From e0a748d3c740c08a77de2e1a31d4b712f01a9bf3 Mon Sep 17 00:00:00 2001 From: miyadav Date: Wed, 10 Jun 2026 12:23:27 +0100 Subject: [PATCH 1/5] [Draft] - Adding cabilities for crdcompatibilitychecker and capi CRs --- config/v1/types_cluster_version.go | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/config/v1/types_cluster_version.go b/config/v1/types_cluster_version.go index f8d45114a83..4636a7b1371 100644 --- a/config/v1/types_cluster_version.go +++ b/config/v1/types_cluster_version.go @@ -19,6 +19,7 @@ import ( // +kubebuilder:subresource:status // +kubebuilder:resource:path=clusterversions,scope=Cluster // +kubebuilder:validation:XValidation:rule="has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities) && self.spec.capabilities.baselineCapabilitySet == 'None' && 'marketplace' in self.spec.capabilities.additionalEnabledCapabilities ? 'OperatorLifecycleManager' in self.spec.capabilities.additionalEnabledCapabilities || (has(self.status) && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) && 'OperatorLifecycleManager' in self.status.capabilities.enabledCapabilities) : true",message="the `marketplace` capability requires the `OperatorLifecycleManager` capability, which is neither explicitly or implicitly enabled in this cluster, please enable the `OperatorLifecycleManager` capability" +// +kubebuilder:validation:XValidation:rule="has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities) && self.spec.capabilities.baselineCapabilitySet == 'None' && 'ClusterAPI' in self.spec.capabilities.additionalEnabledCapabilities ? 'CompatibilityRequirements' in self.spec.capabilities.additionalEnabledCapabilities || (has(self.status) && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) && 'CompatibilityRequirements' in self.status.capabilities.enabledCapabilities) : true",message="the `ClusterAPI` capability requires the `CompatibilityRequirements` capability, which is neither explicitly or implicitly enabled in this cluster, please enable the `CompatibilityRequirements` capability" // +kubebuilder:printcolumn:name=Version,JSONPath=.status.history[?(@.state=="Completed")].version,type=string // +kubebuilder:printcolumn:name=Available,JSONPath=.status.conditions[?(@.type=="Available")].status,type=string // +kubebuilder:printcolumn:name=Progressing,JSONPath=.status.conditions[?(@.type=="Progressing")].status,type=string @@ -304,7 +305,7 @@ const ( ) // ClusterVersionCapability enumerates optional, core cluster components. -// +kubebuilder:validation:Enum=openshift-samples;baremetal;marketplace;Console;Insights;Storage;CSISnapshot;NodeTuning;MachineAPI;Build;DeploymentConfig;ImageRegistry;OperatorLifecycleManager;CloudCredential;Ingress;CloudControllerManager;OperatorLifecycleManagerV1 +// +kubebuilder:validation:Enum=openshift-samples;baremetal;marketplace;Console;Insights;Storage;CSISnapshot;NodeTuning;MachineAPI;Build;DeploymentConfig;ImageRegistry;OperatorLifecycleManager;CloudCredential;Ingress;CloudControllerManager;OperatorLifecycleManagerV1;CompatibilityRequirements;ClusterAPI type ClusterVersionCapability string const ( @@ -425,6 +426,19 @@ const ( // Managers deployed on top of OpenShift. They help you to work with cloud // provider API and embeds cloud-specific control logic. ClusterVersionCapabilityCloudControllerManager ClusterVersionCapability = "CloudControllerManager" + + // ClusterVersionCapabilityCompatibilityRequirements manages the Compatibility + // Requirements operator which enforces CRD compatibility constraints via + // validating webhooks. + ClusterVersionCapabilityCompatibilityRequirements ClusterVersionCapability = "CompatibilityRequirements" + + // ClusterVersionCapabilityClusterAPI manages the Cluster API operator and + // controllers which provide forward-compatible machine management for + // OpenShift clusters. + // + // Note that Cluster API has a hard requirement on CompatibilityRequirements. + // CompatibilityRequirements cannot be disabled while Cluster API is enabled. + ClusterVersionCapabilityClusterAPI ClusterVersionCapability = "ClusterAPI" ) // KnownClusterVersionCapabilities includes all known optional, core cluster components. @@ -446,6 +460,8 @@ var KnownClusterVersionCapabilities = []ClusterVersionCapability{ ClusterVersionCapabilityCloudCredential, ClusterVersionCapabilityIngress, ClusterVersionCapabilityCloudControllerManager, + ClusterVersionCapabilityCompatibilityRequirements, + ClusterVersionCapabilityClusterAPI, } // ClusterVersionCapabilitySet defines sets of cluster version capabilities. @@ -644,6 +660,8 @@ var ClusterVersionCapabilitySets = map[ClusterVersionCapabilitySet][]ClusterVers ClusterVersionCapabilityCloudCredential, ClusterVersionCapabilityIngress, ClusterVersionCapabilityCloudControllerManager, + ClusterVersionCapabilityCompatibilityRequirements, + ClusterVersionCapabilityClusterAPI, }, } From 79a53623c27bb81b8c76aae33aa70922efd32a4f Mon Sep 17 00:00:00 2001 From: miyadav Date: Wed, 10 Jun 2026 15:06:04 +0100 Subject: [PATCH 2/5] update to kubebuilderrule and generated manifests changes --- config/v1/types_cluster_version.go | 2 +- ...or_01_clusterversions-CustomNoUpgrade.crd.yaml | 15 +++++++++++++++ ...n-operator_01_clusterversions-Default.crd.yaml | 15 +++++++++++++++ ...1_clusterversions-DevPreviewNoUpgrade.crd.yaml | 15 +++++++++++++++ ...rsion-operator_01_clusterversions-OKD.crd.yaml | 15 +++++++++++++++ ..._clusterversions-TechPreviewNoUpgrade.crd.yaml | 15 +++++++++++++++ .../AAA_ungated.yaml | 15 +++++++++++++++ .../ClusterUpdateAcceptRisks.yaml | 15 +++++++++++++++ .../ClusterUpdatePreflight.yaml | 15 +++++++++++++++ .../ImageStreamImportMode.yaml | 15 +++++++++++++++ .../SignatureStores.yaml | 15 +++++++++++++++ 11 files changed, 151 insertions(+), 1 deletion(-) diff --git a/config/v1/types_cluster_version.go b/config/v1/types_cluster_version.go index 4636a7b1371..927bc25bcd9 100644 --- a/config/v1/types_cluster_version.go +++ b/config/v1/types_cluster_version.go @@ -19,7 +19,7 @@ import ( // +kubebuilder:subresource:status // +kubebuilder:resource:path=clusterversions,scope=Cluster // +kubebuilder:validation:XValidation:rule="has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities) && self.spec.capabilities.baselineCapabilitySet == 'None' && 'marketplace' in self.spec.capabilities.additionalEnabledCapabilities ? 'OperatorLifecycleManager' in self.spec.capabilities.additionalEnabledCapabilities || (has(self.status) && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) && 'OperatorLifecycleManager' in self.status.capabilities.enabledCapabilities) : true",message="the `marketplace` capability requires the `OperatorLifecycleManager` capability, which is neither explicitly or implicitly enabled in this cluster, please enable the `OperatorLifecycleManager` capability" -// +kubebuilder:validation:XValidation:rule="has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities) && self.spec.capabilities.baselineCapabilitySet == 'None' && 'ClusterAPI' in self.spec.capabilities.additionalEnabledCapabilities ? 'CompatibilityRequirements' in self.spec.capabilities.additionalEnabledCapabilities || (has(self.status) && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) && 'CompatibilityRequirements' in self.status.capabilities.enabledCapabilities) : true",message="the `ClusterAPI` capability requires the `CompatibilityRequirements` capability, which is neither explicitly or implicitly enabled in this cluster, please enable the `CompatibilityRequirements` capability" +// +kubebuilder:validation:XValidation:rule="has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities) && 'ClusterAPI' in self.spec.capabilities.additionalEnabledCapabilities ? 'CompatibilityRequirements' in self.spec.capabilities.additionalEnabledCapabilities || (has(self.status) && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) && 'CompatibilityRequirements' in self.status.capabilities.enabledCapabilities) : true",message="the `ClusterAPI` capability requires the `CompatibilityRequirements` capability, which is neither explicitly or implicitly enabled in this cluster, please enable the `CompatibilityRequirements` capability" // +kubebuilder:printcolumn:name=Version,JSONPath=.status.history[?(@.state=="Completed")].version,type=string // +kubebuilder:printcolumn:name=Available,JSONPath=.status.conditions[?(@.type=="Available")].status,type=string // +kubebuilder:printcolumn:name=Progressing,JSONPath=.status.conditions[?(@.type=="Progressing")].status,type=string diff --git a/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-CustomNoUpgrade.crd.yaml b/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-CustomNoUpgrade.crd.yaml index 0deb9ba0861..1702e755aff 100644 --- a/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-CustomNoUpgrade.crd.yaml +++ b/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-CustomNoUpgrade.crd.yaml @@ -95,6 +95,8 @@ spec: - Ingress - CloudControllerManager - OperatorLifecycleManagerV1 + - CompatibilityRequirements + - ClusterAPI type: string type: array x-kubernetes-list-type: atomic @@ -442,6 +444,8 @@ spec: - Ingress - CloudControllerManager - OperatorLifecycleManagerV1 + - CompatibilityRequirements + - ClusterAPI type: string type: array x-kubernetes-list-type: atomic @@ -469,6 +473,8 @@ spec: - Ingress - CloudControllerManager - OperatorLifecycleManagerV1 + - CompatibilityRequirements + - ClusterAPI type: string type: array x-kubernetes-list-type: atomic @@ -1133,6 +1139,15 @@ spec: && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) && ''OperatorLifecycleManager'' in self.status.capabilities.enabledCapabilities) : true' + - message: the `ClusterAPI` capability requires the `CompatibilityRequirements` + capability, which is neither explicitly or implicitly enabled in this + cluster, please enable the `CompatibilityRequirements` capability + rule: 'has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities) + && ''ClusterAPI'' in self.spec.capabilities.additionalEnabledCapabilities + ? ''CompatibilityRequirements'' in self.spec.capabilities.additionalEnabledCapabilities + || (has(self.status) && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) + && ''CompatibilityRequirements'' in self.status.capabilities.enabledCapabilities) + : true' served: true storage: true subresources: diff --git a/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-Default.crd.yaml b/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-Default.crd.yaml index 430a39025ff..8a76a4b83f8 100644 --- a/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-Default.crd.yaml +++ b/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-Default.crd.yaml @@ -95,6 +95,8 @@ spec: - Ingress - CloudControllerManager - OperatorLifecycleManagerV1 + - CompatibilityRequirements + - ClusterAPI type: string type: array x-kubernetes-list-type: atomic @@ -346,6 +348,8 @@ spec: - Ingress - CloudControllerManager - OperatorLifecycleManagerV1 + - CompatibilityRequirements + - ClusterAPI type: string type: array x-kubernetes-list-type: atomic @@ -373,6 +377,8 @@ spec: - Ingress - CloudControllerManager - OperatorLifecycleManagerV1 + - CompatibilityRequirements + - ClusterAPI type: string type: array x-kubernetes-list-type: atomic @@ -790,6 +796,15 @@ spec: && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) && ''OperatorLifecycleManager'' in self.status.capabilities.enabledCapabilities) : true' + - message: the `ClusterAPI` capability requires the `CompatibilityRequirements` + capability, which is neither explicitly or implicitly enabled in this + cluster, please enable the `CompatibilityRequirements` capability + rule: 'has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities) + && ''ClusterAPI'' in self.spec.capabilities.additionalEnabledCapabilities + ? ''CompatibilityRequirements'' in self.spec.capabilities.additionalEnabledCapabilities + || (has(self.status) && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) + && ''CompatibilityRequirements'' in self.status.capabilities.enabledCapabilities) + : true' served: true storage: true subresources: diff --git a/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-DevPreviewNoUpgrade.crd.yaml b/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-DevPreviewNoUpgrade.crd.yaml index 70a09d3ff0a..ac031e99af7 100644 --- a/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-DevPreviewNoUpgrade.crd.yaml +++ b/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-DevPreviewNoUpgrade.crd.yaml @@ -95,6 +95,8 @@ spec: - Ingress - CloudControllerManager - OperatorLifecycleManagerV1 + - CompatibilityRequirements + - ClusterAPI type: string type: array x-kubernetes-list-type: atomic @@ -442,6 +444,8 @@ spec: - Ingress - CloudControllerManager - OperatorLifecycleManagerV1 + - CompatibilityRequirements + - ClusterAPI type: string type: array x-kubernetes-list-type: atomic @@ -469,6 +473,8 @@ spec: - Ingress - CloudControllerManager - OperatorLifecycleManagerV1 + - CompatibilityRequirements + - ClusterAPI type: string type: array x-kubernetes-list-type: atomic @@ -1133,6 +1139,15 @@ spec: && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) && ''OperatorLifecycleManager'' in self.status.capabilities.enabledCapabilities) : true' + - message: the `ClusterAPI` capability requires the `CompatibilityRequirements` + capability, which is neither explicitly or implicitly enabled in this + cluster, please enable the `CompatibilityRequirements` capability + rule: 'has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities) + && ''ClusterAPI'' in self.spec.capabilities.additionalEnabledCapabilities + ? ''CompatibilityRequirements'' in self.spec.capabilities.additionalEnabledCapabilities + || (has(self.status) && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) + && ''CompatibilityRequirements'' in self.status.capabilities.enabledCapabilities) + : true' served: true storage: true subresources: diff --git a/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-OKD.crd.yaml b/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-OKD.crd.yaml index 1ae333ddc69..ac0cfb19028 100644 --- a/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-OKD.crd.yaml +++ b/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-OKD.crd.yaml @@ -95,6 +95,8 @@ spec: - Ingress - CloudControllerManager - OperatorLifecycleManagerV1 + - CompatibilityRequirements + - ClusterAPI type: string type: array x-kubernetes-list-type: atomic @@ -346,6 +348,8 @@ spec: - Ingress - CloudControllerManager - OperatorLifecycleManagerV1 + - CompatibilityRequirements + - ClusterAPI type: string type: array x-kubernetes-list-type: atomic @@ -373,6 +377,8 @@ spec: - Ingress - CloudControllerManager - OperatorLifecycleManagerV1 + - CompatibilityRequirements + - ClusterAPI type: string type: array x-kubernetes-list-type: atomic @@ -790,6 +796,15 @@ spec: && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) && ''OperatorLifecycleManager'' in self.status.capabilities.enabledCapabilities) : true' + - message: the `ClusterAPI` capability requires the `CompatibilityRequirements` + capability, which is neither explicitly or implicitly enabled in this + cluster, please enable the `CompatibilityRequirements` capability + rule: 'has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities) + && ''ClusterAPI'' in self.spec.capabilities.additionalEnabledCapabilities + ? ''CompatibilityRequirements'' in self.spec.capabilities.additionalEnabledCapabilities + || (has(self.status) && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) + && ''CompatibilityRequirements'' in self.status.capabilities.enabledCapabilities) + : true' served: true storage: true subresources: diff --git a/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-TechPreviewNoUpgrade.crd.yaml b/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-TechPreviewNoUpgrade.crd.yaml index ea97687cfc1..27985043e37 100644 --- a/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-TechPreviewNoUpgrade.crd.yaml +++ b/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-TechPreviewNoUpgrade.crd.yaml @@ -95,6 +95,8 @@ spec: - Ingress - CloudControllerManager - OperatorLifecycleManagerV1 + - CompatibilityRequirements + - ClusterAPI type: string type: array x-kubernetes-list-type: atomic @@ -425,6 +427,8 @@ spec: - Ingress - CloudControllerManager - OperatorLifecycleManagerV1 + - CompatibilityRequirements + - ClusterAPI type: string type: array x-kubernetes-list-type: atomic @@ -452,6 +456,8 @@ spec: - Ingress - CloudControllerManager - OperatorLifecycleManagerV1 + - CompatibilityRequirements + - ClusterAPI type: string type: array x-kubernetes-list-type: atomic @@ -1116,6 +1122,15 @@ spec: && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) && ''OperatorLifecycleManager'' in self.status.capabilities.enabledCapabilities) : true' + - message: the `ClusterAPI` capability requires the `CompatibilityRequirements` + capability, which is neither explicitly or implicitly enabled in this + cluster, please enable the `CompatibilityRequirements` capability + rule: 'has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities) + && ''ClusterAPI'' in self.spec.capabilities.additionalEnabledCapabilities + ? ''CompatibilityRequirements'' in self.spec.capabilities.additionalEnabledCapabilities + || (has(self.status) && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) + && ''CompatibilityRequirements'' in self.status.capabilities.enabledCapabilities) + : true' served: true storage: true subresources: diff --git a/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/AAA_ungated.yaml b/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/AAA_ungated.yaml index c7edb6835a1..aea52df487e 100644 --- a/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/AAA_ungated.yaml +++ b/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/AAA_ungated.yaml @@ -97,6 +97,8 @@ spec: - Ingress - CloudControllerManager - OperatorLifecycleManagerV1 + - CompatibilityRequirements + - ClusterAPI type: string type: array x-kubernetes-list-type: atomic @@ -337,6 +339,8 @@ spec: - Ingress - CloudControllerManager - OperatorLifecycleManagerV1 + - CompatibilityRequirements + - ClusterAPI type: string type: array x-kubernetes-list-type: atomic @@ -364,6 +368,8 @@ spec: - Ingress - CloudControllerManager - OperatorLifecycleManagerV1 + - CompatibilityRequirements + - ClusterAPI type: string type: array x-kubernetes-list-type: atomic @@ -759,6 +765,15 @@ spec: && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) && ''OperatorLifecycleManager'' in self.status.capabilities.enabledCapabilities) : true' + - message: the `ClusterAPI` capability requires the `CompatibilityRequirements` + capability, which is neither explicitly or implicitly enabled in this + cluster, please enable the `CompatibilityRequirements` capability + rule: 'has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities) + && ''ClusterAPI'' in self.spec.capabilities.additionalEnabledCapabilities + ? ''CompatibilityRequirements'' in self.spec.capabilities.additionalEnabledCapabilities + || (has(self.status) && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) + && ''CompatibilityRequirements'' in self.status.capabilities.enabledCapabilities) + : true' served: true storage: true subresources: diff --git a/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/ClusterUpdateAcceptRisks.yaml b/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/ClusterUpdateAcceptRisks.yaml index e5ac1631330..44672596cc4 100644 --- a/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/ClusterUpdateAcceptRisks.yaml +++ b/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/ClusterUpdateAcceptRisks.yaml @@ -97,6 +97,8 @@ spec: - Ingress - CloudControllerManager - OperatorLifecycleManagerV1 + - CompatibilityRequirements + - ClusterAPI type: string type: array x-kubernetes-list-type: atomic @@ -365,6 +367,8 @@ spec: - Ingress - CloudControllerManager - OperatorLifecycleManagerV1 + - CompatibilityRequirements + - ClusterAPI type: string type: array x-kubernetes-list-type: atomic @@ -392,6 +396,8 @@ spec: - Ingress - CloudControllerManager - OperatorLifecycleManagerV1 + - CompatibilityRequirements + - ClusterAPI type: string type: array x-kubernetes-list-type: atomic @@ -1034,6 +1040,15 @@ spec: && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) && ''OperatorLifecycleManager'' in self.status.capabilities.enabledCapabilities) : true' + - message: the `ClusterAPI` capability requires the `CompatibilityRequirements` + capability, which is neither explicitly or implicitly enabled in this + cluster, please enable the `CompatibilityRequirements` capability + rule: 'has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities) + && ''ClusterAPI'' in self.spec.capabilities.additionalEnabledCapabilities + ? ''CompatibilityRequirements'' in self.spec.capabilities.additionalEnabledCapabilities + || (has(self.status) && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) + && ''CompatibilityRequirements'' in self.status.capabilities.enabledCapabilities) + : true' served: true storage: true subresources: diff --git a/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/ClusterUpdatePreflight.yaml b/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/ClusterUpdatePreflight.yaml index 005036bbe72..9ab9c587345 100644 --- a/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/ClusterUpdatePreflight.yaml +++ b/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/ClusterUpdatePreflight.yaml @@ -97,6 +97,8 @@ spec: - Ingress - CloudControllerManager - OperatorLifecycleManagerV1 + - CompatibilityRequirements + - ClusterAPI type: string type: array x-kubernetes-list-type: atomic @@ -354,6 +356,8 @@ spec: - Ingress - CloudControllerManager - OperatorLifecycleManagerV1 + - CompatibilityRequirements + - ClusterAPI type: string type: array x-kubernetes-list-type: atomic @@ -381,6 +385,8 @@ spec: - Ingress - CloudControllerManager - OperatorLifecycleManagerV1 + - CompatibilityRequirements + - ClusterAPI type: string type: array x-kubernetes-list-type: atomic @@ -776,6 +782,15 @@ spec: && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) && ''OperatorLifecycleManager'' in