diff --git a/features.md b/features.md index 7f179942eeb..9f87a4e2a11 100644 --- a/features.md +++ b/features.md @@ -44,6 +44,7 @@ | KMSEncryptionProvider| | | Enabled | Enabled | Enabled | Enabled | | MachineAPIMigration| | | Enabled | Enabled | Enabled | Enabled | | ManagedBootImagesAzure| | | Enabled | Enabled | Enabled | Enabled | +| ManagedBootImagesCPMS| | | Enabled | Enabled | Enabled | Enabled | | ManagedBootImagesvSphere| | | Enabled | Enabled | Enabled | Enabled | | MaxUnavailableStatefulSet| | | Enabled | Enabled | Enabled | Enabled | | MinimumKubeletVersion| | | Enabled | Enabled | Enabled | Enabled | diff --git a/features/features.go b/features/features.go index 2d599ac0841..aa23e6d883e 100644 --- a/features/features.go +++ b/features/features.go @@ -393,6 +393,14 @@ var ( enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade). mustRegister() + FeatureGateManagedBootImagesCPMS = newFeatureGate("ManagedBootImagesCPMS"). + reportProblemsToJiraComponent("MachineConfigOperator"). + contactPerson("djoshy"). + productScope(ocpSpecific). + enhancementPR("https://github.com/openshift/enhancements/pull/1761"). + enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade). + mustRegister() + FeatureGateBootImageSkewEnforcement = newFeatureGate("BootImageSkewEnforcement"). reportProblemsToJiraComponent("MachineConfigOperator"). contactPerson("djoshy"). diff --git a/openapi/generated_openapi/zz_generated.openapi.go b/openapi/generated_openapi/zz_generated.openapi.go index 6cc903c6339..53576ca8df0 100644 --- a/openapi/generated_openapi/zz_generated.openapi.go +++ b/openapi/generated_openapi/zz_generated.openapi.go @@ -53881,7 +53881,7 @@ func schema_openshift_api_operator_v1_MachineManager(ref common.ReferenceCallbac Properties: map[string]spec.Schema{ "resource": { SchemaProps: spec.SchemaProps{ - Description: "resource is the machine management resource's type. The only current valid value is machinesets. machinesets means that the machine manager will only register resources of the kind MachineSet.", + Description: "resource is the machine management resource's type. Valid values are machinesets and controlplanemachinesets. machinesets means that the machine manager will only register resources of the kind MachineSet. controlplanemachinesets means that the machine manager will only register resources of the kind ControlPlaneMachineSet.", Default: "", Type: []string{"string"}, Format: "", diff --git a/openapi/openapi.json b/openapi/openapi.json index 570dc786036..357e54a68b9 100644 --- a/openapi/openapi.json +++ b/openapi/openapi.json @@ -31373,7 +31373,7 @@ "default": "" }, "resource": { - "description": "resource is the machine management resource's type. The only current valid value is machinesets. machinesets means that the machine manager will only register resources of the kind MachineSet.", + "description": "resource is the machine management resource's type. Valid values are machinesets and controlplanemachinesets. machinesets means that the machine manager will only register resources of the kind MachineSet. controlplanemachinesets means that the machine manager will only register resources of the kind ControlPlaneMachineSet.", "type": "string", "default": "" }, diff --git a/operator/v1/tests/machineconfigurations.operator.openshift.io/ManagedBootImagesCPMS.yaml b/operator/v1/tests/machineconfigurations.operator.openshift.io/ManagedBootImagesCPMS.yaml new file mode 100644 index 00000000000..ea46233f70a --- /dev/null +++ b/operator/v1/tests/machineconfigurations.operator.openshift.io/ManagedBootImagesCPMS.yaml @@ -0,0 +1,119 @@ +apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this +name: "MachineConfiguration" +crdName: machineconfigurations.operator.openshift.io +featureGates: +- ManagedBootImages +tests: + onCreate: + - name: Should be able to create a minimal MachineConfiguration + initial: | + apiVersion: operator.openshift.io/v1 + kind: MachineConfiguration + spec: {} # No spec is required for a MachineConfiguration + expected: | + apiVersion: operator.openshift.io/v1 + kind: MachineConfiguration + spec: + logLevel: Normal + operatorLogLevel: Normal + - name: Should be able to create an empty ManagedBootImages configuration knob + initial: | + apiVersion: operator.openshift.io/v1 + kind: MachineConfiguration + spec: + managedBootImages: + machineManagers: [] + expected: | + apiVersion: operator.openshift.io/v1 + kind: MachineConfiguration + spec: + logLevel: Normal + operatorLogLevel: Normal + managedBootImages: + machineManagers: [] + - name: Should be able to create a ManagedBootImages configuration knob that opts in all ControlPlaneMachineSets + initial: | + apiVersion: operator.openshift.io/v1 + kind: MachineConfiguration + spec: + managedBootImages: + machineManagers: + - resource: controlplanemachinesets + apiGroup: machine.openshift.io + selection: + mode: All + expected: | + apiVersion: operator.openshift.io/v1 + kind: MachineConfiguration + spec: + logLevel: Normal + operatorLogLevel: Normal + managedBootImages: + machineManagers: + - resource: controlplanemachinesets + apiGroup: machine.openshift.io + selection: + mode: All + - name: Should be able to create a ManagedBootImages configuration knob that opts in ControlPlaneMachineSets in partial mode + initial: | + apiVersion: operator.openshift.io/v1 + kind: MachineConfiguration + spec: + managedBootImages: + machineManagers: + - resource: controlplanemachinesets + apiGroup: machine.openshift.io + selection: + mode: Partial + partial: + machineResourceSelector: + matchLabels: {} + expected: | + apiVersion: operator.openshift.io/v1 + kind: MachineConfiguration + spec: + logLevel: Normal + operatorLogLevel: Normal + managedBootImages: + machineManagers: + - resource: controlplanemachinesets + apiGroup: machine.openshift.io + selection: + mode: Partial + partial: + machineResourceSelector: + matchLabels: {} + - name: Should not be able to add partial field if machineManager.selection.mode is not set to Partial + initial: | + apiVersion: operator.openshift.io/v1 + kind: MachineConfiguration + spec: + managedBootImages: + machineManagers: + - resource: controlplanemachinesets + apiGroup: machine.openshift.io + selection: + mode: All + partial: + machineResourceSelector: + matchLabels: {} + expectedError: "Partial is required when type is partial, and forbidden otherwise" + - name: Only one unique pair of resource/apigroup is allowed in machineManagers + initial: | + apiVersion: operator.openshift.io/v1 + kind: MachineConfiguration + spec: + managedBootImages: + machineManagers: + - resource: controlplanemachinesets + apiGroup: machine.openshift.io + selection: + mode: Partial + partial: + machineResourceSelector: + matchLabels: {} + - resource: controlplanemachinesets + apiGroup: machine.openshift.io + selection: + mode: All + expectedError: "spec.managedBootImages.machineManagers[1]: Duplicate value: map[string]interface {}{\"apiGroup\":\"machine.openshift.io\", \"resource\":\"machinesets\"}" diff --git a/operator/v1/types_machineconfiguration.go b/operator/v1/types_machineconfiguration.go index 2d88bcd7701..35c30081c73 100644 --- a/operator/v1/types_machineconfiguration.go +++ b/operator/v1/types_machineconfiguration.go @@ -135,8 +135,9 @@ type ManagedBootImages struct { // such as the resource type and the API Group of the resource. It also provides granular control via the selection field. type MachineManager struct { // resource is the machine management resource's type. - // The only current valid value is machinesets. + // Valid values are machinesets and controlplanemachinesets. // machinesets means that the machine manager will only register resources of the kind MachineSet. + // controlplanemachinesets means that the machine manager will only register resources of the kind ControlPlaneMachineSet. // +required Resource MachineManagerMachineSetsResourceType `json:"resource"` @@ -194,12 +195,15 @@ const ( // MachineManagerManagedResourceType is a string enum used in the MachineManager type to describe the resource // type to be registered. -// +kubebuilder:validation:Enum:="machinesets" +// +openshift:validation:FeatureGateAwareEnum:featureGate="",enum=machinesets +// +openshift:validation:FeatureGateAwareEnum:featureGate=ManagedBootImagesCPMS,enum=machinesets;controlplanemachinesets type MachineManagerMachineSetsResourceType string const ( // MachineSets represent the MachineSet resource type, which manage a group of machines and belong to the Openshift machine API group. MachineSets MachineManagerMachineSetsResourceType = "machinesets" + // ControlPlaneMachineSets represent the ControlPlaneMachineSets resource type, which manage a group of control-plane machines and belong to the Openshift machine API group. + ControlPlaneMachineSets MachineManagerMachineSetsResourceType = "controlplanemachinesets" ) // MachineManagerManagedAPIGroupType is a string enum used in in the MachineManager type to describe the APIGroup @@ -209,7 +213,7 @@ type MachineManagerMachineSetsAPIGroupType string const ( // MachineAPI represent the traditional MAPI Group that a machineset may belong to. - // This feature only supports MAPI machinesets at this time. + // This feature only supports MAPI machinesets and controlplanemachinesets at this time. MachineAPI MachineManagerMachineSetsAPIGroupType = "machine.openshift.io" ) diff --git a/operator/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigurations.crd.yaml b/operator/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigurations.crd.yaml index 7976d1dab41..5be900d6aac 100644 --- a/operator/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigurations.crd.yaml +++ b/operator/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigurations.crd.yaml @@ -102,10 +102,9 @@ spec: resource: description: |- resource is the machine management resource's type. - The only current valid value is machinesets. + Valid values are machinesets and controlplanemachinesets. machinesets means that the machine manager will only register resources of the kind MachineSet. - enum: - - machinesets + controlplanemachinesets means that the machine manager will only register resources of the kind ControlPlaneMachineSet. type: string selection: description: selection allows granular control of the machine @@ -733,10 +732,9 @@ spec: resource: description: |- resource is the machine management resource's type. - The only current valid value is machinesets. + Valid values are machinesets and controlplanemachinesets. machinesets means that the machine manager will only register resources of the kind MachineSet. - enum: - - machinesets + controlplanemachinesets means that the machine manager will only register resources of the kind ControlPlaneMachineSet. type: string selection: description: selection allows granular control of the machine diff --git a/operator/v1/zz_generated.featuregated-crd-manifests.yaml b/operator/v1/zz_generated.featuregated-crd-manifests.yaml index e9750a9242b..ab35f82e808 100644 --- a/operator/v1/zz_generated.featuregated-crd-manifests.yaml +++ b/operator/v1/zz_generated.featuregated-crd-manifests.yaml @@ -308,6 +308,7 @@ machineconfigurations.operator.openshift.io: Category: "" FeatureGates: - ManagedBootImages + - ManagedBootImagesCPMS FilenameOperatorName: machine-config FilenameOperatorOrdering: "01" FilenameRunLevel: "0000_80" diff --git a/operator/v1/zz_generated.featuregated-crd-manifests/machineconfigurations.operator.openshift.io/ManagedBootImages.yaml b/operator/v1/zz_generated.featuregated-crd-manifests/machineconfigurations.operator.openshift.io/ManagedBootImages.yaml index a6827e8f86c..666d86f1834 100644 --- a/operator/v1/zz_generated.featuregated-crd-manifests/machineconfigurations.operator.openshift.io/ManagedBootImages.yaml +++ b/operator/v1/zz_generated.featuregated-crd-manifests/machineconfigurations.operator.openshift.io/ManagedBootImages.yaml @@ -103,10 +103,9 @@ spec: resource: description: |- resource is the machine management resource's type. - The only current valid value is machinesets. + Valid values are machinesets and controlplanemachinesets. machinesets means that the machine manager will only register resources of the kind MachineSet. - enum: - - machinesets + controlplanemachinesets means that the machine manager will only register resources of the kind ControlPlaneMachineSet. type: string selection: description: selection allows granular control of the machine @@ -734,10 +733,9 @@ spec: resource: description: |- resource is the machine management resource's type. - The only current valid value is machinesets. + Valid values are machinesets and controlplanemachinesets. machinesets means that the machine manager will only register resources of the kind MachineSet. - enum: - - machinesets + controlplanemachinesets means that the machine manager will only register resources of the kind ControlPlaneMachineSet. type: string selection: description: selection allows granular control of the machine diff --git a/operator/v1/zz_generated.featuregated-crd-manifests/machineconfigurations.operator.openshift.io/ManagedBootImagesCPMS.yaml b/operator/v1/zz_generated.featuregated-crd-manifests/machineconfigurations.operator.openshift.io/ManagedBootImagesCPMS.yaml new file mode 100644 index 00000000000..785ac38974e --- /dev/null +++ b/operator/v1/zz_generated.featuregated-crd-manifests/machineconfigurations.operator.openshift.io/ManagedBootImagesCPMS.yaml @@ -0,0 +1,996 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/1453 + api.openshift.io/filename-cvo-runlevel: "0000_80" + api.openshift.io/filename-operator: machine-config + api.openshift.io/filename-ordering: "01" + feature-gate.release.openshift.io/ManagedBootImagesCPMS: "true" + name: machineconfigurations.operator.openshift.io +spec: + group: operator.openshift.io + names: + kind: MachineConfiguration + listKind: MachineConfigurationList + plural: machineconfigurations + singular: machineconfiguration + scope: Cluster + versions: + - name: v1 + schema: + openAPIV3Schema: + description: |- + MachineConfiguration provides information to configure an operator to manage Machine Configuration. + + Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: spec is the specification of the desired behavior of the + Machine Config Operator + properties: + failedRevisionLimit: + description: |- + failedRevisionLimit is the number of failed static pod installer revisions to keep on disk and in the api + -1 = unlimited, 0 or unset = 5 (default) + format: int32 + type: integer + forceRedeploymentReason: + description: |- + forceRedeploymentReason can be used to force the redeployment of the operand by providing a unique string. + This provides a mechanism to kick a previously failed deployment and provide a reason why you think it will work + this time instead of failing again on the same config. + type: string + logLevel: + default: Normal + description: |- + logLevel is an intent based logging for an overall component. It does not give fine grained control, but it is a + simple way to manage coarse grained logging choices that operators have to interpret for their operands. + + Valid values are: "Normal", "Debug", "Trace", "TraceAll". + Defaults to "Normal". + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll + type: string + managementState: + description: managementState indicates whether and how the operator + should manage the component + pattern: ^(Managed|Unmanaged|Force|Removed)$ + type: string + nodeDisruptionPolicy: + description: |- + nodeDisruptionPolicy allows an admin to set granular node disruption actions for + MachineConfig-based updates, such as drains, service reloads, etc. Specifying this will allow + for less downtime when doing small configuration updates to the cluster. This configuration + has no effect on cluster upgrades which will still incur node disruption where required. + properties: + files: + description: |- + files is a list of MachineConfig file definitions and actions to take to changes on those paths + This list supports a maximum of 50 entries. + items: + description: NodeDisruptionPolicySpecFile is a file entry and + corresponding actions to take and is used in the NodeDisruptionPolicyConfig + object + properties: + actions: + description: |- + actions represents the series of commands to be executed on changes to the file at + the corresponding file path. Actions will be applied in the order that + they are set in this list. If there are other incoming changes to other MachineConfig + entries in the same update that require a reboot, the reboot will supercede these actions. + Valid actions are Reboot, Drain, Reload, DaemonReload and None. + The Reboot action and the None action cannot be used in conjunction with any of the other actions. + This list supports a maximum of 10 entries. + items: + properties: + reload: + description: reload specifies the service to reload, + only valid if type is reload + properties: + serviceName: + description: |- + serviceName is the full name (e.g. crio.service) of the service to be reloaded + Service names should be of the format ${NAME}${SERVICETYPE} and can up to 255 characters long. + ${NAME} must be atleast 1 character long and can only consist of alphabets, digits, ":", "-", "_", ".", and "\". + ${SERVICETYPE} must be one of ".service", ".socket", ".device", ".mount", ".automount", ".swap", ".target", ".path", ".timer", ".snapshot", ".slice" or ".scope". + maxLength: 255 + type: string + x-kubernetes-validations: + - message: Invalid ${SERVICETYPE} in service name. + Expected format is ${NAME}${SERVICETYPE}, + where ${SERVICETYPE} must be one of ".service", + ".socket", ".device", ".mount", ".automount", + ".swap", ".target", ".path", ".timer",".snapshot", + ".slice" or ".scope". + rule: self.matches('\\.(service|socket|device|mount|automount|swap|target|path|timer|snapshot|slice|scope)$') + - message: Invalid ${NAME} in service name. Expected + format is ${NAME}${SERVICETYPE}, where {NAME} + must be atleast 1 character long and can only + consist of alphabets, digits, ":", "-", "_", + ".", and "\" + rule: self.matches('^[a-zA-Z0-9:._\\\\-]+\\..') + required: + - serviceName + type: object + restart: + description: restart specifies the service to restart, + only valid if type is restart + properties: + serviceName: + description: |- + serviceName is the full name (e.g. crio.service) of the service to be restarted + Service names should be of the format ${NAME}${SERVICETYPE} and can up to 255 characters long. + ${NAME} must be atleast 1 character long and can only consist of alphabets, digits, ":", "-", "_", ".", and "\". + ${SERVICETYPE} must be one of ".service", ".socket", ".device", ".mount", ".automount", ".swap", ".target", ".path", ".timer", ".snapshot", ".slice" or ".scope". + maxLength: 255 + type: string + x-kubernetes-validations: + - message: Invalid ${SERVICETYPE} in service name. + Expected format is ${NAME}${SERVICETYPE}, + where ${SERVICETYPE} must be one of ".service", + ".socket", ".device", ".mount", ".automount", + ".swap", ".target", ".path", ".timer",".snapshot", + ".slice" or ".scope". + rule: self.matches('\\.(service|socket|device|mount|automount|swap|target|path|timer|snapshot|slice|scope)$') + - message: Invalid ${NAME} in service name. Expected + format is ${NAME}${SERVICETYPE}, where {NAME} + must be atleast 1 character long and can only + consist of alphabets, digits, ":", "-", "_", + ".", and "\" + rule: self.matches('^[a-zA-Z0-9:._\\\\-]+\\..') + required: + - serviceName + type: object + type: + description: |- + type represents the commands that will be carried out if this NodeDisruptionPolicySpecActionType is executed + Valid values are Reboot, Drain, Reload, Restart, DaemonReload and None. + reload/restart requires a corresponding service target specified in the reload/restart field. + Other values require no further configuration + enum: + - Reboot + - Drain + - Reload + - Restart + - DaemonReload + - None + type: string + required: + - type + type: object + x-kubernetes-validations: + - message: reload is required when type is Reload, and + forbidden otherwise + rule: 'has(self.type) && self.type == ''Reload'' ? has(self.reload) + : !has(self.reload)' + - message: restart is required when type is Restart, and + forbidden otherwise + rule: 'has(self.type) && self.type == ''Restart'' ? + has(self.restart) : !has(self.restart)' + maxItems: 10 + type: array + x-kubernetes-list-type: atomic + x-kubernetes-validations: + - message: Reboot action can only be specified standalone, + as it will override any other actions + rule: 'self.exists(x, x.type==''Reboot'') ? size(self) + == 1 : true' + - message: None action can only be specified standalone, + as it will override any other actions + rule: 'self.exists(x, x.type==''None'') ? size(self) == + 1 : true' + path: + description: |- + path is the location of a file being managed through a MachineConfig. + The Actions in the policy will apply to changes to the file at this path. + type: string + required: + - actions + - path + type: object + maxItems: 50 + type: array + x-kubernetes-list-map-keys: + - path + x-kubernetes-list-type: map + sshkey: + description: |- + sshkey maps to the ignition.sshkeys field in the MachineConfig object, definition an action for this + will apply to all sshkey changes in the cluster + properties: + actions: + description: |- + actions represents the series of commands to be executed on changes to the file at + the corresponding