From 70cfa212e6174c7ae8fbd27f8d8fe6dc02cd1196 Mon Sep 17 00:00:00 2001 From: Andrea Panattoni Date: Wed, 4 Sep 2024 12:25:29 +0200 Subject: [PATCH 1/2] cnf-tests: sriov-network-operator bump 4.18 SR-IOV Network Operator dependency bumped with commands: ``` go install -mod=mod github.com/openshift/sriov-network-operator@release-4.18 go mod edit -replace \ github.com/k8snetworkplumbingwg/sriov-network-operator=\ github.com/openshift/sriov-network-operator@release-4.18 go mod tidy go mod vendor ``` Signed-off-by: Andrea Panattoni --- .../validationsuite/cluster/validation.go | 4 +- go.mod | 24 +- go.sum | 45 +- .../sriov-network-operator/api/v1/helper.go | 395 +- .../api/v1/ovsnetwork_types.go | 91 + .../api/v1/sriovnetworknodepolicy_types.go | 51 + .../api/v1/sriovnetworknodestate_types.go | 55 +- .../api/v1/sriovnetworkpoolconfig_types.go | 13 + .../api/v1/sriovoperatorconfig_types.go | 24 +- .../api/v1/zz_generated.deepcopy.go | 364 +- .../pkg/consts/constants.go | 165 + .../pkg/render/render.go | 36 +- .../sriov-network-operator/pkg/vars/vars.go | 98 + .../test/util/clean/clean.go | 4 + .../test/util/client/clients.go | 7 + .../test/util/cluster/cluster.go | 58 +- .../test/util/namespaces/namespaces.go | 25 + .../test/util/pod/pod.go | 9 +- ...ess-operator_00-ingresscontroller.crd.yaml | 8 +- .../api/operator/v1/types_ingress.go | 4 +- .../v1/zz_generated.swagger_doc_generated.go | 2 +- .../openshift/api/route/v1/generated.proto | 4 +- .../route/v1/route-CustomNoUpgrade.crd.yaml | 8 +- .../v1/route-TechPreviewNoUpgrade.crd.yaml | 8 +- .../openshift/api/route/v1/route.crd.yaml | 8 +- .../openshift/api/route/v1/types.go | 4 +- .../v1/zz_generated.swagger_doc_generated.go | 2 +- .../pkg/apis/monitoring/resource.go | 60 + .../apis/monitoring/v1/alertmanager_types.go | 442 ++ .../apis/monitoring/v1/podmonitor_types.go | 167 + .../pkg/apis/monitoring/v1/probe_types.go | 213 + .../apis/monitoring/v1/prometheus_types.go | 1602 +++++ .../monitoring/v1/prometheusrule_types.go | 121 + .../monitoring/v1/servicemonitor_types.go | 111 + .../pkg/apis/monitoring/v1/thanos_types.go | 67 +- .../pkg/apis/monitoring/v1/types.go | 1703 +---- .../monitoring/v1/zz_generated.deepcopy.go | 798 ++- .../v1alpha1/alertmanager_config_types.go | 102 +- .../v1alpha1/prometheusagent_types.go | 96 + .../pkg/apis/monitoring/v1alpha1/register.go | 4 + .../monitoring/v1alpha1/scrapeconfig_types.go | 334 + .../apis/monitoring/v1alpha1/validation.go | 6 +- .../v1alpha1/zz_generated.deepcopy.go | 642 ++ .../v1beta1/alertmanager_config_types.go | 102 +- .../monitoring/v1beta1/conversion_from.go | 53 +- .../apis/monitoring/v1beta1/conversion_to.go | 51 +- .../v1beta1/zz_generated.deepcopy.go | 105 + .../monitoring/v1/alertingspec.go | 42 + .../monitoring/v1/alertmanager.go | 217 + .../v1/alertmanagerconfigmatcherstrategy.go | 37 + .../v1/alertmanagerconfiguration.go | 60 + .../monitoring/v1/alertmanagerendpoints.go | 141 + .../monitoring/v1/alertmanagerglobalconfig.go | 96 + .../monitoring/v1/alertmanagerspec.go | 488 ++ .../monitoring/v1/alertmanagerstatus.go | 87 + .../monitoring/v1/alertmanagerwebspec.go | 63 + .../monitoring/v1/apiserverconfig.go | 82 + .../v1/arbitraryfsaccessthroughsmsconfig.go | 37 + .../monitoring/v1/argument.go | 46 + .../monitoring/v1/attachmetadata.go | 37 + .../monitoring/v1/authorization.go | 58 + .../monitoring/v1/basicauth.go | 50 + .../monitoring/v1/commonprometheusfields.go | 763 +++ .../monitoring/v1/condition.go | 87 + .../monitoring/v1/embeddedobjectmetadata.go | 67 + .../v1/embeddedpersistentvolumeclaim.go | 117 + .../monitoring/v1/endpoint.go | 239 + .../monitoring/v1/exemplars.go | 37 + .../monitoring/v1/globalsmtpconfig.go | 104 + .../monitoring/v1/hostalias.go | 48 + .../monitoring/v1/hostport.go | 46 + .../monitoring/v1/httpconfig.go | 95 + .../monitoring/v1/metadataconfig.go | 50 + .../monitoring/v1/namespaceselector.go | 48 + .../monitoring/v1/oauth2.go | 85 + .../monitoring/v1/objectreference.go | 64 + .../monitoring/v1/podmetricsendpoint.go | 230 + .../v1/podmetricsendpointtlsconfig.go | 73 + .../monitoring/v1/podmonitor.go | 208 + .../monitoring/v1/podmonitorspec.go | 147 + .../applyconfiguration/monitoring/v1/probe.go | 208 + .../monitoring/v1/proberspec.go | 64 + .../monitoring/v1/probespec.go | 200 + .../monitoring/v1/probetargetingress.go | 65 + .../monitoring/v1/probetargets.go | 46 + .../monitoring/v1/probetargetstaticconfig.go | 72 + .../monitoring/v1/probetlsconfig.go | 73 + .../monitoring/v1/prometheus.go | 217 + .../monitoring/v1/prometheusrule.go | 208 + .../v1/prometheusruleexcludeconfig.go | 46 + .../monitoring/v1/prometheusrulespec.go | 42 + .../monitoring/v1/prometheusspec.go | 897 +++ .../monitoring/v1/prometheusstatus.go | 101 + .../monitoring/v1/prometheustracingconfig.go | 111 + .../monitoring/v1/prometheuswebspec.go | 63 + .../monitoring/v1/queryspec.go | 68 + .../monitoring/v1/queueconfig.go | 109 + .../monitoring/v1/relabelconfig.go | 97 + .../monitoring/v1/remotereadspec.go | 179 + .../monitoring/v1/remotewritespec.go | 196 + .../applyconfiguration/monitoring/v1/rule.go | 108 + .../monitoring/v1/rulegroup.go | 82 + .../applyconfiguration/monitoring/v1/rules.go | 37 + .../monitoring/v1/rulesalert.go | 55 + .../monitoring/v1/safeauthorization.go | 50 + .../monitoring/v1/safetlsconfig.go | 77 + .../monitoring/v1/secretorconfigmap.go | 50 + .../monitoring/v1/servicemonitor.go | 208 + .../monitoring/v1/servicemonitorspec.go | 158 + .../monitoring/v1/shardstatus.go | 73 + .../applyconfiguration/monitoring/v1/sigv4.go | 77 + .../monitoring/v1/storagespec.go | 68 + .../monitoring/v1/thanosruler.go | 217 + .../monitoring/v1/thanosrulerspec.go | 536 ++ .../monitoring/v1/thanosrulerstatus.go | 87 + .../monitoring/v1/thanosspec.go | 247 + .../monitoring/v1/tlsconfig.go | 100 + .../monitoring/v1/tsdbspec.go | 41 + .../monitoring/v1/webconfigfilefields.go | 46 + .../monitoring/v1/webhttpconfig.go | 46 + .../monitoring/v1/webhttpheaders.go | 73 + .../monitoring/v1/webtlsconfig.go | 117 + .../pkg/client/versioned/scheme/register.go | 14 +- .../typed/monitoring/v1/alertmanager.go | 61 + .../typed/monitoring/v1/podmonitor.go | 30 + .../versioned/typed/monitoring/v1/probe.go | 30 + .../typed/monitoring/v1/prometheus.go | 61 + .../typed/monitoring/v1/prometheusrule.go | 30 + .../typed/monitoring/v1/servicemonitor.go | 30 + .../typed/monitoring/v1/thanosruler.go | 61 + vendor/golang.org/x/net/html/token.go | 12 +- vendor/golang.org/x/net/http2/frame.go | 42 +- vendor/golang.org/x/net/http2/pipe.go | 11 +- vendor/golang.org/x/net/http2/server.go | 13 +- vendor/golang.org/x/net/http2/testsync.go | 331 + vendor/golang.org/x/net/http2/transport.go | 307 +- vendor/golang.org/x/sys/unix/aliases.go | 2 +- vendor/golang.org/x/sys/unix/asm_zos_s390x.s | 665 +- vendor/golang.org/x/sys/unix/bpxsvc_zos.go | 657 ++ vendor/golang.org/x/sys/unix/bpxsvc_zos.s | 192 + vendor/golang.org/x/sys/unix/epoll_zos.go | 220 - vendor/golang.org/x/sys/unix/fstatfs_zos.go | 163 - vendor/golang.org/x/sys/unix/mkerrors.sh | 2 +- vendor/golang.org/x/sys/unix/mmap_nomremap.go | 2 +- vendor/golang.org/x/sys/unix/pagesize_unix.go | 2 +- .../x/sys/unix/readdirent_getdirentries.go | 2 +- vendor/golang.org/x/sys/unix/sockcmsg_zos.go | 58 + .../golang.org/x/sys/unix/symaddr_zos_s390x.s | 75 + .../x/sys/unix/syscall_darwin_libSystem.go | 2 +- .../golang.org/x/sys/unix/syscall_freebsd.go | 12 +- vendor/golang.org/x/sys/unix/syscall_linux.go | 99 + .../x/sys/unix/syscall_zos_s390x.go | 1509 ++++- vendor/golang.org/x/sys/unix/sysvshm_unix.go | 2 +- .../x/sys/unix/sysvshm_unix_other.go | 2 +- vendor/golang.org/x/sys/unix/zerrors_linux.go | 45 +- .../x/sys/unix/zerrors_linux_386.go | 3 + .../x/sys/unix/zerrors_linux_amd64.go | 3 + .../x/sys/unix/zerrors_linux_arm.go | 3 + .../x/sys/unix/zerrors_linux_arm64.go | 3 + .../x/sys/unix/zerrors_linux_loong64.go | 3 + .../x/sys/unix/zerrors_linux_mips.go | 3 + .../x/sys/unix/zerrors_linux_mips64.go | 3 + .../x/sys/unix/zerrors_linux_mips64le.go | 3 + .../x/sys/unix/zerrors_linux_mipsle.go | 3 + .../x/sys/unix/zerrors_linux_ppc.go | 3 + .../x/sys/unix/zerrors_linux_ppc64.go | 3 + .../x/sys/unix/zerrors_linux_ppc64le.go | 3 + .../x/sys/unix/zerrors_linux_riscv64.go | 3 + .../x/sys/unix/zerrors_linux_s390x.go | 3 + .../x/sys/unix/zerrors_linux_sparc64.go | 3 + .../x/sys/unix/zerrors_zos_s390x.go | 233 +- .../x/sys/unix/zsymaddr_zos_s390x.s | 364 ++ .../golang.org/x/sys/unix/zsyscall_linux.go | 10 + .../x/sys/unix/zsyscall_zos_s390x.go | 3113 ++++++++-- .../x/sys/unix/zsysnum_linux_386.go | 9 + .../x/sys/unix/zsysnum_linux_amd64.go | 8 + .../x/sys/unix/zsysnum_linux_arm.go | 9 + .../x/sys/unix/zsysnum_linux_arm64.go | 9 + .../x/sys/unix/zsysnum_linux_loong64.go | 9 + .../x/sys/unix/zsysnum_linux_mips.go | 9 + .../x/sys/unix/zsysnum_linux_mips64.go | 9 + .../x/sys/unix/zsysnum_linux_mips64le.go | 9 + .../x/sys/unix/zsysnum_linux_mipsle.go | 9 + .../x/sys/unix/zsysnum_linux_ppc.go | 9 + .../x/sys/unix/zsysnum_linux_ppc64.go | 9 + .../x/sys/unix/zsysnum_linux_ppc64le.go | 9 + .../x/sys/unix/zsysnum_linux_riscv64.go | 9 + .../x/sys/unix/zsysnum_linux_s390x.go | 9 + .../x/sys/unix/zsysnum_linux_sparc64.go | 9 + .../x/sys/unix/zsysnum_zos_s390x.go | 5507 +++++++++-------- vendor/golang.org/x/sys/unix/ztypes_linux.go | 209 +- .../golang.org/x/sys/unix/ztypes_linux_386.go | 8 - .../x/sys/unix/ztypes_linux_amd64.go | 9 - .../golang.org/x/sys/unix/ztypes_linux_arm.go | 9 - .../x/sys/unix/ztypes_linux_arm64.go | 9 - .../x/sys/unix/ztypes_linux_loong64.go | 9 - .../x/sys/unix/ztypes_linux_mips.go | 9 - .../x/sys/unix/ztypes_linux_mips64.go | 9 - .../x/sys/unix/ztypes_linux_mips64le.go | 9 - .../x/sys/unix/ztypes_linux_mipsle.go | 9 - .../golang.org/x/sys/unix/ztypes_linux_ppc.go | 9 - .../x/sys/unix/ztypes_linux_ppc64.go | 9 - .../x/sys/unix/ztypes_linux_ppc64le.go | 9 - .../x/sys/unix/ztypes_linux_riscv64.go | 9 - .../x/sys/unix/ztypes_linux_s390x.go | 9 - .../x/sys/unix/ztypes_linux_sparc64.go | 9 - .../golang.org/x/sys/unix/ztypes_zos_s390x.go | 146 +- vendor/golang.org/x/sys/windows/aliases.go | 2 +- vendor/golang.org/x/sys/windows/empty.s | 8 - .../golang.org/x/sys/windows/env_windows.go | 17 +- .../x/sys/windows/syscall_windows.go | 85 +- .../golang.org/x/sys/windows/types_windows.go | 24 + .../x/sys/windows/zsyscall_windows.go | 126 +- vendor/modules.txt | 29 +- 214 files changed, 26568 insertions(+), 6321 deletions(-) create mode 100644 vendor/github.com/k8snetworkplumbingwg/sriov-network-operator/api/v1/ovsnetwork_types.go create mode 100644 vendor/github.com/k8snetworkplumbingwg/sriov-network-operator/pkg/consts/constants.go create mode 100644 vendor/github.com/k8snetworkplumbingwg/sriov-network-operator/pkg/vars/vars.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/resource.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/alertmanager_types.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/podmonitor_types.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/probe_types.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/prometheus_types.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/prometheusrule_types.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/servicemonitor_types.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1alpha1/prometheusagent_types.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1alpha1/scrapeconfig_types.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/alertingspec.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/alertmanager.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/alertmanagerconfigmatcherstrategy.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/alertmanagerconfiguration.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/alertmanagerendpoints.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/alertmanagerglobalconfig.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/alertmanagerspec.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/alertmanagerstatus.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/alertmanagerwebspec.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/apiserverconfig.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/arbitraryfsaccessthroughsmsconfig.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/argument.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/attachmetadata.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/authorization.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/basicauth.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/commonprometheusfields.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/condition.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/embeddedobjectmetadata.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/embeddedpersistentvolumeclaim.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/endpoint.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/exemplars.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/globalsmtpconfig.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/hostalias.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/hostport.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/httpconfig.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/metadataconfig.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/namespaceselector.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/oauth2.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/objectreference.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/podmetricsendpoint.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/podmetricsendpointtlsconfig.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/podmonitor.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/podmonitorspec.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/probe.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/proberspec.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/probespec.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/probetargetingress.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/probetargets.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/probetargetstaticconfig.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/probetlsconfig.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/prometheus.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/prometheusrule.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/prometheusruleexcludeconfig.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/prometheusrulespec.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/prometheusspec.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/prometheusstatus.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/prometheustracingconfig.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/prometheuswebspec.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/queryspec.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/queueconfig.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/relabelconfig.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/remotereadspec.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/remotewritespec.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/rule.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/rulegroup.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/rules.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/rulesalert.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/safeauthorization.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/safetlsconfig.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/secretorconfigmap.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/servicemonitor.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/servicemonitorspec.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/shardstatus.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/sigv4.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/storagespec.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/thanosruler.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/thanosrulerspec.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/thanosrulerstatus.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/thanosspec.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/tlsconfig.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/tsdbspec.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/webconfigfilefields.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/webhttpconfig.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/webhttpheaders.go create mode 100644 vendor/github.com/prometheus-operator/prometheus-operator/pkg/client/applyconfiguration/monitoring/v1/webtlsconfig.go create mode 100644 vendor/golang.org/x/net/http2/testsync.go create mode 100644 vendor/golang.org/x/sys/unix/bpxsvc_zos.go create mode 100644 vendor/golang.org/x/sys/unix/bpxsvc_zos.s delete mode 100644 vendor/golang.org/x/sys/unix/epoll_zos.go delete mode 100644 vendor/golang.org/x/sys/unix/fstatfs_zos.go create mode 100644 vendor/golang.org/x/sys/unix/sockcmsg_zos.go create mode 100644 vendor/golang.org/x/sys/unix/symaddr_zos_s390x.s create mode 100644 vendor/golang.org/x/sys/unix/zsymaddr_zos_s390x.s delete mode 100644 vendor/golang.org/x/sys/windows/empty.s diff --git a/cnf-tests/testsuites/validationsuite/cluster/validation.go b/cnf-tests/testsuites/validationsuite/cluster/validation.go index 94ab44e4b2..14a1b4da35 100644 --- a/cnf-tests/testsuites/validationsuite/cluster/validation.go +++ b/cnf-tests/testsuites/validationsuite/cluster/validation.go @@ -184,7 +184,7 @@ var _ = Describe("validation", func() { err := testclient.Client.Get(context.TODO(), goclient.ObjectKey{Name: "default", Namespace: namespaces.SRIOVOperator}, operatorConfig) Expect(err).ToNot(HaveOccurred()) - if *operatorConfig.Spec.EnableInjector { + if operatorConfig.Spec.EnableInjector { daemonset, err := testclient.Client.DaemonSets(namespaces.SRIOVOperator).Get(context.Background(), "network-resources-injector", metav1.GetOptions{}) Expect(err).ToNot(HaveOccurred()) Expect(daemonset.Status.DesiredNumberScheduled).To(Equal(daemonset.Status.NumberReady)) @@ -200,7 +200,7 @@ var _ = Describe("validation", func() { err := testclient.Client.Get(context.TODO(), goclient.ObjectKey{Name: "default", Namespace: namespaces.SRIOVOperator}, operatorConfig) Expect(err).ToNot(HaveOccurred()) - if *operatorConfig.Spec.EnableOperatorWebhook { + if operatorConfig.Spec.EnableOperatorWebhook { daemonset, err := testclient.Client.DaemonSets(namespaces.SRIOVOperator).Get(context.Background(), "operator-webhook", metav1.GetOptions{}) Expect(err).ToNot(HaveOccurred()) Expect(daemonset.Status.DesiredNumberScheduled).To(Equal(daemonset.Status.NumberReady)) diff --git a/go.mod b/go.mod index 8d11854131..d53647ab66 100644 --- a/go.mod +++ b/go.mod @@ -7,7 +7,9 @@ module github.com/openshift-kni/cnf-features-deploy // - openshift-ci/Dockerfile* // - ztp/resource-generator/Containerfile // - ztp/tools/pgt2acmpg/go.mod -go 1.22 +go 1.22.4 + +toolchain go1.22.7 require ( github.com/coreos/go-systemd v0.0.0-20190719114852-fd7a80b32e1f @@ -29,14 +31,14 @@ require ( github.com/open-policy-agent/gatekeeper/v3 v3.13.0 github.com/openshift-kni/k8sreporter v1.0.5 github.com/openshift-psap/special-resource-operator v0.0.0-00010101000000-000000000000 - github.com/openshift/api v0.0.0-20230807121159-a81c3efc8824 + github.com/openshift/api v0.0.0-20230807132801-600991d550ac github.com/openshift/client-go v0.0.0-20230807132528-be5346fb33cb github.com/openshift/cluster-nfd-operator v0.0.0-00010101000000-000000000000 github.com/openshift/cluster-node-tuning-operator v0.0.0-00010101000000-000000000000 - github.com/openshift/machine-config-operator v0.0.1-0.20230807154212-886c5c3fc7a9 + github.com/openshift/machine-config-operator v0.0.1-0.20231024085435-7e1fb719c1ba github.com/openshift/ptp-operator v0.0.0-00010101000000-000000000000 github.com/stretchr/testify v1.8.4 - golang.org/x/sys v0.16.0 + golang.org/x/sys v0.20.0 gopkg.in/yaml.v3 v3.0.1 k8s.io/api v0.28.3 k8s.io/apiextensions-apiserver v0.28.3 @@ -105,12 +107,12 @@ require ( github.com/modern-go/reflect2 v1.0.2 // indirect github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect github.com/openshift/custom-resource-status v1.1.3-0.20220503160415-f2fdb4999d87 // indirect - github.com/openshift/library-go v0.0.0-20230803043003-e1dfb9bf12bb // indirect + github.com/openshift/library-go v0.0.0-20231020125025-211b32f1a1f2 // indirect github.com/operator-framework/api v0.10.7 // indirect github.com/pkg/errors v0.9.1 // indirect github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect - github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring v0.57.0 // indirect - github.com/prometheus-operator/prometheus-operator/pkg/client v0.57.0 // indirect + github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring v0.68.0 // indirect + github.com/prometheus-operator/prometheus-operator/pkg/client v0.68.0 // indirect github.com/prometheus/client_golang v1.17.0 // indirect github.com/prometheus/client_model v0.5.0 // indirect github.com/prometheus/common v0.45.0 // indirect @@ -126,12 +128,12 @@ require ( go.uber.org/multierr v1.11.0 // indirect go.uber.org/zap v1.25.0 // indirect go4.org v0.0.0-20200104003542-c7e774b10ea0 // indirect - golang.org/x/crypto v0.17.0 // indirect + golang.org/x/crypto v0.21.0 // indirect golang.org/x/exp v0.0.0-20231006140011-7918f672742d // indirect - golang.org/x/net v0.19.0 // indirect + golang.org/x/net v0.23.0 // indirect golang.org/x/oauth2 v0.13.0 // indirect golang.org/x/sync v0.5.0 // indirect - golang.org/x/term v0.15.0 // indirect + golang.org/x/term v0.18.0 // indirect golang.org/x/text v0.14.0 // indirect golang.org/x/time v0.3.0 // indirect golang.org/x/tools v0.16.1 // indirect @@ -200,7 +202,7 @@ replace ( // Test deps replace ( - github.com/k8snetworkplumbingwg/sriov-network-operator => github.com/openshift/sriov-network-operator v0.0.0-20240125124104-58986501f2b4 // release-4.16 + github.com/k8snetworkplumbingwg/sriov-network-operator => github.com/openshift/sriov-network-operator v0.0.0-20241030164825-c0e75feba48a // release-4.16 github.com/nmstate/kubernetes-nmstate/api => github.com/openshift/kubernetes-nmstate/api v0.0.0-20240726065608-fbf9eb6f75e6 github.com/openshift-psap/special-resource-operator => github.com/openshift/special-resource-operator v0.0.0-20211202035230-4c86f99c426b // release-4.10 github.com/openshift/cluster-nfd-operator => github.com/openshift/cluster-nfd-operator v0.0.0-20240125121050-830c889e311e // release-4.9 diff --git a/go.sum b/go.sum index 11b0910440..63111f7e48 100644 --- a/go.sum +++ b/go.sum @@ -788,8 +788,8 @@ github.com/felixge/httpsnoop v1.0.3 h1:s/nj+GCswXYzN5v2DpNMuMQYe+0DDwt5WVCU6CWBd github.com/felixge/httpsnoop v1.0.3/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U= github.com/fogleman/gg v1.2.1-0.20190220221249-0403632d5b90/go.mod h1:R/bRT+9gY/C5z7JzPU0zXsXHKM4/ayA+zqcVNZzPa1k= github.com/fogleman/gg v1.3.0/go.mod h1:R/bRT+9gY/C5z7JzPU0zXsXHKM4/ayA+zqcVNZzPa1k= -github.com/frankban/quicktest v1.14.3 h1:FJKSZTDHjyhriyC81FLQ0LY93eSai0ZyR/ZIkd3ZUKE= -github.com/frankban/quicktest v1.14.3/go.mod h1:mgiwOwqx65TmIk1wJ6Q7wvnVMocbUorkibMOrVTHZps= +github.com/frankban/quicktest v1.14.4 h1:g2rn0vABPOOXmZUj+vbmUp0lPoXEMuhTpIluN0XL9UY= +github.com/frankban/quicktest v1.14.4/go.mod h1:4ptaffx2x8+WTWXmUCuVU6aPUX1/Mz7zb5vbUoiM6w0= github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ= github.com/fsnotify/fsnotify v1.6.0/go.mod h1:sl3t1tCWJFWoRz9R8WJCbQihKKwmorjAbSClcnxKAGw= @@ -1214,8 +1214,8 @@ github.com/open-policy-agent/opa v0.54.0/go.mod h1:d8I8jWygKGi4+T4H07qrbeCdH1ITL github.com/openshift-kni/k8sreporter v1.0.5 h1:1GYBc/BTZyVoXilHef43v9A8BSzw700zAPZ6zsZvo6Y= github.com/openshift-kni/k8sreporter v1.0.5/go.mod h1:fg8HI9yxiKAi6UzR6NTtrmQmA2WKzUqmkRUHwQ1+Bj8= github.com/openshift/api v0.0.0-20210521075222-e273a339932a/go.mod h1:izBmoXbUu3z5kUa4FjZhvekTsyzIWiOoaIgJiZBBMQs= -github.com/openshift/api v0.0.0-20230807121159-a81c3efc8824 h1:tyXFOOOL6pmacGu9jYjiqjtpMwO8UkIjR9EthRJF5Tk= -github.com/openshift/api v0.0.0-20230807121159-a81c3efc8824/go.mod h1:yimSGmjsI+XF1mr+AKBs2//fSXIOhhetHGbMlBEfXbs= +github.com/openshift/api v0.0.0-20230807132801-600991d550ac h1:HqT8MmYGXiUGUW0BjygTGOOvqO2wIsTaG3q8nboJyPY= +github.com/openshift/api v0.0.0-20230807132801-600991d550ac/go.mod h1:yimSGmjsI+XF1mr+AKBs2//fSXIOhhetHGbMlBEfXbs= github.com/openshift/build-machinery-go v0.0.0-20210423112049-9415d7ebd33e/go.mod h1:b1BuldmJlbA/xYtdZvKi+7j5YGB44qJUJDZ9zwiNCfE= github.com/openshift/client-go v0.0.0-20210521082421-73d9475a9142 h1:ZHRIMCFIJN1p9LsJt4HQ+akDrys4PrYnXzOWI5LK03I= github.com/openshift/client-go v0.0.0-20210521082421-73d9475a9142/go.mod h1:fjS8r9mqDVsPb5td3NehsNOAWa4uiFkYEfVZioQ2gH0= @@ -1227,16 +1227,16 @@ github.com/openshift/custom-resource-status v1.1.3-0.20220503160415-f2fdb4999d87 github.com/openshift/custom-resource-status v1.1.3-0.20220503160415-f2fdb4999d87/go.mod h1:DB/Mf2oTeiAmVVX1gN+NEqweonAPY0TKUwADizj8+ZA= github.com/openshift/kubernetes-nmstate/api v0.0.0-20240726065608-fbf9eb6f75e6 h1:QnxF9OyS6+CeAv9P+d9PkX+KRddLDT0rut65YkWDqAI= github.com/openshift/kubernetes-nmstate/api v0.0.0-20240726065608-fbf9eb6f75e6/go.mod h1:lb+63X+ifPfwEmwPfCVF+EBLYXWEOyx30BmQU7406Qc= -github.com/openshift/library-go v0.0.0-20230803043003-e1dfb9bf12bb h1:lZTLi1LHYfw5mI2qdBxl4RsY2ua56ezss3IfaDIFHG0= -github.com/openshift/library-go v0.0.0-20230803043003-e1dfb9bf12bb/go.mod h1:jPcIZk2ReAozFTDX2s9peO5at1Hs1BS6JvoASSk6NqQ= +github.com/openshift/library-go v0.0.0-20231020125025-211b32f1a1f2 h1:TWG/YVRhSvjYq8iIwJ2Wpoopgg0zuh+ZAl1RSm4J8Z0= +github.com/openshift/library-go v0.0.0-20231020125025-211b32f1a1f2/go.mod h1:ZFwNwC3opc/7aOvzUbU95zp33Lbxet48h80ryH3p6DY= github.com/openshift/machine-config-operator v0.0.1-0.20230811181556-63d7be1ef18b h1:xc5rUUDL/1wChRZTmOUxyRUCBcNOufppcKBj7jR4JKw= github.com/openshift/machine-config-operator v0.0.1-0.20230811181556-63d7be1ef18b/go.mod h1:kP51fbL8QBSY/mAkFicoF73x0QSraPrX4BjWIdzFPio= github.com/openshift/ptp-operator v0.0.0-20230831212656-4b8be2662cfe h1:v+6f2Tvskfns4D3HfTGanq7pdAz5KQbnszNDKhwAcVo= github.com/openshift/ptp-operator v0.0.0-20230831212656-4b8be2662cfe/go.mod h1:qTPeACdnGd6twqTCuIU0JLtrkK5ueOlUSW7P99Qmc7o= github.com/openshift/special-resource-operator v0.0.0-20211202035230-4c86f99c426b h1:NlOsWwZI4tYu6XbqG1/9jtg2I20+zs+8vy7d4X7ieZs= github.com/openshift/special-resource-operator v0.0.0-20211202035230-4c86f99c426b/go.mod h1:ESuS9sfrzo0EpEHaHNEvjo1oThseBnGU5s+RT1psTRA= -github.com/openshift/sriov-network-operator v0.0.0-20240125124104-58986501f2b4 h1:MYRQLf56sZkvw8mBYr3oJ8mWlFaX3zzd6777TI5wS0U= -github.com/openshift/sriov-network-operator v0.0.0-20240125124104-58986501f2b4/go.mod h1:xptXDhHKkyKybUAfZlGwkjTBWCd/XUAlWMUARO8KQ48= +github.com/openshift/sriov-network-operator v0.0.0-20241030164825-c0e75feba48a h1:w7m9oomukJO7LWrsKl5oORTWZ3nNYH3kfTBRRqQBmDM= +github.com/openshift/sriov-network-operator v0.0.0-20241030164825-c0e75feba48a/go.mod h1:24FwaMJhayKG3W8aCojB7DJ2+POW//LmoPJTZmpCg0o= github.com/opentracing/opentracing-go v1.1.0/go.mod h1:UkNAQd3GIcIGf0SeVgPpRdFStlNbqXla1AfSYxPUl2o= github.com/operator-framework/api v0.10.7 h1:GlZJ6m+0WSVdSsSjTbhKKAvHXamWJXhwXHUhVwL8LBE= github.com/operator-framework/api v0.10.7/go.mod h1:PtQSNSuVrhSC6YE6JJJZv3nnZJc32osKX8FmFUZK05U= @@ -1261,10 +1261,10 @@ github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRI github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/posener/complete v1.1.1/go.mod h1:em0nMJCgc9GFtwrmVmEMR/ZL6WyhyjMBndrE9hABlRI= github.com/pquerna/cachecontrol v0.1.0/go.mod h1:NrUG3Z7Rdu85UNR3vm7SOsl1nFIeSiQnrHV5K9mBcUI= -github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring v0.57.0 h1:dslXhV7NbAFID2fh0ZLMjodbMYuitiJzDEpYNOoyRrg= -github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring v0.57.0/go.mod h1:tflNO6iwG09icVcOe2VfhC73fmtKSKT1aNXYnVtAumU= -github.com/prometheus-operator/prometheus-operator/pkg/client v0.57.0 h1:hQjHp72iJwlC5sUvVWTgPzPjfEdKbi1T9hf7UT9aepQ= -github.com/prometheus-operator/prometheus-operator/pkg/client v0.57.0/go.mod h1:vGGGrqnNJ+y/l6qpsL09C2uAqYRLBv8gGbXLypUphx0= +github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring v0.68.0 h1:yl9ceUSUBo9woQIO+8eoWpcxZkdZgm89g+rVvu37TUw= +github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring v0.68.0/go.mod h1:9Uuu3pEU2jB8PwuqkHvegQ0HV/BlZRJUyfTYAqfdVF8= +github.com/prometheus-operator/prometheus-operator/pkg/client v0.68.0 h1:8FS0sXpFkFPxp2gfkxyEMnhZV9yhf7xPbpsIeUZHlzM= +github.com/prometheus-operator/prometheus-operator/pkg/client v0.68.0/go.mod h1:ul4ND0BMCcOX1OSZvbJA1/lh7yQ2ILHNKuZIojGISe4= github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= github.com/prometheus/client_golang v0.9.3/go.mod h1:/TN21ttK/J9q6uSwhBd54HahCDft0ttaMvbicHlPoso= github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo= @@ -1513,8 +1513,8 @@ golang.org/x/crypto v0.0.0-20220411220226-7b82a4e95df4/go.mod h1:IxCIyHEi3zRg3s0 golang.org/x/crypto v0.1.0/go.mod h1:RecgLatLF4+eUMCP1PoPZQb+cVrJcOPbHkTkbkB9sbw= golang.org/x/crypto v0.3.0/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4= golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4= -golang.org/x/crypto v0.17.0 h1:r8bRNjWL3GshPW3gkd+RpvzWrZAwPS49OmTGZ/uhM4k= -golang.org/x/crypto v0.17.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4= +golang.org/x/crypto v0.21.0 h1:X31++rzVUdKhX5sWmSOFZxx8UW/ldWx55cbf08iNAMA= +golang.org/x/crypto v0.21.0/go.mod h1:0BP7YvVV9gBbVKyeTG0Gyn+gZm94bibOW5BjDEYAOMs= golang.org/x/exp v0.0.0-20180321215751-8460e604b9de/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20180807140117-3d87b88a115f/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= @@ -1632,7 +1632,6 @@ golang.org/x/net v0.0.0-20210813160813-60bc85c4be6d/go.mod h1:9nx3DQGgdP8bBQD5qx golang.org/x/net v0.0.0-20211015210444-4f30a5c0130f/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20211123203042-d83791d6bcd9/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -golang.org/x/net v0.0.0-20211209124913-491a49abca63/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= golang.org/x/net v0.0.0-20220225172249-27dd8689420f/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= golang.org/x/net v0.0.0-20220325170049-de3da57026de/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= @@ -1656,8 +1655,8 @@ golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc= golang.org/x/net v0.9.0/go.mod h1:d48xBJpPfHeWQsugry2m+kC02ZBRGRgulfHnEXEuWns= golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE= -golang.org/x/net v0.19.0 h1:zTwKpTd2XuCqf8huc7Fo2iSy+4RHPd10s4KzeTnVr1c= -golang.org/x/net v0.19.0/go.mod h1:CfAk/cbD4CthTvqiEl8NpboMuiuOYsAr/7NOjZJtv1U= +golang.org/x/net v0.23.0 h1:7EYJ93RZ9vYSZAIb2x3lnuvqO5zneoD6IvWjuhfxjTs= +golang.org/x/net v0.23.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -1817,8 +1816,8 @@ golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.7.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.16.0 h1:xWw16ngr6ZMtmxDyKyIgsE93KNKz5HKmMa3b8ALHidU= -golang.org/x/sys v0.16.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.20.0 h1:Od9JTbYCk261bKm4M/mw7AklTlFYIa0bIp9BgSm1S8Y= +golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.1.0/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= @@ -1830,8 +1829,8 @@ golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U= golang.org/x/term v0.7.0/go.mod h1:P32HKFT3hSsZrRxla30E9HqToFYAQPCMs/zFMBUFqPY= golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo= golang.org/x/term v0.13.0/go.mod h1:LTmsnFJwVN6bCy1rVCoS+qHT1HhALEFxKncY3WNNh4U= -golang.org/x/term v0.15.0 h1:y/Oo/a/q3IXu26lQgl04j/gjuBDOBlx7X6Om1j2CPW4= -golang.org/x/term v0.15.0/go.mod h1:BDl952bC7+uMoWR75FIrCDx79TPU9oHkTZ9yRbYOrX0= +golang.org/x/term v0.18.0 h1:FcHjZXDMxI8mM3nwhX9HlKop4C0YQvCVCdwYl2wOtE8= +golang.org/x/term v0.18.0/go.mod h1:ILwASektA3OnRv7amZ1xhE/KTR+u50pbXfZ03+6Nx58= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -2299,7 +2298,6 @@ k8s.io/klog v1.0.0/go.mod h1:4Bi6QPql/J/LkTDqv7R/cd3hPo4k2DG6Ptcz060Ez5I= k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE= k8s.io/klog/v2 v2.2.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y= k8s.io/klog/v2 v2.8.0/go.mod h1:hy9LJ/NvuK+iVyP4Ehqva4HxZG/oXyIS3n3Jmire4Ec= -k8s.io/klog/v2 v2.30.0/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= k8s.io/klog/v2 v2.40.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= k8s.io/klog/v2 v2.80.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= k8s.io/klog/v2 v2.90.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= @@ -2318,7 +2316,6 @@ k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00/go.mod h1:AsvuZPBlUDVuCdz k8s.io/kubelet v0.28.3 h1:bp/uIf1R5F61BlFvFtzc4PDEiK7TtFcw3wFJlc0V0LM= k8s.io/kubelet v0.28.3/go.mod h1:E3NHYbp/v45Ao6AD0EOZnqO3L0R6Haks6Nm0+bnFwtU= k8s.io/utils v0.0.0-20210802155522-efc7438f0176/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= -k8s.io/utils v0.0.0-20211116205334-6203023598ed/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= k8s.io/utils v0.0.0-20230209194617-a36077c30491/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= k8s.io/utils v0.0.0-20230406110748-d93618cff8a2/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= k8s.io/utils v0.0.0-20230726121419-3b25d923346b h1:sgn3ZU783SCgtaSJjpcVVlRqd6GSnlTLKgpAAttJvpI= @@ -2374,13 +2371,11 @@ sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.1.2/go.mod h1:+qG7ISX sigs.k8s.io/controller-runtime v0.15.2 h1:9V7b7SDQSJ08IIsJ6CY1CE85Okhp87dyTMNDG0FS7f4= sigs.k8s.io/controller-runtime v0.15.2/go.mod h1:7ngYvp1MLT+9GeZ+6lH3LOlcHkp/+tzA/fmHa4iq9kk= sigs.k8s.io/controller-tools v0.6.2/go.mod h1:oaeGpjXn6+ZSEIQkUe/+3I40PNiDYp9aeawbt3xTgJ8= -sigs.k8s.io/json v0.0.0-20211020170558-c049b76a60c6/go.mod h1:p4QtZmO4uMYipTQNzagwnNoseA6OxSUutVw05NhYDRs= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= sigs.k8s.io/kube-storage-version-migrator v0.0.6-0.20230721195810-5c8923c5ff96 h1:PFWFSkpArPNJxFX4ZKWAk9NSeRoZaXschn+ULa4xVek= sigs.k8s.io/kube-storage-version-migrator v0.0.6-0.20230721195810-5c8923c5ff96/go.mod h1:EOBQyBowOUsd7U4CJnMHNE0ri+zCXyouGdLwC/jZU+I= sigs.k8s.io/structured-merge-diff/v4 v4.0.2/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= -sigs.k8s.io/structured-merge-diff/v4 v4.2.1/go.mod h1:j/nl6xW8vLS49O8YvXW1ocPhZawJtm+Yrr7PPRQ0Vg4= sigs.k8s.io/structured-merge-diff/v4 v4.2.3/go.mod h1:qjx8mGObPmV2aSZepjQjbmb2ihdVs8cGKBraizNC69E= sigs.k8s.io/structured-merge-diff/v4 v4.3.0 h1:UZbZAZfX0wV2zr7YZorDz6GXROfDFj6LvqCRm4VUVKk= sigs.k8s.io/structured-merge-diff/v4 v4.3.0/go.mod h1:N8hJocpFajUSSeSJ9bOZ77VzejKZaXsTtZo4/u7Io08= diff --git a/vendor/github.com/k8snetworkplumbingwg/sriov-network-operator/api/v1/helper.go b/vendor/github.com/k8snetworkplumbingwg/sriov-network-operator/api/v1/helper.go index ba2429caf9..bfdfbc4731 100644 --- a/vendor/github.com/k8snetworkplumbingwg/sriov-network-operator/api/v1/helper.go +++ b/vendor/github.com/k8snetworkplumbingwg/sriov-network-operator/api/v1/helper.go @@ -5,22 +5,24 @@ import ( "encoding/json" "fmt" "os" + "path/filepath" + "reflect" "regexp" + "slices" "sort" "strconv" "strings" - netattdefv1 "github.com/k8snetworkplumbingwg/network-attachment-definition-client/pkg/apis/k8s.cni.cncf.io/v1" corev1 "k8s.io/api/core/v1" - "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" uns "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" - "k8s.io/apimachinery/pkg/types" + intstrutil "k8s.io/apimachinery/pkg/util/intstr" "k8s.io/client-go/kubernetes" - "sigs.k8s.io/controller-runtime/pkg/client" logf "sigs.k8s.io/controller-runtime/pkg/log" + "github.com/k8snetworkplumbingwg/sriov-network-operator/pkg/consts" "github.com/k8snetworkplumbingwg/sriov-network-operator/pkg/render" + "github.com/k8snetworkplumbingwg/sriov-network-operator/pkg/vars" ) const ( @@ -35,7 +37,8 @@ const ( SriovCniStateAuto = "auto" SriovCniStateOff = "off" SriovCniStateOn = "on" - SriovCniIpamEmpty = "\"ipam\":{}" + SriovCniIpam = "\"ipam\"" + SriovCniIpamEmpty = SriovCniIpam + ":{}" ) const invalidVfIndex = -1 @@ -47,6 +50,8 @@ var log = logf.Log.WithName("sriovnetwork") // Vendor ID, Physical Function Device ID, Virtual Function Device ID var NicIDMap = []string{} +var InitialState SriovNetworkNodeState + // NetFilterType Represents the NetFilter tags to be used type NetFilterType int @@ -211,6 +216,127 @@ func GetVfDeviceID(deviceID string) string { return "" } +func IsSwitchdevModeSpec(spec SriovNetworkNodeStateSpec) bool { + return ContainsSwitchdevInterface(spec.Interfaces) +} + +// ContainsSwitchdevInterface returns true if provided interface list contains interface +// with switchdev configuration +func ContainsSwitchdevInterface(interfaces []Interface) bool { + for _, iface := range interfaces { + if iface.EswitchMode == ESwithModeSwitchDev { + return true + } + } + return false +} + +func FindInterface(interfaces Interfaces, name string) (iface Interface, err error) { + for _, i := range interfaces { + if i.Name == name { + return i, nil + } + } + return Interface{}, fmt.Errorf("unable to find interface: %v", name) +} + +// GetEswitchModeFromSpec returns ESwitchMode from the interface spec, returns legacy if not set +func GetEswitchModeFromSpec(ifaceSpec *Interface) string { + if ifaceSpec.EswitchMode == "" { + return ESwithModeLegacy + } + return ifaceSpec.EswitchMode +} + +// GetEswitchModeFromStatus returns ESwitchMode from the interface status, returns legacy if not set +func GetEswitchModeFromStatus(ifaceStatus *InterfaceExt) string { + if ifaceStatus.EswitchMode == "" { + return ESwithModeLegacy + } + return ifaceStatus.EswitchMode +} + +func NeedToUpdateSriov(ifaceSpec *Interface, ifaceStatus *InterfaceExt) bool { + if ifaceSpec.Mtu > 0 { + mtu := ifaceSpec.Mtu + if mtu > ifaceStatus.Mtu { + log.V(2).Info("NeedToUpdateSriov(): MTU needs update", "desired", mtu, "current", ifaceStatus.Mtu) + return true + } + } + currentEswitchMode := GetEswitchModeFromStatus(ifaceStatus) + desiredEswitchMode := GetEswitchModeFromSpec(ifaceSpec) + if currentEswitchMode != desiredEswitchMode { + log.V(2).Info("NeedToUpdateSriov(): EswitchMode needs update", "desired", desiredEswitchMode, "current", currentEswitchMode) + return true + } + if ifaceSpec.NumVfs != ifaceStatus.NumVfs { + log.V(2).Info("NeedToUpdateSriov(): NumVfs needs update", "desired", ifaceSpec.NumVfs, "current", ifaceStatus.NumVfs) + return true + } + + if ifaceStatus.LinkAdminState == consts.LinkAdminStateDown { + log.V(2).Info("NeedToUpdateSriov(): PF link status needs update", "desired to include", "up", "current", ifaceStatus.LinkAdminState) + return true + } + + if ifaceSpec.NumVfs > 0 { + for _, vfStatus := range ifaceStatus.VFs { + for _, groupSpec := range ifaceSpec.VfGroups { + if IndexInRange(vfStatus.VfID, groupSpec.VfRange) { + if vfStatus.Driver == "" { + log.V(2).Info("NeedToUpdateSriov(): Driver needs update - has no driver", + "desired", groupSpec.DeviceType) + return true + } + if groupSpec.DeviceType != "" && groupSpec.DeviceType != consts.DeviceTypeNetDevice { + if groupSpec.DeviceType != vfStatus.Driver { + log.V(2).Info("NeedToUpdateSriov(): Driver needs update", + "desired", groupSpec.DeviceType, "current", vfStatus.Driver) + return true + } + } else { + if StringInArray(vfStatus.Driver, vars.DpdkDrivers) { + log.V(2).Info("NeedToUpdateSriov(): Driver needs update", + "desired", groupSpec.DeviceType, "current", vfStatus.Driver) + return true + } + if vfStatus.Mtu != 0 && groupSpec.Mtu != 0 && vfStatus.Mtu != groupSpec.Mtu { + log.V(2).Info("NeedToUpdateSriov(): VF MTU needs update", + "vf", vfStatus.VfID, "desired", groupSpec.Mtu, "current", vfStatus.Mtu) + return true + } + + if (strings.EqualFold(ifaceStatus.LinkType, consts.LinkTypeETH) && groupSpec.IsRdma) || strings.EqualFold(ifaceStatus.LinkType, consts.LinkTypeIB) { + // We do this check only if a Node GUID is set to ensure that we were able to read the + // Node GUID. We intentionally skip empty Node GUID in vfStatus because this may happen + // when the VF is allocated to a workload. + if vfStatus.GUID == consts.UninitializedNodeGUID { + log.V(2).Info("NeedToUpdateSriov(): VF GUID needs update", + "vf", vfStatus.VfID, "current", vfStatus.GUID) + return true + } + } + // this is needed to be sure the admin mac address is configured as expected + if ifaceSpec.ExternallyManaged { + log.V(2).Info("NeedToUpdateSriov(): need to update the device as it's externally manage", + "device", ifaceStatus.PciAddress) + return true + } + } + if groupSpec.VdpaType != vfStatus.VdpaType { + log.V(2).Info("NeedToUpdateSriov(): VF VdpaType mismatch", + "desired", groupSpec.VdpaType, "current", vfStatus.VdpaType) + return true + } + break + } + } + } + } + return false +} + type ByPriority []SriovNetworkNodePolicy func (a ByPriority) Len() int { @@ -273,8 +399,7 @@ func UniqueAppend(inSlice []string, strings ...string) []string { // Apply policy to SriovNetworkNodeState CR func (p *SriovNetworkNodePolicy) Apply(state *SriovNetworkNodeState, equalPriority bool) error { s := p.Spec.NicSelector - if s.Vendor == "" && s.DeviceID == "" && len(s.RootDevices) == 0 && len(s.PfNames) == 0 && - len(s.NetFilter) == 0 { + if s.IsEmpty() { // Empty NicSelector match none return nil } @@ -291,7 +416,7 @@ func (p *SriovNetworkNodePolicy) Apply(state *SriovNetworkNodeState, equalPriori ExternallyManaged: p.Spec.ExternallyManaged, } if p.Spec.NumVfs > 0 { - group, err := p.generateVfGroup(&iface) + group, err := p.generatePfNameVfGroup(&iface) if err != nil { return err } @@ -314,6 +439,66 @@ func (p *SriovNetworkNodePolicy) Apply(state *SriovNetworkNodeState, equalPriori return nil } +// ApplyBridgeConfig applies bridge configuration from the policy to the provided state +func (p *SriovNetworkNodePolicy) ApplyBridgeConfig(state *SriovNetworkNodeState) error { + if p.Spec.NicSelector.IsEmpty() { + // Empty NicSelector match none + return nil + } + // sanity check the policy + if !p.Spec.Bridge.IsEmpty() { + if p.Spec.EswitchMode != ESwithModeSwitchDev { + return fmt.Errorf("eSwitchMode must be switchdev to use software bridge management") + } + if p.Spec.LinkType != "" && !strings.EqualFold(p.Spec.LinkType, consts.LinkTypeETH) { + return fmt.Errorf("linkType must be eth or ETH to use software bridge management") + } + if p.Spec.ExternallyManaged { + return fmt.Errorf("software bridge management can't be used when link is externally managed") + } + } + for _, iface := range state.Status.Interfaces { + if p.Spec.NicSelector.Selected(&iface) { + if p.Spec.Bridge.OVS == nil { + // The policy has no OVS bridge config, this means that the node's state should have no managed OVS bridges for the interfaces that match the policy. + // Currently PF to OVS bridge mapping is always 1 to 1 (bonding is not supported at the moment), meaning we can remove the OVS bridge + // config from the node's state if it has the interface (that matches "empty-bridge" policy) in the uplink section. + state.Spec.Bridges.OVS = slices.DeleteFunc(state.Spec.Bridges.OVS, func(br OVSConfigExt) bool { + return slices.ContainsFunc(br.Uplinks, func(uplink OVSUplinkConfigExt) bool { + return uplink.PciAddress == iface.PciAddress + }) + }) + if len(state.Spec.Bridges.OVS) == 0 { + state.Spec.Bridges.OVS = nil + } + continue + } + ovsBridge := OVSConfigExt{ + Name: GenerateBridgeName(&iface), + Bridge: p.Spec.Bridge.OVS.Bridge, + Uplinks: []OVSUplinkConfigExt{{ + PciAddress: iface.PciAddress, + Name: iface.Name, + Interface: p.Spec.Bridge.OVS.Uplink.Interface, + }}, + } + log.Info("Update bridge for interface", "name", iface.Name, "bridge", ovsBridge.Name) + + // We need to keep slices with bridges ordered to avoid unnecessary updates in the K8S API. + // Use binary search to insert (or update) the bridge config to the right place in the slice to keep it sorted. + pos, exist := slices.BinarySearchFunc(state.Spec.Bridges.OVS, ovsBridge, func(x, y OVSConfigExt) int { + return strings.Compare(x.Name, y.Name) + }) + if exist { + state.Spec.Bridges.OVS[pos] = ovsBridge + } else { + state.Spec.Bridges.OVS = slices.Insert(state.Spec.Bridges.OVS, pos, ovsBridge) + } + } + } + return nil +} + // mergeConfigs merges configs from multiple polices where the last one has the // highest priority. This merge is dependent on: 1. SR-IOV partition is // configured with the #-notation in pfName, 2. The VF groups are @@ -360,13 +545,13 @@ func (gr VfGroup) isVFRangeOverlapping(group VfGroup) bool { return IndexInRange(rngSt, group.VfRange) || IndexInRange(rngEnd, group.VfRange) } -func (p *SriovNetworkNodePolicy) generateVfGroup(iface *InterfaceExt) (*VfGroup, error) { +func (p *SriovNetworkNodePolicy) generatePfNameVfGroup(iface *InterfaceExt) (*VfGroup, error) { var err error pfName := "" var rngStart, rngEnd int found := false for _, selector := range p.Spec.NicSelector.PfNames { - pfName, rngStart, rngEnd, err = ParsePFName(selector) + pfName, rngStart, rngEnd, err = ParseVfRange(selector) if err != nil { log.Error(err, "Unable to parse PF Name.") return nil, err @@ -419,19 +604,40 @@ func parseRange(r string) (rngSt, rngEnd int, err error) { return } -// Parse PF name with VF range -func ParsePFName(name string) (ifName string, rngSt, rngEnd int, err error) { +// SplitDeviceFromRange return the device name and the range. +// the split is base on # +func SplitDeviceFromRange(device string) (string, string) { + if strings.Contains(device, "#") { + fields := strings.Split(device, "#") + return fields[0], fields[1] + } + + return device, "" +} + +// ParseVfRange: parse a device with VF range +// this can be rootDevices or PFName +// if no range detect we just return the device name +func ParseVfRange(device string) (rootDeviceName string, rngSt, rngEnd int, err error) { rngSt, rngEnd = invalidVfIndex, invalidVfIndex - if strings.Contains(name, "#") { - fields := strings.Split(name, "#") - ifName = fields[0] - rngSt, rngEnd, err = parseRange(fields[1]) + rootDeviceName, splitRange := SplitDeviceFromRange(device) + if splitRange != "" { + rngSt, rngEnd, err = parseRange(splitRange) } else { - ifName = name + rootDeviceName = device } return } +// IsEmpty returns true if nicSelector is empty +func (selector *SriovNetworkNicSelector) IsEmpty() bool { + return selector.Vendor == "" && + selector.DeviceID == "" && + len(selector.RootDevices) == 0 && + len(selector.PfNames) == 0 && + len(selector.NetFilter) == 0 +} + func (selector *SriovNetworkNicSelector) Selected(iface *InterfaceExt) bool { if selector.Vendor != "" && selector.Vendor != iface.Vendor { return false @@ -517,7 +723,7 @@ func (cr *SriovIBNetwork) RenderNetAttDef() (*uns.Unstructured, error) { } if cr.Spec.IPAM != "" { - data.Data["SriovCniIpam"] = "\"ipam\":" + strings.Join(strings.Fields(cr.Spec.IPAM), "") + data.Data["SriovCniIpam"] = SriovCniIpam + ":" + strings.Join(strings.Fields(cr.Spec.IPAM), "") } else { data.Data["SriovCniIpam"] = SriovCniIpamEmpty } @@ -533,7 +739,7 @@ func (cr *SriovIBNetwork) RenderNetAttDef() (*uns.Unstructured, error) { data.Data["LogLevelConfigured"] = false data.Data["LogFileConfigured"] = false - objs, err := render.RenderDir(ManifestsPath, &data) + objs, err := render.RenderDir(filepath.Join(ManifestsPath, "sriov"), &data) if err != nil { return nil, err } @@ -544,26 +750,9 @@ func (cr *SriovIBNetwork) RenderNetAttDef() (*uns.Unstructured, error) { return objs[0], nil } -// DeleteNetAttDef deletes the generated net-att-def CR -func (cr *SriovIBNetwork) DeleteNetAttDef(c client.Client) error { - // Fetch the NetworkAttachmentDefinition instance - instance := &netattdefv1.NetworkAttachmentDefinition{} - namespace := cr.GetNamespace() - if cr.Spec.NetworkNamespace != "" { - namespace = cr.Spec.NetworkNamespace - } - err := c.Get(context.TODO(), types.NamespacedName{Namespace: namespace, Name: cr.GetName()}, instance) - if err != nil { - if errors.IsNotFound(err) { - return nil - } - return err - } - err = c.Delete(context.TODO(), instance) - if err != nil { - return err - } - return nil +// NetworkNamespace returns target network namespace for the network +func (cr *SriovIBNetwork) NetworkNamespace() string { + return cr.Spec.NetworkNamespace } // RenderNetAttDef renders a net-att-def for sriov CNI @@ -652,7 +841,7 @@ func (cr *SriovNetwork) RenderNetAttDef() (*uns.Unstructured, error) { } if cr.Spec.IPAM != "" { - data.Data["SriovCniIpam"] = "\"ipam\":" + strings.Join(strings.Fields(cr.Spec.IPAM), "") + data.Data["SriovCniIpam"] = SriovCniIpam + ":" + strings.Join(strings.Fields(cr.Spec.IPAM), "") } else { data.Data["SriovCniIpam"] = SriovCniIpamEmpty } @@ -668,7 +857,7 @@ func (cr *SriovNetwork) RenderNetAttDef() (*uns.Unstructured, error) { data.Data["LogFileConfigured"] = (cr.Spec.LogFile != "") data.Data["LogFile"] = cr.Spec.LogFile - objs, err := render.RenderDir(ManifestsPath, &data) + objs, err := render.RenderDir(filepath.Join(ManifestsPath, "sriov"), &data) if err != nil { return nil, err } @@ -679,26 +868,71 @@ func (cr *SriovNetwork) RenderNetAttDef() (*uns.Unstructured, error) { return objs[0], nil } -// DeleteNetAttDef deletes the generated net-att-def CR -func (cr *SriovNetwork) DeleteNetAttDef(c client.Client) error { - // Fetch the NetworkAttachmentDefinition instance - instance := &netattdefv1.NetworkAttachmentDefinition{} - namespace := cr.GetNamespace() - if cr.Spec.NetworkNamespace != "" { - namespace = cr.Spec.NetworkNamespace +// NetworkNamespace returns target network namespace for the network +func (cr *SriovNetwork) NetworkNamespace() string { + return cr.Spec.NetworkNamespace +} + +// RenderNetAttDef renders a net-att-def for sriov CNI +func (cr *OVSNetwork) RenderNetAttDef() (*uns.Unstructured, error) { + logger := log.WithName("RenderNetAttDef") + logger.Info("Start to render OVS CNI NetworkAttachmentDefinition") + + // render RawCNIConfig manifests + data := render.MakeRenderData() + data.Data["CniType"] = "ovs" + data.Data["NetworkName"] = cr.Name + if cr.Spec.NetworkNamespace == "" { + data.Data["NetworkNamespace"] = cr.Namespace + } else { + data.Data["NetworkNamespace"] = cr.Spec.NetworkNamespace } - err := c.Get(context.TODO(), types.NamespacedName{Namespace: namespace, Name: cr.GetName()}, instance) - if err != nil { - if errors.IsNotFound(err) { - return nil - } - return err + data.Data["CniResourceName"] = os.Getenv("RESOURCE_PREFIX") + "/" + cr.Spec.ResourceName + + if cr.Spec.Capabilities == "" { + data.Data["CapabilitiesConfigured"] = false + } else { + data.Data["CapabilitiesConfigured"] = true + data.Data["CniCapabilities"] = cr.Spec.Capabilities + } + + data.Data["Bridge"] = cr.Spec.Bridge + data.Data["VlanTag"] = cr.Spec.Vlan + data.Data["MTU"] = cr.Spec.MTU + if len(cr.Spec.Trunk) > 0 { + trunkConfRaw, _ := json.Marshal(cr.Spec.Trunk) + data.Data["Trunk"] = string(trunkConfRaw) + } else { + data.Data["Trunk"] = "" + } + data.Data["InterfaceType"] = cr.Spec.InterfaceType + + if cr.Spec.IPAM != "" { + data.Data["CniIpam"] = SriovCniIpam + ":" + strings.Join(strings.Fields(cr.Spec.IPAM), "") + } else { + data.Data["CniIpam"] = SriovCniIpamEmpty + } + + data.Data["MetaPluginsConfigured"] = false + if cr.Spec.MetaPluginsConfig != "" { + data.Data["MetaPluginsConfigured"] = true + data.Data["MetaPlugins"] = cr.Spec.MetaPluginsConfig } - err = c.Delete(context.TODO(), instance) + + objs, err := render.RenderDir(filepath.Join(ManifestsPath, "ovs"), &data) if err != nil { - return err + return nil, err } - return nil + for _, obj := range objs { + raw, _ := json.Marshal(obj) + logger.Info("render NetworkAttachmentDefinition output", "raw", string(raw)) + } + return objs[0], nil +} + +// NetworkNamespace returns target network namespace for the network +func (cr *OVSNetwork) NetworkNamespace() string { + return cr.Spec.NetworkNamespace } // NetFilterMatch -- parse netFilter and check for a match @@ -723,3 +957,50 @@ func NetFilterMatch(netFilter string, netValue string) (isMatch bool) { return netFilterResult[0][1] == netValueResult[0][1] && netFilterResult[0][2] == netValueResult[0][2] } + +// MaxUnavailable calculate the max number of unavailable nodes to represent the number of nodes +// we can drain in parallel +func (s *SriovNetworkPoolConfig) MaxUnavailable(numOfNodes int) (int, error) { + // this means we want to drain all the nodes in parallel + if s.Spec.MaxUnavailable == nil { + return -1, nil + } + intOrPercent := *s.Spec.MaxUnavailable + + if intOrPercent.Type == intstrutil.String { + if strings.HasSuffix(intOrPercent.StrVal, "%") { + i := strings.TrimSuffix(intOrPercent.StrVal, "%") + v, err := strconv.Atoi(i) + if err != nil { + return 0, fmt.Errorf("invalid value %q: %v", intOrPercent.StrVal, err) + } + if v > 100 || v < 1 { + return 0, fmt.Errorf("invalid value: percentage needs to be between 1 and 100") + } + } else { + return 0, fmt.Errorf("invalid type: strings needs to be a percentage") + } + } + + maxunavail, err := intstrutil.GetScaledValueFromIntOrPercent(&intOrPercent, numOfNodes, false) + if err != nil { + return 0, err + } + + if maxunavail < 0 { + return 0, fmt.Errorf("negative number is not allowed") + } + + return maxunavail, nil +} + +// GenerateBridgeName generate predictable name for the software bridge +// current format is: br-0000_00_03.0 +func GenerateBridgeName(iface *InterfaceExt) string { + return fmt.Sprintf("br-%s", strings.ReplaceAll(iface.PciAddress, ":", "_")) +} + +// NeedToUpdateBridges returns true if bridge for the host requires update +func NeedToUpdateBridges(bridgeSpec, bridgeStatus *Bridges) bool { + return !reflect.DeepEqual(bridgeSpec, bridgeStatus) +} diff --git a/vendor/github.com/k8snetworkplumbingwg/sriov-network-operator/api/v1/ovsnetwork_types.go b/vendor/github.com/k8snetworkplumbingwg/sriov-network-operator/api/v1/ovsnetwork_types.go new file mode 100644 index 0000000000..05b69bf7f6 --- /dev/null +++ b/vendor/github.com/k8snetworkplumbingwg/sriov-network-operator/api/v1/ovsnetwork_types.go @@ -0,0 +1,91 @@ +/* +Copyright 2024. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package v1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +// OVSNetworkSpec defines the desired state of OVSNetwork +type OVSNetworkSpec struct { + // Namespace of the NetworkAttachmentDefinition custom resource + NetworkNamespace string `json:"networkNamespace,omitempty"` + // OVS Network device plugin endpoint resource name + ResourceName string `json:"resourceName"` + // Capabilities to be configured for this network. + // Capabilities supported: (mac|ips), e.g. '{"mac": true}' + Capabilities string `json:"capabilities,omitempty"` + // IPAM configuration to be used for this network. + IPAM string `json:"ipam,omitempty"` + // MetaPluginsConfig configuration to be used in order to chain metaplugins + MetaPluginsConfig string `json:"metaPlugins,omitempty"` + // name of the OVS bridge, if not set OVS will automatically select bridge + // based on VF PCI address + Bridge string `json:"bridge,omitempty"` + // +kubebuilder:validation:Minimum=0 + // +kubebuilder:validation:Maximum=4095 + // Vlan to assign for the OVS port + Vlan uint `json:"vlan,omitempty"` + // Mtu for the OVS port + MTU uint `json:"mtu,omitempty"` + // Trunk configuration for the OVS port + Trunk []*TrunkConfig `json:"trunk,omitempty"` + // The type of interface on ovs. + InterfaceType string `json:"interfaceType,omitempty"` +} + +// TrunkConfig contains configuration for bridge trunk +type TrunkConfig struct { + // +kubebuilder:validation:Minimum=0 + // +kubebuilder:validation:Maximum=4095 + MinID *uint `json:"minID,omitempty"` + // +kubebuilder:validation:Minimum=0 + // +kubebuilder:validation:Maximum=4095 + MaxID *uint `json:"maxID,omitempty"` + // +kubebuilder:validation:Minimum=0 + // +kubebuilder:validation:Maximum=4095 + ID *uint `json:"id,omitempty"` +} + +// OVSNetworkStatus defines the observed state of OVSNetwork +type OVSNetworkStatus struct { +} + +//+kubebuilder:object:root=true +//+kubebuilder:subresource:status + +// OVSNetwork is the Schema for the ovsnetworks API +type OVSNetwork struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + Spec OVSNetworkSpec `json:"spec,omitempty"` + Status OVSNetworkStatus `json:"status,omitempty"` +} + +//+kubebuilder:object:root=true + +// OVSNetworkList contains a list of OVSNetwork +type OVSNetworkList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + Items []OVSNetwork `json:"items"` +} + +func init() { + SchemeBuilder.Register(&OVSNetwork{}, &OVSNetworkList{}) +} diff --git a/vendor/github.com/k8snetworkplumbingwg/sriov-network-operator/api/v1/sriovnetworknodepolicy_types.go b/vendor/github.com/k8snetworkplumbingwg/sriov-network-operator/api/v1/sriovnetworknodepolicy_types.go index 15503feb42..40c53e0bf5 100644 --- a/vendor/github.com/k8snetworkplumbingwg/sriov-network-operator/api/v1/sriovnetworknodepolicy_types.go +++ b/vendor/github.com/k8snetworkplumbingwg/sriov-network-operator/api/v1/sriovnetworknodepolicy_types.go @@ -42,6 +42,7 @@ type SriovNetworkNodePolicySpec struct { // NicSelector selects the NICs to be configured NicSelector SriovNetworkNicSelector `json:"nicSelector"` // +kubebuilder:validation:Enum=netdevice;vfio-pci + // +kubebuilder:default=netdevice // The driver type for configured VFs. Allowed value "netdevice", "vfio-pci". Defaults to netdevice. DeviceType string `json:"deviceType,omitempty"` // RDMA mode. Defaults to false. @@ -61,6 +62,9 @@ type SriovNetworkNodePolicySpec struct { ExcludeTopology bool `json:"excludeTopology,omitempty"` // don't create the virtual function only allocated them to the device plugin. Defaults to false. ExternallyManaged bool `json:"externallyManaged,omitempty"` + // contains bridge configuration for matching PFs, + // valid only for eSwitchMode==switchdev + Bridge Bridge `json:"bridge,omitempty"` } type SriovNetworkNicSelector struct { @@ -76,6 +80,53 @@ type SriovNetworkNicSelector struct { NetFilter string `json:"netFilter,omitempty"` } +// contains spec for the bridge +type Bridge struct { + // contains configuration for the OVS bridge, + OVS *OVSConfig `json:"ovs,omitempty"` +} + +// IsEmpty return empty if the struct doesn't contain configuration +func (b *Bridge) IsEmpty() bool { + return b.OVS == nil +} + +// OVSConfig optional configuration for OVS bridge and uplink Interface +type OVSConfig struct { + // contains bridge level settings + Bridge OVSBridgeConfig `json:"bridge,omitempty"` + // contains settings for uplink (PF) + Uplink OVSUplinkConfig `json:"uplink,omitempty"` +} + +// OVSBridgeConfig contains some options from the Bridge table in OVSDB +type OVSBridgeConfig struct { + // configure datapath_type field in the Bridge table in OVSDB + DatapathType string `json:"datapathType,omitempty"` + // IDs to inject to external_ids field in the Bridge table in OVSDB + ExternalIDs map[string]string `json:"externalIDs,omitempty"` + // additional options to inject to other_config field in the bridge table in OVSDB + OtherConfig map[string]string `json:"otherConfig,omitempty"` +} + +// OVSUplinkConfig contains PF interface configuration for the bridge +type OVSUplinkConfig struct { + // contains settings for PF interface in the OVS bridge + Interface OVSInterfaceConfig `json:"interface,omitempty"` +} + +// OVSInterfaceConfig contains some options from the Interface table of the OVSDB for PF +type OVSInterfaceConfig struct { + // type field in the Interface table in OVSDB + Type string `json:"type,omitempty"` + // options field in the Interface table in OVSDB + Options map[string]string `json:"options,omitempty"` + // external_ids field in the Interface table in OVSDB + ExternalIDs map[string]string `json:"externalIDs,omitempty"` + // other_config field in the Interface table in OVSDB + OtherConfig map[string]string `json:"otherConfig,omitempty"` +} + // SriovNetworkNodePolicyStatus defines the observed state of SriovNetworkNodePolicy type SriovNetworkNodePolicyStatus struct { // INSERT ADDITIONAL STATUS FIELD - define observed state of cluster diff --git a/vendor/github.com/k8snetworkplumbingwg/sriov-network-operator/api/v1/sriovnetworknodestate_types.go b/vendor/github.com/k8snetworkplumbingwg/sriov-network-operator/api/v1/sriovnetworknodestate_types.go index a653b391fb..4b90d61d20 100644 --- a/vendor/github.com/k8snetworkplumbingwg/sriov-network-operator/api/v1/sriovnetworknodestate_types.go +++ b/vendor/github.com/k8snetworkplumbingwg/sriov-network-operator/api/v1/sriovnetworknodestate_types.go @@ -25,8 +25,8 @@ import ( // SriovNetworkNodeStateSpec defines the desired state of SriovNetworkNodeState type SriovNetworkNodeStateSpec struct { - DpConfigVersion string `json:"dpConfigVersion,omitempty"` - Interfaces Interfaces `json:"interfaces,omitempty"` + Interfaces Interfaces `json:"interfaces,omitempty"` + Bridges Bridges `json:"bridges,omitempty"` } type Interfaces []Interface @@ -64,6 +64,7 @@ type InterfaceExt struct { NumVfs int `json:"numVfs,omitempty"` LinkSpeed string `json:"linkSpeed,omitempty"` LinkType string `json:"linkType,omitempty"` + LinkAdminState string `json:"linkAdminState,omitempty"` EswitchMode string `json:"eSwitchMode,omitempty"` ExternallyManaged bool `json:"externallyManaged,omitempty"` TotalVfs int `json:"totalvfs,omitempty"` @@ -72,21 +73,51 @@ type InterfaceExt struct { type InterfaceExts []InterfaceExt type VirtualFunction struct { - Name string `json:"name,omitempty"` - Mac string `json:"mac,omitempty"` - Assigned string `json:"assigned,omitempty"` - Driver string `json:"driver,omitempty"` + Name string `json:"name,omitempty"` + Mac string `json:"mac,omitempty"` + Assigned string `json:"assigned,omitempty"` + Driver string `json:"driver,omitempty"` + PciAddress string `json:"pciAddress"` + Vendor string `json:"vendor,omitempty"` + DeviceID string `json:"deviceID,omitempty"` + Vlan int `json:"Vlan,omitempty"` + Mtu int `json:"mtu,omitempty"` + VfID int `json:"vfID"` + VdpaType string `json:"vdpaType,omitempty"` + RepresentorName string `json:"representorName,omitempty"` + GUID string `json:"guid,omitempty"` +} + +// Bridges contains list of bridges +type Bridges struct { + OVS []OVSConfigExt `json:"ovs,omitempty"` +} + +// OVSConfigExt contains configuration for the concrete OVS bridge +type OVSConfigExt struct { + // name of the bridge + Name string `json:"name"` + // bridge-level configuration for the bridge + Bridge OVSBridgeConfig `json:"bridge,omitempty"` + // uplink-level bridge configuration for each uplink(PF). + // currently must contain only one element + Uplinks []OVSUplinkConfigExt `json:"uplinks,omitempty"` +} + +// OVSUplinkConfigExt contains configuration for the concrete OVS uplink(PF) +type OVSUplinkConfigExt struct { + // pci address of the PF PciAddress string `json:"pciAddress"` - Vendor string `json:"vendor,omitempty"` - DeviceID string `json:"deviceID,omitempty"` - Vlan int `json:"Vlan,omitempty"` - Mtu int `json:"mtu,omitempty"` - VfID int `json:"vfID"` + // name of the PF interface + Name string `json:"name,omitempty"` + // configuration from the Interface OVS table for the PF + Interface OVSInterfaceConfig `json:"interface,omitempty"` } // SriovNetworkNodeStateStatus defines the observed state of SriovNetworkNodeState type SriovNetworkNodeStateStatus struct { Interfaces InterfaceExts `json:"interfaces,omitempty"` + Bridges Bridges `json:"bridges,omitempty"` SyncStatus string `json:"syncStatus,omitempty"` LastSyncError string `json:"lastSyncError,omitempty"` } @@ -94,6 +125,8 @@ type SriovNetworkNodeStateStatus struct { //+kubebuilder:object:root=true //+kubebuilder:subresource:status //+kubebuilder:printcolumn:name="Sync Status",type=string,JSONPath=`.status.syncStatus` +//+kubebuilder:printcolumn:name="Desired Sync State",type=string,JSONPath=`.metadata.annotations.sriovnetwork\.openshift\.io/desired-state` +//+kubebuilder:printcolumn:name="Current Sync State",type=string,JSONPath=`.metadata.annotations.sriovnetwork\.openshift\.io/current-state` //+kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp" // SriovNetworkNodeState is the Schema for the sriovnetworknodestates API diff --git a/vendor/github.com/k8snetworkplumbingwg/sriov-network-operator/api/v1/sriovnetworkpoolconfig_types.go b/vendor/github.com/k8snetworkplumbingwg/sriov-network-operator/api/v1/sriovnetworkpoolconfig_types.go index c794733331..c6e710a99b 100644 --- a/vendor/github.com/k8snetworkplumbingwg/sriov-network-operator/api/v1/sriovnetworkpoolconfig_types.go +++ b/vendor/github.com/k8snetworkplumbingwg/sriov-network-operator/api/v1/sriovnetworkpoolconfig_types.go @@ -2,12 +2,25 @@ package v1 import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/util/intstr" ) // SriovNetworkPoolConfigSpec defines the desired state of SriovNetworkPoolConfig type SriovNetworkPoolConfigSpec struct { // OvsHardwareOffloadConfig describes the OVS HWOL configuration for selected Nodes OvsHardwareOffloadConfig OvsHardwareOffloadConfig `json:"ovsHardwareOffloadConfig,omitempty"` + + // nodeSelector specifies a label selector for Nodes + NodeSelector *metav1.LabelSelector `json:"nodeSelector,omitempty"` + + // maxUnavailable defines either an integer number or percentage + // of nodes in the pool that can go Unavailable during an update. + // + // A value larger than 1 will mean multiple nodes going unavailable during + // the update, which may affect your workload stress on the remaining nodes. + // Drain will respect Pod Disruption Budgets (PDBs) such as etcd quorum guards, + // even if maxUnavailable is greater than one. + MaxUnavailable *intstr.IntOrString `json:"maxUnavailable,omitempty"` } type OvsHardwareOffloadConfig struct { diff --git a/vendor/github.com/k8snetworkplumbingwg/sriov-network-operator/api/v1/sriovoperatorconfig_types.go b/vendor/github.com/k8snetworkplumbingwg/sriov-network-operator/api/v1/sriovoperatorconfig_types.go index e1875140fd..5e2e011f8c 100644 --- a/vendor/github.com/k8snetworkplumbingwg/sriov-network-operator/api/v1/sriovoperatorconfig_types.go +++ b/vendor/github.com/k8snetworkplumbingwg/sriov-network-operator/api/v1/sriovoperatorconfig_types.go @@ -23,14 +23,30 @@ import ( // EDIT THIS FILE! THIS IS SCAFFOLDING FOR YOU TO OWN! // NOTE: json tags are required. Any new fields you add must have json tags for the fields to be serialized. +// PluginNameValue