From 7b92373b2110c28dec82d576747f821d47a98bb2 Mon Sep 17 00:00:00 2001 From: odubajDT <93584209+odubajDT@users.noreply.github.com> Date: Tue, 29 Oct 2024 14:09:51 +0100 Subject: [PATCH] deps: update kubebuilder and k8s packages (#3806) Signed-off-by: odubajDT --- .../scripts/.helm-tests/Openshift/result.yaml | 747 +++++++++-------- .../.helm-tests/certificates-only/result.yaml | 9 - .../scripts/.helm-tests/default/result.yaml | 747 +++++++++-------- .../.helm-tests/lifecycle-only/result.yaml | 682 ++++++++------- .../lifecycle-with-certs/result.yaml | 689 +++++++++------- .../local-global-precedence/result.yaml | 747 +++++++++-------- .../result.yaml | 58 +- .../.helm-tests/metrics-only/result.yaml | 58 +- .../metrics-with-certs/result.yaml | 67 +- .github/workflows/CI.yaml | 2 +- .github/workflows/release.yml | 2 +- keptn-cert-manager/Makefile | 2 +- .../templates/certificate-operator-rbac.yaml | 9 - keptn-cert-manager/config/rbac/role.yaml | 9 - .../webhook_cert_controller_test.go | 4 +- keptn-cert-manager/go.mod | 56 +- keptn-cert-manager/go.sum | 150 ++-- lifecycle-operator/Makefile | 2 +- .../chart/templates/keptnapp-crd.yaml | 2 +- .../chart/templates/keptnappcontext-crd.yaml | 2 +- .../keptnappcreationrequest-crd.yaml | 2 +- .../chart/templates/keptnappversion-crd.yaml | 2 +- .../chart/templates/keptnconfig-crd.yaml | 2 +- .../chart/templates/keptnevaluation-crd.yaml | 2 +- .../keptnevaluationdefinition-crd.yaml | 2 +- .../chart/templates/keptntask-crd.yaml | 2 +- .../templates/keptntaskdefinition-crd.yaml | 401 ++++++++- .../chart/templates/keptnworkload-crd.yaml | 2 +- .../templates/keptnworkloadversion-crd.yaml | 2 +- .../templates/lifecycle-operator-rbac.yaml | 259 +----- lifecycle-operator/cmd/fake/manager_mock.go | 773 ------------------ .../lifecycle.keptn.sh_keptnappcontexts.yaml | 2 +- ...cle.keptn.sh_keptnappcreationrequests.yaml | 2 +- .../bases/lifecycle.keptn.sh_keptnapps.yaml | 2 +- .../lifecycle.keptn.sh_keptnappversions.yaml | 2 +- ...e.keptn.sh_keptnevaluationdefinitions.yaml | 2 +- ...cle.keptn.sh_keptnevaluationproviders.yaml | 12 +- .../lifecycle.keptn.sh_keptnevaluations.yaml | 2 +- ...fecycle.keptn.sh_keptntaskdefinitions.yaml | 335 +++++++- .../bases/lifecycle.keptn.sh_keptntasks.yaml | 2 +- ...cycle.keptn.sh_keptnworkloadinstances.yaml | 2 +- .../lifecycle.keptn.sh_keptnworkloads.yaml | 2 +- ...ecycle.keptn.sh_keptnworkloadversions.yaml | 2 +- .../bases/options.keptn.sh_keptnconfigs.yaml | 2 +- lifecycle-operator/config/rbac/role.yaml | 255 +----- lifecycle-operator/go.mod | 33 +- lifecycle-operator/go.sum | 84 +- .../appcreationrequest_handler_test.go | 8 - .../pod_mutator/handlers/workload_test.go | 2 - .../pod_mutator/pod_mutating_webhook.go | 2 +- .../pod_mutator/pod_mutating_webhook_test.go | 2 +- metrics-operator/Makefile | 2 +- .../chart/templates/analysis-crd.yaml | 2 +- .../templates/analysisdefinition-crd.yaml | 2 +- .../templates/analysisvaluetemplate-crd.yaml | 2 +- .../chart/templates/keptnmetric-crd.yaml | 2 +- .../templates/keptnmetricsprovider-crd.yaml | 6 +- .../templates/metrics-operator-rbac.yaml | 44 +- .../crd/bases/metrics.keptn.sh_analyses.yaml | 2 +- .../metrics.keptn.sh_analysisdefinitions.yaml | 2 +- ...trics.keptn.sh_analysisvaluetemplates.yaml | 2 +- .../bases/metrics.keptn.sh_keptnmetrics.yaml | 2 +- ...etrics.keptn.sh_keptnmetricsproviders.yaml | 6 +- metrics-operator/config/rbac/role.yaml | 44 +- metrics-operator/go.mod | 17 +- metrics-operator/go.sum | 36 +- 66 files changed, 3033 insertions(+), 3386 deletions(-) delete mode 100644 lifecycle-operator/cmd/fake/manager_mock.go diff --git a/.github/scripts/.helm-tests/Openshift/result.yaml b/.github/scripts/.helm-tests/Openshift/result.yaml index e350efd652..0eb2e83cfb 100644 --- a/.github/scripts/.helm-tests/Openshift/result.yaml +++ b/.github/scripts/.helm-tests/Openshift/result.yaml @@ -136,7 +136,7 @@ kind: CustomResourceDefinition metadata: name: keptnapps.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -560,7 +560,7 @@ kind: CustomResourceDefinition metadata: name: keptnappcontexts.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' labels: app.kubernetes.io/part-of: keptn @@ -773,7 +773,7 @@ kind: CustomResourceDefinition metadata: name: keptnappcreationrequests.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -922,7 +922,7 @@ kind: CustomResourceDefinition metadata: name: keptnappversions.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -2587,7 +2587,7 @@ kind: CustomResourceDefinition metadata: name: keptnconfigs.options.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -2675,7 +2675,7 @@ kind: CustomResourceDefinition metadata: name: keptnevaluations.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -3386,7 +3386,7 @@ kind: CustomResourceDefinition metadata: name: keptnevaluationdefinitions.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -3753,7 +3753,7 @@ kind: CustomResourceDefinition metadata: name: keptntasks.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -4519,7 +4519,7 @@ kind: CustomResourceDefinition metadata: name: keptntaskdefinitions.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -4591,6 +4591,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic command: description: |- Entrypoint array. Not executed within a shell. @@ -4604,6 +4605,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic env: description: |- List of environment variables to set in the container. @@ -4639,10 +4641,13 @@ spec: description: The key to select. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its @@ -4702,10 +4707,13 @@ spec: be a valid secret key. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -4720,6 +4728,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map envFrom: description: |- List of sources to populate environment variables in the container. @@ -4736,10 +4747,13 @@ spec: description: The ConfigMap to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap must be defined @@ -4754,10 +4768,13 @@ spec: description: The Secret to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret must be defined @@ -4766,6 +4783,7 @@ spec: x-kubernetes-map-type: atomic type: object type: array + x-kubernetes-list-type: atomic image: description: |- Container image name. @@ -4806,6 +4824,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -4835,6 +4854,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -4855,6 +4875,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -4903,6 +4934,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -4932,6 +4964,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -4952,6 +4985,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -4996,6 +5040,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -5012,11 +5057,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -5050,6 +5095,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -5206,6 +5252,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -5222,11 +5269,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -5260,6 +5307,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -5373,11 +5421,9 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. @@ -5388,6 +5434,12 @@ spec: the Pod where this field is used. It makes that resource available inside a container. type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string required: - name type: object @@ -5454,6 +5506,30 @@ spec: 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. type: boolean + appArmorProfile: + description: |- + appArmorProfile is the AppArmor options to use by this container. If set, this profile + overrides the pod's appArmorProfile. + Note that this field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: |- + localhostProfile indicates a profile loaded on the node that should be used. + The profile must be preconfigured on the node to work. + Must match the loaded name of the profile. + Must be set if and only if type is "Localhost". + type: string + type: + description: |- + type indicates which kind of AppArmor profile will be applied. + Valid options are: + Localhost - a profile pre-loaded on the node. + RuntimeDefault - the container runtime's default profile. + Unconfined - no AppArmor enforcement. + type: string + required: + - type + type: object capabilities: description: |- The capabilities to add/drop when running containers. @@ -5467,6 +5543,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic drop: description: Removed capabilities items: @@ -5474,6 +5551,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic type: object privileged: description: |- @@ -5485,7 +5563,7 @@ spec: procMount: description: |- procMount denotes the type of proc mount to use for the containers. - The default is DefaultProcMount which uses the container runtime defaults for + The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. @@ -5567,7 +5645,6 @@ spec: type indicates which kind of seccomp profile will be applied. Valid options are: - Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. @@ -5631,6 +5708,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -5647,11 +5725,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -5685,6 +5763,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -5826,6 +5905,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - devicePath + x-kubernetes-list-type: map volumeMounts: description: |- Pod volumes to mount into the container's filesystem. @@ -5845,6 +5927,8 @@ spec: to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). type: string name: description: This must match the Name of a Volume. @@ -5854,6 +5938,25 @@ spec: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string subPath: description: |- Path within the volume from which the container's volume should be mounted. @@ -5871,6 +5974,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - mountPath + x-kubernetes-list-type: map workingDir: description: |- Container's working directory. @@ -5963,10 +6069,13 @@ spec: referenced object inside the same namespace. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -6300,6 +6409,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic command: description: |- Entrypoint array. Not executed within a shell. @@ -6313,6 +6423,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic env: description: |- List of environment variables to set in the container. @@ -6348,10 +6459,13 @@ spec: description: The key to select. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its @@ -6411,10 +6525,13 @@ spec: be a valid secret key. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -6429,6 +6546,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map envFrom: description: |- List of sources to populate environment variables in the container. @@ -6445,10 +6565,13 @@ spec: description: The ConfigMap to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap must be defined @@ -6463,10 +6586,13 @@ spec: description: The Secret to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret must be defined @@ -6475,6 +6601,7 @@ spec: x-kubernetes-map-type: atomic type: object type: array + x-kubernetes-list-type: atomic image: description: |- Container image name. @@ -6515,6 +6642,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -6544,6 +6672,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -6564,6 +6693,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -6612,6 +6752,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -6641,6 +6782,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -6661,6 +6803,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -6705,6 +6858,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -6721,11 +6875,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -6759,6 +6913,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -6915,6 +7070,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -6931,11 +7087,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -6969,6 +7125,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -7082,11 +7239,9 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. @@ -7097,6 +7252,12 @@ spec: the Pod where this field is used. It makes that resource available inside a container. type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string required: - name type: object @@ -7163,6 +7324,30 @@ spec: 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. type: boolean + appArmorProfile: + description: |- + appArmorProfile is the AppArmor options to use by this container. If set, this profile + overrides the pod's appArmorProfile. + Note that this field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: |- + localhostProfile indicates a profile loaded on the node that should be used. + The profile must be preconfigured on the node to work. + Must match the loaded name of the profile. + Must be set if and only if type is "Localhost". + type: string + type: + description: |- + type indicates which kind of AppArmor profile will be applied. + Valid options are: + Localhost - a profile pre-loaded on the node. + RuntimeDefault - the container runtime's default profile. + Unconfined - no AppArmor enforcement. + type: string + required: + - type + type: object capabilities: description: |- The capabilities to add/drop when running containers. @@ -7176,6 +7361,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic drop: description: Removed capabilities items: @@ -7183,6 +7369,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic type: object privileged: description: |- @@ -7194,7 +7381,7 @@ spec: procMount: description: |- procMount denotes the type of proc mount to use for the containers. - The default is DefaultProcMount which uses the container runtime defaults for + The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. @@ -7276,7 +7463,6 @@ spec: type indicates which kind of seccomp profile will be applied. Valid options are: - Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. @@ -7340,6 +7526,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -7356,11 +7543,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -7394,6 +7581,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -7535,6 +7723,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - devicePath + x-kubernetes-list-type: map volumeMounts: description: |- Pod volumes to mount into the container's filesystem. @@ -7554,6 +7745,8 @@ spec: to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). type: string name: description: This must match the Name of a Volume. @@ -7563,6 +7756,25 @@ spec: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string subPath: description: |- Path within the volume from which the container's volume should be mounted. @@ -7580,6 +7792,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - mountPath + x-kubernetes-list-type: map workingDir: description: |- Container's working directory. @@ -7746,10 +7961,13 @@ spec: referenced object inside the same namespace. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -7931,6 +8149,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic command: description: |- Entrypoint array. Not executed within a shell. @@ -7944,6 +8163,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic env: description: |- List of environment variables to set in the container. @@ -7979,10 +8199,13 @@ spec: description: The key to select. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its @@ -8042,10 +8265,13 @@ spec: be a valid secret key. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -8060,6 +8286,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map envFrom: description: |- List of sources to populate environment variables in the container. @@ -8076,10 +8305,13 @@ spec: description: The ConfigMap to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap must be defined @@ -8094,10 +8326,13 @@ spec: description: The Secret to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret must be defined @@ -8106,6 +8341,7 @@ spec: x-kubernetes-map-type: atomic type: object type: array + x-kubernetes-list-type: atomic image: description: |- Container image name. @@ -8146,6 +8382,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -8175,6 +8412,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -8195,6 +8433,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -8243,6 +8492,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -8272,6 +8522,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -8292,6 +8543,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -8336,6 +8598,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -8352,11 +8615,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -8390,6 +8653,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -8546,6 +8810,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -8562,11 +8827,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -8600,6 +8865,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -8713,11 +8979,9 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. @@ -8728,6 +8992,12 @@ spec: the Pod where this field is used. It makes that resource available inside a container. type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string required: - name type: object @@ -8794,6 +9064,30 @@ spec: 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. type: boolean + appArmorProfile: + description: |- + appArmorProfile is the AppArmor options to use by this container. If set, this profile + overrides the pod's appArmorProfile. + Note that this field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: |- + localhostProfile indicates a profile loaded on the node that should be used. + The profile must be preconfigured on the node to work. + Must match the loaded name of the profile. + Must be set if and only if type is "Localhost". + type: string + type: + description: |- + type indicates which kind of AppArmor profile will be applied. + Valid options are: + Localhost - a profile pre-loaded on the node. + RuntimeDefault - the container runtime's default profile. + Unconfined - no AppArmor enforcement. + type: string + required: + - type + type: object capabilities: description: |- The capabilities to add/drop when running containers. @@ -8807,6 +9101,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic drop: description: Removed capabilities items: @@ -8814,6 +9109,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic type: object privileged: description: |- @@ -8825,7 +9121,7 @@ spec: procMount: description: |- procMount denotes the type of proc mount to use for the containers. - The default is DefaultProcMount which uses the container runtime defaults for + The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. @@ -8907,7 +9203,6 @@ spec: type indicates which kind of seccomp profile will be applied. Valid options are: - Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. @@ -8971,6 +9266,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -8987,11 +9283,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -9025,6 +9321,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -9166,6 +9463,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - devicePath + x-kubernetes-list-type: map volumeMounts: description: |- Pod volumes to mount into the container's filesystem. @@ -9185,6 +9485,8 @@ spec: to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). type: string name: description: This must match the Name of a Volume. @@ -9194,6 +9496,25 @@ spec: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string subPath: description: |- Path within the volume from which the container's volume should be mounted. @@ -9211,6 +9532,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - mountPath + x-kubernetes-list-type: map workingDir: description: |- Container's working directory. @@ -9377,10 +9701,13 @@ spec: referenced object inside the same namespace. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -9516,7 +9843,7 @@ kind: CustomResourceDefinition metadata: name: keptnworkloads.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -10056,7 +10383,7 @@ kind: CustomResourceDefinition metadata: name: keptnworkloadversions.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -11069,7 +11396,7 @@ kind: CustomResourceDefinition metadata: name: analyses.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: metrics.keptn.sh @@ -11587,7 +11914,7 @@ kind: CustomResourceDefinition metadata: name: analysisdefinitions.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: metrics.keptn.sh @@ -12618,7 +12945,7 @@ kind: CustomResourceDefinition metadata: name: analysisvaluetemplates.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: metrics.keptn.sh @@ -12827,7 +13154,7 @@ kind: CustomResourceDefinition metadata: name: keptnmetrics.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: metrics.keptn.sh @@ -13540,7 +13867,7 @@ kind: CustomResourceDefinition metadata: name: keptnmetricsproviders.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: metrics.keptn.sh @@ -13604,7 +13931,6 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined @@ -13670,7 +13996,6 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined @@ -13730,7 +14055,6 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined @@ -13797,7 +14121,6 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined @@ -13844,15 +14167,6 @@ rules: - admissionregistration.k8s.io resources: - mutatingwebhookconfigurations - verbs: - - get - - list - - patch - - update - - watch -- apiGroups: - - admissionregistration.k8s.io - resources: - validatingwebhookconfigurations verbs: - get @@ -14083,42 +14397,6 @@ metadata: app.kubernetes.io/version: v1.1.1 helm.sh/chart: lifecycle-operator-0.4.1 rules: -- apiGroups: - - apps - resources: - - daemonsets - - deployments - - replicasets - - statefulsets - verbs: - - get - - list - - watch -- apiGroups: - - argoproj.io - resources: - - rollouts - verbs: - - get - - list - - watch -- apiGroups: - - batch - resources: - - jobs - verbs: - - create - - get - - list - - update - - watch -- apiGroups: - - batch - resources: - - jobs/status - verbs: - - get - - list - apiGroups: - "" resources: @@ -14164,8 +14442,8 @@ rules: verbs: - get - list - - watch - update + - watch - apiGroups: - "" resources: @@ -14173,120 +14451,45 @@ rules: verbs: - get - apiGroups: - - lifecycle.keptn.sh + - apps resources: - - keptnappcontexts + - daemonsets + - deployments + - replicasets + - statefulsets verbs: - get - list - watch - apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappcreationrequests - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappcreationrequests/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappcreationrequests/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh + - argoproj.io resources: - - keptnapps + - rollouts verbs: - - create - - delete - get - list - - patch - - update - watch - apiGroups: - - lifecycle.keptn.sh - resources: - - keptnapps/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnapps/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh + - batch resources: - - keptnappversion + - jobs verbs: - create - - delete - get - list - - patch - update - watch - apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappversion/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappversion/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh + - batch resources: - - keptnappversions + - jobs/status verbs: - - create - - delete - get - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappversions/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappversions/status - verbs: - - get - - patch - - update - apiGroups: - lifecycle.keptn.sh resources: + - keptnappcontexts - keptnevaluationdefinitions verbs: - get @@ -14295,111 +14498,15 @@ rules: - apiGroups: - lifecycle.keptn.sh resources: + - keptnappcreationrequests + - keptnapps + - keptnappversion + - keptnappversions - keptnevaluations - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnevaluations/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnevaluations/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - keptntaskdefinitions - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptntaskdefinitions/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptntaskdefinitions/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - keptntasks - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptntasks/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptntasks/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnworkloadversions - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnworkloadversions/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnworkloadversions/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - keptnworkloads + - keptnworkloadversions verbs: - create - delete @@ -14411,13 +14518,29 @@ rules: - apiGroups: - lifecycle.keptn.sh resources: + - keptnappcreationrequests/finalizers + - keptnapps/finalizers + - keptnappversion/finalizers + - keptnappversions/finalizers + - keptnevaluations/finalizers + - keptntaskdefinitions/finalizers + - keptntasks/finalizers - keptnworkloads/finalizers + - keptnworkloadversions/finalizers verbs: - update - apiGroups: - lifecycle.keptn.sh resources: + - keptnappcreationrequests/status + - keptnapps/status + - keptnappversion/status + - keptnappversions/status + - keptnevaluations/status + - keptntaskdefinitions/status + - keptntasks/status - keptnworkloads/status + - keptnworkloadversions/status verbs: - get - patch @@ -14508,12 +14631,14 @@ rules: - metrics.keptn.sh resources: - analyses/finalizers + - keptnmetrics/finalizers verbs: - update - apiGroups: - metrics.keptn.sh resources: - analyses/status + - keptnmetrics/status verbs: - get - patch @@ -14522,51 +14647,9 @@ rules: - metrics.keptn.sh resources: - analysisdefinitions - verbs: - - get - - list - - watch - - apiGroups: - - metrics.keptn.sh - resources: - analysisvaluetemplates - verbs: - - get - - list - - watch - - apiGroups: - - metrics.keptn.sh - resources: - keptnmetrics - verbs: - - get - - list - - watch - - apiGroups: - - metrics.keptn.sh - resources: - - keptnmetrics/finalizers - verbs: - - update - - apiGroups: - - metrics.keptn.sh - resources: - - keptnmetrics/status - verbs: - - get - - patch - - update - - apiGroups: - - metrics.keptn.sh - resources: - keptnmetricsproviders - verbs: - - get - - list - - watch - - apiGroups: - - metrics.keptn.sh - resources: - providers verbs: - get diff --git a/.github/scripts/.helm-tests/certificates-only/result.yaml b/.github/scripts/.helm-tests/certificates-only/result.yaml index 9b3cfdeb1b..48aa988f55 100644 --- a/.github/scripts/.helm-tests/certificates-only/result.yaml +++ b/.github/scripts/.helm-tests/certificates-only/result.yaml @@ -31,15 +31,6 @@ rules: - admissionregistration.k8s.io resources: - mutatingwebhookconfigurations - verbs: - - get - - list - - patch - - update - - watch -- apiGroups: - - admissionregistration.k8s.io - resources: - validatingwebhookconfigurations verbs: - get diff --git a/.github/scripts/.helm-tests/default/result.yaml b/.github/scripts/.helm-tests/default/result.yaml index 6e6b07b557..e857b78864 100644 --- a/.github/scripts/.helm-tests/default/result.yaml +++ b/.github/scripts/.helm-tests/default/result.yaml @@ -136,7 +136,7 @@ kind: CustomResourceDefinition metadata: name: keptnapps.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -560,7 +560,7 @@ kind: CustomResourceDefinition metadata: name: keptnappcontexts.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' labels: app.kubernetes.io/part-of: keptn @@ -773,7 +773,7 @@ kind: CustomResourceDefinition metadata: name: keptnappcreationrequests.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -922,7 +922,7 @@ kind: CustomResourceDefinition metadata: name: keptnappversions.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -2587,7 +2587,7 @@ kind: CustomResourceDefinition metadata: name: keptnconfigs.options.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -2675,7 +2675,7 @@ kind: CustomResourceDefinition metadata: name: keptnevaluations.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -3386,7 +3386,7 @@ kind: CustomResourceDefinition metadata: name: keptnevaluationdefinitions.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -3753,7 +3753,7 @@ kind: CustomResourceDefinition metadata: name: keptntasks.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -4519,7 +4519,7 @@ kind: CustomResourceDefinition metadata: name: keptntaskdefinitions.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -4591,6 +4591,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic command: description: |- Entrypoint array. Not executed within a shell. @@ -4604,6 +4605,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic env: description: |- List of environment variables to set in the container. @@ -4639,10 +4641,13 @@ spec: description: The key to select. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its @@ -4702,10 +4707,13 @@ spec: be a valid secret key. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -4720,6 +4728,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map envFrom: description: |- List of sources to populate environment variables in the container. @@ -4736,10 +4747,13 @@ spec: description: The ConfigMap to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap must be defined @@ -4754,10 +4768,13 @@ spec: description: The Secret to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret must be defined @@ -4766,6 +4783,7 @@ spec: x-kubernetes-map-type: atomic type: object type: array + x-kubernetes-list-type: atomic image: description: |- Container image name. @@ -4806,6 +4824,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -4835,6 +4854,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -4855,6 +4875,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -4903,6 +4934,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -4932,6 +4964,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -4952,6 +4985,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -4996,6 +5040,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -5012,11 +5057,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -5050,6 +5095,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -5206,6 +5252,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -5222,11 +5269,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -5260,6 +5307,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -5373,11 +5421,9 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. @@ -5388,6 +5434,12 @@ spec: the Pod where this field is used. It makes that resource available inside a container. type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string required: - name type: object @@ -5454,6 +5506,30 @@ spec: 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. type: boolean + appArmorProfile: + description: |- + appArmorProfile is the AppArmor options to use by this container. If set, this profile + overrides the pod's appArmorProfile. + Note that this field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: |- + localhostProfile indicates a profile loaded on the node that should be used. + The profile must be preconfigured on the node to work. + Must match the loaded name of the profile. + Must be set if and only if type is "Localhost". + type: string + type: + description: |- + type indicates which kind of AppArmor profile will be applied. + Valid options are: + Localhost - a profile pre-loaded on the node. + RuntimeDefault - the container runtime's default profile. + Unconfined - no AppArmor enforcement. + type: string + required: + - type + type: object capabilities: description: |- The capabilities to add/drop when running containers. @@ -5467,6 +5543,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic drop: description: Removed capabilities items: @@ -5474,6 +5551,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic type: object privileged: description: |- @@ -5485,7 +5563,7 @@ spec: procMount: description: |- procMount denotes the type of proc mount to use for the containers. - The default is DefaultProcMount which uses the container runtime defaults for + The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. @@ -5567,7 +5645,6 @@ spec: type indicates which kind of seccomp profile will be applied. Valid options are: - Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. @@ -5631,6 +5708,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -5647,11 +5725,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -5685,6 +5763,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -5826,6 +5905,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - devicePath + x-kubernetes-list-type: map volumeMounts: description: |- Pod volumes to mount into the container's filesystem. @@ -5845,6 +5927,8 @@ spec: to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). type: string name: description: This must match the Name of a Volume. @@ -5854,6 +5938,25 @@ spec: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string subPath: description: |- Path within the volume from which the container's volume should be mounted. @@ -5871,6 +5974,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - mountPath + x-kubernetes-list-type: map workingDir: description: |- Container's working directory. @@ -5963,10 +6069,13 @@ spec: referenced object inside the same namespace. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -6300,6 +6409,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic command: description: |- Entrypoint array. Not executed within a shell. @@ -6313,6 +6423,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic env: description: |- List of environment variables to set in the container. @@ -6348,10 +6459,13 @@ spec: description: The key to select. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its @@ -6411,10 +6525,13 @@ spec: be a valid secret key. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -6429,6 +6546,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map envFrom: description: |- List of sources to populate environment variables in the container. @@ -6445,10 +6565,13 @@ spec: description: The ConfigMap to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap must be defined @@ -6463,10 +6586,13 @@ spec: description: The Secret to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret must be defined @@ -6475,6 +6601,7 @@ spec: x-kubernetes-map-type: atomic type: object type: array + x-kubernetes-list-type: atomic image: description: |- Container image name. @@ -6515,6 +6642,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -6544,6 +6672,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -6564,6 +6693,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -6612,6 +6752,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -6641,6 +6782,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -6661,6 +6803,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -6705,6 +6858,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -6721,11 +6875,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -6759,6 +6913,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -6915,6 +7070,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -6931,11 +7087,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -6969,6 +7125,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -7082,11 +7239,9 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. @@ -7097,6 +7252,12 @@ spec: the Pod where this field is used. It makes that resource available inside a container. type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string required: - name type: object @@ -7163,6 +7324,30 @@ spec: 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. type: boolean + appArmorProfile: + description: |- + appArmorProfile is the AppArmor options to use by this container. If set, this profile + overrides the pod's appArmorProfile. + Note that this field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: |- + localhostProfile indicates a profile loaded on the node that should be used. + The profile must be preconfigured on the node to work. + Must match the loaded name of the profile. + Must be set if and only if type is "Localhost". + type: string + type: + description: |- + type indicates which kind of AppArmor profile will be applied. + Valid options are: + Localhost - a profile pre-loaded on the node. + RuntimeDefault - the container runtime's default profile. + Unconfined - no AppArmor enforcement. + type: string + required: + - type + type: object capabilities: description: |- The capabilities to add/drop when running containers. @@ -7176,6 +7361,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic drop: description: Removed capabilities items: @@ -7183,6 +7369,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic type: object privileged: description: |- @@ -7194,7 +7381,7 @@ spec: procMount: description: |- procMount denotes the type of proc mount to use for the containers. - The default is DefaultProcMount which uses the container runtime defaults for + The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. @@ -7276,7 +7463,6 @@ spec: type indicates which kind of seccomp profile will be applied. Valid options are: - Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. @@ -7340,6 +7526,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -7356,11 +7543,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -7394,6 +7581,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -7535,6 +7723,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - devicePath + x-kubernetes-list-type: map volumeMounts: description: |- Pod volumes to mount into the container's filesystem. @@ -7554,6 +7745,8 @@ spec: to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). type: string name: description: This must match the Name of a Volume. @@ -7563,6 +7756,25 @@ spec: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string subPath: description: |- Path within the volume from which the container's volume should be mounted. @@ -7580,6 +7792,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - mountPath + x-kubernetes-list-type: map workingDir: description: |- Container's working directory. @@ -7746,10 +7961,13 @@ spec: referenced object inside the same namespace. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -7931,6 +8149,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic command: description: |- Entrypoint array. Not executed within a shell. @@ -7944,6 +8163,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic env: description: |- List of environment variables to set in the container. @@ -7979,10 +8199,13 @@ spec: description: The key to select. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its @@ -8042,10 +8265,13 @@ spec: be a valid secret key. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -8060,6 +8286,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map envFrom: description: |- List of sources to populate environment variables in the container. @@ -8076,10 +8305,13 @@ spec: description: The ConfigMap to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap must be defined @@ -8094,10 +8326,13 @@ spec: description: The Secret to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret must be defined @@ -8106,6 +8341,7 @@ spec: x-kubernetes-map-type: atomic type: object type: array + x-kubernetes-list-type: atomic image: description: |- Container image name. @@ -8146,6 +8382,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -8175,6 +8412,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -8195,6 +8433,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -8243,6 +8492,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -8272,6 +8522,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -8292,6 +8543,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -8336,6 +8598,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -8352,11 +8615,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -8390,6 +8653,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -8546,6 +8810,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -8562,11 +8827,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -8600,6 +8865,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -8713,11 +8979,9 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. @@ -8728,6 +8992,12 @@ spec: the Pod where this field is used. It makes that resource available inside a container. type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string required: - name type: object @@ -8794,6 +9064,30 @@ spec: 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. type: boolean + appArmorProfile: + description: |- + appArmorProfile is the AppArmor options to use by this container. If set, this profile + overrides the pod's appArmorProfile. + Note that this field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: |- + localhostProfile indicates a profile loaded on the node that should be used. + The profile must be preconfigured on the node to work. + Must match the loaded name of the profile. + Must be set if and only if type is "Localhost". + type: string + type: + description: |- + type indicates which kind of AppArmor profile will be applied. + Valid options are: + Localhost - a profile pre-loaded on the node. + RuntimeDefault - the container runtime's default profile. + Unconfined - no AppArmor enforcement. + type: string + required: + - type + type: object capabilities: description: |- The capabilities to add/drop when running containers. @@ -8807,6 +9101,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic drop: description: Removed capabilities items: @@ -8814,6 +9109,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic type: object privileged: description: |- @@ -8825,7 +9121,7 @@ spec: procMount: description: |- procMount denotes the type of proc mount to use for the containers. - The default is DefaultProcMount which uses the container runtime defaults for + The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. @@ -8907,7 +9203,6 @@ spec: type indicates which kind of seccomp profile will be applied. Valid options are: - Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. @@ -8971,6 +9266,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -8987,11 +9283,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -9025,6 +9321,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -9166,6 +9463,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - devicePath + x-kubernetes-list-type: map volumeMounts: description: |- Pod volumes to mount into the container's filesystem. @@ -9185,6 +9485,8 @@ spec: to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). type: string name: description: This must match the Name of a Volume. @@ -9194,6 +9496,25 @@ spec: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string subPath: description: |- Path within the volume from which the container's volume should be mounted. @@ -9211,6 +9532,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - mountPath + x-kubernetes-list-type: map workingDir: description: |- Container's working directory. @@ -9377,10 +9701,13 @@ spec: referenced object inside the same namespace. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -9516,7 +9843,7 @@ kind: CustomResourceDefinition metadata: name: keptnworkloads.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -10056,7 +10383,7 @@ kind: CustomResourceDefinition metadata: name: keptnworkloadversions.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -11069,7 +11396,7 @@ kind: CustomResourceDefinition metadata: name: analyses.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: metrics.keptn.sh @@ -11587,7 +11914,7 @@ kind: CustomResourceDefinition metadata: name: analysisdefinitions.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: metrics.keptn.sh @@ -12618,7 +12945,7 @@ kind: CustomResourceDefinition metadata: name: analysisvaluetemplates.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: metrics.keptn.sh @@ -12827,7 +13154,7 @@ kind: CustomResourceDefinition metadata: name: keptnmetrics.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: metrics.keptn.sh @@ -13540,7 +13867,7 @@ kind: CustomResourceDefinition metadata: name: keptnmetricsproviders.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: metrics.keptn.sh @@ -13604,7 +13931,6 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined @@ -13670,7 +13996,6 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined @@ -13730,7 +14055,6 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined @@ -13797,7 +14121,6 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined @@ -13844,15 +14167,6 @@ rules: - admissionregistration.k8s.io resources: - mutatingwebhookconfigurations - verbs: - - get - - list - - patch - - update - - watch -- apiGroups: - - admissionregistration.k8s.io - resources: - validatingwebhookconfigurations verbs: - get @@ -14083,42 +14397,6 @@ metadata: app.kubernetes.io/version: v1.1.1 helm.sh/chart: lifecycle-operator-0.4.1 rules: -- apiGroups: - - apps - resources: - - daemonsets - - deployments - - replicasets - - statefulsets - verbs: - - get - - list - - watch -- apiGroups: - - argoproj.io - resources: - - rollouts - verbs: - - get - - list - - watch -- apiGroups: - - batch - resources: - - jobs - verbs: - - create - - get - - list - - update - - watch -- apiGroups: - - batch - resources: - - jobs/status - verbs: - - get - - list - apiGroups: - "" resources: @@ -14164,8 +14442,8 @@ rules: verbs: - get - list - - watch - update + - watch - apiGroups: - "" resources: @@ -14173,120 +14451,45 @@ rules: verbs: - get - apiGroups: - - lifecycle.keptn.sh + - apps resources: - - keptnappcontexts + - daemonsets + - deployments + - replicasets + - statefulsets verbs: - get - list - watch - apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappcreationrequests - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappcreationrequests/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappcreationrequests/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh + - argoproj.io resources: - - keptnapps + - rollouts verbs: - - create - - delete - get - list - - patch - - update - watch - apiGroups: - - lifecycle.keptn.sh - resources: - - keptnapps/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnapps/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh + - batch resources: - - keptnappversion + - jobs verbs: - create - - delete - get - list - - patch - update - watch - apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappversion/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappversion/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh + - batch resources: - - keptnappversions + - jobs/status verbs: - - create - - delete - get - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappversions/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappversions/status - verbs: - - get - - patch - - update - apiGroups: - lifecycle.keptn.sh resources: + - keptnappcontexts - keptnevaluationdefinitions verbs: - get @@ -14295,111 +14498,15 @@ rules: - apiGroups: - lifecycle.keptn.sh resources: + - keptnappcreationrequests + - keptnapps + - keptnappversion + - keptnappversions - keptnevaluations - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnevaluations/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnevaluations/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - keptntaskdefinitions - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptntaskdefinitions/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptntaskdefinitions/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - keptntasks - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptntasks/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptntasks/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnworkloadversions - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnworkloadversions/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnworkloadversions/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - keptnworkloads + - keptnworkloadversions verbs: - create - delete @@ -14411,13 +14518,29 @@ rules: - apiGroups: - lifecycle.keptn.sh resources: + - keptnappcreationrequests/finalizers + - keptnapps/finalizers + - keptnappversion/finalizers + - keptnappversions/finalizers + - keptnevaluations/finalizers + - keptntaskdefinitions/finalizers + - keptntasks/finalizers - keptnworkloads/finalizers + - keptnworkloadversions/finalizers verbs: - update - apiGroups: - lifecycle.keptn.sh resources: + - keptnappcreationrequests/status + - keptnapps/status + - keptnappversion/status + - keptnappversions/status + - keptnevaluations/status + - keptntaskdefinitions/status + - keptntasks/status - keptnworkloads/status + - keptnworkloadversions/status verbs: - get - patch @@ -14508,12 +14631,14 @@ rules: - metrics.keptn.sh resources: - analyses/finalizers + - keptnmetrics/finalizers verbs: - update - apiGroups: - metrics.keptn.sh resources: - analyses/status + - keptnmetrics/status verbs: - get - patch @@ -14522,51 +14647,9 @@ rules: - metrics.keptn.sh resources: - analysisdefinitions - verbs: - - get - - list - - watch - - apiGroups: - - metrics.keptn.sh - resources: - analysisvaluetemplates - verbs: - - get - - list - - watch - - apiGroups: - - metrics.keptn.sh - resources: - keptnmetrics - verbs: - - get - - list - - watch - - apiGroups: - - metrics.keptn.sh - resources: - - keptnmetrics/finalizers - verbs: - - update - - apiGroups: - - metrics.keptn.sh - resources: - - keptnmetrics/status - verbs: - - get - - patch - - update - - apiGroups: - - metrics.keptn.sh - resources: - keptnmetricsproviders - verbs: - - get - - list - - watch - - apiGroups: - - metrics.keptn.sh - resources: - providers verbs: - get diff --git a/.github/scripts/.helm-tests/lifecycle-only/result.yaml b/.github/scripts/.helm-tests/lifecycle-only/result.yaml index f748667063..2668135d6e 100644 --- a/.github/scripts/.helm-tests/lifecycle-only/result.yaml +++ b/.github/scripts/.helm-tests/lifecycle-only/result.yaml @@ -82,7 +82,7 @@ kind: CustomResourceDefinition metadata: name: keptnapps.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -506,7 +506,7 @@ kind: CustomResourceDefinition metadata: name: keptnappcontexts.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' labels: app.kubernetes.io/part-of: keptn @@ -719,7 +719,7 @@ kind: CustomResourceDefinition metadata: name: keptnappcreationrequests.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -868,7 +868,7 @@ kind: CustomResourceDefinition metadata: name: keptnappversions.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -2533,7 +2533,7 @@ kind: CustomResourceDefinition metadata: name: keptnconfigs.options.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -2621,7 +2621,7 @@ kind: CustomResourceDefinition metadata: name: keptnevaluations.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -3332,7 +3332,7 @@ kind: CustomResourceDefinition metadata: name: keptnevaluationdefinitions.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -3699,7 +3699,7 @@ kind: CustomResourceDefinition metadata: name: keptntasks.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -4465,7 +4465,7 @@ kind: CustomResourceDefinition metadata: name: keptntaskdefinitions.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -4537,6 +4537,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic command: description: |- Entrypoint array. Not executed within a shell. @@ -4550,6 +4551,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic env: description: |- List of environment variables to set in the container. @@ -4585,10 +4587,13 @@ spec: description: The key to select. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its @@ -4648,10 +4653,13 @@ spec: be a valid secret key. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -4666,6 +4674,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map envFrom: description: |- List of sources to populate environment variables in the container. @@ -4682,10 +4693,13 @@ spec: description: The ConfigMap to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap must be defined @@ -4700,10 +4714,13 @@ spec: description: The Secret to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret must be defined @@ -4712,6 +4729,7 @@ spec: x-kubernetes-map-type: atomic type: object type: array + x-kubernetes-list-type: atomic image: description: |- Container image name. @@ -4752,6 +4770,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -4781,6 +4800,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -4801,6 +4821,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -4849,6 +4880,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -4878,6 +4910,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -4898,6 +4931,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -4942,6 +4986,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -4958,11 +5003,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -4996,6 +5041,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -5152,6 +5198,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -5168,11 +5215,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -5206,6 +5253,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -5319,11 +5367,9 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. @@ -5334,6 +5380,12 @@ spec: the Pod where this field is used. It makes that resource available inside a container. type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string required: - name type: object @@ -5400,6 +5452,30 @@ spec: 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. type: boolean + appArmorProfile: + description: |- + appArmorProfile is the AppArmor options to use by this container. If set, this profile + overrides the pod's appArmorProfile. + Note that this field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: |- + localhostProfile indicates a profile loaded on the node that should be used. + The profile must be preconfigured on the node to work. + Must match the loaded name of the profile. + Must be set if and only if type is "Localhost". + type: string + type: + description: |- + type indicates which kind of AppArmor profile will be applied. + Valid options are: + Localhost - a profile pre-loaded on the node. + RuntimeDefault - the container runtime's default profile. + Unconfined - no AppArmor enforcement. + type: string + required: + - type + type: object capabilities: description: |- The capabilities to add/drop when running containers. @@ -5413,6 +5489,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic drop: description: Removed capabilities items: @@ -5420,6 +5497,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic type: object privileged: description: |- @@ -5431,7 +5509,7 @@ spec: procMount: description: |- procMount denotes the type of proc mount to use for the containers. - The default is DefaultProcMount which uses the container runtime defaults for + The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. @@ -5513,7 +5591,6 @@ spec: type indicates which kind of seccomp profile will be applied. Valid options are: - Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. @@ -5577,6 +5654,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -5593,11 +5671,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -5631,6 +5709,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -5772,6 +5851,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - devicePath + x-kubernetes-list-type: map volumeMounts: description: |- Pod volumes to mount into the container's filesystem. @@ -5791,6 +5873,8 @@ spec: to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). type: string name: description: This must match the Name of a Volume. @@ -5800,6 +5884,25 @@ spec: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string subPath: description: |- Path within the volume from which the container's volume should be mounted. @@ -5817,6 +5920,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - mountPath + x-kubernetes-list-type: map workingDir: description: |- Container's working directory. @@ -5909,10 +6015,13 @@ spec: referenced object inside the same namespace. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -6246,6 +6355,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic command: description: |- Entrypoint array. Not executed within a shell. @@ -6259,6 +6369,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic env: description: |- List of environment variables to set in the container. @@ -6294,10 +6405,13 @@ spec: description: The key to select. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its @@ -6357,10 +6471,13 @@ spec: be a valid secret key. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -6375,6 +6492,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map envFrom: description: |- List of sources to populate environment variables in the container. @@ -6391,10 +6511,13 @@ spec: description: The ConfigMap to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap must be defined @@ -6409,10 +6532,13 @@ spec: description: The Secret to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret must be defined @@ -6421,6 +6547,7 @@ spec: x-kubernetes-map-type: atomic type: object type: array + x-kubernetes-list-type: atomic image: description: |- Container image name. @@ -6461,6 +6588,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -6490,6 +6618,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -6510,6 +6639,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -6558,6 +6698,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -6587,6 +6728,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -6607,6 +6749,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -6651,6 +6804,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -6667,11 +6821,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -6705,6 +6859,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -6861,6 +7016,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -6877,11 +7033,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -6915,6 +7071,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -7028,11 +7185,9 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. @@ -7043,6 +7198,12 @@ spec: the Pod where this field is used. It makes that resource available inside a container. type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string required: - name type: object @@ -7109,6 +7270,30 @@ spec: 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. type: boolean + appArmorProfile: + description: |- + appArmorProfile is the AppArmor options to use by this container. If set, this profile + overrides the pod's appArmorProfile. + Note that this field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: |- + localhostProfile indicates a profile loaded on the node that should be used. + The profile must be preconfigured on the node to work. + Must match the loaded name of the profile. + Must be set if and only if type is "Localhost". + type: string + type: + description: |- + type indicates which kind of AppArmor profile will be applied. + Valid options are: + Localhost - a profile pre-loaded on the node. + RuntimeDefault - the container runtime's default profile. + Unconfined - no AppArmor enforcement. + type: string + required: + - type + type: object capabilities: description: |- The capabilities to add/drop when running containers. @@ -7122,6 +7307,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic drop: description: Removed capabilities items: @@ -7129,6 +7315,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic type: object privileged: description: |- @@ -7140,7 +7327,7 @@ spec: procMount: description: |- procMount denotes the type of proc mount to use for the containers. - The default is DefaultProcMount which uses the container runtime defaults for + The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. @@ -7222,7 +7409,6 @@ spec: type indicates which kind of seccomp profile will be applied. Valid options are: - Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. @@ -7286,6 +7472,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -7302,11 +7489,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -7340,6 +7527,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -7481,6 +7669,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - devicePath + x-kubernetes-list-type: map volumeMounts: description: |- Pod volumes to mount into the container's filesystem. @@ -7500,6 +7691,8 @@ spec: to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). type: string name: description: This must match the Name of a Volume. @@ -7509,6 +7702,25 @@ spec: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string subPath: description: |- Path within the volume from which the container's volume should be mounted. @@ -7526,6 +7738,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - mountPath + x-kubernetes-list-type: map workingDir: description: |- Container's working directory. @@ -7692,10 +7907,13 @@ spec: referenced object inside the same namespace. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -7877,6 +8095,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic command: description: |- Entrypoint array. Not executed within a shell. @@ -7890,6 +8109,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic env: description: |- List of environment variables to set in the container. @@ -7925,10 +8145,13 @@ spec: description: The key to select. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its @@ -7988,10 +8211,13 @@ spec: be a valid secret key. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -8006,6 +8232,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map envFrom: description: |- List of sources to populate environment variables in the container. @@ -8022,10 +8251,13 @@ spec: description: The ConfigMap to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap must be defined @@ -8040,10 +8272,13 @@ spec: description: The Secret to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret must be defined @@ -8052,6 +8287,7 @@ spec: x-kubernetes-map-type: atomic type: object type: array + x-kubernetes-list-type: atomic image: description: |- Container image name. @@ -8092,6 +8328,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -8121,6 +8358,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -8141,6 +8379,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -8189,6 +8438,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -8218,6 +8468,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -8238,6 +8489,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -8282,6 +8544,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -8298,11 +8561,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -8336,6 +8599,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -8492,6 +8756,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -8508,11 +8773,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -8546,6 +8811,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -8659,11 +8925,9 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. @@ -8674,6 +8938,12 @@ spec: the Pod where this field is used. It makes that resource available inside a container. type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string required: - name type: object @@ -8740,6 +9010,30 @@ spec: 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. type: boolean + appArmorProfile: + description: |- + appArmorProfile is the AppArmor options to use by this container. If set, this profile + overrides the pod's appArmorProfile. + Note that this field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: |- + localhostProfile indicates a profile loaded on the node that should be used. + The profile must be preconfigured on the node to work. + Must match the loaded name of the profile. + Must be set if and only if type is "Localhost". + type: string + type: + description: |- + type indicates which kind of AppArmor profile will be applied. + Valid options are: + Localhost - a profile pre-loaded on the node. + RuntimeDefault - the container runtime's default profile. + Unconfined - no AppArmor enforcement. + type: string + required: + - type + type: object capabilities: description: |- The capabilities to add/drop when running containers. @@ -8753,6 +9047,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic drop: description: Removed capabilities items: @@ -8760,6 +9055,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic type: object privileged: description: |- @@ -8771,7 +9067,7 @@ spec: procMount: description: |- procMount denotes the type of proc mount to use for the containers. - The default is DefaultProcMount which uses the container runtime defaults for + The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. @@ -8853,7 +9149,6 @@ spec: type indicates which kind of seccomp profile will be applied. Valid options are: - Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. @@ -8917,6 +9212,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -8933,11 +9229,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -8971,6 +9267,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -9112,6 +9409,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - devicePath + x-kubernetes-list-type: map volumeMounts: description: |- Pod volumes to mount into the container's filesystem. @@ -9131,6 +9431,8 @@ spec: to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). type: string name: description: This must match the Name of a Volume. @@ -9140,6 +9442,25 @@ spec: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string subPath: description: |- Path within the volume from which the container's volume should be mounted. @@ -9157,6 +9478,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - mountPath + x-kubernetes-list-type: map workingDir: description: |- Container's working directory. @@ -9323,10 +9647,13 @@ spec: referenced object inside the same namespace. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -9462,7 +9789,7 @@ kind: CustomResourceDefinition metadata: name: keptnworkloads.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -10002,7 +10329,7 @@ kind: CustomResourceDefinition metadata: name: keptnworkloadversions.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -11213,42 +11540,6 @@ metadata: app.kubernetes.io/version: v1.1.1 helm.sh/chart: lifecycle-operator-0.4.1 rules: -- apiGroups: - - apps - resources: - - daemonsets - - deployments - - replicasets - - statefulsets - verbs: - - get - - list - - watch -- apiGroups: - - argoproj.io - resources: - - rollouts - verbs: - - get - - list - - watch -- apiGroups: - - batch - resources: - - jobs - verbs: - - create - - get - - list - - update - - watch -- apiGroups: - - batch - resources: - - jobs/status - verbs: - - get - - list - apiGroups: - "" resources: @@ -11294,8 +11585,8 @@ rules: verbs: - get - list - - watch - update + - watch - apiGroups: - "" resources: @@ -11303,120 +11594,45 @@ rules: verbs: - get - apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappcontexts - verbs: - - get - - list - - watch -- apiGroups: - - lifecycle.keptn.sh + - apps resources: - - keptnappcreationrequests + - daemonsets + - deployments + - replicasets + - statefulsets verbs: - - create - - delete - get - list - - patch - - update - watch - apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappcreationrequests/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappcreationrequests/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh + - argoproj.io resources: - - keptnapps + - rollouts verbs: - - create - - delete - get - list - - patch - - update - watch - apiGroups: - - lifecycle.keptn.sh - resources: - - keptnapps/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnapps/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh + - batch resources: - - keptnappversion + - jobs verbs: - create - - delete - get - list - - patch - update - watch - apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappversion/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappversion/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh + - batch resources: - - keptnappversions + - jobs/status verbs: - - create - - delete - get - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappversions/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappversions/status - verbs: - - get - - patch - - update - apiGroups: - lifecycle.keptn.sh resources: + - keptnappcontexts - keptnevaluationdefinitions verbs: - get @@ -11425,111 +11641,15 @@ rules: - apiGroups: - lifecycle.keptn.sh resources: + - keptnappcreationrequests + - keptnapps + - keptnappversion + - keptnappversions - keptnevaluations - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnevaluations/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnevaluations/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - keptntaskdefinitions - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptntaskdefinitions/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptntaskdefinitions/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - keptntasks - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptntasks/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptntasks/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnworkloadversions - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnworkloadversions/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnworkloadversions/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - keptnworkloads + - keptnworkloadversions verbs: - create - delete @@ -11541,13 +11661,29 @@ rules: - apiGroups: - lifecycle.keptn.sh resources: + - keptnappcreationrequests/finalizers + - keptnapps/finalizers + - keptnappversion/finalizers + - keptnappversions/finalizers + - keptnevaluations/finalizers + - keptntaskdefinitions/finalizers + - keptntasks/finalizers - keptnworkloads/finalizers + - keptnworkloadversions/finalizers verbs: - update - apiGroups: - lifecycle.keptn.sh resources: + - keptnappcreationrequests/status + - keptnapps/status + - keptnappversion/status + - keptnappversions/status + - keptnevaluations/status + - keptntaskdefinitions/status + - keptntasks/status - keptnworkloads/status + - keptnworkloadversions/status verbs: - get - patch @@ -11941,7 +12077,7 @@ spec: value: cluster.local - name: CERT_MANAGER_ENABLED value: "false" - image: ghcr.io/busybox:1.35 + image: ghcr.io/busybox:1.37 imagePullPolicy: Always name: lifecycle-operator ports: diff --git a/.github/scripts/.helm-tests/lifecycle-with-certs/result.yaml b/.github/scripts/.helm-tests/lifecycle-with-certs/result.yaml index 42e29a57b9..e2df6ee08f 100644 --- a/.github/scripts/.helm-tests/lifecycle-with-certs/result.yaml +++ b/.github/scripts/.helm-tests/lifecycle-with-certs/result.yaml @@ -97,7 +97,7 @@ kind: CustomResourceDefinition metadata: name: keptnapps.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -521,7 +521,7 @@ kind: CustomResourceDefinition metadata: name: keptnappcontexts.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' labels: app.kubernetes.io/part-of: keptn @@ -734,7 +734,7 @@ kind: CustomResourceDefinition metadata: name: keptnappcreationrequests.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -883,7 +883,7 @@ kind: CustomResourceDefinition metadata: name: keptnappversions.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -2548,7 +2548,7 @@ kind: CustomResourceDefinition metadata: name: keptnconfigs.options.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -2636,7 +2636,7 @@ kind: CustomResourceDefinition metadata: name: keptnevaluations.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -3347,7 +3347,7 @@ kind: CustomResourceDefinition metadata: name: keptnevaluationdefinitions.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -3714,7 +3714,7 @@ kind: CustomResourceDefinition metadata: name: keptntasks.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -4480,7 +4480,7 @@ kind: CustomResourceDefinition metadata: name: keptntaskdefinitions.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -4552,6 +4552,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic command: description: |- Entrypoint array. Not executed within a shell. @@ -4565,6 +4566,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic env: description: |- List of environment variables to set in the container. @@ -4600,10 +4602,13 @@ spec: description: The key to select. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its @@ -4663,10 +4668,13 @@ spec: be a valid secret key. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -4681,6 +4689,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map envFrom: description: |- List of sources to populate environment variables in the container. @@ -4697,10 +4708,13 @@ spec: description: The ConfigMap to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap must be defined @@ -4715,10 +4729,13 @@ spec: description: The Secret to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret must be defined @@ -4727,6 +4744,7 @@ spec: x-kubernetes-map-type: atomic type: object type: array + x-kubernetes-list-type: atomic image: description: |- Container image name. @@ -4767,6 +4785,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -4796,6 +4815,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -4816,6 +4836,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -4864,6 +4895,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -4893,6 +4925,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -4913,6 +4946,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -4957,6 +5001,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -4973,11 +5018,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -5011,6 +5056,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -5167,6 +5213,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -5183,11 +5230,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -5221,6 +5268,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -5334,11 +5382,9 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. @@ -5349,6 +5395,12 @@ spec: the Pod where this field is used. It makes that resource available inside a container. type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string required: - name type: object @@ -5415,6 +5467,30 @@ spec: 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. type: boolean + appArmorProfile: + description: |- + appArmorProfile is the AppArmor options to use by this container. If set, this profile + overrides the pod's appArmorProfile. + Note that this field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: |- + localhostProfile indicates a profile loaded on the node that should be used. + The profile must be preconfigured on the node to work. + Must match the loaded name of the profile. + Must be set if and only if type is "Localhost". + type: string + type: + description: |- + type indicates which kind of AppArmor profile will be applied. + Valid options are: + Localhost - a profile pre-loaded on the node. + RuntimeDefault - the container runtime's default profile. + Unconfined - no AppArmor enforcement. + type: string + required: + - type + type: object capabilities: description: |- The capabilities to add/drop when running containers. @@ -5428,6 +5504,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic drop: description: Removed capabilities items: @@ -5435,6 +5512,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic type: object privileged: description: |- @@ -5446,7 +5524,7 @@ spec: procMount: description: |- procMount denotes the type of proc mount to use for the containers. - The default is DefaultProcMount which uses the container runtime defaults for + The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. @@ -5528,7 +5606,6 @@ spec: type indicates which kind of seccomp profile will be applied. Valid options are: - Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. @@ -5592,6 +5669,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -5608,11 +5686,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -5646,6 +5724,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -5787,6 +5866,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - devicePath + x-kubernetes-list-type: map volumeMounts: description: |- Pod volumes to mount into the container's filesystem. @@ -5806,6 +5888,8 @@ spec: to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). type: string name: description: This must match the Name of a Volume. @@ -5815,6 +5899,25 @@ spec: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string subPath: description: |- Path within the volume from which the container's volume should be mounted. @@ -5832,6 +5935,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - mountPath + x-kubernetes-list-type: map workingDir: description: |- Container's working directory. @@ -5924,10 +6030,13 @@ spec: referenced object inside the same namespace. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -6261,6 +6370,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic command: description: |- Entrypoint array. Not executed within a shell. @@ -6274,6 +6384,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic env: description: |- List of environment variables to set in the container. @@ -6309,10 +6420,13 @@ spec: description: The key to select. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its @@ -6372,10 +6486,13 @@ spec: be a valid secret key. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -6390,6 +6507,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map envFrom: description: |- List of sources to populate environment variables in the container. @@ -6406,10 +6526,13 @@ spec: description: The ConfigMap to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap must be defined @@ -6424,10 +6547,13 @@ spec: description: The Secret to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret must be defined @@ -6436,6 +6562,7 @@ spec: x-kubernetes-map-type: atomic type: object type: array + x-kubernetes-list-type: atomic image: description: |- Container image name. @@ -6476,6 +6603,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -6505,6 +6633,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -6525,6 +6654,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -6573,6 +6713,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -6602,6 +6743,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -6622,6 +6764,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -6666,6 +6819,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -6682,11 +6836,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -6720,6 +6874,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -6876,6 +7031,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -6892,11 +7048,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -6930,6 +7086,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -7043,11 +7200,9 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. @@ -7058,6 +7213,12 @@ spec: the Pod where this field is used. It makes that resource available inside a container. type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string required: - name type: object @@ -7124,6 +7285,30 @@ spec: 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. type: boolean + appArmorProfile: + description: |- + appArmorProfile is the AppArmor options to use by this container. If set, this profile + overrides the pod's appArmorProfile. + Note that this field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: |- + localhostProfile indicates a profile loaded on the node that should be used. + The profile must be preconfigured on the node to work. + Must match the loaded name of the profile. + Must be set if and only if type is "Localhost". + type: string + type: + description: |- + type indicates which kind of AppArmor profile will be applied. + Valid options are: + Localhost - a profile pre-loaded on the node. + RuntimeDefault - the container runtime's default profile. + Unconfined - no AppArmor enforcement. + type: string + required: + - type + type: object capabilities: description: |- The capabilities to add/drop when running containers. @@ -7137,6 +7322,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic drop: description: Removed capabilities items: @@ -7144,6 +7330,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic type: object privileged: description: |- @@ -7155,7 +7342,7 @@ spec: procMount: description: |- procMount denotes the type of proc mount to use for the containers. - The default is DefaultProcMount which uses the container runtime defaults for + The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. @@ -7237,7 +7424,6 @@ spec: type indicates which kind of seccomp profile will be applied. Valid options are: - Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. @@ -7301,6 +7487,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -7317,11 +7504,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -7355,6 +7542,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -7496,6 +7684,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - devicePath + x-kubernetes-list-type: map volumeMounts: description: |- Pod volumes to mount into the container's filesystem. @@ -7515,6 +7706,8 @@ spec: to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). type: string name: description: This must match the Name of a Volume. @@ -7524,6 +7717,25 @@ spec: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string subPath: description: |- Path within the volume from which the container's volume should be mounted. @@ -7541,6 +7753,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - mountPath + x-kubernetes-list-type: map workingDir: description: |- Container's working directory. @@ -7707,10 +7922,13 @@ spec: referenced object inside the same namespace. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -7892,6 +8110,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic command: description: |- Entrypoint array. Not executed within a shell. @@ -7905,6 +8124,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic env: description: |- List of environment variables to set in the container. @@ -7940,10 +8160,13 @@ spec: description: The key to select. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its @@ -8003,10 +8226,13 @@ spec: be a valid secret key. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -8021,6 +8247,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map envFrom: description: |- List of sources to populate environment variables in the container. @@ -8037,10 +8266,13 @@ spec: description: The ConfigMap to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap must be defined @@ -8055,10 +8287,13 @@ spec: description: The Secret to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret must be defined @@ -8067,6 +8302,7 @@ spec: x-kubernetes-map-type: atomic type: object type: array + x-kubernetes-list-type: atomic image: description: |- Container image name. @@ -8107,6 +8343,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -8136,6 +8373,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -8156,6 +8394,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -8204,6 +8453,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -8233,6 +8483,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -8253,6 +8504,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -8297,6 +8559,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -8313,11 +8576,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -8351,6 +8614,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -8507,6 +8771,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -8523,11 +8788,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -8561,6 +8826,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -8674,11 +8940,9 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. @@ -8689,6 +8953,12 @@ spec: the Pod where this field is used. It makes that resource available inside a container. type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string required: - name type: object @@ -8755,6 +9025,30 @@ spec: 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. type: boolean + appArmorProfile: + description: |- + appArmorProfile is the AppArmor options to use by this container. If set, this profile + overrides the pod's appArmorProfile. + Note that this field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: |- + localhostProfile indicates a profile loaded on the node that should be used. + The profile must be preconfigured on the node to work. + Must match the loaded name of the profile. + Must be set if and only if type is "Localhost". + type: string + type: + description: |- + type indicates which kind of AppArmor profile will be applied. + Valid options are: + Localhost - a profile pre-loaded on the node. + RuntimeDefault - the container runtime's default profile. + Unconfined - no AppArmor enforcement. + type: string + required: + - type + type: object capabilities: description: |- The capabilities to add/drop when running containers. @@ -8768,6 +9062,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic drop: description: Removed capabilities items: @@ -8775,6 +9070,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic type: object privileged: description: |- @@ -8786,7 +9082,7 @@ spec: procMount: description: |- procMount denotes the type of proc mount to use for the containers. - The default is DefaultProcMount which uses the container runtime defaults for + The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. @@ -8868,7 +9164,6 @@ spec: type indicates which kind of seccomp profile will be applied. Valid options are: - Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. @@ -8932,6 +9227,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -8948,11 +9244,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -8986,6 +9282,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -9127,6 +9424,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - devicePath + x-kubernetes-list-type: map volumeMounts: description: |- Pod volumes to mount into the container's filesystem. @@ -9146,6 +9446,8 @@ spec: to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). type: string name: description: This must match the Name of a Volume. @@ -9155,6 +9457,25 @@ spec: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string subPath: description: |- Path within the volume from which the container's volume should be mounted. @@ -9172,6 +9493,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - mountPath + x-kubernetes-list-type: map workingDir: description: |- Container's working directory. @@ -9338,10 +9662,13 @@ spec: referenced object inside the same namespace. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -9477,7 +9804,7 @@ kind: CustomResourceDefinition metadata: name: keptnworkloads.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -10017,7 +10344,7 @@ kind: CustomResourceDefinition metadata: name: keptnworkloadversions.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -11041,15 +11368,6 @@ rules: - admissionregistration.k8s.io resources: - mutatingwebhookconfigurations - verbs: - - get - - list - - patch - - update - - watch -- apiGroups: - - admissionregistration.k8s.io - resources: - validatingwebhookconfigurations verbs: - get @@ -11280,42 +11598,6 @@ metadata: app.kubernetes.io/version: v1.1.1 helm.sh/chart: lifecycle-operator-0.4.1 rules: -- apiGroups: - - apps - resources: - - daemonsets - - deployments - - replicasets - - statefulsets - verbs: - - get - - list - - watch -- apiGroups: - - argoproj.io - resources: - - rollouts - verbs: - - get - - list - - watch -- apiGroups: - - batch - resources: - - jobs - verbs: - - create - - get - - list - - update - - watch -- apiGroups: - - batch - resources: - - jobs/status - verbs: - - get - - list - apiGroups: - "" resources: @@ -11361,8 +11643,8 @@ rules: verbs: - get - list - - watch - update + - watch - apiGroups: - "" resources: @@ -11370,120 +11652,45 @@ rules: verbs: - get - apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappcontexts - verbs: - - get - - list - - watch -- apiGroups: - - lifecycle.keptn.sh + - apps resources: - - keptnappcreationrequests + - daemonsets + - deployments + - replicasets + - statefulsets verbs: - - create - - delete - get - list - - patch - - update - watch - apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappcreationrequests/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappcreationrequests/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh + - argoproj.io resources: - - keptnapps + - rollouts verbs: - - create - - delete - get - list - - patch - - update - watch - apiGroups: - - lifecycle.keptn.sh - resources: - - keptnapps/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnapps/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh + - batch resources: - - keptnappversion + - jobs verbs: - create - - delete - get - list - - patch - update - watch - apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappversion/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappversion/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh + - batch resources: - - keptnappversions + - jobs/status verbs: - - create - - delete - get - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappversions/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappversions/status - verbs: - - get - - patch - - update - apiGroups: - lifecycle.keptn.sh resources: + - keptnappcontexts - keptnevaluationdefinitions verbs: - get @@ -11492,111 +11699,15 @@ rules: - apiGroups: - lifecycle.keptn.sh resources: + - keptnappcreationrequests + - keptnapps + - keptnappversion + - keptnappversions - keptnevaluations - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnevaluations/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnevaluations/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - keptntaskdefinitions - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptntaskdefinitions/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptntaskdefinitions/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - keptntasks - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptntasks/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptntasks/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnworkloadversions - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnworkloadversions/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnworkloadversions/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - keptnworkloads + - keptnworkloadversions verbs: - create - delete @@ -11608,13 +11719,29 @@ rules: - apiGroups: - lifecycle.keptn.sh resources: + - keptnappcreationrequests/finalizers + - keptnapps/finalizers + - keptnappversion/finalizers + - keptnappversions/finalizers + - keptnevaluations/finalizers + - keptntaskdefinitions/finalizers + - keptntasks/finalizers - keptnworkloads/finalizers + - keptnworkloadversions/finalizers verbs: - update - apiGroups: - lifecycle.keptn.sh resources: + - keptnappcreationrequests/status + - keptnapps/status + - keptnappversion/status + - keptnappversions/status + - keptnevaluations/status + - keptntaskdefinitions/status + - keptntasks/status - keptnworkloads/status + - keptnworkloadversions/status verbs: - get - patch diff --git a/.github/scripts/.helm-tests/local-global-precedence/result.yaml b/.github/scripts/.helm-tests/local-global-precedence/result.yaml index ceffb73ab7..5af4e65a7b 100644 --- a/.github/scripts/.helm-tests/local-global-precedence/result.yaml +++ b/.github/scripts/.helm-tests/local-global-precedence/result.yaml @@ -177,7 +177,7 @@ kind: CustomResourceDefinition metadata: name: keptnapps.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 caAnnotation1: hi globalAnnotation1: test1 globalAnnotation2: test2 @@ -607,7 +607,7 @@ kind: CustomResourceDefinition metadata: name: keptnappcontexts.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' globalAnnotation1: test1 globalAnnotation2: test2 @@ -825,7 +825,7 @@ kind: CustomResourceDefinition metadata: name: keptnappcreationrequests.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 caAnnotation1: hi globalAnnotation1: test1 globalAnnotation2: test2 @@ -980,7 +980,7 @@ kind: CustomResourceDefinition metadata: name: keptnappversions.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 caAnnotation1: hi globalAnnotation1: test1 globalAnnotation2: test2 @@ -2651,7 +2651,7 @@ kind: CustomResourceDefinition metadata: name: keptnconfigs.options.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 caAnnotation1: hi globalAnnotation1: test1 globalAnnotation2: test2 @@ -2745,7 +2745,7 @@ kind: CustomResourceDefinition metadata: name: keptnevaluations.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 caAnnotation1: hi globalAnnotation1: test1 globalAnnotation2: test2 @@ -3462,7 +3462,7 @@ kind: CustomResourceDefinition metadata: name: keptnevaluationdefinitions.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 caAnnotation1: hi globalAnnotation1: test1 globalAnnotation2: test2 @@ -3835,7 +3835,7 @@ kind: CustomResourceDefinition metadata: name: keptntasks.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 caAnnotation1: hi globalAnnotation1: test1 globalAnnotation2: test2 @@ -4607,7 +4607,7 @@ kind: CustomResourceDefinition metadata: name: keptntaskdefinitions.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 caAnnotation1: hi globalAnnotation1: test1 globalAnnotation2: test2 @@ -4685,6 +4685,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic command: description: |- Entrypoint array. Not executed within a shell. @@ -4698,6 +4699,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic env: description: |- List of environment variables to set in the container. @@ -4733,10 +4735,13 @@ spec: description: The key to select. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its @@ -4796,10 +4801,13 @@ spec: be a valid secret key. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -4814,6 +4822,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map envFrom: description: |- List of sources to populate environment variables in the container. @@ -4830,10 +4841,13 @@ spec: description: The ConfigMap to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap must be defined @@ -4848,10 +4862,13 @@ spec: description: The Secret to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret must be defined @@ -4860,6 +4877,7 @@ spec: x-kubernetes-map-type: atomic type: object type: array + x-kubernetes-list-type: atomic image: description: |- Container image name. @@ -4900,6 +4918,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -4929,6 +4948,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -4949,6 +4969,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -4997,6 +5028,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -5026,6 +5058,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -5046,6 +5079,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -5090,6 +5134,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -5106,11 +5151,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -5144,6 +5189,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -5300,6 +5346,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -5316,11 +5363,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -5354,6 +5401,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -5467,11 +5515,9 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. @@ -5482,6 +5528,12 @@ spec: the Pod where this field is used. It makes that resource available inside a container. type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string required: - name type: object @@ -5548,6 +5600,30 @@ spec: 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. type: boolean + appArmorProfile: + description: |- + appArmorProfile is the AppArmor options to use by this container. If set, this profile + overrides the pod's appArmorProfile. + Note that this field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: |- + localhostProfile indicates a profile loaded on the node that should be used. + The profile must be preconfigured on the node to work. + Must match the loaded name of the profile. + Must be set if and only if type is "Localhost". + type: string + type: + description: |- + type indicates which kind of AppArmor profile will be applied. + Valid options are: + Localhost - a profile pre-loaded on the node. + RuntimeDefault - the container runtime's default profile. + Unconfined - no AppArmor enforcement. + type: string + required: + - type + type: object capabilities: description: |- The capabilities to add/drop when running containers. @@ -5561,6 +5637,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic drop: description: Removed capabilities items: @@ -5568,6 +5645,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic type: object privileged: description: |- @@ -5579,7 +5657,7 @@ spec: procMount: description: |- procMount denotes the type of proc mount to use for the containers. - The default is DefaultProcMount which uses the container runtime defaults for + The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. @@ -5661,7 +5739,6 @@ spec: type indicates which kind of seccomp profile will be applied. Valid options are: - Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. @@ -5725,6 +5802,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -5741,11 +5819,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -5779,6 +5857,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -5920,6 +5999,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - devicePath + x-kubernetes-list-type: map volumeMounts: description: |- Pod volumes to mount into the container's filesystem. @@ -5939,6 +6021,8 @@ spec: to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). type: string name: description: This must match the Name of a Volume. @@ -5948,6 +6032,25 @@ spec: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string subPath: description: |- Path within the volume from which the container's volume should be mounted. @@ -5965,6 +6068,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - mountPath + x-kubernetes-list-type: map workingDir: description: |- Container's working directory. @@ -6057,10 +6163,13 @@ spec: referenced object inside the same namespace. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -6394,6 +6503,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic command: description: |- Entrypoint array. Not executed within a shell. @@ -6407,6 +6517,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic env: description: |- List of environment variables to set in the container. @@ -6442,10 +6553,13 @@ spec: description: The key to select. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its @@ -6505,10 +6619,13 @@ spec: be a valid secret key. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -6523,6 +6640,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map envFrom: description: |- List of sources to populate environment variables in the container. @@ -6539,10 +6659,13 @@ spec: description: The ConfigMap to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap must be defined @@ -6557,10 +6680,13 @@ spec: description: The Secret to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret must be defined @@ -6569,6 +6695,7 @@ spec: x-kubernetes-map-type: atomic type: object type: array + x-kubernetes-list-type: atomic image: description: |- Container image name. @@ -6609,6 +6736,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -6638,6 +6766,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -6658,6 +6787,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -6706,6 +6846,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -6735,6 +6876,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -6755,6 +6897,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -6799,6 +6952,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -6815,11 +6969,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -6853,6 +7007,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -7009,6 +7164,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -7025,11 +7181,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -7063,6 +7219,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -7176,11 +7333,9 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. @@ -7191,6 +7346,12 @@ spec: the Pod where this field is used. It makes that resource available inside a container. type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string required: - name type: object @@ -7257,6 +7418,30 @@ spec: 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. type: boolean + appArmorProfile: + description: |- + appArmorProfile is the AppArmor options to use by this container. If set, this profile + overrides the pod's appArmorProfile. + Note that this field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: |- + localhostProfile indicates a profile loaded on the node that should be used. + The profile must be preconfigured on the node to work. + Must match the loaded name of the profile. + Must be set if and only if type is "Localhost". + type: string + type: + description: |- + type indicates which kind of AppArmor profile will be applied. + Valid options are: + Localhost - a profile pre-loaded on the node. + RuntimeDefault - the container runtime's default profile. + Unconfined - no AppArmor enforcement. + type: string + required: + - type + type: object capabilities: description: |- The capabilities to add/drop when running containers. @@ -7270,6 +7455,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic drop: description: Removed capabilities items: @@ -7277,6 +7463,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic type: object privileged: description: |- @@ -7288,7 +7475,7 @@ spec: procMount: description: |- procMount denotes the type of proc mount to use for the containers. - The default is DefaultProcMount which uses the container runtime defaults for + The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. @@ -7370,7 +7557,6 @@ spec: type indicates which kind of seccomp profile will be applied. Valid options are: - Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. @@ -7434,6 +7620,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -7450,11 +7637,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -7488,6 +7675,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -7629,6 +7817,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - devicePath + x-kubernetes-list-type: map volumeMounts: description: |- Pod volumes to mount into the container's filesystem. @@ -7648,6 +7839,8 @@ spec: to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). type: string name: description: This must match the Name of a Volume. @@ -7657,6 +7850,25 @@ spec: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string subPath: description: |- Path within the volume from which the container's volume should be mounted. @@ -7674,6 +7886,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - mountPath + x-kubernetes-list-type: map workingDir: description: |- Container's working directory. @@ -7840,10 +8055,13 @@ spec: referenced object inside the same namespace. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -8025,6 +8243,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic command: description: |- Entrypoint array. Not executed within a shell. @@ -8038,6 +8257,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic env: description: |- List of environment variables to set in the container. @@ -8073,10 +8293,13 @@ spec: description: The key to select. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its @@ -8136,10 +8359,13 @@ spec: be a valid secret key. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -8154,6 +8380,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map envFrom: description: |- List of sources to populate environment variables in the container. @@ -8170,10 +8399,13 @@ spec: description: The ConfigMap to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap must be defined @@ -8188,10 +8420,13 @@ spec: description: The Secret to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret must be defined @@ -8200,6 +8435,7 @@ spec: x-kubernetes-map-type: atomic type: object type: array + x-kubernetes-list-type: atomic image: description: |- Container image name. @@ -8240,6 +8476,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -8269,6 +8506,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -8289,6 +8527,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -8337,6 +8586,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -8366,6 +8616,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -8386,6 +8637,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -8430,6 +8692,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -8446,11 +8709,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -8484,6 +8747,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -8640,6 +8904,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -8656,11 +8921,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -8694,6 +8959,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -8807,11 +9073,9 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. @@ -8822,6 +9086,12 @@ spec: the Pod where this field is used. It makes that resource available inside a container. type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string required: - name type: object @@ -8888,6 +9158,30 @@ spec: 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. type: boolean + appArmorProfile: + description: |- + appArmorProfile is the AppArmor options to use by this container. If set, this profile + overrides the pod's appArmorProfile. + Note that this field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: |- + localhostProfile indicates a profile loaded on the node that should be used. + The profile must be preconfigured on the node to work. + Must match the loaded name of the profile. + Must be set if and only if type is "Localhost". + type: string + type: + description: |- + type indicates which kind of AppArmor profile will be applied. + Valid options are: + Localhost - a profile pre-loaded on the node. + RuntimeDefault - the container runtime's default profile. + Unconfined - no AppArmor enforcement. + type: string + required: + - type + type: object capabilities: description: |- The capabilities to add/drop when running containers. @@ -8901,6 +9195,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic drop: description: Removed capabilities items: @@ -8908,6 +9203,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic type: object privileged: description: |- @@ -8919,7 +9215,7 @@ spec: procMount: description: |- procMount denotes the type of proc mount to use for the containers. - The default is DefaultProcMount which uses the container runtime defaults for + The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. @@ -9001,7 +9297,6 @@ spec: type indicates which kind of seccomp profile will be applied. Valid options are: - Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. @@ -9065,6 +9360,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -9081,11 +9377,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -9119,6 +9415,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -9260,6 +9557,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - devicePath + x-kubernetes-list-type: map volumeMounts: description: |- Pod volumes to mount into the container's filesystem. @@ -9279,6 +9579,8 @@ spec: to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). type: string name: description: This must match the Name of a Volume. @@ -9288,6 +9590,25 @@ spec: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string subPath: description: |- Path within the volume from which the container's volume should be mounted. @@ -9305,6 +9626,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - mountPath + x-kubernetes-list-type: map workingDir: description: |- Container's working directory. @@ -9471,10 +9795,13 @@ spec: referenced object inside the same namespace. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -9610,7 +9937,7 @@ kind: CustomResourceDefinition metadata: name: keptnworkloads.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 caAnnotation1: hi globalAnnotation1: test1 globalAnnotation2: test2 @@ -10156,7 +10483,7 @@ kind: CustomResourceDefinition metadata: name: keptnworkloadversions.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 caAnnotation1: hi globalAnnotation1: test1 globalAnnotation2: test2 @@ -11175,7 +11502,7 @@ kind: CustomResourceDefinition metadata: name: analyses.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 caAnnotation1: hi globalAnnotation1: test1 globalAnnotation2: test2 @@ -11699,7 +12026,7 @@ kind: CustomResourceDefinition metadata: name: analysisdefinitions.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 caAnnotation1: hi globalAnnotation1: test1 globalAnnotation2: test2 @@ -12736,7 +13063,7 @@ kind: CustomResourceDefinition metadata: name: analysisvaluetemplates.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 caAnnotation1: hi globalAnnotation1: test1 globalAnnotation2: test2 @@ -12951,7 +13278,7 @@ kind: CustomResourceDefinition metadata: name: keptnmetrics.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 caAnnotation1: hi globalAnnotation1: test1 globalAnnotation2: test2 @@ -13670,7 +13997,7 @@ kind: CustomResourceDefinition metadata: name: keptnmetricsproviders.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 caAnnotation1: hi globalAnnotation1: test1 globalAnnotation2: test2 @@ -13740,7 +14067,6 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined @@ -13806,7 +14132,6 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined @@ -13866,7 +14191,6 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined @@ -13933,7 +14257,6 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined @@ -13986,15 +14309,6 @@ rules: - admissionregistration.k8s.io resources: - mutatingwebhookconfigurations - verbs: - - get - - list - - patch - - update - - watch -- apiGroups: - - admissionregistration.k8s.io - resources: - validatingwebhookconfigurations verbs: - get @@ -14237,42 +14551,6 @@ metadata: globalLabel2: test2 helm.sh/chart: lifecycle-operator-0.4.1 rules: -- apiGroups: - - apps - resources: - - daemonsets - - deployments - - replicasets - - statefulsets - verbs: - - get - - list - - watch -- apiGroups: - - argoproj.io - resources: - - rollouts - verbs: - - get - - list - - watch -- apiGroups: - - batch - resources: - - jobs - verbs: - - create - - get - - list - - update - - watch -- apiGroups: - - batch - resources: - - jobs/status - verbs: - - get - - list - apiGroups: - "" resources: @@ -14318,8 +14596,8 @@ rules: verbs: - get - list - - watch - update + - watch - apiGroups: - "" resources: @@ -14327,120 +14605,45 @@ rules: verbs: - get - apiGroups: - - lifecycle.keptn.sh + - apps resources: - - keptnappcontexts + - daemonsets + - deployments + - replicasets + - statefulsets verbs: - get - list - watch - apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappcreationrequests - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappcreationrequests/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappcreationrequests/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh + - argoproj.io resources: - - keptnapps + - rollouts verbs: - - create - - delete - get - list - - patch - - update - watch - apiGroups: - - lifecycle.keptn.sh - resources: - - keptnapps/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnapps/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh + - batch resources: - - keptnappversion + - jobs verbs: - create - - delete - get - list - - patch - update - watch - apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappversion/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappversion/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh + - batch resources: - - keptnappversions + - jobs/status verbs: - - create - - delete - get - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappversions/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappversions/status - verbs: - - get - - patch - - update - apiGroups: - lifecycle.keptn.sh resources: + - keptnappcontexts - keptnevaluationdefinitions verbs: - get @@ -14449,111 +14652,15 @@ rules: - apiGroups: - lifecycle.keptn.sh resources: + - keptnappcreationrequests + - keptnapps + - keptnappversion + - keptnappversions - keptnevaluations - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnevaluations/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnevaluations/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - keptntaskdefinitions - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptntaskdefinitions/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptntaskdefinitions/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - keptntasks - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptntasks/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptntasks/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnworkloadversions - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnworkloadversions/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnworkloadversions/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - keptnworkloads + - keptnworkloadversions verbs: - create - delete @@ -14565,13 +14672,29 @@ rules: - apiGroups: - lifecycle.keptn.sh resources: + - keptnappcreationrequests/finalizers + - keptnapps/finalizers + - keptnappversion/finalizers + - keptnappversions/finalizers + - keptnevaluations/finalizers + - keptntaskdefinitions/finalizers + - keptntasks/finalizers - keptnworkloads/finalizers + - keptnworkloadversions/finalizers verbs: - update - apiGroups: - lifecycle.keptn.sh resources: + - keptnappcreationrequests/status + - keptnapps/status + - keptnappversion/status + - keptnappversions/status + - keptnevaluations/status + - keptntaskdefinitions/status + - keptntasks/status - keptnworkloads/status + - keptnworkloadversions/status verbs: - get - patch @@ -14674,12 +14797,14 @@ rules: - metrics.keptn.sh resources: - analyses/finalizers + - keptnmetrics/finalizers verbs: - update - apiGroups: - metrics.keptn.sh resources: - analyses/status + - keptnmetrics/status verbs: - get - patch @@ -14688,51 +14813,9 @@ rules: - metrics.keptn.sh resources: - analysisdefinitions - verbs: - - get - - list - - watch - - apiGroups: - - metrics.keptn.sh - resources: - analysisvaluetemplates - verbs: - - get - - list - - watch - - apiGroups: - - metrics.keptn.sh - resources: - keptnmetrics - verbs: - - get - - list - - watch - - apiGroups: - - metrics.keptn.sh - resources: - - keptnmetrics/finalizers - verbs: - - update - - apiGroups: - - metrics.keptn.sh - resources: - - keptnmetrics/status - verbs: - - get - - patch - - update - - apiGroups: - - metrics.keptn.sh - resources: - keptnmetricsproviders - verbs: - - get - - list - - watch - - apiGroups: - - metrics.keptn.sh - resources: - providers verbs: - get diff --git a/.github/scripts/.helm-tests/metrics-only-with-apiservice-disabled/result.yaml b/.github/scripts/.helm-tests/metrics-only-with-apiservice-disabled/result.yaml index 8de7db5937..b86decd77c 100644 --- a/.github/scripts/.helm-tests/metrics-only-with-apiservice-disabled/result.yaml +++ b/.github/scripts/.helm-tests/metrics-only-with-apiservice-disabled/result.yaml @@ -44,7 +44,7 @@ kind: CustomResourceDefinition metadata: name: analyses.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: metrics.keptn.sh @@ -562,7 +562,7 @@ kind: CustomResourceDefinition metadata: name: analysisdefinitions.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: metrics.keptn.sh @@ -1593,7 +1593,7 @@ kind: CustomResourceDefinition metadata: name: analysisvaluetemplates.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: metrics.keptn.sh @@ -1802,7 +1802,7 @@ kind: CustomResourceDefinition metadata: name: keptnmetrics.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: metrics.keptn.sh @@ -2515,7 +2515,7 @@ kind: CustomResourceDefinition metadata: name: keptnmetricsproviders.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: metrics.keptn.sh @@ -2579,7 +2579,6 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined @@ -2645,7 +2644,6 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined @@ -2705,7 +2703,6 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined @@ -2772,7 +2769,6 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined @@ -2845,12 +2841,14 @@ rules: - metrics.keptn.sh resources: - analyses/finalizers + - keptnmetrics/finalizers verbs: - update - apiGroups: - metrics.keptn.sh resources: - analyses/status + - keptnmetrics/status verbs: - get - patch @@ -2859,51 +2857,9 @@ rules: - metrics.keptn.sh resources: - analysisdefinitions - verbs: - - get - - list - - watch - - apiGroups: - - metrics.keptn.sh - resources: - analysisvaluetemplates - verbs: - - get - - list - - watch - - apiGroups: - - metrics.keptn.sh - resources: - keptnmetrics - verbs: - - get - - list - - watch - - apiGroups: - - metrics.keptn.sh - resources: - - keptnmetrics/finalizers - verbs: - - update - - apiGroups: - - metrics.keptn.sh - resources: - - keptnmetrics/status - verbs: - - get - - patch - - update - - apiGroups: - - metrics.keptn.sh - resources: - keptnmetricsproviders - verbs: - - get - - list - - watch - - apiGroups: - - metrics.keptn.sh - resources: - providers verbs: - get diff --git a/.github/scripts/.helm-tests/metrics-only/result.yaml b/.github/scripts/.helm-tests/metrics-only/result.yaml index 0063042a31..310d4ae0ad 100644 --- a/.github/scripts/.helm-tests/metrics-only/result.yaml +++ b/.github/scripts/.helm-tests/metrics-only/result.yaml @@ -44,7 +44,7 @@ kind: CustomResourceDefinition metadata: name: analyses.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: metrics.keptn.sh @@ -562,7 +562,7 @@ kind: CustomResourceDefinition metadata: name: analysisdefinitions.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: metrics.keptn.sh @@ -1593,7 +1593,7 @@ kind: CustomResourceDefinition metadata: name: analysisvaluetemplates.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: metrics.keptn.sh @@ -1802,7 +1802,7 @@ kind: CustomResourceDefinition metadata: name: keptnmetrics.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: metrics.keptn.sh @@ -2515,7 +2515,7 @@ kind: CustomResourceDefinition metadata: name: keptnmetricsproviders.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: metrics.keptn.sh @@ -2579,7 +2579,6 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined @@ -2645,7 +2644,6 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined @@ -2705,7 +2703,6 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined @@ -2772,7 +2769,6 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined @@ -2845,12 +2841,14 @@ rules: - metrics.keptn.sh resources: - analyses/finalizers + - keptnmetrics/finalizers verbs: - update - apiGroups: - metrics.keptn.sh resources: - analyses/status + - keptnmetrics/status verbs: - get - patch @@ -2859,51 +2857,9 @@ rules: - metrics.keptn.sh resources: - analysisdefinitions - verbs: - - get - - list - - watch - - apiGroups: - - metrics.keptn.sh - resources: - analysisvaluetemplates - verbs: - - get - - list - - watch - - apiGroups: - - metrics.keptn.sh - resources: - keptnmetrics - verbs: - - get - - list - - watch - - apiGroups: - - metrics.keptn.sh - resources: - - keptnmetrics/finalizers - verbs: - - update - - apiGroups: - - metrics.keptn.sh - resources: - - keptnmetrics/status - verbs: - - get - - patch - - update - - apiGroups: - - metrics.keptn.sh - resources: - keptnmetricsproviders - verbs: - - get - - list - - watch - - apiGroups: - - metrics.keptn.sh - resources: - providers verbs: - get diff --git a/.github/scripts/.helm-tests/metrics-with-certs/result.yaml b/.github/scripts/.helm-tests/metrics-with-certs/result.yaml index fe75fffde2..c5fc30ca86 100644 --- a/.github/scripts/.helm-tests/metrics-with-certs/result.yaml +++ b/.github/scripts/.helm-tests/metrics-with-certs/result.yaml @@ -59,7 +59,7 @@ kind: CustomResourceDefinition metadata: name: analyses.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: metrics.keptn.sh @@ -577,7 +577,7 @@ kind: CustomResourceDefinition metadata: name: analysisdefinitions.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: metrics.keptn.sh @@ -1608,7 +1608,7 @@ kind: CustomResourceDefinition metadata: name: analysisvaluetemplates.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: metrics.keptn.sh @@ -1817,7 +1817,7 @@ kind: CustomResourceDefinition metadata: name: keptnmetrics.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: metrics.keptn.sh @@ -2530,7 +2530,7 @@ kind: CustomResourceDefinition metadata: name: keptnmetricsproviders.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: app.kubernetes.io/part-of: keptn crdGroup: metrics.keptn.sh @@ -2594,7 +2594,6 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined @@ -2660,7 +2659,6 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined @@ -2720,7 +2718,6 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined @@ -2787,7 +2784,6 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined @@ -2834,15 +2830,6 @@ rules: - admissionregistration.k8s.io resources: - mutatingwebhookconfigurations - verbs: - - get - - list - - patch - - update - - watch -- apiGroups: - - admissionregistration.k8s.io - resources: - validatingwebhookconfigurations verbs: - get @@ -2912,12 +2899,14 @@ rules: - metrics.keptn.sh resources: - analyses/finalizers + - keptnmetrics/finalizers verbs: - update - apiGroups: - metrics.keptn.sh resources: - analyses/status + - keptnmetrics/status verbs: - get - patch @@ -2926,51 +2915,9 @@ rules: - metrics.keptn.sh resources: - analysisdefinitions - verbs: - - get - - list - - watch - - apiGroups: - - metrics.keptn.sh - resources: - analysisvaluetemplates - verbs: - - get - - list - - watch - - apiGroups: - - metrics.keptn.sh - resources: - keptnmetrics - verbs: - - get - - list - - watch - - apiGroups: - - metrics.keptn.sh - resources: - - keptnmetrics/finalizers - verbs: - - update - - apiGroups: - - metrics.keptn.sh - resources: - - keptnmetrics/status - verbs: - - get - - patch - - update - - apiGroups: - - metrics.keptn.sh - resources: - keptnmetricsproviders - verbs: - - get - - list - - watch - - apiGroups: - - metrics.keptn.sh - resources: - providers verbs: - get diff --git a/.github/workflows/CI.yaml b/.github/workflows/CI.yaml index b7b29686ea..41ee2d4d44 100644 --- a/.github/workflows/CI.yaml +++ b/.github/workflows/CI.yaml @@ -22,7 +22,7 @@ permissions: read-all env: GO_VERSION: "~1.23" # renovate: datasource=github-releases depName=kubernetes-sigs/controller-tools - CONTROLLER_TOOLS_VERSION: "v0.16.4" + CONTROLLER_TOOLS_VERSION: "v0.16.5" ENVTEST_K8S_VERSION: "1.24.2" SCHEDULER_COMPATIBLE_K8S_VERSION: "v0.24.3" defaults: diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 94654c121b..fc9d7c8740 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -17,7 +17,7 @@ defaults: env: GO_VERSION: "~1.23" # renovate: datasource=github-releases depName=kubernetes-sigs/controller-tools - CONTROLLER_TOOLS_VERSION: "v0.16.4" + CONTROLLER_TOOLS_VERSION: "v0.16.5" SCHEDULER_COMPATIBLE_K8S_VERSION: "v0.24.3" PUBLISHABLE_ITEMS: '[".","lifecycle-operator","metrics-operator","keptn-cert-manager","runtimes/deno-runtime","runtimes/python-runtime","scheduler"]' diff --git a/keptn-cert-manager/Makefile b/keptn-cert-manager/Makefile index 43144ef804..1f35a2dc06 100644 --- a/keptn-cert-manager/Makefile +++ b/keptn-cert-manager/Makefile @@ -122,7 +122,7 @@ ENVTEST ?= $(LOCALBIN)/setup-envtest # renovate: datasource=github-tags depName=kubernetes-sigs/kustomize KUSTOMIZE_VERSION?=v5.5.0 # renovate: datasource=github-releases depName=kubernetes-sigs/controller-tools -CONTROLLER_TOOLS_VERSION?=v0.16.4 +CONTROLLER_TOOLS_VERSION?=v0.16.5 KUSTOMIZE_INSTALL_SCRIPT ?= "https://raw.githubusercontent.com/kubernetes-sigs/kustomize/master/hack/install_kustomize.sh" .PHONY: kustomize diff --git a/keptn-cert-manager/chart/templates/certificate-operator-rbac.yaml b/keptn-cert-manager/chart/templates/certificate-operator-rbac.yaml index d5d99c92c2..1e1e067567 100644 --- a/keptn-cert-manager/chart/templates/certificate-operator-rbac.yaml +++ b/keptn-cert-manager/chart/templates/certificate-operator-rbac.yaml @@ -44,15 +44,6 @@ rules: - admissionregistration.k8s.io resources: - mutatingwebhookconfigurations - verbs: - - get - - list - - patch - - update - - watch -- apiGroups: - - admissionregistration.k8s.io - resources: - validatingwebhookconfigurations verbs: - get diff --git a/keptn-cert-manager/config/rbac/role.yaml b/keptn-cert-manager/config/rbac/role.yaml index 9321894d7d..be9e903b12 100644 --- a/keptn-cert-manager/config/rbac/role.yaml +++ b/keptn-cert-manager/config/rbac/role.yaml @@ -8,15 +8,6 @@ rules: - admissionregistration.k8s.io resources: - mutatingwebhookconfigurations - verbs: - - get - - list - - patch - - update - - watch -- apiGroups: - - admissionregistration.k8s.io - resources: - validatingwebhookconfigurations verbs: - get diff --git a/keptn-cert-manager/controllers/keptnwebhookcontroller/webhook_cert_controller_test.go b/keptn-cert-manager/controllers/keptnwebhookcontroller/webhook_cert_controller_test.go index 5dae2e1454..23990f44a8 100644 --- a/keptn-cert-manager/controllers/keptnwebhookcontroller/webhook_cert_controller_test.go +++ b/keptn-cert-manager/controllers/keptnwebhookcontroller/webhook_cert_controller_test.go @@ -216,7 +216,7 @@ func TestReconcile(t *testing.T) { // crd 3 should not have a webhook conversion err = fakeClient.Get(context.TODO(), client.ObjectKey{Name: crd3.Name}, actualCrd) require.NoError(t, err) - assert.Empty(t, actualCrd.Spec.Conversion.Webhook) + require.Nil(t, actualCrd.Spec.Conversion) }) t.Run(`update crd and webhooks successfully with up-to-date secret`, func(t *testing.T) { @@ -272,7 +272,7 @@ func TestReconcile(t *testing.T) { // crd 3 should not have a webhook conversion err = fakeClient.Get(context.TODO(), client.ObjectKey{Name: crd3.Name}, actualCrd) require.NoError(t, err) - assert.Empty(t, actualCrd.Spec.Conversion.Webhook) + require.Nil(t, actualCrd.Spec.Conversion) }) // Generation must not be skipped because webhook startup routine listens for the secret diff --git a/keptn-cert-manager/go.mod b/keptn-cert-manager/go.mod index 05d7723348..e168ea017d 100644 --- a/keptn-cert-manager/go.mod +++ b/keptn-cert-manager/go.mod @@ -8,68 +8,68 @@ require ( github.com/pkg/errors v0.9.1 github.com/spf13/afero v1.11.0 github.com/stretchr/testify v1.9.0 - k8s.io/api v0.29.9 - k8s.io/apiextensions-apiserver v0.29.9 - k8s.io/apimachinery v0.29.9 - k8s.io/client-go v0.29.9 - sigs.k8s.io/controller-runtime v0.16.6 + k8s.io/api v0.31.2 + k8s.io/apiextensions-apiserver v0.31.2 + k8s.io/apimachinery v0.31.2 + k8s.io/client-go v0.31.2 + sigs.k8s.io/controller-runtime v0.19.1 ) require ( github.com/beorn7/perks v1.0.1 // indirect - github.com/cespare/xxhash/v2 v2.2.0 // indirect - github.com/davecgh/go-spew v1.1.1 // indirect + github.com/cespare/xxhash/v2 v2.3.0 // indirect + github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect github.com/emicklei/go-restful/v3 v3.11.0 // indirect github.com/evanphx/json-patch v5.6.0+incompatible // indirect - github.com/evanphx/json-patch/v5 v5.6.0 // indirect + github.com/evanphx/json-patch/v5 v5.9.0 // indirect github.com/fsnotify/fsnotify v1.7.0 // indirect - github.com/go-logr/zapr v1.2.4 // indirect + github.com/fxamacker/cbor/v2 v2.7.0 // indirect + github.com/go-logr/zapr v1.3.0 // indirect github.com/go-openapi/jsonpointer v0.19.6 // indirect github.com/go-openapi/jsonreference v0.20.2 // indirect - github.com/go-openapi/swag v0.22.3 // indirect + github.com/go-openapi/swag v0.22.4 // indirect github.com/gogo/protobuf v1.3.2 // indirect github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect github.com/golang/protobuf v1.5.4 // indirect github.com/google/gnostic-models v0.6.8 // indirect github.com/google/go-cmp v0.6.0 // indirect github.com/google/gofuzz v1.2.0 // indirect - github.com/google/uuid v1.4.0 // indirect + github.com/google/uuid v1.6.0 // indirect github.com/imdario/mergo v0.3.13 // indirect github.com/josharian/intern v1.0.0 // indirect github.com/json-iterator/go v1.1.12 // indirect github.com/mailru/easyjson v0.7.7 // indirect - github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect github.com/modern-go/reflect2 v1.0.2 // indirect github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect - github.com/pmezard/go-difflib v1.0.0 // indirect - github.com/prometheus/client_golang v1.16.0 // indirect - github.com/prometheus/client_model v0.4.0 // indirect - github.com/prometheus/common v0.44.0 // indirect - github.com/prometheus/procfs v0.10.1 // indirect + github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect + github.com/prometheus/client_golang v1.19.1 // indirect + github.com/prometheus/client_model v0.6.1 // indirect + github.com/prometheus/common v0.55.0 // indirect + github.com/prometheus/procfs v0.15.1 // indirect github.com/spf13/pflag v1.0.5 // indirect + github.com/x448/float16 v0.8.4 // indirect go.uber.org/multierr v1.11.0 // indirect - go.uber.org/zap v1.25.0 // indirect - golang.org/x/exp v0.0.0-20220722155223-a9213eeb770e // indirect - golang.org/x/net v0.25.0 // indirect - golang.org/x/oauth2 v0.15.0 // indirect + go.uber.org/zap v1.26.0 // indirect + golang.org/x/exp v0.0.0-20230515195305-f3d0a9c9a5cc // indirect + golang.org/x/net v0.26.0 // indirect + golang.org/x/oauth2 v0.21.0 // indirect golang.org/x/sys v0.26.0 // indirect golang.org/x/term v0.25.0 // indirect golang.org/x/text v0.19.0 // indirect golang.org/x/time v0.5.0 // indirect gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect - google.golang.org/appengine v1.6.7 // indirect - google.golang.org/protobuf v1.33.0 // indirect + google.golang.org/protobuf v1.34.2 // indirect + gopkg.in/evanphx/json-patch.v4 v4.12.0 // indirect gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect - k8s.io/component-base v0.29.9 // indirect - k8s.io/klog/v2 v2.110.1 // indirect - k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 // indirect - k8s.io/utils v0.0.0-20230726121419-3b25d923346b // indirect + k8s.io/klog/v2 v2.130.1 // indirect + k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 // indirect + k8s.io/utils v0.0.0-20240711033017-18e509b52bc8 // indirect sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect - sigs.k8s.io/yaml v1.3.0 // indirect + sigs.k8s.io/yaml v1.4.0 // indirect ) replace ( diff --git a/keptn-cert-manager/go.sum b/keptn-cert-manager/go.sum index 239012cc92..3b66bfca04 100644 --- a/keptn-cert-manager/go.sum +++ b/keptn-cert-manager/go.sum @@ -1,42 +1,39 @@ -github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA= -github.com/benbjohnson/clock v1.3.0 h1:ip6w0uFQkncKQ979AypyG0ER7mqUSBdKLOgAle/AT8A= -github.com/benbjohnson/clock v1.3.