file path. Actions will be applied in the order that + they are set in this list. If there are other incoming changes to other MachineConfig + entries in the same update that require a reboot, the reboot will supercede these actions. + Valid actions are Reboot, Drain, Reload, DaemonReload and None. + The Reboot action and the None action cannot be used in conjunction with any of the other actions. + This list supports a maximum of 10 entries. + items: + properties: + reload: + description: reload specifies the service to reload, + only valid if type is reload + properties: + serviceName: + description: |- + serviceName is the full name (e.g. crio.service) of the service to be reloaded + Service names should be of the format ${NAME}${SERVICETYPE} and can up to 255 characters long. + ${NAME} must be atleast 1 character long and can only consist of alphabets, digits, ":", "-", "_", ".", and "\". + ${SERVICETYPE} must be one of ".service", ".socket", ".device", ".mount", ".automount", ".swap", ".target", ".path", ".timer", ".snapshot", ".slice" or ".scope". + maxLength: 255 + type: string + x-kubernetes-validations: + - message: Invalid ${SERVICETYPE} in service name. + Expected format is ${NAME}${SERVICETYPE}, where + ${SERVICETYPE} must be one of ".service", ".socket", + ".device", ".mount", ".automount", ".swap", + ".target", ".path", ".timer",".snapshot", ".slice" + or ".scope". + rule: self.matches('\\.(service|socket|device|mount|automount|swap|target|path|timer|snapshot|slice|scope)$') + - message: Invalid ${NAME} in service name. Expected + format is ${NAME}${SERVICETYPE}, where {NAME} + must be atleast 1 character long and can only + consist of alphabets, digits, ":", "-", "_", + ".", and "\" + rule: self.matches('^[a-zA-Z0-9:._\\\\-]+\\..') + required: + - serviceName + type: object + restart: + description: restart specifies the service to restart, + only valid if type is restart + properties: + serviceName: + description: |- + serviceName is the full name (e.g. crio.service) of the service to be restarted + Service names should be of the format ${NAME}${SERVICETYPE} and can up to 255 characters long. + ${NAME} must be atleast 1 character long and can only consist of alphabets, digits, ":", "-", "_", ".", and "\". + ${SERVICETYPE} must be one of ".service", ".socket", ".device", ".mount", ".automount", ".swap", ".target", ".path", ".timer", ".snapshot", ".slice" or ".scope". + maxLength: 255 + type: string + x-kubernetes-validations: + - message: Invalid ${SERVICETYPE} in service name. + Expected format is ${NAME}${SERVICETYPE}, where + ${SERVICETYPE} must be one of ".service", ".socket", + ".device", ".mount", ".automount", ".swap", + ".target", ".path", ".timer",".snapshot", ".slice" + or ".scope". + rule: self.matches('\\.(service|socket|device|mount|automount|swap|target|path|timer|snapshot|slice|scope)$') + - message: Invalid ${NAME} in service name. Expected + format is ${NAME}${SERVICETYPE}, where {NAME} + must be atleast 1 character long and can only + consist of alphabets, digits, ":", "-", "_", + ".", and "\" + rule: self.matches('^[a-zA-Z0-9:._\\\\-]+\\..') + required: + - serviceName + type: object + type: + description: |- + type represents the commands that will be carried out if this NodeDisruptionPolicySpecActionType is executed + Valid values are Reboot, Drain, Reload, Restart, DaemonReload and None. + reload/restart requires a corresponding service target specified in the reload/restart field. + Other values require no further configuration + enum: + - Reboot + - Drain + - Reload + - Restart + - DaemonReload + - None + type: string + required: + - type + type: object + x-kubernetes-validations: + - message: reload is required when type is Reload, and forbidden + otherwise + rule: 'has(self.type) && self.type == ''Reload'' ? has(self.reload) + : !has(self.reload)' + - message: restart is required when type is Restart, and + forbidden otherwise + rule: 'has(self.type) && self.type == ''Restart'' ? has(self.restart) + : !has(self.restart)' + maxItems: 10 + type: array + x-kubernetes-list-type: atomic + x-kubernetes-validations: + - message: Reboot action can only be specified standalone, + as it will override any other actions + rule: 'self.exists(x, x.type==''Reboot'') ? size(self) == + 1 : true' + - message: None action can only be specified standalone, as + it will override any other actions + rule: 'self.exists(x, x.type==''None'') ? size(self) == + 1 : true' + required: + - actions + type: object + units: + description: |- + units is a list MachineConfig unit definitions and actions to take on changes to those services + This list supports a maximum of 50 entries. + items: + description: NodeDisruptionPolicySpecUnit is a systemd unit + name and corresponding actions to take and is used in the + NodeDisruptionPolicyConfig object + properties: + actions: + description: |- + actions represents the series of commands to be executed on changes to the file at + the corresponding file path. Actions will be applied in the order that + they are set in this list. If there are other incoming changes to other MachineConfig + entries in the same update that require a reboot, the reboot will supercede these actions. + Valid actions are Reboot, Drain, Reload, DaemonReload and None. + The Reboot action and the None action cannot be used in conjunction with any of the other actions. + This list supports a maximum of 10 entries. + items: + properties: + reload: + description: reload specifies the service to reload, + only valid if type is reload + properties: + serviceName: + description: |- + serviceName is the full name (e.g. crio.service) of the service to be reloaded + Service names should be of the format ${NAME}${SERVICETYPE} and can up to 255 characters long. + ${NAME} must be atleast 1 character long and can only consist of alphabets, digits, ":", "-", "_", ".", and "\". + ${SERVICETYPE} must be one of ".service", ".socket", ".device", ".mount", ".automount", ".swap", ".target", ".path", ".timer", ".snapshot", ".slice" or ".scope". + maxLength: 255 + type: string + x-kubernetes-validations: + - message: Invalid ${SERVICETYPE} in service name. + Expected format is ${NAME}${SERVICETYPE}, + where ${SERVICETYPE} must be one of ".service", + ".socket", ".device", ".mount", ".automount", + ".swap", ".target", ".path", ".timer",".snapshot", + ".slice" or ".scope". + rule: self.matches('\\.(service|socket|device|mount|automount|swap|target|path|timer|snapshot|slice|scope)$') + - message: Invalid ${NAME} in service name. Expected + format is ${NAME}${SERVICETYPE}, where {NAME} + must be atleast 1 character long and can only + consist of alphabets, digits, ":", "-", "_", + ".", and "\" + rule: self.matches('^[a-zA-Z0-9:._\\\\-]+\\..') + required: + - serviceName + type: object + restart: + description: restart specifies the service to restart, + only valid if type is restart + properties: + serviceName: + description: |- + serviceName is the full name (e.g. crio.service) of the service to be restarted + Service names should be of the format ${NAME}${SERVICETYPE} and can up to 255 characters long. + ${NAME} must be atleast 1 character long and can only consist of alphabets, digits, ":", "-", "_", ".", and "\". + ${SERVICETYPE} must be one of ".service", ".socket", ".device", ".mount", ".automount", ".swap", ".target", ".path", ".timer", ".snapshot", ".slice" or ".scope". + maxLength: 255 + type: string + x-kubernetes-validations: + - message: Invalid ${SERVICETYPE} in service name. + Expected format is ${NAME}${SERVICETYPE}, + where ${SERVICETYPE} must be one of ".service", + ".socket", ".device", ".mount", ".automount", + ".swap", ".target", ".path", ".timer",".snapshot", + ".slice" or ".scope". + rule: self.matches('\\.