From d6c729befc48edbb8c2b30bcd99d12e5809d3907 Mon Sep 17 00:00:00 2001 From: Ricardo Pchevuzinske Katz Date: Mon, 15 Jun 2026 14:34:55 -0300 Subject: [PATCH 1/2] NE-2777: Implement featuregate GatewayAPIManagementMode --- features.md | 1 + features/features.go | 8 ++++++++ 2 files changed, 9 insertions(+) diff --git a/features.md b/features.md index b7ee33cfcec..7db2c7f2cac 100644 --- a/features.md +++ b/features.md @@ -65,6 +65,7 @@ | GCPCustomAPIEndpoints| | | Enabled | Enabled | | | Enabled | Enabled | | GCPCustomAPIEndpointsInstall| | | Enabled | Enabled | | | Enabled | Enabled | | GCPDualStackInstall| | | Enabled | Enabled | | | Enabled | Enabled | +| GatewayAPIManagementMode| | | Enabled | Enabled | | | Enabled | Enabled | | HyperShiftOnlyDynamicResourceAllocation| Enabled | | Enabled | | Enabled | | Enabled | | | ImageModeStatusReporting| | | Enabled | Enabled | | | Enabled | Enabled | | IngressControllerDynamicConfigurationManager| | | Enabled | Enabled | | | Enabled | Enabled | diff --git a/features/features.go b/features/features.go index de530fa66b0..7807353ca47 100644 --- a/features/features.go +++ b/features/features.go @@ -991,6 +991,14 @@ var ( enable(inDefault(), inOKD(), inDevPreviewNoUpgrade(), inTechPreviewNoUpgrade()). mustRegister() + FeatureGateGatewayAPIManagementMode = newFeatureGate("GatewayAPIManagementMode"). + reportProblemsToJiraComponent("Routing"). + contactPerson("miciah"). + productScope(ocpSpecific). + enhancementPR("https://github.com/openshift/enhancements/pull/2023"). + enable(inTechPreviewNoUpgrade(), inDevPreviewNoUpgrade()). + mustRegister() + FeatureGateTLSAdherence = newFeatureGate("TLSAdherence"). reportProblemsToJiraComponent("HPCASE / TLS Adherence"). contactPerson("joelanford"). From 652792d3a2db1c15c4cc67407af8b26d2d197597 Mon Sep 17 00:00:00 2001 From: Ricardo Pchevuzinske Katz Date: Mon, 15 Jun 2026 14:49:31 -0300 Subject: [PATCH 2/2] NE-2778: Implement ingress operator API --- .../generated_openapi/zz_generated.openapi.go | 276 ++++++++++++++++++ operator/v1alpha1/register.go | 2 + .../GatewayAPIManagementMode.yaml | 156 ++++++++++ operator/v1alpha1/types_ingress.go | 169 +++++++++++ .../0000_50_ingress_02_ingresses.crd.yaml | 256 ++++++++++++++++ operator/v1alpha1/zz_generated.deepcopy.go | 112 +++++++ ..._generated.featuregated-crd-manifests.yaml | 23 ++ .../GatewayAPIManagementMode.yaml | 256 ++++++++++++++++ .../zz_generated.swagger_doc_generated.go | 47 +++ .../featureGate-4-10-Hypershift-Default.yaml | 3 + ...e-4-10-Hypershift-DevPreviewNoUpgrade.yaml | 3 + .../featureGate-4-10-Hypershift-OKD.yaml | 3 + ...-4-10-Hypershift-TechPreviewNoUpgrade.yaml | 3 + ...eatureGate-4-10-SelfManagedHA-Default.yaml | 3 + ...-10-SelfManagedHA-DevPreviewNoUpgrade.yaml | 3 + .../featureGate-4-10-SelfManagedHA-OKD.yaml | 3 + ...10-SelfManagedHA-TechPreviewNoUpgrade.yaml | 3 + 17 files changed, 1321 insertions(+) create mode 100644 operator/v1alpha1/tests/ingresses.operator.openshift.io/GatewayAPIManagementMode.yaml create mode 100644 operator/v1alpha1/types_ingress.go create mode 100644 operator/v1alpha1/zz_generated.crd-manifests/0000_50_ingress_02_ingresses.crd.yaml create mode 100644 operator/v1alpha1/zz_generated.featuregated-crd-manifests/ingresses.operator.openshift.io/GatewayAPIManagementMode.yaml diff --git a/openapi/generated_openapi/zz_generated.openapi.go b/openapi/generated_openapi/zz_generated.openapi.go index 40482f22c25..c86fce4dce9 100644 --- a/openapi/generated_openapi/zz_generated.openapi.go +++ b/openapi/generated_openapi/zz_generated.openapi.go @@ -1284,11 +1284,16 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA "github.com/openshift/api/operator/v1alpha1.EtcdBackupList": schema_openshift_api_operator_v1alpha1_EtcdBackupList(ref), "github.com/openshift/api/operator/v1alpha1.EtcdBackupSpec": schema_openshift_api_operator_v1alpha1_EtcdBackupSpec(ref), "github.com/openshift/api/operator/v1alpha1.EtcdBackupStatus": schema_openshift_api_operator_v1alpha1_EtcdBackupStatus(ref), + "github.com/openshift/api/operator/v1alpha1.GatewayAPIIngressConfig": schema_openshift_api_operator_v1alpha1_GatewayAPIIngressConfig(ref), "github.com/openshift/api/operator/v1alpha1.GenerationHistory": schema_openshift_api_operator_v1alpha1_GenerationHistory(ref), "github.com/openshift/api/operator/v1alpha1.GenericOperatorConfig": schema_openshift_api_operator_v1alpha1_GenericOperatorConfig(ref), "github.com/openshift/api/operator/v1alpha1.ImageContentSourcePolicy": schema_openshift_api_operator_v1alpha1_ImageContentSourcePolicy(ref), "github.com/openshift/api/operator/v1alpha1.ImageContentSourcePolicyList": schema_openshift_api_operator_v1alpha1_ImageContentSourcePolicyList(ref), "github.com/openshift/api/operator/v1alpha1.ImageContentSourcePolicySpec": schema_openshift_api_operator_v1alpha1_ImageContentSourcePolicySpec(ref), + "github.com/openshift/api/operator/v1alpha1.Ingress": schema_openshift_api_operator_v1alpha1_Ingress(ref), + "github.com/openshift/api/operator/v1alpha1.IngressList": schema_openshift_api_operator_v1alpha1_IngressList(ref), + "github.com/openshift/api/operator/v1alpha1.IngressSpec": schema_openshift_api_operator_v1alpha1_IngressSpec(ref), + "github.com/openshift/api/operator/v1alpha1.IngressStatus": schema_openshift_api_operator_v1alpha1_IngressStatus(ref), "github.com/openshift/api/operator/v1alpha1.LoggingConfig": schema_openshift_api_operator_v1alpha1_LoggingConfig(ref), "github.com/openshift/api/operator/v1alpha1.NodeStatus": schema_openshift_api_operator_v1alpha1_NodeStatus(ref), "github.com/openshift/api/operator/v1alpha1.OLM": schema_openshift_api_operator_v1alpha1_OLM(ref), @@ -65349,6 +65354,27 @@ func schema_openshift_api_operator_v1alpha1_EtcdBackupStatus(ref common.Referenc } } +func schema_openshift_api_operator_v1alpha1_GatewayAPIIngressConfig(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "GatewayAPIIngressConfig holds configuration for Gateway API integration in the Cluster Ingress Operator.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "managementMode": { + SchemaProps: spec.SchemaProps{ + Description: "managementMode specifies how the Cluster Ingress Operator manages Gateway API Custom Resource Definitions (CRDs) and the associated Gateway controller stack.\n\nWhen set to \"Managed\" (the default), CIO installs, owns, and upgrades the Gateway API CRDs, protects them with a Validating Admission Policy, and deploys the full Gateway controller stack (the Istio instance deployed by CIO, GatewayClass, Gateway resources). This is the only fully supported configuration.