self.status.capabilities.enabledCapabilities) : true' + - message: the `ClusterAPI` capability requires the `CompatibilityRequirements` + capability, which is neither explicitly or implicitly enabled in this + cluster, please enable the `CompatibilityRequirements` capability + rule: 'has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities) + && ''ClusterAPI'' in self.spec.capabilities.additionalEnabledCapabilities + ? ''CompatibilityRequirements'' in self.spec.capabilities.additionalEnabledCapabilities + || (has(self.status) && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) + && ''CompatibilityRequirements'' in self.status.capabilities.enabledCapabilities) + : true' served: true storage: true subresources: diff --git a/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/ImageStreamImportMode.yaml b/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/ImageStreamImportMode.yaml index 5682079136d..8b0b365df2a 100644 --- a/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/ImageStreamImportMode.yaml +++ b/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/ImageStreamImportMode.yaml @@ -97,6 +97,8 @@ spec: - Ingress - CloudControllerManager - OperatorLifecycleManagerV1 + - CompatibilityRequirements + - ClusterAPI type: string type: array x-kubernetes-list-type: atomic @@ -348,6 +350,8 @@ spec: - Ingress - CloudControllerManager - OperatorLifecycleManagerV1 + - CompatibilityRequirements + - ClusterAPI type: string type: array x-kubernetes-list-type: atomic @@ -375,6 +379,8 @@ spec: - Ingress - CloudControllerManager - OperatorLifecycleManagerV1 + - CompatibilityRequirements + - ClusterAPI type: string type: array x-kubernetes-list-type: atomic @@ -792,6 +798,15 @@ spec: && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) && ''OperatorLifecycleManager'' in self.status.capabilities.enabledCapabilities) : true' + - message: the `ClusterAPI` capability requires the `CompatibilityRequirements` + capability, which is neither explicitly or implicitly enabled in this + cluster, please enable the `CompatibilityRequirements` capability + rule: 'has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities) + && ''ClusterAPI'' in self.spec.capabilities.additionalEnabledCapabilities + ? ''CompatibilityRequirements'' in self.spec.capabilities.additionalEnabledCapabilities + || (has(self.status) && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) + && ''CompatibilityRequirements'' in self.status.capabilities.enabledCapabilities) + : true' served: true storage: true subresources: diff --git a/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/SignatureStores.yaml b/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/SignatureStores.yaml index 17ca96c1c8f..6e859297440 100644 --- a/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/SignatureStores.yaml +++ b/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/SignatureStores.yaml @@ -97,6 +97,8 @@ spec: - Ingress - CloudControllerManager - OperatorLifecycleManagerV1 + - CompatibilityRequirements + - ClusterAPI type: string type: array x-kubernetes-list-type: atomic @@ -388,6 +390,8 @@ spec: - Ingress - CloudControllerManager - OperatorLifecycleManagerV1 + - CompatibilityRequirements + - ClusterAPI type: string type: array x-kubernetes-list-type: atomic @@ -415,6 +419,8 @@ spec: - Ingress - CloudControllerManager - OperatorLifecycleManagerV1 + - CompatibilityRequirements + - ClusterAPI type: string type: array x-kubernetes-list-type: atomic @@ -810,6 +816,15 @@ spec: && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) && ''OperatorLifecycleManager'' in self.status.capabilities.enabledCapabilities) : true' + - message: the `ClusterAPI` capability requires the `CompatibilityRequirements` + capability, which is neither explicitly or implicitly enabled in this + cluster, please enable the `CompatibilityRequirements` capability + rule: 'has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities) + && ''ClusterAPI'' in self.spec.capabilities.additionalEnabledCapabilities + ? ''CompatibilityRequirements'' in self.spec.capabilities.additionalEnabledCapabilities + || (has(self.status) && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) + && ''CompatibilityRequirements'' in self.status.capabilities.enabledCapabilities) + : true' served: true storage: true subresources: From 1fc3a3dc5769cbe580d6b6221ae320f69c078d7a Mon Sep 17 00:00:00 2001 From: miyadav Date: Wed, 17 Jun 2026 15:43:41 +0100 Subject: [PATCH 3/5] =?UTF-8?q?=20=20Gate=20the=20ClusterVersionCapability?= =?UTF-8?q?=20enum=20values=20and=20the=20ClusterAPI=E2=86=92Compatibility?= =?UTF-8?q?Requirements=20=20=20dependency=20XValidation=20behind=20the=20?= =?UTF-8?q?CRDCompatibilityRequirementOperator=20feature=20gate=20so=20the?= =?UTF-8?q?y=20=20=20only=20ship=20in=20TechPreview/DevPreview=20CRDs=20un?= =?UTF-8?q?til=20the=20gate=20is=20promoted.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- config/v1/types_cluster_version.go | 5 +- ...1_clusterversions-CustomNoUpgrade.crd.yaml | 9 - ...erator_01_clusterversions-Default.crd.yaml | 15 - ...usterversions-DevPreviewNoUpgrade.crd.yaml | 9 - ...n-operator_01_clusterversions-OKD.crd.yaml | 15 - ...sterversions-TechPreviewNoUpgrade.crd.yaml | 9 - ..._generated.featuregated-crd-manifests.yaml | 1 + .../AAA_ungated.yaml | 15 - .../CRDCompatibilityRequirementOperator.yaml | 780 ++++++++++++++++++ .../ClusterUpdateAcceptRisks.yaml | 69 -- .../ClusterUpdatePreflight.yaml | 69 -- .../ImageStreamImportMode.yaml | 69 -- .../SignatureStores.yaml | 69 -- 13 files changed, 784 insertions(+), 350 deletions(-) create mode 100644 config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/CRDCompatibilityRequirementOperator.yaml diff --git a/config/v1/types_cluster_version.go b/config/v1/types_cluster_version.go index 927bc25bcd9..c2e1bd66398 100644 --- a/config/v1/types_cluster_version.go +++ b/config/v1/types_cluster_version.go @@ -19,7 +19,7 @@ import ( // +kubebuilder:subresource:status // +kubebuilder:resource:path=clusterversions,scope=Cluster // +kubebuilder:validation:XValidation:rule="has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities) && self.spec.capabilities.baselineCapabilitySet == 'None' && 'marketplace' in self.spec.capabilities.additionalEnabledCapabilities ? 'OperatorLifecycleManager' in self.spec.capabilities.additionalEnabledCapabilities || (has(self.status) && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) && 'OperatorLifecycleManager' in self.status.capabilities.enabledCapabilities) : true",message="the `marketplace` capability requires the `OperatorLifecycleManager` capability, which is neither explicitly or implicitly enabled in this cluster, please enable the `OperatorLifecycleManager` capability" -// +kubebuilder:validation:XValidation:rule="has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities) && 'ClusterAPI' in self.spec.capabilities.additionalEnabledCapabilities ? 'CompatibilityRequirements' in self.spec.capabilities.additionalEnabledCapabilities || (has(self.status) && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) && 'CompatibilityRequirements' in self.status.capabilities.enabledCapabilities) : true",message="the `ClusterAPI` capability requires the `CompatibilityRequirements` capability, which is neither explicitly or implicitly enabled in this cluster, please enable the `CompatibilityRequirements` capability" +// +openshift:validation:FeatureGateAwareXValidation:featureGate=CRDCompatibilityRequirementOperator,rule="has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities) && 'ClusterAPI' in self.spec.capabilities.additionalEnabledCapabilities ? 'CompatibilityRequirements' in self.spec.capabilities.additionalEnabledCapabilities || (has(self.status) && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) && 'CompatibilityRequirements' in self.status.capabilities.enabledCapabilities) : true",message="the `ClusterAPI` capability requires the `CompatibilityRequirements` capability, which is neither explicitly or implicitly enabled in this cluster, please enable the `CompatibilityRequirements` capability" // +kubebuilder:printcolumn:name=Version,JSONPath=.status.history[?(@.state=="Completed")].version,type=string // +kubebuilder:printcolumn:name=Available,JSONPath=.status.conditions[?(@.type=="Available")].status,type=string // +kubebuilder:printcolumn:name=Progressing,JSONPath=.status.conditions[?(@.type=="Progressing")].status,type=string @@ -305,7 +305,8 @@ const ( ) // ClusterVersionCapability enumerates optional, core cluster components. -// +kubebuilder:validation:Enum=openshift-samples;baremetal;marketplace;Console;Insights;Storage;CSISnapshot;NodeTuning;MachineAPI;Build;DeploymentConfig;ImageRegistry;OperatorLifecycleManager;CloudCredential;Ingress;CloudControllerManager;OperatorLifecycleManagerV1;CompatibilityRequirements;ClusterAPI +// +openshift:validation:FeatureGateAwareEnum:featureGate="",enum=openshift-samples;baremetal;marketplace;Console;Insights;Storage;CSISnapshot;NodeTuning;MachineAPI;Build;DeploymentConfig;ImageRegistry;OperatorLifecycleManager;CloudCredential;Ingress;CloudControllerManager;OperatorLifecycleManagerV1 +// +openshift:validation:FeatureGateAwareEnum:featureGate=CRDCompatibilityRequirementOperator,enum=openshift-samples;baremetal;marketplace;Console;Insights;Storage;CSISnapshot;NodeTuning;MachineAPI;Build;DeploymentConfig;ImageRegistry;OperatorLifecycleManager;CloudCredential;Ingress;CloudControllerManager;OperatorLifecycleManagerV1;CompatibilityRequirements;ClusterAPI type ClusterVersionCapability string const ( diff --git a/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-CustomNoUpgrade.crd.yaml b/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-CustomNoUpgrade.crd.yaml index 1702e755aff..614cacb4691 100644 --- a/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-CustomNoUpgrade.crd.yaml +++ b/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-CustomNoUpgrade.crd.yaml @@ -1139,15 +1139,6 @@ spec: && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) && ''OperatorLifecycleManager'' in self.status.capabilities.enabledCapabilities) : true' - - message: the `ClusterAPI` capability requires the `CompatibilityRequirements` - capability, which is neither explicitly or implicitly enabled in this - cluster, please enable the `CompatibilityRequirements` capability - rule: 'has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities) - && ''ClusterAPI'' in self.spec.capabilities.additionalEnabledCapabilities - ? ''CompatibilityRequirements'' in self.spec.capabilities.additionalEnabledCapabilities - || (has(self.status) && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) - && ''CompatibilityRequirements'' in self.status.capabilities.enabledCapabilities) - : true' served: true storage: true subresources: diff --git a/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-Default.crd.yaml b/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-Default.crd.yaml index 8a76a4b83f8..430a39025ff 100644 --- a/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-Default.crd.yaml +++ b/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-Default.crd.yaml @@ -95,8 +95,6 @@ spec: - Ingress - CloudControllerManager - OperatorLifecycleManagerV1 - - CompatibilityRequirements - - ClusterAPI type: string type: array x-kubernetes-list-type: atomic @@ -348,8 +346,6 @@ spec: - Ingress - CloudControllerManager - OperatorLifecycleManagerV1 - - CompatibilityRequirements - - ClusterAPI type: string type: array x-kubernetes-list-type: atomic @@ -377,8 +373,6 @@ spec: - Ingress - CloudControllerManager - OperatorLifecycleManagerV1 - - CompatibilityRequirements - - ClusterAPI type: string type: array x-kubernetes-list-type: atomic @@ -796,15 +790,6 @@ spec: && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) && ''OperatorLifecycleManager'' in self.status.capabilities.enabledCapabilities) : true' - - message: the `ClusterAPI` capability requires the `CompatibilityRequirements` - capability, which is neither explicitly or implicitly enabled in this - cluster, please enable the `CompatibilityRequirements` capability - rule: 'has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities) - && ''ClusterAPI'' in self.spec.capabilities.additionalEnabledCapabilities - ? ''CompatibilityRequirements'' in self.spec.capabilities.additionalEnabledCapabilities - || (has(self.status) && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) - && ''CompatibilityRequirements'' in self.status.capabilities.enabledCapabilities) - : true' served: true storage: true subresources: diff --git a/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-DevPreviewNoUpgrade.crd.yaml b/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-DevPreviewNoUpgrade.crd.yaml index ac031e99af7..a376d14fb74 100644 --- a/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-DevPreviewNoUpgrade.crd.yaml +++ b/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-DevPreviewNoUpgrade.crd.yaml @@ -1139,15 +1139,6 @@ spec: && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) && ''OperatorLifecycleManager'' in self.status.capabilities.enabledCapabilities) : true' - - message: the `ClusterAPI` capability requires the `CompatibilityRequirements` - capability, which is neither explicitly or implicitly enabled in this - cluster, please enable the `CompatibilityRequirements` capability - rule: 'has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities) - && ''ClusterAPI'' in self.spec.capabilities.additionalEnabledCapabilities - ? ''CompatibilityRequirements'' in self.spec.capabilities.additionalEnabledCapabilities - || (has(self.status) && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) - && ''CompatibilityRequirements'' in self.status.capabilities.enabledCapabilities) - : true' served: true storage: true subresources: diff --git a/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-OKD.crd.yaml b/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-OKD.crd.yaml index ac0cfb19028..1ae333ddc69 100644 --- a/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-OKD.crd.yaml +++ b/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-OKD.crd.yaml @@ -95,8 +95,6 @@ spec: - Ingress - CloudControllerManager - OperatorLifecycleManagerV1 - - CompatibilityRequirements - - ClusterAPI type: string type: array x-kubernetes-list-type: atomic @@ -348,8 +346,6 @@ spec: - Ingress - CloudControllerManager - OperatorLifecycleManagerV1 - - CompatibilityRequirements - - ClusterAPI type: string type: array x-kubernetes-list-type: atomic @@ -377,8 +373,6 @@ spec: - Ingress - CloudControllerManager - OperatorLifecycleManagerV1 - - CompatibilityRequirements - - ClusterAPI type: string type: array x-kubernetes-list-type: atomic @@ -796,15 +790,6 @@ spec: && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) && ''OperatorLifecycleManager'' in self.status.capabilities.enabledCapabilities) : true' - - message: the `ClusterAPI` capability requires the `CompatibilityRequirements` - capability, which is neither explicitly or implicitly enabled in this - cluster, please enable the `CompatibilityRequirements` capability - rule: 'has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities) - && ''ClusterAPI'' in self.spec.capabilities.additionalEnabledCapabilities - ? ''CompatibilityRequirements'' in self.spec.capabilities.additionalEnabledCapabilities - || (has(self.status) && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) - && ''CompatibilityRequirements'' in self.status.capabilities.enabledCapabilities) - : true' served: true storage: true subresources: diff --git a/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-TechPreviewNoUpgrade.crd.yaml b/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-TechPreviewNoUpgrade.crd.yaml index 27985043e37..dfc58b34fa0 100644 --- a/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-TechPreviewNoUpgrade.crd.yaml +++ b/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-TechPreviewNoUpgrade.crd.yaml @@ -1122,15 +1122,6 @@ spec: && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) && ''OperatorLifecycleManager'' in self.status.capabilities.enabledCapabilities) : true' - - message: the `ClusterAPI` capability requires the `CompatibilityRequirements` - capability, which is neither explicitly or implicitly enabled in this - cluster, please enable the `CompatibilityRequirements` capability - rule: 'has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities) - && ''ClusterAPI'' in self.spec.capabilities.additionalEnabledCapabilities - ? ''CompatibilityRequirements'' in self.spec.capabilities.additionalEnabledCapabilities - || (has(self.status) && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) - && ''CompatibilityRequirements'' in self.status.capabilities.enabledCapabilities) - : true' served: true storage: true subresources: diff --git a/config/v1/zz_generated.featuregated-crd-manifests.yaml b/config/v1/zz_generated.featuregated-crd-manifests.yaml index 13635bff490..de54ce8be53 100644 --- a/config/v1/zz_generated.featuregated-crd-manifests.yaml +++ b/config/v1/zz_generated.featuregated-crd-manifests.yaml @@ -145,6 +145,7 @@ clusterversions.config.openshift.io: Capability: "" Category: "" FeatureGates: + - CRDCompatibilityRequirementOperator - ClusterUpdateAcceptRisks - ClusterUpdatePreflight - ImageStreamImportMode diff --git a/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/AAA_ungated.yaml b/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/AAA_ungated.yaml index aea52df487e..c7edb6835a1 100644 --- a/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/AAA_ungated.yaml +++ b/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/AAA_ungated.yaml @@ -97,8 +97,6 @@ spec: - Ingress - CloudControllerManager - OperatorLifecycleManagerV1 - - CompatibilityRequirements - - ClusterAPI type: string type: array x-kubernetes-list-type: atomic @@ -339,8 +337,6 @@ spec: - Ingress - CloudControllerManager - OperatorLifecycleManagerV1 - - CompatibilityRequirements - - ClusterAPI type: string type: array x-kubernetes-list-type: atomic @@ -368,8 +364,6 @@ spec: - Ingress - CloudControllerManager - OperatorLifecycleManagerV1 - - CompatibilityRequirements - - ClusterAPI type: string type: array x-kubernetes-list-type: atomic @@ -765,15 +759,6 @@ spec: && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) && ''OperatorLifecycleManager'' in self.status.capabilities.enabledCapabilities) : true' - - message: the `ClusterAPI` capability requires the `CompatibilityRequirements` - capability, which is neither explicitly or implicitly enabled in this - cluster, please enable the `CompatibilityRequirements` capability - rule: 'has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities) - && ''ClusterAPI'' in self.spec.capabilities.additionalEnabledCapabilities - ? ''CompatibilityRequirements'' in self.spec.capabilities.additionalEnabledCapabilities - || (has(self.status) && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) - && ''CompatibilityRequirements'' in self.status.capabilities.enabledCapabilities) - : true' served: true storage: true subresources: diff --git a/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/CRDCompatibilityRequirementOperator.yaml b/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/CRDCompatibilityRequirementOperator.yaml new file mode 100644 index 00000000000..3defbc8b669 --- /dev/null +++ b/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/CRDCompatibilityRequirementOperator.yaml @@ -0,0 +1,780 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/495 + api.openshift.io/filename-cvo-runlevel: "0000_00" + api.openshift.io/filename-operator: cluster-version-operator + api.openshift.io/filename-ordering: "01" + feature-gate.release.openshift.io/CRDCompatibilityRequirementOperator: "true" + include.release.openshift.io/self-managed-high-availability: "true" + name: clusterversions.config.openshift.io +spec: + group: config.openshift.io + names: + kind: ClusterVersion + listKind: ClusterVersionList + plural: clusterversions + singular: clusterversion + scope: Cluster + versions: + - additionalPrinterColumns: + - jsonPath: .status.history[?(@.state=="Completed")].version + name: Version + type: string + - jsonPath: .status.conditions[?(@.type=="Available")].status + name: Available + type: string + - jsonPath: .status.conditions[?(@.type=="Progressing")].status + name: Progressing + type: string + - jsonPath: .status.conditions[?(@.type=="Progressing")].lastTransitionTime + name: Since + type: date + - jsonPath: .status.conditions[?