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA= github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= -github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44= -github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= +github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs= +github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM= +github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/emicklei/go-restful/v3 v3.11.0 h1:rAQeMHw1c7zTmncogyy8VvRZwtkmkZ4FxERmMY4rD+g= github.com/emicklei/go-restful/v3 v3.11.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= github.com/evanphx/json-patch v5.6.0+incompatible h1:jBYDEEiFBPxA0v50tFdvOzQQTCvpL6mnFh5mB2/l16U= github.com/evanphx/json-patch v5.6.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= -github.com/evanphx/json-patch/v5 v5.6.0 h1:b91NhWfaz02IuVxO9faSllyAtNXHMPkC5J8sJCLunww= -github.com/evanphx/json-patch/v5 v5.6.0/go.mod h1:G79N1coSVB93tBe7j6PhzjmR3/2VvlbKOFpnXhI9Bw4= +github.com/evanphx/json-patch/v5 v5.9.0 h1:kcBlZQbplgElYIlo/n1hJbls2z/1awpXxpRi0/FOJfg= +github.com/evanphx/json-patch/v5 v5.9.0/go.mod h1:VNkHZ/282BpEyt/tObQO8s5CMPmYYq14uClGH4abBuQ= github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nosvA= github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM= -github.com/go-logr/logr v1.2.4/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-logr/logr v1.3.0/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= +github.com/fxamacker/cbor/v2 v2.7.0 h1:iM5WgngdRBanHcxugY4JySA0nk1wZorNOpTgCMedv5E= +github.com/fxamacker/cbor/v2 v2.7.0/go.mod h1:pxXPTn3joSm21Gbwsv0w9OSA2y1HFR9qXEeXQVeNoDQ= github.com/go-logr/logr v1.4.2 h1:6pFjapn8bFcIbiKo3XT4j/BhANplGihG6tvd+8rYgrY= github.com/go-logr/logr v1.4.2/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= -github.com/go-logr/zapr v1.2.4 h1:QHVo+6stLbfJmYGkQ7uGHUCu5hnAFAj6mDe6Ea0SeOo= -github.com/go-logr/zapr v1.2.4/go.mod h1:FyHWQIzQORZ0QVE1BtVHv3cKtNLuXsbNLtpuhNapBOA= +github.com/go-logr/zapr v1.3.0 h1:XGdV8XW8zdwFiwOA2Dryh1gj2KRQyOOoNmBy4EplIcQ= +github.com/go-logr/zapr v1.3.0/go.mod h1:YKepepNBd1u/oyhd/yQmtjVXmm9uML4IXUgMOwR8/Gg= github.com/go-openapi/jsonpointer v0.19.6 h1:eCs3fxoIi3Wh6vtgmLTOjdhSpiqphQ+DaPn38N2ZdrE= github.com/go-openapi/jsonpointer v0.19.6/go.mod h1:osyAmYz/mB/C3I+WsTTSgw1ONzaLJoLCyoi6/zppojs= github.com/go-openapi/jsonreference v0.20.2 h1:3sVjiK66+uXK/6oQ8xgcRKcFgQ5KXa2KvnJRumpMGbE= github.com/go-openapi/jsonreference v0.20.2/go.mod h1:Bl1zwGIM8/wsvqjsOQLJ/SH+En5Ap4rVB5KVcIDZG2k= -github.com/go-openapi/swag v0.22.3 h1:yMBqmnQ0gyZvEb/+KzuWZOXgllrXT4SADYbvDaXHv/g= github.com/go-openapi/swag v0.22.3/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= -github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI= -github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572/go.mod h1:9Pwr4B2jHnOSGXyyzV8ROjYa2ojvAY6HCGYYfMoC3Ls= +github.com/go-openapi/swag v0.22.4 h1:QLMzNJnMGPRNDCbySlcj1x01tzU8/9LTTL9hZZZogBU= +github.com/go-openapi/swag v0.22.4/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= +github.com/go-task/slim-sprig/v3 v3.0.0 h1:sUs3vkvUymDpBKi3qH1YSqBQk9+9D/8M2mN1vB6EwHI= +github.com/go-task/slim-sprig/v3 v3.0.0/go.mod h1:W848ghGpv3Qj3dhTPRyJypKRiqCdHZiAzKg9hl15HA8= github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE= github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= -github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek= github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps= github.com/google/gnostic-models v0.6.8 h1:yo/ABAfM5IMRsS1VnXjTBvUb61tFIHozhlYvRgGre9I= @@ -47,13 +44,12 @@ github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeN github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0= github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1 h1:K6RDEckDVWvDI9JAJYCmNdQXq6neHJOYx3V6jnqNEec= -github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= -github.com/google/uuid v1.4.0 h1:MtMxsa51/r9yyhkyLsVeVt0B+BGQZzpQiTQ4eHZ8bc4= -github.com/google/uuid v1.4.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/google/pprof v0.0.0-20240525223248-4bfdf5a9a2af h1:kmjWCqn2qkEml422C2Rrd27c3VGxi6a/6HNq8QmHRKM= +github.com/google/pprof v0.0.0-20240525223248-4bfdf5a9a2af/go.mod h1:K1liHPHnj73Fdn/EKuT8nrFqBihUSKXoLYU0BuatOYo= +github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= +github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/imdario/mergo v0.3.13 h1:lFzP57bqS/wsqKssCGmtLAb8A0wKjLGrve2q3PPVcBk= github.com/imdario/mergo v0.3.13/go.mod h1:4lJ1jqUDcsbIECGy0RUJAXNIhg+6ocWgb1ALK2O4oXg= -github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI= github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY= github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y= github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM= @@ -62,7 +58,6 @@ github.com/kelseyhightower/envconfig v1.4.0 h1:Im6hONhd3pLkfDFsbRgu68RDNkGF1r3dv github.com/kelseyhightower/envconfig v1.4.0/go.mod h1:cccZRl6mQpaq41TPp5QxidR+Sa3axMbJDNb//FQX6Gg= github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= -github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= @@ -72,8 +67,6 @@ github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0= github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= -github.com/matttproud/golang_protobuf_extensions v1.0.4 h1:mmDVorXM7PCGKw94cs5zkfA9PSy5pEvNWRP0ET0TIVo= -github.com/matttproud/golang_protobuf_extensions v1.0.4/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4= github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= @@ -81,25 +74,25 @@ github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9G github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= -github.com/onsi/ginkgo/v2 v2.13.0 h1:0jY9lJquiL8fcf3M4LAXN5aMlS/b2BV86HFFPCPMgE4= -github.com/onsi/ginkgo/v2 v2.13.0/go.mod h1:TE309ZR8s5FsKKpuB1YAQYBzCaAfUgatB/xlT/ETL/o= -github.com/onsi/gomega v1.29.0 h1:KIA/t2t5UBzoirT4H9tsML45GEbo3ouUnBHsCfD2tVg= -github.com/onsi/gomega v1.29.0/go.mod h1:9sxs+SwGrKI0+PWe4Fxa9tFQQBG5xSsSbMXOI8PPpoQ= -github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/onsi/ginkgo/v2 v2.19.0 h1:9Cnnf7UHo57Hy3k6/m5k3dRfGTMXGvxhHFvkDTCTpvA= +github.com/onsi/ginkgo/v2 v2.19.0/go.mod h1:rlwLi9PilAFJ8jCg9UE1QP6VBpd6/xj3SRC0d6TU0To= +github.com/onsi/gomega v1.33.1 h1:dsYjIxxSR755MDmKVsaFQTE22ChNBcuuTWgkUDSubOk= +github.com/onsi/gomega v1.33.1/go.mod h1:U4R44UsT+9eLIaYRB2a5qajjtQYn0hauxvRm16AVYg0= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= -github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/prometheus/client_golang v1.16.0 h1:yk/hx9hDbrGHovbci4BY+pRMfSuuat626eFsHb7tmT8= -github.com/prometheus/client_golang v1.16.0/go.mod h1:Zsulrv/L9oM40tJ7T815tM89lFEugiJ9HzIqaAx4LKc= -github.com/prometheus/client_model v0.4.0 h1:5lQXD3cAg1OXBf4Wq03gTrXHeaV0TQvGfUooCfx1yqY= -github.com/prometheus/client_model v0.4.0/go.mod h1:oMQmHW1/JoDwqLtg57MGgP/Fb1CJEYF2imWWhWtMkYU= -github.com/prometheus/common v0.44.0 h1:+5BrQJwiBB9xsMygAB3TNvpQKOwlkc25LbISbrdOOfY= -github.com/prometheus/common v0.44.0/go.mod h1:ofAIvZbQ1e/nugmZGz4/qCb9Ap1VoSTIO7x0VV9VvuY= -github.com/prometheus/procfs v0.10.1 h1:kYK1Va/YMlutzCGazswoHKo//tZVlFpKYh+PymziUAg= -github.com/prometheus/procfs v0.10.1/go.mod h1:nwNm2aOCAYw8uTR/9bWRREkZFxAUcWzPHWJq+XBB/FM= -github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ= -github.com/rogpeppe/go-internal v1.10.0/go.mod h1:UQnix2H7Ngw/k4C5ijL5+65zddjncjaFoBhdsK/akog= +github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U= +github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/prometheus/client_golang v1.19.1 h1:wZWJDwK+NameRJuPGDhlnFgx8e8HN3XHQeLaYJFJBOE= +github.com/prometheus/client_golang v1.19.1/go.mod h1:mP78NwGzrVks5S2H6ab8+ZZGJLZUq1hoULYBAYBw1Ho= +github.com/prometheus/client_model v0.6.1 h1:ZKSh/rekM+n3CeS952MLRAdFwIKqeY8b62p8ais2e9E= +github.com/prometheus/client_model v0.6.1/go.mod h1:OrxVMOVHjw3lKMa8+x6HeMGkHMQyHDk9E3jmP2AmGiY= +github.com/prometheus/common v0.55.0 h1:KEi6DK7lXW/m7Ig5i47x0vRzuBsHuvJdi5ee6Y3G1dc= +github.com/prometheus/common v0.55.0/go.mod h1:2SECS4xJG1kd8XF9IcM1gMX6510RAEL65zxzNImwdc8= +github.com/prometheus/procfs v0.15.1 h1:YagwOFzUgYfKKHX6Dr+sHT7km/hxC76UB0learggepc= +github.com/prometheus/procfs v0.15.1/go.mod h1:fB45yRUv8NstnjriLhBQLuOUt+WW4BsoGhij/e3PBqk= +github.com/rogpeppe/go-internal v1.12.0 h1:exVL4IDcn6na9z1rAb56Vxr+CgyK3nn3O+epU5NdKM8= +github.com/rogpeppe/go-internal v1.12.0/go.mod h1:E+RYuTGaKKdloAfM02xzb0FW3Paa99yedzYV+kq4uf4= github.com/spf13/afero v1.11.0 h1:WJQKhtpdm3v2IzqG8VMqrr6Rf3UYpEF239Jy9wNepM8= github.com/spf13/afero v1.11.0/go.mod h1:GH9Y3pIexgf1MTIWtNGyogA5MwRIDXGUr+hbWNoBjkY= github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= @@ -108,48 +101,40 @@ github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+ github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= -github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg= github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= +github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM= +github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= -go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= -go.uber.org/goleak v1.1.11/go.mod h1:cwTWslyiVhfpKIDGSZEM2HlOvcqm+tG4zioyIeLoqMQ= -go.uber.org/goleak v1.2.1 h1:NBol2c7O1ZokfZ0LEU9K6Whx/KnwvepVetCUhtKja4A= -go.uber.org/goleak v1.2.1/go.mod h1:qlT2yGI9QafXHhZZLxlSuNsMw3FFLxBr+tBRlmO1xH4= -go.uber.org/multierr v1.6.0/go.mod h1:cdWPpRnG4AhwMwsgIHip0KRBQjJy5kYEpYjJxpXp9iU= +go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto= +go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE= go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0= go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y= -go.uber.org/zap v1.24.0/go.mod h1:2kMP+WWQ8aoFoedH3T2sq6iJ2yDWpHbP0f6MQbS9Gkg= -go.uber.org/zap v1.25.0 h1:4Hvk6GtkucQ790dqmj7l1eEnRdKm3k3ZUrUMS2d5+5c= -go.uber.org/zap v1.25.0/go.mod h1:JIAUzQIH94IC4fOJQm7gMmBJP5k7wQfdcnYdPoEXJYk= +go.uber.org/zap v1.26.0 h1:sI7k6L95XOKS281NhVKOFCUNIvv9e0w4BF8N3u+tCRo= +go.uber.org/zap v1.26.0/go.mod h1:dtElttAiwGvoJ/vj4IwHBS/gXsEu/pZ50mUIRWuG0so= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.28.0/go.mod h1:rmgy+3RHxRZMyY0jjAJShp2zgEdOqj2AO7U0pYmeQ7U= -golang.org/x/exp v0.0.0-20220722155223-a9213eeb770e h1:+WEEuIdZHnUeJJmEUjyYC2gfUMj69yZXw17EnHg/otA= -golang.org/x/exp v0.0.0-20220722155223-a9213eeb770e/go.mod h1:Kr81I6Kryrl9sr8s2FK3vxD90NdsKWRuOIl2O4CvYbA= -golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= +golang.org/x/exp v0.0.0-20230515195305-f3d0a9c9a5cc h1:mCRnTeVUjcrhlRmO0VK8a6k6Rrf6TF9htwo2pJVSjIU= +golang.org/x/exp v0.0.0-20230515195305-f3d0a9c9a5cc/go.mod h1:V1LtkGg67GoY2N1AnLN78QLrzxkLyJw7RJb1gzOOz9w= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= golang.org/x/mod v0.12.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/mod v0.15.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= golang.org/x/mod v0.17.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= golang.org/x/net v0.30.0 h1:AcW1SDZMkb8IpzCdQUaIq2sP4sZ4zw+55h6ynffypl4= golang.org/x/net v0.30.0/go.mod h1:2wGyMJ5iFasEhkwi13ChkO/t1ECNC4X4eBKkVFyYFlU= -golang.org/x/oauth2 v0.15.0 h1:s8pnnxNVzjWyrvYdFUQq5llS1PX2zhPXmccZv99h7uQ= -golang.org/x/oauth2 v0.15.0/go.mod h1:q48ptWNTY5XWf+JNten23lcvHpLJ0ZSxF5ttTHKVCAM= -golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/oauth2 v0.21.0 h1:tsimM75w1tF/uws5rbeHzIWxEqElMehnc+iW793zsZs= +golang.org/x/oauth2 v0.21.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.3.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y= golang.org/x/sync v0.6.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= @@ -157,7 +142,6 @@ golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sync v0.8.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= @@ -169,7 +153,6 @@ golang.org/x/telemetry v0.0.0-20240228155512-f48c80bd79b2/go.mod h1:TeRTkGYfJXct golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.25.0 h1:WtHI/ltw4NvSUig5KARz9h521QvRC8RmF/cuYqifU24= golang.org/x/term v0.25.0/go.mod h1:RPyXicDX+6vLxogjjRxjgD2TKtmAO6NZBsBRfrOLu7M= -golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= golang.org/x/text v0.19.0 h1:kTxAhCbGbxhK0IwgSKiMO5awPoDQ0RpfiVYBfK860YM= @@ -177,11 +160,9 @@ golang.org/x/text v0.19.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY= golang.org/x/time v0.5.0 h1:o7cqy6amK/52YcAKIPlM3a+Fpj35zvRj2TP+e1xFSfk= golang.org/x/time v0.5.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= golang.org/x/tools v0.13.0/go.mod h1:HvlwmtVNQAhOuCjW7xxvovg8wbNq7LwfXh/k7wXUl58= golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d h1:vU5i/LfpvrRCpgM/VPfJLg5KjxD3E+hfT1SH+d9zLwg= @@ -192,14 +173,13 @@ golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8T golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= gomodules.xyz/jsonpatch/v2 v2.4.0 h1:Ci3iUJyx9UeRx7CeFN8ARgGbkESwJK+KB9lLcWxY/Zw= gomodules.xyz/jsonpatch/v2 v2.4.0/go.mod h1:AH3dM2RI6uoBZxn3LVrfvJ3E0/9dG4cSrbuBJT4moAY= -google.golang.org/appengine v1.6.7 h1:FZR1q0exgwxzPzp/aF+VccGrSfxfPpkBqjIIEq3ru6c= -google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= google.golang.org/protobuf v1.35.1 h1:m3LfL6/Ca+fqnjnlqQXNpFPABW1UD7mjh8KO2mKFytA= google.golang.org/protobuf v1.35.1/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= +gopkg.in/evanphx/json-patch.v4 v4.12.0 h1:n6jtcsulIzXPJaxegRbvFNNrZDjbij7ny3gmSPG+6V4= +gopkg.in/evanphx/json-patch.v4 v4.12.0/go.mod h1:p8EYWUEYMpynmqDbY58zCKCFZw8pRWMG4EsWvDvM72M= gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= @@ -209,27 +189,25 @@ gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C gopkg.in/yaml.v3 v3.0.0/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -k8s.io/api v0.29.9 h1:FwdflpNsfMUYUOblMZNWJ4K/q0OSL5A4jGa0iOgcJco= -k8s.io/api v0.29.9/go.mod h1:fNhmzRfKaSEHCmczA/jRx6CiDKhYOnFLJBERMJAXEk8= -k8s.io/apiextensions-apiserver v0.29.9 h1:EB6RK06kFJjbzBwU1YiVznxrcgBE0hhDWt6EQQIcOy4= -k8s.io/apiextensions-apiserver v0.29.9/go.mod h1:jcaHG6R/bB1iU6XzC1DMhB1x2ktTJLt2KKpg6B65Z2c= -k8s.io/apimachinery v0.29.9 h1:YZ8HUid1TzQVz94cnNlsQjLdH0VoAhWSqz7t0q6B12A= -k8s.io/apimachinery v0.29.9/go.mod h1:i3FJVwhvSp/6n8Fl4K97PJEP8C+MM+aoDq4+ZJBf70Y= -k8s.io/client-go v0.29.9 h1:4f/Wz6li3rEyIPFj32XAQMtOGMM1tg7KQi1oeS6ibPg= -k8s.io/client-go v0.29.9/go.mod h1:2N1drQEZ5yiYrWVaE2Un8JiISUhl47D8pyZlYLszke4= -k8s.io/component-base v0.29.9 h1:lPENvp3CCwdeMEWGjiTfn5b287qQYuK7gX32OBOovmA= -k8s.io/component-base v0.29.9/go.mod h1:NGDa6Ih0EdcLA2G4K2ZYySoiB+2Tn+rmSqPyudCPgDY= -k8s.io/klog/v2 v2.110.1 h1:U/Af64HJf7FcwMcXyKm2RPM22WZzyR7OSpYj5tg3cL0= -k8s.io/klog/v2 v2.110.1/go.mod h1:YGtd1984u+GgbuZ7e08/yBuAfKLSO0+uR1Fhi6ExXjo= -k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 h1:aVUu9fTY98ivBPKR9Y5w/AuzbMm96cd3YHRTU83I780= -k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00/go.mod h1:AsvuZPBlUDVuCdzJ87iajxtXuR9oktsTctW/R9wwouA= -k8s.io/utils v0.0.0-20230726121419-3b25d923346b h1:sgn3ZU783SCgtaSJjpcVVlRqd6GSnlTLKgpAAttJvpI= -k8s.io/utils v0.0.0-20230726121419-3b25d923346b/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= -sigs.k8s.io/controller-runtime v0.16.6 h1:FiXwTuFF5ZJKmozfP2Z0j7dh6kmxP4Ou1KLfxgKKC3I= -sigs.k8s.io/controller-runtime v0.16.6/go.mod h1:+dQzkZxnylD0u49e0a+7AR+vlibEBaThmPca7lTyUsI= +k8s.io/api v0.31.2 h1:3wLBbL5Uom/8Zy98GRPXpJ254nEFpl+hwndmk9RwmL0= +k8s.io/api v0.31.2/go.mod h1:bWmGvrGPssSK1ljmLzd3pwCQ9MgoTsRCuK35u6SygUk= +k8s.io/apiextensions-apiserver v0.31.2 h1:W8EwUb8+WXBLu56ser5IudT2cOho0gAKeTOnywBLxd0= +k8s.io/apiextensions-apiserver v0.31.2/go.mod h1:i+Geh+nGCJEGiCGR3MlBDkS7koHIIKWVfWeRFiOsUcM= +k8s.io/apimachinery v0.31.2 h1:i4vUt2hPK56W6mlT7Ry+AO8eEsyxMD1U44NR22CLTYw= +k8s.io/apimachinery v0.31.2/go.mod h1:rsPdaZJfTfLsNJSQzNHQvYoTmxhoOEofxtOsF3rtsMo= +k8s.io/client-go v0.31.2 h1:Y2F4dxU5d3AQj+ybwSMqQnpZH9F30//1ObxOKlTI9yc= +k8s.io/client-go v0.31.2/go.mod h1:NPa74jSVR/+eez2dFsEIHNa+3o09vtNaWwWwb1qSxSs= +k8s.io/klog/v2 v2.130.1 h1:n9Xl7H1Xvksem4KFG4PYbdQCQxqc/tTUyrgXaOhHSzk= +k8s.io/klog/v2 v2.130.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= +k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 h1:BZqlfIlq5YbRMFko6/PM7FjZpUb45WallggurYhKGag= +k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340/go.mod h1:yD4MZYeKMBwQKVht279WycxKyM84kkAx2DPrTXaeb98= +k8s.io/utils v0.0.0-20240711033017-18e509b52bc8 h1:pUdcCO1Lk/tbT5ztQWOBi5HBgbBP1J8+AsQnQCKsi8A= +k8s.io/utils v0.0.0-20240711033017-18e509b52bc8/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +sigs.k8s.io/controller-runtime v0.19.1 h1:Son+Q40+Be3QWb+niBXAg2vFiYWolDjjRfO8hn/cxOk= +sigs.k8s.io/controller-runtime v0.19.1/go.mod h1:iRmWllt8IlaLjvTTDLhRBXIEtkCK6hwVBJJsYS9Ajf4= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= sigs.k8s.io/structured-merge-diff/v4 v4.4.1 h1:150L+0vs/8DA78h1u02ooW1/fFq/Lwr+sGiqlzvrtq4= sigs.k8s.io/structured-merge-diff/v4 v4.4.1/go.mod h1:N8hJocpFajUSSeSJ9bOZ77VzejKZaXsTtZo4/u7Io08= -sigs.k8s.io/yaml v1.3.0 h1:a2VclLzOGrwOHDiV8EfBGhvjHvP46CtW5j6POvhYGGo= -sigs.k8s.io/yaml v1.3.0/go.mod h1:GeOyir5tyXNByN85N/dRIT9es5UQNerPYEKK56eTBm8= +sigs.k8s.io/yaml v1.4.0 h1:Mk1wCc2gy/F0THH0TAp1QYyJNzRm2KCLy3o5ASXVI5E= +sigs.k8s.io/yaml v1.4.0/go.mod h1:Ejl7/uTz7PSA4eKMyQCUTnhZYNmLIl+5c2lQPGR2BPY= diff --git a/lifecycle-operator/Makefile b/lifecycle-operator/Makefile index 8f1f14847a..6d055d8165 100644 --- a/lifecycle-operator/Makefile +++ b/lifecycle-operator/Makefile @@ -27,7 +27,7 @@ ENVTEST_K8S_VERSION=1.27.1 # renovate: datasource=github-tags depName=kubernetes-sigs/kustomize KUSTOMIZE_VERSION?=v5.5.0 # renovate: datasource=github-releases depName=kubernetes-sigs/controller-tools -CONTROLLER_TOOLS_VERSION?=v0.16.4 +CONTROLLER_TOOLS_VERSION?=v0.16.5 # Get the currently used golang install path (in GOPATH/bin, unless GOBIN is set) ifeq (,$(shell go env GOBIN)) diff --git a/lifecycle-operator/chart/templates/keptnapp-crd.yaml b/lifecycle-operator/chart/templates/keptnapp-crd.yaml index d86bc604c6..562f8d730b 100644 --- a/lifecycle-operator/chart/templates/keptnapp-crd.yaml +++ b/lifecycle-operator/chart/templates/keptnapp-crd.yaml @@ -3,7 +3,7 @@ kind: CustomResourceDefinition metadata: name: keptnapps.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 {{- with .Values.global.caInjectionAnnotations }} {{- toYaml . | nindent 4 }} {{- end }} diff --git a/lifecycle-operator/chart/templates/keptnappcontext-crd.yaml b/lifecycle-operator/chart/templates/keptnappcontext-crd.yaml index 7601a8490d..d28c225e18 100644 --- a/lifecycle-operator/chart/templates/keptnappcontext-crd.yaml +++ b/lifecycle-operator/chart/templates/keptnappcontext-crd.yaml @@ -3,7 +3,7 @@ kind: CustomResourceDefinition metadata: name: keptnappcontexts.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 cert-manager.io/inject-ca-from: '{{ .Release.Namespace }}/keptn-certs' {{- include "common.annotations" ( dict "context" . ) }} labels: diff --git a/lifecycle-operator/chart/templates/keptnappcreationrequest-crd.yaml b/lifecycle-operator/chart/templates/keptnappcreationrequest-crd.yaml index dea7602e7e..d219f73254 100644 --- a/lifecycle-operator/chart/templates/keptnappcreationrequest-crd.yaml +++ b/lifecycle-operator/chart/templates/keptnappcreationrequest-crd.yaml @@ -3,7 +3,7 @@ kind: CustomResourceDefinition metadata: name: keptnappcreationrequests.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 {{- with .Values.global.caInjectionAnnotations }} {{- toYaml . | nindent 4 }} {{- end }} diff --git a/lifecycle-operator/chart/templates/keptnappversion-crd.yaml b/lifecycle-operator/chart/templates/keptnappversion-crd.yaml index 33ccf08a07..e4935aae3e 100644 --- a/lifecycle-operator/chart/templates/keptnappversion-crd.yaml +++ b/lifecycle-operator/chart/templates/keptnappversion-crd.yaml @@ -3,7 +3,7 @@ kind: CustomResourceDefinition metadata: name: keptnappversions.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 {{- with .Values.global.caInjectionAnnotations }} {{- toYaml . | nindent 4 }} {{- end }} diff --git a/lifecycle-operator/chart/templates/keptnconfig-crd.yaml b/lifecycle-operator/chart/templates/keptnconfig-crd.yaml index 1978a0b7a6..dd54b70e93 100644 --- a/lifecycle-operator/chart/templates/keptnconfig-crd.yaml +++ b/lifecycle-operator/chart/templates/keptnconfig-crd.yaml @@ -3,7 +3,7 @@ kind: CustomResourceDefinition metadata: name: keptnconfigs.options.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 {{- with .Values.global.caInjectionAnnotations }} {{- toYaml . | nindent 4 }} {{- end }} diff --git a/lifecycle-operator/chart/templates/keptnevaluation-crd.yaml b/lifecycle-operator/chart/templates/keptnevaluation-crd.yaml index c6f94382d8..ad163ab13c 100644 --- a/lifecycle-operator/chart/templates/keptnevaluation-crd.yaml +++ b/lifecycle-operator/chart/templates/keptnevaluation-crd.yaml @@ -3,7 +3,7 @@ kind: CustomResourceDefinition metadata: name: keptnevaluations.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 {{- with .Values.global.caInjectionAnnotations }} {{- toYaml . | nindent 4 }} {{- end }} diff --git a/lifecycle-operator/chart/templates/keptnevaluationdefinition-crd.yaml b/lifecycle-operator/chart/templates/keptnevaluationdefinition-crd.yaml index d91e028b80..3383127b4a 100644 --- a/lifecycle-operator/chart/templates/keptnevaluationdefinition-crd.yaml +++ b/lifecycle-operator/chart/templates/keptnevaluationdefinition-crd.yaml @@ -3,7 +3,7 @@ kind: CustomResourceDefinition metadata: name: keptnevaluationdefinitions.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 {{- with .Values.global.caInjectionAnnotations }} {{- toYaml . | nindent 4 }} {{- end }} diff --git a/lifecycle-operator/chart/templates/keptntask-crd.yaml b/lifecycle-operator/chart/templates/keptntask-crd.yaml index fa39cae8fe..27f4d7d2df 100644 --- a/lifecycle-operator/chart/templates/keptntask-crd.yaml +++ b/lifecycle-operator/chart/templates/keptntask-crd.yaml @@ -4,7 +4,7 @@ kind: CustomResourceDefinition metadata: name: keptntasks.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 {{- with .Values.global.caInjectionAnnotations }} {{- toYaml . | nindent 4 }} {{- end }} diff --git a/lifecycle-operator/chart/templates/keptntaskdefinition-crd.yaml b/lifecycle-operator/chart/templates/keptntaskdefinition-crd.yaml index 3d8b928468..b964b036a5 100644 --- a/lifecycle-operator/chart/templates/keptntaskdefinition-crd.yaml +++ b/lifecycle-operator/chart/templates/keptntaskdefinition-crd.yaml @@ -3,7 +3,7 @@ kind: CustomResourceDefinition metadata: name: keptntaskdefinitions.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 {{- with .Values.global.caInjectionAnnotations }} {{- toYaml . | nindent 4 }} {{- end }} @@ -75,6 +75,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic command: description: |- Entrypoint array. Not executed within a shell. @@ -88,6 +89,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic env: description: |- List of environment variables to set in the container. @@ -123,10 +125,13 @@ spec: description: The key to select. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its @@ -186,10 +191,13 @@ spec: be a valid secret key. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -204,6 +212,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map envFrom: description: |- List of sources to populate environment variables in the container. @@ -220,10 +231,13 @@ spec: description: The ConfigMap to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap must be defined @@ -238,10 +252,13 @@ spec: description: The Secret to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret must be defined @@ -250,6 +267,7 @@ spec: x-kubernetes-map-type: atomic type: object type: array + x-kubernetes-list-type: atomic image: description: |- Container image name. @@ -290,6 +308,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -319,6 +338,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -339,6 +359,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -387,6 +418,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -416,6 +448,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -436,6 +469,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -480,6 +524,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -496,11 +541,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -534,6 +579,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -690,6 +736,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -706,11 +753,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -744,6 +791,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -857,11 +905,9 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. @@ -872,6 +918,12 @@ spec: the Pod where this field is used. It makes that resource available inside a container. type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string required: - name type: object @@ -938,6 +990,30 @@ spec: 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. type: boolean + appArmorProfile: + description: |- + appArmorProfile is the AppArmor options to use by this container. If set, this profile + overrides the pod's appArmorProfile. + Note that this field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: |- + localhostProfile indicates a profile loaded on the node that should be used. + The profile must be preconfigured on the node to work. + Must match the loaded name of the profile. + Must be set if and only if type is "Localhost". + type: string + type: + description: |- + type indicates which kind of AppArmor profile will be applied. + Valid options are: + Localhost - a profile pre-loaded on the node. + RuntimeDefault - the container runtime's default profile. + Unconfined - no AppArmor enforcement. + type: string + required: + - type + type: object capabilities: description: |- The capabilities to add/drop when running containers. @@ -951,6 +1027,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic drop: description: Removed capabilities items: @@ -958,6 +1035,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic type: object privileged: description: |- @@ -969,7 +1047,7 @@ spec: procMount: description: |- procMount denotes the type of proc mount to use for the containers. - The default is DefaultProcMount which uses the container runtime defaults for + The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. @@ -1051,7 +1129,6 @@ spec: type indicates which kind of seccomp profile will be applied. Valid options are: - Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. @@ -1115,6 +1192,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -1131,11 +1209,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -1169,6 +1247,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -1310,6 +1389,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - devicePath + x-kubernetes-list-type: map volumeMounts: description: |- Pod volumes to mount into the container's filesystem. @@ -1329,6 +1411,8 @@ spec: to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). type: string name: description: This must match the Name of a Volume. @@ -1338,6 +1422,25 @@ spec: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string subPath: description: |- Path within the volume from which the container's volume should be mounted. @@ -1355,6 +1458,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - mountPath + x-kubernetes-list-type: map workingDir: description: |- Container's working directory. @@ -1447,10 +1553,13 @@ spec: referenced object inside the same namespace. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -1784,6 +1893,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic command: description: |- Entrypoint array. Not executed within a shell. @@ -1797,6 +1907,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic env: description: |- List of environment variables to set in the container. @@ -1832,10 +1943,13 @@ spec: description: The key to select. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its @@ -1895,10 +2009,13 @@ spec: be a valid secret key. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -1913,6 +2030,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map envFrom: description: |- List of sources to populate environment variables in the container. @@ -1929,10 +2049,13 @@ spec: description: The ConfigMap to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap must be defined @@ -1947,10 +2070,13 @@ spec: description: The Secret to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret must be defined @@ -1959,6 +2085,7 @@ spec: x-kubernetes-map-type: atomic type: object type: array + x-kubernetes-list-type: atomic image: description: |- Container image name. @@ -1999,6 +2126,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -2028,6 +2156,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -2048,6 +2177,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -2096,6 +2236,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -2125,6 +2266,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -2145,6 +2287,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -2189,6 +2342,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -2205,11 +2359,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -2243,6 +2397,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -2399,6 +2554,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -2415,11 +2571,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -2453,6 +2609,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -2566,11 +2723,9 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. @@ -2581,6 +2736,12 @@ spec: the Pod where this field is used. It makes that resource available inside a container. type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string required: - name type: object @@ -2647,6 +2808,30 @@ spec: 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. type: boolean + appArmorProfile: + description: |- + appArmorProfile is the AppArmor options to use by this container. If set, this profile + overrides the pod's appArmorProfile. + Note that this field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: |- + localhostProfile indicates a profile loaded on the node that should be used. + The profile must be preconfigured on the node to work. + Must match the loaded name of the profile. + Must be set if and only if type is "Localhost". + type: string + type: + description: |- + type indicates which kind of AppArmor profile will be applied. + Valid options are: + Localhost - a profile pre-loaded on the node. + RuntimeDefault - the container runtime's default profile. + Unconfined - no AppArmor enforcement. + type: string + required: + - type + type: object capabilities: description: |- The capabilities to add/drop when running containers. @@ -2660,6 +2845,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic drop: description: Removed capabilities items: @@ -2667,6 +2853,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic type: object privileged: description: |- @@ -2678,7 +2865,7 @@ spec: procMount: description: |- procMount denotes the type of proc mount to use for the containers. - The default is DefaultProcMount which uses the container runtime defaults for + The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. @@ -2760,7 +2947,6 @@ spec: type indicates which kind of seccomp profile will be applied. Valid options are: - Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. @@ -2824,6 +3010,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -2840,11 +3027,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -2878,6 +3065,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -3019,6 +3207,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - devicePath + x-kubernetes-list-type: map volumeMounts: description: |- Pod volumes to mount into the container's filesystem. @@ -3038,6 +3229,8 @@ spec: to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). type: string name: description: This must match the Name of a Volume. @@ -3047,6 +3240,25 @@ spec: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string subPath: description: |- Path within the volume from which the container's volume should be mounted. @@ -3064,6 +3276,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - mountPath + x-kubernetes-list-type: map workingDir: description: |- Container's working directory. @@ -3230,10 +3445,13 @@ spec: referenced object inside the same namespace. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -3415,6 +3633,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic command: description: |- Entrypoint array. Not executed within a shell. @@ -3428,6 +3647,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic env: description: |- List of environment variables to set in the container. @@ -3463,10 +3683,13 @@ spec: description: The key to select. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its @@ -3526,10 +3749,13 @@ spec: be a valid secret key. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -3544,6 +3770,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map envFrom: description: |- List of sources to populate environment variables in the container. @@ -3560,10 +3789,13 @@ spec: description: The ConfigMap to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap must be defined @@ -3578,10 +3810,13 @@ spec: description: The Secret to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret must be defined @@ -3590,6 +3825,7 @@ spec: x-kubernetes-map-type: atomic type: object type: array + x-kubernetes-list-type: atomic image: description: |- Container image name. @@ -3630,6 +3866,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -3659,6 +3896,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -3679,6 +3917,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -3727,6 +3976,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -3756,6 +4006,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -3776,6 +4027,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -3820,6 +4082,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -3836,11 +4099,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -3874,6 +4137,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -4030,6 +4294,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -4046,11 +4311,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -4084,6 +4349,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -4197,11 +4463,9 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. @@ -4212,6 +4476,12 @@ spec: the Pod where this field is used. It makes that resource available inside a container. type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string required: - name type: object @@ -4278,6 +4548,30 @@ spec: 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. type: boolean + appArmorProfile: + description: |- + appArmorProfile is the AppArmor options to use by this container. If set, this profile + overrides the pod's appArmorProfile. + Note that this field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: |- + localhostProfile indicates a profile loaded on the node that should be used. + The profile must be preconfigured on the node to work. + Must match the loaded name of the profile. + Must be set if and only if type is "Localhost". + type: string + type: + description: |- + type indicates which kind of AppArmor profile will be applied. + Valid options are: + Localhost - a profile pre-loaded on the node. + RuntimeDefault - the container runtime's default profile. + Unconfined - no AppArmor enforcement. + type: string + required: + - type + type: object capabilities: description: |- The capabilities to add/drop when running containers. @@ -4291,6 +4585,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic drop: description: Removed capabilities items: @@ -4298,6 +4593,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic type: object privileged: description: |- @@ -4309,7 +4605,7 @@ spec: procMount: description: |- procMount denotes the type of proc mount to use for the containers. - The default is DefaultProcMount which uses the container runtime defaults for + The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. @@ -4391,7 +4687,6 @@ spec: type indicates which kind of seccomp profile will be applied. Valid options are: - Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. @@ -4455,6 +4750,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -4471,11 +4767,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -4509,6 +4805,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -4650,6 +4947,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - devicePath + x-kubernetes-list-type: map volumeMounts: description: |- Pod volumes to mount into the container's filesystem. @@ -4669,6 +4969,8 @@ spec: to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). type: string name: description: This must match the Name of a Volume. @@ -4678,6 +4980,25 @@ spec: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string subPath: description: |- Path within the volume from which the container's volume should be mounted. @@ -4695,6 +5016,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - mountPath + x-kubernetes-list-type: map workingDir: description: |- Container's working directory. @@ -4861,10 +5185,13 @@ spec: referenced object inside the same namespace. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic diff --git a/lifecycle-operator/chart/templates/keptnworkload-crd.yaml b/lifecycle-operator/chart/templates/keptnworkload-crd.yaml index ac7f9b9018..1214f81385 100644 --- a/lifecycle-operator/chart/templates/keptnworkload-crd.yaml +++ b/lifecycle-operator/chart/templates/keptnworkload-crd.yaml @@ -3,7 +3,7 @@ kind: CustomResourceDefinition metadata: name: keptnworkloads.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 {{- with .Values.global.caInjectionAnnotations }} {{- toYaml . | nindent 4 }} {{- end }} diff --git a/lifecycle-operator/chart/templates/keptnworkloadversion-crd.yaml b/lifecycle-operator/chart/templates/keptnworkloadversion-crd.yaml index 92d6219103..b7f3b7c581 100644 --- a/lifecycle-operator/chart/templates/keptnworkloadversion-crd.yaml +++ b/lifecycle-operator/chart/templates/keptnworkloadversion-crd.yaml @@ -3,7 +3,7 @@ kind: CustomResourceDefinition metadata: name: keptnworkloadversions.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 {{- with .Values.global.caInjectionAnnotations }} {{- toYaml . | nindent 4 }} {{- end }} diff --git a/lifecycle-operator/chart/templates/lifecycle-operator-rbac.yaml b/lifecycle-operator/chart/templates/lifecycle-operator-rbac.yaml index 1f45b3ff8c..a3238406b0 100644 --- a/lifecycle-operator/chart/templates/lifecycle-operator-rbac.yaml +++ b/lifecycle-operator/chart/templates/lifecycle-operator-rbac.yaml @@ -10,42 +10,6 @@ metadata: labels: {{- include "common.labels.standard" ( dict "context" . ) | nindent 4 }} rules: -- apiGroups: - - apps - resources: - - daemonsets - - deployments - - replicasets - - statefulsets - verbs: - - get - - list - - watch -- apiGroups: - - argoproj.io - resources: - - rollouts - verbs: - - get - - list - - watch -- apiGroups: - - batch - resources: - - jobs - verbs: - - create - - get - - list - - update - - watch -- apiGroups: - - batch - resources: - - jobs/status - verbs: - - get - - list - apiGroups: - "" resources: @@ -91,8 +55,8 @@ rules: verbs: - get - list - - watch - update + - watch - apiGroups: - "" resources: @@ -100,120 +64,45 @@ rules: verbs: - get - apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappcontexts - verbs: - - get - - list - - watch -- apiGroups: - - lifecycle.keptn.sh + - apps resources: - - keptnappcreationrequests + - daemonsets + - deployments + - replicasets + - statefulsets verbs: - - create - - delete - get - list - - patch - - update - watch - apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappcreationrequests/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappcreationrequests/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh + - argoproj.io resources: - - keptnapps + - rollouts verbs: - - create - - delete - get - list - - patch - - update - watch - apiGroups: - - lifecycle.keptn.sh - resources: - - keptnapps/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnapps/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh + - batch resources: - - keptnappversion + - jobs verbs: - create - - delete - get - list - - patch - update - watch - apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappversion/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappversion/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh + - batch resources: - - keptnappversions + - jobs/status verbs: - - create - - delete - get - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappversions/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappversions/status - verbs: - - get - - patch - - update - apiGroups: - lifecycle.keptn.sh resources: + - keptnappcontexts - keptnevaluationdefinitions verbs: - get @@ -222,111 +111,15 @@ rules: - apiGroups: - lifecycle.keptn.sh resources: + - keptnappcreationrequests + - keptnapps + - keptnappversion + - keptnappversions - keptnevaluations - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnevaluations/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnevaluations/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - keptntaskdefinitions - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptntaskdefinitions/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptntaskdefinitions/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - keptntasks - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptntasks/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptntasks/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnworkloadversions - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnworkloadversions/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnworkloadversions/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - keptnworkloads + - keptnworkloadversions verbs: - create - delete @@ -338,13 +131,29 @@ rules: - apiGroups: - lifecycle.keptn.sh resources: + - keptnappcreationrequests/finalizers + - keptnapps/finalizers + - keptnappversion/finalizers + - keptnappversions/finalizers + - keptnevaluations/finalizers + - keptntaskdefinitions/finalizers + - keptntasks/finalizers - keptnworkloads/finalizers + - keptnworkloadversions/finalizers verbs: - update - apiGroups: - lifecycle.keptn.sh resources: + - keptnappcreationrequests/status + - keptnapps/status + - keptnappversion/status + - keptnappversions/status + - keptnevaluations/status + - keptntaskdefinitions/status + - keptntasks/status - keptnworkloads/status + - keptnworkloadversions/status verbs: - get - patch diff --git a/lifecycle-operator/cmd/fake/manager_mock.go b/lifecycle-operator/cmd/fake/manager_mock.go deleted file mode 100644 index 73324216a1..0000000000 --- a/lifecycle-operator/cmd/fake/manager_mock.go +++ /dev/null @@ -1,773 +0,0 @@ -// Code generated by moq; DO NOT EDIT. -// github.com/matryer/moq - -package fake - -import ( - "context" - "net/http" - "sync" - - "github.com/go-logr/logr" - "k8s.io/apimachinery/pkg/api/meta" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/client-go/rest" - "k8s.io/client-go/tools/record" - "sigs.k8s.io/controller-runtime/pkg/cache" - "sigs.k8s.io/controller-runtime/pkg/client" - "sigs.k8s.io/controller-runtime/pkg/config/v1alpha1" - "sigs.k8s.io/controller-runtime/pkg/healthz" - "sigs.k8s.io/controller-runtime/pkg/manager" - "sigs.k8s.io/controller-runtime/pkg/webhook" -) - -// MockManager is a mock implementation of manager.IManager. -// -// func TestSomethingThatUsesIManager(t *testing.T) { -// -// // make and configure a mocked manager.IManager -// mockedIManager := &MockManager{ -// AddFunc: func(runnable manager.Runnable) error { -// panic("mock out the Add method") -// }, -// AddHealthzCheckFunc: func(name string, check healthz.Checker) error { -// panic("mock out the AddHealthzCheck method") -// }, -// AddMetricsExtraHandlerFunc: func(path string, handler http.Handler) error { -// panic("mock out the AddMetricsExtraHandler method") -// }, -// AddReadyzCheckFunc: func(name string, check healthz.Checker) error { -// panic("mock out the AddReadyzCheck method") -// }, -// ElectedFunc: func() <-chan struct{} { -// panic("mock out the Elected method") -// }, -// GetAPIReaderFunc: func() client.Reader { -// panic("mock out the GetAPIReader method") -// }, -// GetCacheFunc: func() cache.Cache { -// panic("mock out the GetCache method") -// }, -// GetClientFunc: func() client.Client { -// panic("mock out the GetClient method") -// }, -// GetConfigFunc: func() *rest.Config { -// panic("mock out the GetConfig method") -// }, -// GetControllerOptionsFunc: func() v1alpha1.ControllerConfigurationSpec { -// panic("mock out the GetControllerOptions method") -// }, -// GetEventRecorderForFunc: func(name string) record.EventRecorder { -// panic("mock out the GetEventRecorderFor method") -// }, -// GetFieldIndexerFunc: func() client.FieldIndexer { -// panic("mock out the GetFieldIndexer method") -// }, -// GetLoggerFunc: func() logr.Logger { -// panic("mock out the GetLogger method") -// }, -// GetRESTMapperFunc: func() meta.RESTMapper { -// panic("mock out the GetRESTMapper method") -// }, -// GetSchemeFunc: func() *runtime.Scheme { -// panic("mock out the GetScheme method") -// }, -// GetWebhookServerFunc: func() *webhook.Server { -// panic("mock out the GetWebhookServer method") -// }, -// SetFieldsFunc: func(ifaceVal interface{}) error { -// panic("mock out the SetFields method") -// }, -// StartFunc: func(ctx context.Context) error { -// panic("mock out the Start method") -// }, -// } -// -// // use mockedIManager in code that requires manager.IManager -// // and then make assertions. -// -// } -type MockManager struct { - // AddFunc mocks the Add method. - AddFunc func(runnable manager.Runnable) error - - // AddHealthzCheckFunc mocks the AddHealthzCheck method. - AddHealthzCheckFunc func(name string, check healthz.Checker) error - - // AddMetricsExtraHandlerFunc mocks the AddMetricsExtraHandler method. - AddMetricsExtraHandlerFunc func(path string, handler http.Handler) error - - // AddReadyzCheckFunc mocks the AddReadyzCheck method. - AddReadyzCheckFunc func(name string, check healthz.Checker) error - - // ElectedFunc mocks the Elected method. - ElectedFunc func() <-chan struct{} - - // GetAPIReaderFunc mocks the GetAPIReader method. - GetAPIReaderFunc func() client.Reader - - // GetCacheFunc mocks the GetCache method. - GetCacheFunc func() cache.Cache - - // GetClientFunc mocks the GetClient method. - GetClientFunc func() client.Client - - // GetConfigFunc mocks the GetConfig method. - GetConfigFunc func() *rest.Config - - // GetControllerOptionsFunc mocks the GetControllerOptions method. - GetControllerOptionsFunc func() v1alpha1.ControllerConfigurationSpec - - // GetEventRecorderForFunc mocks the GetEventRecorderFor method. - GetEventRecorderForFunc func(name string) record.EventRecorder - - // GetFieldIndexerFunc mocks the GetFieldIndexer method. - GetFieldIndexerFunc func() client.FieldIndexer - - // GetLoggerFunc mocks the GetLogger method. - GetLoggerFunc func() logr.Logger - - // GetRESTMapperFunc mocks the GetRESTMapper method. - GetRESTMapperFunc func() meta.RESTMapper - - // GetSchemeFunc mocks the GetScheme method. - GetSchemeFunc func() *runtime.Scheme - - // GetWebhookServerFunc mocks the GetWebhookServer method. - GetWebhookServerFunc func() *webhook.Server - - // SetFieldsFunc mocks the SetFields method. - SetFieldsFunc func(ifaceVal interface{}) error - - // StartFunc mocks the Start method. - StartFunc func(ctx context.Context) error - - // calls tracks calls to the methods. - calls struct { - // Add holds details about calls to the Add method. - Add []struct { - // Runnable is the runnable argument value. - Runnable manager.Runnable - } - // AddHealthzCheck holds details about calls to the AddHealthzCheck method. - AddHealthzCheck []struct { - // Name is the name argument value. - Name string - // Check is the check argument value. - Check healthz.Checker - } - // AddMetricsExtraHandler holds details about calls to the AddMetricsExtraHandler method. - AddMetricsExtraHandler []struct { - // Path is the path argument value. - Path string - // Handler is the handler argument value. - Handler http.Handler - } - // AddReadyzCheck holds details about calls to the AddReadyzCheck method. - AddReadyzCheck []struct { - // Name is the name argument value. - Name string - // Check is the check argument value. - Check healthz.Checker - } - // Elected holds details about calls to the Elected method. - Elected []struct { - } - // GetAPIReader holds details about calls to the GetAPIReader method. - GetAPIReader []struct { - } - // GetCache holds details about calls to the GetCache method. - GetCache []struct { - } - // GetClient holds details about calls to the GetClient method. - GetClient []struct { - } - // GetConfig holds details about calls to the GetConfig method. - GetConfig []struct { - } - // GetControllerOptions holds details about calls to the GetControllerOptions method. - GetControllerOptions []struct { - } - // GetEventRecorderFor holds details about calls to the GetEventRecorderFor method. - GetEventRecorderFor []struct { - // Name is the name argument value. - Name string - } - // GetFieldIndexer holds details about calls to the GetFieldIndexer method. - GetFieldIndexer []struct { - } - // GetLogger holds details about calls to the GetLogger method. - GetLogger []struct { - } - // GetRESTMapper holds details about calls to the GetRESTMapper method. - GetRESTMapper []struct { - } - // GetScheme holds details about calls to the GetScheme method. - GetScheme []struct { - } - // GetWebhookServer holds details about calls to the GetWebhookServer method. - GetWebhookServer []struct { - } - // SetFields holds details about calls to the SetFields method. - SetFields []struct { - // IfaceVal is the ifaceVal argument value. - IfaceVal interface{} - } - // Start holds details about calls to the Start method. - Start []struct { - // Ctx is the ctx argument value. - Ctx context.Context - } - } - lockAdd sync.RWMutex - lockAddHealthzCheck sync.RWMutex - lockAddMetricsExtraHandler sync.RWMutex - lockAddReadyzCheck sync.RWMutex - lockElected sync.RWMutex - lockGetAPIReader sync.RWMutex - lockGetCache sync.RWMutex - lockGetClient sync.RWMutex - lockGetConfig sync.RWMutex - lockGetControllerOptions sync.RWMutex - lockGetEventRecorderFor sync.RWMutex - lockGetFieldIndexer sync.RWMutex - lockGetLogger sync.RWMutex - lockGetRESTMapper sync.RWMutex - lockGetScheme sync.RWMutex - lockGetWebhookServer sync.RWMutex - lockSetFields sync.RWMutex - lockStart sync.RWMutex -} - -// Add calls AddFunc. -func (mock *MockManager) Add(runnable manager.Runnable) error { - if mock.AddFunc == nil { - panic("MockManager.AddFunc: method is nil but IManager.Add was just called") - } - callInfo := struct { - Runnable manager.Runnable - }{ - Runnable: runnable, - } - mock.lockAdd.Lock() - mock.calls.Add = append(mock.calls.Add, callInfo) - mock.lockAdd.Unlock() - return mock.AddFunc(runnable) -} - -// AddCalls gets all the calls that were made to Add. -// Check the length with: -// -// len(mockedIManager.AddCalls()) -func (mock *MockManager) AddCalls() []struct { - Runnable manager.Runnable -} { - var calls []struct { - Runnable manager.Runnable - } - mock.lockAdd.RLock() - calls = mock.calls.Add - mock.lockAdd.RUnlock() - return calls -} - -// AddHealthzCheck calls AddHealthzCheckFunc. -func (mock *MockManager) AddHealthzCheck(name string, check healthz.Checker) error { - if mock.AddHealthzCheckFunc == nil { - panic("MockManager.AddHealthzCheckFunc: method is nil but IManager.AddHealthzCheck was just called") - } - callInfo := struct { - Name string - Check healthz.Checker - }{ - Name: name, - Check: check, - } - mock.lockAddHealthzCheck.Lock() - mock.calls.AddHealthzCheck = append(mock.calls.AddHealthzCheck, callInfo) - mock.lockAddHealthzCheck.Unlock() - return mock.AddHealthzCheckFunc(name, check) -} - -// AddHealthzCheckCalls gets all the calls that were made to AddHealthzCheck. -// Check the length with: -// -// len(mockedIManager.AddHealthzCheckCalls()) -func (mock *MockManager) AddHealthzCheckCalls() []struct { - Name string - Check healthz.Checker -} { - var calls []struct { - Name string - Check healthz.Checker - } - mock.lockAddHealthzCheck.RLock() - calls = mock.calls.AddHealthzCheck - mock.lockAddHealthzCheck.RUnlock() - return calls -} - -// AddMetricsExtraHandler calls AddMetricsExtraHandlerFunc. -func (mock *MockManager) AddMetricsExtraHandler(path string, handler http.Handler) error { - if mock.AddMetricsExtraHandlerFunc == nil { - panic("MockManager.AddMetricsExtraHandlerFunc: method is nil but IManager.AddMetricsExtraHandler was just called") - } - callInfo := struct { - Path string - Handler http.Handler - }{ - Path: path, - Handler: handler, - } - mock.lockAddMetricsExtraHandler.Lock() - mock.calls.AddMetricsExtraHandler = append(mock.calls.AddMetricsExtraHandler, callInfo) - mock.lockAddMetricsExtraHandler.Unlock() - return mock.AddMetricsExtraHandlerFunc(path, handler) -} - -// AddMetricsExtraHandlerCalls gets all the calls that were made to AddMetricsExtraHandler. -// Check the length with: -// -// len(mockedIManager.AddMetricsExtraHandlerCalls()) -func (mock *MockManager) AddMetricsExtraHandlerCalls() []struct { - Path string - Handler http.Handler -} { - var calls []struct { - Path string - Handler http.Handler - } - mock.lockAddMetricsExtraHandler.RLock() - calls = mock.calls.AddMetricsExtraHandler - mock.lockAddMetricsExtraHandler.RUnlock() - return calls -} - -// AddReadyzCheck calls AddReadyzCheckFunc. -func (mock *MockManager) AddReadyzCheck(name string, check healthz.Checker) error { - if mock.AddReadyzCheckFunc == nil { - panic("MockManager.AddReadyzCheckFunc: method is nil but IManager.AddReadyzCheck was just called") - } - callInfo := struct { - Name string - Check healthz.Checker - }{ - Name: name, - Check: check, - } - mock.lockAddReadyzCheck.Lock() - mock.calls.AddReadyzCheck = append(mock.calls.AddReadyzCheck, callInfo) - mock.lockAddReadyzCheck.Unlock() - return mock.AddReadyzCheckFunc(name, check) -} - -// AddReadyzCheckCalls gets all the calls that were made to AddReadyzCheck. -// Check the length with: -// -// len(mockedIManager.AddReadyzCheckCalls()) -func (mock *MockManager) AddReadyzCheckCalls() []struct { - Name string - Check healthz.Checker -} { - var calls []struct { - Name string - Check healthz.Checker - } - mock.lockAddReadyzCheck.RLock() - calls = mock.calls.AddReadyzCheck - mock.lockAddReadyzCheck.RUnlock() - return calls -} - -// Elected calls ElectedFunc. -func (mock *MockManager) Elected() <-chan struct{} { - if mock.ElectedFunc == nil { - panic("MockManager.ElectedFunc: method is nil but IManager.Elected was just called") - } - callInfo := struct { - }{} - mock.lockElected.Lock() - mock.calls.Elected = append(mock.calls.Elected, callInfo) - mock.lockElected.Unlock() - return mock.ElectedFunc() -} - -// ElectedCalls gets all the calls that were made to Elected. -// Check the length with: -// -// len(mockedIManager.ElectedCalls()) -func (mock *MockManager) ElectedCalls() []struct { -} { - var calls []struct { - } - mock.lockElected.RLock() - calls = mock.calls.Elected - mock.lockElected.RUnlock() - return calls -} - -// GetAPIReader calls GetAPIReaderFunc. -func (mock *MockManager) GetAPIReader() client.Reader { - if mock.GetAPIReaderFunc == nil { - panic("MockManager.GetAPIReaderFunc: method is nil but IManager.GetAPIReader was just called") - } - callInfo := struct { - }{} - mock.lockGetAPIReader.Lock() - mock.calls.GetAPIReader = append(mock.calls.GetAPIReader, callInfo) - mock.lockGetAPIReader.Unlock() - return mock.GetAPIReaderFunc() -} - -// GetAPIReaderCalls gets all the calls that were made to GetAPIReader. -// Check the length with: -// -// len(mockedIManager.GetAPIReaderCalls()) -func (mock *MockManager) GetAPIReaderCalls() []struct { -} { - var calls []struct { - } - mock.lockGetAPIReader.RLock() - calls = mock.calls.GetAPIReader - mock.lockGetAPIReader.RUnlock() - return calls -} - -// GetCache calls GetCacheFunc. -func (mock *MockManager) GetCache() cache.Cache { - if mock.GetCacheFunc == nil { - panic("MockManager.GetCacheFunc: method is nil but IManager.GetCache was just called") - } - callInfo := struct { - }{} - mock.lockGetCache.Lock() - mock.calls.GetCache = append(mock.calls.GetCache, callInfo) - mock.lockGetCache.Unlock() - return mock.GetCacheFunc() -} - -// GetCacheCalls gets all the calls that were made to GetCache. -// Check the length with: -// -// len(mockedIManager.GetCacheCalls()) -func (mock *MockManager) GetCacheCalls() []struct { -} { - var calls []struct { - } - mock.lockGetCache.RLock() - calls = mock.calls.GetCache - mock.lockGetCache.RUnlock() - return calls -} - -// GetClient calls GetClientFunc. -func (mock *MockManager) GetClient() client.Client { - if mock.GetClientFunc == nil { - panic("MockManager.GetClientFunc: method is nil but IManager.GetClient was just called") - } - callInfo := struct { - }{} - mock.lockGetClient.Lock() - mock.calls.GetClient = append(mock.calls.GetClient, callInfo) - mock.lockGetClient.Unlock() - return mock.GetClientFunc() -} - -// GetClientCalls gets all the calls that were made to GetClient. -// Check the length with: -// -// len(mockedIManager.GetClientCalls()) -func (mock *MockManager) GetClientCalls() []struct { -} { - var calls []struct { - } - mock.lockGetClient.RLock() - calls = mock.calls.GetClient - mock.lockGetClient.RUnlock() - return calls -} - -// GetConfig calls GetConfigFunc. -func (mock *MockManager) GetConfig() *rest.Config { - if mock.GetConfigFunc == nil { - panic("MockManager.GetConfigFunc: method is nil but IManager.GetConfig was just called") - } - callInfo := struct { - }{} - mock.lockGetConfig.Lock() - mock.calls.GetConfig = append(mock.calls.GetConfig, callInfo) - mock.lockGetConfig.Unlock() - return mock.GetConfigFunc() -} - -// GetConfigCalls gets all the calls that were made to GetConfig. -// Check the length with: -// -// len(mockedIManager.GetConfigCalls()) -func (mock *MockManager) GetConfigCalls() []struct { -} { - var calls []struct { - } - mock.lockGetConfig.RLock() - calls = mock.calls.GetConfig - mock.lockGetConfig.RUnlock() - return calls -} - -// GetControllerOptions calls GetControllerOptionsFunc. -func (mock *MockManager) GetControllerOptions() v1alpha1.ControllerConfigurationSpec { - if mock.GetControllerOptionsFunc == nil { - panic("MockManager.GetControllerOptionsFunc: method is nil but IManager.GetControllerOptions was just called") - } - callInfo := struct { - }{} - mock.lockGetControllerOptions.Lock() - mock.calls.GetControllerOptions = append(mock.calls.GetControllerOptions, callInfo) - mock.lockGetControllerOptions.Unlock() - return mock.GetControllerOptionsFunc() -} - -// GetControllerOptionsCalls gets all the calls that were made to GetControllerOptions. -// Check the length with: -// -// len(mockedIManager.GetControllerOptionsCalls()) -func (mock *MockManager) GetControllerOptionsCalls() []struct { -} { - var calls []struct { - } - mock.lockGetControllerOptions.RLock() - calls = mock.calls.GetControllerOptions - mock.lockGetControllerOptions.RUnlock() - return calls -} - -// GetEventRecorderFor calls GetEventRecorderForFunc. -func (mock *MockManager) GetEventRecorderFor(name string) record.EventRecorder { - if mock.GetEventRecorderForFunc == nil { - panic("MockManager.GetEventRecorderForFunc: method is nil but IManager.GetEventRecorderFor was just called") - } - callInfo := struct { - Name string - }{ - Name: name, - } - mock.lockGetEventRecorderFor.Lock() - mock.calls.GetEventRecorderFor = append(mock.calls.GetEventRecorderFor, callInfo) - mock.lockGetEventRecorderFor.Unlock() - return mock.GetEventRecorderForFunc(name) -} - -// GetEventRecorderForCalls gets all the calls that were made to GetEventRecorderFor. -// Check the length with: -// -// len(mockedIManager.GetEventRecorderForCalls()) -func (mock *MockManager) GetEventRecorderForCalls() []struct { - Name string -} { - var calls []struct { - Name string - } - mock.lockGetEventRecorderFor.RLock() - calls = mock.calls.GetEventRecorderFor - mock.lockGetEventRecorderFor.RUnlock() - return calls -} - -// GetFieldIndexer calls GetFieldIndexerFunc. -func (mock *MockManager) GetFieldIndexer() client.FieldIndexer { - if mock.GetFieldIndexerFunc == nil { - panic("MockManager.GetFieldIndexerFunc: method is nil but IManager.GetFieldIndexer was just called") - } - callInfo := struct { - }{} - mock.lockGetFieldIndexer.Lock() - mock.calls.GetFieldIndexer = append(mock.calls.GetFieldIndexer, callInfo) - mock.lockGetFieldIndexer.Unlock() - return mock.GetFieldIndexerFunc() -} - -// GetFieldIndexerCalls gets all the calls that were made to