diff --git a/go.mod b/go.mod index c426071e..47d21920 100644 --- a/go.mod +++ b/go.mod @@ -114,7 +114,7 @@ require ( ) replace ( - github.com/openshift/assisted-service/api => github.com/openshift/assisted-service/api v0.0.0-20250402200652-1dc66326d304 + github.com/openshift/assisted-service/api => github.com/openshift/assisted-service/api v0.0.0-20251008122257-ed1e53465867 github.com/openshift/assisted-service/models => github.com/openshift/assisted-service/models v0.0.0-20250410153519-abd01432ec2c github.com/openshift/cluster-api-provider-agent/api => ./api diff --git a/go.sum b/go.sum index 931ae3a2..b6e9567d 100644 --- a/go.sum +++ b/go.sum @@ -322,8 +322,8 @@ github.com/openshift/api v0.0.0-20240830023148-b7d0481c9094 h1:J1wuGhVxpsHykZBa6 github.com/openshift/api v0.0.0-20240830023148-b7d0481c9094/go.mod h1:CxgbWAlvu2iQB0UmKTtRu1YfepRg1/vJ64n2DlIEVz4= github.com/openshift/assisted-service v1.0.10-0.20250410153519-abd01432ec2c h1:TQ7lKJQM5nJlcoEympbRGp748529vX8hU3O6a5uhQKY= github.com/openshift/assisted-service v1.0.10-0.20250410153519-abd01432ec2c/go.mod h1:EB6r8AnHTH3mePBNEbGbvS0AwJSaU6Zv292vOCraccw= -github.com/openshift/assisted-service/api v0.0.0-20250402200652-1dc66326d304 h1:fFM6tmQwk69RqPeA4VmLouqw0lXLymZHPeXwpkO/51E= -github.com/openshift/assisted-service/api v0.0.0-20250402200652-1dc66326d304/go.mod h1:tvE25aC7I07Uz2jUt7gH2E8+a1Rw4W7qtW6/EFb8l64= +github.com/openshift/assisted-service/api v0.0.0-20251008122257-ed1e53465867 h1:jPKkB5YRx7jO2SeXAw3yZXeNe680NrO+YVkQL7a7biU= +github.com/openshift/assisted-service/api v0.0.0-20251008122257-ed1e53465867/go.mod h1:wA7MaLcf/KoUl7fhB1bHBdhRBLjWPih90sHpxOV6ZLE= github.com/openshift/assisted-service/models v0.0.0-20250410153519-abd01432ec2c h1:Qp33+OI0/GYwXi3CVVatVYZE0jHJEnUxuvbMnzQHTCE= github.com/openshift/assisted-service/models v0.0.0-20250410153519-abd01432ec2c/go.mod h1:bx9NsPeBkhn7az/qFHo3hW8wFqFj4BmT3g1R7wR9gcw= github.com/openshift/custom-resource-status v1.1.3-0.20220503160415-f2fdb4999d87 h1:cHyxR+Y8rAMT6m1jQCaYGRwikqahI0OjjUDhFNf3ySQ= diff --git a/vendor/github.com/openshift/assisted-service/api/hiveextension/v1beta1/agentclusterinstall_types.go b/vendor/github.com/openshift/assisted-service/api/hiveextension/v1beta1/agentclusterinstall_types.go index 79f70b1a..69fe63c7 100644 --- a/vendor/github.com/openshift/assisted-service/api/hiveextension/v1beta1/agentclusterinstall_types.go +++ b/vendor/github.com/openshift/assisted-service/api/hiveextension/v1beta1/agentclusterinstall_types.go @@ -22,7 +22,7 @@ const ( ClusterInstallationStoppedReason string = "ClusterInstallationStopped" ClusterInstallationStoppedMsg string = "The cluster installation stopped" ClusterInsufficientAgentsReason string = "InsufficientAgents" - ClusterInsufficientAgentsMsg string = "The cluster currently requires exactly %d master agents and %d worker agents, but currently registered %d master agents and %d worker agents" + ClusterInsufficientAgentsMsg string = "The cluster currently requires exactly %d master agents, %d arbiter agents and %d worker agents, but currently registered %d master agents, %d arbiter agents and %d worker agents" ClusterUnapprovedAgentsReason string = "UnapprovedAgents" ClusterUnapprovedAgentsMsg string = "The installation is pending on the approval of %d agents" ClusterUnsyncedAgentsReason string = "UnsyncedAgents" @@ -151,6 +151,11 @@ type AgentClusterInstallSpec struct { // +optional Compute []AgentMachinePool `json:"compute,omitempty"` + // Arbiter is the configuration for the machines that have the + // arbiter role. + // +optional + Arbiter *AgentMachinePool `json:"arbiter,omitempty"` + // APIVIP is the virtual IP used to reach the OpenShift cluster's API. // +optional APIVIP string `json:"apiVIP,omitempty"` @@ -373,6 +378,12 @@ type ProvisionRequirements struct { // +kubebuilder:validation:Minimum=0 // +optional WorkerAgents int `json:"workerAgents,omitempty"` + + // ArbiterAgents is the minimum number of matching approved and ready Agents with the arbiter role + // required to launch the install. + // +kubebuilder:validation:Minimum=0 + // +optional + ArbiterAgents int `json:"arbiterAgents,omitempty"` } // HyperthreadingMode is the mode of hyperthreading for a machine. @@ -387,8 +398,9 @@ const ( ) const ( - MasterAgentMachinePool string = "master" - WorkerAgentMachinePool string = "worker" + MasterAgentMachinePool string = "master" + ArbiterAgentMachinePool string = "arbiter" + WorkerAgentMachinePool string = "worker" ) // PlatformType is a specific supported infrastructure provider. @@ -462,7 +474,7 @@ type DiskEncryption struct { // Enable/disable disk encryption on master nodes, worker nodes, or all nodes. // // +kubebuilder:default=none - // +kubebuilder:validation:Enum=none;all;masters;workers + // +kubebuilder:validation:Enum=none;all;masters;arbiters;workers;"masters,arbiters";"masters,workers";"arbiters,workers";"masters,arbiters,workers" EnableOn *string `json:"enableOn,omitempty"` // The disk encryption mode to use. diff --git a/vendor/github.com/openshift/assisted-service/api/hiveextension/v1beta1/zz_generated.deepcopy.go b/vendor/github.com/openshift/assisted-service/api/hiveextension/v1beta1/zz_generated.deepcopy.go index 87f61de0..99420e92 100644 --- a/vendor/github.com/openshift/assisted-service/api/hiveextension/v1beta1/zz_generated.deepcopy.go +++ b/vendor/github.com/openshift/assisted-service/api/hiveextension/v1beta1/zz_generated.deepcopy.go @@ -122,6 +122,11 @@ func (in *AgentClusterInstallSpec) DeepCopyInto(out *AgentClusterInstallSpec) { *out = make([]AgentMachinePool, len(*in)) copy(*out, *in) } + if in.Arbiter != nil { + in, out := &in.Arbiter, &out.Arbiter + *out = new(AgentMachinePool) + **out = **in + } if in.APIVIPs != nil { in, out := &in.APIVIPs, &out.APIVIPs *out = make([]string, len(*in)) diff --git a/vendor/github.com/openshift/assisted-service/api/v1beta1/agent_types.go b/vendor/github.com/openshift/assisted-service/api/v1beta1/agent_types.go index cf8fd2e7..2d773602 100644 --- a/vendor/github.com/openshift/assisted-service/api/v1beta1/agent_types.go +++ b/vendor/github.com/openshift/assisted-service/api/v1beta1/agent_types.go @@ -259,6 +259,15 @@ type AgentStatus struct { // DeprovisionInfo stores data related to the agent's previous cluster binding in order to clean up when the agent re-registers // +optional DeprovisionInfo *AgentDeprovisionInfo `json:"deprovision_info,omitempty"` + + // CSRStatus tracks the status of CSR approvals for the agent + CSRStatus CSRStatus `json:"csrStatus,omitempty"` + + // Kind corresponds to the same field in the model Host. It indicates the type of cluster the host is + // being installed to; either an existing cluster (day-2) or a new cluster (day-1). + // Value is one of: "AddToExistingClusterHost" (day-2) or "Host" (day-1) + // +optional + Kind string `json:"kind,omitempty"` } type DebugInfo struct { @@ -276,6 +285,30 @@ type DebugInfo struct { StateInfo string `json:"stateInfo,omitempty"` } +// CSRType represents the type of CSR +type CSRType string + +const ( + CSRTypeClient CSRType = "client" + CSRTypeServing CSRType = "serving" +) + +// CSRInfo tracks information about an approved CSR +type CSRInfo struct { + Name string `json:"name"` + Type CSRType `json:"type"` + ApprovedAt metav1.Time `json:"approvedAt"` +} + +// CSRStatus tracks the status of CSR approvals for the agent +type CSRStatus struct { + // CSRs that have been approved for the agent by the assisted-service + ApprovedCSRs []CSRInfo `json:"approvedCSRs,omitempty"` + + // Last time we attempted a CSR approval + LastApprovalAttempt metav1.Time `json:"lastApprovalAttempt,omitempty"` +} + // +kubebuilder:object:root=true // +kubebuilder:subresource:status // +kubebuilder:printcolumn:name="Cluster",type="string",JSONPath=".spec.clusterDeploymentName.name",description="The name of the cluster the Agent registered to." diff --git a/vendor/github.com/openshift/assisted-service/api/v1beta1/agentserviceconfig_types.go b/vendor/github.com/openshift/assisted-service/api/v1beta1/agentserviceconfig_types.go index 92d96aee..4c201832 100644 --- a/vendor/github.com/openshift/assisted-service/api/v1beta1/agentserviceconfig_types.go +++ b/vendor/github.com/openshift/assisted-service/api/v1beta1/agentserviceconfig_types.go @@ -147,6 +147,12 @@ type Ingress struct { ClassName *string `json:"className,omitempty"` } +// Annotations +const ( + PVCPrefixAnnotation = "unsupported.agent-install.openshift.io/assisted-service-pvc-prefix" + SecretsPrefixAnnotation = "unsupported.agent-install.openshift.io/assisted-service-secrets-prefix" +) + // ConditionType related to our reconcile loop in addition to all the reasons // why ConditionStatus could be true or false. const ( @@ -228,6 +234,8 @@ const ( ReasonKonnectivityAgentFailure string = "KonnectivityAgentFailure" // ReasonOSImageCACertRefFailure when there has been a failure resolving the OS image CA using OSImageCACertRef. ReasonOSImageCACertRefFailure string = "OSImageCACertRefFailure" + // ReasonOSImagesShouldBeEmptyFailure when OSImages are not empty but image service is disabled. + ReasonOSImagesShouldBeEmptyFailure string = "OSImagesShouldBeEmptyFailure" // ReasonMonitoringFailure indicates there was a failure monitoring operand status ReasonMonitoringFailure string = "MonitoringFailure" // ReasonKubernetesIngressMissing indicates the user has not provided the required configuration for kubernetes ingress @@ -241,11 +249,14 @@ const ( IPXEHTTPRouteDisabled string = "disabled" // ReasonOSImageAdditionalParamsRefFailure when there has been a failure resolving the OS image additional params secret using OSImageAdditionalParamsRef. ReasonOSImageAdditionalParamsRefFailure string = "ReasonOSImageAdditionalParamsRefFailure" + // ReasonImmutableAnnotationFailure when there has been a failure validating immutable annotations. + ReasonImmutableAnnotationFailure string = "ImmutableAnnotationFailure" ) // AgentServiceConfigStatus defines the observed state of AgentServiceConfig type AgentServiceConfigStatus struct { Conditions []conditionsv1.Condition `json:"conditions,omitempty"` + ImmutableAnnotations map[string]string `json:"immutableAnnotations,omitempty"` } // +kubebuilder:object:root=true diff --git a/vendor/github.com/openshift/assisted-service/api/v1beta1/infraenv_types.go b/vendor/github.com/openshift/assisted-service/api/v1beta1/infraenv_types.go index ba00682e..776af089 100644 --- a/vendor/github.com/openshift/assisted-service/api/v1beta1/infraenv_types.go +++ b/vendor/github.com/openshift/assisted-service/api/v1beta1/infraenv_types.go @@ -25,11 +25,15 @@ import ( ) const ( - ImageCreatedReason = "ImageCreated" - ImageStateCreated = "Image has been created" - ImageCreationErrorReason = "ImageCreationError" - ImageStateFailedToCreate = "Failed to create image" - InfraEnvNameLabel = "infraenvs.agent-install.openshift.io" + ImageCreatedReason = "ImageCreated" + ImageStateCreated = "Image has been created" + ImageCreationErrorReason = "ImageCreationError" + ImageStateFailedToCreate = "Failed to create image" + InfraEnvNameLabel = "infraenvs.agent-install.openshift.io" + MissingClusterDeploymentReason = "MissingClusterDeployment" + MissingClusterDeploymentReference = "ClusterDeployment is missing" + InfraEnvAvailableReason = "InfraEnvAvailable" + InfraEnvAvailableMessage = "InfraEnv is available" ) // ClusterReference represents a Cluster Reference. It