From b918c3636f5dcc030bbbc5191e757e37df87c682 Mon Sep 17 00:00:00 2001 From: Damiano Donati Date: Thu, 18 Apr 2024 09:33:18 +0200 Subject: [PATCH] bump to capi v1.7.0 (#4897) - bump deps for capi v1.7.x - enable MachinePools by default - use capi v1.7.0 --- ...bootstrap.cluster.x-k8s.io_eksconfigs.yaml | 178 +- ...p.cluster.x-k8s.io_eksconfigtemplates.yaml | 108 +- ...ster.x-k8s.io_awsmanagedcontrolplanes.yaml | 1488 +++++++++-------- ...ne.cluster.x-k8s.io_rosacontrolplanes.yaml | 612 ++++--- ...k8s.io_awsclustercontrolleridentities.yaml | 148 +- ...ter.x-k8s.io_awsclusterroleidentities.yaml | 214 +-- ...tructure.cluster.x-k8s.io_awsclusters.yaml | 1033 ++++++------ ...r.x-k8s.io_awsclusterstaticidentities.yaml | 168 +- ....cluster.x-k8s.io_awsclustertemplates.yaml | 778 +++++---- ...e.cluster.x-k8s.io_awsfargateprofiles.yaml | 284 ++-- ...ture.cluster.x-k8s.io_awsmachinepools.yaml | 627 +++---- ...tructure.cluster.x-k8s.io_awsmachines.yaml | 748 +++++---- ....cluster.x-k8s.io_awsmachinetemplates.yaml | 620 +++---- ...e.cluster.x-k8s.io_awsmanagedclusters.yaml | 25 +- ...uster.x-k8s.io_awsmanagedmachinepools.yaml | 658 ++++---- ...ructure.cluster.x-k8s.io_rosaclusters.yaml | 25 +- ...ure.cluster.x-k8s.io_rosamachinepools.yaml | 136 +- .../awsmachine_controller_unit_test.go | 8 +- exp/controllers/awsmachinepool_controller.go | 2 +- feature/feature.go | 2 +- go.mod | 104 +- go.sum | 568 ++----- hack/tools/go.mod | 18 +- hack/tools/go.sum | 36 +- test/e2e/data/e2e_conf.yaml | 20 +- test/e2e/data/e2e_eks_conf.yaml | 20 +- test/e2e/data/shared/v1beta1/metadata.yaml | 3 + test/e2e/suites/unmanaged/helpers_test.go | 4 +- versions.mk | 2 +- 29 files changed, 4419 insertions(+), 4218 deletions(-) diff --git a/config/crd/bases/bootstrap.cluster.x-k8s.io_eksconfigs.yaml b/config/crd/bases/bootstrap.cluster.x-k8s.io_eksconfigs.yaml index 9b5a7c4a17..1d298881d8 100644 --- a/config/crd/bases/bootstrap.cluster.x-k8s.io_eksconfigs.yaml +++ b/config/crd/bases/bootstrap.cluster.x-k8s.io_eksconfigs.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: eksconfigs.bootstrap.cluster.x-k8s.io spec: group: bootstrap.cluster.x-k8s.io @@ -34,14 +34,19 @@ spec: Configuration API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -58,13 +63,13 @@ spec: when bootstrapping EKS. type: string dnsClusterIP: - description: DNSClusterIP overrides the IP address to use for DNS - queries within the cluster. + description: ' DNSClusterIP overrides the IP address to use for DNS + queries within the cluster.' type: string dockerConfigJson: - description: DockerConfigJson is used for the contents of the /etc/docker/daemon.json - file. Useful if you want a custom config differing from the default - one in the AMI. This is expected to be a json string. + description: |- + DockerConfigJson is used for the contents of the /etc/docker/daemon.json file. Useful if you want a custom config differing from the default one in the AMI. + This is expected to be a json string. type: string kubeletExtraArgs: additionalProperties: @@ -77,8 +82,8 @@ spec: to use. properties: accountNumber: - description: AccountNumber is the AWS account number to pull the - pause container from. + description: ' AccountNumber is the AWS account number to pull + the pause container from.' type: string version: description: Version is the tag of the pause container to use. @@ -88,8 +93,9 @@ spec: - version type: object serviceIPV6Cidr: - description: ServiceIPV6Cidr is the ipv6 cidr range of the cluster. - If this is specified then the ip family will be set to ipv6. + description: |- + ServiceIPV6Cidr is the ipv6 cidr range of the cluster. If this is specified then + the ip family will be set to ipv6. type: string useMaxPods: description: UseMaxPods sets --max-pods for the kubelet when true. @@ -106,37 +112,37 @@ spec: operational state. properties: lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. + description: |- + Last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when + the API field changed is acceptable. format: date-time type: string message: - description: A human readable message indicating details about - the transition. This field may be empty. + description: |- + A human readable message indicating details about the transition. + This field may be empty. type: string reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. + description: |- + The reason for the condition's last transition in CamelCase. + The specific API may choose whether or not this field is considered a guaranteed API. + This field may not be empty. type: string severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. + description: |- + Severity provides an explicit classification of Reason code, so the users or machines can immediately + understand the current situation and act accordingly. + The Severity field MUST be set only when Status=False. type: string status: description: Status of the condition, one of True, False, Unknown. type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions + can be useful (see .node.status.conditions), the ability to deconflict is important. type: string required: - lastTransitionTime @@ -185,14 +191,19 @@ spec: Configuration API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -239,9 +250,9 @@ spec: used. If set to None, no label is used. type: string overwrite: - description: Overwrite defines whether or not to overwrite - any existing filesystem. If true, any pre-existing file - system will be destroyed. Use with Caution. + description: |- + Overwrite defines whether or not to overwrite any existing filesystem. + If true, any pre-existing file system will be destroyed. Use with Caution. type: boolean partition: description: 'Partition specifies the partition to use. @@ -264,21 +275,21 @@ spec: description: Device is the name of the device. type: string layout: - description: Layout specifies the device layout. If it is - true, a single partition will be created for the entire - device. When layout is false, it means don't partition - or ignore existing partitioning. + description: |- + Layout specifies the device layout. + If it is true, a single partition will be created for the entire device. + When layout is false, it means don't partition or ignore existing partitioning. type: boolean overwrite: - description: Overwrite describes whether to skip checks - and create the partition if a partition or filesystem - is found on the device. Use with caution. Default is 'false'. + description: |- + Overwrite describes whether to skip checks and create the partition if a partition or filesystem is found on the device. + Use with caution. Default is 'false'. type: boolean tableType: - description: 'TableType specifies the tupe of partition - table. The following are supported: ''mbr'': default and - setups a MS-DOS partition table ''gpt'': setups a GPT - partition table' + description: |- + TableType specifies the tupe of partition table. The following are supported: + 'mbr': default and setups a MS-DOS partition table + 'gpt': setups a GPT partition table type: string required: - device @@ -287,13 +298,13 @@ spec: type: array type: object dnsClusterIP: - description: DNSClusterIP overrides the IP address to use for DNS - queries within the cluster. + description: ' DNSClusterIP overrides the IP address to use for DNS + queries within the cluster.' type: string dockerConfigJson: - description: DockerConfigJson is used for the contents of the /etc/docker/daemon.json - file. Useful if you want a custom config differing from the default - one in the AMI. This is expected to be a json string. + description: |- + DockerConfigJson is used for the contents of the /etc/docker/daemon.json file. Useful if you want a custom config differing from the default one in the AMI. + This is expected to be a json string. type: string files: description: Files specifies extra files to be passed to user_data @@ -386,8 +397,8 @@ spec: to use. properties: accountNumber: - description: AccountNumber is the AWS account number to pull the - pause container from. + description: ' AccountNumber is the AWS account number to pull + the pause container from.' type: string version: description: Version is the tag of the pause container to use. @@ -409,8 +420,9 @@ spec: type: string type: array serviceIPV6Cidr: - description: ServiceIPV6Cidr is the ipv6 cidr range of the cluster. - If this is specified then the ip family will be set to ipv6. + description: |- + ServiceIPV6Cidr is the ipv6 cidr range of the cluster. If this is specified then + the ip family will be set to ipv6. type: string useMaxPods: description: UseMaxPods sets --max-pods for the kubelet when true. @@ -500,37 +512,37 @@ spec: operational state. properties: lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. + description: |- + Last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when + the API field changed is acceptable. format: date-time type: string message: - description: A human readable message indicating details about - the transition. This field may be empty. + description: |- + A human readable message indicating details about the transition. + This field may be empty. type: string reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. + description: |- + The reason for the condition's last transition in CamelCase. + The specific API may choose whether or not this field is considered a guaranteed API. + This field may not be empty. type: string severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. + description: |- + Severity provides an explicit classification of Reason code, so the users or machines can immediately + understand the current situation and act accordingly. + The Severity field MUST be set only when Status=False. type: string status: description: Status of the condition, one of True, False, Unknown. type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions + can be useful (see .node.status.conditions), the ability to deconflict is important. type: string required: - lastTransitionTime diff --git a/config/crd/bases/bootstrap.cluster.x-k8s.io_eksconfigtemplates.yaml b/config/crd/bases/bootstrap.cluster.x-k8s.io_eksconfigtemplates.yaml index 49e37a9948..0a63027e0a 100644 --- a/config/crd/bases/bootstrap.cluster.x-k8s.io_eksconfigtemplates.yaml +++ b/config/crd/bases/bootstrap.cluster.x-k8s.io_eksconfigtemplates.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: eksconfigtemplates.bootstrap.cluster.x-k8s.io spec: group: bootstrap.cluster.x-k8s.io @@ -25,14 +25,19 @@ spec: API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -56,14 +61,13 @@ spec: to use when bootstrapping EKS. type: string dnsClusterIP: - description: DNSClusterIP overrides the IP address to use - for DNS queries within the cluster. + description: ' DNSClusterIP overrides the IP address to use + for DNS queries within the cluster.' type: string dockerConfigJson: - description: DockerConfigJson is used for the contents of - the /etc/docker/daemon.json file. Useful if you want a custom - config differing from the default one in the AMI. This is - expected to be a json string. + description: |- + DockerConfigJson is used for the contents of the /etc/docker/daemon.json file. Useful if you want a custom config differing from the default one in the AMI. + This is expected to be a json string. type: string kubeletExtraArgs: additionalProperties: @@ -76,8 +80,8 @@ spec: container to use. properties: accountNumber: - description: AccountNumber is the AWS account number to - pull the pause container from. + description: ' AccountNumber is the AWS account number + to pull the pause container from.' type: string version: description: Version is the tag of the pause container @@ -88,9 +92,9 @@ spec: - version type: object serviceIPV6Cidr: - description: ServiceIPV6Cidr is the ipv6 cidr range of the - cluster. If this is specified then the ip family will be - set to ipv6. + description: |- + ServiceIPV6Cidr is the ipv6 cidr range of the cluster. If this is specified then + the ip family will be set to ipv6. type: string useMaxPods: description: UseMaxPods sets --max-pods for the kubelet when @@ -111,14 +115,19 @@ spec: API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -174,10 +183,9 @@ spec: to be used. If set to None, no label is used. type: string overwrite: - description: Overwrite defines whether or not to - overwrite any existing filesystem. If true, any - pre-existing file system will be destroyed. Use - with Caution. + description: |- + Overwrite defines whether or not to overwrite any existing filesystem. + If true, any pre-existing file system will be destroyed. Use with Caution. type: boolean partition: description: 'Partition specifies the partition @@ -202,22 +210,21 @@ spec: description: Device is the name of the device. type: string layout: - description: Layout specifies the device layout. - If it is true, a single partition will be created - for the entire device. When layout is false, it - means don't partition or ignore existing partitioning. + description: |- + Layout specifies the device layout. + If it is true, a single partition will be created for the entire device. + When layout is false, it means don't partition or ignore existing partitioning. type: boolean overwrite: - description: Overwrite describes whether to skip - checks and create the partition if a partition - or filesystem is found on the device. Use with - caution. Default is 'false'. + description: |- + Overwrite describes whether to skip checks and create the partition if a partition or filesystem is found on the device. + Use with caution. Default is 'false'. type: boolean tableType: - description: 'TableType specifies the tupe of partition - table. The following are supported: ''mbr'': default - and setups a MS-DOS partition table ''gpt'': setups - a GPT partition table' + description: |- + TableType specifies the tupe of partition table. The following are supported: + 'mbr': default and setups a MS-DOS partition table + 'gpt': setups a GPT partition table type: string required: - device @@ -226,14 +233,13 @@ spec: type: array type: object dnsClusterIP: - description: DNSClusterIP overrides the IP address to use - for DNS queries within the cluster. + description: ' DNSClusterIP overrides the IP address to use + for DNS queries within the cluster.' type: string dockerConfigJson: - description: DockerConfigJson is used for the contents of - the /etc/docker/daemon.json file. Useful if you want a custom - config differing from the default one in the AMI. This is - expected to be a json string. + description: |- + DockerConfigJson is used for the contents of the /etc/docker/daemon.json file. Useful if you want a custom config differing from the default one in the AMI. + This is expected to be a json string. type: string files: description: Files specifies extra files to be passed to user_data @@ -329,8 +335,8 @@ spec: container to use. properties: accountNumber: - description: AccountNumber is the AWS account number to - pull the pause container from. + description: ' AccountNumber is the AWS account number + to pull the pause container from.' type: string version: description: Version is the tag of the pause container @@ -353,9 +359,9 @@ spec: type: string type: array serviceIPV6Cidr: - description: ServiceIPV6Cidr is the ipv6 cidr range of the - cluster. If this is specified then the ip family will be - set to ipv6. + description: |- + ServiceIPV6Cidr is the ipv6 cidr range of the cluster. If this is specified then + the ip family will be set to ipv6. type: string useMaxPods: description: UseMaxPods sets --max-pods for the kubelet when diff --git a/config/crd/bases/controlplane.cluster.x-k8s.io_awsmanagedcontrolplanes.yaml b/config/crd/bases/controlplane.cluster.x-k8s.io_awsmanagedcontrolplanes.yaml index f2ed7ef9d8..d94cb5acd8 100644 --- a/config/crd/bases/controlplane.cluster.x-k8s.io_awsmanagedcontrolplanes.yaml +++ b/config/crd/bases/controlplane.cluster.x-k8s.io_awsmanagedcontrolplanes.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: awsmanagedcontrolplanes.controlplane.cluster.x-k8s.io spec: group: controlplane.cluster.x-k8s.io @@ -47,14 +47,19 @@ spec: Control Plane API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -65,9 +70,9 @@ spec: additionalTags: additionalProperties: type: string - description: AdditionalTags is an optional set of tags to add to AWS - resources managed by the AWS provider, in addition to the ones added - by default. + description: |- + AdditionalTags is an optional set of tags to add to AWS resources managed by the AWS provider, in addition to the + ones added by default. type: object addons: description: Addons defines the EKS addons to enable with the EKS @@ -80,8 +85,9 @@ spec: type: string conflictResolution: default: none - description: ConflictResolution is used to declare what should - happen if there are parameter conflicts. Defaults to none + description: |- + ConflictResolution is used to declare what should happen if there + are parameter conflicts. Defaults to none enum: - overwrite - none @@ -104,38 +110,39 @@ spec: type: array associateOIDCProvider: default: false - description: AssociateOIDCProvider can be enabled to automatically - create an identity provider for the controller for use with IAM - roles for service accounts + description: |- + AssociateOIDCProvider can be enabled to automatically create an identity + provider for the controller for use with IAM roles for service accounts type: boolean bastion: description: Bastion contains options to configure the bastion host. properties: allowedCIDRBlocks: - description: AllowedCIDRBlocks is a list of CIDR blocks allowed - to access the bastion host. They are set as ingress rules for - the Bastion host's Security Group (defaults to 0.0.0.0/0). + description: |- + AllowedCIDRBlocks is a list of CIDR blocks allowed to access the bastion host. + They are set as ingress rules for the Bastion host's Security Group (defaults to 0.0.0.0/0). items: type: string type: array ami: - description: AMI will use the specified AMI to boot the bastion. - If not specified, the AMI will default to one picked out in - public space. + description: |- + AMI will use the specified AMI to boot the bastion. If not specified, + the AMI will default to one picked out in public space. type: string disableIngressRules: - description: DisableIngressRules will ensure there are no Ingress - rules in the bastion host's security group. Requires AllowedCIDRBlocks - to be empty. + description: |- + DisableIngressRules will ensure there are no Ingress rules in the bastion host's security group. + Requires AllowedCIDRBlocks to be empty. type: boolean enabled: - description: Enabled allows this provider to create a bastion - host instance with a public ip to access the VPC private network. + description: |- + Enabled allows this provider to create a bastion host instance + with a public ip to access the VPC private network. type: boolean instanceType: - description: InstanceType will use the specified instance type - for the bastion. If not specified, Cluster API Provider AWS - will use t3.micro for all regions except us-east-1, where t2.micro + description: |- + InstanceType will use the specified instance type for the bastion. If not specified, + Cluster API Provider AWS will use t3.micro for all regions except us-east-1, where t2.micro will be the default. type: string type: object @@ -156,18 +163,18 @@ spec: type: object disableVPCCNI: default: false - description: DisableVPCCNI indicates that the Amazon VPC CNI should - be disabled. With EKS clusters the Amazon VPC CNI is automatically - installed into the cluster. For clusters where you want to use an - alternate CNI this option provides a way to specify that the Amazon - VPC CNI should be deleted. You cannot set this to true if you are - using the Amazon VPC CNI addon. + description: |- + DisableVPCCNI indicates that the Amazon VPC CNI should be disabled. With EKS clusters the + Amazon VPC CNI is automatically installed into the cluster. For clusters where you want + to use an alternate CNI this option provides a way to specify that the Amazon VPC CNI + should be deleted. You cannot set this to true if you are using the + Amazon VPC CNI addon. type: boolean eksClusterName: - description: EKSClusterName allows you to specify the name of the - EKS cluster in AWS. If you don't specify a name then a default name - will be created based on the namespace and name of the managed control - plane. + description: |- + EKSClusterName allows you to specify the name of the EKS cluster in + AWS. If you don't specify a name then a default name will be created + based on the namespace and name of the managed control plane. type: string encryptionConfig: description: EncryptionConfig specifies the encryption configuration @@ -203,10 +210,10 @@ spec: type: array type: object iamAuthenticatorConfig: - description: IAMAuthenticatorConfig allows the specification of any - additional user or role mappings for use when generating the aws-iam-authenticator - configuration. If this is nil the default configuration is still - generated for the cluster. + description: |- + IAMAuthenticatorConfig allows the specification of any additional user or role mappings + for use when generating the aws-iam-authenticator configuration. If this is nil the + default configuration is still generated for the cluster. properties: mapRoles: description: RoleMappings is a list of role mappings @@ -258,9 +265,9 @@ spec: type: array type: object identityRef: - description: IdentityRef is a reference to an identity to be used - when reconciling the managed control plane. If no identity is specified, - the default identity for this controller will be used. + description: |- + IdentityRef is a reference to an identity to be used when reconciling the managed control plane. + If no identity is specified, the default identity for this controller will be used. properties: kind: description: Kind of the identity. @@ -278,30 +285,32 @@ spec: - name type: object imageLookupBaseOS: - description: ImageLookupBaseOS is the name of the base operating system - used to look up machine images when a machine does not specify an - AMI. When set, this will be used for all cluster machines unless - a machine specifies a different ImageLookupBaseOS. + description: |- + ImageLookupBaseOS is the name of the base operating system used to look + up machine images when a machine does not specify an AMI. When set, this + will be used for all cluster machines unless a machine specifies a + different ImageLookupBaseOS. type: string imageLookupFormat: - description: 'ImageLookupFormat is the AMI naming format to look up - machine images when a machine does not specify an AMI. When set, - this will be used for all cluster machines unless a machine specifies - a different ImageLookupOrg. Supports substitutions for {{.BaseOS}} - and {{.K8sVersion}} with the base OS and kubernetes version, respectively. - The BaseOS will be the value in ImageLookupBaseOS or ubuntu (the - default), and the kubernetes version as defined by the packages - produced by kubernetes/release without v as a prefix: 1.13.0, 1.12.5-mybuild.1, - or 1.17.3. For example, the default image format of capa-ami-{{.BaseOS}}-?{{.K8sVersion}}-* - will end up searching for AMIs that match the pattern capa-ami-ubuntu-?1.18.0-* - for a Machine that is targeting kubernetes v1.18.0 and the ubuntu - base OS. See also: https://golang.org/pkg/text/template/' + description: |- + ImageLookupFormat is the AMI naming format to look up machine images when + a machine does not specify an AMI. When set, this will be used for all + cluster machines unless a machine specifies a different ImageLookupOrg. + Supports substitutions for {{.BaseOS}} and {{.K8sVersion}} with the base + OS and kubernetes version, respectively. The BaseOS will be the value in + ImageLookupBaseOS or ubuntu (the default), and the kubernetes version as + defined by the packages produced by kubernetes/release without v as a + prefix: 1.13.0, 1.12.5-mybuild.1, or 1.17.3. For example, the default + image format of capa-ami-{{.BaseOS}}-?{{.K8sVersion}}-* will end up + searching for AMIs that match the pattern capa-ami-ubuntu-?1.18.0-* for a + Machine that is targeting kubernetes v1.18.0 and the ubuntu base OS. See + also: https://golang.org/pkg/text/template/ type: string imageLookupOrg: - description: ImageLookupOrg is the AWS Organization ID to look up - machine images when a machine does not specify an AMI. When set, - this will be used for all cluster machines unless a machine specifies - a different ImageLookupOrg. + description: |- + ImageLookupOrg is the AWS Organization ID to look up machine images when a + machine does not specify an AMI. When set, this will be used for all + cluster machines unless a machine specifies a different ImageLookupOrg. type: string kubeProxy: description: KubeProxy defines managed attributes of the kube-proxy @@ -309,18 +318,18 @@ spec: properties: disable: default: false - description: Disable set to true indicates that kube-proxy should - be disabled. With EKS clusters kube-proxy is automatically installed - into the cluster. For clusters where you want to use kube-proxy - functionality that is provided with an alternate CNI, this option - provides a way to specify that the kube-proxy daemonset should - be deleted. You cannot set this to true if you are using the - Amazon kube-proxy addon. + description: |- + Disable set to true indicates that kube-proxy should be disabled. With EKS clusters + kube-proxy is automatically installed into the cluster. For clusters where you want + to use kube-proxy functionality that is provided with an alternate CNI, this option + provides a way to specify that the kube-proxy daemonset should be deleted. You cannot + set this to true if you are using the Amazon kube-proxy addon. type: boolean type: object logging: - description: Logging specifies which EKS Cluster logs should be enabled. - Entries for each of the enabled logs will be sent to CloudWatch + description: |- + Logging specifies which EKS Cluster logs should be enabled. Entries for + each of the enabled logs will be sent to CloudWatch properties: apiServer: default: false @@ -404,9 +413,9 @@ spec: type: string type: array sourceSecurityGroupRoles: - description: The security group role to allow access from. - Cannot be specified with CidrBlocks. The field will be - combined with source security group IDs if specified. + description: |- + The security group role to allow access from. Cannot be specified with CidrBlocks. + The field will be combined with source security group IDs if specified. items: description: SecurityGroupRole defines the unique role of a security group. @@ -434,10 +443,9 @@ spec: description: CNI configuration properties: cniIngressRules: - description: CNIIngressRules specify rules to apply to control - plane and worker node security groups. The source for the - rule will be set to control plane and worker security group - IDs. + description: |- + CNIIngressRules specify rules to apply to control plane and worker node security groups. + The source for the rule will be set to control plane and worker security group IDs. items: description: CNIIngressRule defines an AWS ingress rule for CNI requirements. @@ -465,9 +473,9 @@ spec: securityGroupOverrides: additionalProperties: type: string - description: SecurityGroupOverrides is an optional set of security - groups to use for cluster instances This is optional - if not - provided new security groups will be created for the cluster + description: |- + SecurityGroupOverrides is an optional set of security groups to use for cluster instances + This is optional - if not provided new security groups will be created for the cluster type: object subnets: description: Subnets configuration. @@ -483,28 +491,27 @@ spec: the provider creates a managed VPC. type: string id: - description: "ID defines a unique identifier to reference - this resource. If you're bringing your subnet, set the - AWS subnet-id here, it must start with `subnet-`. \n When - the VPC is managed by CAPA, and you'd like the provider - to create a subnet for you, the id can be set to any placeholder - value that does not start with `subnet-`; upon creation, - the subnet AWS identifier will be populated in the `ResourceID` - field and the `id` field is going to be used as the subnet - name. If you specify a tag called `Name`, it takes precedence." + description: |- + ID defines a unique identifier to reference this resource. + If you're bringing your subnet, set the AWS subnet-id here, it must start with `subnet-`. + + + When the VPC is managed by CAPA, and you'd like the provider to create a subnet for you, + the id can be set to any placeholder value that does not start with `subnet-`; + upon creation, the subnet AWS identifier will be populated in the `ResourceID` field and + the `id` field is going to be used as the subnet name. If you specify a tag + called `Name`, it takes precedence. type: string ipv6CidrBlock: - description: IPv6CidrBlock is the IPv6 CIDR block to be - used when the provider creates a managed VPC. A subnet - can have an IPv4 and an IPv6 address. IPv6 is only supported - in managed clusters, this field cannot be set on AWSCluster - object. + description: |- + IPv6CidrBlock is the IPv6 CIDR block to be used when the provider creates a managed VPC. + A subnet can have an IPv4 and an IPv6 address. + IPv6 is only supported in managed clusters, this field cannot be set on AWSCluster object. type: string isIpv6: - description: IsIPv6 defines the subnet as an IPv6 subnet. - A subnet is IPv6 when it is associated with a VPC that - has IPv6 enabled. IPv6 is only supported in managed clusters, - this field cannot be set on AWSCluster object. + description: |- + IsIPv6 defines the subnet as an IPv6 subnet. A subnet is IPv6 when it is associated with a VPC that has IPv6 enabled. + IPv6 is only supported in managed clusters, this field cannot be set on AWSCluster object. type: boolean isPublic: description: IsPublic defines the subnet as a public subnet. @@ -512,17 +519,14 @@ spec: table that has a route to an internet gateway. type: boolean natGatewayId: - description: NatGatewayID is the NAT gateway id associated - with the subnet. Ignored unless the subnet is managed - by the provider, in which case this is set on the public - subnet where the NAT gateway resides. It is then used - to determine routes for private subnets in the same AZ - as the public subnet. + description: |- + NatGatewayID is the NAT gateway id associated with the subnet. + Ignored unless the subnet is managed by the provider, in which case this is set on the public subnet where the NAT gateway resides. It is then used to determine routes for private subnets in the same AZ as the public subnet. type: string resourceID: - description: ResourceID is the subnet identifier from AWS, - READ ONLY. This field is populated when the provider manages - the subnet. + description: |- + ResourceID is the subnet identifier from AWS, READ ONLY. + This field is populated when the provider manages the subnet. type: string routeTableId: description: RouteTableID is the routing table id associated @@ -546,40 +550,43 @@ spec: properties: availabilityZoneSelection: default: Ordered - description: 'AvailabilityZoneSelection specifies how AZs - should be selected if there are more AZs in a region than - specified by AvailabilityZoneUsageLimit. There are 2 selection - schemes: Ordered - selects based on alphabetical order Random - - selects AZs randomly in a region Defaults to Ordered' + description: |- + AvailabilityZoneSelection specifies how AZs should be selected if there are more AZs + in a region than specified by AvailabilityZoneUsageLimit. There are 2 selection schemes: + Ordered - selects based on alphabetical order + Random - selects AZs randomly in a region + Defaults to Ordered enum: - Ordered - Random type: string availabilityZoneUsageLimit: default: 3 - description: AvailabilityZoneUsageLimit specifies the maximum - number of availability zones (AZ) that should be used in - a region when automatically creating subnets. If a region - has more than this number of AZs then this number of AZs - will be picked randomly when creating default subnets. Defaults - to 3 + description: |- + AvailabilityZoneUsageLimit specifies the maximum number of availability zones (AZ) that + should be used in a region when automatically creating subnets. If a region has more + than this number of AZs then this number of AZs will be picked randomly when creating + default subnets. Defaults to 3 minimum: 1 type: integer cidrBlock: - description: CidrBlock is the CIDR block to be used when the - provider creates a managed VPC. Defaults to 10.0.0.0/16. + description: |- + CidrBlock is the CIDR block to be used when the provider creates a managed VPC. + Defaults to 10.0.0.0/16. Mutually exclusive with IPAMPool. type: string emptyRoutesDefaultVPCSecurityGroup: - description: "EmptyRoutesDefaultVPCSecurityGroup specifies - whether the default VPC security group ingress and egress - rules should be removed. \n By default, when creating a - VPC, AWS creates a security group called `default` with - ingress and egress rules that allow traffic from anywhere. - The group could be used as a potential surface attack and - it's generally suggested that the group rules are removed - or modified appropriately. \n NOTE: This only applies when - the VPC is managed by the Cluster API AWS controller." + description: |- + EmptyRoutesDefaultVPCSecurityGroup specifies whether the default VPC security group ingress + and egress rules should be removed. + + + By default, when creating a VPC, AWS creates a security group called `default` with ingress and egress + rules that allow traffic from anywhere. The group could be used as a potential surface attack and + it's generally suggested that the group rules are removed or modified appropriately. + + + NOTE: This only applies when the VPC is managed by the Cluster API AWS controller. type: boolean id: description: ID is the vpc-id of the VPC this provider should @@ -590,8 +597,9 @@ spec: associated with the VPC. type: string ipamPool: - description: IPAMPool defines the IPAMv4 pool to be used for - VPC. Mutually exclusive with CidrBlock. + description: |- + IPAMPool defines the IPAMv4 pool to be used for VPC. + Mutually exclusive with CidrBlock. properties: id: description: ID is the ID of the IPAM pool this provider @@ -602,20 +610,22 @@ spec: should use to create VPC. type: string netmaskLength: - description: The netmask length of the IPv4 CIDR you want - to allocate to VPC from an Amazon VPC IP Address Manager - (IPAM) pool. Defaults to /16 for IPv4 if not specified. + description: |- + The netmask length of the IPv4 CIDR you want to allocate to VPC from + an Amazon VPC IP Address Manager (IPAM) pool. + Defaults to /16 for IPv4 if not specified. format: int64 type: integer type: object ipv6: - description: IPv6 contains ipv6 specific settings for the - network. Supported only in managed clusters. This field - cannot be set on AWSCluster object. + description: |- + IPv6 contains ipv6 specific settings for the network. Supported only in managed clusters. + This field cannot be set on AWSCluster object. properties: cidrBlock: - description: CidrBlock is the CIDR block provided by Amazon - when VPC has enabled IPv6. Mutually exclusive with IPAMPool. + description: |- + CidrBlock is the CIDR block provided by Amazon when VPC has enabled IPv6. + Mutually exclusive with IPAMPool. type: string egressOnlyInternetGatewayId: description: EgressOnlyInternetGatewayID is the id of @@ -623,8 +633,9 @@ spec: IPv6 enabled VPC. type: string ipamPool: - description: IPAMPool defines the IPAMv6 pool to be used - for VPC. Mutually exclusive with CidrBlock. + description: |- + IPAMPool defines the IPAMv6 pool to be used for VPC. + Mutually exclusive with CidrBlock. properties: id: description: ID is the ID of the IPAM pool this provider @@ -635,27 +646,25 @@ spec: provider should use to create VPC. type: string netmaskLength: - description: The netmask length of the IPv4 CIDR you - want to allocate to VPC from an Amazon VPC IP Address - Manager (IPAM) pool. Defaults to /16 for IPv4 if - not specified. + description: |- + The netmask length of the IPv4 CIDR you want to allocate to VPC from + an Amazon VPC IP Address Manager (IPAM) pool. + Defaults to /16 for IPv4 if not specified. format: int64 type: integer type: object poolId: - description: PoolID is the IP pool which must be defined - in case of BYO IP is defined. Must be specified if CidrBlock - is set. Mutually exclusive with IPAMPool. + description: |- + PoolID is the IP pool which must be defined in case of BYO IP is defined. + Must be specified if CidrBlock is set. + Mutually exclusive with IPAMPool. type: string type: object privateDnsHostnameTypeOnLaunch: - description: PrivateDNSHostnameTypeOnLaunch is the type of - hostname to assign to instances in the subnet at launch. - For IPv4-only and dual-stack (IPv4 and IPv6) subnets, an - instance DNS name can be based on the instance IPv4 address - (ip-name) or the instance ID (resource-name). For IPv6 only - subnets, an instance DNS name must be based on the instance - ID (resource-name). + description: |- + PrivateDNSHostnameTypeOnLaunch is the type of hostname to assign to instances in the subnet at launch. + For IPv4-only and dual-stack (IPv4 and IPv6) subnets, an instance DNS name can be based on the instance IPv4 address (ip-name) + or the instance ID (resource-name). For IPv6 only subnets, an instance DNS name must be based on the instance ID (resource-name). enum: - ip-name - resource-name @@ -668,47 +677,50 @@ spec: type: object type: object oidcIdentityProviderConfig: - description: IdentityProviderconfig is used to specify the oidc provider - config to be attached with this eks cluster + description: |- + IdentityProviderconfig is used to specify the oidc provider config + to be attached with this eks cluster properties: clientId: - description: This is also known as audience. The ID for the client - application that makes authentication requests to the OpenID - identity provider. + description: |- + This is also known as audience. The ID for the client application that makes + authentication requests to the OpenID identity provider. type: string groupsClaim: description: The JWT claim that the provider uses to return your groups. type: string groupsPrefix: - description: 'The prefix that is prepended to group claims to - prevent clashes with existing names (such as system: groups). - For example, the valueoidc: will create group names like oidc:engineering - and oidc:infra.' + description: |- + The prefix that is prepended to group claims to prevent clashes with existing + names (such as system: groups). For example, the valueoidc: will create group + names like oidc:engineering and oidc:infra. type: string identityProviderConfigName: - description: "The name of the OIDC provider configuration. \n - IdentityProviderConfigName is a required field" + description: |- + The name of the OIDC provider configuration. + + + IdentityProviderConfigName is a required field type: string issuerUrl: - description: The URL of the OpenID identity provider that allows - the API server to discover public signing keys for verifying - tokens. The URL must begin with https:// and should correspond - to the iss claim in the provider's OIDC ID tokens. Per the OIDC - standard, path components are allowed but query parameters are + description: |- + The URL of the OpenID identity provider that allows the API server to discover + public signing keys for verifying tokens. The URL must begin with https:// + and should correspond to the iss claim in the provider's OIDC ID tokens. + Per the OIDC standard, path components are allowed but query parameters are not. Typically the URL consists of only a hostname, like https://server.example.org - or https://example.com. This URL should point to the level below - .well-known/openid-configuration and must be publicly accessible - over the internet. + or https://example.com. This URL should point to the level below .well-known/openid-configuration + and must be publicly accessible over the internet. type: string requiredClaims: additionalProperties: type: string - description: The key value pairs that describe required claims - in the identity token. If set, each claim is verified to be - present in the token with a matching value. For the maximum - number of claims that you can require, see Amazon EKS service - quotas (https://docs.aws.amazon.com/eks/latest/userguide/service-quotas.html) + description: |- + The key value pairs that describe required claims in the identity token. + If set, each claim is verified to be present in the token with a matching + value. For the maximum number of claims that you can require, see Amazon + EKS service quotas (https://docs.aws.amazon.com/eks/latest/userguide/service-quotas.html) in the Amazon EKS User Guide. type: object tags: @@ -717,41 +729,45 @@ spec: description: tags to apply to oidc identity provider association type: object usernameClaim: - description: The JSON Web Token (JWT) claim to use as the username. - The default is sub, which is expected to be a unique identifier - of the end user. You can choose other claims, such as email - or name, depending on the OpenID identity provider. Claims other - than email are prefixed with the issuer URL to prevent naming + description: |- + The JSON Web Token (JWT) claim to use as the username. The default is sub, + which is expected to be a unique identifier of the end user. You can choose + other claims, such as email or name, depending on the OpenID identity provider. + Claims other than email are prefixed with the issuer URL to prevent naming clashes with other plug-ins. type: string usernamePrefix: - description: The prefix that is prepended to username claims to - prevent clashes with existing names. If you do not provide this - field, and username is a value other than email, the prefix - defaults to issuerurl#. You can use the value - to disable all - prefixing. + description: |- + The prefix that is prepended to username claims to prevent clashes with existing + names. If you do not provide this field, and username is a value other than + email, the prefix defaults to issuerurl#. You can use the value - to disable + all prefixing. type: string type: object region: description: The AWS Region the cluster lives in. type: string roleAdditionalPolicies: - description: RoleAdditionalPolicies allows you to attach additional - polices to the control plane role. You must enable the EKSAllowAddRoles + description: |- + RoleAdditionalPolicies allows you to attach additional polices to + the control plane role. You must enable the EKSAllowAddRoles feature flag to incorporate these into the created role. items: type: string type: array roleName: - description: RoleName specifies the name of IAM role that gives EKS - permission to make API calls. If the role is pre-existing we will - treat it as unmanaged and not delete it on deletion. If the EKSEnableIAM - feature flag is true and no name is supplied then a role is created. + description: |- + RoleName specifies the name of IAM role that gives EKS + permission to make API calls. If the role is pre-existing + we will treat it as unmanaged and not delete it on + deletion. If the EKSEnableIAM feature flag is true + and no name is supplied then a role is created. minLength: 2 type: string secondaryCidrBlock: - description: SecondaryCidrBlock is the additional CIDR range to use - for pod IPs. Must be within the 100.64.0.0/10 or 198.19.0.0/16 range. + description: |- + SecondaryCidrBlock is the additional CIDR range to use for pod IPs. + Must be within the 100.64.0.0/10 or 198.19.0.0/16 range. type: string sshKeyName: description: SSHKeyName is the name of the ssh key to attach to the @@ -760,18 +776,20 @@ spec: type: string tokenMethod: default: iam-authenticator - description: TokenMethod is used to specify the method for obtaining - a client token for communicating with EKS iam-authenticator - obtains - a client token using iam-authentictor aws-cli - obtains a client - token using the AWS CLI Defaults to iam-authenticator + description: |- + TokenMethod is used to specify the method for obtaining a client token for communicating with EKS + iam-authenticator - obtains a client token using iam-authentictor + aws-cli - obtains a client token using the AWS CLI + Defaults to iam-authenticator enum: - iam-authenticator - aws-cli type: string version: - description: Version defines the desired Kubernetes version. If no - version number is supplied then the latest version of Kubernetes - that EKS supports will be used. + description: |- + Version defines the desired Kubernetes version. If no version number + is supplied then the latest version of Kubernetes that EKS supports + will be used. minLength: 2 pattern: ^v?(0|[1-9][0-9]*)\.(0|[1-9][0-9]*)\.?(\.0|[1-9][0-9]*)?$ type: string @@ -791,15 +809,16 @@ spec: C_IDENTIFIER. type: string value: - description: 'Variable references $(VAR_NAME) are expanded - using the previously defined environment variables in - the container and any service environment variables. If - a variable cannot be resolved, the reference in the input - string will be unchanged. Double $$ are reduced to a single - $, which allows for escaping the $(VAR_NAME) syntax: i.e. + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, regardless - of whether the variable exists or not. Defaults to "".' + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". type: string valueFrom: description: Source for the environment variable's value. @@ -812,9 +831,10 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its @@ -825,11 +845,9 @@ spec: type: object x-kubernetes-map-type: atomic fieldRef: - description: 'Selects a field of the pod: supports metadata.name, - metadata.namespace, `metadata.labels['''']`, - `metadata.annotations['''']`, spec.nodeName, - spec.serviceAccountName, status.hostIP, status.podIP, - status.podIPs.' + description: |- + Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. properties: apiVersion: description: Version of the schema the FieldPath @@ -844,10 +862,9 @@ spec: type: object x-kubernetes-map-type: atomic resourceFieldRef: - description: 'Selects a resource of the container: only - resources limits and requests (limits.cpu, limits.memory, - limits.ephemeral-storage, requests.cpu, requests.memory - and requests.ephemeral-storage) are currently supported.' + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. properties: containerName: description: 'Container name: required for volumes, @@ -877,9 +894,10 @@ spec: be a valid secret key. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -1005,48 +1023,64 @@ spec: properties: httpEndpoint: default: enabled - description: "Enables or disables the HTTP metadata endpoint - on your instances. \n If you specify a value of disabled, - you cannot access your instance metadata. \n Default: enabled" + description: |- + Enables or disables the HTTP metadata endpoint on your instances. + + + If you specify a value of disabled, you cannot access your instance metadata. + + + Default: enabled enum: - enabled - disabled type: string httpPutResponseHopLimit: default: 1 - description: "The desired HTTP PUT response hop limit for - instance metadata requests. The larger the number, the further - instance metadata requests can travel. \n Default: 1" + description: |- + The desired HTTP PUT response hop limit for instance metadata requests. The + larger the number, the further instance metadata requests can travel. + + + Default: 1 format: int64 maximum: 64 minimum: 1 type: integer httpTokens: default: optional - description: "The state of token usage for your instance metadata - requests. \n If the state is optional, you can choose to - retrieve instance metadata with or without a session token - on your request. If you retrieve the IAM role credentials - without a token, the version 1.0 role credentials are returned. - If you retrieve the IAM role credentials using a valid session - token, the version 2.0 role credentials are returned. \n - If the state is required, you must send a session token - with any instance metadata retrieval requests. In this state, - retrieving the IAM role credentials always returns the version - 2.0 credentials; the version 1.0 credentials are not available. - \n Default: optional" + description: |- + The state of token usage for your instance metadata requests. + + + If the state is optional, you can choose to retrieve instance metadata with + or without a session token on your request. If you retrieve the IAM role + credentials without a token, the version 1.0 role credentials are returned. + If you retrieve the IAM role credentials using a valid session token, the + version 2.0 role credentials are returned. + + + If the state is required, you must send a session token with any instance + metadata retrieval requests. In this state, retrieving the IAM role credentials + always returns the version 2.0 credentials; the version 1.0 credentials are + not available. + + + Default: optional enum: - optional - required type: string instanceMetadataTags: default: disabled - description: "Set to enabled to allow access to instance tags - from the instance metadata. Set to disabled to turn off - access to instance tags from the instance metadata. For - more information, see Work with instance tags using the - instance metadata (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#work-with-tags-in-IMDS). - \n Default: disabled" + description: |- + Set to enabled to allow access to instance tags from the instance metadata. + Set to disabled to turn off access to instance tags from the instance metadata. + For more information, see Work with instance tags using the instance metadata + (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#work-with-tags-in-IMDS). + + + Default: disabled enum: - enabled - disabled @@ -1074,11 +1108,10 @@ spec: or not. type: boolean encryptionKey: - description: EncryptionKey is the KMS key to use to encrypt - the volume. Can be either a KMS key ID or ARN. If Encrypted - is set and this is omitted, the default AWS key will be - used. The key must already exist and be accessible by - the controller. + description: |- + EncryptionKey is the KMS key to use to encrypt the volume. Can be either a KMS key ID or ARN. + If Encrypted is set and this is omitted, the default AWS key will be used. + The key must already exist and be accessible by the controller. type: string iops: description: IOPS is the number of IOPS requested for the @@ -1086,9 +1119,9 @@ spec: format: int64 type: integer size: - description: Size specifies size (in Gi) of the storage - device. Must be greater than the image snapshot size or - 8 (whichever is greater). + description: |- + Size specifies size (in Gi) of the storage device. + Must be greater than the image snapshot size or 8 (whichever is greater). format: int64 minimum: 8 type: integer @@ -1110,10 +1143,10 @@ spec: group in which to launch the instance. type: string placementGroupPartition: - description: PlacementGroupPartition is the partition number within - the placement group in which to launch the instance. This value - is only valid if the placement group, referred in `PlacementGroupName`, - was created with strategy set to partition. + description: |- + PlacementGroupPartition is the partition number within the placement group in which to launch the instance. + This value is only valid if the placement group, referred in `PlacementGroupName`, was created with + strategy set to partition. format: int64 maximum: 7 minimum: 1 @@ -1160,11 +1193,10 @@ spec: or not. type: boolean encryptionKey: - description: EncryptionKey is the KMS key to use to encrypt - the volume. Can be either a KMS key ID or ARN. If Encrypted - is set and this is omitted, the default AWS key will be - used. The key must already exist and be accessible by the - controller. + description: |- + EncryptionKey is the KMS key to use to encrypt the volume. Can be either a KMS key ID or ARN. + If Encrypted is set and this is omitted, the default AWS key will be used. + The key must already exist and be accessible by the controller. type: string iops: description: IOPS is the number of IOPS requested for the @@ -1172,9 +1204,9 @@ spec: format: int64 type: integer size: - description: Size specifies size (in Gi) of the storage device. - Must be greater than the image snapshot size or 8 (whichever - is greater). + description: |- + Size specifies size (in Gi) of the storage device. + Must be greater than the image snapshot size or 8 (whichever is greater). format: int64 minimum: 8 type: integer @@ -1224,9 +1256,9 @@ spec: description: The instance type. type: string userData: - description: UserData is the raw data script passed to the instance - which is run upon bootstrap. This field must not be base64 encoded - and should only be used when running a new instance. + description: |- + UserData is the raw data script passed to the instance which is run upon bootstrap. + This field must not be base64 encoded and should only be used when running a new instance. type: string volumeIDs: description: IDs of the instance's volumes @@ -1244,37 +1276,37 @@ spec: operational state. properties: lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. + description: |- + Last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when + the API field changed is acceptable. format: date-time type: string message: - description: A human readable message indicating details about - the transition. This field may be empty. + description: |- + A human readable message indicating details about the transition. + This field may be empty. type: string reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. + description: |- + The reason for the condition's last transition in CamelCase. + The specific API may choose whether or not this field is considered a guaranteed API. + This field may not be empty. type: string severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. + description: |- + Severity provides an explicit classification of Reason code, so the users or machines can immediately + understand the current situation and act accordingly. + The Severity field MUST be set only when Status=False. type: string status: description: Status of the condition, one of True, False, Unknown. type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions + can be useful (see .node.status.conditions), the ability to deconflict is important. type: string required: - lastTransitionTime @@ -1284,15 +1316,15 @@ spec: type: array externalManagedControlPlane: default: true - description: ExternalManagedControlPlane indicates to cluster-api - that the control plane is managed by an external service such as - AKS, EKS, GKE, etc. + description: |- + ExternalManagedControlPlane indicates to cluster-api that the control plane + is managed by an external service such as AKS, EKS, GKE, etc. type: boolean failureDomains: additionalProperties: - description: FailureDomainSpec is the Schema for Cluster API failure - domains. It allows controllers to understand how many failure - domains a cluster can optionally span across. + description: |- + FailureDomainSpec is the Schema for Cluster API failure domains. + It allows controllers to understand how many failure domains a cluster can optionally span across. properties: attributes: additionalProperties: @@ -1309,12 +1341,14 @@ spec: zones that can be used type: object failureMessage: - description: ErrorMessage indicates that there is a terminal problem - reconciling the state, and will be set to a descriptive error message. + description: |- + ErrorMessage indicates that there is a terminal problem reconciling the + state, and will be set to a descriptive error message. type: string identityProviderStatus: - description: IdentityProviderStatus holds the status for associated - identity provider + description: |- + IdentityProviderStatus holds the status for + associated identity provider properties: arn: description: ARN holds the ARN of associated identity provider @@ -1325,8 +1359,9 @@ spec: type: string type: object initialized: - description: Initialized denotes whether or not the control plane - has the uploaded kubernetes config-map. + description: |- + Initialized denotes whether or not the control plane has the + uploaded kubernetes config-map. type: boolean networkStatus: description: Networks holds details about the AWS networking resources @@ -1336,8 +1371,9 @@ spec: description: APIServerELB is the Kubernetes api server load balancer. properties: arn: - description: ARN of the load balancer. Unlike the ClassicLB, - ARN is used mostly to define and get it. + description: |- + ARN of the load balancer. Unlike the ClassicLB, ARN is used mostly + to define and get it. type: string attributes: description: ClassicElbAttributes defines extra attributes @@ -1348,9 +1384,9 @@ spec: load balancer load balancing. type: boolean idleTimeout: - description: IdleTimeout is time that the connection is - allowed to be idle (no data has been sent over the connection) - before it is closed by the load balancer. + description: |- + IdleTimeout is time that the connection is allowed to be idle (no data + has been sent over the connection) before it is closed by the load balancer. format: int64 type: integer type: object @@ -1384,9 +1420,9 @@ spec: for a load balancer. type: string targetGroup: - description: TargetGroupSpec specifies target group - settings for a given listener. This is created first, - and the ARN is then passed to the listener. + description: |- + TargetGroupSpec specifies target group settings for a given listener. + This is created first, and the ARN is then passed to the listener. properties: name: description: Name of the TargetGroup. Must be unique @@ -1449,19 +1485,19 @@ spec: format: int64 type: integer interval: - description: A Duration represents the elapsed time between - two instants as an int64 nanosecond count. The representation - limits the largest representable duration to approximately - 290 years. + description: |- + A Duration represents the elapsed time between two instants + as an int64 nanosecond count. The representation limits the + largest representable duration to approximately 290 years. format: int64 type: integer target: type: string timeout: - description: A Duration represents the elapsed time between - two instants as an int64 nanosecond count. The representation - limits the largest representable duration to approximately - 290 years. + description: |- + A Duration represents the elapsed time between two instants + as an int64 nanosecond count. The representation limits the + largest representable duration to approximately 290 years. format: int64 type: integer unhealthyThreshold: @@ -1513,9 +1549,9 @@ spec: - nlb type: string name: - description: The name of the load balancer. It must be unique - within the set of load balancers defined in the region. - It also serves as identifier. + description: |- + The name of the load balancer. It must be unique within the set of load balancers + defined in the region. It also serves as identifier. type: string scheme: description: Scheme is the load balancer scheme, either internet-facing @@ -1551,8 +1587,9 @@ spec: api server load balancer. properties: arn: - description: ARN of the load balancer. Unlike the ClassicLB, - ARN is used mostly to define and get it. + description: |- + ARN of the load balancer. Unlike the ClassicLB, ARN is used mostly + to define and get it. type: string attributes: description: ClassicElbAttributes defines extra attributes @@ -1563,9 +1600,9 @@ spec: load balancer load balancing. type: boolean idleTimeout: - description: IdleTimeout is time that the connection is - allowed to be idle (no data has been sent over the connection) - before it is closed by the load balancer. + description: |- + IdleTimeout is time that the connection is allowed to be idle (no data + has been sent over the connection) before it is closed by the load balancer. format: int64 type: integer type: object @@ -1599,9 +1636,9 @@ spec: for a load balancer. type: string targetGroup: - description: TargetGroupSpec specifies target group - settings for a given listener. This is created first, - and the ARN is then passed to the listener. + description: |- + TargetGroupSpec specifies target group settings for a given listener. + This is created first, and the ARN is then passed to the listener. properties: name: description: Name of the TargetGroup. Must be unique @@ -1664,19 +1701,19 @@ spec: format: int64 type: integer interval: - description: A Duration represents the elapsed time between - two instants as an int64 nanosecond count. The representation - limits the largest representable duration to approximately - 290 years. + description: |- + A Duration represents the elapsed time between two instants + as an int64 nanosecond count. The representation limits the + largest representable duration to approximately 290 years. format: int64 type: integer target: type: string timeout: - description: A Duration represents the elapsed time between - two instants as an int64 nanosecond count. The representation - limits the largest representable duration to approximately - 290 years. + description: |- + A Duration represents the elapsed time between two instants + as an int64 nanosecond count. The representation limits the + largest representable duration to approximately 290 years. format: int64 type: integer unhealthyThreshold: @@ -1728,9 +1765,9 @@ spec: - nlb type: string name: - description: The name of the load balancer. It must be unique - within the set of load balancers defined in the region. - It also serves as identifier. + description: |- + The name of the load balancer. It must be unique within the set of load balancers + defined in the region. It also serves as identifier. type: string scheme: description: Scheme is the load balancer scheme, either internet-facing @@ -1810,10 +1847,9 @@ spec: type: string type: array sourceSecurityGroupRoles: - description: The security group role to allow access - from. Cannot be specified with CidrBlocks. The field - will be combined with source security group IDs - if specified. + description: |- + The security group role to allow access from. Cannot be specified with CidrBlocks. + The field will be combined with source security group IDs if specified. items: description: SecurityGroupRole defines the unique role of a security group. @@ -1868,8 +1904,9 @@ spec: type: object ready: default: false - description: Ready denotes that the AWSManagedControlPlane API Server - is ready to receive requests and that the VPC infra is ready. + description: |- + Ready denotes that the AWSManagedControlPlane API Server is ready to + receive requests and that the VPC infra is ready. type: boolean required: - ready @@ -1908,14 +1945,19 @@ spec: Control Plane API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -1926,9 +1968,9 @@ spec: additionalTags: additionalProperties: type: string - description: AdditionalTags is an optional set of tags to add to AWS - resources managed by the AWS provider, in addition to the ones added - by default. + description: |- + AdditionalTags is an optional set of tags to add to AWS resources managed by the AWS provider, in addition to the + ones added by default. type: object addons: description: Addons defines the EKS addons to enable with the EKS @@ -1941,8 +1983,9 @@ spec: type: string conflictResolution: default: overwrite - description: ConflictResolution is used to declare what should - happen if there are parameter conflicts. Defaults to none + description: |- + ConflictResolution is used to declare what should happen if there + are parameter conflicts. Defaults to none enum: - overwrite - none @@ -1965,38 +2008,39 @@ spec: type: array associateOIDCProvider: default: false - description: AssociateOIDCProvider can be enabled to automatically - create an identity provider for the controller for use with IAM - roles for service accounts + description: |- + AssociateOIDCProvider can be enabled to automatically create an identity + provider for the controller for use with IAM roles for service accounts type: boolean bastion: description: Bastion contains options to configure the bastion host. properties: allowedCIDRBlocks: - description: AllowedCIDRBlocks is a list of CIDR blocks allowed - to access the bastion host. They are set as ingress rules for - the Bastion host's Security Group (defaults to 0.0.0.0/0). + description: |- + AllowedCIDRBlocks is a list of CIDR blocks allowed to access the bastion host. + They are set as ingress rules for the Bastion host's Security Group (defaults to 0.0.0.0/0). items: type: string type: array ami: - description: AMI will use the specified AMI to boot the bastion. - If not specified, the AMI will default to one picked out in - public space. + description: |- + AMI will use the specified AMI to boot the bastion. If not specified, + the AMI will default to one picked out in public space. type: string disableIngressRules: - description: DisableIngressRules will ensure there are no Ingress - rules in the bastion host's security group. Requires AllowedCIDRBlocks - to be empty. + description: |- + DisableIngressRules will ensure there are no Ingress rules in the bastion host's security group. + Requires AllowedCIDRBlocks to be empty. type: boolean enabled: - description: Enabled allows this provider to create a bastion - host instance with a public ip to access the VPC private network. + description: |- + Enabled allows this provider to create a bastion host instance + with a public ip to access the VPC private network. type: boolean instanceType: - description: InstanceType will use the specified instance type - for the bastion. If not specified, Cluster API Provider AWS - will use t3.micro for all regions except us-east-1, where t2.micro + description: |- + InstanceType will use the specified instance type for the bastion. If not specified, + Cluster API Provider AWS will use t3.micro for all regions except us-east-1, where t2.micro will be the default. type: string type: object @@ -2016,10 +2060,10 @@ spec: - port type: object eksClusterName: - description: EKSClusterName allows you to specify the name of the - EKS cluster in AWS. If you don't specify a name then a default name - will be created based on the namespace and name of the managed control - plane. + description: |- + EKSClusterName allows you to specify the name of the EKS cluster in + AWS. If you don't specify a name then a default name will be created + based on the namespace and name of the managed control plane. type: string encryptionConfig: description: EncryptionConfig specifies the encryption configuration @@ -2055,10 +2099,10 @@ spec: type: array type: object iamAuthenticatorConfig: - description: IAMAuthenticatorConfig allows the specification of any - additional user or role mappings for use when generating the aws-iam-authenticator - configuration. If this is nil the default configuration is still - generated for the cluster. + description: |- + IAMAuthenticatorConfig allows the specification of any additional user or role mappings + for use when generating the aws-iam-authenticator configuration. If this is nil the + default configuration is still generated for the cluster. properties: mapRoles: description: RoleMappings is a list of role mappings @@ -2110,9 +2154,9 @@ spec: type: array type: object identityRef: - description: IdentityRef is a reference to an identity to be used - when reconciling the managed control plane. If no identity is specified, - the default identity for this controller will be used. + description: |- + IdentityRef is a reference to an identity to be used when reconciling the managed control plane. + If no identity is specified, the default identity for this controller will be used. properties: kind: description: Kind of the identity. @@ -2130,30 +2174,32 @@ spec: - name type: object imageLookupBaseOS: - description: ImageLookupBaseOS is the name of the base operating system - used to look up machine images when a machine does not specify an - AMI. When set, this will be used for all cluster machines unless - a machine specifies a different ImageLookupBaseOS. + description: |- + ImageLookupBaseOS is the name of the base operating system used to look + up machine images when a machine does not specify an AMI. When set, this + will be used for all cluster machines unless a machine specifies a + different ImageLookupBaseOS. type: string imageLookupFormat: - description: 'ImageLookupFormat is the AMI naming format to look up - machine images when a machine does not specify an AMI. When set, - this will be used for all cluster machines unless a machine specifies - a different ImageLookupOrg. Supports substitutions for {{.BaseOS}} - and {{.K8sVersion}} with the base OS and kubernetes version, respectively. - The BaseOS will be the value in ImageLookupBaseOS or ubuntu (the - default), and the kubernetes version as defined by the packages - produced by kubernetes/release without v as a prefix: 1.13.0, 1.12.5-mybuild.1, - or 1.17.3. For example, the default image format of capa-ami-{{.BaseOS}}-?{{.K8sVersion}}-* - will end up searching for AMIs that match the pattern capa-ami-ubuntu-?1.18.0-* - for a Machine that is targeting kubernetes v1.18.0 and the ubuntu - base OS. See also: https://golang.org/pkg/text/template/' + description: |- + ImageLookupFormat is the AMI naming format to look up machine images when + a machine does not specify an AMI. When set, this will be used for all + cluster machines unless a machine specifies a different ImageLookupOrg. + Supports substitutions for {{.BaseOS}} and {{.K8sVersion}} with the base + OS and kubernetes version, respectively. The BaseOS will be the value in + ImageLookupBaseOS or ubuntu (the default), and the kubernetes version as + defined by the packages produced by kubernetes/release without v as a + prefix: 1.13.0, 1.12.5-mybuild.1, or 1.17.3. For example, the default + image format of capa-ami-{{.BaseOS}}-?