defines the plugin name +// +kubebuilder:validation:Enum=mellanox +type PluginNameValue string + +// PluginNameSlice defines a slice of PluginNameValue +type PluginNameSlice []PluginNameValue + +// ToStringSlice converts PluginNameSlice to string slice +func (pns PluginNameSlice) ToStringSlice() []string { + ss := make([]string, 0, len(pns)) + for _, v := range pns { + ss = append(ss, string(v)) + } + return ss +} + // SriovOperatorConfigSpec defines the desired state of SriovOperatorConfig type SriovOperatorConfigSpec struct { // NodeSelector selects the nodes to be configured ConfigDaemonNodeSelector map[string]string `json:"configDaemonNodeSelector,omitempty"` // Flag to control whether the network resource injector webhook shall be deployed - EnableInjector *bool `json:"enableInjector,omitempty"` + EnableInjector bool `json:"enableInjector,omitempty"` // Flag to control whether the operator admission controller webhook shall be deployed - EnableOperatorWebhook *bool `json:"enableOperatorWebhook,omitempty"` + EnableOperatorWebhook bool `json:"enableOperatorWebhook,omitempty"` // Flag to control the log verbose level of the operator. Set to '0' to show only the basic logs. And set to '2' to show all the available logs. // +kubebuilder:validation:Minimum=0 // +kubebuilder:validation:Maximum=2 @@ -45,6 +61,10 @@ type SriovOperatorConfigSpec struct { ConfigurationMode ConfigurationModeType `json:"configurationMode,omitempty"` // Flag to enable Container Device Interface mode for SR-IOV Network Device Plugin UseCDI bool `json:"useCDI,omitempty"` + // DisablePlugins is a list of sriov-network-config-daemon plugins to disable + DisablePlugins PluginNameSlice `json:"disablePlugins,omitempty"` + // FeatureGates to enable experimental features + FeatureGates map[string]bool `json:"featureGates,omitempty"` } // SriovOperatorConfigStatus defines the observed state of SriovOperatorConfig diff --git a/vendor/github.com/k8snetworkplumbingwg/sriov-network-operator/api/v1/zz_generated.deepcopy.go b/vendor/github.com/k8snetworkplumbingwg/sriov-network-operator/api/v1/zz_generated.deepcopy.go index f01d358dda..fc94775939 100644 --- a/vendor/github.com/k8snetworkplumbingwg/sriov-network-operator/api/v1/zz_generated.deepcopy.go +++ b/vendor/github.com/k8snetworkplumbingwg/sriov-network-operator/api/v1/zz_generated.deepcopy.go @@ -1,5 +1,4 @@ //go:build !ignore_autogenerated -// +build !ignore_autogenerated /* Copyright 2021. @@ -22,9 +21,53 @@ limitations under the License. package v1 import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/util/intstr" ) +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Bridge) DeepCopyInto(out *Bridge) { + *out = *in + if in.OVS != nil { + in, out := &in.OVS, &out.OVS + *out = new(OVSConfig) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Bridge. +func (in *Bridge) DeepCopy() *Bridge { + if in == nil { + return nil + } + out := new(Bridge) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Bridges) DeepCopyInto(out *Bridges) { + *out = *in + if in.OVS != nil { + in, out := &in.OVS, &out.OVS + *out = make([]OVSConfigExt, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Bridges. +func (in *Bridges) DeepCopy() *Bridges { + if in == nil { + return nil + } + out := new(Bridges) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in ByPriority) DeepCopyInto(out *ByPriority) { { @@ -128,6 +171,243 @@ func (in Interfaces) DeepCopy() Interfaces { return *out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OVSBridgeConfig) DeepCopyInto(out *OVSBridgeConfig) { + *out = *in + if in.ExternalIDs != nil { + in, out := &in.ExternalIDs, &out.ExternalIDs + *out = make(map[string]string, len(*in)) + for key, val := range *in { + (*out)[key] = val + } + } + if in.OtherConfig != nil { + in, out := &in.OtherConfig, &out.OtherConfig + *out = make(map[string]string, len(*in)) + for key, val := range *in { + (*out)[key] = val + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OVSBridgeConfig. +func (in *OVSBridgeConfig) DeepCopy() *OVSBridgeConfig { + if in == nil { + return nil + } + out := new(OVSBridgeConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OVSConfig) DeepCopyInto(out *OVSConfig) { + *out = *in + in.Bridge.DeepCopyInto(&out.Bridge) + in.Uplink.DeepCopyInto(&out.Uplink) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OVSConfig. +func (in *OVSConfig) DeepCopy() *OVSConfig { + if in == nil { + return nil + } + out := new(OVSConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OVSConfigExt) DeepCopyInto(out *OVSConfigExt) { + *out = *in + in.Bridge.DeepCopyInto(&out.Bridge) + if in.Uplinks != nil { + in, out := &in.Uplinks, &out.Uplinks + *out = make([]OVSUplinkConfigExt, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OVSConfigExt. +func (in *OVSConfigExt) DeepCopy() *OVSConfigExt { + if in == nil { + return nil + } + out := new(OVSConfigExt) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OVSInterfaceConfig) DeepCopyInto(out *OVSInterfaceConfig) { + *out = *in + if in.Options != nil { + in, out := &in.Options, &out.Options + *out = make(map[string]string, len(*in)) + for key, val := range *in { + (*out)[key] = val + } + } + if in.ExternalIDs != nil { + in, out := &in.ExternalIDs, &out.ExternalIDs + *out = make(map[string]string, len(*in)) + for key, val := range *in { + (*out)[key] = val + } + } + if in.OtherConfig != nil { + in, out := &in.OtherConfig, &out.OtherConfig + *out = make(map[string]string, len(*in)) + for key, val := range *in { + (*out)[key] = val + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OVSInterfaceConfig. +func (in *OVSInterfaceConfig) DeepCopy() *OVSInterfaceConfig { + if in == nil { + return nil + } + out := new(OVSInterfaceConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OVSNetwork) DeepCopyInto(out *OVSNetwork) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + out.Status = in.Status +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OVSNetwork. +func (in *OVSNetwork) DeepCopy() *OVSNetwork { + if in == nil { + return nil + } + out := new(OVSNetwork) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *OVSNetwork) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OVSNetworkList) DeepCopyInto(out *OVSNetworkList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]OVSNetwork, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OVSNetworkList. +func (in *OVSNetworkList) DeepCopy() *OVSNetworkList { + if in == nil { + return nil + } + out := new(OVSNetworkList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *OVSNetworkList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OVSNetworkSpec) DeepCopyInto(out *OVSNetworkSpec) { + *out = *in + if in.Trunk != nil { + in, out := &in.Trunk, &out.Trunk + *out = make([]*TrunkConfig, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(TrunkConfig) + (*in).DeepCopyInto(*out) + } + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OVSNetworkSpec. +func (in *OVSNetworkSpec) DeepCopy() *OVSNetworkSpec { + if in == nil { + return nil + } + out := new(OVSNetworkSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OVSNetworkStatus) DeepCopyInto(out *OVSNetworkStatus) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OVSNetworkStatus. +func (in *OVSNetworkStatus) DeepCopy() *OVSNetworkStatus { + if in == nil { + return nil + } + out := new(OVSNetworkStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OVSUplinkConfig) DeepCopyInto(out *OVSUplinkConfig) { + *out = *in + in.Interface.DeepCopyInto(&out.Interface) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OVSUplinkConfig. +func (in *OVSUplinkConfig) DeepCopy() *OVSUplinkConfig { + if in == nil { + return nil + } + out := new(OVSUplinkConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OVSUplinkConfigExt) DeepCopyInto(out *OVSUplinkConfigExt) { + *out = *in + in.Interface.DeepCopyInto(&out.Interface) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OVSUplinkConfigExt. +func (in *OVSUplinkConfigExt) DeepCopy() *OVSUplinkConfigExt { + if in == nil { + return nil + } + out := new(OVSUplinkConfigExt) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *OvsHardwareOffloadConfig) DeepCopyInto(out *OvsHardwareOffloadConfig) { *out = *in @@ -143,6 +423,25 @@ func (in *OvsHardwareOffloadConfig) DeepCopy() *OvsHardwareOffloadConfig { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in PluginNameSlice) DeepCopyInto(out *PluginNameSlice) { + { + in := &in + *out = make(PluginNameSlice, len(*in)) + copy(*out, *in) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PluginNameSlice. +func (in PluginNameSlice) DeepCopy() PluginNameSlice { + if in == nil { + return nil + } + out := new(PluginNameSlice) + in.DeepCopyInto(out) + return *out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *SriovIBNetwork) DeepCopyInto(out *SriovIBNetwork) { *out = *in @@ -386,6 +685,7 @@ func (in *SriovNetworkNodePolicySpec) DeepCopyInto(out *SriovNetworkNodePolicySp } } in.NicSelector.DeepCopyInto(&out.NicSelector) + in.Bridge.DeepCopyInto(&out.Bridge) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SriovNetworkNodePolicySpec. @@ -482,6 +782,7 @@ func (in *SriovNetworkNodeStateSpec) DeepCopyInto(out *SriovNetworkNodeStateSpec (*in)[i].DeepCopyInto(&(*out)[i]) } } + in.Bridges.DeepCopyInto(&out.Bridges) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SriovNetworkNodeStateSpec. @@ -504,6 +805,7 @@ func (in *SriovNetworkNodeStateStatus) DeepCopyInto(out *SriovNetworkNodeStateSt (*in)[i].DeepCopyInto(&(*out)[i]) } } + in.Bridges.DeepCopyInto(&out.Bridges) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SriovNetworkNodeStateStatus. @@ -521,7 +823,7 @@ func (in *SriovNetworkPoolConfig) DeepCopyInto(out *SriovNetworkPoolConfig) { *out = *in out.TypeMeta = in.TypeMeta in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - out.Spec = in.Spec + in.Spec.DeepCopyInto(&out.Spec) out.Status = in.Status } @@ -579,6 +881,16 @@ func (in *SriovNetworkPoolConfigList) DeepCopyObject() runtime.Object { func (in *SriovNetworkPoolConfigSpec) DeepCopyInto(out *SriovNetworkPoolConfigSpec) { *out = *in out.OvsHardwareOffloadConfig = in.OvsHardwareOffloadConfig + if in.NodeSelector != nil { + in, out := &in.NodeSelector, &out.NodeSelector + *out = new(metav1.LabelSelector) + (*in).DeepCopyInto(*out) + } + if in.MaxUnavailable != nil { + in, out := &in.MaxUnavailable, &out.MaxUnavailable + *out = new(intstr.IntOrString) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SriovNetworkPoolConfigSpec. @@ -715,15 +1027,17 @@ func (in *SriovOperatorConfigSpec) DeepCopyInto(out *SriovOperatorConfigSpec) { (*out)[key] = val } } - if in.EnableInjector != nil { - in, out := &in.EnableInjector, &out.EnableInjector - *out = new(bool) - **out = **in + if in.DisablePlugins != nil { + in, out := &in.DisablePlugins, &out.DisablePlugins + *out = make(PluginNameSlice, len(*in)) + copy(*out, *in) } - if in.EnableOperatorWebhook != nil { - in, out := &in.EnableOperatorWebhook, &out.EnableOperatorWebhook - *out = new(bool) - **out = **in + if in.FeatureGates != nil { + in, out := &in.FeatureGates, &out.FeatureGates + *out = make(map[string]bool, len(*in)) + for key, val := range *in { + (*out)[key] = val + } } } @@ -752,6 +1066,36 @@ func (in *SriovOperatorConfigStatus) DeepCopy() *SriovOperatorConfigStatus { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TrunkConfig) DeepCopyInto(out *TrunkConfig) { + *out = *in + if in.MinID != nil { + in, out := &in.MinID, &out.MinID + *out = new(uint) + **out = **in + } + if in.MaxID != nil { + in, out := &in.MaxID, &out.MaxID + *out = new(uint) + **out = **in + } + if in.ID != nil { + in, out := &in.ID, &out.ID + *out = new(uint) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TrunkConfig. +func (in *TrunkConfig) DeepCopy() *TrunkConfig { + if in == nil { + return nil + } + out := new(TrunkConfig) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *VfGroup) DeepCopyInto(out *VfGroup) { *out = *in diff --git a/vendor/github.com/k8snetworkplumbingwg/sriov-network-operator/pkg/consts/constants.go b/vendor/github.com/k8snetworkplumbingwg/sriov-network-operator/pkg/consts/constants.go new file mode 100644 index 0000000000..f3c0761112 --- /dev/null +++ b/vendor/github.com/k8snetworkplumbingwg/sriov-network-operator/pkg/consts/constants.go @@ -0,0 +1,165 @@ +package consts + +import ( + "fmt" + "time" +) + +type DrainState string + +// PlatformTypes +type PlatformTypes int + +const ( + Chroot = "/host" + Host = "/host" + + ResyncPeriod = 5 * time.Minute + DefaultConfigName = "default" + ConfigDaemonPath = "./bindata/manifests/daemon" + InjectorWebHookPath = "./bindata/manifests/webhook" + OperatorWebHookPath = "./bindata/manifests/operator-webhook" + MetricsExporterPath = "./bindata/manifests/metrics-exporter" + SystemdServiceOcpPath = "./bindata/manifests/sriov-config-service/openshift" + SystemdServiceOcpMachineConfigName = "sriov-config-service" + ServiceCAConfigMapAnnotation = "service.beta.openshift.io/inject-cabundle" + InjectorWebHookName = "network-resources-injector-config" + OperatorWebHookName = "sriov-operator-webhook-config" + DeprecatedOperatorWebHookName = "operator-webhook-config" + PluginPath = "./bindata/manifests/plugins" + DaemonPath = "./bindata/manifests/daemon" + DefaultPolicyName = "default" + ConfigMapName = "device-plugin-config" + DaemonSet = "DaemonSet" + Role = "Role" + RoleBinding = "RoleBinding" + ServiceAccount = "ServiceAccount" + DPConfigFileName = "config.json" + OVSHWOLMachineConfigNameSuffix = "ovs-hw-offload" + LeaderElectionID = "a56def2a.openshift.io" + + LinkTypeEthernet = "ether" + LinkTypeInfiniband = "infiniband" + + LinkTypeIB = "IB" + LinkTypeETH = "ETH" + + LinkAdminStateUp = "up" + LinkAdminStateDown = "down" + + UninitializedNodeGUID = "0000:0000:0000:0000" + + DeviceTypeVfioPci = "vfio-pci" + DeviceTypeNetDevice = "netdevice" + VdpaTypeVirtio = "virtio" + VdpaTypeVhost = "vhost" + + ClusterTypeOpenshift = "openshift" + ClusterTypeKubernetes = "kubernetes" + + SriovConfBasePath = "/etc/sriov-operator" + PfAppliedConfig = SriovConfBasePath + "/pci" + SriovSwitchDevConfPath = SriovConfBasePath + "/sriov_config.json" + SriovHostSwitchDevConfPath = Host + SriovSwitchDevConfPath + ManagedOVSBridgesPath = SriovConfBasePath + "/managed-ovs-bridges.json" + + MachineConfigPoolPausedAnnotation = "sriovnetwork.openshift.io/state" + MachineConfigPoolPausedAnnotationIdle = "Idle" + MachineConfigPoolPausedAnnotationPaused = "Paused" + + NodeDrainAnnotation = "sriovnetwork.openshift.io/state" + NodeStateDrainAnnotation = "sriovnetwork.openshift.io/desired-state" + NodeStateDrainAnnotationCurrent = "sriovnetwork.openshift.io/current-state" + DrainIdle = "Idle" + DrainRequired = "Drain_Required" + RebootRequired = "Reboot_Required" + Draining = "Draining" + DrainComplete = "DrainComplete" + + SyncStatusSucceeded = "Succeeded" + SyncStatusFailed = "Failed" + SyncStatusInProgress = "InProgress" + + DrainDeleted = "Deleted" + DrainEvicted = "Evicted" + + MCPPauseAnnotationState = "sriovnetwork.openshift.io/state" + MCPPauseAnnotationTime = "sriovnetwork.openshift.io/time" + + CheckpointFileName = "sno-initial-node-state.json" + Unknown = "Unknown" + + SysBus = "/sys/bus" + SysBusPciDevices = SysBus + "/pci/devices" + SysBusPciDrivers = SysBus + "/pci/drivers" + SysBusPciDriversProbe = SysBus + "/pci/drivers_probe" + SysClassNet = "/sys/class/net" + ProcKernelCmdLine = "/proc/cmdline" + NetClass = 0x02 + NumVfsFile = "sriov_numvfs" + BusPci = "pci" + BusVdpa = "vdpa" + + UdevFolder = "/etc/udev" + HostUdevFolder = Host + UdevFolder + UdevRulesFolder = UdevFolder + "/rules.d" + HostUdevRulesFolder = Host + UdevRulesFolder + UdevDisableNM = "/bindata/scripts/udev-find-sriov-pf.sh" + UdevRepName = "/bindata/scripts/switchdev-vf-link-name.sh" + // nolint:goconst + PFNameUdevRule = `SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", KERNELS=="%s", NAME="%s"` + // nolint:goconst + NMUdevRule = `SUBSYSTEM=="net", ` + + `ACTION=="add|change|move", ` + + `ATTRS{device}=="%s", ` + + `IMPORT{program}="/etc/udev/disable-nm-sriov.sh $env{INTERFACE} %s"` + // nolint:goconst + SwitchdevUdevRule = `SUBSYSTEM=="net", ` + + `ACTION=="add|move", ` + + `ATTRS{phys_switch_id}=="%s", ` + + `ATTR{phys_port_name}=="pf%svf*", ` + + `IMPORT{program}="/etc/udev/switchdev-vf-link-name.sh $attr{phys_port_name}", ` + + `NAME="%s_$env{NUMBER}"` + + KernelArgPciRealloc = "pci=realloc" + KernelArgIntelIommu = "intel_iommu=on" + KernelArgIommuPt = "iommu=pt" + + // Feature gates + // ParallelNicConfigFeatureGate: allow to configure nics in parallel + ParallelNicConfigFeatureGate = "parallelNicConfig" + + // ResourceInjectorMatchConditionFeatureGate: switch injector to fail policy and add mactch condition + // this will make the mutating webhook to be called only when a pod has 'k8s.v1.cni.cncf.io/networks' annotation + ResourceInjectorMatchConditionFeatureGate = "resourceInjectorMatchCondition" + + // MetricsExporterFeatureGate: enable SriovNetworkMetricsExporter on the same node as where the config-daemon run + MetricsExporterFeatureGate = "metricsExporter" + + // ManageSoftwareBridgesFeatureGate: enables management of software bridges by the operator + ManageSoftwareBridgesFeatureGate = "manageSoftwareBridges" + + // MellanoxFirmwareResetFeatureGate: enables the firmware reset via mstfwreset before a reboot + MellanoxFirmwareResetFeatureGate = "mellanoxFirmwareReset" + + // The path to the file on the host filesystem that contains the IB GUID distribution for IB VFs + InfinibandGUIDConfigFilePath = SriovConfBasePath + "/infiniband/guids" +) + +const ( + // Baremetal platform + Baremetal PlatformTypes = iota + // VirtualOpenStack platform + VirtualOpenStack +) + +func (e PlatformTypes) String() string { + switch e { + case Baremetal: + return "Baremetal" + case VirtualOpenStack: + return "Virtual/Openstack" + default: + return fmt.Sprintf("%d", int(e)) + } +} diff --git a/vendor/github.com/k8snetworkplumbingwg/sriov-network-operator/pkg/render/render.go b/vendor/github.com/k8snetworkplumbingwg/sriov-network-operator/pkg/render/render.go index 8763cc8f0f..aa26b018ba 100644 --- a/vendor/github.com/k8snetworkplumbingwg/sriov-network-operator/pkg/render/render.go +++ b/vendor/github.com/k8snetworkplumbingwg/sriov-network-operator/pkg/render/render.go @@ -36,9 +36,7 @@ type DeviceInfo struct { } const ( - filesDir = "files" - ovsUnitsDir = "ovs-units" - switchdevUnitsDir = "switchdev-units" + ovsUnitsDir = "ovs-units" ) func MakeRenderData() RenderData { @@ -159,26 +157,10 @@ func GenerateMachineConfig(path, name, mcRole string, ovsOffload bool, d *Render if !exists { return nil, errors.Errorf("%s is not a directory", path) } - files := map[string]string{} units := map[string]string{} - // if err := filterTemplates(files, path, d); err != nil { - // return nil, err - // } - - p := filepath.Join(path, filesDir) - exists, err = existsDir(p) - if err != nil { - return nil, err - } - if exists { - if err := filterTemplates(files, p, d); err != nil { - return nil, err - } - } - if ovsOffload { - p = filepath.Join(path, ovsUnitsDir) + p := filepath.Join(path, ovsUnitsDir) exists, err = existsDir(p) if err != nil { return nil, err @@ -189,18 +171,6 @@ func GenerateMachineConfig(path, name, mcRole string, ovsOffload bool, d *Render } } } - - p = filepath.Join(path, switchdevUnitsDir) - exists, err = existsDir(p) - if err != nil { - return nil, err - } - if exists { - if err := filterTemplates(units, p, d); err != nil { - return nil, err - } - } - // keySortVals returns a list of values, sorted by key // we need the lists of files and units to have a stable ordering for the checksum keySortVals := func(m map[string]string) []string { @@ -218,7 +188,7 @@ func GenerateMachineConfig(path, name, mcRole string, ovsOffload bool, d *Render return vs } - ignCfg, err := common.TranspileCoreOSConfigToIgn(keySortVals(files), keySortVals(units)) + ignCfg, err := common.TranspileCoreOSConfigToIgn(nil, keySortVals(units)) if err != nil { return nil, errors.Wrap(err, "error transpiling CoreOS config to Ignition config") } diff --git a/vendor/github.com/k8snetworkplumbingwg/sriov-network-operator/pkg/vars/vars.go b/vendor/github.com/k8snetworkplumbingwg/sriov-network-operator/pkg/vars/vars.go new file mode 100644 index 0000000000..fc7108ed80 --- /dev/null +++ b/vendor/github.com/k8snetworkplumbingwg/sriov-network-operator/pkg/vars/vars.go @@ -0,0 +1,98 @@ +package vars + +import ( + "os" + "regexp" + + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/client-go/rest" + + "github.com/k8snetworkplumbingwg/sriov-network-operator/pkg/consts" +) + +var ( + // Namespace contains k8s namespace + Namespace string + + // ClusterType used by the operator to specify the platform it's running on + // supported values [kubernetes,openshift] + ClusterType string + + // DevMode controls the developer mode in the operator + // developer mode allows the operator to use un-supported network devices + DevMode bool + + // NodeName initialize and used by the config-daemon to identify the node it's running on + NodeName = "" + + // Destdir destination directory for the checkPoint file on the host + Destdir string + + // PlatformType specify the current platform the operator is running on + PlatformType = consts.Baremetal + // PlatformsMap contains supported platforms for virtual VF + PlatformsMap = map[string]consts.PlatformTypes{ + "openstack": consts.VirtualOpenStack, + } + + // SupportedVfIds list of supported virtual functions IDs + // loaded on daemon initialization by reading the supported-nics configmap + SupportedVfIds []string + + // DpdkDrivers supported DPDK drivers for virtual functions + DpdkDrivers = []string{"igb_uio", "vfio-pci", "uio_pci_generic"} + + // InChroot global variable to mark that the config-daemon code is inside chroot on the host file system + InChroot = false + + // UsingSystemdMode global variable to mark the config-daemon is running on systemd mode + UsingSystemdMode = false + + // ParallelNicConfig global variable to perform NIC configuration in parallel + ParallelNicConfig = false + + // ManageSoftwareBridges global variable which reflects state of manageSoftwareBridges feature + ManageSoftwareBridges = false + + // MlxPluginFwReset global variable enables mstfwreset before rebooting a node on VF changes + MlxPluginFwReset = false + + // FilesystemRoot used by test to mock interactions with filesystem + FilesystemRoot = "" + + // OVSDBSocketPath path to OVSDB socket + OVSDBSocketPath = "unix:///var/run/openvswitch/db.sock" + + //Cluster variables + Config *rest.Config = nil + Scheme *runtime.Scheme = nil + + // PfPhysPortNameRe regex to find switchdev devices on the host + PfPhysPortNameRe = regexp.MustCompile(`p\d+`) + + // ResourcePrefix is the device plugin prefix we use to expose the devices to the nodes + ResourcePrefix = "" + + // DisableablePlugins contains which plugins can be disabled in sriov config daemon + DisableablePlugins = map[string]struct{}{"mellanox": {}} +) + +func init() { + Namespace = os.Getenv("NAMESPACE") + + ClusterType = os.Getenv("CLUSTER_TYPE") + + DevMode = false + mode := os.Getenv("DEV_MODE") + if mode == "TRUE" { + DevMode = true + } + + Destdir = "/host/tmp" + destdir := os.Getenv("DEST_DIR") + if destdir != "" { + Destdir = destdir + } + + ResourcePrefix = os.Getenv("RESOURCE_PREFIX") +} diff --git a/vendor/github.com/k8snetworkplumbingwg/sriov-network-operator/test/util/clean/clean.go b/vendor/github.com/k8snetworkplumbingwg/sriov-network-operator/test/util/clean/clean.go index 74e6b13d30..fbc1ae1c44 100644 --- a/vendor/github.com/k8snetworkplumbingwg/sriov-network-operator/test/util/clean/clean.go +++ b/vendor/github.com/k8snetworkplumbingwg/sriov-network-operator/test/util/clean/clean.go @@ -20,6 +20,10 @@ func All() error { operatorNamespace = "openshift-sriov-network-operator" } clients := client.New("") + if clients == nil { + return fmt.Errorf("failed to create ClientSet") + } + if RestoreNodeDrainState { err := cluster.SetDisableNodeDrainState(clients, operatorNamespace, false) if err != nil { diff --git a/vendor/github.com/k8snetworkplumbingwg/sriov-network-operator/test/util/client/clients.go b/vendor/github.com/k8snetworkplumbingwg/sriov-network-operator/test/util/client/clients.go index a96634c196..368b9d41bb 100644 --- a/vendor/github.com/k8snetworkplumbingwg/sriov-network-operator/test/util/client/clients.go +++ b/vendor/github.com/k8snetworkplumbingwg/sriov-network-operator/test/util/client/clients.go @@ -11,12 +11,15 @@ import ( discovery "k8s.io/client-go/discovery" clientgoscheme "k8s.io/client-go/kubernetes/scheme" appsv1client "k8s.io/client-go/kubernetes/typed/apps/v1" + coordinationv1 "k8s.io/client-go/kubernetes/typed/coordination/v1" corev1client "k8s.io/client-go/kubernetes/typed/core/v1" "k8s.io/client-go/rest" "k8s.io/client-go/tools/clientcmd" runtimeclient "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/controller-runtime/pkg/log" + monitoringv1 "github.com/prometheus-operator/prometheus-operator/pkg/client/versioned/typed/monitoring/v1" + sriovv1 "github.com/k8snetworkplumbingwg/sriov-network-operator/api/v1" clientsriovv1 "github.com/k8snetworkplumbingwg/sriov-network-operator/pkg/client/clientset/versioned/typed/sriovnetwork/v1" snolog "github.com/k8snetworkplumbingwg/sriov-network-operator/pkg/log" @@ -37,6 +40,8 @@ type ClientSet struct { clientsriovv1.SriovnetworkV1Interface Config *rest.Config runtimeclient.Client + coordinationv1.CoordinationV1Interface + monitoringv1.MonitoringV1Interface } // New returns a *ClientBuilder with the given kubeconfig. @@ -67,6 +72,8 @@ func New(kubeconfig string) *ClientSet { clientSet.AppsV1Interface = appsv1client.NewForConfigOrDie(config) clientSet.DiscoveryInterface = discovery.NewDiscoveryClientForConfigOrDie(config) clientSet.SriovnetworkV1Interface = clientsriovv1.NewForConfigOrDie(config) + clientSet.CoordinationV1Interface = coordinationv1.NewForConfigOrDie(config) + clientSet.MonitoringV1Interface = monitoringv1.NewForConfigOrDie(config) clientSet.Config = config crScheme := runtime.NewScheme() diff --git a/vendor/github.com/k8snetworkplumbingwg/sriov-network-operator/test/util/cluster/cluster.go b/vendor/github.com/k8snetworkplumbingwg/sriov-network-operator/test/util/cluster/cluster.go index fdf06bdf75..3669a4b6bc 100644 --- a/vendor/github.com/k8snetworkplumbingwg/sriov-network-operator/test/util/cluster/cluster.go +++ b/vendor/github.com/k8snetworkplumbingwg/sriov-network-operator/test/util/cluster/cluster.go @@ -2,6 +2,7 @@ package cluster import ( "context" + "errors" "fmt" "io" "os" @@ -17,6 +18,7 @@ import ( runtimeclient "sigs.k8s.io/controller-runtime/pkg/client" sriovv1 "github.com/k8snetworkplumbingwg/sriov-network-operator/api/v1" + "github.com/k8snetworkplumbingwg/sriov-network-operator/pkg/consts" testclient "github.com/k8snetworkplumbingwg/sriov-network-operator/test/util/client" "github.com/k8snetworkplumbingwg/sriov-network-operator/test/util/nodes" "github.com/k8snetworkplumbingwg/sriov-network-operator/test/util/pod" @@ -151,6 +153,33 @@ func (n *EnabledNodes) FindSriovDevices(node string) ([]*sriovv1.InterfaceExt, e return filteredDevices, nil } +// FindSriovDevicesAndNode retrieves the node with the most number of SRIOV devices after filtering by `SRIOV_NODE_AND_DEVICE_NAME_FILTER` environment variable. +func (n *EnabledNodes) FindSriovDevicesAndNode() (string, []*sriovv1.InterfaceExt, error) { + errs := []error{} + + retNode := "" + retDevices := []*sriovv1.InterfaceExt{} + + for _, node := range n.Nodes { + devices, err := n.FindSriovDevices(node) + if err != nil { + errs = append(errs, err) + continue + } + + if len(devices) > len(retDevices) { + retNode = node + retDevices = devices + } + } + + if len(retDevices) == 0 { + return "", nil, fmt.Errorf("can't find any SR-IOV devices in cluster's nodes: %w", errors.Join(errs...)) + } + + return retNode, retDevices, nil +} + // FindSriovDevicesIgnoreFilters retrieves all valid sriov devices for the given node. func (n *EnabledNodes) FindSriovDevicesIgnoreFilters(node string) ([]*sriovv1.InterfaceExt, error) { devices := []*sriovv1.InterfaceExt{} @@ -180,12 +209,35 @@ func (n *EnabledNodes) FindSriovDevicesIgnoreFilters(node string) ([]*sriovv1.In return devices, nil } +// FindOneSriovNodeAndDevice finds a cluster node with one SR-IOV devices respecting the `SRIOV_NODE_AND_DEVICE_NAME_FILTER` filter. +func (n *EnabledNodes) FindOneSriovNodeAndDevice() (string, *sriovv1.InterfaceExt, error) { + errs := []error{} + for _, node := range n.Nodes { + devices, err := n.FindSriovDevices(node) + if err != nil { + errs = append(errs, err) + continue + } + + if len(devices) > 0 { + return node, devices[0], nil + } + } + + return "", nil, fmt.Errorf("can't find any SR-IOV devices in cluster's nodes: %w", errors.Join(errs...)) +} + // FindOneVfioSriovDevice retrieves a node with a valid sriov device for vfio func (n *EnabledNodes) FindOneVfioSriovDevice() (string, sriovv1.InterfaceExt) { for _, node := range n.Nodes { - for _, nic := range n.States[node].Status.Interfaces { + devices, err := n.FindSriovDevices(node) + if err != nil { + return "", sriovv1.InterfaceExt{} + } + + for _, nic := range devices { if nic.Vendor == intelVendorID && sriovv1.IsSupportedModel(nic.Vendor, nic.DeviceID) && nic.TotalVfs != 0 { - return node, nic + return node, *nic } } } @@ -323,7 +375,7 @@ func GetNodeSecureBootState(clients *testclient.ClientSet, nodeName, namespace s podDefinition.Namespace = namespace volume := corev1.Volume{Name: "host", VolumeSource: corev1.VolumeSource{HostPath: &corev1.HostPathVolumeSource{Path: "/"}}} - mount := corev1.VolumeMount{Name: "host", MountPath: "/host"} + mount := corev1.VolumeMount{Name: "host", MountPath: consts.Host} podDefinition = pod.RedefineWithMount(podDefinition, volume, mount) created, err := clients.Pods(namespace).Create(context.Background(), podDefinition, metav1.CreateOptions{}) if err != nil { diff --git a/vendor/github.com/k8snetworkplumbingwg/sriov-network-operator/test/util/namespaces/namespaces.go b/vendor/github.com/k8snetworkplumbingwg/sriov-network-operator/test/util/namespaces/namespaces.go index 9e865b7d1f..5ed106398e 100644 --- a/vendor/github.com/k8snetworkplumbingwg/sriov-network-operator/test/util/namespaces/namespaces.go +++ b/vendor/github.com/k8snetworkplumbingwg/sriov-network-operator/test/util/namespaces/namespaces.go @@ -10,6 +10,7 @@ import ( k8serrors "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/util/wait" + corev1client "k8s.io/client-go/kubernetes/typed/core/v1" "k8s.io/utils/pointer" runtimeclient "sigs.k8s.io/controller-runtime/pkg/client" @@ -165,3 +166,27 @@ func Clean(operatorNamespace, namespace string, cs *testclient.ClientSet, discov } return nil } + +func AddLabel(cs corev1client.NamespacesGetter, ctx context.Context, namespaceName, key, value string) error { + ns, err := cs.Namespaces().Get(context.Background(), namespaceName, metav1.GetOptions{}) + if err != nil { + return fmt.Errorf("failed to get namespace [%s]: %v", namespaceName, err) + } + + if ns.Labels == nil { + ns.Labels = make(map[string]string) + } + + if ns.Labels[key] == value { + return nil + } + + ns.Labels[key] = value + + _, err = cs.Namespaces().Update(ctx, ns, metav1.UpdateOptions{}) + if err != nil { + return fmt.Errorf("failed to update namespace [%s] with label [%s: %s]: %v", namespaceName, key, value, err) + } + + return nil +} diff --git a/vendor/github.com/k8snetworkplumbingwg/sriov-network-operator/test/util/pod/pod.go b/vendor/github.com/k8snetworkplumbingwg/sriov-network-operator/test/util/pod/pod.go index 32a1549b9d..541eda1add 100644 --- a/vendor/github.com/k8snetworkplumbingwg/sriov-network-operator/test/util/pod/pod.go +++ b/vendor/github.com/k8snetworkplumbingwg/sriov-network-operator/test/util/pod/pod.go @@ -4,7 +4,6 @@ import ( "bytes" "context" "io" - "os" "strings" "time" @@ -29,7 +28,11 @@ func GetDefinition() *corev1.Pod { Spec: corev1.PodSpec{ TerminationGracePeriodSeconds: pointer.Int64Ptr(0), Containers: []corev1.Container{{Name: "test", - Image: images.Test(), + Image: images.Test(), + SecurityContext: &corev1.SecurityContext{ + Capabilities: &corev1.Capabilities{ + Add: []corev1.Capability{"NET_RAW"}, + }}, Command: []string{"/bin/bash", "-c", "sleep INF"}}}}} return podObject @@ -112,7 +115,6 @@ func ExecCommand(cs *testclient.ClientSet, pod *corev1.Pod, command ...string) ( VersionedParams(&corev1.PodExecOptions{ Container: pod.Spec.Containers[0].Name, Command: command, - Stdin: true, Stdout: true, Stderr: true, TTY: true, @@ -124,7 +126,6 @@ func ExecCommand(cs *testclient.ClientSet, pod *corev1.Pod, command ...string) ( } err = exec.Stream(remotecommand.StreamOptions{ - Stdin: os.Stdin, Stdout: &buf, Stderr: &errbuf, Tty: true, diff --git a/vendor/github.com/openshift/api/operator/v1/0000_50_ingress-operator_00-ingresscontroller.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_50_ingress-operator_00-ingresscontroller.crd.yaml index 7639bed094..4ff57e35a3 100644 --- a/vendor/github.com/openshift/api/operator/v1/0000_50_ingress-operator_00-ingresscontroller.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/0000_50_ingress-operator_00-ingresscontroller.crd.yaml @@ -296,8 +296,8 @@ spec: - message: set is required when type is Set, and forbidden otherwise rule: 'has(self.type) && self.type == ''Set'' ? has(self.set) : !has(self.set)' name: - description: 'name specifies the name of a header on which to perform an action. Its value must be a valid HTTP header name as defined in RFC 2616 section 4.2. The name must consist only of alphanumeric and the following special characters, "-!#$%&''*+.^_`". The following header names are reserved and may not be modified via this API: Strict-Transport-Security, Proxy, Host, Cookie, Set-Cookie. It must be no more than 1024 characters in length. Header name must be unique.' - maxLength: 1024 + description: 'name specifies the name of a header on which to perform an action. Its value must be a valid HTTP header name as defined in RFC 2616 section 4.2. The name must consist only of alphanumeric and the following special characters, "-!#$%&''*+.^_`". The following header names are reserved and may not be modified via this API: Strict-Transport-Security, Proxy, Host, Cookie, Set-Cookie. It must be no more than 255 characters in length. Header name must be unique.' + maxLength: 255 minLength: 1 pattern: ^[-!#$%&'*+.0-9A-Z^_`a-z|~]+$ type: string @@ -356,8 +356,8 @@ spec: - message: set is required when type is Set, and forbidden otherwise rule: 'has(self.type) && self.type == ''Set'' ? has(self.set) : !has(self.set)' name: - description: 'name specifies the name of a header on which to perform an action. Its value must be a valid HTTP header name as defined in RFC 2616 section 4.2. The name must consist only of alphanumeric and the following special characters, "-!#$%&''*+.^_`". The following header names are reserved and may not be modified via this API: Strict-Transport-Security, Proxy, Host, Cookie, Set-Cookie. It must be no more than 1024 characters in length. Header name must be unique.' - maxLength: 1024 + description: 'name specifies the name of a header on which to perform an action. Its value must be a valid HTTP header name as defined in RFC 2616 section 4.2. The name must consist only of alphanumeric and the following special characters, "-!#$%&''*+.^_`". The following header names are reserved and may not be modified via this API: Strict-Transport-Security, Proxy, Host, Cookie, Set-Cookie. It must be no more than 255 characters in length. Header name must be unique.' + maxLength: 255 minLength: 1 pattern: ^[-!#$%&'*+.0-9A-Z^_`a-z|~]+$ type: string diff --git a/vendor/github.com/openshift/api/operator/v1/types_ingress.go b/vendor/github.com/openshift/api/operator/v1/types_ingress.go index 120695d14b..3d9f512a93 100644 --- a/vendor/github.com/openshift/api/operator/v1/types_ingress.go +++ b/vendor/github.com/openshift/api/operator/v1/types_ingress.go @@ -1473,11 +1473,11 @@ type IngressControllerHTTPHeader struct { // The name must consist only of alphanumeric and the following special characters, "-!#$%&'*+.^_`". // The following header names are reserved and may not be modified via this API: // Strict-Transport-Security, Proxy, Host, Cookie, Set-Cookie. - // It must be no more than 1024 characters in length. + // It must be no more than 255 characters in length. // Header name must be unique. // +kubebuilder:validation:Required // +kubebuilder:validation:MinLength=1 - // +kubebuilder:validation:MaxLength=1024 + // +kubebuilder:validation:MaxLength=255 // +kubebuilder:validation:Pattern="^[-!#$%&'*+.0-9A-Z^_`a-z|~]+$" // +kubebuilder:validation:XValidation:rule="self.lowerAscii() != 'strict-transport-security'",message="strict-transport-security header may not be modified via header actions" // +kubebuilder:validation:XValidation:rule="self.lowerAscii() != 'proxy'",message="proxy header may not be modified via header actions" diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go index f3ebb503ea..d10bbd51f2 100644 --- a/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go @@ -852,7 +852,7 @@ func (IngressControllerCaptureHTTPHeaders) SwaggerDoc() map[string]string { var map_IngressControllerHTTPHeader = map[string]string{ "": "IngressControllerHTTPHeader specifies configuration for setting or deleting an HTTP header.", - "name": "name specifies the name of a header on which to perform an action. Its value must be a valid HTTP header name as defined in RFC 2616 section 4.2. The name must consist only of alphanumeric and the following special characters, \"-!#$%&'*+.^_`\". The following header names are reserved and may not be modified via this API: Strict-Transport-Security, Proxy, Host, Cookie, Set-Cookie. It must be no more than 1024 characters in length. Header name must be unique.", + "name": "name specifies the name of a header on which to perform an action. Its value must be a valid HTTP header name as defined in RFC 2616 section 4.2. The name must consist only of alphanumeric and the following special characters, \"-!#$%&'*+.^_`\". The following header names are reserved and may not be modified via this API: Strict-Transport-Security, Proxy, Host, Cookie, Set-Cookie. It must be no more than 255 characters in length. Header name must be unique.", "action": "action specifies actions to perform on headers, such as setting or deleting headers.", } diff --git a/vendor/github.com/openshift/api/route/v1/generated.proto b/vendor/github.com/openshift/api/route/v1/generated.proto index bec5208c57..d31fa5222e 100644 --- a/vendor/github.com/openshift/api/route/v1/generated.proto +++ b/vendor/github.com/openshift/api/route/v1/generated.proto @@ -72,11 +72,11 @@ message RouteHTTPHeader { // The name must consist only of alphanumeric and the following special characters, "-!#$%&'*+.^_`". // The following header names are reserved and may not be modified via this API: // Strict-Transport-Security, Proxy, Cookie, Set-Cookie. - // It must be no more than 1024 characters in length. + // It must be no more than 255 characters in length. // Header name must be unique. // +kubebuilder:validation:Required // +kubebuilder:validation:MinLength=1 - // +kubebuilder:validation:MaxLength=1024 + // +kubebuilder:validation:MaxLength=255 // +kubebuilder:validation:Pattern="^[-!#$%&'*+.0-9A-Z^_`a-z|~]+$" // +kubebuilder:validation:XValidation:rule="self.lowerAscii() != 'strict-transport-security'",message="strict-transport-security header may not be modified via header actions" // +kubebuilder:validation:XValidation:rule="self.lowerAscii() != 'proxy'",message="proxy header may not be modified via header actions" diff --git a/vendor/github.com/openshift/api/route/v1/route-CustomNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/route/v1/route-CustomNoUpgrade.crd.yaml index 5c0f9c75ab..13461f6669 100644 --- a/vendor/github.com/openshift/api/route/v1/route-CustomNoUpgrade.crd.yaml +++ b/vendor/github.com/openshift/api/route/v1/route-CustomNoUpgrade.crd.yaml @@ -128,9 +128,9 @@ spec: - rule: 'has(self.type) && self.type == ''Set'' ? has(self.set) : !has(self.set)' message: set is required when type is Set, and forbidden otherwise name: - description: 'name specifies the name of a header on which to perform an action. Its value must be a valid HTTP header name as defined in RFC 2616 section 4.2. The name must consist only of alphanumeric and the following special characters, "-!#$%&''*+.^_`". The following header names are reserved and may not be modified via this API: Strict-Transport-Security, Proxy, Cookie, Set-Cookie. It must be no more than 1024 characters in length. Header name must be unique.' + description: 'name specifies the name of a header on which to perform an action. Its value must be a valid HTTP header name as defined in RFC 2616 section 4.2. The name must consist only of alphanumeric and the following special characters, "-!#$%&''*+.^_`". The following header names are reserved and may not be modified via this API: Strict-Transport-Security, Proxy, Cookie, Set-Cookie. It must be no more than 255 characters in length. Header name must be unique.' type: string - maxLength: 1024 + maxLength: 255 minLength: 1 pattern: ^[-!#$%&'*+.0-9A-Z^_`a-z|~]+$ x-kubernetes-validations: @@ -186,9 +186,9 @@ spec: - rule: 'has(self.type) && self.type == ''Set'' ? has(self.set) : !has(self.set)' message: set is required when type is Set, and forbidden otherwise name: - description: 'name specifies the name of a header on which to perform an action. Its value must be a valid HTTP header name as defined in RFC 2616 section 4.2. The name must consist only of alphanumeric and the following special characters, "-!#$%&''*+.^_`". The following header names are reserved and may not be modified via this API: Strict-Transport-Security, Proxy, Cookie, Set-Cookie. It must be no more than 1024 characters in length. Header name must be unique.' + description: 'name specifies the name of a header on which to perform an action. Its value must be a valid HTTP header name as defined in RFC 2616 section 4.2. The name must consist only of alphanumeric and the following special characters, "-!#$%&''*+.^_`". The following header names are reserved and may not be modified via this API: Strict-Transport-Security, Proxy, Cookie, Set-Cookie. It must be no more than 255 characters in length. Header name must be unique.' type: string - maxLength: 1024 + maxLength: 255 minLength: 1 pattern: ^[-!#$%&'*+.0-9A-Z^_`a-z|~]+$ x-kubernetes-validations: diff --git a/vendor/github.com/openshift/api/route/v1/route-TechPreviewNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/route/v1/route-TechPreviewNoUpgrade.crd.yaml index cc7533fee4..87b617cac1 100644 --- a/vendor/github.com/openshift/api/route/v1/route-TechPreviewNoUpgrade.crd.yaml +++ b/vendor/github.com/openshift/api/route/v1/route-TechPreviewNoUpgrade.crd.yaml @@ -128,9 +128,9 @@ spec: - rule: 'has(self.type) && self.type == ''Set'' ? has(self.set) : !has(self.set)' message: set is required when type is Set, and forbidden otherwise name: - description: 'name specifies the name of a header on which to perform an action. Its value must be a valid HTTP header name as defined in RFC 2616 section 4.2. The name must consist only of alphanumeric and the following special characters, "-!#$%&''*+.^_`". The following header names are reserved and may not be modified via this API: Strict-Transport-Security, Proxy, Cookie, Set-Cookie. It must be no more than 1024 characters in length. Header name must be unique.' + description: 'name specifies the name of a header on which to perform an action. Its value must be a valid HTTP header name as defined in RFC 2616 section 4.2. The name must consist only of alphanumeric and the following special characters, "-!#$%&''*+.^_`". The following header names are reserved and may not be modified via this API: Strict-Transport-Security, Proxy, Cookie, Set-Cookie. It must be no more than 255 characters in length. Header name must be unique.' type: string - maxLength: 1024 + maxLength: 255 minLength: 1 pattern: ^[-!