\n\nWhen set to \"Unmanaged\", CIO does not install or manage Gateway API CRDs and does not deploy the Gateway controller stack. The cluster administrator or a third-party product is responsible for providing their own CRDs and Gateway controller. CIO reports observational status only. This mode also serves as a signal to layered products that the installed CRDs may not be the ones supported by the OpenShift Gateway API implementation.\n\nWhen omitted, the field defaults to \"Managed\".", + Default: "Managed", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + } +} + func schema_openshift_api_operator_v1alpha1_GenerationHistory(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -65583,6 +65609,256 @@ func schema_openshift_api_operator_v1alpha1_ImageContentSourcePolicySpec(ref com } } +func schema_openshift_api_operator_v1alpha1_Ingress(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "Ingress contains configuration options specific to the Ingress Operator itself.\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "kind": { + SchemaProps: spec.SchemaProps{ + Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + Type: []string{"string"}, + Format: "", + }, + }, + "apiVersion": { + SchemaProps: spec.SchemaProps{ + Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + Type: []string{"string"}, + Format: "", + }, + }, + "metadata": { + SchemaProps: spec.SchemaProps{ + Description: "metadata is the standard object's metadata.", + Default: map[string]interface{}{}, + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), + }, + }, + "spec": { + SchemaProps: spec.SchemaProps{ + Description: "spec holds user settable values for configuration.", + Default: map[string]interface{}{}, + Ref: ref("github.com/openshift/api/operator/v1alpha1.IngressSpec"), + }, + }, + "status": { + SchemaProps: spec.SchemaProps{ + Description: "status holds observed values from the cluster.", + Default: map[string]interface{}{}, + Ref: ref("github.com/openshift/api/operator/v1alpha1.IngressStatus"), + }, + }, + }, + Required: []string{"spec"}, + }, + }, + Dependencies: []string{ + "github.com/openshift/api/operator/v1alpha1.IngressSpec", "github.com/openshift/api/operator/v1alpha1.IngressStatus", metav1.ObjectMeta{}.OpenAPIModelName()}, + } +} + +func schema_openshift_api_operator_v1alpha1_IngressList(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "IngressList is a collection of Ingresses.\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "kind": { + SchemaProps: spec.SchemaProps{ + Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + Type: []string{"string"}, + Format: "", + }, + }, + "apiVersion": { + SchemaProps: spec.SchemaProps{ + Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + Type: []string{"string"}, + Format: "", + }, + }, + "metadata": { + SchemaProps: spec.SchemaProps{ + Description: "metadata is the standard list's metadata.", + Default: map[string]interface{}{}, + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), + }, + }, + "items": { + SchemaProps: spec.SchemaProps{ + Description: "items is a list of Ingresses.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("github.com/openshift/api/operator/v1alpha1.Ingress"), + }, + }, + }, + }, + }, + }, + Required: []string{"metadata"}, + }, + }, + Dependencies: []string{ + "github.com/openshift/api/operator/v1alpha1.Ingress", metav1.ListMeta{}.OpenAPIModelName()}, + } +} + +func schema_openshift_api_operator_v1alpha1_IngressSpec(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "IngressSpec defines the desired configuration of the cluster-ingress-operator", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "managementState": { + SchemaProps: spec.SchemaProps{ + Description: "managementState indicates whether and how the operator should manage the component", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "logLevel": { + SchemaProps: spec.SchemaProps{ + Description: "logLevel is an intent based logging for an overall component. It does not give fine grained control, but it is a simple way to manage coarse grained logging choices that operators have to interpret for their operands.\n\nValid values are: \"Normal\", \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\".", + Type: []string{"string"}, + Format: "", + }, + }, + "operatorLogLevel": { + SchemaProps: spec.SchemaProps{ + Description: "operatorLogLevel is an intent based logging for the operator itself. It does not give fine grained control, but it is a simple way to manage coarse grained logging choices that operators have to interpret for themselves.\n\nValid values are: \"Normal\", \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\".", + Type: []string{"string"}, + Format: "", + }, + }, + "unsupportedConfigOverrides": { + SchemaProps: spec.SchemaProps{ + Description: "unsupportedConfigOverrides overrides the final configuration that was computed by the operator. Red Hat does not support the use of this field. Misuse of this field could lead to unexpected behavior or conflict with other configuration options. Seek guidance from the Red Hat support before using this field. Use of this property blocks cluster upgrades, it must be removed before upgrading your cluster.", + Ref: ref(runtime.RawExtension{}.OpenAPIModelName()), + }, + }, + "observedConfig": { + SchemaProps: spec.SchemaProps{ + Description: "observedConfig holds a sparse config that controller has observed from the cluster state. It exists in spec because it is an input to the level for the operator", + Ref: ref(runtime.RawExtension{}.OpenAPIModelName()), + }, + }, + "gatewayAPI": { + SchemaProps: spec.SchemaProps{ + Description: "gatewayAPI holds configuration for Gateway API integration, including how the Cluster Ingress Operator manages Gateway API CRDs and the Gateway controller stack.