{{.K8sVersion}}-* will end up + searching for AMIs that match the pattern capa-ami-ubuntu-?1.18.0-* for a + Machine that is targeting kubernetes v1.18.0 and the ubuntu base OS. See + also: https://golang.org/pkg/text/template/ type: string imageLookupOrg: - description: ImageLookupOrg is the AWS Organization ID to look up - machine images when a machine does not specify an AMI. When set, - this will be used for all cluster machines unless a machine specifies - a different ImageLookupOrg. + description: |- + ImageLookupOrg is the AWS Organization ID to look up machine images when a + machine does not specify an AMI. When set, this will be used for all + cluster machines unless a machine specifies a different ImageLookupOrg. type: string kubeProxy: description: KubeProxy defines managed attributes of the kube-proxy @@ -2161,18 +2207,18 @@ spec: properties: disable: default: false - description: Disable set to true indicates that kube-proxy should - be disabled. With EKS clusters kube-proxy is automatically installed - into the cluster. For clusters where you want to use kube-proxy - functionality that is provided with an alternate CNI, this option - provides a way to specify that the kube-proxy daemonset should - be deleted. You cannot set this to true if you are using the - Amazon kube-proxy addon. + description: |- + Disable set to true indicates that kube-proxy should be disabled. With EKS clusters + kube-proxy is automatically installed into the cluster. For clusters where you want + to use kube-proxy functionality that is provided with an alternate CNI, this option + provides a way to specify that the kube-proxy daemonset should be deleted. You cannot + set this to true if you are using the Amazon kube-proxy addon. type: boolean type: object logging: - description: Logging specifies which EKS Cluster logs should be enabled. - Entries for each of the enabled logs will be sent to CloudWatch + description: |- + Logging specifies which EKS Cluster logs should be enabled. Entries for + each of the enabled logs will be sent to CloudWatch properties: apiServer: default: false @@ -2256,9 +2302,9 @@ spec: type: string type: array sourceSecurityGroupRoles: - description: The security group role to allow access from. - Cannot be specified with CidrBlocks. The field will be - combined with source security group IDs if specified. + description: |- + The security group role to allow access from. Cannot be specified with CidrBlocks. + The field will be combined with source security group IDs if specified. items: description: SecurityGroupRole defines the unique role of a security group. @@ -2286,10 +2332,9 @@ spec: description: CNI configuration properties: cniIngressRules: - description: CNIIngressRules specify rules to apply to control - plane and worker node security groups. The source for the - rule will be set to control plane and worker security group - IDs. + description: |- + CNIIngressRules specify rules to apply to control plane and worker node security groups. + The source for the rule will be set to control plane and worker security group IDs. items: description: CNIIngressRule defines an AWS ingress rule for CNI requirements. @@ -2317,9 +2362,9 @@ spec: securityGroupOverrides: additionalProperties: type: string - description: SecurityGroupOverrides is an optional set of security - groups to use for cluster instances This is optional - if not - provided new security groups will be created for the cluster + description: |- + SecurityGroupOverrides is an optional set of security groups to use for cluster instances + This is optional - if not provided new security groups will be created for the cluster type: object subnets: description: Subnets configuration. @@ -2335,28 +2380,27 @@ spec: the provider creates a managed VPC. type: string id: - description: "ID defines a unique identifier to reference - this resource. If you're bringing your subnet, set the - AWS subnet-id here, it must start with `subnet-`. \n When - the VPC is managed by CAPA, and you'd like the provider - to create a subnet for you, the id can be set to any placeholder - value that does not start with `subnet-`; upon creation, - the subnet AWS identifier will be populated in the `ResourceID` - field and the `id` field is going to be used as the subnet - name. If you specify a tag called `Name`, it takes precedence." + description: |- + ID defines a unique identifier to reference this resource. + If you're bringing your subnet, set the AWS subnet-id here, it must start with `subnet-`. + + + When the VPC is managed by CAPA, and you'd like the provider to create a subnet for you, + the id can be set to any placeholder value that does not start with `subnet-`; + upon creation, the subnet AWS identifier will be populated in the `ResourceID` field and + the `id` field is going to be used as the subnet name. If you specify a tag + called `Name`, it takes precedence. type: string ipv6CidrBlock: - description: IPv6CidrBlock is the IPv6 CIDR block to be - used when the provider creates a managed VPC. A subnet - can have an IPv4 and an IPv6 address. IPv6 is only supported - in managed clusters, this field cannot be set on AWSCluster - object. + description: |- + IPv6CidrBlock is the IPv6 CIDR block to be used when the provider creates a managed VPC. + A subnet can have an IPv4 and an IPv6 address. + IPv6 is only supported in managed clusters, this field cannot be set on AWSCluster object. type: string isIpv6: - description: IsIPv6 defines the subnet as an IPv6 subnet. - A subnet is IPv6 when it is associated with a VPC that - has IPv6 enabled. IPv6 is only supported in managed clusters, - this field cannot be set on AWSCluster object. + description: |- + IsIPv6 defines the subnet as an IPv6 subnet. A subnet is IPv6 when it is associated with a VPC that has IPv6 enabled. + IPv6 is only supported in managed clusters, this field cannot be set on AWSCluster object. type: boolean isPublic: description: IsPublic defines the subnet as a public subnet. @@ -2364,17 +2408,14 @@ spec: table that has a route to an internet gateway. type: boolean natGatewayId: - description: NatGatewayID is the NAT gateway id associated - with the subnet. Ignored unless the subnet is managed - by the provider, in which case this is set on the public - subnet where the NAT gateway resides. It is then used - to determine routes for private subnets in the same AZ - as the public subnet. + description: |- + NatGatewayID is the NAT gateway id associated with the subnet. + Ignored unless the subnet is managed by the provider, in which case this is set on the public subnet where the NAT gateway resides. It is then used to determine routes for private subnets in the same AZ as the public subnet. type: string resourceID: - description: ResourceID is the subnet identifier from AWS, - READ ONLY. This field is populated when the provider manages - the subnet. + description: |- + ResourceID is the subnet identifier from AWS, READ ONLY. + This field is populated when the provider manages the subnet. type: string routeTableId: description: RouteTableID is the routing table id associated @@ -2398,40 +2439,43 @@ spec: properties: availabilityZoneSelection: default: Ordered - description: 'AvailabilityZoneSelection specifies how AZs - should be selected if there are more AZs in a region than - specified by AvailabilityZoneUsageLimit. There are 2 selection - schemes: Ordered - selects based on alphabetical order Random - - selects AZs randomly in a region Defaults to Ordered' + description: |- + AvailabilityZoneSelection specifies how AZs should be selected if there are more AZs + in a region than specified by AvailabilityZoneUsageLimit. There are 2 selection schemes: + Ordered - selects based on alphabetical order + Random - selects AZs randomly in a region + Defaults to Ordered enum: - Ordered - Random type: string availabilityZoneUsageLimit: default: 3 - description: AvailabilityZoneUsageLimit specifies the maximum - number of availability zones (AZ) that should be used in - a region when automatically creating subnets. If a region - has more than this number of AZs then this number of AZs - will be picked randomly when creating default subnets. Defaults - to 3 + description: |- + AvailabilityZoneUsageLimit specifies the maximum number of availability zones (AZ) that + should be used in a region when automatically creating subnets. If a region has more + than this number of AZs then this number of AZs will be picked randomly when creating + default subnets. Defaults to 3 minimum: 1 type: integer cidrBlock: - description: CidrBlock is the CIDR block to be used when the - provider creates a managed VPC. Defaults to 10.0.0.0/16. + description: |- + CidrBlock is the CIDR block to be used when the provider creates a managed VPC. + Defaults to 10.0.0.0/16. Mutually exclusive with IPAMPool. type: string emptyRoutesDefaultVPCSecurityGroup: - description: "EmptyRoutesDefaultVPCSecurityGroup specifies - whether the default VPC security group ingress and egress - rules should be removed. \n By default, when creating a - VPC, AWS creates a security group called `default` with - ingress and egress rules that allow traffic from anywhere. - The group could be used as a potential surface attack and - it's generally suggested that the group rules are removed - or modified appropriately. \n NOTE: This only applies when - the VPC is managed by the Cluster API AWS controller." + description: |- + EmptyRoutesDefaultVPCSecurityGroup specifies whether the default VPC security group ingress + and egress rules should be removed. + + + By default, when creating a VPC, AWS creates a security group called `default` with ingress and egress + rules that allow traffic from anywhere. The group could be used as a potential surface attack and + it's generally suggested that the group rules are removed or modified appropriately. + + + NOTE: This only applies when the VPC is managed by the Cluster API AWS controller. type: boolean id: description: ID is the vpc-id of the VPC this provider should @@ -2442,8 +2486,9 @@ spec: associated with the VPC. type: string ipamPool: - description: IPAMPool defines the IPAMv4 pool to be used for - VPC. Mutually exclusive with CidrBlock. + description: |- + IPAMPool defines the IPAMv4 pool to be used for VPC. + Mutually exclusive with CidrBlock. properties: id: description: ID is the ID of the IPAM pool this provider @@ -2454,20 +2499,22 @@ spec: should use to create VPC. type: string netmaskLength: - description: The netmask length of the IPv4 CIDR you want - to allocate to VPC from an Amazon VPC IP Address Manager - (IPAM) pool. Defaults to /16 for IPv4 if not specified. + description: |- + The netmask length of the IPv4 CIDR you want to allocate to VPC from + an Amazon VPC IP Address Manager (IPAM) pool. + Defaults to /16 for IPv4 if not specified. format: int64 type: integer type: object ipv6: - description: IPv6 contains ipv6 specific settings for the - network. Supported only in managed clusters. This field - cannot be set on AWSCluster object. + description: |- + IPv6 contains ipv6 specific settings for the network. Supported only in managed clusters. + This field cannot be set on AWSCluster object. properties: cidrBlock: - description: CidrBlock is the CIDR block provided by Amazon - when VPC has enabled IPv6. Mutually exclusive with IPAMPool. + description: |- + CidrBlock is the CIDR block provided by Amazon when VPC has enabled IPv6. + Mutually exclusive with IPAMPool. type: string egressOnlyInternetGatewayId: description: EgressOnlyInternetGatewayID is the id of @@ -2475,8 +2522,9 @@ spec: IPv6 enabled VPC. type: string ipamPool: - description: IPAMPool defines the IPAMv6 pool to be used - for VPC. Mutually exclusive with CidrBlock. + description: |- + IPAMPool defines the IPAMv6 pool to be used for VPC. + Mutually exclusive with CidrBlock. properties: id: description: ID is the ID of the IPAM pool this provider @@ -2487,27 +2535,25 @@ spec: provider should use to create VPC. type: string netmaskLength: - description: The netmask length of the IPv4 CIDR you - want to allocate to VPC from an Amazon VPC IP Address - Manager (IPAM) pool. Defaults to /16 for IPv4 if - not specified. + description: |- + The netmask length of the IPv4 CIDR you want to allocate to VPC from + an Amazon VPC IP Address Manager (IPAM) pool. + Defaults to /16 for IPv4 if not specified. format: int64 type: integer type: object poolId: - description: PoolID is the IP pool which must be defined - in case of BYO IP is defined. Must be specified if CidrBlock - is set. Mutually exclusive with IPAMPool. + description: |- + PoolID is the IP pool which must be defined in case of BYO IP is defined. + Must be specified if CidrBlock is set. + Mutually exclusive with IPAMPool. type: string type: object privateDnsHostnameTypeOnLaunch: - description: PrivateDNSHostnameTypeOnLaunch is the type of - hostname to assign to instances in the subnet at launch. - For IPv4-only and dual-stack (IPv4 and IPv6) subnets, an - instance DNS name can be based on the instance IPv4 address - (ip-name) or the instance ID (resource-name). For IPv6 only - subnets, an instance DNS name must be based on the instance - ID (resource-name). + description: |- + PrivateDNSHostnameTypeOnLaunch is the type of hostname to assign to instances in the subnet at launch. + For IPv4-only and dual-stack (IPv4 and IPv6) subnets, an instance DNS name can be based on the instance IPv4 address (ip-name) + or the instance ID (resource-name). For IPv6 only subnets, an instance DNS name must be based on the instance ID (resource-name). enum: - ip-name - resource-name @@ -2520,47 +2566,50 @@ spec: type: object type: object oidcIdentityProviderConfig: - description: IdentityProviderconfig is used to specify the oidc provider - config to be attached with this eks cluster + description: |- + IdentityProviderconfig is used to specify the oidc provider config + to be attached with this eks cluster properties: clientId: - description: This is also known as audience. The ID for the client - application that makes authentication requests to the OpenID - identity provider. + description: |- + This is also known as audience. The ID for the client application that makes + authentication requests to the OpenID identity provider. type: string groupsClaim: description: The JWT claim that the provider uses to return your groups. type: string groupsPrefix: - description: 'The prefix that is prepended to group claims to - prevent clashes with existing names (such as system: groups). - For example, the valueoidc: will create group names like oidc:engineering - and oidc:infra.' + description: |- + The prefix that is prepended to group claims to prevent clashes with existing + names (such as system: groups). For example, the valueoidc: will create group + names like oidc:engineering and oidc:infra. type: string identityProviderConfigName: - description: "The name of the OIDC provider configuration. \n - IdentityProviderConfigName is a required field" + description: |- + The name of the OIDC provider configuration. + + + IdentityProviderConfigName is a required field type: string issuerUrl: - description: The URL of the OpenID identity provider that allows - the API server to discover public signing keys for verifying - tokens. The URL must begin with https:// and should correspond - to the iss claim in the provider's OIDC ID tokens. Per the OIDC - standard, path components are allowed but query parameters are + description: |- + The URL of the OpenID identity provider that allows the API server to discover + public signing keys for verifying tokens. The URL must begin with https:// + and should correspond to the iss claim in the provider's OIDC ID tokens. + Per the OIDC standard, path components are allowed but query parameters are not. Typically the URL consists of only a hostname, like https://server.example.org - or https://example.com. This URL should point to the level below - .well-known/openid-configuration and must be publicly accessible - over the internet. + or https://example.com. This URL should point to the level below .well-known/openid-configuration + and must be publicly accessible over the internet. type: string requiredClaims: additionalProperties: type: string - description: The key value pairs that describe required claims - in the identity token. If set, each claim is verified to be - present in the token with a matching value. For the maximum - number of claims that you can require, see Amazon EKS service - quotas (https://docs.aws.amazon.com/eks/latest/userguide/service-quotas.html) + description: |- + The key value pairs that describe required claims in the identity token. + If set, each claim is verified to be present in the token with a matching + value. For the maximum number of claims that you can require, see Amazon + EKS service quotas (https://docs.aws.amazon.com/eks/latest/userguide/service-quotas.html) in the Amazon EKS User Guide. type: object tags: @@ -2569,19 +2618,19 @@ spec: description: tags to apply to oidc identity provider association type: object usernameClaim: - description: The JSON Web Token (JWT) claim to use as the username. - The default is sub, which is expected to be a unique identifier - of the end user. You can choose other claims, such as email - or name, depending on the OpenID identity provider. Claims other - than email are prefixed with the issuer URL to prevent naming + description: |- + The JSON Web Token (JWT) claim to use as the username. The default is sub, + which is expected to be a unique identifier of the end user. You can choose + other claims, such as email or name, depending on the OpenID identity provider. + Claims other than email are prefixed with the issuer URL to prevent naming clashes with other plug-ins. type: string usernamePrefix: - description: The prefix that is prepended to username claims to - prevent clashes with existing names. If you do not provide this - field, and username is a value other than email, the prefix - defaults to issuerurl#. You can use the value - to disable all - prefixing. + description: |- + The prefix that is prepended to username claims to prevent clashes with existing + names. If you do not provide this field, and username is a value other than + email, the prefix defaults to issuerurl#. You can use the value - to disable + all prefixing. type: string type: object partition: @@ -2592,22 +2641,26 @@ spec: description: The AWS Region the cluster lives in. type: string roleAdditionalPolicies: - description: RoleAdditionalPolicies allows you to attach additional - polices to the control plane role. You must enable the EKSAllowAddRoles + description: |- + RoleAdditionalPolicies allows you to attach additional polices to + the control plane role. You must enable the EKSAllowAddRoles feature flag to incorporate these into the created role. items: type: string type: array roleName: - description: RoleName specifies the name of IAM role that gives EKS - permission to make API calls. If the role is pre-existing we will - treat it as unmanaged and not delete it on deletion. If the EKSEnableIAM - feature flag is true and no name is supplied then a role is created. + description: |- + RoleName specifies the name of IAM role that gives EKS + permission to make API calls. If the role is pre-existing + we will treat it as unmanaged and not delete it on + deletion. If the EKSEnableIAM feature flag is true + and no name is supplied then a role is created. minLength: 2 type: string secondaryCidrBlock: - description: SecondaryCidrBlock is the additional CIDR range to use - for pod IPs. Must be within the 100.64.0.0/10 or 198.19.0.0/16 range. + description: |- + SecondaryCidrBlock is the additional CIDR range to use for pod IPs. + Must be within the 100.64.0.0/10 or 198.19.0.0/16 range. type: string sshKeyName: description: SSHKeyName is the name of the ssh key to attach to the @@ -2616,18 +2669,20 @@ spec: type: string tokenMethod: default: iam-authenticator - description: TokenMethod is used to specify the method for obtaining - a client token for communicating with EKS iam-authenticator - obtains - a client token using iam-authentictor aws-cli - obtains a client - token using the AWS CLI Defaults to iam-authenticator + description: |- + TokenMethod is used to specify the method for obtaining a client token for communicating with EKS + iam-authenticator - obtains a client token using iam-authentictor + aws-cli - obtains a client token using the AWS CLI + Defaults to iam-authenticator enum: - iam-authenticator - aws-cli type: string version: - description: Version defines the desired Kubernetes version. If no - version number is supplied then the latest version of Kubernetes - that EKS supports will be used. + description: |- + Version defines the desired Kubernetes version. If no version number + is supplied then the latest version of Kubernetes that EKS supports + will be used. minLength: 2 pattern: ^v?(0|[1-9][0-9]*)\.(0|[1-9][0-9]*)\.?(\.0|[1-9][0-9]*)?$ type: string @@ -2637,12 +2692,12 @@ spec: properties: disable: default: false - description: Disable indicates that the Amazon VPC CNI should - be disabled. With EKS clusters the Amazon VPC CNI is automatically - installed into the cluster. For clusters where you want to use - an alternate CNI this option provides a way to specify that - the Amazon VPC CNI should be deleted. You cannot set this to - true if you are using the Amazon VPC CNI addon. + description: |- + Disable indicates that the Amazon VPC CNI should be disabled. With EKS clusters the + Amazon VPC CNI is automatically installed into the cluster. For clusters where you want + to use an alternate CNI this option provides a way to specify that the Amazon VPC CNI + should be deleted. You cannot set this to true if you are using the + Amazon VPC CNI addon. type: boolean env: description: Env defines a list of environment variables to apply @@ -2656,15 +2711,16 @@ spec: C_IDENTIFIER. type: string value: - description: 'Variable references $(VAR_NAME) are expanded - using the previously defined environment variables in - the container and any service environment variables. If - a variable cannot be resolved, the reference in the input - string will be unchanged. Double $$ are reduced to a single - $, which allows for escaping the $(VAR_NAME) syntax: i.e. + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, regardless - of whether the variable exists or not. Defaults to "".' + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". type: string valueFrom: description: Source for the environment variable's value. @@ -2677,9 +2733,10 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its @@ -2690,11 +2747,9 @@ spec: type: object x-kubernetes-map-type: atomic fieldRef: - description: 'Selects a field of the pod: supports metadata.name, - metadata.namespace, `metadata.labels['''']`, - `metadata.annotations['''']`, spec.nodeName, - spec.serviceAccountName, status.hostIP, status.podIP, - status.podIPs.' + description: |- + Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. properties: apiVersion: description: Version of the schema the FieldPath @@ -2709,10 +2764,9 @@ spec: type: object x-kubernetes-map-type: atomic resourceFieldRef: - description: 'Selects a resource of the container: only - resources limits and requests (limits.cpu, limits.memory, - limits.ephemeral-storage, requests.cpu, requests.memory - and requests.ephemeral-storage) are currently supported.' + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. properties: containerName: description: 'Container name: required for volumes, @@ -2742,9 +2796,10 @@ spec: be a valid secret key. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -2870,48 +2925,64 @@ spec: properties: httpEndpoint: default: enabled - description: "Enables or disables the HTTP metadata endpoint - on your instances. \n If you specify a value of disabled, - you cannot access your instance metadata. \n Default: enabled" + description: |- + Enables or disables the HTTP metadata endpoint on your instances. + + + If you specify a value of disabled, you cannot access your instance metadata. + + + Default: enabled enum: - enabled - disabled type: string httpPutResponseHopLimit: default: 1 - description: "The desired HTTP PUT response hop limit for - instance metadata requests. The larger the number, the further - instance metadata requests can travel. \n Default: 1" + description: |- + The desired HTTP PUT response hop limit for instance metadata requests. The + larger the number, the further instance metadata requests can travel. + + + Default: 1 format: int64 maximum: 64 minimum: 1 type: integer httpTokens: default: optional - description: "The state of token usage for your instance metadata - requests. \n If the state is optional, you can choose to - retrieve instance metadata with or without a session token - on your request. If you retrieve the IAM role credentials - without a token, the version 1.0 role credentials are returned. - If you retrieve the IAM role credentials using a valid session - token, the version 2.0 role credentials are returned. \n - If the state is required, you must send a session token - with any instance metadata retrieval requests. In this state, - retrieving the IAM role credentials always returns the version - 2.0 credentials; the version 1.0 credentials are not available. - \n Default: optional" + description: |- + The state of token usage for your instance metadata requests. + + + If the state is optional, you can choose to retrieve instance metadata with + or without a session token on your request. If you retrieve the IAM role + credentials without a token, the version 1.0 role credentials are returned. + If you retrieve the IAM role credentials using a valid session token, the + version 2.0 role credentials are returned. + + + If the state is required, you must send a session token with any instance + metadata retrieval requests. In this state, retrieving the IAM role credentials + always returns the version 2.0 credentials; the version 1.0 credentials are + not available. + + + Default: optional enum: - optional - required type: string instanceMetadataTags: default: disabled - description: "Set to enabled to allow access to instance tags - from the instance metadata. Set to disabled to turn off - access to instance tags from the instance metadata. For - more information, see Work with instance tags using the - instance metadata (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#work-with-tags-in-IMDS). - \n Default: disabled" + description: |- + Set to enabled to allow access to instance tags from the instance metadata. + Set to disabled to turn off access to instance tags from the instance metadata. + For more information, see Work with instance tags using the instance metadata + (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#work-with-tags-in-IMDS). + + + Default: disabled enum: - enabled - disabled @@ -2939,11 +3010,10 @@ spec: or not. type: boolean encryptionKey: - description: EncryptionKey is the KMS key to use to encrypt - the volume. Can be either a KMS key ID or ARN. If Encrypted - is set and this is omitted, the default AWS key will be - used. The key must already exist and be accessible by - the controller. + description: |- + EncryptionKey is the KMS key to use to encrypt the volume. Can be either a KMS key ID or ARN. + If Encrypted is set and this is omitted, the default AWS key will be used. + The key must already exist and be accessible by the controller. type: string iops: description: IOPS is the number of IOPS requested for the @@ -2951,9 +3021,9 @@ spec: format: int64 type: integer size: - description: Size specifies size (in Gi) of the storage - device. Must be greater than the image snapshot size or - 8 (whichever is greater). + description: |- + Size specifies size (in Gi) of the storage device. + Must be greater than the image snapshot size or 8 (whichever is greater). format: int64 minimum: 8 type: integer @@ -2975,10 +3045,10 @@ spec: group in which to launch the instance. type: string placementGroupPartition: - description: PlacementGroupPartition is the partition number within - the placement group in which to launch the instance. This value - is only valid if the placement group, referred in `PlacementGroupName`, - was created with strategy set to partition. + description: |- + PlacementGroupPartition is the partition number within the placement group in which to launch the instance. + This value is only valid if the placement group, referred in `PlacementGroupName`, was created with + strategy set to partition. format: int64 maximum: 7 minimum: 1 @@ -3025,11 +3095,10 @@ spec: or not. type: boolean encryptionKey: - description: EncryptionKey is the KMS key to use to encrypt - the volume. Can be either a KMS key ID or ARN. If Encrypted - is set and this is omitted, the default AWS key will be - used. The key must already exist and be accessible by the - controller. + description: |- + EncryptionKey is the KMS key to use to encrypt the volume. Can be either a KMS key ID or ARN. + If Encrypted is set and this is omitted, the default AWS key will be used. + The key must already exist and be accessible by the controller. type: string iops: description: IOPS is the number of IOPS requested for the @@ -3037,9 +3106,9 @@ spec: format: int64 type: integer size: - description: Size specifies size (in Gi) of the storage device. - Must be greater than the image snapshot size or 8 (whichever - is greater). + description: |- + Size specifies size (in Gi) of the storage device. + Must be greater than the image snapshot size or 8 (whichever is greater). format: int64 minimum: 8 type: integer @@ -3089,9 +3158,9 @@ spec: description: The instance type. type: string userData: - description: UserData is the raw data script passed to the instance - which is run upon bootstrap. This field must not be base64 encoded - and should only be used when running a new instance. + description: |- + UserData is the raw data script passed to the instance which is run upon bootstrap. + This field must not be base64 encoded and should only be used when running a new instance. type: string volumeIDs: description: IDs of the instance's volumes @@ -3109,37 +3178,37 @@ spec: operational state. properties: lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. + description: |- + Last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when + the API field changed is acceptable. format: date-time type: string message: - description: A human readable message indicating details about - the transition. This field may be empty. + description: |- + A human readable message indicating details about the transition. + This field may be empty. type: string reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. + description: |- + The reason for the condition's last transition in CamelCase. + The specific API may choose whether or not this field is considered a guaranteed API. + This field may not be empty. type: string severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. + description: |- + Severity provides an explicit classification of Reason code, so the users or machines can immediately + understand the current situation and act accordingly. + The Severity field MUST be set only when Status=False. type: string status: description: Status of the condition, one of True, False, Unknown. type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions + can be useful (see .node.status.conditions), the ability to deconflict is important. type: string required: - lastTransitionTime @@ -3149,15 +3218,15 @@ spec: type: array externalManagedControlPlane: default: true - description: ExternalManagedControlPlane indicates to cluster-api - that the control plane is managed by an external service such as - AKS, EKS, GKE, etc. + description: |- + ExternalManagedControlPlane indicates to cluster-api that the control plane + is managed by an external service such as AKS, EKS, GKE, etc. type: boolean failureDomains: additionalProperties: - description: FailureDomainSpec is the Schema for Cluster API failure - domains. It allows controllers to understand how many failure - domains a cluster can optionally span across. + description: |- + FailureDomainSpec is the Schema for Cluster API failure domains. + It allows controllers to understand how many failure domains a cluster can optionally span across. properties: attributes: additionalProperties: @@ -3174,12 +3243,14 @@ spec: zones that can be used type: object failureMessage: - description: ErrorMessage indicates that there is a terminal problem - reconciling the state, and will be set to a descriptive error message. + description: |- + ErrorMessage indicates that there is a terminal problem reconciling the + state, and will be set to a descriptive error message. type: string identityProviderStatus: - description: IdentityProviderStatus holds the status for associated - identity provider + description: |- + IdentityProviderStatus holds the status for + associated identity provider properties: arn: description: ARN holds the ARN of associated identity provider @@ -3190,8 +3261,9 @@ spec: type: string type: object initialized: - description: Initialized denotes whether or not the control plane - has the uploaded kubernetes config-map. + description: |- + Initialized denotes whether or not the control plane has the + uploaded kubernetes config-map. type: boolean networkStatus: description: Networks holds details about the AWS networking resources @@ -3201,8 +3273,9 @@ spec: description: APIServerELB is the Kubernetes api server load balancer. properties: arn: - description: ARN of the load balancer. Unlike the ClassicLB, - ARN is used mostly to define and get it. + description: |- + ARN of the load balancer. Unlike the ClassicLB, ARN is used mostly + to define and get it. type: string attributes: description: ClassicElbAttributes defines extra attributes @@ -3213,9 +3286,9 @@ spec: load balancer load balancing. type: boolean idleTimeout: - description: IdleTimeout is time that the connection is - allowed to be idle (no data has been sent over the connection) - before it is closed by the load balancer. + description: |- + IdleTimeout is time that the connection is allowed to be idle (no data + has been sent over the connection) before it is closed by the load balancer. format: int64 type: integer type: object @@ -3249,9 +3322,9 @@ spec: for a load balancer. type: string targetGroup: - description: TargetGroupSpec specifies target group - settings for a given listener. This is created first, - and the ARN is then passed to the listener. + description: |- + TargetGroupSpec specifies target group settings for a given listener. + This is created first, and the ARN is then passed to the listener. properties: name: description: Name of the TargetGroup. Must be unique @@ -3314,19 +3387,19 @@ spec: format: int64 type: integer interval: - description: A Duration represents the elapsed time between - two instants as an int64 nanosecond count. The representation - limits the largest representable duration to approximately - 290 years. + description: |- + A Duration represents the elapsed time between two instants + as an int64 nanosecond count. The representation limits the + largest representable duration to approximately 290 years. format: int64 type: integer target: type: string timeout: - description: A Duration represents the elapsed time between - two instants as an int64 nanosecond count. The representation - limits the largest representable duration to approximately - 290 years. + description: |- + A Duration represents the elapsed time between two instants + as an int64 nanosecond count. The representation limits the + largest representable duration to approximately 290 years. format: int64 type: integer unhealthyThreshold: @@ -3378,9 +3451,9 @@ spec: - nlb type: string name: - description: The name of the load balancer. It must be unique - within the set of load balancers defined in the region. - It also serves as identifier. + description: |- + The name of the load balancer. It must be unique within the set of load balancers + defined in the region. It also serves as identifier. type: string scheme: description: Scheme is the load balancer scheme, either internet-facing @@ -3416,8 +3489,9 @@ spec: api server load balancer. properties: arn: - description: ARN of the load balancer. Unlike the ClassicLB, - ARN is used mostly to define and get it. + description: |- + ARN of the load balancer. Unlike the ClassicLB, ARN is used mostly + to define and get it. type: string attributes: description: ClassicElbAttributes defines extra attributes @@ -3428,9 +3502,9 @@ spec: load balancer load balancing. type: boolean idleTimeout: - description: IdleTimeout is time that the connection is - allowed to be idle (no data has been sent over the connection) - before it is closed by the load balancer. + description: |- + IdleTimeout is time that the connection is allowed to be idle (no data + has been sent over the connection) before it is closed by the load balancer. format: int64 type: integer type: object @@ -3464,9 +3538,9 @@ spec: for a load balancer. type: string targetGroup: - description: TargetGroupSpec specifies target group - settings for a given listener. This is created first, - and the ARN is then passed to the listener. + description: |- + TargetGroupSpec specifies target group settings for a given listener. + This is created first, and the ARN is then passed to the listener. properties: name: description: Name of the TargetGroup. Must be unique @@ -3529,19 +3603,19 @@ spec: format: int64 type: integer interval: - description: A Duration represents the elapsed time between - two instants as an int64 nanosecond count. The representation - limits the largest representable duration to approximately - 290 years. + description: |- + A Duration represents the elapsed time between two instants + as an int64 nanosecond count. The representation limits the + largest representable duration to approximately 290 years. format: int64 type: integer target: type: string timeout: - description: A Duration represents the elapsed time between - two instants as an int64 nanosecond count. The representation - limits the largest representable duration to approximately - 290 years. + description: |- + A Duration represents the elapsed time between two instants + as an int64 nanosecond count. The representation limits the + largest representable duration to approximately 290 years. format: int64 type: integer unhealthyThreshold: @@ -3593,9 +3667,9 @@ spec: - nlb type: string name: - description: The name of the load balancer. It must be unique - within the set of load balancers defined in the region. - It also serves as identifier. + description: |- + The name of the load balancer. It must be unique within the set of load balancers + defined in the region. It also serves as identifier. type: string scheme: description: Scheme is the load balancer scheme, either internet-facing @@ -3675,10 +3749,9 @@ spec: type: string type: array sourceSecurityGroupRoles: - description: The security group role to allow access - from. Cannot be specified with CidrBlocks. The field - will be combined with source security group IDs - if specified. + description: |- + The security group role to allow access from. Cannot be specified with CidrBlocks. + The field will be combined with source security group IDs if specified. items: description: SecurityGroupRole defines the unique role of a security group. @@ -3733,8 +3806,9 @@ spec: type: object ready: default: false - description: Ready denotes that the AWSManagedControlPlane API Server - is ready to receive requests and that the VPC infra is ready. + description: |- + Ready denotes that the AWSManagedControlPlane API Server is ready to + receive requests and that the VPC infra is ready. type: boolean required: - ready diff --git a/config/crd/bases/controlplane.cluster.x-k8s.io_rosacontrolplanes.yaml b/config/crd/bases/controlplane.cluster.x-k8s.io_rosacontrolplanes.yaml index 74edff0ae7..550b4162e1 100644 --- a/config/crd/bases/controlplane.cluster.x-k8s.io_rosacontrolplanes.yaml +++ b/config/crd/bases/controlplane.cluster.x-k8s.io_rosacontrolplanes.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: rosacontrolplanes.controlplane.cluster.x-k8s.io spec: group: controlplane.cluster.x-k8s.io @@ -33,14 +33,19 @@ spec: description: ROSAControlPlane is the Schema for the ROSAControlPlanes API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,22 +59,23 @@ spec: AWS resources associated with the control plane. type: object auditLogRoleARN: - description: AuditLogRoleARN defines the role that is used to forward - audit logs to AWS CloudWatch. If not set, audit log forwarding is - disabled. + description: |- + AuditLogRoleARN defines the role that is used to forward audit logs to AWS CloudWatch. + If not set, audit log forwarding is disabled. type: string availabilityZones: - description: AvailabilityZones describe AWS AvailabilityZones of the - worker nodes. should match the AvailabilityZones of the provided - Subnets. a machinepool will be created for each availabilityZone. + description: |- + AvailabilityZones describe AWS AvailabilityZones of the worker nodes. + should match the AvailabilityZones of the provided Subnets. + a machinepool will be created for each availabilityZone. items: type: string type: array billingAccount: - description: BillingAccount is an optional AWS account to use for - billing the subscription fees for ROSA clusters. The cost of running - each ROSA cluster will be billed to the infrastructure account in - which the cluster is running. + description: |- + BillingAccount is an optional AWS account to use for billing the subscription fees for ROSA clusters. + The cost of running each ROSA cluster will be billed to the infrastructure account in which the cluster + is running. type: string x-kubernetes-validations: - message: billingAccount is immutable @@ -92,32 +98,35 @@ spec: - port type: object credentialsSecretRef: - description: 'CredentialsSecretRef references a secret with necessary - credentials to connect to the OCM API. The secret should contain - the following data keys: - ocmToken: eyJhbGciOiJIUzI1NiIsI.... - - ocmApiUrl: Optional, defaults to ''https://api.openshift.com''' + description: |- + CredentialsSecretRef references a secret with necessary credentials to connect to the OCM API. + The secret should contain the following data keys: + - ocmToken: eyJhbGciOiJIUzI1NiIsI.... + - ocmApiUrl: Optional, defaults to 'https://api.openshift.com' properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic defaultMachinePoolSpec: - description: "DefaultMachinePoolSpec defines the configuration for - the default machinepool(s) provisioned as part of the cluster creation. - One MachinePool will be created with this configuration per AvailabilityZone. - Those default machinepools are required for openshift cluster operators - to work properly. As these machinepool not created using ROSAMachinePool - CR, they will not be visible/managed by ROSA CAPI provider. `rosa - list machinepools -c ` can be used to view those - machinepools. \n This field will be removed in the future once the - current limitation is resolved." + description: |- + DefaultMachinePoolSpec defines the configuration for the default machinepool(s) provisioned as part of the cluster creation. + One MachinePool will be created with this configuration per AvailabilityZone. Those default machinepools are required for openshift cluster operators + to work properly. + As these machinepool not created using ROSAMachinePool CR, they will not be visible/managed by ROSA CAPI provider. + `rosa list machinepools -c ` can be used to view those machinepools. + + + This field will be removed in the future once the current limitation is resolved. properties: autoscaling: - description: Autoscaling specifies auto scaling behaviour for - the default MachinePool. Autoscaling min/max value must be equal - or multiple of the availability zones count. + description: |- + Autoscaling specifies auto scaling behaviour for the default MachinePool. Autoscaling min/max value + must be equal or multiple of the availability zones count. properties: maxReplicas: minimum: 1 @@ -132,12 +141,11 @@ spec: type: string type: object domainPrefix: - description: DomainPrefix is an optional prefix added to the cluster's - domain name. It will be used when generating a sub-domain for the - cluster on openshiftapps domain. It must be valid DNS-1035 label - consisting of lower case alphanumeric characters or '-', start with - an alphabetic character end with an alphanumeric character and have - a max length of 15 characters. + description: |- + DomainPrefix is an optional prefix added to the cluster's domain name. It will be used + when generating a sub-domain for the cluster on openshiftapps domain. It must be valid DNS-1035 label + consisting of lower case alphanumeric characters or '-', start with an alphabetic character + end with an alphanumeric character and have a max length of 15 characters. maxLength: 15 pattern: ^[a-z]([-a-z0-9]*[a-z0-9])?$ type: string @@ -154,54 +162,67 @@ spec: rule: self == oldSelf endpointAccess: default: Public - description: EndpointAccess specifies the publishing scope of cluster - endpoints. The default is Public. + description: |- + EndpointAccess specifies the publishing scope of cluster endpoints. The + default is Public. enum: - Public - Private type: string etcdEncryptionKMSARN: - description: EtcdEncryptionKMSARN is the ARN of the KMS key used to - encrypt etcd. The key itself needs to be created out-of-band by - the user and tagged with `red-hat:true`. + description: |- + EtcdEncryptionKMSARN is the ARN of the KMS key used to encrypt etcd. The key itself needs to be + created out-of-band by the user and tagged with `red-hat:true`. type: string externalAuthProviders: - description: "ExternalAuthProviders are external OIDC identity providers - that can issue tokens for this cluster. Can only be set if \"enableExternalAuthProviders\" - is set to \"True\". \n At most one provider can be configured." + description: |- + ExternalAuthProviders are external OIDC identity providers that can issue tokens for this cluster. + Can only be set if "enableExternalAuthProviders" is set to "True". + + + At most one provider can be configured. items: description: ExternalAuthProvider is an external OIDC identity provider that can issue tokens for this cluster properties: claimMappings: - description: ClaimMappings describes rules on how to transform - information from an ID token into a cluster identity + description: |- + ClaimMappings describes rules on how to transform information from an + ID token into a cluster identity properties: groups: - description: Groups is a name of the claim that should be - used to construct groups for the cluster identity. The - referenced claim must use array of strings values. + description: |- + Groups is a name of the claim that should be used to construct + groups for the cluster identity. + The referenced claim must use array of strings values. properties: claim: description: Claim is a JWT token claim to be used in the mapping type: string prefix: - description: "Prefix is a string to prefix the value - from the token in the result of the claim mapping. - \n By default, no prefixing occurs. \n Example: if - `prefix` is set to \"myoidc:\"\" and the `claim` in - JWT contains an array of strings \"a\", \"b\" and - \ \"c\", the mapping will result in an array of string - \"myoidc:a\", \"myoidc:b\" and \"myoidc:c\"." + description: |- + Prefix is a string to prefix the value from the token in the result of the + claim mapping. + + + By default, no prefixing occurs. + + + Example: if `prefix` is set to "myoidc:"" and the `claim` in JWT contains + an array of strings "a", "b" and "c", the mapping will result in an + array of string "myoidc:a", "myoidc:b" and "myoidc:c". type: string required: - claim type: object username: - description: "Username is a name of the claim that should - be used to construct usernames for the cluster identity. - \n Default value: \"sub\"" + description: |- + Username is a name of the claim that should be used to construct + usernames for the cluster identity. + + + Default value: "sub" properties: claim: description: Claim is a JWT token claim to be used in @@ -213,23 +234,29 @@ spec: minLength: 1 type: string prefixPolicy: - description: "PrefixPolicy specifies how a prefix should - apply. \n By default, claims other than `email` will - be prefixed with the issuer URL to prevent naming - clashes with other plugins. \n Set to \"NoPrefix\" - to disable prefixing. \n Example: (1) `prefix` is - set to \"myoidc:\" and `claim` is set to \"username\". - If the JWT claim `username` contains value `userA`, - the resulting mapped value will be \"myoidc:userA\". - (2) `prefix` is set to \"myoidc:\" and `claim` is - set to \"email\". If the JWT `email` claim contains - value \"userA@myoidc.tld\", the resulting mapped value - will be \"myoidc:userA@myoidc.tld\". (3) `prefix` - is unset, `issuerURL` is set to `https://myoidc.tld`, - the JWT claims include \"username\":\"userA\" and - \"email\":\"userA@myoidc.tld\", and `claim` is set - to: (a) \"username\": the mapped value will be \"https://myoidc.tld#userA\" - (b) \"email\": the mapped value will be \"userA@myoidc.tld\"" + description: |- + PrefixPolicy specifies how a prefix should apply. + + + By default, claims other than `email` will be prefixed with the issuer URL to + prevent naming clashes with other plugins. + + + Set to "NoPrefix" to disable prefixing. + + + Example: + (1) `prefix` is set to "myoidc:" and `claim` is set to "username". + If the JWT claim `username` contains value `userA`, the resulting + mapped value will be "myoidc:userA". + (2) `prefix` is set to "myoidc:" and `claim` is set to "email". If the + JWT `email` claim contains value "userA@myoidc.tld", the resulting + mapped value will be "myoidc:userA@myoidc.tld". + (3) `prefix` is unset, `issuerURL` is set to `https://myoidc.tld`, + the JWT claims include "username":"userA" and "email":"userA@myoidc.tld", + and `claim` is set to: + (a) "username": the mapped value will be "https://myoidc.tld#userA" + (b) "email": the mapped value will be "userA@myoidc.tld" enum: - "" - NoPrefix @@ -256,8 +283,9 @@ spec: claim name and its expected value properties: claim: - description: Claim is a name of a required claim. - Only claims with string values are supported. + description: |- + Claim is a name of a required claim. Only claims with string values are + supported. minLength: 1 type: string requiredValue: @@ -285,10 +313,11 @@ spec: description: Issuer describes attributes of the OIDC token issuer properties: audiences: - description: Audiences is an array of audiences that the - token was issued for. Valid tokens must include at least - one of these values in their "aud" claim. Must be set - to exactly one value. + description: |- + Audiences is an array of audiences that the token was issued for. + Valid tokens must include at least one of these values in their + "aud" claim. + Must be set to exactly one value. items: description: TokenAudience is the audience that the token was issued for. @@ -299,19 +328,23 @@ spec: type: array x-kubernetes-list-type: set issuerCertificateAuthority: - description: CertificateAuthority is a reference to a config - map in the configuration namespace. The .data of the configMap - must contain the "ca-bundle.crt" key. If unset, system - trust is used instead. + description: |- + CertificateAuthority is a reference to a config map in the + configuration namespace. The .data of the configMap must contain + the "ca-bundle.crt" key. + If unset, system trust is used instead. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic issuerURL: - description: URL is the serving URL of the token issuer. + description: |- + URL is the serving URL of the token issuer. Must use the https:// scheme. pattern: ^https:\/\/[^\s] type: string @@ -324,11 +357,13 @@ spec: minLength: 1 type: string oidcClients: - description: OIDCClients contains configuration for the platform's - clients that need to request tokens from the issuer + description: |- + OIDCClients contains configuration for the platform's clients that + need to request tokens from the issuer items: - description: OIDCClientConfig contains configuration for the - platform's client that need to request tokens from the issuer. + description: |- + OIDCClientConfig contains configuration for the platform's client that + need to request tokens from the issuer. properties: clientID: description: ClientID is the identifier of the OIDC client @@ -336,9 +371,9 @@ spec: minLength: 1 type: string clientSecret: - description: ClientSecret refers to a secret that contains - the client secret in the `clientSecret` key of the `.data` - field + description: |- + ClientSecret refers to a secret that + contains the client secret in the `clientSecret` key of the `.data` field properties: name: description: name is unique within a namespace to @@ -351,14 +386,16 @@ spec: type: object x-kubernetes-map-type: atomic componentName: - description: ComponentName is the name of the component - that is supposed to consume this client configuration + description: |- + ComponentName is the name of the component that is supposed to consume this + client configuration maxLength: 256 minLength: 1 type: string componentNamespace: - description: ComponentNamespace is the namespace of the - component that is supposed to consume this client configuration + description: |- + ComponentNamespace is the namespace of the component that is supposed to consume this + client configuration maxLength: 63 minLength: 1 type: string @@ -391,9 +428,9 @@ spec: - name x-kubernetes-list-type: map identityRef: - description: IdentityRef is a reference to an identity to be used - when reconciling the managed control plane. If no identity is specified, - the default identity for this controller will be used. + description: |- + IdentityRef is a reference to an identity to be used when reconciling the managed control plane. + If no identity is specified, the default identity for this controller will be used. properties: kind: description: Kind of the identity. @@ -467,142 +504,182 @@ spec: properties: controlPlaneOperatorARN: description: "ControlPlaneOperatorARN is an ARN value referencing - a role appropriate for the Control Plane Operator. \n The following - is an example of a valid policy document: \n { \"Version\": - \"2012-10-17\", \"Statement\": [ { \"Effect\": \"Allow\", \"Action\": - [ \"ec2:CreateVpcEndpoint\", \"ec2:DescribeVpcEndpoints\", \"ec2:ModifyVpcEndpoint\", - \"ec2:DeleteVpcEndpoints\", \"ec2:CreateTags\", \"route53:ListHostedZones\", - \"ec2:CreateSecurityGroup\", \"ec2:AuthorizeSecurityGroupIngress\", - \"ec2:AuthorizeSecurityGroupEgress\", \"ec2:DeleteSecurityGroup\", - \"ec2:RevokeSecurityGroupIngress\", \"ec2:RevokeSecurityGroupEgress\", - \"ec2:DescribeSecurityGroups\", \"ec2:DescribeVpcs\", ], \"Resource\": - \"*\" }, { \"Effect\": \"Allow\", \"Action\": [ \"route53:ChangeResourceRecordSets\", - \"route53:ListResourceRecordSets\" ], \"Resource\": \"arn:aws:route53:::%s\" - } ] }" + a role appropriate for the Control Plane Operator.\n\n\nThe + following is an example of a valid policy document:\n\n\n{\n\t\"Version\": + \"2012-10-17\",\n\t\"Statement\": [\n\t\t{\n\t\t\t\"Effect\": + \"Allow\",\n\t\t\t\"Action\": [\n\t\t\t\t\"ec2:CreateVpcEndpoint\",\n\t\t\t\t\"ec2:DescribeVpcEndpoints\",\n\t\t\t\t\"ec2:ModifyVpcEndpoint\",\n\t\t\t\t\"ec2:DeleteVpcEndpoints\",\n\t\t\t\t\"ec2:CreateTags\",\n\t\t\t\t\"route53:ListHostedZones\",\n\t\t\t\t\"ec2:CreateSecurityGroup\",\n\t\t\t\t\"ec2:AuthorizeSecurityGroupIngress\",\n\t\t\t\t\"ec2:AuthorizeSecurityGroupEgress\",\n\t\t\t\t\"ec2:DeleteSecurityGroup\",\n\t\t\t\t\"ec2:RevokeSecurityGroupIngress\",\n\t\t\t\t\"ec2:RevokeSecurityGroupEgress\",\n\t\t\t\t\"ec2:DescribeSecurityGroups\",\n\t\t\t\t\"ec2:DescribeVpcs\",\n\t\t\t],\n\t\t\t\"Resource\": + \"*\"\n\t\t},\n\t\t{\n\t\t\t\"Effect\": \"Allow\",\n\t\t\t\"Action\": + [\n\t\t\t\t\"route53:ChangeResourceRecordSets\",\n\t\t\t\t\"route53:ListResourceRecordSets\"\n\t\t\t],\n\t\t\t\"Resource\": + \"arn:aws:route53:::%s\"\n\t\t}\n\t]\n}" type: string imageRegistryARN: description: "ImageRegistryARN is an ARN value referencing a role - appropriate for the Image Registry Operator. \n The following - is an example of a valid policy document: \n { \"Version\": - \"2012-10-17\", \"Statement\": [ { \"Effect\": \"Allow\", \"Action\": - [ \"s3:CreateBucket\", \"s3:DeleteBucket\", \"s3:PutBucketTagging\", - \"s3:GetBucketTagging\", \"s3:PutBucketPublicAccessBlock\", - \"s3:GetBucketPublicAccessBlock\", \"s3:PutEncryptionConfiguration\", - \"s3:GetEncryptionConfiguration\", \"s3:PutLifecycleConfiguration\", - \"s3:GetLifecycleConfiguration\", \"s3:GetBucketLocation\", - \"s3:ListBucket\", \"s3:GetObject\", \"s3:PutObject\", \"s3:DeleteObject\", - \"s3:ListBucketMultipartUploads\", \"s3:AbortMultipartUpload\", - \"s3:ListMultipartUploadParts\" ], \"Resource\": \"*\" } ] }" + appropriate for the Image Registry Operator.\n\n\nThe following + is an example of a valid policy document:\n\n\n{\n\t\"Version\": + \"2012-10-17\",\n\t\"Statement\": [\n\t\t{\n\t\t\t\"Effect\": + \"Allow\",\n\t\t\t\"Action\": [\n\t\t\t\t\"s3:CreateBucket\",\n\t\t\t\t\"s3:DeleteBucket\",\n\t\t\t\t\"s3:PutBucketTagging\",\n\t\t\t\t\"s3:GetBucketTagging\",\n\t\t\t\t\"s3:PutBucketPublicAccessBlock\",\n\t\t\t\t\"s3:GetBucketPublicAccessBlock\",\n\t\t\t\t\"s3:PutEncryptionConfiguration\",\n\t\t\t\t\"s3:GetEncryptionConfiguration\",\n\t\t\t\t\"s3:PutLifecycleConfiguration\",\n\t\t\t\t\"s3:GetLifecycleConfiguration\",\n\t\t\t\t\"s3:GetBucketLocation\",\n\t\t\t\t\"s3:ListBucket\",\n\t\t\t\t\"s3:GetObject\",\n\t\t\t\t\"s3:PutObject\",\n\t\t\t\t\"s3:DeleteObject\",\n\t\t\t\t\"s3:ListBucketMultipartUploads\",\n\t\t\t\t\"s3:AbortMultipartUpload\",\n\t\t\t\t\"s3:ListMultipartUploadParts\"\n\t\t\t],\n\t\t\t\"Resource\": + \"*\"\n\t\t}\n\t]\n}" type: string ingressARN: description: "The referenced role must have a trust relationship - that allows it to be assumed via web identity. https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_oidc.html. - Example: { \"Version\": \"2012-10-17\", \"Statement\": [ { \"Effect\": - \"Allow\", \"Principal\": { \"Federated\": \"{{ .ProviderARN - }}\" }, \"Action\": \"sts:AssumeRoleWithWebIdentity\", \"Condition\": - { \"StringEquals\": { \"{{ .ProviderName }}:sub\": {{ .ServiceAccounts - }} } } } ] } \n IngressARN is an ARN value referencing a role - appropriate for the Ingress Operator. \n The following is an - example of a valid policy document: \n { \"Version\": \"2012-10-17\", - \"Statement\": [ { \"Effect\": \"Allow\", \"Action\": [ \"elasticloadbalancing:DescribeLoadBalancers\", - \"tag:GetResources\", \"route53:ListHostedZones\" ], \"Resource\": - \"*\" }, { \"Effect\": \"Allow\", \"Action\": [ \"route53:ChangeResourceRecordSets\" - ], \"Resource\": [ \"arn:aws:route53:::PUBLIC_ZONE_ID\", \"arn:aws:route53:::PRIVATE_ZONE_ID\" - ] } ] }" + that allows it to be assumed via web identity.\nhttps://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_oidc.html.\nExample:\n{\n\t\t\"Version\": + \"2012-10-17\",\n\t\t\"Statement\": [\n\t\t\t{\n\t\t\t\t\"Effect\": + \"Allow\",\n\t\t\t\t\"Principal\": {\n\t\t\t\t\t\"Federated\": + \"{{ .ProviderARN }}\"\n\t\t\t\t},\n\t\t\t\t\t\"Action\": \"sts:AssumeRoleWithWebIdentity\",\n\t\t\t\t\"Condition\": + {\n\t\t\t\t\t\"StringEquals\": {\n\t\t\t\t\t\t\"{{ .ProviderName + }}:sub\": {{ .ServiceAccounts }}\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t}\n\t\t]\n\t}\n\n\nIngressARN + is an ARN value referencing a role appropriate for the Ingress + Operator.\n\n\nThe following is an example of a valid policy + document:\n\n\n{\n\t\"Version\": \"2012-10-17\",\n\t\"Statement\": + [\n\t\t{\n\t\t\t\"Effect\": \"Allow\",\n\t\t\t\"Action\": [\n\t\t\t\t\"elasticloadbalancing:DescribeLoadBalancers\",\n\t\t\t\t\"tag:GetResources\",\n\t\t\t\t\"route53:ListHostedZones\"\n\t\t\t],\n\t\t\t\"Resource\": + \"*\"\n\t\t},\n\t\t{\n\t\t\t\"Effect\": \"Allow\",\n\t\t\t\"Action\": + [\n\t\t\t\t\"route53:ChangeResourceRecordSets\"\n\t\t\t],\n\t\t\t\"Resource\": + [\n\t\t\t\t\"arn:aws:route53:::PUBLIC_ZONE_ID\",\n\t\t\t\t\"arn:aws:route53:::PRIVATE_ZONE_ID\"\n\t\t\t]\n\t\t}\n\t]\n}" type: string kmsProviderARN: type: string kubeCloudControllerARN: - description: "KubeCloudControllerARN is an ARN value referencing - a role appropriate for the KCM/KCC. Source: https://cloud-provider-aws.sigs.k8s.io/prerequisites/#iam-policies - \n The following is an example of a valid policy document: \n - { \"Version\": \"2012-10-17\", \"Statement\": [ { \"Action\": - [ \"autoscaling:DescribeAutoScalingGroups\", \"autoscaling:DescribeLaunchConfigurations\", - \"autoscaling:DescribeTags\", \"ec2:DescribeAvailabilityZones\", - \"ec2:DescribeInstances\", \"ec2:DescribeImages\", \"ec2:DescribeRegions\", - \"ec2:DescribeRouteTables\", \"ec2:DescribeSecurityGroups\", - \"ec2:DescribeSubnets\", \"ec2:DescribeVolumes\", \"ec2:CreateSecurityGroup\", - \"ec2:CreateTags\", \"ec2:CreateVolume\", \"ec2:ModifyInstanceAttribute\", - \"ec2:ModifyVolume\", \"ec2:AttachVolume\", \"ec2:AuthorizeSecurityGroupIngress\", - \"ec2:CreateRoute\", \"ec2:DeleteRoute\", \"ec2:DeleteSecurityGroup\", - \"ec2:DeleteVolume\", \"ec2:DetachVolume\", \"ec2:RevokeSecurityGroupIngress\", - \"ec2:DescribeVpcs\", \"elasticloadbalancing:AddTags\", \"elasticloadbalancing:AttachLoadBalancerToSubnets\", - \"elasticloadbalancing:ApplySecurityGroupsToLoadBalancer\", - \"elasticloadbalancing:CreateLoadBalancer\", \"elasticloadbalancing:CreateLoadBalancerPolicy\", - \"elasticloadbalancing:CreateLoadBalancerListeners\", \"elasticloadbalancing:ConfigureHealthCheck\", - \"elasticloadbalancing:DeleteLoadBalancer\", \"elasticloadbalancing:DeleteLoadBalancerListeners\", - \"elasticloadbalancing:DescribeLoadBalancers\", \"elasticloadbalancing:DescribeLoadBalancerAttributes\", - \"elasticloadbalancing:DetachLoadBalancerFromSubnets\", \"elasticloadbalancing:DeregisterInstancesFromLoadBalancer\", - \"elasticloadbalancing:ModifyLoadBalancerAttributes\", \"elasticloadbalancing:RegisterInstancesWithLoadBalancer\", - \"elasticloadbalancing:SetLoadBalancerPoliciesForBackendServer\", - \"elasticloadbalancing:AddTags\", \"elasticloadbalancing:CreateListener\", - \"elasticloadbalancing:CreateTargetGroup\", \"elasticloadbalancing:DeleteListener\", - \"elasticloadbalancing:DeleteTargetGroup\", \"elasticloadbalancing:DeregisterTargets\", - \"elasticloadbalancing:DescribeListeners\", \"elasticloadbalancing:DescribeLoadBalancerPolicies\", - \"elasticloadbalancing:DescribeTargetGroups\", \"elasticloadbalancing:DescribeTargetHealth\", - \"elasticloadbalancing:ModifyListener\", \"elasticloadbalancing:ModifyTargetGroup\", - \"elasticloadbalancing:RegisterTargets\", \"elasticloadbalancing:SetLoadBalancerPoliciesOfListener\", - \"iam:CreateServiceLinkedRole\", \"kms:DescribeKey\" ], \"Resource\": - [ \"*\" ], \"Effect\": \"Allow\" } ] }" + description: |- + KubeCloudControllerARN is an ARN value referencing a role appropriate for the KCM/KCC. + Source: https://cloud-provider-aws.sigs.k8s.io/prerequisites/#iam-policies + + + The following is an example of a valid policy document: + + + { + "Version": "2012-10-17", + "Statement": [ + { + "Action": [ + "autoscaling:DescribeAutoScalingGroups", + "autoscaling:DescribeLaunchConfigurations", + "autoscaling:DescribeTags", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInstances", + "ec2:DescribeImages", + "ec2:DescribeRegions", + "ec2:DescribeRouteTables", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVolumes", + "ec2:CreateSecurityGroup", + "ec2:CreateTags", + "ec2:CreateVolume", + "ec2:ModifyInstanceAttribute", + "ec2:ModifyVolume", + "ec2:AttachVolume", + "ec2:AuthorizeSecurityGroupIngress", + "ec2:CreateRoute", + "ec2:DeleteRoute", + "ec2:DeleteSecurityGroup", + "ec2:DeleteVolume", + "ec2:DetachVolume", + "ec2:RevokeSecurityGroupIngress", + "ec2:DescribeVpcs", + "elasticloadbalancing:AddTags", + "elasticloadbalancing:AttachLoadBalancerToSubnets", + "elasticloadbalancing:ApplySecurityGroupsToLoadBalancer", + "elasticloadbalancing:CreateLoadBalancer", + "elasticloadbalancing:CreateLoadBalancerPolicy", + "elasticloadbalancing:CreateLoadBalancerListeners", + "elasticloadbalancing:ConfigureHealthCheck", + "elasticloadbalancing:DeleteLoadBalancer", + "elasticloadbalancing:DeleteLoadBalancerListeners", + "elasticloadbalancing:DescribeLoadBalancers", + "elasticloadbalancing:DescribeLoadBalancerAttributes", + "elasticloadbalancing:DetachLoadBalancerFromSubnets", + "elasticloadbalancing:DeregisterInstancesFromLoadBalancer", + "elasticloadbalancing:ModifyLoadBalancerAttributes", + "elasticloadbalancing:RegisterInstancesWithLoadBalancer", + "elasticloadbalancing:SetLoadBalancerPoliciesForBackendServer", + "elasticloadbalancing:AddTags", + "elasticloadbalancing:CreateListener", + "elasticloadbalancing:CreateTargetGroup", + "elasticloadbalancing:DeleteListener", + "elasticloadbalancing:DeleteTargetGroup", + "elasticloadbalancing:DeregisterTargets", + "elasticloadbalancing:DescribeListeners", + "elasticloadbalancing:DescribeLoadBalancerPolicies", + "elasticloadbalancing:DescribeTargetGroups", + "elasticloadbalancing:DescribeTargetHealth", + "elasticloadbalancing:ModifyListener", + "elasticloadbalancing:ModifyTargetGroup", + "elasticloadbalancing:RegisterTargets", + "elasticloadbalancing:SetLoadBalancerPoliciesOfListener", + "iam:CreateServiceLinkedRole", + "kms:DescribeKey" + ], + "Resource": [ + "*" + ], + "Effect": "Allow" + } + ] + } type: string networkARN: description: "NetworkARN is an ARN value referencing a role appropriate - for the Network Operator. \n The following is an example of - a valid policy document: \n { \"Version\": \"2012-10-17\", \"Statement\": - [ { \"Effect\": \"Allow\", \"Action\": [ \"ec2:DescribeInstances\", - \"ec2:DescribeInstanceStatus\", \"ec2:DescribeInstanceTypes\", - \"ec2:UnassignPrivateIpAddresses\", \"ec2:AssignPrivateIpAddresses\", - \"ec2:UnassignIpv6Addresses\", \"ec2:AssignIpv6Addresses\", - \"ec2:DescribeSubnets\", \"ec2:DescribeNetworkInterfaces\" ], - \"Resource\": \"*\" } ] }" + for the Network Operator.\n\n\nThe following is an example of + a valid policy document:\n\n\n{\n\t\"Version\": \"2012-10-17\",\n\t\"Statement\": + [\n\t\t{\n\t\t\t\"Effect\": \"Allow\",\n\t\t\t\"Action\": [\n\t\t\t\t\"ec2:DescribeInstances\",\n + \ \"ec2:DescribeInstanceStatus\",\n \"ec2:DescribeInstanceTypes\",\n + \ \"ec2:UnassignPrivateIpAddresses\",\n \"ec2:AssignPrivateIpAddresses\",\n + \ \"ec2:UnassignIpv6Addresses\",\n \"ec2:AssignIpv6Addresses\",\n + \ \"ec2:DescribeSubnets\",\n \"ec2:DescribeNetworkInterfaces\"\n\t\t\t],\n\t\t\t\"Resource\": + \"*\"\n\t\t}\n\t]\n}" type: string nodePoolManagementARN: description: "NodePoolManagementARN is an ARN value referencing - a role appropriate for the CAPI Controller. \n The following - is an example of a valid policy document: \n { \"Version\": - \"2012-10-17\", \"Statement\": [ { \"Action\": [ \"ec2:AssociateRouteTable\", - \"ec2:AttachInternetGateway\", \"ec2:AuthorizeSecurityGroupIngress\", - \"ec2:CreateInternetGateway\", \"ec2:CreateNatGateway\", \"ec2:CreateRoute\", - \"ec2:CreateRouteTable\", \"ec2:CreateSecurityGroup\", \"ec2:CreateSubnet\", - \"ec2:CreateTags\", \"ec2:DeleteInternetGateway\", \"ec2:DeleteNatGateway\", - \"ec2:DeleteRouteTable\", \"ec2:DeleteSecurityGroup\", \"ec2:DeleteSubnet\", - \"ec2:DeleteTags\", \"ec2:DescribeAccountAttributes\", \"ec2:DescribeAddresses\", - \"ec2:DescribeAvailabilityZones\", \"ec2:DescribeImages\", \"ec2:DescribeInstances\", - \"ec2:DescribeInternetGateways\", \"ec2:DescribeNatGateways\", - \"ec2:DescribeNetworkInterfaces\", \"ec2:DescribeNetworkInterfaceAttribute\", - \"ec2:DescribeRouteTables\", \"ec2:DescribeSecurityGroups\", - \"ec2:DescribeSubnets\", \"ec2:DescribeVpcs\", \"ec2:DescribeVpcAttribute\", - \"ec2:DescribeVolumes\", \"ec2:DetachInternetGateway\", \"ec2:DisassociateRouteTable\", - \"ec2:DisassociateAddress\", \"ec2:ModifyInstanceAttribute\", - \"ec2:ModifyNetworkInterfaceAttribute\", \"ec2:ModifySubnetAttribute\", - \"ec2:RevokeSecurityGroupIngress\", \"ec2:RunInstances\", \"ec2:TerminateInstances\", - \"tag:GetResources\", \"ec2:CreateLaunchTemplate\", \"ec2:CreateLaunchTemplateVersion\", - \"ec2:DescribeLaunchTemplates\", \"ec2:DescribeLaunchTemplateVersions\", - \"ec2:DeleteLaunchTemplate\", \"ec2:DeleteLaunchTemplateVersions\" - ], \"Resource\": [ \"*\" ], \"Effect\": \"Allow\" }, { \"Condition\": - { \"StringLike\": { \"iam:AWSServiceName\": \"elasticloadbalancing.amazonaws.com\" - } }, \"Action\": [ \"iam:CreateServiceLinkedRole\" ], \"Resource\": - [ \"arn:*:iam::*:role/aws-service-role/elasticloadbalancing.amazonaws.com/AWSServiceRoleForElasticLoadBalancing\" - ], \"Effect\": \"Allow\" }, { \"Action\": [ \"iam:PassRole\" - ], \"Resource\": [ \"arn:*:iam::*:role/*-worker-role\" ], \"Effect\": - \"Allow\" }, { \"Effect\": \"Allow\", \"Action\": [ \"kms:Decrypt\", - \"kms:ReEncrypt\", \"kms:GenerateDataKeyWithoutPlainText\", - \"kms:DescribeKey\" ], \"Resource\": \"*\" }, { \"Effect\": - \"Allow\", \"Action\": [ \"kms:CreateGrant\" ], \"Resource\": - \"*\", \"Condition\": { \"Bool\": { \"kms:GrantIsForAWSResource\": - true } } } ] }" + a role appropriate for the CAPI Controller.