From 43a5bde2c196c784349a2cd852a6e431ddf00534 Mon Sep 17 00:00:00 2001 From: Jason Vigil Date: Tue, 4 Feb 2025 20:50:28 +0000 Subject: [PATCH] feat: Add fuzz test, promote ApigeeInstance to v1beta1 --- .../v1alpha1/environmentgroup_identity.go | 2 +- .../apigee/v1alpha1/environmentgroup_types.go | 4 +- apis/apigee/v1alpha1/instance_identity.go | 2 +- apis/apigee/v1alpha1/instance_types.go | 7 +- apis/apigee/v1alpha1/zz_generated.deepcopy.go | 5 +- .../v1beta1/environmentgroup_identity.go | 2 +- apis/apigee/v1beta1/environmentgroup_types.go | 4 +- apis/apigee/v1beta1/instance_identity.go | 112 ++++ apis/apigee/v1beta1/instance_reference.go | 83 +++ apis/apigee/v1beta1/instance_types.go | 161 ++++++ apis/apigee/v1beta1/zz_generated.deepcopy.go | 292 ++++++++++- .../apigeeorganizationref.go | 5 +- ...nstances.apigee.cnrm.cloud.google.com.yaml | 246 +++++++++ .../apigee_v1beta1_apigeeinstance.yaml | 32 ++ dev/tasks/find-missing-fields | 2 + .../direct/apigee/envgroup_controller.go | 2 +- .../direct/apigee/instance_controller.go | 4 +- .../direct/apigee/instance_mappings.go | 12 +- .../direct/apigee/instance_resolverefs.go | 2 +- .../direct/apigee/roundtrip_test.go | 67 +++ pkg/gvks/supportedgvks/gvks_generated.go | 10 + pkg/test/resourcefixture/sets.go | 1 + ...ed_object_apigeeinstance-basic.golden.yaml | 2 +- .../apigeeinstance-basic/create.yaml | 2 +- ...ted_object_apigeeinstance-full.golden.yaml | 2 +- .../apigeeinstance-full/create.yaml | 2 +- .../apigeeinstance-full/update.yaml | 2 +- .../resource-reference/_toc.yaml | 2 + .../resource-docs/apigee/apigeeinstance.md | 486 ++++++++++++++++++ .../resource-reference/overview.md | 4 + .../templates/apigee_apigeeinstance.tmpl | 60 +++ .../resource-autogen/allowlist/allowlist.go | 1 - .../testdata/exceptions/missingfields.txt | 1 + 33 files changed, 1584 insertions(+), 37 deletions(-) create mode 100644 apis/apigee/v1beta1/instance_identity.go create mode 100644 apis/apigee/v1beta1/instance_reference.go create mode 100644 apis/apigee/v1beta1/instance_types.go rename apis/refs/{v1alpha1 => v1beta1}/apigeeorganizationref.go (95%) create mode 100644 config/samples/resources/apigeeinstance/apigee_v1beta1_apigeeinstance.yaml create mode 100644 scripts/generate-google3-docs/resource-reference/generated/resource-docs/apigee/apigeeinstance.md create mode 100644 scripts/generate-google3-docs/resource-reference/templates/apigee_apigeeinstance.tmpl diff --git a/apis/apigee/v1alpha1/environmentgroup_identity.go b/apis/apigee/v1alpha1/environmentgroup_identity.go index ef93a9b3d1..3ccb93391e 100644 --- a/apis/apigee/v1alpha1/environmentgroup_identity.go +++ b/apis/apigee/v1alpha1/environmentgroup_identity.go @@ -19,7 +19,7 @@ import ( "fmt" "strings" - refs "github.com/GoogleCloudPlatform/k8s-config-connector/apis/refs/v1alpha1" + refs "github.com/GoogleCloudPlatform/k8s-config-connector/apis/refs/v1beta1" "github.com/GoogleCloudPlatform/k8s-config-connector/pkg/controller/direct" "sigs.k8s.io/controller-runtime/pkg/client" ) diff --git a/apis/apigee/v1alpha1/environmentgroup_types.go b/apis/apigee/v1alpha1/environmentgroup_types.go index 551662a199..cf0014fc3a 100644 --- a/apis/apigee/v1alpha1/environmentgroup_types.go +++ b/apis/apigee/v1alpha1/environmentgroup_types.go @@ -15,7 +15,7 @@ package v1alpha1 import ( - refv1alpha1 "github.com/GoogleCloudPlatform/k8s-config-connector/apis/refs/v1alpha1" + refs "github.com/GoogleCloudPlatform/k8s-config-connector/apis/refs/v1beta1" "github.com/GoogleCloudPlatform/k8s-config-connector/pkg/apis/k8s/v1alpha1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) @@ -24,7 +24,7 @@ var ApigeeEnvgroupGVK = GroupVersion.WithKind("ApigeeEnvgroup") type Parent struct { // +required - OrganizationRef *refv1alpha1.ApigeeOrganizationRef `json:"organizationRef"` + OrganizationRef *refs.ApigeeOrganizationRef `json:"organizationRef"` } // ApigeeEnvgroupSpec defines the desired state of ApigeeEnvgroup diff --git a/apis/apigee/v1alpha1/instance_identity.go b/apis/apigee/v1alpha1/instance_identity.go index 1a331e3fca..381f6f5ccc 100644 --- a/apis/apigee/v1alpha1/instance_identity.go +++ b/apis/apigee/v1alpha1/instance_identity.go @@ -20,7 +20,7 @@ import ( "strings" "github.com/GoogleCloudPlatform/k8s-config-connector/apis/common" - refs "github.com/GoogleCloudPlatform/k8s-config-connector/apis/refs/v1alpha1" + refs "github.com/GoogleCloudPlatform/k8s-config-connector/apis/refs/v1beta1" "sigs.k8s.io/controller-runtime/pkg/client" ) diff --git a/apis/apigee/v1alpha1/instance_types.go b/apis/apigee/v1alpha1/instance_types.go index afbd26b080..5c53420722 100644 --- a/apis/apigee/v1alpha1/instance_types.go +++ b/apis/apigee/v1alpha1/instance_types.go @@ -15,8 +15,7 @@ package v1alpha1 import ( - refsv1alpha1 "github.com/GoogleCloudPlatform/k8s-config-connector/apis/refs/v1alpha1" - refsv1beta1 "github.com/GoogleCloudPlatform/k8s-config-connector/apis/refs/v1beta1" + refs "github.com/GoogleCloudPlatform/k8s-config-connector/apis/refs/v1beta1" "github.com/GoogleCloudPlatform/k8s-config-connector/pkg/apis/k8s/v1alpha1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) @@ -39,7 +38,7 @@ type AccessLoggingConfig struct { type ApigeeInstanceSpec struct { // Reference to parent Apigee Organization. // +required - OrganizationRef *refsv1alpha1.ApigeeOrganizationRef `json:"organizationRef"` + OrganizationRef *refs.ApigeeOrganizationRef `json:"organizationRef"` // The ApigeeInstance name. If not given, the metadata.name will be used. ResourceID *string `json:"resourceID,omitempty"` @@ -58,7 +57,7 @@ type ApigeeInstanceSpec struct { // Customer Managed Encryption Key (CMEK) used for disk and volume encryption. If not specified, a Google-Managed encryption key will be used. // +kcc:proto:field=mockgcp.cloud.apigee.v1.GoogleCloudApigeeV1Instance.disk_encryption_key_name - DiskEncryptionKMSCryptoKeyRef *refsv1beta1.KMSCryptoKeyRef `json:"diskEncryptionKMSCryptoKeyRef,omitempty"` + DiskEncryptionKMSCryptoKeyRef *refs.KMSCryptoKeyRef `json:"diskEncryptionKMSCryptoKeyRef,omitempty"` // Optional. Display name for the instance. // +kcc:proto:field=mockgcp.cloud.apigee.v1.GoogleCloudApigeeV1Instance.display_name diff --git a/apis/apigee/v1alpha1/zz_generated.deepcopy.go b/apis/apigee/v1alpha1/zz_generated.deepcopy.go index dafdafcd56..762bc5f14a 100644 --- a/apis/apigee/v1alpha1/zz_generated.deepcopy.go +++ b/apis/apigee/v1alpha1/zz_generated.deepcopy.go @@ -19,7 +19,6 @@ package v1alpha1 import ( - refsv1alpha1 "github.com/GoogleCloudPlatform/k8s-config-connector/apis/refs/v1alpha1" "github.com/GoogleCloudPlatform/k8s-config-connector/apis/refs/v1beta1" k8sv1alpha1 "github.com/GoogleCloudPlatform/k8s-config-connector/pkg/apis/k8s/v1alpha1" runtime "k8s.io/apimachinery/pkg/runtime" @@ -319,7 +318,7 @@ func (in *ApigeeInstanceSpec) DeepCopyInto(out *ApigeeInstanceSpec) { *out = *in if in.OrganizationRef != nil { in, out := &in.OrganizationRef, &out.OrganizationRef - *out = new(refsv1alpha1.ApigeeOrganizationRef) + *out = new(v1beta1.ApigeeOrganizationRef) **out = **in } if in.ResourceID != nil { @@ -519,7 +518,7 @@ func (in *Parent) DeepCopyInto(out *Parent) { *out = *in if in.OrganizationRef != nil { in, out := &in.OrganizationRef, &out.OrganizationRef - *out = new(refsv1alpha1.ApigeeOrganizationRef) + *out = new(v1beta1.ApigeeOrganizationRef) **out = **in } } diff --git a/apis/apigee/v1beta1/environmentgroup_identity.go b/apis/apigee/v1beta1/environmentgroup_identity.go index 877f33467d..5adc97838a 100644 --- a/apis/apigee/v1beta1/environmentgroup_identity.go +++ b/apis/apigee/v1beta1/environmentgroup_identity.go @@ -19,7 +19,7 @@ import ( "fmt" "strings" - refs "github.com/GoogleCloudPlatform/k8s-config-connector/apis/refs/v1alpha1" + refs "github.com/GoogleCloudPlatform/k8s-config-connector/apis/refs/v1beta1" "github.com/GoogleCloudPlatform/k8s-config-connector/pkg/controller/direct" "sigs.k8s.io/controller-runtime/pkg/client" ) diff --git a/apis/apigee/v1beta1/environmentgroup_types.go b/apis/apigee/v1beta1/environmentgroup_types.go index c683fc4d0c..d80266f265 100644 --- a/apis/apigee/v1beta1/environmentgroup_types.go +++ b/apis/apigee/v1beta1/environmentgroup_types.go @@ -15,7 +15,7 @@ package v1beta1 import ( - refv1alpha1 "github.com/GoogleCloudPlatform/k8s-config-connector/apis/refs/v1alpha1" + refs "github.com/GoogleCloudPlatform/k8s-config-connector/apis/refs/v1beta1" "github.com/GoogleCloudPlatform/k8s-config-connector/pkg/apis/k8s/v1alpha1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) @@ -24,7 +24,7 @@ var ApigeeEnvgroupGVK = GroupVersion.WithKind("ApigeeEnvgroup") type Parent struct { // +required - OrganizationRef *refv1alpha1.ApigeeOrganizationRef `json:"organizationRef"` + OrganizationRef *refs.ApigeeOrganizationRef `json:"organizationRef"` } // ApigeeEnvgroupSpec defines the desired state of ApigeeEnvgroup diff --git a/apis/apigee/v1beta1/instance_identity.go b/apis/apigee/v1beta1/instance_identity.go new file mode 100644 index 0000000000..4859b0c355 --- /dev/null +++ b/apis/apigee/v1beta1/instance_identity.go @@ -0,0 +1,112 @@ +// Copyright 2024 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package v1beta1 + +import ( + "context" + "fmt" + "strings" + + "github.com/GoogleCloudPlatform/k8s-config-connector/apis/common" + refs "github.com/GoogleCloudPlatform/k8s-config-connector/apis/refs/v1beta1" + "sigs.k8s.io/controller-runtime/pkg/client" +) + +// InstanceIdentity defines the resource reference to ApigeeInstance, which "External" field +// holds the GCP identifier for the KRM object. +type InstanceIdentity struct { + parent *InstanceParent + id string +} + +func (i *InstanceIdentity) String() string { + return i.parent.String() + "/instances/" + i.id +} + +func (i *InstanceIdentity) ID() string { + return i.id +} + +func (i *InstanceIdentity) Parent() *InstanceParent { + return i.parent +} + +type InstanceParent struct { + OrganizationID string +} + +func (p *InstanceParent) String() string { + return "organizations/" + p.OrganizationID +} + +// New builds a InstanceIdentity from the Config Connector Instance object. +func NewApigeeInstanceIdentity(ctx context.Context, reader client.Reader, obj *ApigeeInstance) (*InstanceIdentity, error) { + + // Get Parent + orgExternal, err := obj.Spec.OrganizationRef.NormalizedExternal(ctx, reader, obj.GetNamespace()) + if err != nil { + return nil, err + } + if orgExternal == "" { + return nil, fmt.Errorf("cannot resolve organization") + } + orgID, err := refs.ParseApigeeOrganizationExternal(orgExternal) + if err != nil { + return nil, err + } + // Get desired ID + resourceID := common.ValueOf(obj.Spec.ResourceID) + if resourceID == "" { + resourceID = obj.GetName() + } + if resourceID == "" { + return nil, fmt.Errorf("cannot resolve resource ID") + } + + // Use approved External + externalRef := common.ValueOf(obj.Status.ExternalRef) + if externalRef != "" { + // Validate desired with actual + actualParent, actualResourceID, err := ParseInstanceExternal(externalRef) + if err != nil { + return nil, err + } + if actualParent.OrganizationID != orgID { + return nil, fmt.Errorf("spec.organizationRef changed, expect %s, got %s", actualParent.OrganizationID, orgID) + } + if actualResourceID != resourceID { + return nil, fmt.Errorf("cannot reset `metadata.name` or `spec.resourceID` to %s, since it has already assigned to %s", + resourceID, actualResourceID) + } + } + return &InstanceIdentity{ + parent: &InstanceParent{ + OrganizationID: orgID, + }, + id: resourceID, + }, nil +} + +func ParseInstanceExternal(external string) (parent *InstanceParent, resourceID string, err error) { + tokens := strings.Split(external, "/") + if len(tokens) != 4 || tokens[0] != "organizations" || tokens[2] != "instances" { + return nil, "", fmt.Errorf("format of ApigeeInstance external=%q was not known (use organizations/{{organizationID}}/instances/{{instanceID}})", external) + } + parent = &InstanceParent{ + OrganizationID: tokens[1], + } + resourceID = tokens[3] + return parent, resourceID, nil +} diff --git a/apis/apigee/v1beta1/instance_reference.go b/apis/apigee/v1beta1/instance_reference.go new file mode 100644 index 0000000000..2b1de379f3 --- /dev/null +++ b/apis/apigee/v1beta1/instance_reference.go @@ -0,0 +1,83 @@ +// Copyright 2024 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package v1beta1 + +import ( + "context" + "fmt" + + refsv1beta1 "github.com/GoogleCloudPlatform/k8s-config-connector/apis/refs/v1beta1" + "github.com/GoogleCloudPlatform/k8s-config-connector/pkg/k8s" + apierrors "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" + "k8s.io/apimachinery/pkg/types" + "sigs.k8s.io/controller-runtime/pkg/client" +) + +var _ refsv1beta1.ExternalNormalizer = &InstanceRef{} + +// InstanceRef defines the resource reference to ApigeeInstance, which "External" field +// holds the GCP identifier for the KRM object. +type InstanceRef struct { + // A reference to an externally managed ApigeeInstance resource. + // Should be in the format "organizations/{{organizationID}}/instances/{{instanceID}}". + External string `json:"external,omitempty"` + + // The name of a ApigeeInstance resource. + Name string `json:"name,omitempty"` + + // The namespace of a ApigeeInstance resource. + Namespace string `json:"namespace,omitempty"` +} + +// NormalizedExternal provision the "External" value for other resource that depends on ApigeeInstance. +// If the "External" is given in the other resource's spec.ApigeeInstanceRef, the given value will be used. +// Otherwise, the "Name" and "Namespace" will be used to query the actual ApigeeInstance object from the cluster. +func (r *InstanceRef) NormalizedExternal(ctx context.Context, reader client.Reader, otherNamespace string) (string, error) { + if r.External != "" && r.Name != "" { + return "", fmt.Errorf("cannot specify both name and external on %s reference", ApigeeInstanceGVK.Kind) + } + // From given External + if r.External != "" { + if _, _, err := ParseInstanceExternal(r.External); err != nil { + return "", err + } + return r.External, nil + } + + // From the Config Connector object + if r.Namespace == "" { + r.Namespace = otherNamespace + } + key := types.NamespacedName{Name: r.Name, Namespace: r.Namespace} + u := &unstructured.Unstructured{} + u.SetGroupVersionKind(ApigeeInstanceGVK) + if err := reader.Get(ctx, key, u); err != nil { + if apierrors.IsNotFound(err) { + return "", k8s.NewReferenceNotFoundError(u.GroupVersionKind(), key) + } + return "", fmt.Errorf("reading referenced %s %s: %w", ApigeeInstanceGVK, key, err) + } + // Get external from status.externalRef. This is the most trustworthy place. + actualExternalRef, _, err := unstructured.NestedString(u.Object, "status", "externalRef") + if err != nil { + return "", fmt.Errorf("reading status.externalRef: %w", err) + } + if actualExternalRef == "" { + return "", k8s.NewReferenceNotReadyError(u.GroupVersionKind(), key) + } + r.External = actualExternalRef + return r.External, nil +} diff --git a/apis/apigee/v1beta1/instance_types.go b/apis/apigee/v1beta1/instance_types.go new file mode 100644 index 0000000000..1c7f2d3c0f --- /dev/null +++ b/apis/apigee/v1beta1/instance_types.go @@ -0,0 +1,161 @@ +// Copyright 2024 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package v1beta1 + +import ( + refs "github.com/GoogleCloudPlatform/k8s-config-connector/apis/refs/v1beta1" + "github.com/GoogleCloudPlatform/k8s-config-connector/pkg/apis/k8s/v1alpha1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +var ApigeeInstanceGVK = GroupVersion.WithKind("ApigeeInstance") + +// +kcc:proto=mockgcp.cloud.apigee.v1.GoogleCloudApigeeV1AccessLoggingConfig +type AccessLoggingConfig struct { + // Optional. Boolean flag that specifies whether the customer access log feature is enabled. + // +kcc:proto:field=mockgcp.cloud.apigee.v1.GoogleCloudApigeeV1AccessLoggingConfig.enabled + Enabled *bool `json:"enabled,omitempty"` + + // Optional. Ship the access log entries that match the status_code defined in the filter. The status_code is the only expected/supported filter field. (Ex: status_code) The filter will parse it to the Common Expression Language semantics for expression evaluation to build the filter condition. (Ex: "filter": status_code >= 200 && status_code < 300 ) + // +kcc:proto:field=mockgcp.cloud.apigee.v1.GoogleCloudApigeeV1AccessLoggingConfig.filter + Filter *string `json:"filter,omitempty"` +} + +// ApigeeInstanceSpec defines the desired state of ApigeeInstance +// +kcc:proto=mockgcp.cloud.apigee.v1.GoogleCloudApigeeV1Instance +type ApigeeInstanceSpec struct { + // Reference to parent Apigee Organization. + // +required + OrganizationRef *refs.ApigeeOrganizationRef `json:"organizationRef"` + + // The ApigeeInstance name. If not given, the metadata.name will be used. + ResourceID *string `json:"resourceID,omitempty"` + + // Optional. Access logging configuration enables the access logging feature at the instance. Apigee customers can enable access logging to ship the access logs to their own project's cloud logging. + // +kcc:proto:field=mockgcp.cloud.apigee.v1.GoogleCloudApigeeV1Instance.access_logging_config + AccessLoggingConfig *AccessLoggingConfig `json:"accessLoggingConfig,omitempty"` + + // Optional. Customer accept list represents the list of projects (id/number) on customer side that can privately connect to the service attachment. It is an optional field which the customers can provide during the instance creation. By default, the customer project associated with the Apigee organization will be included to the list. + // +kcc:proto:field=mockgcp.cloud.apigee.v1.GoogleCloudApigeeV1Instance.consumer_accept_list + ConsumerAcceptList []string `json:"consumerAcceptList,omitempty"` + + // Optional. Description of the instance. + // +kcc:proto:field=mockgcp.cloud.apigee.v1.GoogleCloudApigeeV1Instance.description + Description *string `json:"description,omitempty"` + + // Customer Managed Encryption Key (CMEK) used for disk and volume encryption. If not specified, a Google-Managed encryption key will be used. + // +kcc:proto:field=mockgcp.cloud.apigee.v1.GoogleCloudApigeeV1Instance.disk_encryption_key_name + DiskEncryptionKMSCryptoKeyRef *refs.KMSCryptoKeyRef `json:"diskEncryptionKMSCryptoKeyRef,omitempty"` + + // Optional. Display name for the instance. + // +kcc:proto:field=mockgcp.cloud.apigee.v1.GoogleCloudApigeeV1Instance.display_name + DisplayName *string `json:"displayName,omitempty"` + + // Optional. Comma-separated list of CIDR blocks of length 22 and/or 28 used to create the Apigee instance. Providing CIDR ranges is optional. You can provide just /22 or /28 or both (or neither). Ranges you provide should be freely available as part of a larger named range you have allocated to the Service Networking peering. If this parameter is not provided, Apigee automatically requests an available /22 and /28 CIDR block from Service Networking. Use the /22 CIDR block for configuring your firewall needs to allow traffic from Apigee. Input formats: `a.b.c.d/22` or `e.f.g.h/28` or `a.b.c.d/22,e.f.g.h/28` + // +kcc:proto:field=mockgcp.cloud.apigee.v1.GoogleCloudApigeeV1Instance.ip_range + IPRange *string `json:"ipRange,omitempty"` + + // Required. Compute Engine location where the instance resides. + // +kcc:proto:field=mockgcp.cloud.apigee.v1.GoogleCloudApigeeV1Instance.location + // +required + Location *string `json:"location,omitempty"` + + // Optional. Size of the CIDR block range that will be reserved by the instance. PAID organizations support `SLASH_16` to `SLASH_20` and defaults to `SLASH_16`. Evaluation organizations support only `SLASH_23`. + // +kcc:proto:field=mockgcp.cloud.apigee.v1.GoogleCloudApigeeV1Instance.peering_cidr_range + PeeringCIDRRange *string `json:"peeringCIDRRange,omitempty"` +} + +// ApigeeInstanceStatus defines the config connector machine state of ApigeeInstance +type ApigeeInstanceStatus struct { + /* Conditions represent the latest available observations of the + object's current state. */ + Conditions []v1alpha1.Condition `json:"conditions,omitempty"` + + // ObservedGeneration is the generation of the resource that was most recently observed by the Config Connector controller. If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. + ObservedGeneration *int64 `json:"observedGeneration,omitempty"` + + // A unique specifier for the ApigeeInstance resource in GCP. + ExternalRef *string `json:"externalRef,omitempty"` + + // ObservedState is the state of the resource as most recently observed in GCP. + ObservedState *ApigeeInstanceObservedState `json:"observedState,omitempty"` +} + +// ApigeeInstanceSpec defines the desired state of ApigeeInstance +// +kcc:proto=mockgcp.cloud.apigee.v1.GoogleCloudApigeeV1Instance +// ApigeeInstanceObservedState is the state of the ApigeeInstance resource as most recently observed in GCP. +type ApigeeInstanceObservedState struct { + // Output only. Time the instance was created in milliseconds since epoch. + // +kcc:proto:field=mockgcp.cloud.apigee.v1.GoogleCloudApigeeV1Instance.created_at + CreatedAt *int64 `json:"createdAt,omitempty"` + + // Output only. Internal hostname or IP address of the Apigee endpoint used by clients to connect to the service. + // +kcc:proto:field=mockgcp.cloud.apigee.v1.GoogleCloudApigeeV1Instance.host + Host *string `json:"host,omitempty"` + + // Output only. Time the instance was last modified in milliseconds since epoch. + // +kcc:proto:field=mockgcp.cloud.apigee.v1.GoogleCloudApigeeV1Instance.last_modified_at + LastModifiedAt *int64 `json:"lastModifiedAt,omitempty"` + + // Output only. Port number of the exposed Apigee endpoint. + // +kcc:proto:field=mockgcp.cloud.apigee.v1.GoogleCloudApigeeV1Instance.port + Port *string `json:"port,omitempty"` + + // Output only. Version of the runtime system running in the instance. The runtime system is the set of components that serve the API Proxy traffic in your Environments. + // +kcc:proto:field=mockgcp.cloud.apigee.v1.GoogleCloudApigeeV1Instance.runtime_version + RuntimeVersion *string `json:"runtimeVersion,omitempty"` + + // Output only. Resource name of the service attachment created for the instance in the format: `projects/{{project-id}}/regions/{{region-id}}/serviceAttachments/{{service-attachment-id}}` Apigee customers can privately forward traffic to this service attachment using the PSC endpoints. + // +kcc:proto:field=mockgcp.cloud.apigee.v1.GoogleCloudApigeeV1Instance.service_attachment + ServiceAttachment *string `json:"serviceAttachment,omitempty"` + + // Output only. State of the instance. Values other than `ACTIVE` means the resource is not ready to use. + // +kcc:proto:field=mockgcp.cloud.apigee.v1.GoogleCloudApigeeV1Instance.state + State *string `json:"state,omitempty"` +} + +// +genclient +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +// +kubebuilder:resource:categories=gcp,shortName=gcpapigeeinstance;gcpapigeeinstances +// +kubebuilder:subresource:status +// +kubebuilder:metadata:labels="cnrm.cloud.google.com/managed-by-kcc=true";"cnrm.cloud.google.com/system=true" +// +kubebuilder:printcolumn:name="Age",JSONPath=".metadata.creationTimestamp",type="date" +// +kubebuilder:printcolumn:name="Ready",JSONPath=".status.conditions[?(@.type=='Ready')].status",type="string",description="When 'True', the most recent reconcile of the resource succeeded" +// +kubebuilder:printcolumn:name="Status",JSONPath=".status.conditions[?(@.type=='Ready')].reason",type="string",description="The reason for the value in 'Ready'" +// +kubebuilder:printcolumn:name="Status Age",JSONPath=".status.conditions[?(@.type=='Ready')].lastTransitionTime",type="date",description="The last transition time for the value in 'Status'" +// +kubebuilder:storageversion + +// ApigeeInstance is the Schema for the ApigeeInstance API +// +k8s:openapi-gen=true +type ApigeeInstance struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + // +required + Spec ApigeeInstanceSpec `json:"spec,omitempty"` + Status ApigeeInstanceStatus `json:"status,omitempty"` +} + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +// ApigeeInstanceList contains a list of ApigeeInstance +type ApigeeInstanceList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + Items []ApigeeInstance `json:"items"` +} + +func init() { + SchemeBuilder.Register(&ApigeeInstance{}, &ApigeeInstanceList{}) +} diff --git a/apis/apigee/v1beta1/zz_generated.deepcopy.go b/apis/apigee/v1beta1/zz_generated.deepcopy.go index d62c2429ac..933b808781 100644 --- a/apis/apigee/v1beta1/zz_generated.deepcopy.go +++ b/apis/apigee/v1beta1/zz_generated.deepcopy.go @@ -19,11 +19,36 @@ package v1beta1 import ( - "github.com/GoogleCloudPlatform/k8s-config-connector/apis/refs/v1alpha1" - k8sv1alpha1 "github.com/GoogleCloudPlatform/k8s-config-connector/pkg/apis/k8s/v1alpha1" + refsv1beta1 "github.com/GoogleCloudPlatform/k8s-config-connector/apis/refs/v1beta1" + "github.com/GoogleCloudPlatform/k8s-config-connector/pkg/apis/k8s/v1alpha1" runtime "k8s.io/apimachinery/pkg/runtime" ) +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AccessLoggingConfig) DeepCopyInto(out *AccessLoggingConfig) { + *out = *in + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled + *out = new(bool) + **out = **in + } + if in.Filter != nil { + in, out := &in.Filter, &out.Filter + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AccessLoggingConfig. +func (in *AccessLoggingConfig) DeepCopy() *AccessLoggingConfig { + if in == nil { + return nil + } + out := new(AccessLoggingConfig) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ApigeeEnvgroup) DeepCopyInto(out *ApigeeEnvgroup) { *out = *in @@ -149,7 +174,7 @@ func (in *ApigeeEnvgroupStatus) DeepCopyInto(out *ApigeeEnvgroupStatus) { *out = *in if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions - *out = make([]k8sv1alpha1.Condition, len(*in)) + *out = make([]v1alpha1.Condition, len(*in)) copy(*out, *in) } if in.ObservedGeneration != nil { @@ -179,6 +204,215 @@ func (in *ApigeeEnvgroupStatus) DeepCopy() *ApigeeEnvgroupStatus { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ApigeeInstance) DeepCopyInto(out *ApigeeInstance) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ApigeeInstance. +func (in *ApigeeInstance) DeepCopy() *ApigeeInstance { + if in == nil { + return nil + } + out := new(ApigeeInstance) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *ApigeeInstance) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ApigeeInstanceList) DeepCopyInto(out *ApigeeInstanceList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]ApigeeInstance, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ApigeeInstanceList. +func (in *ApigeeInstanceList) DeepCopy() *ApigeeInstanceList { + if in == nil { + return nil + } + out := new(ApigeeInstanceList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *ApigeeInstanceList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ApigeeInstanceObservedState) DeepCopyInto(out *ApigeeInstanceObservedState) { + *out = *in + if in.CreatedAt != nil { + in, out := &in.CreatedAt, &out.CreatedAt + *out = new(int64) + **out = **in + } + if in.Host != nil { + in, out := &in.Host, &out.Host + *out = new(string) + **out = **in + } + if in.LastModifiedAt != nil { + in, out := &in.LastModifiedAt, &out.LastModifiedAt + *out = new(int64) + **out = **in + } + if in.Port != nil { + in, out := &in.Port, &out.Port + *out = new(string) + **out = **in + } + if in.RuntimeVersion != nil { + in, out := &in.RuntimeVersion, &out.RuntimeVersion + *out = new(string) + **out = **in + } + if in.ServiceAttachment != nil { + in, out := &in.ServiceAttachment, &out.ServiceAttachment + *out = new(string) + **out = **in + } + if in.State != nil { + in, out := &in.State, &out.State + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ApigeeInstanceObservedState. +func (in *ApigeeInstanceObservedState) DeepCopy() *ApigeeInstanceObservedState { + if in == nil { + return nil + } + out := new(ApigeeInstanceObservedState) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ApigeeInstanceSpec) DeepCopyInto(out *ApigeeInstanceSpec) { + *out = *in + if in.OrganizationRef != nil { + in, out := &in.OrganizationRef, &out.OrganizationRef + *out = new(refsv1beta1.ApigeeOrganizationRef) + **out = **in + } + if in.ResourceID != nil { + in, out := &in.ResourceID, &out.ResourceID + *out = new(string) + **out = **in + } + if in.AccessLoggingConfig != nil { + in, out := &in.AccessLoggingConfig, &out.AccessLoggingConfig + *out = new(AccessLoggingConfig) + (*in).DeepCopyInto(*out) + } + if in.ConsumerAcceptList != nil { + in, out := &in.ConsumerAcceptList, &out.ConsumerAcceptList + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } + if in.DiskEncryptionKMSCryptoKeyRef != nil { + in, out := &in.DiskEncryptionKMSCryptoKeyRef, &out.DiskEncryptionKMSCryptoKeyRef + *out = new(refsv1beta1.KMSCryptoKeyRef) + **out = **in + } + if in.DisplayName != nil { + in, out := &in.DisplayName, &out.DisplayName + *out = new(string) + **out = **in + } + if in.IPRange != nil { + in, out := &in.IPRange, &out.IPRange + *out = new(string) + **out = **in + } + if in.Location != nil { + in, out := &in.Location, &out.Location + *out = new(string) + **out = **in + } + if in.PeeringCIDRRange != nil { + in, out := &in.PeeringCIDRRange, &out.PeeringCIDRRange + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ApigeeInstanceSpec. +func (in *ApigeeInstanceSpec) DeepCopy() *ApigeeInstanceSpec { + if in == nil { + return nil + } + out := new(ApigeeInstanceSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ApigeeInstanceStatus) DeepCopyInto(out *ApigeeInstanceStatus) { + *out = *in + if in.Conditions != nil { + in, out := &in.Conditions, &out.Conditions + *out = make([]v1alpha1.Condition, len(*in)) + copy(*out, *in) + } + if in.ObservedGeneration != nil { + in, out := &in.ObservedGeneration, &out.ObservedGeneration + *out = new(int64) + **out = **in + } + if in.ExternalRef != nil { + in, out := &in.ExternalRef, &out.ExternalRef + *out = new(string) + **out = **in + } + if in.ObservedState != nil { + in, out := &in.ObservedState, &out.ObservedState + *out = new(ApigeeInstanceObservedState) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ApigeeInstanceStatus. +func (in *ApigeeInstanceStatus) DeepCopy() *ApigeeInstanceStatus { + if in == nil { + return nil + } + out := new(ApigeeInstanceStatus) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *EnvironmentGroupIdentity) DeepCopyInto(out *EnvironmentGroupIdentity) { *out = *in @@ -229,12 +463,62 @@ func (in *EnvironmentGroupRef) DeepCopy() *EnvironmentGroupRef { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *InstanceIdentity) DeepCopyInto(out *InstanceIdentity) { + *out = *in + if in.parent != nil { + in, out := &in.parent, &out.parent + *out = new(InstanceParent) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InstanceIdentity. +func (in *InstanceIdentity) DeepCopy() *InstanceIdentity { + if in == nil { + return nil + } + out := new(InstanceIdentity) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *InstanceParent) DeepCopyInto(out *InstanceParent) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InstanceParent. +func (in *InstanceParent) DeepCopy() *InstanceParent { + if in == nil { + return nil + } + out := new(InstanceParent) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *InstanceRef) DeepCopyInto(out *InstanceRef) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InstanceRef. +func (in *InstanceRef) DeepCopy() *InstanceRef { + if in == nil { + return nil + } + out := new(InstanceRef) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *Parent) DeepCopyInto(out *Parent) { *out = *in if in.OrganizationRef != nil { in, out := &in.OrganizationRef, &out.OrganizationRef - *out = new(v1alpha1.ApigeeOrganizationRef) + *out = new(refsv1beta1.ApigeeOrganizationRef) **out = **in } } diff --git a/apis/refs/v1alpha1/apigeeorganizationref.go b/apis/refs/v1beta1/apigeeorganizationref.go similarity index 95% rename from apis/refs/v1alpha1/apigeeorganizationref.go rename to apis/refs/v1beta1/apigeeorganizationref.go index 20af6ddeda..8c3331ccdc 100644 --- a/apis/refs/v1alpha1/apigeeorganizationref.go +++ b/apis/refs/v1beta1/apigeeorganizationref.go @@ -12,14 +12,13 @@ // See the License for the specific language governing permissions and // limitations under the License. -package v1alpha1 +package v1beta1 import ( "context" "fmt" "strings" - refsv1beta1 "github.com/GoogleCloudPlatform/k8s-config-connector/apis/refs/v1beta1" "github.com/GoogleCloudPlatform/k8s-config-connector/pkg/k8s" apierrors "k8s.io/apimachinery/pkg/api/errors" "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" @@ -33,7 +32,7 @@ var ( ApigeeOrganizationGVK = ApigeeGroupVersion.WithKind("ApigeeOrganization") ) -var _ refsv1beta1.ExternalNormalizer = &ApigeeOrganizationRef{} +var _ ExternalNormalizer = &ApigeeOrganizationRef{} type ApigeeOrganizationRef struct { /* The ApigeeOrganization selfLink, when not managed by Config Connector. */ diff --git a/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_apigeeinstances.apigee.cnrm.cloud.google.com.yaml b/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_apigeeinstances.apigee.cnrm.cloud.google.com.yaml index 73720c7d33..eb435ae369 100644 --- a/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_apigeeinstances.apigee.cnrm.cloud.google.com.yaml +++ b/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_apigeeinstances.apigee.cnrm.cloud.google.com.yaml @@ -266,6 +266,252 @@ spec: - spec type: object served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: ApigeeInstance is the Schema for the ApigeeInstance API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ApigeeInstanceSpec defines the desired state of ApigeeInstance + properties: + accessLoggingConfig: + description: Optional. Access logging configuration enables the access + logging feature at the instance. Apigee customers can enable access + logging to ship the access logs to their own project's cloud logging. + properties: + enabled: + description: Optional. Boolean flag that specifies whether the + customer access log feature is enabled. + type: boolean + filter: + description: 'Optional. Ship the access log entries that match + the status_code defined in the filter. The status_code is the + only expected/supported filter field. (Ex: status_code) The + filter will parse it to the Common Expression Language semantics + for expression evaluation to build the filter condition. (Ex: + "filter": status_code >= 200 && status_code < 300 )' + type: string + type: object + consumerAcceptList: + description: Optional. Customer accept list represents the list of + projects (id/number) on customer side that can privately connect + to the service attachment. It is an optional field which the customers + can provide during the instance creation. By default, the customer + project associated with the Apigee organization will be included + to the list. + items: + type: string + type: array + description: + description: Optional. Description of the instance. + type: string + diskEncryptionKMSCryptoKeyRef: + description: Customer Managed Encryption Key (CMEK) used for disk + and volume encryption. If not specified, a Google-Managed encryption + key will be used. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: A reference to an externally managed KMSCryptoKey. + Should be in the format `projects/[kms_project_id]/locations/[region]/keyRings/[key_ring_id]/cryptoKeys/[key]`. + type: string + name: + description: The `name` of a `KMSCryptoKey` resource. + type: string + namespace: + description: The `namespace` of a `KMSCryptoKey` resource. + type: string + type: object + displayName: + description: Optional. Display name for the instance. + type: string + ipRange: + description: 'Optional. Comma-separated list of CIDR blocks of length + 22 and/or 28 used to create the Apigee instance. Providing CIDR + ranges is optional. You can provide just /22 or /28 or both (or + neither). Ranges you provide should be freely available as part + of a larger named range you have allocated to the Service Networking + peering. If this parameter is not provided, Apigee automatically + requests an available /22 and /28 CIDR block from Service Networking. + Use the /22 CIDR block for configuring your firewall needs to allow + traffic from Apigee. Input formats: `a.b.c.d/22` or `e.f.g.h/28` + or `a.b.c.d/22,e.f.g.h/28`' + type: string + location: + description: Required. Compute Engine location where the instance + resides. + type: string + organizationRef: + description: Reference to parent Apigee Organization. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The ApigeeOrganization selfLink, when not managed + by Config Connector. + type: string + name: + description: The `name` field of an `ApigeeOrganization` resource. + type: string + namespace: + description: The `namespace` field of an `ApigeeOrganization` + resource. + type: string + type: object + peeringCIDRRange: + description: Optional. Size of the CIDR block range that will be reserved + by the instance. PAID organizations support `SLASH_16` to `SLASH_20` + and defaults to `SLASH_16`. Evaluation organizations support only + `SLASH_23`. + type: string + resourceID: + description: The ApigeeInstance name. If not given, the metadata.name + will be used. + type: string + required: + - location + - organizationRef + type: object + status: + description: ApigeeInstanceStatus defines the config connector machine + state of ApigeeInstance + properties: + conditions: + description: Conditions represent the latest available observations + of the object's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + externalRef: + description: A unique specifier for the ApigeeInstance resource in + GCP. + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + format: int64 + type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + createdAt: + description: Output only. Time the instance was created in milliseconds + since epoch. + format: int64 + type: integer + host: + description: Output only. Internal hostname or IP address of the + Apigee endpoint used by clients to connect to the service. + type: string + lastModifiedAt: + description: Output only. Time the instance was last modified + in milliseconds since epoch. + format: int64 + type: integer + port: + description: Output only. Port number of the exposed Apigee endpoint. + type: string + runtimeVersion: + description: Output only. Version of the runtime system running + in the instance. The runtime system is the set of components + that serve the API Proxy traffic in your Environments. + type: string + serviceAttachment: + description: 'Output only. Resource name of the service attachment + created for the instance in the format: `projects/{{project-id}}/regions/{{region-id}}/serviceAttachments/{{service-attachment-id}}` + Apigee customers can privately forward traffic to this service + attachment using the PSC endpoints.' + type: string + state: + description: Output only. State of the instance. Values other + than `ACTIVE` means the resource is not ready to use. + type: string + type: object + type: object + required: + - spec + type: object + served: true storage: true subresources: status: {} diff --git a/config/samples/resources/apigeeinstance/apigee_v1beta1_apigeeinstance.yaml b/config/samples/resources/apigeeinstance/apigee_v1beta1_apigeeinstance.yaml new file mode 100644 index 0000000000..0810e0c76f --- /dev/null +++ b/config/samples/resources/apigeeinstance/apigee_v1beta1_apigeeinstance.yaml @@ -0,0 +1,32 @@ +# Copyright 2025 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: apigee.cnrm.cloud.google.com/v1beta1 +kind: ApigeeInstance +metadata: + name: apigeeinstance-sample +spec: + organizationRef: + external: organizations/${PROJECT_ID?} + resourceID: apigeeinstance-sample + description: "A sample instance" + location: us-central1 + accessLoggingConfig: + enabled: true + filter: "status_code >= 200 && status_code < 300" + consumerAcceptList: + - "${PROJECT_NUMBER1}" + - "${PROJECT_NUMBER2}" + displayName: "My Apigee Instance" + peeringCIDRRange: "SLASH_22" diff --git a/dev/tasks/find-missing-fields b/dev/tasks/find-missing-fields index 35e920f266..fad8fff7c6 100755 --- a/dev/tasks/find-missing-fields +++ b/dev/tasks/find-missing-fields @@ -24,6 +24,8 @@ cd ${REPO_ROOT} # that we register all the types with. go test -v ./pkg/controller/direct/apigee/ -fuzz=FuzzApigeeEnvgroupSpec -fuzztime 60s go test -v ./pkg/controller/direct/apigee/ -fuzz=FuzzApigeeEnvgroupObservedState -fuzztime 60s +go test -v ./pkg/controller/direct/apigee/ -fuzz=FuzzApigeeInstanceSpec -fuzztime 60s +go test -v ./pkg/controller/direct/apigee/ -fuzz=FuzzApigeeInstanceObservedState -fuzztime 60s go test -v ./pkg/controller/direct/compute/firewallpolicyrule -fuzz=FuzzComputeFirewallPolicyRuleSpec -fuzztime 60s go test -v ./pkg/controller/direct/compute/forwardingrule -fuzz=FuzzComputeForwardingRuleSpec -fuzztime 60s diff --git a/pkg/controller/direct/apigee/envgroup_controller.go b/pkg/controller/direct/apigee/envgroup_controller.go index 33c38df6c3..1d320d8a4d 100644 --- a/pkg/controller/direct/apigee/envgroup_controller.go +++ b/pkg/controller/direct/apigee/envgroup_controller.go @@ -22,7 +22,7 @@ import ( "strings" krm "github.com/GoogleCloudPlatform/k8s-config-connector/apis/apigee/v1beta1" - refs "github.com/GoogleCloudPlatform/k8s-config-connector/apis/refs/v1alpha1" + refs "github.com/GoogleCloudPlatform/k8s-config-connector/apis/refs/v1beta1" "github.com/GoogleCloudPlatform/k8s-config-connector/pkg/config" "github.com/GoogleCloudPlatform/k8s-config-connector/pkg/controller/direct" "github.com/GoogleCloudPlatform/k8s-config-connector/pkg/controller/direct/directbase" diff --git a/pkg/controller/direct/apigee/instance_controller.go b/pkg/controller/direct/apigee/instance_controller.go index 76372114c5..572d6f958f 100644 --- a/pkg/controller/direct/apigee/instance_controller.go +++ b/pkg/controller/direct/apigee/instance_controller.go @@ -20,8 +20,8 @@ import ( "reflect" "strings" - krm "github.com/GoogleCloudPlatform/k8s-config-connector/apis/apigee/v1alpha1" - refs "github.com/GoogleCloudPlatform/k8s-config-connector/apis/refs/v1alpha1" + krm "github.com/GoogleCloudPlatform/k8s-config-connector/apis/apigee/v1beta1" + refs "github.com/GoogleCloudPlatform/k8s-config-connector/apis/refs/v1beta1" "github.com/GoogleCloudPlatform/k8s-config-connector/pkg/config" "github.com/GoogleCloudPlatform/k8s-config-connector/pkg/controller/direct" "github.com/GoogleCloudPlatform/k8s-config-connector/pkg/controller/direct/directbase" diff --git a/pkg/controller/direct/apigee/instance_mappings.go b/pkg/controller/direct/apigee/instance_mappings.go index 4565f9c27c..e0029ea09d 100644 --- a/pkg/controller/direct/apigee/instance_mappings.go +++ b/pkg/controller/direct/apigee/instance_mappings.go @@ -15,8 +15,8 @@ package apigee import ( - krm "github.com/GoogleCloudPlatform/k8s-config-connector/apis/apigee/v1alpha1" - refsv1beta1 "github.com/GoogleCloudPlatform/k8s-config-connector/apis/refs/v1beta1" + krm "github.com/GoogleCloudPlatform/k8s-config-connector/apis/apigee/v1beta1" + refs "github.com/GoogleCloudPlatform/k8s-config-connector/apis/refs/v1beta1" "github.com/GoogleCloudPlatform/k8s-config-connector/pkg/controller/direct" api "google.golang.org/api/apigee/v1" ) @@ -26,7 +26,7 @@ func AccessLoggingConfig_FromAPI(mapCtx *direct.MapContext, in *api.GoogleCloudA return nil } out := &krm.AccessLoggingConfig{} - out.Enabled = direct.LazyPtr(in.Enabled) + out.Enabled = &in.Enabled out.Filter = direct.LazyPtr(in.Filter) return out } @@ -105,16 +105,16 @@ func ApigeeInstanceSpec_ToAPI(mapCtx *direct.MapContext, in *krm.ApigeeInstanceS return out } -func ApigeeInstanceSpec_DiskEncryptionKMSCryptoKeyRef_FromAPI(mapCtx *direct.MapContext, in string) *refsv1beta1.KMSCryptoKeyRef { +func ApigeeInstanceSpec_DiskEncryptionKMSCryptoKeyRef_FromAPI(mapCtx *direct.MapContext, in string) *refs.KMSCryptoKeyRef { if in == "" { return nil } - out := &refsv1beta1.KMSCryptoKeyRef{} + out := &refs.KMSCryptoKeyRef{} out.External = in return out } -func ApigeeInstanceSpec_DiskEncryptionKMSCryptoKeyRef_ToAPI(mapCtx *direct.MapContext, in *refsv1beta1.KMSCryptoKeyRef) string { +func ApigeeInstanceSpec_DiskEncryptionKMSCryptoKeyRef_ToAPI(mapCtx *direct.MapContext, in *refs.KMSCryptoKeyRef) string { if in == nil { return "" } diff --git a/pkg/controller/direct/apigee/instance_resolverefs.go b/pkg/controller/direct/apigee/instance_resolverefs.go index 48842bf76c..f1904e46ec 100644 --- a/pkg/controller/direct/apigee/instance_resolverefs.go +++ b/pkg/controller/direct/apigee/instance_resolverefs.go @@ -17,7 +17,7 @@ package apigee import ( "context" - krm "github.com/GoogleCloudPlatform/k8s-config-connector/apis/apigee/v1alpha1" + krm "github.com/GoogleCloudPlatform/k8s-config-connector/apis/apigee/v1beta1" refs "github.com/GoogleCloudPlatform/k8s-config-connector/apis/refs/v1beta1" "sigs.k8s.io/controller-runtime/pkg/client" ) diff --git a/pkg/controller/direct/apigee/roundtrip_test.go b/pkg/controller/direct/apigee/roundtrip_test.go index 9f8f7e42fe..a82878c6d6 100644 --- a/pkg/controller/direct/apigee/roundtrip_test.go +++ b/pkg/controller/direct/apigee/roundtrip_test.go @@ -21,6 +21,7 @@ import ( "math/rand" krm "github.com/GoogleCloudPlatform/k8s-config-connector/apis/apigee/v1beta1" + refs "github.com/GoogleCloudPlatform/k8s-config-connector/apis/refs/v1beta1" "github.com/GoogleCloudPlatform/k8s-config-connector/pkg/controller/direct" "github.com/GoogleCloudPlatform/k8s-config-connector/pkg/test/fuzz" "github.com/google/go-cmp/cmp" @@ -104,3 +105,69 @@ func prettyPrint(t *testing.T, k any) string { return string(encoded) } + +func FuzzApigeeInstanceSpec(f *testing.F) { + f.Fuzz(func(t *testing.T, seed int64) { + stream := rand.New(rand.NewSource(seed)) + filler := fuzz.NewRandomFiller(&fuzz.FillerConfig{Stream: stream}) + + k1 := &krm.ApigeeInstanceSpec{} + filler.Fill(t, k1) + + // KRM -> API + ctx := &direct.MapContext{} + apiObj := ApigeeInstanceSpec_ToAPI(ctx, k1) + if ctx.Err() != nil { + t.Fatalf("error converting KRM to API: %v, krm = %v", ctx.Err(), prettyPrint(t, k1)) + } + + // API -> KRM + k2 := ApigeeInstanceSpec_FromAPI(ctx, apiObj) + if ctx.Err() != nil { + t.Fatalf("error converting API to KRM: %v, api = %v", ctx.Err(), prettyPrint(t, apiObj)) + } + + // Ignore Parent, ResourceID, and ref Name+Namespace fields during comparison + opts := cmp.Options{ + cmpopts.IgnoreFields(krm.ApigeeInstanceSpec{}, "OrganizationRef"), + cmpopts.IgnoreFields(krm.ApigeeInstanceSpec{}, "ResourceID"), + cmpopts.IgnoreFields(refs.KMSCryptoKeyRef{}, "Name"), + cmpopts.IgnoreFields(refs.KMSCryptoKeyRef{}, "Namespace"), + } + if diff := cmp.Diff(k1, k2, opts...); diff != "" { + t.Logf("k1 = %v", k1) + t.Logf("k2 = %v", k2) + t.Errorf("roundtrip failed: diff = %s", diff) + } + }) +} + +func FuzzApigeeInstanceObservedState(f *testing.F) { + f.Fuzz(func(t *testing.T, seed int64) { + stream := rand.New(rand.NewSource(seed)) + filler := fuzz.NewRandomFiller(&fuzz.FillerConfig{Stream: stream}) + + k1 := &krm.ApigeeInstanceObservedState{} + filler.Fill(t, k1) + + // KRM -> API + ctx := &direct.MapContext{} + apiObj := ApigeeInstanceObservedState_ToAPI(ctx, k1) + if ctx.Err() != nil { + t.Fatalf("error converting KRM to API: %v, krm = %v", ctx.Err(), prettyPrint(t, k1)) + } + + // API -> KRM + k2 := ApigeeInstanceObservedState_FromAPI(ctx, apiObj) + if ctx.Err() != nil { + t.Fatalf("error converting API to KRM: %v, api = %v", ctx.Err(), prettyPrint(t, apiObj)) + } + + // Compare + if diff := cmp.Diff(k1, k2); diff != "" { + t.Logf("k1 = %v", k1) + t.Logf("k2 = %v", k2) + t.Errorf("roundtrip failed: diff = %s", diff) + } + }) +} diff --git a/pkg/gvks/supportedgvks/gvks_generated.go b/pkg/gvks/supportedgvks/gvks_generated.go index a8a388b0d1..691faa17b6 100644 --- a/pkg/gvks/supportedgvks/gvks_generated.go +++ b/pkg/gvks/supportedgvks/gvks_generated.go @@ -317,6 +317,16 @@ var SupportedGVKs = map[schema.GroupVersionKind]GVKMetadata{ "cnrm.cloud.google.com/system": "true", }, }, + { + Group: "apigee.cnrm.cloud.google.com", + Version: "v1beta1", + Kind: "ApigeeInstance", + }: { + Labels: map[string]string{ + "cnrm.cloud.google.com/managed-by-kcc": "true", + "cnrm.cloud.google.com/system": "true", + }, + }, { Group: "apigee.cnrm.cloud.google.com", Version: "v1alpha1", diff --git a/pkg/test/resourcefixture/sets.go b/pkg/test/resourcefixture/sets.go index d48ed7bbcc..a5bf482037 100644 --- a/pkg/test/resourcefixture/sets.go +++ b/pkg/test/resourcefixture/sets.go @@ -89,6 +89,7 @@ func addResourceConfig(t *testing.T, smLoader *servicemappingloader.ServiceMappi func IsPureDirectResource(gk schema.GroupKind) bool { pureDirectResources := []string{ "ApigeeEnvgroup", + "ApigeeInstance", "BigQueryConnectionConnection", "BigQueryDataTransferConfig", "CloudBuildWorkerPool", diff --git a/pkg/test/resourcefixture/testdata/basic/apigee/v1alpha1/apigeeinstance/apigeeinstance-basic/_generated_object_apigeeinstance-basic.golden.yaml b/pkg/test/resourcefixture/testdata/basic/apigee/v1alpha1/apigeeinstance/apigeeinstance-basic/_generated_object_apigeeinstance-basic.golden.yaml index 0134751a7a..911fb7847b 100644 --- a/pkg/test/resourcefixture/testdata/basic/apigee/v1alpha1/apigeeinstance/apigeeinstance-basic/_generated_object_apigeeinstance-basic.golden.yaml +++ b/pkg/test/resourcefixture/testdata/basic/apigee/v1alpha1/apigeeinstance/apigeeinstance-basic/_generated_object_apigeeinstance-basic.golden.yaml @@ -1,4 +1,4 @@ -apiVersion: apigee.cnrm.cloud.google.com/v1alpha1 +apiVersion: apigee.cnrm.cloud.google.com/v1beta1 kind: ApigeeInstance metadata: finalizers: diff --git a/pkg/test/resourcefixture/testdata/basic/apigee/v1alpha1/apigeeinstance/apigeeinstance-basic/create.yaml b/pkg/test/resourcefixture/testdata/basic/apigee/v1alpha1/apigeeinstance/apigeeinstance-basic/create.yaml index 16eb2fa339..5e959f3875 100644 --- a/pkg/test/resourcefixture/testdata/basic/apigee/v1alpha1/apigeeinstance/apigeeinstance-basic/create.yaml +++ b/pkg/test/resourcefixture/testdata/basic/apigee/v1alpha1/apigeeinstance/apigeeinstance-basic/create.yaml @@ -12,7 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -apiVersion: apigee.cnrm.cloud.google.com/v1alpha1 +apiVersion: apigee.cnrm.cloud.google.com/v1beta1 kind: ApigeeInstance metadata: name: apigeeinstance-${uniqueId} diff --git a/pkg/test/resourcefixture/testdata/basic/apigee/v1alpha1/apigeeinstance/apigeeinstance-full/_generated_object_apigeeinstance-full.golden.yaml b/pkg/test/resourcefixture/testdata/basic/apigee/v1alpha1/apigeeinstance/apigeeinstance-full/_generated_object_apigeeinstance-full.golden.yaml index 5d2287b735..b3eb98b883 100644 --- a/pkg/test/resourcefixture/testdata/basic/apigee/v1alpha1/apigeeinstance/apigeeinstance-full/_generated_object_apigeeinstance-full.golden.yaml +++ b/pkg/test/resourcefixture/testdata/basic/apigee/v1alpha1/apigeeinstance/apigeeinstance-full/_generated_object_apigeeinstance-full.golden.yaml @@ -1,4 +1,4 @@ -apiVersion: apigee.cnrm.cloud.google.com/v1alpha1 +apiVersion: apigee.cnrm.cloud.google.com/v1beta1 kind: ApigeeInstance metadata: finalizers: diff --git a/pkg/test/resourcefixture/testdata/basic/apigee/v1alpha1/apigeeinstance/apigeeinstance-full/create.yaml b/pkg/test/resourcefixture/testdata/basic/apigee/v1alpha1/apigeeinstance/apigeeinstance-full/create.yaml index a625133497..083e3e950c 100644 --- a/pkg/test/resourcefixture/testdata/basic/apigee/v1alpha1/apigeeinstance/apigeeinstance-full/create.yaml +++ b/pkg/test/resourcefixture/testdata/basic/apigee/v1alpha1/apigeeinstance/apigeeinstance-full/create.yaml @@ -12,7 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -apiVersion: apigee.cnrm.cloud.google.com/v1alpha1 +apiVersion: apigee.cnrm.cloud.google.com/v1beta1 kind: ApigeeInstance metadata: name: apigeeinstance-${uniqueId} diff --git a/pkg/test/resourcefixture/testdata/basic/apigee/v1alpha1/apigeeinstance/apigeeinstance-full/update.yaml b/pkg/test/resourcefixture/testdata/basic/apigee/v1alpha1/apigeeinstance/apigeeinstance-full/update.yaml index e0c1ff2ac7..cb4b7f1667 100644 --- a/pkg/test/resourcefixture/testdata/basic/apigee/v1alpha1/apigeeinstance/apigeeinstance-full/update.yaml +++ b/pkg/test/resourcefixture/testdata/basic/apigee/v1alpha1/apigeeinstance/apigeeinstance-full/update.yaml @@ -12,7 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -apiVersion: apigee.cnrm.cloud.google.com/v1alpha1 +apiVersion: apigee.cnrm.cloud.google.com/v1beta1 kind: ApigeeInstance metadata: name: apigeeinstance-${uniqueId} diff --git a/scripts/generate-google3-docs/resource-reference/_toc.yaml b/scripts/generate-google3-docs/resource-reference/_toc.yaml index ac03aeb3fa..7b429cc374 100644 --- a/scripts/generate-google3-docs/resource-reference/_toc.yaml +++ b/scripts/generate-google3-docs/resource-reference/_toc.yaml @@ -39,6 +39,8 @@ toc: path: /config-connector/docs/reference/resource-docs/apigee/apigeeenvgroup.md - title: "ApigeeEnvironment" path: /config-connector/docs/reference/resource-docs/apigee/apigeeenvironment.md + - title: "ApigeeInstance" + path: /config-connector/docs/reference/resource-docs/apigee/apigeeinstance.md - title: "ApigeeOrganization" path: /config-connector/docs/reference/resource-docs/apigee/apigeeorganization.md - title: "ArtifactRegistry" diff --git a/scripts/generate-google3-docs/resource-reference/generated/resource-docs/apigee/apigeeinstance.md b/scripts/generate-google3-docs/resource-reference/generated/resource-docs/apigee/apigeeinstance.md new file mode 100644 index 0000000000..35e4eb5cea --- /dev/null +++ b/scripts/generate-google3-docs/resource-reference/generated/resource-docs/apigee/apigeeinstance.md @@ -0,0 +1,486 @@ +{# AUTOGENERATED. DO NOT EDIT. #} + +{% extends "config-connector/_base.html" %} + +{% block page_title %}ApigeeInstance{% endblock %} +{% block body %} + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
PropertyValue
{{gcp_name_short}} Service NameApigee
{{gcp_name_short}} Service Documentation/apigee/docs/
{{gcp_name_short}} REST Resource Name +organizations.instances +
{{gcp_name_short}} REST Resource Documentation +/apigee/docs/reference/apis/apigee/rest/v1/organizations.instances +
{{product_name_short}} Resource Short Namesgcpapigeeinstance
gcpapigeeinstances
apigeeinstance
{{product_name_short}} Service Nameapigee.googleapis.com
{{product_name_short}} Resource Fully Qualified Nameapigeeinstances.apigee.cnrm.cloud.google.com
Can Be Referenced by IAMPolicy/IAMPolicyMemberNo
{{product_name_short}} Default Average Reconcile Interval In Seconds600
+ +## Custom Resource Definition Properties + + + +### Spec +#### Schema +```yaml +accessLoggingConfig: + enabled: boolean + filter: string +consumerAcceptList: +- string +description: string +diskEncryptionKMSCryptoKeyRef: + external: string + name: string + namespace: string +displayName: string +ipRange: string +location: string +organizationRef: + external: string + name: string + namespace: string +peeringCIDRRange: string +resourceID: string +``` + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Fields
+

