Skip to content

Commit

Permalink
Remove openshift dep on api
Browse files Browse the repository at this point in the history
Less deps the better!  Could be problematic for projects importing CDI and openshift.

Signed-off-by: Michael Henriksen <[email protected]>
  • Loading branch information
mhenriks committed Apr 9, 2024
1 parent eb6b76a commit 77d9cc7
Show file tree
Hide file tree
Showing 18 changed files with 843 additions and 11,612 deletions.
148 changes: 74 additions & 74 deletions api/openapi-spec/swagger.json
Original file line number Diff line number Diff line change
Expand Up @@ -2869,29 +2869,6 @@
}
}
},
"v1.CustomTLSProfile": {
"description": "CustomTLSProfile is a user-defined TLS security profile. Be extremely careful using a custom TLS profile as invalid configurations can be catastrophic.",
"type": "object",
"required": [
"ciphers",
"minTLSVersion"
],
"properties": {
"ciphers": {
"description": "ciphers is used to specify the cipher algorithms that are negotiated during the TLS handshake. Operators may remove entries their operands do not support. For example, to use DES-CBC3-SHA (yaml):\n\n ciphers:\n - DES-CBC3-SHA",
"type": "array",
"items": {
"type": "string",
"default": ""
}
},
"minTLSVersion": {
"description": "minTLSVersion is used to specify the minimal version of the TLS protocol that is negotiated during the TLS handshake. For example, to use TLS versions 1.1, 1.2 and 1.3 (yaml):\n\n minTLSVersion: VersionTLS11\n\nNOTE: currently the highest minTLSVersion allowed is VersionTLS12",
"type": "string",
"default": ""
}
}
},
"v1.DeleteOptions": {
"description": "DeleteOptions may be provided when deleting an API object.",
"type": "object",
Expand Down Expand Up @@ -2959,10 +2936,6 @@
}
}
},
"v1.IntermediateTLSProfile": {
"description": "IntermediateTLSProfile is a TLS security profile based on: https://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_.28default.29",
"type": "object"
},
"v1.LabelSelector": {
"description": "A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects.",
"type": "object",
Expand Down Expand Up @@ -3082,10 +3055,6 @@
}
}
},
"v1.ModernTLSProfile": {
"description": "ModernTLSProfile is a TLS security profile based on: https://wiki.mozilla.org/Security/Server_Side_TLS#Modern_compatibility",
"type": "object"
},
"v1.NodeAffinity": {
"description": "Node affinity is a group of node affinity scheduling rules.",
"type": "object",
Expand Down Expand Up @@ -3273,10 +3242,6 @@
}
}
},
"v1.OldTLSProfile": {
"description": "OldTLSProfile is a TLS security profile based on: https://wiki.mozilla.org/Security/Server_Side_TLS#Old_backward_compatibility",
"type": "object"
},
"v1.OwnerReference": {
"description": "OwnerReference contains enough information to let you identify an owning object. An owning object must be in the same namespace as the dependent, or be cluster-scoped, so there is no namespace field.",
"type": "object",
Expand Down Expand Up @@ -3657,44 +3622,6 @@
}
}
},
"v1.TLSSecurityProfile": {
"description": "TLSSecurityProfile defines the schema for a TLS security profile. This object is used by operators to apply TLS security settings to operands.",
"type": "object",
"properties": {
"custom": {
"description": "custom is a user-defined TLS security profile. Be extremely careful using a custom profile as invalid configurations can be catastrophic. An example custom profile looks like this:\n\n ciphers:\n - ECDHE-ECDSA-CHACHA20-POLY1305\n - ECDHE-RSA-CHACHA20-POLY1305\n - ECDHE-RSA-AES128-GCM-SHA256\n - ECDHE-ECDSA-AES128-GCM-SHA256\n minTLSVersion: VersionTLS11",
