diff --git a/go.mod b/go.mod index 9b5d81640..4c3ae3a23 100644 --- a/go.mod +++ b/go.mod @@ -42,7 +42,7 @@ require ( github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect github.com/modern-go/reflect2 v1.0.2 // indirect github.com/nxadm/tail v1.4.8 // indirect - github.com/openshift/api v0.0.0-20231012181603-8f468d7b55a8 + github.com/openshift/api v0.0.0-20231013202211-096c446e7f60 github.com/openshift/library-go v0.0.0-20231010152045-c91dd9756953 github.com/openshift/machine-config-operator v0.0.1-0.20230815171034-c2bb862bc08a github.com/pborman/uuid v1.2.1 @@ -136,6 +136,6 @@ require ( ) replace ( - github.com/openshift/api => github.com/openshift/api v0.0.0-20231012181603-8f468d7b55a8 + github.com/openshift/api => github.com/openshift/api v0.0.0-20231013202211-096c446e7f60 github.com/openshift/client-go => github.com/openshift/client-go v0.0.0-20231005121823-e81400b97c46 ) diff --git a/go.sum b/go.sum index b15cb7ccf..9116c06b6 100644 --- a/go.sum +++ b/go.sum @@ -202,6 +202,8 @@ github.com/openshift/api v0.0.0-20231002140248-174e989c9ee1 h1:a50eFxcKkdrH+tVjo github.com/openshift/api v0.0.0-20231002140248-174e989c9ee1/go.mod h1:qNtV0315F+f8ld52TLtPvrfivZpdimOzTi3kn9IVbtU= github.com/openshift/api v0.0.0-20231012181603-8f468d7b55a8 h1:x7k5FGR9J0/5qsDaXQjPz+zVydV4qX6pYBbGmdzSWxw= github.com/openshift/api v0.0.0-20231012181603-8f468d7b55a8/go.mod h1:qNtV0315F+f8ld52TLtPvrfivZpdimOzTi3kn9IVbtU= +github.com/openshift/api v0.0.0-20231013202211-096c446e7f60 h1:vaGyewNUE95Zo+GdK0HEorBlGm3MRa4AC8GUUqF5Ml8= +github.com/openshift/api v0.0.0-20231013202211-096c446e7f60/go.mod h1:qNtV0315F+f8ld52TLtPvrfivZpdimOzTi3kn9IVbtU= github.com/openshift/client-go v0.0.0-20230926161409-848405da69e1 h1:W1N/3nVciqmjPjn2xldHjb0AwwCQzlGxLvX5BCgE8H4= github.com/openshift/client-go v0.0.0-20230926161409-848405da69e1/go.mod h1:ihUJrhBcYAGYQrJu/gP2OMgfVds5f5z5kbeLNBqjHLo= github.com/openshift/client-go v0.0.0-20231005121823-e81400b97c46 h1:J7UsTNgyM1krYnfsmijowYqt5I4mDM1qxNAy4eEa0xc= diff --git a/vendor/github.com/openshift/api/config/v1/types_feature.go b/vendor/github.com/openshift/api/config/v1/types_feature.go index 4bae91db8..149dd1194 100644 --- a/vendor/github.com/openshift/api/config/v1/types_feature.go +++ b/vendor/github.com/openshift/api/config/v1/types_feature.go @@ -163,7 +163,7 @@ var FeatureSets = map[FeatureSet]*FeatureGateEnabledDisabled{ Disabled: []FeatureGateDescription{}, }, TechPreviewNoUpgrade: newDefaultFeatures(). - without(validatingAdmissionPolicy). + with(validatingAdmissionPolicy). with(csiDriverSharedResource). with(nodeSwap). with(machineAPIProviderOpenStack). diff --git a/vendor/github.com/openshift/api/operator/v1/0000_50_ingress-operator_00-ingresscontroller.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_50_ingress-operator_00-ingresscontroller.crd.yaml index a5be103ac..4ff57e35a 100644 --- a/vendor/github.com/openshift/api/operator/v1/0000_50_ingress-operator_00-ingresscontroller.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/0000_50_ingress-operator_00-ingresscontroller.crd.yaml @@ -507,11 +507,6 @@ spec: required: - type type: object - x-kubernetes-validations: - - message: container cannot be specified unless type is Container - rule: '!has(self.type) || self.type == "Container" || !has(self.container) || !has(self.container.maxLength) || self.container.maxLength == 1024' - - message: container and syslog cannot both be specified at the same time - rule: '!has(self.container) || !has(self.container.maxLength) || self.container.maxLength == 1024 || !has(self.syslog)' httpCaptureCookies: description: httpCaptureCookies specifies HTTP cookies that should be captured in access logs. If this field is empty, no cookies are captured. items: diff --git a/vendor/github.com/openshift/api/operator/v1/stable.ingresscontroller.testsuite.yaml b/vendor/github.com/openshift/api/operator/v1/stable.ingresscontroller.testsuite.yaml index 6a816ee72..903d8e60c 100644 --- a/vendor/github.com/openshift/api/operator/v1/stable.ingresscontroller.testsuite.yaml +++ b/vendor/github.com/openshift/api/operator/v1/stable.ingresscontroller.testsuite.yaml @@ -476,305 +476,3 @@ tests: set: value: DENY expectedError: 'IngressController.operator.openshift.io "default-not-allowed-values" is invalid: [spec.httpHeaders.actions.response[0].action.type: Required value, : Invalid value: "null": some validation rules were not checked because the object was invalid; correct the existing errors to complete validation]' - - - name: "Should require spec.logging.access.destination if spec.logging.access is not null" - initial: | - apiVersion: operator.openshift.io/v1 - kind: IngressController - metadata: - name: access-logging-null-destination - namespace: openshift-ingress-operator - spec: - logging: - access: {} - expectedError: "spec.logging.access.destination: Required value" - - name: "Should require spec.logging.access.destination.type if spec.logging.access.destination is not null" - initial: | - apiVersion: operator.openshift.io/v1 - kind: IngressController - metadata: - name: access-logging-empty-destination-type - namespace: openshift-ingress-operator - spec: - logging: - access: - destination: - container: {} - expectedError: "spec.logging.access.destination.type: Required value" - - name: "Should be able to specify empty spec.logging.access.destination.container with type: Container" - initial: | - apiVersion: operator.openshift.io/v1 - kind: IngressController - metadata: - name: container-logging-empty-settings - namespace: openshift-ingress-operator - spec: - logging: - access: - destination: - type: Container - container: {} - expected: | - apiVersion: operator.openshift.io/v1 - kind: IngressController - metadata: - name: container-logging-empty-settings - namespace: openshift-ingress-operator - spec: - httpEmptyRequestsPolicy: Respond - logging: - access: - destination: - type: Container - container: - maxLength: 1024 - logEmptyRequests: Log - - name: "Should be able to omit spec.logging.access.destination.container with type: Container" - initial: | - apiVersion: operator.openshift.io/v1 - kind: IngressController - metadata: - name: container-logging-null-settings - namespace: openshift-ingress-operator - spec: - logging: - access: - destination: - type: Container - expected: | - apiVersion: operator.openshift.io/v1 - kind: IngressController - metadata: - name: container-logging-null-settings - namespace: openshift-ingress-operator - spec: - httpEmptyRequestsPolicy: Respond - logging: - access: - destination: - type: Container - logEmptyRequests: Log - - name: "Should be able to specify spec.logging.access.destination.syslog with type: Syslog" - initial: | - apiVersion: operator.openshift.io/v1 - kind: IngressController - metadata: - name: syslog - namespace: openshift-ingress-operator - spec: - logging: - access: - destination: - type: Syslog - syslog: - address: 1.2.3.4 - port: 514 - expected: | - apiVersion: operator.openshift.io/v1 - kind: IngressController - metadata: - name: syslog - namespace: openshift-ingress-operator - spec: - httpEmptyRequestsPolicy: Respond - logging: - access: - destination: - type: Syslog - syslog: - address: 1.2.3.4 - maxLength: 1024 - port: 514 - logEmptyRequests: Log - - name: "Should not be able to specify empty spec.logging.access.destination.syslog with type: Syslog" - initial: | - apiVersion: operator.openshift.io/v1 - kind: IngressController - metadata: - name: syslog-empty-settings - namespace: openshift-ingress-operator - spec: - logging: - access: - destination: - type: Syslog - syslog: {} - expectedError: "address: Required value" - # OpenShift 4.5 added the access logging API without validation to prevent - # null spec.logging.access.destination.syslog with type: Syslog, so validation - # must forevermore allow this combination. (The ingress operator doesn't - # actually enable syslog logging if the syslog field is null.) - - name: "Should be able to omit spec.logging.access.destination.syslog with type: Syslog" - initial: | - apiVersion: operator.openshift.io/v1 - kind: IngressController - metadata: - name: syslog-null-settings - namespace: openshift-ingress-operator - spec: - logging: - access: - destination: - type: Syslog - expected: | - apiVersion: operator.openshift.io/v1 - kind: IngressController - metadata: - name: syslog-null-settings - namespace: openshift-ingress-operator - spec: - httpEmptyRequestsPolicy: Respond - logging: - access: - destination: - type: Syslog - logEmptyRequests: Log - # OpenShift 4.5 added the access logging API without validation to prevent - # specifying