\n\nWhen omitted, the operator uses the default Gateway API configuration, which sets managementMode to \"Managed\".", + Default: map[string]interface{}{}, + Ref: ref("github.com/openshift/api/operator/v1alpha1.GatewayAPIIngressConfig"), + }, + }, + }, + Required: []string{"managementState"}, + }, + }, + Dependencies: []string{ + "github.com/openshift/api/operator/v1alpha1.GatewayAPIIngressConfig", runtime.RawExtension{}.OpenAPIModelName()}, + } +} + +func schema_openshift_api_operator_v1alpha1_IngressStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "IngressStatus describe the current state of cluster-ingress-operator", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "observedGeneration": { + SchemaProps: spec.SchemaProps{ + Description: "observedGeneration is the last generation change you've dealt with", + Type: []string{"integer"}, + Format: "int64", + }, + }, + "conditions": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "type", + }, + "x-kubernetes-list-type": "map", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "conditions is a list of conditions and their status", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("github.com/openshift/api/operator/v1.OperatorCondition"), + }, + }, + }, + }, + }, + "version": { + SchemaProps: spec.SchemaProps{ + Description: "version is the level this availability applies to", + Type: []string{"string"}, + Format: "", + }, + }, + "readyReplicas": { + SchemaProps: spec.SchemaProps{ + Description: "readyReplicas indicates how many replicas are ready and at the desired state", + Default: 0, + Type: []string{"integer"}, + Format: "int32", + }, + }, + "latestAvailableRevision": { + SchemaProps: spec.SchemaProps{ + Description: "latestAvailableRevision is the deploymentID of the most recent deployment", + Type: []string{"integer"}, + Format: "int32", + }, + }, + "generations": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "group", + "resource", + "namespace", + "name", + }, + "x-kubernetes-list-type": "map", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "generations are used to determine when an item needs to be reconciled or has changed in a way that needs a reaction.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("github.com/openshift/api/operator/v1.GenerationStatus"), + }, + }, + }, + }, + }, + }, + }, + }, + Dependencies: []string{ + "github.com/openshift/api/operator/v1.GenerationStatus", "github.com/openshift/api/operator/v1.OperatorCondition"}, + } +} + func schema_openshift_api_operator_v1alpha1_LoggingConfig(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ diff --git a/operator/v1alpha1/register.go b/operator/v1alpha1/register.go index ec19cba3a94..099f1f7557d 100644 --- a/operator/v1alpha1/register.go +++ b/operator/v1alpha1/register.go @@ -43,6 +43,8 @@ func addKnownTypes(scheme *runtime.Scheme) error { &ClusterVersionOperatorList{}, &ClusterAPI{}, &ClusterAPIList{}, + &Ingress{}, + &IngressList{}, ) return nil diff --git a/operator/v1alpha1/tests/ingresses.operator.openshift.io/GatewayAPIManagementMode.yaml b/operator/v1alpha1/tests/ingresses.operator.openshift.io/GatewayAPIManagementMode.yaml new file mode 100644 index 00000000000..2ca5406e4e0 --- /dev/null +++ b/operator/v1alpha1/tests/ingresses.operator.openshift.io/GatewayAPIManagementMode.yaml @@ -0,0 +1,156 @@ +apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this +name: "Ingress" +crdName: ingresses.operator.openshift.io +featureGate: GatewayAPIManagementMode +tests: + onCreate: + - name: Should be able to create a minimal Ingress with default managementMode + initial: | + apiVersion: operator.openshift.io/v1alpha1 + kind: Ingress + metadata: + name: cluster + spec: {} + expected: | + apiVersion: operator.openshift.io/v1alpha1 + kind: Ingress + metadata: + name: cluster + spec: {} + - name: Should not be able to create an Ingress with a custom name + initial: | + apiVersion: operator.openshift.io/v1alpha1 + kind: Ingress + metadata: + name: custom-name + spec: {} + expectedError: "Invalid value: \"object\": ingress is a singleton; the .metadata.name field must be 'cluster'" + - name: Should be able to create an Ingress with managementMode set to Managed + initial: | + apiVersion: operator.openshift.io/v1alpha1 + kind: Ingress + metadata: + name: cluster + spec: + gatewayAPI: + managementMode: Managed + expected: | + apiVersion: operator.openshift.io/v1alpha1 + kind: Ingress + metadata: + name: cluster + spec: + gatewayAPI: + managementMode: Managed + - name: Should be able to create an Ingress with managementMode set to Unmanaged + initial: | + apiVersion: operator.openshift.io/v1alpha1 + kind: Ingress + metadata: + name: cluster + spec: + gatewayAPI: + managementMode: Unmanaged + expected: | + apiVersion: operator.openshift.io/v1alpha1 + kind: Ingress + metadata: + name: cluster + spec: + gatewayAPI: + managementMode: Unmanaged + - name: Should not be able to create an Ingress with an invalid managementMode + initial: | + apiVersion: operator.openshift.io/v1alpha1 + kind: Ingress + metadata: + name: cluster + spec: + gatewayAPI: + managementMode: InvalidMode + expectedError: "spec.gatewayAPI.managementMode: Unsupported value: \"InvalidMode\": supported values: \"Managed\", \"Unmanaged\"" + - name: Should default managementMode to Managed when gatewayAPI is specified without it + initial: | + apiVersion: operator.openshift.io/v1alpha1 + kind: Ingress + metadata: + name: cluster + spec: + gatewayAPI: {} + expected: | + apiVersion: operator.openshift.io/v1alpha1 + kind: Ingress + metadata: + name: cluster + spec: + gatewayAPI: + managementMode: Managed + onUpdate: + - name: Should be able to update managementMode from Managed to Unmanaged + initial: | + apiVersion: operator.openshift.io/v1alpha1 + kind: Ingress + metadata: + name: cluster + spec: + gatewayAPI: + managementMode: Managed + updated: | + apiVersion: operator.openshift.io/v1alpha1 + kind: Ingress + metadata: + name: cluster + spec: + gatewayAPI: + managementMode: Unmanaged + expected: | + apiVersion: operator.openshift.io/v1alpha1 + kind: Ingress + metadata: + name: cluster + spec: + gatewayAPI: + managementMode: Unmanaged + - name: Should be able to update managementMode from Unmanaged to Managed + initial: | + apiVersion: operator.openshift.io/v1alpha1 + kind: Ingress + metadata: + name: cluster + spec: + gatewayAPI: + managementMode: Unmanaged + updated: | + apiVersion: operator.openshift.io/v1alpha1 + kind: Ingress + metadata: + name: cluster + spec: + gatewayAPI: + managementMode: Managed + expected: | + apiVersion: operator.openshift.io/v1alpha1 + kind: Ingress + metadata: + name: cluster + spec: + gatewayAPI: + managementMode: Managed + - name: Should not be able to update managementMode to an invalid value + initial: | + apiVersion: operator.openshift.io/v1alpha1 + kind: Ingress + metadata: + name: cluster + spec: + gatewayAPI: + managementMode: Managed + updated: | + apiVersion: operator.openshift.io/v1alpha1 + kind: Ingress + metadata: + name: cluster + spec: + gatewayAPI: + managementMode: InvalidMode + expectedError: "spec.gatewayAPI.managementMode: Unsupported value: \"InvalidMode\": supported values: \"Managed\", \"Unmanaged\"" diff --git a/operator/v1alpha1/types_ingress.go b/operator/v1alpha1/types_ingress.go new file mode 100644 index 00000000000..441095dd20d --- /dev/null +++ b/operator/v1alpha1/types_ingress.go @@ -0,0 +1,169 @@ +package v1alpha1 + +import ( + v1 "github.com/openshift/api/operator/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +// +genclient +// +genclient:nonNamespaced +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +// Ingress contains configuration options specific to the Ingress Operator itself. +// +// Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. +// +openshift:compatibility-gen:level=4 +// +openshift:api-approved.openshift.io= +// +openshift:file-pattern=cvoRunLevel=0000_50,operatorName=ingress,operatorOrdering=02 +// +kubebuilder:object:root=true +// +kubebuilder:resource:path=ingresses,scope=Cluster +// +kubebuilder:subresource:status +// +openshift:capability=Ingress +// +openshift:enable:FeatureGate=GatewayAPIManagementMode +// +kubebuilder:validation:XValidation:rule="self.metadata.name == 'cluster'",message="ingress is a singleton; the .metadata.name field must be 'cluster'" +type Ingress struct { + metav1.TypeMeta `json:",inline"` + + // metadata is the standard object's metadata. + // +optional + metav1.ObjectMeta `json:"metadata,omitempty"` + + // spec holds user settable values for configuration. + // +required + Spec IngressSpec `json:"spec,omitempty,omitzero"` + + // status holds observed values from the cluster. + // +optional + Status IngressStatus `json:"status,omitempty,omitzero"` +} + +// IngressSpec defines the desired configuration of the cluster-ingress-operator +// +kubebuilder:validation:MinProperties=1 +type IngressSpec struct { + // Inline OperatorSpec for standard operator fields + // (managementState, logLevel, etc.) + v1.OperatorSpec `json:",inline"` + + // gatewayAPI holds configuration for Gateway API + // integration, including how the Cluster Ingress Operator + // manages Gateway API CRDs and the Gateway controller stack. + // + // When omitted, the operator uses the default Gateway API + // configuration, which sets managementMode to "Managed". + // + // +optional + // +openshift:enable:FeatureGate=GatewayAPIManagementMode + GatewayAPI GatewayAPIIngressConfig `json:"gatewayAPI,omitempty,omitzero"` +} + +// IngressStatus describe the current state of cluster-ingress-operator +// +kubebuilder:validation:MinProperties=0 +type IngressStatus struct { + // Inline OperatorStatus for standard operator status fields + // (conditions, version, observedGeneration, etc.). + // conditions holds a list of conditions representing the + // operator's current state. Gateway API CRD management + // conditions are reported here with the "GatewayAPI" prefix: + // + // "GatewayAPICRDsManaged" indicates whether CIO is actively + // managing Gateway API CRDs: + // - status: True, reason: "ManagedByCIO" — CIO is + // installing, protecting (via VAP), and upgrading CRDs. + // - status: False, reason: "Unmanaged" — the administrator + // chose Unmanaged mode; CIO does not manage CRDs or the + // Gateway controller stack. + // + // "GatewayAPICRDsPresent" indicates whether Gateway API CRDs + // exist on the cluster: + // - status: True, reason: "CRDsFound" — Gateway API CRDs + // are present on the cluster. + // - status: False, reason: "CRDsNotFound" — Gateway API + // CRDs are not present on the cluster. + // + // "GatewayAPICRDsCompliant" indicates whether the installed + // CRDs match the version expected by this CIO release: + // - status: True, reason: "VersionMatch" — installed CRDs + // match the expected version. + // - status: False, reason: "VersionMismatch" — installed + // CRDs do not match the expected version. The message + // includes expected and actual versions and a pointer + // to where valid manifests can be obtained. + // - status: Unknown, reason: "NotApplicable" — compliance + // check is not applicable (e.g., Unmanaged mode with no + // CRDs present). + v1.OperatorStatus `json:",inline"` +} + +// GatewayAPIManagementMode describes how the Cluster Ingress +// Operator manages Gateway API Custom Resource Definitions. +// +// +kubebuilder:validation:Enum=Managed;Unmanaged +type GatewayAPIManagementMode string + +const ( + // GatewayAPIManagementModeManaged means CIO installs, owns, + // protects (via VAP), and upgrades the Gateway API CRDs. + // CIO also deploys the full Gateway controller stack (the + // Istio instance deployed by CIO, GatewayClass, Gateway). + // This is the default mode and the only fully supported + // configuration. + GatewayAPIManagementModeManaged GatewayAPIManagementMode = "Managed" + + // GatewayAPIManagementModeUnmanaged means CIO does NOT + // install or manage Gateway API CRDs and does NOT deploy + // the Gateway controller stack. The customer or a + // third-party product is responsible for bringing their own + // CRDs and Gateway controller. CIO reports observational + // status only. This mode signals to layered products that + // the installed CRDs may not be the ones supported by the + // OpenShift Gateway API implementation. + GatewayAPIManagementModeUnmanaged GatewayAPIManagementMode = "Unmanaged" +) + +// GatewayAPIIngressConfig holds configuration for Gateway API +// integration in the Cluster Ingress Operator. +// +kubebuilder:validation:MinProperties=1 +type GatewayAPIIngressConfig struct { + // managementMode specifies how the Cluster Ingress + // Operator manages Gateway API Custom Resource Definitions + // (CRDs) and the associated Gateway controller stack. + // + // When set to "Managed" (the default), CIO installs, owns, + // and upgrades the Gateway API CRDs, protects them with a + // Validating Admission Policy, and deploys the full Gateway + // controller stack (the Istio instance deployed by CIO, + // GatewayClass, Gateway resources). This is the only fully + // supported configuration. + // + // When set to "Unmanaged", CIO does not install or manage + // Gateway API CRDs and does not deploy the Gateway controller + // stack. The cluster administrator or a third-party product + // is responsible for providing their own CRDs and Gateway + // controller. CIO reports observational status only. This + // mode also