#$%&'*+.0-9A-Z^_`a-z|~]+$ x-kubernetes-validations: @@ -186,9 +186,9 @@ spec: - rule: 'has(self.type) && self.type == ''Set'' ? has(self.set) : !has(self.set)' message: set is required when type is Set, and forbidden otherwise name: - description: 'name specifies the name of a header on which to perform an action. Its value must be a valid HTTP header name as defined in RFC 2616 section 4.2. The name must consist only of alphanumeric and the following special characters, "-!#$%&''*+.^_`". The following header names are reserved and may not be modified via this API: Strict-Transport-Security, Proxy, Cookie, Set-Cookie. It must be no more than 1024 characters in length. Header name must be unique.' + description: 'name specifies the name of a header on which to perform an action. Its value must be a valid HTTP header name as defined in RFC 2616 section 4.2. The name must consist only of alphanumeric and the following special characters, "-!#$%&''*+.^_`". The following header names are reserved and may not be modified via this API: Strict-Transport-Security, Proxy, Cookie, Set-Cookie. It must be no more than 255 characters in length. Header name must be unique.' type: string - maxLength: 1024 + maxLength: 255 minLength: 1 pattern: ^[-!#$%&'*+.0-9A-Z^_`a-z|~]+$ x-kubernetes-validations: diff --git a/vendor/github.com/openshift/api/route/v1/route.crd.yaml b/vendor/github.com/openshift/api/route/v1/route.crd.yaml index d3b169669d..cda46fc33f 100644 --- a/vendor/github.com/openshift/api/route/v1/route.crd.yaml +++ b/vendor/github.com/openshift/api/route/v1/route.crd.yaml @@ -139,8 +139,8 @@ spec: - message: set is required when type is Set, and forbidden otherwise rule: 'has(self.type) && self.type == ''Set'' ? has(self.set) : !has(self.set)' name: - description: 'name specifies the name of a header on which to perform an action. Its value must be a valid HTTP header name as defined in RFC 2616 section 4.2. The name must consist only of alphanumeric and the following special characters, "-!#$%&''*+.^_`". The following header names are reserved and may not be modified via this API: Strict-Transport-Security, Proxy, Cookie, Set-Cookie. It must be no more than 1024 characters in length. Header name must be unique.' - maxLength: 1024 + description: 'name specifies the name of a header on which to perform an action. Its value must be a valid HTTP header name as defined in RFC 2616 section 4.2. The name must consist only of alphanumeric and the following special characters, "-!#$%&''*+.^_`". The following header names are reserved and may not be modified via this API: Strict-Transport-Security, Proxy, Cookie, Set-Cookie. It must be no more than 255 characters in length. Header name must be unique.' + maxLength: 255 minLength: 1 pattern: ^[-!#$%&'*+.0-9A-Z^_`a-z|~]+$ type: string @@ -197,8 +197,8 @@ spec: - message: set is required when type is Set, and forbidden otherwise rule: 'has(self.type) && self.type == ''Set'' ? has(self.set) : !has(self.set)' name: - description: 'name specifies the name of a header on which to perform an action. Its value must be a valid HTTP header name as defined in RFC 2616 section 4.2. The name must consist only of alphanumeric and the following special characters, "-!#$%&''*+.^_`". The following header names are reserved and may not be modified via this API: Strict-Transport-Security, Proxy, Cookie, Set-Cookie. It must be no more than 1024 characters in length. Header name must be unique.' - maxLength: 1024 + description: 'name specifies the name of a header on which to perform an action. Its value must be a valid HTTP header name as defined in RFC 2616 section 4.2. The name must consist only of alphanumeric and the following special characters, "-!#$%&''*+.^_`". The following header names are reserved and may not be modified via this API: Strict-Transport-Security, Proxy, Cookie, Set-Cookie. It must be no more than 255 characters in length. Header name must be unique.' + maxLength: 255 minLength: 1 pattern: ^[-!#$%&'*+.0-9A-Z^_`a-z|~]+$ type: string diff --git a/vendor/github.com/openshift/api/route/v1/types.go b/vendor/github.com/openshift/api/route/v1/types.go index 2f195a6a6b..2de728bc00 100644 --- a/vendor/github.com/openshift/api/route/v1/types.go +++ b/vendor/github.com/openshift/api/route/v1/types.go @@ -240,11 +240,11 @@ type RouteHTTPHeader struct { // The name must consist only of alphanumeric and the following special characters, "-!#$%&'*+.^_`". // The following header names are reserved and may not be modified via this API: // Strict-Transport-Security, Proxy, Cookie, Set-Cookie. - // It must be no more than 1024 characters in length. + // It must be no more than 255 characters in length. // Header name must be unique. // +kubebuilder:validation:Required // +kubebuilder:validation:MinLength=1 - // +kubebuilder:validation:MaxLength=1024 + // +kubebuilder:validation:MaxLength=255 // +kubebuilder:validation:Pattern="^[-!#$%&'*+.0-9A-Z^_`a-z|~]+$" // +kubebuilder:validation:XValidation:rule="self.lowerAscii() != 'strict-transport-security'",message="strict-transport-security header may not be modified via header actions" // +kubebuilder:validation:XValidation:rule="self.lowerAscii() != 'proxy'",message="proxy header may not be modified via header actions" diff --git a/vendor/github.com/openshift/api/route/v1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/route/v1/zz_generated.swagger_doc_generated.go index abcec62cd6..8d49587177 100644 --- a/vendor/github.com/openshift/api/route/v1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/route/v1/zz_generated.swagger_doc_generated.go @@ -33,7 +33,7 @@ func (Route) SwaggerDoc() map[string]string { var map_RouteHTTPHeader = map[string]string{ "": "RouteHTTPHeader specifies configuration for setting or deleting an HTTP header.", - "name": "name specifies the name of a header on which to perform an action. Its value must be a valid HTTP header name as defined in RFC 2616 section 4.2. The name must consist only of alphanumeric and the following special characters, \"-!#$%&'*+.^_`\". The following header names are reserved and may not be modified via this API: Strict-Transport-Security, Proxy, Cookie, Set-Cookie. It must be no more than 1024 characters in length. Header name must be unique.", + "name": "name specifies the name of a header on which to perform an action. Its value must be a valid HTTP header name as defined in RFC 2616 section 4.2. The name must consist only of alphanumeric and the following special characters, \"-!#$%&'*+.^_`\". The following header names are reserved and may not be modified via this API: Strict-Transport-Security, Proxy, Cookie, Set-Cookie. It must be no more than 255 characters in length. Header name must be unique.", "action": "action specifies actions to perform on headers, such as setting or deleting headers.", } diff --git a/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/resource.go b/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/resource.go new file mode 100644 index 0000000000..25736ce920 --- /dev/null +++ b/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/resource.go @@ -0,0 +1,60 @@ +// Copyright 2018 The prometheus-operator Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package monitoring + +import ( + "fmt" +) + +const ( + PrometheusesKind = "Prometheus" + PrometheusName = "prometheuses" + + AlertmanagersKind = "Alertmanager" + AlertmanagerName = "alertmanagers" + + ServiceMonitorsKind = "ServiceMonitor" + ServiceMonitorName = "servicemonitors" + + PodMonitorsKind = "PodMonitor" + PodMonitorName = "podmonitors" + + PrometheusRuleKind = "PrometheusRule" + PrometheusRuleName = "prometheusrules" + + ProbesKind = "Probe" + ProbeName = "probes" + + ScrapeConfigsKind = "ScrapeConfig" + ScrapeConfigName = "scrapeconfigs" +) + +var resourceToKindMap = map[string]string{ + PrometheusName: PrometheusesKind, + AlertmanagerName: AlertmanagersKind, + ServiceMonitorName: ServiceMonitorsKind, + PodMonitorName: PodMonitorsKind, + PrometheusRuleName: PrometheusRuleKind, + ProbeName: ProbesKind, + ScrapeConfigName: ScrapeConfigsKind, +} + +func ResourceToKind(s string) string { + kind, found := resourceToKindMap[s] + if !found { + panic(fmt.Sprintf("failed to map resource %q to a kind", s)) + } + return kind +} diff --git a/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/alertmanager_types.go b/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/alertmanager_types.go new file mode 100644 index 0000000000..9bcbf3207d --- /dev/null +++ b/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/alertmanager_types.go @@ -0,0 +1,442 @@ +// Copyright 2018 The prometheus-operator Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package v1 + +import ( + v1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" +) + +const ( + AlertmanagersKind = "Alertmanager" + AlertmanagerName = "alertmanagers" + AlertManagerKindKey = "alertmanager" +) + +// +genclient +// +k8s:openapi-gen=true +// +kubebuilder:resource:categories="prometheus-operator",shortName="am" +// +kubebuilder:printcolumn:name="Version",type="string",JSONPath=".spec.version",description="The version of Alertmanager" +// +kubebuilder:printcolumn:name="Replicas",type="integer",JSONPath=".spec.replicas",description="The number of desired replicas" +// +kubebuilder:printcolumn:name="Ready",type="integer",JSONPath=".status.availableReplicas",description="The number of ready replicas" +// +kubebuilder:printcolumn:name="Reconciled",type="string",JSONPath=".status.conditions[?(@.type == 'Reconciled')].status" +// +kubebuilder:printcolumn:name="Available",type="string",JSONPath=".status.conditions[?(@.type == 'Available')].status" +// +kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp" +// +kubebuilder:printcolumn:name="Paused",type="boolean",JSONPath=".status.paused",description="Whether the resource reconciliation is paused or not",priority=1 +// +kubebuilder:subresource:status + +// Alertmanager describes an Alertmanager cluster. +type Alertmanager struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + // Specification of the desired behavior of the Alertmanager cluster. More info: + // https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + Spec AlertmanagerSpec `json:"spec"` + // Most recent observed status of the Alertmanager cluster. Read-only. + // More info: + // https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + Status AlertmanagerStatus `json:"status,omitempty"` +} + +// DeepCopyObject implements the runtime.Object interface. +func (l *Alertmanager) DeepCopyObject() runtime.Object { + return l.DeepCopy() +} + +// AlertmanagerSpec is a specification of the desired behavior of the Alertmanager cluster. More info: +// https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status +// +k8s:openapi-gen=true +type AlertmanagerSpec struct { + // PodMetadata configures Labels and Annotations which are propagated to the alertmanager pods. + PodMetadata *EmbeddedObjectMetadata `json:"podMetadata,omitempty"` + // Image if specified has precedence over baseImage, tag and sha + // combinations. Specifying the version is still necessary to ensure the + // Prometheus Operator knows what version of Alertmanager is being + // configured. + Image *string `json:"image,omitempty"` + // Image pull policy for the 'alertmanager', 'init-config-reloader' and 'config-reloader' containers. + // See https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy for more details. + // +kubebuilder:validation:Enum="";Always;Never;IfNotPresent + ImagePullPolicy v1.PullPolicy `json:"imagePullPolicy,omitempty"` + // Version the cluster should be on. + Version string `json:"version,omitempty"` + // Tag of Alertmanager container image to be deployed. Defaults to the value of `version`. + // Version is ignored if Tag is set. + // Deprecated: use 'image' instead. The image tag can be specified + // as part of the image URL. + Tag string `json:"tag,omitempty"` + // SHA of Alertmanager container image to be deployed. Defaults to the value of `version`. + // Similar to a tag, but the SHA explicitly deploys an immutable container image. + // Version and Tag are ignored if SHA is set. + // Deprecated: use 'image' instead. The image digest can be specified + // as part of the image URL. + SHA string `json:"sha,omitempty"` + // Base image that is used to deploy pods, without tag. + // Deprecated: use 'image' instead + BaseImage string `json:"baseImage,omitempty"` + // An optional list of references to secrets in the same namespace + // to use for pulling prometheus and alertmanager images from registries + // see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod + ImagePullSecrets []v1.LocalObjectReference `json:"imagePullSecrets,omitempty"` + // Secrets is a list of Secrets in the same namespace as the Alertmanager + // object, which shall be mounted into the Alertmanager Pods. + // Each Secret is added to the StatefulSet definition as a volume named `secret-`. + // The Secrets are mounted into `/etc/alertmanager/secrets/` in the 'alertmanager' container. + Secrets []string `json:"secrets,omitempty"` + // ConfigMaps is a list of ConfigMaps in the same namespace as the Alertmanager + // object, which shall be mounted into the Alertmanager Pods. + // Each ConfigMap is added to the StatefulSet definition as a volume named `configmap-`. + // The ConfigMaps are mounted into `/etc/alertmanager/configmaps/` in the 'alertmanager' container. + ConfigMaps []string `json:"configMaps,omitempty"` + // ConfigSecret is the name of a Kubernetes Secret in the same namespace as the + // Alertmanager object, which contains the configuration for this Alertmanager + // instance. If empty, it defaults to `alertmanager-`. + // + // The Alertmanager configuration should be available under the + // `alertmanager.yaml` key. Additional keys from the original secret are + // copied to the generated secret and mounted into the + // `/etc/alertmanager/config` directory in the `alertmanager` container. + // + // If either the secret or the `alertmanager.yaml` key is missing, the + // operator provisions a minimal Alertmanager configuration with one empty + // receiver (effectively dropping alert notifications). + ConfigSecret string `json:"configSecret,omitempty"` + // Log level for Alertmanager to be configured with. + //+kubebuilder:validation:Enum="";debug;info;warn;error + LogLevel string `json:"logLevel,omitempty"` + // Log format for Alertmanager to be configured with. + //+kubebuilder:validation:Enum="";logfmt;json + LogFormat string `json:"logFormat,omitempty"` + // Size is the expected size of the alertmanager cluster. The controller will + // eventually make the size of the running cluster equal to the expected + // size. + Replicas *int32 `json:"replicas,omitempty"` + // Time duration Alertmanager shall retain data for. Default is '120h', + // and must match the regular expression `[0-9]+(ms|s|m|h)` (milliseconds seconds minutes hours). + // +kubebuilder:default:="120h" + Retention GoDuration `json:"retention,omitempty"` + // Storage is the definition of how storage will be used by the Alertmanager + // instances. + Storage *StorageSpec `json:"storage,omitempty"` + // Volumes allows configuration of additional volumes on the output StatefulSet definition. + // Volumes specified will be appended to other volumes that are generated as a result of + // StorageSpec objects. + Volumes []v1.Volume `json:"volumes,omitempty"` + // VolumeMounts allows configuration of additional VolumeMounts on the output StatefulSet definition. + // VolumeMounts specified will be appended to other VolumeMounts in the alertmanager container, + // that are generated as a result of StorageSpec objects. + VolumeMounts []v1.VolumeMount `json:"volumeMounts,omitempty"` + // The external URL the Alertmanager instances will be available under. This is + // necessary to generate correct URLs. This is necessary if Alertmanager is not + // served from root of a DNS name. + ExternalURL string `json:"externalUrl,omitempty"` + // The route prefix Alertmanager registers HTTP handlers for. This is useful, + // if using ExternalURL and a proxy is rewriting HTTP routes of a request, + // and the actual ExternalURL is still true, but the server serves requests + // under a different route prefix. For example for use with `kubectl proxy`. + RoutePrefix string `json:"routePrefix,omitempty"` + // If set to true all actions on the underlying managed objects are not + // goint to be performed, except for delete actions. + Paused bool `json:"paused,omitempty"` + // Define which Nodes the Pods are scheduled on. + NodeSelector map[string]string `json:"nodeSelector,omitempty"` + // Define resources requests and limits for single Pods. + Resources v1.ResourceRequirements `json:"resources,omitempty"` + // If specified, the pod's scheduling constraints. + Affinity *v1.Affinity `json:"affinity,omitempty"` + // If specified, the pod's tolerations. + Tolerations []v1.Toleration `json:"tolerations,omitempty"` + // If specified, the pod's topology spread constraints. + TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` + // SecurityContext holds pod-level security attributes and common container settings. + // This defaults to the default PodSecurityContext. + SecurityContext *v1.PodSecurityContext `json:"securityContext,omitempty"` + // ServiceAccountName is the name of the ServiceAccount to use to run the + // Prometheus Pods. + ServiceAccountName string `json:"serviceAccountName,omitempty"` + // ListenLocal makes the Alertmanager server listen on loopback, so that it + // does not bind against the Pod IP. Note this is only for the Alertmanager + // UI, not the gossip communication. + ListenLocal bool `json:"listenLocal,omitempty"` + // Containers allows injecting additional containers. This is meant to + // allow adding an authentication proxy to an Alertmanager pod. + // Containers described here modify an operator generated container if they + // share the same name and modifications are done via a strategic merge + // patch. The current container names are: `alertmanager` and + // `config-reloader`. Overriding containers is entirely outside the scope + // of what the maintainers will support and by doing so, you accept that + // this behaviour may break at any time without notice. + Containers []v1.Container `json:"containers,omitempty"` + // InitContainers allows adding initContainers to the pod definition. Those can be used to e.g. + // fetch secrets for injection into the Alertmanager configuration from external sources. Any + // errors during the execution of an initContainer will lead to a restart of the Pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ + // InitContainers described here modify an operator + // generated init containers if they share the same name and modifications are + // done via a strategic merge patch. The current init container name is: + // `init-config-reloader`. Overriding init containers is entirely outside the + // scope of what the maintainers will support and by doing so, you accept that + // this behaviour may break at any time without notice. + InitContainers []v1.Container `json:"initContainers,omitempty"` + // Priority class assigned to the Pods + PriorityClassName string `json:"priorityClassName,omitempty"` + // AdditionalPeers allows injecting a set of additional Alertmanagers to peer with to form a highly available cluster. + AdditionalPeers []string `json:"additionalPeers,omitempty"` + // ClusterAdvertiseAddress is the explicit address to advertise in cluster. + // Needs to be provided for non RFC1918 [1] (public) addresses. + // [1] RFC1918: https://tools.ietf.org/html/rfc1918 + ClusterAdvertiseAddress string `json:"clusterAdvertiseAddress,omitempty"` + // Interval between gossip attempts. + ClusterGossipInterval GoDuration `json:"clusterGossipInterval,omitempty"` + // Interval between pushpull attempts. + ClusterPushpullInterval GoDuration `json:"clusterPushpullInterval,omitempty"` + // Timeout for cluster peering. + ClusterPeerTimeout GoDuration `json:"clusterPeerTimeout,omitempty"` + // Port name used for the pods and governing service. + // Defaults to `web`. + // +kubebuilder:default:="web" + PortName string `json:"portName,omitempty"` + // ForceEnableClusterMode ensures Alertmanager does not deactivate the cluster mode when running with a single replica. + // Use case is e.g. spanning an Alertmanager cluster across Kubernetes clusters with a single replica in each. + ForceEnableClusterMode bool `json:"forceEnableClusterMode,omitempty"` + // AlertmanagerConfigs to be selected for to merge and configure Alertmanager with. + AlertmanagerConfigSelector *metav1.LabelSelector `json:"alertmanagerConfigSelector,omitempty"` + // The AlertmanagerConfigMatcherStrategy defines how AlertmanagerConfig objects match the alerts. + // In the future more options may be added. + AlertmanagerConfigMatcherStrategy AlertmanagerConfigMatcherStrategy `json:"alertmanagerConfigMatcherStrategy,omitempty"` + // Namespaces to be selected for AlertmanagerConfig discovery. If nil, only + // check own namespace. + AlertmanagerConfigNamespaceSelector *metav1.LabelSelector `json:"alertmanagerConfigNamespaceSelector,omitempty"` + // Minimum number of seconds for which a newly created pod should be ready + // without any of its container crashing for it to be considered available. + // Defaults to 0 (pod will be considered available as soon as it is ready) + // This is an alpha field from kubernetes 1.22 until 1.24 which requires enabling the StatefulSetMinReadySeconds feature gate. + // +optional + MinReadySeconds *uint32 `json:"minReadySeconds,omitempty"` + // Pods' hostAliases configuration + // +listType=map + // +listMapKey=ip + HostAliases []HostAlias `json:"hostAliases,omitempty"` + // Defines the web command line flags when starting Alertmanager. + Web *AlertmanagerWebSpec `json:"web,omitempty"` + // EXPERIMENTAL: alertmanagerConfiguration specifies the configuration