(service|socket|device|mount|automount|swap|target|path|timer|snapshot|slice|scope)$') + - message: Invalid ${NAME} in service name. Expected + format is ${NAME}${SERVICETYPE}, where {NAME} + must be atleast 1 character long and can only + consist of alphabets, digits, ":", "-", "_", + ".", and "\" + rule: self.matches('^[a-zA-Z0-9:._\\\\-]+\\..') + required: + - serviceName + type: object + type: + description: |- + type represents the commands that will be carried out if this NodeDisruptionPolicySpecActionType is executed + Valid values are Reboot, Drain, Reload, Restart, DaemonReload and None. + reload/restart requires a corresponding service target specified in the reload/restart field. + Other values require no further configuration + enum: + - Reboot + - Drain + - Reload + - Restart + - DaemonReload + - None + type: string + required: + - type + type: object + x-kubernetes-validations: + - message: reload is required when type is Reload, and + forbidden otherwise + rule: 'has(self.type) && self.type == ''Reload'' ? has(self.reload) + : !has(self.reload)' + - message: restart is required when type is Restart, and + forbidden otherwise + rule: 'has(self.type) && self.type == ''Restart'' ? + has(self.restart) : !has(self.restart)' + maxItems: 10 + type: array + x-kubernetes-list-type: atomic + x-kubernetes-validations: + - message: Reboot action can only be specified standalone, + as it will override any other actions + rule: 'self.exists(x, x.type==''Reboot'') ? size(self) + == 1 : true' + - message: None action can only be specified standalone, + as it will override any other actions + rule: 'self.exists(x, x.type==''None'') ? size(self) == + 1 : true' + name: + description: |- + name represents the service name of a systemd service managed through a MachineConfig + Actions specified will be applied for changes to the named service. + Service names should be of the format ${NAME}${SERVICETYPE} and can up to 255 characters long. + ${NAME} must be atleast 1 character long and can only consist of alphabets, digits, ":", "-", "_", ".", and "\". + ${SERVICETYPE} must be one of ".service", ".socket", ".device", ".mount", ".automount", ".swap", ".target", ".path", ".timer", ".snapshot", ".slice" or ".scope". + maxLength: 255 + type: string + x-kubernetes-validations: + - message: Invalid ${SERVICETYPE} in service name. Expected + format is ${NAME}${SERVICETYPE}, where ${SERVICETYPE} + must be one of ".service", ".socket", ".device", ".mount", + ".automount", ".swap", ".target", ".path", ".timer",".snapshot", + ".slice" or ".scope". + rule: self.matches('\\.(service|socket|device|mount|automount|swap|target|path|timer|snapshot|slice|scope)$') + - message: Invalid ${NAME} in service name. Expected format + is ${NAME}${SERVICETYPE}, where {NAME} must be atleast + 1 character long and can only consist of alphabets, + digits, ":", "-", "_", ".", and "\" + rule: self.matches('^[a-zA-Z0-9:._\\\\-]+\\..') + required: + - actions + - name + type: object + maxItems: 50 + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + type: object + observedConfig: + description: |- + observedConfig holds a sparse config that controller has observed from the cluster state. It exists in spec because + it is an input to the level for the operator + nullable: true + type: object + x-kubernetes-preserve-unknown-fields: true + operatorLogLevel: + default: Normal + description: |- + operatorLogLevel is an intent based logging for the operator itself. It does not give fine grained control, but it is a + simple way to manage coarse grained logging choices that operators have to interpret for themselves. + + Valid values are: "Normal", "Debug", "Trace", "TraceAll". + Defaults to "Normal". + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll + type: string + succeededRevisionLimit: + description: |- + succeededRevisionLimit is the number of successful static pod installer revisions to keep on disk and in the api + -1 = unlimited, 0 or unset = 5 (default) + format: int32 + type: integer + unsupportedConfigOverrides: + description: |- + unsupportedConfigOverrides overrides the final configuration that was computed by the operator. + Red Hat does not support the use of this field. + Misuse of this field could lead to unexpected behavior or conflict with other configuration options. + Seek guidance from the Red Hat support before using this field. + Use of this property blocks cluster upgrades, it must be removed before upgrading your cluster. + nullable: true + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + status: + description: status is the most recently observed status of the Machine + Config Operator + properties: + conditions: + description: conditions is a list of conditions and their status + items: + description: Condition contains details for one aspect of the current + state of this API Resource. + properties: + lastTransitionTime: + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + nodeDisruptionPolicyStatus: + description: |- + nodeDisruptionPolicyStatus status reflects what the latest cluster-validated policies are, + and will be used by the Machine Config Daemon during future node updates. + properties: + clusterPolicies: + description: clusterPolicies is a merge of cluster default and + user provided node disruption policies. + properties: + files: + description: files is a list of MachineConfig file definitions + and actions to take to changes on those paths + items: + description: NodeDisruptionPolicyStatusFile is a file entry + and corresponding actions to take and is used in the NodeDisruptionPolicyClusterStatus + object + properties: + actions: + description: |- + actions represents the series of commands to be executed on changes to the file at + the corresponding file path. Actions will be applied in the order that + they are set in this list. If there are other incoming changes to other MachineConfig + entries in the same update that require a reboot, the reboot will supercede these actions. + Valid actions are Reboot, Drain, Reload, DaemonReload and None. + The Reboot action and the None action cannot be used in conjunction with any of the other actions. + This list supports a maximum of 10 entries. + items: + properties: + reload: + description: reload specifies the service to reload, + only valid if type is reload + properties: + serviceName: + description: |- + serviceName is the full name (e.g. crio.service) of the service to be reloaded + Service names should be of the format ${NAME}${SERVICETYPE} and can up to 255 characters long. + ${NAME} must be atleast 1 character long and can only consist of alphabets, digits, ":", "-", "_", ".", and "\". + ${SERVICETYPE} must be one of ".service", ".socket", ".device", ".mount", ".automount", ".swap", ".target", ".path", ".timer", ".snapshot", ".slice" or ".scope". + maxLength: 255 + type: string + x-kubernetes-validations: + - message: Invalid ${SERVICETYPE} in service + name. Expected format is ${NAME}${SERVICETYPE}, + where ${SERVICETYPE} must be one of ".service", + ".socket", ".device", ".mount", ".automount", + ".swap", ".target", ".path", ".timer",".snapshot", + ".slice" or ".scope". + rule: self.matches('\\.