diff --git a/.github/workflows/verify-generated-code-changes.yml b/.github/workflows/verify-generated-code-changes.yml index 6166cfde936..45d7afbacde 100644 --- a/.github/workflows/verify-generated-code-changes.yml +++ b/.github/workflows/verify-generated-code-changes.yml @@ -40,7 +40,7 @@ jobs: run: ./.github/scripts/check-for-go-mod-changes.sh - name: Install controller-gen - run: go install sigs.k8s.io/controller-tools/cmd/controller-gen@v0.12.0 + run: go install sigs.k8s.io/controller-tools/cmd/controller-gen@v0.14.0 - name: Verify auto-generated changes run: ./.github/scripts/check-for-auto-generated-changes.sh diff --git a/Dockerfile.dapper b/Dockerfile.dapper index 22abed2ca5d..a477322a3d9 100644 --- a/Dockerfile.dapper +++ b/Dockerfile.dapper @@ -34,7 +34,7 @@ RUN if [ "${ARCH}" == "amd64" ]; then \ fi # Tool for CRD generation. -ENV CONTROLLER_GEN_VERSION v0.12.0 +ENV CONTROLLER_GEN_VERSION v0.14.0 RUN go install sigs.k8s.io/controller-tools/cmd/controller-gen@${CONTROLLER_GEN_VERSION} # YAML processor for release configuration. diff --git a/pkg/crds/yaml/generated/catalog.cattle.io_uiplugins.yaml b/pkg/crds/yaml/generated/catalog.cattle.io_uiplugins.yaml index 3c8a0a0d9ee..8bca67b7165 100644 --- a/pkg/crds/yaml/generated/catalog.cattle.io_uiplugins.yaml +++ b/pkg/crds/yaml/generated/catalog.cattle.io_uiplugins.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.12.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: uiplugins.catalog.cattle.io spec: group: catalog.cattle.io @@ -29,14 +29,19 @@ spec: openAPIV3Schema: properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -60,13 +65,15 @@ spec: type: string noAuth: default: false - description: NoAuth a flag that tells if the plugin should be - accessible without authentication. Defaults to false. + description: |- + NoAuth a flag that tells if the plugin should be accessible without authentication. + Defaults to false. type: boolean noCache: default: false - description: NoCache a flag that tells if the plugin should be - cached or not. Defaults to false. + description: |- + NoCache a flag that tells if the plugin should be cached or not. + Defaults to false. type: boolean version: description: Version of the plugin. diff --git a/pkg/crds/yaml/generated/management.cattle.io_clusterproxyconfigs.yaml b/pkg/crds/yaml/generated/management.cattle.io_clusterproxyconfigs.yaml index 85624735391..69a7ae1bd1e 100644 --- a/pkg/crds/yaml/generated/management.cattle.io_clusterproxyconfigs.yaml +++ b/pkg/crds/yaml/generated/management.cattle.io_clusterproxyconfigs.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.12.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: clusterproxyconfigs.management.cattle.io spec: group: management.cattle.io @@ -17,24 +17,28 @@ spec: - name: v3 schema: openAPIV3Schema: - description: ClusterProxyConfig determines which downstream requests will - be proxied to the downstream cluster for requests that contain service account - tokens. Objects of this type are created in the namespace of the target - cluster. If no object exists, the feature will be disabled by default. + description: |- + ClusterProxyConfig determines which downstream requests will be proxied to the downstream cluster for requests that contain service account tokens. + Objects of this type are created in the namespace of the target cluster. If no object exists, the feature will be disabled by default. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string enabled: description: Enabled indicates whether downstream proxy requests for service account tokens is enabled. type: boolean kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object diff --git a/pkg/crds/yaml/generated/management.cattle.io_clusterroletemplatebindings.yaml b/pkg/crds/yaml/generated/management.cattle.io_clusterroletemplatebindings.yaml index 8a83ac6ceff..545b8cb47f5 100644 --- a/pkg/crds/yaml/generated/management.cattle.io_clusterroletemplatebindings.yaml +++ b/pkg/crds/yaml/generated/management.cattle.io_clusterroletemplatebindings.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.12.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: clusterroletemplatebindings.management.cattle.io spec: group: management.cattle.io @@ -17,17 +17,21 @@ spec: - name: v3 schema: openAPIV3Schema: - description: ClusterRoleTemplateBinding is the object representing membership - of a subject in a cluster with permissions specified by a given role template. + description: |- + ClusterRoleTemplateBinding is the object representing membership of a subject in a cluster with permissions + specified by a given role template. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string clusterName: - description: ClusterName is the metadata.name of the cluster to which - a subject is added. Must match the namespace. Immutable. + description: |- + ClusterName is the metadata.name of the cluster to which a subject is added. + Must match the namespace. Immutable. type: string groupName: description: GroupName is the name of the group subject added to the cluster. @@ -38,9 +42,12 @@ spec: added to the cluster. Immutable. type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object diff --git a/pkg/crds/yaml/generated/management.cattle.io_globalrolebindings.yaml b/pkg/crds/yaml/generated/management.cattle.io_globalrolebindings.yaml index f9f78368b2a..7edd98cb58d 100644 --- a/pkg/crds/yaml/generated/management.cattle.io_globalrolebindings.yaml +++ b/pkg/crds/yaml/generated/management.cattle.io_globalrolebindings.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.12.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: globalrolebindings.management.cattle.io spec: group: management.cattle.io @@ -20,9 +20,11 @@ spec: description: GlobalRoleBinding binds a given subject user or group to a GlobalRole. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string globalRoleName: description: GlobalRoleName is the name of the Global Role that the subject @@ -33,9 +35,12 @@ spec: to be bound. Immutable. type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object diff --git a/pkg/crds/yaml/generated/management.cattle.io_globalroles.yaml b/pkg/crds/yaml/generated/management.cattle.io_globalroles.yaml index fdf3235e06f..e3a9291c95a 100644 --- a/pkg/crds/yaml/generated/management.cattle.io_globalroles.yaml +++ b/pkg/crds/yaml/generated/management.cattle.io_globalroles.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.12.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: globalroles.management.cattle.io spec: group: management.cattle.io @@ -21,9 +21,11 @@ spec: and or every downstream cluster. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string builtin: description: Builtin specifies that this GlobalRole was created by Rancher @@ -37,42 +39,37 @@ spec: for this resource. type: string inheritedClusterRoles: - description: InheritedClusterRoles are the names of RoleTemplates whose - permissions are granted by this GlobalRole in every cluster besides - the local cluster. To grant permissions in the local cluster, use the - Rules field. + description: |- + InheritedClusterRoles are the names of RoleTemplates whose permissions are granted by this GlobalRole in every + cluster besides the local cluster. To grant permissions in the local cluster, use the Rules field. items: type: string type: array inheritedFleetWorkspacePermissions: - description: InheritedFleetWorkspacePermissions are the permissions granted - by this GlobalRole in every fleet workspace besides the local one. + description: |- + InheritedFleetWorkspacePermissions are the permissions granted by this GlobalRole in every fleet workspace besides + the local one. properties: resourceRules: description: ResourceRules rules granted in all backing namespaces for all fleet workspaces besides the local one. items: - description: PolicyRule holds information that describes a policy - rule, but does not contain information about who the rule applies - to or which namespace the rule applies to. + description: |- + PolicyRule holds information that describes a policy rule, but does not contain information + about who the rule applies to or which namespace the rule applies to. properties: apiGroups: - description: APIGroups is the name of the APIGroup that contains - the resources. If multiple API groups are specified, any - action requested against one of the enumerated resources in - any API group will be allowed. "" represents the core API - group and "*" represents all API groups. + description: |- + APIGroups is the name of the APIGroup that contains the resources. If multiple API groups are specified, any action requested against one of + the enumerated resources in any API group will be allowed. "" represents the core API group and "*" represents all API groups. items: type: string type: array nonResourceURLs: - description: NonResourceURLs is a set of partial urls that a - user should have access to. *s are allowed, but only as the - full, final step in the path Since non-resource URLs are not - namespaced, this field is only applicable for ClusterRoles - referenced from a ClusterRoleBinding. Rules can either apply - to API resources (such as "pods" or "secrets") or non-resource - URL paths (such as "/api"), but not both. + description: |- + NonResourceURLs is a set of partial urls that a user should have access to. *s are allowed, but only as the full, final step in the path + Since non-resource URLs are not namespaced, this field is only applicable for ClusterRoles referenced from a ClusterRoleBinding. + Rules can either apply to API resources (such as "pods" or "secrets") or non-resource URL paths (such as "/api"), but not both. items: type: string type: array @@ -100,44 +97,42 @@ spec: type: object type: array workspaceVerbs: - description: WorkspaceVerbs verbs used to grant permissions to the - cluster-wide fleetworkspace resources. ResourceNames for this rule - will contain all fleet workspace names except local. + description: |- + WorkspaceVerbs verbs used to grant permissions to the cluster-wide fleetworkspace resources. ResourceNames for + this rule will contain all fleet workspace names except local. items: type: string type: array type: object kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object namespacedRules: additionalProperties: items: - description: PolicyRule holds information that describes a policy - rule, but does not contain information about who the rule applies - to or which namespace the rule applies to. + description: |- + PolicyRule holds information that describes a policy rule, but does not contain information + about who the rule applies to or which namespace the rule applies to. properties: apiGroups: - description: APIGroups is the name of the APIGroup that contains - the resources. If multiple API groups are specified, any action - requested against one of the enumerated resources in any API - group will be allowed. "" represents the core API group and - "*" represents all API groups. + description: |- + APIGroups is the name of the APIGroup that contains the resources. If multiple API groups are specified, any action requested against one of + the enumerated resources in any API group will be allowed. "" represents the core API group and "*" represents all API groups. items: type: string type: array nonResourceURLs: - description: NonResourceURLs is a set of partial urls that a user - should have access to. *s are allowed, but only as the full, - final step in the path Since non-resource URLs are not namespaced, - this field is only applicable for ClusterRoles referenced from - a ClusterRoleBinding. Rules can either apply to API resources - (such as "pods" or "secrets") or non-resource URL paths (such - as "/api"), but not both. + description: |- + NonResourceURLs is a set of partial urls that a user should have access to. *s are allowed, but only as the full, final step in the path + Since non-resource URLs are not namespaced, this field is only applicable for ClusterRoles referenced from a ClusterRoleBinding. + Rules can either apply to API resources (such as "pods" or "secrets") or non-resource URL paths (such as "/api"), but not both. items: type: string type: array @@ -164,9 +159,10 @@ spec: - verbs type: object type: array - description: NamespacedRules are the rules that are active in each namespace - of this GlobalRole. These are applied to the local cluster only. * has - no special meaning in the keys - these keys are read as raw strings + description: |- + NamespacedRules are the rules that are active in each namespace of this GlobalRole. + These are applied to the local cluster only. + * has no special meaning in the keys - these keys are read as raw strings and must exactly match with one existing namespace. type: object newUserDefault: @@ -177,27 +173,22 @@ spec: description: Rules holds a list of PolicyRules that are applied to the local cluster only. items: - description: PolicyRule holds information that describes a policy rule, - but does not contain information about who the rule applies to or - which namespace the rule applies to. + description: |- + PolicyRule holds information that describes a policy rule, but does not contain information + about who the rule applies to or which namespace the rule applies to. properties: apiGroups: - description: APIGroups is the name of the APIGroup that contains - the resources. If multiple API groups are specified, any action - requested against one of the enumerated resources in any API group - will be allowed. "" represents the core API group and "*" represents - all API groups. + description: |- + APIGroups is the name of the APIGroup that contains the resources. If multiple API groups are specified, any action requested against