(@.type=="Progressing")].message + name: Status + type: string + name: v1 + schema: + openAPIV3Schema: + description: |- + ClusterVersion is the configuration for the ClusterVersionOperator. This is where + parameters related to automatic updates can be set. + + Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: |- + spec is the desired state of the cluster version - the operator will work + to ensure that the desired version is applied to the cluster. + properties: + capabilities: + description: |- + capabilities configures the installation of optional, core + cluster components. A null value here is identical to an + empty object; see the child properties for default semantics. + properties: + additionalEnabledCapabilities: + description: |- + additionalEnabledCapabilities extends the set of managed + capabilities beyond the baseline defined in + baselineCapabilitySet. The default is an empty set. + items: + description: ClusterVersionCapability enumerates optional, core + cluster components. + enum: + - openshift-samples + - baremetal + - marketplace + - Console + - Insights + - Storage + - CSISnapshot + - NodeTuning + - MachineAPI + - Build + - DeploymentConfig + - ImageRegistry + - OperatorLifecycleManager + - CloudCredential + - Ingress + - CloudControllerManager + - OperatorLifecycleManagerV1 + - CompatibilityRequirements + - ClusterAPI + type: string + type: array + x-kubernetes-list-type: atomic + baselineCapabilitySet: + description: |- + baselineCapabilitySet selects an initial set of + optional capabilities to enable, which can be extended via + additionalEnabledCapabilities. If unset, the cluster will + choose a default, and the default may change over time. + The current default is vCurrent. + enum: + - None + - v4.11 + - v4.12 + - v4.13 + - v4.14 + - v4.15 + - v4.16 + - v4.17 + - v4.18 + - vCurrent + type: string + type: object + channel: + description: |- + channel is an identifier for explicitly requesting a non-default set + of updates to be applied to this cluster. The default channel will + contain stable updates that are appropriate for production clusters. + type: string + clusterID: + description: |- + clusterID uniquely identifies this cluster. This is expected to be + an RFC4122 UUID value (xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx in + hexadecimal values). This is a required field. + type: string + desiredUpdate: + description: |- + desiredUpdate is an optional field that indicates the desired value of + the cluster version. Setting this value will trigger an upgrade (if + the current version does not match the desired version). The set of + recommended update values is listed as part of available updates in + status, and setting values outside that range may cause the upgrade + to fail. + + Some of the fields are inter-related with restrictions and meanings described here. + 1. image is specified, version is specified, architecture is specified. API validation error. + 2. image is specified, version is specified, architecture is not specified. The version extracted from the referenced image must match the specified version. + 3. image is specified, version is not specified, architecture is specified. API validation error. + 4. image is specified, version is not specified, architecture is not specified. image is used. + 5. image is not specified, version is specified, architecture is specified. version and desired architecture are used to select an image. + 6. image is not specified, version is specified, architecture is not specified. version and current architecture are used to select an image. + 7. image is not specified, version is not specified, architecture is specified. API validation error. + 8. image is not specified, version is not specified, architecture is not specified. API validation error. + + If an upgrade fails the operator will halt and report status + about the failing component. Setting the desired update value back to + the previous version will cause a rollback to be attempted if the + previous version is within the current minor version. Not all + rollbacks will succeed, and some may unrecoverably break the + cluster. + properties: + architecture: + description: |- + architecture is an optional field that indicates the desired + value of the cluster architecture. In this context cluster + architecture means either a single architecture or a multi + architecture. architecture can only be set to Multi thereby + only allowing updates from single to multi architecture. If + architecture is set, image cannot be set and version must be + set. + Valid values are 'Multi' and empty. + enum: + - Multi + - "" + type: string + force: + description: |- + force allows an administrator to update to an image that has failed + verification or upgradeable checks that are designed to keep your + cluster safe. Only use this if: + * you are testing unsigned release images in short-lived test clusters or + * you are working around a known bug in the cluster-version + operator and you have verified the authenticity of the provided + image yourself. + The provided image will run with full administrative access + to the cluster. Do not use this flag with images that come from unknown + or potentially malicious sources. + type: boolean + image: + description: |- + image is a container image location that contains the update. + image should be used when the desired version does not exist in availableUpdates or history. + When image is set, architecture cannot be specified. + If both version and image are set, the version extracted from the referenced image must match the specified version. + type: string + version: + description: |- + version is a semantic version identifying the update version. + version is required if architecture is specified. + If both version and image are set, the version extracted from the referenced image must match the specified version. + type: string + type: object + x-kubernetes-validations: + - message: cannot set both Architecture and Image + rule: 'has(self.architecture) && has(self.image) ? (self.architecture + == "" || self.image == "") : true' + - message: Version must be set if Architecture is set + rule: 'has(self.architecture) && self.architecture != "" ? self.version + != "" : true' + overrides: + description: |- + overrides is list of overides for components that are managed by + cluster version operator. Marking a component unmanaged will prevent + the operator from creating or updating the object. + items: + description: |- + ComponentOverride allows overriding cluster version operator's behavior + for a component. + properties: + group: + description: group identifies the API group that the kind is + in. + type: string + kind: + description: kind indentifies which object to override. + type: string + name: + description: name is the component's name. + type: string + namespace: + description: |- + namespace is the component's namespace. If the resource is cluster + scoped, the namespace should be empty. + type: string + unmanaged: + description: |- + unmanaged controls if cluster version operator should stop managing the + resources in this cluster. + Default: false + type: boolean + required: + - group + - kind + - name + - namespace + - unmanaged + type: object + type: array + x-kubernetes-list-map-keys: + - kind + - group + - namespace + - name + x-kubernetes-list-type: map + upstream: + description: |- + upstream may be used to specify the preferred update server. By default + it will use the appropriate update server for the cluster and region. + type: string + required: + - clusterID + type: object + status: + description: |- + status contains information about the available updates and any in-progress + updates. + properties: + availableUpdates: + description: |- + availableUpdates contains updates recommended for this + cluster. Updates which appear in conditionalUpdates but not in + availableUpdates may expose this cluster to known issues. This list + may be empty if no updates are recommended, if the update service + is unavailable, or if an invalid channel has been specified. + items: + description: Release represents an OpenShift release image and associated + metadata. + properties: + channels: + description: |- + channels is the set of Cincinnati channels to which the release + currently belongs. + items: + type: string + type: array + x-kubernetes-list-type: set + image: + description: |- + image is a container image location that contains the update. When this + field is part of spec, image is optional if version is specified and the + availableUpdates field contains a matching version. + type: string + url: + description: |- + url contains information about this release. This URL is set by + the 'url' metadata property on a release or the metadata returned by + the update API and should be displayed as a link in user + interfaces. The URL field may not be set for test or nightly + releases. + type: string + version: + description: |- + version is a semantic version identifying the update version. When this + field is part of spec, version is optional if image is specified. + type: string + required: + - image + - version + type: object + nullable: true + type: array + x-kubernetes-list-type: atomic + capabilities: + description: capabilities describes the state of optional, core cluster + components. + properties: + enabledCapabilities: + description: enabledCapabilities lists all the capabilities that + are currently managed. + items: + description: ClusterVersionCapability enumerates optional, core + cluster components. + enum: + - openshift-samples + - baremetal + - marketplace + - Console + - Insights + - Storage + - CSISnapshot + - NodeTuning + - MachineAPI + - Build + - DeploymentConfig + - ImageRegistry + - OperatorLifecycleManager + - CloudCredential + - Ingress + - CloudControllerManager + - OperatorLifecycleManagerV1 + - CompatibilityRequirements + - ClusterAPI + type: string + type: array + x-kubernetes-list-type: atomic + knownCapabilities: + description: knownCapabilities lists all the capabilities known + to the current cluster. + items: + description: ClusterVersionCapability enumerates optional, core + cluster components. + enum: + - openshift-samples + - baremetal + - marketplace + - Console + - Insights + - Storage + - CSISnapshot + - NodeTuning + - MachineAPI + - Build + - DeploymentConfig + - ImageRegistry + - OperatorLifecycleManager + - CloudCredential + - Ingress + - CloudControllerManager + - OperatorLifecycleManagerV1 + - CompatibilityRequirements + - ClusterAPI + type: string + type: array + x-kubernetes-list-type: atomic + type: object + conditionalUpdates: + description: |- + conditionalUpdates contains the list of updates that may be + recommended for this cluster if it meets specific required + conditions. Consumers interested in the set of updates that are + actually recommended for this cluster should use + availableUpdates. This list may be empty if no updates are + recommended, if the update service is unavailable, or if an empty + or invalid channel has been specified. + items: + description: |- + ConditionalUpdate represents an update which is recommended to some + clusters on the version the current cluster is reconciling, but which + may not be recommended for the current cluster. + properties: + conditions: + description: |- + conditions represents the observations of the conditional update's + current status. Known types are: + * Recommended, for whether the update is recommended for the current cluster. + items: + description: Condition contains details for one aspect of + the current state of this API Resource. + properties: + lastTransitionTime: + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, + Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + release: + description: release is the target of the update. + properties: + channels: + description: |- + channels is the set of Cincinnati channels to which the release + currently belongs. + items: + type: string + type: array + x-kubernetes-list-type: set + image: + description: |- + image is a container image location that contains the update. When this + field is part of spec, image is optional if version is specified and the + availableUpdates field contains a matching version. + type: string + url: + description: |- + url contains information about this release. This URL is set by + the 'url' metadata property on a release or the metadata returned by + the update API and should be displayed as a link in user + interfaces. The URL field may not be set for test or nightly + releases. + type: string + version: + description: |- + version is a semantic version identifying the update version. When this + field is part of spec, version is optional if image is specified. + type: string + required: + - image + - version + type: object + risks: + description: |- + risks represents the range of issues associated with + updating to the target release. The cluster-version + operator will evaluate all entries, and only recommend the + update if there is at least one entry and all entries + recommend the update. + items: + description: |- + ConditionalUpdateRisk represents a reason and cluster-state + for not recommending a conditional update. + properties: + matchingRules: + description: |- + matchingRules is a slice of conditions for deciding which + clusters match the risk and which do not. The slice is + ordered by decreasing precedence. The cluster-version + operator will walk the slice in order, and stop after the + first it can successfully evaluate. If no condition can be + successfully evaluated, the update will not be recommended. + items: + description: |- + ClusterCondition is a union of typed cluster conditions. The 'type' + property determines which of the type-specific properties are relevant. + When evaluated on a cluster, the condition may match, not match, or + fail to evaluate. + properties: + promql: + description: promql represents a cluster condition + based on PromQL. + properties: + promql: + description: |- + promql is a PromQL query classifying clusters. This query + query should return a 1 in the match case and a 0 in the + does-not-match case. Queries which return no time + series, or which return values besides 0 or 1, are + evaluation failures. + type: string + required: + - promql + type: object + type: + description: |- + type represents the cluster-condition type. This defines + the members and semantics of any additional properties. + enum: + - Always + - PromQL + type: string + required: + - type + type: object + minItems: 1 + type: array + x-kubernetes-list-type: atomic + message: + description: |- + message provides additional information about the risk of + updating, in the event that matchingRules match the cluster + state. This is only to be consumed by humans. It may + contain Line Feed characters (U+000A), which should be + rendered as new lines. + minLength: 1 + type: string + name: + description: |- + name is the CamelCase reason for not recommending a + conditional update, in the event that matchingRules match the + cluster state. + minLength: 1 + type: string + url: + description: url contains information about this risk. + format: uri + minLength: 1 + type: string + required: + - matchingRules + - message + - name + - url + type: object + maxItems: 200 + minItems: 1 + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + required: + - release + - risks + type: object + maxItems: 500 + type: array + x-kubernetes-list-type: atomic + conditions: + description: |- + conditions provides information about the cluster version. The condition + "Available" is set to true if the desiredUpdate has been reached. The + condition "Progressing" is set to true if an update is being applied. + The condition "Degraded" is set to true if an update is currently blocked + by a temporary or permanent error. Conditions are only valid for the + current desiredUpdate when metadata.generation is equal to + status.generation. + items: + description: |- + ClusterOperatorStatusCondition represents the state of the operator's + managed and monitored components. + properties: + lastTransitionTime: + description: lastTransitionTime is the time of the last update + to the current status property. + format: date-time + type: string + message: + description: |- + message provides additional information about the current condition. + This is only to be consumed by humans. It may contain Line Feed + characters (U+000A), which should be rendered as new lines. + type: string + reason: + description: reason is the CamelCase reason for the condition's + current status. + type: string + status: + description: status of the condition, one of True, False, Unknown. + type: string + type: + description: type specifies the aspect reported by this condition. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + desired: + description: |- + desired is the version that the cluster is reconciling towards. + If the cluster is not yet fully initialized desired will be set + with the information available, which may be an image or a tag. + properties: + channels: + description: |- + channels is the set of Cincinnati channels to which the release + currently belongs. + items: + type: string + type: array + x-kubernetes-list-type: set + image: + description: |- + image is a container image location that contains the update. When this + field is part of spec, image is optional if version is specified and the + availableUpdates field contains a matching version. + type: string + url: + description: |- + url contains information about this release. This URL is set by + the 'url' metadata property on a release or the metadata returned by + the update API and should be displayed as a link in user + interfaces. The URL field may not be set for test or nightly + releases. + type: string + version: + description: |- + version is a semantic version identifying the update version. When this + field is part of spec, version is optional if image is specified. + type: string + required: + - image + - version + type: object + history: + description: |- + history contains a list of the most recent versions applied to the cluster. + This value may be empty during cluster startup, and then will be updated + when a new update is being applied. The newest update is first in the + list and it is ordered by recency. Updates in the history have state + Completed if the rollout completed - if an update was failing or halfway + applied the state will be Partial. Only a limited amount of update history + is preserved. + items: + description: UpdateHistory is a single attempted update to the cluster. + properties: + acceptedRisks: + description: |- + acceptedRisks records risks which were accepted to initiate the update. + For example, it may mention an Upgradeable=False or missing signature + that was overridden via desiredUpdate.force, or an update that was + initiated despite not being in the availableUpdates set of recommended + update targets. + type: string + completionTime: + description: |- + completionTime, if set, is when the update was fully applied. The update + that is currently being applied will have a null completion time. + Completion time will always be set for entries that are not the current + update (usually to the started time of the next update). + format: date-time + nullable: true + type: string + image: + description: |- + image is a container image location that contains the update. This value + is always populated. + type: string + startedTime: + description: startedTime is the time at which the update was + started. + format: date-time + type: string + state: + description: |- + state reflects whether the update was fully applied. The Partial state + indicates the update is not fully applied, while the Completed state + indicates the update was successfully rolled out at least once (all + parts of the update successfully applied). + type: string + verified: + description: |- + verified indicates whether the provided update was properly verified + before it was installed. If this is false the cluster may not be trusted. + Verified does not cover upgradeable checks that depend on the cluster + state at the time when the update target was accepted. + type: boolean + version: + description: |- + version is a semantic version identifying the update version. If the + requested image does not define a version, or if a failure occurs + retrieving the image, this value may be empty. + type: string + required: + - completionTime + - image + - startedTime + - state + - verified + type: object + type: array + x-kubernetes-list-type: atomic + observedGeneration: + description: |- + observedGeneration reports which version of the spec is being synced. + If this value is not equal to metadata.generation, then the desired + and conditions fields may represent a previous version. + format: int64 + type: integer + versionHash: + description: |- + versionHash is a fingerprint of the content that the cluster will be + updated with. It is used by the operator to avoid unnecessary work + and is for internal use only. + type: string + required: + - availableUpdates + - desired + - observedGeneration + - versionHash + type: object + required: + - spec + type: object + x-kubernetes-validations: + - message: the `ClusterAPI` capability requires the `CompatibilityRequirements` + capability, which is neither explicitly or implicitly enabled in this + cluster, please enable the `CompatibilityRequirements` capability + rule: 'has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities) + && ''ClusterAPI'' in self.spec.capabilities.additionalEnabledCapabilities + ? ''CompatibilityRequirements'' in self.spec.capabilities.additionalEnabledCapabilities + || (has(self.status) && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) + && ''CompatibilityRequirements'' in self.status.capabilities.enabledCapabilities) + : true' + - message: the `marketplace` capability requires the `OperatorLifecycleManager` + capability, which is neither explicitly or implicitly enabled in this + cluster, please enable the `OperatorLifecycleManager` capability + rule: 'has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities) + && self.spec.capabilities.baselineCapabilitySet == ''None'' && ''marketplace'' + in self.spec.capabilities.additionalEnabledCapabilities ? ''OperatorLifecycleManager'' + in self.spec.capabilities.additionalEnabledCapabilities || (has(self.status) + && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) + && ''OperatorLifecycleManager'' in self.status.capabilities.enabledCapabilities) + : true' + served: true + storage: true + subresources: + status: {} diff --git a/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/ClusterUpdateAcceptRisks.yaml b/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/ClusterUpdateAcceptRisks.yaml index 44672596cc4..53debf4816b 100644 --- a/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/ClusterUpdateAcceptRisks.yaml +++ b/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/ClusterUpdateAcceptRisks.yaml @@ -79,26 +79,6 @@ spec: items: description: ClusterVersionCapability enumerates optional, core cluster components. - enum: - - openshift-samples - - baremetal - - marketplace - - Console - - Insights - - Storage - - CSISnapshot - - NodeTuning - - MachineAPI - - Build - - DeploymentConfig - - ImageRegistry - - OperatorLifecycleManager - - CloudCredential - - Ingress - - CloudControllerManager - - OperatorLifecycleManagerV1 - - CompatibilityRequirements - - ClusterAPI type: string type: array x-kubernetes-list-type: atomic @@ -349,26 +329,6 @@ spec: items: description: ClusterVersionCapability enumerates optional, core