(service|socket|device|mount|automount|swap|target|path|timer|snapshot|slice|scope)$') + - message: Invalid ${NAME} in service name. + Expected format is ${NAME}${SERVICETYPE}, + where {NAME} must be atleast 1 character + long and can only consist of alphabets, + digits, ":", "-", "_", ".", and "\" + rule: self.matches('^[a-zA-Z0-9:._\\\\-]+\\..') + required: + - serviceName + type: object + restart: + description: restart specifies the service to + restart, only valid if type is restart + properties: + serviceName: + description: |- + serviceName is the full name (e.g. crio.service) of the service to be restarted + Service names should be of the format ${NAME}${SERVICETYPE} and can up to 255 characters long. + ${NAME} must be atleast 1 character long and can only consist of alphabets, digits, ":", "-", "_", ".", and "\". + ${SERVICETYPE} must be one of ".service", ".socket", ".device", ".mount", ".automount", ".swap", ".target", ".path", ".timer", ".snapshot", ".slice" or ".scope". + maxLength: 255 + type: string + x-kubernetes-validations: + - message: Invalid ${SERVICETYPE} in service + name. Expected format is ${NAME}${SERVICETYPE}, + where ${SERVICETYPE} must be one of ".service", + ".socket", ".device", ".mount", ".automount", + ".swap", ".target", ".path", ".timer",".snapshot", + ".slice" or ".scope". + rule: self.matches('\\.(service|socket|device|mount|automount|swap|target|path|timer|snapshot|slice|scope)$') + - message: Invalid ${NAME} in service name. + Expected format is ${NAME}${SERVICETYPE}, + where {NAME} must be atleast 1 character + long and can only consist of alphabets, + digits, ":", "-", "_", ".", and "\" + rule: self.matches('^[a-zA-Z0-9:._\\\\-]+\\..') + required: + - serviceName + type: object + type: + description: |- + type represents the commands that will be carried out if this NodeDisruptionPolicyStatusActionType is executed + Valid values are Reboot, Drain, Reload, Restart, DaemonReload, None and Special. + reload/restart requires a corresponding service target specified in the reload/restart field. + Other values require no further configuration + enum: + - Reboot + - Drain + - Reload + - Restart + - DaemonReload + - None + - Special + type: string + required: + - type + type: object + x-kubernetes-validations: + - message: reload is required when type is Reload, + and forbidden otherwise + rule: 'has(self.type) && self.type == ''Reload'' + ? has(self.reload) : !has(self.reload)' + - message: restart is required when type is Restart, + and forbidden otherwise + rule: 'has(self.type) && self.type == ''Restart'' + ? has(self.restart) : !has(self.restart)' + maxItems: 10 + type: array + x-kubernetes-list-type: atomic + x-kubernetes-validations: + - message: Reboot action can only be specified standalone, + as it will override any other actions + rule: 'self.exists(x, x.type==''Reboot'') ? size(self) + == 1 : true' + - message: None action can only be specified standalone, + as it will override any other actions + rule: 'self.exists(x, x.type==''None'') ? size(self) + == 1 : true' + path: + description: |- + path is the location of a file being managed through a MachineConfig. + The Actions in the policy will apply to changes to the file at this path. + type: string + required: + - actions + - path + type: object + maxItems: 100 + type: array + x-kubernetes-list-map-keys: + - path + x-kubernetes-list-type: map + sshkey: + description: sshkey is the overall sshkey MachineConfig definition + properties: + actions: + description: |- + actions represents the series of commands to be executed on changes to the file at + the corresponding file path. Actions will be applied in the order that + they are set in this list. If there are other incoming changes to other MachineConfig + entries in the same update that require a reboot, the reboot will supercede these actions. + Valid actions are Reboot, Drain, Reload, DaemonReload and None. + The Reboot action and the None action cannot be used in conjunction with any of the other actions. + This list supports a maximum of 10 entries. + items: + properties: + reload: + description: reload specifies the service to reload, + only valid if type is reload + properties: + serviceName: + description: |- + serviceName is the full name (e.g. crio.service) of the service to be reloaded + Service names should be of the format ${NAME}${SERVICETYPE} and can up to 255 characters long. + ${NAME} must be atleast 1 character long and can only consist of alphabets, digits, ":", "-", "_", ".", and "\". + ${SERVICETYPE} must be one of ".service", ".socket", ".device", ".mount", ".automount", ".swap", ".target", ".path", ".timer", ".snapshot", ".slice" or ".scope". + maxLength: 255 + type: string + x-kubernetes-validations: + - message: Invalid ${SERVICETYPE} in service + name. Expected format is ${NAME}${SERVICETYPE}, + where ${SERVICETYPE} must be one of ".service", + ".socket", ".device", ".mount", ".automount", + ".swap", ".target", ".path", ".timer",".snapshot", + ".slice" or ".scope". + rule: self.matches('\\.(service|socket|device|mount|automount|swap|target|path|timer|snapshot|slice|scope)$') + - message: Invalid ${NAME} in service name. + Expected format is ${NAME}${SERVICETYPE}, + where {NAME} must be atleast 1 character + long and can only consist of alphabets, + digits, ":", "-", "_", ".", and "\" + rule: self.matches('^[a-zA-Z0-9:._\\\\-]+\\..') + required: + - serviceName + type: object + restart: + description: restart specifies the service to restart, + only valid if type is restart + properties: + serviceName: + description: |- + serviceName is the full name (e.g. crio.service) of the service to be restarted + Service names should be of the format ${NAME}${SERVICETYPE} and can up to 255 characters long. + ${NAME} must be atleast 1 character long and can only consist of alphabets, digits, ":", "-", "_", ".", and "\". + ${SERVICETYPE} must be one of ".service", ".socket", ".device", ".mount", ".automount", ".swap", ".target", ".path", ".timer", ".snapshot", ".slice" or ".scope". + maxLength: 255 + type: string + x-kubernetes-validations: + - message: Invalid ${SERVICETYPE} in service + name. Expected format is ${NAME}${SERVICETYPE}, + where ${SERVICETYPE} must be one of ".service", + ".socket", ".device", ".mount", ".automount", + ".swap", ".target", ".path", ".timer",".snapshot", + ".slice" or ".scope". + rule: self.matches('\\.