accessLoggingConfig

+

Optional

+ 		+

object

+

{% verbatim %}Optional. Access logging configuration enables the access logging feature at the instance. Apigee customers can enable access logging to ship the access logs to their own project's cloud logging.{% endverbatim %}

+
+

accessLoggingConfig.enabled

+

Optional

+ 		+

boolean

+

{% verbatim %}Optional. Boolean flag that specifies whether the customer access log feature is enabled.{% endverbatim %}

+
+

accessLoggingConfig.filter

+

Optional

+ 		+

string

+

{% verbatim %}Optional. Ship the access log entries that match the status_code defined in the filter. The status_code is the only expected/supported filter field. (Ex: status_code) The filter will parse it to the Common Expression Language semantics for expression evaluation to build the filter condition. (Ex: "filter": status_code >= 200 && status_code < 300 ){% endverbatim %}

+
+

consumerAcceptList

+

Optional

+ 		+

list (string)

+

{% verbatim %}Optional. Customer accept list represents the list of projects (id/number) on customer side that can privately connect to the service attachment. It is an optional field which the customers can provide during the instance creation. By default, the customer project associated with the Apigee organization will be included to the list.{% endverbatim %}

+
+

consumerAcceptList[]

+

Optional

+ 		+

string

+

{% verbatim %}{% endverbatim %}

+
+

description

+

Optional

+ 		+

string

+

{% verbatim %}Optional. Description of the instance.{% endverbatim %}

+
+

diskEncryptionKMSCryptoKeyRef

+

Optional

+ 		+

object

+

{% verbatim %}Customer Managed Encryption Key (CMEK) used for disk and volume encryption. If not specified, a Google-Managed encryption key will be used.{% endverbatim %}

+
+

diskEncryptionKMSCryptoKeyRef.external

+

Optional

+ 		+

string

+

{% verbatim %}A reference to an externally managed KMSCryptoKey. Should be in the format `projects/[kms_project_id]/locations/[region]/keyRings/[key_ring_id]/cryptoKeys/[key]`.{% endverbatim %}

+
+

diskEncryptionKMSCryptoKeyRef.name

+

Optional

+ 		+

string

+

{% verbatim %}The `name` of a `KMSCryptoKey` resource.{% endverbatim %}

+
+

diskEncryptionKMSCryptoKeyRef.namespace

+

Optional

+ 		+

string

+

{% verbatim %}The `namespace` of a `KMSCryptoKey` resource.{% endverbatim %}

+
+

displayName

+

Optional

+ 		+

string

+

{% verbatim %}Optional. Display name for the instance.{% endverbatim %}

+
+

ipRange

+

Optional

+ 		+

string

+

{% verbatim %}Optional. Comma-separated list of CIDR blocks of length 22 and/or 28 used to create the Apigee instance. Providing CIDR ranges is optional. You can provide just /22 or /28 or both (or neither). Ranges you provide should be freely available as part of a larger named range you have allocated to the Service Networking peering. If this parameter is not provided, Apigee automatically requests an available /22 and /28 CIDR block from Service Networking. Use the /22 CIDR block for configuring your firewall needs to allow traffic from Apigee. Input formats: `a.b.c.d/22` or `e.f.g.h/28` or `a.b.c.d/22,e.f.g.h/28`{% endverbatim %}

+
+

location

+

Required

+ 		+

string

+

{% verbatim %}Required. Compute Engine location where the instance resides.{% endverbatim %}