one of + the enumerated resources in any API group will be allowed. "" represents the core API group and "*" represents all API groups. items: type: string type: array nonResourceURLs: - description: NonResourceURLs is a set of partial urls that a user - should have access to. *s are allowed, but only as the full, - final step in the path Since non-resource URLs are not namespaced, - this field is only applicable for ClusterRoles referenced from - a ClusterRoleBinding. Rules can either apply to API resources - (such as "pods" or "secrets") or non-resource URL paths (such - as "/api"), but not both. + description: |- + NonResourceURLs is a set of partial urls that a user should have access to. *s are allowed, but only as the full, final step in the path + Since non-resource URLs are not namespaced, this field is only applicable for ClusterRoles referenced from a ClusterRoleBinding. + Rules can either apply to API resources (such as "pods" or "secrets") or non-resource URL paths (such as "/api"), but not both. items: type: string type: array @@ -227,47 +218,47 @@ spec: description: Status is the most recently observed status of the GlobalRole. properties: conditions: - description: Conditions is a slice of Condition, indicating the status - of specific backing RBAC objects. There is one condition per ClusterRole - and Role managed by the GlobalRole. + description: |- + Conditions is a slice of Condition, indicating the status of specific backing RBAC objects. + There is one condition per ClusterRole and Role managed by the GlobalRole. items: description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -281,11 +272,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -302,8 +294,9 @@ spec: was updated. type: string observedGeneration: - description: ObservedGeneration is the most recent generation (metadata.generation - in GlobalRole CR) observed by the controller. Populated by the system. + description: |- + ObservedGeneration is the most recent generation (metadata.generation in GlobalRole CR) + observed by the controller. Populated by the system. format: int64 type: integer summary: diff --git a/pkg/crds/yaml/generated/management.cattle.io_projectroletemplatebindings.yaml b/pkg/crds/yaml/generated/management.cattle.io_projectroletemplatebindings.yaml index 34e711f2899..df112ea5505 100644 --- a/pkg/crds/yaml/generated/management.cattle.io_projectroletemplatebindings.yaml +++ b/pkg/crds/yaml/generated/management.cattle.io_projectroletemplatebindings.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.12.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: projectroletemplatebindings.management.cattle.io spec: group: management.cattle.io @@ -17,13 +17,16 @@ spec: - name: v3 schema: openAPIV3Schema: - description: ProjectRoleTemplateBinding is the object representing membership - of a subject in a project with permissions specified by a given role template. + description: |- + ProjectRoleTemplateBinding is the object representing membership of a subject in a project with permissions + specified by a given role template. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string groupName: description: GroupName is the name of the group subject added to the project. @@ -34,9 +37,12 @@ spec: added to the project. Immutable. type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -49,8 +55,9 @@ spec: permissions to perform actions on resources in the project. Immutable. type: string serviceAccount: - description: ServiceAccount is the name of the service account bound as - a subject. Immutable. Deprecated. + description: |- + ServiceAccount is the name of the service account bound as a subject. Immutable. + Deprecated. type: string userName: description: UserName is the name of the user subject added to the project. diff --git a/pkg/crds/yaml/generated/management.cattle.io_projects.yaml b/pkg/crds/yaml/generated/management.cattle.io_projects.yaml index c50a3197305..8d25507957f 100644 --- a/pkg/crds/yaml/generated/management.cattle.io_projects.yaml +++ b/pkg/crds/yaml/generated/management.cattle.io_projects.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.12.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: projects.management.cattle.io spec: group: management.cattle.io @@ -17,19 +17,25 @@ spec: - name: v3 schema: openAPIV3Schema: - description: Project is a group of namespaces. Projects are used to create - a multi-tenant environment within a Kubernetes cluster by managing namespace - operations, such as role assignments or quotas, as a group. + description: |- + Project is a group of namespaces. + Projects are used to create a multi-tenant environment within a Kubernetes cluster by managing namespace operations, + such as role assignments or quotas, as a group. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -42,9 +48,9 @@ spec: to. Immutable. type: string containerDefaultResourceLimit: - description: ContainerDefaultResourceLimit is a specification for - the default LimitRange for the namespace. See https://kubernetes.io/docs/concepts/policy/limit-range/ - for more details. + description: |- + ContainerDefaultResourceLimit is a specification for the default LimitRange for the namespace. + See https://kubernetes.io/docs/concepts/policy/limit-range/ for more details. properties: limitsCpu: description: LimitsCPU is the CPU limits across all pods in a @@ -70,11 +76,10 @@ spec: description: DisplayName is the human-readable name for the project. type: string namespaceDefaultResourceQuota: - description: NamespaceDefaultResourceQuota is a specification of the - default ResourceQuota that a namespace will receive if none is provided. + description: |- + NamespaceDefaultResourceQuota is a specification of the default ResourceQuota that a namespace will receive if none is provided. Must provide ResourceQuota if NamespaceDefaultResourceQuota is specified. - See https://kubernetes.io/docs/concepts/policy/resource-quotas/ - for more details. + See https://kubernetes.io/docs/concepts/policy/resource-quotas/ for more details. properties: limit: description: Limit is the default quota limits applied to new @@ -136,11 +141,10 @@ spec: type: object type: object resourceQuota: - description: ResourceQuota is a specification for the total amount - of quota for standard resources that will be shared by all namespaces - in the project. Must provide NamespaceDefaultResourceQuota if ResourceQuota - is specified. See https://kubernetes.io/docs/concepts/policy/resource-quotas/ - for more details. + description: |- + ResourceQuota is a specification for the total amount of quota for standard resources that will be shared by all namespaces in the project. + Must provide NamespaceDefaultResourceQuota if ResourceQuota is specified. + See https://kubernetes.io/docs/concepts/policy/resource-quotas/ for more details. properties: limit: description: Limit is the total allowable quota limits shared diff --git a/pkg/crds/yaml/generated/management.cattle.io_roletemplates.yaml b/pkg/crds/yaml/generated/management.cattle.io_roletemplates.yaml index 5511aee791c..63d64d0efb9 100644 --- a/pkg/crds/yaml/generated/management.cattle.io_roletemplates.yaml +++ b/pkg/crds/yaml/generated/management.cattle.io_roletemplates.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.12.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: roletemplates.management.cattle.io spec: group: management.cattle.io @@ -17,33 +17,37 @@ spec: - name: v3 schema: openAPIV3Schema: - description: RoleTemplate holds configuration for a template that is used - to create kubernetes Roles and ClusterRoles (in the rbac.authorization.k8s.io - group) for a cluster or project. + description: |- + RoleTemplate holds configuration for a template that is used to create kubernetes Roles and ClusterRoles + (in the rbac.authorization.k8s.io group) for a cluster or project. properties: administrative: - description: Administrative if false, and context is set to cluster this - RoleTemplate will not grant access to "CatalogTemplates" and "CatalogTemplateVersions" - for any project in the cluster. Default is false. + description: |- + Administrative if false, and context is set to cluster this RoleTemplate will not grant access to "CatalogTemplates" and "CatalogTemplateVersions" for any project in the cluster. + Default is false. type: boolean apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string builtin: - description: Builtin if true specifies that this RoleTemplate was created - by Rancher and is immutable. Default to false. + description: |- + Builtin if true specifies that this RoleTemplate was created by Rancher and is immutable. + Default to false. type: boolean clusterCreatorDefault: - description: ClusterCreatorDefault if true, a binding with this RoleTemplate - will be created for a users when they create a new cluster. ClusterCreatorDefault - is only evaluated if the context of the RoleTemplate is set to cluster. + description: |- + ClusterCreatorDefault if true, a binding with this RoleTemplate will be created for a users when they create a new cluster. + ClusterCreatorDefault is only evaluated if the context of the RoleTemplate is set to cluster. Default