\n\n\nThe following + is an example of a valid policy document:\n\n\n{\n \"Version\": + \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": [\n + \ \"ec2:AssociateRouteTable\",\n \"ec2:AttachInternetGateway\",\n + \ \"ec2:AuthorizeSecurityGroupIngress\",\n \"ec2:CreateInternetGateway\",\n + \ \"ec2:CreateNatGateway\",\n \"ec2:CreateRoute\",\n + \ \"ec2:CreateRouteTable\",\n \"ec2:CreateSecurityGroup\",\n + \ \"ec2:CreateSubnet\",\n \"ec2:CreateTags\",\n \"ec2:DeleteInternetGateway\",\n + \ \"ec2:DeleteNatGateway\",\n \"ec2:DeleteRouteTable\",\n + \ \"ec2:DeleteSecurityGroup\",\n \"ec2:DeleteSubnet\",\n + \ \"ec2:DeleteTags\",\n \"ec2:DescribeAccountAttributes\",\n + \ \"ec2:DescribeAddresses\",\n \"ec2:DescribeAvailabilityZones\",\n + \ \"ec2:DescribeImages\",\n \"ec2:DescribeInstances\",\n + \ \"ec2:DescribeInternetGateways\",\n \"ec2:DescribeNatGateways\",\n + \ \"ec2:DescribeNetworkInterfaces\",\n \"ec2:DescribeNetworkInterfaceAttribute\",\n + \ \"ec2:DescribeRouteTables\",\n \"ec2:DescribeSecurityGroups\",\n + \ \"ec2:DescribeSubnets\",\n \"ec2:DescribeVpcs\",\n + \ \"ec2:DescribeVpcAttribute\",\n \"ec2:DescribeVolumes\",\n + \ \"ec2:DetachInternetGateway\",\n \"ec2:DisassociateRouteTable\",\n + \ \"ec2:DisassociateAddress\",\n \"ec2:ModifyInstanceAttribute\",\n + \ \"ec2:ModifyNetworkInterfaceAttribute\",\n \"ec2:ModifySubnetAttribute\",\n + \ \"ec2:RevokeSecurityGroupIngress\",\n \"ec2:RunInstances\",\n + \ \"ec2:TerminateInstances\",\n \"tag:GetResources\",\n + \ \"ec2:CreateLaunchTemplate\",\n \"ec2:CreateLaunchTemplateVersion\",\n + \ \"ec2:DescribeLaunchTemplates\",\n \"ec2:DescribeLaunchTemplateVersions\",\n + \ \"ec2:DeleteLaunchTemplate\",\n \"ec2:DeleteLaunchTemplateVersions\"\n + \ ],\n \"Resource\": [\n \"*\"\n ],\n \"Effect\": + \"Allow\"\n },\n {\n \"Condition\": {\n \"StringLike\": + {\n \"iam:AWSServiceName\": \"elasticloadbalancing.amazonaws.com\"\n + \ }\n },\n \"Action\": [\n \"iam:CreateServiceLinkedRole\"\n + \ ],\n \"Resource\": [\n \"arn:*:iam::*:role/aws-service-role/elasticloadbalancing.amazonaws.com/AWSServiceRoleForElasticLoadBalancing\"\n + \ ],\n \"Effect\": \"Allow\"\n },\n {\n \"Action\": + [\n \"iam:PassRole\"\n ],\n \"Resource\": [\n + \ \"arn:*:iam::*:role/*-worker-role\"\n ],\n \"Effect\": + \"Allow\"\n },\n\t {\n\t \t\"Effect\": \"Allow\",\n\t \t\"Action\": + [\n\t \t\t\"kms:Decrypt\",\n\t \t\t\"kms:ReEncrypt\",\n\t + \ \t\t\"kms:GenerateDataKeyWithoutPlainText\",\n\t \t\t\"kms:DescribeKey\"\n\t + \ \t],\n\t \t\"Resource\": \"*\"\n\t },\n\t {\n\t \t\"Effect\": + \"Allow\",\n\t \t\"Action\": [\n\t \t\t\"kms:CreateGrant\"\n\t + \ \t],\n\t \t\"Resource\": \"*\",\n\t \t\"Condition\": {\n\t + \ \t\t\"Bool\": {\n\t \t\t\t\"kms:GrantIsForAWSResource\": + true\n\t \t\t}\n\t \t}\n\t }\n ]\n}" type: string storageARN: description: "StorageARN is an ARN value referencing a role appropriate - for the Storage Operator. \n The following is an example of - a valid policy document: \n { \"Version\": \"2012-10-17\", \"Statement\": - [ { \"Effect\": \"Allow\", \"Action\": [ \"ec2:AttachVolume\", - \"ec2:CreateSnapshot\", \"ec2:CreateTags\", \"ec2:CreateVolume\", - \"ec2:DeleteSnapshot\", \"ec2:DeleteTags\", \"ec2:DeleteVolume\", - \"ec2:DescribeInstances\", \"ec2:DescribeSnapshots\", \"ec2:DescribeTags\", - \"ec2:DescribeVolumes\", \"ec2:DescribeVolumesModifications\", - \"ec2:DetachVolume\", \"ec2:ModifyVolume\" ], \"Resource\": - \"*\" } ] }" + for the Storage Operator.\n\n\nThe following is an example of + a valid policy document:\n\n\n{\n\t\"Version\": \"2012-10-17\",\n\t\"Statement\": + [\n\t\t{\n\t\t\t\"Effect\": \"Allow\",\n\t\t\t\"Action\": [\n\t\t\t\t\"ec2:AttachVolume\",\n\t\t\t\t\"ec2:CreateSnapshot\",\n\t\t\t\t\"ec2:CreateTags\",\n\t\t\t\t\"ec2:CreateVolume\",\n\t\t\t\t\"ec2:DeleteSnapshot\",\n\t\t\t\t\"ec2:DeleteTags\",\n\t\t\t\t\"ec2:DeleteVolume\",\n\t\t\t\t\"ec2:DescribeInstances\",\n\t\t\t\t\"ec2:DescribeSnapshots\",\n\t\t\t\t\"ec2:DescribeTags\",\n\t\t\t\t\"ec2:DescribeVolumes\",\n\t\t\t\t\"ec2:DescribeVolumesModifications\",\n\t\t\t\t\"ec2:DetachVolume\",\n\t\t\t\t\"ec2:ModifyVolume\"\n\t\t\t],\n\t\t\t\"Resource\": + \"*\"\n\t\t}\n\t]\n}" type: string required: - controlPlaneOperatorARN @@ -615,10 +692,10 @@ spec: - storageARN type: object rosaClusterName: - description: Cluster name must be valid DNS-1035 label, so it must - consist of lower case alphanumeric characters or '-', start with - an alphabetic character, end with an alphanumeric character and - have a max length of 54 characters. + description: |- + Cluster name must be valid DNS-1035 label, so it must consist of lower case alphanumeric + characters or '-', start with an alphabetic character, end with an alphanumeric character + and have a max length of 54 characters. maxLength: 54 pattern: ^[a-z]([-a-z0-9]*[a-z0-9])?$ type: string @@ -626,15 +703,16 @@ spec: - message: rosaClusterName is immutable rule: self == oldSelf subnets: - description: The Subnet IDs to use when installing the cluster. SubnetIDs - should come in pairs; two per availability zone, one private and - one public. + description: |- + The Subnet IDs to use when installing the cluster. + SubnetIDs should come in pairs; two per availability zone, one private and one public. items: type: string type: array supportRoleARN: - description: SupportRoleARN is an AWS IAM role used by Red Hat SREs - to enable access to the cluster account in order to provide support. + description: |- + SupportRoleARN is an AWS IAM role used by Red Hat SREs to enable + access to the cluster account in order to provide support. type: string version: description: OpenShift semantic version, for example "4.14.5". @@ -666,37 +744,37 @@ spec: operational state. properties: lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. + description: |- + Last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when + the API field changed is acceptable. format: date-time type: string message: - description: A human readable message indicating details about - the transition. This field may be empty. + description: |- + A human readable message indicating details about the transition. + This field may be empty. type: string reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. + description: |- + The reason for the condition's last transition in CamelCase. + The specific API may choose whether or not this field is considered a guaranteed API. + This field may not be empty. type: string severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. + description: |- + Severity provides an explicit classification of Reason code, so the users or machines can immediately + understand the current situation and act accordingly. + The Severity field MUST be set only when Status=False. type: string status: description: Status of the condition, one of True, False, Unknown. type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions + can be useful (see .node.status.conditions), the ability to deconflict is important. type: string required: - lastTransitionTime @@ -709,25 +787,29 @@ spec: type: string externalManagedControlPlane: default: true - description: ExternalManagedControlPlane indicates to cluster-api - that the control plane is managed by an external service such as - AKS, EKS, GKE, etc. + description: |- + ExternalManagedControlPlane indicates to cluster-api that the control plane + is managed by an external service such as AKS, EKS, GKE, etc. type: boolean failureMessage: - description: "FailureMessage will be set in the event that there is - a terminal problem reconciling the state and will be set to a descriptive - error message. \n This field should not be set for transitive errors - that a controller faces that are expected to be fixed automatically - over time (like service outages), but instead indicate that something - is fundamentally wrong with the spec or the configuration of the - controller, and that manual intervention is required." + description: |- + FailureMessage will be set in the event that there is a terminal problem + reconciling the state and will be set to a descriptive error message. + + + This field should not be set for transitive errors that a controller + faces that are expected to be fixed automatically over + time (like service outages), but instead indicate that something is + fundamentally wrong with the spec or the configuration of + the controller, and that manual intervention is required. type: string id: description: ID is the cluster ID given by ROSA. type: string initialized: - description: Initialized denotes whether or not the control plane - has the uploaded kubernetes config-map. + description: |- + Initialized denotes whether or not the control plane has the + uploaded kubernetes config-map. type: boolean oidcEndpointURL: description: OIDCEndpointURL is the endpoint url for the managed OIDC diff --git a/config/crd/bases/infrastructure.cluster.x-k8s.io_awsclustercontrolleridentities.yaml b/config/crd/bases/infrastructure.cluster.x-k8s.io_awsclustercontrolleridentities.yaml index d400720ff8..858d93489a 100644 --- a/config/crd/bases/infrastructure.cluster.x-k8s.io_awsclustercontrolleridentities.yaml +++ b/config/crd/bases/infrastructure.cluster.x-k8s.io_awsclustercontrolleridentities.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: awsclustercontrolleridentities.infrastructure.cluster.x-k8s.io spec: group: infrastructure.cluster.x-k8s.io @@ -21,19 +21,24 @@ spec: - name: v1beta1 schema: openAPIV3Schema: - description: AWSClusterControllerIdentity is the Schema for the awsclustercontrolleridentities - API It is used to grant access to use Cluster API Provider AWS Controller - credentials. + description: |- + AWSClusterControllerIdentity is the Schema for the awsclustercontrolleridentities API + It is used to grant access to use Cluster API Provider AWS Controller credentials. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -41,14 +46,12 @@ spec: description: Spec for this AWSClusterControllerIdentity. properties: allowedNamespaces: - description: AllowedNamespaces is used to identify which namespaces - are allowed to use the identity from. Namespaces can be selected - either using an array of namespaces or with label selector. An empty - allowedNamespaces object indicates that AWSClusters can use this - identity from any namespace. If this object is nil, no namespaces - will be allowed (default behaviour, if this field is not provided) - A namespace should be either in the NamespaceList or match with - Selector to use the identity. + description: |- + AllowedNamespaces is used to identify which namespaces are allowed to use the identity from. + Namespaces can be selected either using an array of namespaces or with label selector. + An empty allowedNamespaces object indicates that AWSClusters can use this identity from any namespace. + If this object is nil, no namespaces will be allowed (default behaviour, if this field is not provided) + A namespace should be either in the NamespaceList or match with Selector to use the identity. nullable: true properties: list: @@ -59,32 +62,33 @@ spec: nullable: true type: array selector: - description: An empty selector indicates that AWSClusters cannot - use this AWSClusterIdentity from any namespace. + description: |- + An empty selector indicates that AWSClusters cannot use this + AWSClusterIdentity from any namespace. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector - that contains values, a key, and an operator that relates - the key and values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship - to a set of values. Valid operators are In, NotIn, - Exists and DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string values. If - the operator is In or NotIn, the values array must - be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced - during a strategic merge patch. + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. items: type: string type: array @@ -96,11 +100,10 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. A - single {key,value} in the matchLabels map is equivalent - to an element of matchExpressions, whose key field is "key", - the operator is "In", and the values array contains only - "value". The requirements are ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic @@ -112,19 +115,24 @@ spec: - name: v1beta2 schema: openAPIV3Schema: - description: AWSClusterControllerIdentity is the Schema for the awsclustercontrolleridentities - API It is used to grant access to use Cluster API Provider AWS Controller - credentials. + description: |- + AWSClusterControllerIdentity is the Schema for the awsclustercontrolleridentities API + It is used to grant access to use Cluster API Provider AWS Controller credentials. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -132,14 +140,12 @@ spec: description: Spec for this AWSClusterControllerIdentity. properties: allowedNamespaces: - description: AllowedNamespaces is used to identify which namespaces - are allowed to use the identity from. Namespaces can be selected - either using an array of namespaces or with label selector. An empty - allowedNamespaces object indicates that AWSClusters can use this - identity from any namespace. If this object is nil, no namespaces - will be allowed (default behaviour, if this field is not provided) - A namespace should be either in the NamespaceList or match with - Selector to use the identity. + description: |- + AllowedNamespaces is used to identify which namespaces are allowed to use the identity from. + Namespaces can be selected either using an array of namespaces or with label selector. + An empty allowedNamespaces object indicates that AWSClusters can use this identity from any namespace. + If this object is nil, no namespaces will be allowed (default behaviour, if this field is not provided) + A namespace should be either in the NamespaceList or match with Selector to use the identity. nullable: true properties: list: @@ -150,32 +156,33 @@ spec: nullable: true type: array selector: - description: An empty selector indicates that AWSClusters cannot - use this AWSClusterIdentity from any namespace. + description: |- + An empty selector indicates that AWSClusters cannot use this + AWSClusterIdentity from any namespace. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector - that contains values, a key, and an operator that relates - the key and values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship - to a set of values. Valid operators are In, NotIn, - Exists and DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string values. If - the operator is In or NotIn, the values array must - be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced - during a strategic merge patch. + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. items: type: string type: array @@ -187,11 +194,10 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. A - single {key,value} in the matchLabels map is equivalent - to an element of matchExpressions, whose key field is "key", - the operator is "In", and the values array contains only - "value". The requirements are ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic diff --git a/config/crd/bases/infrastructure.cluster.x-k8s.io_awsclusterroleidentities.yaml b/config/crd/bases/infrastructure.cluster.x-k8s.io_awsclusterroleidentities.yaml index 35e0bdd5fa..cfe210a32e 100644 --- a/config/crd/bases/infrastructure.cluster.x-k8s.io_awsclusterroleidentities.yaml +++ b/config/crd/bases/infrastructure.cluster.x-k8s.io_awsclusterroleidentities.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: awsclusterroleidentities.infrastructure.cluster.x-k8s.io spec: group: infrastructure.cluster.x-k8s.io @@ -21,18 +21,24 @@ spec: - name: v1beta1 schema: openAPIV3Schema: - description: AWSClusterRoleIdentity is the Schema for the awsclusterroleidentities - API It is used to assume a role using the provided sourceRef. + description: |- + AWSClusterRoleIdentity is the Schema for the awsclusterroleidentities API + It is used to assume a role using the provided sourceRef. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -40,14 +46,12 @@ spec: description: Spec for this AWSClusterRoleIdentity. properties: allowedNamespaces: - description: AllowedNamespaces is used to identify which namespaces - are allowed to use the identity from. Namespaces can be selected - either using an array of namespaces or with label selector. An empty - allowedNamespaces object indicates that AWSClusters can use this - identity from any namespace. If this object is nil, no namespaces - will be allowed (default behaviour, if this field is not provided) - A namespace should be either in the NamespaceList or match with - Selector to use the identity. + description: |- + AllowedNamespaces is used to identify which namespaces are allowed to use the identity from. + Namespaces can be selected either using an array of namespaces or with label selector. + An empty allowedNamespaces object indicates that AWSClusters can use this identity from any namespace. + If this object is nil, no namespaces will be allowed (default behaviour, if this field is not provided) + A namespace should be either in the NamespaceList or match with Selector to use the identity. nullable: true properties: list: @@ -58,32 +62,33 @@ spec: nullable: true type: array selector: - description: An empty selector indicates that AWSClusters cannot - use this AWSClusterIdentity from any namespace. + description: |- + An empty selector indicates that AWSClusters cannot use this + AWSClusterIdentity from any namespace. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector - that contains values, a key, and an operator that relates - the key and values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship - to a set of values. Valid operators are In, NotIn, - Exists and DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string values. If - the operator is In or NotIn, the values array must - be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced - during a strategic merge patch. + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. items: type: string type: array @@ -95,11 +100,10 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. A - single {key,value} in the matchLabels map is equivalent - to an element of matchExpressions, whose key field is "key", - the operator is "In", and the values array contains only - "value". The requirements are ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic @@ -112,26 +116,26 @@ spec: minimum: 900 type: integer externalID: - description: A unique identifier that might be required when you assume - a role in another account. If the administrator of the account to - which the role belongs provided you with an external ID, then provide - that value in the ExternalId parameter. This value can be any string, - such as a passphrase or account number. A cross-account role is - usually set up to trust everyone in an account. Therefore, the administrator - of the trusting account might send an external ID to the administrator - of the trusted account. That way, only someone with the ID can assume - the role, rather than everyone in the account. For more information - about the external ID, see How to Use an External ID When Granting - Access to Your AWS Resources to a Third Party in the IAM User Guide. + description: |- + A unique identifier that might be required when you assume a role in another account. + If the administrator of the account to which the role belongs provided you with an + external ID, then provide that value in the ExternalId parameter. This value can be + any string, such as a passphrase or account number. A cross-account role is usually + set up to trust everyone in an account. Therefore, the administrator of the trusting + account might send an external ID to the administrator of the trusted account. That + way, only someone with the ID can assume the role, rather than everyone in the + account. For more information about the external ID, see How to Use an External ID + When Granting Access to Your AWS Resources to a Third Party in the IAM User Guide. type: string inlinePolicy: description: An IAM policy as a JSON-encoded string that you want to use as an inline session policy. type: string policyARNs: - description: The Amazon Resource Names (ARNs) of the IAM managed policies - that you want to use as managed session policies. The policies must - exist in the same account as the role. + description: |- + The Amazon Resource Names (ARNs) of the IAM managed policies that you want + to use as managed session policies. + The policies must exist in the same account as the role. items: type: string type: array @@ -142,9 +146,9 @@ spec: description: An identifier for the assumed role session type: string sourceIdentityRef: - description: SourceIdentityRef is a reference to another identity - which will be chained to do role assumption. All identity types - are accepted. + description: |- + SourceIdentityRef is a reference to another identity which will be chained to do + role assumption. All identity types are accepted. properties: kind: description: Kind of the identity. @@ -170,18 +174,24 @@ spec: - name: v1beta2 schema: openAPIV3Schema: - description: AWSClusterRoleIdentity is the Schema for the awsclusterroleidentities - API It is used to assume a role using the provided sourceRef. + description: |- + AWSClusterRoleIdentity is the Schema for the awsclusterroleidentities API + It is used to assume a role using the provided sourceRef. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -189,14 +199,12 @@ spec: description: Spec for this AWSClusterRoleIdentity. properties: allowedNamespaces: - description: AllowedNamespaces is used to identify which namespaces - are allowed to use the identity from. Namespaces can be selected - either using an array of namespaces or with label selector. An empty - allowedNamespaces object indicates that AWSClusters can use this - identity from any namespace. If this object is nil, no namespaces - will be allowed (default behaviour, if this field is not provided) - A namespace should be either in the NamespaceList or match with - Selector to use the identity. + description: |- + AllowedNamespaces is used to identify which namespaces are allowed to use the identity from. + Namespaces can be selected either using an array of namespaces or with label selector. + An empty allowedNamespaces object indicates that AWSClusters can use this identity from any namespace. + If this object is nil, no namespaces will be allowed (default behaviour, if this field is not provided) + A namespace should be either in the NamespaceList or match with Selector to use the identity. nullable: true properties: list: @@ -207,32 +215,33 @@ spec: nullable: true type: array selector: - description: An empty selector indicates that AWSClusters cannot - use this AWSClusterIdentity from any namespace. + description: |- + An empty selector indicates that AWSClusters cannot use this + AWSClusterIdentity from any namespace. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector - that contains values, a key, and an operator that relates - the key and values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship - to a set of values. Valid operators are In, NotIn, - Exists and DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string values. If - the operator is In or NotIn, the values array must - be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced - during a strategic merge patch. + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. items: type: string type: array @@ -244,11 +253,10 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. A - single {key,value} in the matchLabels map is equivalent - to an element of matchExpressions, whose key field is "key", - the operator is "In", and the values array contains only - "value". The requirements are ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic @@ -261,26 +269,26 @@ spec: minimum: 900 type: integer externalID: - description: A unique identifier that might be required when you assume - a role in another account. If the administrator of the account to - which the role belongs provided you with an external ID, then provide - that value in the ExternalId parameter. This value can be any string, - such as a passphrase or account number. A cross-account role is - usually set up to trust everyone in an account. Therefore, the administrator - of the trusting account might send an external ID to the administrator - of the trusted account. That way, only someone with the ID can assume - the role, rather than everyone in the account. For more information - about the external ID, see How to Use an External ID When Granting - Access to Your AWS Resources to a Third Party in the IAM User Guide. + description: |- + A unique identifier that might be required when you assume a role in another account. + If the administrator of the account to which the role belongs provided you with an + external ID, then provide that value in the ExternalId parameter. This value can be + any string, such as a passphrase or account number. A cross-account role is usually + set up to trust everyone in an account. Therefore, the administrator of the trusting + account might send an external ID to the administrator of the trusted account. That + way, only someone with the ID can assume the role, rather than everyone in the + account. For more information about the external ID, see How to Use an External ID + When Granting Access to Your AWS Resources to a Third Party in the IAM User Guide. type: string inlinePolicy: description: An IAM policy as a JSON-encoded string that you want to use as an inline session policy. type: string policyARNs: - description: The Amazon Resource Names (ARNs) of the IAM managed policies - that you want to use as managed session policies. The policies must - exist in the same account as the role. + description: |- + The Amazon Resource Names (ARNs) of the IAM managed policies that you want + to use as managed session policies. + The policies must exist in the same account as the role. items: type: string type: array @@ -291,9 +299,9 @@ spec: description: An identifier for the assumed role session type: string sourceIdentityRef: - description: SourceIdentityRef is a reference to another identity - which will be chained to do role assumption. All identity types - are accepted. + description: |- + SourceIdentityRef is a reference to another identity which will be chained to do + role assumption. All identity types are accepted. properties: kind: description: Kind of the identity. diff --git a/config/crd/bases/infrastructure.cluster.x-k8s.io_awsclusters.yaml b/config/crd/bases/infrastructure.cluster.x-k8s.io_awsclusters.yaml index 523153831e..f973f541b9 100644 --- a/config/crd/bases/infrastructure.cluster.x-k8s.io_awsclusters.yaml +++ b/config/crd/bases/infrastructure.cluster.x-k8s.io_awsclusters.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: awsclusters.infrastructure.cluster.x-k8s.io spec: group: infrastructure.cluster.x-k8s.io @@ -47,14 +47,19 @@ spec: API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -65,38 +70,39 @@ spec: additionalTags: additionalProperties: type: string - description: AdditionalTags is an optional set of tags to add to AWS - resources managed by the AWS provider, in addition to the ones added - by default. + description: |- + AdditionalTags is an optional set of tags to add to AWS resources managed by the AWS provider, in addition to the + ones added by default. type: object bastion: description: Bastion contains options to configure the bastion host. properties: allowedCIDRBlocks: - description: AllowedCIDRBlocks is a list of CIDR blocks allowed - to access the bastion host. They are set as ingress rules for - the Bastion host's Security Group (defaults to 0.0.0.0/0). + description: |- + AllowedCIDRBlocks is a list of CIDR blocks allowed to access the bastion host. + They are set as ingress rules for the Bastion host's Security Group (defaults to 0.0.0.0/0). items: type: string type: array ami: - description: AMI will use the specified AMI to boot the bastion. - If not specified, the AMI will default to one picked out in - public space. + description: |- + AMI will use the specified AMI to boot the bastion. If not specified, + the AMI will default to one picked out in public space. type: string disableIngressRules: - description: DisableIngressRules will ensure there are no Ingress - rules in the bastion host's security group. Requires AllowedCIDRBlocks - to be empty. + description: |- + DisableIngressRules will ensure there are no Ingress rules in the bastion host's security group. + Requires AllowedCIDRBlocks to be empty. type: boolean enabled: - description: Enabled allows this provider to create a bastion - host instance with a public ip to access the VPC private network. + description: |- + Enabled allows this provider to create a bastion host instance + with a public ip to access the VPC private network. type: boolean instanceType: - description: InstanceType will use the specified instance type - for the bastion. If not specified, Cluster API Provider AWS - will use t3.micro for all regions except us-east-1, where t2.micro + description: |- + InstanceType will use the specified instance type for the bastion. If not specified, + Cluster API Provider AWS will use t3.micro for all regions except us-east-1, where t2.micro will be the default. type: string type: object @@ -120,33 +126,36 @@ spec: customizing control plane behavior. properties: additionalSecurityGroups: - description: AdditionalSecurityGroups sets the security groups - used by the load balancer. Expected to be security group IDs - This is optional - if not provided new security groups will - be created for the load balancer + description: |- + AdditionalSecurityGroups sets the security groups used by the load balancer. Expected to be security group IDs + This is optional - if not provided new security groups will be created for the load balancer items: type: string type: array crossZoneLoadBalancing: - description: "CrossZoneLoadBalancing enables the classic ELB cross - availability zone balancing. \n With cross-zone load balancing, - each load balancer node for your Classic Load Balancer distributes - requests evenly across the registered instances in all enabled - Availability Zones. If cross-zone load balancing is disabled, - each load balancer node distributes requests evenly across the - registered instances in its Availability Zone only. \n Defaults - to false." + description: |- + CrossZoneLoadBalancing enables the classic ELB cross availability zone balancing. + + + With cross-zone load balancing, each load balancer node for your Classic Load Balancer + distributes requests evenly across the registered instances in all enabled Availability Zones. + If cross-zone load balancing is disabled, each load balancer node distributes requests evenly across + the registered instances in its Availability Zone only. + + + Defaults to false. type: boolean healthCheckProtocol: - description: HealthCheckProtocol sets the protocol type for classic - ELB health check target default value is ClassicELBProtocolSSL + description: |- + HealthCheckProtocol sets the protocol type for classic ELB health check target + default value is ClassicELBProtocolSSL type: string name: - description: Name sets the name of the classic ELB load balancer. - As per AWS, the name must be unique within your set of load - balancers for the region, must have a maximum of 32 characters, - must contain only alphanumeric characters or hyphens, and cannot - begin or end with a hyphen. Once set, the value cannot be changed. + description: |- + Name sets the name of the classic ELB load balancer. As per AWS, the name must be unique + within your set of load balancers for the region, must have a maximum of 32 characters, must + contain only alphanumeric characters or hyphens, and cannot begin or end with a hyphen. Once + set, the value cannot be changed. maxLength: 32 pattern: ^[A-Za-z0-9]([A-Za-z0-9]{0,31}|[-A-Za-z0-9]{0,30}[A-Za-z0-9])$ type: string @@ -167,9 +176,9 @@ spec: type: array type: object identityRef: - description: IdentityRef is a reference to an identity to be used - when reconciling the managed control plane. If no identity is specified, - the default identity for this controller will be used. + description: |- + IdentityRef is a reference to an identity to be used when reconciling the managed control plane. + If no identity is specified, the default identity for this controller will be used. properties: kind: description: Kind of the identity. @@ -187,30 +196,32 @@ spec: - name type: object imageLookupBaseOS: - description: ImageLookupBaseOS is the name of the base operating system - used to look up machine images when a machine does not specify an - AMI. When set, this will be used for all cluster machines unless - a machine specifies a different ImageLookupBaseOS. + description: |- + ImageLookupBaseOS is the name of the base operating system used to look + up machine images when a machine does not specify an AMI. When set, this + will be used for all cluster machines unless a machine specifies a + different ImageLookupBaseOS. type: string imageLookupFormat: - description: 'ImageLookupFormat is the AMI naming format to look up - machine images when a machine does not specify an AMI. When set, - this will be used for all cluster machines unless a machine specifies - a different ImageLookupOrg. Supports substitutions for {{.BaseOS}} - and {{.K8sVersion}} with the base OS and kubernetes version, respectively. - The BaseOS will be the value in ImageLookupBaseOS or ubuntu (the - default), and the kubernetes version as defined by the packages - produced by kubernetes/release without v as a prefix: 1.13.0, 1.12.5-mybuild.1, - or 1.17.3. For example, the default image format of capa-ami-{{.BaseOS}}-?{{.K8sVersion}}-* - will end up searching for AMIs that match the pattern capa-ami-ubuntu-?1.18.0-* - for a Machine that is targeting kubernetes v1.18.0 and the ubuntu - base OS. See also: https://golang.org/pkg/text/template/' + description: |- + ImageLookupFormat is the AMI naming format to look up machine images when + a machine does not specify an AMI. When set, this will be used for all + cluster machines unless a machine specifies a different ImageLookupOrg. + Supports substitutions for {{.BaseOS}} and {{.K8sVersion}} with the base + OS and kubernetes version, respectively. The BaseOS will be the value in + ImageLookupBaseOS or ubuntu (the default), and the kubernetes version as + defined by the packages produced by kubernetes/release without v as a + prefix: 1.13.0, 1.12.5-mybuild.1, or 1.17.3. For example, the default + image format of capa-ami-{{.BaseOS}}-?{{.K8sVersion}}-* will end up + searching for AMIs that match the pattern capa-ami-ubuntu-?1.18.0-* for a + Machine that is targeting kubernetes v1.18.0 and the ubuntu base OS. See + also: https://golang.org/pkg/text/template/ type: string imageLookupOrg: - description: ImageLookupOrg is the AWS Organization ID to look up - machine images when a machine does not specify an AMI. When set, - this will be used for all cluster machines unless a machine specifies - a different ImageLookupOrg. + description: |- + ImageLookupOrg is the AWS Organization ID to look up machine images when a + machine does not specify an AMI. When set, this will be used for all + cluster machines unless a machine specifies a different ImageLookupOrg. type: string network: description: NetworkSpec encapsulates all things related to AWS network. @@ -219,10 +230,9 @@ spec: description: CNI configuration properties: cniIngressRules: - description: CNIIngressRules specify rules to apply to control - plane and worker node security groups. The source for the - rule will be set to control plane and worker security group - IDs. + description: |- + CNIIngressRules specify rules to apply to control plane and worker node security groups. + The source for the rule will be set to control plane and worker security group IDs. items: description: CNIIngressRule defines an AWS ingress rule for CNI requirements. @@ -250,9 +260,9 @@ spec: securityGroupOverrides: additionalProperties: type: string - description: SecurityGroupOverrides is an optional set of security - groups to use for cluster instances This is optional - if not - provided new security groups will be created for the cluster + description: |- + SecurityGroupOverrides is an optional set of security groups to use for cluster instances + This is optional - if not provided new security groups will be created for the cluster type: object subnets: description: Subnets configuration. @@ -272,17 +282,15 @@ spec: this resource. type: string ipv6CidrBlock: - description: IPv6CidrBlock is the IPv6 CIDR block to be - used when the provider creates a managed VPC. A subnet - can have an IPv4 and an IPv6 address. IPv6 is only supported - in managed clusters, this field cannot be set on AWSCluster - object. + description: |- + IPv6CidrBlock is the IPv6 CIDR block to be used when the provider creates a managed VPC. + A subnet can have an IPv4 and an IPv6 address. + IPv6 is only supported in managed clusters, this field cannot be set on AWSCluster object. type: string isIpv6: - description: IsIPv6 defines the subnet as an IPv6 subnet. - A subnet is IPv6 when it is associated with a VPC that - has IPv6 enabled. IPv6 is only supported in managed clusters, - this field cannot be set on AWSCluster object. + description: |- + IsIPv6 defines the subnet as an IPv6 subnet. A subnet is IPv6 when it is associated with a VPC that has IPv6 enabled. + IPv6 is only supported in managed clusters, this field cannot be set on AWSCluster object. type: boolean isPublic: description: IsPublic defines the subnet as a public subnet. @@ -290,12 +298,9 @@ spec: table that has a route to an internet gateway. type: boolean natGatewayId: - description: NatGatewayID is the NAT gateway id associated - with the subnet. Ignored unless the subnet is managed - by the provider, in which case this is set on the public - subnet where the NAT gateway resides. It is then used - to determine routes for private subnets in the same AZ - as the public subnet. + description: |- + NatGatewayID is the NAT gateway id associated with the subnet. + Ignored unless the subnet is managed by the provider, in which case this is set on the public subnet where the NAT gateway resides. It is then used to determine routes for private subnets in the same AZ as the public subnet. type: string routeTableId: description: RouteTableID is the routing table id associated @@ -314,28 +319,29 @@ spec: properties: availabilityZoneSelection: default: Ordered - description: 'AvailabilityZoneSelection specifies how AZs - should be selected if there are more AZs in a region than - specified by AvailabilityZoneUsageLimit. There are 2 selection - schemes: Ordered - selects based on alphabetical order Random - - selects AZs randomly in a region Defaults to Ordered' + description: |- + AvailabilityZoneSelection specifies how AZs should be selected if there are more AZs + in a region than specified by AvailabilityZoneUsageLimit. There are 2 selection schemes: + Ordered - selects based on alphabetical order + Random - selects AZs randomly in a region + Defaults to Ordered enum: - Ordered - Random type: string availabilityZoneUsageLimit: default: 3 - description: AvailabilityZoneUsageLimit specifies the maximum - number of availability zones (AZ) that should be used in - a region when automatically creating subnets. If a region - has more than this number of AZs then this number of AZs - will be picked randomly when creating default subnets. Defaults - to 3 + description: |- + AvailabilityZoneUsageLimit specifies the maximum number of availability zones (AZ) that + should be used in a region when automatically creating subnets. If a region has more + than this number of AZs then this number of AZs will be picked randomly when creating + default subnets. Defaults to 3 minimum: 1 type: integer cidrBlock: - description: CidrBlock is the CIDR block to be used when the - provider creates a managed VPC. Defaults to 10.0.0.0/16. + description: |- + CidrBlock is the CIDR block to be used when the provider creates a managed VPC. + Defaults to 10.0.0.0/16. type: string id: description: ID is the vpc-id of the VPC this provider should @@ -346,9 +352,9 @@ spec: associated with the VPC. type: string ipv6: - description: IPv6 contains ipv6 specific settings for the - network. Supported only in managed clusters. This field - cannot be set on AWSCluster object. + description: |- + IPv6 contains ipv6 specific settings for the network. Supported only in managed clusters. + This field cannot be set on AWSCluster object. properties: cidrBlock: description: CidrBlock is the CIDR block provided by Amazon @@ -375,15 +381,16 @@ spec: description: The AWS Region the cluster lives in. type: string s3Bucket: - description: S3Bucket contains options to configure a supporting S3 - bucket for this cluster - currently used for nodes requiring Ignition + description: |- + S3Bucket contains options to configure a supporting S3 bucket for this + cluster - currently used for nodes requiring Ignition (https://coreos.github.io/ignition/) for bootstrapping (requires BootstrapFormatIgnition feature flag to be enabled). properties: controlPlaneIAMInstanceProfile: - description: ControlPlaneIAMInstanceProfile is a name of the IAMInstanceProfile, - which will be allowed to read control-plane node bootstrap data - from S3 Bucket. + description: |- + ControlPlaneIAMInstanceProfile is a name of the IAMInstanceProfile, which will be allowed + to read control-plane node bootstrap data from S3 Bucket. type: string name: description: Name defines name of S3 Bucket to be created. @@ -392,9 +399,9 @@ spec: pattern: ^[a-z0-9][a-z0-9.-]{1,61}[a-z0-9]$ type: string nodesIAMInstanceProfiles: - description: NodesIAMInstanceProfiles is a list of IAM instance - profiles, which will be allowed to read worker nodes bootstrap - data from S3 Bucket. + description: |- + NodesIAMInstanceProfiles is a list of IAM instance profiles, which will be allowed to read + worker nodes bootstrap data from S3 Bucket. items: type: string type: array @@ -475,11 +482,10 @@ spec: or not. type: boolean encryptionKey: - description: EncryptionKey is the KMS key to use to encrypt - the volume. Can be either a KMS key ID or ARN. If Encrypted - is set and this is omitted, the default AWS key will be - used. The key must already exist and be accessible by - the controller. + description: |- + EncryptionKey is the KMS key to use to encrypt the volume. Can be either a KMS key ID or ARN. + If Encrypted is set and this is omitted, the default AWS key will be used. + The key must already exist and be accessible by the controller. type: string iops: description: IOPS is the number of IOPS requested for the @@ -487,9 +493,9 @@ spec: format: int64 type: integer size: - description: Size specifies size (in Gi) of the storage - device. Must be greater than the image snapshot size or - 8 (whichever is greater). + description: |- + Size specifies size (in Gi) of the storage device. + Must be greater than the image snapshot size or 8 (whichever is greater). format: int64 minimum: 8 type: integer @@ -524,11 +530,10 @@ spec: or not. type: boolean encryptionKey: - description: EncryptionKey is the KMS key to use to encrypt - the volume. Can be either a KMS key ID or ARN. If Encrypted - is set and this is omitted, the default AWS key will be - used. The key must already exist and be accessible by the - controller. + description: |- + EncryptionKey is the KMS key to use to encrypt the volume. Can be either a KMS key ID or ARN. + If Encrypted is set and this is omitted, the default AWS key will be used. + The key must already exist and be accessible by the controller. type: string iops: description: IOPS is the number of IOPS requested for the @@ -536,9 +541,9 @@ spec: format: int64 type: integer size: - description: Size specifies size (in Gi) of the storage device. - Must be greater than the image snapshot size or 8 (whichever - is greater). + description: |- + Size specifies size (in Gi) of the storage device. + Must be greater than the image snapshot size or 8 (whichever is greater). format: int64 minimum: 8 type: integer @@ -588,9 +593,9 @@ spec: description: The instance type. type: string userData: - description: UserData is the raw data script passed to the instance - which is run upon bootstrap. This field must not be base64 encoded - and should only be used when running a new instance. + description: |- + UserData is the raw data script passed to the instance which is run upon bootstrap. + This field must not be base64 encoded and should only be used when running a new instance. type: string volumeIDs: description: IDs of the instance's volumes @@ -608,37 +613,37 @@ spec: operational state. properties: lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. + description: |- + Last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when + the API field changed is acceptable. format: date-time type: string message: - description: A human readable message indicating details about - the transition. This field may be empty. + description: |- + A human readable message indicating details about the transition. + This field may be empty. type: string reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. + description: |- + The reason for the condition's last transition in CamelCase. + The specific API may choose whether or not this field is considered a guaranteed API. + This field may not be empty. type: string severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. + description: |- + Severity provides an explicit classification of Reason code, so the users or machines can immediately + understand the current situation and act accordingly. + The Severity field MUST be set only when Status=False. type: string status: description: Status of the condition, one of True, False, Unknown. type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions + can be useful (see .node.status.conditions), the ability to deconflict is important. type: string required: - lastTransitionTime @@ -648,9 +653,9 @@ spec: type: array failureDomains: additionalProperties: - description: FailureDomainSpec is the Schema for Cluster API failure - domains. It allows controllers to understand how many failure - domains a cluster can optionally span across. + description: |- + FailureDomainSpec is the Schema for Cluster API failure domains. + It allows controllers to understand how many failure domains a cluster can optionally span across. properties: attributes: additionalProperties: @@ -681,9 +686,9 @@ spec: load balancer load balancing. type: boolean idleTimeout: - description: IdleTimeout is time that the connection is - allowed to be idle (no data has been sent over the connection) - before it is closed by the load balancer. + description: |- + IdleTimeout is time that the connection is allowed to be idle (no data + has been sent over the connection) before it is closed by the load balancer. format: int64 type: integer type: object @@ -704,19 +709,19 @@ spec: format: int64 type: integer interval: - description: A Duration represents the elapsed time between - two instants as an int64 nanosecond count. The representation - limits the largest representable duration to approximately - 290 years. + description: |- + A Duration represents the elapsed time between two instants + as an int64 nanosecond count. The representation limits the + largest representable duration to approximately 290 years. format: int64 type: integer target: type: string timeout: - description: A Duration represents the elapsed time between - two instants as an int64 nanosecond count. The representation - limits the largest representable duration to approximately - 290 years. + description: |- + A Duration represents the elapsed time between two instants + as an int64 nanosecond count. The representation limits the + largest representable duration to approximately 290 years. format: int64 type: integer unhealthyThreshold: @@ -759,9 +764,9 @@ spec: type: object type: array name: - description: The name of the load balancer. It must be unique - within the set of load balancers defined in the region. - It also serves as identifier. + description: |- + The name of the load balancer. It must be unique within the set of load balancers + defined in the region. It also serves as identifier. type: string scheme: description: Scheme is the load balancer scheme, either internet-facing @@ -894,14 +899,19 @@ spec: API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -912,38 +922,39 @@ spec: additionalTags: additionalProperties: type: string - description: AdditionalTags is an optional set of tags to add to AWS - resources managed by the AWS provider, in addition to the ones added - by default. + description: |- + AdditionalTags is an optional set of tags to add to AWS resources managed by the AWS provider, in addition to the + ones added by default. type: object bastion: description: Bastion contains options to configure the bastion host. properties: allowedCIDRBlocks: - description: AllowedCIDRBlocks is a list of CIDR blocks allowed - to access the bastion host. They are set as ingress rules for - the Bastion host's Security Group (defaults to 0.0.0.0/0). + description: |- + AllowedCIDRBlocks is a list of CIDR blocks allowed to access the bastion host. + They are set as ingress rules for the Bastion host's Security Group (defaults to 0.0.0.0/0). items: type: string type: array ami: - description: AMI will use the specified AMI to boot the bastion. - If not specified, the AMI will default to one picked out in - public space. + description: |- + AMI will use the specified AMI to boot the bastion. If not specified, + the AMI will default to one picked out in public space. type: string disableIngressRules: - description: DisableIngressRules will ensure there are no Ingress - rules in the bastion host's security group. Requires AllowedCIDRBlocks - to be empty. + description: |- + DisableIngressRules will ensure there are no Ingress rules in the bastion host's security group. + Requires AllowedCIDRBlocks to be empty. type: boolean enabled: - description: Enabled allows this provider to create a bastion - host instance with a public ip to access the VPC private network. + description: |- + Enabled allows this provider to create a bastion host instance + with a public ip to access the VPC private network. type: boolean instanceType: - description: InstanceType will use the specified instance type - for the bastion. If not specified, Cluster API Provider AWS - will use t3.micro for all regions except us-east-1, where t2.micro + description: |- + InstanceType will use the specified instance type for the bastion. If not specified, + Cluster API Provider AWS will use t3.micro for all regions except us-east-1, where t2.micro will be the default. type: string type: object @@ -967,12 +978,13 @@ spec: customizing control plane behavior. properties: additionalListeners: - description: AdditionalListeners sets the additional listeners - for the control plane load balancer. This is only applicable - to Network Load Balancer (NLB) types for the time being. + description: |- + AdditionalListeners sets the additional listeners for the control plane load balancer. + This is only applicable to Network Load Balancer (NLB) types for the time being. items: - description: AdditionalListenerSpec defines the desired state - of an additional listener on an AWS load balancer. + description: |- + AdditionalListenerSpec defines the desired state of an + additional listener on an AWS load balancer. properties: port: description: Port sets the port for the additional listener. @@ -982,8 +994,9 @@ spec: type: integer protocol: default: TCP - description: Protocol sets the protocol for the additional - listener. Currently only TCP is supported. + description: |- + Protocol sets the protocol for the additional listener. + Currently only TCP is supported. enum: - TCP type: string @@ -995,31 +1008,34 @@ spec: - port x-kubernetes-list-type: map additionalSecurityGroups: - description: AdditionalSecurityGroups sets the security groups - used by the load balancer. Expected to be security group IDs - This is optional - if not provided new security groups will - be created for the load balancer + description: |- + AdditionalSecurityGroups sets the security groups used by the load balancer. Expected to be security group IDs + This is optional - if not provided new security groups will be created for the load balancer items: type: string type: array crossZoneLoadBalancing: - description: "CrossZoneLoadBalancing enables the classic ELB cross - availability zone balancing. \n With cross-zone load balancing, - each load balancer node for your Classic Load Balancer distributes - requests evenly across the registered instances in all enabled - Availability Zones. If cross-zone load balancing is disabled, - each load balancer node distributes requests evenly across the - registered instances in its Availability Zone only. \n Defaults - to false." + description: |- + CrossZoneLoadBalancing enables the classic ELB cross availability zone balancing. + + + With cross-zone load balancing, each load balancer node for your Classic Load Balancer + distributes requests evenly across the registered instances in all enabled Availability Zones. + If cross-zone load balancing is disabled, each load balancer node distributes requests evenly across + the registered instances in its Availability Zone only. + + + Defaults to false. type: boolean disableHostsRewrite: - description: DisableHostsRewrite disabled the hair pinning issue - solution that adds the NLB's address as 127.0.0.1 to the hosts + description: |- + DisableHostsRewrite disabled the hair pinning issue solution that adds the NLB's address as 127.0.0.1 to the hosts file of each instance. This is by default, false. type: boolean healthCheckProtocol: - description: HealthCheckProtocol sets the protocol type for ELB - health check target default value is ELBProtocolSSL + description: |- + HealthCheckProtocol sets the protocol type for ELB health check target + default value is ELBProtocolSSL enum: - TCP - SSL @@ -1075,9 +1091,9 @@ spec: type: string type: array sourceSecurityGroupRoles: - description: The security group role to allow access from. - Cannot be specified with CidrBlocks. The field will be - combined with source security group IDs if specified. + description: |- + The security group role to allow access from. Cannot be specified with CidrBlocks. + The field will be combined with source security group IDs if specified. items: description: SecurityGroupRole defines the unique role of a security group. @@ -1113,18 +1129,18 @@ spec: - disabled type: string name: - description: Name sets the name of the classic ELB load balancer. - As per AWS, the name must be unique within your set of load - balancers for the region, must have a maximum of 32 characters, - must contain only alphanumeric characters or hyphens, and cannot - begin or end with a hyphen. Once set, the value cannot be changed. + description: |- + Name sets the name of the classic ELB load balancer. As per AWS, the name must be unique + within your set of load balancers for the region, must have a maximum of 32 characters, must + contain only alphanumeric characters or hyphens, and cannot begin or end with a hyphen. Once + set, the value cannot be changed. maxLength: 32 pattern: ^[A-Za-z0-9]([A-Za-z0-9]{0,31}|[-A-Za-z0-9]{0,30}[A-Za-z0-9])$ type: string preserveClientIP: - description: PreserveClientIP lets the user control if preservation - of client ips must be retained or not. If this is enabled 6443 - will be opened to 0.0.0.0/0. + description: |- + PreserveClientIP lets the user control if preservation of client ips must be retained or not. + If this is enabled 6443 will be opened to 0.0.0.0/0. type: boolean scheme: default: internet-facing @@ -1143,9 +1159,9 @@ spec: type: array type: object identityRef: - description: IdentityRef is a reference to an identity to be used - when reconciling the managed control plane. If no identity is specified, - the default identity for this controller will be used. + description: |- + IdentityRef is a reference to an identity to be used when reconciling the managed control plane. + If no identity is specified, the default identity for this controller will be used. properties: kind: description: Kind of the identity. @@ -1163,30 +1179,32 @@ spec: - name type: object imageLookupBaseOS: - description: ImageLookupBaseOS is the name of the base operating system - used to look up machine images when a machine does not specify an - AMI. When set, this will be used for all cluster machines unless - a machine specifies a different ImageLookupBaseOS. + description: |- + ImageLookupBaseOS is the name of the base operating system used to look + up machine images when a machine does not specify an AMI. When set, this + will be used for all cluster machines unless a machine specifies a + different ImageLookupBaseOS. type: string imageLookupFormat: - description: 'ImageLookupFormat is the AMI naming format to look up - machine images when a machine does not specify an AMI. When set, - this will be used for all cluster machines unless a machine specifies - a different ImageLookupOrg. Supports substitutions for {{.BaseOS}} - and {{.K8sVersion}} with the base OS and kubernetes version, respectively. - The BaseOS will be the value in ImageLookupBaseOS or ubuntu (the - default), and the kubernetes version as defined by the packages - produced by kubernetes/release without v as a prefix: 1.13.0, 1.12.5-mybuild.1, - or 1.17.3. For example, the default image format of capa-ami-{{.BaseOS}}-?{{.K8sVersion}}-* - will end up searching for AMIs that match the pattern capa-ami-ubuntu-?1.18.0-* - for a Machine that is targeting kubernetes v1.18.0 and the ubuntu - base OS. See also: https://golang.org/pkg/text/template/' + description: |- + ImageLookupFormat is the AMI naming format to look up machine images when + a machine does not specify an AMI. When set, this will be used for all + cluster machines unless a machine specifies a different ImageLookupOrg. + Supports substitutions for {{.BaseOS}} and {{.K8sVersion}} with the base + OS and kubernetes version, respectively. The BaseOS will be the value in + ImageLookupBaseOS or ubuntu (the default), and the kubernetes version as + defined by the packages produced by kubernetes/release without v as a + prefix: 1.13.0, 1.12.5-mybuild.1, or 1.17.3. For example, the default + image format of capa-ami-{{.BaseOS}}-?{{.K8sVersion}}-* will end up + searching for AMIs that match the pattern capa-ami-ubuntu-?1.18.0-* for a + Machine that is targeting kubernetes v1.18.0 and the ubuntu base OS. See + also: https://golang.org/pkg/text/template/ type: string imageLookupOrg: - description: ImageLookupOrg is the AWS Organization ID to look up - machine images when a machine does not specify an AMI. When set, - this will be used for all cluster machines unless a machine specifies - a different ImageLookupOrg. + description: |- + ImageLookupOrg is the AWS Organization ID to look up machine images when a + machine does not specify an AMI. When set, this will be used for all + cluster machines unless a machine specifies a different ImageLookupOrg. type: string network: description: NetworkSpec encapsulates all things related to AWS network. @@ -1238,9 +1256,9 @@ spec: type: string type: array sourceSecurityGroupRoles: - description: The security group role to allow access from. - Cannot be specified with CidrBlocks. The field will be - combined with source security group IDs if specified. + description: |- + The security group role to allow access from. Cannot be specified with CidrBlocks. + The field will be combined with source security group IDs if specified. items: description: SecurityGroupRole defines the unique role of a security group. @@ -1268,10 +1286,9 @@ spec: description: CNI configuration properties: cniIngressRules: - description: CNIIngressRules specify rules to apply to control - plane and worker node security groups. The source for the - rule will be set to control plane and worker security group - IDs. + description: |- + CNIIngressRules specify rules to apply to control plane and worker node security groups. + The source for the rule will be set to control plane and worker security group IDs. items: description: CNIIngressRule defines an AWS ingress rule for CNI requirements. @@ -1299,9 +1316,9 @@ spec: securityGroupOverrides: additionalProperties: type: string - description: SecurityGroupOverrides is an optional set of security - groups to use for cluster instances This is optional - if not - provided new security groups will be created for the cluster + description: |- + SecurityGroupOverrides is an optional set of security groups to use for cluster instances + This is optional - if not provided new security groups will be created for the cluster type: object subnets: description: Subnets configuration. @@ -1317,28 +1334,27 @@ spec: the provider creates a managed VPC. type: string id: - description: "ID defines a unique identifier to reference - this resource. If you're bringing your subnet, set the - AWS subnet-id here, it must start with `subnet-`. \n When - the VPC is managed by CAPA, and you'd like the provider - to create a subnet for you, the id can be set to any placeholder - value that does not start with `subnet-`; upon creation, - the subnet AWS identifier will be populated in the `ResourceID` - field and the `id` field is going to be used as the subnet - name. If you specify a tag called `Name`, it takes precedence." + description: |- + ID defines a unique identifier to reference this resource. + If you're bringing your subnet, set the AWS subnet-id here, it must start with `subnet-`. + + + When the VPC is managed by CAPA, and you'd like the provider to create a subnet for you, + the id can be set to any placeholder value that does not start with `subnet-`; + upon creation, the subnet AWS identifier will be populated in the `ResourceID` field and + the `id` field is going to be used as the subnet name. If you specify a tag + called `Name`, it takes precedence. type: string ipv6CidrBlock: - description: IPv6CidrBlock is the IPv6 CIDR block to be - used when the provider creates a managed VPC. A subnet - can have an IPv4 and an IPv6 address. IPv6 is only supported - in managed clusters, this field cannot be set on AWSCluster - object. + description: |- + IPv6CidrBlock is the IPv6 CIDR block to be used when the provider creates a managed VPC. + A subnet can have an IPv4 and an IPv6 address. + IPv6 is only supported in managed clusters, this field cannot be set on AWSCluster object. type: string isIpv6: - description: IsIPv6 defines the subnet as an IPv6 subnet. - A subnet is IPv6 when it is associated with a VPC that - has IPv6 enabled. IPv6 is only supported in managed clusters, - this field cannot be set on AWSCluster object. + description: |- + IsIPv6 defines the subnet as an IPv6 subnet. A subnet is IPv6 when it is associated with a VPC that has IPv6 enabled. + IPv6 is only supported in managed clusters, this field cannot be set on AWSCluster object. type: boolean isPublic: description: IsPublic defines the subnet as a public subnet. @@ -1346,17 +1362,14 @@ spec: table that has a route to an internet gateway. type: boolean natGatewayId: - description: NatGatewayID is the NAT gateway id associated - with the subnet. Ignored unless the subnet is managed - by the provider, in which case this is set on the public - subnet where the NAT gateway resides. It is then used - to determine routes for private subnets in the same AZ - as the public subnet. + description: |- + NatGatewayID is the NAT gateway id associated with the subnet. + Ignored unless the subnet is managed by the provider, in which case this is set on the public subnet where the NAT gateway resides. It is then used to determine routes for private subnets in the same AZ as the public subnet. type: string resourceID: - description: ResourceID is the subnet identifier from AWS, - READ ONLY. This field is populated when the provider manages - the subnet. + description: |- + ResourceID is the subnet identifier from AWS, READ ONLY. + This field is populated when the provider manages the subnet. type: string routeTableId: description: RouteTableID is the routing table id associated @@ -1380,40 +1393,43 @@ spec: properties: availabilityZoneSelection: default: Ordered - description: 'AvailabilityZoneSelection specifies how AZs - should be selected if there are more AZs in a region than - specified by AvailabilityZoneUsageLimit. There are 2 selection - schemes: Ordered - selects based on alphabetical order Random - - selects AZs randomly in a region Defaults to Ordered' + description: |- + AvailabilityZoneSelection specifies how AZs should be selected if there are more AZs + in a region than specified by AvailabilityZoneUsageLimit. There are 2 selection schemes: + Ordered - selects based on alphabetical order + Random - selects AZs randomly in a region + Defaults to Ordered enum: - Ordered - Random type: string availabilityZoneUsageLimit: default: 3 - description: AvailabilityZoneUsageLimit specifies the maximum - number of availability zones (AZ) that should be used in - a region when automatically creating subnets. If a region - has more than this number of AZs then this number of AZs - will be picked randomly when creating default subnets. Defaults - to 3 + description: |- + AvailabilityZoneUsageLimit specifies the maximum number of availability zones (AZ) that + should be used in a region when automatically creating subnets. If a region has more + than this number of AZs then this number of AZs will be picked randomly when creating + default subnets. Defaults to 3 minimum: 1 type: integer cidrBlock: - description: CidrBlock is the CIDR block to be used when the - provider creates a managed VPC. Defaults to 10.0.0.0/16. + description: |- + CidrBlock is the CIDR block to be used when the provider creates a managed VPC. + Defaults to 10.0.0.0/16. Mutually exclusive with IPAMPool. type: string emptyRoutesDefaultVPCSecurityGroup: - description: "EmptyRoutesDefaultVPCSecurityGroup specifies - whether the default VPC security group ingress and egress - rules should be removed. \n By default, when creating a - VPC, AWS creates a security group called `default` with - ingress and egress rules that allow traffic from anywhere. - The group could be used as a potential surface attack and - it's generally suggested that the group rules are removed - or modified appropriately. \n NOTE: This only applies when - the VPC is managed by the Cluster API AWS controller." + description: |- + EmptyRoutesDefaultVPCSecurityGroup specifies whether the default VPC security group ingress + and egress rules should be removed. + + + By default, when creating a VPC, AWS creates a security group called `default` with ingress and egress + rules that allow traffic from anywhere. The group could be used as a potential surface attack and + it's generally suggested that the group rules are removed or modified appropriately. + + + NOTE: This only applies when the VPC is managed by the Cluster API AWS controller. type: boolean id: description: ID is the vpc-id of the VPC this provider should @@ -1424,8 +1440,9 @@ spec: associated with the VPC. type: string ipamPool: - description: IPAMPool defines the IPAMv4 pool to be used for - VPC. Mutually exclusive with CidrBlock. + description: |- + IPAMPool defines the IPAMv4 pool to be used for VPC. + Mutually exclusive with CidrBlock. properties: id: description: ID is the ID of the IPAM pool this provider @@ -1436,20 +1453,22 @@ spec: should use to create VPC. type: string netmaskLength: - description: The netmask length of the IPv4 CIDR you want - to allocate to VPC from an Amazon VPC IP Address Manager - (IPAM) pool. Defaults to /16 for IPv4 if not specified. + description: |- + The netmask length of the IPv4 CIDR you want to allocate to VPC from + an Amazon VPC IP Address Manager (IPAM) pool. + Defaults to /16 for IPv4 if not specified. format: int64 type: integer type: object ipv6: - description: IPv6 contains ipv6 specific settings for the - network. Supported only in managed clusters. This field - cannot be set on AWSCluster object. + description: |- + IPv6 contains ipv6 specific settings for the network. Supported only in managed clusters. + This field cannot be set on AWSCluster object. properties: cidrBlock: - description: CidrBlock is the CIDR block provided by Amazon - when VPC has enabled IPv6. Mutually exclusive with IPAMPool. + description: |- + CidrBlock is the CIDR block provided by Amazon when VPC has enabled IPv6. + Mutually exclusive with IPAMPool. type: string egressOnlyInternetGatewayId: description: EgressOnlyInternetGatewayID is the id of @@ -1457,8 +1476,9 @@ spec: IPv6 enabled VPC. type: string ipamPool: - description: IPAMPool defines the IPAMv6 pool to be used - for VPC. Mutually exclusive with CidrBlock. + description: |- + IPAMPool defines the IPAMv6 pool to be used for VPC. + Mutually exclusive with CidrBlock. properties: id: description: ID is the ID of the IPAM pool this provider @@ -1469,27 +1489,25 @@ spec: provider should use to create VPC. type: string netmaskLength: - description: The netmask length of the IPv4 CIDR you - want to allocate to VPC from an Amazon VPC IP Address - Manager (IPAM) pool. Defaults to /16 for IPv4 if - not specified. + description: |- + The netmask length of the IPv4 CIDR you want to allocate to VPC from + an Amazon VPC IP Address Manager (IPAM) pool. + Defaults to /16 for IPv4 if not specified. format: int64 type: integer type: object poolId: - description: PoolID is the IP pool which must be defined - in case of BYO IP is defined. Must be specified if CidrBlock - is set. Mutually exclusive with IPAMPool. + description: |- + PoolID is the IP pool which must be defined in case of BYO IP is defined. + Must be specified if CidrBlock is set. + Mutually exclusive with IPAMPool. type: string type: object privateDnsHostnameTypeOnLaunch: - description: PrivateDNSHostnameTypeOnLaunch is the type of - hostname to assign to instances in the subnet at launch. - For IPv4-only and dual-stack (IPv4 and IPv6) subnets, an - instance DNS name can be based on the instance IPv4 address - (ip-name) or the instance ID (resource-name). For IPv6 only - subnets, an instance DNS name must be based on the instance - ID (resource-name). + description: |- + PrivateDNSHostnameTypeOnLaunch is the type of hostname to assign to instances in the subnet at launch. + For IPv4-only and dual-stack (IPv4 and IPv6) subnets, an instance DNS name can be based on the instance IPv4 address (ip-name) + or the instance ID (resource-name). For IPv6 only subnets, an instance DNS name must be based on the instance ID (resource-name). enum: - ip-name - resource-name @@ -1509,15 +1527,16 @@ spec: description: The AWS Region the cluster lives in. type: string s3Bucket: - description: S3Bucket contains options to configure a supporting S3 - bucket for this cluster - currently used for nodes requiring Ignition + description: |- + S3Bucket contains options to configure a supporting S3 bucket for this + cluster - currently used for nodes requiring Ignition (https://coreos.github.io/ignition/) for bootstrapping (requires BootstrapFormatIgnition feature flag to be enabled). properties: controlPlaneIAMInstanceProfile: - description: ControlPlaneIAMInstanceProfile is a name of the IAMInstanceProfile, - which will be allowed to read control-plane node bootstrap data - from S3 Bucket. + description: |- + ControlPlaneIAMInstanceProfile is a name of the IAMInstanceProfile, which will be allowed + to read control-plane node bootstrap data from S3 Bucket. type: string name: description: Name defines name of S3 Bucket to be created. @@ -1526,35 +1545,42 @@ spec: pattern: ^[a-z0-9][a-z0-9.