.Extensions = internal.SanitizeExtensions(p.Extensions) x.PathProps = p.PathProps - return opts.MarshalNext(enc, x) + return jsonv2.MarshalEncode(enc, x) } func (p *Path) UnmarshalJSON(data []byte) error { @@ -216,13 +217,13 @@ func (p *Path) UnmarshalJSON(data []byte) error { return nil } -func (p *Path) UnmarshalNextJSON(opts jsonv2.UnmarshalOptions, dec *jsonv2.Decoder) error { +func (p *Path) UnmarshalJSONFrom(dec *jsontext.Decoder) error { var x struct { - spec.Extensions + Extensions spec.Extensions `json:",inline"` PathProps } - if err := opts.UnmarshalNext(dec, &x); err != nil { + if err := jsonv2.UnmarshalDecode(dec, &x); err != nil { return err } if err := internal.JSONRefFromMap(&p.Ref.Ref, x.Extensions); err != nil { diff --git a/vendor/k8s.io/kube-openapi/pkg/spec3/request_body.go b/vendor/k8s.io/kube-openapi/pkg/spec3/request_body.go index 6f8607e400..b39c0d4fee 100644 --- a/vendor/k8s.io/kube-openapi/pkg/spec3/request_body.go +++ b/vendor/k8s.io/kube-openapi/pkg/spec3/request_body.go @@ -22,6 +22,7 @@ import ( "github.com/go-openapi/swag" "k8s.io/kube-openapi/pkg/internal" jsonv2 "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json" + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext" "k8s.io/kube-openapi/pkg/validation/spec" ) @@ -54,16 +55,16 @@ func (r *RequestBody) MarshalJSON() ([]byte, error) { return swag.ConcatJSON(b1, b2, b3), nil } -func (r *RequestBody) MarshalNextJSON(opts jsonv2.MarshalOptions, enc *jsonv2.Encoder) error { +func (r *RequestBody) MarshalJSONTo(enc *jsontext.Encoder) error { var x struct { Ref string `json:"$ref,omitempty"` RequestBodyProps requestBodyPropsOmitZero `json:",inline"` - spec.Extensions + Extensions spec.Extensions `json:",inline"` } x.Ref = r.Refable.Ref.String() x.Extensions = internal.SanitizeExtensions(r.Extensions) x.RequestBodyProps = requestBodyPropsOmitZero(r.RequestBodyProps) - return opts.MarshalNext(enc, x) + return jsonv2.MarshalEncode(enc, x) } func (r *RequestBody) UnmarshalJSON(data []byte) error { @@ -98,12 +99,12 @@ type requestBodyPropsOmitZero struct { Required bool `json:"required,omitzero"` } -func (r *RequestBody) UnmarshalNextJSON(opts jsonv2.UnmarshalOptions, dec *jsonv2.Decoder) error { +func (r *RequestBody) UnmarshalJSONFrom(dec *jsontext.Decoder) error { var x struct { - spec.Extensions + Extensions spec.Extensions `json:",inline"` RequestBodyProps } - if err := opts.UnmarshalNext(dec, &x); err != nil { + if err := jsonv2.UnmarshalDecode(dec, &x); err != nil { return err } if err := internal.JSONRefFromMap(&r.Ref.Ref, x.Extensions); err != nil { diff --git a/vendor/k8s.io/kube-openapi/pkg/spec3/response.go b/vendor/k8s.io/kube-openapi/pkg/spec3/response.go index 73e241fdc9..72ad9882d1 100644 --- a/vendor/k8s.io/kube-openapi/pkg/spec3/response.go +++ b/vendor/k8s.io/kube-openapi/pkg/spec3/response.go @@ -24,6 +24,7 @@ import ( "github.com/go-openapi/swag" "k8s.io/kube-openapi/pkg/internal" jsonv2 "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json" + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext" "k8s.io/kube-openapi/pkg/validation/spec" ) @@ -51,11 +52,11 @@ func (r *Responses) MarshalJSON() ([]byte, error) { return swag.ConcatJSON(b1, b2), nil } -func (r Responses) MarshalNextJSON(opts jsonv2.MarshalOptions, enc *jsonv2.Encoder) error { +func (r Responses) MarshalJSONTo(enc *jsontext.Encoder) error { type ArbitraryKeys map[string]interface{} var x struct { - ArbitraryKeys - Default *Response `json:"default,omitzero"` + ArbitraryKeys ArbitraryKeys `json:",inline"` + Default *Response `json:"default,omitzero"` } x.ArbitraryKeys = make(map[string]any, len(r.Extensions)+len(r.StatusCodeResponses)) for k, v := range r.Extensions { @@ -67,7 +68,7 @@ func (r Responses) MarshalNextJSON(opts jsonv2.MarshalOptions, enc *jsonv2.Encod x.ArbitraryKeys[strconv.Itoa(k)] = v } x.Default = r.Default - return opts.MarshalNext(enc, x) + return jsonv2.MarshalEncode(enc, x) } func (r *Responses) UnmarshalJSON(data []byte) error { @@ -136,7 +137,7 @@ func (r *ResponsesProps) UnmarshalJSON(data []byte) error { return nil } -func (r *Responses) UnmarshalNextJSON(opts jsonv2.UnmarshalOptions, dec *jsonv2.Decoder) (err error) { +func (r *Responses) UnmarshalJSONFrom(dec *jsontext.Decoder) (err error) { tok, err := dec.ReadToken() if err != nil { return err @@ -157,7 +158,7 @@ func (r *Responses) UnmarshalNextJSON(opts jsonv2.UnmarshalOptions, dec *jsonv2. switch k := tok.String(); { case internal.IsExtensionKey(k): var ext any - if err := opts.UnmarshalNext(dec, &ext); err != nil { + if err := jsonv2.UnmarshalDecode(dec, &ext); err != nil { return err } @@ -167,14 +168,14 @@ func (r *Responses) UnmarshalNextJSON(opts jsonv2.UnmarshalOptions, dec *jsonv2. r.Extensions[k] = ext case k == "default": resp := Response{} - if err := opts.UnmarshalNext(dec, &resp); err != nil { + if err := jsonv2.UnmarshalDecode(dec, &resp); err != nil { return err } r.ResponsesProps.Default = &resp default: if nk, err := strconv.Atoi(k); err == nil { resp := Response{} - if err := opts.UnmarshalNext(dec, &resp); err != nil { + if err := jsonv2.UnmarshalDecode(dec, &resp); err != nil { return err } @@ -219,16 +220,16 @@ func (r *Response) MarshalJSON() ([]byte, error) { return swag.ConcatJSON(b1, b2, b3), nil } -func (r Response) MarshalNextJSON(opts jsonv2.MarshalOptions, enc *jsonv2.Encoder) error { +func (r Response) MarshalJSONTo(enc *jsontext.Encoder) error { var x struct { - Ref string `json:"$ref,omitempty"` - spec.Extensions + Ref string `json:"$ref,omitempty"` + Extensions spec.Extensions `json:",inline"` ResponseProps `json:",inline"` } x.Ref = r.Refable.Ref.String() x.Extensions = internal.SanitizeExtensions(r.Extensions) x.ResponseProps = r.ResponseProps - return opts.MarshalNext(enc, x) + return jsonv2.MarshalEncode(enc, x) } func (r *Response) UnmarshalJSON(data []byte) error { @@ -247,12 +248,12 @@ func (r *Response) UnmarshalJSON(data []byte) error { return nil } -func (r *Response) UnmarshalNextJSON(opts jsonv2.UnmarshalOptions, dec *jsonv2.Decoder) error { +func (r *Response) UnmarshalJSONFrom(dec *jsontext.Decoder) error { var x struct { - spec.Extensions + Extensions spec.Extensions `json:",inline"` ResponseProps } - if err := opts.UnmarshalNext(dec, &x); err != nil { + if err := jsonv2.UnmarshalDecode(dec, &x); err != nil { return err } if err := internal.JSONRefFromMap(&r.Ref.Ref, x.Extensions); err != nil { @@ -302,16 +303,16 @@ func (r *Link) MarshalJSON() ([]byte, error) { return swag.ConcatJSON(b1, b2, b3), nil } -func (r *Link) MarshalNextJSON(opts jsonv2.MarshalOptions, enc *jsonv2.Encoder) error { +func (r *Link) MarshalJSONTo(enc *jsontext.Encoder) error { var x struct { - Ref string `json:"$ref,omitempty"` - spec.Extensions - LinkProps `json:",inline"` + Ref string `json:"$ref,omitempty"` + Extensions spec.Extensions `json:",inline"` + LinkProps `json:",inline"` } x.Ref = r.Refable.Ref.String() x.Extensions = internal.SanitizeExtensions(r.Extensions) x.LinkProps = r.LinkProps - return opts.MarshalNext(enc, x) + return jsonv2.MarshalEncode(enc, x) } func (r *Link) UnmarshalJSON(data []byte) error { @@ -331,12 +332,12 @@ func (r *Link) UnmarshalJSON(data []byte) error { return nil } -func (l *Link) UnmarshalNextJSON(opts jsonv2.UnmarshalOptions, dec *jsonv2.Decoder) error { +func (l *Link) UnmarshalJSONFrom(dec *jsontext.Decoder) error { var x struct { - spec.Extensions + Extensions spec.Extensions `json:",inline"` LinkProps } - if err := opts.UnmarshalNext(dec, &x); err != nil { + if err := jsonv2.UnmarshalDecode(dec, &x); err != nil { return err } if err := internal.JSONRefFromMap(&l.Ref.Ref, x.Extensions); err != nil { diff --git a/vendor/k8s.io/kube-openapi/pkg/spec3/security_scheme.go b/vendor/k8s.io/kube-openapi/pkg/spec3/security_scheme.go index dd1e98ed88..9bc180eaff 100644 --- a/vendor/k8s.io/kube-openapi/pkg/spec3/security_scheme.go +++ b/vendor/k8s.io/kube-openapi/pkg/spec3/security_scheme.go @@ -22,6 +22,7 @@ import ( "github.com/go-openapi/swag" "k8s.io/kube-openapi/pkg/internal" jsonv2 "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json" + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext" "k8s.io/kube-openapi/pkg/validation/spec" ) @@ -52,16 +53,16 @@ func (s *SecurityScheme) MarshalJSON() ([]byte, error) { return swag.ConcatJSON(b1, b2, b3), nil } -func (s *SecurityScheme) MarshalNextJSON(opts jsonv2.MarshalOptions, enc *jsonv2.Encoder) error { +func (s *SecurityScheme) MarshalJSONTo(enc *jsontext.Encoder) error { var x struct { Ref string `json:"$ref,omitempty"` SecuritySchemeProps `json:",inline"` - spec.Extensions + Extensions spec.Extensions `json:",inline"` } x.Ref = s.Refable.Ref.String() x.Extensions = internal.SanitizeExtensions(s.Extensions) x.SecuritySchemeProps = s.SecuritySchemeProps - return opts.MarshalNext(enc, x) + return jsonv2.MarshalEncode(enc, x) } // UnmarshalJSON hydrates this items instance with the data from JSON diff --git a/vendor/k8s.io/kube-openapi/pkg/spec3/server.go b/vendor/k8s.io/kube-openapi/pkg/spec3/server.go index 654a42c06e..3037fbce44 100644 --- a/vendor/k8s.io/kube-openapi/pkg/spec3/server.go +++ b/vendor/k8s.io/kube-openapi/pkg/spec3/server.go @@ -22,6 +22,7 @@ import ( "github.com/go-openapi/swag" "k8s.io/kube-openapi/pkg/internal" jsonv2 "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json" + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext" "k8s.io/kube-openapi/pkg/validation/spec" ) @@ -55,14 +56,14 @@ func (s *Server) MarshalJSON() ([]byte, error) { return swag.ConcatJSON(b1, b2), nil } -func (s *Server) MarshalNextJSON(opts jsonv2.MarshalOptions, enc *jsonv2.Encoder) error { +func (s *Server) MarshalJSONTo(enc *jsontext.Encoder) error { var x struct { ServerProps `json:",inline"` - spec.Extensions + Extensions spec.Extensions `json:",inline"` } x.Extensions = internal.SanitizeExtensions(s.Extensions) x.ServerProps = s.ServerProps - return opts.MarshalNext(enc, x) + return jsonv2.MarshalEncode(enc, x) } func (s *Server) UnmarshalJSON(data []byte) error { @@ -79,12 +80,12 @@ func (s *Server) UnmarshalJSON(data []byte) error { return nil } -func (s *Server) UnmarshalNextJSON(opts jsonv2.UnmarshalOptions, dec *jsonv2.Decoder) error { +func (s *Server) UnmarshalJSONFrom(dec *jsontext.Decoder) error { var x struct { - spec.Extensions + Extensions spec.Extensions `json:",inline"` ServerProps } - if err := opts.UnmarshalNext(dec, &x); err != nil { + if err := jsonv2.UnmarshalDecode(dec, &x); err != nil { return err } s.Extensions = internal.SanitizeExtensions(x.Extensions) @@ -123,14 +124,14 @@ func (s *ServerVariable) MarshalJSON() ([]byte, error) { return swag.ConcatJSON(b1, b2), nil } -func (s *ServerVariable) MarshalNextJSON(opts jsonv2.MarshalOptions, enc *jsonv2.Encoder) error { +func (s *ServerVariable) MarshalJSONTo(enc *jsontext.Encoder) error { var x struct { ServerVariableProps `json:",inline"` - spec.Extensions + Extensions spec.Extensions `json:",inline"` } x.Extensions = internal.SanitizeExtensions(s.Extensions) x.ServerVariableProps = s.ServerVariableProps - return opts.MarshalNext(enc, x) + return jsonv2.MarshalEncode(enc, x) } func (s *ServerVariable) UnmarshalJSON(data []byte) error { @@ -146,12 +147,12 @@ func (s *ServerVariable) UnmarshalJSON(data []byte) error { return nil } -func (s *ServerVariable) UnmarshalNextJSON(opts jsonv2.UnmarshalOptions, dec *jsonv2.Decoder) error { +func (s *ServerVariable) UnmarshalJSONFrom(dec *jsontext.Decoder) error { var x struct { - spec.Extensions + Extensions spec.Extensions `json:",inline"` ServerVariableProps } - if err := opts.UnmarshalNext(dec, &x); err != nil { + if err := jsonv2.UnmarshalDecode(dec, &x); err != nil { return err } s.Extensions = internal.SanitizeExtensions(x.Extensions) diff --git a/vendor/k8s.io/kube-openapi/pkg/spec3/spec.go b/vendor/k8s.io/kube-openapi/pkg/spec3/spec.go index 5db819c7f0..91b1ae333d 100644 --- a/vendor/k8s.io/kube-openapi/pkg/spec3/spec.go +++ b/vendor/k8s.io/kube-openapi/pkg/spec3/spec.go @@ -21,6 +21,7 @@ import ( "k8s.io/kube-openapi/pkg/internal" jsonv2 "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json" + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext" "k8s.io/kube-openapi/pkg/validation/spec" ) @@ -60,7 +61,7 @@ func (o *OpenAPI) MarshalJSON() ([]byte, error) { return json.Marshal(&p) } -func (o *OpenAPI) MarshalNextJSON(opts jsonv2.MarshalOptions, enc *jsonv2.Encoder) error { +func (o *OpenAPI) MarshalJSONTo(enc *jsontext.Encoder) error { type OpenAPIOmitZero struct { Version string `json:"openapi"` Info *spec.Info `json:"info"` @@ -71,5 +72,5 @@ func (o *OpenAPI) MarshalNextJSON(opts jsonv2.MarshalOptions, enc *jsonv2.Encode ExternalDocs *ExternalDocumentation `json:"externalDocs,omitzero"` } x := (*OpenAPIOmitZero)(o) - return opts.MarshalNext(enc, x) + return jsonv2.MarshalEncode(enc, x) } diff --git a/vendor/k8s.io/kube-openapi/pkg/validation/spec/header.go b/vendor/k8s.io/kube-openapi/pkg/validation/spec/header.go index 05310c46b3..5aa66ae25f 100644 --- a/vendor/k8s.io/kube-openapi/pkg/validation/spec/header.go +++ b/vendor/k8s.io/kube-openapi/pkg/validation/spec/header.go @@ -20,6 +20,7 @@ import ( "github.com/go-openapi/swag" "k8s.io/kube-openapi/pkg/internal" jsonv2 "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json" + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext" ) const ( @@ -65,18 +66,18 @@ func (h Header) MarshalJSON() ([]byte, error) { return swag.ConcatJSON(b1, b2, b3, b4), nil } -func (h Header) MarshalNextJSON(opts jsonv2.MarshalOptions, enc *jsonv2.Encoder) error { +func (h Header) MarshalJSONTo(enc *jsontext.Encoder) error { var x struct { CommonValidations commonValidationsOmitZero `json:",inline"` SimpleSchema simpleSchemaOmitZero `json:",inline"` - Extensions + Extensions Extensions `json:",inline"` HeaderProps } x.CommonValidations = commonValidationsOmitZero(h.CommonValidations) x.SimpleSchema = simpleSchemaOmitZero(h.SimpleSchema) x.Extensions = internal.SanitizeExtensions(h.Extensions) x.HeaderProps = h.HeaderProps - return opts.MarshalNext(enc, x) + return jsonv2.MarshalEncode(enc, x) } // UnmarshalJSON unmarshals this header from JSON @@ -97,15 +98,15 @@ func (h *Header) UnmarshalJSON(data []byte) error { return json.Unmarshal(data, &h.HeaderProps) } -func (h *Header) UnmarshalNextJSON(opts jsonv2.UnmarshalOptions, dec *jsonv2.Decoder) error { +func (h *Header) UnmarshalJSONFrom(dec *jsontext.Decoder) error { var x struct { CommonValidations SimpleSchema - Extensions + Extensions Extensions `json:",inline"` HeaderProps } - if err := opts.UnmarshalNext(dec, &x); err != nil { + if err := jsonv2.UnmarshalDecode(dec, &x); err != nil { return err } diff --git a/vendor/k8s.io/kube-openapi/pkg/validation/spec/info.go b/vendor/k8s.io/kube-openapi/pkg/validation/spec/info.go index d667b705be..8d002a1c58 100644 --- a/vendor/k8s.io/kube-openapi/pkg/validation/spec/info.go +++ b/vendor/k8s.io/kube-openapi/pkg/validation/spec/info.go @@ -21,6 +21,7 @@ import ( "github.com/go-openapi/swag" "k8s.io/kube-openapi/pkg/internal" jsonv2 "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json" + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext" ) // Extensions vendor specific extensions @@ -183,14 +184,14 @@ func (i Info) MarshalJSON() ([]byte, error) { return swag.ConcatJSON(b1, b2), nil } -func (i Info) MarshalNextJSON(opts jsonv2.MarshalOptions, enc *jsonv2.Encoder) error { +func (i Info) MarshalJSONTo(enc *jsontext.Encoder) error { var x struct { - Extensions + Extensions Extensions `json:",inline"` InfoProps } x.Extensions = i.Extensions x.InfoProps = i.InfoProps - return opts.MarshalNext(enc, x) + return jsonv2.MarshalEncode(enc, x) } // UnmarshalJSON marshal this from JSON @@ -205,12 +206,12 @@ func (i *Info) UnmarshalJSON(data []byte) error { return json.Unmarshal(data, &i.VendorExtensible) } -func (i *Info) UnmarshalNextJSON(opts jsonv2.UnmarshalOptions, dec *jsonv2.Decoder) error { +func (i *Info) UnmarshalJSONFrom(dec *jsontext.Decoder) error { var x struct { - Extensions + Extensions Extensions `json:",inline"` InfoProps } - if err := opts.UnmarshalNext(dec, &x); err != nil { + if err := jsonv2.UnmarshalDecode(dec, &x); err != nil { return err } i.Extensions = internal.SanitizeExtensions(x.Extensions) diff --git a/vendor/k8s.io/kube-openapi/pkg/validation/spec/items.go b/vendor/k8s.io/kube-openapi/pkg/validation/spec/items.go index 4132467d24..6fbb19a464 100644 --- a/vendor/k8s.io/kube-openapi/pkg/validation/spec/items.go +++ b/vendor/k8s.io/kube-openapi/pkg/validation/spec/items.go @@ -20,6 +20,7 @@ import ( "github.com/go-openapi/swag" "k8s.io/kube-openapi/pkg/internal" jsonv2 "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json" + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext" ) const ( @@ -122,13 +123,13 @@ func (i *Items) UnmarshalJSON(data []byte) error { return nil } -func (i *Items) UnmarshalNextJSON(opts jsonv2.UnmarshalOptions, dec *jsonv2.Decoder) error { +func (i *Items) UnmarshalJSONFrom(dec *jsontext.Decoder) error { var x struct { CommonValidations SimpleSchema - Extensions + Extensions Extensions `json:",inline"` } - if err := opts.UnmarshalNext(dec, &x); err != nil { + if err := jsonv2.UnmarshalDecode(dec, &x); err != nil { return err } if err := i.Refable.Ref.fromMap(x.Extensions); err != nil { @@ -165,16 +166,16 @@ func (i Items) MarshalJSON() ([]byte, error) { return swag.ConcatJSON(b4, b3, b1, b2), nil } -func (i Items) MarshalNextJSON(opts jsonv2.MarshalOptions, enc *jsonv2.Encoder) error { +func (i Items) MarshalJSONTo(enc *jsontext.Encoder) error { var x struct { CommonValidations commonValidationsOmitZero `json:",inline"` SimpleSchema simpleSchemaOmitZero `json:",inline"` Ref string `json:"$ref,omitempty"` - Extensions + Extensions Extensions `json:",inline"` } x.CommonValidations = commonValidationsOmitZero(i.CommonValidations) x.SimpleSchema = simpleSchemaOmitZero(i.SimpleSchema) x.Ref = i.Refable.Ref.String() x.Extensions = internal.SanitizeExtensions(i.Extensions) - return opts.MarshalNext(enc, x) + return jsonv2.MarshalEncode(enc, x) } diff --git a/vendor/k8s.io/kube-openapi/pkg/validation/spec/operation.go b/vendor/k8s.io/kube-openapi/pkg/validation/spec/operation.go index 63eed34601..99b620f944 100644 --- a/vendor/k8s.io/kube-openapi/pkg/validation/spec/operation.go +++ b/vendor/k8s.io/kube-openapi/pkg/validation/spec/operation.go @@ -20,6 +20,7 @@ import ( "github.com/go-openapi/swag" "k8s.io/kube-openapi/pkg/internal" jsonv2 "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json" + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext" ) // OperationProps describes an operation @@ -104,13 +105,13 @@ func (o *Operation) UnmarshalJSON(data []byte) error { return json.Unmarshal(data, &o.VendorExtensible) } -func (o *Operation) UnmarshalNextJSON(opts jsonv2.UnmarshalOptions, dec *jsonv2.Decoder) error { +func (o *Operation) UnmarshalJSONFrom(dec *jsontext.Decoder) error { type OperationPropsNoMethods OperationProps // strip MarshalJSON method var x struct { - Extensions + Extensions Extensions `json:",inline"` OperationPropsNoMethods } - if err := opts.UnmarshalNext(dec, &x); err != nil { + if err := jsonv2.UnmarshalDecode(dec, &x); err != nil { return err } o.Extensions = internal.SanitizeExtensions(x.Extensions) @@ -135,12 +136,12 @@ func (o Operation) MarshalJSON() ([]byte, error) { return concated, nil } -func (o Operation) MarshalNextJSON(opts jsonv2.MarshalOptions, enc *jsonv2.Encoder) error { +func (o Operation) MarshalJSONTo(enc *jsontext.Encoder) error { var x struct { - Extensions + Extensions Extensions `json:",inline"` OperationProps operationPropsOmitZero `json:",inline"` } x.Extensions = internal.SanitizeExtensions(o.Extensions) x.OperationProps = operationPropsOmitZero(o.OperationProps) - return opts.MarshalNext(enc, x) + return jsonv2.MarshalEncode(enc, x) } diff --git a/vendor/k8s.io/kube-openapi/pkg/validation/spec/parameter.go b/vendor/k8s.io/kube-openapi/pkg/validation/spec/parameter.go index 53d1e0aa94..f2e61a7211 100644 --- a/vendor/k8s.io/kube-openapi/pkg/validation/spec/parameter.go +++ b/vendor/k8s.io/kube-openapi/pkg/validation/spec/parameter.go @@ -20,6 +20,7 @@ import ( "github.com/go-openapi/swag" "k8s.io/kube-openapi/pkg/internal" jsonv2 "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json" + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext" ) // ParamProps describes the specific attributes of an operation parameter @@ -107,14 +108,14 @@ func (p *Parameter) UnmarshalJSON(data []byte) error { return json.Unmarshal(data, &p.ParamProps) } -func (p *Parameter) UnmarshalNextJSON(opts jsonv2.UnmarshalOptions, dec *jsonv2.Decoder) error { +func (p *Parameter) UnmarshalJSONFrom(dec *jsontext.Decoder) error { var x struct { CommonValidations SimpleSchema - Extensions + Extensions Extensions `json:",inline"` ParamProps } - if err := opts.UnmarshalNext(dec, &x); err != nil { + if err := jsonv2.UnmarshalDecode(dec, &x); err != nil { return err } if err := p.Refable.Ref.fromMap(x.Extensions); err != nil { @@ -155,18 +156,18 @@ func (p Parameter) MarshalJSON() ([]byte, error) { return swag.ConcatJSON(b3, b1, b2, b4, b5), nil } -func (p Parameter) MarshalNextJSON(opts jsonv2.MarshalOptions, enc *jsonv2.Encoder) error { +func (p Parameter) MarshalJSONTo(enc *jsontext.Encoder) error { var x struct { CommonValidations commonValidationsOmitZero `json:",inline"` SimpleSchema simpleSchemaOmitZero `json:",inline"` ParamProps paramPropsOmitZero `json:",inline"` Ref string `json:"$ref,omitempty"` - Extensions + Extensions Extensions `json:",inline"` } x.CommonValidations = commonValidationsOmitZero(p.CommonValidations) x.SimpleSchema = simpleSchemaOmitZero(p.SimpleSchema) x.Extensions = internal.SanitizeExtensions(p.Extensions) x.ParamProps = paramPropsOmitZero(p.ParamProps) x.Ref = p.Refable.Ref.String() - return opts.MarshalNext(enc, x) + return jsonv2.MarshalEncode(enc, x) } diff --git a/vendor/k8s.io/kube-openapi/pkg/validation/spec/path_item.go b/vendor/k8s.io/kube-openapi/pkg/validation/spec/path_item.go index 1d1588cb92..f2a0d9542e 100644 --- a/vendor/k8s.io/kube-openapi/pkg/validation/spec/path_item.go +++ b/vendor/k8s.io/kube-openapi/pkg/validation/spec/path_item.go @@ -20,6 +20,7 @@ import ( "github.com/go-openapi/swag" "k8s.io/kube-openapi/pkg/internal" jsonv2 "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json" + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext" ) // PathItemProps the path item specific properties @@ -61,13 +62,13 @@ func (p *PathItem) UnmarshalJSON(data []byte) error { return json.Unmarshal(data, &p.PathItemProps) } -func (p *PathItem) UnmarshalNextJSON(opts jsonv2.UnmarshalOptions, dec *jsonv2.Decoder) error { +func (p *PathItem) UnmarshalJSONFrom(dec *jsontext.Decoder) error { var x struct { - Extensions + Extensions Extensions `json:",inline"` PathItemProps } - if err := opts.UnmarshalNext(dec, &x); err != nil { + if err := jsonv2.UnmarshalDecode(dec, &x); err != nil { return err } if err := p.Refable.Ref.fromMap(x.Extensions); err != nil { @@ -100,14 +101,14 @@ func (p PathItem) MarshalJSON() ([]byte, error) { return concated, nil } -func (p PathItem) MarshalNextJSON(opts jsonv2.MarshalOptions, enc *jsonv2.Encoder) error { +func (p PathItem) MarshalJSONTo(enc *jsontext.Encoder) error { var x struct { - Ref string `json:"$ref,omitempty"` - Extensions + Ref string `json:"$ref,omitempty"` + Extensions Extensions `json:",inline"` PathItemProps } x.Ref = p.Refable.Ref.String() x.Extensions = internal.SanitizeExtensions(p.Extensions) x.PathItemProps = p.PathItemProps - return opts.MarshalNext(enc, x) + return jsonv2.MarshalEncode(enc, x) } diff --git a/vendor/k8s.io/kube-openapi/pkg/validation/spec/paths.go b/vendor/k8s.io/kube-openapi/pkg/validation/spec/paths.go index 18f6a9f429..23b72cccea 100644 --- a/vendor/k8s.io/kube-openapi/pkg/validation/spec/paths.go +++ b/vendor/k8s.io/kube-openapi/pkg/validation/spec/paths.go @@ -22,6 +22,7 @@ import ( "github.com/go-openapi/swag" "k8s.io/kube-openapi/pkg/internal" jsonv2 "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json" + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext" ) // Paths holds the relative paths to the individual endpoints. @@ -70,7 +71,7 @@ func (p *Paths) UnmarshalJSON(data []byte) error { return nil } -func (p *Paths) UnmarshalNextJSON(opts jsonv2.UnmarshalOptions, dec *jsonv2.Decoder) error { +func (p *Paths) UnmarshalJSONFrom(dec *jsontext.Decoder) error { tok, err := dec.ReadToken() if err != nil { return err @@ -94,7 +95,7 @@ func (p *Paths) UnmarshalNextJSON(opts jsonv2.UnmarshalOptions, dec *jsonv2.Deco switch k := tok.String(); { case internal.IsExtensionKey(k): ext = nil - if err := opts.UnmarshalNext(dec, &ext); err != nil { + if err := jsonv2.UnmarshalDecode(dec, &ext); err != nil { return err } @@ -104,7 +105,7 @@ func (p *Paths) UnmarshalNextJSON(opts jsonv2.UnmarshalOptions, dec *jsonv2.Deco p.Extensions[k] = ext case len(k) > 0 && k[0] == '/': pi = PathItem{} - if err := opts.UnmarshalNext(dec, &pi); err != nil { + if err := jsonv2.UnmarshalDecode(dec, &pi); err != nil { return err } @@ -148,7 +149,7 @@ func (p Paths) MarshalJSON() ([]byte, error) { return concated, nil } -func (p Paths) MarshalNextJSON(opts jsonv2.MarshalOptions, enc *jsonv2.Encoder) error { +func (p Paths) MarshalJSONTo(enc *jsontext.Encoder) error { m := make(map[string]any, len(p.Extensions)+len(p.Paths)) for k, v := range p.Extensions { if internal.IsExtensionKey(k) { @@ -160,5 +161,5 @@ func (p Paths) MarshalNextJSON(opts jsonv2.MarshalOptions, enc *jsonv2.Encoder) m[k] = v } } - return opts.MarshalNext(enc, m) + return jsonv2.MarshalEncode(enc, m) } diff --git a/vendor/k8s.io/kube-openapi/pkg/validation/spec/ref.go b/vendor/k8s.io/kube-openapi/pkg/validation/spec/ref.go index 775b3b0c36..29cec61930 100644 --- a/vendor/k8s.io/kube-openapi/pkg/validation/spec/ref.go +++ b/vendor/k8s.io/kube-openapi/pkg/validation/spec/ref.go @@ -16,10 +16,6 @@ package spec import ( "encoding/json" - "net/http" - "os" - "path/filepath" - "github.com/go-openapi/jsonreference" "k8s.io/kube-openapi/pkg/internal" @@ -56,52 +52,6 @@ func (r *Ref) RemoteURI() string { return u.String() } -// IsValidURI returns true when the url the ref points to can be found -func (r *Ref) IsValidURI(basepaths ...string) bool { - if r.String() == "" { - return true - } - - v := r.RemoteURI() - if v == "" { - return true - } - - if r.HasFullURL { - rr, err := http.Get(v) - if err != nil { - return false - } - - return rr.StatusCode/100 == 2 - } - - if !(r.HasFileScheme || r.HasFullFilePath || r.HasURLPathOnly) { - return false - } - - // check for local file - pth := v - if r.HasURLPathOnly { - base := "." - if len(basepaths) > 0 { - base = filepath.Dir(filepath.Join(basepaths...)) - } - p, e := filepath.Abs(filepath.ToSlash(filepath.Join(base, pth))) - if e != nil { - return false - } - pth = p - } - - fi, err := os.Stat(filepath.ToSlash(pth)) - if err != nil { - return false - } - - return !fi.IsDir() -} - // Inherits creates a new reference from a parent and a child // If the child cannot inherit from the parent, an error is returned func (r *Ref) Inherits(child Ref) (*Ref, error) { diff --git a/vendor/k8s.io/kube-openapi/pkg/validation/spec/response.go b/vendor/k8s.io/kube-openapi/pkg/validation/spec/response.go index 3ff1fe1322..585a93accf 100644 --- a/vendor/k8s.io/kube-openapi/pkg/validation/spec/response.go +++ b/vendor/k8s.io/kube-openapi/pkg/validation/spec/response.go @@ -20,6 +20,7 @@ import ( "github.com/go-openapi/swag" "k8s.io/kube-openapi/pkg/internal" jsonv2 "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json" + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext" ) // ResponseProps properties specific to a response @@ -67,13 +68,13 @@ func (r *Response) UnmarshalJSON(data []byte) error { return nil } -func (r *Response) UnmarshalNextJSON(opts jsonv2.UnmarshalOptions, dec *jsonv2.Decoder) error { +func (r *Response) UnmarshalJSONFrom(dec *jsontext.Decoder) error { var x struct { ResponseProps - Extensions + Extensions Extensions `json:",inline"` } - if err := opts.UnmarshalNext(dec, &x); err != nil { + if err := jsonv2.UnmarshalDecode(dec, &x); err != nil { return err } @@ -106,16 +107,16 @@ func (r Response) MarshalJSON() ([]byte, error) { return swag.ConcatJSON(b1, b2, b3), nil } -func (r Response) MarshalNextJSON(opts jsonv2.MarshalOptions, enc *jsonv2.Encoder) error { +func (r Response) MarshalJSONTo(enc *jsontext.Encoder) error { var x struct { - Ref string `json:"$ref,omitempty"` - Extensions + Ref string `json:"$ref,omitempty"` + Extensions Extensions `json:",inline"` ResponseProps responsePropsOmitZero `json:",inline"` } x.Ref = r.Refable.Ref.String() x.Extensions = internal.SanitizeExtensions(r.Extensions) x.ResponseProps = responsePropsOmitZero(r.ResponseProps) - return opts.MarshalNext(enc, x) + return