cluster components. - enum: - - openshift-samples - - baremetal - - marketplace - - Console - - Insights - - Storage - - CSISnapshot - - NodeTuning - - MachineAPI - - Build - - DeploymentConfig - - ImageRegistry - - OperatorLifecycleManager - - CloudCredential - - Ingress - - CloudControllerManager - - OperatorLifecycleManagerV1 - - CompatibilityRequirements - - ClusterAPI type: string type: array x-kubernetes-list-type: atomic @@ -378,26 +338,6 @@ spec: items: description: ClusterVersionCapability enumerates optional, core cluster components. - enum: - - openshift-samples - - baremetal - - marketplace - - Console - - Insights - - Storage - - CSISnapshot - - NodeTuning - - MachineAPI - - Build - - DeploymentConfig - - ImageRegistry - - OperatorLifecycleManager - - CloudCredential - - Ingress - - CloudControllerManager - - OperatorLifecycleManagerV1 - - CompatibilityRequirements - - ClusterAPI type: string type: array x-kubernetes-list-type: atomic @@ -1040,15 +980,6 @@ spec: && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) && ''OperatorLifecycleManager'' in self.status.capabilities.enabledCapabilities) : true' - - message: the `ClusterAPI` capability requires the `CompatibilityRequirements` - capability, which is neither explicitly or implicitly enabled in this - cluster, please enable the `CompatibilityRequirements` capability - rule: 'has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities) - && ''ClusterAPI'' in self.spec.capabilities.additionalEnabledCapabilities - ? ''CompatibilityRequirements'' in self.spec.capabilities.additionalEnabledCapabilities - || (has(self.status) && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) - && ''CompatibilityRequirements'' in self.status.capabilities.enabledCapabilities) - : true' served: true storage: true subresources: diff --git a/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/ClusterUpdatePreflight.yaml b/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/ClusterUpdatePreflight.yaml index 9ab9c587345..0f8dafbc678 100644 --- a/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/ClusterUpdatePreflight.yaml +++ b/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/ClusterUpdatePreflight.yaml @@ -79,26 +79,6 @@ spec: items: description: ClusterVersionCapability enumerates optional, core cluster components. - enum: - - openshift-samples - - baremetal - - marketplace - - Console - - Insights - - Storage - - CSISnapshot - - NodeTuning - - MachineAPI - - Build - - DeploymentConfig - - ImageRegistry - - OperatorLifecycleManager - - CloudCredential - - Ingress - - CloudControllerManager - - OperatorLifecycleManagerV1 - - CompatibilityRequirements - - ClusterAPI type: string type: array x-kubernetes-list-type: atomic @@ -338,26 +318,6 @@ spec: items: description: ClusterVersionCapability enumerates optional, core cluster components. - enum: - - openshift-samples - - baremetal - - marketplace - - Console - - Insights - - Storage - - CSISnapshot - - NodeTuning - - MachineAPI - - Build - - DeploymentConfig - - ImageRegistry - - OperatorLifecycleManager - - CloudCredential - - Ingress - - CloudControllerManager - - OperatorLifecycleManagerV1 - - CompatibilityRequirements - - ClusterAPI type: string type: array x-kubernetes-list-type: atomic @@ -367,26 +327,6 @@ spec: items: description: ClusterVersionCapability enumerates optional, core cluster components. - enum: - - openshift-samples - - baremetal - - marketplace - - Console - - Insights - - Storage - - CSISnapshot - - NodeTuning - - MachineAPI - - Build - - DeploymentConfig - - ImageRegistry - - OperatorLifecycleManager - - CloudCredential - - Ingress - - CloudControllerManager - - OperatorLifecycleManagerV1 - - CompatibilityRequirements - - ClusterAPI type: string type: array x-kubernetes-list-type: atomic @@ -782,15 +722,6 @@ spec: && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) && ''OperatorLifecycleManager'' in self.status.capabilities.enabledCapabilities) : true' - - message: the `ClusterAPI` capability requires the `CompatibilityRequirements` - capability, which is neither explicitly or implicitly enabled in this - cluster, please enable the `CompatibilityRequirements` capability - rule: 'has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities) - && ''ClusterAPI'' in self.spec.capabilities.additionalEnabledCapabilities - ? ''CompatibilityRequirements'' in self.spec.capabilities.additionalEnabledCapabilities - || (has(self.status) && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) - && ''CompatibilityRequirements'' in self.status.capabilities.enabledCapabilities) - : true' served: true storage: true subresources: diff --git a/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/ImageStreamImportMode.yaml b/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/ImageStreamImportMode.yaml index 8b0b365df2a..8ffc08f0ed4 100644 --- a/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/ImageStreamImportMode.yaml +++ b/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/ImageStreamImportMode.yaml @@ -79,26 +79,6 @@ spec: items: description: ClusterVersionCapability enumerates optional, core cluster components. - enum: - - openshift-samples - - baremetal - - marketplace - - Console - - Insights - - Storage - - CSISnapshot - - NodeTuning - - MachineAPI - - Build - - DeploymentConfig - - ImageRegistry - - OperatorLifecycleManager - - CloudCredential - - Ingress - - CloudControllerManager - - OperatorLifecycleManagerV1 - - CompatibilityRequirements - - ClusterAPI type: string type: array x-kubernetes-list-type: atomic @@ -332,26 +312,6 @@ spec: items: description: ClusterVersionCapability enumerates optional, core cluster components. - enum: - - openshift-samples - - baremetal - - marketplace - - Console - - Insights - - Storage - - CSISnapshot - - NodeTuning - - MachineAPI - - Build - - DeploymentConfig - - ImageRegistry - - OperatorLifecycleManager - - CloudCredential - - Ingress - - CloudControllerManager - - OperatorLifecycleManagerV1 - - CompatibilityRequirements - - ClusterAPI type: string type: array x-kubernetes-list-type: atomic @@ -361,26 +321,6 @@ spec: items: description: ClusterVersionCapability enumerates optional, core cluster components. - enum: - - openshift-samples - - baremetal - - marketplace - - Console - - Insights - - Storage - - CSISnapshot - - NodeTuning - - MachineAPI - - Build - - DeploymentConfig - - ImageRegistry - - OperatorLifecycleManager - - CloudCredential - - Ingress - - CloudControllerManager - - OperatorLifecycleManagerV1 - - CompatibilityRequirements - - ClusterAPI type: string type: array x-kubernetes-list-type: atomic @@ -798,15 +738,6 @@ spec: && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) && ''OperatorLifecycleManager'' in self.status.capabilities.enabledCapabilities) : true' - - message: the `ClusterAPI` capability requires the `CompatibilityRequirements` - capability, which is neither explicitly or implicitly enabled in this - cluster, please enable the `CompatibilityRequirements` capability - rule: 'has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities) - && ''ClusterAPI'' in self.spec.capabilities.additionalEnabledCapabilities - ? ''CompatibilityRequirements'' in self.spec.capabilities.additionalEnabledCapabilities - || (has(self.status) && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) - && ''CompatibilityRequirements'' in self.status.capabilities.enabledCapabilities) - : true' served: true storage: true subresources: diff --git a/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/SignatureStores.yaml b/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/SignatureStores.yaml index 6e859297440..2eab9933ba5 100644 --- a/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/SignatureStores.yaml +++ b/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/SignatureStores.yaml @@ -79,26 +79,6 @@ spec: items: description: ClusterVersionCapability enumerates optional, core cluster components. - enum: - - openshift-samples - - baremetal - - marketplace - - Console - - Insights - - Storage - - CSISnapshot - - NodeTuning - - MachineAPI - - Build - - DeploymentConfig - - ImageRegistry - - OperatorLifecycleManager - - CloudCredential - - Ingress - - CloudControllerManager - - OperatorLifecycleManagerV1 - - CompatibilityRequirements - - ClusterAPI type: string type: array x-kubernetes-list-type: atomic @@ -372,26 +352,6 @@ spec: items: description: ClusterVersionCapability enumerates optional, core cluster components. - enum: - - openshift-samples - - baremetal - - marketplace - - Console - - Insights - - Storage - - CSISnapshot - - NodeTuning - - MachineAPI - - Build - - DeploymentConfig - - ImageRegistry - - OperatorLifecycleManager - - CloudCredential - - Ingress - - CloudControllerManager - - OperatorLifecycleManagerV1 - - CompatibilityRequirements - - ClusterAPI type: string type: array x-kubernetes-list-type: atomic @@ -401,26 +361,6 @@ spec: items: description: ClusterVersionCapability enumerates optional, core cluster components. - enum: - - openshift-samples - - baremetal - - marketplace - - Console - - Insights - - Storage - - CSISnapshot - - NodeTuning - - MachineAPI - - Build - - DeploymentConfig - - ImageRegistry - - OperatorLifecycleManager - - CloudCredential - - Ingress - - CloudControllerManager - - OperatorLifecycleManagerV1 - - CompatibilityRequirements - - ClusterAPI type: string type: array x-kubernetes-list-type: atomic @@ -816,15 +756,6 @@ spec: && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) && ''OperatorLifecycleManager'' in self.status.capabilities.enabledCapabilities) : true' - - message: the `ClusterAPI` capability requires the `CompatibilityRequirements` - capability, which is neither explicitly or implicitly enabled in this - cluster, please enable the `CompatibilityRequirements` capability - rule: 'has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities) - && ''ClusterAPI'' in self.spec.capabilities.additionalEnabledCapabilities - ? ''CompatibilityRequirements'' in self.spec.capabilities.additionalEnabledCapabilities - || (has(self.status) && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) - && ''CompatibilityRequirements'' in self.status.capabilities.enabledCapabilities) - : true' served: true storage: true subresources: From 2cf942dc34c9224feb9a75ac483d6dc3eb69f61a Mon Sep 17 00:00:00 2001 From: miyadav Date: Wed, 17 Jun 2026 17:23:29 +0100 Subject: [PATCH 4/5] =?UTF-8?q?=20This=20is=20the=20same=20pattern=20used?= =?UTF-8?q?=20by=20the=20existing=20marketplace=E2=86=92OLM=20rule=20,=20w?= =?UTF-8?q?hich=20is=20=20=20also=20ungated=20,=20FeatureGateAwareXValidat?= =?UTF-8?q?ion=20causing=20test=20failure?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../CRDCompatibilityRequirementOperator.yaml | 121 ++++++++++++++++++ config/v1/types_cluster_version.go | 2 +- ...1_clusterversions-CustomNoUpgrade.crd.yaml | 9 ++ ...erator_01_clusterversions-Default.crd.yaml | 9 ++ ...usterversions-DevPreviewNoUpgrade.crd.yaml | 9 ++ ...n-operator_01_clusterversions-OKD.crd.yaml | 9 ++ ...sterversions-TechPreviewNoUpgrade.crd.yaml | 9 ++ .../AAA_ungated.yaml | 9 ++ .../CRDCompatibilityRequirementOperator.yaml | 18 +-- .../ClusterUpdateAcceptRisks.yaml | 9 ++ .../ClusterUpdatePreflight.yaml | 9 ++ .../ImageStreamImportMode.yaml | 9 ++ .../SignatureStores.yaml | 9 ++ 13 files changed, 221 insertions(+), 10 deletions(-) create mode 100644 config/v1/tests/clusterversions.config.openshift.io/CRDCompatibilityRequirementOperator.yaml diff --git a/config/v1/tests/clusterversions.config.openshift.io/CRDCompatibilityRequirementOperator.yaml b/config/v1/tests/clusterversions.config.openshift.io/CRDCompatibilityRequirementOperator.yaml new file mode 100644 index 00000000000..e9eb65fff2c --- /dev/null +++ b/config/v1/tests/clusterversions.config.openshift.io/CRDCompatibilityRequirementOperator.yaml @@ -0,0 +1,121 @@ +apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this +name: "ClusterVersion" +crdName: clusterversions.config.openshift.io +featureGates: + - CRDCompatibilityRequirementOperator +tests: + onCreate: + - name: Should be able to create a ClusterVersion with base capability None, and additional capabilities ClusterAPI and CompatibilityRequirements + initial: | + apiVersion: config.openshift.io/v1 + kind: ClusterVersion + spec: + clusterID: foo + capabilities: + baselineCapabilitySet: None + additionalEnabledCapabilities: + - ClusterAPI + - CompatibilityRequirements + expected: | + apiVersion: config.openshift.io/v1 + kind: ClusterVersion + spec: + clusterID: foo + capabilities: + baselineCapabilitySet: None + additionalEnabledCapabilities: + - ClusterAPI + - CompatibilityRequirements + - name: Should not be able to create a ClusterVersion with base capability None, and additional capability ClusterAPI without CompatibilityRequirements + initial: | + apiVersion: config.openshift.io/v1 + kind: ClusterVersion + spec: + clusterID: foo + capabilities: + baselineCapabilitySet: None + additionalEnabledCapabilities: + - ClusterAPI + expectedError: the `ClusterAPI` capability requires the `CompatibilityRequirements` capability, which is neither explicitly or implicitly enabled in this cluster, please enable the `CompatibilityRequirements` capability + - name: Should be able to create a ClusterVersion with base capability None, and additional capability CompatibilityRequirements without ClusterAPI + initial: | + apiVersion: config.openshift.io/v1 + kind: ClusterVersion + spec: + clusterID: foo + capabilities: + baselineCapabilitySet: None + additionalEnabledCapabilities: + - CompatibilityRequirements + expected: | + apiVersion: config.openshift.io/v1 + kind: ClusterVersion + spec: + clusterID: foo + capabilities: + baselineCapabilitySet: None + additionalEnabledCapabilities: + - CompatibilityRequirements + onUpdate: + - name: Should be able to add the ClusterAPI capability with CompatibilityRequirements already implicitly enabled + initial: | + apiVersion: config.openshift.io/v1 + kind: ClusterVersion + spec: + clusterID: foo + capabilities: + baselineCapabilitySet: None + status: + desired: + version: foo + image: foo + observedGeneration: 1 + versionHash: foo + capabilities: + enabledCapabilities: + - CompatibilityRequirements + availableUpdates: + - version: foo + image: foo + updated: | + apiVersion: config.openshift.io/v1 + kind: ClusterVersion + spec: + clusterID: foo + capabilities: + baselineCapabilitySet: None + additionalEnabledCapabilities: + - ClusterAPI + status: + desired: + version: foo + image: foo + observedGeneration: 1 + versionHash: foo + capabilities: + enabledCapabilities: + - CompatibilityRequirements + availableUpdates: + - version: foo + image: foo + expected: | + apiVersion: config.openshift.io/v1 + kind: ClusterVersion + spec: + clusterID: foo + capabilities: + baselineCapabilitySet: None + additionalEnabledCapabilities: + - ClusterAPI + status: + desired: + version: foo + image: foo + observedGeneration: 1 + versionHash: foo + capabilities: + enabledCapabilities: + - CompatibilityRequirements + availableUpdates: + - version: foo + image: foo diff --git a/config/v1/types_cluster_version.go b/config/v1/types_cluster_version.go index c2e1bd66398..266d7f59037 100644 --- a/config/v1/types_cluster_version.go +++ b/config/v1/types_cluster_version.go @@ -19,7 +19,7 @@ import ( // +kubebuilder:subresource:status // +kubebuilder:resource:path=clusterversions,scope=Cluster // +kubebuilder:validation:XValidation:rule="has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities) && self.spec.capabilities.baselineCapabilitySet == 'None' && 'marketplace' in self.spec.capabilities.additionalEnabledCapabilities ? 'OperatorLifecycleManager' in self.spec.capabilities.additionalEnabledCapabilities || (has(self.status) && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) && 'OperatorLifecycleManager' in self.status.capabilities.enabledCapabilities) : true",message="the `marketplace` capability requires the `OperatorLifecycleManager` capability, which is neither explicitly or implicitly enabled in this cluster, please enable the `OperatorLifecycleManager` capability" -// +openshift:validation:FeatureGateAwareXValidation:featureGate=CRDCompatibilityRequirementOperator,rule="has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities) && 'ClusterAPI' in self.spec.capabilities.additionalEnabledCapabilities ? 'CompatibilityRequirements' in self.spec.capabilities.additionalEnabledCapabilities || (has(self.status) && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) && 'CompatibilityRequirements' in self.status.capabilities.enabledCapabilities) : true",message="the `ClusterAPI` capability requires the `CompatibilityRequirements` capability, which is neither explicitly or implicitly enabled in this cluster, please enable the `CompatibilityRequirements` capability" +// +kubebuilder:validation:XValidation:rule="has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities) && 'ClusterAPI' in self.spec.capabilities.additionalEnabledCapabilities ? 'CompatibilityRequirements' in self.spec.capabilities.additionalEnabledCapabilities || (has(self.status) && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) && 'CompatibilityRequirements' in self.status.capabilities.enabledCapabilities) : true",message="the `ClusterAPI` capability requires the `CompatibilityRequirements` capability, which is neither explicitly or implicitly enabled in this cluster, please enable the `CompatibilityRequirements` capability" // +kubebuilder:printcolumn:name=Version,JSONPath=.status.history[?(@.state=="Completed")].version,type=string // +kubebuilder:printcolumn:name=Available,JSONPath=.status.conditions[?(@.type=="Available")].status,type=string // +kubebuilder:printcolumn:name=Progressing,JSONPath=.status.conditions[?(@.type=="Progressing")].status,type=string diff --git a/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-CustomNoUpgrade.crd.yaml b/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-CustomNoUpgrade.crd.yaml index 614cacb4691..1702e755aff 100644 --- a/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-CustomNoUpgrade.crd.yaml +++ b/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-CustomNoUpgrade.crd.yaml @@ -1139,6 +1139,15 @@ spec: && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) && ''OperatorLifecycleManager'' in self.status.capabilities.enabledCapabilities) : true' + - message: the `ClusterAPI` capability requires the `CompatibilityRequirements` + capability, which is neither explicitly or implicitly enabled in this + cluster, please enable the `CompatibilityRequirements` capability + rule: 'has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities) + && ''ClusterAPI'' in self.spec.capabilities.additionalEnabledCapabilities + ? ''CompatibilityRequirements'' in self.spec.capabilities.additionalEnabledCapabilities + || (has(self.status) && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) + && ''CompatibilityRequirements'' in self.status.capabilities.enabledCapabilities) + : true' served: true storage: true subresources: diff --git a/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-Default.crd.yaml b/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-Default.crd.yaml index 430a39025ff..32bb7fd5786 100644 --- a/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-Default.crd.yaml +++ b/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-Default.crd.yaml @@ -790,6 +790,15 @@ spec: && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) && ''OperatorLifecycleManager'' in self.status.capabilities.enabledCapabilities) : true' + - message: the `ClusterAPI` capability requires the `CompatibilityRequirements` + capability, which is neither explicitly or implicitly enabled in this + cluster, please enable the `CompatibilityRequirements` capability + rule: 'has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities) + && ''ClusterAPI'' in self.spec.capabilities.additionalEnabledCapabilities + ? ''CompatibilityRequirements'' in self.spec.capabilities.additionalEnabledCapabilities + || (has(self.status) && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) + && ''CompatibilityRequirements'' in self.status.capabilities.enabledCapabilities) + : true' served: true storage: true subresources: diff --git a/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-DevPreviewNoUpgrade.crd.yaml b/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-DevPreviewNoUpgrade.crd.yaml index a376d14fb74..ac031e99af7 100644 --- a/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-DevPreviewNoUpgrade.crd.yaml +++ b/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-DevPreviewNoUpgrade.crd.yaml @@ -1139,6 +1139,15 @@ spec: && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) && ''OperatorLifecycleManager'' in self.status.capabilities.enabledCapabilities) : true' + - message: the `ClusterAPI` capability requires the `CompatibilityRequirements` + capability, which is neither explicitly or implicitly enabled in this + cluster, please enable the `CompatibilityRequirements` capability + rule: 'has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities) + && ''ClusterAPI'' in self.spec.capabilities.additionalEnabledCapabilities + ? ''CompatibilityRequirements'' in self.spec.capabilities.additionalEnabledCapabilities + || (has(self.status) && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) + && ''CompatibilityRequirements'' in self.status.capabilities.enabledCapabilities) + : true' served: true storage: true subresources: diff --git a/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-OKD.crd.yaml b/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-OKD.crd.yaml index 1ae333ddc69..9c392c43ca4 100644 --- a/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-OKD.crd.yaml +++ b/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-OKD.crd.yaml @@ -790,6 +790,15 @@ spec: && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) && ''OperatorLifecycleManager'' in self.status.capabilities.enabledCapabilities) : true' + - message: the `ClusterAPI` capability requires the `CompatibilityRequirements` + capability, which is neither explicitly or