(service|socket|device|mount|automount|swap|target|path|timer|snapshot|slice|scope)$') + - message: Invalid ${NAME} in service name. + Expected format is ${NAME}${SERVICETYPE}, + where {NAME} must be atleast 1 character + long and can only consist of alphabets, + digits, ":", "-", "_", ".", and "\" + rule: self.matches('^[a-zA-Z0-9:._\\\\-]+\\..') + required: + - serviceName + type: object + type: + description: |- + type represents the commands that will be carried out if this NodeDisruptionPolicyStatusActionType is executed + Valid values are Reboot, Drain, Reload, Restart, DaemonReload, None and Special. + reload/restart requires a corresponding service target specified in the reload/restart field. + Other values require no further configuration + enum: + - Reboot + - Drain + - Reload + - Restart + - DaemonReload + - None + - Special + type: string + required: + - type + type: object + x-kubernetes-validations: + - message: reload is required when type is Reload, and + forbidden otherwise + rule: 'has(self.type) && self.type == ''Reload'' ? + has(self.reload) : !has(self.reload)' + - message: restart is required when type is Restart, + and forbidden otherwise + rule: 'has(self.type) && self.type == ''Restart'' + ? has(self.restart) : !has(self.restart)' + maxItems: 10 + type: array + x-kubernetes-list-type: atomic + x-kubernetes-validations: + - message: Reboot action can only be specified standalone, + as it will override any other actions + rule: 'self.exists(x, x.type==''Reboot'') ? size(self) + == 1 : true' + - message: None action can only be specified standalone, + as it will override any other actions + rule: 'self.exists(x, x.type==''None'') ? size(self) + == 1 : true' + required: + - actions + type: object + units: + description: units is a list MachineConfig unit definitions + and actions to take on changes to those services + items: + description: NodeDisruptionPolicyStatusUnit is a systemd + unit name and corresponding actions to take and is used + in the NodeDisruptionPolicyClusterStatus object + properties: + actions: + description: |- + actions represents the series of commands to be executed on changes to the file at + the corresponding file path. Actions will be applied in the order that + they are set in this list. If there are other incoming changes to other MachineConfig + entries in the same update that require a reboot, the reboot will supercede these actions. + Valid actions are Reboot, Drain, Reload, DaemonReload and None. + The Reboot action and the None action cannot be used in conjunction with any of the other actions. + This list supports a maximum of 10 entries. + items: + properties: + reload: + description: reload specifies the service to reload, + only valid if type is reload + properties: + serviceName: + description: |- + serviceName is the full name (e.g. crio.service) of the service to be reloaded + Service names should be of the format ${NAME}${SERVICETYPE} and can up to 255 characters long. + ${NAME} must be atleast 1 character long and can only consist of alphabets, digits, ":", "-", "_", ".", and "\". + ${SERVICETYPE} must be one of ".service", ".socket", ".device", ".mount", ".automount", ".swap", ".target", ".path", ".timer", ".snapshot", ".slice" or ".scope". + maxLength: 255 + type: string + x-kubernetes-validations: + - message: Invalid ${SERVICETYPE} in service + name. Expected format is ${NAME}${SERVICETYPE}, + where ${SERVICETYPE} must be one of ".service", + ".socket", ".device", ".mount", ".automount", + ".swap", ".target", ".path", ".timer",".snapshot", + ".slice" or ".scope". + rule: self.matches('\\.(service|socket|device|mount|automount|swap|target|path|timer|snapshot|slice|scope)$') + - message: Invalid ${NAME} in service name. + Expected format is ${NAME}${SERVICETYPE}, + where {NAME} must be atleast 1 character + long and can only consist of alphabets, + digits, ":", "-", "_", ".", and "\" + rule: self.matches('^[a-zA-Z0-9:._\\\\-]+\\..') + required: + - serviceName + type: object + restart: + description: restart specifies the service to + restart, only valid if type is restart + properties: + serviceName: + description: |- + serviceName is the full name (e.g. crio.service) of the service to be restarted + Service names should be of the format ${NAME}${SERVICETYPE} and can up to 255 characters long. + ${NAME} must be atleast 1 character long and can only consist of alphabets, digits, ":", "-", "_", ".", and "\". + ${SERVICETYPE} must be one of ".service", ".socket", ".device", ".mount", ".automount", ".swap", ".target", ".path", ".timer", ".snapshot", ".slice" or ".scope". + maxLength: 255 + type: string + x-kubernetes-validations: + - message: Invalid ${SERVICETYPE} in service + name. Expected format is ${NAME}${SERVICETYPE}, + where ${SERVICETYPE} must be one of ".service", + ".socket", ".device", ".mount", ".automount", + ".swap", ".target", ".path", ".timer",".snapshot", + ".slice" or ".scope". + rule: self.matches('\\.(service|socket|device|mount|automount|swap|target|path|timer|snapshot|slice|scope)$') + - message: Invalid ${NAME} in service name. + Expected format is ${NAME}${SERVICETYPE}, + where {NAME} must be atleast 1 character + long and can only consist of alphabets, + digits, ":", "-", "_", ".", and "\" + rule: self.matches('^[a-zA-Z0-9:._\\\\-]+\\..') + required: + - serviceName + type: object + type: + description: |- + type represents the commands that will be carried out if this NodeDisruptionPolicyStatusActionType is executed + Valid values are Reboot, Drain, Reload, Restart, DaemonReload, None and Special. + reload/restart requires a corresponding service target specified in the reload/restart field. + Other values require no further configuration + enum: + - Reboot + - Drain + - Reload + - Restart + - DaemonReload + - None + - Special + type: string + required: + - type + type: object + x-kubernetes-validations: + - message: reload is required when type is Reload, + and forbidden otherwise + rule: 'has(self.type) && self.type == ''Reload'' + ? has(self.reload) : !has(self.reload)' + - message: restart is required when type is Restart, + and forbidden otherwise + rule: 'has(self.type) && self.type == ''Restart'' + ? has(self.restart) : !has(self.restart)' + maxItems: 10 + type: array + x-kubernetes-list-type: atomic + x-kubernetes-validations: + - message: Reboot action can only be specified standalone, + as it will override any other actions + rule: 'self.exists(x, x.type==''Reboot'') ? size(self) + == 1 : true' + - message: None action can only be specified standalone, + as it will override any other actions + rule: 'self.exists(x, x.type==''None'') ? size(self) + == 1 : true' + name: + description: |- + name represents the service name of a systemd service managed through a MachineConfig + Actions specified will be applied for changes to the named service. + Service names should be of the format ${NAME}${SERVICETYPE} and can up to 255 characters long. + ${NAME} must be atleast 1 character long and can only consist of alphabets, digits, ":", "-", "_", ".", and "\". + ${SERVICETYPE} must be one of ".service", ".socket", ".device", ".mount", ".automount", ".swap", ".target", ".path", ".timer", ".snapshot", ".slice" or ".scope". + maxLength: 255 + type: string + x-kubernetes-validations: + - message: Invalid ${SERVICETYPE} in service name. Expected + format is ${NAME}${SERVICETYPE}, where ${SERVICETYPE} + must be one of ".service", ".socket", ".device", + ".mount", ".automount", ".swap", ".target", ".path", + ".timer",".snapshot", ".slice" or ".scope". + rule: self.matches('\\.