jsonv2.MarshalEncode(enc, x) } // NewResponse creates a new response instance diff --git a/vendor/k8s.io/kube-openapi/pkg/validation/spec/responses.go b/vendor/k8s.io/kube-openapi/pkg/validation/spec/responses.go index d9ad760a43..a1a3d0fd57 100644 --- a/vendor/k8s.io/kube-openapi/pkg/validation/spec/responses.go +++ b/vendor/k8s.io/kube-openapi/pkg/validation/spec/responses.go @@ -23,6 +23,7 @@ import ( "github.com/go-openapi/swag" "k8s.io/kube-openapi/pkg/internal" jsonv2 "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json" + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext" ) // Responses is a container for the expected responses of an operation. @@ -78,11 +79,11 @@ func (r Responses) MarshalJSON() ([]byte, error) { return concated, nil } -func (r Responses) MarshalNextJSON(opts jsonv2.MarshalOptions, enc *jsonv2.Encoder) error { +func (r Responses) MarshalJSONTo(enc *jsontext.Encoder) error { type ArbitraryKeys map[string]interface{} var x struct { - ArbitraryKeys - Default *Response `json:"default,omitempty"` + ArbitraryKeys ArbitraryKeys `json:",inline"` + Default *Response `json:"default,omitempty"` } x.ArbitraryKeys = make(map[string]any, len(r.Extensions)+len(r.StatusCodeResponses)) for k, v := range r.Extensions { @@ -94,7 +95,7 @@ func (r Responses) MarshalNextJSON(opts jsonv2.MarshalOptions, enc *jsonv2.Encod x.ArbitraryKeys[strconv.Itoa(k)] = v } x.Default = r.Default - return opts.MarshalNext(enc, x) + return jsonv2.MarshalEncode(enc, x) } // ResponsesProps describes all responses for an operation. @@ -150,7 +151,7 @@ func (r *ResponsesProps) UnmarshalJSON(data []byte) error { return nil } -func (r *Responses) UnmarshalNextJSON(opts jsonv2.UnmarshalOptions, dec *jsonv2.Decoder) (err error) { +func (r *Responses) UnmarshalJSONFrom(dec *jsontext.Decoder) (err error) { tok, err := dec.ReadToken() if err != nil { return err @@ -172,7 +173,7 @@ func (r *Responses) UnmarshalNextJSON(opts jsonv2.UnmarshalOptions, dec *jsonv2. switch k := tok.String(); { case internal.IsExtensionKey(k): ext = nil - if err := opts.UnmarshalNext(dec, &ext); err != nil { + if err := jsonv2.UnmarshalDecode(dec, &ext); err != nil { return err } @@ -182,7 +183,7 @@ func (r *Responses) UnmarshalNextJSON(opts jsonv2.UnmarshalOptions, dec *jsonv2. r.Extensions[k] = ext case k == "default": resp = Response{} - if err := opts.UnmarshalNext(dec, &resp); err != nil { + if err := jsonv2.UnmarshalDecode(dec, &resp); err != nil { return err } @@ -191,7 +192,7 @@ func (r *Responses) UnmarshalNextJSON(opts jsonv2.UnmarshalOptions, dec *jsonv2. default: if nk, err := strconv.Atoi(k); err == nil { resp = Response{} - if err := opts.UnmarshalNext(dec, &resp); err != nil { + if err := jsonv2.UnmarshalDecode(dec, &resp); err != nil { return err } diff --git a/vendor/k8s.io/kube-openapi/pkg/validation/spec/schema.go b/vendor/k8s.io/kube-openapi/pkg/validation/spec/schema.go index dfbb2e05cb..6c0c6fc14c 100644 --- a/vendor/k8s.io/kube-openapi/pkg/validation/spec/schema.go +++ b/vendor/k8s.io/kube-openapi/pkg/validation/spec/schema.go @@ -23,6 +23,7 @@ import ( "github.com/go-openapi/swag" "k8s.io/kube-openapi/pkg/internal" jsonv2 "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json" + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext" ) // BooleanProperty creates a boolean property @@ -517,10 +518,10 @@ func (s Schema) MarshalJSON() ([]byte, error) { return swag.ConcatJSON(b1, b2, b3, b4, b5, b6), nil } -func (s Schema) MarshalNextJSON(opts jsonv2.MarshalOptions, enc *jsonv2.Encoder) error { +func (s Schema) MarshalJSONTo(enc *jsontext.Encoder) error { type ArbitraryKeys map[string]interface{} var x struct { - ArbitraryKeys + ArbitraryKeys ArbitraryKeys `json:",inline"` SchemaProps schemaPropsOmitZero `json:",inline"` SwaggerSchemaProps swaggerSchemaPropsOmitZero `json:",inline"` Schema string `json:"$schema,omitempty"` @@ -539,7 +540,7 @@ func (s Schema) MarshalNextJSON(opts jsonv2.MarshalOptions, enc *jsonv2.Encoder) x.SwaggerSchemaProps = swaggerSchemaPropsOmitZero(s.SwaggerSchemaProps) x.Ref = s.Ref.String() x.Schema = string(s.Schema) - return opts.MarshalNext(enc, x) + return jsonv2.MarshalEncode(enc, x) } // UnmarshalJSON marshal this from JSON @@ -595,13 +596,13 @@ func (s *Schema) UnmarshalJSON(data []byte) error { return nil } -func (s *Schema) UnmarshalNextJSON(opts jsonv2.UnmarshalOptions, dec *jsonv2.Decoder) error { +func (s *Schema) UnmarshalJSONFrom(dec *jsontext.Decoder) error { var x struct { - Extensions + Extensions Extensions `json:",inline"` SchemaProps SwaggerSchemaProps } - if err := opts.UnmarshalNext(dec, &x); err != nil { + if err := jsonv2.UnmarshalDecode(dec, &x); err != nil { return err } diff --git a/vendor/k8s.io/kube-openapi/pkg/validation/spec/security_scheme.go b/vendor/k8s.io/kube-openapi/pkg/validation/spec/security_scheme.go index e2b7da14cf..7c7b6bdd8f 100644 --- a/vendor/k8s.io/kube-openapi/pkg/validation/spec/security_scheme.go +++ b/vendor/k8s.io/kube-openapi/pkg/validation/spec/security_scheme.go @@ -20,6 +20,7 @@ import ( "github.com/go-openapi/swag" "k8s.io/kube-openapi/pkg/internal" jsonv2 "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json" + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext" ) // SecuritySchemeProps describes a swagger security scheme in the securityDefinitions section @@ -60,14 +61,14 @@ func (s SecurityScheme) MarshalJSON() ([]byte, error) { return swag.ConcatJSON(b1, b2), nil } -func (s SecurityScheme) MarshalNextJSON(opts jsonv2.MarshalOptions, enc *jsonv2.Encoder) error { +func (s SecurityScheme) MarshalJSONTo(enc *jsontext.Encoder) error { var x struct { - Extensions + Extensions Extensions `json:",inline"` SecuritySchemeProps } x.Extensions = internal.SanitizeExtensions(s.Extensions) x.SecuritySchemeProps = s.SecuritySchemeProps - return opts.MarshalNext(enc, x) + return jsonv2.MarshalEncode(enc, x) } // UnmarshalJSON marshal this from JSON @@ -78,12 +79,12 @@ func (s *SecurityScheme) UnmarshalJSON(data []byte) error { return json.Unmarshal(data, &s.VendorExtensible) } -func (s *SecurityScheme) UnmarshalNextJSON(opts jsonv2.UnmarshalOptions, dec *jsonv2.Decoder) error { +func (s *SecurityScheme) UnmarshalJSONFrom(dec *jsontext.Decoder) error { var x struct { - Extensions + Extensions Extensions `json:",inline"` SecuritySchemeProps } - if err := opts.UnmarshalNext(dec, &x); err != nil { + if err := jsonv2.UnmarshalDecode(dec, &x); err != nil { return err } s.Extensions = internal.SanitizeExtensions(x.Extensions) diff --git a/vendor/k8s.io/kube-openapi/pkg/validation/spec/swagger.go b/vendor/k8s.io/kube-openapi/pkg/validation/spec/swagger.go index c8f3beaa35..533b7cc83e 100644 --- a/vendor/k8s.io/kube-openapi/pkg/validation/spec/swagger.go +++ b/vendor/k8s.io/kube-openapi/pkg/validation/spec/swagger.go @@ -21,6 +21,7 @@ import ( "github.com/go-openapi/swag" "k8s.io/kube-openapi/pkg/internal" jsonv2 "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json" + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext" ) // Swagger this is the root document object for the API specification. @@ -50,14 +51,14 @@ func (s Swagger) MarshalJSON() ([]byte, error) { } // MarshalJSON marshals this swagger structure to json -func (s