serves as a signal to layered products that the + // installed CRDs may not be the ones supported by the + // OpenShift Gateway API implementation. + // + // When omitted, the field defaults to "Managed". + // + // +default="Managed" + // +optional + ManagementMode GatewayAPIManagementMode `json:"managementMode,omitempty"` +} + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +// IngressList is a collection of Ingresses. +// +// Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. +// +openshift:compatibility-gen:level=4 +type IngressList struct { + metav1.TypeMeta `json:",inline"` + + // metadata is the standard list's metadata. + metav1.ListMeta `json:"metadata"` + + // items is a list of Ingresses. + // +optional + Items []Ingress `json:"items,omitempty"` +} diff --git a/operator/v1alpha1/zz_generated.crd-manifests/0000_50_ingress_02_ingresses.crd.yaml b/operator/v1alpha1/zz_generated.crd-manifests/0000_50_ingress_02_ingresses.crd.yaml new file mode 100644 index 00000000000..54b77718083 --- /dev/null +++ b/operator/v1alpha1/zz_generated.crd-manifests/0000_50_ingress_02_ingresses.crd.yaml @@ -0,0 +1,256 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: + api.openshift.io/merged-by-featuregates: "true" + capability.openshift.io/name: Ingress + include.release.openshift.io/ibm-cloud-managed: "true" + include.release.openshift.io/self-managed-high-availability: "true" + release.openshift.io/feature-set: CustomNoUpgrade,DevPreviewNoUpgrade,TechPreviewNoUpgrade + name: ingresses.operator.openshift.io +spec: + group: operator.openshift.io + names: + kind: Ingress + listKind: IngressList + plural: ingresses + singular: ingress + scope: Cluster + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: |- + Ingress contains configuration options specific to the Ingress Operator itself. + + Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: spec holds user settable values for configuration. + minProperties: 1 + properties: + gatewayAPI: + description: |- + gatewayAPI holds configuration for Gateway API + integration, including how the Cluster Ingress Operator + manages Gateway API CRDs and the Gateway controller stack. + + When omitted, the operator uses the default Gateway API + configuration, which sets managementMode to "Managed". + minProperties: 1 + properties: + managementMode: + default: Managed + description: |- + managementMode specifies how the Cluster Ingress + Operator manages Gateway API Custom Resource Definitions + (CRDs) and the associated Gateway controller stack. + + When set to "Managed" (the default), CIO installs, owns, + and upgrades the Gateway API CRDs, protects them with a + Validating Admission Policy, and deploys the full Gateway + controller stack (the Istio instance deployed by CIO, + GatewayClass, Gateway resources). This is the only fully + supported configuration. + + When set to "Unmanaged", CIO does not install or manage + Gateway API CRDs and does not deploy the Gateway controller + stack. The cluster administrator or a third-party product + is responsible for providing their own CRDs and Gateway + controller. CIO reports observational status only. This + mode also serves as a signal to layered products that the + installed CRDs may not be the ones supported by the + OpenShift Gateway API implementation. + + When omitted, the field defaults to "Managed". + enum: + - Managed + - Unmanaged + type: string + type: object + logLevel: + default: Normal + description: |- + logLevel is an intent based logging for an overall component. It does not give fine grained control, but it is a + simple way to manage coarse grained logging choices that operators have to interpret for their operands. + + Valid values are: "Normal", "Debug", "Trace", "TraceAll". + Defaults to "Normal". + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll + type: string + managementState: + description: managementState indicates whether and how the operator + should manage the component + pattern: ^(Managed|Unmanaged|Force|Removed)$ + type: string + observedConfig: + description: |- + observedConfig holds a sparse config that controller has observed from the cluster state. It exists in spec because + it is an input to the level for the operator + nullable: true + type: object + x-kubernetes-preserve-unknown-fields: true + operatorLogLevel: + default: Normal + description: |- + operatorLogLevel is an intent based logging for the operator itself. It does not give fine grained control, but it is a + simple way to manage coarse grained logging choices that operators have to interpret for themselves. + + Valid values are: "Normal", "Debug", "Trace", "TraceAll". + Defaults to "Normal". + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll + type: string + unsupportedConfigOverrides: + description: |- + unsupportedConfigOverrides overrides the final configuration that was computed by the operator. + Red Hat does not support the use of this field. + Misuse of this field could lead to unexpected behavior or conflict with other configuration options. + Seek guidance from the Red Hat support before using this field. + Use of this property blocks cluster upgrades, it must be removed before upgrading your cluster. + nullable: true + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + status: + description: status holds observed values from the cluster. + minProperties: 0 + properties: + conditions: + description: conditions is a list of conditions and their status + items: + description: OperatorCondition is just the standard condition fields. + properties: + lastTransitionTime: + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + type: string + reason: + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + generations: + description: generations are used to determine when an item needs + to be reconciled or has changed in a way that needs a reaction. + items: + description: GenerationStatus keeps track of the generation for + a given resource so that decisions about forced updates can be + made. + properties: + group: + description: group is the group of the thing you're tracking + type: string + hash: + description: hash is an optional field set for resources without + generation that are content sensitive like secrets and configmaps + type: string + lastGeneration: + description: lastGeneration is the last generation of the workload + controller involved + format: int64 + type: integer + name: + description: name is the