GetFieldIndexer. -// Check the length with: -// -// len(mockedIManager.GetFieldIndexerCalls()) -func (mock *MockManager) GetFieldIndexerCalls() []struct { -} { - var calls []struct { - } - mock.lockGetFieldIndexer.RLock() - calls = mock.calls.GetFieldIndexer - mock.lockGetFieldIndexer.RUnlock() - return calls -} - -// GetLogger calls GetLoggerFunc. -func (mock *MockManager) GetLogger() logr.Logger { - if mock.GetLoggerFunc == nil { - panic("MockManager.GetLoggerFunc: method is nil but IManager.GetLogger was just called") - } - callInfo := struct { - }{} - mock.lockGetLogger.Lock() - mock.calls.GetLogger = append(mock.calls.GetLogger, callInfo) - mock.lockGetLogger.Unlock() - return mock.GetLoggerFunc() -} - -// GetLoggerCalls gets all the calls that were made to GetLogger. -// Check the length with: -// -// len(mockedIManager.GetLoggerCalls()) -func (mock *MockManager) GetLoggerCalls() []struct { -} { - var calls []struct { - } - mock.lockGetLogger.RLock() - calls = mock.calls.GetLogger - mock.lockGetLogger.RUnlock() - return calls -} - -// GetRESTMapper calls GetRESTMapperFunc. -func (mock *MockManager) GetRESTMapper() meta.RESTMapper { - if mock.GetRESTMapperFunc == nil { - panic("MockManager.GetRESTMapperFunc: method is nil but IManager.GetRESTMapper was just called") - } - callInfo := struct { - }{} - mock.lockGetRESTMapper.Lock() - mock.calls.GetRESTMapper = append(mock.calls.GetRESTMapper, callInfo) - mock.lockGetRESTMapper.Unlock() - return mock.GetRESTMapperFunc() -} - -// GetRESTMapperCalls gets all the calls that were made to GetRESTMapper. -// Check the length with: -// -// len(mockedIManager.GetRESTMapperCalls()) -func (mock *MockManager) GetRESTMapperCalls() []struct { -} { - var calls []struct { - } - mock.lockGetRESTMapper.RLock() - calls = mock.calls.GetRESTMapper - mock.lockGetRESTMapper.RUnlock() - return calls -} - -// GetScheme calls GetSchemeFunc. -func (mock *MockManager) GetScheme() *runtime.Scheme { - if mock.GetSchemeFunc == nil { - panic("MockManager.GetSchemeFunc: method is nil but IManager.GetScheme was just called") - } - callInfo := struct { - }{} - mock.lockGetScheme.Lock() - mock.calls.GetScheme = append(mock.calls.GetScheme, callInfo) - mock.lockGetScheme.Unlock() - return mock.GetSchemeFunc() -} - -// GetSchemeCalls gets all the calls that were made to GetScheme. -// Check the length with: -// -// len(mockedIManager.GetSchemeCalls()) -func (mock *MockManager) GetSchemeCalls() []struct { -} { - var calls []struct { - } - mock.lockGetScheme.RLock() - calls = mock.calls.GetScheme - mock.lockGetScheme.RUnlock() - return calls -} - -// GetWebhookServer calls GetWebhookServerFunc. -func (mock *MockManager) GetWebhookServer() *webhook.Server { - if mock.GetWebhookServerFunc == nil { - panic("MockManager.GetWebhookServerFunc: method is nil but IManager.GetWebhookServer was just called") - } - callInfo := struct { - }{} - mock.lockGetWebhookServer.Lock() - mock.calls.GetWebhookServer = append(mock.calls.GetWebhookServer, callInfo) - mock.lockGetWebhookServer.Unlock() - return mock.GetWebhookServerFunc() -} - -// GetWebhookServerCalls gets all the calls that were made to GetWebhookServer. -// Check the length with: -// -// len(mockedIManager.GetWebhookServerCalls()) -func (mock *MockManager) GetWebhookServerCalls() []struct { -} { - var calls []struct { - } - mock.lockGetWebhookServer.RLock() - calls = mock.calls.GetWebhookServer - mock.lockGetWebhookServer.RUnlock() - return calls -} - -// SetFields calls SetFieldsFunc. -func (mock *MockManager) SetFields(ifaceVal interface{}) error { - if mock.SetFieldsFunc == nil { - panic("MockManager.SetFieldsFunc: method is nil but IManager.SetFields was just called") - } - callInfo := struct { - IfaceVal interface{} - }{ - IfaceVal: ifaceVal, - } - mock.lockSetFields.Lock() - mock.calls.SetFields = append(mock.calls.SetFields, callInfo) - mock.lockSetFields.Unlock() - return mock.SetFieldsFunc(ifaceVal) -} - -// SetFieldsCalls gets all the calls that were made to SetFields. -// Check the length with: -// -// len(mockedIManager.SetFieldsCalls()) -func (mock *MockManager) SetFieldsCalls() []struct { - IfaceVal interface{} -} { - var calls []struct { - IfaceVal interface{} - } - mock.lockSetFields.RLock() - calls = mock.calls.SetFields - mock.lockSetFields.RUnlock() - return calls -} - -// Start calls StartFunc. -func (mock *MockManager) Start(ctx context.Context) error { - if mock.StartFunc == nil { - panic("MockManager.StartFunc: method is nil but IManager.Start was just called") - } - callInfo := struct { - Ctx context.Context - }{ - Ctx: ctx, - } - mock.lockStart.Lock() - mock.calls.Start = append(mock.calls.Start, callInfo) - mock.lockStart.Unlock() - return mock.StartFunc(ctx) -} - -// StartCalls gets all the calls that were made to Start. -// Check the length with: -// -// len(mockedIManager.StartCalls()) -func (mock *MockManager) StartCalls() []struct { - Ctx context.Context -} { - var calls []struct { - Ctx context.Context - } - mock.lockStart.RLock() - calls = mock.calls.Start - mock.lockStart.RUnlock() - return calls -} diff --git a/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnappcontexts.yaml b/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnappcontexts.yaml index f022116183..721c32343b 100644 --- a/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnappcontexts.yaml +++ b/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnappcontexts.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.5 name: keptnappcontexts.lifecycle.keptn.sh spec: group: lifecycle.keptn.sh diff --git a/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnappcreationrequests.yaml b/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnappcreationrequests.yaml index 886b90e3e2..d874f21ed5 100644 --- a/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnappcreationrequests.yaml +++ b/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnappcreationrequests.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.5 name: keptnappcreationrequests.lifecycle.keptn.sh spec: group: lifecycle.keptn.sh diff --git a/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnapps.yaml b/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnapps.yaml index c25e83849e..3214607f74 100644 --- a/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnapps.yaml +++ b/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnapps.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.5 name: keptnapps.lifecycle.keptn.sh spec: group: lifecycle.keptn.sh diff --git a/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnappversions.yaml b/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnappversions.yaml index 93a0371ab3..36c47bcfbe 100644 --- a/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnappversions.yaml +++ b/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnappversions.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.5 name: keptnappversions.lifecycle.keptn.sh spec: group: lifecycle.keptn.sh diff --git a/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnevaluationdefinitions.yaml b/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnevaluationdefinitions.yaml index 7a3c2cb683..8de937f308 100644 --- a/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnevaluationdefinitions.yaml +++ b/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnevaluationdefinitions.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.5 name: keptnevaluationdefinitions.lifecycle.keptn.sh spec: group: lifecycle.keptn.sh diff --git a/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnevaluationproviders.yaml b/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnevaluationproviders.yaml index 294bff5f00..d86db8fcdb 100644 --- a/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnevaluationproviders.yaml +++ b/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnevaluationproviders.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.5 name: keptnevaluationproviders.lifecycle.keptn.sh spec: group: lifecycle.keptn.sh @@ -93,10 +93,13 @@ spec: valid secret key. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined @@ -153,10 +156,13 @@ spec: valid secret key. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined diff --git a/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnevaluations.yaml b/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnevaluations.yaml index a04b56ce6c..ae33aa08ac 100644 --- a/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnevaluations.yaml +++ b/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnevaluations.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.5 name: keptnevaluations.lifecycle.keptn.sh spec: group: lifecycle.keptn.sh diff --git a/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptntaskdefinitions.yaml b/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptntaskdefinitions.yaml index 2ed155474d..612e8ccd03 100644 --- a/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptntaskdefinitions.yaml +++ b/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptntaskdefinitions.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.5 name: keptntaskdefinitions.lifecycle.keptn.sh spec: group: lifecycle.keptn.sh @@ -67,6 +67,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic command: description: |- Entrypoint array. Not executed within a shell. @@ -80,6 +81,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic env: description: |- List of environment variables to set in the container. @@ -115,10 +117,13 @@ spec: description: The key to select. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its @@ -178,10 +183,13 @@ spec: be a valid secret key. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -196,6 +204,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map envFrom: description: |- List of sources to populate environment variables in the container. @@ -212,10 +223,13 @@ spec: description: The ConfigMap to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap must be defined @@ -230,10 +244,13 @@ spec: description: The Secret to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret must be defined @@ -242,6 +259,7 @@ spec: x-kubernetes-map-type: atomic type: object type: array + x-kubernetes-list-type: atomic image: description: |- Container image name. @@ -282,6 +300,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -311,6 +330,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -390,6 +410,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -419,6 +440,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -494,6 +516,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -510,11 +533,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -548,6 +571,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -704,6 +728,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -720,11 +745,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -758,6 +783,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -871,11 +897,9 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. @@ -886,6 +910,12 @@ spec: the Pod where this field is used. It makes that resource available inside a container. type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string required: - name type: object @@ -952,6 +982,30 @@ spec: 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. type: boolean + appArmorProfile: + description: |- + appArmorProfile is the AppArmor options to use by this container. If set, this profile + overrides the pod's appArmorProfile. + Note that this field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: |- + localhostProfile indicates a profile loaded on the node that should be used. + The profile must be preconfigured on the node to work. + Must match the loaded name of the profile. + Must be set if and only if type is "Localhost". + type: string + type: + description: |- + type indicates which kind of AppArmor profile will be applied. + Valid options are: + Localhost - a profile pre-loaded on the node. + RuntimeDefault - the container runtime's default profile. + Unconfined - no AppArmor enforcement. + type: string + required: + - type + type: object capabilities: description: |- The capabilities to add/drop when running containers. @@ -965,6 +1019,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic drop: description: Removed capabilities items: @@ -972,6 +1027,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic type: object privileged: description: |- @@ -983,7 +1039,7 @@ spec: procMount: description: |- procMount denotes the type of proc mount to use for the containers. - The default is DefaultProcMount which uses the container runtime defaults for + The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. @@ -1065,7 +1121,6 @@ spec: type indicates which kind of seccomp profile will be applied. Valid options are: - Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. @@ -1129,6 +1184,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -1145,11 +1201,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -1183,6 +1239,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -1324,6 +1381,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - devicePath + x-kubernetes-list-type: map volumeMounts: description: |- Pod volumes to mount into the container's filesystem. @@ -1343,6 +1403,8 @@ spec: to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). type: string name: description: This must match the Name of a Volume. @@ -1352,6 +1414,25 @@ spec: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string subPath: description: |- Path within the volume from which the container's volume should be mounted. @@ -1369,6 +1450,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - mountPath + x-kubernetes-list-type: map workingDir: description: |- Container's working directory. @@ -1461,10 +1545,13 @@ spec: referenced object inside the same namespace. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -1798,6 +1885,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic command: description: |- Entrypoint array. Not executed within a shell. @@ -1811,6 +1899,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic env: description: |- List of environment variables to set in the container. @@ -1846,10 +1935,13 @@ spec: description: The key to select. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its @@ -1909,10 +2001,13 @@ spec: be a valid secret key. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -1927,6 +2022,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map envFrom: description: |- List of sources to populate environment variables in the container. @@ -1943,10 +2041,13 @@ spec: description: The ConfigMap to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap must be defined @@ -1961,10 +2062,13 @@ spec: description: The Secret to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret must be defined @@ -1973,6 +2077,7 @@ spec: x-kubernetes-map-type: atomic type: object type: array + x-kubernetes-list-type: atomic image: description: |- Container image name. @@ -2013,6 +2118,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -2042,6 +2148,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -2121,6 +2228,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -2150,6 +2258,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -2225,6 +2334,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -2241,11 +2351,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -2279,6 +2389,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -2435,6 +2546,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -2451,11 +2563,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -2489,6 +2601,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -2602,11 +2715,9 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. @@ -2617,6 +2728,12 @@ spec: the Pod where this field is used. It makes that resource available inside a container. type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string required: - name type: object @@ -2683,6 +2800,30 @@ spec: 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. type: boolean + appArmorProfile: + description: |- + appArmorProfile is the AppArmor options to use by this container. If set, this profile + overrides the pod's appArmorProfile. + Note that this field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: |- + localhostProfile indicates a profile loaded on the node that should be used. + The profile must be preconfigured on the node to work. + Must match the loaded name of the profile. + Must be set if and only if type is "Localhost". + type: string + type: + description: |- + type indicates which kind of AppArmor profile will be applied. + Valid options are: + Localhost - a profile pre-loaded on the node. + RuntimeDefault - the container runtime's default profile. + Unconfined - no AppArmor enforcement. + type: string + required: + - type + type: object capabilities: description: |- The capabilities to add/drop when running containers. @@ -2696,6 +2837,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic drop: description: Removed capabilities items: @@ -2703,6 +2845,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic type: object privileged: description: |- @@ -2714,7 +2857,7 @@ spec: procMount: description: |- procMount denotes the type of proc mount to use for the containers. - The default is DefaultProcMount which uses the container runtime defaults for + The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. @@ -2796,7 +2939,6 @@ spec: type indicates which kind of seccomp profile will be applied. Valid options are: - Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. @@ -2860,6 +3002,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -2876,11 +3019,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -2914,6 +3057,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -3055,6 +3199,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - devicePath + x-kubernetes-list-type: map volumeMounts: description: |- Pod volumes to mount into the container's filesystem. @@ -3074,6 +3221,8 @@ spec: to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). type: string name: description: This must match the Name of a Volume. @@ -3083,6 +3232,25 @@ spec: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string subPath: description: |- Path within the volume from which the container's volume should be mounted. @@ -3100,6 +3268,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - mountPath + x-kubernetes-list-type: map workingDir: description: |- Container's working directory. @@ -3266,10 +3437,13 @@ spec: referenced object inside the same namespace. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -3451,6 +3625,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic command: description: |- Entrypoint array. Not executed within a shell. @@ -3464,6 +3639,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic env: description: |- List of environment variables to set in the container. @@ -3499,10 +3675,13 @@ spec: description: The key to select. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its @@ -3562,10 +3741,13 @@ spec: be a valid secret key. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -3580,6 +3762,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map envFrom: description: |- List of sources to populate environment variables in the container. @@ -3596,10 +3781,13 @@ spec: description: The ConfigMap to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap must be defined @@ -3614,10 +3802,13 @@ spec: description: The Secret to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret must be defined @@ -3626,6 +3817,7 @@ spec: x-kubernetes-map-type: atomic type: object type: array + x-kubernetes-list-type: atomic image: description: |- Container image name. @@ -3666,6 +3858,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -3695,6 +3888,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -3774,6 +3968,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -3803,6 +3998,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -3878,6 +4074,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -3894,11 +4091,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -3932,6 +4129,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -4088,6 +4286,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -4104,11 +4303,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -4142,6 +4341,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -4255,11 +4455,9 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. @@ -4270,6 +4468,12 @@ spec: the Pod where this field is used. It makes that resource available inside a container. type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string required: - name type: object @@ -4336,6 +4540,30 @@ spec: 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. type: boolean + appArmorProfile: + description: |- + appArmorProfile is the AppArmor options to use by this container. If set, this profile + overrides the pod's appArmorProfile. + Note that this field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: |- + localhostProfile indicates a profile loaded on the node that should be used. + The profile must be preconfigured on the node to work. + Must match the loaded name of the profile. + Must be set if and only if type is "Localhost". + type: string + type: + description: |- + type indicates which kind of AppArmor profile will be applied. + Valid options are: + Localhost - a profile pre-loaded on the node. + RuntimeDefault - the container runtime's default profile. + Unconfined - no AppArmor enforcement. + type: string + required: + - type + type: object capabilities: description: |- The capabilities to add/drop when running containers. @@ -4349,6 +4577,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic drop: description: Removed capabilities items: @@ -4356,6 +4585,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic type: object privileged: description: |- @@ -4367,7 +4597,7 @@ spec: procMount: description: |- procMount denotes the type of proc mount to use for the containers. - The default is DefaultProcMount which uses the container runtime defaults for + The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. @@ -4449,7 +4679,6 @@ spec: type indicates which kind of seccomp profile will be applied. Valid options are: - Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. @@ -4513,6 +4742,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -4529,11 +4759,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -4567,6 +4797,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -4708,6 +4939,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - devicePath + x-kubernetes-list-type: map volumeMounts: description: |- Pod volumes to mount into the container's filesystem. @@ -4727,6 +4961,8 @@ spec: to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). type: string name: description: This must match the Name of a Volume. @@ -4736,6 +4972,25 @@ spec: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string subPath: description: |- Path within the volume from which the container's volume should be mounted. @@ -4753,6 +5008,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - mountPath + x-kubernetes-list-type: map workingDir: description: |- Container's working directory. @@ -4919,10 +5177,13 @@ spec: referenced object inside the same namespace. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic diff --git a/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptntasks.yaml b/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptntasks.yaml index 7087242a70..ca9151bbf4 100644 --- a/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptntasks.yaml +++ b/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptntasks.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.5 name: keptntasks.lifecycle.keptn.sh spec: group: lifecycle.keptn.sh diff --git a/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnworkloadinstances.yaml b/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnworkloadinstances.yaml index 4b676377c3..26db9d4265 100644 --- a/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnworkloadinstances.yaml +++ b/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnworkloadinstances.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.5 name: keptnworkloadinstances.lifecycle.keptn.sh spec: group: lifecycle.keptn.sh diff --git a/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnworkloads.yaml b/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnworkloads.yaml index baf3497cd6..c717a5c7aa 100644 --- a/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnworkloads.yaml +++ b/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnworkloads.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.5 name: keptnworkloads.lifecycle.keptn.sh spec: group: lifecycle.keptn.sh diff --git a/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnworkloadversions.yaml b/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnworkloadversions.yaml index a553219653..3ce2eb8f0a 100644 --- a/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnworkloadversions.yaml +++ b/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnworkloadversions.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.5 name: keptnworkloadversions.lifecycle.keptn.sh spec: group: lifecycle.keptn.sh diff --git a/lifecycle-operator/config/crd/bases/options.keptn.sh_keptnconfigs.yaml b/lifecycle-operator/config/crd/bases/options.keptn.sh_keptnconfigs.yaml index 36ac20e93a..076b7e976c 100644 --- a/lifecycle-operator/config/crd/bases/options.keptn.sh_keptnconfigs.yaml +++ b/lifecycle-operator/config/crd/bases/options.keptn.sh_keptnconfigs.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.5 name: keptnconfigs.options.keptn.sh spec: group: options.keptn.sh diff --git a/lifecycle-operator/config/rbac/role.yaml b/lifecycle-operator/config/rbac/role.yaml index db29ef0610..dddbbd51bf 100644 --- a/lifecycle-operator/config/rbac/role.yaml +++ b/lifecycle-operator/config/rbac/role.yaml @@ -4,42 +4,6 @@ kind: ClusterRole metadata: name: lifecycle-operator-role rules: -- apiGroups: - - apps - resources: - - daemonsets - - deployments - - replicasets - - statefulsets - verbs: - - get - - list - - watch -- apiGroups: - - argoproj.io - resources: - - rollouts - verbs: - - get - - list - - watch -- apiGroups: - - batch - resources: - - jobs - verbs: - - create - - get - - list - - update - - watch -- apiGroups: - - batch - resources: - - jobs/status - verbs: - - get - - list - apiGroups: - "" resources: @@ -94,120 +58,45 @@ rules: verbs: - get - apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappcontexts - verbs: - - get - - list - - watch -- apiGroups: - - lifecycle.keptn.sh + - apps resources: - - keptnappcreationrequests + - daemonsets + - deployments + - replicasets + - statefulsets verbs: - - create - - delete - get - list - - patch - - update - watch - apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappcreationrequests/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappcreationrequests/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh + - argoproj.io resources: - - keptnapps + - rollouts verbs: - - create - - delete - get - list - - patch - - update - watch - apiGroups: - - lifecycle.keptn.sh - resources: - - keptnapps/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnapps/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh + - batch resources: - - keptnappversion + - jobs verbs: - create - - delete - get - list - - patch - update - watch - apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappversion/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappversion/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh + - batch resources: - - keptnappversions + - jobs/status verbs: - - create - - delete - get - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappversions/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappversions/status - verbs: - - get - - patch - - update - apiGroups: - lifecycle.keptn.sh resources: + - keptnappcontexts - keptnevaluationdefinitions verbs: - get @@ -216,110 +105,14 @@ rules: - apiGroups: - lifecycle.keptn.sh resources: + - keptnappcreationrequests + - keptnapps + - keptnappversion + - keptnappversions - keptnevaluations - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnevaluations/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnevaluations/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - keptntaskdefinitions - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptntaskdefinitions/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptntaskdefinitions/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - keptntasks - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptntasks/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptntasks/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - keptnworkloads - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnworkloads/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnworkloads/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - keptnworkloadversions verbs: - create @@ -332,12 +125,28 @@ rules: - apiGroups: - lifecycle.keptn.sh resources: + - keptnappcreationrequests/finalizers + - keptnapps/finalizers + - keptnappversion/finalizers + - keptnappversions/finalizers + - keptnevaluations/finalizers + - keptntaskdefinitions/finalizers + - keptntasks/finalizers + - keptnworkloads/finalizers - keptnworkloadversions/finalizers verbs: - update - apiGroups: - lifecycle.keptn.sh resources: + - keptnappcreationrequests/status + - keptnapps/status + - keptnappversion/status + - keptnappversions/status + - keptnevaluations/status + - keptntaskdefinitions/status + - keptntasks/status + - keptnworkloads/status - keptnworkloadversions/status verbs: - get diff --git a/lifecycle-operator/go.mod b/lifecycle-operator/go.mod index 042c2d9b82..6b8d932009 100644 --- a/lifecycle-operator/go.mod +++ b/lifecycle-operator/go.mod @@ -27,12 +27,12 @@ require ( golang.org/x/exp v0.0.0-20241009180824-f66d83c29e7c golang.org/x/net v0.30.0 google.golang.org/grpc v1.67.1 - k8s.io/api v0.29.9 - k8s.io/apiextensions-apiserver v0.29.9 - k8s.io/apimachinery v0.29.9 - k8s.io/apiserver v0.29.9 - k8s.io/client-go v0.29.9 - sigs.k8s.io/controller-runtime v0.16.6 + k8s.io/api v0.31.2 + k8s.io/apiextensions-apiserver v0.31.2 + k8s.io/apimachinery v0.31.2 + k8s.io/apiserver v0.31.2 + k8s.io/client-go v0.31.2 + sigs.k8s.io/controller-runtime v0.19.1 sigs.k8s.io/yaml v1.4.0 ) @@ -40,16 +40,16 @@ require ( github.com/beorn7/perks v1.0.1 // indirect github.com/cenkalti/backoff/v4 v4.3.0 // indirect github.com/cespare/xxhash/v2 v2.3.0 // indirect - github.com/davecgh/go-spew v1.1.1 // indirect + github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect github.com/emicklei/go-restful/v3 v3.11.0 // indirect - github.com/evanphx/json-patch v5.6.0+incompatible // indirect github.com/evanphx/json-patch/v5 v5.9.0 // indirect github.com/fsnotify/fsnotify v1.7.0 // indirect + github.com/fxamacker/cbor/v2 v2.7.0 // indirect github.com/go-logr/stdr v1.2.2 // indirect - github.com/go-logr/zapr v1.2.4 // indirect + github.com/go-logr/zapr v1.3.0 // indirect github.com/go-openapi/jsonpointer v0.19.6 // indirect github.com/go-openapi/jsonreference v0.20.2 // indirect - github.com/go-openapi/swag v0.22.3 // indirect + github.com/go-openapi/swag v0.22.4 // indirect github.com/go-task/slim-sprig/v3 v3.0.0 // indirect github.com/gogo/protobuf v1.3.2 // indirect github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect @@ -67,16 +67,17 @@ require ( github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect github.com/modern-go/reflect2 v1.0.2 // indirect github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect - github.com/pmezard/go-difflib v1.0.0 // indirect + github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect github.com/prometheus/client_model v0.6.1 // indirect github.com/prometheus/common v0.55.0 // indirect github.com/prometheus/procfs v0.15.1 // indirect github.com/spf13/afero v1.11.0 // indirect github.com/spf13/pflag v1.0.5 // indirect + github.com/x448/float16 v0.8.4 // indirect go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.28.0 // indirect go.opentelemetry.io/proto/otlp v1.3.1 // indirect go.uber.org/multierr v1.11.0 // indirect - go.uber.org/zap v1.25.0 // indirect + go.uber.org/zap v1.26.0 // indirect golang.org/x/oauth2 v0.22.0 // indirect golang.org/x/sys v0.26.0 // indirect golang.org/x/term v0.25.0 // indirect @@ -87,13 +88,13 @@ require ( google.golang.org/genproto/googleapis/api v0.0.0-20240814211410-ddb44dafa142 // indirect google.golang.org/genproto/googleapis/rpc v0.0.0-20240814211410-ddb44dafa142 // indirect google.golang.org/protobuf v1.34.2 // indirect + gopkg.in/evanphx/json-patch.v4 v4.12.0 // indirect gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect - k8s.io/component-base v0.29.9 // indirect - k8s.io/klog/v2 v2.110.1 // indirect - k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 // indirect - k8s.io/utils v0.0.0-20230726121419-3b25d923346b // indirect + k8s.io/klog/v2 v2.130.1 // indirect + k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 // indirect + k8s.io/utils v0.0.0-20240711033017-18e509b52bc8 // indirect sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect ) diff --git a/lifecycle-operator/go.sum b/lifecycle-operator/go.sum index 9bdacdf45a..89000eb945 100644 --- a/lifecycle-operator/go.sum +++ b/lifecycle-operator/go.sum @@ -2,7 +2,6 @@ dario.cat/mergo v1.0.1 h1:Ra4+bf83h2ztPIQYNP99R6m+Y7KfnARDfID+a+vLl4s= dario.cat/mergo v1.0.1/go.mod h1:uNxQE+84aUszobStD9th8a29P2fMDhsBdgRYvZOxGmk= github.com/argoproj/argo-rollouts v1.7.2 h1:faDUH/qePerYRwsrHfVzNQkhjGBgXIiVYdVK8824kMo= github.com/argoproj/argo-rollouts v1.7.2/go.mod h1:Te4HrUELxKiBpK8lgk77o4gTa3mv8pXCd8xdPprKrbs= -github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA= github.com/benbjohnson/clock v1.3.5 h1:VvXlSJBzZpA/zum6Sj74hxwYI2DIxRWuNIoXAzHZz5o= github.com/benbjohnson/clock v1.3.5/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA= github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= @@ -15,8 +14,9 @@ github.com/cloudevents/sdk-go/v2 v2.15.2 h1:54+I5xQEnI73RBhWHxbI1XJcqOFOVJN85vb4 github.com/cloudevents/sdk-go/v2 v2.15.2/go.mod h1:lL7kSWAE/V8VI4Wh0jbL2v/jvqsm6tjmaQBSvxcv4uE= github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM= +github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/emicklei/go-restful/v3 v3.11.0 h1:rAQeMHw1c7zTmncogyy8VvRZwtkmkZ4FxERmMY4rD+g= github.com/emicklei/go-restful/v3 v3.11.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= github.com/evanphx/json-patch v5.6.0+incompatible h1:jBYDEEiFBPxA0v50tFdvOzQQTCvpL6mnFh5mB2/l16U= @@ -25,21 +25,22 @@ github.com/evanphx/json-patch/v5 v5.9.0 h1:kcBlZQbplgElYIlo/n1hJbls2z/1awpXxpRi0 github.com/evanphx/json-patch/v5 v5.9.0/go.mod h1:VNkHZ/282BpEyt/tObQO8s5CMPmYYq14uClGH4abBuQ= github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nosvA= github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM= +github.com/fxamacker/cbor/v2 v2.7.0 h1:iM5WgngdRBanHcxugY4JySA0nk1wZorNOpTgCMedv5E= +github.com/fxamacker/cbor/v2 v2.7.0/go.mod h1:pxXPTn3joSm21Gbwsv0w9OSA2y1HFR9qXEeXQVeNoDQ= github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-logr/logr v1.2.4/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-logr/logr v1.3.0/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= github.com/go-logr/logr v1.4.2 h1:6pFjapn8bFcIbiKo3XT4j/BhANplGihG6tvd+8rYgrY= github.com/go-logr/logr v1.4.2/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag= github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE= -github.com/go-logr/zapr v1.2.4 h1:QHVo+6stLbfJmYGkQ7uGHUCu5hnAFAj6mDe6Ea0SeOo= -github.com/go-logr/zapr v1.2.4/go.mod h1:FyHWQIzQORZ0QVE1BtVHv3cKtNLuXsbNLtpuhNapBOA= +github.com/go-logr/zapr v1.3.0 h1:XGdV8XW8zdwFiwOA2Dryh1gj2KRQyOOoNmBy4EplIcQ= +github.com/go-logr/zapr v1.3.0/go.mod h1:YKepepNBd1u/oyhd/yQmtjVXmm9uML4IXUgMOwR8/Gg= github.com/go-openapi/jsonpointer v0.19.6 h1:eCs3fxoIi3Wh6vtgmLTOjdhSpiqphQ+DaPn38N2ZdrE= github.com/go-openapi/jsonpointer v0.19.6/go.mod h1:osyAmYz/mB/C3I+WsTTSgw1ONzaLJoLCyoi6/zppojs= github.com/go-openapi/jsonreference v0.20.2 h1:3sVjiK66+uXK/6oQ8xgcRKcFgQ5KXa2KvnJRumpMGbE= github.com/go-openapi/jsonreference v0.20.2/go.mod h1:Bl1zwGIM8/wsvqjsOQLJ/SH+En5Ap4rVB5KVcIDZG2k= -github.com/go-openapi/swag v0.22.3 h1:yMBqmnQ0gyZvEb/+KzuWZOXgllrXT4SADYbvDaXHv/g= github.com/go-openapi/swag v0.22.3/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= +github.com/go-openapi/swag v0.22.4 h1:QLMzNJnMGPRNDCbySlcj1x01tzU8/9LTTL9hZZZogBU= +github.com/go-openapi/swag v0.22.4/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= github.com/go-task/slim-sprig/v3 v3.0.0 h1:sUs3vkvUymDpBKi3qH1YSqBQk9+9D/8M2mN1vB6EwHI= github.com/go-task/slim-sprig/v3 v3.0.0/go.mod h1:W848ghGpv3Qj3dhTPRyJypKRiqCdHZiAzKg9hl15HA8= github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= @@ -74,7 +75,6 @@ github.com/keptn/lifecycle-toolkit/keptn-cert-manager v0.0.0-20240806082913-9bcc github.com/keptn/lifecycle-toolkit/keptn-cert-manager v0.0.0-20240806082913-9bcc0d1633a6/go.mod h1:IF+voXJvrQqpwu13iW9J51xW01nUMtUVuggeZqqq3GQ= github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= -github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= @@ -97,11 +97,11 @@ github.com/onsi/ginkgo/v2 v2.20.2 h1:7NVCeyIWROIAheY21RLS+3j2bb52W0W82tkberYytp4 github.com/onsi/ginkgo/v2 v2.20.2/go.mod h1:K9gyxPIlb+aIvnZ8bd9Ak+YP18w3APlR+5coaZoE2ag= github.com/onsi/gomega v1.34.2 h1:pNCwDkzrsv7MS9kpaQvVb1aVLahQXyJ/Tv5oAZMI3i8= github.com/onsi/gomega v1.34.2/go.mod h1:v1xfxRgk0KIsG+QOdm7p8UosrOzPYRo60fd3B/1Dukc= -github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= -github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U= +github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/prometheus/client_golang v1.19.1 h1:wZWJDwK+NameRJuPGDhlnFgx8e8HN3XHQeLaYJFJBOE= github.com/prometheus/client_golang v1.19.1/go.mod h1:mP78NwGzrVks5S2H6ab8+ZZGJLZUq1hoULYBAYBw1Ho= github.com/prometheus/client_model v0.6.1 h1:ZKSh/rekM+n3CeS952MLRAdFwIKqeY8b62p8ais2e9E= @@ -120,7 +120,6 @@ github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+ github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= -github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= @@ -128,9 +127,10 @@ github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsT github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= github.com/valyala/bytebufferpool v1.0.0 h1:GqA5TC/0021Y/b9FG4Oi9Mr3q7XYx6KllzawFIhcdPw= github.com/valyala/bytebufferpool v1.0.0/go.mod h1:6bBcMArwyJ5K/AmCkWv1jt77kVWyCJ6HpOuEn7z0Csc= +github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM= +github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= go.opentelemetry.io/otel v1.28.0 h1:/SqNcYk+idO0CxKEUOtKQClMK/MimZihKYMruSMViUo= go.opentelemetry.io/otel v1.28.0/go.mod h1:q68ijF8Fc8CnMHKyzqL6akLO46ePnjkgfIMIjUIX9z4= go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.28.0 h1:3Q/xZUyC1BBkualc9ROb4G8qkH90LXEIICcs5zv1OYY= @@ -151,31 +151,23 @@ go.opentelemetry.io/otel/trace v1.28.0 h1:GhQ9cUuQGmNDd5BTCP2dAvv75RdMxEfTmYejp+ go.opentelemetry.io/otel/trace v1.28.0/go.mod h1:jPyXzNPg6da9+38HEwElrQiHlVMTnVfM3/yv2OlIHaI= go.opentelemetry.io/proto/otlp v1.3.1 h1:TrMUixzpM0yuc/znrFTP9MMRh8trP93mkCiDVeXrui0= go.opentelemetry.io/proto/otlp v1.3.1/go.mod h1:0X1WI4de4ZsLrrJNLAQbFeLCm3T7yBkR0XqQ7niQU+8= -go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= -go.uber.org/goleak v1.1.11/go.mod h1:cwTWslyiVhfpKIDGSZEM2HlOvcqm+tG4zioyIeLoqMQ= go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto= go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE= -go.uber.org/multierr v1.6.0/go.mod h1:cdWPpRnG4AhwMwsgIHip0KRBQjJy5kYEpYjJxpXp9iU= go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0= go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y= -go.uber.org/zap v1.24.0/go.mod h1:2kMP+WWQ8aoFoedH3T2sq6iJ2yDWpHbP0f6MQbS9Gkg= -go.uber.org/zap v1.25.0 h1:4Hvk6GtkucQ790dqmj7l1eEnRdKm3k3ZUrUMS2d5+5c= -go.uber.org/zap v1.25.0/go.mod h1:JIAUzQIH94IC4fOJQm7gMmBJP5k7wQfdcnYdPoEXJYk= +go.uber.org/zap v1.26.0 h1:sI7k6L95XOKS281NhVKOFCUNIvv9e0w4BF8N3u+tCRo= +go.uber.org/zap v1.26.0/go.mod h1:dtElttAiwGvoJ/vj4IwHBS/gXsEu/pZ50mUIRWuG0so= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/exp v0.0.0-20241009180824-f66d83c29e7c h1:7dEasQXItcW1xKJ2+gg5VOiBnqWrJc+rq0DPKyvvdbY= golang.org/x/exp v0.0.0-20241009180824-f66d83c29e7c/go.mod h1:NQtJDoLvd6faHhE7m4T/1IY708gDefGGjR/iUW8yQQ8= -golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= -golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= golang.org/x/net v0.30.0 h1:AcW1SDZMkb8IpzCdQUaIq2sP4sZ4zw+55h6ynffypl4= golang.org/x/net v0.30.0/go.mod h1:2wGyMJ5iFasEhkwi13ChkO/t1ECNC4X4eBKkVFyYFlU= golang.org/x/oauth2 v0.22.0 h1:BzDx2FehcG7jJwgWLELCdmLuxk2i+x9UDpSiss2u0ZA= @@ -183,16 +175,11 @@ golang.org/x/oauth2 v0.22.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbht golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.26.0 h1:KHjCJyddX0LoSTb3J+vWpupP9p0oznkqVk/IfjymZbo= golang.org/x/sys v0.26.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.25.0 h1:WtHI/ltw4NvSUig5KARz9h521QvRC8RmF/cuYqifU24= golang.org/x/term v0.25.0/go.mod h1:RPyXicDX+6vLxogjjRxjgD2TKtmAO6NZBsBRfrOLu7M= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -202,11 +189,9 @@ golang.org/x/text v0.19.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY= golang.org/x/time v0.5.0 h1:o7cqy6amK/52YcAKIPlM3a+Fpj35zvRj2TP+e1xFSfk= golang.org/x/time v0.5.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.26.0 h1:v/60pFQmzmT9ExmjDv2gGIfi3OqfKoEP6I5+umXlbnQ= golang.org/x/tools v0.26.0/go.mod h1:TPVVj70c7JJ3WCazhD8OdXcZg/og+b9+tH/KxylGwH0= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= @@ -224,9 +209,10 @@ google.golang.org/grpc v1.67.1/go.mod h1:1gLDyUQU7CTLJI90u3nXZ9ekeghjeM7pTDZlqFN google.golang.org/protobuf v1.35.1 h1:m3LfL6/Ca+fqnjnlqQXNpFPABW1UD7mjh8KO2mKFytA= google.golang.org/protobuf v1.35.1/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= +gopkg.in/evanphx/json-patch.v4 v4.12.0 h1:n6jtcsulIzXPJaxegRbvFNNrZDjbij7ny3gmSPG+6V4= +gopkg.in/evanphx/json-patch.v4 v4.12.0/go.mod h1:p8EYWUEYMpynmqDbY58zCKCFZw8pRWMG4EsWvDvM72M= gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= @@ -236,26 +222,24 @@ gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C gopkg.in/yaml.v3 v3.0.0/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -k8s.io/api v0.29.9 h1:FwdflpNsfMUYUOblMZNWJ4K/q0OSL5A4jGa0iOgcJco= -k8s.io/api v0.29.9/go.mod h1:fNhmzRfKaSEHCmczA/jRx6CiDKhYOnFLJBERMJAXEk8= -k8s.io/apiextensions-apiserver v0.29.9 h1:EB6RK06kFJjbzBwU1YiVznxrcgBE0hhDWt6EQQIcOy4= -k8s.io/apiextensions-apiserver v0.29.9/go.mod h1:jcaHG6R/bB1iU6XzC1DMhB1x2ktTJLt2KKpg6B65Z2c= -k8s.io/apimachinery v0.29.9 h1:YZ8HUid1TzQVz94cnNlsQjLdH0VoAhWSqz7t0q6B12A= -k8s.io/apimachinery v0.29.9/go.mod h1:i3FJVwhvSp/6n8Fl4K97PJEP8C+MM+aoDq4+ZJBf70Y= -k8s.io/apiserver v0.29.9 h1:BiHTZbAYcNYHTE9RlWMBe5AX2XoZbRujy6oo5krU4V8= -k8s.io/apiserver v0.29.9/go.mod h1:3zmBeYworciVZHs8jSfzt/naTpDQb3AM++aYJ5Pkqqo= -k8s.io/client-go v0.29.9 h1:4f/Wz6li3rEyIPFj32XAQMtOGMM1tg7KQi1oeS6ibPg= -k8s.io/client-go v0.29.9/go.mod h1:2N1drQEZ5yiYrWVaE2Un8JiISUhl47D8pyZlYLszke4= -k8s.io/component-base v0.29.9 h1:lPENvp3CCwdeMEWGjiTfn5b287qQYuK7gX32OBOovmA= -k8s.io/component-base v0.29.9/go.mod h1:NGDa6Ih0EdcLA2G4K2ZYySoiB+2Tn+rmSqPyudCPgDY= -k8s.io/klog/v2 v2.110.1 h1:U/Af64HJf7FcwMcXyKm2RPM22WZzyR7OSpYj5tg3cL0= -k8s.io/klog/v2 v2.110.1/go.mod h1:YGtd1984u+GgbuZ7e08/yBuAfKLSO0+uR1Fhi6ExXjo= -k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 h1:aVUu9fTY98ivBPKR9Y5w/AuzbMm96cd3YHRTU83I780= -k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00/go.mod h1:AsvuZPBlUDVuCdzJ87iajxtXuR9oktsTctW/R9wwouA= -k8s.io/utils v0.0.0-20230726121419-3b25d923346b h1:sgn3ZU783SCgtaSJjpcVVlRqd6GSnlTLKgpAAttJvpI= -k8s.io/utils v0.0.0-20230726121419-3b25d923346b/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= -sigs.k8s.io/controller-runtime v0.16.6 h1:FiXwTuFF5ZJKmozfP2Z0j7dh6kmxP4Ou1KLfxgKKC3I= -sigs.k8s.io/controller-runtime v0.16.6/go.mod h1:+dQzkZxnylD0u49e0a+7AR+vlibEBaThmPca7lTyUsI= +k8s.io/api v0.31.2 h1:3wLBbL5Uom/8Zy98GRPXpJ254nEFpl+hwndmk9RwmL0= +k8s.io/api v0.31.2/go.mod h1:bWmGvrGPssSK1ljmLzd3pwCQ9MgoTsRCuK35u6SygUk= +k8s.io/apiextensions-apiserver v0.31.2 h1:W8EwUb8+WXBLu56ser5IudT2cOho0gAKeTOnywBLxd0= +k8s.io/apiextensions-apiserver v0.31.2/go.mod h1:i+Geh+nGCJEGiCGR3MlBDkS7koHIIKWVfWeRFiOsUcM= +k8s.io/apimachinery v0.31.2 h1:i4vUt2hPK56W6mlT7Ry+AO8eEsyxMD1U44NR22CLTYw= +k8s.io/apimachinery v0.31.2/go.mod h1:rsPdaZJfTfLsNJSQzNHQvYoTmxhoOEofxtOsF3rtsMo= +k8s.io/apiserver v0.31.2 h1:VUzOEUGRCDi6kX1OyQ801m4A7AUPglpsmGvdsekmcI4= +k8s.io/apiserver v0.31.2/go.mod h1:o3nKZR7lPlJqkU5I3Ove+Zx3JuoFjQobGX1Gctw6XuE= +k8s.io/client-go v0.31.2 h1:Y2F4dxU5d3AQj+ybwSMqQnpZH9F30//1ObxOKlTI9yc= +k8s.io/client-go v0.31.2/go.mod h1:NPa74jSVR/+eez2dFsEIHNa+3o09vtNaWwWwb1qSxSs= +k8s.io/klog/v2 v2.130.1 h1:n9Xl7H1Xvksem4KFG4PYbdQCQxqc/tTUyrgXaOhHSzk= +k8s.io/klog/v2 v2.130.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= +k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 h1:BZqlfIlq5YbRMFko6/PM7FjZpUb45WallggurYhKGag= +k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340/go.mod h1:yD4MZYeKMBwQKVht279WycxKyM84kkAx2DPrTXaeb98= +k8s.io/utils v0.0.0-20240711033017-18e509b52bc8 h1:pUdcCO1Lk/tbT5ztQWOBi5HBgbBP1J8+AsQnQCKsi8A= +k8s.io/utils v0.0.0-20240711033017-18e509b52bc8/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +sigs.k8s.io/controller-runtime v0.19.1 h1:Son+Q40+Be3QWb+niBXAg2vFiYWolDjjRfO8hn/cxOk= +sigs.k8s.io/controller-runtime v0.19.1/go.mod h1:iRmWllt8IlaLjvTTDLhRBXIEtkCK6hwVBJJsYS9Ajf4= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= sigs.k8s.io/structured-merge-diff/v4 v4.4.1 h1:150L+0vs/8DA78h1u02ooW1/fFq/Lwr+sGiqlzvrtq4= diff --git a/lifecycle-operator/webhooks/pod_mutator/handlers/appcreationrequest_handler_test.go b/lifecycle-operator/webhooks/pod_mutator/handlers/appcreationrequest_handler_test.go index 7ef618ad61..342ebafc50 100644 --- a/lifecycle-operator/webhooks/pod_mutator/handlers/appcreationrequest_handler_test.go +++ b/lifecycle-operator/webhooks/pod_mutator/handlers/appcreationrequest_handler_test.go @@ -43,10 +43,6 @@ func TestAppHandlerHandle(t *testing.T) { }} singleServiceCreationReq := &apilifecycle.KeptnAppCreationRequest{ - TypeMeta: metav1.TypeMeta{ - Kind: "KeptnAppCreationRequest", - APIVersion: "lifecycle.keptn.sh/v1", - }, ObjectMeta: metav1.ObjectMeta{ Name: TestWorkload, Namespace: namespace, @@ -91,10 +87,6 @@ func TestAppHandlerHandle(t *testing.T) { }}, client: testcommon.NewTestClient(), wantReq: &apilifecycle.KeptnAppCreationRequest{ - TypeMeta: metav1.TypeMeta{ - Kind: "KeptnAppCreationRequest", - APIVersion: "lifecycle.keptn.sh/v1", - }, ObjectMeta: metav1.ObjectMeta{ Name: testApp, Namespace: namespace, diff --git a/lifecycle-operator/webhooks/pod_mutator/handlers/workload_test.go b/lifecycle-operator/webhooks/pod_mutator/handlers/workload_test.go index 3a6bd63a02..947b4f73b0 100644 --- a/lifecycle-operator/webhooks/pod_mutator/handlers/workload_test.go +++ b/lifecycle-operator/webhooks/pod_mutator/handlers/workload_test.go @@ -40,7 +40,6 @@ func TestHandle(t *testing.T) { } wantWorkload := &apilifecycle.KeptnWorkload{ - TypeMeta: metav1.TypeMeta{Kind: "KeptnWorkload", APIVersion: "lifecycle.keptn.sh/v1"}, ObjectMeta: metav1.ObjectMeta{ Name: testAppWorkload, Namespace: namespace, @@ -59,7 +58,6 @@ func TestHandle(t *testing.T) { }, } wantWorkload2 := &apilifecycle.KeptnWorkload{ - TypeMeta: metav1.TypeMeta{Kind: "KeptnWorkload", APIVersion: "lifecycle.keptn.sh/v1"}, ObjectMeta: metav1.ObjectMeta{ Name: testAppWorkload, Namespace: namespace, diff --git a/lifecycle-operator/webhooks/pod_mutator/pod_mutating_webhook.go b/lifecycle-operator/webhooks/pod_mutator/pod_mutating_webhook.go index 2233a08746..96c891bf8f 100644 --- a/lifecycle-operator/webhooks/pod_mutator/pod_mutating_webhook.go +++ b/lifecycle-operator/webhooks/pod_mutator/pod_mutating_webhook.go @@ -38,7 +38,7 @@ type PodMutatingWebhook struct { func NewPodMutator( client client.Client, - decoder *admission.Decoder, + decoder admission.Decoder, eventSender eventsender.IEvent, log logr.Logger, schedulingGatesEnabled bool, diff --git a/lifecycle-operator/webhooks/pod_mutator/pod_mutating_webhook_test.go b/lifecycle-operator/webhooks/pod_mutator/pod_mutating_webhook_test.go index 9c490cc074..eb159bb1bb 100644 --- a/lifecycle-operator/webhooks/pod_mutator/pod_mutating_webhook_test.go +++ b/lifecycle-operator/webhooks/pod_mutator/pod_mutating_webhook_test.go @@ -652,7 +652,7 @@ func generateRequest(pod *corev1.Pod, t *testing.T) admissionv1.AdmissionRequest } } -func setupTestData() (*corev1.Pod, *v1.Deployment, *corev1.Namespace, *admission.Decoder) { +func setupTestData() (*corev1.Pod, *v1.Deployment, *corev1.Namespace, admission.Decoder) { pod := &corev1.Pod{ ObjectMeta: metav1.ObjectMeta{ Name: testPod, diff --git a/metrics-operator/Makefile b/metrics-operator/Makefile index 370980354e..533931ccd2 100644 --- a/metrics-operator/Makefile +++ b/metrics-operator/Makefile @@ -27,7 +27,7 @@ ENVTEST_K8S_VERSION=1.27.1 # renovate: datasource=github-tags depName=kubernetes-sigs/kustomize KUSTOMIZE_VERSION?=v5.5.0 # renovate: datasource=github-releases depName=kubernetes-sigs/controller-tools -CONTROLLER_TOOLS_VERSION?=v0.16.4 +CONTROLLER_TOOLS_VERSION?=v0.16.5 # Get the currently used golang install path (in GOPATH/bin, unless GOBIN is set) ifeq (,$(shell go env GOBIN)) diff --git a/metrics-operator/chart/templates/analysis-crd.yaml b/metrics-operator/chart/templates/analysis-crd.yaml index 7fd0b7da8a..4f1c47fdb0 100644 --- a/metrics-operator/chart/templates/analysis-crd.yaml +++ b/metrics-operator/chart/templates/analysis-crd.yaml @@ -3,7 +3,7 @@ kind: CustomResourceDefinition metadata: name: analyses.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 {{- with .Values.global.caInjectionAnnotations }} {{- toYaml . | nindent 4 }} {{- end }} diff --git a/metrics-operator/chart/templates/analysisdefinition-crd.yaml b/metrics-operator/chart/templates/analysisdefinition-crd.yaml index 7117a9f30c..0af1a41f03 100644 --- a/metrics-operator/chart/templates/analysisdefinition-crd.yaml +++ b/metrics-operator/chart/templates/analysisdefinition-crd.yaml @@ -3,7 +3,7 @@ kind: CustomResourceDefinition metadata: name: analysisdefinitions.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 {{- with .Values.global.caInjectionAnnotations }} {{- toYaml . | nindent 4 }} {{- end }} diff --git a/metrics-operator/chart/templates/analysisvaluetemplate-crd.yaml b/metrics-operator/chart/templates/analysisvaluetemplate-crd.yaml index 41d47fa463..ea51a1a876 100644 --- a/metrics-operator/chart/templates/analysisvaluetemplate-crd.yaml +++ b/metrics-operator/chart/templates/analysisvaluetemplate-crd.yaml @@ -3,7 +3,7 @@ kind: CustomResourceDefinition metadata: name: analysisvaluetemplates.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 {{- with .Values.global.caInjectionAnnotations }} {{- toYaml . | nindent 4 }} {{- end }} diff --git a/metrics-operator/chart/templates/keptnmetric-crd.yaml b/metrics-operator/chart/templates/keptnmetric-crd.yaml index 6dcd6a3a36..263d23bed8 100644 --- a/metrics-operator/chart/templates/keptnmetric-crd.yaml +++ b/metrics-operator/chart/templates/keptnmetric-crd.yaml @@ -3,7 +3,7 @@ kind: CustomResourceDefinition metadata: name: keptnmetrics.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 {{- with .Values.global.caInjectionAnnotations }} {{- toYaml . | nindent 4 }} {{- end }} diff --git a/metrics-operator/chart/templates/keptnmetricsprovider-crd.yaml b/metrics-operator/chart/templates/keptnmetricsprovider-crd.yaml index 9be49d5680..50a24fa6d5 100644 --- a/metrics-operator/chart/templates/keptnmetricsprovider-crd.yaml +++ b/metrics-operator/chart/templates/keptnmetricsprovider-crd.yaml @@ -3,7 +3,7 @@ kind: CustomResourceDefinition metadata: name: keptnmetricsproviders.metrics.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 {{- with .Values.global.caInjectionAnnotations }} {{- toYaml . | nindent 4 }} {{- end }} @@ -67,7 +67,6 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined @@ -133,7 +132,6 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined @@ -193,7 +191,6 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined @@ -260,7 +257,6 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined diff --git a/metrics-operator/chart/templates/metrics-operator-rbac.yaml b/metrics-operator/chart/templates/metrics-operator-rbac.yaml index 2c19791e45..8359f9be2a 100644 --- a/metrics-operator/chart/templates/metrics-operator-rbac.yaml +++ b/metrics-operator/chart/templates/metrics-operator-rbac.yaml @@ -40,12 +40,14 @@ rules: - metrics.keptn.sh resources: - analyses/finalizers + - keptnmetrics/finalizers verbs: - update - apiGroups: - metrics.keptn.sh resources: - analyses/status + - keptnmetrics/status verbs: - get - patch @@ -54,51 +56,9 @@ rules: - metrics.keptn.sh resources: - analysisdefinitions - verbs: - - get - - list - - watch - - apiGroups: - - metrics.keptn.sh - resources: - analysisvaluetemplates - verbs: - - get - - list - - watch - - apiGroups: - - metrics.keptn.sh - resources: - keptnmetrics - verbs: - - get - - list - - watch - - apiGroups: - - metrics.keptn.sh - resources: - - keptnmetrics/finalizers - verbs: - - update - - apiGroups: - - metrics.keptn.sh - resources: - - keptnmetrics/status - verbs: - - get - - patch - - update - - apiGroups: - - metrics.keptn.sh - resources: - keptnmetricsproviders - verbs: - - get - - list - - watch - - apiGroups: - - metrics.keptn.sh - resources: - providers verbs: - get diff --git a/metrics-operator/config/crd/bases/metrics.keptn.sh_analyses.yaml b/metrics-operator/config/crd/bases/metrics.keptn.sh_analyses.yaml index 95ae73f958..42fd587a45 100644 --- a/metrics-operator/config/crd/bases/metrics.keptn.sh_analyses.yaml +++ b/metrics-operator/config/crd/bases/metrics.keptn.sh_analyses.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.5 name: analyses.metrics.keptn.sh spec: group: metrics.keptn.sh diff --git a/metrics-operator/config/crd/bases/metrics.keptn.sh_analysisdefinitions.yaml b/metrics-operator/config/crd/bases/metrics.keptn.sh_analysisdefinitions.yaml index 14c309f04d..6074478dfb 100644 --- a/metrics-operator/config/crd/bases/metrics.keptn.sh_analysisdefinitions.yaml +++ b/metrics-operator/config/crd/bases/metrics.keptn.sh_analysisdefinitions.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.5 name: analysisdefinitions.metrics.keptn.sh spec: group: metrics.keptn.sh diff --git a/metrics-operator/config/crd/bases/metrics.keptn.sh_analysisvaluetemplates.yaml b/metrics-operator/config/crd/bases/metrics.keptn.sh_analysisvaluetemplates.yaml index e0edf4d0d9..67705015f8 100644 --- a/metrics-operator/config/crd/bases/metrics.keptn.sh_analysisvaluetemplates.yaml +++ b/metrics-operator/config/crd/bases/metrics.keptn.sh_analysisvaluetemplates.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.5 name: analysisvaluetemplates.metrics.keptn.sh spec: group: metrics.keptn.sh diff --git a/metrics-operator/config/crd/bases/metrics.keptn.sh_keptnmetrics.yaml b/metrics-operator/config/crd/bases/metrics.keptn.sh_keptnmetrics.yaml index 645687160e..14df82a485 100644 --- a/metrics-operator/config/crd/bases/metrics.keptn.sh_keptnmetrics.yaml +++ b/metrics-operator/config/crd/bases/metrics.keptn.sh_keptnmetrics.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.5 name: keptnmetrics.metrics.keptn.sh spec: group: metrics.keptn.sh diff --git a/metrics-operator/config/crd/bases/metrics.keptn.sh_keptnmetricsproviders.yaml b/metrics-operator/config/crd/bases/metrics.keptn.sh_keptnmetricsproviders.yaml index 5541e9366c..ec61b83506 100644 --- a/metrics-operator/config/crd/bases/metrics.keptn.sh_keptnmetricsproviders.yaml +++ b/metrics-operator/config/crd/bases/metrics.keptn.sh_keptnmetricsproviders.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.5 name: keptnmetricsproviders.metrics.keptn.sh spec: group: metrics.keptn.sh @@ -59,7 +59,6 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined @@ -125,7 +124,6 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined @@ -185,7 +183,6 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined @@ -252,7 +249,6 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined diff --git a/metrics-operator/config/rbac/role.yaml b/metrics-operator/config/rbac/role.yaml index 70fc4a915b..72343427d2 100644 --- a/metrics-operator/config/rbac/role.yaml +++ b/metrics-operator/config/rbac/role.yaml @@ -34,12 +34,14 @@ rules: - metrics.keptn.sh resources: - analyses/finalizers + - keptnmetrics/finalizers verbs: - update - apiGroups: - metrics.keptn.sh resources: - analyses/status + - keptnmetrics/status verbs: - get - patch @@ -48,51 +50,9 @@ rules: - metrics.keptn.sh resources: - analysisdefinitions - verbs: - - get - - list - - watch -- apiGroups: - - metrics.keptn.sh - resources: - analysisvaluetemplates - verbs: - - get - - list - - watch -- apiGroups: - - metrics.keptn.sh - resources: - keptnmetrics - verbs: - - get - - list - - watch -- apiGroups: - - metrics.keptn.sh - resources: - - keptnmetrics/finalizers - verbs: - - update -- apiGroups: - - metrics.keptn.sh - resources: - - keptnmetrics/status - verbs: - - get - - patch - - update -- apiGroups: - - metrics.keptn.sh - resources: - keptnmetricsproviders - verbs: - - get - - list - - watch -- apiGroups: - - metrics.keptn.sh - resources: - providers verbs: - get diff --git a/metrics-operator/go.mod b/metrics-operator/go.mod index df2b3a5aa2..dfd35c74ae 100644 --- a/metrics-operator/go.mod +++ b/metrics-operator/go.mod @@ -18,14 +18,14 @@ require ( golang.org/x/exp v0.0.0-20241009180824-f66d83c29e7c golang.org/x/net v0.30.0 gopkg.in/inf.v0 v0.9.1 - k8s.io/api v0.29.9 - k8s.io/apiextensions-apiserver v0.29.9 - k8s.io/apimachinery v0.29.9 - k8s.io/apiserver v0.29.9 - k8s.io/client-go v0.29.9 - k8s.io/component-base v0.29.9 + k8s.io/api v0.29.10 + k8s.io/apiextensions-apiserver v0.29.10 + k8s.io/apimachinery v0.29.10 + k8s.io/apiserver v0.29.10 + k8s.io/client-go v0.29.10 + k8s.io/component-base v0.29.10 k8s.io/klog/v2 v2.130.1 - k8s.io/metrics v0.29.9 + k8s.io/metrics v0.29.10 sigs.k8s.io/controller-runtime v0.16.6 sigs.k8s.io/custom-metrics-apiserver v1.29.0 sigs.k8s.io/yaml v1.4.0 @@ -102,7 +102,6 @@ require ( golang.org/x/text v0.19.0 // indirect golang.org/x/time v0.5.0 // indirect gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect - google.golang.org/genproto v0.0.0-20240227224415-6ceb2ff114de // indirect google.golang.org/genproto/googleapis/api v0.0.0-20240814211410-ddb44dafa142 // indirect google.golang.org/genproto/googleapis/rpc v0.0.0-20241007155032-5fefd90f89a9 // indirect google.golang.org/grpc v1.67.1 // indirect @@ -110,7 +109,7 @@ require ( gopkg.in/natefinch/lumberjack.v2 v2.2.1 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect - k8s.io/kms v0.29.9 // indirect + k8s.io/kms v0.29.10 // indirect k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 // indirect k8s.io/utils v0.0.0-20231127182322-b307cd553661 // indirect sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.29.0 // indirect diff --git a/metrics-operator/go.sum b/metrics-operator/go.sum index eadff5c7ce..c417f14fb0 100644 --- a/metrics-operator/go.sum +++ b/metrics-operator/go.sum @@ -286,8 +286,8 @@ golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8T golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= gomodules.xyz/jsonpatch/v2 v2.4.0 h1:Ci3iUJyx9UeRx7CeFN8ARgGbkESwJK+KB9lLcWxY/Zw= gomodules.xyz/jsonpatch/v2 v2.4.0/go.mod h1:AH3dM2RI6uoBZxn3LVrfvJ3E0/9dG4cSrbuBJT4moAY= -google.golang.org/genproto v0.0.0-20240227224415-6ceb2ff114de h1:F6qOa9AZTYJXOUEr4jDysRDLrm4PHePlge4v4TGAlxY= -google.golang.org/genproto v0.0.0-20240227224415-6ceb2ff114de/go.mod h1:VUhTRKeHn9wwcdrk73nvdC9gF178Tzhmt/qyaFcPLSo= +google.golang.org/genproto v0.0.0-20231212172506-995d672761c0 h1:YJ5pD9rF8o9Qtta0Cmy9rdBwkSjrTCT6XTiUQVOtIos= +google.golang.org/genproto v0.0.0-20231212172506-995d672761c0/go.mod h1:l/k7rMz0vFTBPy+tFSGvXEd3z+BcoG1k7EHbqm+YBsY= google.golang.org/genproto/googleapis/api v0.0.0-20240814211410-ddb44dafa142 h1:wKguEg1hsxI2/L3hUYrpo1RVi48K+uTyzKqprwLXsb8= google.golang.org/genproto/googleapis/api v0.0.0-20240814211410-ddb44dafa142/go.mod h1:d6be+8HhtEtucleCbxpPW9PA9XwISACu8nvpPqF0BVo= google.golang.org/genproto/googleapis/rpc v0.0.0-20241007155032-5fefd90f89a9 h1:QCqS/PdaHTSWGvupk2F/ehwHtGc0/GYkT+3GAcR1CCc= @@ -310,26 +310,26 @@ gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -k8s.io/api v0.29.9 h1:FwdflpNsfMUYUOblMZNWJ4K/q0OSL5A4jGa0iOgcJco= -k8s.io/api v0.29.9/go.mod h1:fNhmzRfKaSEHCmczA/jRx6CiDKhYOnFLJBERMJAXEk8= -k8s.io/apiextensions-apiserver v0.29.9 h1:EB6RK06kFJjbzBwU1YiVznxrcgBE0hhDWt6EQQIcOy4= -k8s.io/apiextensions-apiserver v0.29.9/go.mod h1:jcaHG6R/bB1iU6XzC1DMhB1x2ktTJLt2KKpg6B65Z2c= -k8s.io/apimachinery v0.29.9 h1:YZ8HUid1TzQVz94cnNlsQjLdH0VoAhWSqz7t0q6B12A= -k8s.io/apimachinery v0.29.9/go.mod h1:i3FJVwhvSp/6n8Fl4K97PJEP8C+MM+aoDq4+ZJBf70Y= -k8s.io/apiserver v0.29.9 h1:BiHTZbAYcNYHTE9RlWMBe5AX2XoZbRujy6oo5krU4V8= -k8s.io/apiserver v0.29.9/go.mod h1:3zmBeYworciVZHs8jSfzt/naTpDQb3AM++aYJ5Pkqqo= -k8s.io/client-go v0.29.9 h1:4f/Wz6li3rEyIPFj32XAQMtOGMM1tg7KQi1oeS6ibPg= -k8s.io/client-go v0.29.9/go.mod h1:2N1drQEZ5yiYrWVaE2Un8JiISUhl47D8pyZlYLszke4= -k8s.io/component-base v0.29.9 h1:lPENvp3CCwdeMEWGjiTfn5b287qQYuK7gX32OBOovmA= -k8s.io/component-base v0.29.9/go.mod h1:NGDa6Ih0EdcLA2G4K2ZYySoiB+2Tn+rmSqPyudCPgDY= +k8s.io/api v0.29.10 h1:Fao3HOxccbGRC1HZtXD+Y41xJhP0tEToVo5W7EEUBm0= +k8s.io/api v0.29.10/go.mod h1:rF0sRh64w1hMNAVGh4YYniSxODyHye3GLmymAbWBDvY= +k8s.io/apiextensions-apiserver v0.29.10 h1:2k2AHrWgs4S+07HrOjEdcyrQ/UqYlvBi6uon1fox1KE= +k8s.io/apiextensions-apiserver v0.29.10/go.mod h1:3rrJC52bW5frHf10N3JvaDpl++hgrzD9Gs6IZpKWMoc= +k8s.io/apimachinery v0.29.10 h1:57OLNqOJUgp5KlRRY3JOBFOTTa5Rt/LVkmKiiN2cvaQ= +k8s.io/apimachinery v0.29.10/go.mod h1:i3FJVwhvSp/6n8Fl4K97PJEP8C+MM+aoDq4+ZJBf70Y= +k8s.io/apiserver v0.29.10 h1:dQwLNBG0qcNVbw72poZ3R+mvdi3RdtEX9x1nZX3RxGs= +k8s.io/apiserver v0.29.10/go.mod h1:UkJz90cVDZF/iZ19FEUEMWHI04EgoQiakMGD0x9urDY= +k8s.io/client-go v0.29.10 h1:hPmG1pmKslRhmCIzVd90sA58B0sJwNwduNgXFWsFqhI= +k8s.io/client-go v0.29.10/go.mod h1:gnMCQiRXGL9K0VtlW8gTkhzptGrHm2BJ4qBbujNemc4= +k8s.io/component-base v0.29.10 h1:YQrQ/bpzGPGqIPEPaBzxjH0/1DJOI+yZPZNbbz7ZCBY= +k8s.io/component-base v0.29.10/go.mod h1:IbwsBob2DnYiAONsSHIuYenchqcDycbHSLHrXshuLgM= k8s.io/klog/v2 v2.130.1 h1:n9Xl7H1Xvksem4KFG4PYbdQCQxqc/tTUyrgXaOhHSzk= k8s.io/klog/v2 v2.130.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= -k8s.io/kms v0.29.9 h1:7B9VGhFAzNfBmfXeQ0Xi+OzIcNPw/xazPnLm/J3vNT4= -k8s.io/kms v0.29.9/go.mod h1:vWVImKkJd+1BQY4tBwdfSwjQBiLrnbNtHADcDEDQFtk= +k8s.io/kms v0.29.10 h1:LAck4rZrOIjLrSE1yhMLJM8H91QkfpWzCQyeTxdHKSk= +k8s.io/kms v0.29.10/go.mod h1:vWVImKkJd+1BQY4tBwdfSwjQBiLrnbNtHADcDEDQFtk= k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 h1:aVUu9fTY98ivBPKR9Y5w/AuzbMm96cd3YHRTU83I780= k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00/go.mod h1:AsvuZPBlUDVuCdzJ87iajxtXuR9oktsTctW/R9wwouA= -k8s.io/metrics v0.29.9 h1:0Rglc03f5u4/wHliG8cfhLOtSbTwL03WQ37CMn9c4OI= -k8s.io/metrics v0.29.9/go.mod h1:1DixHaqPn7puV31YlEKT/kAEP+31cpOShIPiRtro5no= +k8s.io/metrics v0.29.10 h1:1HrqU+FzD2PaVpgDOmrEqX31t7KtZB5TAlPrsJLgH6I= +k8s.io/metrics v0.29.10/go.mod h1:N+6qNL56EeuhyuTj29iClimxtaFDg1wAMcCte1nVFL4= k8s.io/utils v0.0.0-20231127182322-b307cd553661 h1:FepOBzJ0GXm8t0su67ln2wAZjbQ6RxQGZDnzuLcrUTI= k8s.io/utils v0.0.0-20231127182322-b307cd553661/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.29.0 h1:/U5vjBbQn3RChhv7P11uhYvCSm5G2GaIi5AIGBS6r4c=