implicitly enabled in this + cluster, please enable the `CompatibilityRequirements` capability + rule: 'has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities) + && ''ClusterAPI'' in self.spec.capabilities.additionalEnabledCapabilities + ? ''CompatibilityRequirements'' in self.spec.capabilities.additionalEnabledCapabilities + || (has(self.status) && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) + && ''CompatibilityRequirements'' in self.status.capabilities.enabledCapabilities) + : true' served: true storage: true subresources: diff --git a/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-TechPreviewNoUpgrade.crd.yaml b/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-TechPreviewNoUpgrade.crd.yaml index dfc58b34fa0..27985043e37 100644 --- a/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-TechPreviewNoUpgrade.crd.yaml +++ b/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-TechPreviewNoUpgrade.crd.yaml @@ -1122,6 +1122,15 @@ spec: && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) && ''OperatorLifecycleManager'' in self.status.capabilities.enabledCapabilities) : true' + - message: the `ClusterAPI` capability requires the `CompatibilityRequirements` + capability, which is neither explicitly or implicitly enabled in this + cluster, please enable the `CompatibilityRequirements` capability + rule: 'has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities) + && ''ClusterAPI'' in self.spec.capabilities.additionalEnabledCapabilities + ? ''CompatibilityRequirements'' in self.spec.capabilities.additionalEnabledCapabilities + || (has(self.status) && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) + && ''CompatibilityRequirements'' in self.status.capabilities.enabledCapabilities) + : true' served: true storage: true subresources: diff --git a/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/AAA_ungated.yaml b/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/AAA_ungated.yaml index c7edb6835a1..8b2c4f23f52 100644 --- a/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/AAA_ungated.yaml +++ b/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/AAA_ungated.yaml @@ -759,6 +759,15 @@ spec: && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) && ''OperatorLifecycleManager'' in self.status.capabilities.enabledCapabilities) : true' + - message: the `ClusterAPI` capability requires the `CompatibilityRequirements` + capability, which is neither explicitly or implicitly enabled in this + cluster, please enable the `CompatibilityRequirements` capability + rule: 'has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities) + && ''ClusterAPI'' in self.spec.capabilities.additionalEnabledCapabilities + ? ''CompatibilityRequirements'' in self.spec.capabilities.additionalEnabledCapabilities + || (has(self.status) && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) + && ''CompatibilityRequirements'' in self.status.capabilities.enabledCapabilities) + : true' served: true storage: true subresources: diff --git a/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/CRDCompatibilityRequirementOperator.yaml b/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/CRDCompatibilityRequirementOperator.yaml index 3defbc8b669..10b6d4f889d 100644 --- a/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/CRDCompatibilityRequirementOperator.yaml +++ b/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/CRDCompatibilityRequirementOperator.yaml @@ -755,15 +755,6 @@ spec: - spec type: object x-kubernetes-validations: - - message: the `ClusterAPI` capability requires the `CompatibilityRequirements` - capability, which is neither explicitly or implicitly enabled in this - cluster, please enable the `CompatibilityRequirements` capability - rule: 'has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities) - && ''ClusterAPI'' in self.spec.capabilities.additionalEnabledCapabilities - ? ''CompatibilityRequirements'' in self.spec.capabilities.additionalEnabledCapabilities - || (has(self.status) && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) - && ''CompatibilityRequirements'' in self.status.capabilities.enabledCapabilities) - : true' - message: the `marketplace` capability requires the `OperatorLifecycleManager` capability, which is neither explicitly or implicitly enabled in this cluster, please enable the `OperatorLifecycleManager` capability @@ -774,6 +765,15 @@ spec: && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) && ''OperatorLifecycleManager'' in self.status.capabilities.enabledCapabilities) : true' + - message: the `ClusterAPI` capability requires the `CompatibilityRequirements` + capability, which is neither explicitly or implicitly enabled in this + cluster, please enable the `CompatibilityRequirements` capability + rule: 'has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities) + && ''ClusterAPI'' in self.spec.capabilities.additionalEnabledCapabilities + ? ''CompatibilityRequirements'' in self.spec.capabilities.additionalEnabledCapabilities + || (has(self.status) && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) + && ''CompatibilityRequirements'' in self.status.capabilities.enabledCapabilities) + : true' served: true storage: true subresources: diff --git a/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/ClusterUpdateAcceptRisks.yaml b/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/ClusterUpdateAcceptRisks.yaml index 53debf4816b..5fac37d5755 100644 --- a/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/ClusterUpdateAcceptRisks.yaml +++ b/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/ClusterUpdateAcceptRisks.yaml @@ -980,6 +980,15 @@ spec: && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) && ''OperatorLifecycleManager'' in self.status.capabilities.enabledCapabilities) : true' + - message: the `ClusterAPI` capability requires the `CompatibilityRequirements` + capability, which is neither explicitly or implicitly enabled in this + cluster, please enable the `CompatibilityRequirements` capability + rule: 'has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities) + && ''ClusterAPI'' in self.spec.capabilities.additionalEnabledCapabilities + ? ''CompatibilityRequirements'' in self.spec.capabilities.additionalEnabledCapabilities + || (has(self.status) && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) + && ''CompatibilityRequirements'' in self.status.capabilities.enabledCapabilities) + : true' served: true storage: true subresources: diff --git a/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/ClusterUpdatePreflight.yaml b/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/ClusterUpdatePreflight.yaml index 0f8dafbc678..4df366aff2d 100644 --- a/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/ClusterUpdatePreflight.yaml +++ b/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/ClusterUpdatePreflight.yaml @@ -722,6 +722,15 @@ spec: && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) && ''OperatorLifecycleManager'' in self.status.capabilities.enabledCapabilities) : true' + - message: the `ClusterAPI` capability requires the `CompatibilityRequirements` + capability, which is neither explicitly or implicitly enabled in this + cluster, please enable the `CompatibilityRequirements` capability + rule: 'has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities) + && ''ClusterAPI'' in self.spec.capabilities.additionalEnabledCapabilities + ? ''CompatibilityRequirements'' in self.spec.capabilities.additionalEnabledCapabilities + || (has(self.status) && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) + && ''CompatibilityRequirements'' in self.status.capabilities.enabledCapabilities) + : true' served: true storage: true subresources: diff --git a/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/ImageStreamImportMode.yaml b/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/ImageStreamImportMode.yaml index 8ffc08f0ed4..351e1a749ac 100644 --- a/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/ImageStreamImportMode.yaml +++ b/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/ImageStreamImportMode.yaml @@ -738,6 +738,15 @@ spec: && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) && ''OperatorLifecycleManager'' in self.status.capabilities.enabledCapabilities) : true' + - message: the `ClusterAPI` capability requires the `CompatibilityRequirements` + capability, which is neither explicitly or implicitly enabled in this + cluster, please enable the `CompatibilityRequirements` capability + rule: 'has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities) + && ''ClusterAPI'' in self.spec.capabilities.additionalEnabledCapabilities + ? ''CompatibilityRequirements'' in self.spec.capabilities.additionalEnabledCapabilities + || (has(self.status) && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) + && ''CompatibilityRequirements'' in self.status.capabilities.enabledCapabilities) + : true' served: true storage: true subresources: diff --git a/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/SignatureStores.yaml b/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/SignatureStores.yaml index 2eab9933ba5..d3b5121dbbd 100644 --- a/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/SignatureStores.yaml +++ b/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/SignatureStores.yaml @@ -756,6 +756,15 @@ spec: && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) && ''OperatorLifecycleManager'' in self.status.capabilities.enabledCapabilities) : true' + - message: the `ClusterAPI` capability requires the `CompatibilityRequirements` + capability, which is neither explicitly or implicitly enabled in this + cluster, please enable the `CompatibilityRequirements` capability + rule: 'has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities) + && ''ClusterAPI'' in self.spec.capabilities.additionalEnabledCapabilities + ? ''CompatibilityRequirements'' in self.spec.capabilities.additionalEnabledCapabilities + || (has(self.status) && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) + && ''CompatibilityRequirements'' in self.status.capabilities.enabledCapabilities) + : true' served: true storage: true subresources: From 8816b16ded02af7ac7b7280ca0bcd453bbd66b46 Mon Sep 17 00:00:00 2001 From: miyadav Date: Thu, 18 Jun 2026 11:36:13 +0100 Subject: [PATCH 5/5] =?UTF-8?q?=20Gate=20CompatibilityRequirements=20and?= =?UTF-8?q?=20ClusterAPI=20capabilities=20behind=20FeatureGates=20per=20re?= =?UTF-8?q?view=20feedback:=20CompatibilityRequirements=20behind=20CRDComp?= =?UTF-8?q?atibilityRequirementOperator,=20ClusterAPI=20behind=20ClusterAP?= =?UTF-8?q?IMachineManagement,=20and=20the=20ClusterAPI=E2=86=92Compatibil?= =?UTF-8?q?ityRequirements=20dependency=20XValidation=20behind=20both=20ga?= =?UTF-8?q?tes=20using=20requiredFeatureGate.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- ...tOperator+ClusterAPIMachineManagement.yaml | 122 +++ .../CRDCompatibilityRequirementOperator.yaml | 97 +-- .../ClusterAPIMachineManagement.yaml | 47 ++ config/v1/types_cluster_version.go | 6 +- ...1_clusterversions-CustomNoUpgrade.crd.yaml | 9 - ...erator_01_clusterversions-Default.crd.yaml | 9 - ...usterversions-DevPreviewNoUpgrade.crd.yaml | 9 - ...n-operator_01_clusterversions-OKD.crd.yaml | 9 - ...sterversions-TechPreviewNoUpgrade.crd.yaml | 9 - ..._generated.featuregated-crd-manifests.yaml | 2 + .../AAA_ungated.yaml | 9 - ...tOperator+ClusterAPIMachineManagement.yaml | 781 ++++++++++++++++++ .../CRDCompatibilityRequirementOperator.yaml | 12 - .../ClusterAPIMachineManagement.yaml | 771 +++++++++++++++++ .../ClusterUpdateAcceptRisks.yaml | 9 - .../ClusterUpdatePreflight.yaml | 9 - .../ImageStreamImportMode.yaml | 9 - .../SignatureStores.yaml | 9 - 18 files changed, 1728 insertions(+), 200 deletions(-) create mode 100644 config/v1/tests/clusterversions.config.openshift.io/CRDCompatibilityRequirementOperator+ClusterAPIMachineManagement.yaml create mode 100644 config/v1/tests/clusterversions.config.openshift.io/ClusterAPIMachineManagement.yaml create mode 100644 config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/CRDCompatibilityRequirementOperator+ClusterAPIMachineManagement.yaml create mode 100644 config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/ClusterAPIMachineManagement.yaml diff --git a/config/v1/tests/clusterversions.config.openshift.io/CRDCompatibilityRequirementOperator+ClusterAPIMachineManagement.yaml b/config/v1/tests/clusterversions.config.openshift.io/CRDCompatibilityRequirementOperator+ClusterAPIMachineManagement.yaml new file mode 100644 index 00000000000..751f7135f79 --- /dev/null +++ b/config/v1/tests/clusterversions.config.openshift.io/CRDCompatibilityRequirementOperator+ClusterAPIMachineManagement.yaml @@ -0,0 +1,122 @@ +apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this +name: "ClusterVersion" +crdName: clusterversions.config.openshift.io +featureGates: + - CRDCompatibilityRequirementOperator + - ClusterAPIMachineManagement +tests: + onCreate: + - name: Should be able to create a ClusterVersion with base capability None, and additional capabilities ClusterAPI and CompatibilityRequirements + initial: | + apiVersion: config.openshift.io/v1 + kind: ClusterVersion + spec: + clusterID: foo + capabilities: + baselineCapabilitySet: None + additionalEnabledCapabilities: + - ClusterAPI + - CompatibilityRequirements + expected: | + apiVersion: config.openshift.io/v1 + kind: ClusterVersion + spec: + clusterID: foo + capabilities: + baselineCapabilitySet: None + additionalEnabledCapabilities: + - ClusterAPI + - CompatibilityRequirements + - name: Should not be able to create a ClusterVersion with base capability None, and additional capability ClusterAPI without CompatibilityRequirements + initial: | + apiVersion: config.openshift.io/v1 + kind: ClusterVersion + spec: + clusterID: foo + capabilities: + baselineCapabilitySet: None + additionalEnabledCapabilities: + - ClusterAPI + expectedError: the `ClusterAPI` capability requires the `CompatibilityRequirements` capability, which is neither explicitly or implicitly enabled in this cluster, please enable the `CompatibilityRequirements` capability + - name: Should be able to create a ClusterVersion with base capability None, and additional capability CompatibilityRequirements without ClusterAPI + initial: | + apiVersion: config.openshift.io/v1 + kind: ClusterVersion + spec: + clusterID: foo + capabilities: + baselineCapabilitySet: None + additionalEnabledCapabilities: + - CompatibilityRequirements + expected: | + apiVersion: config.openshift.io/v1 + kind: ClusterVersion + spec: + clusterID: foo + capabilities: + baselineCapabilitySet: None + additionalEnabledCapabilities: + - CompatibilityRequirements + onUpdate: + - name: Should be able to add the ClusterAPI capability with CompatibilityRequirements already implicitly enabled + initial: | + apiVersion: config.openshift.io/v1 + kind: ClusterVersion + spec: + clusterID: foo + capabilities: + baselineCapabilitySet: None + status: + desired: + version: foo + image: foo + observedGeneration: 1 + versionHash: foo + capabilities: + enabledCapabilities: + - CompatibilityRequirements + availableUpdates: + - version: foo + image: foo + updated: | + apiVersion: config.openshift.io/v1 + kind: ClusterVersion + spec: + clusterID: foo + capabilities: + baselineCapabilitySet: None + additionalEnabledCapabilities: + - ClusterAPI + status: + desired: + version: foo + image: foo + observedGeneration: 1 + versionHash: foo + capabilities: + enabledCapabilities: + - CompatibilityRequirements + availableUpdates: + - version: foo + image: foo + expected: | + apiVersion: config.openshift.io/v1 + kind: ClusterVersion + spec: + clusterID: foo + capabilities: + baselineCapabilitySet: None + additionalEnabledCapabilities: + - ClusterAPI + status: + desired: + version: foo + image: foo + observedGeneration: 1 + versionHash: foo + capabilities: + enabledCapabilities: + - CompatibilityRequirements + availableUpdates: + - version: foo + image: foo diff --git a/config/v1/tests/clusterversions.config.openshift.io/CRDCompatibilityRequirementOperator.yaml b/config/v1/tests/clusterversions.config.openshift.io/CRDCompatibilityRequirementOperator.yaml index e9eb65fff2c..f6eba742b31 100644 --- a/config/v1/tests/clusterversions.config.openshift.io/CRDCompatibilityRequirementOperator.yaml +++ b/config/v1/tests/clusterversions.config.openshift.io/CRDCompatibilityRequirementOperator.yaml @@ -5,7 +5,7 @@ featureGates: - CRDCompatibilityRequirementOperator tests: onCreate: - - name: Should be able to create a ClusterVersion with base capability None, and additional capabilities ClusterAPI and CompatibilityRequirements + - name: Should be able to create a ClusterVersion with base capability None, and additional capability CompatibilityRequirements initial: | apiVersion: config.openshift.io/v1 kind: ClusterVersion @@ -14,7 +14,6 @@ tests: capabilities: baselineCapabilitySet: None additionalEnabledCapabilities: - - ClusterAPI - CompatibilityRequirements expected: | apiVersion: config.openshift.io/v1 @@ -24,98 +23,4 @@ tests: capabilities: baselineCapabilitySet: None additionalEnabledCapabilities: - - ClusterAPI - CompatibilityRequirements - - name: Should not be able to create a ClusterVersion with base capability None, and additional capability ClusterAPI without CompatibilityRequirements - initial: | - apiVersion: config.openshift.io/v1 - kind: ClusterVersion - spec: - clusterID: foo - capabilities: - baselineCapabilitySet: None - additionalEnabledCapabilities: - - ClusterAPI - expectedError: the `ClusterAPI` capability requires the `CompatibilityRequirements` capability, which is neither explicitly or implicitly enabled in this cluster, please enable the `CompatibilityRequirements` capability - - name: Should be able to create a ClusterVersion with base capability None, and additional capability CompatibilityRequirements without ClusterAPI - initial: | - apiVersion: config.openshift.io/v1 - kind: ClusterVersion - spec: - clusterID: foo - capabilities: - baselineCapabilitySet: None - additionalEnabledCapabilities: - - CompatibilityRequirements - expected: | - apiVersion: config.openshift.io/v1 - kind: ClusterVersion - spec: - clusterID: foo - capabilities: - baselineCapabilitySet: None - additionalEnabledCapabilities: - - CompatibilityRequirements - onUpdate: - - name: Should be able to add the ClusterAPI capability with CompatibilityRequirements already implicitly enabled - initial: | - apiVersion: config.openshift.io/v1 - kind: ClusterVersion - spec: - clusterID: foo - capabilities: - baselineCapabilitySet: None - status: - desired: - version: foo - image: foo - observedGeneration: 1 - versionHash: foo - capabilities: - enabledCapabilities: - - CompatibilityRequirements - availableUpdates: - - version: foo - image: foo - updated: | - apiVersion: config.openshift.io/v1 - kind: ClusterVersion - spec: - clusterID: foo - capabilities: - baselineCapabilitySet: None - additionalEnabledCapabilities: - - ClusterAPI - status: - desired: - version: foo - image: foo - observedGeneration: 1 - versionHash: foo - capabilities: - enabledCapabilities: - - CompatibilityRequirements - availableUpdates: - - version: foo - image: foo - expected: | - apiVersion: config.openshift.io/v1 - kind: ClusterVersion - spec: - clusterID: foo - capabilities: - baselineCapabilitySet: None - additionalEnabledCapabilities: - - ClusterAPI - status: - desired: - version: foo - image: foo - observedGeneration: 1 - versionHash: foo - capabilities: - enabledCapabilities: - - CompatibilityRequirements - availableUpdates: - - version: foo - image: foo diff --git a/config/v1/tests/clusterversions.config.openshift.io/ClusterAPIMachineManagement.yaml b/config/v1/tests/clusterversions.config.openshift.io/ClusterAPIMachineManagement.yaml new file mode 100644 index 00000000000..b368048788d --- /dev/null +++ b/config/v1/tests/clusterversions.config.openshift.io/ClusterAPIMachineManagement.yaml @@ -0,0 +1,47 @@ +apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this +name: "ClusterVersion" +crdName: clusterversions.config.openshift.io +featureGates: + - ClusterAPIMachineManagement +tests: + onCreate: + - name: Should be able to create a ClusterVersion with base capability None, and additional capabilities ClusterAPI and CompatibilityRequirements + initial: | + apiVersion: config.openshift.io/v1 + kind: ClusterVersion + spec: + clusterID: foo + capabilities: + baselineCapabilitySet: None + additionalEnabledCapabilities: + - ClusterAPI + - CompatibilityRequirements + expected: | + apiVersion: config.openshift.io/v1 + kind: ClusterVersion + spec: + clusterID: foo + capabilities: + baselineCapabilitySet: None + additionalEnabledCapabilities: + - ClusterAPI + - CompatibilityRequirements + - name: Should be able to create a ClusterVersion with base capability None, and additional capability CompatibilityRequirements without ClusterAPI + initial: | + apiVersion: config.openshift.io/v1 + kind: ClusterVersion + spec: + clusterID: foo + capabilities: + baselineCapabilitySet: None + additionalEnabledCapabilities: + - CompatibilityRequirements + expected: | + apiVersion: config.openshift.io/v1 + kind: ClusterVersion + spec: + clusterID: foo + capabilities: + baselineCapabilitySet: None + additionalEnabledCapabilities: + - CompatibilityRequirements diff --git a/config/v1/types_cluster_version.go b/config/v1/types_cluster_version.go index 266d7f59037..55d4e81b999 100644 --- a/config/v1/types_cluster_version.go +++ b/config/v1/types_cluster_version.go @@ -19,7 +19,7 @@ import ( // +kubebuilder:subresource:status // +kubebuilder:resource:path=clusterversions,scope=Cluster // +kubebuilder:validation:XValidation:rule="has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities) && self.spec.capabilities.baselineCapabilitySet == 'None' && 'marketplace' in self.spec.capabilities.additionalEnabledCapabilities ? 