name of the thing you're tracking + type: string + namespace: + description: namespace is where the thing you're tracking is + type: string + resource: + description: resource is the resource type of the thing you're + tracking + type: string + required: + - group + - name + - namespace + - resource + type: object + type: array + x-kubernetes-list-map-keys: + - group + - resource + - namespace + - name + x-kubernetes-list-type: map + latestAvailableRevision: + description: latestAvailableRevision is the deploymentID of the most + recent deployment + format: int32 + type: integer + x-kubernetes-validations: + - message: must only increase + rule: self >= oldSelf + observedGeneration: + description: observedGeneration is the last generation change you've + dealt with + format: int64 + type: integer + readyReplicas: + description: readyReplicas indicates how many replicas are ready and + at the desired state + format: int32 + type: integer + version: + description: version is the level this availability applies to + type: string + type: object + required: + - spec + type: object + x-kubernetes-validations: + - message: ingress is a singleton; the .metadata.name field must be 'cluster' + rule: self.metadata.name == 'cluster' + served: true + storage: true + subresources: + status: {} diff --git a/operator/v1alpha1/zz_generated.deepcopy.go b/operator/v1alpha1/zz_generated.deepcopy.go index 3c3dc8e7a53..de4ec6e1ee9 100644 --- a/operator/v1alpha1/zz_generated.deepcopy.go +++ b/operator/v1alpha1/zz_generated.deepcopy.go @@ -469,6 +469,22 @@ func (in *EtcdBackupStatus) DeepCopy() *EtcdBackupStatus { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *GatewayAPIIngressConfig) DeepCopyInto(out *GatewayAPIIngressConfig) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GatewayAPIIngressConfig. +func (in *GatewayAPIIngressConfig) DeepCopy() *GatewayAPIIngressConfig { + if in == nil { + return nil + } + out := new(GatewayAPIIngressConfig) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *GenerationHistory) DeepCopyInto(out *GenerationHistory) { *out = *in @@ -597,6 +613,102 @@ func (in *ImageContentSourcePolicySpec) DeepCopy() *ImageContentSourcePolicySpec return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Ingress) DeepCopyInto(out *Ingress) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Ingress. +func (in *Ingress) DeepCopy() *Ingress { + if in == nil { + return nil + } + out := new(Ingress) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *Ingress) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IngressList) DeepCopyInto(out *IngressList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]Ingress, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressList. +func (in *IngressList) DeepCopy() *IngressList { + if in == nil { + return nil + } + out := new(IngressList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *IngressList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IngressSpec) DeepCopyInto(out *IngressSpec) { + *out = *in + in.OperatorSpec.DeepCopyInto(&out.OperatorSpec) + out.GatewayAPI = in.GatewayAPI + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressSpec. +func (in *IngressSpec) DeepCopy() *IngressSpec { + if in == nil { + return nil + } + out := new(IngressSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IngressStatus) DeepCopyInto(out *IngressStatus) { + *out = *in + in.OperatorStatus.DeepCopyInto(&out.OperatorStatus) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressStatus. +func (in *IngressStatus) DeepCopy() *IngressStatus { + if in == nil { + return nil + } + out := new(IngressStatus) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *LoggingConfig) DeepCopyInto(out *LoggingConfig) { *out = *in diff --git a/operator/v1alpha1/zz_generated.featuregated-crd-manifests.yaml b/operator/v1alpha1/zz_generated.featuregated-crd-manifests.yaml index 3ad442d9d84..2ac15b55d5b 100644 --- a/operator/v1alpha1/zz_generated.featuregated-crd-manifests.yaml +++ b/operator/v1alpha1/zz_generated.featuregated-crd-manifests.yaml @@ -90,6 +90,29 @@ imagecontentsourcepolicies.operator.openshift.io: TopLevelFeatureGates: [] Version: v1alpha1 +ingresses.operator.openshift.io: + Annotations: {} + ApprovedPRNumber: + CRDName: ingresses.operator.openshift.io + Capability: Ingress + Category: "" + FeatureGates: + - GatewayAPIManagementMode + FilenameOperatorName: ingress + FilenameOperatorOrdering: "02" + FilenameRunLevel: "0000_50" + GroupName: operator.openshift.io + HasStatus: true + KindName: Ingress + Labels: {} + PluralName: ingresses + PrinterColumns: [] + Scope: Cluster + ShortNames: null + TopLevelFeatureGates: + - GatewayAPIManagementMode + Version: v1alpha1 + olms.operator.openshift.io: Annotations: include.release.openshift.io/ibm-cloud-managed: "false" diff --git a/operator/v1alpha1/zz_generated.featuregated-crd-manifests/ingresses.operator.openshift.io/GatewayAPIManagementMode.yaml b/operator/v1alpha1/zz_generated.featuregated-crd-manifests/ingresses.operator.openshift.io/GatewayAPIManagementMode.yaml new file mode 100644 index 00000000000..e71aecf4e27 --- /dev/null +++ b/operator/v1alpha1/zz_generated.featuregated-crd-manifests/ingresses.operator.openshift.io/GatewayAPIManagementMode.yaml @@ -0,0 +1,256 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: + api.openshift.io/filename-cvo-runlevel: "0000_50" + api.openshift.io/filename-operator: ingress + api.openshift.io/filename-ordering: "02" + capability.openshift.io/name: Ingress + feature-gate.release.openshift.io/GatewayAPIManagementMode: "true" + name: ingresses.operator.openshift.io +spec: + group: operator.openshift.io + names: + kind: Ingress + listKind: IngressList + plural: ingresses + singular: ingress + scope: Cluster + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: |- + Ingress contains configuration options specific to the Ingress Operator itself. + + Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: spec holds user settable values for configuration. + minProperties: 1 + properties: + gatewayAPI: + description: |- + gatewayAPI holds configuration for Gateway API + integration, including how the Cluster Ingress Operator + manages Gateway API CRDs and the Gateway controller stack. + + When omitted, the operator uses the default Gateway API + configuration, which sets managementMode to "Managed". + minProperties: 1 + properties: + managementMode: + default: Managed + description: |- + managementMode specifies