Swagger) MarshalNextJSON(opts jsonv2.MarshalOptions, enc *jsonv2.Encoder) error { +func (s Swagger) MarshalJSONTo(enc *jsontext.Encoder) error { var x struct { - Extensions + Extensions Extensions `json:",inline"` SwaggerProps } x.Extensions = internal.SanitizeExtensions(s.Extensions) x.SwaggerProps = s.SwaggerProps - return opts.MarshalNext(enc, x) + return jsonv2.MarshalEncode(enc, x) } // UnmarshalJSON unmarshals a swagger spec from json @@ -76,16 +77,16 @@ func (s *Swagger) UnmarshalJSON(data []byte) error { return nil } -func (s *Swagger) UnmarshalNextJSON(opts jsonv2.UnmarshalOptions, dec *jsonv2.Decoder) error { +func (s *Swagger) UnmarshalJSONFrom(dec *jsontext.Decoder) error { // Note: If you're willing to make breaking changes, it is possible to // optimize this and other usages of this pattern: // https://github.com/kubernetes/kube-openapi/pull/319#discussion_r983165948 var x struct { - Extensions + Extensions Extensions `json:",inline"` SwaggerProps } - if err := opts.UnmarshalNext(dec, &x); err != nil { + if err := jsonv2.UnmarshalDecode(dec, &x); err != nil { return err } s.Extensions = internal.SanitizeExtensions(x.Extensions) @@ -146,15 +147,15 @@ func (s SchemaOrBool) MarshalJSON() ([]byte, error) { } // MarshalJSON convert this object to JSON -func (s SchemaOrBool) MarshalNextJSON(opts jsonv2.MarshalOptions, enc *jsonv2.Encoder) error { +func (s SchemaOrBool) MarshalJSONTo(enc *jsontext.Encoder) error { if s.Schema != nil { - return opts.MarshalNext(enc, s.Schema) + return jsonv2.MarshalEncode(enc, s.Schema) } if s.Schema == nil && !s.Allows { - return enc.WriteToken(jsonv2.False) + return enc.WriteToken(jsontext.False) } - return enc.WriteToken(jsonv2.True) + return enc.WriteToken(jsontext.True) } // UnmarshalJSON converts this bool or schema object from a JSON structure @@ -178,17 +179,17 @@ func (s *SchemaOrBool) UnmarshalJSON(data []byte) error { return nil } -func (s *SchemaOrBool) UnmarshalNextJSON(opts jsonv2.UnmarshalOptions, dec *jsonv2.Decoder) error { +func (s *SchemaOrBool) UnmarshalJSONFrom(dec *jsontext.Decoder) error { switch k := dec.PeekKind(); k { case '{': - err := opts.UnmarshalNext(dec, &s.Schema) + err := jsonv2.UnmarshalDecode(dec, &s.Schema) if err != nil { return err } s.Allows = true return nil case 't', 'f': - err := opts.UnmarshalNext(dec, &s.Allows) + err := jsonv2.UnmarshalDecode(dec, &s.Allows) if err != nil { return err } @@ -219,14 +220,14 @@ func (s SchemaOrStringArray) MarshalJSON() ([]byte, error) { } // MarshalJSON converts this schema object or array into JSON structure -func (s SchemaOrStringArray) MarshalNextJSON(opts jsonv2.MarshalOptions, enc *jsonv2.Encoder) error { +func (s SchemaOrStringArray) MarshalJSONTo(enc *jsontext.Encoder) error { if len(s.Property) > 0 { - return opts.MarshalNext(enc, s.Property) + return jsonv2.MarshalEncode(enc, s.Property) } if s.Schema != nil { - return opts.MarshalNext(enc, s.Schema) + return jsonv2.MarshalEncode(enc, s.Schema) } - return enc.WriteToken(jsonv2.Null) + return enc.WriteToken(jsontext.Null) } // UnmarshalJSON converts this schema object or array from a JSON structure @@ -256,12 +257,12 @@ func (s *SchemaOrStringArray) UnmarshalJSON(data []byte) error { return nil } -func (s *SchemaOrStringArray) UnmarshalNextJSON(opts jsonv2.UnmarshalOptions, dec *jsonv2.Decoder) error { +func (s *SchemaOrStringArray) UnmarshalJSONFrom(dec *jsontext.Decoder) error { switch dec.PeekKind() { case '{': - return opts.UnmarshalNext(dec, &s.Schema) + return jsonv2.UnmarshalDecode(dec, &s.Schema) case '[': - return opts.UnmarshalNext(dec, &s.Property) + return jsonv2.UnmarshalDecode(dec, &s.Property) default: _, err := dec.ReadValue() return err @@ -332,14 +333,14 @@ func (s *StringOrArray) UnmarshalJSON(data []byte) error { } } -func (s *StringOrArray) UnmarshalNextJSON(opts jsonv2.UnmarshalOptions, dec *jsonv2.Decoder) error { +func (s *StringOrArray) UnmarshalJSONFrom(dec *jsontext.Decoder) error { switch k := dec.PeekKind(); k { case '[': *s = StringOrArray{} - return opts.UnmarshalNext(dec, (*[]string)(s)) + return jsonv2.UnmarshalDecode(dec, (*[]string)(s)) case '"': *s = StringOrArray{""} - return opts.UnmarshalNext(dec, &(*s)[0]) + return jsonv2.UnmarshalDecode(dec, &(*s)[0]) case 'n': // Throw out null token _, _ = dec.ReadToken() @@ -392,11 +393,11 @@ func (s SchemaOrArray) MarshalJSON() ([]byte, error) { } // MarshalJSON converts this schema object or array into JSON structure -func (s SchemaOrArray) MarshalNextJSON(opts jsonv2.MarshalOptions, enc *jsonv2.Encoder) error { +func (s SchemaOrArray) MarshalJSONTo(enc *jsontext.Encoder) error { if s.Schemas != nil { - return opts.MarshalNext(enc, s.Schemas) + return jsonv2.MarshalEncode(enc, s.Schemas) } - return opts.MarshalNext(enc, s.Schema) + return jsonv2.MarshalEncode(enc, s.Schema) } // UnmarshalJSON converts this schema object or array from a JSON structure @@ -426,12 +427,12 @@ func (s *SchemaOrArray) UnmarshalJSON(data []byte) error { return nil } -func (s *SchemaOrArray) UnmarshalNextJSON(opts jsonv2.UnmarshalOptions, dec *jsonv2.Decoder) error { +func (s *SchemaOrArray) UnmarshalJSONFrom(dec *jsontext.Decoder) error { switch dec.PeekKind() { case '{': - return opts.UnmarshalNext(dec, &s.Schema) + return jsonv2.UnmarshalDecode(dec, &s.Schema) case '[': - return opts.UnmarshalNext(dec, &s.Schemas) + return jsonv2.UnmarshalDecode(dec, &s.Schemas) default: _, err := dec.ReadValue() return err diff --git a/vendor/k8s.io/kube-openapi/pkg/validation/spec/tag.go b/vendor/k8s.io/kube-openapi/pkg/validation/spec/tag.go index d105d52ca4..89c3d0d820 100644 --- a/vendor/k8s.io/kube-openapi/pkg/validation/spec/tag.go +++ b/vendor/k8s.io/kube-openapi/pkg/validation/spec/tag.go @@ -20,6 +20,7 @@ import ( "github.com/go-openapi/swag" "k8s.io/kube-openapi/pkg/internal" jsonv2 "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json" + "k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext" ) // TagProps describe a tag entry in the top level tags section of a swagger spec @@ -55,14 +56,14 @@ func (t Tag) MarshalJSON() ([]byte, error) { return swag.ConcatJSON(b1, b2), nil } -func (t Tag) MarshalNextJSON(opts jsonv2.MarshalOptions, enc *jsonv2.Encoder) error { +func (t Tag) MarshalJSONTo(enc *jsontext.Encoder) error { var x struct { - Extensions + Extensions Extensions `json:",inline"` TagProps } x.Extensions = internal.SanitizeExtensions(t.Extensions) x.TagProps = t.TagProps - return opts.MarshalNext(enc, x) + return jsonv2.MarshalEncode(enc, x) } // UnmarshalJSON marshal this from JSON @@ -77,12 +78,12 @@ func (t *Tag) UnmarshalJSON(data []byte) error { return json.Unmarshal(data, &t.VendorExtensible) } -func (t *Tag) UnmarshalNextJSON(opts jsonv2.UnmarshalOptions, dec *jsonv2.Decoder) error { +func (t *Tag) UnmarshalJSONFrom(dec *jsontext.Decoder) error { var x struct { - Extensions + Extensions Extensions `json:",inline"` TagProps } - if err := opts.UnmarshalNext(dec, &x); err != nil { + if err := jsonv2.UnmarshalDecode(dec, &x); err != nil { return err } t.Extensions = internal.SanitizeExtensions(x.Extensions) diff --git a/vendor/modules.txt b/vendor/modules.txt index dd2df782ba..b22712ca12 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -308,7 +308,7 @@ github.com/docker/libtrust github.com/elazarl/goproxy github.com/elazarl/goproxy/internal/http1parser github.com/elazarl/goproxy/internal/signer -# github.com/emicklei/go-restful/v3 v3.12.2 +# github.com/emicklei/go-restful/v3 v3.13.0 ## explicit; go 1.13 github.com/emicklei/go-restful/v3 github.com/emicklei/go-restful/v3/log @@ -374,9 +374,45 @@ github.com/go-openapi/jsonpointer ## explicit; go 1.20 github.com/go-openapi/jsonreference github.com/go-openapi/jsonreference/internal -# github.com/go-openapi/swag v0.23.0 -## explicit; go 1.20 +# github.com/go-openapi/swag v0.25.4 +## explicit; go 1.24.0 github.com/go-openapi/swag +# github.com/go-openapi/swag/cmdutils v0.25.4 +## explicit; go 1.24.0 +github.com/go-openapi/swag/cmdutils +# github.com/go-openapi/swag/conv v0.25.4 +## explicit; go 1.24.0 +github.com/go-openapi/swag/conv +# github.com/go-openapi/swag/fileutils v0.25.4 +## explicit; go 1.24.0 +github.com/go-openapi/swag/fileutils +# github.com/go-openapi/swag/jsonname v0.25.4 +## explicit; go 1.24.0 +github.com/go-openapi/swag/jsonname +# github.com/go-openapi/swag/jsonutils v0.25.4 +## explicit; go 1.24.0 +github.com/go-openapi/swag/jsonutils +github.com/go-openapi/swag/jsonutils/adapters +github.com/go-openapi/swag/jsonutils/adapters/ifaces +github.com/go-openapi/swag/jsonutils/adapters/stdlib/json +# github.com/go-openapi/swag/loading v0.25.4 +## explicit; go 1.24.0 +github.com/go-openapi/swag/loading +# github.com/go-openapi/swag/mangling v0.25.4 +## explicit; go 1.24.0 +github.com/go-openapi/swag/mangling +# github.com/go-openapi/swag/netutils v0.25.4 +## explicit; go 1.24.0 +github.com/go-openapi/swag/netutils +# github.com/go-openapi/swag/stringutils v0.25.4 +## explicit; go 1.24.0 +github.com/go-openapi/swag/stringutils +# github.com/go-openapi/swag/typeutils v0.25.4 +## explicit; go 1.24.0 +github.com/go-openapi/swag/typeutils +# github.com/go-openapi/swag/yamlutils v0.25.4 +## explicit; go 1.24.0 +github.com/go-openapi/swag/yamlutils # github.com/go-task/slim-sprig/v3 v3.0.0 ## explicit; go 1.20 github.com/go-task/slim-sprig/v3 @@ -509,9 +545,6 @@ github.com/joelanford/ignore # github.com/jonboulle/clockwork v0.5.0 ## explicit; go 1.21 github.com/jonboulle/clockwork -# github.com/josharian/intern v1.0.0 -## explicit; go 1.5 -github.com/josharian/intern # github.com/json-iterator/go v1.1.12 ## explicit; go 1.12 github.com/json-iterator/go @@ -531,11 +564,6 @@ github.com/liggitt/tabwriter # github.com/lithammer/dedent v1.1.0 ## explicit github.com/lithammer/dedent -# github.com/mailru/easyjson v0.7.7 -## explicit; go 1.12 -github.com/mailru/easyjson/buffer -github.com/mailru/easyjson/jlexer -github.com/mailru/easyjson/jwriter # github.com/mitchellh/go-wordwrap v1.0.1 ## explicit; go 1.14 github.com/mitchellh/go-wordwrap @@ -668,7 +696,7 @@ github.com/openshift-eng/openshift-tests-extension/pkg/ginkgo github.com/openshift-eng/openshift-tests-extension/pkg/junit github.com/openshift-eng/openshift-tests-extension/pkg/util/sets github.com/openshift-eng/openshift-tests-extension/pkg/version -# github.com/openshift/api v0.0.0-20260309185601-71270106f276 +# github.com/openshift/api v0.0.0-20260626094904-39631f42b31b ## explicit; go 1.25.0 github.com/openshift/api github.com/openshift/api/annotations @@ -691,6 +719,7 @@ github.com/openshift/api/config/v1alpha2 github.com/openshift/api/console github.com/openshift/api/console/v1 github.com/openshift/api/etcd +github.com/openshift/api/etcd/v1 github.com/openshift/api/etcd/v1alpha1 github.com/openshift/api/features github.com/openshift/api/helm @@ -758,7 +787,7 @@ github.com/openshift/build-machinery-go/make/targets/golang github.com/openshift/build-machinery-go/make/targets/openshift github.com/openshift/build-machinery-go/make/targets/openshift/operator github.com/openshift/build-machinery-go/scripts -# github.com/openshift/client-go v0.0.0-20260306160707-3935d929fc7d +# github.com/openshift/client-go v0.0.0-20260629081241-b769428f4111 ## explicit; go 1.25.0 github.com/openshift/client-go/apps/applyconfigurations github.com/openshift/client-go/apps/applyconfigurations/apps/v1 @@ -1800,13 +1829,18 @@ k8s.io/klog/v2/textlogger ## explicit; go 1.25.0 k8s.io/kube-aggregator/pkg/apis/apiregistration k8s.io/kube-aggregator/pkg/apis/apiregistration/v1 -# k8s.io/kube-openapi v0.0.0-20250910181357-589584f1c912 -## explicit; go 1.23.0 +# k8s.io/kube-openapi v0.0.0-20260519202549-bbf5c5577288 +## explicit; go 1.24.0 k8s.io/kube-openapi/pkg/cached k8s.io/kube-openapi/pkg/common k8s.io/kube-openapi/pkg/handler3 k8s.io/kube-openapi/pkg/internal k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json +k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal +k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal/jsonflags +k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal/jsonopts +k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/internal/jsonwire +k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json/jsontext k8s.io/kube-openapi/pkg/schemaconv k8s.io/kube-openapi/pkg/spec3 k8s.io/kube-openapi/pkg/util @@ -2022,7 +2056,7 @@ sigs.k8s.io/kustomize/kyaml/yaml/walk ## explicit; go 1.18 sigs.k8s.io/randfill sigs.k8s.io/randfill/bytesource -# sigs.k8s.io/structured-merge-diff/v6 v6.3.0 +# sigs.k8s.io/structured-merge-diff/v6 v6.3.2 ## explicit; go 1.23 sigs.k8s.io/structured-merge-diff/v6/fieldpath sigs.k8s.io/structured-merge-diff/v6/merge diff --git a/vendor/sigs.k8s.io/structured-merge-diff/v6/schema/elements.go b/vendor/sigs.k8s.io/structured-merge-diff/v6/schema/elements.go index 5d3707a5b5..c8138a6548 100644 --- a/vendor/sigs.k8s.io/structured-merge-diff/v6/schema/elements.go +++ b/vendor/sigs.k8s.io/structured-merge-diff/v6/schema/elements.go @@ -18,6 +18,7 @@ package schema import ( "sync" + "sync/atomic" ) // Schema is a list of named types. @@ -28,7 +29,7 @@ type Schema struct { Types []TypeDef `yaml:"types,omitempty"` once sync.Once - m map[string]TypeDef + m atomic.Pointer[map[string]TypeDef] lock sync.Mutex // Cached results of resolving type references to atoms. Only stores @@ -144,26 +145,28 @@ type Map struct { ElementRelationship ElementRelationship `yaml:"elementRelationship,omitempty"` once sync.Once - m map[string]StructField + m atomic.Pointer[map[string]StructField] } // FindField is a convenience function that returns the referenced StructField, // if it exists, or (nil, false) if it doesn't. func (m *Map) FindField(name string) (StructField, bool) { m.once.Do(func() { - m.m = make(map[string]StructField, len(m.Fields)) + mm := make(map[string]StructField, len(m.Fields)) for _, field := range m.Fields { - m.m[field.Name] = field + mm[field.Name] = field } + m.m.Store(&mm) }) - sf, ok := m.m[name] + sf, ok := (*m.m.Load())[name] return sf, ok } -// CopyInto this instance of Map into the other -// If other is nil this method does nothing. -// If other is already initialized, overwrites it with this instance -// Warning: Not thread safe +// CopyInto clones this instance of Map into dst +// +// If dst is nil this method does nothing. +// If dst is already initialized, overwrites it with this instance. +// Warning: Not thread safe. Only use dst after this function returns. func (m *Map) CopyInto(dst *Map) { if dst == nil { return @@ -175,12 +178,13 @@ func (m *Map) CopyInto(dst *Map) { dst.Unions = m.Unions dst.ElementRelationship = m.ElementRelationship - if m.m != nil { + mm := m.m.Load() + if mm != nil { // If cache is non-nil then the once token had been consumed. // Must reset token and use it again to ensure same semantics. dst.once = sync.Once{} dst.once.Do(func() { - dst.m = m.m + dst.m.Store(mm) }) } } @@ -274,12 +278,13 @@ type List struct { // if it exists, or (nil, false) if it doesn't. func (s *Schema) FindNamedType(name string) (TypeDef, bool) { s.once.Do(func() { - s.m = make(map[string]TypeDef, len(s.Types)) + sm := make(map[string]TypeDef, len(s.Types)) for _, t := range s.Types { - s.m[t.Name] = t + sm[t.Name] = t } + s.m.Store(&sm) }) - t, ok := s.m[name] + t, ok := (*s.m.Load())[name] return t, ok } @@ -352,10 +357,11 @@ func (s *Schema) Resolve(tr TypeRef) (Atom, bool) { return result, true } -// Clones this instance of Schema into the other -// If other is nil this method does nothing. -// If other is already initialized, overwrites it with this instance -// Warning: Not thread safe +// CopyInto clones this instance of Schema into dst +// +// If dst is nil this method does nothing. +// If dst is already initialized, overwrites it with this instance. +// Warning: Not thread safe. Only use dst after this function returns. func (s *Schema) CopyInto(dst *Schema) { if dst == nil { return @@ -364,12 +370,13 @@ func (s *Schema) CopyInto(dst *Schema) { // Schema type is considered immutable so sharing references dst.Types = s.Types - if s.m != nil { + sm := s.m.Load() + if sm != nil { // If cache is non-nil then the once token had been consumed. // Must reset token and use it again to ensure same semantics. dst.once = sync.Once{} dst.once.Do(func() { - dst.m = s.m + dst.m.Store(sm) }) } } diff --git a/vendor/sigs.k8s.io/structured-merge-diff/v6/typed/remove.go b/vendor/sigs.k8s.io/structured-merge-diff/v6/typed/remove.go index 86de5105d7..0db1734f94 100644 --- a/vendor/sigs.k8s.io/structured-merge-diff/v6/typed/remove.go +++ b/vendor/sigs.k8s.io/structured-merge-diff/v6/typed/remove.go @@ -58,6 +58,10 @@ func (w *removingWalker) doList(t *schema.List) (errs ValidationErrors) { defer w.allocator.Free(l) // If list is null or empty just return if l == nil || l.Length() == 0 { + // For extraction, we just return the value as is (which is nil or empty). For extraction the difference matters. + if w.shouldExtract { + w.out = w.value.Unstructured() + } return nil } @@ -71,6 +75,7 @@ func (w *removingWalker) doList(t *schema.List) (errs ValidationErrors) { } var newItems []interface{} + hadMatches := false iter := l.RangeUsing(w.allocator) defer w.allocator.Free(iter) for iter.Next() { @@ -80,24 +85,40 @@ func (w *removingWalker) doList(t *schema.List) (errs ValidationErrors) { path, _ := fieldpath.MakePath(pe) // save items on the path when we shouldExtract // but ignore them when we are removing (i.e. !w.shouldExtract) - if w.toRemove.Has(path) { - if w.shouldExtract { - newItems = append(newItems, removeItemsWithSchema(item, w.toRemove, w.schema, t.ElementType, w.shouldExtract).Unstructured()) - } else { - continue + isExactPathMatch := w.toRemove.Has(path) + isPrefixMatch := !w.toRemove.WithPrefix(pe).Empty() + if w.shouldExtract { + if isPrefixMatch { + item = removeItemsWithSchema(item, w.toRemove.WithPrefix(pe), w.schema, t.ElementType, w.shouldExtract) + } + if isExactPathMatch || isPrefixMatch { + newItems = append(newItems, item.Unstructured()) } - } - if subset := w.toRemove.WithPrefix(pe); !subset.Empty() { - item = removeItemsWithSchema(item, subset, w.schema, t.ElementType, w.shouldExtract) } else { - // don't save items not on the path when we shouldExtract. - if w.shouldExtract { + if isExactPathMatch { continue } + if isPrefixMatch { + // Removing nested items within this list item and preserve if it becomes empty + hadMatches = true + wasMap := item.IsMap() + wasList := item.IsList() + item = removeItemsWithSchema(item, w.toRemove.WithPrefix(pe), w.schema, t.ElementType, w.shouldExtract) + // If item returned null but we're removing items within the structure(not the item itself), + // preserve the empty container structure + if item.IsNull() && !w.shouldExtract { + if wasMap { + item = value.NewValueInterface(map[string]interface{}{}) + } else if wasList { + item = value.NewValueInterface([]interface{}{}) + } + } + } + newItems = append(newItems, item.Unstructured()) } - newItems = append(newItems, item.Unstructured()) } - if len(newItems) > 0 { + // Preserve empty lists (non-nil) instead of converting to null when items were matched and removed + if len(newItems) > 0 || (hadMatches && !w.shouldExtract) { w.out = newItems } return nil @@ -113,6 +134,10 @@ func (w *removingWalker) doMap(t *schema.Map) ValidationErrors { } // If map is null or empty just return if m == nil || m.Empty() { + // For extraction, we just return the value as is (which is nil or empty). For extraction the difference matters. + if w.shouldExtract { + w.out = w.value.Unstructured() + } return nil } @@ -131,6 +156,7 @@ func (w *removingWalker) doMap(t *schema.Map) ValidationErrors { } newMap := map[string]interface{}{} + hadMatches := false m.Iterate(func(k string, val value.Value) bool { pe := fieldpath.PathElement{FieldName: &k} path, _ := fieldpath.MakePath(pe) @@ -148,7 +174,19 @@ func (w *removingWalker) doMap(t *schema.Map) ValidationErrors { return true } if subset := w.toRemove.WithPrefix(pe); !subset.Empty() { + hadMatches = true + wasMap := val.IsMap() + wasList := val.IsList() val = removeItemsWithSchema(val, subset, w.schema, fieldType, w.shouldExtract) + // If val returned null but we're removing items within the structure (not the field itself), + // preserve the empty container structure + if val.IsNull() && !w.shouldExtract { + if wasMap { + val = value.NewValueInterface(map[string]interface{}{}) + } else if wasList { + val = value.NewValueInterface([]interface{}{}) + } + } } else { // don't save values not on the path when we shouldExtract. if w.shouldExtract { @@ -158,7 +196,8 @@ func (w *removingWalker) doMap(t *schema.Map) ValidationErrors { newMap[k] = val.Unstructured() return true }) - if len(newMap) > 0 { + // Preserve empty maps (non-nil) instead of converting to null when items were matched and removed + if len(newMap) > 0 || (hadMatches && !w.shouldExtract) { w.out = newMap } return nil diff --git a/vendor/sigs.k8s.io/structured-merge-diff/v6/value/reflectcache.go b/vendor/sigs.k8s.io/structured-merge-diff/v6/value/reflectcache.go index 3b4a402ee1..75b7085c3e 100644 --- a/vendor/sigs.k8s.io/structured-merge-diff/v6/value/reflectcache.go +++ b/vendor/sigs.k8s.io/structured-merge-diff/v6/value/reflectcache.go @@ -84,6 +84,10 @@ func (f *FieldCacheEntry) CanOmit(fieldVal reflect.Value) bool { func (f *FieldCacheEntry) GetFrom(structVal reflect.Value) reflect.Value { // field might be nested within 'inline' structs for _, elem := range f.fieldPath { + if safeIsNil(structVal) { + // if any part of the path is nil, return the zero value for the field type + return reflect.Zero(f.fieldType) + } structVal = dereference(structVal).FieldByIndex(elem) } return structVal