-]{1,61}[a-z0-9]$ type: string nodesIAMInstanceProfiles: - description: NodesIAMInstanceProfiles is a list of IAM instance - profiles, which will be allowed to read worker nodes bootstrap - data from S3 Bucket. + description: |- + NodesIAMInstanceProfiles is a list of IAM instance profiles, which will be allowed to read + worker nodes bootstrap data from S3 Bucket. items: type: string type: array presignedURLDuration: - description: "PresignedURLDuration defines the duration for which - presigned URLs are valid. \n This is used to generate presigned - URLs for S3 Bucket objects, which are used by control-plane - and worker nodes to fetch bootstrap data. \n When enabled, the - IAM instance profiles specified are not used." + description: |- + PresignedURLDuration defines the duration for which presigned URLs are valid. + + + This is used to generate presigned URLs for S3 Bucket objects, which are used by + control-plane and worker nodes to fetch bootstrap data. + + + When enabled, the IAM instance profiles specified are not used. type: string required: - name type: object secondaryControlPlaneLoadBalancer: - description: "SecondaryControlPlaneLoadBalancer is an additional load - balancer that can be used for the control plane. \n An example use - case is to have a separate internal load balancer for internal traffic, - and a separate external load balancer for external traffic." + description: |- + SecondaryControlPlaneLoadBalancer is an additional load balancer that can be used for the control plane. + + + An example use case is to have a separate internal load balancer for internal traffic, + and a separate external load balancer for external traffic. properties: additionalListeners: - description: AdditionalListeners sets the additional listeners - for the control plane load balancer. This is only applicable - to Network Load Balancer (NLB) types for the time being. + description: |- + AdditionalListeners sets the additional listeners for the control plane load balancer. + This is only applicable to Network Load Balancer (NLB) types for the time being. items: - description: AdditionalListenerSpec defines the desired state - of an additional listener on an AWS load balancer. + description: |- + AdditionalListenerSpec defines the desired state of an + additional listener on an AWS load balancer. properties: port: description: Port sets the port for the additional listener. @@ -1564,8 +1590,9 @@ spec: type: integer protocol: default: TCP - description: Protocol sets the protocol for the additional - listener. Currently only TCP is supported. + description: |- + Protocol sets the protocol for the additional listener. + Currently only TCP is supported. enum: - TCP type: string @@ -1577,31 +1604,34 @@ spec: - port x-kubernetes-list-type: map additionalSecurityGroups: - description: AdditionalSecurityGroups sets the security groups - used by the load balancer. Expected to be security group IDs - This is optional - if not provided new security groups will - be created for the load balancer + description: |- + AdditionalSecurityGroups sets the security groups used by the load balancer. Expected to be security group IDs + This is optional - if not provided new security groups will be created for the load balancer items: type: string type: array crossZoneLoadBalancing: - description: "CrossZoneLoadBalancing enables the classic ELB cross - availability zone balancing. \n With cross-zone load balancing, - each load balancer node for your Classic Load Balancer distributes - requests evenly across the registered instances in all enabled - Availability Zones. If cross-zone load balancing is disabled, - each load balancer node distributes requests evenly across the - registered instances in its Availability Zone only. \n Defaults - to false." + description: |- + CrossZoneLoadBalancing enables the classic ELB cross availability zone balancing. + + + With cross-zone load balancing, each load balancer node for your Classic Load Balancer + distributes requests evenly across the registered instances in all enabled Availability Zones. + If cross-zone load balancing is disabled, each load balancer node distributes requests evenly across + the registered instances in its Availability Zone only. + + + Defaults to false. type: boolean disableHostsRewrite: - description: DisableHostsRewrite disabled the hair pinning issue - solution that adds the NLB's address as 127.0.0.1 to the hosts + description: |- + DisableHostsRewrite disabled the hair pinning issue solution that adds the NLB's address as 127.0.0.1 to the hosts file of each instance. This is by default, false. type: boolean healthCheckProtocol: - description: HealthCheckProtocol sets the protocol type for ELB - health check target default value is ELBProtocolSSL + description: |- + HealthCheckProtocol sets the protocol type for ELB health check target + default value is ELBProtocolSSL enum: - TCP - SSL @@ -1657,9 +1687,9 @@ spec: type: string type: array sourceSecurityGroupRoles: - description: The security group role to allow access from. - Cannot be specified with CidrBlocks. The field will be - combined with source security group IDs if specified. + description: |- + The security group role to allow access from. Cannot be specified with CidrBlocks. + The field will be combined with source security group IDs if specified. items: description: SecurityGroupRole defines the unique role of a security group. @@ -1695,18 +1725,18 @@ spec: - disabled type: string name: - description: Name sets the name of the classic ELB load balancer. - As per AWS, the name must be unique within your set of load - balancers for the region, must have a maximum of 32 characters, - must contain only alphanumeric characters or hyphens, and cannot - begin or end with a hyphen. Once set, the value cannot be changed. + description: |- + Name sets the name of the classic ELB load balancer. As per AWS, the name must be unique + within your set of load balancers for the region, must have a maximum of 32 characters, must + contain only alphanumeric characters or hyphens, and cannot begin or end with a hyphen. Once + set, the value cannot be changed. maxLength: 32 pattern: ^[A-Za-z0-9]([A-Za-z0-9]{0,31}|[-A-Za-z0-9]{0,30}[A-Za-z0-9])$ type: string preserveClientIP: - description: PreserveClientIP lets the user control if preservation - of client ips must be retained or not. If this is enabled 6443 - will be opened to 0.0.0.0/0. + description: |- + PreserveClientIP lets the user control if preservation of client ips must be retained or not. + If this is enabled 6443 will be opened to 0.0.0.0/0. type: boolean scheme: default: internet-facing @@ -1780,48 +1810,64 @@ spec: properties: httpEndpoint: default: enabled - description: "Enables or disables the HTTP metadata endpoint - on your instances. \n If you specify a value of disabled, - you cannot access your instance metadata. \n Default: enabled" + description: |- + Enables or disables the HTTP metadata endpoint on your instances. + + + If you specify a value of disabled, you cannot access your instance metadata. + + + Default: enabled enum: - enabled - disabled type: string httpPutResponseHopLimit: default: 1 - description: "The desired HTTP PUT response hop limit for - instance metadata requests. The larger the number, the further - instance metadata requests can travel. \n Default: 1" + description: |- + The desired HTTP PUT response hop limit for instance metadata requests. The + larger the number, the further instance metadata requests can travel. + + + Default: 1 format: int64 maximum: 64 minimum: 1 type: integer httpTokens: default: optional - description: "The state of token usage for your instance metadata - requests. \n If the state is optional, you can choose to - retrieve instance metadata with or without a session token - on your request. If you retrieve the IAM role credentials - without a token, the version 1.0 role credentials are returned. - If you retrieve the IAM role credentials using a valid session - token, the version 2.0 role credentials are returned. \n - If the state is required, you must send a session token - with any instance metadata retrieval requests. In this state, - retrieving the IAM role credentials always returns the version - 2.0 credentials; the version 1.0 credentials are not available. - \n Default: optional" + description: |- + The state of token usage for your instance metadata requests. + + + If the state is optional, you can choose to retrieve instance metadata with + or without a session token on your request. If you retrieve the IAM role + credentials without a token, the version 1.0 role credentials are returned. + If you retrieve the IAM role credentials using a valid session token, the + version 2.0 role credentials are returned. + + + If the state is required, you must send a session token with any instance + metadata retrieval requests. In this state, retrieving the IAM role credentials + always returns the version 2.0 credentials; the version 1.0 credentials are + not available. + + + Default: optional enum: - optional - required type: string instanceMetadataTags: default: disabled - description: "Set to enabled to allow access to instance tags - from the instance metadata. Set to disabled to turn off - access to instance tags from the instance metadata. For - more information, see Work with instance tags using the - instance metadata (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#work-with-tags-in-IMDS). - \n Default: disabled" + description: |- + Set to enabled to allow access to instance tags from the instance metadata. + Set to disabled to turn off access to instance tags from the instance metadata. + For more information, see Work with instance tags using the instance metadata + (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#work-with-tags-in-IMDS). + + + Default: disabled enum: - enabled - disabled @@ -1849,11 +1895,10 @@ spec: or not. type: boolean encryptionKey: - description: EncryptionKey is the KMS key to use to encrypt - the volume. Can be either a KMS key ID or ARN. If Encrypted - is set and this is omitted, the default AWS key will be - used. The key must already exist and be accessible by - the controller. + description: |- + EncryptionKey is the KMS key to use to encrypt the volume. Can be either a KMS key ID or ARN. + If Encrypted is set and this is omitted, the default AWS key will be used. + The key must already exist and be accessible by the controller. type: string iops: description: IOPS is the number of IOPS requested for the @@ -1861,9 +1906,9 @@ spec: format: int64 type: integer size: - description: Size specifies size (in Gi) of the storage - device. Must be greater than the image snapshot size or - 8 (whichever is greater). + description: |- + Size specifies size (in Gi) of the storage device. + Must be greater than the image snapshot size or 8 (whichever is greater). format: int64 minimum: 8 type: integer @@ -1885,10 +1930,10 @@ spec: group in which to launch the instance. type: string placementGroupPartition: - description: PlacementGroupPartition is the partition number within - the placement group in which to launch the instance. This value - is only valid if the placement group, referred in `PlacementGroupName`, - was created with strategy set to partition. + description: |- + PlacementGroupPartition is the partition number within the placement group in which to launch the instance. + This value is only valid if the placement group, referred in `PlacementGroupName`, was created with + strategy set to partition. format: int64 maximum: 7 minimum: 1 @@ -1935,11 +1980,10 @@ spec: or not. type: boolean encryptionKey: - description: EncryptionKey is the KMS key to use to encrypt - the volume. Can be either a KMS key ID or ARN. If Encrypted - is set and this is omitted, the default AWS key will be - used. The key must already exist and be accessible by the - controller. + description: |- + EncryptionKey is the KMS key to use to encrypt the volume. Can be either a KMS key ID or ARN. + If Encrypted is set and this is omitted, the default AWS key will be used. + The key must already exist and be accessible by the controller. type: string iops: description: IOPS is the number of IOPS requested for the @@ -1947,9 +1991,9 @@ spec: format: int64 type: integer size: - description: Size specifies size (in Gi) of the storage device. - Must be greater than the image snapshot size or 8 (whichever - is greater). + description: |- + Size specifies size (in Gi) of the storage device. + Must be greater than the image snapshot size or 8 (whichever is greater). format: int64 minimum: 8 type: integer @@ -1999,9 +2043,9 @@ spec: description: The instance type. type: string userData: - description: UserData is the raw data script passed to the instance - which is run upon bootstrap. This field must not be base64 encoded - and should only be used when running a new instance. + description: |- + UserData is the raw data script passed to the instance which is run upon bootstrap. + This field must not be base64 encoded and should only be used when running a new instance. type: string volumeIDs: description: IDs of the instance's volumes @@ -2019,37 +2063,37 @@ spec: operational state. properties: lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. + description: |- + Last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when + the API field changed is acceptable. format: date-time type: string message: - description: A human readable message indicating details about - the transition. This field may be empty. + description: |- + A human readable message indicating details about the transition. + This field may be empty. type: string reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. + description: |- + The reason for the condition's last transition in CamelCase. + The specific API may choose whether or not this field is considered a guaranteed API. + This field may not be empty. type: string severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. + description: |- + Severity provides an explicit classification of Reason code, so the users or machines can immediately + understand the current situation and act accordingly. + The Severity field MUST be set only when Status=False. type: string status: description: Status of the condition, one of True, False, Unknown. type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions + can be useful (see .node.status.conditions), the ability to deconflict is important. type: string required: - lastTransitionTime @@ -2059,9 +2103,9 @@ spec: type: array failureDomains: additionalProperties: - description: FailureDomainSpec is the Schema for Cluster API failure - domains. It allows controllers to understand how many failure - domains a cluster can optionally span across. + description: |- + FailureDomainSpec is the Schema for Cluster API failure domains. + It allows controllers to understand how many failure domains a cluster can optionally span across. properties: attributes: additionalProperties: @@ -2083,8 +2127,9 @@ spec: description: APIServerELB is the Kubernetes api server load balancer. properties: arn: - description: ARN of the load balancer. Unlike the ClassicLB, - ARN is used mostly to define and get it. + description: |- + ARN of the load balancer. Unlike the ClassicLB, ARN is used mostly + to define and get it. type: string attributes: description: ClassicElbAttributes defines extra attributes @@ -2095,9 +2140,9 @@ spec: load balancer load balancing. type: boolean idleTimeout: - description: IdleTimeout is time that the connection is - allowed to be idle (no data has been sent over the connection) - before it is closed by the load balancer. + description: |- + IdleTimeout is time that the connection is allowed to be idle (no data + has been sent over the connection) before it is closed by the load balancer. format: int64 type: integer type: object @@ -2131,9 +2176,9 @@ spec: for a load balancer. type: string targetGroup: - description: TargetGroupSpec specifies target group - settings for a given listener. This is created first, - and the ARN is then passed to the listener. + description: |- + TargetGroupSpec specifies target group settings for a given listener. + This is created first, and the ARN is then passed to the listener. properties: name: description: Name of the TargetGroup. Must be unique @@ -2196,19 +2241,19 @@ spec: format: int64 type: integer interval: - description: A Duration represents the elapsed time between - two instants as an int64 nanosecond count. The representation - limits the largest representable duration to approximately - 290 years. + description: |- + A Duration represents the elapsed time between two instants + as an int64 nanosecond count. The representation limits the + largest representable duration to approximately 290 years. format: int64 type: integer target: type: string timeout: - description: A Duration represents the elapsed time between - two instants as an int64 nanosecond count. The representation - limits the largest representable duration to approximately - 290 years. + description: |- + A Duration represents the elapsed time between two instants + as an int64 nanosecond count. The representation limits the + largest representable duration to approximately 290 years. format: int64 type: integer unhealthyThreshold: @@ -2260,9 +2305,9 @@ spec: - nlb type: string name: - description: The name of the load balancer. It must be unique - within the set of load balancers defined in the region. - It also serves as identifier. + description: |- + The name of the load balancer. It must be unique within the set of load balancers + defined in the region. It also serves as identifier. type: string scheme: description: Scheme is the load balancer scheme, either internet-facing @@ -2298,8 +2343,9 @@ spec: api server load balancer. properties: arn: - description: ARN of the load balancer. Unlike the ClassicLB, - ARN is used mostly to define and get it. + description: |- + ARN of the load balancer. Unlike the ClassicLB, ARN is used mostly + to define and get it. type: string attributes: description: ClassicElbAttributes defines extra attributes @@ -2310,9 +2356,9 @@ spec: load balancer load balancing. type: boolean idleTimeout: - description: IdleTimeout is time that the connection is - allowed to be idle (no data has been sent over the connection) - before it is closed by the load balancer. + description: |- + IdleTimeout is time that the connection is allowed to be idle (no data + has been sent over the connection) before it is closed by the load balancer. format: int64 type: integer type: object @@ -2346,9 +2392,9 @@ spec: for a load balancer. type: string targetGroup: - description: TargetGroupSpec specifies target group - settings for a given listener. This is created first, - and the ARN is then passed to the listener. + description: |- + TargetGroupSpec specifies target group settings for a given listener. + This is created first, and the ARN is then passed to the listener. properties: name: description: Name of the TargetGroup. Must be unique @@ -2411,19 +2457,19 @@ spec: format: int64 type: integer interval: - description: A Duration represents the elapsed time between - two instants as an int64 nanosecond count. The representation - limits the largest representable duration to approximately - 290 years. + description: |- + A Duration represents the elapsed time between two instants + as an int64 nanosecond count. The representation limits the + largest representable duration to approximately 290 years. format: int64 type: integer target: type: string timeout: - description: A Duration represents the elapsed time between - two instants as an int64 nanosecond count. The representation - limits the largest representable duration to approximately - 290 years. + description: |- + A Duration represents the elapsed time between two instants + as an int64 nanosecond count. The representation limits the + largest representable duration to approximately 290 years. format: int64 type: integer unhealthyThreshold: @@ -2475,9 +2521,9 @@ spec: - nlb type: string name: - description: The name of the load balancer. It must be unique - within the set of load balancers defined in the region. - It also serves as identifier. + description: |- + The name of the load balancer. It must be unique within the set of load balancers + defined in the region. It also serves as identifier. type: string scheme: description: Scheme is the load balancer scheme, either internet-facing @@ -2557,10 +2603,9 @@ spec: type: string type: array sourceSecurityGroupRoles: - description: The security group role to allow access - from. Cannot be specified with CidrBlocks. The field - will be combined with source security group IDs - if specified. + description: |- + The security group role to allow access from. Cannot be specified with CidrBlocks. + The field will be combined with source security group IDs if specified. items: description: SecurityGroupRole defines the unique role of a security group. diff --git a/config/crd/bases/infrastructure.cluster.x-k8s.io_awsclusterstaticidentities.yaml b/config/crd/bases/infrastructure.cluster.x-k8s.io_awsclusterstaticidentities.yaml index 409a4431d0..5e11a9ba11 100644 --- a/config/crd/bases/infrastructure.cluster.x-k8s.io_awsclusterstaticidentities.yaml +++ b/config/crd/bases/infrastructure.cluster.x-k8s.io_awsclusterstaticidentities.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: awsclusterstaticidentities.infrastructure.cluster.x-k8s.io spec: group: infrastructure.cluster.x-k8s.io @@ -21,19 +21,24 @@ spec: - name: v1beta1 schema: openAPIV3Schema: - description: AWSClusterStaticIdentity is the Schema for the awsclusterstaticidentities - API It represents a reference to an AWS access key ID and secret access - key, stored in a secret. + description: |- + AWSClusterStaticIdentity is the Schema for the awsclusterstaticidentities API + It represents a reference to an AWS access key ID and secret access key, stored in a secret. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -41,14 +46,12 @@ spec: description: Spec for this AWSClusterStaticIdentity properties: allowedNamespaces: - description: AllowedNamespaces is used to identify which namespaces - are allowed to use the identity from. Namespaces can be selected - either using an array of namespaces or with label selector. An empty - allowedNamespaces object indicates that AWSClusters can use this - identity from any namespace. If this object is nil, no namespaces - will be allowed (default behaviour, if this field is not provided) - A namespace should be either in the NamespaceList or match with - Selector to use the identity. + description: |- + AllowedNamespaces is used to identify which namespaces are allowed to use the identity from. + Namespaces can be selected either using an array of namespaces or with label selector. + An empty allowedNamespaces object indicates that AWSClusters can use this identity from any namespace. + If this object is nil, no namespaces will be allowed (default behaviour, if this field is not provided) + A namespace should be either in the NamespaceList or match with Selector to use the identity. nullable: true properties: list: @@ -59,32 +62,33 @@ spec: nullable: true type: array selector: - description: An empty selector indicates that AWSClusters cannot - use this AWSClusterIdentity from any namespace. + description: |- + An empty selector indicates that AWSClusters cannot use this + AWSClusterIdentity from any namespace. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector - that contains values, a key, and an operator that relates - the key and values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship - to a set of values. Valid operators are In, NotIn, - Exists and DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string values. If - the operator is In or NotIn, the values array must - be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced - during a strategic merge patch. + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. items: type: string type: array @@ -96,20 +100,21 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. A - single {key,value} in the matchLabels map is equivalent - to an element of matchExpressions, whose key field is "key", - the operator is "In", and the values array contains only - "value". The requirements are ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic type: object secretRef: - description: 'Reference to a secret containing the credentials. The - secret should contain the following data keys: AccessKeyID: AKIAIOSFODNN7EXAMPLE - SecretAccessKey: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY SessionToken: - Optional' + description: |- + Reference to a secret containing the credentials. The secret should + contain the following data keys: + AccessKeyID: AKIAIOSFODNN7EXAMPLE + SecretAccessKey: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY + SessionToken: Optional type: string required: - secretRef @@ -120,19 +125,24 @@ spec: - name: v1beta2 schema: openAPIV3Schema: - description: AWSClusterStaticIdentity is the Schema for the awsclusterstaticidentities - API It represents a reference to an AWS access key ID and secret access - key, stored in a secret. + description: |- + AWSClusterStaticIdentity is the Schema for the awsclusterstaticidentities API + It represents a reference to an AWS access key ID and secret access key, stored in a secret. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -140,14 +150,12 @@ spec: description: Spec for this AWSClusterStaticIdentity properties: allowedNamespaces: - description: AllowedNamespaces is used to identify which namespaces - are allowed to use the identity from. Namespaces can be selected - either using an array of namespaces or with label selector. An empty - allowedNamespaces object indicates that AWSClusters can use this - identity from any namespace. If this object is nil, no namespaces - will be allowed (default behaviour, if this field is not provided) - A namespace should be either in the NamespaceList or match with - Selector to use the identity. + description: |- + AllowedNamespaces is used to identify which namespaces are allowed to use the identity from. + Namespaces can be selected either using an array of namespaces or with label selector. + An empty allowedNamespaces object indicates that AWSClusters can use this identity from any namespace. + If this object is nil, no namespaces will be allowed (default behaviour, if this field is not provided) + A namespace should be either in the NamespaceList or match with Selector to use the identity. nullable: true properties: list: @@ -158,32 +166,33 @@ spec: nullable: true type: array selector: - description: An empty selector indicates that AWSClusters cannot - use this AWSClusterIdentity from any namespace. + description: |- + An empty selector indicates that AWSClusters cannot use this + AWSClusterIdentity from any namespace. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector - that contains values, a key, and an operator that relates - the key and values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship - to a set of values. Valid operators are In, NotIn, - Exists and DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string values. If - the operator is In or NotIn, the values array must - be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced - during a strategic merge patch. + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. items: type: string type: array @@ -195,20 +204,21 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. A - single {key,value} in the matchLabels map is equivalent - to an element of matchExpressions, whose key field is "key", - the operator is "In", and the values array contains only - "value". The requirements are ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic type: object secretRef: - description: 'Reference to a secret containing the credentials. The - secret should contain the following data keys: AccessKeyID: AKIAIOSFODNN7EXAMPLE - SecretAccessKey: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY SessionToken: - Optional' + description: |- + Reference to a secret containing the credentials. The secret should + contain the following data keys: + AccessKeyID: AKIAIOSFODNN7EXAMPLE + SecretAccessKey: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY + SessionToken: Optional type: string required: - secretRef diff --git a/config/crd/bases/infrastructure.cluster.x-k8s.io_awsclustertemplates.yaml b/config/crd/bases/infrastructure.cluster.x-k8s.io_awsclustertemplates.yaml index e8ef04c449..9b366b7ad9 100644 --- a/config/crd/bases/infrastructure.cluster.x-k8s.io_awsclustertemplates.yaml +++ b/config/crd/bases/infrastructure.cluster.x-k8s.io_awsclustertemplates.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: awsclustertemplates.infrastructure.cluster.x-k8s.io spec: group: infrastructure.cluster.x-k8s.io @@ -30,14 +30,19 @@ spec: Cluster Templates. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -49,24 +54,27 @@ spec: of AWSClusterTemplate. properties: metadata: - description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + description: |- + Standard object's metadata. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata properties: annotations: additionalProperties: type: string - description: 'Annotations is an unstructured key value map - stored with a resource that may be set by external tools - to store and retrieve arbitrary metadata. They are not queryable - and should be preserved when modifying objects. More info: - http://kubernetes.io/docs/user-guide/annotations' + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations type: object labels: additionalProperties: type: string - description: 'Map of string keys and values that can be used - to organize and categorize (scope and select) objects. May - match selectors of replication controllers and services. - More info: http://kubernetes.io/docs/user-guide/labels' + description: |- + Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: http://kubernetes.io/docs/user-guide/labels type: object type: object spec: @@ -76,42 +84,41 @@ spec: additionalTags: additionalProperties: type: string - description: AdditionalTags is an optional set of tags to - add to AWS resources managed by the AWS provider, in addition - to the ones added by default. + description: |- + AdditionalTags is an optional set of tags to add to AWS resources managed by the AWS provider, in addition to the + ones added by default. type: object bastion: description: Bastion contains options to configure the bastion host. properties: allowedCIDRBlocks: - description: AllowedCIDRBlocks is a list of CIDR blocks - allowed to access the bastion host. They are set as - ingress rules for the Bastion host's Security Group - (defaults to 0.0.0.0/0). + description: |- + AllowedCIDRBlocks is a list of CIDR blocks allowed to access the bastion host. + They are set as ingress rules for the Bastion host's Security Group (defaults to 0.0.0.0/0). items: type: string type: array ami: - description: AMI will use the specified AMI to boot the - bastion. If not specified, the AMI will default to one - picked out in public space. + description: |- + AMI will use the specified AMI to boot the bastion. If not specified, + the AMI will default to one picked out in public space. type: string disableIngressRules: - description: DisableIngressRules will ensure there are - no Ingress rules in the bastion host's security group. + description: |- + DisableIngressRules will ensure there are no Ingress rules in the bastion host's security group. Requires AllowedCIDRBlocks to be empty. type: boolean enabled: - description: Enabled allows this provider to create a - bastion host instance with a public ip to access the - VPC private network. + description: |- + Enabled allows this provider to create a bastion host instance + with a public ip to access the VPC private network. type: boolean instanceType: - description: InstanceType will use the specified instance - type for the bastion. If not specified, Cluster API - Provider AWS will use t3.micro for all regions except - us-east-1, where t2.micro will be the default. + description: |- + InstanceType will use the specified instance type for the bastion. If not specified, + Cluster API Provider AWS will use t3.micro for all regions except us-east-1, where t2.micro + will be the default. type: string type: object controlPlaneEndpoint: @@ -134,36 +141,36 @@ spec: for customizing control plane behavior. properties: additionalSecurityGroups: - description: AdditionalSecurityGroups sets the security - groups used by the load balancer. Expected to be security - group IDs This is optional - if not provided new security - groups will be created for the load balancer + description: |- + AdditionalSecurityGroups sets the security groups used by the load balancer. Expected to be security group IDs + This is optional - if not provided new security groups will be created for the load balancer items: type: string type: array crossZoneLoadBalancing: - description: "CrossZoneLoadBalancing enables the classic - ELB cross availability zone balancing. \n With cross-zone - load balancing, each load balancer node for your Classic - Load Balancer distributes requests evenly across the - registered instances in all enabled Availability Zones. - If cross-zone load balancing is disabled, each load - balancer node distributes requests evenly across the - registered instances in its Availability Zone only. - \n Defaults to false." + description: |- + CrossZoneLoadBalancing enables the classic ELB cross availability zone balancing. + + + With cross-zone load balancing, each load balancer node for your Classic Load Balancer + distributes requests evenly across the registered instances in all enabled Availability Zones. + If cross-zone load balancing is disabled, each load balancer node distributes requests evenly across + the registered instances in its Availability Zone only. + + + Defaults to false. type: boolean healthCheckProtocol: - description: HealthCheckProtocol sets the protocol type - for classic ELB health check target default value is - ClassicELBProtocolSSL + description: |- + HealthCheckProtocol sets the protocol type for classic ELB health check target + default value is ClassicELBProtocolSSL type: string name: - description: Name sets the name of the classic ELB load - balancer. As per AWS, the name must be unique within - your set of load balancers for the region, must have - a maximum of 32 characters, must contain only alphanumeric - characters or hyphens, and cannot begin or end with - a hyphen. Once set, the value cannot be changed. + description: |- + Name sets the name of the classic ELB load balancer. As per AWS, the name must be unique + within your set of load balancers for the region, must have a maximum of 32 characters, must + contain only alphanumeric characters or hyphens, and cannot begin or end with a hyphen. Once + set, the value cannot be changed. maxLength: 32 pattern: ^[A-Za-z0-9]([A-Za-z0-9]{0,31}|[-A-Za-z0-9]{0,30}[A-Za-z0-9])$ type: string @@ -185,10 +192,9 @@ spec: type: array type: object identityRef: - description: IdentityRef is a reference to an identity to - be used when reconciling the managed control plane. If no - identity is specified, the default identity for this controller - will be used. + description: |- + IdentityRef is a reference to an identity to be used when reconciling the managed control plane. + If no identity is specified, the default identity for this controller will be used. properties: kind: description: Kind of the identity. @@ -206,32 +212,32 @@ spec: - name type: object imageLookupBaseOS: - description: ImageLookupBaseOS is the name of the base operating - system used to look up machine images when a machine does - not specify an AMI. When set, this will be used for all - cluster machines unless a machine specifies a different - ImageLookupBaseOS. + description: |- + ImageLookupBaseOS is the name of the base operating system used to look + up machine images when a machine does not specify an AMI. When set, this + will be used for all cluster machines unless a machine specifies a + different ImageLookupBaseOS. type: string imageLookupFormat: - description: 'ImageLookupFormat is the AMI naming format to - look up machine images when a machine does not specify an - AMI. When set, this will be used for all cluster machines - unless a machine specifies a different ImageLookupOrg. Supports - substitutions for {{.BaseOS}} and {{.K8sVersion}} with the - base OS and kubernetes version, respectively. The BaseOS - will be the value in ImageLookupBaseOS or ubuntu (the default), - and the kubernetes version as defined by the packages produced - by kubernetes/release without v as a prefix: 1.13.0, 1.12.5-mybuild.1, - or 1.17.3. For example, the default image format of capa-ami-{{.BaseOS}}-?{{.K8sVersion}}-* - will end up searching for AMIs that match the pattern capa-ami-ubuntu-?1.18.0-* - for a Machine that is targeting kubernetes v1.18.0 and the - ubuntu base OS. See also: https://golang.org/pkg/text/template/' + description: |- + ImageLookupFormat is the AMI naming format to look up machine images when + a machine does not specify an AMI. When set, this will be used for all + cluster machines unless a machine specifies a different ImageLookupOrg. + Supports substitutions for {{.BaseOS}} and {{.K8sVersion}} with the base + OS and kubernetes version, respectively. The BaseOS will be the value in + ImageLookupBaseOS or ubuntu (the default), and the kubernetes version as + defined by the packages produced by kubernetes/release without v as a + prefix: 1.13.0, 1.12.5-mybuild.1, or 1.17.3. For example, the default + image format of capa-ami-{{.BaseOS}}-?{{.K8sVersion}}-* will end up + searching for AMIs that match the pattern capa-ami-ubuntu-?1.18.0-* for a + Machine that is targeting kubernetes v1.18.0 and the ubuntu base OS. See + also: https://golang.org/pkg/text/template/ type: string imageLookupOrg: - description: ImageLookupOrg is the AWS Organization ID to - look up machine images when a machine does not specify an - AMI. When set, this will be used for all cluster machines - unless a machine specifies a different ImageLookupOrg. + description: |- + ImageLookupOrg is the AWS Organization ID to look up machine images when a + machine does not specify an AMI. When set, this will be used for all + cluster machines unless a machine specifies a different ImageLookupOrg. type: string network: description: NetworkSpec encapsulates all things related to @@ -241,10 +247,9 @@ spec: description: CNI configuration properties: cniIngressRules: - description: CNIIngressRules specify rules to apply - to control plane and worker node security groups. - The source for the rule will be set to control plane - and worker security group IDs. + description: |- + CNIIngressRules specify rules to apply to control plane and worker node security groups. + The source for the rule will be set to control plane and worker security group IDs. items: description: CNIIngressRule defines an AWS ingress rule for CNI requirements. @@ -272,10 +277,9 @@ spec: securityGroupOverrides: additionalProperties: type: string - description: SecurityGroupOverrides is an optional set - of security groups to use for cluster instances This - is optional - if not provided new security groups will - be created for the cluster + description: |- + SecurityGroupOverrides is an optional set of security groups to use for cluster instances + This is optional - if not provided new security groups will be created for the cluster type: object subnets: description: Subnets configuration. @@ -295,18 +299,15 @@ spec: this resource. type: string ipv6CidrBlock: - description: IPv6CidrBlock is the IPv6 CIDR block - to be used when the provider creates a managed - VPC. A subnet can have an IPv4 and an IPv6 address. - IPv6 is only supported in managed clusters, this - field cannot be set on AWSCluster object. + description: |- + IPv6CidrBlock is the IPv6 CIDR block to be used when the provider creates a managed VPC. + A subnet can have an IPv4 and an IPv6 address. + IPv6 is only supported in managed clusters, this field cannot be set on AWSCluster object. type: string isIpv6: - description: IsIPv6 defines the subnet as an IPv6 - subnet. A subnet is IPv6 when it is associated - with a VPC that has IPv6 enabled. IPv6 is only - supported in managed clusters, this field cannot - be set on AWSCluster object. + description: |- + IsIPv6 defines the subnet as an IPv6 subnet. A subnet is IPv6 when it is associated with a VPC that has IPv6 enabled. + IPv6 is only supported in managed clusters, this field cannot be set on AWSCluster object. type: boolean isPublic: description: IsPublic defines the subnet as a public @@ -315,13 +316,9 @@ spec: gateway. type: boolean natGatewayId: - description: NatGatewayID is the NAT gateway id - associated with the subnet. Ignored unless the - subnet is managed by the provider, in which case - this is set on the public subnet where the NAT - gateway resides. It is then used to determine - routes for private subnets in the same AZ as the - public subnet. + description: |- + NatGatewayID is the NAT gateway id associated with the subnet. + Ignored unless the subnet is managed by the provider, in which case this is set on the public subnet where the NAT gateway resides. It is then used to determine routes for private subnets in the same AZ as the public subnet. type: string routeTableId: description: RouteTableID is the routing table id @@ -340,30 +337,29 @@ spec: properties: availabilityZoneSelection: default: Ordered - description: 'AvailabilityZoneSelection specifies - how AZs should be selected if there are more AZs - in a region than specified by AvailabilityZoneUsageLimit. - There are 2 selection schemes: Ordered - selects - based on alphabetical order Random - selects AZs - randomly in a region Defaults to Ordered' + description: |- + AvailabilityZoneSelection specifies how AZs should be selected if there are more AZs + in a region than specified by AvailabilityZoneUsageLimit. There are 2 selection schemes: + Ordered - selects based on alphabetical order + Random - selects AZs randomly in a region + Defaults to Ordered enum: - Ordered - Random type: string availabilityZoneUsageLimit: default: 3 - description: AvailabilityZoneUsageLimit specifies - the maximum number of availability zones (AZ) that - should be used in a region when automatically creating - subnets. If a region has more than this number of - AZs then this number of AZs will be picked randomly - when creating default subnets. Defaults to 3 + description: |- + AvailabilityZoneUsageLimit specifies the maximum number of availability zones (AZ) that + should be used in a region when automatically creating subnets. If a region has more + than this number of AZs then this number of AZs will be picked randomly when creating + default subnets. Defaults to 3 minimum: 1 type: integer cidrBlock: - description: CidrBlock is the CIDR block to be used - when the provider creates a managed VPC. Defaults - to 10.0.0.0/16. + description: |- + CidrBlock is the CIDR block to be used when the provider creates a managed VPC. + Defaults to 10.0.0.0/16. type: string id: description: ID is the vpc-id of the VPC this provider @@ -374,8 +370,8 @@ spec: gateway associated with the VPC. type: string ipv6: - description: IPv6 contains ipv6 specific settings - for the network. Supported only in managed clusters. + description: |- + IPv6 contains ipv6 specific settings for the network. Supported only in managed clusters. This field cannot be set on AWSCluster object. properties: cidrBlock: @@ -404,15 +400,16 @@ spec: description: The AWS Region the cluster lives in. type: string s3Bucket: - description: S3Bucket contains options to configure a supporting - S3 bucket for this cluster - currently used for nodes requiring - Ignition (https://coreos.github.io/ignition/) for bootstrapping - (requires BootstrapFormatIgnition feature flag to be enabled). + description: |- + S3Bucket contains options to configure a supporting S3 bucket for this + cluster - currently used for nodes requiring Ignition + (https://coreos.github.io/ignition/) for bootstrapping (requires + BootstrapFormatIgnition feature flag to be enabled). properties: controlPlaneIAMInstanceProfile: - description: ControlPlaneIAMInstanceProfile is a name - of the IAMInstanceProfile, which will be allowed to - read control-plane node bootstrap data from S3 Bucket. + description: |- + ControlPlaneIAMInstanceProfile is a name of the IAMInstanceProfile, which will be allowed + to read control-plane node bootstrap data from S3 Bucket. type: string name: description: Name defines name of S3 Bucket to be created. @@ -421,9 +418,9 @@ spec: pattern: ^[a-z0-9][a-z0-9.-]{1,61}[a-z0-9]$ type: string nodesIAMInstanceProfiles: - description: NodesIAMInstanceProfiles is a list of IAM - instance profiles, which will be allowed to read worker - nodes bootstrap data from S3 Bucket. + description: |- + NodesIAMInstanceProfiles is a list of IAM instance profiles, which will be allowed to read + worker nodes bootstrap data from S3 Bucket. items: type: string type: array @@ -461,14 +458,19 @@ spec: Cluster Templates. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -480,24 +482,27 @@ spec: of AWSClusterTemplateResource. properties: metadata: - description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + description: |- + Standard object's metadata. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata properties: annotations: additionalProperties: type: string - description: 'Annotations is an unstructured key value map - stored with a resource that may be set by external tools - to store and retrieve arbitrary metadata. They are not queryable - and should be preserved when modifying objects. More info: - http://kubernetes.io/docs/user-guide/annotations' + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations type: object labels: additionalProperties: type: string - description: 'Map of string keys and values that can be used - to organize and categorize (scope and select) objects. May - match selectors of replication controllers and services. - More info: http://kubernetes.io/docs/user-guide/labels' + description: |- + Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: http://kubernetes.io/docs/user-guide/labels type: object type: object spec: @@ -507,42 +512,41 @@ spec: additionalTags: additionalProperties: type: string - description: AdditionalTags is an optional set of tags to - add to AWS resources managed by the AWS provider, in addition - to the ones added by default. + description: |- + AdditionalTags is an optional set of tags to add to AWS resources managed by the AWS provider, in addition to the + ones added by default. type: object bastion: description: Bastion contains options to configure the bastion host. properties: allowedCIDRBlocks: - description: AllowedCIDRBlocks is a list of CIDR blocks - allowed to access the bastion host. They are set as - ingress rules for the Bastion host's Security Group - (defaults to 0.0.0.0/0). + description: |- + AllowedCIDRBlocks is a list of CIDR blocks allowed to access the bastion host. + They are set as ingress rules for the Bastion host's Security Group (defaults to 0.0.0.0/0). items: type: string type: array ami: - description: AMI will use the specified AMI to boot the - bastion. If not specified, the AMI will default to one - picked out in public space. + description: |- + AMI will use the specified AMI to boot the bastion. If not specified, + the AMI will default to one picked out in public space. type: string disableIngressRules: - description: DisableIngressRules will ensure there are - no Ingress rules in the bastion host's security group. + description: |- + DisableIngressRules will ensure there are no Ingress rules in the bastion host's security group. Requires AllowedCIDRBlocks to be empty. type: boolean enabled: - description: Enabled allows this provider to create a - bastion host instance with a public ip to access the - VPC private network. + description: |- + Enabled allows this provider to create a bastion host instance + with a public ip to access the VPC private network. type: boolean instanceType: - description: InstanceType will use the specified instance - type for the bastion. If not specified, Cluster API - Provider AWS will use t3.micro for all regions except - us-east-1, where t2.micro will be the default. + description: |- + InstanceType will use the specified instance type for the bastion. If not specified, + Cluster API Provider AWS will use t3.micro for all regions except us-east-1, where t2.micro + will be the default. type: string type: object controlPlaneEndpoint: @@ -565,12 +569,13 @@ spec: for customizing control plane behavior. properties: additionalListeners: - description: AdditionalListeners sets the additional listeners - for the control plane load balancer. This is only applicable - to Network Load Balancer (NLB) types for the time being. + description: |- + AdditionalListeners sets the additional listeners for the control plane load balancer. + This is only applicable to Network Load Balancer (NLB) types for the time being. items: - description: AdditionalListenerSpec defines the desired - state of an additional listener on an AWS load balancer. + description: |- + AdditionalListenerSpec defines the desired state of an + additional listener on an AWS load balancer. properties: port: description: Port sets the port for the additional @@ -581,8 +586,9 @@ spec: type: integer protocol: default: TCP - description: Protocol sets the protocol for the - additional listener. Currently only TCP is supported. + description: |- + Protocol sets the protocol for the additional listener. + Currently only TCP is supported. enum: - TCP type: string @@ -594,33 +600,34 @@ spec: - port x-kubernetes-list-type: map additionalSecurityGroups: - description: AdditionalSecurityGroups sets the security - groups used by the load balancer. Expected to be security - group IDs This is optional - if not provided new security - groups will be created for the load balancer + description: |- + AdditionalSecurityGroups sets the security groups used by the load balancer. Expected to be security group IDs + This is optional - if not provided new security groups will be created for the load balancer items: type: string type: array crossZoneLoadBalancing: - description: "CrossZoneLoadBalancing enables the classic - ELB cross availability zone balancing. \n With cross-zone - load balancing, each load balancer node for your Classic - Load Balancer distributes requests evenly across the - registered instances in all enabled Availability Zones. - If cross-zone load balancing is disabled, each load - balancer node distributes requests evenly across the - registered instances in its Availability Zone only. - \n Defaults to false." + description: |- + CrossZoneLoadBalancing enables the classic ELB cross availability zone balancing. + + + With cross-zone load balancing, each load balancer node for your Classic Load Balancer + distributes requests evenly across the registered instances in all enabled Availability Zones. + If cross-zone load balancing is disabled, each load balancer node distributes requests evenly across + the registered instances in its Availability Zone only. + + + Defaults to false. type: boolean disableHostsRewrite: - description: DisableHostsRewrite disabled the hair pinning - issue solution that adds the NLB's address as 127.0.0.1 - to the hosts file of each instance. This is by default, - false. + description: |- + DisableHostsRewrite disabled the hair pinning issue solution that adds the NLB's address as 127.0.0.1 to the hosts + file of each instance. This is by default, false. type: boolean healthCheckProtocol: - description: HealthCheckProtocol sets the protocol type - for ELB health check target default value is ELBProtocolSSL + description: |- + HealthCheckProtocol sets the protocol type for ELB health check target + default value is ELBProtocolSSL enum: - TCP - SSL @@ -677,10 +684,9 @@ spec: type: string type: array sourceSecurityGroupRoles: - description: The security group role to allow access - from. Cannot be specified with CidrBlocks. The - field will be combined with source security group - IDs if specified. + description: |- + The security group role to allow access from. Cannot be specified with CidrBlocks. + The field will be combined with source security group IDs if specified. items: description: SecurityGroupRole defines the unique role of a security group. @@ -716,18 +722,17 @@ spec: - disabled type: string name: - description: Name sets the name of the classic ELB load - balancer. As per AWS, the name must be unique within - your set of load balancers for the region, must have - a maximum of 32 characters, must contain only alphanumeric - characters or hyphens, and cannot begin or end with - a hyphen. Once set, the value cannot be changed. + description: |- + Name sets the name of the classic ELB load balancer. As per AWS, the name must be unique + within your set of load balancers for the region, must have a maximum of 32 characters, must + contain only alphanumeric characters or hyphens, and cannot begin or end with a hyphen. Once + set, the value cannot be changed. maxLength: 32 pattern: ^[A-Za-z0-9]([A-Za-z0-9]{0,31}|[-A-Za-z0-9]{0,30}[A-Za-z0-9])$ type: string preserveClientIP: - description: PreserveClientIP lets the user control if - preservation of client ips must be retained or not. + description: |- + PreserveClientIP lets the user control if preservation of client ips must be retained or not. If this is enabled 6443 will be opened to 0.0.0.0/0. type: boolean scheme: @@ -748,10 +753,9 @@ spec: type: array type: object identityRef: - description: IdentityRef is a reference to an identity to - be used when reconciling the managed control plane. If no - identity is specified, the default identity for this controller - will be used. + description: |- + IdentityRef is a reference to an identity to be used when reconciling the managed control plane. + If no identity is specified, the default identity for this controller will be used. properties: kind: description: Kind of the identity. @@ -769,32 +773,32 @@ spec: - name type: object imageLookupBaseOS: - description: ImageLookupBaseOS is the name of the base operating - system used to look up machine images when a machine does - not specify an AMI. When set, this will be used for all - cluster machines unless a machine specifies a different - ImageLookupBaseOS. + description: |- + ImageLookupBaseOS is the name of the base operating system used to look + up machine images when a machine does not specify an AMI. When set, this + will be used for all cluster machines unless a machine specifies a + different ImageLookupBaseOS. type: string imageLookupFormat: - description: 'ImageLookupFormat is the AMI naming format to - look up machine images when a machine does not specify an - AMI. When set, this will be used for all cluster machines - unless a machine specifies a different ImageLookupOrg. Supports - substitutions for {{.BaseOS}} and {{.K8sVersion}} with the - base OS and kubernetes version, respectively. The BaseOS - will be the value in ImageLookupBaseOS or ubuntu (the default), - and the kubernetes version as defined by the packages produced - by kubernetes/release without v as a prefix: 1.13.0, 1.12.5-mybuild.1, - or 1.17.3. For example, the default image format of capa-ami-{{.BaseOS}}-?{{.K8sVersion}}-* - will end up searching for AMIs that match the pattern capa-ami-ubuntu-?1.18.0-* - for a Machine that is targeting kubernetes v1.18.0 and the - ubuntu base OS. See also: https://golang.org/pkg/text/template/' + description: |- + ImageLookupFormat is the AMI naming format to look up machine images when + a machine does not specify an AMI. When set, this will be used for all + cluster machines unless a machine specifies a different ImageLookupOrg. + Supports substitutions for {{.BaseOS}} and {{.K8sVersion}} with the base + OS and kubernetes version, respectively. The BaseOS will be the value in + ImageLookupBaseOS or ubuntu (the default), and the kubernetes version as + defined by the packages produced by kubernetes/release without v as a + prefix: 1.13.0, 1.12.5-mybuild.1, or 1.17.3. For example, the default + image format of capa-ami-{{.BaseOS}}-?{{.K8sVersion}}-* will end up + searching for AMIs that match the pattern capa-ami-ubuntu-?1.18.0-* for a + Machine that is targeting kubernetes v1.18.0 and the ubuntu base OS. See + also: https://golang.org/pkg/text/template/ type: string imageLookupOrg: - description: ImageLookupOrg is the AWS Organization ID to - look up machine images when a machine does not specify an - AMI. When set, this will be used for all cluster machines - unless a machine specifies a different ImageLookupOrg. + description: |- + ImageLookupOrg is the AWS Organization ID to look up machine images when a + machine does not specify an AMI. When set, this will be used for all + cluster machines unless a machine specifies a different ImageLookupOrg. type: string network: description: NetworkSpec encapsulates all things related to @@ -849,10 +853,9 @@ spec: type: string type: array sourceSecurityGroupRoles: - description: The security group role to allow access - from. Cannot be specified with CidrBlocks. The - field will be combined with source security group - IDs if specified. + description: |- + The security group role to allow access from. Cannot be specified with CidrBlocks. + The field will be combined with source security group IDs if specified. items: description: SecurityGroupRole defines the unique role of a security group. @@ -880,10 +883,9 @@ spec: description: CNI configuration properties: cniIngressRules: - description: CNIIngressRules specify rules to apply - to control plane and worker node security groups. - The source for the rule will be set to control plane - and worker security group IDs. + description: |- + CNIIngressRules specify rules to apply to control plane and worker node security groups. + The source for the rule will be set to control plane and worker security group IDs. items: description: CNIIngressRule defines an AWS ingress rule for CNI requirements. @@ -911,10 +913,9 @@ spec: securityGroupOverrides: additionalProperties: type: string - description: SecurityGroupOverrides is an optional set - of security groups to use for cluster instances This - is optional - if not provided new security groups will - be created for the cluster + description: |- + SecurityGroupOverrides is an optional set of security groups to use for cluster instances + This is optional - if not provided new security groups will be created for the cluster type: object subnets: description: Subnets configuration. @@ -930,31 +931,27 @@ spec: when the provider creates a managed VPC. type: string id: - description: "ID defines a unique identifier to - reference this resource. If you're bringing your - subnet, set the AWS subnet-id here, it must start - with `subnet-`. \n When the VPC is managed by - CAPA, and you'd like the provider to create a - subnet for you, the id can be set to any placeholder - value that does not start with `subnet-`; upon - creation, the subnet AWS identifier will be populated - in the `ResourceID` field and the `id` field is - going to be used as the subnet name. If you specify - a tag called `Name`, it takes precedence." + description: |- + ID defines a unique identifier to reference this resource. + If you're bringing your subnet, set the AWS subnet-id here, it must start with `subnet-`. + + + When the VPC is managed by CAPA, and you'd like the provider to create a subnet for you, + the id can be set to any placeholder value that does not start with `subnet-`; + upon creation, the subnet AWS identifier will be populated in the `ResourceID` field and + the `id` field is going to be used as the subnet name. If you specify a tag + called `Name`, it takes precedence. type: string ipv6CidrBlock: - description: IPv6CidrBlock is the IPv6 CIDR block - to be used when the provider creates a managed - VPC. A subnet can have an IPv4 and an IPv6 address. - IPv6 is only supported in managed clusters, this - field cannot be set on AWSCluster object. + description: |- + IPv6CidrBlock is the IPv6 CIDR block to be used when the provider creates a managed VPC. + A subnet can have an IPv4 and an IPv6 address. + IPv6 is only supported in managed clusters, this field cannot be set on AWSCluster object. type: string isIpv6: - description: IsIPv6 defines the subnet as an IPv6 - subnet. A subnet is IPv6 when it is associated - with a VPC that has IPv6 enabled. IPv6 is only - supported in managed clusters, this field cannot - be set on AWSCluster object. + description: |- + IsIPv6 defines the subnet as an IPv6 subnet. A subnet is IPv6 when it is associated with a VPC that has IPv6 enabled. + IPv6 is only supported in managed clusters, this field cannot be set on AWSCluster object. type: boolean isPublic: description: IsPublic defines the subnet as a public @@ -963,18 +960,14 @@ spec: gateway. type: boolean natGatewayId: - description: NatGatewayID is the NAT gateway id - associated with the subnet. Ignored unless the - subnet is managed by the provider, in which case - this is set on the public subnet where the NAT - gateway resides. It is then used to determine - routes for private subnets in the same AZ as the - public subnet. + description: |- + NatGatewayID is the NAT gateway id associated with the subnet. + Ignored unless the subnet is managed by the provider, in which case this is set on the public subnet where the NAT gateway resides. It is then used to determine routes for private subnets in the same AZ as the public subnet. type: string resourceID: - description: ResourceID is the subnet identifier - from AWS, READ ONLY. This field is populated when - the provider manages the subnet. + description: |- + ResourceID is the subnet identifier from AWS, READ ONLY. + This field is populated when the provider manages the subnet. type: string routeTableId: description: RouteTableID is the routing table id @@ -998,42 +991,43 @@ spec: properties: availabilityZoneSelection: default: Ordered - description: 'AvailabilityZoneSelection specifies - how AZs should be selected if there are more AZs - in a region than specified by AvailabilityZoneUsageLimit. - There are 2 selection schemes: Ordered - selects - based on alphabetical order Random - selects AZs - randomly in a region Defaults to Ordered' + description: |- + AvailabilityZoneSelection specifies how AZs should be selected if there are more AZs + in a region than specified by AvailabilityZoneUsageLimit. There are 2 selection schemes: + Ordered - selects based on alphabetical order + Random - selects AZs randomly in a region + Defaults to Ordered enum: - Ordered - Random type: string availabilityZoneUsageLimit: default: 3 - description: AvailabilityZoneUsageLimit specifies - the maximum number of availability zones (AZ) that - should be used in a region when automatically creating - subnets. If a region has more than this number of - AZs then this number of AZs will be picked randomly - when creating default subnets. Defaults to 3 + description: |- + AvailabilityZoneUsageLimit specifies the maximum number of availability zones (AZ) that + should be used in a region when automatically creating subnets. If a region has more + than this number of AZs then this number of AZs will be picked randomly when creating + default subnets. Defaults to 3 minimum: 1 type: integer cidrBlock: - description: CidrBlock is the CIDR block to be used - when the provider creates a managed VPC. Defaults - to 10.0.0.0/16. Mutually exclusive with IPAMPool. + description: |- + CidrBlock is the CIDR block to be used when the provider creates a managed VPC. + Defaults to 10.0.0.0/16. + Mutually exclusive with IPAMPool. type: string emptyRoutesDefaultVPCSecurityGroup: - description: "EmptyRoutesDefaultVPCSecurityGroup specifies - whether the default VPC security group ingress and - egress rules should be removed. \n By default, when - creating a VPC, AWS creates a security group called - `default` with ingress and egress rules that allow - traffic from anywhere. The group could be used as - a potential surface attack and it's generally suggested - that the group rules are removed or modified appropriately. - \n NOTE: This only applies when the VPC is managed - by the Cluster API AWS controller." + description: |- + EmptyRoutesDefaultVPCSecurityGroup specifies whether the default VPC security group ingress + and egress rules should be removed. + + + By default, when creating a VPC, AWS creates a security group called `default` with ingress and egress + rules that allow traffic from anywhere. The group could be used as a potential surface attack and + it's generally suggested that the group rules are removed or modified appropriately. + + + NOTE: This only applies when the VPC is managed by the Cluster API AWS controller. type: boolean id: description: ID is the vpc-id of the VPC this provider @@ -1044,8 +1038,9 @@ spec: gateway associated with the VPC. type: string ipamPool: - description: IPAMPool defines the IPAMv4 pool to be - used for VPC. Mutually exclusive with CidrBlock. + description: |- + IPAMPool defines the IPAMv4 pool to be used for VPC. + Mutually exclusive with CidrBlock. properties: id: description: ID is the ID of the IPAM pool this @@ -1056,22 +1051,22 @@ spec: this provider should use to create VPC. type: string netmaskLength: - description: The netmask length of the IPv4 CIDR - you want to allocate to VPC from an Amazon VPC - IP Address Manager (IPAM) pool. Defaults to - /16 for IPv4 if not specified. + description: |- + The netmask length of the IPv4 CIDR you want to allocate to VPC from + an Amazon VPC IP Address Manager (IPAM) pool. + Defaults to /16 for IPv4 if not specified. format: int64 type: integer type: object ipv6: - description: IPv6 contains ipv6 specific settings - for the network. Supported only in managed clusters. + description: |- + IPv6 contains ipv6 specific settings for the network. Supported only in managed clusters. This field cannot be set on AWSCluster object. properties: cidrBlock: - description: CidrBlock is the CIDR block provided - by Amazon when VPC has enabled IPv6. Mutually - exclusive with IPAMPool. + description: |- + CidrBlock is the CIDR block provided by Amazon when VPC has enabled IPv6. + Mutually exclusive with IPAMPool. type: string egressOnlyInternetGatewayId: description: EgressOnlyInternetGatewayID is the @@ -1079,9 +1074,9 @@ spec: with an IPv6 enabled VPC. type: string ipamPool: - description: IPAMPool defines the IPAMv6 pool - to be used for VPC. Mutually exclusive with - CidrBlock. + description: |- + IPAMPool defines the IPAMv6 pool to be used for VPC. + Mutually exclusive with CidrBlock. properties: id: description: ID is the ID of the IPAM pool @@ -1093,28 +1088,25 @@ spec: VPC. type: string netmaskLength: - description: The netmask length of the IPv4 - CIDR you want to allocate to VPC from an - Amazon VPC IP Address Manager (IPAM) pool. + description: |- + The netmask length of the IPv4 CIDR you want to allocate to VPC from + an Amazon VPC IP Address Manager (IPAM) pool. Defaults to /16 for IPv4 if not specified. format: int64 type: integer type: object poolId: - description: PoolID is the IP pool which must - be defined in case of BYO IP is defined. Must - be specified if CidrBlock is set. Mutually exclusive - with IPAMPool. + description: |- + PoolID is the IP pool which must be defined in case of BYO IP is defined. + Must be specified if CidrBlock is set. + Mutually exclusive with IPAMPool. type: string type: object privateDnsHostnameTypeOnLaunch: - description: PrivateDNSHostnameTypeOnLaunch is the - type of hostname to assign to instances in the subnet - at launch. For IPv4-only and dual-stack (IPv4 and - IPv6) subnets, an instance DNS name can be based - on the instance IPv4 address (ip-name) or the instance - ID (resource-name). For IPv6 only subnets, an instance - DNS name must be based on the instance ID (resource-name). + description: |- + PrivateDNSHostnameTypeOnLaunch is the type of hostname to assign to instances in the subnet at launch. + For IPv4-only and dual-stack (IPv4 and IPv6) subnets, an instance DNS name can be based on the instance IPv4 address (ip-name) + or the instance ID (resource-name). For IPv6 only subnets, an instance DNS name must be based on the instance ID (resource-name). enum: - ip-name - resource-name @@ -1135,15 +1127,16 @@ spec: description: The AWS Region the cluster lives in. type: string s3Bucket: - description: S3Bucket contains options to configure a supporting - S3 bucket for this cluster - currently used for nodes requiring - Ignition (https://coreos.github.io/ignition/) for bootstrapping - (requires BootstrapFormatIgnition feature flag to be enabled). + description: |- + S3Bucket contains options to configure a supporting S3 bucket for this + cluster - currently used for nodes requiring Ignition + (https://coreos.github.io/ignition/) for bootstrapping (requires + BootstrapFormatIgnition feature flag to be enabled). properties: controlPlaneIAMInstanceProfile: - description: ControlPlaneIAMInstanceProfile is a name - of the IAMInstanceProfile, which will be allowed to - read control-plane node bootstrap data from S3 Bucket. + description: |- + ControlPlaneIAMInstanceProfile is a name of the IAMInstanceProfile, which will be allowed + to read control-plane node bootstrap data from S3 Bucket. type: string name: description: Name defines name of S3 Bucket to be created. @@ -1152,37 +1145,42 @@ spec: pattern: ^[a-z0-9][a-z0-9.