of Alertmanager. + // If defined, it takes precedence over the `configSecret` field. + // This field may change in future releases. + AlertmanagerConfiguration *AlertmanagerConfiguration `json:"alertmanagerConfiguration,omitempty"` + // AutomountServiceAccountToken indicates whether a service account token should be automatically mounted in the pod. + // If the service account has `automountServiceAccountToken: true`, set the field to `false` to opt out of automounting API credentials. + // +optional + AutomountServiceAccountToken *bool `json:"automountServiceAccountToken,omitempty"` +} + +// AlertmanagerConfigMatcherStrategy defines the strategy used by AlertmanagerConfig objects to match alerts. +type AlertmanagerConfigMatcherStrategy struct { + // If set to `OnNamespace`, the operator injects a label matcher matching the namespace of the AlertmanagerConfig object for all its routes and inhibition rules. + // `None` will not add any additional matchers other than the ones specified in the AlertmanagerConfig. + // Default is `OnNamespace`. + // +kubebuilder:validation:Enum="OnNamespace";"None" + // +kubebuilder:default:="OnNamespace" + Type string `json:"type,omitempty"` +} + +// AlertmanagerConfiguration defines the Alertmanager configuration. +// +k8s:openapi-gen=true +type AlertmanagerConfiguration struct { + // The name of the AlertmanagerConfig resource which is used to generate the Alertmanager configuration. + // It must be defined in the same namespace as the Alertmanager object. + // The operator will not enforce a `namespace` label for routes and inhibition rules. + // +kubebuilder:validation:MinLength=1 + Name string `json:"name,omitempty"` + // Defines the global parameters of the Alertmanager configuration. + // +optional + Global *AlertmanagerGlobalConfig `json:"global,omitempty"` + // Custom notification templates. + // +optional + Templates []SecretOrConfigMap `json:"templates,omitempty"` +} + +// AlertmanagerGlobalConfig configures parameters that are valid in all other configuration contexts. +// See https://prometheus.io/docs/alerting/latest/configuration/#configuration-file +type AlertmanagerGlobalConfig struct { + // Configures global SMTP parameters. + // +optional + SMTPConfig *GlobalSMTPConfig `json:"smtp,omitempty"` + + // ResolveTimeout is the default value used by alertmanager if the alert does + // not include EndsAt, after this time passes it can declare the alert as resolved if it has not been updated. + // This has no impact on alerts from Prometheus, as they always include EndsAt. + ResolveTimeout Duration `json:"resolveTimeout,omitempty"` + + // HTTP client configuration. + HTTPConfig *HTTPConfig `json:"httpConfig,omitempty"` + + // The default Slack API URL. + SlackAPIURL *v1.SecretKeySelector `json:"slackApiUrl,omitempty"` + + // The default OpsGenie API URL. + OpsGenieAPIURL *v1.SecretKeySelector `json:"opsGenieApiUrl,omitempty"` + + // The default OpsGenie API Key. + OpsGenieAPIKey *v1.SecretKeySelector `json:"opsGenieApiKey,omitempty"` + + // The default Pagerduty URL. + PagerdutyURL *string `json:"pagerdutyUrl,omitempty"` +} + +// AlertmanagerStatus is the most recent observed status of the Alertmanager cluster. Read-only. +// More info: +// https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status +// +k8s:openapi-gen=true +type AlertmanagerStatus struct { + // Represents whether any actions on the underlying managed objects are + // being performed. Only delete actions will be performed. + Paused bool `json:"paused"` + // Total number of non-terminated pods targeted by this Alertmanager + // object (their labels match the selector). + Replicas int32 `json:"replicas"` + // Total number of non-terminated pods targeted by this Alertmanager + // object that have the desired version spec. + UpdatedReplicas int32 `json:"updatedReplicas"` + // Total number of available pods (ready for at least minReadySeconds) + // targeted by this Alertmanager cluster. + AvailableReplicas int32 `json:"availableReplicas"` + // Total number of unavailable pods targeted by this Alertmanager object. + UnavailableReplicas int32 `json:"unavailableReplicas"` + // The current state of the Alertmanager object. + // +listType=map + // +listMapKey=type + // +optional + Conditions []Condition `json:"conditions,omitempty"` +} + +func (a *Alertmanager) ExpectedReplicas() int { + if a.Spec.Replicas == nil { + return 1 + } + return int(*a.Spec.Replicas) +} + +func (a *Alertmanager) SetReplicas(i int) { a.Status.Replicas = int32(i) } +func (a *Alertmanager) SetUpdatedReplicas(i int) { a.Status.UpdatedReplicas = int32(i) } +func (a *Alertmanager) SetAvailableReplicas(i int) { a.Status.AvailableReplicas = int32(i) } +func (a *Alertmanager) SetUnavailableReplicas(i int) { a.Status.UnavailableReplicas = int32(i) } + +// AlertmanagerWebSpec defines the web command line flags when starting Alertmanager. +// +k8s:openapi-gen=true +type AlertmanagerWebSpec struct { + WebConfigFileFields `json:",inline"` + // Maximum number of GET requests processed concurrently. This corresponds to the + // Alertmanager's `--web.get-concurrency` flag. + // +optional + GetConcurrency *uint32 `json:"getConcurrency,omitempty"` + // Timeout for HTTP requests. This corresponds to the Alertmanager's + // `--web.timeout` flag. + // +optional + Timeout *uint32 `json:"timeout,omitempty"` +} + +// GlobalSMTPConfig configures global SMTP parameters. +// See https://prometheus.io/docs/alerting/latest/configuration/#configuration-file +type GlobalSMTPConfig struct { + // The default SMTP From header field. + // +optional + From *string `json:"from,omitempty"` + + // The default SMTP smarthost used for sending emails. + // +optional + SmartHost *HostPort `json:"smartHost,omitempty"` + + // The default hostname to identify to the SMTP server. + // +optional + Hello *string `json:"hello,omitempty"` + + // SMTP Auth using CRAM-MD5, LOGIN and PLAIN. If empty, Alertmanager doesn't authenticate to the SMTP server. + // +optional + AuthUsername *string `json:"authUsername,omitempty"` + + // SMTP Auth using LOGIN and PLAIN. + // +optional + AuthPassword *v1.SecretKeySelector `json:"authPassword,omitempty"` + + // SMTP Auth using PLAIN + // +optional + AuthIdentity *string `json:"authIdentity,omitempty"` + + // SMTP Auth using CRAM-MD5. + // +optional + AuthSecret *v1.SecretKeySelector `json:"authSecret,omitempty"` + + // The default SMTP TLS requirement. + // Note that Go does not support unencrypted connections to remote SMTP endpoints. + // +optional + RequireTLS *bool `json:"requireTLS,omitempty"` +} + +// HostPort represents a "host:port" network address. +type HostPort struct { + // Defines the host's address, it can be a DNS name or a literal IP address. + // +kubebuilder:validation:MinLength=1 + Host string `json:"host"` + // Defines the host's port, it can be a literal port number or a port name. + // +kubebuilder:validation:MinLength=1 + Port string `json:"port"` +} + +// HTTPConfig defines a client HTTP configuration. +// See https://prometheus.io/docs/alerting/latest/configuration/#http_config +type HTTPConfig struct { + // Authorization header configuration for the client. + // This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. + // +optional + Authorization *SafeAuthorization `json:"authorization,omitempty"` + // BasicAuth for the client. + // This is mutually exclusive with Authorization. If both are defined, BasicAuth takes precedence. + // +optional + BasicAuth *BasicAuth `json:"basicAuth,omitempty"` + // OAuth2 client credentials used to fetch a token for the targets. + // +optional + OAuth2 *OAuth2 `json:"oauth2,omitempty"` + // The secret's key that contains the bearer token to be used by the client + // for authentication. + // The secret needs to be in the same namespace as the Alertmanager + // object and accessible by the Prometheus Operator. + // +optional + BearerTokenSecret *v1.SecretKeySelector `json:"bearerTokenSecret,omitempty"` + // TLS configuration for the client. + // +optional + TLSConfig *SafeTLSConfig `json:"tlsConfig,omitempty"` + // Optional proxy URL. + // +optional + ProxyURL string `json:"proxyURL,omitempty"` + // FollowRedirects specifies whether the client should follow HTTP 3xx redirects. + // +optional + FollowRedirects *bool `json:"followRedirects,omitempty"` +} + +// AlertmanagerList is a list of Alertmanagers. +// +k8s:openapi-gen=true +type AlertmanagerList struct { + metav1.TypeMeta `json:",inline"` + // Standard list metadata + // More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#metadata + metav1.ListMeta `json:"metadata,omitempty"` + // List of Alertmanagers + Items []Alertmanager `json:"items"` +} + +// DeepCopyObject implements the runtime.Object interface. +func (l *AlertmanagerList) DeepCopyObject() runtime.Object { + return l.DeepCopy() +} diff --git a/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/podmonitor_types.go b/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/podmonitor_types.go new file mode 100644 index 0000000000..ee03102d06 --- /dev/null +++ b/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/podmonitor_types.go @@ -0,0 +1,167 @@ +// Copyright 2018 The prometheus-operator Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package v1 + +import ( + v1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/util/intstr" +) + +const ( + PodMonitorsKind = "PodMonitor" + PodMonitorName = "podmonitors" + PodMonitorKindKey = "podmonitor" +) + +// +genclient +// +k8s:openapi-gen=true +// +kubebuilder:resource:categories="prometheus-operator",shortName="pmon" + +// PodMonitor defines monitoring for a set of pods. +type PodMonitor struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + // Specification of desired Pod selection for target discovery by Prometheus. + Spec PodMonitorSpec `json:"spec"` +} + +// DeepCopyObject implements the runtime.Object interface. +func (l *PodMonitor) DeepCopyObject() runtime.Object { + return l.DeepCopy() +} + +// PodMonitorSpec contains specification parameters for a PodMonitor. +// +k8s:openapi-gen=true +type PodMonitorSpec struct { + // The label to use to retrieve the job name from. + JobLabel string `json:"jobLabel,omitempty"` + // PodTargetLabels transfers labels on the Kubernetes Pod onto the target. + PodTargetLabels []string `json:"podTargetLabels,omitempty"` + // A list of endpoints allowed as part of this PodMonitor. + PodMetricsEndpoints []PodMetricsEndpoint `json:"podMetricsEndpoints"` + // Selector to select Pod objects. + Selector metav1.LabelSelector `json:"selector"` + // Selector to select which namespaces the Endpoints objects are discovered from. + NamespaceSelector NamespaceSelector `json:"namespaceSelector,omitempty"` + // SampleLimit defines per-scrape limit on number of scraped samples that will be accepted. + SampleLimit *uint64 `json:"sampleLimit,omitempty"` + // TargetLimit defines a limit on the number of scraped targets that will be accepted. + // +optional + TargetLimit *uint64 `json:"targetLimit,omitempty"` + // Per-scrape limit on number of labels that will be accepted for a sample. + // Only valid in Prometheus versions 2.27.0 and newer. + // +optional + LabelLimit *uint64 `json:"labelLimit,omitempty"` + // Per-scrape limit on length of labels name that will be accepted for a sample. + // Only valid in Prometheus versions 2.27.0 and newer. + // +optional + LabelNameLengthLimit *uint64 `json:"labelNameLengthLimit,omitempty"` + // Per-scrape limit on length of labels value that will be accepted for a sample. + // Only valid in Prometheus versions 2.27.0 and newer. + // +optional + LabelValueLengthLimit *uint64 `json:"labelValueLengthLimit,omitempty"` + // Per-scrape limit on the number of targets dropped by relabeling + // that will be kept in memory. 0 means no limit. + // + // It requires Prometheus >= v2.47.0. + // + // +optional + KeepDroppedTargets *uint64 `json:"keepDroppedTargets,omitempty"` + // Attaches node metadata to discovered targets. + // Requires Prometheus v2.35.0 and above. + AttachMetadata *AttachMetadata `json:"attachMetadata,omitempty"` +} + +// PodMonitorList is a list of PodMonitors. +// +k8s:openapi-gen=true +type PodMonitorList struct { + metav1.TypeMeta `json:",inline"` + // Standard list metadata + // More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#metadata + metav1.ListMeta `json:"metadata,omitempty"` + // List of PodMonitors + Items []*PodMonitor `json:"items"` +} + +// DeepCopyObject implements the runtime.Object interface. +func (l *PodMonitorList) DeepCopyObject() runtime.Object { + return l.DeepCopy() +} + +// PodMetricsEndpoint defines a scrapeable endpoint of a Kubernetes Pod serving Prometheus metrics. +// +k8s:openapi-gen=true +type PodMetricsEndpoint struct { + // Name of the pod port this endpoint refers to. Mutually exclusive with targetPort. + Port string `json:"port,omitempty"` + // Deprecated: Use 'port' instead. + TargetPort *intstr.IntOrString `json:"targetPort,omitempty"` + // HTTP path to scrape for metrics. + // If empty, Prometheus uses the default value (e.g. `/metrics`). + Path string `json:"path,omitempty"` + // HTTP scheme to use for scraping. + // `http` and `https` are the expected values unless you rewrite the `__scheme__` label via relabeling. + // If empty, Prometheus uses the default value `http`. + // +kubebuilder:validation:Enum=http;https + Scheme string `json:"scheme,omitempty"` + // Optional HTTP URL parameters + Params map[string][]string `json:"params,omitempty"` + // Interval at which metrics should be scraped + // If not specified Prometheus' global scrape interval is used. + Interval Duration `json:"interval,omitempty"` + // Timeout after which the scrape is ended + // If not specified, the Prometheus global scrape interval is used. + ScrapeTimeout Duration `json:"scrapeTimeout,omitempty"` + // TLS configuration to use when scraping the endpoint. + TLSConfig *PodMetricsEndpointTLSConfig `json:"tlsConfig,omitempty"` + // Secret to mount to read bearer token for scraping targets. The secret + // needs to be in the same namespace as the pod monitor and accessible by + // the Prometheus Operator. + BearerTokenSecret v1.SecretKeySelector `json:"bearerTokenSecret,omitempty"` + // HonorLabels chooses the metric's labels on collisions with target labels. + HonorLabels bool `json:"honorLabels,omitempty"` + // HonorTimestamps controls whether Prometheus respects the timestamps present in scraped data. + HonorTimestamps *bool `json:"honorTimestamps,omitempty"` + // BasicAuth allow an endpoint to authenticate over basic authentication. + // More info: https://prometheus.io/docs/operating/configuration/#endpoint + BasicAuth *BasicAuth `json:"basicAuth,omitempty"` + // OAuth2 for the URL. Only valid in Prometheus versions 2.27.0 and newer. + OAuth2 *OAuth2 `json:"oauth2,omitempty"` + // Authorization section for this endpoint + Authorization *SafeAuthorization `json:"authorization,omitempty"` + // MetricRelabelConfigs to apply to samples before ingestion. + MetricRelabelConfigs []*RelabelConfig `json:"metricRelabelings,omitempty"` + // RelabelConfigs to apply to samples before scraping. + // Prometheus Operator automatically adds relabelings for a few standard Kubernetes fields. + // The original scrape job's name is available via the `__tmp_prometheus_job_name` label. + // More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config + RelabelConfigs []*RelabelConfig `json:"relabelings,omitempty"` + // ProxyURL eg http://proxyserver:2195 Directs scrapes to proxy through this endpoint. + ProxyURL *string `json:"proxyUrl,omitempty"` + // FollowRedirects configures whether scrape requests follow HTTP 3xx redirects. + FollowRedirects *bool `json:"followRedirects,omitempty"` + // Whether to enable HTTP2. + EnableHttp2 *bool `json:"enableHttp2,omitempty"` + // Drop pods that are not running. (Failed, Succeeded). Enabled by default. + // More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#pod-phase + FilterRunning *bool `json:"filterRunning,omitempty"` +} + +// PodMetricsEndpointTLSConfig specifies TLS configuration parameters. +// +k8s:openapi-gen=true +type PodMetricsEndpointTLSConfig struct { + SafeTLSConfig `json:",inline"` +} diff --git a/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/probe_types.go b/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/probe_types.go new file mode 100644 index 0000000000..59b85ae6a7 --- /dev/null +++ b/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/probe_types.go @@ -0,0 +1,213 @@ +// Copyright 2018 The prometheus-operator Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package v1 + +import ( + v1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" +) + +const ( + ProbesKind = "Probe" + ProbeName = "probes" + ProbeKindKey = "probe" +) + +// +genclient +// +k8s:openapi-gen=true +// +kubebuilder:resource:categories="prometheus-operator",shortName="prb" + +// Probe defines monitoring for a set of static targets or ingresses. +type Probe struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + // Specification of desired Ingress selection for target discovery by Prometheus. + Spec ProbeSpec `json:"spec"` +} + +// DeepCopyObject implements the runtime.Object interface. +func (l *Probe) DeepCopyObject() runtime.Object { + return l.DeepCopy() +} + +// ProbeSpec contains specification parameters for a Probe. +// +k8s:openapi-gen=true +type ProbeSpec struct { + // The job name assigned to scraped metrics by default. + JobName string `json:"jobName,omitempty"` + // Specification for the prober to use for probing targets. + // The prober.URL parameter is required. Targets cannot be probed if left empty. + ProberSpec ProberSpec `json:"prober,omitempty"` + // The module to use for probing specifying how to probe the target. + // Example module configuring in the blackbox exporter: + // https://github.com/prometheus/blackbox_exporter/blob/master/example.yml + Module string `json:"module,omitempty"` + // Targets defines a set of static or dynamically discovered targets to probe. + Targets ProbeTargets `json:"targets,omitempty"` + // Interval at which targets are probed using the configured prober. + // If not specified Prometheus' global scrape interval is used. + Interval Duration `json:"interval,omitempty"` + // Timeout for scraping metrics from the Prometheus exporter. + // If not specified, the Prometheus global scrape timeout is used. + ScrapeTimeout Duration `json:"scrapeTimeout,omitempty"` + // TLS configuration to use when scraping the endpoint. + TLSConfig *ProbeTLSConfig `json:"tlsConfig,omitempty"` + // Secret to mount to read bearer token for scraping targets. The secret + // needs to be in the same namespace as the probe and accessible by + // the Prometheus Operator. + BearerTokenSecret v1.SecretKeySelector `json:"bearerTokenSecret,omitempty"` + // BasicAuth allow an endpoint to authenticate over basic authentication. + // More info: https://prometheus.io/docs/operating/configuration/#endpoint + BasicAuth *BasicAuth `json:"basicAuth,omitempty"` + // OAuth2 for the URL. Only valid in Prometheus versions 2.27.0 and newer. + OAuth2 *OAuth2 `json:"oauth2,omitempty"` + // MetricRelabelConfigs to apply to samples before ingestion. + MetricRelabelConfigs []*RelabelConfig `json:"metricRelabelings,omitempty"` + // Authorization section for this endpoint + Authorization *SafeAuthorization `json:"authorization,omitempty"` + // SampleLimit defines per-scrape limit on number of scraped samples that will be accepted. + // +optional + SampleLimit *uint64 `json:"sampleLimit,omitempty"` + // TargetLimit defines a limit on the number of scraped targets that will be accepted. + // +optional + TargetLimit *uint64 `json:"targetLimit,omitempty"` + // Per-scrape limit on number of labels that will be accepted for a sample. + // Only valid in Prometheus versions 2.27.0 and newer. + // +optional + LabelLimit *uint64 `json:"labelLimit,omitempty"` + // Per-scrape limit on length of labels name that will be accepted for a sample. + // Only valid in Prometheus versions 2.27.0 and newer. + // +optional + LabelNameLengthLimit *uint64 `json:"labelNameLengthLimit,omitempty"` + // Per-scrape limit on length of labels value that will be accepted for a sample. + // Only valid in Prometheus versions 2.27.0 and newer. + // +optional + LabelValueLengthLimit *uint64 `json:"labelValueLengthLimit,omitempty"` + // Per-scrape limit on the number of targets dropped by relabeling + // that will be kept in memory. 