"$ref": "#/definitions/v1.CustomTLSProfile"
},
"intermediate": {
"description": "intermediate is a TLS security profile based on:\n\nhttps://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_.28recommended.29\n\nand looks like this (yaml):\n\n ciphers:\n - TLS_AES_128_GCM_SHA256\n - TLS_AES_256_GCM_SHA384\n - TLS_CHACHA20_POLY1305_SHA256\n - ECDHE-ECDSA-AES128-GCM-SHA256\n - ECDHE-RSA-AES128-GCM-SHA256\n - ECDHE-ECDSA-AES256-GCM-SHA384\n - ECDHE-RSA-AES256-GCM-SHA384\n - ECDHE-ECDSA-CHACHA20-POLY1305\n - ECDHE-RSA-CHACHA20-POLY1305\n - DHE-RSA-AES128-GCM-SHA256\n - DHE-RSA-AES256-GCM-SHA384\n minTLSVersion: VersionTLS12",
"$ref": "#/definitions/v1.IntermediateTLSProfile"
},
"modern": {
"description": "modern is a TLS security profile based on:\n\nhttps://wiki.mozilla.org/Security/Server_Side_TLS#Modern_compatibility\n\nand looks like this (yaml):\n\n ciphers:\n - TLS_AES_128_GCM_SHA256\n - TLS_AES_256_GCM_SHA384\n - TLS_CHACHA20_POLY1305_SHA256\n minTLSVersion: VersionTLS13\n\nNOTE: Currently unsupported.",
"$ref": "#/definitions/v1.ModernTLSProfile"
},
"old": {
"description": "old is a TLS security profile based on:\n\nhttps://wiki.mozilla.org/Security/Server_Side_TLS#Old_backward_compatibility\n\nand looks like this (yaml):\n\n ciphers:\n - TLS_AES_128_GCM_SHA256\n - TLS_AES_256_GCM_SHA384\n - TLS_CHACHA20_POLY1305_SHA256\n - ECDHE-ECDSA-AES128-GCM-SHA256\n - ECDHE-RSA-AES128-GCM-SHA256\n - ECDHE-ECDSA-AES256-GCM-SHA384\n - ECDHE-RSA-AES256-GCM-SHA384\n - ECDHE-ECDSA-CHACHA20-POLY1305\n - ECDHE-RSA-CHACHA20-POLY1305\n - DHE-RSA-AES128-GCM-SHA256\n - DHE-RSA-AES256-GCM-SHA384\n - DHE-RSA-CHACHA20-POLY1305\n - ECDHE-ECDSA-AES128-SHA256\n - ECDHE-RSA-AES128-SHA256\n - ECDHE-ECDSA-AES128-SHA\n - ECDHE-RSA-AES128-SHA\n - ECDHE-ECDSA-AES256-SHA384\n - ECDHE-RSA-AES256-SHA384\n - ECDHE-ECDSA-AES256-SHA\n - ECDHE-RSA-AES256-SHA\n - DHE-RSA-AES128-SHA256\n - DHE-RSA-AES256-SHA256\n - AES128-GCM-SHA256\n - AES256-GCM-SHA384\n - AES128-SHA256\n - AES256-SHA256\n - AES128-SHA\n - AES256-SHA\n - DES-CBC3-SHA\n minTLSVersion: VersionTLS10",
"$ref": "#/definitions/v1.OldTLSProfile"
},
"type": {
"description": "type is one of Old, Intermediate, Modern or Custom. Custom provides the ability to specify individual TLS security profile parameters. Old, Intermediate and Modern are TLS security profiles based on:\n\nhttps://wiki.mozilla.org/Security/Server_Side_TLS#Recommended_configurations\n\nThe profiles are intent based, so they may change over time as new ciphers are developed and existing ciphers are found to be insecure. Depending on precisely which ciphers are available to a process, the list may be reduced.\n\nNote that the Modern profile is currently not supported because it is not yet well adopted by common software libraries.",
"type": "string",
"default": ""
}
},
"x-kubernetes-unions": [
{
"discriminator": "type",
"fields-to-discriminateBy": {
"custom": "Custom",
"intermediate": "Intermediate",
"modern": "Modern",
"old": "Old"
}
}
]
},
"v1.Time": {
"description": "Time is a wrapper around time.Time which supports correct marshaling to YAML and JSON. Wrappers are provided for many of the factory methods that the time package offers.",
"type": "string",
Expand Down Expand Up @@ -3990,7 +3917,7 @@
},
"tlsSecurityProfile": {
"description": "TLSSecurityProfile is used by operators to apply cluster-wide TLS security settings to operands.",
"$ref": "#/definitions/v1.TLSSecurityProfile"
"$ref": "#/definitions/v1beta1.TLSSecurityProfile"
},
"uploadProxyURLOverride": {