how the Cluster Ingress + Operator manages Gateway API Custom Resource Definitions + (CRDs) and the associated Gateway controller stack. + + When set to "Managed" (the default), CIO installs, owns, + and upgrades the Gateway API CRDs, protects them with a + Validating Admission Policy, and deploys the full Gateway + controller stack (the Istio instance deployed by CIO, + GatewayClass, Gateway resources). This is the only fully + supported configuration. + + When set to "Unmanaged", CIO does not install or manage + Gateway API CRDs and does not deploy the Gateway controller + stack. The cluster administrator or a third-party product + is responsible for providing their own CRDs and Gateway + controller. CIO reports observational status only. This + mode also serves as a signal to layered products that the + installed CRDs may not be the ones supported by the + OpenShift Gateway API implementation. + + When omitted, the field defaults to "Managed". + enum: + - Managed + - Unmanaged + type: string + type: object + logLevel: + default: Normal + description: |- + logLevel is an intent based logging for an overall component. It does not give fine grained control, but it is a + simple way to manage coarse grained logging choices that operators have to interpret for their operands. + + Valid values are: "Normal", "Debug", "Trace", "TraceAll". + Defaults to "Normal". + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll + type: string + managementState: + description: managementState indicates whether and how the operator + should manage the component + pattern: ^(Managed|Unmanaged|Force|Removed)$ + type: string + observedConfig: + description: |- + observedConfig holds a sparse config that controller has observed from the cluster state. It exists in spec because + it is an input to the level for the operator + nullable: true + type: object + x-kubernetes-preserve-unknown-fields: true + operatorLogLevel: + default: Normal + description: |- + operatorLogLevel is an intent based logging for the operator itself. It does not give fine grained control, but it is a + simple way to manage coarse grained logging choices that operators have to interpret for themselves. + + Valid values are: "Normal", "Debug", "Trace", "TraceAll". + Defaults to "Normal". + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll + type: string + unsupportedConfigOverrides: + description: |- + unsupportedConfigOverrides overrides the final configuration that was computed by the operator. + Red Hat does not support the use of this field. + Misuse of this field could lead to unexpected behavior or conflict with other configuration options. + Seek guidance from the Red Hat support before using this field. + Use of this property blocks cluster upgrades, it must be removed before upgrading your cluster. + nullable: true + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + status: + description: status holds observed values from the cluster. + minProperties: 0 + properties: + conditions: + description: conditions is a list of conditions and their status + items: + description: OperatorCondition is just the standard condition fields. + properties: + lastTransitionTime: + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + type: string + reason: + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + generations: + description: generations are used to determine when an item needs + to be reconciled or has changed in a way that needs a reaction. + items: + description: GenerationStatus keeps track of the generation for + a given resource so that decisions about forced updates can be + made. + properties: + group: + description: group is the group of the thing you're tracking + type: string + hash: + description: hash is an optional field set for resources without + generation that are content sensitive like secrets and configmaps + type: string + lastGeneration: + description: lastGeneration is the last generation of the workload + controller involved + format: int64 + type: integer + name: + description: name is the name of the thing you're tracking + type: string + namespace: + description: namespace is where the thing you're tracking is + type: string + resource: + description: resource is the resource type of the thing you're + tracking + type: string + required: + - group + - name + - namespace + - resource + type: object + type: array + x-kubernetes-list-map-keys: + - group + - resource + - namespace + - name + x-kubernetes-list-type: map + latestAvailableRevision: + description: latestAvailableRevision is the deploymentID of the most + recent deployment + format: int32 + type: integer + x-kubernetes-validations: + - message: must only increase + rule: self >= oldSelf + observedGeneration: + description: observedGeneration is the last generation change you've + dealt with + format: int64 + type: integer + readyReplicas: + description: readyReplicas indicates how many replicas are ready and + at the desired state + format: int32 + type: integer + version: + description: version is the level this availability applies to + type: string + type: object + required: + - spec + type: object + x-kubernetes-validations: + - message: ingress is a singleton; the .metadata.name field must be 'cluster' + rule: self.metadata.name == 'cluster' + served: true + storage: true + subresources: + status: {} diff --git a/operator/v1alpha1/zz_generated.swagger_doc_generated.go b/operator/v1alpha1/zz_generated.swagger_doc_generated.go index bf4117768d1..a5a3c80fcd2 100644 --- a/operator/v1alpha1/zz_generated.swagger_doc_generated.go +++ b/operator/v1alpha1/zz_generated.swagger_doc_generated.go @@ -351,6 +351,53 @@ func (RepositoryDigestMirrors) SwaggerDoc() map[string]string { return map_RepositoryDigestMirrors } +var map_GatewayAPIIngressConfig = map[string]string{ + "": "GatewayAPIIngressConfig holds configuration for Gateway API integration in the Cluster Ingress Operator.", + "managementMode": "managementMode specifies how the Cluster Ingress Operator manages Gateway API Custom Resource Definitions (CRDs) and the associated Gateway controller stack.\n\nWhen set to \"Managed\" (the default), CIO installs, owns, and upgrades the Gateway API CRDs, protects them with a Validating Admission Policy, and deploys the full Gateway controller stack (the Istio instance deployed by CIO, GatewayClass, Gateway resources). This is the only fully supported configuration.