(service|socket|device|mount|automount|swap|target|path|timer|snapshot|slice|scope)$') + - message: Invalid ${NAME} in service name. Expected + format is ${NAME}${SERVICETYPE}, where {NAME} must + be atleast 1 character long and can only consist + of alphabets, digits, ":", "-", "_", ".", and "\" + rule: self.matches('^[a-zA-Z0-9:._\\\\-]+\\..') + required: + - actions + - name + type: object + maxItems: 100 + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + type: object + type: object + observedGeneration: + description: observedGeneration is the last generation change you've + dealt with + format: int64 + type: integer + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} diff --git a/operator/v1/zz_generated.swagger_doc_generated.go b/operator/v1/zz_generated.swagger_doc_generated.go index 582f9686ffd..fad328ac2f9 100644 --- a/operator/v1/zz_generated.swagger_doc_generated.go +++ b/operator/v1/zz_generated.swagger_doc_generated.go @@ -1422,7 +1422,7 @@ func (MachineConfigurationStatus) SwaggerDoc() map[string]string { var map_MachineManager = map[string]string{ "": "MachineManager describes a target machine resource that is registered for boot image updates. It stores identifying information such as the resource type and the API Group of the resource. It also provides granular control via the selection field.", - "resource": "resource is the machine management resource's type. The only current valid value is machinesets. machinesets means that the machine manager will only register resources of the kind MachineSet.", + "resource": "resource is the machine management resource's type. Valid values are machinesets and controlplanemachinesets. machinesets means that the machine manager will only register resources of the kind MachineSet. controlplanemachinesets means that the machine manager will only register resources of the kind ControlPlaneMachineSet.", "apiGroup": "apiGroup is name of the APIGroup that the machine management resource belongs to. The only current valid value is machine.openshift.io. machine.openshift.io means that the machine manager will only register resources that belong to OpenShift machine API group.", "selection": "selection allows granular control of the machine management resources that will be registered for boot image updates.", } diff --git a/payload-manifests/crds/0000_80_machine-config_01_machineconfigurations.crd.yaml b/payload-manifests/crds/0000_80_machine-config_01_machineconfigurations.crd.yaml index 7976d1dab41..5be900d6aac 100644 --- a/payload-manifests/crds/0000_80_machine-config_01_machineconfigurations.crd.yaml +++ b/payload-manifests/crds/0000_80_machine-config_01_machineconfigurations.crd.yaml @@ -102,10 +102,9 @@ spec: resource: description: |- resource is the machine management resource's type. - The only current valid value is machinesets. + Valid values are machinesets and controlplanemachinesets. machinesets means that the machine manager will only register resources of the kind MachineSet. - enum: - - machinesets + controlplanemachinesets means that the machine manager will only register resources of the kind ControlPlaneMachineSet. type: string selection: description: selection allows granular control of the machine @@ -733,10 +732,9 @@ spec: resource: description: |- resource is the machine management resource's type. - The only current valid value is machinesets. + Valid values are machinesets and controlplanemachinesets. machinesets means that the machine manager will only register resources of the kind MachineSet. - enum: - - machinesets + controlplanemachinesets means that the machine manager will only register resources of the kind ControlPlaneMachineSet. type: string selection: description: selection allows granular control of the machine diff --git a/payload-manifests/featuregates/featureGate-Hypershift-Default.yaml b/payload-manifests/featuregates/featureGate-Hypershift-Default.yaml index f82d8941e5f..354d9e88c62 100644 --- a/payload-manifests/featuregates/featureGate-Hypershift-Default.yaml +++ b/payload-manifests/featuregates/featureGate-Hypershift-Default.yaml @@ -118,6 +118,9 @@ { "name": "ManagedBootImagesAzure" }, + { + "name": "ManagedBootImagesCPMS" + }, { "name": "ManagedBootImagesvSphere" }, diff --git a/payload-manifests/featuregates/featureGate-Hypershift-DevPreviewNoUpgrade.yaml b/payload-manifests/featuregates/featureGate-Hypershift-DevPreviewNoUpgrade.yaml index 0873bd691a3..96c3b1c1b13 100644 --- a/payload-manifests/featuregates/featureGate-Hypershift-DevPreviewNoUpgrade.yaml +++ b/payload-manifests/featuregates/featureGate-Hypershift-DevPreviewNoUpgrade.yaml @@ -200,6 +200,9 @@ { "name": "ManagedBootImagesAzure" }, + { + "name": "ManagedBootImagesCPMS" + }, { "name": "ManagedBootImagesvSphere" }, diff --git a/payload-manifests/featuregates/featureGate-Hypershift-TechPreviewNoUpgrade.yaml b/payload-manifests/featuregates/featureGate-Hypershift-TechPreviewNoUpgrade.yaml index d9e119e63da..9843f6ba04f 100644 --- a/payload-manifests/featuregates/featureGate-Hypershift-TechPreviewNoUpgrade.yaml +++ b/payload-manifests/featuregates/featureGate-Hypershift-TechPreviewNoUpgrade.yaml @@ -206,6 +206,9 @@ { "name": "ManagedBootImagesAzure" }, + { + "name": "ManagedBootImagesCPMS" + }, { "name": "ManagedBootImagesvSphere" }, diff --git a/payload-manifests/featuregates/featureGate-SelfManagedHA-Default.yaml b/payload-manifests/featuregates/featureGate-SelfManagedHA-Default.yaml index 34710c06612..1296a247947 100644 --- a/payload-manifests/featuregates/featureGate-SelfManagedHA-Default.yaml +++ b/payload-manifests/featuregates/featureGate-SelfManagedHA-Default.yaml @@ -121,6 +121,9 @@ { "name": "ManagedBootImagesAzure" }, + { + "name": "ManagedBootImagesCPMS" + }, { "name": "ManagedBootImagesvSphere" }, diff --git a/payload-manifests/featuregates/featureGate-SelfManagedHA-DevPreviewNoUpgrade.yaml b/payload-manifests/featuregates/featureGate-SelfManagedHA-DevPreviewNoUpgrade.yaml index b762ec51df9..780c3130ed9 100644 --- a/payload-manifests/featuregates/featureGate-SelfManagedHA-DevPreviewNoUpgrade.yaml +++ b/payload-manifests/featuregates/featureGate-SelfManagedHA-DevPreviewNoUpgrade.yaml @@ -185,6 +185,9 @@ { "name": "ManagedBootImagesAzure" }, + { + "name": "ManagedBootImagesCPMS" + }, { "name": "ManagedBootImagesvSphere" }, diff --git a/payload-manifests/featuregates/featureGate-SelfManagedHA-TechPreviewNoUpgrade.yaml b/payload-manifests/featuregates/featureGate-SelfManagedHA-TechPreviewNoUpgrade.yaml index 8b41035674f..4c919b05889 100644 --- a/payload-manifests/featuregates/featureGate-SelfManagedHA-TechPreviewNoUpgrade.yaml +++ b/payload-manifests/featuregates/featureGate-SelfManagedHA-TechPreviewNoUpgrade.yaml @@ -191,6 +191,9 @@ { "name": "ManagedBootImagesAzure" }, + { + "name": "ManagedBootImagesCPMS" + }, { "name": "ManagedBootImagesvSphere" },