'OperatorLifecycleManager' in self.spec.capabilities.additionalEnabledCapabilities || (has(self.status) && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) && 'OperatorLifecycleManager' in self.status.capabilities.enabledCapabilities) : true",message="the `marketplace` capability requires the `OperatorLifecycleManager` capability, which is neither explicitly or implicitly enabled in this cluster, please enable the `OperatorLifecycleManager` capability" -// +kubebuilder:validation:XValidation:rule="has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities) && 'ClusterAPI' in self.spec.capabilities.additionalEnabledCapabilities ? 'CompatibilityRequirements' in self.spec.capabilities.additionalEnabledCapabilities || (has(self.status) && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) && 'CompatibilityRequirements' in self.status.capabilities.enabledCapabilities) : true",message="the `ClusterAPI` capability requires the `CompatibilityRequirements` capability, which is neither explicitly or implicitly enabled in this cluster, please enable the `CompatibilityRequirements` capability" +// +openshift:validation:FeatureGateAwareXValidation:requiredFeatureGate=CRDCompatibilityRequirementOperator;ClusterAPIMachineManagement,rule="has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities) && 'ClusterAPI' in self.spec.capabilities.additionalEnabledCapabilities ? 'CompatibilityRequirements' in self.spec.capabilities.additionalEnabledCapabilities || (has(self.status) && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) && 'CompatibilityRequirements' in self.status.capabilities.enabledCapabilities) : true",message="the `ClusterAPI` capability requires the `CompatibilityRequirements` capability, which is neither explicitly or implicitly enabled in this cluster, please enable the `CompatibilityRequirements` capability" // +kubebuilder:printcolumn:name=Version,JSONPath=.status.history[?(@.state=="Completed")].version,type=string // +kubebuilder:printcolumn:name=Available,JSONPath=.status.conditions[?(@.type=="Available")].status,type=string // +kubebuilder:printcolumn:name=Progressing,JSONPath=.status.conditions[?(@.type=="Progressing")].status,type=string @@ -306,7 +306,9 @@ const ( // ClusterVersionCapability enumerates optional, core cluster components. // +openshift:validation:FeatureGateAwareEnum:featureGate="",enum=openshift-samples;baremetal;marketplace;Console;Insights;Storage;CSISnapshot;NodeTuning;MachineAPI;Build;DeploymentConfig;ImageRegistry;OperatorLifecycleManager;CloudCredential;Ingress;CloudControllerManager;OperatorLifecycleManagerV1 -// +openshift:validation:FeatureGateAwareEnum:featureGate=CRDCompatibilityRequirementOperator,enum=openshift-samples;baremetal;marketplace;Console;Insights;Storage;CSISnapshot;NodeTuning;MachineAPI;Build;DeploymentConfig;ImageRegistry;OperatorLifecycleManager;CloudCredential;Ingress;CloudControllerManager;OperatorLifecycleManagerV1;CompatibilityRequirements;ClusterAPI +// +openshift:validation:FeatureGateAwareEnum:featureGate=CRDCompatibilityRequirementOperator,enum=openshift-samples;baremetal;marketplace;Console;Insights;Storage;CSISnapshot;NodeTuning;MachineAPI;Build;DeploymentConfig;ImageRegistry;OperatorLifecycleManager;CloudCredential;Ingress;CloudControllerManager;OperatorLifecycleManagerV1;CompatibilityRequirements +// +openshift:validation:FeatureGateAwareEnum:featureGate=ClusterAPIMachineManagement,enum=openshift-samples;baremetal;marketplace;Console;Insights;Storage;CSISnapshot;NodeTuning;MachineAPI;Build;DeploymentConfig;ImageRegistry;OperatorLifecycleManager;CloudCredential;Ingress;CloudControllerManager;OperatorLifecycleManagerV1;CompatibilityRequirements;ClusterAPI +// +openshift:validation:FeatureGateAwareEnum:requiredFeatureGate=CRDCompatibilityRequirementOperator;ClusterAPIMachineManagement,enum=openshift-samples;baremetal;marketplace;Console;Insights;Storage;CSISnapshot;NodeTuning;MachineAPI;Build;DeploymentConfig;ImageRegistry;OperatorLifecycleManager;CloudCredential;Ingress;CloudControllerManager;OperatorLifecycleManagerV1;CompatibilityRequirements;ClusterAPI type ClusterVersionCapability string const ( diff --git a/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-CustomNoUpgrade.crd.yaml b/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-CustomNoUpgrade.crd.yaml index 1702e755aff..614cacb4691 100644 --- a/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-CustomNoUpgrade.crd.yaml +++ b/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-CustomNoUpgrade.crd.yaml @@ -1139,15 +1139,6 @@ spec: && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) && ''OperatorLifecycleManager'' in self.status.capabilities.enabledCapabilities) : true' - - message: the `ClusterAPI` capability requires the `CompatibilityRequirements` - capability, which is neither explicitly or implicitly enabled in this - cluster, please enable the `CompatibilityRequirements` capability - rule: 'has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities) - && ''ClusterAPI'' in self.spec.capabilities.additionalEnabledCapabilities - ? ''CompatibilityRequirements'' in self.spec.capabilities.additionalEnabledCapabilities - || (has(self.status) && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) - && ''CompatibilityRequirements'' in self.status.capabilities.enabledCapabilities) - : true' served: true storage: true subresources: diff --git a/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-Default.crd.yaml b/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-Default.crd.yaml index 32bb7fd5786..430a39025ff 100644 --- a/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-Default.crd.yaml +++ b/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-Default.crd.yaml @@ -790,15 +790,6 @@ spec: && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) && ''OperatorLifecycleManager'' in self.status.capabilities.enabledCapabilities) : true' - - message: the `ClusterAPI` capability requires the `CompatibilityRequirements` - capability, which is neither explicitly or implicitly enabled in this - cluster, please enable the `CompatibilityRequirements` capability - rule: 'has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities) - && ''ClusterAPI'' in self.spec.capabilities.additionalEnabledCapabilities - ? ''CompatibilityRequirements'' in self.spec.capabilities.additionalEnabledCapabilities - || (has(self.status) && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) - && ''CompatibilityRequirements'' in self.status.capabilities.enabledCapabilities) - : true' served: true storage: true subresources: diff --git a/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-DevPreviewNoUpgrade.crd.yaml b/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-DevPreviewNoUpgrade.crd.yaml index ac031e99af7..a376d14fb74 100644 --- a/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-DevPreviewNoUpgrade.crd.yaml +++ b/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-DevPreviewNoUpgrade.crd.yaml @@ -1139,15 +1139,6 @@ spec: && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) && ''OperatorLifecycleManager'' in self.status.capabilities.enabledCapabilities) : true' - - message: the `ClusterAPI` capability requires the `CompatibilityRequirements` - capability, which is neither explicitly or implicitly enabled in this - cluster, please enable the `CompatibilityRequirements` capability - rule: 'has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities) - && ''ClusterAPI'' in self.spec.capabilities.additionalEnabledCapabilities - ? ''CompatibilityRequirements'' in self.spec.capabilities.additionalEnabledCapabilities - || (has(self.status) && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) - && ''CompatibilityRequirements'' in self.status.capabilities.enabledCapabilities) - : true' served: true storage: true subresources: diff --git a/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-OKD.crd.yaml b/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-OKD.crd.yaml index 9c392c43ca4..1ae333ddc69 100644 --- a/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-OKD.crd.yaml +++ b/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-OKD.crd.yaml @@ -790,15 +790,6 @@ spec: && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) && ''OperatorLifecycleManager'' in self.status.capabilities.enabledCapabilities) : true' - - message: the `ClusterAPI` capability requires the `CompatibilityRequirements` - capability, which is neither explicitly or implicitly enabled in this - cluster, please enable the `CompatibilityRequirements` capability - rule: 'has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities) - && ''ClusterAPI'' in self.spec.capabilities.additionalEnabledCapabilities - ? ''CompatibilityRequirements'' in self.spec.capabilities.additionalEnabledCapabilities - || (has(self.status) && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) - && ''CompatibilityRequirements'' in self.status.capabilities.enabledCapabilities) - : true' served: true storage: true subresources: diff --git a/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-TechPreviewNoUpgrade.crd.yaml b/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-TechPreviewNoUpgrade.crd.yaml index 27985043e37..dfc58b34fa0 100644 --- a/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-TechPreviewNoUpgrade.crd.yaml +++ b/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-TechPreviewNoUpgrade.crd.yaml @@ -1122,15 +1122,6 @@ spec: && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) && ''OperatorLifecycleManager'' in self.status.capabilities.enabledCapabilities) : true' - - message: the `ClusterAPI` capability requires the `CompatibilityRequirements` - capability, which is neither explicitly or implicitly enabled in this - cluster, please enable the `CompatibilityRequirements` capability - rule: 'has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities) - && ''ClusterAPI'' in self.spec.capabilities.additionalEnabledCapabilities - ? ''CompatibilityRequirements'' in self.spec.capabilities.additionalEnabledCapabilities - || (has(self.status) && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) - && ''CompatibilityRequirements'' in self.status.capabilities.enabledCapabilities) - : true' served: true storage: true subresources: diff --git a/config/v1/zz_generated.featuregated-crd-manifests.yaml b/config/v1/zz_generated.featuregated-crd-manifests.yaml index de54ce8be53..a065c1cf2fd 100644 --- a/config/v1/zz_generated.featuregated-crd-manifests.yaml +++ b/config/v1/zz_generated.featuregated-crd-manifests.yaml @@ -146,6 +146,8 @@ clusterversions.config.openshift.io: Category: "" FeatureGates: - CRDCompatibilityRequirementOperator + - CRDCompatibilityRequirementOperator+ClusterAPIMachineManagement + - ClusterAPIMachineManagement - ClusterUpdateAcceptRisks - ClusterUpdatePreflight - ImageStreamImportMode diff --git a/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/AAA_ungated.yaml b/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/AAA_ungated.yaml index 8b2c4f23f52..c7edb6835a1 100644 --- a/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/AAA_ungated.yaml +++ b/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/AAA_ungated.yaml @@ -759,15 +759,6 @@ spec: && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) && ''OperatorLifecycleManager'' in self.status.capabilities.enabledCapabilities) : true' - - message: the `ClusterAPI` capability requires the `CompatibilityRequirements` - capability, which is neither explicitly or implicitly enabled in this - cluster, please enable the `CompatibilityRequirements` capability - rule: 'has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities) - && ''ClusterAPI'' in self.spec.capabilities.additionalEnabledCapabilities - ? ''CompatibilityRequirements'' in self.spec.capabilities.additionalEnabledCapabilities - || (has(self.status) && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) - && ''CompatibilityRequirements'' in self.status.capabilities.enabledCapabilities) - : true' served: true storage: true subresources: diff --git a/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/CRDCompatibilityRequirementOperator+ClusterAPIMachineManagement.yaml b/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/CRDCompatibilityRequirementOperator+ClusterAPIMachineManagement.yaml new file mode 100644 index 00000000000..a7067dbf304 --- /dev/null +++ b/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/CRDCompatibilityRequirementOperator+ClusterAPIMachineManagement.yaml @@ -0,0 +1,781 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/495 + api.openshift.io/filename-cvo-runlevel: "0000_00" + api.openshift.io/filename-operator: cluster-version-operator + api.openshift.io/filename-ordering: "01" + feature-gate.release.openshift.io/CRDCompatibilityRequirementOperator: "true" + feature-gate.release.openshift.io/ClusterAPIMachineManagement: "true" + include.release.openshift.io/self-managed-high-availability: "true" + name: clusterversions.config.openshift.io +spec: + group: config.openshift.io + names: + kind: ClusterVersion + listKind: ClusterVersionList + plural: clusterversions + singular: clusterversion + scope: Cluster + versions: + - additionalPrinterColumns: + - jsonPath: .status.history[?(@.state=="Completed")].version + name: Version + type: string + - jsonPath: .status.conditions[?(@.type=="Available")].status + name: Available + type: string + - jsonPath: .status.conditions[?(@.type=="Progressing")].status + name: Progressing + type: string + - jsonPath: .status.conditions[?(@.type=="Progressing")].lastTransitionTime + name: Since + type: date + - jsonPath: .status.conditions[?(@.type=="Progressing")].message + name: Status + type: string + name: v1 + schema: + openAPIV3Schema: + description: |- + ClusterVersion is the configuration for the ClusterVersionOperator. This is where + parameters related to automatic updates can be set. + + Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: |- + spec is the desired state of the cluster version - the operator will work + to ensure that the desired version is applied to the cluster. + properties: + capabilities: + description: |- + capabilities configures the installation of optional, core + cluster components. A null value here is identical to an + empty object; see the child properties for default semantics. + properties: + additionalEnabledCapabilities: + description: |- + additionalEnabledCapabilities extends the set of managed + capabilities beyond the baseline defined in + baselineCapabilitySet. The default is an empty set. + items: + description: ClusterVersionCapability enumerates optional, core + cluster components. + enum: + - openshift-samples + - baremetal + - marketplace + - Console + - Insights + - Storage + - CSISnapshot + - NodeTuning + - MachineAPI + - Build + - DeploymentConfig + - ImageRegistry + - OperatorLifecycleManager + - CloudCredential + - Ingress + - CloudControllerManager + - OperatorLifecycleManagerV1 + - CompatibilityRequirements + - ClusterAPI + type: string + type: array + x-kubernetes-list-type: atomic + baselineCapabilitySet: + description: |- + baselineCapabilitySet selects an initial set of + optional capabilities to enable, which can be extended via + additionalEnabledCapabilities. If unset, the cluster will + choose a default, and the default may change over time. + The current default is vCurrent. + enum: + - None + - v4.11 + - v4.12 + - v4.13 + - v4.14 + - v4.15 + - v4.16 + - v4.17 + - v4.18 + - vCurrent + type: string + type: object + channel: + description: |- + channel is an identifier for explicitly requesting a non-default set + of updates to be applied to this cluster. The default channel will + contain stable updates that are appropriate for production clusters. + type: string + clusterID: + description: |- + clusterID uniquely identifies this cluster. This is expected to be + an RFC4122 UUID value (xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx in + hexadecimal values). This is a required field. + type: string + desiredUpdate: + description: |- + desiredUpdate is an optional field that indicates the desired value of + the cluster version. Setting this value will trigger an upgrade (if + the current version does not match the desired version). The set of + recommended update values is listed as part of available updates in + status, and setting values outside that range may cause the upgrade + to fail. + + Some of the fields are inter-related with restrictions and meanings described here. + 1. image is specified, version is specified, architecture is specified. API validation error. + 2. image is specified, version is specified, architecture is not specified. The version extracted from the referenced image must match the specified version. + 3. image is specified, version is not specified, architecture is specified. API validation error. + 4. image is specified, version is not specified, architecture is not specified. image is used. + 5. image is not specified, version is specified, architecture is specified. version and desired architecture are used to select an image. + 6. image is not specified, version is specified, architecture is not specified. version and current architecture are used to select an image. + 7. image is not specified, version is not specified, architecture is specified. API validation error. + 8. image is not specified, version is not specified, architecture is not specified. API validation error. + + If an upgrade fails the operator will halt and report status + about the failing component. Setting the desired update value back to + the previous version will cause a rollback to be attempted if the + previous version is within the current minor version. Not all + rollbacks will succeed, and some may unrecoverably break the + cluster. + properties: + architecture: + description: |- + architecture is an optional field that indicates the desired + value of the cluster architecture. In this context cluster + architecture means either a single architecture or a multi + architecture. architecture can only be set to Multi thereby + only allowing updates from single to multi architecture. If + architecture is set, image cannot be set and version must be + set. + Valid values are 'Multi' and empty. + enum: + - Multi + - "" + type: string + force: + description: |- + force allows an administrator to update to an image that has failed + verification or upgradeable checks that are designed to keep your + cluster safe. Only use this if: + * you are testing unsigned release images in short-lived test clusters or + * you are working around a known bug in the cluster-version + operator and you have verified the authenticity of the provided + image yourself. + The provided image will run with full administrative access + to the cluster. Do not use this flag with images that come from unknown + or potentially malicious sources. + type: boolean + image: + description: |- + image is a container image location that contains the update. + image should be used when the desired version does not exist in availableUpdates or history. + When image is set, architecture cannot be specified. + If both version and image are set, the version extracted from the referenced image must match the specified version. + type: string + version: + description: |- + version is a semantic version identifying the update version. + version is required if architecture is specified. + If both version and image are set, the version extracted from the referenced image must match the specified version. + type: string + type: object + x-kubernetes-validations: + - message: cannot set both Architecture and Image + rule: 'has(self.architecture) && has(self.image) ? (self.architecture + == "" || self.image == "") : true' + - message: Version must be set if Architecture is set + rule: 'has(self.architecture) && self.architecture != "" ? self.version + != "" : true' + overrides: + description: |- + overrides is list of overides for components that are managed by + cluster version operator. Marking a component unmanaged will prevent + the operator from creating or updating the object. + items: + description: |- + ComponentOverride allows overriding cluster version operator's behavior + for a component. + properties: + group: + description: group identifies the API group that the kind is + in. + type: string + kind: + description: kind indentifies which object to override. + type: string + name: + description: name is the component's name. + type: string + namespace: + description: |- + namespace is the component's namespace. If the resource is cluster + scoped, the namespace should be empty. + type: string + unmanaged: + description: |- + unmanaged controls if cluster version operator should stop managing the + resources in this cluster. + Default: false + type: boolean + required: + - group + - kind + - name + - namespace + - unmanaged + type: object + type: array + x-kubernetes-list-map-keys: + - kind + - group + - namespace + - name + x-kubernetes-list-type: map + upstream: + description: |- + upstream may be used to specify the preferred update server. By default + it will use the appropriate update server for the cluster and region. + type: string + required: + - clusterID + type: object + status: + description: |- + status contains information about the available updates and any in-progress + updates. + properties: + availableUpdates: + description: |- + availableUpdates contains updates recommended for this + cluster. Updates which appear in conditionalUpdates but not in + availableUpdates may expose this cluster to known issues. This list + may be empty if no updates are recommended, if the update service + is unavailable, or if an invalid channel has been specified. + items: + description: Release represents an OpenShift release image and associated + metadata. + properties: + channels: + description: |- + channels is the set of Cincinnati channels to which the release + currently belongs. + items: + type: string + type: array + x-kubernetes-list-type: set + image: + description: |- + image is a container image location that contains the update. When this + field is part of spec, image is optional if version is specified and the + availableUpdates field contains a matching version. + type: string + url: + description: |- + url contains information about this release. This URL is set by + the 