to false. type: boolean context: - description: Context describes if the roleTemplate applies to clusters - or projects. Valid values are "project", "cluster" or "". + description: |- + Context describes if the roleTemplate applies to clusters or projects. + Valid values are "project", "cluster" or "". enum: - project - cluster @@ -57,64 +61,65 @@ spec: for this resource. type: string external: - description: External if true specifies that rules for this RoleTemplate - should be gathered from a ClusterRole with the matching name. If set - to true the Rules on the template will not be evaluated. External's - value is only evaluated if the RoleTemplate's context is set to "cluster" + description: |- + External if true specifies that rules for this RoleTemplate should be gathered from a ClusterRole with the matching name. + If set to true the Rules on the template will not be evaluated. + External's value is only evaluated if the RoleTemplate's context is set to "cluster" Default to false. type: boolean hidden: - description: Hidden if true informs the Rancher UI not to display this - RoleTemplate. Default to false. + description: |- + Hidden if true informs the Rancher UI not to display this RoleTemplate. + Default to false. type: boolean kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string locked: - description: Locked if true, new bindings will not be able to use this - RoleTemplate. Default to false. + description: |- + Locked if true, new bindings will not be able to use this RoleTemplate. + Default to false. type: boolean metadata: type: object projectCreatorDefault: - description: ProjectCreatorDefault if true, a binding with this RoleTemplate - will be created for a user when they create a new project. ProjectCreatorDefault - is only evaluated if the context of the RoleTemplate is set to project. + description: |- + ProjectCreatorDefault if true, a binding with this RoleTemplate will be created for a user when they create a new project. + ProjectCreatorDefault is only evaluated if the context of the RoleTemplate is set to project. Default to false. type: boolean roleTemplateNames: - description: RoleTemplateNames list of RoleTemplate names that this RoleTemplate - will inherit. This RoleTemplate will grant all rules defined in an inherited - RoleTemplate. Inherited RoleTemplates must already exist. + description: |- + RoleTemplateNames list of RoleTemplate names that this RoleTemplate will inherit. + This RoleTemplate will grant all rules defined in an inherited RoleTemplate. + Inherited RoleTemplates must already exist. items: type: string type: array rules: description: Rules hold all the PolicyRules for this RoleTemplate. items: - description: PolicyRule holds information that describes a policy rule, - but does not contain information about who the rule applies to or - which namespace the rule applies to. + description: |- + PolicyRule holds information that describes a policy rule, but does not contain information + about who the rule applies to or which namespace the rule applies to. properties: apiGroups: - description: APIGroups is the name of the APIGroup that contains - the resources. If multiple API groups are specified, any action - requested against one of the enumerated resources in any API group - will be allowed. "" represents the core API group and "*" represents - all API groups. + description: |- + APIGroups is the name of the APIGroup that contains the resources. If multiple API groups are specified, any action requested against one of + the enumerated resources in any API group will be allowed. "" represents the core API group and "*" represents all API groups. items: type: string type: array nonResourceURLs: - description: NonResourceURLs is a set of partial urls that a user - should have access to. *s are allowed, but only as the full, - final step in the path Since non-resource URLs are not namespaced, - this field is only applicable for ClusterRoles referenced from - a ClusterRoleBinding. Rules can either apply to API resources - (such as "pods" or "secrets") or non-resource URL paths (such - as "/api"), but not both. + description: |- + NonResourceURLs is a set of partial urls that a user should have access to. *s are allowed, but only as the full, final step in the path + Since non-resource URLs are not namespaced, this field is only applicable for ClusterRoles referenced from a ClusterRoleBinding. + Rules can either apply to API resources (such as "pods" or "secrets") or non-resource URL paths (such as "/api"), but not both. items: type: string type: array