"description": "Override the URL used when uploading to a DataVolume",
Expand Down Expand Up @@ -4199,6 +4126,29 @@
}
}
},
"v1beta1.CustomTLSProfile": {
"description": "CustomTLSProfile is a user-defined TLS security profile. Be extremely careful using a custom TLS profile as invalid configurations can be catastrophic.",
"type": "object",
"required": [
"ciphers",
"minTLSVersion"
],
"properties": {
"ciphers": {
"description": "ciphers is used to specify the cipher algorithms that are negotiated during the TLS handshake. Operators may remove entries their operands do not support. For example, to use DES-CBC3-SHA (yaml):\n\n ciphers:\n - DES-CBC3-SHA",
"type": "array",
"items": {
"type": "string",
"default": ""
}
},
"minTLSVersion": {
"description": "minTLSVersion is used to specify the minimal version of the TLS protocol that is negotiated during the TLS handshake. For example, to use TLS versions 1.1, 1.2 and 1.3 (yaml):\n\n minTLSVersion: VersionTLS11\n\nNOTE: currently the highest minTLSVersion allowed is VersionTLS12",
"type": "string",
"default": ""
}
}
},
"v1beta1.CustomizeComponents": {
"description": "CustomizeComponents defines patches for components deployed by the CDI operator.",
"type": "object",
Expand Down Expand Up @@ -5090,6 +5040,18 @@
}
}
},
"v1beta1.IntermediateTLSProfile": {
"description": "IntermediateTLSProfile is a TLS security profile based on: https://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_.28default.29",
"type": "object"
},
"v1beta1.ModernTLSProfile": {
"description": "ModernTLSProfile is a TLS security profile based on: https://wiki.mozilla.org/Security/Server_Side_TLS#Modern_compatibility",
"type": "object"
},
"v1beta1.OldTLSProfile": {
"description": "OldTLSProfile is a TLS security profile based on: https://wiki.mozilla.org/Security/Server_Side_TLS#Old_backward_compatibility",
"type": "object"
},
"v1beta1.StorageSpec": {
"description": "StorageSpec defines the Storage type specification",
"type": "object",
Expand Down Expand Up @@ -5138,6 +5100,44 @@
}
}
},
"v1beta1.TLSSecurityProfile": {
"description": "TLSSecurityProfile defines the schema for a TLS security profile. This object is used by operators to apply TLS security settings to operands.",
"type": "object",
"properties": {
"custom": {
"description": "custom is a user-defined TLS security profile. Be extremely careful using a custom profile as invalid configurations can be catastrophic. An example custom profile looks like this:\n\n ciphers:\n - ECDHE-ECDSA-CHACHA20-POLY1305\n - ECDHE-RSA-CHACHA20-POLY1305\n - ECDHE-RSA-AES128-GCM-SHA256\n - ECDHE-ECDSA-AES128-GCM-SHA256\n minTLSVersion: VersionTLS11",
"$ref": "#/definitions/v1beta1.CustomTLSProfile"
},
"intermediate": {
"description": "intermediate is a TLS security profile based on:\n\nhttps://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_.28recommended.29\n\nand looks like this (yaml):\n\n ciphers:\n - TLS_AES_128_GCM_SHA256\n - TLS_AES_256_GCM_SHA384\n - TLS_CHACHA20_POLY1305_SHA256\n - ECDHE-ECDSA-AES128-GCM-SHA256\n - ECDHE-RSA-AES128-GCM-SHA256\n - ECDHE-ECDSA-AES256-GCM-SHA384\n - ECDHE-RSA-AES256-GCM-SHA384\n - ECDHE-ECDSA-CHACHA20-POLY1305\n - ECDHE-RSA-CHACHA20-POLY1305\n - DHE-RSA-AES128-GCM-SHA256\n - DHE-RSA-AES256-GCM-SHA384\n minTLSVersion: VersionTLS12",
"$ref": "#/definitions/v1beta1.IntermediateTLSProfile"
},
"modern": {
"description": "modern is a TLS security profile based on:\n\nhttps://wiki.mozilla.org/Security/Server_Side_TLS#Modern_compatibility\n\nand looks like this (yaml):\n\n ciphers:\n - TLS_AES_128_GCM_SHA256\n - TLS_AES_256_GCM_SHA384\n - TLS_CHACHA20_POLY1305_SHA256\n minTLSVersion: VersionTLS13\n\nNOTE: Currently unsupported.",