has enough information to retrieve cluster @@ -44,7 +48,9 @@ type ClusterReference struct { } const ( - ImageCreatedCondition conditionsv1.ConditionType = "ImageCreated" + ImageCreatedCondition conditionsv1.ConditionType = "ImageCreated" + ClusterDeploymentReference conditionsv1.ConditionType = "ClusterDeploymentReference" + ) type InfraEnvSpec struct { diff --git a/vendor/github.com/openshift/assisted-service/api/v1beta1/zz_generated.deepcopy.go b/vendor/github.com/openshift/assisted-service/api/v1beta1/zz_generated.deepcopy.go index 5725582c..b07dd6dc 100644 --- a/vendor/github.com/openshift/assisted-service/api/v1beta1/zz_generated.deepcopy.go +++ b/vendor/github.com/openshift/assisted-service/api/v1beta1/zz_generated.deepcopy.go @@ -325,6 +325,13 @@ func (in *AgentServiceConfigStatus) DeepCopyInto(out *AgentServiceConfigStatus) (*in)[i].DeepCopyInto(&(*out)[i]) } } + if in.ImmutableAnnotations != nil { + in, out := &in.ImmutableAnnotations, &out.ImmutableAnnotations + *out = make(map[string]string, len(*in)) + for key, val := range *in { + (*out)[key] = val + } + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AgentServiceConfigStatus. @@ -415,6 +422,7 @@ func (in *AgentStatus) DeepCopyInto(out *AgentStatus) { *out = new(AgentDeprovisionInfo) **out = **in } + in.CSRStatus.DeepCopyInto(&out.CSRStatus) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AgentStatus. @@ -442,6 +450,45 @@ func (in *BootArtifacts) DeepCopy() *BootArtifacts { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CSRInfo) DeepCopyInto(out *CSRInfo) { + *out = *in + in.ApprovedAt.DeepCopyInto(&out.ApprovedAt) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CSRInfo. +func (in *CSRInfo) DeepCopy() *CSRInfo { + if in == nil { + return nil + } + out := new(CSRInfo) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CSRStatus) DeepCopyInto(out *CSRStatus) { + *out = *in + if in.ApprovedCSRs != nil { + in, out := &in.ApprovedCSRs, &out.ApprovedCSRs + *out = make([]CSRInfo, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + in.LastApprovalAttempt.DeepCopyInto(&out.LastApprovalAttempt) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CSRStatus. +func (in *CSRStatus) DeepCopy() *CSRStatus { + if in == nil { + return nil + } + out := new(CSRStatus) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ClusterReference) DeepCopyInto(out *ClusterReference) { *out = *in diff --git a/vendor/modules.txt b/vendor/modules.txt index 297b80c3..23720642 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -222,7 +222,7 @@ github.com/openshift/api/config/v1 # github.com/openshift/assisted-service v1.0.10-0.20250410153519-abd01432ec2c ## explicit; go 1.21 github.com/openshift/assisted-service/pkg/validations -# github.com/openshift/assisted-service/api v0.0.0 => github.com/openshift/assisted-service/api v0.0.0-20250402200652-1dc66326d304 +# github.com/openshift/assisted-service/api v0.0.0 => github.com/openshift/assisted-service/api v0.0.0-20251008122257-ed1e53465867 ## explicit; go 1.21 github.com/openshift/assisted-service/api/common github.com/openshift/assisted-service/api/hiveextension/v1beta1 @@ -796,7 +796,7 @@ sigs.k8s.io/structured-merge-diff/v4/value ## explicit; go 1.12 sigs.k8s.io/yaml sigs.k8s.io/yaml/goyaml.v2 -# github.com/openshift/assisted-service/api => github.com/openshift/assisted-service/api v0.0.0-20250402200652-1dc66326d304 +# github.com/openshift/assisted-service/api => github.com/openshift/assisted-service/api v0.0.0-20251008122257-ed1e53465867 # github.com/openshift/assisted-service/models => github.com/openshift/assisted-service/models v0.0.0-20250410153519-abd01432ec2c # github.com/openshift/cluster-api-provider-agent/api => ./api # golang.org/x/oauth2 => github.com/openshift/golang-oauth2 v0.26.1-0.20250310184649-06a918c6239d