-]{1,61}[a-z0-9]$ type: string nodesIAMInstanceProfiles: - description: NodesIAMInstanceProfiles is a list of IAM - instance profiles, which will be allowed to read worker - nodes bootstrap data from S3 Bucket. + description: |- + NodesIAMInstanceProfiles is a list of IAM instance profiles, which will be allowed to read + worker nodes bootstrap data from S3 Bucket. items: type: string type: array presignedURLDuration: - description: "PresignedURLDuration defines the duration - for which presigned URLs are valid. \n This is used - to generate presigned URLs for S3 Bucket objects, which - are used by control-plane and worker nodes to fetch - bootstrap data. \n When enabled, the IAM instance profiles - specified are not used." + description: |- + PresignedURLDuration defines the duration for which presigned URLs are valid. + + + This is used to generate presigned URLs for S3 Bucket objects, which are used by + control-plane and worker nodes to fetch bootstrap data. + + + When enabled, the IAM instance profiles specified are not used. type: string required: - name type: object secondaryControlPlaneLoadBalancer: - description: "SecondaryControlPlaneLoadBalancer is an additional - load balancer that can be used for the control plane. \n - An example use case is to have a separate internal load - balancer for internal traffic, and a separate external load - balancer for external traffic." + description: |- + SecondaryControlPlaneLoadBalancer is an additional load balancer that can be used for the control plane. + + + An example use case is to have a separate internal load balancer for internal traffic, + and a separate external load balancer for external traffic. properties: additionalListeners: - description: AdditionalListeners sets the additional listeners - for the control plane load balancer. This is only applicable - to Network Load Balancer (NLB) types for the time being. + description: |- + AdditionalListeners sets the additional listeners for the control plane load balancer. + This is only applicable to Network Load Balancer (NLB) types for the time being. items: - description: AdditionalListenerSpec defines the desired - state of an additional listener on an AWS load balancer. + description: |- + AdditionalListenerSpec defines the desired state of an + additional listener on an AWS load balancer. properties: port: description: Port sets the port for the additional @@ -1193,8 +1191,9 @@ spec: type: integer protocol: default: TCP - description: Protocol sets the protocol for the - additional listener. Currently only TCP is supported. + description: |- + Protocol sets the protocol for the additional listener. + Currently only TCP is supported. enum: - TCP type: string @@ -1206,33 +1205,34 @@ spec: - port x-kubernetes-list-type: map additionalSecurityGroups: - description: AdditionalSecurityGroups sets the security - groups used by the load balancer. Expected to be security - group IDs This is optional - if not provided new security - groups will be created for the load balancer + description: |- + AdditionalSecurityGroups sets the security groups used by the load balancer. Expected to be security group IDs + This is optional - if not provided new security groups will be created for the load balancer items: type: string type: array crossZoneLoadBalancing: - description: "CrossZoneLoadBalancing enables the classic - ELB cross availability zone balancing. \n With cross-zone - load balancing, each load balancer node for your Classic - Load Balancer distributes requests evenly across the - registered instances in all enabled Availability Zones. - If cross-zone load balancing is disabled, each load - balancer node distributes requests evenly across the - registered instances in its Availability Zone only. - \n Defaults to false." + description: |- + CrossZoneLoadBalancing enables the classic ELB cross availability zone balancing. + + + With cross-zone load balancing, each load balancer node for your Classic Load Balancer + distributes requests evenly across the registered instances in all enabled Availability Zones. + If cross-zone load balancing is disabled, each load balancer node distributes requests evenly across + the registered instances in its Availability Zone only. + + + Defaults to false. type: boolean disableHostsRewrite: - description: DisableHostsRewrite disabled the hair pinning - issue solution that adds the NLB's address as 127.0.0.1 - to the hosts file of each instance. This is by default, - false. + description: |- + DisableHostsRewrite disabled the hair pinning issue solution that adds the NLB's address as 127.0.0.1 to the hosts + file of each instance. This is by default, false. type: boolean healthCheckProtocol: - description: HealthCheckProtocol sets the protocol type - for ELB health check target default value is ELBProtocolSSL + description: |- + HealthCheckProtocol sets the protocol type for ELB health check target + default value is ELBProtocolSSL enum: - TCP - SSL @@ -1289,10 +1289,9 @@ spec: type: string type: array sourceSecurityGroupRoles: - description: The security group role to allow access - from. Cannot be specified with CidrBlocks. The - field will be combined with source security group - IDs if specified. + description: |- + The security group role to allow access from. Cannot be specified with CidrBlocks. + The field will be combined with source security group IDs if specified. items: description: SecurityGroupRole defines the unique role of a security group. @@ -1328,18 +1327,17 @@ spec: - disabled type: string name: - description: Name sets the name of the classic ELB load - balancer. As per AWS, the name must be unique within - your set of load balancers for the region, must have - a maximum of 32 characters, must contain only alphanumeric - characters or hyphens, and cannot begin or end with - a hyphen. Once set, the value cannot be changed. + description: |- + Name sets the name of the classic ELB load balancer. As per AWS, the name must be unique + within your set of load balancers for the region, must have a maximum of 32 characters, must + contain only alphanumeric characters or hyphens, and cannot begin or end with a hyphen. Once + set, the value cannot be changed. maxLength: 32 pattern: ^[A-Za-z0-9]([A-Za-z0-9]{0,31}|[-A-Za-z0-9]{0,30}[A-Za-z0-9])$ type: string preserveClientIP: - description: PreserveClientIP lets the user control if - preservation of client ips must be retained or not. + description: |- + PreserveClientIP lets the user control if preservation of client ips must be retained or not. If this is enabled 6443 will be opened to 0.0.0.0/0. type: boolean scheme: diff --git a/config/crd/bases/infrastructure.cluster.x-k8s.io_awsfargateprofiles.yaml b/config/crd/bases/infrastructure.cluster.x-k8s.io_awsfargateprofiles.yaml index e1c4006c01..f3699dfdfc 100644 --- a/config/crd/bases/infrastructure.cluster.x-k8s.io_awsfargateprofiles.yaml +++ b/config/crd/bases/infrastructure.cluster.x-k8s.io_awsfargateprofiles.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: awsfargateprofiles.infrastructure.cluster.x-k8s.io spec: group: infrastructure.cluster.x-k8s.io @@ -37,14 +37,19 @@ spec: description: AWSFargateProfile is the Schema for the awsfargateprofiles API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +59,9 @@ spec: additionalTags: additionalProperties: type: string - description: AdditionalTags is an optional set of tags to add to AWS - resources managed by the AWS provider, in addition to the ones added - by default. + description: |- + AdditionalTags is an optional set of tags to add to AWS resources managed by the AWS provider, in addition to the + ones added by default. type: object clusterName: description: ClusterName is the name of the Cluster this object belongs @@ -67,10 +72,11 @@ spec: description: ProfileName specifies the profile name. type: string roleName: - description: RoleName specifies the name of IAM role for this fargate - pool If the role is pre-existing we will treat it as unmanaged and - not delete it on deletion. If the EKSEnableIAM feature flag is true - and no name is supplied then a role is created. + description: |- + RoleName specifies the name of IAM role for this fargate pool + If the role is pre-existing we will treat it as unmanaged + and not delete it on deletion. If the EKSEnableIAM feature + flag is true and no name is supplied then a role is created. type: string selectors: description: Selectors specify fargate pod selectors. @@ -91,8 +97,9 @@ spec: type: object type: array subnetIDs: - description: SubnetIDs specifies which subnets are used for the auto - scaling group of this nodegroup. + description: |- + SubnetIDs specifies which subnets are used for the + auto scaling group of this nodegroup. items: type: string type: array @@ -109,37 +116,37 @@ spec: operational state. properties: lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. + description: |- + Last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when + the API field changed is acceptable. format: date-time type: string message: - description: A human readable message indicating details about - the transition. This field may be empty. + description: |- + A human readable message indicating details about the transition. + This field may be empty. type: string reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. + description: |- + The reason for the condition's last transition in CamelCase. + The specific API may choose whether or not this field is considered a guaranteed API. + This field may not be empty. type: string severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. + description: |- + Severity provides an explicit classification of Reason code, so the users or machines can immediately + understand the current situation and act accordingly. + The Severity field MUST be set only when Status=False. type: string status: description: Status of the condition, one of True, False, Unknown. type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions + can be useful (see .node.status.conditions), the ability to deconflict is important. type: string required: - lastTransitionTime @@ -148,36 +155,46 @@ spec: type: object type: array failureMessage: - description: "FailureMessage will be set in the event that there is - a terminal problem reconciling the FargateProfile and will contain - a more verbose string suitable for logging and human consumption. - \n This field should not be set for transitive errors that a controller - faces that are expected to be fixed automatically over time (like - service outages), but instead indicate that something is fundamentally - wrong with the FargateProfile's spec or the configuration of the - controller, and that manual intervention is required. Examples of - terminal errors would be invalid combinations of settings in the - spec, values that are unsupported by the controller, or the responsible - controller itself being critically misconfigured. \n Any transient - errors that occur during the reconciliation of FargateProfiles can - be added as events to the FargateProfile object and/or logged in - the controller's output." + description: |- + FailureMessage will be set in the event that there is a terminal problem + reconciling the FargateProfile and will contain a more verbose string suitable + for logging and human consumption. + + + This field should not be set for transitive errors that a controller + faces that are expected to be fixed automatically over + time (like service outages), but instead indicate that something is + fundamentally wrong with the FargateProfile's spec or the configuration of + the controller, and that manual intervention is required. Examples + of terminal errors would be invalid combinations of settings in the + spec, values that are unsupported by the controller, or the + responsible controller itself being critically misconfigured. + + + Any transient errors that occur during the reconciliation of + FargateProfiles can be added as events to the FargateProfile + object and/or logged in the controller's output. type: string failureReason: - description: "FailureReason will be set in the event that there is - a terminal problem reconciling the FargateProfile and will contain - a succinct value suitable for machine interpretation. \n This field - should not be set for transitive errors that a controller faces - that are expected to be fixed automatically over time (like service - outages), but instead indicate that something is fundamentally wrong - with the FargateProfile's spec or the configuration of the controller, - and that manual intervention is required. Examples of terminal errors - would be invalid combinations of settings in the spec, values that - are unsupported by the controller, or the responsible controller - itself being critically misconfigured. \n Any transient errors that - occur during the reconciliation of FargateProfiles can be added - as events to the FargateProfile object and/or logged in the controller's - output." + description: |- + FailureReason will be set in the event that there is a terminal problem + reconciling the FargateProfile and will contain a succinct value suitable + for machine interpretation. + + + This field should not be set for transitive errors that a controller + faces that are expected to be fixed automatically over + time (like service outages), but instead indicate that something is + fundamentally wrong with the FargateProfile's spec or the configuration of + the controller, and that manual intervention is required. Examples + of terminal errors would be invalid combinations of settings in the + spec, values that are unsupported by the controller, or the + responsible controller itself being critically misconfigured. + + + Any transient errors that occur during the reconciliation of + FargateProfiles can be added as events to the FargateProfile object + and/or logged in the controller's output. type: string ready: default: false @@ -210,14 +227,19 @@ spec: description: AWSFargateProfile is the Schema for the awsfargateprofiles API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -227,9 +249,9 @@ spec: additionalTags: additionalProperties: type: string - description: AdditionalTags is an optional set of tags to add to AWS - resources managed by the AWS provider, in addition to the ones added - by default. + description: |- + AdditionalTags is an optional set of tags to add to AWS resources managed by the AWS provider, in addition to the + ones added by default. type: object clusterName: description: ClusterName is the name of the Cluster this object belongs @@ -240,10 +262,11 @@ spec: description: ProfileName specifies the profile name. type: string roleName: - description: RoleName specifies the name of IAM role for this fargate - pool If the role is pre-existing we will treat it as unmanaged and - not delete it on deletion. If the EKSEnableIAM feature flag is true - and no name is supplied then a role is created. + description: |- + RoleName specifies the name of IAM role for this fargate pool + If the role is pre-existing we will treat it as unmanaged + and not delete it on deletion. If the EKSEnableIAM feature + flag is true and no name is supplied then a role is created. type: string selectors: description: Selectors specify fargate pod selectors. @@ -264,8 +287,9 @@ spec: type: object type: array subnetIDs: - description: SubnetIDs specifies which subnets are used for the auto - scaling group of this nodegroup. + description: |- + SubnetIDs specifies which subnets are used for the + auto scaling group of this nodegroup. items: type: string type: array @@ -282,37 +306,37 @@ spec: operational state. properties: lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. + description: |- + Last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when + the API field changed is acceptable. format: date-time type: string message: - description: A human readable message indicating details about - the transition. This field may be empty. + description: |- + A human readable message indicating details about the transition. + This field may be empty. type: string reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. + description: |- + The reason for the condition's last transition in CamelCase. + The specific API may choose whether or not this field is considered a guaranteed API. + This field may not be empty. type: string severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. + description: |- + Severity provides an explicit classification of Reason code, so the users or machines can immediately + understand the current situation and act accordingly. + The Severity field MUST be set only when Status=False. type: string status: description: Status of the condition, one of True, False, Unknown. type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions + can be useful (see .node.status.conditions), the ability to deconflict is important. type: string required: - lastTransitionTime @@ -321,36 +345,46 @@ spec: type: object type: array failureMessage: - description: "FailureMessage will be set in the event that there is - a terminal problem reconciling the FargateProfile and will contain - a more verbose string suitable for logging and human consumption. - \n This field should not be set for transitive errors that a controller - faces that are expected to be fixed automatically over time (like - service outages), but instead indicate that something is fundamentally - wrong with the FargateProfile's spec or the configuration of the - controller, and that manual intervention is required. Examples of - terminal errors would be invalid combinations of settings in the - spec, values that are unsupported by the controller, or the responsible - controller itself being critically misconfigured. \n Any transient - errors that occur during the reconciliation of FargateProfiles can - be added as events to the FargateProfile object and/or logged in - the controller's output." + description: |- + FailureMessage will be set in the event that there is a terminal problem + reconciling the FargateProfile and will contain a more verbose string suitable + for logging and human consumption. + + + This field should not be set for transitive errors that a controller + faces that are expected to be fixed automatically over + time (like service outages), but instead indicate that something is + fundamentally wrong with the FargateProfile's spec or the configuration of + the controller, and that manual intervention is required. Examples + of terminal errors would be invalid combinations of settings in the + spec, values that are unsupported by the controller, or the + responsible controller itself being critically misconfigured. + + + Any transient errors that occur during the reconciliation of + FargateProfiles can be added as events to the FargateProfile + object and/or logged in the controller's output. type: string failureReason: - description: "FailureReason will be set in the event that there is - a terminal problem reconciling the FargateProfile and will contain - a succinct value suitable for machine interpretation. \n This field - should not be set for transitive errors that a controller faces - that are expected to be fixed automatically over time (like service - outages), but instead indicate that something is fundamentally wrong - with the FargateProfile's spec or the configuration of the controller, - and that manual intervention is required. Examples of terminal errors - would be invalid combinations of settings in the spec, values that - are unsupported by the controller, or the responsible controller - itself being critically misconfigured. \n Any transient errors that - occur during the reconciliation of FargateProfiles can be added - as events to the FargateProfile object and/or logged in the controller's - output." + description: |- + FailureReason will be set in the event that there is a terminal problem + reconciling the FargateProfile and will contain a succinct value suitable + for machine interpretation. + + + This field should not be set for transitive errors that a controller + faces that are expected to be fixed automatically over + time (like service outages), but instead indicate that something is + fundamentally wrong with the FargateProfile's spec or the configuration of + the controller, and that manual intervention is required. Examples + of terminal errors would be invalid combinations of settings in the + spec, values that are unsupported by the controller, or the + responsible controller itself being critically misconfigured. + + + Any transient errors that occur during the reconciliation of + FargateProfiles can be added as events to the FargateProfile object + and/or logged in the controller's output. type: string ready: default: false diff --git a/config/crd/bases/infrastructure.cluster.x-k8s.io_awsmachinepools.yaml b/config/crd/bases/infrastructure.cluster.x-k8s.io_awsmachinepools.yaml index b646849522..7b6acd1ccc 100644 --- a/config/crd/bases/infrastructure.cluster.x-k8s.io_awsmachinepools.yaml +++ b/config/crd/bases/infrastructure.cluster.x-k8s.io_awsmachinepools.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: awsmachinepools.infrastructure.cluster.x-k8s.io spec: group: infrastructure.cluster.x-k8s.io @@ -45,14 +45,19 @@ spec: description: AWSMachinePool is the Schema for the awsmachinepools API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -62,8 +67,9 @@ spec: additionalTags: additionalProperties: type: string - description: AdditionalTags is an optional set of tags to add to an - instance, in addition to the ones added by default by the AWS provider. + description: |- + AdditionalTags is an optional set of tags to add to an instance, in addition to the ones added by default by the + AWS provider. type: object availabilityZones: description: AvailabilityZones is an array of availability zones instances @@ -76,20 +82,21 @@ spec: to use when an instance is launched. properties: additionalSecurityGroups: - description: AdditionalSecurityGroups is an array of references - to security groups that should be applied to the instances. - These security groups would be set in addition to any security - groups defined at the cluster level or in the actuator. + description: |- + AdditionalSecurityGroups is an array of references to security groups that should be applied to the + instances. These security groups would be set in addition to any security groups defined + at the cluster level or in the actuator. items: - description: AWSResourceReference is a reference to a specific - AWS resource by ID or filters. Only one of ID or Filters may - be specified. Specifying more than one will result in a validation - error. + description: |- + AWSResourceReference is a reference to a specific AWS resource by ID or filters. + Only one of ID or Filters may be specified. Specifying more than one will result in + a validation error. properties: filters: - description: 'Filters is a set of key/value pairs used to - identify a resource They are applied according to the - rules defined by the AWS API: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Filtering.html' + description: |- + Filters is a set of key/value pairs used to identify a resource + They are applied according to the rules defined by the AWS API: + https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Filtering.html items: description: Filter is a filter used to identify an AWS resource. @@ -130,26 +137,29 @@ spec: type: string type: object iamInstanceProfile: - description: The name or the Amazon Resource Name (ARN) of the - instance profile associated with the IAM role for the instance. - The instance profile contains the IAM role. + description: |- + The name or the Amazon Resource Name (ARN) of the instance profile associated + with the IAM role for the instance. The instance profile contains the IAM + role. type: string imageLookupBaseOS: - description: ImageLookupBaseOS is the name of the base operating - system to use for image lookup the AMI is not set. + description: |- + ImageLookupBaseOS is the name of the base operating system to use for + image lookup the AMI is not set. type: string imageLookupFormat: - description: 'ImageLookupFormat is the AMI naming format to look - up the image for this machine It will be ignored if an explicit - AMI is set. Supports substitutions for {{.BaseOS}} and {{.K8sVersion}} - with the base OS and kubernetes version, respectively. The BaseOS - will be the value in ImageLookupBaseOS or ubuntu (the default), - and the kubernetes version as defined by the packages produced - by kubernetes/release without v as a prefix: 1.13.0, 1.12.5-mybuild.1, - or 1.17.3. For example, the default image format of capa-ami-{{.BaseOS}}-?{{.K8sVersion}}-* - will end up searching for AMIs that match the pattern capa-ami-ubuntu-?1.18.0-* - for a Machine that is targeting kubernetes v1.18.0 and the ubuntu - base OS. See also: https://golang.org/pkg/text/template/' + description: |- + ImageLookupFormat is the AMI naming format to look up the image for this + machine It will be ignored if an explicit AMI is set. Supports + substitutions for {{.BaseOS}} and {{.K8sVersion}} with the base OS and + kubernetes version, respectively. The BaseOS will be the value in + ImageLookupBaseOS or ubuntu (the default), and the kubernetes version as + defined by the packages produced by kubernetes/release without v as a + prefix: 1.13.0, 1.12.5-mybuild.1, or 1.17.3. For example, the default + image format of capa-ami-{{.BaseOS}}-?{{.K8sVersion}}-* will end up + searching for AMIs that match the pattern capa-ami-ubuntu-?1.18.0-* for a + Machine that is targeting kubernetes v1.18.0 and the ubuntu base OS. See + also: https://golang.org/pkg/text/template/ type: string imageLookupOrg: description: ImageLookupOrg is the AWS Organization ID to use @@ -174,11 +184,10 @@ spec: or not. type: boolean encryptionKey: - description: EncryptionKey is the KMS key to use to encrypt - the volume. Can be either a KMS key ID or ARN. If Encrypted - is set and this is omitted, the default AWS key will be - used. The key must already exist and be accessible by the - controller. + description: |- + EncryptionKey is the KMS key to use to encrypt the volume. Can be either a KMS key ID or ARN. + If Encrypted is set and this is omitted, the default AWS key will be used. + The key must already exist and be accessible by the controller. type: string iops: description: IOPS is the number of IOPS requested for the @@ -186,9 +195,9 @@ spec: format: int64 type: integer size: - description: Size specifies size (in Gi) of the storage device. - Must be greater than the image snapshot size or 8 (whichever - is greater). + description: |- + Size specifies size (in Gi) of the storage device. + Must be greater than the image snapshot size or 8 (whichever is greater). format: int64 minimum: 8 type: integer @@ -214,17 +223,17 @@ spec: type: string type: object sshKeyName: - description: SSHKeyName is the name of the ssh key to attach to - the instance. Valid values are empty string (do not use SSH - keys), a valid SSH key name, or omitted (use the default SSH - key name) + description: |- + SSHKeyName is the name of the ssh key to attach to the instance. Valid values are empty string + (do not use SSH keys), a valid SSH key name, or omitted (use the default SSH key name) type: string versionNumber: - description: 'VersionNumber is the version of the launch template - that is applied. Typically a new version is created when at - least one of the following happens: 1) A new launch template - spec is applied. 2) One or more parameters in an existing template - is changed. 3) A new AMI is discovered.' + description: |- + VersionNumber is the version of the launch template that is applied. + Typically a new version is created when at least one of the following happens: + 1) A new launch template spec is applied. + 2) One or more parameters in an existing template is changed. + 3) A new AMI is discovered. format: int64 type: integer type: object @@ -233,9 +242,9 @@ spec: group feature type: boolean defaultCoolDown: - description: The amount of time, in seconds, after a scaling activity - completes before another scaling activity can start. If no value - is supplied by user a default value of 300 seconds is set + description: |- + The amount of time, in seconds, after a scaling activity completes before another scaling activity can start. + If no value is supplied by user a default value of 300 seconds is set type: string maxSize: default: 1 @@ -283,9 +292,9 @@ spec: type: object overrides: items: - description: Overrides are used to override the instance type - specified by the launch template with multiple instance types - that can be used to launch On-Demand Instances and Spot Instances. + description: |- + Overrides are used to override the instance type specified by the launch template with multiple + instance types that can be used to launch On-Demand Instances and Spot Instances. properties: instanceType: type: string @@ -298,10 +307,9 @@ spec: description: ProviderID is the ARN of the associated ASG type: string providerIDList: - description: ProviderIDList are the identification IDs of machine - instances provided by the provider. This field must match the provider - IDs as seen on the node objects corresponding to a machine pool's - machine instances. + description: |- + ProviderIDList are the identification IDs of machine instances provided by the provider. + This field must match the provider IDs as seen on the node objects corresponding to a machine pool's machine instances. items: type: string type: array @@ -310,36 +318,38 @@ spec: with the instance refresh request. properties: instanceWarmup: - description: The number of seconds until a newly launched instance - is configured and ready to use. During this time, the next replacement - will not be initiated. The default is to use the value for the - health check grace period defined for the group. + description: |- + The number of seconds until a newly launched instance is configured and ready + to use. During this time, the next replacement will not be initiated. + The default is to use the value for the health check grace period defined for the group. format: int64 type: integer minHealthyPercentage: - description: The amount of capacity as a percentage in ASG that - must remain healthy during an instance refresh. The default - is 90. + description: |- + The amount of capacity as a percentage in ASG that must remain healthy + during an instance refresh. The default is 90. format: int64 type: integer strategy: - description: The strategy to use for the instance refresh. The - only valid value is Rolling. A rolling update is an update that - is applied to all instances in an Auto Scaling group until all - instances have been updated. + description: |- + The strategy to use for the instance refresh. The only valid value is Rolling. + A rolling update is an update that is applied to all instances in an Auto + Scaling group until all instances have been updated. type: string type: object subnets: description: Subnets is an array of subnet configurations items: - description: AWSResourceReference is a reference to a specific AWS - resource by ID or filters. Only one of ID or Filters may be specified. - Specifying more than one will result in a validation error. + description: |- + AWSResourceReference is a reference to a specific AWS resource by ID or filters. + Only one of ID or Filters may be specified. Specifying more than one will result in + a validation error. properties: filters: - description: 'Filters is a set of key/value pairs used to identify - a resource They are applied according to the rules defined - by the AWS API: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Filtering.html' + description: |- + Filters is a set of key/value pairs used to identify a resource + They are applied according to the rules defined by the AWS API: + https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Filtering.html items: description: Filter is a filter used to identify an AWS resource. properties: @@ -381,37 +391,37 @@ spec: operational state. properties: lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. + description: |- + Last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when + the API field changed is acceptable. format: date-time type: string message: - description: A human readable message indicating details about - the transition. This field may be empty. + description: |- + A human readable message indicating details about the transition. + This field may be empty. type: string reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. + description: |- + The reason for the condition's last transition in CamelCase. + The specific API may choose whether or not this field is considered a guaranteed API. + This field may not be empty. type: string severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. + description: |- + Severity provides an explicit classification of Reason code, so the users or machines can immediately + understand the current situation and act accordingly. + The Severity field MUST be set only when Status=False. type: string status: description: Status of the condition, one of True, False, Unknown. type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions + can be useful (see .node.status.conditions), the ability to deconflict is important. type: string required: - lastTransitionTime @@ -420,34 +430,46 @@ spec: type: object type: array failureMessage: - description: "FailureMessage will be set in the event that there is - a terminal problem reconciling the Machine and will contain a more - verbose string suitable for logging and human consumption. \n This - field should not be set for transitive errors that a controller - faces that are expected to be fixed automatically over time (like - service outages), but instead indicate that something is fundamentally - wrong with the Machine's spec or the configuration of the controller, - and that manual intervention is required. Examples of terminal errors - would be invalid combinations of settings in the spec, values that - are unsupported by the controller, or the responsible controller - itself being critically misconfigured. \n Any transient errors that - occur during the reconciliation of Machines can be added as events - to the Machine object and/or logged in the controller's output." + description: |- + FailureMessage will be set in the event that there is a terminal problem + reconciling the Machine and will contain a more verbose string suitable + for logging and human consumption. + + + This field should not be set for transitive errors that a controller + faces that are expected to be fixed automatically over + time (like service outages), but instead indicate that something is + fundamentally wrong with the Machine's spec or the configuration of + the controller, and that manual intervention is required. Examples + of terminal errors would be invalid combinations of settings in the + spec, values that are unsupported by the controller, or the + responsible controller itself being critically misconfigured. + + + Any transient errors that occur during the reconciliation of Machines + can be added as events to the Machine object and/or logged in the + controller's output. type: string failureReason: - description: "FailureReason will be set in the event that there is - a terminal problem reconciling the Machine and will contain a succinct - value suitable for machine interpretation. \n This field should - not be set for transitive errors that a controller faces that are - expected to be fixed automatically over time (like service outages), - but instead indicate that something is fundamentally wrong with - the Machine's spec or the configuration of the controller, and that - manual intervention is required. Examples of terminal errors would - be invalid combinations of settings in the spec, values that are - unsupported by the controller, or the responsible controller itself - being critically misconfigured. \n Any transient errors that occur - during the reconciliation of Machines can be added as events to - the Machine object and/or logged in the controller's output." + description: |- + FailureReason will be set in the event that there is a terminal problem + reconciling the Machine and will contain a succinct value suitable + for machine interpretation. + + + This field should not be set for transitive errors that a controller + faces that are expected to be fixed automatically over + time (like service outages), but instead indicate that something is + fundamentally wrong with the Machine's spec or the configuration of + the controller, and that manual intervention is required. Examples + of terminal errors would be invalid combinations of settings in the + spec, values that are unsupported by the controller, or the + responsible controller itself being critically misconfigured. + + + Any transient errors that occur during the reconciliation of Machines + can be added as events to the Machine object and/or logged in the + controller's output. type: string instances: description: Instances contains the status for each instance in the @@ -512,14 +534,19 @@ spec: description: AWSMachinePool is the Schema for the awsmachinepools API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -529,8 +556,9 @@ spec: additionalTags: additionalProperties: type: string - description: AdditionalTags is an optional set of tags to add to an - instance, in addition to the ones added by default by the AWS provider. + description: |- + AdditionalTags is an optional set of tags to add to an instance, in addition to the ones added by default by the + AWS provider. type: object availabilityZoneSubnetType: description: AvailabilityZoneSubnetType specifies which type of subnets @@ -551,20 +579,21 @@ spec: to use when an instance is launched. properties: additionalSecurityGroups: - description: AdditionalSecurityGroups is an array of references - to security groups that should be applied to the instances. - These security groups would be set in addition to any security - groups defined at the cluster level or in the actuator. + description: |- + AdditionalSecurityGroups is an array of references to security groups that should be applied to the + instances. These security groups would be set in addition to any security groups defined + at the cluster level or in the actuator. items: - description: AWSResourceReference is a reference to a specific - AWS resource by ID or filters. Only one of ID or Filters may - be specified. Specifying more than one will result in a validation - error. + description: |- + AWSResourceReference is a reference to a specific AWS resource by ID or filters. + Only one of ID or Filters may be specified. Specifying more than one will result in + a validation error. properties: filters: - description: 'Filters is a set of key/value pairs used to - identify a resource They are applied according to the - rules defined by the AWS API: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Filtering.html' + description: |- + Filters is a set of key/value pairs used to identify a resource + They are applied according to the rules defined by the AWS API: + https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Filtering.html items: description: Filter is a filter used to identify an AWS resource. @@ -605,26 +634,29 @@ spec: type: string type: object iamInstanceProfile: - description: The name or the Amazon Resource Name (ARN) of the - instance profile associated with the IAM role for the instance. - The instance profile contains the IAM role. + description: |- + The name or the Amazon Resource Name (ARN) of the instance profile associated + with the IAM role for the instance. The instance profile contains the IAM + role. type: string imageLookupBaseOS: - description: ImageLookupBaseOS is the name of the base operating - system to use for image lookup the AMI is not set. + description: |- + ImageLookupBaseOS is the name of the base operating system to use for + image lookup the AMI is not set. type: string imageLookupFormat: - description: 'ImageLookupFormat is the AMI naming format to look - up the image for this machine It will be ignored if an explicit - AMI is set. Supports substitutions for {{.BaseOS}} and {{.K8sVersion}} - with the base OS and kubernetes version, respectively. The BaseOS - will be the value in ImageLookupBaseOS or ubuntu (the default), - and the kubernetes version as defined by the packages produced - by kubernetes/release without v as a prefix: 1.13.0, 1.12.5-mybuild.1, - or 1.17.3. For example, the default image format of capa-ami-{{.BaseOS}}-?{{.K8sVersion}}-* - will end up searching for AMIs that match the pattern capa-ami-ubuntu-?1.18.0-* - for a Machine that is targeting kubernetes v1.18.0 and the ubuntu - base OS. See also: https://golang.org/pkg/text/template/' + description: |- + ImageLookupFormat is the AMI naming format to look up the image for this + machine It will be ignored if an explicit AMI is set. Supports + substitutions for {{.BaseOS}} and {{.K8sVersion}} with the base OS and + kubernetes version, respectively. The BaseOS will be the value in + ImageLookupBaseOS or ubuntu (the default), and the kubernetes version as + defined by the packages produced by kubernetes/release without v as a + prefix: 1.13.0, 1.12.5-mybuild.1, or 1.17.3. For example, the default + image format of capa-ami-{{.BaseOS}}-?{{.K8sVersion}}-* will end up + searching for AMIs that match the pattern capa-ami-ubuntu-?1.18.0-* for a + Machine that is targeting kubernetes v1.18.0 and the ubuntu base OS. See + also: https://golang.org/pkg/text/template/ type: string imageLookupOrg: description: ImageLookupOrg is the AWS Organization ID to use @@ -636,48 +668,64 @@ spec: properties: httpEndpoint: default: enabled - description: "Enables or disables the HTTP metadata endpoint - on your instances. \n If you specify a value of disabled, - you cannot access your instance metadata. \n Default: enabled" + description: |- + Enables or disables the HTTP metadata endpoint on your instances. + + + If you specify a value of disabled, you cannot access your instance metadata. + + + Default: enabled enum: - enabled - disabled type: string httpPutResponseHopLimit: default: 1 - description: "The desired HTTP PUT response hop limit for - instance metadata requests. The larger the number, the further - instance metadata requests can travel. \n Default: 1" + description: |- + The desired HTTP PUT response hop limit for instance metadata requests. The + larger the number, the further instance metadata requests can travel. + + + Default: 1 format: int64 maximum: 64 minimum: 1 type: integer httpTokens: default: optional - description: "The state of token usage for your instance metadata - requests. \n If the state is optional, you can choose to - retrieve instance metadata with or without a session token - on your request. If you retrieve the IAM role credentials - without a token, the version 1.0 role credentials are returned. - If you retrieve the IAM role credentials using a valid session - token, the version 2.0 role credentials are returned. \n - If the state is required, you must send a session token - with any instance metadata retrieval requests. In this state, - retrieving the IAM role credentials always returns the version - 2.0 credentials; the version 1.0 credentials are not available. - \n Default: optional" + description: |- + The state of token usage for your instance metadata requests. + + + If the state is optional, you can choose to retrieve instance metadata with + or without a session token on your request. If you retrieve the IAM role + credentials without a token, the version 1.0 role credentials are returned. + If you retrieve the IAM role credentials using a valid session token, the + version 2.0 role credentials are returned. + + + If the state is required, you must send a session token with any instance + metadata retrieval requests. In this state, retrieving the IAM role credentials + always returns the version 2.0 credentials; the version 1.0 credentials are + not available. + + + Default: optional enum: - optional - required type: string instanceMetadataTags: default: disabled - description: "Set to enabled to allow access to instance tags - from the instance metadata. Set to disabled to turn off - access to instance tags from the instance metadata. For - more information, see Work with instance tags using the - instance metadata (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#work-with-tags-in-IMDS). - \n Default: disabled" + description: |- + Set to enabled to allow access to instance tags from the instance metadata. + Set to disabled to turn off access to instance tags from the instance metadata. + For more information, see Work with instance tags using the instance metadata + (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#work-with-tags-in-IMDS). + + + Default: disabled enum: - enabled - disabled @@ -722,11 +770,10 @@ spec: or not. type: boolean encryptionKey: - description: EncryptionKey is the KMS key to use to encrypt - the volume. Can be either a KMS key ID or ARN. If Encrypted - is set and this is omitted, the default AWS key will be - used. The key must already exist and be accessible by the - controller. + description: |- + EncryptionKey is the KMS key to use to encrypt the volume. Can be either a KMS key ID or ARN. + If Encrypted is set and this is omitted, the default AWS key will be used. + The key must already exist and be accessible by the controller. type: string iops: description: IOPS is the number of IOPS requested for the @@ -734,9 +781,9 @@ spec: format: int64 type: integer size: - description: Size specifies size (in Gi) of the storage device. - Must be greater than the image snapshot size or 8 (whichever - is greater). + description: |- + Size specifies size (in Gi) of the storage device. + Must be greater than the image snapshot size or 8 (whichever is greater). format: int64 minimum: 8 type: integer @@ -762,17 +809,17 @@ spec: type: string type: object sshKeyName: - description: SSHKeyName is the name of the ssh key to attach to - the instance. Valid values are empty string (do not use SSH - keys), a valid SSH key name, or omitted (use the default SSH - key name) + description: |- + SSHKeyName is the name of the ssh key to attach to the instance. Valid values are empty string + (do not use SSH keys), a valid SSH key name, or omitted (use the default SSH key name) type: string versionNumber: - description: 'VersionNumber is the version of the launch template - that is applied. Typically a new version is created when at - least one of the following happens: 1) A new launch template - spec is applied. 2) One or more parameters in an existing template - is changed. 3) A new AMI is discovered.' + description: |- + VersionNumber is the version of the launch template that is applied. + Typically a new version is created when at least one of the following happens: + 1) A new launch template spec is applied. + 2) One or more parameters in an existing template is changed. + 3) A new AMI is discovered. format: int64 type: integer type: object @@ -781,15 +828,16 @@ spec: group feature type: boolean defaultCoolDown: - description: The amount of time, in seconds, after a scaling activity - completes before another scaling activity can start. If no value - is supplied by user a default value of 300 seconds is set + description: |- + The amount of time, in seconds, after a scaling activity completes before another scaling activity can start. + If no value is supplied by user a default value of 300 seconds is set type: string defaultInstanceWarmup: - description: The amount of time, in seconds, until a new instance - is considered to have finished initializing and resource consumption - to become stable after it enters the InService state. If no value - is supplied by user a default value of 300 seconds is set + description: |- + The amount of time, in seconds, until a new instance is considered to + have finished initializing and resource consumption to become stable + after it enters the InService state. + If no value is supplied by user a default value of 300 seconds is set type: string maxSize: default: 1 @@ -840,9 +888,9 @@ spec: type: object overrides: items: - description: Overrides are used to override the instance type - specified by the launch template with multiple instance types - that can be used to launch On-Demand Instances and Spot Instances. + description: |- + Overrides are used to override the instance type specified by the launch template with multiple + instance types that can be used to launch On-Demand Instances and Spot Instances. properties: instanceType: type: string @@ -855,10 +903,9 @@ spec: description: ProviderID is the ARN of the associated ASG type: string providerIDList: - description: ProviderIDList are the identification IDs of machine - instances provided by the provider. This field must match the provider - IDs as seen on the node objects corresponding to a machine pool's - machine instances. + description: |- + ProviderIDList are the identification IDs of machine instances provided by the provider. + This field must match the provider IDs as seen on the node objects corresponding to a machine pool's machine instances. items: type: string type: array @@ -867,41 +914,43 @@ spec: with the instance refresh request. properties: disable: - description: Disable, if true, disables instance refresh from - triggering when new launch templates are detected. This is useful - in scenarios where ASG nodes are externally managed. + description: |- + Disable, if true, disables instance refresh from triggering when new launch templates are detected. + This is useful in scenarios where ASG nodes are externally managed. type: boolean instanceWarmup: - description: The number of seconds until a newly launched instance - is configured and ready to use. During this time, the next replacement - will not be initiated. The default is to use the value for the - health check grace period defined for the group. + description: |- + The number of seconds until a newly launched instance is configured and ready + to use. During this time, the next replacement will not be initiated. + The default is to use the value for the health check grace period defined for the group. format: int64 type: integer minHealthyPercentage: - description: The amount of capacity as a percentage in ASG that - must remain healthy during an instance refresh. The default - is 90. + description: |- + The amount of capacity as a percentage in ASG that must remain healthy + during an instance refresh. The default is 90. format: int64 type: integer strategy: - description: The strategy to use for the instance refresh. The - only valid value is Rolling. A rolling update is an update that - is applied to all instances in an Auto Scaling group until all - instances have been updated. + description: |- + The strategy to use for the instance refresh. The only valid value is Rolling. + A rolling update is an update that is applied to all instances in an Auto + Scaling group until all instances have been updated. type: string type: object subnets: description: Subnets is an array of subnet configurations items: - description: AWSResourceReference is a reference to a specific AWS - resource by ID or filters. Only one of ID or Filters may be specified. - Specifying more than one will result in a validation error. + description: |- + AWSResourceReference is a reference to a specific AWS resource by ID or filters. + Only one of ID or Filters may be specified. Specifying more than one will result in + a validation error. properties: filters: - description: 'Filters is a set of key/value pairs used to identify - a resource They are applied according to the rules defined - by the AWS API: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Filtering.html' + description: |- + Filters is a set of key/value pairs used to identify a resource + They are applied according to the rules defined by the AWS API: + https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Filtering.html items: description: Filter is a filter used to identify an AWS resource. properties: @@ -925,9 +974,9 @@ spec: type: object type: array suspendProcesses: - description: SuspendProcesses defines a list of processes to suspend - for the given ASG. This is constantly reconciled. If a process is - removed from this list it will automatically be resumed. + description: |- + SuspendProcesses defines a list of processes to suspend for the given ASG. This is constantly reconciled. + If a process is removed from this list it will automatically be resumed. properties: all: type: boolean @@ -974,37 +1023,37 @@ spec: operational state. properties: lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. + description: |- + Last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when + the API field changed is acceptable. format: date-time type: string message: - description: A human readable message indicating details about - the transition. This field may be empty. + description: |- + A human readable message indicating details about the transition. + This field may be empty. type: string reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. + description: |- + The reason for the condition's last transition in CamelCase. + The specific API may choose whether or not this field is considered a guaranteed API. + This field may not be empty. type: string severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. + description: |- + Severity provides an explicit classification of Reason code, so the users or machines can immediately + understand the current situation and act accordingly. + The Severity field MUST be set only when Status=False. type: string status: description: Status of the condition, one of True, False, Unknown. type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions + can be useful (see .node.status.conditions), the ability to deconflict is important. type: string required: - lastTransitionTime @@ -1013,34 +1062,46 @@ spec: type: object type: array failureMessage: - description: "FailureMessage will be set in the event that there is - a terminal problem reconciling the Machine and will contain a more - verbose string suitable for logging and human consumption. \n This - field should not be set for transitive errors that a controller - faces that are expected to be fixed automatically over time (like - service outages), but instead indicate that something is fundamentally - wrong with the Machine's spec or the configuration of the controller, - and that manual intervention is required. Examples of terminal errors - would be invalid combinations of settings in the spec, values that - are unsupported by the controller, or the responsible controller - itself being critically misconfigured. \n Any transient errors that - occur during the reconciliation of Machines can be added as events - to the Machine object and/or logged in the controller's output." + description: |- + FailureMessage will be set in the event that there is a terminal problem + reconciling the Machine and will contain a more verbose string suitable + for logging and human consumption. + + + This field should not be set for transitive errors that a controller + faces that are expected to be fixed automatically over + time (like service outages), but instead indicate that something is + fundamentally wrong with the Machine's spec or the configuration of + the controller, and that manual intervention is required. Examples + of terminal errors would be invalid combinations of settings in the + spec, values that are unsupported by the controller, or the + responsible controller itself being critically misconfigured. + + + Any transient errors that occur during the reconciliation of Machines + can be added as events to the Machine object and/or logged in the + controller's output. type: string failureReason: - description: "FailureReason will be set in the event that there is - a terminal problem reconciling the Machine and will contain a succinct - value suitable for machine interpretation. \n This field should - not be set for transitive errors that a controller faces that are - expected to be fixed automatically over time (like service outages), - but instead indicate that something is fundamentally wrong with - the Machine's spec or the configuration of the controller, and that - manual intervention is required. Examples of terminal errors would - be invalid combinations of settings in the spec, values that are - unsupported by the controller, or the responsible controller itself - being critically misconfigured. \n Any transient errors that occur - during the reconciliation of Machines can be added as events to - the Machine object and/or logged in the controller's output." + description: |- + FailureReason will be set in the event that there is a terminal problem + reconciling the Machine and will contain a succinct value suitable + for machine interpretation. + + + This field should not be set for transitive errors that a controller + faces that are expected to be fixed automatically over + time (like service outages), but instead indicate that something is + fundamentally wrong with the Machine's spec or the configuration of + the controller, and that manual intervention is required. Examples + of terminal errors would be invalid combinations of settings in the + spec, values that are unsupported by the controller, or the + responsible controller itself being critically misconfigured. + + + Any transient errors that occur during the reconciliation of Machines + can be added as events to the Machine object and/or logged in the + controller's output. type: string instances: description: Instances contains the status for each instance in the diff --git a/config/crd/bases/infrastructure.cluster.x-k8s.io_awsmachines.yaml b/config/crd/bases/infrastructure.cluster.x-k8s.io_awsmachines.yaml index 2f4a15b263..c16031df5d 100644 --- a/config/crd/bases/infrastructure.cluster.x-k8s.io_awsmachines.yaml +++ b/config/crd/bases/infrastructure.cluster.x-k8s.io_awsmachines.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: awsmachines.infrastructure.cluster.x-k8s.io spec: group: infrastructure.cluster.x-k8s.io @@ -45,14 +45,19 @@ spec: description: AWSMachine is the schema for Amazon EC2 machines. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -61,26 +66,27 @@ spec: instance. properties: additionalSecurityGroups: - description: AdditionalSecurityGroups is an array of references to - security groups that should be applied to the instance. These security - groups would be set in addition to any security groups defined at - the cluster level or in the actuator. It is possible to specify - either IDs of Filters. Using Filters will cause additional requests - to AWS API and if tags change the attached security groups might - change too. + description: |- + AdditionalSecurityGroups is an array of references to security groups that should be applied to the + instance. These security groups would be set in addition to any security groups defined + at the cluster level or in the actuator. It is possible to specify either IDs of Filters. Using Filters + will cause additional requests to AWS API and if tags change the attached security groups might change too. items: - description: AWSResourceReference is a reference to a specific AWS - resource by ID or filters. Only one of ID or Filters may be specified. - Specifying more than one will result in a validation error. + description: |- + AWSResourceReference is a reference to a specific AWS resource by ID or filters. + Only one of ID or Filters may be specified. Specifying more than one will result in + a validation error. properties: arn: - description: 'ARN of resource. Deprecated: This field has no - function and is going to be removed in the next release.' + description: |- + ARN of resource. + Deprecated: This field has no function and is going to be removed in the next release. type: string filters: - description: 'Filters is a set of key/value pairs used to identify - a resource They are applied according to the rules defined - by the AWS API: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Filtering.html' + description: |- + Filters is a set of key/value pairs used to identify a resource + They are applied according to the rules defined by the AWS API: + https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Filtering.html items: description: Filter is a filter used to identify an AWS resource. properties: @@ -106,10 +112,10 @@ spec: additionalTags: additionalProperties: type: string - description: AdditionalTags is an optional set of tags to add to an - instance, in addition to the ones added by default by the AWS provider. - If both the AWSCluster and the AWSMachine specify the same tag name - with different values, the AWSMachine's value takes precedence. + description: |- + AdditionalTags is an optional set of tags to add to an instance, in addition to the ones added by default by the + AWS provider. If both the AWSCluster and the AWSMachine specify the same tag name with different values, the + AWSMachine's value takes precedence. type: object ami: description: AMI is the reference to the AMI from which to create @@ -127,15 +133,16 @@ spec: type: string type: object cloudInit: - description: CloudInit defines options related to the bootstrapping - systems where CloudInit is used. + description: |- + CloudInit defines options related to the bootstrapping systems where + CloudInit is used. properties: insecureSkipSecretsManager: - description: InsecureSkipSecretsManager, when set to true will - not use AWS Secrets Manager or AWS Systems Manager Parameter - Store to ensure privacy of userdata. By default, a cloud-init - boothook shell script is prepended to download the userdata - from Secrets Manager and additionally delete the secret. + description: |- + InsecureSkipSecretsManager, when set to true will not use AWS Secrets Manager + or AWS Systems Manager Parameter Store to ensure privacy of userdata. + By default, a cloud-init boothook shell script is prepended to download + the userdata from Secrets Manager and additionally delete the secret. type: boolean secretCount: description: SecretCount is the number of secrets used to form @@ -143,26 +150,26 @@ spec: format: int32 type: integer secretPrefix: - description: SecretPrefix is the prefix for the secret name. This - is stored temporarily, and deleted when the machine registers - as a node against the workload cluster. + description: |- + SecretPrefix is the prefix for the secret name. This is stored + temporarily, and deleted when the machine registers as a node against + the workload cluster. type: string secureSecretsBackend: - description: SecureSecretsBackend, when set to parameter-store - will utilize the AWS Systems Manager Parameter Storage to distribute - secrets. By default or with the value of secrets-manager, will - use AWS Secrets Manager instead. + description: |- + SecureSecretsBackend, when set to parameter-store will utilize the AWS Systems Manager + Parameter Storage to distribute secrets. By default or with the value of secrets-manager, + will use AWS Secrets Manager instead. enum: - secrets-manager - ssm-parameter-store type: string type: object failureDomain: - description: FailureDomain is the failure domain unique identifier - this Machine should be attached to, as defined in Cluster API. For - this infrastructure provider, the ID is equivalent to an AWS Availability - Zone. If multiple subnets are matched for the availability zone, - the first one returned is picked. + description: |- + FailureDomain is the failure domain unique identifier this Machine should be attached to, as defined in Cluster API. + For this infrastructure provider, the ID is equivalent to an AWS Availability Zone. + If multiple subnets are matched for the availability zone, the first one returned is picked. type: string iamInstanceProfile: description: IAMInstanceProfile is a name of an IAM instance profile @@ -181,21 +188,23 @@ spec: type: string type: object imageLookupBaseOS: - description: ImageLookupBaseOS is the name of the base operating system - to use for image lookup the AMI is not set. + description: |- + ImageLookupBaseOS is the name of the base operating system to use for + image lookup the AMI is not set. type: string imageLookupFormat: - description: 'ImageLookupFormat is the AMI naming format to look up - the image for this machine It will be ignored if an explicit AMI - is set. Supports substitutions for {{.BaseOS}} and {{.K8sVersion}} - with the base OS and kubernetes version, respectively. The BaseOS - will be the value in ImageLookupBaseOS or ubuntu (the default), - and the kubernetes version as defined by the packages produced by - kubernetes/release without v as a prefix: 1.13.0, 1.12.5-mybuild.1, - or 1.17.3. For example, the default image format of capa-ami-{{.BaseOS}}-?{{.K8sVersion}}-* - will end up searching for AMIs that match the pattern capa-ami-ubuntu-?1.18.0-* - for a Machine that is targeting kubernetes v1.18.0 and the ubuntu - base OS. See also: https://golang.org/pkg/text/template/' + description: |- + ImageLookupFormat is the AMI naming format to look up the image for this + machine It will be ignored if an explicit AMI is set. Supports + substitutions for {{.BaseOS}} and {{.K8sVersion}} with the base OS and + kubernetes version, respectively. The BaseOS will be the value in + ImageLookupBaseOS or ubuntu (the default), and the kubernetes version as + defined by the packages produced by kubernetes/release without v as a + prefix: 1.13.0, 1.12.5-mybuild.1, or 1.17.3. For example, the default + image format of capa-ami-{{.BaseOS}}-?{{.K8sVersion}}-* will end up + searching for AMIs that match the pattern capa-ami-ubuntu-?1.18.0-* for a + Machine that is targeting kubernetes v1.18.0 and the ubuntu base OS. See + also: https://golang.org/pkg/text/template/ type: string imageLookupOrg: description: ImageLookupOrg is the AWS Organization ID to use for @@ -210,8 +219,9 @@ spec: minLength: 2 type: string networkInterfaces: - description: NetworkInterfaces is a list of ENIs to associate with - the instance. A maximum of 2 may be specified. + description: |- + NetworkInterfaces is a list of ENIs to associate with the instance. + A maximum of 2 may be specified. items: type: string maxItems: 2 @@ -230,9 +240,9 @@ spec: or not. type: boolean encryptionKey: - description: EncryptionKey is the KMS key to use to encrypt - the volume. Can be either a KMS key ID or ARN. If Encrypted - is set and this is omitted, the default AWS key will be used. + description: |- + EncryptionKey is the KMS key to use to encrypt the volume. Can be either a KMS key ID or ARN. + If Encrypted is set and this is omitted, the default AWS key will be used. The key must already exist and be accessible by the controller. type: string iops: @@ -241,9 +251,9 @@ spec: format: int64 type: integer size: - description: Size specifies size (in Gi) of the storage device. - Must be greater than the image snapshot size or 8 (whichever - is greater). + description: |- + Size specifies size (in Gi) of the storage device. + Must be greater than the image snapshot size or 8 (whichever is greater). format: int64 minimum: 8 type: integer @@ -265,9 +275,12 @@ spec: cloud provider. type: string publicIP: - description: 'PublicIP specifies whether the instance should get a - public IP. Precedence for this setting is as follows: 1. This field - if set 2. Cluster/flavor setting 3. Subnet default' + description: |- + PublicIP specifies whether the instance should get a public IP. + Precedence for this setting is as follows: + 1. This field if set + 2. Cluster/flavor setting + 3. Subnet default type: boolean rootVolume: description: RootVolume encapsulates the configuration options for @@ -281,10 +294,10 @@ spec: or not. type: boolean encryptionKey: - description: EncryptionKey is the KMS key to use to encrypt the - volume. Can be either a KMS key ID or ARN. If Encrypted is set - and this is omitted, the default AWS key will be used. The key - must already exist and be accessible by the controller. + description: |- + EncryptionKey is the KMS key to use to encrypt the volume. Can be either a KMS key ID or ARN. + If Encrypted is set and this is omitted, the default AWS key will be used. + The key must already exist and be accessible by the controller. type: string iops: description: IOPS is the number of IOPS requested for the disk. @@ -292,9 +305,9 @@ spec: format: int64 type: integer size: - description: Size specifies size (in Gi) of the storage device. - Must be greater than the image snapshot size or 8 (whichever - is greater). + description: |- + Size specifies size (in Gi) of the storage device. + Must be greater than the image snapshot size or 8 (whichever is greater). format: int64 minimum: 8 type: integer @@ -324,17 +337,20 @@ spec: valid SSH key name, or omitted (use the default SSH key name) type: string subnet: - description: Subnet is a reference to the subnet to use for this instance. - If not specified, the cluster subnet will be used. + description: |- + Subnet is a reference to the subnet to use for this instance. If not specified, + the cluster subnet will be used. properties: arn: - description: 'ARN of resource. Deprecated: This field has no function - and is going to be removed in the next release.' + description: |- + ARN of resource. + Deprecated: This field has no function and is going to be removed in the next release. type: string filters: - description: 'Filters is a set of key/value pairs used to identify - a resource They are applied according to the rules defined by - the AWS API: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Filtering.html' + description: |- + Filters is a set of key/value pairs used to identify a resource + They are applied according to the rules defined by the AWS API: + https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Filtering.html items: description: Filter is a filter used to identify an AWS resource. properties: @@ -365,10 +381,10 @@ spec: - host type: string uncompressedUserData: - description: UncompressedUserData specify whether the user data is - gzip-compressed before it is sent to ec2 instance. cloud-init has - built-in support for gzip-compressed user data user data stored - in aws secret manager is always gzip-compressed. + description: |- + UncompressedUserData specify whether the user data is gzip-compressed before it is sent to ec2 instance. + cloud-init has built-in support for gzip-compressed user data + user data stored in aws secret manager is always gzip-compressed. type: boolean required: - instanceType @@ -401,37 +417,37 @@ spec: operational state. properties: lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. + description: |- + Last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when + the API field changed is acceptable. format: date-time type: string message: - description: A human readable message indicating details about - the transition. This field may be empty. + description: |- + A human readable message indicating details about the transition. + This field may be empty. type: string reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. + description: |- + The reason for the condition's last transition in CamelCase. + The specific API may choose whether or not this field is considered a guaranteed API. + This field may not be empty. type: string severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. + description: |- + Severity provides an explicit classification of Reason code, so the users or machines can immediately + understand the current situation and act accordingly. + The Severity field MUST be set only when Status=False. type: string status: description: Status of the condition, one of True, False, Unknown. type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions + can be useful (see .node.status.conditions), the ability to deconflict is important. type: string required: - lastTransitionTime @@ -440,45 +456,55 @@ spec: type: object type: array failureMessage: - description: "FailureMessage will be set in the event that there is - a terminal problem reconciling the Machine and will contain a more - verbose string suitable for logging and human consumption. \n This - field should not be set for transitive errors that a controller - faces that are expected to be fixed automatically over time (like - service outages), but instead indicate that something is fundamentally - wrong with the Machine's spec or the configuration of the controller, - and that manual intervention is required. Examples of terminal errors - would be invalid combinations of settings in the spec, values that - are unsupported by the controller, or the responsible controller - itself being critically misconfigured. \n Any transient errors that - occur during the reconciliation of Machines can be added as events - to the Machine object and/or logged in the controller's output." + description: |- + FailureMessage will be set in the event that there is a terminal problem + reconciling the Machine and will contain a more verbose string suitable + for logging and human consumption. + + + This field should not be set for transitive errors that a controller + faces that are expected to be fixed automatically over + time (like service outages), but instead indicate that something is + fundamentally wrong with the Machine's spec or the configuration of + the controller, and that manual intervention is required. Examples + of terminal errors would be invalid combinations of settings in the + spec, values that are unsupported by the controller, or the + responsible controller itself being critically misconfigured. + + + Any transient errors that occur during the reconciliation of Machines + can be added as events to the Machine object and/or logged in the + controller's output. type: string failureReason: - description: "FailureReason will be set in the event that there is - a terminal problem reconciling the Machine and will contain a succinct - value suitable for machine interpretation. \n This field should - not be set for transitive errors that a controller faces that are - expected to be fixed automatically over time (like service outages), - but instead indicate that something is fundamentally wrong with - the Machine's spec or the configuration of the controller, and that - manual intervention is required. Examples of terminal errors would - be invalid combinations of settings in the spec, values that are - unsupported by the controller, or the responsible controller itself - being critically misconfigured. \n Any transient errors that occur - during the reconciliation of Machines can be added as events to - the Machine object and/or logged in the controller's output." + description: |- + FailureReason will be set in the event that there is a terminal problem + reconciling the Machine and will contain a succinct value suitable + for machine interpretation. + + + This field should not be set for transitive errors that a controller + faces that are expected to be fixed automatically over + time (like service outages), but instead indicate that something is + fundamentally wrong with the Machine's spec or the configuration of + the controller, and that manual intervention is required. Examples + of terminal errors would be invalid combinations of settings in the + spec, values that are unsupported by the controller, or the + responsible controller itself being critically misconfigured. + + + Any transient errors that occur during the reconciliation of Machines + can be added as events to the Machine object and/or logged in the + controller's output. type: string instanceState: description: InstanceState is the state of the AWS instance for this machine. type: string interruptible: - description: Interruptible reports that this machine is using spot - instances and can therefore be interrupted by CAPI when it receives - a notice that the spot instance is to be terminated by AWS. This - will be set to true when SpotMarketOptions is not nil (i.e. this - machine is using a spot instance). + description: |- + Interruptible reports that this machine is using spot instances and can therefore be interrupted by CAPI when it receives a notice that the spot instance is to be terminated by AWS. + This will be set to true when SpotMarketOptions is not nil (i.e. this machine is using a spot instance). type: boolean ready: description: Ready is true when the provider resource is ready. @@ -516,14 +542,19 @@ spec: description: AWSMachine is the schema for Amazon EC2 machines. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -532,22 +563,22 @@ spec: instance. properties: additionalSecurityGroups: - description: AdditionalSecurityGroups is an array of references to - security groups that should be applied to the instance. These security - groups would be set in addition to any security groups defined at - the cluster level or in the actuator. It is possible to specify - either IDs of Filters. Using Filters will cause additional requests - to AWS API and if tags change the attached security groups might - change too. + description: |- + AdditionalSecurityGroups is an array of references to security groups that should be applied to the + instance. These security groups would be set in addition to any security groups defined + at the cluster level or in the actuator. It is possible to specify either IDs of Filters. Using Filters + will cause additional requests to AWS API and if tags change the attached security groups might change too. items: - description: AWSResourceReference is a reference to a specific AWS - resource by ID or filters. Only one of ID or Filters may be specified. - Specifying more than one will result in a validation error. + description: |- + AWSResourceReference is a reference to a specific AWS resource by ID or filters. + Only one of ID or Filters may be specified. Specifying more than one will result in + a validation error. properties: filters: - description: 'Filters is a set of key/value pairs used to identify - a resource They are applied according to the rules defined - by the AWS API: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Filtering.html' + description: |- + Filters is a set of key/value pairs used to identify a resource + They are applied according to the rules defined by the AWS API: + https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Filtering.html items: description: Filter is a filter used to identify an AWS resource. properties: @@ -573,10 +604,10 @@ spec: additionalTags: additionalProperties: type: string - description: AdditionalTags is an optional set of tags to add to an - instance, in addition to the ones added by default by the AWS provider. - If both the AWSCluster and the AWSMachine specify the same tag name - with different values, the AWSMachine's value takes precedence. + description: |- + AdditionalTags is an optional set of tags to add to an instance, in addition to the ones added by default by the + AWS provider. If both the AWSCluster and the AWSMachine specify the same tag name with different values, the + AWSMachine's value takes precedence. type: object ami: description: AMI is the reference to the AMI from which to create @@ -594,15 +625,16 @@ spec: type: string type: object cloudInit: - description: CloudInit defines options related to the bootstrapping - systems where CloudInit is used. + description: |- + CloudInit defines options related to the bootstrapping systems where + CloudInit is used. properties: insecureSkipSecretsManager: - description: InsecureSkipSecretsManager, when set to true will - not use AWS Secrets Manager or AWS Systems Manager Parameter - Store to ensure privacy of userdata. By default, a cloud-init - boothook shell script is prepended to download the userdata - from Secrets Manager and additionally delete the secret. + description: |- + InsecureSkipSecretsManager, when set to true will not use AWS Secrets Manager + or AWS Systems Manager Parameter Store to ensure privacy of userdata. + By default, a cloud-init boothook shell script is prepended to download + the userdata from Secrets Manager and additionally delete the secret. type: boolean secretCount: description: SecretCount is the number of secrets used to form @@ -610,15 +642,16 @@ spec: format: int32 type: integer secretPrefix: - description: SecretPrefix is the prefix for the secret name. This - is stored temporarily, and deleted when the machine registers - as a node against the workload cluster. + description: |- + SecretPrefix is the prefix for the secret name. This is stored + temporarily, and deleted when the machine registers as a node against + the workload cluster. type: string secureSecretsBackend: - description: SecureSecretsBackend, when set to parameter-store - will utilize the AWS Systems Manager Parameter Storage to distribute - secrets. By default or with the value of secrets-manager, will - use AWS Secrets Manager instead. + description: |- + SecureSecretsBackend, when set to parameter-store will utilize the AWS Systems Manager + Parameter Storage to distribute secrets. By default or with the value of secrets-manager, + will use AWS Secrets Manager instead. enum: - secrets-manager - ssm-parameter-store @@ -633,31 +666,38 @@ spec: systems where Ignition is used. properties: proxy: - description: Proxy defines proxy settings for Ignition. Only valid - for Ignition versions 3.1 and above. + description: |- + Proxy defines proxy settings for Ignition. + Only valid for Ignition versions 3.1 and above. properties: httpProxy: - description: HTTPProxy is the HTTP proxy to use for Ignition. - A single URL that specifies the proxy server to use for - HTTP and HTTPS requests, unless overridden by the HTTPSProxy - or NoProxy options. + description: |- + HTTPProxy is the HTTP proxy to use for Ignition. + A single URL that specifies the proxy server to use for HTTP and HTTPS requests, + unless overridden by the HTTPSProxy or NoProxy options. type: string httpsProxy: - description: HTTPSProxy is the HTTPS proxy to use for Ignition. - A single URL that specifies the proxy server to use for - HTTPS requests, unless overridden by the NoProxy option. + description: |- + HTTPSProxy is the HTTPS proxy to use for Ignition. + A single URL that specifies the proxy server to use for HTTPS requests, + unless overridden by the NoProxy option. type: string noProxy: - description: "NoProxy is the list of domains to not proxy - for Ignition. Specifies a list of strings to hosts that - should be excluded from proxying. \n Each value is represented - by: - An IP address prefix (1.2.3.4) - An IP address prefix - in CIDR notation (1.2.3.4/8) - A domain name - A domain - name matches that name and all subdomains - A domain name - with a leading . matches subdomains only - A special DNS - label (*), indicates that no proxying should be done \n - An IP address prefix and domain name can also include a - literal port number (1.2.3.4:80)." + description: |- + NoProxy is the list of domains to not proxy for Ignition. + Specifies a list of strings to hosts that should be excluded from proxying. + + + Each value is represented by: + - An IP address prefix (1.2.3.4) + - An IP address prefix in CIDR notation (1.2.3.4/8) + - A domain name + - A domain name matches that name and all subdomains + - A domain name with a leading . matches subdomains only + - A special DNS label (*), indicates that no proxying should be done + + + An IP address prefix and domain name can also include a literal port number (1.2.3.4:80). items: description: IgnitionNoProxy defines the list of domains to not proxy for Ignition. @@ -668,36 +708,38 @@ spec: type: object storageType: default: ClusterObjectStore - description: "StorageType defines how to store the boostrap user - data for Ignition. This can be used to instruct Ignition from - where to fetch the user data to bootstrap an instance. \n When - omitted, the storage option will default to ClusterObjectStore. - \n When set to \"ClusterObjectStore\", if the capability is - available and a Cluster ObjectStore configuration is correctly - provided in the Cluster object (under .spec.s3Bucket), an object - store will be used to store bootstrap user data. \n When set - to \"UnencryptedUserData\", EC2 Instance User Data will be used - to store the machine bootstrap user data, unencrypted. This - option is considered less secure than others as user data may - contain sensitive informations (keys, certificates, etc.) and - users with ec2:DescribeInstances permission or users running - pods that can access the ec2 metadata service have access to - this sensitive information. So this is only to be used at ones - own risk, and only when other more secure options are not viable." + description: |- + StorageType defines how to store the boostrap user data for Ignition. + This can be used to instruct Ignition from where to fetch the user data to bootstrap an instance. + + + When omitted, the storage option will default to ClusterObjectStore. + + + When set to "ClusterObjectStore", if the capability is available and a Cluster ObjectStore configuration + is correctly provided in the Cluster object (under .spec.s3Bucket), + an object store will be used to store bootstrap user data. + + + When set to "UnencryptedUserData", EC2 Instance User Data will be used to store the machine bootstrap user data, unencrypted. + This option is considered less secure than others as user data may contain sensitive informations (keys, certificates, etc.) + and users with ec2:DescribeInstances permission or users running pods + that can access the ec2 metadata service have access to this sensitive information. + So this is only to be used at ones own risk, and only when other more secure options are not viable. enum: - ClusterObjectStore - UnencryptedUserData type: string tls: - description: TLS defines TLS settings for Ignition. Only valid - for Ignition versions 3.1 and above. + description: |- + TLS defines TLS settings for Ignition. + Only valid for Ignition versions 3.1 and above. properties: certificateAuthorities: - description: CASources defines the list of certificate authorities - to use for Ignition. The value is the certificate bundle - (in PEM format). The bundle can contain multiple concatenated - certificates. Supported schemes are http, https, tftp, s3, - arn, gs, and `data` (RFC 2397) URL scheme. + description: |- + CASources defines the list of certificate authorities to use for Ignition. + The value is the certificate bundle (in PEM format). The bundle can contain multiple concatenated certificates. + Supported schemes are http, https, tftp, s3, arn, gs, and `data` (RFC 2397) URL scheme. items: description: IgnitionCASource defines the source of the certificate authority to use for Ignition. @@ -720,21 +762,23 @@ spec: type: string type: object imageLookupBaseOS: - description: ImageLookupBaseOS is the name of the base operating system - to use for image lookup the AMI is not set. + description: |- + ImageLookupBaseOS is the name of the base operating system to use for + image lookup the AMI is not set. type: string imageLookupFormat: - description: 'ImageLookupFormat is the AMI naming format to look up - the image for this machine It will be ignored if an explicit AMI - is set. Supports substitutions for {{.BaseOS}} and {{.K8sVersion}} - with the base OS and kubernetes version, respectively. The BaseOS - will be the value in ImageLookupBaseOS or ubuntu (the default), - and the kubernetes version as defined by the packages produced by - kubernetes/release without v as a prefix: 1.13.0, 1.12.5-mybuild.1, - or 1.17.3. For example, the default image format of capa-ami-{{.BaseOS}}-?{{.K8sVersion}}-* - will end up searching for AMIs that match the pattern capa-ami-ubuntu-?1.18.0-* - for a Machine that is targeting kubernetes v1.18.0 and the ubuntu - base OS. See also: https://golang.org/pkg/text/template/' + description: |- + ImageLookupFormat is the AMI naming format to look up the image for this + machine It will be ignored if an explicit AMI is set. Supports + substitutions for {{.BaseOS}} and {{.K8sVersion}} with the base OS and + kubernetes version, respectively. The BaseOS will be the value in + ImageLookupBaseOS or ubuntu (the default), and the kubernetes version as + defined by the packages produced by kubernetes/release without v as a + prefix: 1.13.0, 1.12.5-mybuild.1, or 1.17.3. For example, the default + image format of capa-ami-{{.BaseOS}}-?{{.K8sVersion}}-* will end up + searching for AMIs that match the pattern capa-ami-ubuntu-?1.18.0-* for a + Machine that is targeting kubernetes v1.18.0 and the ubuntu base OS. See + also: https://golang.org/pkg/text/template/ type: string imageLookupOrg: description: ImageLookupOrg is the AWS Organization ID to use for @@ -749,46 +793,64 @@ spec: properties: httpEndpoint: default: enabled - description: "Enables or disables the HTTP metadata endpoint on - your instances. \n If you specify a value of disabled, you cannot - access your instance metadata. \n Default: enabled" + description: |- + Enables or disables the HTTP metadata endpoint on your instances. + + + If you specify a value of disabled, you cannot access your instance metadata. + + + Default: enabled enum: - enabled - disabled type: string httpPutResponseHopLimit: default: 1 - description: "The desired HTTP PUT response hop limit for instance - metadata requests. The larger the number, the further instance - metadata requests can travel. \n Default: 1" + description: |- + The desired HTTP PUT response hop limit for instance metadata requests. The + larger the number, the further instance metadata requests can travel. + + + Default: 1 format: int64 maximum: 64 minimum: 1 type: integer httpTokens: default: optional - description: "The state of token usage for your instance metadata - requests. \n If the state is optional, you can choose to retrieve - instance metadata with or without a session token on your request. - If you retrieve the IAM role credentials without a token, the - version 1.0 role credentials are returned. If you retrieve the - IAM role credentials using a valid session token, the version - 2.0 role credentials are returned. \n If the state is required, - you must send a session token with any instance metadata retrieval - requests. In this state, retrieving the IAM role credentials - always returns the version 2.0 credentials; the version 1.0 - credentials are not available. \n Default: optional" + description: |- + The state of token usage for your instance metadata requests. + + + If the state is optional, you can choose to retrieve instance metadata with + or without a session token on your request. If you retrieve the IAM role + credentials without a token, the version 1.0 role credentials are returned. + If you retrieve the IAM role credentials using a valid session token, the + version 2.0 role credentials are returned. + + + If the state is required, you must send a session token with any instance + metadata retrieval requests. In this state, retrieving the IAM role credentials + always returns the version 2.0 credentials; the version 1.0 credentials are + not available. + + + Default: optional enum: - optional - required type: string instanceMetadataTags: default: disabled - description: "Set to enabled to allow access to instance tags - from the instance metadata. Set to disabled to turn off access - to instance tags from the instance metadata. For more information, - see Work with instance tags using the instance metadata (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#work-with-tags-in-IMDS). - \n Default: disabled" + description: |- + Set to enabled to allow access to instance tags from the instance metadata. + Set to disabled to turn off access to instance tags from the instance metadata. + For more information, see Work with instance tags using the instance metadata + (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#work-with-tags-in-IMDS). + + + Default: disabled enum: - enabled - disabled @@ -800,8 +862,9 @@ spec: minLength: 2 type: string networkInterfaces: - description: NetworkInterfaces is a list of ENIs to associate with - the instance. A maximum of 2 may be specified. + description: |- + NetworkInterfaces is a list of ENIs to associate with the instance. + A maximum of 2 may be specified. items: type: string maxItems: 2 @@ -820,9 +883,9 @@ spec: or not. type: boolean encryptionKey: - description: EncryptionKey is the KMS key to use to encrypt - the volume. Can be either a KMS key ID or ARN. If Encrypted - is set and this is omitted, the default AWS key will be used. + description: |- + EncryptionKey is the KMS key to use to encrypt the volume. Can be either a KMS key ID or ARN. + If Encrypted is set and this is omitted, the default AWS key will be used. The key must already exist and be accessible by the controller. type: string iops: @@ -831,9 +894,9 @@ spec: format: int64 type: integer size: - description: Size specifies size (in Gi) of the storage device. - Must be greater than the image snapshot size or 8 (whichever - is greater). + description: |- + Size specifies size (in Gi) of the storage device. + Must be greater than the image snapshot size or 8 (whichever is greater). format: int64 minimum: 8 type: integer @@ -855,10 +918,10 @@ spec: group in which to launch the instance. type: string placementGroupPartition: - description: PlacementGroupPartition is the partition number within - the placement group in which to launch the instance. This value - is only valid if the placement group, referred in `PlacementGroupName`, - was created with strategy set to partition. + description: |- + PlacementGroupPartition is the partition number within the placement group in which to launch the instance. + This value is only valid if the placement group, referred in `PlacementGroupName`, was created with + strategy set to partition. format: int64 maximum: 7 minimum: 1 @@ -887,9 +950,12 @@ spec: cloud provider. type: string publicIP: - description: 'PublicIP specifies whether the instance should get a - public IP. Precedence for this setting is as follows: 1. This field - if set 2. Cluster/flavor setting 3. Subnet default' + description: |- + PublicIP specifies whether the instance should get a public IP. + Precedence for this setting is as follows: + 1. This field if set + 2. Cluster/flavor setting + 3. Subnet default type: boolean rootVolume: description: RootVolume encapsulates the configuration options for @@ -903,10 +969,10 @@ spec: or not. type: boolean encryptionKey: - description: EncryptionKey is the KMS key to use to encrypt the - volume. Can be either a KMS key ID or ARN. If Encrypted is set - and this is omitted, the default AWS key will be used. The key - must already exist and be accessible by the controller. + description: |- + EncryptionKey is the KMS key to use to encrypt the volume. Can be either a KMS key ID or ARN. + If Encrypted is set and this is omitted, the default AWS key will be used. + The key must already exist and be accessible by the controller. type: string iops: description: IOPS is the number of IOPS requested for the disk. @@ -914,9 +980,9 @@ spec: format: int64 type: integer size: - description: Size specifies size (in Gi) of the storage device. - Must be greater than the image snapshot size or 8 (whichever - is greater). + description: |- + Size specifies size (in Gi) of the storage device. + Must be greater than the image snapshot size or 8 (whichever is greater). format: int64 minimum: 8 type: integer @@ -934,9 +1000,9 @@ spec: securityGroupOverrides: additionalProperties: type: string - description: SecurityGroupOverrides is an optional set of security - groups to use for the node. This is optional - if not provided security - groups from the cluster will be used. + description: |- + SecurityGroupOverrides is an optional set of security groups to use for the node. + This is optional - if not provided security groups from the cluster will be used. type: object spotMarketOptions: description: SpotMarketOptions allows users to configure instances @@ -953,13 +1019,15 @@ spec: valid SSH key name, or omitted (use the default SSH key name) type: string subnet: - description: Subnet is a reference to the subnet to use for this instance. - If not specified, the cluster subnet will be used. + description: |- + Subnet is a reference to the subnet to use for this instance. If not specified, + the cluster subnet will be used. properties: filters: - description: 'Filters is a set of key/value pairs used to identify - a resource They are applied according to the rules defined by - the AWS API: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Filtering.html' + description: |- + Filters is a set of key/value pairs used to identify a resource + They are applied according to the rules defined by the AWS API: + https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Filtering.html items: description: Filter is a filter used to identify an AWS resource. properties: @@ -990,10 +1058,10 @@ spec: - host type: string uncompressedUserData: - description: UncompressedUserData specify whether the user data is - gzip-compressed before it is sent to ec2 instance. cloud-init has - built-in support for gzip-compressed user data user data stored - in aws secret manager is always gzip-compressed. + description: |- + UncompressedUserData specify whether the user data is gzip-compressed before it is sent to ec2 instance. + cloud-init has built-in support for gzip-compressed user data + user data stored in aws secret manager is always gzip-compressed. type: boolean required: - instanceType @@ -1026,37 +1094,37 @@ spec: operational state. properties: lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. + description: |- + Last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when + the API field changed is acceptable. format: date-time type: string message: - description: A human readable message indicating details about - the transition. This field may be empty. + description: |- + A human readable message indicating details about the transition. + This field may be empty. type: string reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. + description: |- + The reason for the condition's last transition in CamelCase. + The specific API may choose whether or not this field is considered a guaranteed API. + This field may not be empty. type: string severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. + description: |- + Severity provides an explicit classification of Reason code, so the users or machines can immediately + understand the current situation and act accordingly. + The Severity field MUST be set only when Status=False. type: string status: description: Status of the condition, one of True, False, Unknown. type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions + can be useful (see .node.status.conditions), the ability to deconflict is important. type: string required: - lastTransitionTime @@ -1065,45 +1133,55 @@ spec: type: object type: array failureMessage: - description: "FailureMessage will be set in the event that there is - a terminal problem reconciling the Machine and will contain a more - verbose string suitable for logging and human consumption. \n This - field should not be set for transitive errors that a controller - faces that are expected to be fixed automatically over time (like - service outages), but instead indicate that something is fundamentally - wrong with the Machine's spec or the configuration of the controller, - and that manual intervention is required. Examples of terminal errors - would be invalid combinations of settings in the spec, values that - are unsupported by the controller, or the responsible controller - itself being critically misconfigured. \n Any transient errors that - occur during the reconciliation of Machines can be added as events - to the Machine object and/or logged in the controller's output." + description: |- + FailureMessage will be set in the event that there is a terminal problem + reconciling the Machine and will contain a more verbose string suitable + for logging and human consumption. + + + This field should not be set for transitive errors that a controller + faces that are expected to be fixed automatically over + time (like service outages), but instead indicate that something is + fundamentally wrong with the Machine's spec or the configuration of + the controller, and that manual intervention is required. Examples + of terminal errors would be invalid combinations of settings in the + spec, values that are unsupported by the controller, or the + responsible controller itself being critically misconfigured. + + + Any transient errors that occur during the reconciliation of Machines + can be added as events to the Machine object and/or logged in the + controller's output. type: string failureReason: - description: "FailureReason will be set in the event that there is - a terminal problem reconciling the Machine and will contain a succinct - value suitable for machine interpretation. \n This field should - not be set for transitive errors that a controller faces that are - expected to be fixed automatically over time (like service outages), - but instead indicate that something is fundamentally wrong with - the Machine's spec or the configuration of the controller, and that - manual intervention is required. Examples of terminal errors would - be invalid combinations of settings in the spec, values that are - unsupported by the controller, or the responsible controller itself - being critically misconfigured. \n Any transient errors that occur - during the reconciliation of Machines can be added as events to - the Machine object and/or logged in the controller's output." + description: |- + FailureReason will be set in the event that there is a terminal problem + reconciling the Machine and will contain a succinct value suitable + for machine interpretation. + + + This field should not be set for transitive errors that a controller + faces that are expected to be fixed automatically over + time (like service outages), but instead indicate that something is + fundamentally wrong with the Machine's spec or the configuration of + the controller, and that manual intervention is required. Examples + of terminal errors would be invalid combinations of settings in the + spec, values that are unsupported by the controller, or the + responsible controller itself being critically misconfigured. + + + Any transient errors that occur during the reconciliation of Machines + can be added as events to the Machine object and/or logged in the + controller's output. type: string instanceState: description: InstanceState is the state of the AWS instance for this machine. type: string interruptible: - description: Interruptible reports that this machine is using spot - instances and can therefore be interrupted by CAPI when it receives - a notice that the spot instance is to be terminated by AWS. This - will be set to true when SpotMarketOptions is not nil (i.e. this - machine is using a spot instance). + description: |- + Interruptible reports that this machine is using spot instances and can therefore be interrupted by CAPI when it receives a notice that the spot instance is to be terminated by AWS. + This will be set to true when SpotMarketOptions is not nil (i.e. this machine is using a spot instance). type: boolean ready: description: Ready is true when the provider resource is ready. diff --git a/config/crd/bases/infrastructure.cluster.x-k8s.io_awsmachinetemplates.yaml b/config/crd/bases/infrastructure.cluster.x-k8s.io_awsmachinetemplates.yaml index 343fb0587a..c824b910db 100644 --- a/config/crd/bases/infrastructure.cluster.x-k8s.io_awsmachinetemplates.yaml +++ b/config/crd/bases/infrastructure.cluster.x-k8s.io_awsmachinetemplates.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: awsmachinetemplates.infrastructure.cluster.x-k8s.io spec: group: infrastructure.cluster.x-k8s.io @@ -25,14 +25,19 @@ spec: API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -44,24 +49,27 @@ spec: to create am AWSMachine from a template. properties: metadata: - description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + description: |- + Standard object's metadata. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata properties: annotations: additionalProperties: type: string - description: 'Annotations is an unstructured key value map - stored with a resource that may be set by external tools - to store and retrieve arbitrary metadata. They are not queryable - and should be preserved when modifying objects. More info: - http://kubernetes.io/docs/user-guide/annotations' + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations type: object labels: additionalProperties: type: string - description: 'Map of string keys and values that can be used - to organize and categorize (scope and select) objects. May - match selectors of replication controllers and services. - More info: http://kubernetes.io/docs/user-guide/labels' + description: |- + Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: http://kubernetes.io/docs/user-guide/labels type: object type: object spec: @@ -69,28 +77,27 @@ spec: of the machine. properties: additionalSecurityGroups: - description: AdditionalSecurityGroups is an array of references - to security groups that should be applied to the instance. - These security groups would be set in addition to any security - groups defined at the cluster level or in the actuator. - It is possible to specify either IDs of Filters. Using Filters - will cause additional requests to AWS API and if tags change - the attached security groups might change too. + description: |- + AdditionalSecurityGroups is an array of references to security groups that should be applied to the + instance. These security groups would be set in addition to any security groups defined + at the cluster level or in the actuator. It is possible to specify either IDs of Filters. Using Filters + will cause additional requests to AWS API and if tags change the attached security groups might change too. items: - description: AWSResourceReference is a reference to a specific - AWS resource by ID or filters. Only one of ID or Filters - may be specified. Specifying more than one will result - in a validation error. + description: |- + AWSResourceReference is a reference to a specific AWS resource by ID or filters. + Only one of ID or Filters may be specified. Specifying more than one will result in + a validation error. properties: arn: - description: 'ARN of resource. Deprecated: This field - has no function and is going to be removed in the - next release.' + description: |- + ARN of resource. + Deprecated: This field has no function and is going to be removed in the next release. type: string filters: - description: 'Filters is a set of key/value pairs used - to identify a resource They are applied according - to the rules defined by the AWS API: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Filtering.html' + description: |- + Filters is a set of key/value pairs used to identify a resource + They are applied according to the rules defined by the AWS API: + https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Filtering.html items: description: Filter is a filter used to identify an AWS resource. @@ -118,11 +125,10 @@ spec: additionalTags: additionalProperties: type: string - description: AdditionalTags is an optional set of tags to - add to an instance, in addition to the ones added by default - by the AWS provider. If both the AWSCluster and the AWSMachine - specify the same tag name with different values, the AWSMachine's - value takes precedence. + description: |- + AdditionalTags is an optional set of tags to add to an instance, in addition to the ones added by default by the + AWS provider. If both the AWSCluster and the AWSMachine specify the same tag name with different values, the + AWSMachine's value takes precedence. type: object ami: description: AMI is the reference to the AMI from which to @@ -140,16 +146,16 @@ spec: type: string type: object cloudInit: - description: CloudInit defines options related to the bootstrapping - systems where CloudInit is used. + description: |- + CloudInit defines options related to the bootstrapping systems where + CloudInit is used. properties: insecureSkipSecretsManager: - description: InsecureSkipSecretsManager, when set to true - will not use AWS Secrets Manager or AWS Systems Manager - Parameter Store to ensure privacy of userdata. By default, - a cloud-init boothook shell script is prepended to download - the userdata from Secrets Manager and additionally delete - the secret. + description: |- + InsecureSkipSecretsManager, when set to true will not use AWS Secrets Manager + or AWS Systems Manager Parameter Store to ensure privacy of userdata. + By default, a cloud-init boothook shell script is prepended to download + the userdata from Secrets Manager and additionally delete the secret. type: boolean secretCount: description: SecretCount is the number of secrets used @@ -157,26 +163,26 @@ spec: format: int32 type: integer secretPrefix: - description: SecretPrefix is the prefix for the secret - name. This is stored temporarily, and deleted when the - machine registers as a node against the workload cluster. + description: |- + SecretPrefix is the prefix for the secret name. This is stored + temporarily, and deleted when the machine registers as a node against + the workload cluster. type: string secureSecretsBackend: - description: SecureSecretsBackend, when set to parameter-store - will utilize the AWS Systems Manager Parameter Storage - to distribute secrets. By default or with the value - of secrets-manager, will use AWS Secrets Manager instead. + description: |- + SecureSecretsBackend, when set to parameter-store will utilize the AWS Systems Manager + Parameter Storage to distribute secrets. By default or with the value of secrets-manager, + will use AWS Secrets Manager instead. enum: - secrets-manager - ssm-parameter-store type: string type: object failureDomain: - description: FailureDomain is the failure domain unique identifier - this Machine should be attached to, as defined in Cluster - API. For this infrastructure provider, the ID is equivalent - to an AWS Availability Zone. If multiple subnets are matched - for the availability zone, the first one returned is picked. + description: |- + FailureDomain is the failure domain unique identifier this Machine should be attached to, as defined in Cluster API. + For this infrastructure provider, the ID is equivalent to an AWS Availability Zone. + If multiple subnets are matched for the availability zone, the first one returned is picked. type: string iamInstanceProfile: description: IAMInstanceProfile is a name of an IAM instance @@ -195,22 +201,23 @@ spec: type: string type: object imageLookupBaseOS: - description: ImageLookupBaseOS is the name of the base operating - system to use for image lookup the AMI is not set. + description: |- + ImageLookupBaseOS is the name of the base operating system to use for + image lookup the AMI is not set. type: string imageLookupFormat: - description: 'ImageLookupFormat is the AMI naming format to - look up the image for this machine It will be ignored if - an explicit AMI is set. Supports substitutions for {{.BaseOS}} - and {{.K8sVersion}} with the base OS and kubernetes version, - respectively. The BaseOS will be the value in ImageLookupBaseOS - or ubuntu (the default), and the kubernetes version as defined - by the packages produced by kubernetes/release without v - as a prefix: 1.13.0, 1.12.5-mybuild.1, or 1.17.3. For example, - the default image format of capa-ami-{{.BaseOS}}-?{{.K8sVersion}}-* - will end up searching for AMIs that match the pattern capa-ami-ubuntu-?1.18.0-* - for a Machine that is targeting kubernetes v1.18.0 and the - ubuntu base OS. See also: https://golang.org/pkg/text/template/' + description: |- + ImageLookupFormat is the AMI naming format to look up the image for this + machine It will be ignored if an explicit AMI is set. Supports + substitutions for {{.BaseOS}} and {{.K8sVersion}} with the base OS and + kubernetes version, respectively. The BaseOS will be the value in + ImageLookupBaseOS or ubuntu (the default), and the kubernetes version as + defined by the packages produced by kubernetes/release without v as a + prefix: 1.13.0, 1.12.5-mybuild.1, or 1.17.3. For example, the default + image format of capa-ami-{{.BaseOS}}-?{{.K8sVersion}}-* will end up + searching for AMIs that match the pattern capa-ami-ubuntu-?1.18.0-* for a + Machine that is targeting kubernetes v1.18.0 and the ubuntu base OS. See + also: https://golang.org/pkg/text/template/ type: string imageLookupOrg: description: ImageLookupOrg is the AWS Organization ID to @@ -225,8 +232,9 @@ spec: minLength: 2 type: string networkInterfaces: - description: NetworkInterfaces is a list of ENIs to associate - with the instance. A maximum of 2 may be specified. + description: |- + NetworkInterfaces is a list of ENIs to associate with the instance. + A maximum of 2 may be specified. items: type: string maxItems: 2 @@ -246,11 +254,10 @@ spec: be encrypted or not. type: boolean encryptionKey: - description: EncryptionKey is the KMS key to use to - encrypt the volume. Can be either a KMS key ID or - ARN. If Encrypted is set and this is omitted, the - default AWS key will be used. The key must already - exist and be accessible by the controller. + description: |- + EncryptionKey is the KMS key to use to encrypt the volume. Can be either a KMS key ID or ARN. + If Encrypted is set and this is omitted, the default AWS key will be used. + The key must already exist and be accessible by the controller. type: string iops: description: IOPS is the number of IOPS requested for @@ -258,9 +265,9 @@ spec: format: int64 type: integer size: - description: Size specifies size (in Gi) of the storage - device. Must be greater than the image snapshot size - or 8 (whichever is greater). + description: |- + Size specifies size (in Gi) of the storage device. + Must be greater than the image snapshot size or 8 (whichever is greater). format: int64 minimum: 8 type: integer @@ -282,10 +289,12 @@ spec: by the cloud provider. type: string publicIP: - description: 'PublicIP specifies whether the instance should - get a public IP. Precedence for this setting is as follows: - 1. This field if set 2. Cluster/flavor setting 3. Subnet - default' + description: |- + PublicIP specifies whether the instance should get a public IP. + Precedence for this setting is as follows: + 1. This field if set + 2. Cluster/flavor setting + 3. Subnet default type: boolean rootVolume: description: RootVolume encapsulates the configuration options @@ -299,11 +308,10 @@ spec: encrypted or not. type: boolean encryptionKey: - description: EncryptionKey is the KMS key to use to encrypt - the volume. Can be either a KMS key ID or ARN. If Encrypted - is set and this is omitted, the default AWS key will - be used. The key must already exist and be accessible - by the controller. + description: |- + EncryptionKey is the KMS key to use to encrypt the volume. Can be either a KMS key ID or ARN. + If Encrypted is set and this is omitted, the default AWS key will be used. + The key must already exist and be accessible by the controller. type: string iops: description: IOPS is the number of IOPS requested for @@ -311,9 +319,9 @@ spec: format: int64 type: integer size: - description: Size specifies size (in Gi) of the storage - device. Must be greater than the image snapshot size - or 8 (whichever is greater). + description: |- + Size specifies size (in Gi) of the storage device. + Must be greater than the image snapshot size or 8 (whichever is greater). format: int64 minimum: 8 type: integer @@ -345,19 +353,20 @@ spec: SSH key name) type: string subnet: - description: Subnet is a reference to the subnet to use for - this instance. If not specified, the cluster subnet will - be used. + description: |- + Subnet is a reference to the subnet to use for this instance. If not specified, + the cluster subnet will be used. properties: arn: - description: 'ARN of resource. Deprecated: This field - has no function and is going to be removed in the next - release.' + description: |- + ARN of resource. + Deprecated: This field has no function and is going to be removed in the next release. type: string filters: - description: 'Filters is a set of key/value pairs used - to identify a resource They are applied according to - the rules defined by the AWS API: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Filtering.html' + description: |- + Filters is a set of key/value pairs used to identify a resource + They are applied according to the rules defined by the AWS API: + https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Filtering.html items: description: Filter is a filter used to identify an AWS resource. @@ -390,10 +399,10 @@ spec: - host type: string uncompressedUserData: - description: UncompressedUserData specify whether the user - data is gzip-compressed before it is sent to ec2 instance. - cloud-init has built-in support for gzip-compressed user - data user data stored in aws secret manager is always gzip-compressed. + description: |- + UncompressedUserData specify whether the user data is gzip-compressed before it is sent to ec2 instance. + cloud-init has built-in support for gzip-compressed user data + user data stored in aws secret manager is always gzip-compressed. type: boolean required: - instanceType @@ -414,9 +423,10 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Capacity defines the resource capacity for this machine. - This value is used for autoscaling from zero operations as defined - in: https://github.com/kubernetes-sigs/cluster-api/blob/main/docs/proposals/20210310-opt-in-autoscaling-from-zero.md' + description: |- + Capacity defines the resource capacity for this machine. + This value is used for autoscaling from zero operations as defined in: + https://github.com/kubernetes-sigs/cluster-api/blob/main/docs/proposals/20210310-opt-in-autoscaling-from-zero.md type: object type: object type: object @@ -429,14 +439,19 @@ spec: API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -448,24 +463,27 @@ spec: to create am AWSMachine from a template. properties: metadata: - description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + description: |- + Standard object's metadata. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata properties: annotations: additionalProperties: type: string - description: 'Annotations is an unstructured key value map - stored with a resource that may be set by external tools - to store and retrieve arbitrary metadata. They are not queryable - and should be preserved when modifying objects. More info: - http://kubernetes.io/docs/user-guide/annotations' + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations type: object labels: additionalProperties: type: string - description: 'Map of string keys and values that can be used - to organize and categorize (scope and select) objects. May - match selectors of replication controllers and services. - More info: http://kubernetes.io/docs/user-guide/labels' + description: |- + Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: http://kubernetes.io/docs/user-guide/labels type: object type: object spec: @@ -473,23 +491,22 @@ spec: of the machine. properties: additionalSecurityGroups: - description: AdditionalSecurityGroups is an array of references - to security groups that should be applied to the instance. - These security groups would be set in addition to any security - groups defined at the cluster level or in the actuator. - It is possible to specify either IDs of Filters. Using Filters - will cause additional requests to AWS API and if tags change - the attached security groups might change too. + description: |- + AdditionalSecurityGroups is an array of references to security groups that should be applied to the + instance. These security groups would be set in addition to any security groups defined + at the cluster level or in the actuator. It is possible to specify either IDs of Filters. Using Filters + will cause additional requests to AWS API and if tags change the attached security groups might change too. items: - description: AWSResourceReference is a reference to a specific - AWS resource by ID or filters. Only one of ID or Filters - may be specified. Specifying more than one will result - in a validation error. + description: |- + AWSResourceReference is a reference to a specific AWS resource by ID or filters. + Only one of ID or Filters may be specified. Specifying more than one will result in + a validation error. properties: filters: - description: 'Filters is a set of key/value pairs used - to identify a resource They are applied according - to the rules defined by the AWS API: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Filtering.html' + description: |- + Filters is a set of key/value pairs used to identify a resource + They are applied according to the rules defined by the AWS API: + https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Filtering.html items: description: Filter is a filter used to identify an AWS resource. @@ -517,11 +534,10 @@ spec: additionalTags: additionalProperties: type: string - description: AdditionalTags is an optional set of tags to - add to an instance, in addition to the ones added by default - by the AWS provider. If both the AWSCluster and the AWSMachine - specify the same tag name with different values, the AWSMachine's - value takes precedence. + description: |- + AdditionalTags is an optional set of tags to add to an instance, in addition to the ones added by default by the + AWS provider. If both the AWSCluster and the AWSMachine specify the same tag name with different values, the + AWSMachine's value takes precedence. type: object ami: description: AMI is the reference to the AMI from which to @@ -539,16 +555,16 @@ spec: type: string type: object cloudInit: - description: CloudInit defines options related to the bootstrapping - systems where CloudInit is used. + description: |- + CloudInit defines options related to the bootstrapping systems where + CloudInit is used. properties: insecureSkipSecretsManager: - description: InsecureSkipSecretsManager, when set to true - will not use AWS Secrets Manager or AWS Systems Manager - Parameter Store to ensure privacy of userdata. By default, - a cloud-init boothook shell script is prepended to download - the userdata from Secrets Manager and additionally delete - the secret. + description: |- + InsecureSkipSecretsManager, when set to true will not use AWS Secrets Manager + or AWS Systems Manager Parameter Store to ensure privacy of userdata. + By default, a cloud-init boothook shell script is prepended to download + the userdata from Secrets Manager and additionally delete the secret. type: boolean secretCount: description: SecretCount is the number of secrets used @@ -556,15 +572,16 @@ spec: format: int32 type: integer secretPrefix: - description: SecretPrefix is the prefix for the secret - name. This is stored temporarily, and deleted when the - machine registers as a node against the workload cluster. + description: |- + SecretPrefix is the prefix for the secret name. This is stored + temporarily, and deleted when the machine registers as a node against + the workload cluster. type: string secureSecretsBackend: - description: SecureSecretsBackend, when set to parameter-store - will utilize the AWS Systems Manager Parameter Storage - to distribute secrets. By default or with the value - of secrets-manager, will use AWS Secrets Manager instead. + description: |- + SecureSecretsBackend, when set to parameter-store will utilize the AWS Systems Manager + Parameter Storage to distribute secrets. By default or with the value of secrets-manager, + will use AWS Secrets Manager instead. enum: - secrets-manager - ssm-parameter-store @@ -579,33 +596,38 @@ spec: systems where Ignition is used. properties: proxy: - description: Proxy defines proxy settings for Ignition. + description: |- + Proxy defines proxy settings for Ignition. Only valid for Ignition versions 3.1 and above. properties: httpProxy: - description: HTTPProxy is the HTTP proxy to use for - Ignition. A single URL that specifies the proxy - server to use for HTTP and HTTPS requests, unless - overridden by the HTTPSProxy or NoProxy options. + description: |- + HTTPProxy is the HTTP proxy to use for Ignition. + A single URL that specifies the proxy server to use for HTTP and HTTPS requests, + unless overridden by the HTTPSProxy or NoProxy options. type: string httpsProxy: - description: HTTPSProxy is the HTTPS proxy to use - for Ignition. A single URL that specifies the proxy - server to use for HTTPS requests, unless overridden - by the NoProxy option. + description: |- + HTTPSProxy is the HTTPS proxy to use for Ignition. + A single URL that specifies the proxy server to use for HTTPS requests, + unless overridden by the NoProxy option. type: string noProxy: - description: "NoProxy is the list of domains to not - proxy for Ignition. Specifies a list of strings - to hosts that should be excluded from proxying. - \n Each value is represented by: - An IP address - prefix (1.2.3.4) - An IP address prefix in CIDR - notation (1.2.3.4/8) - A domain name - A domain - name matches that name and all subdomains - A domain - name with a leading . matches subdomains only - - A special DNS label (*), indicates that no proxying - should be done \n An IP address prefix and domain - name can also include a literal port number (1.2.3.4:80)." + description: |- + NoProxy is the list of domains to not proxy for Ignition. + Specifies a list of strings to hosts that should be excluded from proxying. + + + Each value is represented by: + - An IP address prefix (1.2.3.4) + - An IP address prefix in CIDR notation (1.2.3.4/8) + - A domain name + - A domain name matches that name and all subdomains + - A domain name with a leading . matches subdomains only + - A special DNS label (*), indicates that no proxying should be done + + + An IP address prefix and domain name can also include a literal port number (1.2.3.4:80). items: description: IgnitionNoProxy defines the list of domains to not proxy for Ignition. @@ -616,39 +638,38 @@ spec: type: object storageType: default: ClusterObjectStore - description: "StorageType defines how to store the boostrap - user data for Ignition. This can be used to instruct - Ignition from where to fetch the user data to bootstrap - an instance. \n When omitted, the storage option will - default to ClusterObjectStore. \n When set to \"ClusterObjectStore\", - if the capability is available and a Cluster ObjectStore - configuration is correctly provided in the Cluster object - (under .spec.s3Bucket), an object store will be used - to store bootstrap user data. \n When set to \"UnencryptedUserData\", - EC2 Instance User Data will be used to store the machine - bootstrap user data, unencrypted. This option is considered - less secure than others as user data may contain sensitive - informations (keys, certificates, etc.) and users with - ec2:DescribeInstances permission or users running pods - that can access the ec2 metadata service have access - to this sensitive information. So this is only to be - used at ones own risk, and only when other more secure - options are not viable." + description: |- + StorageType defines how to store the boostrap user data for Ignition. + This can be used to instruct Ignition from where to fetch the user data to bootstrap an instance. + + + When omitted, the storage option will default to ClusterObjectStore. + + + When set to "ClusterObjectStore", if the capability is available and a Cluster ObjectStore configuration + is correctly provided in the Cluster object (under .spec.s3Bucket), + an object store will be used to store bootstrap user data. + + + When set to "UnencryptedUserData", EC2 Instance User Data will be used to store the machine bootstrap user data, unencrypted. + This option is considered less secure than others as user data may contain sensitive informations (keys, certificates, etc.) + and users with ec2:DescribeInstances permission or users running pods + that can access the ec2 metadata service have access to this sensitive information. + So this is only to be used at ones own risk, and only when other more secure options are not viable. enum: - ClusterObjectStore - UnencryptedUserData type: string tls: - description: TLS defines TLS settings for Ignition. Only - valid for Ignition versions 3.1 and above. + description: |- + TLS defines TLS settings for Ignition. + Only valid for Ignition versions 3.1 and above. properties: certificateAuthorities: - description: CASources defines the list of certificate - authorities to use for Ignition. The value is the - certificate bundle (in PEM format). The bundle can - contain multiple concatenated certificates. Supported - schemes are http, https, tftp, s3, arn, gs, and - `data` (RFC 2397) URL scheme. + description: |- + CASources defines the list of certificate authorities to use for Ignition. + The value is the certificate bundle (in PEM format). The bundle can contain multiple concatenated certificates. + Supported schemes are http, https, tftp, s3, arn, gs, and `data` (RFC 2397) URL scheme. items: description: IgnitionCASource defines the source of the certificate authority to use for Ignition. @@ -671,22 +692,23 @@ spec: type: string type: object imageLookupBaseOS: - description: ImageLookupBaseOS is the name of the base operating - system to use for image lookup the AMI is not set. + description: |- + ImageLookupBaseOS is the name of the base operating system to use for + image lookup the AMI is not set. type: string imageLookupFormat: - description: 'ImageLookupFormat is the AMI naming format to - look up the image for this machine It will be ignored if - an explicit AMI is set. Supports substitutions for {{.BaseOS}} - and {{.K8sVersion}} with the base OS and kubernetes version, - respectively. The BaseOS will be the value in ImageLookupBaseOS - or ubuntu (the default), and the kubernetes version as defined - by the packages produced by kubernetes/release without v - as a prefix: 1.13.0, 1.12.5-mybuild.1, or 1.17.3. For example, - the default image format of capa-ami-{{.BaseOS}}-?{{.K8sVersion}}-* - will end up searching for AMIs that match the pattern capa-ami-ubuntu-?1.18.0-* - for a Machine that is targeting kubernetes v1.18.0 and the - ubuntu base OS. See also: https://golang.org/pkg/text/template/' + description: |- + ImageLookupFormat is the AMI naming format to look up the image for this + machine It will be ignored if an explicit AMI is set. Supports + substitutions for {{.BaseOS}} and {{.K8sVersion}} with the base OS and + kubernetes version, respectively. The BaseOS will be the value in + ImageLookupBaseOS or ubuntu (the default), and the kubernetes version as + defined by the packages produced by kubernetes/release without v as a + prefix: 1.13.0, 1.12.5-mybuild.1, or 1.17.3. For example, the default + image format of capa-ami-{{.BaseOS}}-?{{.K8sVersion}}-* will end up + searching for AMIs that match the pattern capa-ami-ubuntu-?1.18.0-* for a + Machine that is targeting kubernetes v1.18.0 and the ubuntu base OS. See + also: https://golang.org/pkg/text/template/ type: string imageLookupOrg: description: ImageLookupOrg is the AWS Organization ID to @@ -701,51 +723,64 @@ spec: properties: httpEndpoint: default: enabled - description: "Enables or disables the HTTP metadata endpoint - on your instances. \n If you specify a value of disabled, - you cannot access your instance metadata. \n Default: - enabled" + description: |- + Enables or disables the HTTP metadata endpoint on your instances. + + + If you specify a value of disabled, you cannot access your instance metadata. + + + Default: enabled enum: - enabled - disabled type: string httpPutResponseHopLimit: default: 1 - description: "The desired HTTP PUT response hop limit - for instance metadata requests. The larger the number, - the further instance metadata requests can travel. \n - Default: 1" + description: |- + The desired HTTP PUT response hop limit for instance metadata requests. The + larger the number, the further instance metadata requests can travel. + + + Default: 1 format: int64 maximum: 64 minimum: 1 type: integer httpTokens: default: optional - description: "The state of token usage for your instance - metadata requests. \n If the state is optional, you - can choose to retrieve instance metadata with or without - a session token on your request. If you retrieve the - IAM role credentials without a token, the version 1.0 - role credentials are returned. If you retrieve the IAM - role credentials using a valid session token, the version - 2.0 role credentials are returned. \n If the state is - required, you must send a session token with any instance - metadata retrieval requests. In this state, retrieving - the IAM role credentials always returns the version - 2.0 credentials; the version 1.0 credentials are not - available. \n Default: optional" + description: |- + The state of token usage for your instance metadata requests. + + + If the state is optional, you can choose to retrieve instance metadata with + or without a session token on your request. If you retrieve the IAM role + credentials without a token, the version 1.0 role credentials are returned. + If you retrieve the IAM role credentials using a valid session token, the + version 2.0 role credentials are returned. + + + If the state is required, you must send a session token with any instance + metadata retrieval requests. In this state, retrieving the IAM role credentials + always returns the version 2.0 credentials; the version 1.0 credentials are + not available. + + + Default: optional enum: - optional - required type: string instanceMetadataTags: default: disabled - description: "Set to enabled to allow access to instance - tags from the instance metadata. Set to disabled to - turn off access to instance tags from the instance metadata. - For more information, see Work with instance tags using - the instance metadata (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#work-with-tags-in-IMDS). - \n Default: disabled" + description: |- + Set to enabled to allow access to instance tags from the instance metadata. + Set to disabled to turn off access to instance tags from the instance metadata. + For more information, see Work with instance tags using the instance metadata + (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#work-with-tags-in-IMDS). + + + Default: disabled enum: - enabled - disabled @@ -757,8 +792,9 @@ spec: minLength: 2 type: string networkInterfaces: - description: NetworkInterfaces is a list of ENIs to associate - with the instance. A maximum of 2 may be specified. + description: |- + NetworkInterfaces is a list of ENIs to associate with the instance. + A maximum of 2 may be specified. items: type: string maxItems: 2 @@ -778,11 +814,10 @@ spec: be encrypted or not. type: boolean encryptionKey: - description: EncryptionKey is the KMS key to use to - encrypt the volume. Can be either a KMS key ID or - ARN. If Encrypted is set and this is omitted, the - default AWS key will be used. The key must already - exist and be accessible by the controller. + description: |- + EncryptionKey is the KMS key to use to encrypt the volume. Can be either a KMS key ID or ARN. + If Encrypted is set and this is omitted, the default AWS key will be used. + The key must already exist and be accessible by the controller. type: string iops: description: IOPS is the number of IOPS requested for @@ -790,9 +825,9 @@ spec: format: int64 type: integer size: - description: Size specifies size (in Gi) of the storage - device. Must be greater than the image snapshot size - or 8 (whichever is greater). + description: |- + Size specifies size (in Gi) of the storage device. + Must be greater than the image snapshot size or 8 (whichever is greater). format: int64 minimum: 8 type: integer @@ -814,11 +849,10 @@ spec: placement group in which to launch the instance. type: string placementGroupPartition: - description: PlacementGroupPartition is the partition number - within the placement group in which to launch the instance. - This value is only valid if the placement group, referred - in `PlacementGroupName`, was created with strategy set to - partition. + description: |- + PlacementGroupPartition is the partition number within the placement group in which to launch the instance. + This value is only valid if the placement group, referred in `PlacementGroupName`, was created with + strategy set to partition. format: int64 maximum: 7 minimum: 1 @@ -849,10 +883,12 @@ spec: by the cloud provider. type: string publicIP: - description: 'PublicIP specifies whether the instance should - get a public IP. Precedence for this setting is as follows: - 1. This field if set 2. Cluster/flavor setting 3. Subnet - default' + description: |- + PublicIP specifies whether the instance should get a public IP. + Precedence for this setting is as follows: + 1. This field if set + 2. Cluster/flavor setting + 3. Subnet default type: boolean rootVolume: description: RootVolume encapsulates the configuration options @@ -866,11 +902,10 @@ spec: encrypted or not. type: boolean encryptionKey: - description: EncryptionKey is the KMS key to use to encrypt - the volume. Can be either a KMS key ID or ARN. If Encrypted - is set and this is omitted, the default AWS key will - be used. The key must already exist and be accessible - by the controller. + description: |- + EncryptionKey is the KMS key to use to encrypt the volume. Can be either a KMS key ID or ARN. + If Encrypted is set and this is omitted, the default AWS key will be used. + The key must already exist and be accessible by the controller. type: string iops: description: IOPS is the number of IOPS requested for @@ -878,9 +913,9 @@ spec: format: int64 type: integer size: - description: Size specifies size (in Gi) of the storage - device. Must be greater than the image snapshot size - or 8 (whichever is greater). + description: |- + Size specifies size (in Gi) of the storage device. + Must be greater than the image snapshot size or 8 (whichever is greater). format: int64 minimum: 8 type: integer @@ -899,10 +934,9 @@ spec: securityGroupOverrides: additionalProperties: type: string - description: SecurityGroupOverrides is an optional set of - security groups to use for the node. This is optional - - if not provided security groups from the cluster will be - used. + description: |- + SecurityGroupOverrides is an optional set of security groups to use for the node. + This is optional - if not provided security groups from the cluster will be used. type: object spotMarketOptions: description: SpotMarketOptions allows users to configure instances @@ -920,14 +954,15 @@ spec: SSH key name) type: string subnet: - description: Subnet is a reference to the subnet to use for - this instance. If not specified, the cluster subnet will - be used. + description: |- + Subnet is a reference to the subnet to use for this instance. If not specified, + the cluster subnet will be used. properties: filters: - description: 'Filters is a set of key/value pairs used - to identify a resource They are applied according to - the rules defined by the AWS API: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Filtering.html' + description: |- + Filters is a set of key/value pairs used to identify a resource + They are applied according to the rules defined by the AWS API: + https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Filtering.html items: description: Filter is a filter used to identify an AWS resource. @@ -960,10 +995,10 @@ spec: - host type: string uncompressedUserData: - description: UncompressedUserData specify whether the user - data is gzip-compressed before it is sent to ec2 instance. - cloud-init has built-in support for gzip-compressed user - data user data stored in aws secret manager is always gzip-compressed. + description: |- + UncompressedUserData specify whether the user data is gzip-compressed before it is sent to ec2 instance. + cloud-init has built-in support for gzip-compressed user data + user data stored in aws secret manager is always gzip-compressed. type: boolean required: - instanceType @@ -984,9 +1019,10 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Capacity defines the resource capacity for this machine. - This value is used for autoscaling from zero operations as defined - in: https://github.com/kubernetes-sigs/cluster-api/blob/main/docs/proposals/20210310-opt-in-autoscaling-from-zero.md' + description: |- + Capacity defines the resource capacity for this machine. + This value is used for autoscaling from zero operations as defined in: + https://github.com/kubernetes-sigs/cluster-api/blob/main/docs/proposals/20210310-opt-in-autoscaling-from-zero.md type: object type: object type: object diff --git a/config/crd/bases/infrastructure.cluster.x-k8s.io_awsmanagedclusters.yaml b/config/crd/bases/infrastructure.cluster.x-k8s.io_awsmanagedclusters.yaml index ec464772b7..aea8369f91 100644 --- a/config/crd/bases/infrastructure.cluster.x-k8s.io_awsmanagedclusters.yaml +++ b/config/crd/bases/infrastructure.cluster.x-k8s.io_awsmanagedclusters.