\n\nWhen set to \"Unmanaged\", CIO does not install or manage Gateway API CRDs and does not deploy the Gateway controller stack. The cluster administrator or a third-party product is responsible for providing their own CRDs and Gateway controller. CIO reports observational status only. This mode also serves as a signal to layered products that the installed CRDs may not be the ones supported by the OpenShift Gateway API implementation.\n\nWhen omitted, the field defaults to \"Managed\".", +} + +func (GatewayAPIIngressConfig) SwaggerDoc() map[string]string { + return map_GatewayAPIIngressConfig +} + +var map_Ingress = map[string]string{ + "": "Ingress contains configuration options specific to the Ingress Operator itself.\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.", + "metadata": "metadata is the standard object's metadata.", + "spec": "spec holds user settable values for configuration.", + "status": "status holds observed values from the cluster.", +} + +func (Ingress) SwaggerDoc() map[string]string { + return map_Ingress +} + +var map_IngressList = map[string]string{ + "": "IngressList is a collection of Ingresses.\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.", + "metadata": "metadata is the standard list's metadata.", + "items": "items is a list of Ingresses.", +} + +func (IngressList) SwaggerDoc() map[string]string { + return map_IngressList +} + +var map_IngressSpec = map[string]string{ + "": "IngressSpec defines the desired configuration of the cluster-ingress-operator", + "gatewayAPI": "gatewayAPI holds configuration for Gateway API integration, including how the Cluster Ingress Operator manages Gateway API CRDs and the Gateway controller stack.\n\nWhen omitted, the operator uses the default Gateway API configuration, which sets managementMode to \"Managed\".", +} + +func (IngressSpec) SwaggerDoc() map[string]string { + return map_IngressSpec +} + +var map_IngressStatus = map[string]string{ + "": "IngressStatus describe the current state of cluster-ingress-operator", +} + +func (IngressStatus) SwaggerDoc() map[string]string { + return map_IngressStatus +} + var map_OLM = map[string]string{ "": "OLM provides information to configure an operator to manage the OLM controllers\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.", "metadata": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", diff --git a/payload-manifests/featuregates/featureGate-4-10-Hypershift-Default.yaml b/payload-manifests/featuregates/featureGate-4-10-Hypershift-Default.yaml index dd1f68b4915..86a69cf047f 100644 --- a/payload-manifests/featuregates/featureGate-4-10-Hypershift-Default.yaml +++ b/payload-manifests/featuregates/featureGate-4-10-Hypershift-Default.yaml @@ -155,6 +155,9 @@ { "name": "GCPDualStackInstall" }, + { + "name": "GatewayAPIManagementMode" + }, { "name": "ImageModeStatusReporting" }, diff --git a/payload-manifests/featuregates/featureGate-4-10-Hypershift-DevPreviewNoUpgrade.yaml b/payload-manifests/featuregates/featureGate-4-10-Hypershift-DevPreviewNoUpgrade.yaml index 2c7f5be3021..ed072fa96f3 100644 --- a/payload-manifests/featuregates/featureGate-4-10-Hypershift-DevPreviewNoUpgrade.yaml +++ b/payload-manifests/featuregates/featureGate-4-10-Hypershift-DevPreviewNoUpgrade.yaml @@ -237,6 +237,9 @@ { "name": "GCPDualStackInstall" }, + { + "name": "GatewayAPIManagementMode" + }, { "name": "GatewayAPIWithoutOLM" }, diff --git a/payload-manifests/featuregates/featureGate-4-10-Hypershift-OKD.yaml b/payload-manifests/featuregates/featureGate-4-10-Hypershift-OKD.yaml index 1e93fa0530c..b087b2ce2fc 100644 --- a/payload-manifests/featuregates/featureGate-4-10-Hypershift-OKD.yaml +++ b/payload-manifests/featuregates/featureGate-4-10-Hypershift-OKD.yaml @@ -157,6 +157,9 @@ { "name": "GCPDualStackInstall" }, + { + "name": "GatewayAPIManagementMode" + }, { "name": "ImageModeStatusReporting" }, diff --git a/payload-manifests/featuregates/featureGate-4-10-Hypershift-TechPreviewNoUpgrade.yaml b/payload-manifests/featuregates/featureGate-4-10-Hypershift-TechPreviewNoUpgrade.yaml index c527e026146..3568ab2dcc6 100644 --- a/payload-manifests/featuregates/featureGate-4-10-Hypershift-TechPreviewNoUpgrade.yaml +++ b/payload-manifests/featuregates/featureGate-4-10-Hypershift-TechPreviewNoUpgrade.yaml @@ -249,6 +249,9 @@ { "name": "GCPDualStackInstall" }, + { + "name": "GatewayAPIManagementMode" + }, { "name": "GatewayAPIWithoutOLM" }, diff --git a/payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-Default.yaml b/payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-Default.yaml index 70b252fce88..5aebe87d62c 100644 --- a/payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-Default.yaml +++ b/payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-Default.yaml @@ -152,6 +152,9 @@ { "name": "GCPDualStackInstall" }, + { + "name": "GatewayAPIManagementMode" + }, { "name": "HyperShiftOnlyDynamicResourceAllocation" }, diff --git a/payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-DevPreviewNoUpgrade.yaml b/payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-DevPreviewNoUpgrade.yaml index 6a98f382bf9..287d9920e88 100644 --- a/payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-DevPreviewNoUpgrade.yaml +++ b/payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-DevPreviewNoUpgrade.yaml @@ -210,6 +210,9 @@ { "name": "GCPDualStackInstall" }, + { + "name": "GatewayAPIManagementMode" + }, { "name": "GatewayAPIWithoutOLM" }, diff --git a/payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-OKD.yaml b/payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-OKD.yaml index 3f00a45508f..c339f21ee6f 100644 --- a/payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-OKD.yaml +++ b/payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-OKD.yaml @@ -154,6 +154,9 @@ { "name": "GCPDualStackInstall" }, + { + "name": "GatewayAPIManagementMode" + }, { "name": "HyperShiftOnlyDynamicResourceAllocation" }, diff --git a/payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-TechPreviewNoUpgrade.yaml b/payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-TechPreviewNoUpgrade.yaml index 233599c2005..6fe4a8c1449 100644 --- a/payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-TechPreviewNoUpgrade.yaml +++ b/payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-TechPreviewNoUpgrade.yaml @@ -225,6 +225,9 @@ { "name": "GCPDualStackInstall" }, + { + "name": "GatewayAPIManagementMode" + }, { "name": "GatewayAPIWithoutOLM" },