"$ref": "#/definitions/v1beta1.ModernTLSProfile"
},
"old": {
"description": "old is a TLS security profile based on:\n\nhttps://wiki.mozilla.org/Security/Server_Side_TLS#Old_backward_compatibility\n\nand looks like this (yaml):\n\n ciphers:\n - TLS_AES_128_GCM_SHA256\n - TLS_AES_256_GCM_SHA384\n - TLS_CHACHA20_POLY1305_SHA256\n - ECDHE-ECDSA-AES128-GCM-SHA256\n - ECDHE-RSA-AES128-GCM-SHA256\n - ECDHE-ECDSA-AES256-GCM-SHA384\n - ECDHE-RSA-AES256-GCM-SHA384\n - ECDHE-ECDSA-CHACHA20-POLY1305\n - ECDHE-RSA-CHACHA20-POLY1305\n - DHE-RSA-AES128-GCM-SHA256\n - DHE-RSA-AES256-GCM-SHA384\n - DHE-RSA-CHACHA20-POLY1305\n - ECDHE-ECDSA-AES128-SHA256\n - ECDHE-RSA-AES128-SHA256\n - ECDHE-ECDSA-AES128-SHA\n - ECDHE-RSA-AES128-SHA\n - ECDHE-ECDSA-AES256-SHA384\n - ECDHE-RSA-AES256-SHA384\n - ECDHE-ECDSA-AES256-SHA\n - ECDHE-RSA-AES256-SHA\n - DHE-RSA-AES128-SHA256\n - DHE-RSA-AES256-SHA256\n - AES128-GCM-SHA256\n - AES256-GCM-SHA384\n - AES128-SHA256\n - AES256-SHA256\n - AES128-SHA\n - AES256-SHA\n - DES-CBC3-SHA\n minTLSVersion: VersionTLS10",
"$ref": "#/definitions/v1beta1.OldTLSProfile"
},
"type": {
"description": "type is one of Old, Intermediate, Modern or Custom. Custom provides the ability to specify individual TLS security profile parameters. Old, Intermediate and Modern are TLS security profiles based on:\n\nhttps://wiki.mozilla.org/Security/Server_Side_TLS#Recommended_configurations\n\nThe profiles are intent based, so they may change over time as new ciphers are developed and existing ciphers are found to be insecure. Depending on precisely which ciphers are available to a process, the list may be reduced.\n\nNote that the Modern profile is currently not supported because it is not yet well adopted by common software libraries.",
"type": "string",
"default": ""
}
},
"x-kubernetes-unions": [
{
"discriminator": "type",
"fields-to-discriminateBy": {
"custom": "Custom",
"intermediate": "Intermediate",
"modern": "Modern",
"old": "Old"
}
}
]
},
"v1beta1.UploadTokenRequest": {
"description": "UploadTokenRequest is the CR used to initiate a CDI upload",
"type": "object",
Expand Down
2 changes: 1 addition & 1 deletion hack/update-codegen.sh
Original file line number Diff line number Diff line change
Expand Up @@ -67,7 +67,7 @@ swagger-doc -in ${SCRIPT_ROOT}/staging/src/kubevirt.io/containerized-data-import
--output-package kubevirt.io/containerized-data-importer/pkg/apis/core/v1alpha1 \
--go-header-file ${SCRIPT_ROOT}/hack/custom-boilerplate.go.txt

openapi-gen --input-dirs k8s.io/apimachinery/pkg/api/resource,k8s.io/apimachinery/pkg/apis/meta/v1,k8s.io/apimachinery/pkg/runtime,k8s.io/api/core/v1,github.com/openshift/api/config/v1,github.com/openshift/custom-resource-status/conditions/v1,kubevirt.io/containerized-data-importer-api/pkg/apis/core/v1beta1,kubevirt.io/controller-lifecycle-operator-sdk/api \
openapi-gen --input-dirs k8s.io/apimachinery/pkg/api/resource,k8s.io/apimachinery/pkg/apis/meta/v1,k8s.io/apimachinery/pkg/runtime,k8s.io/api/core/v1,github.com/openshift/custom-resource-status/conditions/v1,kubevirt.io/containerized-data-importer-api/pkg/apis/core/v1beta1,kubevirt.io/controller-lifecycle-operator-sdk/api \
--output-base ${GOPATH} \
--output-package kubevirt.io/containerized-data-importer/pkg/apis/core/v1beta1 \
--go-header-file ${SCRIPT_ROOT}/hack/custom-boilerplate.go.txt
Expand Down
Loading

0 comments on commit 77d9cc7

Please sign in to comment.