0 means no limit. + // + // It requires Prometheus >= v2.47.0. + // + // +optional + KeepDroppedTargets *uint64 `json:"keepDroppedTargets,omitempty"` +} + +// ProbeTargets defines how to discover the probed targets. +// One of the `staticConfig` or `ingress` must be defined. +// If both are defined, `staticConfig` takes precedence. +// +k8s:openapi-gen=true +type ProbeTargets struct { + // staticConfig defines the static list of targets to probe and the + // relabeling configuration. + // If `ingress` is also defined, `staticConfig` takes precedence. + // More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#static_config. + StaticConfig *ProbeTargetStaticConfig `json:"staticConfig,omitempty"` + // ingress defines the Ingress objects to probe and the relabeling + // configuration. + // If `staticConfig` is also defined, `staticConfig` takes precedence. + Ingress *ProbeTargetIngress `json:"ingress,omitempty"` +} + +// Validate semantically validates the given ProbeTargets. +func (it *ProbeTargets) Validate() error { + if it.StaticConfig == nil && it.Ingress == nil { + return &ProbeTargetsValidationError{"at least one of .spec.targets.staticConfig and .spec.targets.ingress is required"} + } + + return nil +} + +// ProbeTargetsValidationError is returned by ProbeTargets.Validate() +// on semantically invalid configurations. +// +k8s:openapi-gen=false +type ProbeTargetsValidationError struct { + err string +} + +func (e *ProbeTargetsValidationError) Error() string { + return e.err +} + +// ProbeTargetStaticConfig defines the set of static targets considered for probing. +// +k8s:openapi-gen=true +type ProbeTargetStaticConfig struct { + // The list of hosts to probe. + Targets []string `json:"static,omitempty"` + // Labels assigned to all metrics scraped from the targets. + Labels map[string]string `json:"labels,omitempty"` + // RelabelConfigs to apply to the label set of the targets before it gets + // scraped. + // More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config + RelabelConfigs []*RelabelConfig `json:"relabelingConfigs,omitempty"` +} + +// ProbeTargetIngress defines the set of Ingress objects considered for probing. +// The operator configures a target for each host/path combination of each ingress object. +// +k8s:openapi-gen=true +type ProbeTargetIngress struct { + // Selector to select the Ingress objects. + Selector metav1.LabelSelector `json:"selector,omitempty"` + // From which namespaces to select Ingress objects. + NamespaceSelector NamespaceSelector `json:"namespaceSelector,omitempty"` + // RelabelConfigs to apply to the label set of the target before it gets + // scraped. + // The original ingress address is available via the + // `__tmp_prometheus_ingress_address` label. It can be used to customize the + // probed URL. + // The original scrape job's name is available via the `__tmp_prometheus_job_name` label. + // More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config + RelabelConfigs []*RelabelConfig `json:"relabelingConfigs,omitempty"` +} + +// ProberSpec contains specification parameters for the Prober used for probing. +// +k8s:openapi-gen=true +type ProberSpec struct { + // Mandatory URL of the prober. + URL string `json:"url"` + // HTTP scheme to use for scraping. + // `http` and `https` are the expected values unless you rewrite the `__scheme__` label via relabeling. + // If empty, Prometheus uses the default value `http`. + // +kubebuilder:validation:Enum=http;https + Scheme string `json:"scheme,omitempty"` + // Path to collect metrics from. + // Defaults to `/probe`. + // +kubebuilder:default:="/probe" + Path string `json:"path,omitempty"` + // Optional ProxyURL. + ProxyURL string `json:"proxyUrl,omitempty"` +} + +// ProbeList is a list of Probes. +// +k8s:openapi-gen=true +type ProbeList struct { + metav1.TypeMeta `json:",inline"` + // Standard list metadata + // More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#metadata + metav1.ListMeta `json:"metadata,omitempty"` + // List of Probes + Items []*Probe `json:"items"` +} + +// DeepCopyObject implements the runtime.Object interface. +func (l *ProbeList) DeepCopyObject() runtime.Object { + return l.DeepCopy() +} + +// ProbeTLSConfig specifies TLS configuration parameters for the prober. +// +k8s:openapi-gen=true +type ProbeTLSConfig struct { + SafeTLSConfig `json:",inline"` +} diff --git a/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/prometheus_types.go b/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/prometheus_types.go new file mode 100644 index 0000000000..7dc9561097 --- /dev/null +++ b/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/prometheus_types.go @@ -0,0 +1,1602 @@ +// Copyright 2018 The prometheus-operator Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package v1 + +import ( + "strings" + + v1 "k8s.io/api/core/v1" + "k8s.io/apimachinery/pkg/api/resource" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/util/intstr" +) + +const ( + PrometheusesKind = "Prometheus" + PrometheusName = "prometheuses" + PrometheusKindKey = "prometheus" +) + +// PrometheusInterface is used by Prometheus and PrometheusAgent to share common methods, e.g. config generation. +// +k8s:deepcopy-gen=false +type PrometheusInterface interface { + metav1.ObjectMetaAccessor + GetTypeMeta() metav1.TypeMeta + GetCommonPrometheusFields() CommonPrometheusFields + SetCommonPrometheusFields(CommonPrometheusFields) + GetStatus() PrometheusStatus +} + +func (l *Prometheus) GetCommonPrometheusFields() CommonPrometheusFields { + return l.Spec.CommonPrometheusFields +} + +func (l *Prometheus) SetCommonPrometheusFields(f CommonPrometheusFields) { + l.Spec.CommonPrometheusFields = f +} + +func (l *Prometheus) GetTypeMeta() metav1.TypeMeta { + return l.TypeMeta +} + +func (l *Prometheus) GetStatus() PrometheusStatus { + return l.Status +} + +// CommonPrometheusFields are the options available to both the Prometheus server and agent. +// +k8s:deepcopy-gen=true +type CommonPrometheusFields struct { + // PodMetadata configures labels and annotations which are propagated to the Prometheus pods. + PodMetadata *EmbeddedObjectMetadata `json:"podMetadata,omitempty"` + + // ServiceMonitors to be selected for target discovery. An empty label + // selector matches all objects. A null label selector matches no objects. + // + // If `spec.serviceMonitorSelector`, `spec.podMonitorSelector`, `spec.probeSelector` + // and `spec.scrapeConfigSelector` are null, the Prometheus configuration is unmanaged. + // The Prometheus operator will ensure that the Prometheus configuration's + // Secret exists, but it is the responsibility of the user to provide the raw + // gzipped Prometheus configuration under the `prometheus.yaml.gz` key. + // This behavior is *deprecated* and will be removed in the next major version + // of the custom resource definition. It is recommended to use + // `spec.additionalScrapeConfigs` instead. + ServiceMonitorSelector *metav1.LabelSelector `json:"serviceMonitorSelector,omitempty"` + // Namespaces to match for ServicedMonitors discovery. An empty label selector + // matches all namespaces. A null label selector matches the current + // namespace only. + ServiceMonitorNamespaceSelector *metav1.LabelSelector `json:"serviceMonitorNamespaceSelector,omitempty"` + + // *Experimental* PodMonitors to be selected for target discovery. An empty + // label selector matches all objects. A null label selector matches no + // objects. + // + // If `spec.serviceMonitorSelector`, `spec.podMonitorSelector`, `spec.probeSelector` + // and `spec.scrapeConfigSelector` are null, the Prometheus configuration is unmanaged. + // The Prometheus operator will ensure that the Prometheus configuration's + // Secret exists, but it is the responsibility of the user to provide the raw + // gzipped Prometheus configuration under the `prometheus.yaml.gz` key. + // This behavior is *deprecated* and will be removed in the next major version + // of the custom resource definition. It is recommended to use + // `spec.additionalScrapeConfigs` instead. + PodMonitorSelector *metav1.LabelSelector `json:"podMonitorSelector,omitempty"` + // Namespaces to match for PodMonitors discovery. An empty label selector + // matches all namespaces. A null label selector matches the current + // namespace only. + PodMonitorNamespaceSelector *metav1.LabelSelector `json:"podMonitorNamespaceSelector,omitempty"` + + // *Experimental* Probes to be selected for target discovery. An empty + // label selector matches all objects. A null label selector matches no + // objects. + // + // If `spec.serviceMonitorSelector`, `spec.podMonitorSelector`, `spec.probeSelector` + // and `spec.scrapeConfigSelector` are null, the Prometheus configuration is unmanaged. + // The Prometheus operator will ensure that the Prometheus configuration's + // Secret exists, but it is the responsibility of the user to provide the raw + // gzipped Prometheus configuration under the `prometheus.yaml.gz` key. + // This behavior is *deprecated* and will be removed in the next major version + // of the custom resource definition. It is recommended to use + // `spec.additionalScrapeConfigs` instead. + ProbeSelector *metav1.LabelSelector `json:"probeSelector,omitempty"` + // *Experimental* Namespaces to match for Probe discovery. An empty label + // selector matches all namespaces. A null label selector matches the + // current namespace only. + ProbeNamespaceSelector *metav1.LabelSelector `json:"probeNamespaceSelector,omitempty"` + + // *Experimental* ScrapeConfigs to be selected for target discovery. An + // empty label selector matches all objects. A null label selector matches + // no objects. + // + // If `spec.serviceMonitorSelector`, `spec.podMonitorSelector`, `spec.probeSelector` + // and `spec.scrapeConfigSelector` are null, the Prometheus configuration is unmanaged. + // The Prometheus operator will ensure that the Prometheus configuration's + // Secret exists, but it is the responsibility of the user to provide the raw + // gzipped Prometheus configuration under the `prometheus.yaml.gz` key. + // This behavior is *deprecated* and will be removed in the next major version + // of the custom resource definition. It is recommended to use + // `spec.additionalScrapeConfigs` instead. + ScrapeConfigSelector *metav1.LabelSelector `json:"scrapeConfigSelector,omitempty"` + // Namespaces to match for ScrapeConfig discovery. An empty label selector + // matches all namespaces. A null label selector matches the current + // current namespace only. + ScrapeConfigNamespaceSelector *metav1.LabelSelector `json:"scrapeConfigNamespaceSelector,omitempty"` + + // Version of Prometheus being deployed. The operator uses this information + // to generate the Prometheus StatefulSet + configuration files. + // + // If not specified, the operator assumes the latest upstream version of + // Prometheus available at the time when the version of the operator was + // released. + Version string `json:"version,omitempty"` + + // When a Prometheus deployment is paused, no actions except for deletion + // will be performed on the underlying objects. + Paused bool `json:"paused,omitempty"` + + // Container image name for Prometheus. If specified, it takes precedence + // over the `spec.baseImage`, `spec.tag` and `spec.sha` fields. + // + // Specifying `spec.version` is still necessary to ensure the Prometheus + // Operator knows which version of Prometheus is being configured. + // + // If neither `spec.image` nor `spec.baseImage` are defined, the operator + // will use the latest upstream version of Prometheus available at the time + // when the operator was released. + // + // +optional + Image *string `json:"image,omitempty"` + // Image pull policy for the 'prometheus', 'init-config-reloader' and 'config-reloader' containers. + // See https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy for more details. + // +kubebuilder:validation:Enum="";Always;Never;IfNotPresent + ImagePullPolicy v1.PullPolicy `json:"imagePullPolicy,omitempty"` + // An optional list of references to Secrets in the same namespace + // to use for pulling images from registries. + // See http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod + ImagePullSecrets []v1.LocalObjectReference `json:"imagePullSecrets,omitempty"` + + // Number of replicas of each shard to deploy for a Prometheus deployment. + // `spec.replicas` multiplied by `spec.shards` is the total number of Pods + // created. + // + // Default: 1 + // +optional + Replicas *int32 `json:"replicas,omitempty"` + // EXPERIMENTAL: Number of shards to distribute targets onto. `spec.replicas` + // multiplied by `spec.shards` is the total number of Pods created. + // + // Note that scaling down shards will not reshard data onto remaining + // instances, it must be manually moved. Increasing shards will not reshard + // data either but it will continue to be available from the same + // instances. To query globally, use Thanos sidecar and Thanos querier or + // remote write data to a central location. + // + // Sharding is performed on the content of the `__address__` target meta-label + // for PodMonitors and ServiceMonitors and `__param_target__` for Probes. + // + // Default: 1 + // +optional + Shards *int32 `json:"shards,omitempty"` + + // Name of Prometheus external label used to denote the replica name. + // The external label will _not_ be added when the field is set to the + // empty string (`""`). + // + // Default: "prometheus_replica" + // +optional + ReplicaExternalLabelName *string `json:"replicaExternalLabelName,omitempty"` + // Name of Prometheus external label used to denote the Prometheus instance + // name. The external label will _not_ be added when the field is set to + // the empty string (`""`). + // + // Default: "prometheus" + // +optional + PrometheusExternalLabelName *string `json:"prometheusExternalLabelName,omitempty"` + + // Log level for Prometheus and the config-reloader sidecar. + //+kubebuilder:validation:Enum="";debug;info;warn;error + LogLevel string `json:"logLevel,omitempty"` + // Log format for Log level for Prometheus and the config-reloader sidecar. + //+kubebuilder:validation:Enum="";logfmt;json + LogFormat string `json:"logFormat,omitempty"` + + // Interval between consecutive scrapes. + // + // Default: "30s" + // +kubebuilder:default:="30s" + ScrapeInterval Duration `json:"scrapeInterval,omitempty"` + // Number of seconds to wait until a scrape request times out. + ScrapeTimeout Duration `json:"scrapeTimeout,omitempty"` + + // The labels to add to any time series or alerts when communicating with + // external systems (federation, remote storage, Alertmanager). + // Labels defined by `spec.replicaExternalLabelName` and + // `spec.prometheusExternalLabelName` take precedence over this list. + ExternalLabels map[string]string `json:"externalLabels,omitempty"` + + // Enable Prometheus to be used as a receiver for the Prometheus remote + // write protocol. + // + // WARNING: This is not considered an efficient way of ingesting samples. + // Use it with caution for specific low-volume use cases. + // It is not suitable for replacing the ingestion via scraping and turning + // Prometheus into a push-based metrics collection system. + // For more information see https://prometheus.io/docs/prometheus/latest/querying/api/#remote-write-receiver + // + // It requires Prometheus >= v2.33.0. + EnableRemoteWriteReceiver bool `json:"enableRemoteWriteReceiver,omitempty"` + + // Enable access to Prometheus feature flags. By default, no features are enabled. + // + // Enabling features which are disabled by default is entirely outside the + // scope of what the maintainers will support and by doing so, you accept + // that this behaviour may break at any time without notice. + // + // For more information see https://prometheus.io/docs/prometheus/latest/feature_flags/ + EnableFeatures []string `json:"enableFeatures,omitempty"` + + // The external URL under which the Prometheus service is externally + // available. This is necessary to generate correct URLs (for instance if + // Prometheus is accessible behind an Ingress resource). + ExternalURL string `json:"externalUrl,omitempty"` + // The route prefix Prometheus registers HTTP handlers for. + // + // This is useful when using `spec.externalURL`, and a proxy is rewriting + // HTTP routes of a request, and the actual ExternalURL is still true, but + // the server serves requests under a different route prefix. For example + // for use with `kubectl proxy`. + RoutePrefix string `json:"routePrefix,omitempty"` + + // Storage defines the storage used by Prometheus. + Storage *StorageSpec `json:"storage,omitempty"` + + // Volumes allows the configuration of additional volumes on the output + // StatefulSet definition. Volumes specified will be appended to other + // volumes that are generated as a result of StorageSpec objects. + Volumes []v1.Volume `json:"volumes,omitempty"` + // VolumeMounts allows the configuration of additional VolumeMounts. + // + // VolumeMounts will be appended to other VolumeMounts in the 'prometheus' + // container, that are generated as a result of StorageSpec objects. + VolumeMounts []v1.VolumeMount `json:"volumeMounts,omitempty"` + + // Defines the configuration of the Prometheus web server. + Web *PrometheusWebSpec `json:"web,omitempty"` + + // Defines the resources requests and limits of the 'prometheus' container. + Resources v1.ResourceRequirements `json:"resources,omitempty"` + + // Defines on which Nodes the Pods are scheduled. + NodeSelector map[string]string `json:"nodeSelector,omitempty"` + + // ServiceAccountName is the name of the ServiceAccount to use to run the + // Prometheus Pods. + ServiceAccountName string `json:"serviceAccountName,omitempty"` + + // Secrets is a list of Secrets in the same namespace as the Prometheus + // object, which shall be mounted into the Prometheus Pods. + // Each Secret is added to the StatefulSet definition as a volume named `secret-`. + // The Secrets are mounted into /etc/prometheus/secrets/ in the 'prometheus' container. + Secrets []string `json:"secrets,omitempty"` + // ConfigMaps is a list of ConfigMaps in the same namespace as the Prometheus + // object, which shall be mounted into the Prometheus Pods. + // Each ConfigMap is added to the StatefulSet definition as a volume named `configmap-`. + // The ConfigMaps are mounted into /etc/prometheus/configmaps/ in the 'prometheus' container. + ConfigMaps []string `json:"configMaps,omitempty"` + + // Defines the Pods' affinity scheduling rules if specified. + // +optional + Affinity *v1.Affinity `json:"affinity,omitempty"` + // Defines the Pods' tolerations if specified. + // +optional + Tolerations []v1.Toleration `json:"tolerations,omitempty"` + // Defines the pod's topology spread constraints if specified. + //+optional + TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` + + // Defines the list of remote write configurations. + // +optional + RemoteWrite []RemoteWriteSpec `json:"remoteWrite,omitempty"` + + // SecurityContext holds pod-level security attributes and common container settings. + // This defaults to the default PodSecurityContext. + // +optional + SecurityContext *v1.PodSecurityContext `json:"securityContext,omitempty"` + + // When true, the Prometheus server listens on the loopback address + // instead of the Pod IP's address. + ListenLocal bool `json:"listenLocal,omitempty"` + + // Containers allows injecting additional containers or modifying operator + // generated containers. This can be used to allow adding an authentication + // proxy to the Pods or to change the behavior of an operator generated + // container. Containers described here modify an operator generated + // container if they share the same name and modifications are done via a + // strategic merge patch. + // + // The names of containers managed by the operator are: + // * `prometheus` + // * `config-reloader` + // * `thanos-sidecar` + // + // Overriding containers is entirely outside the scope of what the + // maintainers will support and by doing so, you accept that this behaviour + // may break at any time without notice. + // +optional + Containers []v1.Container `json:"containers,omitempty"` + // InitContainers allows injecting initContainers to the Pod definition. Those + // can be used to e.g. fetch secrets for injection into the Prometheus + // configuration from external sources. Any errors during the execution of + // an initContainer will lead to a restart of the Pod. More info: + // https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ + // InitContainers described here modify an operator generated init + // containers if they share the same name and modifications are done via a + // strategic merge patch. + // + // The names of init container name managed by the operator are: + // * `init-config-reloader`. + // + // Overriding init containers is entirely outside the scope of what the + // maintainers will support and by doing so, you accept that this behaviour + // may break at any time without notice. + // +optional + InitContainers []v1.Container `json:"initContainers,omitempty"` + + // AdditionalScrapeConfigs allows specifying a key of a Secret containing + // additional Prometheus scrape configurations. Scrape configurations + // specified are appended to the configurations generated by the Prometheus + // Operator. Job configurations specified must have the form as specified + // in the official Prometheus documentation: + // https://prometheus.io/docs/prometheus/latest/configuration/configuration/#scrape_config. + // As scrape configs are appended, the user is responsible to make sure it + // is valid. Note that using this feature may expose the possibility to + // break upgrades of Prometheus. It is advised to review Prometheus release + // notes to ensure that no incompatible scrape configs are going to break + // Prometheus after the upgrade. + // +optional + AdditionalScrapeConfigs *v1.SecretKeySelector `json:"additionalScrapeConfigs,omitempty"` + + // APIServerConfig allows specifying a host and auth methods to access the + // Kuberntees API server. + // If null, Prometheus is assumed to run inside of the cluster: it will + // discover the API servers automatically and use the Pod's CA certificate + // and bearer token file at /var/run/secrets/kubernetes.io/serviceaccount/. + // +optional + APIServerConfig *APIServerConfig `json:"apiserverConfig,omitempty"` + + // Priority class assigned to the Pods. + PriorityClassName string `json:"priorityClassName,omitempty"` + // Port name used for the pods and governing service. + // Default: "web" + // +kubebuilder:default:="web" + PortName string `json:"portName,omitempty"` + + // When true, ServiceMonitor, PodMonitor and Probe object are forbidden to + // reference arbitrary files on the file system of the 'prometheus' + // container. + // When a ServiceMonitor's endpoint specifies a `bearerTokenFile` value + // (e.g. '/var/run/secrets/kubernetes.io/serviceaccount/token'), a + // malicious target can get access to the Prometheus service account's + // token in the Prometheus' scrape request. Setting + // `spec.arbitraryFSAccessThroughSM` to 'true' would prevent the attack. + // Users should instead provide the credentials using the + // `spec.bearerTokenSecret` field. + ArbitraryFSAccessThroughSMs ArbitraryFSAccessThroughSMsConfig `json:"arbitraryFSAccessThroughSMs,omitempty"` + + // When true, Prometheus resolves label conflicts by renaming the labels in + // the scraped data to "exported_