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: awsmanagedclusters.infrastructure.cluster.x-k8s.io spec: group: infrastructure.cluster.x-k8s.io @@ -38,14 +38,19 @@ spec: description: AWSManagedCluster is the Schema for the awsmanagedclusters API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -73,9 +78,9 @@ spec: properties: failureDomains: additionalProperties: - description: FailureDomainSpec is the Schema for Cluster API failure - domains. It allows controllers to understand how many failure - domains a cluster can optionally span across. + description: |- + FailureDomainSpec is the Schema for Cluster API failure domains. + It allows controllers to understand how many failure domains a cluster can optionally span across. properties: attributes: additionalProperties: diff --git a/config/crd/bases/infrastructure.cluster.x-k8s.io_awsmanagedmachinepools.yaml b/config/crd/bases/infrastructure.cluster.x-k8s.io_awsmanagedmachinepools.yaml index aa6fec1755..1914b742c8 100644 --- a/config/crd/bases/infrastructure.cluster.x-k8s.io_awsmanagedmachinepools.yaml +++ b/config/crd/bases/infrastructure.cluster.x-k8s.io_awsmanagedmachinepools.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: awsmanagedmachinepools.infrastructure.cluster.x-k8s.io spec: group: infrastructure.cluster.x-k8s.io @@ -34,14 +34,19 @@ spec: API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -51,9 +56,9 @@ spec: additionalTags: additionalProperties: type: string - description: AdditionalTags is an optional set of tags to add to AWS - resources managed by the AWS provider, in addition to the ones added - by default. + description: |- + AdditionalTags is an optional set of tags to add to AWS resources managed by the AWS provider, in addition to the + ones added by default. type: object amiType: default: AL2_x86_64 @@ -65,9 +70,10 @@ spec: - CUSTOM type: string amiVersion: - description: AMIVersion defines the desired AMI release version. If - no version number is supplied then the latest version for the Kubernetes - version will be used + description: |- + AMIVersion defines the desired AMI release version. If no version number + is supplied then the latest version for the Kubernetes version + will be used minLength: 2 type: string availabilityZones: @@ -77,26 +83,27 @@ spec: type: string type: array awsLaunchTemplate: - description: AWSLaunchTemplate specifies the launch template to use - to create the managed node group. If AWSLaunchTemplate is specified, - certain node group configuraions outside of launch template are - prohibited (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html). + description: |- + AWSLaunchTemplate specifies the launch template to use to create the managed node group. + If AWSLaunchTemplate is specified, certain node group configuraions outside of launch template + are prohibited (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html). properties: additionalSecurityGroups: - description: AdditionalSecurityGroups is an array of references - to security groups that should be applied to the instances. - These security groups would be set in addition to any security - groups defined at the cluster level or in the actuator. + description: |- + AdditionalSecurityGroups is an array of references to security groups that should be applied to the + instances. These security groups would be set in addition to any security groups defined + at the cluster level or in the actuator. items: - description: AWSResourceReference is a reference to a specific - AWS resource by ID or filters. Only one of ID or Filters may - be specified. Specifying more than one will result in a validation - error. + description: |- + AWSResourceReference is a reference to a specific AWS resource by ID or filters. + Only one of ID or Filters may be specified. Specifying more than one will result in + a validation error. properties: filters: - description: 'Filters is a set of key/value pairs used to - identify a resource They are applied according to the - rules defined by the AWS API: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Filtering.html' + description: |- + Filters is a set of key/value pairs used to identify a resource + They are applied according to the rules defined by the AWS API: + https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Filtering.html items: description: Filter is a filter used to identify an AWS resource. @@ -137,26 +144,29 @@ spec: type: string type: object iamInstanceProfile: - description: The name or the Amazon Resource Name (ARN) of the - instance profile associated with the IAM role for the instance. - The instance profile contains the IAM role. + description: |- + The name or the Amazon Resource Name (ARN) of the instance profile associated + with the IAM role for the instance. The instance profile contains the IAM + role. type: string imageLookupBaseOS: - description: ImageLookupBaseOS is the name of the base operating - system to use for image lookup the AMI is not set. + description: |- + ImageLookupBaseOS is the name of the base operating system to use for + image lookup the AMI is not set. type: string imageLookupFormat: - description: 'ImageLookupFormat is the AMI naming format to look - up the image for this machine It will be ignored if an explicit - AMI is set. Supports substitutions for {{.BaseOS}} and {{.K8sVersion}} - with the base OS and kubernetes version, respectively. The BaseOS - will be the value in ImageLookupBaseOS or ubuntu (the default), - and the kubernetes version as defined by the packages produced - by kubernetes/release without v as a prefix: 1.13.0, 1.12.5-mybuild.1, - or 1.17.3. For example, the default image format of capa-ami-{{.BaseOS}}-?{{.K8sVersion}}-* - will end up searching for AMIs that match the pattern capa-ami-ubuntu-?1.18.0-* - for a Machine that is targeting kubernetes v1.18.0 and the ubuntu - base OS. See also: https://golang.org/pkg/text/template/' + description: |- + ImageLookupFormat is the AMI naming format to look up the image for this + machine It will be ignored if an explicit AMI is set. Supports + substitutions for {{.BaseOS}} and {{.K8sVersion}} with the base OS and + kubernetes version, respectively. The BaseOS will be the value in + ImageLookupBaseOS or ubuntu (the default), and the kubernetes version as + defined by the packages produced by kubernetes/release without v as a + prefix: 1.13.0, 1.12.5-mybuild.1, or 1.17.3. For example, the default + image format of capa-ami-{{.BaseOS}}-?{{.K8sVersion}}-* will end up + searching for AMIs that match the pattern capa-ami-ubuntu-?1.18.0-* for a + Machine that is targeting kubernetes v1.18.0 and the ubuntu base OS. See + also: https://golang.org/pkg/text/template/ type: string imageLookupOrg: description: ImageLookupOrg is the AWS Organization ID to use @@ -181,11 +191,10 @@ spec: or not. type: boolean encryptionKey: - description: EncryptionKey is the KMS key to use to encrypt - the volume. Can be either a KMS key ID or ARN. If Encrypted - is set and this is omitted, the default AWS key will be - used. The key must already exist and be accessible by the - controller. + description: |- + EncryptionKey is the KMS key to use to encrypt the volume. Can be either a KMS key ID or ARN. + If Encrypted is set and this is omitted, the default AWS key will be used. + The key must already exist and be accessible by the controller. type: string iops: description: IOPS is the number of IOPS requested for the @@ -193,9 +202,9 @@ spec: format: int64 type: integer size: - description: Size specifies size (in Gi) of the storage device. - Must be greater than the image snapshot size or 8 (whichever - is greater). + description: |- + Size specifies size (in Gi) of the storage device. + Must be greater than the image snapshot size or 8 (whichever is greater). format: int64 minimum: 8 type: integer @@ -221,17 +230,17 @@ spec: type: string type: object sshKeyName: - description: SSHKeyName is the name of the ssh key to attach to - the instance. Valid values are empty string (do not use SSH - keys), a valid SSH key name, or omitted (use the default SSH - key name) + description: |- + SSHKeyName is the name of the ssh key to attach to the instance. Valid values are empty string + (do not use SSH keys), a valid SSH key name, or omitted (use the default SSH key name) type: string versionNumber: - description: 'VersionNumber is the version of the launch template - that is applied. Typically a new version is created when at - least one of the following happens: 1) A new launch template - spec is applied. 2) One or more parameters in an existing template - is changed. 3) A new AMI is discovered.' + description: |- + VersionNumber is the version of the launch template that is applied. + Typically a new version is created when at least one of the following happens: + 1) A new launch template spec is applied. + 2) One or more parameters in an existing template is changed. + 3) A new AMI is discovered. format: int64 type: integer type: object @@ -248,10 +257,11 @@ spec: format: int32 type: integer eksNodegroupName: - description: EKSNodegroupName specifies the name of the nodegroup - in AWS corresponding to this MachinePool. If you don't specify a - name then a default name will be created based on the namespace - and name of the managed machine pool. + description: |- + EKSNodegroupName specifies the name of the nodegroup in AWS + corresponding to this MachinePool. If you don't specify a name + then a default name will be created based on the namespace and + name of the managed machine pool. type: string instanceType: description: InstanceType specifies the AWS instance type @@ -262,9 +272,10 @@ spec: description: Labels specifies labels for the Kubernetes node objects type: object providerIDList: - description: ProviderIDList are the provider IDs of instances in the - autoscaling group corresponding to the nodegroup represented by - this machine pool + description: |- + ProviderIDList are the provider IDs of instances in the + autoscaling group corresponding to the nodegroup represented by this + machine pool items: type: string type: array @@ -282,23 +293,25 @@ spec: type: string type: array sshKeyName: - description: SSHKeyName specifies which EC2 SSH key can be used - to access machines. If left empty, the key from the control - plane is used. + description: |- + SSHKeyName specifies which EC2 SSH key can be used to access machines. + If left empty, the key from the control plane is used. type: string type: object roleAdditionalPolicies: - description: RoleAdditionalPolicies allows you to attach additional - polices to the node group role. You must enable the EKSAllowAddRoles + description: |- + RoleAdditionalPolicies allows you to attach additional polices to + the node group role. You must enable the EKSAllowAddRoles feature flag to incorporate these into the created role. items: type: string type: array roleName: - description: RoleName specifies the name of IAM role for the node - group. If the role is pre-existing we will treat it as unmanaged - and not delete it on deletion. If the EKSEnableIAM feature flag - is true and no name is supplied then a role is created. + description: |- + RoleName specifies the name of IAM role for the node group. + If the role is pre-existing we will treat it as unmanaged + and not delete it on deletion. If the EKSEnableIAM feature + flag is true and no name is supplied then a role is created. type: string scaling: description: Scaling specifies scaling for the ASG behind this pool @@ -311,8 +324,9 @@ spec: type: integer type: object subnetIDs: - description: SubnetIDs specifies which subnets are used for the auto - scaling group of this nodegroup + description: |- + SubnetIDs specifies which subnets are used for the + auto scaling group of this nodegroup items: type: string type: array @@ -342,20 +356,21 @@ spec: type: object type: array updateConfig: - description: UpdateConfig holds the optional config to control the - behaviour of the update to the nodegroup. + description: |- + UpdateConfig holds the optional config to control the behaviour of the update + to the nodegroup. properties: maxUnavailable: - description: MaxUnavailable is the maximum number of nodes unavailable - at once during a version update. Nodes will be updated in parallel. - The maximum number is 100. + description: |- + MaxUnavailable is the maximum number of nodes unavailable at once during a version update. + Nodes will be updated in parallel. The maximum number is 100. maximum: 100 minimum: 1 type: integer maxUnavailablePrecentage: - description: MaxUnavailablePercentage is the maximum percentage - of nodes unavailable during a version update. This percentage - of nodes will be updated in parallel, up to 100 nodes at once. + description: |- + MaxUnavailablePercentage is the maximum percentage of nodes unavailable during a version update. This + percentage of nodes will be updated in parallel, up to 100 nodes at once. maximum: 100 minimum: 1 type: integer @@ -373,37 +388,37 @@ spec: operational state. properties: lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. + description: |- + Last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when + the API field changed is acceptable. format: date-time type: string message: - description: A human readable message indicating details about - the transition. This field may be empty. + description: |- + A human readable message indicating details about the transition. + This field may be empty. type: string reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. + description: |- + The reason for the condition's last transition in CamelCase. + The specific API may choose whether or not this field is considered a guaranteed API. + This field may not be empty. type: string severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. + description: |- + Severity provides an explicit classification of Reason code, so the users or machines can immediately + understand the current situation and act accordingly. + The Severity field MUST be set only when Status=False. type: string status: description: Status of the condition, one of True, False, Unknown. type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions + can be useful (see .node.status.conditions), the ability to deconflict is important. type: string required: - lastTransitionTime @@ -412,36 +427,46 @@ spec: type: object type: array failureMessage: - description: "FailureMessage will be set in the event that there is - a terminal problem reconciling the MachinePool and will contain - a more verbose string suitable for logging and human consumption. - \n This field should not be set for transitive errors that a controller - faces that are expected to be fixed automatically over time (like - service outages), but instead indicate that something is fundamentally - wrong with the MachinePool's spec or the configuration of the controller, - and that manual intervention is required. Examples of terminal errors - would be invalid combinations of settings in the spec, values that - are unsupported by the controller, or the responsible controller - itself being critically misconfigured. \n Any transient errors that - occur during the reconciliation of MachinePools can be added as - events to the MachinePool object and/or logged in the controller's - output." + description: |- + FailureMessage will be set in the event that there is a terminal problem + reconciling the MachinePool and will contain a more verbose string suitable + for logging and human consumption. + + + This field should not be set for transitive errors that a controller + faces that are expected to be fixed automatically over + time (like service outages), but instead indicate that something is + fundamentally wrong with the MachinePool's spec or the configuration of + the controller, and that manual intervention is required. Examples + of terminal errors would be invalid combinations of settings in the + spec, values that are unsupported by the controller, or the + responsible controller itself being critically misconfigured. + + + Any transient errors that occur during the reconciliation of MachinePools + can be added as events to the MachinePool object and/or logged in the + controller's output. type: string failureReason: - description: "FailureReason will be set in the event that there is - a terminal problem reconciling the MachinePool and will contain - a succinct value suitable for machine interpretation. \n This field - should not be set for transitive errors that a controller faces - that are expected to be fixed automatically over time (like service - outages), but instead indicate that something is fundamentally wrong - with the Machine's spec or the configuration of the controller, - and that manual intervention is required. Examples of terminal errors - would be invalid combinations of settings in the spec, values that - are unsupported by the controller, or the responsible controller - itself being critically misconfigured. \n Any transient errors that - occur during the reconciliation of MachinePools can be added as - events to the MachinePool object and/or logged in the controller's - output." + description: |- + FailureReason will be set in the event that there is a terminal problem + reconciling the MachinePool and will contain a succinct value suitable + for machine interpretation. + + + This field should not be set for transitive errors that a controller + faces that are expected to be fixed automatically over + time (like service outages), but instead indicate that something is + fundamentally wrong with the Machine's spec or the configuration of + the controller, and that manual intervention is required. Examples + of terminal errors would be invalid combinations of settings in the + spec, values that are unsupported by the controller, or the + responsible controller itself being critically misconfigured. + + + Any transient errors that occur during the reconciliation of MachinePools + can be added as events to the MachinePool object and/or logged in the + controller's output. type: string launchTemplateID: description: The ID of the launch template @@ -451,8 +476,9 @@ spec: type: string ready: default: false - description: Ready denotes that the AWSManagedMachinePool nodegroup - has joined the cluster + description: |- + Ready denotes that the AWSManagedMachinePool nodegroup has joined + the cluster type: boolean replicas: description: Replicas is the most recently observed number of replicas. @@ -482,14 +508,19 @@ spec: API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -499,9 +530,9 @@ spec: additionalTags: additionalProperties: type: string - description: AdditionalTags is an optional set of tags to add to AWS - resources managed by the AWS provider, in addition to the ones added - by default. + description: |- + AdditionalTags is an optional set of tags to add to AWS resources managed by the AWS provider, in addition to the + ones added by default. type: object amiType: default: AL2_x86_64 @@ -513,9 +544,10 @@ spec: - CUSTOM type: string amiVersion: - description: AMIVersion defines the desired AMI release version. If - no version number is supplied then the latest version for the Kubernetes - version will be used + description: |- + AMIVersion defines the desired AMI release version. If no version number + is supplied then the latest version for the Kubernetes version + will be used minLength: 2 type: string availabilityZoneSubnetType: @@ -533,26 +565,27 @@ spec: type: string type: array awsLaunchTemplate: - description: AWSLaunchTemplate specifies the launch template to use - to create the managed node group. If AWSLaunchTemplate is specified, - certain node group configuraions outside of launch template are - prohibited (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html). + description: |- + AWSLaunchTemplate specifies the launch template to use to create the managed node group. + If AWSLaunchTemplate is specified, certain node group configuraions outside of launch template + are prohibited (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html). properties: additionalSecurityGroups: - description: AdditionalSecurityGroups is an array of references - to security groups that should be applied to the instances. - These security groups would be set in addition to any security - groups defined at the cluster level or in the actuator. + description: |- + AdditionalSecurityGroups is an array of references to security groups that should be applied to the + instances. These security groups would be set in addition to any security groups defined + at the cluster level or in the actuator. items: - description: AWSResourceReference is a reference to a specific - AWS resource by ID or filters. Only one of ID or Filters may - be specified. Specifying more than one will result in a validation - error. + description: |- + AWSResourceReference is a reference to a specific AWS resource by ID or filters. + Only one of ID or Filters may be specified. Specifying more than one will result in + a validation error. properties: filters: - description: 'Filters is a set of key/value pairs used to - identify a resource They are applied according to the - rules defined by the AWS API: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Filtering.html' + description: |- + Filters is a set of key/value pairs used to identify a resource + They are applied according to the rules defined by the AWS API: + https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Filtering.html items: description: Filter is a filter used to identify an AWS resource. @@ -593,26 +626,29 @@ spec: type: string type: object iamInstanceProfile: - description: The name or the Amazon Resource Name (ARN) of the - instance profile associated with the IAM role for the instance. - The instance profile contains the IAM role. + description: |- + The name or the Amazon Resource Name (ARN) of the instance profile associated + with the IAM role for the instance. The instance profile contains the IAM + role. type: string imageLookupBaseOS: - description: ImageLookupBaseOS is the name of the base operating - system to use for image lookup the AMI is not set. + description: |- + ImageLookupBaseOS is the name of the base operating system to use for + image lookup the AMI is not set. type: string imageLookupFormat: - description: 'ImageLookupFormat is the AMI naming format to look - up the image for this machine It will be ignored if an explicit - AMI is set. Supports substitutions for {{.BaseOS}} and {{.K8sVersion}} - with the base OS and kubernetes version, respectively. The BaseOS - will be the value in ImageLookupBaseOS or ubuntu (the default), - and the kubernetes version as defined by the packages produced - by kubernetes/release without v as a prefix: 1.13.0, 1.12.5-mybuild.1, - or 1.17.3. For example, the default image format of capa-ami-{{.BaseOS}}-?{{.K8sVersion}}-* - will end up searching for AMIs that match the pattern capa-ami-ubuntu-?1.18.0-* - for a Machine that is targeting kubernetes v1.18.0 and the ubuntu - base OS. See also: https://golang.org/pkg/text/template/' + description: |- + ImageLookupFormat is the AMI naming format to look up the image for this + machine It will be ignored if an explicit AMI is set. Supports + substitutions for {{.BaseOS}} and {{.K8sVersion}} with the base OS and + kubernetes version, respectively. The BaseOS will be the value in + ImageLookupBaseOS or ubuntu (the default), and the kubernetes version as + defined by the packages produced by kubernetes/release without v as a + prefix: 1.13.0, 1.12.5-mybuild.1, or 1.17.3. For example, the default + image format of capa-ami-{{.BaseOS}}-?{{.K8sVersion}}-* will end up + searching for AMIs that match the pattern capa-ami-ubuntu-?1.18.0-* for a + Machine that is targeting kubernetes v1.18.0 and the ubuntu base OS. See + also: https://golang.org/pkg/text/template/ type: string imageLookupOrg: description: ImageLookupOrg is the AWS Organization ID to use @@ -624,48 +660,64 @@ spec: properties: httpEndpoint: default: enabled - description: "Enables or disables the HTTP metadata endpoint - on your instances. \n If you specify a value of disabled, - you cannot access your instance metadata. \n Default: enabled" + description: |- + Enables or disables the HTTP metadata endpoint on your instances. + + + If you specify a value of disabled, you cannot access your instance metadata. + + + Default: enabled enum: - enabled - disabled type: string httpPutResponseHopLimit: default: 1 - description: "The desired HTTP PUT response hop limit for - instance metadata requests. The larger the number, the further - instance metadata requests can travel. \n Default: 1" + description: |- + The desired HTTP PUT response hop limit for instance metadata requests. The + larger the number, the further instance metadata requests can travel. + + + Default: 1 format: int64 maximum: 64 minimum: 1 type: integer httpTokens: default: optional - description: "The state of token usage for your instance metadata - requests. \n If the state is optional, you can choose to - retrieve instance metadata with or without a session token - on your request. If you retrieve the IAM role credentials - without a token, the version 1.0 role credentials are returned. - If you retrieve the IAM role credentials using a valid session - token, the version 2.0 role credentials are returned. \n - If the state is required, you must send a session token - with any instance metadata retrieval requests. In this state, - retrieving the IAM role credentials always returns the version - 2.0 credentials; the version 1.0 credentials are not available. - \n Default: optional" + description: |- + The state of token usage for your instance metadata requests. + + + If the state is optional, you can choose to retrieve instance metadata with + or without a session token on your request. If you retrieve the IAM role + credentials without a token, the version 1.0 role credentials are returned. + If you retrieve the IAM role credentials using a valid session token, the + version 2.0 role credentials are returned. + + + If the state is required, you must send a session token with any instance + metadata retrieval requests. In this state, retrieving the IAM role credentials + always returns the version 2.0 credentials; the version 1.0 credentials are + not available. + + + Default: optional enum: - optional - required type: string instanceMetadataTags: default: disabled - description: "Set to enabled to allow access to instance tags - from the instance metadata. Set to disabled to turn off - access to instance tags from the instance metadata. For - more information, see Work with instance tags using the - instance metadata (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#work-with-tags-in-IMDS). - \n Default: disabled" + description: |- + Set to enabled to allow access to instance tags from the instance metadata. + Set to disabled to turn off access to instance tags from the instance metadata. + For more information, see Work with instance tags using the instance metadata + (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#work-with-tags-in-IMDS). + + + Default: disabled enum: - enabled - disabled @@ -710,11 +762,10 @@ spec: or not. type: boolean encryptionKey: - description: EncryptionKey is the KMS key to use to encrypt - the volume. Can be either a KMS key ID or ARN. If Encrypted - is set and this is omitted, the default AWS key will be - used. The key must already exist and be accessible by the - controller. + description: |- + EncryptionKey is the KMS key to use to encrypt the volume. Can be either a KMS key ID or ARN. + If Encrypted is set and this is omitted, the default AWS key will be used. + The key must already exist and be accessible by the controller. type: string iops: description: IOPS is the number of IOPS requested for the @@ -722,9 +773,9 @@ spec: format: int64 type: integer size: - description: Size specifies size (in Gi) of the storage device. - Must be greater than the image snapshot size or 8 (whichever - is greater). + description: |- + Size specifies size (in Gi) of the storage device. + Must be greater than the image snapshot size or 8 (whichever is greater). format: int64 minimum: 8 type: integer @@ -750,17 +801,17 @@ spec: type: string type: object sshKeyName: - description: SSHKeyName is the name of the ssh key to attach to - the instance. Valid values are empty string (do not use SSH - keys), a valid SSH key name, or omitted (use the default SSH - key name) + description: |- + SSHKeyName is the name of the ssh key to attach to the instance. Valid values are empty string + (do not use SSH keys), a valid SSH key name, or omitted (use the default SSH key name) type: string versionNumber: - description: 'VersionNumber is the version of the launch template - that is applied. Typically a new version is created when at - least one of the following happens: 1) A new launch template - spec is applied. 2) One or more parameters in an existing template - is changed. 3) A new AMI is discovered.' + description: |- + VersionNumber is the version of the launch template that is applied. + Typically a new version is created when at least one of the following happens: + 1) A new launch template spec is applied. + 2) One or more parameters in an existing template is changed. + 3) A new AMI is discovered. format: int64 type: integer type: object @@ -777,10 +828,11 @@ spec: format: int32 type: integer eksNodegroupName: - description: EKSNodegroupName specifies the name of the nodegroup - in AWS corresponding to this MachinePool. If you don't specify a - name then a default name will be created based on the namespace - and name of the managed machine pool. + description: |- + EKSNodegroupName specifies the name of the nodegroup in AWS + corresponding to this MachinePool. If you don't specify a name + then a default name will be created based on the namespace and + name of the managed machine pool. type: string instanceType: description: InstanceType specifies the AWS instance type @@ -791,9 +843,10 @@ spec: description: Labels specifies labels for the Kubernetes node objects type: object providerIDList: - description: ProviderIDList are the provider IDs of instances in the - autoscaling group corresponding to the nodegroup represented by - this machine pool + description: |- + ProviderIDList are the provider IDs of instances in the + autoscaling group corresponding to the nodegroup represented by this + machine pool items: type: string type: array @@ -811,23 +864,25 @@ spec: type: string type: array sshKeyName: - description: SSHKeyName specifies which EC2 SSH key can be used - to access machines. If left empty, the key from the control - plane is used. + description: |- + SSHKeyName specifies which EC2 SSH key can be used to access machines. + If left empty, the key from the control plane is used. type: string type: object roleAdditionalPolicies: - description: RoleAdditionalPolicies allows you to attach additional - polices to the node group role. You must enable the EKSAllowAddRoles + description: |- + RoleAdditionalPolicies allows you to attach additional polices to + the node group role. You must enable the EKSAllowAddRoles feature flag to incorporate these into the created role. items: type: string type: array roleName: - description: RoleName specifies the name of IAM role for the node - group. If the role is pre-existing we will treat it as unmanaged - and not delete it on deletion. If the EKSEnableIAM feature flag - is true and no name is supplied then a role is created. + description: |- + RoleName specifies the name of IAM role for the node group. + If the role is pre-existing we will treat it as unmanaged + and not delete it on deletion. If the EKSEnableIAM feature + flag is true and no name is supplied then a role is created. type: string scaling: description: Scaling specifies scaling for the ASG behind this pool @@ -840,8 +895,9 @@ spec: type: integer type: object subnetIDs: - description: SubnetIDs specifies which subnets are used for the auto - scaling group of this nodegroup + description: |- + SubnetIDs specifies which subnets are used for the + auto scaling group of this nodegroup items: type: string type: array @@ -871,20 +927,21 @@ spec: type: object type: array updateConfig: - description: UpdateConfig holds the optional config to control the - behaviour of the update to the nodegroup. + description: |- + UpdateConfig holds the optional config to control the behaviour of the update + to the nodegroup. properties: maxUnavailable: - description: MaxUnavailable is the maximum number of nodes unavailable - at once during a version update. Nodes will be updated in parallel. - The maximum number is 100. + description: |- + MaxUnavailable is the maximum number of nodes unavailable at once during a version update. + Nodes will be updated in parallel. The maximum number is 100. maximum: 100 minimum: 1 type: integer maxUnavailablePercentage: - description: MaxUnavailablePercentage is the maximum percentage - of nodes unavailable during a version update. This percentage - of nodes will be updated in parallel, up to 100 nodes at once. + description: |- + MaxUnavailablePercentage is the maximum percentage of nodes unavailable during a version update. This + percentage of nodes will be updated in parallel, up to 100 nodes at once. maximum: 100 minimum: 1 type: integer @@ -902,37 +959,37 @@ spec: operational state. properties: lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. + description: |- + Last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when + the API field changed is acceptable. format: date-time type: string message: - description: A human readable message indicating details about - the transition. This field may be empty. + description: |- + A human readable message indicating details about the transition. + This field may be empty. type: string reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. + description: |- + The reason for the condition's last transition in CamelCase. + The specific API may choose whether or not this field is considered a guaranteed API. + This field may not be empty. type: string severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. + description: |- + Severity provides an explicit classification of Reason code, so the users or machines can immediately + understand the current situation and act accordingly. + The Severity field MUST be set only when Status=False. type: string status: description: Status of the condition, one of True, False, Unknown. type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions + can be useful (see .node.status.conditions), the ability to deconflict is important. type: string required: - lastTransitionTime @@ -941,36 +998,46 @@ spec: type: object type: array failureMessage: - description: "FailureMessage will be set in the event that there is - a terminal problem reconciling the MachinePool and will contain - a more verbose string suitable for logging and human consumption. - \n This field should not be set for transitive errors that a controller - faces that are expected to be fixed automatically over time (like - service outages), but instead indicate that something is fundamentally - wrong with the MachinePool's spec or the configuration of the controller, - and that manual intervention is required. Examples of terminal errors - would be invalid combinations of settings in the spec, values that - are unsupported by the controller, or the responsible controller - itself being critically misconfigured. \n Any transient errors that - occur during the reconciliation of MachinePools can be added as - events to the MachinePool object and/or logged in the controller's - output." + description: |- + FailureMessage will be set in the event that there is a terminal problem + reconciling the MachinePool and will contain a more verbose string suitable + for logging and human consumption. + + + This field should not be set for transitive errors that a controller + faces that are expected to be fixed automatically over + time (like service outages), but instead indicate that something is + fundamentally wrong with the MachinePool's spec or the configuration of + the controller, and that manual intervention is required. Examples + of terminal errors would be invalid combinations of settings in the + spec, values that are unsupported by the controller, or the + responsible controller itself being critically misconfigured. + + + Any transient errors that occur during the reconciliation of MachinePools + can be added as events to the MachinePool object and/or logged in the + controller's output. type: string failureReason: - description: "FailureReason will be set in the event that there is - a terminal problem reconciling the MachinePool and will contain - a succinct value suitable for machine interpretation. \n This field - should not be set for transitive errors that a controller faces - that are expected to be fixed automatically over time (like service - outages), but instead indicate that something is fundamentally wrong - with the Machine's spec or the configuration of the controller, - and that manual intervention is required. Examples of terminal errors - would be invalid combinations of settings in the spec, values that - are unsupported by the controller, or the responsible controller - itself being critically misconfigured. \n Any transient errors that - occur during the reconciliation of MachinePools can be added as - events to the MachinePool object and/or logged in the controller's - output." + description: |- + FailureReason will be set in the event that there is a terminal problem + reconciling the MachinePool and will contain a succinct value suitable + for machine interpretation. + + + This field should not be set for transitive errors that a controller + faces that are expected to be fixed automatically over + time (like service outages), but instead indicate that something is + fundamentally wrong with the Machine's spec or the configuration of + the controller, and that manual intervention is required. Examples + of terminal errors would be invalid combinations of settings in the + spec, values that are unsupported by the controller, or the + responsible controller itself being critically misconfigured. + + + Any transient errors that occur during the reconciliation of MachinePools + can be added as events to the MachinePool object and/or logged in the + controller's output. type: string launchTemplateID: description: The ID of the launch template @@ -980,8 +1047,9 @@ spec: type: string ready: default: false - description: Ready denotes that the AWSManagedMachinePool nodegroup - has joined the cluster + description: |- + Ready denotes that the AWSManagedMachinePool nodegroup has joined + the cluster type: boolean replicas: description: Replicas is the most recently observed number of replicas. diff --git a/config/crd/bases/infrastructure.cluster.x-k8s.io_rosaclusters.yaml b/config/crd/bases/infrastructure.cluster.x-k8s.io_rosaclusters.yaml index 532f17359e..2d0c295c0b 100644 --- a/config/crd/bases/infrastructure.cluster.x-k8s.io_rosaclusters.yaml +++ b/config/crd/bases/infrastructure.cluster.x-k8s.io_rosaclusters.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: rosaclusters.infrastructure.cluster.x-k8s.io spec: group: infrastructure.cluster.x-k8s.io @@ -38,14 +38,19 @@ spec: description: ROSACluster is the Schema for the ROSAClusters API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -73,9 +78,9 @@ spec: properties: failureDomains: additionalProperties: - description: FailureDomainSpec is the Schema for Cluster API failure - domains. It allows controllers to understand how many failure - domains a cluster can optionally span across. + description: |- + FailureDomainSpec is the Schema for Cluster API failure domains. + It allows controllers to understand how many failure domains a cluster can optionally span across. properties: attributes: additionalProperties: diff --git a/config/crd/bases/infrastructure.cluster.x-k8s.io_rosamachinepools.yaml b/config/crd/bases/infrastructure.cluster.x-k8s.io_rosamachinepools.yaml index 699aa25701..fc25c3bb19 100644 --- a/config/crd/bases/infrastructure.cluster.x-k8s.io_rosamachinepools.yaml +++ b/config/crd/bases/infrastructure.cluster.x-k8s.io_rosamachinepools.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: rosamachinepools.infrastructure.cluster.x-k8s.io spec: group: infrastructure.cluster.x-k8s.io @@ -33,14 +33,19 @@ spec: description: ROSAMachinePool is the Schema for the rosamachinepools API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -48,8 +53,9 @@ spec: description: RosaMachinePoolSpec defines the desired state of RosaMachinePool. properties: additionalSecurityGroups: - description: AdditionalSecurityGroups is an optional set of security - groups to associate with all node instances of the machine pool. + description: |- + AdditionalSecurityGroups is an optional set of security groups to associate + with all node instances of the machine pool. items: type: string type: array @@ -61,12 +67,14 @@ spec: type: object autoRepair: default: false - description: AutoRepair specifies whether health checks should be - enabled for machines in the NodePool. The default is false. + description: |- + AutoRepair specifies whether health checks should be enabled for machines + in the NodePool. The default is false. type: boolean autoscaling: - description: Autoscaling specifies auto scaling behaviour for this - MachinePool. required if Replicas is not configured + description: |- + Autoscaling specifies auto scaling behaviour for this MachinePool. + required if Replicas is not configured properties: maxReplicas: minimum: 1 @@ -76,9 +84,9 @@ spec: type: integer type: object availabilityZone: - description: AvailabilityZone is an optinal field specifying the availability - zone where instances of this machine pool should run For Multi-AZ - clusters, you can create a machine pool in a Single-AZ of your choice. + description: |- + AvailabilityZone is an optinal field specifying the availability zone where instances of this machine pool should run + For Multi-AZ clusters, you can create a machine pool in a Single-AZ of your choice. type: string instanceType: description: InstanceType specifies the AWS instance type @@ -89,18 +97,19 @@ spec: description: Labels specifies labels for the Kubernetes node objects type: object nodeDrainGracePeriod: - description: "NodeDrainGracePeriod is grace period for how long Pod - Disruption Budget-protected workloads will be respected during upgrades. - After this grace period, any workloads protected by Pod Disruption - Budgets that have not been successfully drained from a node will - be forcibly evicted. \n Valid values are from 0 to 1 week(10080m|168h) - . 0 or empty value means that the MachinePool can be drained without - any time limitation." + description: |- + NodeDrainGracePeriod is grace period for how long Pod Disruption Budget-protected workloads will be + respected during upgrades. After this grace period, any workloads protected by Pod Disruption + Budgets that have not been successfully drained from a node will be forcibly evicted. + + + Valid values are from 0 to 1 week(10080m|168h) . + 0 or empty value means that the MachinePool can be drained without any time limitation. type: string nodePoolName: - description: NodePoolName specifies the name of the nodepool in Rosa - must be a valid DNS-1035 label, so it must consist of lower case - alphanumeric and have a max length of 15 characters. + description: |- + NodePoolName specifies the name of the nodepool in Rosa + must be a valid DNS-1035 label, so it must consist of lower case alphanumeric and have a max length of 15 characters. maxLength: 15 pattern: ^[a-z]([-a-z0-9]*[a-z0-9])?$ type: string @@ -125,9 +134,9 @@ spec: description: RosaTaint represents a taint to be applied to a node. properties: effect: - description: The effect of the taint on pods that do not tolerate - the taint. Valid effects are NoSchedule, PreferNoSchedule - and NoExecute. + description: |- + The effect of the taint on pods that do not tolerate the taint. + Valid effects are NoSchedule, PreferNoSchedule and NoExecute. enum: - NoSchedule - PreferNoSchedule @@ -146,15 +155,16 @@ spec: type: object type: array tuningConfigs: - description: TuningConfigs specifies the names of the tuning configs - to be applied to this MachinePool. Tuning configs must already exist. + description: |- + TuningConfigs specifies the names of the tuning configs to be applied to this MachinePool. + Tuning configs must already exist. items: type: string type: array version: - description: Version specifies the OpenShift version of the nodes - associated with this machinepool. ROSAControlPlane version is used - if not set. + description: |- + Version specifies the OpenShift version of the nodes associated with this machinepool. + ROSAControlPlane version is used if not set. type: string required: - instanceType @@ -171,37 +181,37 @@ spec: operational state. properties: lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. + description: |- + Last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when + the API field changed is acceptable. format: date-time type: string message: - description: A human readable message indicating details about - the transition. This field may be empty. + description: |- + A human readable message indicating details about the transition. + This field may be empty. type: string reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. + description: |- + The reason for the condition's last transition in CamelCase. + The specific API may choose whether or not this field is considered a guaranteed API. + This field may not be empty. type: string severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. + description: |- + Severity provides an explicit classification of Reason code, so the users or machines can immediately + understand the current situation and act accordingly. + The Severity field MUST be set only when Status=False. type: string status: description: Status of the condition, one of True, False, Unknown. type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions + can be useful (see .node.status.conditions), the ability to deconflict is important. type: string required: - lastTransitionTime @@ -210,20 +220,24 @@ spec: type: object type: array failureMessage: - description: "FailureMessage will be set in the event that there is - a terminal problem reconciling the state and will be set to a descriptive - error message. \n This field should not be set for transitive errors - that a controller faces that are expected to be fixed automatically - over time (like service outages), but instead indicate that something - is fundamentally wrong with the spec or the configuration of the - controller, and that manual intervention is required." + description: |- + FailureMessage will be set in the event that there is a terminal problem + reconciling the state and will be set to a descriptive error message. + + + This field should not be set for transitive errors that a controller + faces that are expected to be fixed automatically over + time (like service outages), but instead indicate that something is + fundamentally wrong with the spec or the configuration of + the controller, and that manual intervention is required. type: string id: description: ID is the ID given by ROSA. type: string ready: default: false - description: Ready denotes that the RosaMachinePool nodepool has joined + description: |- + Ready denotes that the RosaMachinePool nodepool has joined the cluster type: boolean replicas: diff --git a/controllers/awsmachine_controller_unit_test.go b/controllers/awsmachine_controller_unit_test.go index 8d2d6fc5bd..ebf7785079 100644 --- a/controllers/awsmachine_controller_unit_test.go +++ b/controllers/awsmachine_controller_unit_test.go @@ -1099,7 +1099,7 @@ func TestAWSMachineReconciler(t *testing.T) { defer teardown(t, g) setNodeRef(t, g) - ms.AWSMachine.Status.FailureReason = capierrors.MachineStatusErrorPtr(capierrors.UpdateMachineError) + ms.AWSMachine.Status.FailureReason = ptr.To(capierrors.UpdateMachineError) secretSvc.EXPECT().Delete(gomock.Any()).Return(nil).Times(1) ec2Svc.EXPECT().TerminateInstance(gomock.Any()).Return(nil).AnyTimes() _, _ = reconciler.reconcileDelete(ms, cs, cs, cs, cs) @@ -1229,7 +1229,7 @@ func TestAWSMachineReconciler(t *testing.T) { defer teardown(t, g) setSSM(t, g) - ms.AWSMachine.Status.FailureReason = capierrors.MachineStatusErrorPtr(capierrors.UpdateMachineError) + ms.AWSMachine.Status.FailureReason = ptr.To(capierrors.UpdateMachineError) secretSvc.EXPECT().Delete(gomock.Any()).Return(nil).Times(1) ec2Svc.EXPECT().TerminateInstance(gomock.Any()).Return(nil).AnyTimes() _, _ = reconciler.reconcileDelete(ms, cs, cs, cs, cs) @@ -1446,7 +1446,7 @@ func TestAWSMachineReconciler(t *testing.T) { useIgnitionWithClusterObjectStore(t, g) // TODO: This seems to have no effect on the test result. - ms.AWSMachine.Status.FailureReason = capierrors.MachineStatusErrorPtr(capierrors.UpdateMachineError) + ms.AWSMachine.Status.FailureReason = ptr.To(capierrors.UpdateMachineError) objectStoreSvc.EXPECT().Delete(gomock.Any()).Return(nil).Times(1) ec2Svc.EXPECT().TerminateInstance(gomock.Any()).Return(nil).AnyTimes() @@ -1518,7 +1518,7 @@ func TestAWSMachineReconciler(t *testing.T) { useIgnitionWithClusterObjectStore(t, g) // TODO: This seems to have no effect on the test result. - ms.AWSMachine.Status.FailureReason = capierrors.MachineStatusErrorPtr(capierrors.UpdateMachineError) + ms.AWSMachine.Status.FailureReason = ptr.To(capierrors.UpdateMachineError) objectStoreSvc.EXPECT().Delete(gomock.Any()).Return(nil).Times(1) ec2Svc.EXPECT().TerminateInstance(gomock.Any()).Return(nil).AnyTimes() _, _ = reconciler.reconcileDelete(ms, cs, cs, cs, cs) diff --git a/exp/controllers/awsmachinepool_controller.go b/exp/controllers/awsmachinepool_controller.go index 8114604c7a..741cdcdb10 100644 --- a/exp/controllers/awsmachinepool_controller.go +++ b/exp/controllers/awsmachinepool_controller.go @@ -586,7 +586,7 @@ func machinePoolToInfrastructureMapFunc(gvk schema.GroupVersionKind) handler.Map return func(ctx context.Context, o client.Object) []reconcile.Request { m, ok := o.(*expclusterv1.MachinePool) if !ok { - klog.Error("Expected a MachinePool but got a %T", o) + klog.Errorf("Expected a MachinePool but got a %T", o) } gk := gvk.GroupKind() diff --git a/feature/feature.go b/feature/feature.go index 916aebb640..061e4edd57 100644 --- a/feature/feature.go +++ b/feature/feature.go @@ -101,7 +101,7 @@ var defaultCAPAFeatureGates = map[featuregate.Feature]featuregate.FeatureSpec{ EKSAllowAddRoles: {Default: false, PreRelease: featuregate.Beta}, EKSFargate: {Default: false, PreRelease: featuregate.Alpha}, EventBridgeInstanceState: {Default: false, PreRelease: featuregate.Alpha}, - MachinePool: {Default: false, PreRelease: featuregate.Alpha}, + MachinePool: {Default: true, PreRelease: featuregate.Beta}, AutoControllerIdentityCreator: {Default: true, PreRelease: featuregate.Alpha}, BootstrapFormatIgnition: {Default: false, PreRelease: featuregate.Alpha}, ExternalResourceGC: {Default: false, PreRelease: featuregate.Alpha}, diff --git a/go.mod b/go.mod index fdfaaa5588..35c8c9ec7e 100644 --- a/go.mod +++ b/go.mod @@ -9,8 +9,8 @@ replace ( github.com/prometheus/client_golang => github.com/prometheus/client_golang v1.18.0 github.com/prometheus/common => github.com/prometheus/common v0.46.0 // kube-openapi should match the version imported by CAPI. - k8s.io/kube-openapi => k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9 - sigs.k8s.io/cluster-api => sigs.k8s.io/cluster-api v1.6.1 + k8s.io/kube-openapi => k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 + sigs.k8s.io/cluster-api => sigs.k8s.io/cluster-api v1.7.0 ) require ( @@ -23,14 +23,14 @@ require ( github.com/blang/semver v3.5.1+incompatible github.com/coreos/ignition v0.35.0 github.com/coreos/ignition/v2 v2.16.2 - github.com/go-logr/logr v1.3.0 + github.com/go-logr/logr v1.4.1 github.com/gofrs/flock v0.8.1 github.com/golang/mock v1.6.0 github.com/google/go-cmp v0.6.0 github.com/google/goexpect v0.0.0-20210430020637-ab937bf7fd6f github.com/google/gofuzz v1.2.0 - github.com/onsi/ginkgo/v2 v2.13.1 - github.com/onsi/gomega v1.30.0 + github.com/onsi/ginkgo/v2 v2.17.1 + github.com/onsi/gomega v1.32.0 github.com/openshift-online/ocm-common v0.0.0-20240129111424-ff8c6c11d909 github.com/openshift-online/ocm-sdk-go v0.1.414 github.com/openshift/rosa v1.2.35-rc1.0.20240301152457-ad986cecd364 @@ -44,18 +44,18 @@ require ( golang.org/x/crypto v0.22.0 golang.org/x/text v0.14.0 gopkg.in/yaml.v2 v2.4.0 - k8s.io/api v0.28.4 - k8s.io/apiextensions-apiserver v0.28.4 - k8s.io/apimachinery v0.28.4 - k8s.io/cli-runtime v0.28.4 - k8s.io/client-go v0.28.4 - k8s.io/component-base v0.28.4 - k8s.io/klog/v2 v2.100.1 + k8s.io/api v0.29.3 + k8s.io/apiextensions-apiserver v0.29.3 + k8s.io/apimachinery v0.29.3 + k8s.io/cli-runtime v0.29.3 + k8s.io/client-go v0.29.3 + k8s.io/component-base v0.29.3 + k8s.io/klog/v2 v2.110.1 k8s.io/utils v0.0.0-20240102154912-e7106e64919e sigs.k8s.io/aws-iam-authenticator v0.6.13 - sigs.k8s.io/cluster-api v1.6.1 - sigs.k8s.io/cluster-api/test v1.6.1 - sigs.k8s.io/controller-runtime v0.16.3 + sigs.k8s.io/cluster-api v1.7.0 + sigs.k8s.io/cluster-api/test v1.7.0 + sigs.k8s.io/controller-runtime v0.17.3 sigs.k8s.io/kustomize/api v0.13.5-0.20230601165947-6ce0bf390ce3 sigs.k8s.io/yaml v1.4.0 ) @@ -92,24 +92,23 @@ require ( github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect github.com/daviddengcn/go-colortext v1.0.0 // indirect github.com/distribution/reference v0.5.0 // indirect - github.com/docker/distribution v2.8.3+incompatible // indirect - github.com/docker/docker v24.0.9+incompatible // indirect - github.com/docker/go-connections v0.4.0 // indirect + github.com/docker/docker v25.0.5+incompatible // indirect + github.com/docker/go-connections v0.5.0 // indirect github.com/docker/go-units v0.5.0 // indirect github.com/drone/envsubst/v2 v2.0.0-20210730161058-179042472c46 // indirect - github.com/emicklei/go-restful/v3 v3.11.0 // indirect - github.com/evanphx/json-patch v5.6.0+incompatible // indirect - github.com/evanphx/json-patch/v5 v5.7.0 // indirect + github.com/emicklei/go-restful/v3 v3.12.0 // indirect + github.com/evanphx/json-patch v5.7.0+incompatible // indirect + github.com/evanphx/json-patch/v5 v5.9.0 // indirect github.com/exponent-io/jsonpath v0.0.0-20151013193312-d6023ce2651d // indirect github.com/fatih/camelcase v1.0.0 // indirect github.com/fatih/color v1.16.0 // indirect github.com/felixge/httpsnoop v1.0.4 // indirect - github.com/fsnotify/fsnotify v1.6.0 // indirect + github.com/fsnotify/fsnotify v1.7.0 // indirect github.com/fvbommel/sortorder v1.1.0 // indirect github.com/ghodss/yaml v1.0.0 // indirect github.com/go-errors/errors v1.4.2 // indirect github.com/go-logr/stdr v1.2.2 // indirect - github.com/go-logr/zapr v1.2.4 // indirect + github.com/go-logr/zapr v1.3.0 // indirect github.com/go-openapi/jsonpointer v0.19.6 // indirect github.com/go-openapi/jsonreference v0.20.2 // indirect github.com/go-openapi/swag v0.22.3 // indirect @@ -121,7 +120,7 @@ require ( github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect github.com/golang/protobuf v1.5.4 // indirect github.com/google/btree v1.0.1 // indirect - github.com/google/cel-go v0.16.1 // indirect + github.com/google/cel-go v0.17.7 // indirect github.com/google/gnostic-models v0.6.8 // indirect github.com/google/go-github/v53 v53.2.0 // indirect github.com/google/go-querystring v1.1.0 // indirect @@ -131,8 +130,8 @@ require ( github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect github.com/google/uuid v1.6.0 // indirect github.com/gorilla/css v1.0.1 // indirect + github.com/gorilla/websocket v1.5.0 // indirect github.com/gregjones/httpcache v0.0.0-20190212212710-3befbb6ad0cc // indirect - github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0 // indirect github.com/grpc-ecosystem/grpc-gateway/v2 v2.16.0 // indirect github.com/hashicorp/go-version v1.6.0 // indirect github.com/hashicorp/hcl v1.0.0 // indirect @@ -174,16 +173,16 @@ require ( github.com/prometheus/procfs v0.13.0 // indirect github.com/rivo/uniseg v0.4.2 // indirect github.com/russross/blackfriday/v2 v2.1.0 // indirect - github.com/sagikazarmark/locafero v0.3.0 // indirect + github.com/sagikazarmark/locafero v0.4.0 // indirect github.com/sagikazarmark/slog-shim v0.1.0 // indirect github.com/sanathkr/go-yaml v0.0.0-20170819195128-ed9d249f429b // indirect github.com/sanathkr/yaml v0.0.0-20170819201035-0056894fa522 // indirect github.com/shopspring/decimal v1.3.1 // indirect github.com/skratchdot/open-golang v0.0.0-20200116055534-eef842397966 // indirect github.com/sourcegraph/conc v0.3.0 // indirect - github.com/spf13/afero v1.10.0 // indirect - github.com/spf13/cast v1.5.1 // indirect - github.com/spf13/viper v1.17.0 // indirect + github.com/spf13/afero v1.11.0 // indirect + github.com/spf13/cast v1.6.0 // indirect + github.com/spf13/viper v1.18.2 // indirect github.com/stoewer/go-strcase v1.2.0 // indirect github.com/stretchr/testify v1.9.0 // indirect github.com/subosito/gotenv v1.6.0 // indirect @@ -191,50 +190,43 @@ require ( github.com/vincent-petithory/dataurl v1.0.0 // indirect github.com/xlab/treeprint v1.2.0 // indirect gitlab.com/c0b/go-ordered-json v0.0.0-20171130231205-49bbdab258c2 // indirect - go.etcd.io/etcd/api/v3 v3.5.10 // indirect - go.etcd.io/etcd/client/pkg/v3 v3.5.10 // indirect - go.etcd.io/etcd/client/v3 v3.5.10 // indirect - go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.46.0 // indirect go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.46.0 // indirect - go.opentelemetry.io/otel v1.20.0 // indirect - go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.20.0 // indirect + go.opentelemetry.io/otel v1.22.0 // indirect + go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.22.0 // indirect go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.20.0 // indirect - go.opentelemetry.io/otel/metric v1.20.0 // indirect - go.opentelemetry.io/otel/sdk v1.20.0 // indirect - go.opentelemetry.io/otel/trace v1.20.0 // indirect + go.opentelemetry.io/otel/metric v1.22.0 // indirect + go.opentelemetry.io/otel/sdk v1.22.0 // indirect + go.opentelemetry.io/otel/trace v1.22.0 // indirect go.opentelemetry.io/proto/otlp v1.0.0 // indirect go.starlark.net v0.0.0-20230525235612-a134d8f9ddca // indirect go.uber.org/multierr v1.11.0 // indirect - go.uber.org/zap v1.25.0 // indirect + go.uber.org/zap v1.26.0 // indirect golang.org/x/exp v0.0.0-20230905200255-921286631fa9 // indirect golang.org/x/net v0.24.0 // indirect golang.org/x/oauth2 v0.19.0 // indirect golang.org/x/sync v0.6.0 // indirect golang.org/x/sys v0.19.0 // indirect golang.org/x/term v0.19.0 // indirect - golang.org/x/time v0.3.0 // indirect - golang.org/x/tools v0.14.0 // indirect + golang.org/x/time v0.5.0 // indirect + golang.org/x/tools v0.17.0 // indirect gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect - google.golang.org/genproto v0.0.0-20230913181813-007df8e322eb // indirect - google.golang.org/genproto/googleapis/api v0.0.0-20230913181813-007df8e322eb // indirect - google.golang.org/genproto/googleapis/rpc v0.0.0-20230920204549-e6e6cdab5c13 // indirect - google.golang.org/grpc v1.59.0 // indirect + google.golang.org/genproto/googleapis/api v0.0.0-20231106174013-bbf56f31fb17 // indirect + google.golang.org/genproto/googleapis/rpc v0.0.0-20231120223509-83a465c0220f // indirect + google.golang.org/grpc v1.60.1 // indirect google.golang.org/protobuf v1.33.0 // indirect gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/ini.v1 v1.67.0 // indirect - gopkg.in/natefinch/lumberjack.v2 v2.2.1 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect - k8s.io/apiserver v0.28.4 // indirect - k8s.io/cluster-bootstrap v0.28.4 // indirect - k8s.io/component-helpers v0.28.4 // indirect - k8s.io/kms v0.28.4 // indirect - k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9 // indirect - k8s.io/kubectl v0.28.4 // indirect - k8s.io/metrics v0.28.4 // indirect - sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.1.2 // indirect + k8s.io/apiserver v0.29.3 // indirect + k8s.io/cluster-bootstrap v0.29.3 // indirect + k8s.io/component-helpers v0.29.3 // indirect + k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 // indirect + k8s.io/kubectl v0.29.3 // indirect + k8s.io/metrics v0.29.3 // indirect + sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.28.0 // indirect sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect - sigs.k8s.io/kind v0.20.0 // indirect + sigs.k8s.io/kind v0.22.0 // indirect sigs.k8s.io/kustomize/kustomize/v5 v5.0.4-0.20230601165947-6ce0bf390ce3 // indirect sigs.k8s.io/kustomize/kyaml v0.14.3-0.20230601165947-6ce0bf390ce3 // indirect - sigs.k8s.io/structured-merge-diff/v4 v4.2.3 // indirect + sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect ) diff --git a/go.sum b/go.sum index f3330fd0c2..9bcd65f813 100644 --- a/go.sum +++ b/go.sum @@ -1,53 +1,10 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= -cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= -cloud.google.com/go v0.38.0/go.mod h1:990N+gfupTy94rShfmMCWGDn0LpTmnzTp2qbd1dvSRU= -cloud.google.com/go v0.44.1/go.mod h1:iSa0KzasP4Uvy3f1mN/7PiObzGgflwredwwASm/v6AU= -cloud.google.com/go v0.44.2/go.mod h1:60680Gw3Yr4ikxnPRS/oxxkBccT6SA1yMk63TGekxKY= -cloud.google.com/go v0.44.3/go.mod h1:60680Gw3Yr4ikxnPRS/oxxkBccT6SA1yMk63TGekxKY= -cloud.google.com/go v0.45.1/go.mod h1:RpBamKRgapWJb87xiFSdk4g1CME7QZg3uwTez+TSTjc= -cloud.google.com/go v0.46.3/go.mod h1:a6bKKbmY7er1mI7TEI4lsAkts/mkhTSZK8w33B4RAg0= -cloud.google.com/go v0.50.0/go.mod h1:r9sluTvynVuxRIOHXQEHMFffphuXHOMZMycpNR5e6To= -cloud.google.com/go v0.52.0/go.mod h1:pXajvRH/6o3+F9jDHZWQ5PbGhn+o8w9qiu/CffaVdO4= -cloud.google.com/go v0.53.0/go.mod h1:fp/UouUEsRkN6ryDKNW/Upv/JBKnv6WDthjR6+vze6M= -cloud.google.com/go v0.54.0/go.mod h1:1rq2OEkV3YMf6n/9ZvGWI3GWw0VoqH/1x2nd8Is/bPc= -cloud.google.com/go v0.56.0/go.mod h1:jr7tqZxxKOVYizybht9+26Z/gUq7tiRzu+ACVAMbKVk= -cloud.google.com/go v0.57.0/go.mod h1:oXiQ6Rzq3RAkkY7N6t3TcE6jE+CIBBbA36lwQ1JyzZs= -cloud.google.com/go v0.62.0/go.mod h1:jmCYTdRCQuc1PHIIJ/maLInMho30T/Y0M4hTdTShOYc= -cloud.google.com/go v0.65.0/go.mod h1:O5N8zS7uWy9vkA9vayVHs65eM1ubvY4h553ofrNHObY= -cloud.google.com/go v0.72.0/go.mod h1:M+5Vjvlc2wnp6tjzE102Dw08nGShTscUx2nZMufOKPI= -cloud.google.com/go v0.74.0/go.mod h1:VV1xSbzvo+9QJOxLDaJfTjx5e+MePCpCWwvftOeQmWk= -cloud.google.com/go v0.75.0/go.mod h1:VGuuCn7PG0dwsd5XPVm2Mm3wlh3EL55/79EKB6hlPTY= -cloud.google.com/go v0.110.7 h1:rJyC7nWRg2jWGZ4wSJ5nY65GTdYJkg0cd/uXb+ACI6o= -cloud.google.com/go/bigquery v1.0.1/go.mod h1:i/xbL2UlR5RvWAURpBYZTtm/cXjCha9lbfbpx4poX+o= -cloud.google.com/go/bigquery v1.3.0/go.mod h1:PjpwJnslEMmckchkHFfq+HTD2DmtT67aNFKH1/VBDHE= -cloud.google.com/go/bigquery v1.4.0/go.mod h1:S8dzgnTigyfTmLBfrtrhyYhwRxG72rYxvftPBK2Dvzc= -cloud.google.com/go/bigquery v1.5.0/go.mod h1:snEHRnqQbz117VIFhE8bmtwIDY80NLUZUMb4Nv6dBIg= -cloud.google.com/go/bigquery v1.7.0/go.mod h1://okPTzCYNXSlb24MZs83e2Do+h+VXtc4gLoIoXIAPc= -cloud.google.com/go/bigquery v1.8.0/go.mod h1:J5hqkt3O0uAFnINi6JXValWIb1v0goeZM77hZzJN/fQ= -cloud.google.com/go/compute v1.23.0 h1:tP41Zoavr8ptEqaW6j+LQOnyBBhO7OkOMAGrgLopTwY= -cloud.google.com/go/compute v1.23.0/go.mod h1:4tCnrn48xsqlwSAiLf1HXMQk8CONslYbdiEZc9FEIbM= -cloud.google.com/go/compute/metadata v0.2.3 h1:mg4jlk7mCAj6xXp9UJ4fjI9VUI5rubuGBW5aJ7UnBMY= -cloud.google.com/go/compute/metadata v0.2.3/go.mod h1:VAV5nSsACxMJvgaAuX6Pk2AawlZn8kiOGuCv6gTkwuA= -cloud.google.com/go/datastore v1.0.0/go.mod h1:LXYbyblFSglQ5pkeyhO+Qmw7ukd3C+pD7TKLgZqpHYE= -cloud.google.com/go/datastore v1.1.0/go.mod h1:umbIZjpQpHh4hmRpGhH4tLFup+FVzqBi1b3c64qFpCk= -cloud.google.com/go/pubsub v1.0.1/go.mod h1:R0Gpsv3s54REJCy4fxDixWD93lHJMoZTyQ2kNxGRt3I= -cloud.google.com/go/pubsub v1.1.0/go.mod h1:EwwdRX2sKPjnvnqCa270oGRyludottCI76h+R3AArQw= -cloud.google.com/go/pubsub v1.2.0/go.mod h1:jhfEVHT8odbXTkndysNHCcx0awwzvfOlguIAii9o8iA= -cloud.google.com/go/pubsub v1.3.1/go.mod h1:i+ucay31+CNRpDW4Lu78I4xXG+O1r/MAHgjpRVR+TSU= -cloud.google.com/go/storage v1.0.0/go.mod h1:IhtSnM/ZTZV8YYJWCY8RULGVqBDmpoyjwiyrjsg+URw= -cloud.google.com/go/storage v1.5.0/go.mod h1:tpKbwo567HUNpVclU5sGELwQWBDZ8gh0ZeosJ0Rtdos= -cloud.google.com/go/storage v1.6.0/go.mod h1:N7U0C8pVQ/+NIKOBQyamJIeKQKkZ+mxpohlUTyfDhBk= -cloud.google.com/go/storage v1.8.0/go.mod h1:Wv1Oy7z6Yz3DshWRJFhqM/UCfaWIRTdp0RXyy7KQOVs= -cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9ullr3+Kg0= -cloud.google.com/go/storage v1.14.0/go.mod h1:GrKmX003DSIwi9o29oFT7YDnHYwZoctc3fOKtUw0Xmo= -dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 h1:UQHMgLO+TxOElx5B5HZ4hJQsoJ/PvUvKRhJHDQXO8P8= github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1/go.mod h1:xomTg63KZ2rFqZQzSB4Vz2SUXa1BpHTVz9L5PTmPC4E= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/BurntSushi/toml v1.0.0/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ= github.com/BurntSushi/toml v1.2.1 h1:9F2/+DoOYIOksmaJFPw1tGFy1eDnIJXg+UHjuD8lTak= github.com/BurntSushi/toml v1.2.1/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ= -github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= github.com/MakeNowJust/heredoc v1.0.0 h1:cXCdzVdstXyiTqTvfqk9SDHpKNjxuom+DOlyEeQ4pzQ= github.com/MakeNowJust/heredoc v1.0.0/go.mod h1:mG5amYoWBHf8vpLOuehzbGGw0EHxpZZ6lCpQ4fNJ8LE= github.com/Masterminds/goutils v1.1.1 h1:5nUrii3FMTL5diU80unEVvNevw1nH4+ZV4DSLVJLSYI= @@ -92,9 +49,6 @@ github.com/awslabs/goformation/v4 v4.19.5 h1:Y+Tzh01tWg8gf//AgGKUamaja7Wx9NPiJf1 github.com/awslabs/goformation/v4 v4.19.5/go.mod h1:JoNpnVCBOUtEz9bFxc9sjy8uBUCLF5c4D1L7RhRTVM8= github.com/aymerick/douceur v0.2.0 h1:Mv+mAeH1Q+n9Fr+oyamOlAkUNPWPlA8PPGR0QAaYuPk= github.com/aymerick/douceur v0.2.0/go.mod h1:wlT5vV2O3h55X9m7iVYN0TBM0NH/MmbLnd30/FjWUq4= -github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA= -github.com/benbjohnson/clock v1.3.0 h1:ip6w0uFQkncKQ979AypyG0ER7mqUSBdKLOgAle/AT8A= -github.com/benbjohnson/clock v1.3.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA= github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= github.com/blang/semver v3.5.1+incompatible h1:cQNTCjp13qL8KC3Nbxr/y2Bqb63oX6wdnnjpJbkM4JQ= @@ -119,10 +73,8 @@ github.com/cloudflare/circl v1.1.0/go.mod h1:prBCrKB9DV4poKZY1l9zBXg2QJY7mvgRvtM github.com/cloudflare/circl v1.3.7 h1:qlCDlTPz2n9fu58M0Nh1J/JzcFpfgkFHHX3O35r5vcU= github.com/cloudflare/circl v1.3.7/go.mod h1:sRTcRWXGLrKw6yIGJ+l7amYJFfAXbZG0kBSc8r4zxgA= github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= -github.com/cncf/udpa/go v0.0.0-20200629203442-efcf912fb354/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= -github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= -github.com/cncf/xds/go v0.0.0-20230607035331-e9ce68804cb4 h1:/inchEIKaYC1Akx+H+gqO04wryn5h75LSazbRlnya1k= -github.com/cncf/xds/go v0.0.0-20230607035331-e9ce68804cb4/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= +github.com/containerd/log v0.1.0 h1:TCJt7ioM2cr/tfR8GPbGf9/VRAX8D2B4PjzCpfX540I= +github.com/containerd/log v0.1.0/go.mod h1:VRRf09a7mHDIRezVKTRCrOq78v577GXq3bSa3EhrzVo= github.com/coredns/caddy v1.1.0 h1:ezvsPrT/tA/7pYDBZxu0cT0VmWk75AfIaf6GSYCNMf0= github.com/coredns/caddy v1.1.0/go.mod h1:A6ntJQlAWuQfFlsd9hvigKbo2WS0VUs2l1e2F+BawD4= github.com/coredns/corefile-migration v1.0.21 h1:W/DCETrHDiFo0Wj03EyMkaQ9fwsmSgqTCQDHpceaSsE= @@ -155,33 +107,27 @@ github.com/daviddengcn/go-colortext v1.0.0 h1:ANqDyC0ys6qCSvuEK7l3g5RaehL/Xck9EX github.com/daviddengcn/go-colortext v1.0.0/go.mod h1:zDqEI5NVUop5QPpVJUxE9UO10hRnmkD5G4Pmri9+m4c= github.com/distribution/reference v0.5.0 h1:/FUIFXtfc/x2gpa5/VGfiGLuOIdYa1t65IKK2OFGvA0= github.com/distribution/reference v0.5.0/go.mod h1:BbU0aIcezP1/5jX/8MP0YiH4SdvB5Y4f/wlDRiLyi3E= -github.com/docker/distribution v2.8.3+incompatible h1:AtKxIZ36LoNK51+Z6RpzLpddBirtxJnzDrHLEKxTAYk= -github.com/docker/distribution v2.8.3+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= -github.com/docker/docker v24.0.9+incompatible h1:HPGzNmwfLZWdxHqK9/II92pyi1EpYKsAqcl4G0Of9v0= -github.com/docker/docker v24.0.9+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= -github.com/docker/go-connections v0.4.0 h1:El9xVISelRB7BuFusrZozjnkIM5YnzCViNKohAFqRJQ= -github.com/docker/go-connections v0.4.0/go.mod h1:Gbd7IOopHjR8Iph03tsViu4nIes5XhDvyHbTtUxmeec= +github.com/docker/docker v25.0.5+incompatible h1:UmQydMduGkrD5nQde1mecF/YnSbTOaPeFIeP5C4W+DE= +github.com/docker/docker v25.0.5+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= +github.com/docker/go-connections v0.5.0 h1:USnMq7hx7gwdVZq1L49hLXaFtUdTADjXGp+uj1Br63c= +github.com/docker/go-connections v0.5.0/go.mod h1:ov60Kzw0kKElRwhNs9UlUHAE/F9Fe6GLaXnqyDdmEXc= github.com/docker/go-units v0.5.0 h1:69rxXcBk27SvSaaxTtLh/8llcHD8vYHT7WSdRZ/jvr4= github.com/docker/go-units v0.5.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk= github.com/drone/envsubst/v2 v2.0.0-20210730161058-179042472c46 h1:7QPwrLT79GlD5sizHf27aoY2RTvw62mO6x7mxkScNk0= github.com/drone/envsubst/v2 v2.0.0-20210730161058-179042472c46/go.mod h1:esf2rsHFNlZlxsqsZDojNBcnNs5REqIvRrWRHqX0vEU= github.com/dustin/go-humanize v1.0.1 h1:GzkhY7T5VNhEkwH0PVJgjz+fX1rhBrR7pRT3mDkpeCY= github.com/dustin/go-humanize v1.0.1/go.mod h1:Mu1zIs6XwVuF/gI1OepvI0qD18qycQx+mFykh5fBlto= -github.com/emicklei/go-restful/v3 v3.11.0 h1:rAQeMHw1c7zTmncogyy8VvRZwtkmkZ4FxERmMY4rD+g= -github.com/emicklei/go-restful/v3 v3.11.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= +github.com/emicklei/go-restful/v3 v3.12.0 h1:y2DdzBAURM29NFF94q6RaY4vjIH1rtwDapwQtU84iWk= +github.com/emicklei/go-restful/v3 v3.12.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98= -github.com/envoyproxy/go-control-plane v0.9.7/go.mod h1:cwu0lG7PUMfa9snN8LXBig5ynNVH9qI8YYLbd1fK2po= -github.com/envoyproxy/go-control-plane v0.9.9-0.20201210154907-fd9021fe5dad/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk= github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= -github.com/envoyproxy/protoc-gen-validate v1.0.2 h1:QkIBuU5k+x7/QXPvPPnWXWlCdaBFApVqftFV6k087DA= -github.com/envoyproxy/protoc-gen-validate v1.0.2/go.mod h1:GpiZQP3dDbg4JouG/NNS7QWXpgx6x8QiMKdmN72jogE= -github.com/evanphx/json-patch v5.6.0+incompatible h1:jBYDEEiFBPxA0v50tFdvOzQQTCvpL6mnFh5mB2/l16U= -github.com/evanphx/json-patch v5.6.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= +github.com/evanphx/json-patch v5.7.0+incompatible h1:vgGkfT/9f8zE6tvSCe74nfpAVDQ2tG6yudJd8LBksgI= +github.com/evanphx/json-patch v5.7.