'url' metadata property on a release or the metadata returned by + the update API and should be displayed as a link in user + interfaces. The URL field may not be set for test or nightly + releases. + type: string + version: + description: |- + version is a semantic version identifying the update version. When this + field is part of spec, version is optional if image is specified. + type: string + required: + - image + - version + type: object + nullable: true + type: array + x-kubernetes-list-type: atomic + capabilities: + description: capabilities describes the state of optional, core cluster + components. + properties: + enabledCapabilities: + description: enabledCapabilities lists all the capabilities that + are currently managed. + items: + description: ClusterVersionCapability enumerates optional, core + cluster components. + enum: + - openshift-samples + - baremetal + - marketplace + - Console + - Insights + - Storage + - CSISnapshot + - NodeTuning + - MachineAPI + - Build + - DeploymentConfig + - ImageRegistry + - OperatorLifecycleManager + - CloudCredential + - Ingress + - CloudControllerManager + - OperatorLifecycleManagerV1 + - CompatibilityRequirements + - ClusterAPI + type: string + type: array + x-kubernetes-list-type: atomic + knownCapabilities: + description: knownCapabilities lists all the capabilities known + to the current cluster. + items: + description: ClusterVersionCapability enumerates optional, core + cluster components. + enum: + - openshift-samples + - baremetal + - marketplace + - Console + - Insights + - Storage + - CSISnapshot + - NodeTuning + - MachineAPI + - Build + - DeploymentConfig + - ImageRegistry + - OperatorLifecycleManager + - CloudCredential + - Ingress + - CloudControllerManager + - OperatorLifecycleManagerV1 + - CompatibilityRequirements + - ClusterAPI + type: string + type: array + x-kubernetes-list-type: atomic + type: object + conditionalUpdates: + description: |- + conditionalUpdates contains the list of updates that may be + recommended for this cluster if it meets specific required + conditions. Consumers interested in the set of updates that are + actually recommended for this cluster should use + availableUpdates. This list may be empty if no updates are + recommended, if the update service is unavailable, or if an empty + or invalid channel has been specified. + items: + description: |- + ConditionalUpdate represents an update which is recommended to some + clusters on the version the current cluster is reconciling, but which + may not be recommended for the current cluster. + properties: + conditions: + description: |- + conditions represents the observations of the conditional update's + current status. Known types are: + * Recommended, for whether the update is recommended for the current cluster. + items: + description: Condition contains details for one aspect of + the current state of this API Resource. + properties: + lastTransitionTime: + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, + Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + release: + description: release is the target of the update. + properties: + channels: + description: |- + channels is the set of Cincinnati channels to which the release + currently belongs. + items: + type: string + type: array + x-kubernetes-list-type: set + image: + description: |- + image is a container image location that contains the update. When this + field is part of spec, image is optional if version is specified and the + availableUpdates field contains a matching version. + type: string + url: + description: |- + url contains information about this release. This URL is set by + the 'url' metadata property on a release or the metadata returned by + the update API and should be displayed as a link in user + interfaces. The URL field may not be set for test or nightly + releases. + type: string + version: + description: |- + version is a semantic version identifying the update version. When this + field is part of spec, version is optional if image is specified. + type: string + required: + - image + - version + type: object + risks: + description: |- + risks represents the range of issues associated with + updating to the target release. The cluster-version + operator will evaluate all entries, and only recommend the + update if there is at least one entry and all entries + recommend the update. + items: + description: |- + ConditionalUpdateRisk represents a reason and cluster-state + for not recommending a conditional update. + properties: + matchingRules: + description: |- + matchingRules is a slice of conditions for deciding which + clusters match the risk and which do not. The slice is + ordered by decreasing precedence. The cluster-version + operator will walk the slice in order, and stop after the + first it can successfully evaluate. If no condition can be + successfully evaluated, the update will not be recommended. + items: + description: |- + ClusterCondition is a union of typed cluster conditions. The 'type' + property determines which of the type-specific properties are relevant. + When evaluated on a cluster, the condition may match, not match, or + fail to evaluate. + properties: + promql: + description: promql represents a cluster condition + based on PromQL. + properties: + promql: + description: |- + promql is a PromQL query classifying clusters. This query + query should return a 1 in the match case and a 0 in the + does-not-match case. Queries which return no time + series, or which return values besides 0 or 1, are + evaluation failures. + type: string + required: + - promql + type: object + type: + description: |- + type represents the cluster-condition type. This defines + the members and semantics of any additional properties. + enum: + - Always + - PromQL + type: string + required: + - type + type: object + minItems: 1 + type: array + x-kubernetes-list-type: atomic + message: + description: |- + message provides additional information about the risk of + updating, in the event that matchingRules match the cluster + state. This is only to be consumed by humans. It may + contain Line Feed characters (U+000A), which should be + rendered as new lines. + minLength: 1 + type: string + name: + description: |- + name is the CamelCase reason for not recommending a + conditional update, in the event that matchingRules match the + cluster state. + minLength: 1 + type: string + url: + description: url contains information about this risk. + format: uri + minLength: 1 + type: string + required: + - matchingRules + - message + - name + - url + type: object + maxItems: 200 + minItems: 1 + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + required: + - release + - risks + type: object + maxItems: 500 + type: array + x-kubernetes-list-type: atomic + conditions: + description: |- + conditions provides information about the cluster version. The condition + "Available" is set to true if the desiredUpdate has been reached. The + condition "Progressing" is set to true if an update is being applied. + The condition "Degraded" is set to true if an update is currently blocked + by a temporary or permanent error. Conditions are only valid for the + current desiredUpdate when metadata.generation is equal to + status.generation. + items: + description: |- + ClusterOperatorStatusCondition represents the state of the operator's + managed and monitored components. + properties: + lastTransitionTime: + description: lastTransitionTime is the time of the last update + to the current status property. + format: date-time + type: string + message: + description: |- + message provides additional information about the current condition. + This is only to be consumed by humans. It may contain Line Feed + characters (U+000A), which should be rendered as new lines. + type: string + reason: + description: reason is the CamelCase reason for the condition's + current status. + type: string + status: + description: status of the condition, one of True, False, Unknown. + type: string + type: + description: type specifies the aspect reported by this condition. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + desired: + description: |- + desired is the version that the cluster is reconciling towards. + If the cluster is not yet fully initialized desired will be set + with the information available, which may be an image or a tag. + properties: + channels: + description: |- + channels is the set of Cincinnati channels to which the release + currently belongs. + items: + type: string + type: array + x-kubernetes-list-type: set + image: + description: |- + image is a container image location that contains the update. When this + field is part of spec, image is optional if version is specified and the + availableUpdates field contains a matching version. + type: string + url: + description: |- + url contains information about this release. This URL is set by + the 'url' metadata property on a release or the metadata returned by + the update API and should be displayed as a link in user + interfaces. The URL field may not be set for test or nightly + releases. + type: string + version: + description: |- + version is a semantic version identifying the update version. When this + field is part of spec, version is optional if image is specified. + type: string + required: + - image + - version + type: object + history: + description: |- + history contains a list of the most recent versions applied to the cluster. + This value may be empty during cluster startup, and then will be updated + when a new update is being applied. The newest update is first in the + list and it is ordered by recency. Updates in the history have state + Completed if the rollout completed - if an update was failing or halfway + applied the state will be Partial. Only a limited amount of update history + is preserved. + items: + description: UpdateHistory is a single attempted update to the cluster. + properties: + acceptedRisks: + description: |- + acceptedRisks records risks which were accepted to initiate the update. + For example, it may mention an Upgradeable=False or missing signature + that was overridden via desiredUpdate.force, or an update that was + initiated despite not being in the availableUpdates set of recommended + update targets. + type: string + completionTime: + description: |- + completionTime, if set, is when the update was fully applied. The update + that is currently being applied will have a null completion time. + Completion time will always be set for entries that are not the current + update (usually to the started time of the next update). + format: date-time + nullable: true + type: string + image: + description: |- + image is a container image location that contains the update. This value + is always populated. + type: string + startedTime: + description: startedTime is the time at which the update was + started. + format: date-time + type: string + state: + description: |- + state reflects whether the update was fully applied. The Partial state + indicates the update is not fully applied, while the Completed state + indicates the update was successfully rolled out at least once (all + parts of the update successfully applied). + type: string + verified: + description: |- + verified indicates whether the provided update was properly verified + before it was installed. If this is false the cluster may not be trusted. + Verified does not cover upgradeable checks that depend on the cluster + state at the time when the update target was accepted. + type: boolean + version: + description: |- + version is a semantic version identifying the update version. If the + requested image does not define a version, or if a failure occurs + retrieving the image, this value may be empty. + type: string + required: + - completionTime + - image + - startedTime + - state + - verified + type: object + type: array + x-kubernetes-list-type: atomic + observedGeneration: + description: |- + observedGeneration reports which version of the spec is being synced. + If this value is not equal to metadata.generation, then the desired + and conditions fields may represent a previous version. + format: int64 + type: integer + versionHash: + description: |- + versionHash is a fingerprint of the content that the cluster will be + updated with. It is used by the operator to avoid unnecessary work + and is for internal use only. + type: string + required: + - availableUpdates + - desired + - observedGeneration + - versionHash + type: object + required: + - spec + type: object + x-kubernetes-validations: + - message: the `ClusterAPI` capability requires the `CompatibilityRequirements` + capability, which is neither explicitly or implicitly enabled in this + cluster, please enable the `CompatibilityRequirements` capability + rule: 'has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities) + && ''ClusterAPI'' in self.spec.capabilities.additionalEnabledCapabilities + ? ''CompatibilityRequirements'' in self.spec.capabilities.additionalEnabledCapabilities + || (has(self.status) && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) + && ''CompatibilityRequirements'' in self.status.capabilities.enabledCapabilities) + : true' + - message: the `marketplace` capability requires the `OperatorLifecycleManager` + capability, which is neither explicitly or implicitly enabled in this + cluster, please enable the `OperatorLifecycleManager` capability + rule: 'has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities) + && self.spec.capabilities.baselineCapabilitySet == ''None'' && ''marketplace'' + in self.spec.capabilities.additionalEnabledCapabilities ? ''OperatorLifecycleManager'' + in self.spec.capabilities.additionalEnabledCapabilities || (has(self.status) + && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) + && ''OperatorLifecycleManager'' in self.status.capabilities.enabledCapabilities) + : true' + served: true + storage: true + subresources: + status: {} diff --git a/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/CRDCompatibilityRequirementOperator.yaml b/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/CRDCompatibilityRequirementOperator.yaml index 10b6d4f889d..f94c6aaf8d4 100644 --- a/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/CRDCompatibilityRequirementOperator.yaml +++ b/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/CRDCompatibilityRequirementOperator.yaml @@ -98,7 +98,6 @@ spec: - CloudControllerManager - OperatorLifecycleManagerV1 - CompatibilityRequirements - - ClusterAPI type: string type: array x-kubernetes-list-type: atomic @@ -340,7 +339,6 @@ spec: - CloudControllerManager - OperatorLifecycleManagerV1 - CompatibilityRequirements - - ClusterAPI type: string type: array x-kubernetes-list-type: atomic @@ -369,7 +367,6 @@ spec: - CloudControllerManager - OperatorLifecycleManagerV1 - CompatibilityRequirements - - ClusterAPI type: string type: array x-kubernetes-list-type: atomic @@ -765,15 +762,6 @@ spec: && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) && ''OperatorLifecycleManager'' in self.status.capabilities.enabledCapabilities) : true' - - message: the `ClusterAPI` capability requires the `CompatibilityRequirements` - capability, which is neither explicitly or implicitly enabled in this - cluster, please enable the `CompatibilityRequirements` capability - rule: 'has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities) - && ''ClusterAPI'' in self.spec.capabilities.additionalEnabledCapabilities - ? ''CompatibilityRequirements'' in self.spec.capabilities.additionalEnabledCapabilities - || (has(self.status) && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) - && ''CompatibilityRequirements'' in self.status.capabilities.enabledCapabilities) - : true' served: true storage: true subresources: diff --git a/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/ClusterAPIMachineManagement.yaml b/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/ClusterAPIMachineManagement.yaml new file mode 100644 index 00000000000..a107ab56705 --- /dev/null +++ b/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/ClusterAPIMachineManagement.yaml @@ -0,0 +1,771 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/495 + api.openshift.io/filename-cvo-runlevel: "0000_00" + api.openshift.io/filename-operator: cluster-version-operator + api.openshift.io/filename-ordering: "01" + feature-gate.release.openshift.io/ClusterAPIMachineManagement: "true" + include.release.openshift.io/self-managed-high-availability: "true" + name: clusterversions.config.openshift.io +spec: + group: config.openshift.io + names: + kind: ClusterVersion + listKind: ClusterVersionList + plural: clusterversions + singular: clusterversion + scope: Cluster + versions: + - additionalPrinterColumns: + - jsonPath: .status.history[?(@.state=="Completed")].version + name: Version + type: string + - jsonPath: .status.conditions[?(@.type=="Available")].status + name: Available + type: string + - jsonPath: .status.conditions[?(@.type=="Progressing")].status + name: Progressing + type: string + - jsonPath: .status.conditions[?(@.type=="Progressing")].lastTransitionTime + name: Since + type: date + - jsonPath: .status.conditions[?(@.type=="Progressing")].message + name: Status + type: string + name: v1 + schema: + openAPIV3Schema: + description: |- + ClusterVersion is the configuration for the ClusterVersionOperator. This is where + parameters related to automatic updates can be set. + + Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: |- + spec is the desired state of the cluster version - the operator will work + to ensure that the desired version is applied to the cluster. + properties: + capabilities: + description: |- + capabilities configures the installation of optional, core + cluster components. A null value here is identical to an + empty object; see the child properties for default semantics. + properties: + additionalEnabledCapabilities: + description: |- + additionalEnabledCapabilities extends the set of managed + capabilities beyond the baseline defined in + baselineCapabilitySet. The default is an empty set. + items: + description: ClusterVersionCapability enumerates optional, core + cluster components. + enum: + - openshift-samples + - baremetal + - marketplace + - Console + - Insights + - Storage + - CSISnapshot + - NodeTuning + - MachineAPI + - Build + - DeploymentConfig + - ImageRegistry + - OperatorLifecycleManager + - CloudCredential + - Ingress + - CloudControllerManager + - OperatorLifecycleManagerV1 + - CompatibilityRequirements + - ClusterAPI + type: string + type: array + x-kubernetes-list-type: atomic + baselineCapabilitySet: + description: |- + baselineCapabilitySet selects an initial set of + optional capabilities to enable, which can be extended via + additionalEnabledCapabilities. If unset, the cluster will + choose a default, and the default may change over time. + The current default is vCurrent. + enum: + - None + - v4.11 + - v4.12 + - v4.13 + - v4.14 + - v4.15 + - v4.16 + - v4.17 + - v4.18 + - vCurrent + type: string + type: object + channel: + description: |- + channel is an identifier for explicitly requesting a non-default set + of updates to be applied to this cluster. The default channel will + contain stable updates that are appropriate for production clusters. + type: string + clusterID: + description: |- + clusterID uniquely identifies this cluster. This is expected to be + an RFC4122 UUID value (xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx in + hexadecimal values). This is a required field. + type: string + desiredUpdate: + description: |- + desiredUpdate is an optional field that indicates the desired value of + the cluster version. Setting this value will trigger an upgrade (if + the current version does not match the desired version). The set of + recommended update values is listed as part of available updates in + status, and setting values outside that range may cause the upgrade + to fail. + + Some of the fields are inter-related with restrictions and meanings described here. + 1. image is specified, version is specified, architecture is specified. API validation error. + 2. image is specified, version is specified, architecture is not specified. The version extracted from the referenced image must match the specified version. + 3. image is specified, version is not specified, architecture is specified. API validation error. + 4. image is specified, version is not specified, architecture is not specified. image is used. + 5. image is not specified, version is specified, architecture is specified. version and desired architecture are used to select an image. + 6. image is not specified, version is specified, architecture is not specified. version and current architecture are used to select an image. + 7. image is not specified, version is not specified, architecture is specified. API validation error. + 8. image is not specified, version is not specified, architecture is not specified. API validation error. + + If an upgrade fails the operator will halt and report status + about the failing component. Setting the desired update value back to + the previous version will cause a rollback to be attempted if the + previous version is within the current minor version. Not all + rollbacks will succeed, and some may unrecoverably break the + cluster. + properties: + architecture: + description: |- + architecture is an optional field that indicates the desired + value of the cluster architecture. In this context cluster + architecture means either a single architecture or a multi + architecture. architecture can only be set to Multi thereby + only allowing updates from single to multi architecture. If + architecture is set, image cannot be set and version must be + set. + Valid values are 'Multi' and empty. + enum: + - Multi + - "" + type: string + force: + description: |- + force allows an administrator to update to an image that has failed + verification or upgradeable checks that are designed to keep your + cluster safe. Only use this if: + * you are testing unsigned release images in short-lived