+
+

organizationRef

+

Required

+ 		+

object

+

{% verbatim %}Reference to parent Apigee Organization.{% endverbatim %}

+
+

organizationRef.external

+

Optional

+ 		+

string

+

{% verbatim %}The ApigeeOrganization selfLink, when not managed by Config Connector.{% endverbatim %}

+
+

organizationRef.name

+

Optional

+ 		+

string

+

{% verbatim %}The `name` field of an `ApigeeOrganization` resource.{% endverbatim %}

+
+

organizationRef.namespace

+

Optional

+ 		+

string

+

{% verbatim %}The `namespace` field of an `ApigeeOrganization` resource.{% endverbatim %}

+
+

peeringCIDRRange

+

Optional

+ 		+

string

+

{% verbatim %}Optional. Size of the CIDR block range that will be reserved by the instance. PAID organizations support `SLASH_16` to `SLASH_20` and defaults to `SLASH_16`. Evaluation organizations support only `SLASH_23`.{% endverbatim %}

+
+

resourceID

+

Optional

+ 		+

string

+

{% verbatim %}The ApigeeInstance name. If not given, the metadata.name will be used.{% endverbatim %}

+
+ + + +### Status +#### Schema +```yaml +conditions: +- lastTransitionTime: string + message: string + reason: string + status: string + type: string +externalRef: string +observedGeneration: integer +observedState: + createdAt: integer + host: string + lastModifiedAt: integer + port: string + runtimeVersion: string + serviceAttachment: string + state: string +``` + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Fields
conditions +

list (object)

+

{% verbatim %}Conditions represent the latest available observations of the object's current state.{% endverbatim %}

+
conditions[] +

object

+

{% verbatim %}{% endverbatim %}

+
conditions[].lastTransitionTime +

string

+

{% verbatim %}Last time the condition transitioned from one status to another.{% endverbatim %}

+
conditions[].message +

string

+

{% verbatim %}Human-readable message indicating details about last transition.{% endverbatim %}

+
conditions[].reason +

string

+

{% verbatim %}Unique, one-word, CamelCase reason for the condition's last transition.{% endverbatim %}

+
conditions[].status +

string

+

{% verbatim %}Status is the status of the condition. Can be True, False, Unknown.{% endverbatim %}

+
conditions[].type +

string

+

{% verbatim %}Type is the type of the condition.{% endverbatim %}

+
externalRef +

string

+

{% verbatim %}A unique specifier for the ApigeeInstance resource in GCP.{% endverbatim %}

+
observedGeneration +

integer

+

{% verbatim %}ObservedGeneration is the generation of the resource that was most recently observed by the Config Connector controller. If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource.{% endverbatim %}

+
observedState +

object

+

{% verbatim %}ObservedState is the state of the resource as most recently observed in GCP.{% endverbatim %}

+
observedState.createdAt +

integer

+

{% verbatim %}Output only. Time the instance was created in milliseconds since epoch.{% endverbatim %}

+
observedState.host +

string

+

{% verbatim %}Output only. Internal hostname or IP address of the Apigee endpoint used by clients to connect to the service.{% endverbatim %}

+
observedState.lastModifiedAt +

integer

+

{% verbatim %}Output only. Time the instance was last modified in milliseconds since epoch.{% endverbatim %}

+
observedState.port +

string

+

{% verbatim %}Output only. Port number of the exposed Apigee endpoint.{% endverbatim %}

+
observedState.runtimeVersion +

string

+

{% verbatim %}Output only. Version of the runtime system running in the instance. The runtime system is the set of components that serve the API Proxy traffic in your Environments.{% endverbatim %}

+
observedState.serviceAttachment +

string

+

{% verbatim %}Output only. Resource name of the service attachment created for the instance in the format: `projects/{{project-id}}/regions/{{region-id}}/serviceAttachments/{{service-attachment-id}}` Apigee customers can privately forward traffic to this service attachment using the PSC endpoints.{% endverbatim %}

+
observedState.state +

string

+

{% verbatim %}Output only. State of the instance. Values other than `ACTIVE` means the resource is not ready to use.{% endverbatim %}

+
+ +## Sample YAML(s) + +### Typical Use Case +```yaml +# Copyright 2025 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: apigee.cnrm.cloud.google.com/v1beta1 +kind: ApigeeInstance +metadata: + name: apigeeinstance-sample +spec: + organizationRef: + external: organizations/${PROJECT_ID?} + resourceID: apigeeinstance-sample + description: "A sample instance" + location: us-central1 + accessLoggingConfig: + enabled: true + filter: "status_code >= 200 && status_code < 300" + consumerAcceptList: + - "${PROJECT_NUMBER1}" + - "${PROJECT_NUMBER2}" + displayName: "My Apigee Instance" + peeringCIDRRange: "SLASH_22" +``` + + +Note: If you have any trouble with instantiating the resource, refer to Troubleshoot Config Connector. + +{% endblock %} + diff --git a/scripts/generate-google3-docs/resource-reference/overview.md b/scripts/generate-google3-docs/resource-reference/overview.md index 4f3f1d4a6f..0e866949ba 100644 --- a/scripts/generate-google3-docs/resource-reference/overview.md +++ b/scripts/generate-google3-docs/resource-reference/overview.md @@ -73,6 +73,10 @@ issues for {{product_name_short}}. {{apigee_x_name}} ApigeeEnvgroup + + {{apigee_x_name}} + ApigeeInstance + {{apigee_x_name}} ApigeeOrganization diff --git a/scripts/generate-google3-docs/resource-reference/templates/apigee_apigeeinstance.tmpl b/scripts/generate-google3-docs/resource-reference/templates/apigee_apigeeinstance.tmpl new file mode 100644 index 0000000000..a3df1aa902 --- /dev/null +++ b/scripts/generate-google3-docs/resource-reference/templates/apigee_apigeeinstance.tmpl @@ -0,0 +1,60 @@ +{{template "headercomment.tmpl" .}} + +{% extends "config-connector/_base.html" %} + +{% block page_title %}{{ .Kind}}{% endblock %} +{% block body %} +{{template "alphadisclaimer.tmpl" .}} + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +{{template "iamsupport.tmpl" .}} + + + + + +
PropertyValue
{{"{{gcp_name_short}}"}} Service NameApigee
{{"{{gcp_name_short}}"}} Service Documentation/apigee/docs/
{{"{{gcp_name_short}}"}} REST Resource Name +organizations.instances +
{{"{{gcp_name_short}}"}} REST Resource Documentation +/apigee/docs/reference/apis/apigee/rest/v1/organizations.instances +
{{"{{product_name_short}}"}} Resource Short Names{{ .ShortNames}}
{{"{{product_name_short}}"}} Service Nameapigee.googleapis.com
{{"{{product_name_short}}"}} Resource Fully Qualified Name{{ .FullyQualifiedName}}
{{"{{product_name_short}}"}} Default Average Reconcile Interval In Seconds{{ .DefaultReconcileInterval}}
+ +{{template "resource.tmpl" .}} +{{template "endnote.tmpl" .}} +{% endblock %} + diff --git a/scripts/resource-autogen/allowlist/allowlist.go b/scripts/resource-autogen/allowlist/allowlist.go index b7ab1415f8..072861410f 100644 --- a/scripts/resource-autogen/allowlist/allowlist.go +++ b/scripts/resource-autogen/allowlist/allowlist.go @@ -41,7 +41,6 @@ var ( "apigee/google_apigee_addons_config", "apigee/google_apigee_endpoint_attachment", "apigee/google_apigee_envgroup_attachment", - "apigee/google_apigee_instance", "apigee/google_apigee_instance_attachment", "apigee/google_apigee_nat_address", "apigee/google_apigee_sync_authorization", diff --git a/tests/apichecks/testdata/exceptions/missingfields.txt b/tests/apichecks/testdata/exceptions/missingfields.txt index cd7bdd1c46..9b38e1bedc 100644 --- a/tests/apichecks/testdata/exceptions/missingfields.txt +++ b/tests/apichecks/testdata/exceptions/missingfields.txt @@ -65,6 +65,7 @@ [missing_field] crd=alloydbinstances.alloydb.cnrm.cloud.google.com version=v1beta1: field ".spec.networkConfig.authorizedExternalNetworks[].cidrRange" is not set in unstructured objects [missing_field] crd=alloydbusers.alloydb.cnrm.cloud.google.com version=v1beta1: field ".spec.databaseRoles[]" is not set in unstructured objects [missing_field] crd=apigeeenvgroups.apigee.cnrm.cloud.google.com version=v1beta1: field ".spec.hostnames[]" is not set in unstructured objects +[missing_field] crd=apigeeinstances.apigee.cnrm.cloud.google.com version=v1beta1: field ".spec.consumerAcceptList[]" is not set in unstructured objects [missing_field] crd=apigeeorganizations.apigee.cnrm.cloud.google.com version=v1beta1: field ".spec.runtimeDatabaseEncryptionKeyRef" is not set; neither 'external' nor 'name' are set [missing_field] crd=artifactregistryrepositories.artifactregistry.cnrm.cloud.google.com version=v1beta1: field ".spec.cleanupPolicies[].action" is not set in unstructured objects [missing_field] crd=artifactregistryrepositories.artifactregistry.cnrm.cloud.google.com version=v1beta1: field ".spec.cleanupPolicies[].condition.newerThan" is not set in unstructured objects