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= github.com/evanphx/json-patch/v5 v5.6.0/go.mod h1:G79N1coSVB93tBe7j6PhzjmR3/2VvlbKOFpnXhI9Bw4= -github.com/evanphx/json-patch/v5 v5.7.0 h1:nJqP7uwL84RJInrohHfW0Fx3awjbm8qZeFv0nW9SYGc= -github.com/evanphx/json-patch/v5 v5.7.0/go.mod h1:VNkHZ/282BpEyt/tObQO8s5CMPmYYq14uClGH4abBuQ= +github.com/evanphx/json-patch/v5 v5.9.0 h1:kcBlZQbplgElYIlo/n1hJbls2z/1awpXxpRi0/FOJfg= +github.com/evanphx/json-patch/v5 v5.9.0/go.mod h1:VNkHZ/282BpEyt/tObQO8s5CMPmYYq14uClGH4abBuQ= github.com/exponent-io/jsonpath v0.0.0-20151013193312-d6023ce2651d h1:105gxyaGwCFad8crR9dcMQWvV9Hvulu6hwUh4tWPJnM= github.com/exponent-io/jsonpath v0.0.0-20151013193312-d6023ce2651d/go.mod h1:ZZMPRZwes7CROmyNKgQzC3XPs6L/G2EJLHddWejkmf4= github.com/fatih/camelcase v1.0.0 h1:hxNvNX/xYBp0ovncs8WyWZrOrpBNub/JfaMvbURyft8= @@ -191,30 +137,26 @@ github.com/fatih/color v1.16.0 h1:zmkK9Ngbjj+K0yRhTVONQh1p/HknKYSlNT+vZCzyokM= github.com/fatih/color v1.16.0/go.mod h1:fL2Sau1YI5c0pdGEVCbKQbLXB6edEj1ZgiY4NijnWvE= github.com/felixge/httpsnoop v1.0.4 h1:NFTV2Zj1bL4mc9sqWACXbQFVBBg2W3GPvqp8/ESS2Wg= github.com/felixge/httpsnoop v1.0.4/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U= -github.com/frankban/quicktest v1.14.4 h1:g2rn0vABPOOXmZUj+vbmUp0lPoXEMuhTpIluN0XL9UY= -github.com/frankban/quicktest v1.14.4/go.mod h1:4ptaffx2x8+WTWXmUCuVU6aPUX1/Mz7zb5vbUoiM6w0= +github.com/frankban/quicktest v1.14.6 h1:7Xjx+VpznH+oBnejlPUj8oUpdxnVs4f8XU8WnHkI4W8= +github.com/frankban/quicktest v1.14.6/go.mod h1:4ptaffx2x8+WTWXmUCuVU6aPUX1/Mz7zb5vbUoiM6w0= github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ= -github.com/fsnotify/fsnotify v1.6.0 h1:n+5WquG0fcWoWp6xPWfHdbskMCQaFnG6PfBrh1Ky4HY= -github.com/fsnotify/fsnotify v1.6.0/go.mod h1:sl3t1tCWJFWoRz9R8WJCbQihKKwmorjAbSClcnxKAGw= +github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nosvA= +github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM= github.com/fvbommel/sortorder v1.1.0 h1:fUmoe+HLsBTctBDoaBwpQo5N+nrCp8g/BjKb/6ZQmYw= github.com/fvbommel/sortorder v1.1.0/go.mod h1:uk88iVf1ovNn1iLfgUVU2F9o5eO30ui720w+kxuqRs0= github.com/ghodss/yaml v1.0.0 h1:wQHKEahhL6wmXdzwWG11gIVCkOv05bNOh+Rxn0yngAk= github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= github.com/go-errors/errors v1.4.2 h1:J6MZopCL4uSllY1OfXM374weqZFFItUbrImctkmUxIA= github.com/go-errors/errors v1.4.2/go.mod h1:sIVyrIiJhuEF+Pj9Ebtd6P/rEYROXFi3BopGUQ5a5Og= -github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= -github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= -github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= -github.com/go-logr/logr v1.2.0/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-logr/logr v1.2.4/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-logr/logr v1.3.0 h1:2y3SDp0ZXuc6/cjLSZ+Q3ir+QB9T/iG5yYRXqsagWSY= github.com/go-logr/logr v1.3.0/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= +github.com/go-logr/logr v1.4.1 h1:pKouT5E8xu9zeFC39JXRDukb6JFQPXM5p5I91188VAQ= +github.com/go-logr/logr v1.4.1/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag= github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE= -github.com/go-logr/zapr v1.2.4 h1:QHVo+6stLbfJmYGkQ7uGHUCu5hnAFAj6mDe6Ea0SeOo= -github.com/go-logr/zapr v1.2.4/go.mod h1:FyHWQIzQORZ0QVE1BtVHv3cKtNLuXsbNLtpuhNapBOA= +github.com/go-logr/zapr v1.3.0 h1:XGdV8XW8zdwFiwOA2Dryh1gj2KRQyOOoNmBy4EplIcQ= +github.com/go-logr/zapr v1.3.0/go.mod h1:YKepepNBd1u/oyhd/yQmtjVXmm9uML4IXUgMOwR8/Gg= github.com/go-openapi/jsonpointer v0.19.6 h1:eCs3fxoIi3Wh6vtgmLTOjdhSpiqphQ+DaPn38N2ZdrE= github.com/go-openapi/jsonpointer v0.19.6/go.mod h1:osyAmYz/mB/C3I+WsTTSgw1ONzaLJoLCyoi6/zppojs= github.com/go-openapi/jsonreference v0.20.2 h1:3sVjiK66+uXK/6oQ8xgcRKcFgQ5KXa2KvnJRumpMGbE= @@ -236,26 +178,14 @@ github.com/golang-jwt/jwt/v4 v4.5.0/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= github.com/golang/glog v1.2.1 h1:OptwRhECazUx5ix5TTWC3EZhsZEHWcYWY4FQHTIubm4= github.com/golang/glog v1.2.1/go.mod h1:6AhwSGph0fcJtXVM/PEHPqZlFeoLxhs7/t5UDAwmO+w= -github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= -github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= -github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE= github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= -github.com/golang/mock v1.2.0/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= -github.com/golang/mock v1.3.1/go.mod h1:sBzyDLLjw3U8JLTeZvSv8jJB+tU5PVekmnlKIyFUx0Y= -github.com/golang/mock v1.4.0/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= -github.com/golang/mock v1.4.1/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= -github.com/golang/mock v1.4.3/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= -github.com/golang/mock v1.4.4/go.mod h1:l3mdAwkq5BuhzHwde/uurv3sEJeZMXNpwsxVWU71h+4= github.com/golang/mock v1.6.0 h1:ErTB+efbowRARo13NNdxyJji2egdxLGQhRaY+DUumQc= github.com/golang/mock v1.6.0/go.mod h1:p6yTPP+5HYm5mzsMV8JkE6ZKdX+/wYM6Hr+LicevLPs= github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.3.3/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw= -github.com/golang/protobuf v1.3.4/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw= -github.com/golang/protobuf v1.3.5/go.mod h1:6O5/vntMXwX2lRkT1hjjk0nAC1IDOTvTlVgjlRvqsdk= github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8= github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA= github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs= @@ -263,7 +193,6 @@ github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:W github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0= github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8= github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= -github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek= @@ -273,23 +202,19 @@ github.com/golangplus/bytes v1.0.0/go.mod h1:AdRaCFwmc/00ZzELMWb01soso6W1R/++O1X github.com/golangplus/fmt v1.0.0/go.mod h1:zpM0OfbMCjPtd2qkTD/jX2MgiFCqklhSUFyDW44gVQE= github.com/golangplus/testing v1.0.0 h1:+ZeeiKZENNOMkTTELoSySazi+XaEhVO0mb+eanrSEUQ= github.com/golangplus/testing v1.0.0/go.mod h1:ZDreixUV3YzhoVraIDyOzHrr76p6NUh6k/pPg/Q3gYA= -github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= -github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= github.com/google/btree v1.0.1 h1:gK4Kx5IaGY9CD5sPJ36FHiBJ6ZXl0kilRiiCj+jdYp4= github.com/google/btree v1.0.1/go.mod h1:xXMiIv4Fb/0kKde4SpL7qlzvu5cMJDRkFDxJfI9uaxA= -github.com/google/cel-go v0.16.1 h1:3hZfSNiAU3KOiNtxuFXVp5WFy4hf/Ly3Sa4/7F8SXNo= -github.com/google/cel-go v0.16.1/go.mod h1:HXZKzB0LXqer5lHHgfWAnlYwJaQBDKMjxjulNQzhwhY= +github.com/google/cel-go v0.17.7 h1:6ebJFzu1xO2n7TLtN+UBqShGBhlD85bhvglh5DpcfqQ= +github.com/google/cel-go v0.17.7/go.mod h1:HXZKzB0LXqer5lHHgfWAnlYwJaQBDKMjxjulNQzhwhY= github.com/google/gnostic-models v0.6.8 h1:yo/ABAfM5IMRsS1VnXjTBvUb61tFIHozhlYvRgGre9I= github.com/google/gnostic-models v0.6.8/go.mod h1:5n7qKqH0f5wFt+aWF8CW6pZLLNOfYuF5OpfBSENuI8U= github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.4.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= @@ -305,37 +230,20 @@ github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0= github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/goterm v0.0.0-20190703233501-fc88cf888a3f h1:5CjVwnuUcp5adK4gmY6i72gpVFVnZDP2h5TmPScB6u4= github.com/google/goterm v0.0.0-20190703233501-fc88cf888a3f/go.mod h1:nOFQdrUlIlx6M6ODdSpBj1NVA+VgLC6kmw60mkw34H4= -github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs= -github.com/google/martian/v3 v3.0.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0= -github.com/google/martian/v3 v3.1.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0= -github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= -github.com/google/pprof v0.0.0-20190515194954-54271f7e092f/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= -github.com/google/pprof v0.0.0-20191218002539-d4f498aebedc/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= -github.com/google/pprof v0.0.0-20200212024743-f11f1df84d12/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= -github.com/google/pprof v0.0.0-20200229191704-1ebb73c60ed3/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= -github.com/google/pprof v0.0.0-20200430221834-fc25d7d30c6d/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= -github.com/google/pprof v0.0.0-20200708004538-1a94d8640e99/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= -github.com/google/pprof v0.0.0-20201023163331-3e6fc7fc9c4c/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= -github.com/google/pprof v0.0.0-20201203190320-1bf35d6f28c2/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= -github.com/google/pprof v0.0.0-20201218002935-b9804c9f04c2/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1 h1:K6RDEckDVWvDI9JAJYCmNdQXq6neHJOYx3V6jnqNEec= github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= -github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= github.com/google/safetext v0.0.0-20220905092116-b49f7bc46da2 h1:SJ+NtwL6QaZ21U+IrK7d0gGgpjGGvd2kz+FzTHVzdqI= github.com/google/safetext v0.0.0-20220905092116-b49f7bc46da2/go.mod h1:Tv1PlzqC9t8wNnpPdctvtSUOPUUg4SHeE6vR1Ir2hmg= github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 h1:El6M4kTTCOh6aBiKaUGG7oYTSPP8MxqL4YI3kZKwcP4= github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510/go.mod h1:pupxD2MaaD3pAXIBCelhxNneeOaAeabZDe5s4K6zSpQ= github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg= -github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk= -github.com/googleapis/google-cloud-go-testing v0.0.0-20200911160855-bcd43fbb19e8/go.mod h1:dvDLG8qkwmyD9a/MJJN3XJcT3xFxOKAvTZGvuZmac9g= github.com/gorilla/css v1.0.1 h1:ntNaBIghp6JmvWnxbZKANoLyuXTPZ4cAMlo6RyhlbO8= github.com/gorilla/css v1.0.1/go.mod h1:BvnYkspnSzMmwRK+b8/xgNPLiIuNZr6vbZBTPQ2A3b0= -github.com/gorilla/websocket v1.4.2 h1:+/TMaTYc4QFitKJxsQ7Yye35DkWvkdLcvGKqM+x0Ufc= github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= +github.com/gorilla/websocket v1.5.0 h1:PPwGk2jz7EePpoHN/+ClbZu8SPxiqlu12wZP/3sWmnc= +github.com/gorilla/websocket v1.5.0/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= github.com/gregjones/httpcache v0.0.0-20190212212710-3befbb6ad0cc h1:f8eY6cV/x1x+HLjOp4r72s/31/V2aTUtg5oKRRPf8/Q= github.com/gregjones/httpcache v0.0.0-20190212212710-3befbb6ad0cc/go.mod h1:FecbI9+v66THATjSRHfNgh1IVFe/9kFxbXtjV0ctIMA= github.com/grpc-ecosystem/go-grpc-middleware v1.3.0 h1:+9834+KizmvFV7pXQGSXQTsaWhq2GjuNUt0aUU0YBYw= @@ -348,15 +256,12 @@ github.com/grpc-ecosystem/grpc-gateway/v2 v2.16.0 h1:YBftPWNWd4WwGqtY2yeZL2ef8rH github.com/grpc-ecosystem/grpc-gateway/v2 v2.16.0/go.mod h1:YN5jB8ie0yfIUg6VvR9Kz84aCaG7AsGZnLjhHbUqwPg= github.com/hashicorp/go-version v1.6.0 h1:feTTfFNnjP967rlCxM/I9g701jU+RN74YKx2mOkIeek= github.com/hashicorp/go-version v1.6.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= -github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= -github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4= github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= github.com/huandu/xstrings v1.3.3/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq4ovT0aE= github.com/huandu/xstrings v1.4.0 h1:D17IlohoQq4UcpqD7fDk80P7l+lwAmlFaBHgOipl2FU= github.com/huandu/xstrings v1.4.0/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq4ovT0aE= -github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/imdario/mergo v0.3.11/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= github.com/imdario/mergo v0.3.12/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= @@ -396,11 +301,8 @@ github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8Hm github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y= github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM= github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= -github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU= -github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk= github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= -github.com/kr/fs v0.1.0/go.mod h1:FFnZGqtBN9Gxj7eW1uZ42v5BccTP0vu6NEaFoC2HwRg= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= @@ -468,13 +370,13 @@ github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108 github.com/onsi/ginkgo v1.16.2/go.mod h1:CObGmKUOKaSC0RjmoAK7tKyn4Azo5P2IWuoMnvwxz1E= github.com/onsi/ginkgo v1.16.5 h1:8xi0RTUf59SOSfEtZMvwTvXYMzG4gV23XVHOZiXNtnE= github.com/onsi/ginkgo v1.16.5/go.mod h1:+E8gABHa3K6zRBolWtd+ROzc/U5bkGt0FwiG042wbpU= -github.com/onsi/ginkgo/v2 v2.13.1 h1:LNGfMbR2OVGBfXjvRZIZ2YCTQdGKtPLvuI1rMCCj3OU= -github.com/onsi/ginkgo/v2 v2.13.1/go.mod h1:XStQ8QcGwLyF4HdfcZB8SFOS/MWCgDuXMSBe6zrvLgM= +github.com/onsi/ginkgo/v2 v2.17.1 h1:V++EzdbhI4ZV4ev0UTIj0PzhzOcReJFyJaLjtSF55M8= +github.com/onsi/ginkgo/v2 v2.17.1/go.mod h1:llBI3WDLL9Z6taip6f33H76YcWtJv+7R3HigUjbIBOs= github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY= github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo= github.com/onsi/gomega v1.12.0/go.mod h1:lRk9szgn8TxENtWd0Tp4c3wjlRfMTMH27I+3Je41yGY= -github.com/onsi/gomega v1.30.0 h1:hvMK7xYz4D3HapigLTeGdId/NcfQx1VHMJc60ew99+8= -github.com/onsi/gomega v1.30.0/go.mod h1:9sxs+SwGrKI0+PWe4Fxa9tFQQBG5xSsSbMXOI8PPpoQ= +github.com/onsi/gomega v1.32.0 h1:JRYU78fJ1LPxlckP6Txi/EYqJvjtMrDC04/MM5XRHPk= +github.com/onsi/gomega v1.32.0/go.mod h1:a4x4gW6Pz2yK1MAmvluYme5lvYTn61afQ2ETw/8n4Lg= github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U= github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM= github.com/opencontainers/image-spec v1.1.0-rc2.0.20221005185240-3a7f492d3f1b h1:YWuSjZCQAPM8UUBLkYUk1e+rZcvWHJmFb6i6rM44Xs8= @@ -495,7 +397,6 @@ github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= -github.com/pkg/sftp v1.13.1/go.mod h1:3HaPG6Dq1ILlpPZRO0HVMrsydcdLt6HRDccSgb87qRg= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U= github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= @@ -511,13 +412,12 @@ github.com/prometheus/procfs v0.13.0/go.mod h1:cd4PFCR54QLnGKPaKGA6l+cfuNXtht43Z github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= github.com/rivo/uniseg v0.4.2 h1:YwD0ulJSJytLpiaWua0sBDusfsCZohxjxzVTYjwxfV8= github.com/rivo/uniseg v0.4.2/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88= -github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ= github.com/rogpeppe/go-internal v1.10.0/go.mod h1:UQnix2H7Ngw/k4C5ijL5+65zddjncjaFoBhdsK/akog= github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= -github.com/sagikazarmark/locafero v0.3.0 h1:zT7VEGWC2DTflmccN/5T1etyKvxSxpHsjb9cJvm4SvQ= -github.com/sagikazarmark/locafero v0.3.0/go.mod h1:w+v7UsPNFwzF1cHuOajOOzoq4U7v/ig1mpRjqV+Bu1U= +github.com/sagikazarmark/locafero v0.4.0 h1:HApY1R9zGo4DBgr7dqsTH/JJxLTTsOt7u6keLGt6kNQ= +github.com/sagikazarmark/locafero v0.4.0/go.mod h1:Pe1W6UlPYUk/+wc/6KFhbORCfqzgYEpgQ3O5fPuL3H4= github.com/sagikazarmark/slog-shim v0.1.0 h1:diDBnUNK9N/354PgrxMywXnAwEr1QZcOr6gto+ugjYE= github.com/sagikazarmark/slog-shim v0.1.0/go.mod h1:SrcSrq8aKtyuqEI1uvTDTK1arOWRIczQRv+GVI1AkeQ= github.com/sanathkr/go-yaml v0.0.0-20170819195128-ed9d249f429b h1:jUK33OXuZP/l6babJtnLo1qsGvq6G9so9KMflGAm4YA= @@ -538,19 +438,19 @@ github.com/soheilhy/cmux v0.1.5 h1:jjzc5WVemNEDTLwv9tlmemhC73tI08BNOIGwBOo10Js= github.com/soheilhy/cmux v0.1.5/go.mod h1:T7TcVDs9LWfQgPlPsdngu6I6QIoyIFZDDC6sNE1GqG0= github.com/sourcegraph/conc v0.3.0 h1:OQTbbt6P72L20UqAkXXuLOj79LfEanQ+YQFNpLA9ySo= github.com/sourcegraph/conc v0.3.0/go.mod h1:Sdozi7LEKbFPqYX2/J+iBAM6HpqSLTASQIKqDmF7Mt0= -github.com/spf13/afero v1.10.0 h1:EaGW2JJh15aKOejeuJ+wpFSHnbd7GE6Wvp3TsNhb6LY= -github.com/spf13/afero v1.10.0/go.mod h1:UBogFpq8E9Hx+xc5CNTTEpTnuHVmXDwZcZcE1eb/UhQ= +github.com/spf13/afero v1.11.0 h1:WJQKhtpdm3v2IzqG8VMqrr6Rf3UYpEF239Jy9wNepM8= +github.com/spf13/afero v1.11.0/go.mod h1:GH9Y3pIexgf1MTIWtNGyogA5MwRIDXGUr+hbWNoBjkY= github.com/spf13/cast v1.3.1/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= -github.com/spf13/cast v1.5.1 h1:R+kOtfhWQE6TVQzY+4D7wJLBgkdVasCEFxSUBYBYIlA= -github.com/spf13/cast v1.5.1/go.mod h1:b9PdjNptOpzXr7Rq1q9gJML/2cdGQAo69NKzQ10KN48= +github.com/spf13/cast v1.6.0 h1:GEiTHELF+vaR5dhz3VqZfFSzZjYbgeKDpBxQVS4GYJ0= +github.com/spf13/cast v1.6.0/go.mod h1:ancEpBxwJDODSW/UG4rDrAqiKolqNNh2DX3mk86cAdo= github.com/spf13/cobra v1.4.0/go.mod h1:Wo4iy3BUC+X2Fybo0PDqwJIv3dNRiZLHQymsfxlB84g= github.com/spf13/cobra v1.8.0 h1:7aJaZx1B85qltLMc546zn58BxxfZdR/W22ej9CFoEf0= github.com/spf13/cobra v1.8.0/go.mod h1:WXLWApfZ71AjXPya3WOlMsY9yMs7YeiHhFVlvLyhcho= github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/spf13/pflag v1.0.6-0.20210604193023-d5e0c0615ace h1:9PNP1jnUjRhfmGMlkXHjYPishpcw4jpSt/V/xYY3FMA= github.com/spf13/pflag v1.0.6-0.20210604193023-d5e0c0615ace/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= -github.com/spf13/viper v1.17.0 h1:I5txKw7MJasPL/BrfkbA0Jyo/oELqVmux4pR/UxOMfI= -github.com/spf13/viper v1.17.0/go.mod h1:BmMMMLQXSbcHK6KAOiFLz0l5JHrU89OdIRHvsk0+yVI= +github.com/spf13/viper v1.18.2 h1:LUXCnvUvSM6FXAsj6nnfc8Q2tp1dIgUfY9Kc8GsSOiQ= +github.com/spf13/viper v1.18.2/go.mod h1:EKmWIqdnk5lOcmR72yw6hS+8OPYcwD0jteitLMVB+yk= github.com/stoewer/go-strcase v1.2.0 h1:Z2iHWqGXH00XYgqDmNgQbIBxf3wrNq0F3feEy0ainaU= github.com/stoewer/go-strcase v1.2.0/go.mod h1:IBiWB2sKIp3wVVQ3Y035++gc+knqhUQag1KpM8ahLw8= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= @@ -585,9 +485,7 @@ github.com/xiang90/probing v0.0.0-20190116061207-43a291ad63a2 h1:eY9dn8+vbi4tKz5 github.com/xiang90/probing v0.0.0-20190116061207-43a291ad63a2/go.mod h1:UETIi67q53MR2AWcXfiuqkDkRtnGDLqkBTpCHuJHxtU= github.com/xlab/treeprint v1.2.0 h1:HzHnuAF1plUN2zGlAFHbSQP2qJ0ZAD3XF5XD7OesXRQ= github.com/xlab/treeprint v1.2.0/go.mod h1:gj5Gd3gPdKtR1ikdDK6fnFLdmIS0X30kTTuNd/WEJu0= -github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= @@ -596,171 +494,94 @@ github.com/zgalor/weberr v0.6.0/go.mod h1:cqK89mj84q3PRgqQXQFWJDzCorOd8xOtov/ulO github.com/ziutek/telnet v0.0.0-20180329124119-c3b780dc415b/go.mod h1:IZpXDfkJ6tWD3PhBK5YzgQT+xJWh7OsdwiG8hA2MkO4= gitlab.com/c0b/go-ordered-json v0.0.0-20171130231205-49bbdab258c2 h1:M+r1hdmjZc4L4SCn0ZIq/5YQIRxprV+kOf7n7f04l5o= gitlab.com/c0b/go-ordered-json v0.0.0-20171130231205-49bbdab258c2/go.mod h1:NREvu3a57BaK0R1+ztrEzHWiZAihohNLQ6trPxlIqZI= -go.etcd.io/bbolt v1.3.7 h1:j+zJOnnEjF/kyHlDDgGnVL/AIqIJPq8UoB2GSNfkUfQ= -go.etcd.io/bbolt v1.3.7/go.mod h1:N9Mkw9X8x5fupy0IKsmuqVtoGDyxsaDlbk4Rd05IAQw= -go.etcd.io/etcd/api/v3 v3.5.10 h1:szRajuUUbLyppkhs9K6BRtjY37l66XQQmw7oZRANE4k= -go.etcd.io/etcd/api/v3 v3.5.10/go.mod h1:TidfmT4Uycad3NM/o25fG3J07odo4GBB9hoxaodFCtI= -go.etcd.io/etcd/client/pkg/v3 v3.5.10 h1:kfYIdQftBnbAq8pUWFXfpuuxFSKzlmM5cSn76JByiT0= -go.etcd.io/etcd/client/pkg/v3 v3.5.10/go.mod h1:DYivfIviIuQ8+/lCq4vcxuseg2P2XbHygkKwFo9fc8U= -go.etcd.io/etcd/client/v2 v2.305.9 h1:YZ2OLi0OvR0H75AcgSUajjd5uqKDKocQUqROTG11jIo= -go.etcd.io/etcd/client/v2 v2.305.9/go.mod h1:0NBdNx9wbxtEQLwAQtrDHwx58m02vXpDcgSYI2seohQ= -go.etcd.io/etcd/client/v3 v3.5.10 h1:W9TXNZ+oB3MCd/8UjxHTWK5J9Nquw9fQBLJd5ne5/Ao= -go.etcd.io/etcd/client/v3 v3.5.10/go.mod h1:RVeBnDz2PUEZqTpgqwAtUd8nAPf5kjyFyND7P1VkOKc= -go.etcd.io/etcd/pkg/v3 v3.5.9 h1:6R2jg/aWd/zB9+9JxmijDKStGJAPFsX3e6BeJkMi6eQ= -go.etcd.io/etcd/pkg/v3 v3.5.9/go.mod h1:BZl0SAShQFk0IpLWR78T/+pyt8AruMHhTNNX73hkNVY= -go.etcd.io/etcd/raft/v3 v3.5.9 h1:ZZ1GIHoUlHsn0QVqiRysAm3/81Xx7+i2d7nSdWxlOiI= -go.etcd.io/etcd/raft/v3 v3.5.9/go.mod h1:WnFkqzFdZua4LVlVXQEGhmooLeyS7mqzS4Pf4BCVqXg= -go.etcd.io/etcd/server/v3 v3.5.9 h1:vomEmmxeztLtS5OEH7d0hBAg4cjVIu9wXuNzUZx2ZA0= -go.etcd.io/etcd/server/v3 v3.5.9/go.mod h1:GgI1fQClQCFIzuVjlvdbMxNbnISt90gdfYyqiAIt65g= -go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= -go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8= -go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= -go.opencensus.io v0.22.3/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= -go.opencensus.io v0.22.4/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= -go.opencensus.io v0.22.5/go.mod h1:5pWMHQbX5EPX2/62yrJeAkowc+lfs/XD7Uxpq3pI6kk= +go.etcd.io/bbolt v1.3.8 h1:xs88BrvEv273UsB79e0hcVrlUWmS0a8upikMFhSyAtA= +go.etcd.io/bbolt v1.3.8/go.mod h1:N9Mkw9X8x5fupy0IKsmuqVtoGDyxsaDlbk4Rd05IAQw= +go.etcd.io/etcd/api/v3 v3.5.13 h1:8WXU2/NBge6AUF1K1gOexB6e07NgsN1hXK0rSTtgSp4= +go.etcd.io/etcd/api/v3 v3.5.13/go.mod h1:gBqlqkcMMZMVTMm4NDZloEVJzxQOQIls8splbqBDa0c= +go.etcd.io/etcd/client/pkg/v3 v3.5.13 h1:RVZSAnWWWiI5IrYAXjQorajncORbS0zI48LQlE2kQWg= +go.etcd.io/etcd/client/pkg/v3 v3.5.13/go.mod h1:XxHT4u1qU12E2+po+UVPrEeL94Um6zL58ppuJWXSAB8= +go.etcd.io/etcd/client/v2 v2.305.10 h1:MrmRktzv/XF8CvtQt+P6wLUlURaNpSDJHFZhe//2QE4= +go.etcd.io/etcd/client/v2 v2.305.10/go.mod h1:m3CKZi69HzilhVqtPDcjhSGp+kA1OmbNn0qamH80xjA= +go.etcd.io/etcd/client/v3 v3.5.13 h1:o0fHTNJLeO0MyVbc7I3fsCf6nrOqn5d+diSarKnB2js= +go.etcd.io/etcd/client/v3 v3.5.13/go.mod h1:cqiAeY8b5DEEcpxvgWKsbLIWNM/8Wy2xJSDMtioMcoI= +go.etcd.io/etcd/pkg/v3 v3.5.10 h1:WPR8K0e9kWl1gAhB5A7gEa5ZBTNkT9NdNWrR8Qpo1CM= +go.etcd.io/etcd/pkg/v3 v3.5.10/go.mod h1:TKTuCKKcF1zxmfKWDkfz5qqYaE3JncKKZPFf8c1nFUs= +go.etcd.io/etcd/raft/v3 v3.5.10 h1:cgNAYe7xrsrn/5kXMSaH8kM/Ky8mAdMqGOxyYwpP0LA= +go.etcd.io/etcd/raft/v3 v3.5.10/go.mod h1:odD6kr8XQXTy9oQnyMPBOr0TVe+gT0neQhElQ6jbGRc= +go.etcd.io/etcd/server/v3 v3.5.10 h1:4NOGyOwD5sUZ22PiWYKmfxqoeh72z6EhYjNosKGLmZg= +go.etcd.io/etcd/server/v3 v3.5.10/go.mod h1:gBplPHfs6YI0L+RpGkTQO7buDbHv5HJGG/Bst0/zIPo= go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.46.0 h1:PzIubN4/sjByhDRHLviCjJuweBXWFZWhghjg7cS28+M= go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.46.0/go.mod h1:Ct6zzQEuGK3WpJs2n4dn+wfJYzd/+hNnxMRTWjGn30M= go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.46.0 h1:1eHu3/pUSWaOgltNK3WJFaywKsTIr/PwvHyDmi0lQA0= go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.46.0/go.mod h1:HyABWq60Uy1kjJSa2BVOxUVao8Cdick5AWSKPutqy6U= -go.opentelemetry.io/otel v1.20.0 h1:vsb/ggIY+hUjD/zCAQHpzTmndPqv/ml2ArbsbfBYTAc= -go.opentelemetry.io/otel v1.20.0/go.mod h1:oUIGj3D77RwJdM6PPZImDpSZGDvkD9fhesHny69JFrs= -go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.20.0 h1:DeFD0VgTZ+Cj6hxravYYZE2W4GlneVH81iAOPjZkzk8= -go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.20.0/go.mod h1:GijYcYmNpX1KazD5JmWGsi4P7dDTTTnfv1UbGn84MnU= +go.opentelemetry.io/otel v1.22.0 h1:xS7Ku+7yTFvDfDraDIJVpw7XPyuHlB9MCiqqX5mcJ6Y= +go.opentelemetry.io/otel v1.22.0/go.mod h1:eoV4iAi3Ea8LkAEI9+GFT44O6T/D0GWAVFyZVCC6pMI= +go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.22.0 h1:9M3+rhx7kZCIQQhQRYaZCdNu1V73tm4TvXs2ntl98C4= +go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.22.0/go.mod h1:noq80iT8rrHP1SfybmPiRGc9dc5M8RPmGvtwo7Oo7tc= go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.20.0 h1:gvmNvqrPYovvyRmCSygkUDyL8lC5Tl845MLEwqpxhEU= go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.20.0/go.mod h1:vNUq47TGFioo+ffTSnKNdob241vePmtNZnAODKapKd0= -go.opentelemetry.io/otel/metric v1.20.0 h1:ZlrO8Hu9+GAhnepmRGhSU7/VkpjrNowxRN9GyKR4wzA= -go.opentelemetry.io/otel/metric v1.20.0/go.mod h1:90DRw3nfK4D7Sm/75yQ00gTJxtkBxX+wu6YaNymbpVM= -go.opentelemetry.io/otel/sdk v1.20.0 h1:5Jf6imeFZlZtKv9Qbo6qt2ZkmWtdWx/wzcCbNUlAWGM= -go.opentelemetry.io/otel/sdk v1.20.0/go.mod h1:rmkSx1cZCm/tn16iWDn1GQbLtsW/LvsdEEFzCSRM6V0= -go.opentelemetry.io/otel/trace v1.20.0 h1:+yxVAPZPbQhbC3OfAkeIVTky6iTFpcr4SiY9om7mXSQ= -go.opentelemetry.io/otel/trace v1.20.0/go.mod h1:HJSK7F/hA5RlzpZ0zKDCHCDHm556LCDtKaAo6JmBFUU= +go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.22.0 h1:FyjCyI9jVEfqhUh2MoSkmolPjfh5fp2hnV0b0irxH4Q= +go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.22.0/go.mod h1:hYwym2nDEeZfG/motx0p7L7J1N1vyzIThemQsb4g2qY= +go.opentelemetry.io/otel/metric v1.22.0 h1:lypMQnGyJYeuYPhOM/bgjbFM6WE44W1/T45er4d8Hhg= +go.opentelemetry.io/otel/metric v1.22.0/go.mod h1:evJGjVpZv0mQ5QBRJoBF64yMuOf4xCWdXjK8pzFvliY= +go.opentelemetry.io/otel/sdk v1.22.0 h1:6coWHw9xw7EfClIC/+O31R8IY3/+EiRFHevmHafB2Gw= +go.opentelemetry.io/otel/sdk v1.22.0/go.mod h1:iu7luyVGYovrRpe2fmj3CVKouQNdTOkxtLzPvPz1DOc= +go.opentelemetry.io/otel/trace v1.22.0 h1:Hg6pPujv0XG9QaVbGOBVHunyuLcCC3jN7WEhPx83XD0= +go.opentelemetry.io/otel/trace v1.22.0/go.mod h1:RbbHXVqKES9QhzZq/fE5UnOSILqRt40a21sPw2He1xo= go.opentelemetry.io/proto/otlp v1.0.0 h1:T0TX0tmXU8a3CbNXzEKGeU5mIVOdf0oykP+u2lIVU/I= go.opentelemetry.io/proto/otlp v1.0.0/go.mod h1:Sy6pihPLfYHkr3NkUbEhGHFhINUSI/v80hjKIs5JXpM= go.starlark.net v0.0.0-20230525235612-a134d8f9ddca h1:VdD38733bfYv5tUZwEIskMM93VanwNIi5bIKnDrJdEY= go.starlark.net v0.0.0-20230525235612-a134d8f9ddca/go.mod h1:jxU+3+j+71eXOW14274+SmmuW82qJzl6iZSeqEtTGds= -go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= -go.uber.org/goleak v1.1.11/go.mod h1:cwTWslyiVhfpKIDGSZEM2HlOvcqm+tG4zioyIeLoqMQ= go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto= go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE= -go.uber.org/multierr v1.6.0/go.mod h1:cdWPpRnG4AhwMwsgIHip0KRBQjJy5kYEpYjJxpXp9iU= go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0= go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y= -go.uber.org/zap v1.24.0/go.mod h1:2kMP+WWQ8aoFoedH3T2sq6iJ2yDWpHbP0f6MQbS9Gkg= -go.uber.org/zap v1.25.0 h1:4Hvk6GtkucQ790dqmj7l1eEnRdKm3k3ZUrUMS2d5+5c= -go.uber.org/zap v1.25.0/go.mod h1:JIAUzQIH94IC4fOJQm7gMmBJP5k7wQfdcnYdPoEXJYk= +go.uber.org/zap v1.26.0 h1:sI7k6L95XOKS281NhVKOFCUNIvv9e0w4BF8N3u+tCRo= +go.uber.org/zap v1.26.0/go.mod h1:dtElttAiwGvoJ/vj4IwHBS/gXsEu/pZ50mUIRWuG0so= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20200728195943-123391ffb6de/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= -golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.3.0/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4= golang.org/x/crypto v0.22.0 h1:g1v0xeRhjcugydODzvb3mEM9SQ0HGp9s/nh3COQ/C30= golang.org/x/crypto v0.22.0/go.mod h1:vr6Su+7cTlO45qkww3VDJlzDn0ctJvRgYbC2NvXHt+M= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= -golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= -golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= -golang.org/x/exp v0.0.0-20190829153037-c13cbed26979/go.mod h1:86+5VVa7VpoJ4kLfm080zCjGlMRFzhUhsZKEZO7MGek= -golang.org/x/exp v0.0.0-20191030013958-a1ab85dbe136/go.mod h1:JXzH8nQsPlswgeRAPE3MuO9GYsAcnJvJ4vnMwN/5qkY= -golang.org/x/exp v0.0.0-20191129062945-2f5052295587/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= -golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= -golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= -golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM= -golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU= golang.org/x/exp v0.0.0-20230905200255-921286631fa9 h1:GoHiUyI/Tp2nVkLI2mCxVkOjsbSXD66ic0XW0js0R9g= golang.org/x/exp v0.0.0-20230905200255-921286631fa9/go.mod h1:S2oDrQGGwySpoQPVqRShND87VCbxmc6bL1Yd2oYrm6k= -golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js= -golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= -golang.org/x/lint v0.0.0-20190301231843-5614ed5bae6f/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= -golang.org/x/lint v0.0.0-20190409202823-959b441ac422/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= -golang.org/x/lint v0.0.0-20190909230951-414d861bb4ac/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= -golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= -golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f/go.mod h1:5qLYkcX4OjUUV8bRuDixDT3tpyyb+LUpUlRWLxfhWrs= -golang.org/x/lint v0.0.0-20200130185559-910be7a94367/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= -golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= -golang.org/x/lint v0.0.0-20201208152925-83fdc39ff7b5/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= -golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU15maQ/Ox0txvL9dWGYEHz965HBQE= -golang.org/x/mobile v0.0.0-20190719004257-d2bd2a29d028/go.mod h1:E/iHnbuqvinMTCcRqshq8CkpyQDoeVncDDYHnLhea+o= -golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKGUJ2LatrhH/nqhxcFungHvyanc= -golang.org/x/mod v0.1.0/go.mod h1:0QHyrYULN0/3qlju5TqG8bIK38QM8yzMo5ekMj3DlcY= -golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= -golang.org/x/mod v0.1.1-0.20191107180719-034126e5016b/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.4.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.4.1/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= -golang.org/x/mod v0.13.0 h1:I/DsJXRlw/8l/0c24sM9yb0T4z9liZTduXvdAWYiysY= -golang.org/x/mod v0.13.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190501004415-9ce7a6920f09/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190503192946-f4e77d36d62c/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20190628185345-da137c7871d7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20190724013045-ca1201d0de80/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20191209160850-c0dbc17a3553/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200114155413-6afb5195e5aa/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200222125558-5a598a2470a0/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200301022130-244492dfa37a/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200324143707-d3edc9973b7e/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= -golang.org/x/net v0.0.0-20200501053045-e0ff5e5a1de5/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= -golang.org/x/net v0.0.0-20200506145744-7e3656a0809f/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= -golang.org/x/net v0.0.0-20200513185701-a91f0712d120/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= -golang.org/x/net v0.0.0-20200520182314-0ba52f642ac2/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= -golang.org/x/net v0.0.0-20200625001655-4c5254603344/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= -golang.org/x/net v0.0.0-20200707034311-ab3426394381/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= -golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= -golang.org/x/net v0.0.0-20201031054903-ff519b6c9102/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= -golang.org/x/net v0.0.0-20201209123823-ac852fbbde11/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= -golang.org/x/net v0.0.0-20201224014010-6772e930b67b/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= golang.org/x/net v0.0.0-20210428140749-89ef3d95e781/go.mod h1:OJAsFXCWl8Ukc7SiCT/9KSuxbyM7479/AVlXFRxuMCk= -golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= golang.org/x/net v0.1.0/go.mod h1:Cx3nUiGt4eDBEyega/BKRp+/AlGL8hYe7U9odMt2Cco= golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY= golang.org/x/net v0.24.0 h1:1PcaxkF854Fu3+lvBIx5SYn9wRlBzzcnHZSiaFFAb0w= golang.org/x/net v0.24.0/go.mod h1:2Q7sJY5mzlzWjKtYUEXSlBWCdyaioyXzRB2RtU8KVE8= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= -golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= -golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= -golang.org/x/oauth2 v0.0.0-20191202225959-858c2ad4c8b6/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= -golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= -golang.org/x/oauth2 v0.0.0-20200902213428-5d25da1a8d43/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20201109201403-9fd604954f58/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20201208152858-08078c50e5b5/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20210218202405-ba52d332ba99/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.19.0 h1:9+E/EZBCbTLNrbN35fHv/a/d/mOBatymz1zbtQrXpIg= golang.org/x/oauth2 v0.19.0/go.mod h1:vYi7skDa1x015PmRRYZ7+s1cWyPgrPiSYRe4rnsexc8= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.6.0 h1:5BMeUDZ7vkXGfEr1x9B4bRcTH4lpkTkpdh0T/J+qjbQ= @@ -769,45 +590,19 @@ golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5h golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190502145724-3ef323f4f1fd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190507160741-ecd444e8653b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190606165138-5da285871e9c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190624142023-c5567b49c5d0/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190726091711-fc99dfbffb4e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190904154756-749cb33beabd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191001151750-bb3f8db39f24/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191005200804-aed5e4c7ecf9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191120155948-bd437916bb0e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191228213918-04cbcbbfeed8/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200113162924-86b910548bc1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200122134326-e047566fdf82/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200202164722-d101bd2416d5/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200212091648-12a6c2dcc1e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200302150141-5c8b2ff67527/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200331124033-c3d80250170d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200501052902-10377860bb8e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200511232937-7e40ca221e25/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200515095857-1151b9dac4a9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200523222454-059865788121/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200803210538-64077c9b5642/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200905004654-be1d3432aa8f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20201201145000-ef89a241ccb3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210104204734-6f8348627aad/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210112080510-489259a85091/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210119212857-b64e53b001e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210225134936-a50acf3fe073/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210423185535-09eb48e85fd7/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210616094352-59db8d763f22/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= @@ -818,7 +613,6 @@ golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= @@ -831,169 +625,52 @@ golang.org/x/term v0.1.0/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc= golang.org/x/term v0.19.0 h1:+ThwsDv+tYfnJFhF4L8jITxu1tdTWRTZpdsWgEgjL6Q= golang.org/x/term v0.19.0/go.mod h1:2CuTdWZ7KHSQwUzKva0cbMg6q2DMI3Mmxp+gKJbskEk= -golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= -golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4= -golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.5.0 h1:o7cqy6amK/52YcAKIPlM3a+Fpj35zvRj2TP+e1xFSfk= +golang.org/x/time v0.5.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/tools v0.0.0-20190312151545-0bb0c0a6e846/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/tools v0.0.0-20190312170243-e65039ee4138/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/tools v0.0.0-20190425150028-36563e24a262/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= -golang.org/x/tools v0.0.0-20190506145303-2d16b83fe98c/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= -golang.org/x/tools v0.0.0-20190606124116-d0a3d012864b/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= -golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= -golang.org/x/tools v0.0.0-20190628153133-6cdbf07be9d0/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= -golang.org/x/tools v0.0.0-20190816200558-6889da9d5479/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20190911174233-4f2ddba30aff/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191012152004-8de300cfc20a/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191113191852-77e3bb0ad9e7/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191115202509-3a792d9c32b2/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191125144606-a911d9008d1f/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191130070609-6e064ea0cf2d/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191216173652-a0e659d51361/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20191227053925-7b8e75db28f4/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200117161641-43d50277825c/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200122220014-bf1340f18c4a/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200204074204-1cc6d1ef6c74/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200207183749-b753a1ba74fa/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200212150539-ea181f53ac56/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200224181240-023911ca70b2/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200227222343-706bc42d1f0d/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200304193943-95d2e580d8eb/go.mod h1:o4KQGtdN14AW+yjsvvwRTJJuXz8XRtIHtEnmAXLyFUw= -golang.org/x/tools v0.0.0-20200312045724-11d5b4c81c7d/go.mod h1:o4KQGtdN14AW+yjsvvwRTJJuXz8XRtIHtEnmAXLyFUw= -golang.org/x/tools v0.0.0-20200331025713-a30bf2db82d4/go.mod h1:Sl4aGygMT6LrqrWclx+PTx3U+LnKx/seiNR+3G19Ar8= -golang.org/x/tools v0.0.0-20200501065659-ab2804fb9c9d/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= -golang.org/x/tools v0.0.0-20200512131952-2bc93b1c0c88/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= -golang.org/x/tools v0.0.0-20200515010526-7d3b6ebf133d/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= -golang.org/x/tools v0.0.0-20200618134242-20370b0cb4b2/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= -golang.org/x/tools v0.0.0-20200729194436-6467de6f59a7/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= -golang.org/x/tools v0.0.0-20200804011535-6c149bb5ef0d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= -golang.org/x/tools v0.0.0-20200825202427-b303f430e36d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= -golang.org/x/tools v0.0.0-20200904185747-39188db58858/go.mod h1:Cj7w3i3Rnn0Xh82ur9kSqwfTHTeVxaDqrfMjpcNT6bE= -golang.org/x/tools v0.0.0-20201110124207-079ba7bd75cd/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.0.0-20201201161351-ac6f37ff4c2a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.0.0-20201208233053-a543418bbed2/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.0.0-20201224043029-2b0845dc783e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.0.0-20210105154028-b0ab187a4818/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.0.0-20210108195828-e2f9c7f1fc8e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.1.0/go.mod h1:xkSsbof2nBLbhDlRMhhhyNLN/zl3eTqcnHD5viDpcZ0= golang.org/x/tools v0.1.1/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= -golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= -golang.org/x/tools v0.14.0 h1:jvNa2pY0M4r62jkRQ6RwEZZyPcymeL9XZMLBbV7U2nc= -golang.org/x/tools v0.14.0/go.mod h1:uYBEerGOWcJyEORxN+Ek8+TT266gXkNlHdJBwexUsBg= +golang.org/x/tools v0.17.0 h1:FvmRgNOcs3kOa+T20R1uhfP9F6HgG2mfxDv1vrx1Htc= +golang.org/x/tools v0.17.0/go.mod h1:xsh6VxdV005rRVaS6SSAf9oiAqljS7UZUacMZ8Bnsps= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= gomodules.xyz/jsonpatch/v2 v2.4.0 h1:Ci3iUJyx9UeRx7CeFN8ARgGbkESwJK+KB9lLcWxY/Zw= gomodules.xyz/jsonpatch/v2 v2.4.0/go.mod h1:AH3dM2RI6uoBZxn3LVrfvJ3E0/9dG4cSrbuBJT4moAY= -google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE= -google.golang.org/api v0.7.0/go.mod h1:WtwebWUNSVBH/HAw79HIFXZNqEvBhG+Ra+ax0hx3E3M= -google.golang.org/api v0.8.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg= -google.golang.org/api v0.9.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg= -google.golang.org/api v0.13.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= -google.golang.org/api v0.14.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= -google.golang.org/api v0.15.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= -google.golang.org/api v0.17.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= -google.golang.org/api v0.18.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= -google.golang.org/api v0.19.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= -google.golang.org/api v0.20.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= -google.golang.org/api v0.22.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= -google.golang.org/api v0.24.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0MncE= -google.golang.org/api v0.28.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0MncE= -google.golang.org/api v0.29.0/go.mod h1:Lcubydp8VUV7KeIHD9z2Bys/sm/vGKnG1UHuDBSrHWM= -google.golang.org/api v0.30.0/go.mod h1:QGmEvQ87FHZNiUVJkT14jQNYJ4ZJjdRF23ZXz5138Fc= -google.golang.org/api v0.35.0/go.mod h1:/XrVsuzM0rZmrsbjJutiuftIzeuTQcEeaYcSk/mQ1dg= -google.golang.org/api v0.36.0/go.mod h1:+z5ficQTmoYpPn8LCUNVpK5I7hwkpjbcgqA7I34qYtE= -google.golang.org/api v0.40.0/go.mod h1:fYKFpnQN0DsDSKRVRcQSDQNtqWPfM9i+zNPxepjRCQ8= google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= -google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= -google.golang.org/appengine v1.6.1/go.mod h1:i06prIuMbXzDqacNJfV5OdTW448YApPu5ww/cMBSeb0= -google.golang.org/appengine v1.6.5/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= -google.golang.org/appengine v1.6.6/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= -google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= -google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= -google.golang.org/genproto v0.0.0-20190418145605-e7d98fc518a7/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= -google.golang.org/genproto v0.0.0-20190425155659-357c62f0e4bb/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= -google.golang.org/genproto v0.0.0-20190502173448-54afdca5d873/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= -google.golang.org/genproto v0.0.0-20190801165951-fa694d86fc64/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= -google.golang.org/genproto v0.0.0-20190911173649-1774047e7e51/go.mod h1:IbNlFCBrqXvoKpeg0TB2l7cyZUmoaFKYIwrEpbDKLA8= -google.golang.org/genproto v0.0.0-20191108220845-16a3f7862a1a/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= -google.golang.org/genproto v0.0.0-20191115194625-c23dd37a84c9/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= -google.golang.org/genproto v0.0.0-20191216164720-4f79533eabd1/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= -google.golang.org/genproto v0.0.0-20191230161307-f3c370f40bfb/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= -google.golang.org/genproto v0.0.0-20200115191322-ca5a22157cba/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= -google.golang.org/genproto v0.0.0-20200122232147-0452cf42e150/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= -google.golang.org/genproto v0.0.0-20200204135345-fa8e72b47b90/go.mod h1:GmwEX6Z4W5gMy59cAlVYjN9JhxgbQH6Gn+gFDQe2lzA= -google.golang.org/genproto v0.0.0-20200212174721-66ed5ce911ce/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200224152610-e50cd9704f63/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200228133532-8c2c7df3a383/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200305110556-506484158171/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200312145019-da6875a35672/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200331122359-1ee6d9798940/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200430143042-b979b6f78d84/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200511104702-f5ebc3bea380/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200515170657-fc4c6c6a6587/go.mod h1:YsZOwe1myG/8QRHRsmBRE1LrgQY60beZKjly0O1fX9U= google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo= -google.golang.org/genproto v0.0.0-20200618031413-b414f8b61790/go.mod h1:jDfRM7FcilCzHH/e9qn6dsT145K34l5v+OpcnNgKAAA= -google.golang.org/genproto v0.0.0-20200729003335-053ba62fc06f/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20200804131852-c06518451d9c/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20200825200019-8632dd797987/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20200904004341-0bd0a958aa1d/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20201109203340-2640f1f9cdfb/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20201201144952-b05cb90ed32e/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20201210142538-e3217bee35cc/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20201214200347-8c77b98c765d/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20210108203827-ffc7fda8c3d7/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20210226172003-ab064af71705/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20230913181813-007df8e322eb h1:XFBgcDwm7irdHTbz4Zk2h7Mh+eis4nfJEFQFYzJzuIA= -google.golang.org/genproto v0.0.0-20230913181813-007df8e322eb/go.mod h1:yZTlhN0tQnXo3h00fuXNCxJdLdIdnVFVBaRJ5LWBbw4= -google.golang.org/genproto/googleapis/api v0.0.0-20230913181813-007df8e322eb h1:lK0oleSc7IQsUxO3U5TjL9DWlsxpEBemh+zpB7IqhWI= -google.golang.org/genproto/googleapis/api v0.0.0-20230913181813-007df8e322eb/go.mod h1:KjSP20unUpOx5kyQUFa7k4OJg0qeJ7DEZflGDu2p6Bk= -google.golang.org/genproto/googleapis/rpc v0.0.0-20230920204549-e6e6cdab5c13 h1:N3bU/SQDCDyD6R528GJ/PwW9KjYcJA3dgyH+MovAkIM= -google.golang.org/genproto/googleapis/rpc v0.0.0-20230920204549-e6e6cdab5c13/go.mod h1:KSqppvjFjtoCI+KGd4PELB0qLNxdJHRGqRI09mB6pQA= +google.golang.org/genproto v0.0.0-20231106174013-bbf56f31fb17 h1:wpZ8pe2x1Q3f2KyT5f8oP/fa9rHAKgFPr/HZdNuS+PQ= +google.golang.org/genproto v0.0.0-20231106174013-bbf56f31fb17/go.mod h1:J7XzRzVy1+IPwWHZUzoD0IccYZIrXILAQpc+Qy9CMhY= +google.golang.org/genproto/googleapis/api v0.0.0-20231106174013-bbf56f31fb17 h1:JpwMPBpFN3uKhdaekDpiNlImDdkUAyiJ6ez/uxGaUSo= +google.golang.org/genproto/googleapis/api v0.0.0-20231106174013-bbf56f31fb17/go.mod h1:0xJLfVdJqpAPl8tDg1ujOCGzx6LFLttXT5NhllGOXY4= +google.golang.org/genproto/googleapis/rpc v0.0.0-20231120223509-83a465c0220f h1:ultW7fxlIvee4HYrtnaRPon9HpEgFk5zYpmfMgtKB5I= +google.golang.org/genproto/googleapis/rpc v0.0.0-20231120223509-83a465c0220f/go.mod h1:L9KNLi232K1/xB6f7AlSX692koaRnKaWSR0stBki0Yc= google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= -google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38= -google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM= google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY= -google.golang.org/grpc v1.26.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= -google.golang.org/grpc v1.27.1/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= -google.golang.org/grpc v1.28.0/go.mod h1:rpkK4SK4GF4Ach/+MFLZUBavHOvF2JJB5uozKKal+60= -google.golang.org/grpc v1.29.1/go.mod h1:itym6AZVZYACWQqET3MqgPpjcuV5QH3BxFS3IjizoKk= -google.golang.org/grpc v1.30.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= google.golang.org/grpc v1.31.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= -google.golang.org/grpc v1.31.1/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= -google.golang.org/grpc v1.33.2/go.mod h1:JMHMWHQWaTccqQQlmk3MJZS+GWXOdAesneDmEnv2fbc= -google.golang.org/grpc v1.34.0/go.mod h1:WotjhfgOW/POjDeRt8vscBtXq+2VjORFy659qA51WJ8= -google.golang.org/grpc v1.35.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= -google.golang.org/grpc v1.59.0 h1:Z5Iec2pjwb+LEOqzpB2MR12/eKFhDPhuqW91O+4bwUk= -google.golang.org/grpc v1.59.0/go.mod h1:aUPDwccQo6OTjy7Hct4AfBPD1GptF4fyUjIkQ9YtF98= +google.golang.org/grpc v1.60.1 h1:26+wFr+cNqSGFcOXcabYC0lUVJVRa2Sb2ortSK7VrEU= +google.golang.org/grpc v1.60.1/go.mod h1:OlCHIeLYqSSsLi6i49B5QGdzaMZK9+M7LXN2FKz4eGM= google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= @@ -1002,19 +679,16 @@ google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzi google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= -google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGjtUeSXeh4= google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c= google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI= google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20200902074654-038fdea0a05b/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= -gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= @@ -1037,67 +711,57 @@ gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gotest.tools/v3 v3.4.0 h1:ZazjZUfuVeZGLAmlKKuyv3IKP5orXcwtOwDQH6YVr6o= gotest.tools/v3 v3.4.0/go.mod h1:CtbdzLSsqVhDgMtKsx03ird5YTGB3ar27v0u/yKBW5g= honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg= -honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= -honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= -k8s.io/api v0.28.4 h1:8ZBrLjwosLl/NYgv1P7EQLqoO8MGQApnbgH8tu3BMzY= -k8s.io/api v0.28.4/go.mod h1:axWTGrY88s/5YE+JSt4uUi6NMM+gur1en2REMR7IRj0= -k8s.io/apiextensions-apiserver v0.28.4 h1:AZpKY/7wQ8n+ZYDtNHbAJBb+N4AXXJvyZx6ww6yAJvU= -k8s.io/apiextensions-apiserver v0.28.4/go.mod h1:pgQIZ1U8eJSMQcENew/0ShUTlePcSGFq6dxSxf2mwPM= -k8s.io/apimachinery v0.28.4 h1:zOSJe1mc+GxuMnFzD4Z/U1wst50X28ZNsn5bhgIIao8= -k8s.io/apimachinery v0.28.4/go.mod h1:wI37ncBvfAoswfq626yPTe6Bz1c22L7uaJ8dho83mgg= -k8s.io/apiserver v0.28.4 h1:BJXlaQbAU/RXYX2lRz+E1oPe3G3TKlozMMCZWu5GMgg= -k8s.io/apiserver v0.28.4/go.mod h1:Idq71oXugKZoVGUUL2wgBCTHbUR+FYTWa4rq9j4n23w= -k8s.io/cli-runtime v0.28.4 h1:IW3aqSNFXiGDllJF4KVYM90YX4cXPGxuCxCVqCD8X+Q= -k8s.io/cli-runtime v0.28.4/go.mod h1:MLGRB7LWTIYyYR3d/DOgtUC8ihsAPA3P8K8FDNIqJ0k= -k8s.io/client-go v0.28.4 h1:Np5ocjlZcTrkyRJ3+T3PkXDpe4UpatQxj85+xjaD2wY= -k8s.io/client-go v0.28.4/go.mod h1:0VDZFpgoZfelyP5Wqu0/r/TRYcLYuJ2U1KEeoaPa1N4= -k8s.io/cluster-bootstrap v0.28.4 h1:4MKNy1Qd9QY7pl47rSMGIORF+tm3CUaqC1M8U9bjn4Q= -k8s.io/cluster-bootstrap v0.28.4/go.mod h1:/c4ro/R4yf4EtJgFgFtvnHkbDOHwubeKJXh5R1c89Bc= -k8s.io/component-base v0.28.4 h1:c/iQLWPdUgI90O+T9TeECg8o7N3YJTiuz2sKxILYcYo= -k8s.io/component-base v0.28.4/go.mod h1:m9hR0uvqXDybiGL2nf/3Lf0MerAfQXzkfWhUY58JUbU= -k8s.io/component-helpers v0.28.4 h1:+X9VXT5+jUsRdC26JyMZ8Fjfln7mSjgumafocE509C4= -k8s.io/component-helpers v0.28.4/go.mod h1:8LzMalOQ0K10tkBJWBWq8h0HTI9HDPx4WT3QvTFn9Ro= -k8s.io/klog/v2 v2.100.1 h1:7WCHKK6K8fNhTqfBhISHQ97KrnJNFZMcQvKp7gP/tmg= -k8s.io/klog/v2 v2.100.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= -k8s.io/kms v0.28.4 h1:PMgY/3CQTWP9eIKmNQiTgjLIZ0ns6O+voagzD2/4mSg= -k8s.io/kms v0.28.4/go.mod h1:HL4/lR/bhjAJPbqycKtfhWiKh1Sp21cpHOL8P4oo87w= -k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9 h1:LyMgNKD2P8Wn1iAwQU5OhxCKlKJy0sHc+PcDwFB24dQ= -k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9/go.mod h1:wZK2AVp1uHCp4VamDVgBP2COHZjqD1T68Rf0CM3YjSM= -k8s.io/kubectl v0.28.4 h1:gWpUXW/T7aFne+rchYeHkyB8eVDl5UZce8G4X//kjUQ= -k8s.io/kubectl v0.28.4/go.mod h1:CKOccVx3l+3MmDbkXtIUtibq93nN2hkDR99XDCn7c/c= -k8s.io/metrics v0.28.4 h1:u36fom9+6c8jX2sk8z58H0hFaIUfrPWbXIxN7GT2blk= -k8s.io/metrics v0.28.4/go.mod h1:bBqAJxH20c7wAsTQxDXOlVqxGMdce49d7WNr1WeaLac= +k8s.io/api v0.29.3 h1:2ORfZ7+bGC3YJqGpV0KSDDEVf8hdGQ6A03/50vj8pmw= +k8s.io/api v0.29.3/go.mod h1:y2yg2NTyHUUkIoTC+phinTnEa3KFM6RZ3szxt014a80= +k8s.io/apiextensions-apiserver v0.29.3 h1:9HF+EtZaVpFjStakF4yVufnXGPRppWFEQ87qnO91YeI= +k8s.io/apiextensions-apiserver v0.29.3/go.mod h1:po0XiY5scnpJfFizNGo6puNU6Fq6D70UJY2Cb2KwAVc= +k8s.io/apimachinery v0.29.3 h1:2tbx+5L7RNvqJjn7RIuIKu9XTsIZ9Z5wX2G22XAa5EU= +k8s.io/apimachinery v0.29.3/go.mod h1:hx/S4V2PNW4OMg3WizRrHutyB5la0iCUbZym+W0EQIU= +k8s.io/apiserver v0.29.3 h1:xR7ELlJ/BZSr2n4CnD3lfA4gzFivh0wwfNfz9L0WZcE= +k8s.io/apiserver v0.29.3/go.mod h1:hrvXlwfRulbMbBgmWRQlFru2b/JySDpmzvQwwk4GUOs= +k8s.io/cli-runtime v0.29.3 h1:r68rephmmytoywkw2MyJ+CxjpasJDQY7AGc3XY2iv1k= +k8s.io/cli-runtime v0.29.3/go.mod h1:aqVUsk86/RhaGJwDhHXH0jcdqBrgdF3bZWk4Z9D4mkM= +k8s.io/client-go v0.29.3 h1:R/zaZbEAxqComZ9FHeQwOh3Y1ZUs7FaHKZdQtIc2WZg= +k8s.io/client-go v0.29.3/go.mod h1:tkDisCvgPfiRpxGnOORfkljmS+UrW+WtXAy2fTvXJB0= +k8s.io/cluster-bootstrap v0.29.3 h1:DIMDZSN8gbFMy9CS2mAS2Iqq/fIUG783WN/1lqi5TF8= +k8s.io/cluster-bootstrap v0.29.3/go.mod h1:aPAg1VtXx3uRrx5qU2jTzR7p1rf18zLXWS+pGhiqPto= +k8s.io/component-base v0.29.3 h1:Oq9/nddUxlnrCuuR2K/jp6aflVvc0uDvxMzAWxnGzAo= +k8s.io/component-base v0.29.3/go.mod h1:Yuj33XXjuOk2BAaHsIGHhCKZQAgYKhqIxIjIr2UXYio= +k8s.io/component-helpers v0.29.3 h1:1dqZswuZgT2ZMixYeORyCUOAApXxgsvjVSgfoUT+P4o= +k8s.io/component-helpers v0.29.3/go.mod h1:yiDqbRQrnQY+sPju/bL7EkwDJb6LVOots53uZNMZBos= +k8s.io/klog/v2 v2.110.1 h1:U/Af64HJf7FcwMcXyKm2RPM22WZzyR7OSpYj5tg3cL0= +k8s.io/klog/v2 v2.110.1/go.mod h1:YGtd1984u+GgbuZ7e08/yBuAfKLSO0+uR1Fhi6ExXjo= +k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 h1:aVUu9fTY98ivBPKR9Y5w/AuzbMm96cd3YHRTU83I780= +k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00/go.mod h1:AsvuZPBlUDVuCdzJ87iajxtXuR9oktsTctW/R9wwouA= +k8s.io/kubectl v0.29.3 h1:RuwyyIU42MAISRIePaa8Q7A3U74Q9P4MoJbDFz9o3us= +k8s.io/kubectl v0.29.3/go.mod h1:yCxfY1dbwgVdEt2zkJ6d5NNLOhhWgTyrqACIoFhpdd4= +k8s.io/metrics v0.29.3 h1:nN+eavbMQ7Kuif2tIdTr2/F2ec2E/SIAWSruTZ+Ye6U= +k8s.io/metrics v0.29.3/go.mod h1:kb3tGGC4ZcIDIuvXyUE291RwJ5WmDu0tB4wAVZM6h2I= k8s.io/utils v0.0.0-20240102154912-e7106e64919e h1:eQ/4ljkx21sObifjzXwlPKpdGLrCfRziVtos3ofG/sQ= k8s.io/utils v0.0.0-20240102154912-e7106e64919e/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= -rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= -rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= -rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= -sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.1.2 h1:trsWhjU5jZrx6UvFu4WzQDrN7Pga4a7Qg+zcfcj64PA= -sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.1.2/go.mod h1:+qG7ISXqCDVVcyO8hLn12AKVYYUjM7ftlqsqmrhMZE0= +sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.28.0 h1:TgtAeesdhpm2SGwkQasmbeqDo8th5wOBA5h/AjTKA4I= +sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.28.0/go.mod h1:VHVDI/KrK4fjnV61bE2g3sA7tiETLn8sooImelsCx3Y= sigs.k8s.io/aws-iam-authenticator v0.6.13 h1:QSQcAkpt/hF97Ogyoz6sj3WD2twTd2cmxFb4e6Rs9gA= sigs.k8s.io/aws-iam-authenticator v0.6.13/go.mod h1:CnvFyzR/xeLHmUY/BD0qW6q0wp6KIwXmFp4eTfrHdP8= -sigs.k8s.io/cluster-api v1.6.1 h1:I34p/fwgRlEhs+o9cUhKXDwNNfPS3no0yJsd2bJyQVc= -sigs.k8s.io/cluster-api v1.6.1/go.mod h1:DaxwruDvSaEYq5q6FREDaGzX6UsAVUCA99Sp8vfMHyQ= -sigs.k8s.io/cluster-api/test v1.6.1 h1:9TffRPOuYNUyfHqdeWQtFhdK0oY+NAbvjlzbqK7chTw= -sigs.k8s.io/cluster-api/test v1.6.1/go.mod h1:+zOSrnG/2wI2XtWOkaVpVJ1BXumT/73zqRXZBYrclPQ= -sigs.k8s.io/controller-runtime v0.16.3 h1:2TuvuokmfXvDUamSx1SuAOO3eTyye+47mJCigwG62c4= -sigs.k8s.io/controller-runtime v0.16.3/go.mod h1:j7bialYoSn142nv9sCOJmQgDXQXxnroFU4VnX/brVJ0= +sigs.k8s.io/cluster-api v1.7.0 h1:sWK6xs2MkCqPZhumsrti0OdKyGcu/c5aBz9XAWFIq5E= +sigs.k8s.io/cluster-api v1.7.0/go.mod h1:V9ZhKLvQtsDODwjXOKgbitjyCmC71yMBwDcMyNNIov0= +sigs.k8s.io/cluster-api/test v1.7.0 h1:SH0Rww/LTx1LSUwlfihZoVNKkT9oJRyeqWRaD81rFms= +sigs.k8s.io/cluster-api/test v1.7.0/go.mod h1:yG0g5Mdq73fMn9JP4akgRQPSne973L+Qx6iVH+LjtSM= +sigs.k8s.io/controller-runtime v0.17.3 h1:65QmN7r3FWgTxDMz9fvGnO1kbf2nu+acg9p2R9oYYYk= +sigs.k8s.io/controller-runtime v0.17.3/go.mod h1:N0jpP5Lo7lMTF9aL56Z/B2oWBJjey6StQM0jRbKQXtY= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= -sigs.k8s.io/kind v0.20.0 h1:f0sc3v9mQbGnjBUaqSFST1dwIuiikKVGgoTwpoP33a8= -sigs.k8s.io/kind v0.20.0/go.mod h1:aBlbxg08cauDgZ612shr017/rZwqd7AS563FvpWKPVs= +sigs.k8s.io/kind v0.22.0 h1:z/+yr/azoOfzsfooqRsPw1wjJlqT/ukXP0ShkHwNlsI= +sigs.k8s.io/kind v0.22.0/go.mod h1:aBlbxg08cauDgZ612shr017/rZwqd7AS563FvpWKPVs= sigs.k8s.io/kustomize/api v0.13.5-0.20230601165947-6ce0bf390ce3 h1:XX3Ajgzov2RKUdc5jW3t5jwY7Bo7dcRm+tFxT+NfgY0= sigs.k8s.io/kustomize/api v0.13.5-0.20230601165947-6ce0bf390ce3/go.mod h1:9n16EZKMhXBNSiUC5kSdFQJkdH3zbxS/JoO619G1VAY= sigs.k8s.io/kustomize/kustomize/v5 v5.0.4-0.20230601165947-6ce0bf390ce3 h1:vq2TtoDcQomhy7OxXLUOzSbHMuMYq0Bjn93cDtJEdKw= sigs.k8s.io/kustomize/kustomize/v5 v5.0.4-0.20230601165947-6ce0bf390ce3/go.mod h1:/d88dHCvoy7d0AKFT0yytezSGZKjsZBVs9YTkBHSGFk= sigs.k8s.io/kustomize/kyaml v0.14.3-0.20230601165947-6ce0bf390ce3 h1:W6cLQc5pnqM7vh3b7HvGNfXrJ/xL6BDMS0v1V/HHg5U= sigs.k8s.io/kustomize/kyaml v0.14.3-0.20230601165947-6ce0bf390ce3/go.mod h1:JWP1Fj0VWGHyw3YUPjXSQnRnrwezrZSrApfX5S0nIag= -sigs.k8s.io/structured-merge-diff/v4 v4.2.3 h1:PRbqxJClWWYMNV1dhaG4NsibJbArud9kFxnAMREiWFE= -sigs.k8s.io/structured-merge-diff/v4 v4.2.3/go.mod h1:qjx8mGObPmV2aSZepjQjbmb2ihdVs8cGKBraizNC69E= +sigs.k8s.io/structured-merge-diff/v4 v4.4.1 h1:150L+0vs/8DA78h1u02ooW1/fFq/Lwr+sGiqlzvrtq4= +sigs.k8s.io/structured-merge-diff/v4 v4.4.1/go.mod h1:N8hJocpFajUSSeSJ9bOZ77VzejKZaXsTtZo4/u7Io08= sigs.k8s.io/yaml v1.3.0/go.mod h1:GeOyir5tyXNByN85N/dRIT9es5UQNerPYEKK56eTBm8= sigs.k8s.io/yaml v1.4.0 h1:Mk1wCc2gy/F0THH0TAp1QYyJNzRm2KCLy3o5ASXVI5E= sigs.k8s.io/yaml v1.4.0/go.mod h1:Ejl7/uTz7PSA4eKMyQCUTnhZYNmLIl+5c2lQPGR2BPY= diff --git a/hack/tools/go.mod b/hack/tools/go.mod index b349549ded..44bef53271 100644 --- a/hack/tools/go.mod +++ b/hack/tools/go.mod @@ -16,13 +16,13 @@ require ( github.com/joelanford/go-apidiff v0.8.2 github.com/mikefarah/yq/v4 v4.42.1 github.com/spf13/pflag v1.0.5 - k8s.io/apimachinery v0.29.1 - k8s.io/code-generator v0.28.4 - k8s.io/gengo v0.0.0-20220902162205-c0856e24416d + k8s.io/apimachinery v0.29.3 + k8s.io/code-generator v0.29.3 + k8s.io/gengo v0.0.0-20230829151522-9cce18d56c01 k8s.io/klog/v2 v2.110.1 sigs.k8s.io/cluster-api/hack/tools v0.0.0-20221121093230-b1688621953c sigs.k8s.io/controller-runtime/tools/setup-envtest v0.0.0-20211110210527-619e6b92dab9 - sigs.k8s.io/controller-tools v0.13.0 + sigs.k8s.io/controller-tools v0.14.0 sigs.k8s.io/kind v0.22.0 sigs.k8s.io/kustomize/kustomize/v4 v4.5.7 sigs.k8s.io/promo-tools/v4 v4.0.5 @@ -199,7 +199,7 @@ require ( github.com/golang-jwt/jwt/v4 v4.5.0 // indirect github.com/golang-jwt/jwt/v5 v5.1.0 // indirect github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect - github.com/golang/protobuf v1.5.3 // indirect + github.com/golang/protobuf v1.5.4 // indirect github.com/golang/snappy v0.0.4 // indirect github.com/google/certificate-transparency-go v1.1.7 // indirect github.com/google/gnostic v0.6.9 // indirect @@ -279,7 +279,7 @@ require ( github.com/oklog/ulid v1.3.1 // indirect github.com/oleiade/reflections v1.0.1 // indirect github.com/olekukonko/tablewriter v0.0.5 // indirect - github.com/onsi/gomega v1.29.0 // indirect + github.com/onsi/gomega v1.30.0 // indirect github.com/open-policy-agent/opa v0.59.0 // indirect github.com/opencontainers/go-digest v1.0.0 // indirect github.com/opencontainers/image-spec v1.1.0-rc5 // indirect @@ -391,9 +391,9 @@ require ( gopkg.in/warnings.v0 v0.1.2 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect - k8s.io/api v0.28.4 // indirect - k8s.io/apiextensions-apiserver v0.28.4 // indirect - k8s.io/client-go v0.28.4 // indirect + k8s.io/api v0.29.0 // indirect + k8s.io/apiextensions-apiserver v0.29.0 // indirect + k8s.io/client-go v0.29.0 // indirect k8s.io/klog v0.2.0 // indirect k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 // indirect k8s.io/utils v0.0.0-20230726121419-3b25d923346b // indirect diff --git a/hack/tools/go.sum b/hack/tools/go.sum index 57f050f2e8..ab22e6ebe0 100644 --- a/hack/tools/go.sum +++ b/hack/tools/go.sum @@ -604,8 +604,8 @@ github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= -github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg= -github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= +github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek= +github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps= github.com/golang/snappy v0.0.1/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= github.com/golang/snappy v0.0.4 h1:yAGX7huGHXlcLOEtBnF4w7FQwA26wojNCwOYAEhLjQM= github.com/golang/snappy v0.0.4/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= @@ -936,8 +936,8 @@ github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7J github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo= github.com/onsi/gomega v1.17.0/go.mod h1:HnhC7FXeEQY45zxNK3PPoIUhzk/80Xly9PcubAlGdZY= github.com/onsi/gomega v1.19.0/go.mod h1:LY+I3pBVzYsTBU1AnDwOSxaYi9WoWiqgwooUqq9yPro= -github.com/onsi/gomega v1.29.0 h1:KIA/t2t5UBzoirT4H9tsML45GEbo3ouUnBHsCfD2tVg= -github.com/onsi/gomega v1.29.0/go.mod h1:9sxs+SwGrKI0+PWe4Fxa9tFQQBG5xSsSbMXOI8PPpoQ= +github.com/onsi/gomega v1.30.0 h1:hvMK7xYz4D3HapigLTeGdId/NcfQx1VHMJc60ew99+8= +github.com/onsi/gomega v1.30.0/go.mod h1:9sxs+SwGrKI0+PWe4Fxa9tFQQBG5xSsSbMXOI8PPpoQ= github.com/open-policy-agent/opa v0.59.0 h1:1WFU/KUhJAr3qatm0Lf8Ea5jp10ZmlE2M07oaLiHypg= github.com/open-policy-agent/opa v0.59.0/go.mod h1:rdJSkEc4oQ+0074/3Fsgno5bkPsYxTjU5aLNmMujIvI= github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U= @@ -1704,19 +1704,19 @@ honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWh honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg= honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= -k8s.io/api v0.28.4 h1:8ZBrLjwosLl/NYgv1P7EQLqoO8MGQApnbgH8tu3BMzY= -k8s.io/api v0.28.4/go.mod h1:axWTGrY88s/5YE+JSt4uUi6NMM+gur1en2REMR7IRj0= -k8s.io/apiextensions-apiserver v0.28.4 h1:AZpKY/7wQ8n+ZYDtNHbAJBb+N4AXXJvyZx6ww6yAJvU= -k8s.io/apiextensions-apiserver v0.28.4/go.mod h1:pgQIZ1U8eJSMQcENew/0ShUTlePcSGFq6dxSxf2mwPM= -k8s.io/apimachinery v0.29.1 h1:KY4/E6km/wLBguvCZv8cKTeOwwOBqFNjwJIdMkMbbRc= -k8s.io/apimachinery v0.29.1/go.mod h1:6HVkd1FwxIagpYrHSwJlQqZI3G9LfYWRPAkUvLnXTKU= -k8s.io/client-go v0.28.4 h1:Np5ocjlZcTrkyRJ3+T3PkXDpe4UpatQxj85+xjaD2wY= -k8s.io/client-go v0.28.4/go.mod h1:0VDZFpgoZfelyP5Wqu0/r/TRYcLYuJ2U1KEeoaPa1N4= -k8s.io/code-generator v0.28.4 h1:tcOSNIZQvuAvXhOwpbuJkKbAABJQeyCcQBCN/3uI18c= -k8s.io/code-generator v0.28.4/go.mod h1:OQAfl6bZikQ/tK6faJ18Vyzo54rUII2NmjurHyiN1g4= +k8s.io/api v0.29.0 h1:NiCdQMY1QOp1H8lfRyeEf8eOwV6+0xA6XEE44ohDX2A= +k8s.io/api v0.29.0/go.mod h1:sdVmXoz2Bo/cb77Pxi71IPTSErEW32xa4aXwKH7gfBA= +k8s.io/apiextensions-apiserver v0.29.0 h1:0VuspFG7Hj+SxyF/Z/2T0uFbI5gb5LRgEyUVE3Q4lV0= +k8s.io/apiextensions-apiserver v0.29.0/go.mod h1:TKmpy3bTS0mr9pylH0nOt/QzQRrW7/h7yLdRForMZwc= +k8s.io/apimachinery v0.29.3 h1:2tbx+5L7RNvqJjn7RIuIKu9XTsIZ9Z5wX2G22XAa5EU= +k8s.io/apimachinery v0.29.3/go.mod h1:hx/S4V2PNW4OMg3WizRrHutyB5la0iCUbZym+W0EQIU= +k8s.io/client-go v0.29.0 h1:KmlDtFcrdUzOYrBhXHgKw5ycWzc3ryPX5mQe0SkG3y8= +k8s.io/client-go v0.29.0/go.mod h1:yLkXH4HKMAywcrD82KMSmfYg2DlE8mepPR4JGSo5n38= +k8s.io/code-generator v0.29.3 h1:m7E25/t9R9NvejspO2zBdyu+/Gl0Z5m7dCRc680KS14= +k8s.io/code-generator v0.29.3/go.mod h1:x47ofBhN4gxYFcxeKA1PYXeaPreAGaDN85Y/lNUsPoM= k8s.io/gengo v0.0.0-20201203183100-97869a43a9d9/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E= -k8s.io/gengo v0.0.0-20220902162205-c0856e24416d h1:U9tB195lKdzwqicbJvyJeOXV7Klv+wNAWENRnXEGi08= -k8s.io/gengo v0.0.0-20220902162205-c0856e24416d/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E= +k8s.io/gengo v0.0.0-20230829151522-9cce18d56c01 h1:pWEwq4Asjm4vjW7vcsmijwBhOr1/shsbSYiWXmNGlks= +k8s.io/gengo v0.0.0-20230829151522-9cce18d56c01/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E= k8s.io/klog v0.2.0 h1:0ElL0OHzF3N+OhoJTL0uca20SxtYt4X4+bzHeqrB83c= k8s.io/klog v0.2.0/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= k8s.io/klog/v2 v2.2.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y= @@ -1733,8 +1733,8 @@ sigs.k8s.io/cluster-api/hack/tools v0.0.0-20221121093230-b1688621953c h1:DXSapcA sigs.k8s.io/cluster-api/hack/tools v0.0.0-20221121093230-b1688621953c/go.mod h1:7luenhlsUTb9obnAferuDFEvhtITw7JjHpXkiDmCmKY= sigs.k8s.io/controller-runtime/tools/setup-envtest v0.0.0-20211110210527-619e6b92dab9 h1:ylYUI5uaq/guUFerFRVG81FHSA5/3+fERCE1RQbQUZ4= sigs.k8s.io/controller-runtime/tools/setup-envtest v0.0.0-20211110210527-619e6b92dab9/go.mod h1:+sJcI1F0QI0Cv+8fp5rH5B2fK1LxzrAQqYnaPx9nY8I= -sigs.k8s.io/controller-tools v0.13.0 h1:NfrvuZ4bxyolhDBt/rCZhDnx3M2hzlhgo5n3Iv2RykI= -sigs.k8s.io/controller-tools v0.13.0/go.mod h1:5vw3En2NazbejQGCeWKRrE7q4P+CW8/klfVqP8QZkgA= +sigs.k8s.io/controller-tools v0.14.0 h1:rnNoCC5wSXlrNoBKKzL70LNJKIQKEzT6lloG6/LF73A= +sigs.k8s.io/controller-tools v0.14.0/go.mod h1:TV7uOtNNnnR72SpzhStvPkoS/U5ir0nMudrkrC4M9Sc= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= sigs.k8s.io/kind v0.22.0 h1:z/+yr/azoOfzsfooqRsPw1wjJlqT/ukXP0ShkHwNlsI= diff --git a/test/e2e/data/e2e_conf.yaml b/test/e2e/data/e2e_conf.yaml index d469adf3ea..7ce0a6541e 100644 --- a/test/e2e/data/e2e_conf.yaml +++ b/test/e2e/data/e2e_conf.yaml @@ -26,11 +26,11 @@ images: loadBehavior: tryLoad - name: quay.io/jetstack/cert-manager-controller:v1.12.2 loadBehavior: tryLoad - - name: registry.k8s.io/cluster-api/cluster-api-controller:v1.6.1 + - name: registry.k8s.io/cluster-api/cluster-api-controller:v1.7.0 loadBehavior: tryLoad - - name: registry.k8s.io/cluster-api/kubeadm-bootstrap-controller:v1.6.1 + - name: registry.k8s.io/cluster-api/kubeadm-bootstrap-controller:v1.7.0 loadBehavior: tryLoad - - name: registry.k8s.io/cluster-api/kubeadm-control-plane-controller:v1.6.1 + - name: registry.k8s.io/cluster-api/kubeadm-control-plane-controller:v1.7.0 loadBehavior: tryLoad providers: @@ -48,8 +48,8 @@ providers: new: "imagePullPolicy: IfNotPresent" - old: --metrics-bind-addr=127.0.0.1:8080 new: --metrics-bind-addr=:8080 - - name: v1.6.1 # latest published release in the v1beta1 series; this is used for v1beta1 --> main clusterctl upgrades test only. - value: "https://github.com/kubernetes-sigs/cluster-api/releases/download/v1.6.1/core-components.yaml" + - name: v1.7.0 # latest published release in the v1beta1 series; this is used for v1beta1 --> main clusterctl upgrades test only. + value: "https://github.com/kubernetes-sigs/cluster-api/releases/download/v1.7.0/core-components.yaml" type: "url" contract: v1beta1 files: @@ -75,8 +75,8 @@ providers: new: "imagePullPolicy: IfNotPresent" - old: --metrics-bind-addr=127.0.0.1:8080 new: --metrics-bind-addr=:8080 - - name: v1.6.1 # latest published release in the v1beta1 series; this is used for v1beta1 --> main clusterctl upgrades test only. - value: "https://github.com/kubernetes-sigs/cluster-api/releases/download/v1.6.1/bootstrap-components.yaml" + - name: v1.7.0 # latest published release in the v1beta1 series; this is used for v1beta1 --> main clusterctl upgrades test only. + value: "https://github.com/kubernetes-sigs/cluster-api/releases/download/v1.7.0/bootstrap-components.yaml" type: "url" contract: v1beta1 files: @@ -102,8 +102,8 @@ providers: new: "imagePullPolicy: IfNotPresent" - old: --metrics-bind-addr=127.0.0.1:8080 new: --metrics-bind-addr=:8080 - - name: v1.6.1 # latest published release in the v1beta1 series; this is used for v1beta1 --> v1beta1 latest clusterctl upgrades test only. - value: "https://github.com/kubernetes-sigs/cluster-api/releases/download/v1.6.1/control-plane-components.yaml" + - name: v1.7.0 # latest published release in the v1beta1 series; this is used for v1beta1 --> v1beta1 latest clusterctl upgrades test only. + value: "https://github.com/kubernetes-sigs/cluster-api/releases/download/v1.7.0/control-plane-components.yaml" type: "url" contract: v1beta1 files: @@ -176,7 +176,7 @@ variables: # allowing the same e2e config file to be re-used in different Prow jobs e.g. each one with a K8s version permutation. # The following Kubernetes versions should be the latest versions with already published kindest/node images. # This avoids building node images in the default case which improves the test duration significantly. - KUBERNETES_VERSION_MANAGEMENT: "v1.28.0" + KUBERNETES_VERSION_MANAGEMENT: "v1.29.0" KUBERNETES_VERSION: "v1.26.6" KUBERNETES_VERSION_UPGRADE_TO: "v1.26.6" KUBERNETES_VERSION_UPGRADE_FROM: "v1.25.3" diff --git a/test/e2e/data/e2e_eks_conf.yaml b/test/e2e/data/e2e_eks_conf.yaml index dd481096a5..5d6e9f37d5 100644 --- a/test/e2e/data/e2e_eks_conf.yaml +++ b/test/e2e/data/e2e_eks_conf.yaml @@ -23,19 +23,19 @@ images: loadBehavior: tryLoad - name: quay.io/jetstack/cert-manager-controller:v1.12.2 loadBehavior: tryLoad - - name: registry.k8s.io/cluster-api/cluster-api-controller:v1.6.1 + - name: registry.k8s.io/cluster-api/cluster-api-controller:v1.7.0 loadBehavior: tryLoad - - name: registry.k8s.io/cluster-api/kubeadm-bootstrap-controller:v1.6.1 + - name: registry.k8s.io/cluster-api/kubeadm-bootstrap-controller:v1.7.0 loadBehavior: tryLoad - - name: registry.k8s.io/cluster-api/kubeadm-control-plane-controller:v1.6.1 + - name: registry.k8s.io/cluster-api/kubeadm-control-plane-controller:v1.7.0 loadBehavior: tryLoad providers: - name: cluster-api type: CoreProvider versions: - - name: v1.6.1 - value: "https://github.com/kubernetes-sigs/cluster-api/releases/download/v1.6.1/core-components.yaml" + - name: v1.7.0 + value: "https://github.com/kubernetes-sigs/cluster-api/releases/download/v1.7.0/core-components.yaml" type: "url" contract: v1beta1 files: @@ -50,8 +50,8 @@ providers: files: - sourcePath: "./shared/v1beta1/metadata.yaml" versions: - - name: v1.6.1 - value: "https://github.com/kubernetes-sigs/cluster-api/releases/download/v1.6.1/bootstrap-components.yaml" + - name: v1.7.0 + value: "https://github.com/kubernetes-sigs/cluster-api/releases/download/v1.7.0/bootstrap-components.yaml" type: "url" contract: v1beta1 files: @@ -66,8 +66,8 @@ providers: files: - sourcePath: "./shared/v1beta1/metadata.yaml" versions: - - name: v1.6.1 - value: "https://github.com/kubernetes-sigs/cluster-api/releases/download/v1.6.1/control-plane-components.yaml" + - name: v1.7.0 + value: "https://github.com/kubernetes-sigs/cluster-api/releases/download/v1.7.0/control-plane-components.yaml" type: "url" contract: v1beta1 files: @@ -117,7 +117,7 @@ providers: variables: KUBERNETES_VERSION: "v1.29.1" - KUBERNETES_VERSION_MANAGEMENT: "v1.28.0" # Kind bootstrap + KUBERNETES_VERSION_MANAGEMENT: "v1.29.0" # Kind bootstrap EXP_MACHINE_POOL: "true" EXP_CLUSTER_RESOURCE_SET: "true" EVENT_BRIDGE_INSTANCE_STATE: "true" diff --git a/test/e2e/data/shared/v1beta1/metadata.yaml b/test/e2e/data/shared/v1beta1/metadata.yaml index 9feb6a6eb2..7f3d15522d 100644 --- a/test/e2e/data/shared/v1beta1/metadata.yaml +++ b/test/e2e/data/shared/v1beta1/metadata.yaml @@ -5,6 +5,9 @@ # update this file only when a new major or minor version is released apiVersion: clusterctl.cluster.x-k8s.io/v1alpha3 releaseSeries: + - major: 1 + minor: 7 + contract: v1beta1 - major: 1 minor: 6 contract: v1beta1 diff --git a/test/e2e/suites/unmanaged/helpers_test.go b/test/e2e/suites/unmanaged/helpers_test.go index 03c6870384..07aa621a53 100644 --- a/test/e2e/suites/unmanaged/helpers_test.go +++ b/test/e2e/suites/unmanaged/helpers_test.go @@ -211,7 +211,7 @@ func createPVC(statefulsetinfo statefulSetInfo) corev1.PersistentVolumeClaim { Spec: corev1.PersistentVolumeClaimSpec{ AccessModes: []corev1.PersistentVolumeAccessMode{corev1.ReadWriteOnce}, StorageClassName: &statefulsetinfo.storageClassName, - Resources: corev1.ResourceRequirements{ + Resources: corev1.VolumeResourceRequirements{ Requests: corev1.ResourceList{ corev1.ResourceStorage: resource.MustParse("4Gi"), }, @@ -835,7 +835,7 @@ func createPVCForEFS(storageClassName string, clusterClient crclient.Client) { corev1.ReadWriteMany, }, StorageClassName: &storageClassName, - Resources: corev1.ResourceRequirements{ + Resources: corev1.VolumeResourceRequirements{ Requests: map[corev1.ResourceName]resource.Quantity{ corev1.ResourceStorage: *resource.NewQuantity(5*1024*1024*1024, resource.BinarySI), }, diff --git a/versions.mk b/versions.mk index 23f7e19995..465b2a218b 100644 --- a/versions.mk +++ b/versions.mk @@ -15,7 +15,7 @@ MDBOOK_VERSION := v0.4.5 PLANTUML_VERSION := 1.2020.16 CERT_MANAGER_VERSION := v1.12.2 -CAPI_VERSION := v1.6.1 +CAPI_VERSION := v1.7.0 KPROMO_VERSION := v4.0.4 YQ_VERSION := v4.25.2 GOLANGCI_LINT_VERSION := v1.53.3