test clusters or + * you are working around a known bug in the cluster-version + operator and you have verified the authenticity of the provided + image yourself. + The provided image will run with full administrative access + to the cluster. Do not use this flag with images that come from unknown + or potentially malicious sources. + type: boolean + image: + description: |- + image is a container image location that contains the update. + image should be used when the desired version does not exist in availableUpdates or history. + When image is set, architecture cannot be specified. + If both version and image are set, the version extracted from the referenced image must match the specified version. + type: string + version: + description: |- + version is a semantic version identifying the update version. + version is required if architecture is specified. + If both version and image are set, the version extracted from the referenced image must match the specified version. + type: string + type: object + x-kubernetes-validations: + - message: cannot set both Architecture and Image + rule: 'has(self.architecture) && has(self.image) ? (self.architecture + == "" || self.image == "") : true' + - message: Version must be set if Architecture is set + rule: 'has(self.architecture) && self.architecture != "" ? self.version + != "" : true' + overrides: + description: |- + overrides is list of overides for components that are managed by + cluster version operator. Marking a component unmanaged will prevent + the operator from creating or updating the object. + items: + description: |- + ComponentOverride allows overriding cluster version operator's behavior + for a component. + properties: + group: + description: group identifies the API group that the kind is + in. + type: string + kind: + description: kind indentifies which object to override. + type: string + name: + description: name is the component's name. + type: string + namespace: + description: |- + namespace is the component's namespace. If the resource is cluster + scoped, the namespace should be empty. + type: string + unmanaged: + description: |- + unmanaged controls if cluster version operator should stop managing the + resources in this cluster. + Default: false + type: boolean + required: + - group + - kind + - name + - namespace + - unmanaged + type: object + type: array + x-kubernetes-list-map-keys: + - kind + - group + - namespace + - name + x-kubernetes-list-type: map + upstream: + description: |- + upstream may be used to specify the preferred update server. By default + it will use the appropriate update server for the cluster and region. + type: string + required: + - clusterID + type: object + status: + description: |- + status contains information about the available updates and any in-progress + updates. + properties: + availableUpdates: + description: |- + availableUpdates contains updates recommended for this + cluster. Updates which appear in conditionalUpdates but not in + availableUpdates may expose this cluster to known issues. This list + may be empty if no updates are recommended, if the update service + is unavailable, or if an invalid channel has been specified. + items: + description: Release represents an OpenShift release image and associated + metadata. + properties: + channels: + description: |- + channels is the set of Cincinnati channels to which the release + currently belongs. + items: + type: string + type: array + x-kubernetes-list-type: set + image: + description: |- + image is a container image location that contains the update. When this + field is part of spec, image is optional if version is specified and the + availableUpdates field contains a matching version. + type: string + url: + description: |- + url contains information about this release. This URL is set by + the 'url' metadata property on a release or the metadata returned by + the update API and should be displayed as a link in user + interfaces. The URL field may not be set for test or nightly + releases. + type: string + version: + description: |- + version is a semantic version identifying the update version. When this + field is part of spec, version is optional if image is specified. + type: string + required: + - image + - version + type: object + nullable: true + type: array + x-kubernetes-list-type: atomic + capabilities: + description: capabilities describes the state of optional, core cluster + components. + properties: + enabledCapabilities: + description: enabledCapabilities lists all the capabilities that + are currently managed. + items: + description: ClusterVersionCapability enumerates optional, core + cluster components. + enum: + - openshift-samples + - baremetal + - marketplace + - Console + - Insights + - Storage + - CSISnapshot + - NodeTuning + - MachineAPI + - Build + - DeploymentConfig + - ImageRegistry + - OperatorLifecycleManager + - CloudCredential + - Ingress + - CloudControllerManager + - OperatorLifecycleManagerV1 + - CompatibilityRequirements + - ClusterAPI + type: string + type: array + x-kubernetes-list-type: atomic + knownCapabilities: + description: knownCapabilities lists all the capabilities known + to the current cluster. + items: + description: ClusterVersionCapability enumerates optional, core + cluster components. + enum: + - openshift-samples + - baremetal + - marketplace + - Console + - Insights + - Storage + - CSISnapshot + - NodeTuning + - MachineAPI + - Build + - DeploymentConfig + - ImageRegistry + - OperatorLifecycleManager + - CloudCredential + - Ingress + - CloudControllerManager + - OperatorLifecycleManagerV1 + - CompatibilityRequirements + - ClusterAPI + type: string + type: array + x-kubernetes-list-type: atomic + type: object + conditionalUpdates: + description: |- + conditionalUpdates contains the list of updates that may be + recommended for this cluster if it meets specific required + conditions. Consumers interested in the set of updates that are + actually recommended for this cluster should use + availableUpdates. This list may be empty if no updates are + recommended, if the update service is unavailable, or if an empty + or invalid channel has been specified. + items: + description: |- + ConditionalUpdate represents an update which is recommended to some + clusters on the version the current cluster is reconciling, but which + may not be recommended for the current cluster. + properties: + conditions: + description: |- + conditions represents the observations of the conditional update's + current status. Known types are: + * Recommended, for whether the update is recommended for the current cluster. + items: + description: Condition contains details for one aspect of + the current state of this API Resource. + properties: + lastTransitionTime: + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, + Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + release: + description: release is the target of the update. + properties: + channels: + description: |- + channels is the set of Cincinnati channels to which the release + currently belongs. + items: + type: string + type: array + x-kubernetes-list-type: set + image: + description: |- + image is a container image location that contains the update. When this + field is part of spec, image is optional if version is specified and the + availableUpdates field contains a matching version. + type: string + url: + description: |- + url contains information about this release. This URL is set by + the 'url' metadata property on a release or the metadata returned by + the update API and should be displayed as a link in user + interfaces. The URL field may not be set for test or nightly + releases. + type: string + version: + description: |- + version is a semantic version identifying the update version. When this + field is part of spec, version is optional if image is specified. + type: string + required: + - image + - version + type: object + risks: + description: |- + risks represents the range of issues associated with + updating to the target release. The cluster-version + operator will evaluate all entries, and only recommend the + update if there is at least one entry and all entries + recommend the update. + items: + description: |- + ConditionalUpdateRisk represents a reason and cluster-state + for not recommending a conditional update. + properties: + matchingRules: + description: |- + matchingRules is a slice of conditions for deciding which + clusters match the risk and which do not. The slice is + ordered by decreasing precedence. The cluster-version + operator will walk the slice in order, and stop after the + first it can successfully evaluate. If no condition can be + successfully evaluated, the update will not be recommended. + items: + description: |- + ClusterCondition is a union of typed cluster conditions. The 'type' + property determines which of the type-specific properties are relevant. + When evaluated on a cluster, the condition may match, not match, or + fail to evaluate. + properties: + promql: + description: promql represents a cluster condition + based on PromQL. + properties: + promql: + description: |- + promql is a PromQL query classifying clusters. This query + query should return a 1 in the match case and a 0 in the + does-not-match case. Queries which return no time + series, or which return values besides 0 or 1, are + evaluation failures. + type: string + required: + - promql + type: object + type: + description: |- + type represents the cluster-condition type. This defines + the members and semantics of any additional properties. + enum: + - Always + - PromQL + type: string + required: + - type + type: object + minItems: 1 + type: array + x-kubernetes-list-type: atomic + message: + description: |- + message provides additional information about the risk of + updating, in the event that matchingRules match the cluster + state. This is only to be consumed by humans. It may + contain Line Feed characters (U+000A), which should be + rendered as new lines. + minLength: 1 + type: string + name: + description: |- + name is the CamelCase reason for not recommending a + conditional update, in the event that matchingRules match the + cluster state. + minLength: 1 + type: string + url: + description: url contains information about this risk. + format: uri + minLength: 1 + type: string + required: + - matchingRules + - message + - name + - url + type: object + maxItems: 200 + minItems: 1 + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + required: + - release + - risks + type: object + maxItems: 500 + type: array + x-kubernetes-list-type: atomic + conditions: + description: |- + conditions provides information about the cluster version. The condition + "Available" is set to true if the desiredUpdate has been reached. The + condition "Progressing" is set to true if an update is being applied. + The condition "Degraded" is set to true if an update is currently blocked + by a temporary or permanent error. Conditions are only valid for the + current desiredUpdate when metadata.generation is equal to + status.generation. + items: + description: |- + ClusterOperatorStatusCondition represents the state of the operator's + managed and monitored components. + properties: + lastTransitionTime: + description: lastTransitionTime is the time of the last update + to the current status property. + format: date-time + type: string + message: + description: |- + message provides additional information about the current condition. + This is only to be consumed by humans. It may contain Line Feed + characters (U+000A), which should be rendered as new lines. + type: string + reason: + description: reason is the CamelCase reason for the condition's + current status. + type: string + status: + description: status of the condition, one of True, False, Unknown. + type: string + type: + description: type specifies the aspect reported by this condition. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + desired: + description: |- + desired is the version that the cluster is reconciling towards. + If the cluster is not yet fully initialized desired will be set + with the information available, which may be an image or a tag. + properties: + channels: + description: |- + channels is the set of Cincinnati channels to which the release + currently belongs. + items: + type: string + type: array + x-kubernetes-list-type: set + image: + description: |- + image is a container image location that contains the update. When this + field is part of spec, image is optional if version is specified and the + availableUpdates field contains a matching version. + type: string + url: + description: |- + url contains information about this release. This URL is set by + the 'url' metadata property on a release or the metadata returned by + the update API and should be displayed as a link in user + interfaces. The URL field may not be set for test or nightly + releases. + type: string + version: + description: |- + version is a semantic version identifying the update version. When this + field is part of spec, version is optional if image is specified. + type: string + required: + - image + - version + type: object + history: + description: |- + history contains a list of the most recent versions applied to the cluster. + This value may be empty during cluster startup, and then will be updated + when a new update is being applied. The newest update is first in the + list and it is ordered by recency. Updates in the history have state + Completed if the rollout completed - if an update was failing or halfway + applied the state will be Partial. Only a limited amount of update history + is preserved. + items: + description: UpdateHistory is a single attempted update to the cluster. + properties: + acceptedRisks: + description: |- + acceptedRisks records risks which were accepted to initiate the update. + For example, it may mention an Upgradeable=False or missing signature + that was overridden via desiredUpdate.force, or an update that was + initiated despite not being in the availableUpdates set of recommended + update targets. + type: string + completionTime: + description: |- + completionTime, if set, is when the update was fully applied. The update + that is currently being applied will have a null completion time. + Completion time will always be set for entries that are not the current + update (usually to the started time of the next update). + format: date-time + nullable: true + type: string + image: + description: |- + image is a container image location that contains the update. This value + is always populated. + type: string + startedTime: + description: startedTime is the time at which the update was + started. + format: date-time + type: string + state: + description: |- + state reflects whether the update was fully applied. The Partial state + indicates the update is not fully applied, while the Completed state + indicates the update was successfully rolled out at least once (all + parts of the update successfully applied). + type: string + verified: + description: |- + verified indicates whether the provided update was properly verified + before it was installed. If this is false the cluster may not be trusted. + Verified does not cover upgradeable checks that depend on the cluster + state at the time when the update target was accepted. + type: boolean + version: + description: |- + version is a semantic version identifying the update version. If the + requested image does not define a version, or if a failure occurs + retrieving the image, this value may be empty. + type: string + required: + - completionTime + - image + - startedTime + - state + - verified + type: object + type: array + x-kubernetes-list-type: atomic + observedGeneration: + description: |- + observedGeneration reports which version of the spec is being synced. + If this value is not equal to metadata.generation, then the desired + and conditions fields may represent a previous version. + format: int64 + type: integer + versionHash: + description: |- + versionHash is a fingerprint of the content that the cluster will be + updated with. It is used by the operator to avoid unnecessary work + and is for internal use only. + type: string + required: + - availableUpdates + - desired + - observedGeneration + - versionHash + type: object + required: + - spec + type: object + x-kubernetes-validations: + - message: the `marketplace` capability requires the `OperatorLifecycleManager` + capability, which is neither explicitly or implicitly enabled in this + cluster, please enable the `OperatorLifecycleManager` capability + rule: 'has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities) + && self.spec.capabilities.baselineCapabilitySet == ''None'' && ''marketplace'' + in self.spec.capabilities.additionalEnabledCapabilities ? ''OperatorLifecycleManager'' + in self.spec.capabilities.additionalEnabledCapabilities || (has(self.status) + && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) + && ''OperatorLifecycleManager'' in self.status.capabilities.enabledCapabilities) + : true' + served: true + storage: true + subresources: + status: {} diff --git a/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/ClusterUpdateAcceptRisks.yaml b/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/ClusterUpdateAcceptRisks.yaml index 5fac37d5755..53debf4816b 100644 --- a/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/ClusterUpdateAcceptRisks.yaml +++ b/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/ClusterUpdateAcceptRisks.yaml @@ -980,15 +980,6 @@ spec: && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) && ''OperatorLifecycleManager'' in self.status.capabilities.enabledCapabilities) : true' - - message: the `ClusterAPI` capability requires the `CompatibilityRequirements` - capability, which is neither explicitly or implicitly enabled in this - cluster, please enable the `CompatibilityRequirements` capability - rule: 'has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities) - && ''ClusterAPI'' in self.spec.capabilities.additionalEnabledCapabilities - ? ''CompatibilityRequirements'' in self.spec.capabilities.additionalEnabledCapabilities - || (has(self.status) && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) - && ''CompatibilityRequirements'' in self.status.capabilities.enabledCapabilities) - : true' served: true storage: true subresources: diff --git a/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/ClusterUpdatePreflight.yaml b/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/ClusterUpdatePreflight.yaml index 4df366aff2d..0f8dafbc678 100644 --- a/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/ClusterUpdatePreflight.yaml +++ b/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/ClusterUpdatePreflight.yaml @@ -722,15 +722,6 @@ spec: && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) && ''OperatorLifecycleManager'' in self.status.capabilities.enabledCapabilities) : true' - - message: the `ClusterAPI` capability requires the `CompatibilityRequirements` - capability, which is neither explicitly or implicitly enabled in this - cluster, please enable the `CompatibilityRequirements` capability - rule: 'has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities) - && ''ClusterAPI'' in self.spec.capabilities.additionalEnabledCapabilities - ? ''CompatibilityRequirements'' in self.spec.capabilities.additionalEnabledCapabilities - || (has(self.status) && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) - && ''CompatibilityRequirements'' in self.status.capabilities.enabledCapabilities) - : true' served: true storage: true subresources: diff --git a/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/ImageStreamImportMode.yaml b/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/ImageStreamImportMode.yaml index 351e1a749ac..8ffc08f0ed4 100644 --- a/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/ImageStreamImportMode.yaml +++ b/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/ImageStreamImportMode.yaml @@ -738,15 +738,6 @@ spec: && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) && ''OperatorLifecycleManager'' in self.status.capabilities.enabledCapabilities) : true' - - message: the `ClusterAPI` capability requires the `CompatibilityRequirements` - capability, which is neither explicitly or implicitly enabled in this - cluster, please enable the `CompatibilityRequirements` capability - rule: 'has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities) - && ''ClusterAPI'' in self.spec.capabilities.additionalEnabledCapabilities - ? ''CompatibilityRequirements'' in self.spec.capabilities.additionalEnabledCapabilities - || (has(self.status) && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) - && ''CompatibilityRequirements'' in self.status.capabilities.enabledCapabilities) - : true' served: true storage: true subresources: diff --git a/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/SignatureStores.yaml b/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/SignatureStores.yaml index d3b5121dbbd..2eab9933ba5 100644 --- a/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/SignatureStores.yaml +++ b/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/SignatureStores.yaml @@ -756,15 +756,6 @@ spec: && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) && ''OperatorLifecycleManager'' in self.status.capabilities.enabledCapabilities) : true' - - message: the `ClusterAPI` capability requires the `CompatibilityRequirements` - capability, which is neither explicitly or implicitly enabled in this - cluster, please enable the `CompatibilityRequirements` capability - rule: 'has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities) - && ''ClusterAPI'' in self.spec.capabilities.additionalEnabledCapabilities - ? ''CompatibilityRequirements'' in self.spec.capabilities.additionalEnabledCapabilities - || (has(self.status) && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) - && ''CompatibilityRequirements'' in self.status.capabilities.enabledCapabilities) - : true' served: true storage: true subresources: