forked from openshift/cloud-credential-operator
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- [x] to determine whether CCO is in manual/disabled mode - [x] to bypass permissions checking when annotating the cloud secret (AWS/Azure/GCP) - [x] update role to grant access to read the config - [x] copy generated CRD from openshift/api into manifests so that it gets applied - [x] add clusteroperator status reporting for bad modes (and conflicting legacy settings and new modes). Fix conditions merging to not drop old conditions when new StatusHandler has no conditions to set. Fix fallout from that fix where StatusHandlers registered during tests were stacking up and interfering with each other.
- Loading branch information
Joel Diaz
committed
Jul 28, 2020
1 parent
cbb4435
commit 840ad99
Showing
27 changed files
with
998 additions
and
182 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,155 @@ | ||
| apiVersion: apiextensions.k8s.io/v1beta1 | ||
| kind: CustomResourceDefinition | ||
| metadata: | ||
| name: cloudcredentials.operator.openshift.io | ||
| spec: | ||
| scope: Cluster | ||
| preserveUnknownFields: false | ||
| group: operator.openshift.io | ||
| names: | ||
| kind: CloudCredential | ||
| listKind: CloudCredentialList | ||
| plural: cloudcredentials | ||
| singular: cloudcredential | ||
| subresources: | ||
| status: {} | ||
| versions: | ||
| - name: v1 | ||
| served: true | ||
| storage: true | ||
| validation: | ||
| openAPIV3Schema: | ||
| description: CloudCredential provides a means to configure an operator to manage | ||
| CredentialsRequests. | ||
| type: object | ||
| required: | ||
| - spec | ||
| properties: | ||
| apiVersion: | ||
| description: 'APIVersion defines the versioned schema of this representation | ||
| of an object. Servers should convert recognized schemas to the latest | ||
| internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' | ||
| type: string | ||
| kind: | ||
| description: 'Kind is a string value representing the REST resource this | ||
| object represents. Servers may infer this from the endpoint the client | ||
| submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' | ||
| type: string | ||
| metadata: | ||
| type: object | ||
| spec: | ||
| description: CloudCredentialSpec is the specification of the desired behavior | ||
| of the cloud-credential-operator. | ||
| type: object | ||
| properties: | ||
| credentialsMode: | ||
| description: CredentialsMode allows informing CCO that it should not | ||
| attempt to dynamically determine the root cloud credentials capabilities, | ||
| and it should just run in the specified mode. It also allows putting | ||
| the operator into "manual" mode if desired. Leaving the field in default | ||
| mode runs CCO so that the cluster's cloud credentials will be dynamically | ||
| probed for capabilities (on supported clouds/platforms). | ||
| type: string | ||
| enum: | ||
| - "" | ||
| - Manual | ||
| - Mint | ||
| - Passthrough | ||
| logLevel: | ||
| description: logLevel is an intent based logging for an overall component. It | ||
| does not give fine grained control, but it is a simple way to manage | ||
| coarse grained logging choices that operators have to interpret for | ||
| their operands. | ||
| type: string | ||
| managementState: | ||
| description: managementState indicates whether and how the operator | ||
| should manage the component | ||
| type: string | ||
| pattern: ^(Managed|Unmanaged|Force|Removed)$ | ||
| observedConfig: | ||
| description: observedConfig holds a sparse config that controller has | ||
| observed from the cluster state. It exists in spec because it is | ||
| an input to the level for the operator | ||
| type: object | ||
| nullable: true | ||
| x-kubernetes-preserve-unknown-fields: true | ||
| operatorLogLevel: | ||
| description: operatorLogLevel is an intent based logging for the operator | ||
| itself. It does not give fine grained control, but it is a simple | ||
| way to manage coarse grained logging choices that operators have to | ||
| interpret for themselves. | ||
| type: string | ||
| unsupportedConfigOverrides: | ||
| description: 'unsupportedConfigOverrides holds a sparse config that | ||
| will override any previously set options. It only needs to be the | ||
| fields to override it will end up overlaying in the following order: | ||
| 1. hardcoded defaults 2. observedConfig 3. unsupportedConfigOverrides' | ||
| type: object | ||
| nullable: true | ||
| x-kubernetes-preserve-unknown-fields: true | ||
| status: | ||
| description: CloudCredentialStatus defines the observed status of the cloud-credential-operator. | ||
| type: object | ||
| properties: | ||
| conditions: | ||
| description: conditions is a list of conditions and their status | ||
| type: array | ||
| items: | ||
| description: OperatorCondition is just the standard condition fields. | ||
| type: object | ||
| properties: | ||
| lastTransitionTime: | ||
| type: string | ||
| format: date-time | ||
| message: | ||
| type: string | ||
| reason: | ||
| type: string | ||
| status: | ||
| type: string | ||
| type: | ||
| type: string | ||
| generations: | ||
| description: generations are used to determine when an item needs to | ||
| be reconciled or has changed in a way that needs a reaction. | ||
| type: array | ||
| items: | ||
| description: GenerationStatus keeps track of the generation for a | ||
| given resource so that decisions about forced updates can be made. | ||
| type: object | ||
| properties: | ||
| group: | ||
| description: group is the group of the thing you're tracking | ||
| type: string | ||
| hash: | ||
| description: hash is an optional field set for resources without | ||
| generation that are content sensitive like secrets and configmaps | ||
| type: string | ||
| lastGeneration: | ||
| description: lastGeneration is the last generation of the workload | ||
| controller involved | ||
| type: integer | ||
| format: int64 | ||
| name: | ||
| description: name is the name of the thing you're tracking | ||
| type: string | ||
| namespace: | ||
| description: namespace is where the thing you're tracking is | ||
| type: string | ||
| resource: | ||
| description: resource is the resource type of the thing you're | ||
| tracking | ||
| type: string | ||
| observedGeneration: | ||
| description: observedGeneration is the last generation change you've | ||
| dealt with | ||
| type: integer | ||
| format: int64 | ||
| readyReplicas: | ||
| description: readyReplicas indicates how many replicas are ready and | ||
| at the desired state | ||
| type: integer | ||
| format: int32 | ||
| version: | ||
| description: version is the level this availability applies to | ||
| type: string |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.