spec.logging.access.destination.syslog with type: Container, so - # validation must forevermore allow this combination. (The ingress operator - # enables container logging and ignores the syslog settings in this case.) - - name: "Should be able to specify spec.logging.access.destination.syslog with type: Container" - initial: | - apiVersion: operator.openshift.io/v1 - kind: IngressController - metadata: - name: container-logging-with-bogus-syslog-configuration - namespace: openshift-ingress-operator - spec: - logging: - access: - destination: - type: Container - container: {} - syslog: - address: 1.2.3.4 - maxLength: 1024 - port: 514 - expected: | - apiVersion: operator.openshift.io/v1 - kind: IngressController - metadata: - name: container-logging-with-bogus-syslog-configuration - namespace: openshift-ingress-operator - spec: - httpEmptyRequestsPolicy: Respond - logging: - access: - destination: - type: Container - container: - maxLength: 1024 - syslog: - address: 1.2.3.4 - maxLength: 1024 - port: 514 - logEmptyRequests: Log - - name: "Should be able to specify spec.logging.access.destination.container with type: Syslog" - initial: | - apiVersion: operator.openshift.io/v1 - kind: IngressController - metadata: - name: syslog-logging-with-bogus-container-configuration - namespace: openshift-ingress-operator - spec: - logging: - access: - destination: - type: Syslog - container: {} - syslog: - address: 1.2.3.4 - maxLength: 1024 - port: 514 - expected: | - apiVersion: operator.openshift.io/v1 - kind: IngressController - metadata: - name: syslog-logging-with-bogus-container-configuration - namespace: openshift-ingress-operator - spec: - httpEmptyRequestsPolicy: Respond - logging: - access: - destination: - type: Syslog - container: - maxLength: 1024 - syslog: - address: 1.2.3.4 - maxLength: 1024 - port: 514 - logEmptyRequests: Log - # OpenShift 4.14 added the spec.logging.access.destination.container.maxLength - # field. As noted above, we must allow - # spec.logging.access.destination.container when type: Syslog is specified. - # Also, due to defaulting, we must allow - # spec.logging.access.destination.container.maxLength with the default value - # because the default value gets set automatically when - # spec.logging.access.destination.container is not null. However, we do not - # need to allow spec.logging.access.destination.container.maxLength with a - # non-default value when type: Syslog is specified. - - name: "Should be able to specify the default value for spec.logging.access.destination.container.maxLength with type: Syslog" - initial: | - apiVersion: operator.openshift.io/v1 - kind: IngressController - metadata: - name: syslog-logging-with-default-container-maxlength - namespace: openshift-ingress-operator - spec: - logging: - access: - destination: - type: Syslog - container: - maxLength: 1024 - expected: | - apiVersion: operator.openshift.io/v1 - kind: IngressController - metadata: - name: syslog-logging-with-default-container-maxlength - namespace: openshift-ingress-operator - spec: - httpEmptyRequestsPolicy: Respond - logging: - access: - destination: - type: Syslog - container: - maxLength: 1024 - logEmptyRequests: Log - - name: "Should not be able to specify a non-default value for spec.logging.access.destination.container.maxLength with type: Syslog" - initial: | - apiVersion: operator.openshift.io/v1 - kind: IngressController - metadata: - name: syslog-logging-with-non-default-container-maxlength - namespace: openshift-ingress-operator - spec: - logging: - access: - destination: - type: Syslog - container: - maxLength: 2048 - expectedError: "container cannot be specified unless type is Container" - - name: "Should not be able to specify spec.logging.access.destination.syslog and a non-default value for spec.logging.access.destination.container.maxLength" - initial: | - apiVersion: operator.openshift.io/v1 - kind: IngressController - metadata: - name: container-logging-with-non-default-syslog-maxlength - namespace: openshift-ingress-operator - spec: - httpEmptyRequestsPolicy: Respond - logging: - access: - destination: - type: Container - container: - maxLength: 2048 - syslog: - address: 1.2.3.4 - maxLength: 1024 - port: 514 - expectedError: "container and syslog cannot both be specified at the same time" diff --git a/vendor/github.com/openshift/api/operator/v1/types_ingress.go b/vendor/github.com/openshift/api/operator/v1/types_ingress.go index c28b73ed9..3d9f512a9 100644 --- a/vendor/github.com/openshift/api/operator/v1/types_ingress.go +++ b/vendor/github.com/openshift/api/operator/v1/types_ingress.go @@ -1054,22 +1054,6 @@ type ContainerLoggingDestinationParameters struct { } // LoggingDestination describes a destination for log messages. -// + --- -// + We added the spec.logging.access.destination.container and -// + spec.logging.access.destination.syslog fields in OpenShift 4.5 without any -// + validation rules to prevent the user from specifying both fields at the -// + same time. Adding such validation rules in a subsequent release would -// + break API compatibility between releases. -// + -// + We added the spec.logging.access.destination.container.maxLength field in -// + OpenShift 4.14, and we added the following validation rules in the same -// + release, so they do not break compatibility between releases. Note that -// + API defaulting requires us to allow the default value for -// + container.maxLength if container is non-null even when type is Syslog. -// + -// +kubebuilder:validation:XValidation:rule=`!has(self.type) || self.type == "Container" || !has(self.container) || !has(self.container.maxLength) || self.container.maxLength == 1024`,message="container cannot be specified unless type is Container" -// +kubebuilder:validation:XValidation:rule=`!has(self.container) || !has(self.container.maxLength) || self.container.maxLength == 1024 || !has(self.syslog)`,message="container and syslog cannot both be specified at the same time" -// // +union type LoggingDestination struct { // type is the type of destination for logs. It must be one of the diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go index 96122157d..adf062fd2 100644 --- a/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go @@ -1012,7 +1012,7 @@ func (LoadBalancerStrategy) SwaggerDoc() map[string]string { } var map_LoggingDestination = map[string]string{ - "": "LoggingDestination describes a destination for log messages. ", + "": "LoggingDestination describes a destination for log messages.", "type": "type is the type of destination for logs. It must be one of the following:\n\n* Container\n\nThe ingress operator configures the sidecar container named \"logs\" on the ingress controller pod and configures the ingress controller to write logs to the sidecar. The logs are then available as container logs. The expectation is that the administrator configures a custom logging solution that reads logs from this sidecar. Note that using container logs means that logs may be dropped if the rate of logs exceeds the container runtime's or the custom logging solution's capacity.\n\n* Syslog\n\nLogs are sent to a syslog endpoint. The administrator must specify an endpoint that can receive syslog messages. The expectation is that the administrator has configured a custom syslog instance.", "syslog": "syslog holds parameters for a syslog endpoint. Present only if type is Syslog.", "container": "container holds parameters for the Container logging destination. Present only if type is Container.", diff --git a/vendor/modules.txt b/vendor/modules.txt index fa73d3304..3e5c7e41c 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -299,7 +299,7 @@ github.com/onsi/gomega/matchers/support/goraph/edge github.com/onsi/gomega/matchers/support/goraph/node github.com/onsi/gomega/matchers/support/goraph/util github.com/onsi/gomega/types -# github.com/openshift/api v0.0.0-20231012181603-8f468d7b55a8 => github.com/openshift/api v0.0.0-20231012181603-8f468d7b55a8 +# github.com/openshift/api v0.0.0-20231013202211-096c446e7f60 => github.com/openshift/api v0.0.0-20231013202211-096c446e7f60 ## explicit; go 1.20 github.com/openshift/api github.com/openshift/api/apiserver @@ -1217,5 +1217,5 @@ sigs.k8s.io/structured-merge-diff/v4/value # sigs.k8s.io/yaml v1.3.0 ## explicit; go 1.12 sigs.k8s.io/yaml -# github.com/openshift/api => github.com/openshift/api v0.0.0-20231012181603-8f468d7b55a8 +# github.com/openshift/api => github.com/openshift/api v0.0.0-20231013202211-096c446e7f60 # github.com/openshift/client-go => github.com/openshift/client-go v0.0.0-20231005121823-e81400b97c46