From 64f1bff13f6fdcd2bb223c8a40746d3e0b241edc Mon Sep 17 00:00:00 2001 From: Joshua Casey Date: Sun, 27 Aug 2023 17:59:02 -0500 Subject: [PATCH] Use Conditions from apimachinery, specifically k8s.io/apimachinery/pkg/apis/meta/v1.Conditions --- .../v1alpha1/types_jwtauthenticator.go.tmpl | 4 +- .../v1alpha1/types_meta.go.tmpl | 75 ----------- .../types_webhookauthenticator.go.tmpl | 4 +- .../config/v1alpha1/types_meta.go.tmpl | 75 ----------- .../config/v1alpha1/types_oidcclient.go.tmpl | 4 +- ...es_activedirectoryidentityprovider.go.tmpl | 2 +- .../types_ldapidentityprovider.go.tmpl | 2 +- .../idp/v1alpha1/types_meta.go.tmpl | 75 ----------- .../types_oidcidentityprovider.go.tmpl | 2 +- ...cierge.pinniped.dev_jwtauthenticators.yaml | 12 +- ...ge.pinniped.dev_webhookauthenticators.yaml | 12 +- ...g.supervisor.pinniped.dev_oidcclients.yaml | 12 +- ....dev_activedirectoryidentityproviders.yaml | 12 +- ...or.pinniped.dev_ldapidentityproviders.yaml | 12 +- ...or.pinniped.dev_oidcidentityproviders.yaml | 12 +- generated/1.21/README.adoc | 117 +----------------- .../v1alpha1/types_jwtauthenticator.go | 4 +- .../authentication/v1alpha1/types_meta.go | 75 ----------- .../v1alpha1/types_webhookauthenticator.go | 4 +- .../v1alpha1/zz_generated.deepcopy.go | 22 +--- .../supervisor/config/v1alpha1/types_meta.go | 75 ----------- .../config/v1alpha1/types_oidcclient.go | 4 +- .../config/v1alpha1/zz_generated.deepcopy.go | 20 +-- .../types_activedirectoryidentityprovider.go | 2 +- .../v1alpha1/types_ldapidentityprovider.go | 2 +- .../supervisor/idp/v1alpha1/types_meta.go | 75 ----------- .../v1alpha1/types_oidcidentityprovider.go | 2 +- .../idp/v1alpha1/zz_generated.deepcopy.go | 24 +--- ...cierge.pinniped.dev_jwtauthenticators.yaml | 12 +- ...ge.pinniped.dev_webhookauthenticators.yaml | 12 +- ...g.supervisor.pinniped.dev_oidcclients.yaml | 12 +- ....dev_activedirectoryidentityproviders.yaml | 12 +- ...or.pinniped.dev_ldapidentityproviders.yaml | 12 +- ...or.pinniped.dev_oidcidentityproviders.yaml | 12 +- generated/1.22/README.adoc | 117 +----------------- .../v1alpha1/types_jwtauthenticator.go | 4 +- .../authentication/v1alpha1/types_meta.go | 75 ----------- .../v1alpha1/types_webhookauthenticator.go | 4 +- .../v1alpha1/zz_generated.deepcopy.go | 22 +--- .../supervisor/config/v1alpha1/types_meta.go | 75 ----------- .../config/v1alpha1/types_oidcclient.go | 4 +- .../config/v1alpha1/zz_generated.deepcopy.go | 20 +-- .../types_activedirectoryidentityprovider.go | 2 +- .../v1alpha1/types_ldapidentityprovider.go | 2 +- .../supervisor/idp/v1alpha1/types_meta.go | 75 ----------- .../v1alpha1/types_oidcidentityprovider.go | 2 +- .../idp/v1alpha1/zz_generated.deepcopy.go | 24 +--- ...cierge.pinniped.dev_jwtauthenticators.yaml | 12 +- ...ge.pinniped.dev_webhookauthenticators.yaml | 12 +- ...g.supervisor.pinniped.dev_oidcclients.yaml | 12 +- ....dev_activedirectoryidentityproviders.yaml | 12 +- ...or.pinniped.dev_ldapidentityproviders.yaml | 12 +- ...or.pinniped.dev_oidcidentityproviders.yaml | 12 +- generated/1.23/README.adoc | 117 +----------------- .../v1alpha1/types_jwtauthenticator.go | 4 +- .../authentication/v1alpha1/types_meta.go | 75 ----------- .../v1alpha1/types_webhookauthenticator.go | 4 +- .../v1alpha1/zz_generated.deepcopy.go | 22 +--- .../supervisor/config/v1alpha1/types_meta.go | 75 ----------- .../config/v1alpha1/types_oidcclient.go | 4 +- .../config/v1alpha1/zz_generated.deepcopy.go | 20 +-- .../types_activedirectoryidentityprovider.go | 2 +- .../v1alpha1/types_ldapidentityprovider.go | 2 +- .../supervisor/idp/v1alpha1/types_meta.go | 75 ----------- .../v1alpha1/types_oidcidentityprovider.go | 2 +- .../idp/v1alpha1/zz_generated.deepcopy.go | 24 +--- ...cierge.pinniped.dev_jwtauthenticators.yaml | 12 +- ...ge.pinniped.dev_webhookauthenticators.yaml | 12 +- ...g.supervisor.pinniped.dev_oidcclients.yaml | 12 +- ....dev_activedirectoryidentityproviders.yaml | 12 +- ...or.pinniped.dev_ldapidentityproviders.yaml | 12 +- ...or.pinniped.dev_oidcidentityproviders.yaml | 12 +- generated/1.24/README.adoc | 117 +----------------- .../v1alpha1/types_jwtauthenticator.go | 4 +- .../authentication/v1alpha1/types_meta.go | 75 ----------- .../v1alpha1/types_webhookauthenticator.go | 4 +- .../v1alpha1/zz_generated.deepcopy.go | 22 +--- .../supervisor/config/v1alpha1/types_meta.go | 75 ----------- .../config/v1alpha1/types_oidcclient.go | 4 +- .../config/v1alpha1/zz_generated.deepcopy.go | 20 +-- .../types_activedirectoryidentityprovider.go | 2 +- .../v1alpha1/types_ldapidentityprovider.go | 2 +- .../supervisor/idp/v1alpha1/types_meta.go | 75 ----------- .../v1alpha1/types_oidcidentityprovider.go | 2 +- .../idp/v1alpha1/zz_generated.deepcopy.go | 24 +--- ...cierge.pinniped.dev_jwtauthenticators.yaml | 12 +- ...ge.pinniped.dev_webhookauthenticators.yaml | 12 +- ...g.supervisor.pinniped.dev_oidcclients.yaml | 12 +- ....dev_activedirectoryidentityproviders.yaml | 12 +- ...or.pinniped.dev_ldapidentityproviders.yaml | 12 +- ...or.pinniped.dev_oidcidentityproviders.yaml | 12 +- generated/1.25/README.adoc | 117 +----------------- .../v1alpha1/types_jwtauthenticator.go | 4 +- .../authentication/v1alpha1/types_meta.go | 75 ----------- .../v1alpha1/types_webhookauthenticator.go | 4 +- .../v1alpha1/zz_generated.deepcopy.go | 22 +--- .../supervisor/config/v1alpha1/types_meta.go | 75 ----------- .../config/v1alpha1/types_oidcclient.go | 4 +- .../config/v1alpha1/zz_generated.deepcopy.go | 20 +-- .../types_activedirectoryidentityprovider.go | 2 +- .../v1alpha1/types_ldapidentityprovider.go | 2 +- .../supervisor/idp/v1alpha1/types_meta.go | 75 ----------- .../v1alpha1/types_oidcidentityprovider.go | 2 +- .../idp/v1alpha1/zz_generated.deepcopy.go | 24 +--- ...cierge.pinniped.dev_jwtauthenticators.yaml | 12 +- ...ge.pinniped.dev_webhookauthenticators.yaml | 12 +- ...g.supervisor.pinniped.dev_oidcclients.yaml | 12 +- ....dev_activedirectoryidentityproviders.yaml | 12 +- ...or.pinniped.dev_ldapidentityproviders.yaml | 12 +- ...or.pinniped.dev_oidcidentityproviders.yaml | 12 +- generated/1.26/README.adoc | 117 +----------------- .../v1alpha1/types_jwtauthenticator.go | 4 +- .../authentication/v1alpha1/types_meta.go | 75 ----------- .../v1alpha1/types_webhookauthenticator.go | 4 +- .../v1alpha1/zz_generated.deepcopy.go | 22 +--- .../supervisor/config/v1alpha1/types_meta.go | 75 ----------- .../config/v1alpha1/types_oidcclient.go | 4 +- .../config/v1alpha1/zz_generated.deepcopy.go | 20 +-- .../types_activedirectoryidentityprovider.go | 2 +- .../v1alpha1/types_ldapidentityprovider.go | 2 +- .../supervisor/idp/v1alpha1/types_meta.go | 75 ----------- .../v1alpha1/types_oidcidentityprovider.go | 2 +- .../idp/v1alpha1/zz_generated.deepcopy.go | 24 +--- ...cierge.pinniped.dev_jwtauthenticators.yaml | 12 +- ...ge.pinniped.dev_webhookauthenticators.yaml | 12 +- ...g.supervisor.pinniped.dev_oidcclients.yaml | 12 +- ....dev_activedirectoryidentityproviders.yaml | 12 +- ...or.pinniped.dev_ldapidentityproviders.yaml | 12 +- ...or.pinniped.dev_oidcidentityproviders.yaml | 12 +- generated/1.27/README.adoc | 117 +----------------- .../v1alpha1/types_jwtauthenticator.go | 4 +- .../authentication/v1alpha1/types_meta.go | 75 ----------- .../v1alpha1/types_webhookauthenticator.go | 4 +- .../v1alpha1/zz_generated.deepcopy.go | 22 +--- .../supervisor/config/v1alpha1/types_meta.go | 75 ----------- .../config/v1alpha1/types_oidcclient.go | 4 +- .../config/v1alpha1/zz_generated.deepcopy.go | 20 +-- .../types_activedirectoryidentityprovider.go | 2 +- .../v1alpha1/types_ldapidentityprovider.go | 2 +- .../supervisor/idp/v1alpha1/types_meta.go | 75 ----------- .../v1alpha1/types_oidcidentityprovider.go | 2 +- .../idp/v1alpha1/zz_generated.deepcopy.go | 24 +--- ...cierge.pinniped.dev_jwtauthenticators.yaml | 12 +- ...ge.pinniped.dev_webhookauthenticators.yaml | 12 +- ...g.supervisor.pinniped.dev_oidcclients.yaml | 12 +- ....dev_activedirectoryidentityproviders.yaml | 12 +- ...or.pinniped.dev_ldapidentityproviders.yaml | 12 +- ...or.pinniped.dev_oidcidentityproviders.yaml | 12 +- generated/1.28/README.adoc | 117 +----------------- .../v1alpha1/types_jwtauthenticator.go | 4 +- .../authentication/v1alpha1/types_meta.go | 75 ----------- .../v1alpha1/types_webhookauthenticator.go | 4 +- .../v1alpha1/zz_generated.deepcopy.go | 22 +--- .../supervisor/config/v1alpha1/types_meta.go | 75 ----------- .../config/v1alpha1/types_oidcclient.go | 4 +- .../config/v1alpha1/zz_generated.deepcopy.go | 20 +-- .../types_activedirectoryidentityprovider.go | 2 +- .../v1alpha1/types_ldapidentityprovider.go | 2 +- .../supervisor/idp/v1alpha1/types_meta.go | 75 ----------- .../v1alpha1/types_oidcidentityprovider.go | 2 +- .../idp/v1alpha1/zz_generated.deepcopy.go | 24 +--- ...cierge.pinniped.dev_jwtauthenticators.yaml | 12 +- ...ge.pinniped.dev_webhookauthenticators.yaml | 12 +- ...g.supervisor.pinniped.dev_oidcclients.yaml | 12 +- ....dev_activedirectoryidentityproviders.yaml | 12 +- ...or.pinniped.dev_ldapidentityproviders.yaml | 12 +- ...or.pinniped.dev_oidcidentityproviders.yaml | 12 +- .../v1alpha1/types_jwtauthenticator.go | 4 +- .../authentication/v1alpha1/types_meta.go | 75 ----------- .../v1alpha1/types_webhookauthenticator.go | 4 +- .../v1alpha1/zz_generated.deepcopy.go | 22 +--- .../supervisor/config/v1alpha1/types_meta.go | 75 ----------- .../config/v1alpha1/types_oidcclient.go | 4 +- .../config/v1alpha1/zz_generated.deepcopy.go | 20 +-- .../types_activedirectoryidentityprovider.go | 2 +- .../v1alpha1/types_ldapidentityprovider.go | 2 +- .../supervisor/idp/v1alpha1/types_meta.go | 75 ----------- .../v1alpha1/types_oidcidentityprovider.go | 2 +- .../idp/v1alpha1/zz_generated.deepcopy.go | 24 +--- .../conditionsutil/conditions_util.go | 24 ++-- .../active_directory_upstream_watcher.go | 18 +-- .../active_directory_upstream_watcher_test.go | 102 +++++++-------- .../ldap_upstream_watcher.go | 6 +- .../ldap_upstream_watcher_test.go | 58 ++++----- .../oidcclientwatcher/oidc_client_watcher.go | 4 +- .../oidc_client_watcher_test.go | 88 ++++++------- .../oidc_upstream_watcher.go | 64 +++++----- .../oidc_upstream_watcher_test.go | 62 +++++----- .../upstreamwatchers/upstream_watchers.go | 73 +++++------ .../oidcclientvalidator.go | 51 ++++---- internal/testutil/oidcclient.go | 4 +- .../supervisor_oidc_client_test.go | 8 +- test/integration/supervisor_upstream_test.go | 24 ++-- 193 files changed, 998 insertions(+), 4196 deletions(-) delete mode 100644 apis/concierge/authentication/v1alpha1/types_meta.go.tmpl delete mode 100644 apis/supervisor/config/v1alpha1/types_meta.go.tmpl delete mode 100644 apis/supervisor/idp/v1alpha1/types_meta.go.tmpl delete mode 100644 generated/1.21/apis/concierge/authentication/v1alpha1/types_meta.go delete mode 100644 generated/1.21/apis/supervisor/config/v1alpha1/types_meta.go delete mode 100644 generated/1.21/apis/supervisor/idp/v1alpha1/types_meta.go delete mode 100644 generated/1.22/apis/concierge/authentication/v1alpha1/types_meta.go delete mode 100644 generated/1.22/apis/supervisor/config/v1alpha1/types_meta.go delete mode 100644 generated/1.22/apis/supervisor/idp/v1alpha1/types_meta.go delete mode 100644 generated/1.23/apis/concierge/authentication/v1alpha1/types_meta.go delete mode 100644 generated/1.23/apis/supervisor/config/v1alpha1/types_meta.go delete mode 100644 generated/1.23/apis/supervisor/idp/v1alpha1/types_meta.go delete mode 100644 generated/1.24/apis/concierge/authentication/v1alpha1/types_meta.go delete mode 100644 generated/1.24/apis/supervisor/config/v1alpha1/types_meta.go delete mode 100644 generated/1.24/apis/supervisor/idp/v1alpha1/types_meta.go delete mode 100644 generated/1.25/apis/concierge/authentication/v1alpha1/types_meta.go delete mode 100644 generated/1.25/apis/supervisor/config/v1alpha1/types_meta.go delete mode 100644 generated/1.25/apis/supervisor/idp/v1alpha1/types_meta.go delete mode 100644 generated/1.26/apis/concierge/authentication/v1alpha1/types_meta.go delete mode 100644 generated/1.26/apis/supervisor/config/v1alpha1/types_meta.go delete mode 100644 generated/1.26/apis/supervisor/idp/v1alpha1/types_meta.go delete mode 100644 generated/1.27/apis/concierge/authentication/v1alpha1/types_meta.go delete mode 100644 generated/1.27/apis/supervisor/config/v1alpha1/types_meta.go delete mode 100644 generated/1.27/apis/supervisor/idp/v1alpha1/types_meta.go delete mode 100644 generated/1.28/apis/concierge/authentication/v1alpha1/types_meta.go delete mode 100644 generated/1.28/apis/supervisor/config/v1alpha1/types_meta.go delete mode 100644 generated/1.28/apis/supervisor/idp/v1alpha1/types_meta.go delete mode 100644 generated/latest/apis/concierge/authentication/v1alpha1/types_meta.go delete mode 100644 generated/latest/apis/supervisor/config/v1alpha1/types_meta.go delete mode 100644 generated/latest/apis/supervisor/idp/v1alpha1/types_meta.go diff --git a/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go.tmpl b/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go.tmpl index a8596b22..b0bf988b 100644 --- a/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go.tmpl +++ b/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go.tmpl @@ -1,4 +1,4 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2023 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 @@ -12,7 +12,7 @@ type JWTAuthenticatorStatus struct { // +patchStrategy=merge // +listType=map // +listMapKey=type - Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` + Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` } // Spec for configuring a JWT authenticator. diff --git a/apis/concierge/authentication/v1alpha1/types_meta.go.tmpl b/apis/concierge/authentication/v1alpha1/types_meta.go.tmpl deleted file mode 100644 index 76a7d547..00000000 --- a/apis/concierge/authentication/v1alpha1/types_meta.go.tmpl +++ /dev/null @@ -1,75 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - -// ConditionStatus is effectively an enum type for Condition.Status. -type ConditionStatus string - -// These are valid condition statuses. "ConditionTrue" means a resource is in the condition. -// "ConditionFalse" means a resource is not in the condition. "ConditionUnknown" means kubernetes -// can't decide if a resource is in the condition or not. In the future, we could add other -// intermediate conditions, e.g. ConditionDegraded. -const ( - ConditionTrue ConditionStatus = "True" - ConditionFalse ConditionStatus = "False" - ConditionUnknown ConditionStatus = "Unknown" -) - -// Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API -// version we can switch to using the upstream type. -// See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. -type Condition struct { - // type of condition in CamelCase or in foo.example.com/CamelCase. - // --- - // Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - // useful (see .node.status.conditions), the ability to deconflict is important. - // The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Pattern=`^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$` - // +kubebuilder:validation:MaxLength=316 - Type string `json:"type"` - - // status of the condition, one of True, False, Unknown. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Enum=True;False;Unknown - Status ConditionStatus `json:"status"` - - // observedGeneration represents the .metadata.generation that the condition was set based upon. - // For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - // with respect to the current state of the instance. - // +optional - // +kubebuilder:validation:Minimum=0 - ObservedGeneration int64 `json:"observedGeneration,omitempty"` - - // lastTransitionTime is the last time the condition transitioned from one status to another. - // This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Type=string - // +kubebuilder:validation:Format=date-time - LastTransitionTime metav1.Time `json:"lastTransitionTime"` - - // reason contains a programmatic identifier indicating the reason for the condition's last transition. - // Producers of specific condition types may define expected values and meanings for this field, - // and whether the values are considered a guaranteed API. - // The value should be a CamelCase string. - // This field may not be empty. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:MaxLength=1024 - // +kubebuilder:validation:MinLength=1 - // +kubebuilder:validation:Pattern=`^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$` - Reason string `json:"reason"` - - // message is a human readable message indicating details about the transition. - // This may be an empty string. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:MaxLength=32768 - Message string `json:"message"` -} diff --git a/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go.tmpl b/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go.tmpl index 77b1e045..207249b2 100644 --- a/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go.tmpl +++ b/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go.tmpl @@ -1,4 +1,4 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2023 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 @@ -12,7 +12,7 @@ type WebhookAuthenticatorStatus struct { // +patchStrategy=merge // +listType=map // +listMapKey=type - Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` + Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` } // Spec for configuring a webhook authenticator. diff --git a/apis/supervisor/config/v1alpha1/types_meta.go.tmpl b/apis/supervisor/config/v1alpha1/types_meta.go.tmpl deleted file mode 100644 index cd46a471..00000000 --- a/apis/supervisor/config/v1alpha1/types_meta.go.tmpl +++ /dev/null @@ -1,75 +0,0 @@ -// Copyright 2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - -// ConditionStatus is effectively an enum type for Condition.Status. -type ConditionStatus string - -// These are valid condition statuses. "ConditionTrue" means a resource is in the condition. -// "ConditionFalse" means a resource is not in the condition. "ConditionUnknown" means kubernetes -// can't decide if a resource is in the condition or not. In the future, we could add other -// intermediate conditions, e.g. ConditionDegraded. -const ( - ConditionTrue ConditionStatus = "True" - ConditionFalse ConditionStatus = "False" - ConditionUnknown ConditionStatus = "Unknown" -) - -// Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API -// version we can switch to using the upstream type. -// See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. -type Condition struct { - // type of condition in CamelCase or in foo.example.com/CamelCase. - // --- - // Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - // useful (see .node.status.conditions), the ability to deconflict is important. - // The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Pattern=`^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$` - // +kubebuilder:validation:MaxLength=316 - Type string `json:"type"` - - // status of the condition, one of True, False, Unknown. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Enum=True;False;Unknown - Status ConditionStatus `json:"status"` - - // observedGeneration represents the .metadata.generation that the condition was set based upon. - // For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - // with respect to the current state of the instance. - // +optional - // +kubebuilder:validation:Minimum=0 - ObservedGeneration int64 `json:"observedGeneration,omitempty"` - - // lastTransitionTime is the last time the condition transitioned from one status to another. - // This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Type=string - // +kubebuilder:validation:Format=date-time - LastTransitionTime metav1.Time `json:"lastTransitionTime"` - - // reason contains a programmatic identifier indicating the reason for the condition's last transition. - // Producers of specific condition types may define expected values and meanings for this field, - // and whether the values are considered a guaranteed API. - // The value should be a CamelCase string. - // This field may not be empty. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:MaxLength=1024 - // +kubebuilder:validation:MinLength=1 - // +kubebuilder:validation:Pattern=`^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$` - Reason string `json:"reason"` - - // message is a human readable message indicating details about the transition. - // This may be an empty string. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:MaxLength=32768 - Message string `json:"message"` -} diff --git a/apis/supervisor/config/v1alpha1/types_oidcclient.go.tmpl b/apis/supervisor/config/v1alpha1/types_oidcclient.go.tmpl index 719a597f..48f5de37 100644 --- a/apis/supervisor/config/v1alpha1/types_oidcclient.go.tmpl +++ b/apis/supervisor/config/v1alpha1/types_oidcclient.go.tmpl @@ -1,4 +1,4 @@ -// Copyright 2022 the Pinniped contributors. All Rights Reserved. +// Copyright 2022-2023 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 @@ -85,7 +85,7 @@ type OIDCClientStatus struct { // +patchStrategy=merge // +listType=map // +listMapKey=type - Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` + Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` // totalClientSecrets is the current number of client secrets that are detected for this OIDCClient. // +optional diff --git a/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go.tmpl b/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go.tmpl index a8a83e64..63fb1b55 100644 --- a/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go.tmpl +++ b/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go.tmpl @@ -32,7 +32,7 @@ type ActiveDirectoryIdentityProviderStatus struct { // +patchStrategy=merge // +listType=map // +listMapKey=type - Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` + Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` } type ActiveDirectoryIdentityProviderBind struct { diff --git a/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go.tmpl b/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go.tmpl index 5c76d6af..68200c51 100644 --- a/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go.tmpl +++ b/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go.tmpl @@ -32,7 +32,7 @@ type LDAPIdentityProviderStatus struct { // +patchStrategy=merge // +listType=map // +listMapKey=type - Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` + Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` } type LDAPIdentityProviderBind struct { diff --git a/apis/supervisor/idp/v1alpha1/types_meta.go.tmpl b/apis/supervisor/idp/v1alpha1/types_meta.go.tmpl deleted file mode 100644 index 76a7d547..00000000 --- a/apis/supervisor/idp/v1alpha1/types_meta.go.tmpl +++ /dev/null @@ -1,75 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - -// ConditionStatus is effectively an enum type for Condition.Status. -type ConditionStatus string - -// These are valid condition statuses. "ConditionTrue" means a resource is in the condition. -// "ConditionFalse" means a resource is not in the condition. "ConditionUnknown" means kubernetes -// can't decide if a resource is in the condition or not. In the future, we could add other -// intermediate conditions, e.g. ConditionDegraded. -const ( - ConditionTrue ConditionStatus = "True" - ConditionFalse ConditionStatus = "False" - ConditionUnknown ConditionStatus = "Unknown" -) - -// Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API -// version we can switch to using the upstream type. -// See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. -type Condition struct { - // type of condition in CamelCase or in foo.example.com/CamelCase. - // --- - // Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - // useful (see .node.status.conditions), the ability to deconflict is important. - // The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Pattern=`^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$` - // +kubebuilder:validation:MaxLength=316 - Type string `json:"type"` - - // status of the condition, one of True, False, Unknown. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Enum=True;False;Unknown - Status ConditionStatus `json:"status"` - - // observedGeneration represents the .metadata.generation that the condition was set based upon. - // For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - // with respect to the current state of the instance. - // +optional - // +kubebuilder:validation:Minimum=0 - ObservedGeneration int64 `json:"observedGeneration,omitempty"` - - // lastTransitionTime is the last time the condition transitioned from one status to another. - // This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Type=string - // +kubebuilder:validation:Format=date-time - LastTransitionTime metav1.Time `json:"lastTransitionTime"` - - // reason contains a programmatic identifier indicating the reason for the condition's last transition. - // Producers of specific condition types may define expected values and meanings for this field, - // and whether the values are considered a guaranteed API. - // The value should be a CamelCase string. - // This field may not be empty. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:MaxLength=1024 - // +kubebuilder:validation:MinLength=1 - // +kubebuilder:validation:Pattern=`^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$` - Reason string `json:"reason"` - - // message is a human readable message indicating details about the transition. - // This may be an empty string. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:MaxLength=32768 - Message string `json:"message"` -} diff --git a/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go.tmpl b/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go.tmpl index 99a0f47f..bdbff063 100644 --- a/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go.tmpl +++ b/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go.tmpl @@ -32,7 +32,7 @@ type OIDCIdentityProviderStatus struct { // +patchStrategy=merge // +listType=map // +listMapKey=type - Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` + Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` } // OIDCAuthorizationConfig provides information about how to form the OAuth2 authorization diff --git a/deploy/concierge/authentication.concierge.pinniped.dev_jwtauthenticators.yaml b/deploy/concierge/authentication.concierge.pinniped.dev_jwtauthenticators.yaml index a1a77773..e42e231c 100644 --- a/deploy/concierge/authentication.concierge.pinniped.dev_jwtauthenticators.yaml +++ b/deploy/concierge/authentication.concierge.pinniped.dev_jwtauthenticators.yaml @@ -97,9 +97,15 @@ spec: description: Represents the observations of the authenticator's current state. items: - description: Condition status of a resource (mirrored from the metav1.Condition - type added in Kubernetes 1.19). In a future API version we can - switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition diff --git a/deploy/concierge/authentication.concierge.pinniped.dev_webhookauthenticators.yaml b/deploy/concierge/authentication.concierge.pinniped.dev_webhookauthenticators.yaml index 07c7f1e5..9a3d96b3 100644 --- a/deploy/concierge/authentication.concierge.pinniped.dev_webhookauthenticators.yaml +++ b/deploy/concierge/authentication.concierge.pinniped.dev_webhookauthenticators.yaml @@ -70,9 +70,15 @@ spec: description: Represents the observations of the authenticator's current state. items: - description: Condition status of a resource (mirrored from the metav1.Condition - type added in Kubernetes 1.19). In a future API version we can - switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition diff --git a/deploy/supervisor/config.supervisor.pinniped.dev_oidcclients.yaml b/deploy/supervisor/config.supervisor.pinniped.dev_oidcclients.yaml index e4978627..37d4b7c8 100644 --- a/deploy/supervisor/config.supervisor.pinniped.dev_oidcclients.yaml +++ b/deploy/supervisor/config.supervisor.pinniped.dev_oidcclients.yaml @@ -129,9 +129,15 @@ spec: description: conditions represent the observations of an OIDCClient's current state. items: - description: Condition status of a resource (mirrored from the metav1.Condition - type added in Kubernetes 1.19). In a future API version we can - switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition diff --git a/deploy/supervisor/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml b/deploy/supervisor/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml index 5fab109d..fed52818 100644 --- a/deploy/supervisor/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml +++ b/deploy/supervisor/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml @@ -232,9 +232,15 @@ spec: description: Represents the observations of an identity provider's current state. items: - description: Condition status of a resource (mirrored from the metav1.Condition - type added in Kubernetes 1.19). In a future API version we can - switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition diff --git a/deploy/supervisor/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml b/deploy/supervisor/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml index 5799cb5c..0e900251 100644 --- a/deploy/supervisor/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml +++ b/deploy/supervisor/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml @@ -229,9 +229,15 @@ spec: description: Represents the observations of an identity provider's current state. items: - description: Condition status of a resource (mirrored from the metav1.Condition - type added in Kubernetes 1.19). In a future API version we can - switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition diff --git a/deploy/supervisor/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml b/deploy/supervisor/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml index 9bb24fd9..5fad2fd6 100644 --- a/deploy/supervisor/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml +++ b/deploy/supervisor/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml @@ -259,9 +259,15 @@ spec: description: Represents the observations of an identity provider's current state. items: - description: Condition status of a resource (mirrored from the metav1.Condition - type added in Kubernetes 1.19). In a future API version we can - switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition diff --git a/generated/1.21/README.adoc b/generated/1.21/README.adoc index c61fc3a5..d34a634e 100644 --- a/generated/1.21/README.adoc +++ b/generated/1.21/README.adoc @@ -23,41 +23,6 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped concierge authenticatio -[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-authentication-v1alpha1-condition"] -==== Condition - -Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API version we can switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-authentication-v1alpha1-jwtauthenticatorstatus[$$JWTAuthenticatorStatus$$] -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-authentication-v1alpha1-webhookauthenticatorstatus[$$WebhookAuthenticatorStatus$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`type`* __string__ | type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-authentication-v1alpha1-conditionstatus[$$ConditionStatus$$]__ | status of the condition, one of True, False, Unknown. -| *`observedGeneration`* __integer__ | observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. -| *`lastTransitionTime`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.21/#time-v1-meta[$$Time$$]__ | lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. -| *`reason`* __string__ | reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. -| *`message`* __string__ | message is a human readable message indicating details about the transition. This may be an empty string. -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-authentication-v1alpha1-conditionstatus"] -==== ConditionStatus (string) - -ConditionStatus is effectively an enum type for Condition.Status. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-authentication-v1alpha1-condition[$$Condition$$] -**** - - - [id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-authentication-v1alpha1-jwtauthenticator"] ==== JWTAuthenticator @@ -114,7 +79,7 @@ Status of a JWT authenticator. [cols="25a,75a", options="header"] |=== | Field | Description -| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-authentication-v1alpha1-condition[$$Condition$$] array__ | Represents the observations of the authenticator's current state. +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.21/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of the authenticator's current state. |=== @@ -207,7 +172,7 @@ Status of a webhook authenticator. [cols="25a,75a", options="header"] |=== | Field | Description -| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-authentication-v1alpha1-condition[$$Condition$$] array__ | Represents the observations of the authenticator's current state. +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.21/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of the authenticator's current state. |=== @@ -667,40 +632,6 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped supervisor configuratio -[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-config-v1alpha1-condition"] -==== Condition - -Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API version we can switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-config-v1alpha1-oidcclientstatus[$$OIDCClientStatus$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`type`* __string__ | type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-config-v1alpha1-conditionstatus[$$ConditionStatus$$]__ | status of the condition, one of True, False, Unknown. -| *`observedGeneration`* __integer__ | observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. -| *`lastTransitionTime`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.21/#time-v1-meta[$$Time$$]__ | lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. -| *`reason`* __string__ | reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. -| *`message`* __string__ | message is a human readable message indicating details about the transition. This may be an empty string. -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-config-v1alpha1-conditionstatus"] -==== ConditionStatus (string) - -ConditionStatus is effectively an enum type for Condition.Status. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-config-v1alpha1-condition[$$Condition$$] -**** - - - [id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-config-v1alpha1-federationdomain"] ==== FederationDomain @@ -896,7 +827,7 @@ OIDCClientStatus is a struct that describes the actual state of an OIDCClient. |=== | Field | Description | *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-config-v1alpha1-oidcclientphase[$$OIDCClientPhase$$]__ | phase summarizes the overall status of the OIDCClient. -| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-config-v1alpha1-condition[$$Condition$$] array__ | conditions represent the observations of an OIDCClient's current state. +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.21/#condition-v1-meta[$$Condition$$] array__ | conditions represent the observations of an OIDCClient's current state. | *`totalClientSecrets`* __integer__ | totalClientSecrets is the current number of client secrets that are detected for this OIDCClient. |=== @@ -1280,7 +1211,7 @@ Status of an Active Directory identity provider. |=== | Field | Description | *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderphase[$$ActiveDirectoryIdentityProviderPhase$$]__ | Phase summarizes the overall status of the ActiveDirectoryIdentityProvider. -| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-condition[$$Condition$$] array__ | Represents the observations of an identity provider's current state. +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.21/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of an identity provider's current state. |=== @@ -1321,42 +1252,6 @@ Status of an Active Directory identity provider. |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-condition"] -==== Condition - -Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API version we can switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderstatus[$$ActiveDirectoryIdentityProviderStatus$$] -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-ldapidentityproviderstatus[$$LDAPIdentityProviderStatus$$] -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-oidcidentityproviderstatus[$$OIDCIdentityProviderStatus$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`type`* __string__ | type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-conditionstatus[$$ConditionStatus$$]__ | status of the condition, one of True, False, Unknown. -| *`observedGeneration`* __integer__ | observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. -| *`lastTransitionTime`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.21/#time-v1-meta[$$Time$$]__ | lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. -| *`reason`* __string__ | reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. -| *`message`* __string__ | message is a human readable message indicating details about the transition. This may be an empty string. -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-conditionstatus"] -==== ConditionStatus (string) - -ConditionStatus is effectively an enum type for Condition.Status. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-condition[$$Condition$$] -**** - - - [id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-ldapidentityprovider"] ==== LDAPIdentityProvider @@ -1484,7 +1379,7 @@ Status of an LDAP identity provider. |=== | Field | Description | *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-ldapidentityproviderphase[$$LDAPIdentityProviderPhase$$]__ | Phase summarizes the overall status of the LDAPIdentityProvider. -| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-condition[$$Condition$$] array__ | Represents the observations of an identity provider's current state. +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.21/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of an identity provider's current state. |=== @@ -1649,7 +1544,7 @@ OIDCIdentityProviderStatus is the status of an OIDC identity provider. |=== | Field | Description | *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-oidcidentityproviderphase[$$OIDCIdentityProviderPhase$$]__ | Phase summarizes the overall status of the OIDCIdentityProvider. -| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-condition[$$Condition$$] array__ | Represents the observations of an identity provider's current state. +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.21/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of an identity provider's current state. |=== diff --git a/generated/1.21/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go b/generated/1.21/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go index a8596b22..b0bf988b 100644 --- a/generated/1.21/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go +++ b/generated/1.21/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2023 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 @@ -12,7 +12,7 @@ type JWTAuthenticatorStatus struct { // +patchStrategy=merge // +listType=map // +listMapKey=type - Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` + Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` } // Spec for configuring a JWT authenticator. diff --git a/generated/1.21/apis/concierge/authentication/v1alpha1/types_meta.go b/generated/1.21/apis/concierge/authentication/v1alpha1/types_meta.go deleted file mode 100644 index 76a7d547..00000000 --- a/generated/1.21/apis/concierge/authentication/v1alpha1/types_meta.go +++ /dev/null @@ -1,75 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - -// ConditionStatus is effectively an enum type for Condition.Status. -type ConditionStatus string - -// These are valid condition statuses. "ConditionTrue" means a resource is in the condition. -// "ConditionFalse" means a resource is not in the condition. "ConditionUnknown" means kubernetes -// can't decide if a resource is in the condition or not. In the future, we could add other -// intermediate conditions, e.g. ConditionDegraded. -const ( - ConditionTrue ConditionStatus = "True" - ConditionFalse ConditionStatus = "False" - ConditionUnknown ConditionStatus = "Unknown" -) - -// Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API -// version we can switch to using the upstream type. -// See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. -type Condition struct { - // type of condition in CamelCase or in foo.example.com/CamelCase. - // --- - // Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - // useful (see .node.status.conditions), the ability to deconflict is important. - // The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Pattern=`^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$` - // +kubebuilder:validation:MaxLength=316 - Type string `json:"type"` - - // status of the condition, one of True, False, Unknown. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Enum=True;False;Unknown - Status ConditionStatus `json:"status"` - - // observedGeneration represents the .metadata.generation that the condition was set based upon. - // For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - // with respect to the current state of the instance. - // +optional - // +kubebuilder:validation:Minimum=0 - ObservedGeneration int64 `json:"observedGeneration,omitempty"` - - // lastTransitionTime is the last time the condition transitioned from one status to another. - // This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Type=string - // +kubebuilder:validation:Format=date-time - LastTransitionTime metav1.Time `json:"lastTransitionTime"` - - // reason contains a programmatic identifier indicating the reason for the condition's last transition. - // Producers of specific condition types may define expected values and meanings for this field, - // and whether the values are considered a guaranteed API. - // The value should be a CamelCase string. - // This field may not be empty. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:MaxLength=1024 - // +kubebuilder:validation:MinLength=1 - // +kubebuilder:validation:Pattern=`^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$` - Reason string `json:"reason"` - - // message is a human readable message indicating details about the transition. - // This may be an empty string. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:MaxLength=32768 - Message string `json:"message"` -} diff --git a/generated/1.21/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go b/generated/1.21/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go index 77b1e045..207249b2 100644 --- a/generated/1.21/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go +++ b/generated/1.21/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2023 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 @@ -12,7 +12,7 @@ type WebhookAuthenticatorStatus struct { // +patchStrategy=merge // +listType=map // +listMapKey=type - Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` + Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` } // Spec for configuring a webhook authenticator. diff --git a/generated/1.21/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go b/generated/1.21/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go index 9a0828bc..2b36eaa8 100644 --- a/generated/1.21/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.21/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go @@ -9,26 +9,10 @@ package v1alpha1 import ( + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" ) -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Condition) DeepCopyInto(out *Condition) { - *out = *in - in.LastTransitionTime.DeepCopyInto(&out.LastTransitionTime) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Condition. -func (in *Condition) DeepCopy() *Condition { - if in == nil { - return nil - } - out := new(Condition) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *JWTAuthenticator) DeepCopyInto(out *JWTAuthenticator) { *out = *in @@ -117,7 +101,7 @@ func (in *JWTAuthenticatorStatus) DeepCopyInto(out *JWTAuthenticatorStatus) { *out = *in if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions - *out = make([]Condition, len(*in)) + *out = make([]v1.Condition, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -254,7 +238,7 @@ func (in *WebhookAuthenticatorStatus) DeepCopyInto(out *WebhookAuthenticatorStat *out = *in if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions - *out = make([]Condition, len(*in)) + *out = make([]v1.Condition, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } diff --git a/generated/1.21/apis/supervisor/config/v1alpha1/types_meta.go b/generated/1.21/apis/supervisor/config/v1alpha1/types_meta.go deleted file mode 100644 index cd46a471..00000000 --- a/generated/1.21/apis/supervisor/config/v1alpha1/types_meta.go +++ /dev/null @@ -1,75 +0,0 @@ -// Copyright 2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - -// ConditionStatus is effectively an enum type for Condition.Status. -type ConditionStatus string - -// These are valid condition statuses. "ConditionTrue" means a resource is in the condition. -// "ConditionFalse" means a resource is not in the condition. "ConditionUnknown" means kubernetes -// can't decide if a resource is in the condition or not. In the future, we could add other -// intermediate conditions, e.g. ConditionDegraded. -const ( - ConditionTrue ConditionStatus = "True" - ConditionFalse ConditionStatus = "False" - ConditionUnknown ConditionStatus = "Unknown" -) - -// Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API -// version we can switch to using the upstream type. -// See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. -type Condition struct { - // type of condition in CamelCase or in foo.example.com/CamelCase. - // --- - // Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - // useful (see .node.status.conditions), the ability to deconflict is important. - // The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Pattern=`^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$` - // +kubebuilder:validation:MaxLength=316 - Type string `json:"type"` - - // status of the condition, one of True, False, Unknown. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Enum=True;False;Unknown - Status ConditionStatus `json:"status"` - - // observedGeneration represents the .metadata.generation that the condition was set based upon. - // For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - // with respect to the current state of the instance. - // +optional - // +kubebuilder:validation:Minimum=0 - ObservedGeneration int64 `json:"observedGeneration,omitempty"` - - // lastTransitionTime is the last time the condition transitioned from one status to another. - // This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Type=string - // +kubebuilder:validation:Format=date-time - LastTransitionTime metav1.Time `json:"lastTransitionTime"` - - // reason contains a programmatic identifier indicating the reason for the condition's last transition. - // Producers of specific condition types may define expected values and meanings for this field, - // and whether the values are considered a guaranteed API. - // The value should be a CamelCase string. - // This field may not be empty. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:MaxLength=1024 - // +kubebuilder:validation:MinLength=1 - // +kubebuilder:validation:Pattern=`^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$` - Reason string `json:"reason"` - - // message is a human readable message indicating details about the transition. - // This may be an empty string. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:MaxLength=32768 - Message string `json:"message"` -} diff --git a/generated/1.21/apis/supervisor/config/v1alpha1/types_oidcclient.go b/generated/1.21/apis/supervisor/config/v1alpha1/types_oidcclient.go index 719a597f..48f5de37 100644 --- a/generated/1.21/apis/supervisor/config/v1alpha1/types_oidcclient.go +++ b/generated/1.21/apis/supervisor/config/v1alpha1/types_oidcclient.go @@ -1,4 +1,4 @@ -// Copyright 2022 the Pinniped contributors. All Rights Reserved. +// Copyright 2022-2023 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 @@ -85,7 +85,7 @@ type OIDCClientStatus struct { // +patchStrategy=merge // +listType=map // +listMapKey=type - Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` + Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` // totalClientSecrets is the current number of client secrets that are detected for this OIDCClient. // +optional diff --git a/generated/1.21/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go b/generated/1.21/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go index 68201378..77defc47 100644 --- a/generated/1.21/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.21/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go @@ -9,26 +9,10 @@ package v1alpha1 import ( + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" ) -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Condition) DeepCopyInto(out *Condition) { - *out = *in - in.LastTransitionTime.DeepCopyInto(&out.LastTransitionTime) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Condition. -func (in *Condition) DeepCopy() *Condition { - if in == nil { - return nil - } - out := new(Condition) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *FederationDomain) DeepCopyInto(out *FederationDomain) { *out = *in @@ -265,7 +249,7 @@ func (in *OIDCClientStatus) DeepCopyInto(out *OIDCClientStatus) { *out = *in if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions - *out = make([]Condition, len(*in)) + *out = make([]v1.Condition, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } diff --git a/generated/1.21/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go b/generated/1.21/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go index a8a83e64..63fb1b55 100644 --- a/generated/1.21/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go +++ b/generated/1.21/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go @@ -32,7 +32,7 @@ type ActiveDirectoryIdentityProviderStatus struct { // +patchStrategy=merge // +listType=map // +listMapKey=type - Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` + Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` } type ActiveDirectoryIdentityProviderBind struct { diff --git a/generated/1.21/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go b/generated/1.21/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go index 5c76d6af..68200c51 100644 --- a/generated/1.21/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go +++ b/generated/1.21/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go @@ -32,7 +32,7 @@ type LDAPIdentityProviderStatus struct { // +patchStrategy=merge // +listType=map // +listMapKey=type - Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` + Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` } type LDAPIdentityProviderBind struct { diff --git a/generated/1.21/apis/supervisor/idp/v1alpha1/types_meta.go b/generated/1.21/apis/supervisor/idp/v1alpha1/types_meta.go deleted file mode 100644 index 76a7d547..00000000 --- a/generated/1.21/apis/supervisor/idp/v1alpha1/types_meta.go +++ /dev/null @@ -1,75 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - -// ConditionStatus is effectively an enum type for Condition.Status. -type ConditionStatus string - -// These are valid condition statuses. "ConditionTrue" means a resource is in the condition. -// "ConditionFalse" means a resource is not in the condition. "ConditionUnknown" means kubernetes -// can't decide if a resource is in the condition or not. In the future, we could add other -// intermediate conditions, e.g. ConditionDegraded. -const ( - ConditionTrue ConditionStatus = "True" - ConditionFalse ConditionStatus = "False" - ConditionUnknown ConditionStatus = "Unknown" -) - -// Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API -// version we can switch to using the upstream type. -// See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. -type Condition struct { - // type of condition in CamelCase or in foo.example.com/CamelCase. - // --- - // Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - // useful (see .node.status.conditions), the ability to deconflict is important. - // The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Pattern=`^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$` - // +kubebuilder:validation:MaxLength=316 - Type string `json:"type"` - - // status of the condition, one of True, False, Unknown. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Enum=True;False;Unknown - Status ConditionStatus `json:"status"` - - // observedGeneration represents the .metadata.generation that the condition was set based upon. - // For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - // with respect to the current state of the instance. - // +optional - // +kubebuilder:validation:Minimum=0 - ObservedGeneration int64 `json:"observedGeneration,omitempty"` - - // lastTransitionTime is the last time the condition transitioned from one status to another. - // This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Type=string - // +kubebuilder:validation:Format=date-time - LastTransitionTime metav1.Time `json:"lastTransitionTime"` - - // reason contains a programmatic identifier indicating the reason for the condition's last transition. - // Producers of specific condition types may define expected values and meanings for this field, - // and whether the values are considered a guaranteed API. - // The value should be a CamelCase string. - // This field may not be empty. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:MaxLength=1024 - // +kubebuilder:validation:MinLength=1 - // +kubebuilder:validation:Pattern=`^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$` - Reason string `json:"reason"` - - // message is a human readable message indicating details about the transition. - // This may be an empty string. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:MaxLength=32768 - Message string `json:"message"` -} diff --git a/generated/1.21/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go b/generated/1.21/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go index 99a0f47f..bdbff063 100644 --- a/generated/1.21/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go +++ b/generated/1.21/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go @@ -32,7 +32,7 @@ type OIDCIdentityProviderStatus struct { // +patchStrategy=merge // +listType=map // +listMapKey=type - Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` + Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` } // OIDCAuthorizationConfig provides information about how to form the OAuth2 authorization diff --git a/generated/1.21/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go b/generated/1.21/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go index 62cd7d8e..ad0a3806 100644 --- a/generated/1.21/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.21/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go @@ -9,6 +9,7 @@ package v1alpha1 import ( + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" ) @@ -151,7 +152,7 @@ func (in *ActiveDirectoryIdentityProviderStatus) DeepCopyInto(out *ActiveDirecto *out = *in if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions - *out = make([]Condition, len(*in)) + *out = make([]v1.Condition, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -202,23 +203,6 @@ func (in *ActiveDirectoryIdentityProviderUserSearchAttributes) DeepCopy() *Activ return out } -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Condition) DeepCopyInto(out *Condition) { - *out = *in - in.LastTransitionTime.DeepCopyInto(&out.LastTransitionTime) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Condition. -func (in *Condition) DeepCopy() *Condition { - if in == nil { - return nil - } - out := new(Condition) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *LDAPIdentityProvider) DeepCopyInto(out *LDAPIdentityProvider) { *out = *in @@ -358,7 +342,7 @@ func (in *LDAPIdentityProviderStatus) DeepCopyInto(out *LDAPIdentityProviderStat *out = *in if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions - *out = make([]Condition, len(*in)) + *out = make([]v1.Condition, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -564,7 +548,7 @@ func (in *OIDCIdentityProviderStatus) DeepCopyInto(out *OIDCIdentityProviderStat *out = *in if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions - *out = make([]Condition, len(*in)) + *out = make([]v1.Condition, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } diff --git a/generated/1.21/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml b/generated/1.21/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml index a1a77773..d7fcf0c1 100644 --- a/generated/1.21/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml +++ b/generated/1.21/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml @@ -97,9 +97,15 @@ spec: description: Represents the observations of the authenticator's current state. items: - description: Condition status of a resource (mirrored from the metav1.Condition - type added in Kubernetes 1.19). In a future API version we can - switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + type FooStatus struct{ // Represents the observations of a foo's + current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition diff --git a/generated/1.21/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml b/generated/1.21/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml index 07c7f1e5..e5f71b07 100644 --- a/generated/1.21/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml +++ b/generated/1.21/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml @@ -70,9 +70,15 @@ spec: description: Represents the observations of the authenticator's current state. items: - description: Condition status of a resource (mirrored from the metav1.Condition - type added in Kubernetes 1.19). In a future API version we can - switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + type FooStatus struct{ // Represents the observations of a foo's + current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition diff --git a/generated/1.21/crds/config.supervisor.pinniped.dev_oidcclients.yaml b/generated/1.21/crds/config.supervisor.pinniped.dev_oidcclients.yaml index e4978627..9479255f 100644 --- a/generated/1.21/crds/config.supervisor.pinniped.dev_oidcclients.yaml +++ b/generated/1.21/crds/config.supervisor.pinniped.dev_oidcclients.yaml @@ -129,9 +129,15 @@ spec: description: conditions represent the observations of an OIDCClient's current state. items: - description: Condition status of a resource (mirrored from the metav1.Condition - type added in Kubernetes 1.19). In a future API version we can - switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + type FooStatus struct{ // Represents the observations of a foo's + current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition diff --git a/generated/1.21/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml b/generated/1.21/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml index 5fab109d..fb3f6768 100644 --- a/generated/1.21/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml +++ b/generated/1.21/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml @@ -232,9 +232,15 @@ spec: description: Represents the observations of an identity provider's current state. items: - description: Condition status of a resource (mirrored from the metav1.Condition - type added in Kubernetes 1.19). In a future API version we can - switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + type FooStatus struct{ // Represents the observations of a foo's + current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition diff --git a/generated/1.21/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml b/generated/1.21/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml index 5799cb5c..69f52cce 100644 --- a/generated/1.21/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml +++ b/generated/1.21/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml @@ -229,9 +229,15 @@ spec: description: Represents the observations of an identity provider's current state. items: - description: Condition status of a resource (mirrored from the metav1.Condition - type added in Kubernetes 1.19). In a future API version we can - switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + type FooStatus struct{ // Represents the observations of a foo's + current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition diff --git a/generated/1.21/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml b/generated/1.21/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml index 9bb24fd9..366436e7 100644 --- a/generated/1.21/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml +++ b/generated/1.21/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml @@ -259,9 +259,15 @@ spec: description: Represents the observations of an identity provider's current state. items: - description: Condition status of a resource (mirrored from the metav1.Condition - type added in Kubernetes 1.19). In a future API version we can - switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + type FooStatus struct{ // Represents the observations of a foo's + current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition diff --git a/generated/1.22/README.adoc b/generated/1.22/README.adoc index 380e0b57..8d17cd49 100644 --- a/generated/1.22/README.adoc +++ b/generated/1.22/README.adoc @@ -23,41 +23,6 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped concierge authenticatio -[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-authentication-v1alpha1-condition"] -==== Condition - -Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API version we can switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-authentication-v1alpha1-jwtauthenticatorstatus[$$JWTAuthenticatorStatus$$] -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-authentication-v1alpha1-webhookauthenticatorstatus[$$WebhookAuthenticatorStatus$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`type`* __string__ | type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-authentication-v1alpha1-conditionstatus[$$ConditionStatus$$]__ | status of the condition, one of True, False, Unknown. -| *`observedGeneration`* __integer__ | observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. -| *`lastTransitionTime`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.22/#time-v1-meta[$$Time$$]__ | lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. -| *`reason`* __string__ | reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. -| *`message`* __string__ | message is a human readable message indicating details about the transition. This may be an empty string. -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-authentication-v1alpha1-conditionstatus"] -==== ConditionStatus (string) - -ConditionStatus is effectively an enum type for Condition.Status. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-authentication-v1alpha1-condition[$$Condition$$] -**** - - - [id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-authentication-v1alpha1-jwtauthenticator"] ==== JWTAuthenticator @@ -114,7 +79,7 @@ Status of a JWT authenticator. [cols="25a,75a", options="header"] |=== | Field | Description -| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-authentication-v1alpha1-condition[$$Condition$$] array__ | Represents the observations of the authenticator's current state. +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.22/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of the authenticator's current state. |=== @@ -207,7 +172,7 @@ Status of a webhook authenticator. [cols="25a,75a", options="header"] |=== | Field | Description -| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-authentication-v1alpha1-condition[$$Condition$$] array__ | Represents the observations of the authenticator's current state. +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.22/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of the authenticator's current state. |=== @@ -667,40 +632,6 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped supervisor configuratio -[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-config-v1alpha1-condition"] -==== Condition - -Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API version we can switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-config-v1alpha1-oidcclientstatus[$$OIDCClientStatus$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`type`* __string__ | type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-config-v1alpha1-conditionstatus[$$ConditionStatus$$]__ | status of the condition, one of True, False, Unknown. -| *`observedGeneration`* __integer__ | observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. -| *`lastTransitionTime`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.22/#time-v1-meta[$$Time$$]__ | lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. -| *`reason`* __string__ | reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. -| *`message`* __string__ | message is a human readable message indicating details about the transition. This may be an empty string. -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-config-v1alpha1-conditionstatus"] -==== ConditionStatus (string) - -ConditionStatus is effectively an enum type for Condition.Status. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-config-v1alpha1-condition[$$Condition$$] -**** - - - [id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-config-v1alpha1-federationdomain"] ==== FederationDomain @@ -896,7 +827,7 @@ OIDCClientStatus is a struct that describes the actual state of an OIDCClient. |=== | Field | Description | *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-config-v1alpha1-oidcclientphase[$$OIDCClientPhase$$]__ | phase summarizes the overall status of the OIDCClient. -| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-config-v1alpha1-condition[$$Condition$$] array__ | conditions represent the observations of an OIDCClient's current state. +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.22/#condition-v1-meta[$$Condition$$] array__ | conditions represent the observations of an OIDCClient's current state. | *`totalClientSecrets`* __integer__ | totalClientSecrets is the current number of client secrets that are detected for this OIDCClient. |=== @@ -1280,7 +1211,7 @@ Status of an Active Directory identity provider. |=== | Field | Description | *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderphase[$$ActiveDirectoryIdentityProviderPhase$$]__ | Phase summarizes the overall status of the ActiveDirectoryIdentityProvider. -| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-condition[$$Condition$$] array__ | Represents the observations of an identity provider's current state. +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.22/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of an identity provider's current state. |=== @@ -1321,42 +1252,6 @@ Status of an Active Directory identity provider. |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-condition"] -==== Condition - -Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API version we can switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderstatus[$$ActiveDirectoryIdentityProviderStatus$$] -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-ldapidentityproviderstatus[$$LDAPIdentityProviderStatus$$] -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-oidcidentityproviderstatus[$$OIDCIdentityProviderStatus$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`type`* __string__ | type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-conditionstatus[$$ConditionStatus$$]__ | status of the condition, one of True, False, Unknown. -| *`observedGeneration`* __integer__ | observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. -| *`lastTransitionTime`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.22/#time-v1-meta[$$Time$$]__ | lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. -| *`reason`* __string__ | reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. -| *`message`* __string__ | message is a human readable message indicating details about the transition. This may be an empty string. -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-conditionstatus"] -==== ConditionStatus (string) - -ConditionStatus is effectively an enum type for Condition.Status. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-condition[$$Condition$$] -**** - - - [id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-ldapidentityprovider"] ==== LDAPIdentityProvider @@ -1484,7 +1379,7 @@ Status of an LDAP identity provider. |=== | Field | Description | *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-ldapidentityproviderphase[$$LDAPIdentityProviderPhase$$]__ | Phase summarizes the overall status of the LDAPIdentityProvider. -| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-condition[$$Condition$$] array__ | Represents the observations of an identity provider's current state. +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.22/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of an identity provider's current state. |=== @@ -1649,7 +1544,7 @@ OIDCIdentityProviderStatus is the status of an OIDC identity provider. |=== | Field | Description | *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-oidcidentityproviderphase[$$OIDCIdentityProviderPhase$$]__ | Phase summarizes the overall status of the OIDCIdentityProvider. -| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-condition[$$Condition$$] array__ | Represents the observations of an identity provider's current state. +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.22/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of an identity provider's current state. |=== diff --git a/generated/1.22/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go b/generated/1.22/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go index a8596b22..b0bf988b 100644 --- a/generated/1.22/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go +++ b/generated/1.22/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2023 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 @@ -12,7 +12,7 @@ type JWTAuthenticatorStatus struct { // +patchStrategy=merge // +listType=map // +listMapKey=type - Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` + Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` } // Spec for configuring a JWT authenticator. diff --git a/generated/1.22/apis/concierge/authentication/v1alpha1/types_meta.go b/generated/1.22/apis/concierge/authentication/v1alpha1/types_meta.go deleted file mode 100644 index 76a7d547..00000000 --- a/generated/1.22/apis/concierge/authentication/v1alpha1/types_meta.go +++ /dev/null @@ -1,75 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - -// ConditionStatus is effectively an enum type for Condition.Status. -type ConditionStatus string - -// These are valid condition statuses. "ConditionTrue" means a resource is in the condition. -// "ConditionFalse" means a resource is not in the condition. "ConditionUnknown" means kubernetes -// can't decide if a resource is in the condition or not. In the future, we could add other -// intermediate conditions, e.g. ConditionDegraded. -const ( - ConditionTrue ConditionStatus = "True" - ConditionFalse ConditionStatus = "False" - ConditionUnknown ConditionStatus = "Unknown" -) - -// Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API -// version we can switch to using the upstream type. -// See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. -type Condition struct { - // type of condition in CamelCase or in foo.example.com/CamelCase. - // --- - // Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - // useful (see .node.status.conditions), the ability to deconflict is important. - // The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Pattern=`^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$` - // +kubebuilder:validation:MaxLength=316 - Type string `json:"type"` - - // status of the condition, one of True, False, Unknown. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Enum=True;False;Unknown - Status ConditionStatus `json:"status"` - - // observedGeneration represents the .metadata.generation that the condition was set based upon. - // For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - // with respect to the current state of the instance. - // +optional - // +kubebuilder:validation:Minimum=0 - ObservedGeneration int64 `json:"observedGeneration,omitempty"` - - // lastTransitionTime is the last time the condition transitioned from one status to another. - // This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Type=string - // +kubebuilder:validation:Format=date-time - LastTransitionTime metav1.Time `json:"lastTransitionTime"` - - // reason contains a programmatic identifier indicating the reason for the condition's last transition. - // Producers of specific condition types may define expected values and meanings for this field, - // and whether the values are considered a guaranteed API. - // The value should be a CamelCase string. - // This field may not be empty. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:MaxLength=1024 - // +kubebuilder:validation:MinLength=1 - // +kubebuilder:validation:Pattern=`^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$` - Reason string `json:"reason"` - - // message is a human readable message indicating details about the transition. - // This may be an empty string. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:MaxLength=32768 - Message string `json:"message"` -} diff --git a/generated/1.22/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go b/generated/1.22/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go index 77b1e045..207249b2 100644 --- a/generated/1.22/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go +++ b/generated/1.22/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2023 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 @@ -12,7 +12,7 @@ type WebhookAuthenticatorStatus struct { // +patchStrategy=merge // +listType=map // +listMapKey=type - Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` + Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` } // Spec for configuring a webhook authenticator. diff --git a/generated/1.22/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go b/generated/1.22/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go index 9a0828bc..2b36eaa8 100644 --- a/generated/1.22/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.22/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go @@ -9,26 +9,10 @@ package v1alpha1 import ( + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" ) -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Condition) DeepCopyInto(out *Condition) { - *out = *in - in.LastTransitionTime.DeepCopyInto(&out.LastTransitionTime) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Condition. -func (in *Condition) DeepCopy() *Condition { - if in == nil { - return nil - } - out := new(Condition) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *JWTAuthenticator) DeepCopyInto(out *JWTAuthenticator) { *out = *in @@ -117,7 +101,7 @@ func (in *JWTAuthenticatorStatus) DeepCopyInto(out *JWTAuthenticatorStatus) { *out = *in if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions - *out = make([]Condition, len(*in)) + *out = make([]v1.Condition, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -254,7 +238,7 @@ func (in *WebhookAuthenticatorStatus) DeepCopyInto(out *WebhookAuthenticatorStat *out = *in if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions - *out = make([]Condition, len(*in)) + *out = make([]v1.Condition, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } diff --git a/generated/1.22/apis/supervisor/config/v1alpha1/types_meta.go b/generated/1.22/apis/supervisor/config/v1alpha1/types_meta.go deleted file mode 100644 index cd46a471..00000000 --- a/generated/1.22/apis/supervisor/config/v1alpha1/types_meta.go +++ /dev/null @@ -1,75 +0,0 @@ -// Copyright 2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - -// ConditionStatus is effectively an enum type for Condition.Status. -type ConditionStatus string - -// These are valid condition statuses. "ConditionTrue" means a resource is in the condition. -// "ConditionFalse" means a resource is not in the condition. "ConditionUnknown" means kubernetes -// can't decide if a resource is in the condition or not. In the future, we could add other -// intermediate conditions, e.g. ConditionDegraded. -const ( - ConditionTrue ConditionStatus = "True" - ConditionFalse ConditionStatus = "False" - ConditionUnknown ConditionStatus = "Unknown" -) - -// Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API -// version we can switch to using the upstream type. -// See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. -type Condition struct { - // type of condition in CamelCase or in foo.example.com/CamelCase. - // --- - // Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - // useful (see .node.status.conditions), the ability to deconflict is important. - // The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Pattern=`^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$` - // +kubebuilder:validation:MaxLength=316 - Type string `json:"type"` - - // status of the condition, one of True, False, Unknown. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Enum=True;False;Unknown - Status ConditionStatus `json:"status"` - - // observedGeneration represents the .metadata.generation that the condition was set based upon. - // For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - // with respect to the current state of the instance. - // +optional - // +kubebuilder:validation:Minimum=0 - ObservedGeneration int64 `json:"observedGeneration,omitempty"` - - // lastTransitionTime is the last time the condition transitioned from one status to another. - // This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Type=string - // +kubebuilder:validation:Format=date-time - LastTransitionTime metav1.Time `json:"lastTransitionTime"` - - // reason contains a programmatic identifier indicating the reason for the condition's last transition. - // Producers of specific condition types may define expected values and meanings for this field, - // and whether the values are considered a guaranteed API. - // The value should be a CamelCase string. - // This field may not be empty. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:MaxLength=1024 - // +kubebuilder:validation:MinLength=1 - // +kubebuilder:validation:Pattern=`^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$` - Reason string `json:"reason"` - - // message is a human readable message indicating details about the transition. - // This may be an empty string. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:MaxLength=32768 - Message string `json:"message"` -} diff --git a/generated/1.22/apis/supervisor/config/v1alpha1/types_oidcclient.go b/generated/1.22/apis/supervisor/config/v1alpha1/types_oidcclient.go index 719a597f..48f5de37 100644 --- a/generated/1.22/apis/supervisor/config/v1alpha1/types_oidcclient.go +++ b/generated/1.22/apis/supervisor/config/v1alpha1/types_oidcclient.go @@ -1,4 +1,4 @@ -// Copyright 2022 the Pinniped contributors. All Rights Reserved. +// Copyright 2022-2023 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 @@ -85,7 +85,7 @@ type OIDCClientStatus struct { // +patchStrategy=merge // +listType=map // +listMapKey=type - Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` + Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` // totalClientSecrets is the current number of client secrets that are detected for this OIDCClient. // +optional diff --git a/generated/1.22/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go b/generated/1.22/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go index 68201378..77defc47 100644 --- a/generated/1.22/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.22/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go @@ -9,26 +9,10 @@ package v1alpha1 import ( + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" ) -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Condition) DeepCopyInto(out *Condition) { - *out = *in - in.LastTransitionTime.DeepCopyInto(&out.LastTransitionTime) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Condition. -func (in *Condition) DeepCopy() *Condition { - if in == nil { - return nil - } - out := new(Condition) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *FederationDomain) DeepCopyInto(out *FederationDomain) { *out = *in @@ -265,7 +249,7 @@ func (in *OIDCClientStatus) DeepCopyInto(out *OIDCClientStatus) { *out = *in if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions - *out = make([]Condition, len(*in)) + *out = make([]v1.Condition, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } diff --git a/generated/1.22/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go b/generated/1.22/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go index a8a83e64..63fb1b55 100644 --- a/generated/1.22/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go +++ b/generated/1.22/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go @@ -32,7 +32,7 @@ type ActiveDirectoryIdentityProviderStatus struct { // +patchStrategy=merge // +listType=map // +listMapKey=type - Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` + Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` } type ActiveDirectoryIdentityProviderBind struct { diff --git a/generated/1.22/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go b/generated/1.22/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go index 5c76d6af..68200c51 100644 --- a/generated/1.22/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go +++ b/generated/1.22/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go @@ -32,7 +32,7 @@ type LDAPIdentityProviderStatus struct { // +patchStrategy=merge // +listType=map // +listMapKey=type - Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` + Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` } type LDAPIdentityProviderBind struct { diff --git a/generated/1.22/apis/supervisor/idp/v1alpha1/types_meta.go b/generated/1.22/apis/supervisor/idp/v1alpha1/types_meta.go deleted file mode 100644 index 76a7d547..00000000 --- a/generated/1.22/apis/supervisor/idp/v1alpha1/types_meta.go +++ /dev/null @@ -1,75 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - -// ConditionStatus is effectively an enum type for Condition.Status. -type ConditionStatus string - -// These are valid condition statuses. "ConditionTrue" means a resource is in the condition. -// "ConditionFalse" means a resource is not in the condition. "ConditionUnknown" means kubernetes -// can't decide if a resource is in the condition or not. In the future, we could add other -// intermediate conditions, e.g. ConditionDegraded. -const ( - ConditionTrue ConditionStatus = "True" - ConditionFalse ConditionStatus = "False" - ConditionUnknown ConditionStatus = "Unknown" -) - -// Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API -// version we can switch to using the upstream type. -// See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. -type Condition struct { - // type of condition in CamelCase or in foo.example.com/CamelCase. - // --- - // Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - // useful (see .node.status.conditions), the ability to deconflict is important. - // The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Pattern=`^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$` - // +kubebuilder:validation:MaxLength=316 - Type string `json:"type"` - - // status of the condition, one of True, False, Unknown. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Enum=True;False;Unknown - Status ConditionStatus `json:"status"` - - // observedGeneration represents the .metadata.generation that the condition was set based upon. - // For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - // with respect to the current state of the instance. - // +optional - // +kubebuilder:validation:Minimum=0 - ObservedGeneration int64 `json:"observedGeneration,omitempty"` - - // lastTransitionTime is the last time the condition transitioned from one status to another. - // This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Type=string - // +kubebuilder:validation:Format=date-time - LastTransitionTime metav1.Time `json:"lastTransitionTime"` - - // reason contains a programmatic identifier indicating the reason for the condition's last transition. - // Producers of specific condition types may define expected values and meanings for this field, - // and whether the values are considered a guaranteed API. - // The value should be a CamelCase string. - // This field may not be empty. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:MaxLength=1024 - // +kubebuilder:validation:MinLength=1 - // +kubebuilder:validation:Pattern=`^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$` - Reason string `json:"reason"` - - // message is a human readable message indicating details about the transition. - // This may be an empty string. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:MaxLength=32768 - Message string `json:"message"` -} diff --git a/generated/1.22/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go b/generated/1.22/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go index 99a0f47f..bdbff063 100644 --- a/generated/1.22/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go +++ b/generated/1.22/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go @@ -32,7 +32,7 @@ type OIDCIdentityProviderStatus struct { // +patchStrategy=merge // +listType=map // +listMapKey=type - Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` + Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` } // OIDCAuthorizationConfig provides information about how to form the OAuth2 authorization diff --git a/generated/1.22/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go b/generated/1.22/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go index 62cd7d8e..ad0a3806 100644 --- a/generated/1.22/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.22/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go @@ -9,6 +9,7 @@ package v1alpha1 import ( + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" ) @@ -151,7 +152,7 @@ func (in *ActiveDirectoryIdentityProviderStatus) DeepCopyInto(out *ActiveDirecto *out = *in if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions - *out = make([]Condition, len(*in)) + *out = make([]v1.Condition, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -202,23 +203,6 @@ func (in *ActiveDirectoryIdentityProviderUserSearchAttributes) DeepCopy() *Activ return out } -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Condition) DeepCopyInto(out *Condition) { - *out = *in - in.LastTransitionTime.DeepCopyInto(&out.LastTransitionTime) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Condition. -func (in *Condition) DeepCopy() *Condition { - if in == nil { - return nil - } - out := new(Condition) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *LDAPIdentityProvider) DeepCopyInto(out *LDAPIdentityProvider) { *out = *in @@ -358,7 +342,7 @@ func (in *LDAPIdentityProviderStatus) DeepCopyInto(out *LDAPIdentityProviderStat *out = *in if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions - *out = make([]Condition, len(*in)) + *out = make([]v1.Condition, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -564,7 +548,7 @@ func (in *OIDCIdentityProviderStatus) DeepCopyInto(out *OIDCIdentityProviderStat *out = *in if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions - *out = make([]Condition, len(*in)) + *out = make([]v1.Condition, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } diff --git a/generated/1.22/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml b/generated/1.22/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml index a1a77773..d7fcf0c1 100644 --- a/generated/1.22/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml +++ b/generated/1.22/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml @@ -97,9 +97,15 @@ spec: description: Represents the observations of the authenticator's current state. items: - description: Condition status of a resource (mirrored from the metav1.Condition - type added in Kubernetes 1.19). In a future API version we can - switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + type FooStatus struct{ // Represents the observations of a foo's + current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition diff --git a/generated/1.22/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml b/generated/1.22/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml index 07c7f1e5..e5f71b07 100644 --- a/generated/1.22/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml +++ b/generated/1.22/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml @@ -70,9 +70,15 @@ spec: description: Represents the observations of the authenticator's current state. items: - description: Condition status of a resource (mirrored from the metav1.Condition - type added in Kubernetes 1.19). In a future API version we can - switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + type FooStatus struct{ // Represents the observations of a foo's + current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition diff --git a/generated/1.22/crds/config.supervisor.pinniped.dev_oidcclients.yaml b/generated/1.22/crds/config.supervisor.pinniped.dev_oidcclients.yaml index e4978627..9479255f 100644 --- a/generated/1.22/crds/config.supervisor.pinniped.dev_oidcclients.yaml +++ b/generated/1.22/crds/config.supervisor.pinniped.dev_oidcclients.yaml @@ -129,9 +129,15 @@ spec: description: conditions represent the observations of an OIDCClient's current state. items: - description: Condition status of a resource (mirrored from the metav1.Condition - type added in Kubernetes 1.19). In a future API version we can - switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + type FooStatus struct{ // Represents the observations of a foo's + current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition diff --git a/generated/1.22/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml b/generated/1.22/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml index 5fab109d..fb3f6768 100644 --- a/generated/1.22/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml +++ b/generated/1.22/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml @@ -232,9 +232,15 @@ spec: description: Represents the observations of an identity provider's current state. items: - description: Condition status of a resource (mirrored from the metav1.Condition - type added in Kubernetes 1.19). In a future API version we can - switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + type FooStatus struct{ // Represents the observations of a foo's + current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition diff --git a/generated/1.22/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml b/generated/1.22/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml index 5799cb5c..69f52cce 100644 --- a/generated/1.22/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml +++ b/generated/1.22/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml @@ -229,9 +229,15 @@ spec: description: Represents the observations of an identity provider's current state. items: - description: Condition status of a resource (mirrored from the metav1.Condition - type added in Kubernetes 1.19). In a future API version we can - switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + type FooStatus struct{ // Represents the observations of a foo's + current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition diff --git a/generated/1.22/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml b/generated/1.22/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml index 9bb24fd9..366436e7 100644 --- a/generated/1.22/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml +++ b/generated/1.22/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml @@ -259,9 +259,15 @@ spec: description: Represents the observations of an identity provider's current state. items: - description: Condition status of a resource (mirrored from the metav1.Condition - type added in Kubernetes 1.19). In a future API version we can - switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + type FooStatus struct{ // Represents the observations of a foo's + current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition diff --git a/generated/1.23/README.adoc b/generated/1.23/README.adoc index 50364dbf..c6117ae2 100644 --- a/generated/1.23/README.adoc +++ b/generated/1.23/README.adoc @@ -23,41 +23,6 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped concierge authenticatio -[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-authentication-v1alpha1-condition"] -==== Condition - -Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API version we can switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-authentication-v1alpha1-jwtauthenticatorstatus[$$JWTAuthenticatorStatus$$] -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-authentication-v1alpha1-webhookauthenticatorstatus[$$WebhookAuthenticatorStatus$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`type`* __string__ | type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-authentication-v1alpha1-conditionstatus[$$ConditionStatus$$]__ | status of the condition, one of True, False, Unknown. -| *`observedGeneration`* __integer__ | observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. -| *`lastTransitionTime`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#time-v1-meta[$$Time$$]__ | lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. -| *`reason`* __string__ | reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. -| *`message`* __string__ | message is a human readable message indicating details about the transition. This may be an empty string. -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-authentication-v1alpha1-conditionstatus"] -==== ConditionStatus (string) - -ConditionStatus is effectively an enum type for Condition.Status. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-authentication-v1alpha1-condition[$$Condition$$] -**** - - - [id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-authentication-v1alpha1-jwtauthenticator"] ==== JWTAuthenticator @@ -114,7 +79,7 @@ Status of a JWT authenticator. [cols="25a,75a", options="header"] |=== | Field | Description -| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-authentication-v1alpha1-condition[$$Condition$$] array__ | Represents the observations of the authenticator's current state. +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of the authenticator's current state. |=== @@ -207,7 +172,7 @@ Status of a webhook authenticator. [cols="25a,75a", options="header"] |=== | Field | Description -| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-authentication-v1alpha1-condition[$$Condition$$] array__ | Represents the observations of the authenticator's current state. +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of the authenticator's current state. |=== @@ -667,40 +632,6 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped supervisor configuratio -[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-config-v1alpha1-condition"] -==== Condition - -Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API version we can switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-config-v1alpha1-oidcclientstatus[$$OIDCClientStatus$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`type`* __string__ | type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-config-v1alpha1-conditionstatus[$$ConditionStatus$$]__ | status of the condition, one of True, False, Unknown. -| *`observedGeneration`* __integer__ | observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. -| *`lastTransitionTime`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#time-v1-meta[$$Time$$]__ | lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. -| *`reason`* __string__ | reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. -| *`message`* __string__ | message is a human readable message indicating details about the transition. This may be an empty string. -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-config-v1alpha1-conditionstatus"] -==== ConditionStatus (string) - -ConditionStatus is effectively an enum type for Condition.Status. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-config-v1alpha1-condition[$$Condition$$] -**** - - - [id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-config-v1alpha1-federationdomain"] ==== FederationDomain @@ -896,7 +827,7 @@ OIDCClientStatus is a struct that describes the actual state of an OIDCClient. |=== | Field | Description | *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-config-v1alpha1-oidcclientphase[$$OIDCClientPhase$$]__ | phase summarizes the overall status of the OIDCClient. -| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-config-v1alpha1-condition[$$Condition$$] array__ | conditions represent the observations of an OIDCClient's current state. +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#condition-v1-meta[$$Condition$$] array__ | conditions represent the observations of an OIDCClient's current state. | *`totalClientSecrets`* __integer__ | totalClientSecrets is the current number of client secrets that are detected for this OIDCClient. |=== @@ -1280,7 +1211,7 @@ Status of an Active Directory identity provider. |=== | Field | Description | *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderphase[$$ActiveDirectoryIdentityProviderPhase$$]__ | Phase summarizes the overall status of the ActiveDirectoryIdentityProvider. -| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-condition[$$Condition$$] array__ | Represents the observations of an identity provider's current state. +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of an identity provider's current state. |=== @@ -1321,42 +1252,6 @@ Status of an Active Directory identity provider. |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-condition"] -==== Condition - -Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API version we can switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderstatus[$$ActiveDirectoryIdentityProviderStatus$$] -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-ldapidentityproviderstatus[$$LDAPIdentityProviderStatus$$] -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-oidcidentityproviderstatus[$$OIDCIdentityProviderStatus$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`type`* __string__ | type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-conditionstatus[$$ConditionStatus$$]__ | status of the condition, one of True, False, Unknown. -| *`observedGeneration`* __integer__ | observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. -| *`lastTransitionTime`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#time-v1-meta[$$Time$$]__ | lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. -| *`reason`* __string__ | reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. -| *`message`* __string__ | message is a human readable message indicating details about the transition. This may be an empty string. -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-conditionstatus"] -==== ConditionStatus (string) - -ConditionStatus is effectively an enum type for Condition.Status. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-condition[$$Condition$$] -**** - - - [id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-ldapidentityprovider"] ==== LDAPIdentityProvider @@ -1484,7 +1379,7 @@ Status of an LDAP identity provider. |=== | Field | Description | *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-ldapidentityproviderphase[$$LDAPIdentityProviderPhase$$]__ | Phase summarizes the overall status of the LDAPIdentityProvider. -| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-condition[$$Condition$$] array__ | Represents the observations of an identity provider's current state. +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of an identity provider's current state. |=== @@ -1649,7 +1544,7 @@ OIDCIdentityProviderStatus is the status of an OIDC identity provider. |=== | Field | Description | *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-oidcidentityproviderphase[$$OIDCIdentityProviderPhase$$]__ | Phase summarizes the overall status of the OIDCIdentityProvider. -| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-condition[$$Condition$$] array__ | Represents the observations of an identity provider's current state. +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of an identity provider's current state. |=== diff --git a/generated/1.23/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go b/generated/1.23/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go index a8596b22..b0bf988b 100644 --- a/generated/1.23/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go +++ b/generated/1.23/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2023 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 @@ -12,7 +12,7 @@ type JWTAuthenticatorStatus struct { // +patchStrategy=merge // +listType=map // +listMapKey=type - Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` + Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` } // Spec for configuring a JWT authenticator. diff --git a/generated/1.23/apis/concierge/authentication/v1alpha1/types_meta.go b/generated/1.23/apis/concierge/authentication/v1alpha1/types_meta.go deleted file mode 100644 index 76a7d547..00000000 --- a/generated/1.23/apis/concierge/authentication/v1alpha1/types_meta.go +++ /dev/null @@ -1,75 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - -// ConditionStatus is effectively an enum type for Condition.Status. -type ConditionStatus string - -// These are valid condition statuses. "ConditionTrue" means a resource is in the condition. -// "ConditionFalse" means a resource is not in the condition. "ConditionUnknown" means kubernetes -// can't decide if a resource is in the condition or not. In the future, we could add other -// intermediate conditions, e.g. ConditionDegraded. -const ( - ConditionTrue ConditionStatus = "True" - ConditionFalse ConditionStatus = "False" - ConditionUnknown ConditionStatus = "Unknown" -) - -// Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API -// version we can switch to using the upstream type. -// See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. -type Condition struct { - // type of condition in CamelCase or in foo.example.com/CamelCase. - // --- - // Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - // useful (see .node.status.conditions), the ability to deconflict is important. - // The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Pattern=`^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$` - // +kubebuilder:validation:MaxLength=316 - Type string `json:"type"` - - // status of the condition, one of True, False, Unknown. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Enum=True;False;Unknown - Status ConditionStatus `json:"status"` - - // observedGeneration represents the .metadata.generation that the condition was set based upon. - // For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - // with respect to the current state of the instance. - // +optional - // +kubebuilder:validation:Minimum=0 - ObservedGeneration int64 `json:"observedGeneration,omitempty"` - - // lastTransitionTime is the last time the condition transitioned from one status to another. - // This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Type=string - // +kubebuilder:validation:Format=date-time - LastTransitionTime metav1.Time `json:"lastTransitionTime"` - - // reason contains a programmatic identifier indicating the reason for the condition's last transition. - // Producers of specific condition types may define expected values and meanings for this field, - // and whether the values are considered a guaranteed API. - // The value should be a CamelCase string. - // This field may not be empty. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:MaxLength=1024 - // +kubebuilder:validation:MinLength=1 - // +kubebuilder:validation:Pattern=`^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$` - Reason string `json:"reason"` - - // message is a human readable message indicating details about the transition. - // This may be an empty string. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:MaxLength=32768 - Message string `json:"message"` -} diff --git a/generated/1.23/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go b/generated/1.23/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go index 77b1e045..207249b2 100644 --- a/generated/1.23/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go +++ b/generated/1.23/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2023 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 @@ -12,7 +12,7 @@ type WebhookAuthenticatorStatus struct { // +patchStrategy=merge // +listType=map // +listMapKey=type - Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` + Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` } // Spec for configuring a webhook authenticator. diff --git a/generated/1.23/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go b/generated/1.23/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go index 9a0828bc..2b36eaa8 100644 --- a/generated/1.23/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.23/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go @@ -9,26 +9,10 @@ package v1alpha1 import ( + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" ) -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Condition) DeepCopyInto(out *Condition) { - *out = *in - in.LastTransitionTime.DeepCopyInto(&out.LastTransitionTime) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Condition. -func (in *Condition) DeepCopy() *Condition { - if in == nil { - return nil - } - out := new(Condition) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *JWTAuthenticator) DeepCopyInto(out *JWTAuthenticator) { *out = *in @@ -117,7 +101,7 @@ func (in *JWTAuthenticatorStatus) DeepCopyInto(out *JWTAuthenticatorStatus) { *out = *in if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions - *out = make([]Condition, len(*in)) + *out = make([]v1.Condition, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -254,7 +238,7 @@ func (in *WebhookAuthenticatorStatus) DeepCopyInto(out *WebhookAuthenticatorStat *out = *in if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions - *out = make([]Condition, len(*in)) + *out = make([]v1.Condition, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } diff --git a/generated/1.23/apis/supervisor/config/v1alpha1/types_meta.go b/generated/1.23/apis/supervisor/config/v1alpha1/types_meta.go deleted file mode 100644 index cd46a471..00000000 --- a/generated/1.23/apis/supervisor/config/v1alpha1/types_meta.go +++ /dev/null @@ -1,75 +0,0 @@ -// Copyright 2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - -// ConditionStatus is effectively an enum type for Condition.Status. -type ConditionStatus string - -// These are valid condition statuses. "ConditionTrue" means a resource is in the condition. -// "ConditionFalse" means a resource is not in the condition. "ConditionUnknown" means kubernetes -// can't decide if a resource is in the condition or not. In the future, we could add other -// intermediate conditions, e.g. ConditionDegraded. -const ( - ConditionTrue ConditionStatus = "True" - ConditionFalse ConditionStatus = "False" - ConditionUnknown ConditionStatus = "Unknown" -) - -// Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API -// version we can switch to using the upstream type. -// See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. -type Condition struct { - // type of condition in CamelCase or in foo.example.com/CamelCase. - // --- - // Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - // useful (see .node.status.conditions), the ability to deconflict is important. - // The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Pattern=`^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$` - // +kubebuilder:validation:MaxLength=316 - Type string `json:"type"` - - // status of the condition, one of True, False, Unknown. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Enum=True;False;Unknown - Status ConditionStatus `json:"status"` - - // observedGeneration represents the .metadata.generation that the condition was set based upon. - // For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - // with respect to the current state of the instance. - // +optional - // +kubebuilder:validation:Minimum=0 - ObservedGeneration int64 `json:"observedGeneration,omitempty"` - - // lastTransitionTime is the last time the condition transitioned from one status to another. - // This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Type=string - // +kubebuilder:validation:Format=date-time - LastTransitionTime metav1.Time `json:"lastTransitionTime"` - - // reason contains a programmatic identifier indicating the reason for the condition's last transition. - // Producers of specific condition types may define expected values and meanings for this field, - // and whether the values are considered a guaranteed API. - // The value should be a CamelCase string. - // This field may not be empty. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:MaxLength=1024 - // +kubebuilder:validation:MinLength=1 - // +kubebuilder:validation:Pattern=`^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$` - Reason string `json:"reason"` - - // message is a human readable message indicating details about the transition. - // This may be an empty string. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:MaxLength=32768 - Message string `json:"message"` -} diff --git a/generated/1.23/apis/supervisor/config/v1alpha1/types_oidcclient.go b/generated/1.23/apis/supervisor/config/v1alpha1/types_oidcclient.go index 719a597f..48f5de37 100644 --- a/generated/1.23/apis/supervisor/config/v1alpha1/types_oidcclient.go +++ b/generated/1.23/apis/supervisor/config/v1alpha1/types_oidcclient.go @@ -1,4 +1,4 @@ -// Copyright 2022 the Pinniped contributors. All Rights Reserved. +// Copyright 2022-2023 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 @@ -85,7 +85,7 @@ type OIDCClientStatus struct { // +patchStrategy=merge // +listType=map // +listMapKey=type - Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` + Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` // totalClientSecrets is the current number of client secrets that are detected for this OIDCClient. // +optional diff --git a/generated/1.23/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go b/generated/1.23/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go index 68201378..77defc47 100644 --- a/generated/1.23/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.23/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go @@ -9,26 +9,10 @@ package v1alpha1 import ( + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" ) -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Condition) DeepCopyInto(out *Condition) { - *out = *in - in.LastTransitionTime.DeepCopyInto(&out.LastTransitionTime) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Condition. -func (in *Condition) DeepCopy() *Condition { - if in == nil { - return nil - } - out := new(Condition) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *FederationDomain) DeepCopyInto(out *FederationDomain) { *out = *in @@ -265,7 +249,7 @@ func (in *OIDCClientStatus) DeepCopyInto(out *OIDCClientStatus) { *out = *in if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions - *out = make([]Condition, len(*in)) + *out = make([]v1.Condition, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } diff --git a/generated/1.23/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go b/generated/1.23/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go index a8a83e64..63fb1b55 100644 --- a/generated/1.23/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go +++ b/generated/1.23/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go @@ -32,7 +32,7 @@ type ActiveDirectoryIdentityProviderStatus struct { // +patchStrategy=merge // +listType=map // +listMapKey=type - Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` + Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` } type ActiveDirectoryIdentityProviderBind struct { diff --git a/generated/1.23/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go b/generated/1.23/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go index 5c76d6af..68200c51 100644 --- a/generated/1.23/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go +++ b/generated/1.23/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go @@ -32,7 +32,7 @@ type LDAPIdentityProviderStatus struct { // +patchStrategy=merge // +listType=map // +listMapKey=type - Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` + Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` } type LDAPIdentityProviderBind struct { diff --git a/generated/1.23/apis/supervisor/idp/v1alpha1/types_meta.go b/generated/1.23/apis/supervisor/idp/v1alpha1/types_meta.go deleted file mode 100644 index 76a7d547..00000000 --- a/generated/1.23/apis/supervisor/idp/v1alpha1/types_meta.go +++ /dev/null @@ -1,75 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - -// ConditionStatus is effectively an enum type for Condition.Status. -type ConditionStatus string - -// These are valid condition statuses. "ConditionTrue" means a resource is in the condition. -// "ConditionFalse" means a resource is not in the condition. "ConditionUnknown" means kubernetes -// can't decide if a resource is in the condition or not. In the future, we could add other -// intermediate conditions, e.g. ConditionDegraded. -const ( - ConditionTrue ConditionStatus = "True" - ConditionFalse ConditionStatus = "False" - ConditionUnknown ConditionStatus = "Unknown" -) - -// Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API -// version we can switch to using the upstream type. -// See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. -type Condition struct { - // type of condition in CamelCase or in foo.example.com/CamelCase. - // --- - // Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - // useful (see .node.status.conditions), the ability to deconflict is important. - // The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Pattern=`^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$` - // +kubebuilder:validation:MaxLength=316 - Type string `json:"type"` - - // status of the condition, one of True, False, Unknown. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Enum=True;False;Unknown - Status ConditionStatus `json:"status"` - - // observedGeneration represents the .metadata.generation that the condition was set based upon. - // For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - // with respect to the current state of the instance. - // +optional - // +kubebuilder:validation:Minimum=0 - ObservedGeneration int64 `json:"observedGeneration,omitempty"` - - // lastTransitionTime is the last time the condition transitioned from one status to another. - // This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Type=string - // +kubebuilder:validation:Format=date-time - LastTransitionTime metav1.Time `json:"lastTransitionTime"` - - // reason contains a programmatic identifier indicating the reason for the condition's last transition. - // Producers of specific condition types may define expected values and meanings for this field, - // and whether the values are considered a guaranteed API. - // The value should be a CamelCase string. - // This field may not be empty. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:MaxLength=1024 - // +kubebuilder:validation:MinLength=1 - // +kubebuilder:validation:Pattern=`^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$` - Reason string `json:"reason"` - - // message is a human readable message indicating details about the transition. - // This may be an empty string. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:MaxLength=32768 - Message string `json:"message"` -} diff --git a/generated/1.23/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go b/generated/1.23/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go index 99a0f47f..bdbff063 100644 --- a/generated/1.23/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go +++ b/generated/1.23/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go @@ -32,7 +32,7 @@ type OIDCIdentityProviderStatus struct { // +patchStrategy=merge // +listType=map // +listMapKey=type - Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` + Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` } // OIDCAuthorizationConfig provides information about how to form the OAuth2 authorization diff --git a/generated/1.23/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go b/generated/1.23/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go index 62cd7d8e..ad0a3806 100644 --- a/generated/1.23/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.23/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go @@ -9,6 +9,7 @@ package v1alpha1 import ( + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" ) @@ -151,7 +152,7 @@ func (in *ActiveDirectoryIdentityProviderStatus) DeepCopyInto(out *ActiveDirecto *out = *in if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions - *out = make([]Condition, len(*in)) + *out = make([]v1.Condition, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -202,23 +203,6 @@ func (in *ActiveDirectoryIdentityProviderUserSearchAttributes) DeepCopy() *Activ return out } -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Condition) DeepCopyInto(out *Condition) { - *out = *in - in.LastTransitionTime.DeepCopyInto(&out.LastTransitionTime) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Condition. -func (in *Condition) DeepCopy() *Condition { - if in == nil { - return nil - } - out := new(Condition) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *LDAPIdentityProvider) DeepCopyInto(out *LDAPIdentityProvider) { *out = *in @@ -358,7 +342,7 @@ func (in *LDAPIdentityProviderStatus) DeepCopyInto(out *LDAPIdentityProviderStat *out = *in if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions - *out = make([]Condition, len(*in)) + *out = make([]v1.Condition, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -564,7 +548,7 @@ func (in *OIDCIdentityProviderStatus) DeepCopyInto(out *OIDCIdentityProviderStat *out = *in if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions - *out = make([]Condition, len(*in)) + *out = make([]v1.Condition, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } diff --git a/generated/1.23/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml b/generated/1.23/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml index a1a77773..e42e231c 100644 --- a/generated/1.23/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml +++ b/generated/1.23/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml @@ -97,9 +97,15 @@ spec: description: Represents the observations of the authenticator's current state. items: - description: Condition status of a resource (mirrored from the metav1.Condition - type added in Kubernetes 1.19). In a future API version we can - switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition diff --git a/generated/1.23/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml b/generated/1.23/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml index 07c7f1e5..9a3d96b3 100644 --- a/generated/1.23/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml +++ b/generated/1.23/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml @@ -70,9 +70,15 @@ spec: description: Represents the observations of the authenticator's current state. items: - description: Condition status of a resource (mirrored from the metav1.Condition - type added in Kubernetes 1.19). In a future API version we can - switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition diff --git a/generated/1.23/crds/config.supervisor.pinniped.dev_oidcclients.yaml b/generated/1.23/crds/config.supervisor.pinniped.dev_oidcclients.yaml index e4978627..37d4b7c8 100644 --- a/generated/1.23/crds/config.supervisor.pinniped.dev_oidcclients.yaml +++ b/generated/1.23/crds/config.supervisor.pinniped.dev_oidcclients.yaml @@ -129,9 +129,15 @@ spec: description: conditions represent the observations of an OIDCClient's current state. items: - description: Condition status of a resource (mirrored from the metav1.Condition - type added in Kubernetes 1.19). In a future API version we can - switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition diff --git a/generated/1.23/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml b/generated/1.23/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml index 5fab109d..fed52818 100644 --- a/generated/1.23/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml +++ b/generated/1.23/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml @@ -232,9 +232,15 @@ spec: description: Represents the observations of an identity provider's current state. items: - description: Condition status of a resource (mirrored from the metav1.Condition - type added in Kubernetes 1.19). In a future API version we can - switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition diff --git a/generated/1.23/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml b/generated/1.23/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml index 5799cb5c..0e900251 100644 --- a/generated/1.23/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml +++ b/generated/1.23/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml @@ -229,9 +229,15 @@ spec: description: Represents the observations of an identity provider's current state. items: - description: Condition status of a resource (mirrored from the metav1.Condition - type added in Kubernetes 1.19). In a future API version we can - switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition diff --git a/generated/1.23/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml b/generated/1.23/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml index 9bb24fd9..5fad2fd6 100644 --- a/generated/1.23/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml +++ b/generated/1.23/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml @@ -259,9 +259,15 @@ spec: description: Represents the observations of an identity provider's current state. items: - description: Condition status of a resource (mirrored from the metav1.Condition - type added in Kubernetes 1.19). In a future API version we can - switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition diff --git a/generated/1.24/README.adoc b/generated/1.24/README.adoc index 8a6aa106..b53ace67 100644 --- a/generated/1.24/README.adoc +++ b/generated/1.24/README.adoc @@ -23,41 +23,6 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped concierge authenticatio -[id="{anchor_prefix}-go-pinniped-dev-generated-1-24-apis-concierge-authentication-v1alpha1-condition"] -==== Condition - -Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API version we can switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-24-apis-concierge-authentication-v1alpha1-jwtauthenticatorstatus[$$JWTAuthenticatorStatus$$] -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-24-apis-concierge-authentication-v1alpha1-webhookauthenticatorstatus[$$WebhookAuthenticatorStatus$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`type`* __string__ | type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-24-apis-concierge-authentication-v1alpha1-conditionstatus[$$ConditionStatus$$]__ | status of the condition, one of True, False, Unknown. -| *`observedGeneration`* __integer__ | observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. -| *`lastTransitionTime`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.24/#time-v1-meta[$$Time$$]__ | lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. -| *`reason`* __string__ | reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. -| *`message`* __string__ | message is a human readable message indicating details about the transition. This may be an empty string. -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-24-apis-concierge-authentication-v1alpha1-conditionstatus"] -==== ConditionStatus (string) - -ConditionStatus is effectively an enum type for Condition.Status. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-24-apis-concierge-authentication-v1alpha1-condition[$$Condition$$] -**** - - - [id="{anchor_prefix}-go-pinniped-dev-generated-1-24-apis-concierge-authentication-v1alpha1-jwtauthenticator"] ==== JWTAuthenticator @@ -114,7 +79,7 @@ Status of a JWT authenticator. [cols="25a,75a", options="header"] |=== | Field | Description -| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-24-apis-concierge-authentication-v1alpha1-condition[$$Condition$$] array__ | Represents the observations of the authenticator's current state. +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.24/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of the authenticator's current state. |=== @@ -207,7 +172,7 @@ Status of a webhook authenticator. [cols="25a,75a", options="header"] |=== | Field | Description -| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-24-apis-concierge-authentication-v1alpha1-condition[$$Condition$$] array__ | Represents the observations of the authenticator's current state. +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.24/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of the authenticator's current state. |=== @@ -667,40 +632,6 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped supervisor configuratio -[id="{anchor_prefix}-go-pinniped-dev-generated-1-24-apis-supervisor-config-v1alpha1-condition"] -==== Condition - -Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API version we can switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-24-apis-supervisor-config-v1alpha1-oidcclientstatus[$$OIDCClientStatus$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`type`* __string__ | type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-24-apis-supervisor-config-v1alpha1-conditionstatus[$$ConditionStatus$$]__ | status of the condition, one of True, False, Unknown. -| *`observedGeneration`* __integer__ | observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. -| *`lastTransitionTime`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.24/#time-v1-meta[$$Time$$]__ | lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. -| *`reason`* __string__ | reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. -| *`message`* __string__ | message is a human readable message indicating details about the transition. This may be an empty string. -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-24-apis-supervisor-config-v1alpha1-conditionstatus"] -==== ConditionStatus (string) - -ConditionStatus is effectively an enum type for Condition.Status. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-24-apis-supervisor-config-v1alpha1-condition[$$Condition$$] -**** - - - [id="{anchor_prefix}-go-pinniped-dev-generated-1-24-apis-supervisor-config-v1alpha1-federationdomain"] ==== FederationDomain @@ -896,7 +827,7 @@ OIDCClientStatus is a struct that describes the actual state of an OIDCClient. |=== | Field | Description | *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-24-apis-supervisor-config-v1alpha1-oidcclientphase[$$OIDCClientPhase$$]__ | phase summarizes the overall status of the OIDCClient. -| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-24-apis-supervisor-config-v1alpha1-condition[$$Condition$$] array__ | conditions represent the observations of an OIDCClient's current state. +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.24/#condition-v1-meta[$$Condition$$] array__ | conditions represent the observations of an OIDCClient's current state. | *`totalClientSecrets`* __integer__ | totalClientSecrets is the current number of client secrets that are detected for this OIDCClient. |=== @@ -1280,7 +1211,7 @@ Status of an Active Directory identity provider. |=== | Field | Description | *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-24-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderphase[$$ActiveDirectoryIdentityProviderPhase$$]__ | Phase summarizes the overall status of the ActiveDirectoryIdentityProvider. -| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-24-apis-supervisor-idp-v1alpha1-condition[$$Condition$$] array__ | Represents the observations of an identity provider's current state. +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.24/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of an identity provider's current state. |=== @@ -1321,42 +1252,6 @@ Status of an Active Directory identity provider. |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-24-apis-supervisor-idp-v1alpha1-condition"] -==== Condition - -Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API version we can switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-24-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderstatus[$$ActiveDirectoryIdentityProviderStatus$$] -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-24-apis-supervisor-idp-v1alpha1-ldapidentityproviderstatus[$$LDAPIdentityProviderStatus$$] -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-24-apis-supervisor-idp-v1alpha1-oidcidentityproviderstatus[$$OIDCIdentityProviderStatus$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`type`* __string__ | type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-24-apis-supervisor-idp-v1alpha1-conditionstatus[$$ConditionStatus$$]__ | status of the condition, one of True, False, Unknown. -| *`observedGeneration`* __integer__ | observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. -| *`lastTransitionTime`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.24/#time-v1-meta[$$Time$$]__ | lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. -| *`reason`* __string__ | reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. -| *`message`* __string__ | message is a human readable message indicating details about the transition. This may be an empty string. -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-24-apis-supervisor-idp-v1alpha1-conditionstatus"] -==== ConditionStatus (string) - -ConditionStatus is effectively an enum type for Condition.Status. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-24-apis-supervisor-idp-v1alpha1-condition[$$Condition$$] -**** - - - [id="{anchor_prefix}-go-pinniped-dev-generated-1-24-apis-supervisor-idp-v1alpha1-ldapidentityprovider"] ==== LDAPIdentityProvider @@ -1484,7 +1379,7 @@ Status of an LDAP identity provider. |=== | Field | Description | *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-24-apis-supervisor-idp-v1alpha1-ldapidentityproviderphase[$$LDAPIdentityProviderPhase$$]__ | Phase summarizes the overall status of the LDAPIdentityProvider. -| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-24-apis-supervisor-idp-v1alpha1-condition[$$Condition$$] array__ | Represents the observations of an identity provider's current state. +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.24/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of an identity provider's current state. |=== @@ -1649,7 +1544,7 @@ OIDCIdentityProviderStatus is the status of an OIDC identity provider. |=== | Field | Description | *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-24-apis-supervisor-idp-v1alpha1-oidcidentityproviderphase[$$OIDCIdentityProviderPhase$$]__ | Phase summarizes the overall status of the OIDCIdentityProvider. -| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-24-apis-supervisor-idp-v1alpha1-condition[$$Condition$$] array__ | Represents the observations of an identity provider's current state. +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.24/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of an identity provider's current state. |=== diff --git a/generated/1.24/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go b/generated/1.24/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go index a8596b22..b0bf988b 100644 --- a/generated/1.24/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go +++ b/generated/1.24/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2023 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 @@ -12,7 +12,7 @@ type JWTAuthenticatorStatus struct { // +patchStrategy=merge // +listType=map // +listMapKey=type - Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` + Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` } // Spec for configuring a JWT authenticator. diff --git a/generated/1.24/apis/concierge/authentication/v1alpha1/types_meta.go b/generated/1.24/apis/concierge/authentication/v1alpha1/types_meta.go deleted file mode 100644 index 76a7d547..00000000 --- a/generated/1.24/apis/concierge/authentication/v1alpha1/types_meta.go +++ /dev/null @@ -1,75 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - -// ConditionStatus is effectively an enum type for Condition.Status. -type ConditionStatus string - -// These are valid condition statuses. "ConditionTrue" means a resource is in the condition. -// "ConditionFalse" means a resource is not in the condition. "ConditionUnknown" means kubernetes -// can't decide if a resource is in the condition or not. In the future, we could add other -// intermediate conditions, e.g. ConditionDegraded. -const ( - ConditionTrue ConditionStatus = "True" - ConditionFalse ConditionStatus = "False" - ConditionUnknown ConditionStatus = "Unknown" -) - -// Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API -// version we can switch to using the upstream type. -// See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. -type Condition struct { - // type of condition in CamelCase or in foo.example.com/CamelCase. - // --- - // Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - // useful (see .node.status.conditions), the ability to deconflict is important. - // The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Pattern=`^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$` - // +kubebuilder:validation:MaxLength=316 - Type string `json:"type"` - - // status of the condition, one of True, False, Unknown. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Enum=True;False;Unknown - Status ConditionStatus `json:"status"` - - // observedGeneration represents the .metadata.generation that the condition was set based upon. - // For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - // with respect to the current state of the instance. - // +optional - // +kubebuilder:validation:Minimum=0 - ObservedGeneration int64 `json:"observedGeneration,omitempty"` - - // lastTransitionTime is the last time the condition transitioned from one status to another. - // This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Type=string - // +kubebuilder:validation:Format=date-time - LastTransitionTime metav1.Time `json:"lastTransitionTime"` - - // reason contains a programmatic identifier indicating the reason for the condition's last transition. - // Producers of specific condition types may define expected values and meanings for this field, - // and whether the values are considered a guaranteed API. - // The value should be a CamelCase string. - // This field may not be empty. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:MaxLength=1024 - // +kubebuilder:validation:MinLength=1 - // +kubebuilder:validation:Pattern=`^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$` - Reason string `json:"reason"` - - // message is a human readable message indicating details about the transition. - // This may be an empty string. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:MaxLength=32768 - Message string `json:"message"` -} diff --git a/generated/1.24/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go b/generated/1.24/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go index 77b1e045..207249b2 100644 --- a/generated/1.24/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go +++ b/generated/1.24/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2023 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 @@ -12,7 +12,7 @@ type WebhookAuthenticatorStatus struct { // +patchStrategy=merge // +listType=map // +listMapKey=type - Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` + Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` } // Spec for configuring a webhook authenticator. diff --git a/generated/1.24/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go b/generated/1.24/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go index 9a0828bc..2b36eaa8 100644 --- a/generated/1.24/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.24/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go @@ -9,26 +9,10 @@ package v1alpha1 import ( + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" ) -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Condition) DeepCopyInto(out *Condition) { - *out = *in - in.LastTransitionTime.DeepCopyInto(&out.LastTransitionTime) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Condition. -func (in *Condition) DeepCopy() *Condition { - if in == nil { - return nil - } - out := new(Condition) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *JWTAuthenticator) DeepCopyInto(out *JWTAuthenticator) { *out = *in @@ -117,7 +101,7 @@ func (in *JWTAuthenticatorStatus) DeepCopyInto(out *JWTAuthenticatorStatus) { *out = *in if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions - *out = make([]Condition, len(*in)) + *out = make([]v1.Condition, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -254,7 +238,7 @@ func (in *WebhookAuthenticatorStatus) DeepCopyInto(out *WebhookAuthenticatorStat *out = *in if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions - *out = make([]Condition, len(*in)) + *out = make([]v1.Condition, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } diff --git a/generated/1.24/apis/supervisor/config/v1alpha1/types_meta.go b/generated/1.24/apis/supervisor/config/v1alpha1/types_meta.go deleted file mode 100644 index cd46a471..00000000 --- a/generated/1.24/apis/supervisor/config/v1alpha1/types_meta.go +++ /dev/null @@ -1,75 +0,0 @@ -// Copyright 2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - -// ConditionStatus is effectively an enum type for Condition.Status. -type ConditionStatus string - -// These are valid condition statuses. "ConditionTrue" means a resource is in the condition. -// "ConditionFalse" means a resource is not in the condition. "ConditionUnknown" means kubernetes -// can't decide if a resource is in the condition or not. In the future, we could add other -// intermediate conditions, e.g. ConditionDegraded. -const ( - ConditionTrue ConditionStatus = "True" - ConditionFalse ConditionStatus = "False" - ConditionUnknown ConditionStatus = "Unknown" -) - -// Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API -// version we can switch to using the upstream type. -// See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. -type Condition struct { - // type of condition in CamelCase or in foo.example.com/CamelCase. - // --- - // Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - // useful (see .node.status.conditions), the ability to deconflict is important. - // The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Pattern=`^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$` - // +kubebuilder:validation:MaxLength=316 - Type string `json:"type"` - - // status of the condition, one of True, False, Unknown. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Enum=True;False;Unknown - Status ConditionStatus `json:"status"` - - // observedGeneration represents the .metadata.generation that the condition was set based upon. - // For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - // with respect to the current state of the instance. - // +optional - // +kubebuilder:validation:Minimum=0 - ObservedGeneration int64 `json:"observedGeneration,omitempty"` - - // lastTransitionTime is the last time the condition transitioned from one status to another. - // This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Type=string - // +kubebuilder:validation:Format=date-time - LastTransitionTime metav1.Time `json:"lastTransitionTime"` - - // reason contains a programmatic identifier indicating the reason for the condition's last transition. - // Producers of specific condition types may define expected values and meanings for this field, - // and whether the values are considered a guaranteed API. - // The value should be a CamelCase string. - // This field may not be empty. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:MaxLength=1024 - // +kubebuilder:validation:MinLength=1 - // +kubebuilder:validation:Pattern=`^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$` - Reason string `json:"reason"` - - // message is a human readable message indicating details about the transition. - // This may be an empty string. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:MaxLength=32768 - Message string `json:"message"` -} diff --git a/generated/1.24/apis/supervisor/config/v1alpha1/types_oidcclient.go b/generated/1.24/apis/supervisor/config/v1alpha1/types_oidcclient.go index 719a597f..48f5de37 100644 --- a/generated/1.24/apis/supervisor/config/v1alpha1/types_oidcclient.go +++ b/generated/1.24/apis/supervisor/config/v1alpha1/types_oidcclient.go @@ -1,4 +1,4 @@ -// Copyright 2022 the Pinniped contributors. All Rights Reserved. +// Copyright 2022-2023 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 @@ -85,7 +85,7 @@ type OIDCClientStatus struct { // +patchStrategy=merge // +listType=map // +listMapKey=type - Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` + Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` // totalClientSecrets is the current number of client secrets that are detected for this OIDCClient. // +optional diff --git a/generated/1.24/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go b/generated/1.24/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go index 68201378..77defc47 100644 --- a/generated/1.24/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.24/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go @@ -9,26 +9,10 @@ package v1alpha1 import ( + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" ) -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Condition) DeepCopyInto(out *Condition) { - *out = *in - in.LastTransitionTime.DeepCopyInto(&out.LastTransitionTime) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Condition. -func (in *Condition) DeepCopy() *Condition { - if in == nil { - return nil - } - out := new(Condition) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *FederationDomain) DeepCopyInto(out *FederationDomain) { *out = *in @@ -265,7 +249,7 @@ func (in *OIDCClientStatus) DeepCopyInto(out *OIDCClientStatus) { *out = *in if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions - *out = make([]Condition, len(*in)) + *out = make([]v1.Condition, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } diff --git a/generated/1.24/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go b/generated/1.24/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go index a8a83e64..63fb1b55 100644 --- a/generated/1.24/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go +++ b/generated/1.24/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go @@ -32,7 +32,7 @@ type ActiveDirectoryIdentityProviderStatus struct { // +patchStrategy=merge // +listType=map // +listMapKey=type - Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` + Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` } type ActiveDirectoryIdentityProviderBind struct { diff --git a/generated/1.24/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go b/generated/1.24/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go index 5c76d6af..68200c51 100644 --- a/generated/1.24/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go +++ b/generated/1.24/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go @@ -32,7 +32,7 @@ type LDAPIdentityProviderStatus struct { // +patchStrategy=merge // +listType=map // +listMapKey=type - Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` + Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` } type LDAPIdentityProviderBind struct { diff --git a/generated/1.24/apis/supervisor/idp/v1alpha1/types_meta.go b/generated/1.24/apis/supervisor/idp/v1alpha1/types_meta.go deleted file mode 100644 index 76a7d547..00000000 --- a/generated/1.24/apis/supervisor/idp/v1alpha1/types_meta.go +++ /dev/null @@ -1,75 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - -// ConditionStatus is effectively an enum type for Condition.Status. -type ConditionStatus string - -// These are valid condition statuses. "ConditionTrue" means a resource is in the condition. -// "ConditionFalse" means a resource is not in the condition. "ConditionUnknown" means kubernetes -// can't decide if a resource is in the condition or not. In the future, we could add other -// intermediate conditions, e.g. ConditionDegraded. -const ( - ConditionTrue ConditionStatus = "True" - ConditionFalse ConditionStatus = "False" - ConditionUnknown ConditionStatus = "Unknown" -) - -// Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API -// version we can switch to using the upstream type. -// See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. -type Condition struct { - // type of condition in CamelCase or in foo.example.com/CamelCase. - // --- - // Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - // useful (see .node.status.conditions), the ability to deconflict is important. - // The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Pattern=`^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$` - // +kubebuilder:validation:MaxLength=316 - Type string `json:"type"` - - // status of the condition, one of True, False, Unknown. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Enum=True;False;Unknown - Status ConditionStatus `json:"status"` - - // observedGeneration represents the .metadata.generation that the condition was set based upon. - // For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - // with respect to the current state of the instance. - // +optional - // +kubebuilder:validation:Minimum=0 - ObservedGeneration int64 `json:"observedGeneration,omitempty"` - - // lastTransitionTime is the last time the condition transitioned from one status to another. - // This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Type=string - // +kubebuilder:validation:Format=date-time - LastTransitionTime metav1.Time `json:"lastTransitionTime"` - - // reason contains a programmatic identifier indicating the reason for the condition's last transition. - // Producers of specific condition types may define expected values and meanings for this field, - // and whether the values are considered a guaranteed API. - // The value should be a CamelCase string. - // This field may not be empty. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:MaxLength=1024 - // +kubebuilder:validation:MinLength=1 - // +kubebuilder:validation:Pattern=`^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$` - Reason string `json:"reason"` - - // message is a human readable message indicating details about the transition. - // This may be an empty string. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:MaxLength=32768 - Message string `json:"message"` -} diff --git a/generated/1.24/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go b/generated/1.24/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go index 99a0f47f..bdbff063 100644 --- a/generated/1.24/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go +++ b/generated/1.24/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go @@ -32,7 +32,7 @@ type OIDCIdentityProviderStatus struct { // +patchStrategy=merge // +listType=map // +listMapKey=type - Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` + Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` } // OIDCAuthorizationConfig provides information about how to form the OAuth2 authorization diff --git a/generated/1.24/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go b/generated/1.24/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go index 62cd7d8e..ad0a3806 100644 --- a/generated/1.24/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.24/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go @@ -9,6 +9,7 @@ package v1alpha1 import ( + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" ) @@ -151,7 +152,7 @@ func (in *ActiveDirectoryIdentityProviderStatus) DeepCopyInto(out *ActiveDirecto *out = *in if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions - *out = make([]Condition, len(*in)) + *out = make([]v1.Condition, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -202,23 +203,6 @@ func (in *ActiveDirectoryIdentityProviderUserSearchAttributes) DeepCopy() *Activ return out } -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Condition) DeepCopyInto(out *Condition) { - *out = *in - in.LastTransitionTime.DeepCopyInto(&out.LastTransitionTime) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Condition. -func (in *Condition) DeepCopy() *Condition { - if in == nil { - return nil - } - out := new(Condition) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *LDAPIdentityProvider) DeepCopyInto(out *LDAPIdentityProvider) { *out = *in @@ -358,7 +342,7 @@ func (in *LDAPIdentityProviderStatus) DeepCopyInto(out *LDAPIdentityProviderStat *out = *in if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions - *out = make([]Condition, len(*in)) + *out = make([]v1.Condition, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -564,7 +548,7 @@ func (in *OIDCIdentityProviderStatus) DeepCopyInto(out *OIDCIdentityProviderStat *out = *in if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions - *out = make([]Condition, len(*in)) + *out = make([]v1.Condition, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } diff --git a/generated/1.24/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml b/generated/1.24/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml index a1a77773..e42e231c 100644 --- a/generated/1.24/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml +++ b/generated/1.24/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml @@ -97,9 +97,15 @@ spec: description: Represents the observations of the authenticator's current state. items: - description: Condition status of a resource (mirrored from the metav1.Condition - type added in Kubernetes 1.19). In a future API version we can - switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition diff --git a/generated/1.24/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml b/generated/1.24/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml index 07c7f1e5..9a3d96b3 100644 --- a/generated/1.24/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml +++ b/generated/1.24/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml @@ -70,9 +70,15 @@ spec: description: Represents the observations of the authenticator's current state. items: - description: Condition status of a resource (mirrored from the metav1.Condition - type added in Kubernetes 1.19). In a future API version we can - switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition diff --git a/generated/1.24/crds/config.supervisor.pinniped.dev_oidcclients.yaml b/generated/1.24/crds/config.supervisor.pinniped.dev_oidcclients.yaml index e4978627..37d4b7c8 100644 --- a/generated/1.24/crds/config.supervisor.pinniped.dev_oidcclients.yaml +++ b/generated/1.24/crds/config.supervisor.pinniped.dev_oidcclients.yaml @@ -129,9 +129,15 @@ spec: description: conditions represent the observations of an OIDCClient's current state. items: - description: Condition status of a resource (mirrored from the metav1.Condition - type added in Kubernetes 1.19). In a future API version we can - switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition diff --git a/generated/1.24/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml b/generated/1.24/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml index 5fab109d..fed52818 100644 --- a/generated/1.24/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml +++ b/generated/1.24/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml @@ -232,9 +232,15 @@ spec: description: Represents the observations of an identity provider's current state. items: - description: Condition status of a resource (mirrored from the metav1.Condition - type added in Kubernetes 1.19). In a future API version we can - switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition diff --git a/generated/1.24/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml b/generated/1.24/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml index 5799cb5c..0e900251 100644 --- a/generated/1.24/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml +++ b/generated/1.24/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml @@ -229,9 +229,15 @@ spec: description: Represents the observations of an identity provider's current state. items: - description: Condition status of a resource (mirrored from the metav1.Condition - type added in Kubernetes 1.19). In a future API version we can - switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition diff --git a/generated/1.24/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml b/generated/1.24/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml index 9bb24fd9..5fad2fd6 100644 --- a/generated/1.24/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml +++ b/generated/1.24/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml @@ -259,9 +259,15 @@ spec: description: Represents the observations of an identity provider's current state. items: - description: Condition status of a resource (mirrored from the metav1.Condition - type added in Kubernetes 1.19). In a future API version we can - switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition diff --git a/generated/1.25/README.adoc b/generated/1.25/README.adoc index ced67d29..04d0ab66 100644 --- a/generated/1.25/README.adoc +++ b/generated/1.25/README.adoc @@ -23,41 +23,6 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped concierge authenticatio -[id="{anchor_prefix}-go-pinniped-dev-generated-1-25-apis-concierge-authentication-v1alpha1-condition"] -==== Condition - -Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API version we can switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-25-apis-concierge-authentication-v1alpha1-jwtauthenticatorstatus[$$JWTAuthenticatorStatus$$] -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-25-apis-concierge-authentication-v1alpha1-webhookauthenticatorstatus[$$WebhookAuthenticatorStatus$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`type`* __string__ | type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-25-apis-concierge-authentication-v1alpha1-conditionstatus[$$ConditionStatus$$]__ | status of the condition, one of True, False, Unknown. -| *`observedGeneration`* __integer__ | observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. -| *`lastTransitionTime`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.25/#time-v1-meta[$$Time$$]__ | lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. -| *`reason`* __string__ | reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. -| *`message`* __string__ | message is a human readable message indicating details about the transition. This may be an empty string. -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-25-apis-concierge-authentication-v1alpha1-conditionstatus"] -==== ConditionStatus (string) - -ConditionStatus is effectively an enum type for Condition.Status. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-25-apis-concierge-authentication-v1alpha1-condition[$$Condition$$] -**** - - - [id="{anchor_prefix}-go-pinniped-dev-generated-1-25-apis-concierge-authentication-v1alpha1-jwtauthenticator"] ==== JWTAuthenticator @@ -114,7 +79,7 @@ Status of a JWT authenticator. [cols="25a,75a", options="header"] |=== | Field | Description -| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-25-apis-concierge-authentication-v1alpha1-condition[$$Condition$$] array__ | Represents the observations of the authenticator's current state. +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.25/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of the authenticator's current state. |=== @@ -207,7 +172,7 @@ Status of a webhook authenticator. [cols="25a,75a", options="header"] |=== | Field | Description -| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-25-apis-concierge-authentication-v1alpha1-condition[$$Condition$$] array__ | Represents the observations of the authenticator's current state. +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.25/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of the authenticator's current state. |=== @@ -665,40 +630,6 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped supervisor configuratio -[id="{anchor_prefix}-go-pinniped-dev-generated-1-25-apis-supervisor-config-v1alpha1-condition"] -==== Condition - -Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API version we can switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-25-apis-supervisor-config-v1alpha1-oidcclientstatus[$$OIDCClientStatus$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`type`* __string__ | type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-25-apis-supervisor-config-v1alpha1-conditionstatus[$$ConditionStatus$$]__ | status of the condition, one of True, False, Unknown. -| *`observedGeneration`* __integer__ | observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. -| *`lastTransitionTime`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.25/#time-v1-meta[$$Time$$]__ | lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. -| *`reason`* __string__ | reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. -| *`message`* __string__ | message is a human readable message indicating details about the transition. This may be an empty string. -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-25-apis-supervisor-config-v1alpha1-conditionstatus"] -==== ConditionStatus (string) - -ConditionStatus is effectively an enum type for Condition.Status. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-25-apis-supervisor-config-v1alpha1-condition[$$Condition$$] -**** - - - [id="{anchor_prefix}-go-pinniped-dev-generated-1-25-apis-supervisor-config-v1alpha1-federationdomain"] ==== FederationDomain @@ -894,7 +825,7 @@ OIDCClientStatus is a struct that describes the actual state of an OIDCClient. |=== | Field | Description | *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-25-apis-supervisor-config-v1alpha1-oidcclientphase[$$OIDCClientPhase$$]__ | phase summarizes the overall status of the OIDCClient. -| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-25-apis-supervisor-config-v1alpha1-condition[$$Condition$$] array__ | conditions represent the observations of an OIDCClient's current state. +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.25/#condition-v1-meta[$$Condition$$] array__ | conditions represent the observations of an OIDCClient's current state. | *`totalClientSecrets`* __integer__ | totalClientSecrets is the current number of client secrets that are detected for this OIDCClient. |=== @@ -1276,7 +1207,7 @@ Status of an Active Directory identity provider. |=== | Field | Description | *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-25-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderphase[$$ActiveDirectoryIdentityProviderPhase$$]__ | Phase summarizes the overall status of the ActiveDirectoryIdentityProvider. -| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-25-apis-supervisor-idp-v1alpha1-condition[$$Condition$$] array__ | Represents the observations of an identity provider's current state. +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.25/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of an identity provider's current state. |=== @@ -1317,42 +1248,6 @@ Status of an Active Directory identity provider. |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-25-apis-supervisor-idp-v1alpha1-condition"] -==== Condition - -Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API version we can switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-25-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderstatus[$$ActiveDirectoryIdentityProviderStatus$$] -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-25-apis-supervisor-idp-v1alpha1-ldapidentityproviderstatus[$$LDAPIdentityProviderStatus$$] -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-25-apis-supervisor-idp-v1alpha1-oidcidentityproviderstatus[$$OIDCIdentityProviderStatus$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`type`* __string__ | type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-25-apis-supervisor-idp-v1alpha1-conditionstatus[$$ConditionStatus$$]__ | status of the condition, one of True, False, Unknown. -| *`observedGeneration`* __integer__ | observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. -| *`lastTransitionTime`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.25/#time-v1-meta[$$Time$$]__ | lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. -| *`reason`* __string__ | reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. -| *`message`* __string__ | message is a human readable message indicating details about the transition. This may be an empty string. -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-25-apis-supervisor-idp-v1alpha1-conditionstatus"] -==== ConditionStatus (string) - -ConditionStatus is effectively an enum type for Condition.Status. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-25-apis-supervisor-idp-v1alpha1-condition[$$Condition$$] -**** - - - [id="{anchor_prefix}-go-pinniped-dev-generated-1-25-apis-supervisor-idp-v1alpha1-ldapidentityprovider"] ==== LDAPIdentityProvider @@ -1480,7 +1375,7 @@ Status of an LDAP identity provider. |=== | Field | Description | *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-25-apis-supervisor-idp-v1alpha1-ldapidentityproviderphase[$$LDAPIdentityProviderPhase$$]__ | Phase summarizes the overall status of the LDAPIdentityProvider. -| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-25-apis-supervisor-idp-v1alpha1-condition[$$Condition$$] array__ | Represents the observations of an identity provider's current state. +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.25/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of an identity provider's current state. |=== @@ -1645,7 +1540,7 @@ OIDCIdentityProviderStatus is the status of an OIDC identity provider. |=== | Field | Description | *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-25-apis-supervisor-idp-v1alpha1-oidcidentityproviderphase[$$OIDCIdentityProviderPhase$$]__ | Phase summarizes the overall status of the OIDCIdentityProvider. -| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-25-apis-supervisor-idp-v1alpha1-condition[$$Condition$$] array__ | Represents the observations of an identity provider's current state. +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.25/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of an identity provider's current state. |=== diff --git a/generated/1.25/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go b/generated/1.25/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go index a8596b22..b0bf988b 100644 --- a/generated/1.25/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go +++ b/generated/1.25/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2023 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 @@ -12,7 +12,7 @@ type JWTAuthenticatorStatus struct { // +patchStrategy=merge // +listType=map // +listMapKey=type - Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` + Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` } // Spec for configuring a JWT authenticator. diff --git a/generated/1.25/apis/concierge/authentication/v1alpha1/types_meta.go b/generated/1.25/apis/concierge/authentication/v1alpha1/types_meta.go deleted file mode 100644 index 76a7d547..00000000 --- a/generated/1.25/apis/concierge/authentication/v1alpha1/types_meta.go +++ /dev/null @@ -1,75 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - -// ConditionStatus is effectively an enum type for Condition.Status. -type ConditionStatus string - -// These are valid condition statuses. "ConditionTrue" means a resource is in the condition. -// "ConditionFalse" means a resource is not in the condition. "ConditionUnknown" means kubernetes -// can't decide if a resource is in the condition or not. In the future, we could add other -// intermediate conditions, e.g. ConditionDegraded. -const ( - ConditionTrue ConditionStatus = "True" - ConditionFalse ConditionStatus = "False" - ConditionUnknown ConditionStatus = "Unknown" -) - -// Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API -// version we can switch to using the upstream type. -// See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. -type Condition struct { - // type of condition in CamelCase or in foo.example.com/CamelCase. - // --- - // Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - // useful (see .node.status.conditions), the ability to deconflict is important. - // The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Pattern=`^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$` - // +kubebuilder:validation:MaxLength=316 - Type string `json:"type"` - - // status of the condition, one of True, False, Unknown. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Enum=True;False;Unknown - Status ConditionStatus `json:"status"` - - // observedGeneration represents the .metadata.generation that the condition was set based upon. - // For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - // with respect to the current state of the instance. - // +optional - // +kubebuilder:validation:Minimum=0 - ObservedGeneration int64 `json:"observedGeneration,omitempty"` - - // lastTransitionTime is the last time the condition transitioned from one status to another. - // This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Type=string - // +kubebuilder:validation:Format=date-time - LastTransitionTime metav1.Time `json:"lastTransitionTime"` - - // reason contains a programmatic identifier indicating the reason for the condition's last transition. - // Producers of specific condition types may define expected values and meanings for this field, - // and whether the values are considered a guaranteed API. - // The value should be a CamelCase string. - // This field may not be empty. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:MaxLength=1024 - // +kubebuilder:validation:MinLength=1 - // +kubebuilder:validation:Pattern=`^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$` - Reason string `json:"reason"` - - // message is a human readable message indicating details about the transition. - // This may be an empty string. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:MaxLength=32768 - Message string `json:"message"` -} diff --git a/generated/1.25/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go b/generated/1.25/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go index 77b1e045..207249b2 100644 --- a/generated/1.25/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go +++ b/generated/1.25/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2023 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 @@ -12,7 +12,7 @@ type WebhookAuthenticatorStatus struct { // +patchStrategy=merge // +listType=map // +listMapKey=type - Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` + Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` } // Spec for configuring a webhook authenticator. diff --git a/generated/1.25/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go b/generated/1.25/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go index 9a0828bc..2b36eaa8 100644 --- a/generated/1.25/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.25/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go @@ -9,26 +9,10 @@ package v1alpha1 import ( + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" ) -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Condition) DeepCopyInto(out *Condition) { - *out = *in - in.LastTransitionTime.DeepCopyInto(&out.LastTransitionTime) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Condition. -func (in *Condition) DeepCopy() *Condition { - if in == nil { - return nil - } - out := new(Condition) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *JWTAuthenticator) DeepCopyInto(out *JWTAuthenticator) { *out = *in @@ -117,7 +101,7 @@ func (in *JWTAuthenticatorStatus) DeepCopyInto(out *JWTAuthenticatorStatus) { *out = *in if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions - *out = make([]Condition, len(*in)) + *out = make([]v1.Condition, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -254,7 +238,7 @@ func (in *WebhookAuthenticatorStatus) DeepCopyInto(out *WebhookAuthenticatorStat *out = *in if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions - *out = make([]Condition, len(*in)) + *out = make([]v1.Condition, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } diff --git a/generated/1.25/apis/supervisor/config/v1alpha1/types_meta.go b/generated/1.25/apis/supervisor/config/v1alpha1/types_meta.go deleted file mode 100644 index cd46a471..00000000 --- a/generated/1.25/apis/supervisor/config/v1alpha1/types_meta.go +++ /dev/null @@ -1,75 +0,0 @@ -// Copyright 2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - -// ConditionStatus is effectively an enum type for Condition.Status. -type ConditionStatus string - -// These are valid condition statuses. "ConditionTrue" means a resource is in the condition. -// "ConditionFalse" means a resource is not in the condition. "ConditionUnknown" means kubernetes -// can't decide if a resource is in the condition or not. In the future, we could add other -// intermediate conditions, e.g. ConditionDegraded. -const ( - ConditionTrue ConditionStatus = "True" - ConditionFalse ConditionStatus = "False" - ConditionUnknown ConditionStatus = "Unknown" -) - -// Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API -// version we can switch to using the upstream type. -// See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. -type Condition struct { - // type of condition in CamelCase or in foo.example.com/CamelCase. - // --- - // Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - // useful (see .node.status.conditions), the ability to deconflict is important. - // The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Pattern=`^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$` - // +kubebuilder:validation:MaxLength=316 - Type string `json:"type"` - - // status of the condition, one of True, False, Unknown. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Enum=True;False;Unknown - Status ConditionStatus `json:"status"` - - // observedGeneration represents the .metadata.generation that the condition was set based upon. - // For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - // with respect to the current state of the instance. - // +optional - // +kubebuilder:validation:Minimum=0 - ObservedGeneration int64 `json:"observedGeneration,omitempty"` - - // lastTransitionTime is the last time the condition transitioned from one status to another. - // This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Type=string - // +kubebuilder:validation:Format=date-time - LastTransitionTime metav1.Time `json:"lastTransitionTime"` - - // reason contains a programmatic identifier indicating the reason for the condition's last transition. - // Producers of specific condition types may define expected values and meanings for this field, - // and whether the values are considered a guaranteed API. - // The value should be a CamelCase string. - // This field may not be empty. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:MaxLength=1024 - // +kubebuilder:validation:MinLength=1 - // +kubebuilder:validation:Pattern=`^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$` - Reason string `json:"reason"` - - // message is a human readable message indicating details about the transition. - // This may be an empty string. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:MaxLength=32768 - Message string `json:"message"` -} diff --git a/generated/1.25/apis/supervisor/config/v1alpha1/types_oidcclient.go b/generated/1.25/apis/supervisor/config/v1alpha1/types_oidcclient.go index 719a597f..48f5de37 100644 --- a/generated/1.25/apis/supervisor/config/v1alpha1/types_oidcclient.go +++ b/generated/1.25/apis/supervisor/config/v1alpha1/types_oidcclient.go @@ -1,4 +1,4 @@ -// Copyright 2022 the Pinniped contributors. All Rights Reserved. +// Copyright 2022-2023 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 @@ -85,7 +85,7 @@ type OIDCClientStatus struct { // +patchStrategy=merge // +listType=map // +listMapKey=type - Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` + Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` // totalClientSecrets is the current number of client secrets that are detected for this OIDCClient. // +optional diff --git a/generated/1.25/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go b/generated/1.25/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go index 68201378..77defc47 100644 --- a/generated/1.25/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.25/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go @@ -9,26 +9,10 @@ package v1alpha1 import ( + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" ) -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Condition) DeepCopyInto(out *Condition) { - *out = *in - in.LastTransitionTime.DeepCopyInto(&out.LastTransitionTime) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Condition. -func (in *Condition) DeepCopy() *Condition { - if in == nil { - return nil - } - out := new(Condition) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *FederationDomain) DeepCopyInto(out *FederationDomain) { *out = *in @@ -265,7 +249,7 @@ func (in *OIDCClientStatus) DeepCopyInto(out *OIDCClientStatus) { *out = *in if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions - *out = make([]Condition, len(*in)) + *out = make([]v1.Condition, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } diff --git a/generated/1.25/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go b/generated/1.25/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go index a8a83e64..63fb1b55 100644 --- a/generated/1.25/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go +++ b/generated/1.25/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go @@ -32,7 +32,7 @@ type ActiveDirectoryIdentityProviderStatus struct { // +patchStrategy=merge // +listType=map // +listMapKey=type - Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` + Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` } type ActiveDirectoryIdentityProviderBind struct { diff --git a/generated/1.25/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go b/generated/1.25/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go index 5c76d6af..68200c51 100644 --- a/generated/1.25/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go +++ b/generated/1.25/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go @@ -32,7 +32,7 @@ type LDAPIdentityProviderStatus struct { // +patchStrategy=merge // +listType=map // +listMapKey=type - Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` + Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` } type LDAPIdentityProviderBind struct { diff --git a/generated/1.25/apis/supervisor/idp/v1alpha1/types_meta.go b/generated/1.25/apis/supervisor/idp/v1alpha1/types_meta.go deleted file mode 100644 index 76a7d547..00000000 --- a/generated/1.25/apis/supervisor/idp/v1alpha1/types_meta.go +++ /dev/null @@ -1,75 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - -// ConditionStatus is effectively an enum type for Condition.Status. -type ConditionStatus string - -// These are valid condition statuses. "ConditionTrue" means a resource is in the condition. -// "ConditionFalse" means a resource is not in the condition. "ConditionUnknown" means kubernetes -// can't decide if a resource is in the condition or not. In the future, we could add other -// intermediate conditions, e.g. ConditionDegraded. -const ( - ConditionTrue ConditionStatus = "True" - ConditionFalse ConditionStatus = "False" - ConditionUnknown ConditionStatus = "Unknown" -) - -// Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API -// version we can switch to using the upstream type. -// See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. -type Condition struct { - // type of condition in CamelCase or in foo.example.com/CamelCase. - // --- - // Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - // useful (see .node.status.conditions), the ability to deconflict is important. - // The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Pattern=`^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$` - // +kubebuilder:validation:MaxLength=316 - Type string `json:"type"` - - // status of the condition, one of True, False, Unknown. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Enum=True;False;Unknown - Status ConditionStatus `json:"status"` - - // observedGeneration represents the .metadata.generation that the condition was set based upon. - // For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - // with respect to the current state of the instance. - // +optional - // +kubebuilder:validation:Minimum=0 - ObservedGeneration int64 `json:"observedGeneration,omitempty"` - - // lastTransitionTime is the last time the condition transitioned from one status to another. - // This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Type=string - // +kubebuilder:validation:Format=date-time - LastTransitionTime metav1.Time `json:"lastTransitionTime"` - - // reason contains a programmatic identifier indicating the reason for the condition's last transition. - // Producers of specific condition types may define expected values and meanings for this field, - // and whether the values are considered a guaranteed API. - // The value should be a CamelCase string. - // This field may not be empty. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:MaxLength=1024 - // +kubebuilder:validation:MinLength=1 - // +kubebuilder:validation:Pattern=`^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$` - Reason string `json:"reason"` - - // message is a human readable message indicating details about the transition. - // This may be an empty string. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:MaxLength=32768 - Message string `json:"message"` -} diff --git a/generated/1.25/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go b/generated/1.25/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go index 99a0f47f..bdbff063 100644 --- a/generated/1.25/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go +++ b/generated/1.25/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go @@ -32,7 +32,7 @@ type OIDCIdentityProviderStatus struct { // +patchStrategy=merge // +listType=map // +listMapKey=type - Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` + Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` } // OIDCAuthorizationConfig provides information about how to form the OAuth2 authorization diff --git a/generated/1.25/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go b/generated/1.25/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go index 62cd7d8e..ad0a3806 100644 --- a/generated/1.25/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.25/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go @@ -9,6 +9,7 @@ package v1alpha1 import ( + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" ) @@ -151,7 +152,7 @@ func (in *ActiveDirectoryIdentityProviderStatus) DeepCopyInto(out *ActiveDirecto *out = *in if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions - *out = make([]Condition, len(*in)) + *out = make([]v1.Condition, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -202,23 +203,6 @@ func (in *ActiveDirectoryIdentityProviderUserSearchAttributes) DeepCopy() *Activ return out } -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Condition) DeepCopyInto(out *Condition) { - *out = *in - in.LastTransitionTime.DeepCopyInto(&out.LastTransitionTime) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Condition. -func (in *Condition) DeepCopy() *Condition { - if in == nil { - return nil - } - out := new(Condition) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *LDAPIdentityProvider) DeepCopyInto(out *LDAPIdentityProvider) { *out = *in @@ -358,7 +342,7 @@ func (in *LDAPIdentityProviderStatus) DeepCopyInto(out *LDAPIdentityProviderStat *out = *in if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions - *out = make([]Condition, len(*in)) + *out = make([]v1.Condition, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -564,7 +548,7 @@ func (in *OIDCIdentityProviderStatus) DeepCopyInto(out *OIDCIdentityProviderStat *out = *in if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions - *out = make([]Condition, len(*in)) + *out = make([]v1.Condition, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } diff --git a/generated/1.25/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml b/generated/1.25/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml index a1a77773..e42e231c 100644 --- a/generated/1.25/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml +++ b/generated/1.25/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml @@ -97,9 +97,15 @@ spec: description: Represents the observations of the authenticator's current state. items: - description: Condition status of a resource (mirrored from the metav1.Condition - type added in Kubernetes 1.19). In a future API version we can - switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition diff --git a/generated/1.25/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml b/generated/1.25/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml index 07c7f1e5..9a3d96b3 100644 --- a/generated/1.25/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml +++ b/generated/1.25/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml @@ -70,9 +70,15 @@ spec: description: Represents the observations of the authenticator's current state. items: - description: Condition status of a resource (mirrored from the metav1.Condition - type added in Kubernetes 1.19). In a future API version we can - switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition diff --git a/generated/1.25/crds/config.supervisor.pinniped.dev_oidcclients.yaml b/generated/1.25/crds/config.supervisor.pinniped.dev_oidcclients.yaml index e4978627..37d4b7c8 100644 --- a/generated/1.25/crds/config.supervisor.pinniped.dev_oidcclients.yaml +++ b/generated/1.25/crds/config.supervisor.pinniped.dev_oidcclients.yaml @@ -129,9 +129,15 @@ spec: description: conditions represent the observations of an OIDCClient's current state. items: - description: Condition status of a resource (mirrored from the metav1.Condition - type added in Kubernetes 1.19). In a future API version we can - switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition diff --git a/generated/1.25/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml b/generated/1.25/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml index 5fab109d..fed52818 100644 --- a/generated/1.25/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml +++ b/generated/1.25/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml @@ -232,9 +232,15 @@ spec: description: Represents the observations of an identity provider's current state. items: - description: Condition status of a resource (mirrored from the metav1.Condition - type added in Kubernetes 1.19). In a future API version we can - switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition diff --git a/generated/1.25/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml b/generated/1.25/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml index 5799cb5c..0e900251 100644 --- a/generated/1.25/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml +++ b/generated/1.25/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml @@ -229,9 +229,15 @@ spec: description: Represents the observations of an identity provider's current state. items: - description: Condition status of a resource (mirrored from the metav1.Condition - type added in Kubernetes 1.19). In a future API version we can - switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition diff --git a/generated/1.25/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml b/generated/1.25/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml index 9bb24fd9..5fad2fd6 100644 --- a/generated/1.25/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml +++ b/generated/1.25/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml @@ -259,9 +259,15 @@ spec: description: Represents the observations of an identity provider's current state. items: - description: Condition status of a resource (mirrored from the metav1.Condition - type added in Kubernetes 1.19). In a future API version we can - switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition diff --git a/generated/1.26/README.adoc b/generated/1.26/README.adoc index 5daf3f3e..69bf458b 100644 --- a/generated/1.26/README.adoc +++ b/generated/1.26/README.adoc @@ -23,41 +23,6 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped concierge authenticatio -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-authentication-v1alpha1-condition"] -==== Condition - -Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API version we can switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-authentication-v1alpha1-jwtauthenticatorstatus[$$JWTAuthenticatorStatus$$] -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-authentication-v1alpha1-webhookauthenticatorstatus[$$WebhookAuthenticatorStatus$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`type`* __string__ | type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-authentication-v1alpha1-conditionstatus[$$ConditionStatus$$]__ | status of the condition, one of True, False, Unknown. -| *`observedGeneration`* __integer__ | observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. -| *`lastTransitionTime`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.26/#time-v1-meta[$$Time$$]__ | lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. -| *`reason`* __string__ | reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. -| *`message`* __string__ | message is a human readable message indicating details about the transition. This may be an empty string. -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-authentication-v1alpha1-conditionstatus"] -==== ConditionStatus (string) - -ConditionStatus is effectively an enum type for Condition.Status. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-authentication-v1alpha1-condition[$$Condition$$] -**** - - - [id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-authentication-v1alpha1-jwtauthenticator"] ==== JWTAuthenticator @@ -114,7 +79,7 @@ Status of a JWT authenticator. [cols="25a,75a", options="header"] |=== | Field | Description -| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-authentication-v1alpha1-condition[$$Condition$$] array__ | Represents the observations of the authenticator's current state. +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.26/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of the authenticator's current state. |=== @@ -207,7 +172,7 @@ Status of a webhook authenticator. [cols="25a,75a", options="header"] |=== | Field | Description -| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-authentication-v1alpha1-condition[$$Condition$$] array__ | Represents the observations of the authenticator's current state. +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.26/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of the authenticator's current state. |=== @@ -665,40 +630,6 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped supervisor configuratio -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-config-v1alpha1-condition"] -==== Condition - -Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API version we can switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-config-v1alpha1-oidcclientstatus[$$OIDCClientStatus$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`type`* __string__ | type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-config-v1alpha1-conditionstatus[$$ConditionStatus$$]__ | status of the condition, one of True, False, Unknown. -| *`observedGeneration`* __integer__ | observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. -| *`lastTransitionTime`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.26/#time-v1-meta[$$Time$$]__ | lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. -| *`reason`* __string__ | reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. -| *`message`* __string__ | message is a human readable message indicating details about the transition. This may be an empty string. -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-config-v1alpha1-conditionstatus"] -==== ConditionStatus (string) - -ConditionStatus is effectively an enum type for Condition.Status. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-config-v1alpha1-condition[$$Condition$$] -**** - - - [id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-config-v1alpha1-federationdomain"] ==== FederationDomain @@ -894,7 +825,7 @@ OIDCClientStatus is a struct that describes the actual state of an OIDCClient. |=== | Field | Description | *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-config-v1alpha1-oidcclientphase[$$OIDCClientPhase$$]__ | phase summarizes the overall status of the OIDCClient. -| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-config-v1alpha1-condition[$$Condition$$] array__ | conditions represent the observations of an OIDCClient's current state. +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.26/#condition-v1-meta[$$Condition$$] array__ | conditions represent the observations of an OIDCClient's current state. | *`totalClientSecrets`* __integer__ | totalClientSecrets is the current number of client secrets that are detected for this OIDCClient. |=== @@ -1276,7 +1207,7 @@ Status of an Active Directory identity provider. |=== | Field | Description | *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderphase[$$ActiveDirectoryIdentityProviderPhase$$]__ | Phase summarizes the overall status of the ActiveDirectoryIdentityProvider. -| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-condition[$$Condition$$] array__ | Represents the observations of an identity provider's current state. +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.26/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of an identity provider's current state. |=== @@ -1317,42 +1248,6 @@ Status of an Active Directory identity provider. |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-condition"] -==== Condition - -Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API version we can switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderstatus[$$ActiveDirectoryIdentityProviderStatus$$] -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-ldapidentityproviderstatus[$$LDAPIdentityProviderStatus$$] -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-oidcidentityproviderstatus[$$OIDCIdentityProviderStatus$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`type`* __string__ | type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-conditionstatus[$$ConditionStatus$$]__ | status of the condition, one of True, False, Unknown. -| *`observedGeneration`* __integer__ | observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. -| *`lastTransitionTime`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.26/#time-v1-meta[$$Time$$]__ | lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. -| *`reason`* __string__ | reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. -| *`message`* __string__ | message is a human readable message indicating details about the transition. This may be an empty string. -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-conditionstatus"] -==== ConditionStatus (string) - -ConditionStatus is effectively an enum type for Condition.Status. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-condition[$$Condition$$] -**** - - - [id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-ldapidentityprovider"] ==== LDAPIdentityProvider @@ -1480,7 +1375,7 @@ Status of an LDAP identity provider. |=== | Field | Description | *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-ldapidentityproviderphase[$$LDAPIdentityProviderPhase$$]__ | Phase summarizes the overall status of the LDAPIdentityProvider. -| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-condition[$$Condition$$] array__ | Represents the observations of an identity provider's current state. +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.26/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of an identity provider's current state. |=== @@ -1645,7 +1540,7 @@ OIDCIdentityProviderStatus is the status of an OIDC identity provider. |=== | Field | Description | *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-oidcidentityproviderphase[$$OIDCIdentityProviderPhase$$]__ | Phase summarizes the overall status of the OIDCIdentityProvider. -| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-condition[$$Condition$$] array__ | Represents the observations of an identity provider's current state. +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.26/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of an identity provider's current state. |=== diff --git a/generated/1.26/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go b/generated/1.26/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go index a8596b22..b0bf988b 100644 --- a/generated/1.26/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go +++ b/generated/1.26/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2023 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 @@ -12,7 +12,7 @@ type JWTAuthenticatorStatus struct { // +patchStrategy=merge // +listType=map // +listMapKey=type - Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` + Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` } // Spec for configuring a JWT authenticator. diff --git a/generated/1.26/apis/concierge/authentication/v1alpha1/types_meta.go b/generated/1.26/apis/concierge/authentication/v1alpha1/types_meta.go deleted file mode 100644 index 76a7d547..00000000 --- a/generated/1.26/apis/concierge/authentication/v1alpha1/types_meta.go +++ /dev/null @@ -1,75 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - -// ConditionStatus is effectively an enum type for Condition.Status. -type ConditionStatus string - -// These are valid condition statuses. "ConditionTrue" means a resource is in the condition. -// "ConditionFalse" means a resource is not in the condition. "ConditionUnknown" means kubernetes -// can't decide if a resource is in the condition or not. In the future, we could add other -// intermediate conditions, e.g. ConditionDegraded. -const ( - ConditionTrue ConditionStatus = "True" - ConditionFalse ConditionStatus = "False" - ConditionUnknown ConditionStatus = "Unknown" -) - -// Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API -// version we can switch to using the upstream type. -// See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. -type Condition struct { - // type of condition in CamelCase or in foo.example.com/CamelCase. - // --- - // Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - // useful (see .node.status.conditions), the ability to deconflict is important. - // The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Pattern=`^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$` - // +kubebuilder:validation:MaxLength=316 - Type string `json:"type"` - - // status of the condition, one of True, False, Unknown. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Enum=True;False;Unknown - Status ConditionStatus `json:"status"` - - // observedGeneration represents the .metadata.generation that the condition was set based upon. - // For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - // with respect to the current state of the instance. - // +optional - // +kubebuilder:validation:Minimum=0 - ObservedGeneration int64 `json:"observedGeneration,omitempty"` - - // lastTransitionTime is the last time the condition transitioned from one status to another. - // This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Type=string - // +kubebuilder:validation:Format=date-time - LastTransitionTime metav1.Time `json:"lastTransitionTime"` - - // reason contains a programmatic identifier indicating the reason for the condition's last transition. - // Producers of specific condition types may define expected values and meanings for this field, - // and whether the values are considered a guaranteed API. - // The value should be a CamelCase string. - // This field may not be empty. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:MaxLength=1024 - // +kubebuilder:validation:MinLength=1 - // +kubebuilder:validation:Pattern=`^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$` - Reason string `json:"reason"` - - // message is a human readable message indicating details about the transition. - // This may be an empty string. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:MaxLength=32768 - Message string `json:"message"` -} diff --git a/generated/1.26/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go b/generated/1.26/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go index 77b1e045..207249b2 100644 --- a/generated/1.26/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go +++ b/generated/1.26/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2023 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 @@ -12,7 +12,7 @@ type WebhookAuthenticatorStatus struct { // +patchStrategy=merge // +listType=map // +listMapKey=type - Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` + Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` } // Spec for configuring a webhook authenticator. diff --git a/generated/1.26/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go b/generated/1.26/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go index 9a0828bc..2b36eaa8 100644 --- a/generated/1.26/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.26/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go @@ -9,26 +9,10 @@ package v1alpha1 import ( + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" ) -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Condition) DeepCopyInto(out *Condition) { - *out = *in - in.LastTransitionTime.DeepCopyInto(&out.LastTransitionTime) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Condition. -func (in *Condition) DeepCopy() *Condition { - if in == nil { - return nil - } - out := new(Condition) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *JWTAuthenticator) DeepCopyInto(out *JWTAuthenticator) { *out = *in @@ -117,7 +101,7 @@ func (in *JWTAuthenticatorStatus) DeepCopyInto(out *JWTAuthenticatorStatus) { *out = *in if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions - *out = make([]Condition, len(*in)) + *out = make([]v1.Condition, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -254,7 +238,7 @@ func (in *WebhookAuthenticatorStatus) DeepCopyInto(out *WebhookAuthenticatorStat *out = *in if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions - *out = make([]Condition, len(*in)) + *out = make([]v1.Condition, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } diff --git a/generated/1.26/apis/supervisor/config/v1alpha1/types_meta.go b/generated/1.26/apis/supervisor/config/v1alpha1/types_meta.go deleted file mode 100644 index cd46a471..00000000 --- a/generated/1.26/apis/supervisor/config/v1alpha1/types_meta.go +++ /dev/null @@ -1,75 +0,0 @@ -// Copyright 2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - -// ConditionStatus is effectively an enum type for Condition.Status. -type ConditionStatus string - -// These are valid condition statuses. "ConditionTrue" means a resource is in the condition. -// "ConditionFalse" means a resource is not in the condition. "ConditionUnknown" means kubernetes -// can't decide if a resource is in the condition or not. In the future, we could add other -// intermediate conditions, e.g. ConditionDegraded. -const ( - ConditionTrue ConditionStatus = "True" - ConditionFalse ConditionStatus = "False" - ConditionUnknown ConditionStatus = "Unknown" -) - -// Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API -// version we can switch to using the upstream type. -// See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. -type Condition struct { - // type of condition in CamelCase or in foo.example.com/CamelCase. - // --- - // Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - // useful (see .node.status.conditions), the ability to deconflict is important. - // The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Pattern=`^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$` - // +kubebuilder:validation:MaxLength=316 - Type string `json:"type"` - - // status of the condition, one of True, False, Unknown. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Enum=True;False;Unknown - Status ConditionStatus `json:"status"` - - // observedGeneration represents the .metadata.generation that the condition was set based upon. - // For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - // with respect to the current state of the instance. - // +optional - // +kubebuilder:validation:Minimum=0 - ObservedGeneration int64 `json:"observedGeneration,omitempty"` - - // lastTransitionTime is the last time the condition transitioned from one status to another. - // This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Type=string - // +kubebuilder:validation:Format=date-time - LastTransitionTime metav1.Time `json:"lastTransitionTime"` - - // reason contains a programmatic identifier indicating the reason for the condition's last transition. - // Producers of specific condition types may define expected values and meanings for this field, - // and whether the values are considered a guaranteed API. - // The value should be a CamelCase string. - // This field may not be empty. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:MaxLength=1024 - // +kubebuilder:validation:MinLength=1 - // +kubebuilder:validation:Pattern=`^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$` - Reason string `json:"reason"` - - // message is a human readable message indicating details about the transition. - // This may be an empty string. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:MaxLength=32768 - Message string `json:"message"` -} diff --git a/generated/1.26/apis/supervisor/config/v1alpha1/types_oidcclient.go b/generated/1.26/apis/supervisor/config/v1alpha1/types_oidcclient.go index 719a597f..48f5de37 100644 --- a/generated/1.26/apis/supervisor/config/v1alpha1/types_oidcclient.go +++ b/generated/1.26/apis/supervisor/config/v1alpha1/types_oidcclient.go @@ -1,4 +1,4 @@ -// Copyright 2022 the Pinniped contributors. All Rights Reserved. +// Copyright 2022-2023 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 @@ -85,7 +85,7 @@ type OIDCClientStatus struct { // +patchStrategy=merge // +listType=map // +listMapKey=type - Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` + Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` // totalClientSecrets is the current number of client secrets that are detected for this OIDCClient. // +optional diff --git a/generated/1.26/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go b/generated/1.26/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go index 68201378..77defc47 100644 --- a/generated/1.26/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.26/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go @@ -9,26 +9,10 @@ package v1alpha1 import ( + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" ) -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Condition) DeepCopyInto(out *Condition) { - *out = *in - in.LastTransitionTime.DeepCopyInto(&out.LastTransitionTime) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Condition. -func (in *Condition) DeepCopy() *Condition { - if in == nil { - return nil - } - out := new(Condition) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *FederationDomain) DeepCopyInto(out *FederationDomain) { *out = *in @@ -265,7 +249,7 @@ func (in *OIDCClientStatus) DeepCopyInto(out *OIDCClientStatus) { *out = *in if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions - *out = make([]Condition, len(*in)) + *out = make([]v1.Condition, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } diff --git a/generated/1.26/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go b/generated/1.26/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go index a8a83e64..63fb1b55 100644 --- a/generated/1.26/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go +++ b/generated/1.26/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go @@ -32,7 +32,7 @@ type ActiveDirectoryIdentityProviderStatus struct { // +patchStrategy=merge // +listType=map // +listMapKey=type - Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` + Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` } type ActiveDirectoryIdentityProviderBind struct { diff --git a/generated/1.26/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go b/generated/1.26/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go index 5c76d6af..68200c51 100644 --- a/generated/1.26/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go +++ b/generated/1.26/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go @@ -32,7 +32,7 @@ type LDAPIdentityProviderStatus struct { // +patchStrategy=merge // +listType=map // +listMapKey=type - Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` + Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` } type LDAPIdentityProviderBind struct { diff --git a/generated/1.26/apis/supervisor/idp/v1alpha1/types_meta.go b/generated/1.26/apis/supervisor/idp/v1alpha1/types_meta.go deleted file mode 100644 index 76a7d547..00000000 --- a/generated/1.26/apis/supervisor/idp/v1alpha1/types_meta.go +++ /dev/null @@ -1,75 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - -// ConditionStatus is effectively an enum type for Condition.Status. -type ConditionStatus string - -// These are valid condition statuses. "ConditionTrue" means a resource is in the condition. -// "ConditionFalse" means a resource is not in the condition. "ConditionUnknown" means kubernetes -// can't decide if a resource is in the condition or not. In the future, we could add other -// intermediate conditions, e.g. ConditionDegraded. -const ( - ConditionTrue ConditionStatus = "True" - ConditionFalse ConditionStatus = "False" - ConditionUnknown ConditionStatus = "Unknown" -) - -// Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API -// version we can switch to using the upstream type. -// See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. -type Condition struct { - // type of condition in CamelCase or in foo.example.com/CamelCase. - // --- - // Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - // useful (see .node.status.conditions), the ability to deconflict is important. - // The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Pattern=`^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$` - // +kubebuilder:validation:MaxLength=316 - Type string `json:"type"` - - // status of the condition, one of True, False, Unknown. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Enum=True;False;Unknown - Status ConditionStatus `json:"status"` - - // observedGeneration represents the .metadata.generation that the condition was set based upon. - // For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - // with respect to the current state of the instance. - // +optional - // +kubebuilder:validation:Minimum=0 - ObservedGeneration int64 `json:"observedGeneration,omitempty"` - - // lastTransitionTime is the last time the condition transitioned from one status to another. - // This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Type=string - // +kubebuilder:validation:Format=date-time - LastTransitionTime metav1.Time `json:"lastTransitionTime"` - - // reason contains a programmatic identifier indicating the reason for the condition's last transition. - // Producers of specific condition types may define expected values and meanings for this field, - // and whether the values are considered a guaranteed API. - // The value should be a CamelCase string. - // This field may not be empty. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:MaxLength=1024 - // +kubebuilder:validation:MinLength=1 - // +kubebuilder:validation:Pattern=`^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$` - Reason string `json:"reason"` - - // message is a human readable message indicating details about the transition. - // This may be an empty string. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:MaxLength=32768 - Message string `json:"message"` -} diff --git a/generated/1.26/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go b/generated/1.26/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go index 99a0f47f..bdbff063 100644 --- a/generated/1.26/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go +++ b/generated/1.26/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go @@ -32,7 +32,7 @@ type OIDCIdentityProviderStatus struct { // +patchStrategy=merge // +listType=map // +listMapKey=type - Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` + Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` } // OIDCAuthorizationConfig provides information about how to form the OAuth2 authorization diff --git a/generated/1.26/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go b/generated/1.26/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go index 62cd7d8e..ad0a3806 100644 --- a/generated/1.26/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.26/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go @@ -9,6 +9,7 @@ package v1alpha1 import ( + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" ) @@ -151,7 +152,7 @@ func (in *ActiveDirectoryIdentityProviderStatus) DeepCopyInto(out *ActiveDirecto *out = *in if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions - *out = make([]Condition, len(*in)) + *out = make([]v1.Condition, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -202,23 +203,6 @@ func (in *ActiveDirectoryIdentityProviderUserSearchAttributes) DeepCopy() *Activ return out } -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Condition) DeepCopyInto(out *Condition) { - *out = *in - in.LastTransitionTime.DeepCopyInto(&out.LastTransitionTime) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Condition. -func (in *Condition) DeepCopy() *Condition { - if in == nil { - return nil - } - out := new(Condition) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *LDAPIdentityProvider) DeepCopyInto(out *LDAPIdentityProvider) { *out = *in @@ -358,7 +342,7 @@ func (in *LDAPIdentityProviderStatus) DeepCopyInto(out *LDAPIdentityProviderStat *out = *in if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions - *out = make([]Condition, len(*in)) + *out = make([]v1.Condition, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -564,7 +548,7 @@ func (in *OIDCIdentityProviderStatus) DeepCopyInto(out *OIDCIdentityProviderStat *out = *in if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions - *out = make([]Condition, len(*in)) + *out = make([]v1.Condition, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } diff --git a/generated/1.26/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml b/generated/1.26/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml index a1a77773..e42e231c 100644 --- a/generated/1.26/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml +++ b/generated/1.26/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml @@ -97,9 +97,15 @@ spec: description: Represents the observations of the authenticator's current state. items: - description: Condition status of a resource (mirrored from the metav1.Condition - type added in Kubernetes 1.19). In a future API version we can - switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition diff --git a/generated/1.26/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml b/generated/1.26/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml index 07c7f1e5..9a3d96b3 100644 --- a/generated/1.26/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml +++ b/generated/1.26/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml @@ -70,9 +70,15 @@ spec: description: Represents the observations of the authenticator's current state. items: - description: Condition status of a resource (mirrored from the metav1.Condition - type added in Kubernetes 1.19). In a future API version we can - switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition diff --git a/generated/1.26/crds/config.supervisor.pinniped.dev_oidcclients.yaml b/generated/1.26/crds/config.supervisor.pinniped.dev_oidcclients.yaml index e4978627..37d4b7c8 100644 --- a/generated/1.26/crds/config.supervisor.pinniped.dev_oidcclients.yaml +++ b/generated/1.26/crds/config.supervisor.pinniped.dev_oidcclients.yaml @@ -129,9 +129,15 @@ spec: description: conditions represent the observations of an OIDCClient's current state. items: - description: Condition status of a resource (mirrored from the metav1.Condition - type added in Kubernetes 1.19). In a future API version we can - switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition diff --git a/generated/1.26/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml b/generated/1.26/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml index 5fab109d..fed52818 100644 --- a/generated/1.26/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml +++ b/generated/1.26/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml @@ -232,9 +232,15 @@ spec: description: Represents the observations of an identity provider's current state. items: - description: Condition status of a resource (mirrored from the metav1.Condition - type added in Kubernetes 1.19). In a future API version we can - switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition diff --git a/generated/1.26/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml b/generated/1.26/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml index 5799cb5c..0e900251 100644 --- a/generated/1.26/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml +++ b/generated/1.26/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml @@ -229,9 +229,15 @@ spec: description: Represents the observations of an identity provider's current state. items: - description: Condition status of a resource (mirrored from the metav1.Condition - type added in Kubernetes 1.19). In a future API version we can - switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition diff --git a/generated/1.26/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml b/generated/1.26/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml index 9bb24fd9..5fad2fd6 100644 --- a/generated/1.26/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml +++ b/generated/1.26/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml @@ -259,9 +259,15 @@ spec: description: Represents the observations of an identity provider's current state. items: - description: Condition status of a resource (mirrored from the metav1.Condition - type added in Kubernetes 1.19). In a future API version we can - switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition diff --git a/generated/1.27/README.adoc b/generated/1.27/README.adoc index 93122354..41ef8ab7 100644 --- a/generated/1.27/README.adoc +++ b/generated/1.27/README.adoc @@ -23,41 +23,6 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped concierge authenticatio -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-authentication-v1alpha1-condition"] -==== Condition - -Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API version we can switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-authentication-v1alpha1-jwtauthenticatorstatus[$$JWTAuthenticatorStatus$$] -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-authentication-v1alpha1-webhookauthenticatorstatus[$$WebhookAuthenticatorStatus$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`type`* __string__ | type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-authentication-v1alpha1-conditionstatus[$$ConditionStatus$$]__ | status of the condition, one of True, False, Unknown. -| *`observedGeneration`* __integer__ | observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. -| *`lastTransitionTime`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#time-v1-meta[$$Time$$]__ | lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. -| *`reason`* __string__ | reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. -| *`message`* __string__ | message is a human readable message indicating details about the transition. This may be an empty string. -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-authentication-v1alpha1-conditionstatus"] -==== ConditionStatus (string) - -ConditionStatus is effectively an enum type for Condition.Status. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-authentication-v1alpha1-condition[$$Condition$$] -**** - - - [id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-authentication-v1alpha1-jwtauthenticator"] ==== JWTAuthenticator @@ -114,7 +79,7 @@ Status of a JWT authenticator. [cols="25a,75a", options="header"] |=== | Field | Description -| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-authentication-v1alpha1-condition[$$Condition$$] array__ | Represents the observations of the authenticator's current state. +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of the authenticator's current state. |=== @@ -207,7 +172,7 @@ Status of a webhook authenticator. [cols="25a,75a", options="header"] |=== | Field | Description -| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-authentication-v1alpha1-condition[$$Condition$$] array__ | Represents the observations of the authenticator's current state. +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of the authenticator's current state. |=== @@ -665,40 +630,6 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped supervisor configuratio -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-config-v1alpha1-condition"] -==== Condition - -Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API version we can switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-config-v1alpha1-oidcclientstatus[$$OIDCClientStatus$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`type`* __string__ | type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-config-v1alpha1-conditionstatus[$$ConditionStatus$$]__ | status of the condition, one of True, False, Unknown. -| *`observedGeneration`* __integer__ | observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. -| *`lastTransitionTime`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#time-v1-meta[$$Time$$]__ | lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. -| *`reason`* __string__ | reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. -| *`message`* __string__ | message is a human readable message indicating details about the transition. This may be an empty string. -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-config-v1alpha1-conditionstatus"] -==== ConditionStatus (string) - -ConditionStatus is effectively an enum type for Condition.Status. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-config-v1alpha1-condition[$$Condition$$] -**** - - - [id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-config-v1alpha1-federationdomain"] ==== FederationDomain @@ -894,7 +825,7 @@ OIDCClientStatus is a struct that describes the actual state of an OIDCClient. |=== | Field | Description | *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-config-v1alpha1-oidcclientphase[$$OIDCClientPhase$$]__ | phase summarizes the overall status of the OIDCClient. -| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-config-v1alpha1-condition[$$Condition$$] array__ | conditions represent the observations of an OIDCClient's current state. +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#condition-v1-meta[$$Condition$$] array__ | conditions represent the observations of an OIDCClient's current state. | *`totalClientSecrets`* __integer__ | totalClientSecrets is the current number of client secrets that are detected for this OIDCClient. |=== @@ -1276,7 +1207,7 @@ Status of an Active Directory identity provider. |=== | Field | Description | *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderphase[$$ActiveDirectoryIdentityProviderPhase$$]__ | Phase summarizes the overall status of the ActiveDirectoryIdentityProvider. -| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-condition[$$Condition$$] array__ | Represents the observations of an identity provider's current state. +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of an identity provider's current state. |=== @@ -1317,42 +1248,6 @@ Status of an Active Directory identity provider. |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-condition"] -==== Condition - -Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API version we can switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderstatus[$$ActiveDirectoryIdentityProviderStatus$$] -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-ldapidentityproviderstatus[$$LDAPIdentityProviderStatus$$] -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-oidcidentityproviderstatus[$$OIDCIdentityProviderStatus$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`type`* __string__ | type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-conditionstatus[$$ConditionStatus$$]__ | status of the condition, one of True, False, Unknown. -| *`observedGeneration`* __integer__ | observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. -| *`lastTransitionTime`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#time-v1-meta[$$Time$$]__ | lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. -| *`reason`* __string__ | reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. -| *`message`* __string__ | message is a human readable message indicating details about the transition. This may be an empty string. -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-conditionstatus"] -==== ConditionStatus (string) - -ConditionStatus is effectively an enum type for Condition.Status. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-condition[$$Condition$$] -**** - - - [id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-ldapidentityprovider"] ==== LDAPIdentityProvider @@ -1480,7 +1375,7 @@ Status of an LDAP identity provider. |=== | Field | Description | *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-ldapidentityproviderphase[$$LDAPIdentityProviderPhase$$]__ | Phase summarizes the overall status of the LDAPIdentityProvider. -| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-condition[$$Condition$$] array__ | Represents the observations of an identity provider's current state. +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of an identity provider's current state. |=== @@ -1645,7 +1540,7 @@ OIDCIdentityProviderStatus is the status of an OIDC identity provider. |=== | Field | Description | *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-oidcidentityproviderphase[$$OIDCIdentityProviderPhase$$]__ | Phase summarizes the overall status of the OIDCIdentityProvider. -| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-condition[$$Condition$$] array__ | Represents the observations of an identity provider's current state. +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of an identity provider's current state. |=== diff --git a/generated/1.27/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go b/generated/1.27/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go index a8596b22..b0bf988b 100644 --- a/generated/1.27/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go +++ b/generated/1.27/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2023 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 @@ -12,7 +12,7 @@ type JWTAuthenticatorStatus struct { // +patchStrategy=merge // +listType=map // +listMapKey=type - Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` + Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` } // Spec for configuring a JWT authenticator. diff --git a/generated/1.27/apis/concierge/authentication/v1alpha1/types_meta.go b/generated/1.27/apis/concierge/authentication/v1alpha1/types_meta.go deleted file mode 100644 index 76a7d547..00000000 --- a/generated/1.27/apis/concierge/authentication/v1alpha1/types_meta.go +++ /dev/null @@ -1,75 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - -// ConditionStatus is effectively an enum type for Condition.Status. -type ConditionStatus string - -// These are valid condition statuses. "ConditionTrue" means a resource is in the condition. -// "ConditionFalse" means a resource is not in the condition. "ConditionUnknown" means kubernetes -// can't decide if a resource is in the condition or not. In the future, we could add other -// intermediate conditions, e.g. ConditionDegraded. -const ( - ConditionTrue ConditionStatus = "True" - ConditionFalse ConditionStatus = "False" - ConditionUnknown ConditionStatus = "Unknown" -) - -// Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API -// version we can switch to using the upstream type. -// See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. -type Condition struct { - // type of condition in CamelCase or in foo.example.com/CamelCase. - // --- - // Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - // useful (see .node.status.conditions), the ability to deconflict is important. - // The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Pattern=`^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$` - // +kubebuilder:validation:MaxLength=316 - Type string `json:"type"` - - // status of the condition, one of True, False, Unknown. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Enum=True;False;Unknown - Status ConditionStatus `json:"status"` - - // observedGeneration represents the .metadata.generation that the condition was set based upon. - // For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - // with respect to the current state of the instance. - // +optional - // +kubebuilder:validation:Minimum=0 - ObservedGeneration int64 `json:"observedGeneration,omitempty"` - - // lastTransitionTime is the last time the condition transitioned from one status to another. - // This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Type=string - // +kubebuilder:validation:Format=date-time - LastTransitionTime metav1.Time `json:"lastTransitionTime"` - - // reason contains a programmatic identifier indicating the reason for the condition's last transition. - // Producers of specific condition types may define expected values and meanings for this field, - // and whether the values are considered a guaranteed API. - // The value should be a CamelCase string. - // This field may not be empty. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:MaxLength=1024 - // +kubebuilder:validation:MinLength=1 - // +kubebuilder:validation:Pattern=`^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$` - Reason string `json:"reason"` - - // message is a human readable message indicating details about the transition. - // This may be an empty string. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:MaxLength=32768 - Message string `json:"message"` -} diff --git a/generated/1.27/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go b/generated/1.27/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go index 77b1e045..207249b2 100644 --- a/generated/1.27/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go +++ b/generated/1.27/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2023 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 @@ -12,7 +12,7 @@ type WebhookAuthenticatorStatus struct { // +patchStrategy=merge // +listType=map // +listMapKey=type - Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` + Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` } // Spec for configuring a webhook authenticator. diff --git a/generated/1.27/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go b/generated/1.27/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go index 9a0828bc..2b36eaa8 100644 --- a/generated/1.27/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.27/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go @@ -9,26 +9,10 @@ package v1alpha1 import ( + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" ) -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Condition) DeepCopyInto(out *Condition) { - *out = *in - in.LastTransitionTime.DeepCopyInto(&out.LastTransitionTime) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Condition. -func (in *Condition) DeepCopy() *Condition { - if in == nil { - return nil - } - out := new(Condition) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *JWTAuthenticator) DeepCopyInto(out *JWTAuthenticator) { *out = *in @@ -117,7 +101,7 @@ func (in *JWTAuthenticatorStatus) DeepCopyInto(out *JWTAuthenticatorStatus) { *out = *in if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions - *out = make([]Condition, len(*in)) + *out = make([]v1.Condition, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -254,7 +238,7 @@ func (in *WebhookAuthenticatorStatus) DeepCopyInto(out *WebhookAuthenticatorStat *out = *in if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions - *out = make([]Condition, len(*in)) + *out = make([]v1.Condition, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } diff --git a/generated/1.27/apis/supervisor/config/v1alpha1/types_meta.go b/generated/1.27/apis/supervisor/config/v1alpha1/types_meta.go deleted file mode 100644 index cd46a471..00000000 --- a/generated/1.27/apis/supervisor/config/v1alpha1/types_meta.go +++ /dev/null @@ -1,75 +0,0 @@ -// Copyright 2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - -// ConditionStatus is effectively an enum type for Condition.Status. -type ConditionStatus string - -// These are valid condition statuses. "ConditionTrue" means a resource is in the condition. -// "ConditionFalse" means a resource is not in the condition. "ConditionUnknown" means kubernetes -// can't decide if a resource is in the condition or not. In the future, we could add other -// intermediate conditions, e.g. ConditionDegraded. -const ( - ConditionTrue ConditionStatus = "True" - ConditionFalse ConditionStatus = "False" - ConditionUnknown ConditionStatus = "Unknown" -) - -// Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API -// version we can switch to using the upstream type. -// See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. -type Condition struct { - // type of condition in CamelCase or in foo.example.com/CamelCase. - // --- - // Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - // useful (see .node.status.conditions), the ability to deconflict is important. - // The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Pattern=`^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$` - // +kubebuilder:validation:MaxLength=316 - Type string `json:"type"` - - // status of the condition, one of True, False, Unknown. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Enum=True;False;Unknown - Status ConditionStatus `json:"status"` - - // observedGeneration represents the .metadata.generation that the condition was set based upon. - // For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - // with respect to the current state of the instance. - // +optional - // +kubebuilder:validation:Minimum=0 - ObservedGeneration int64 `json:"observedGeneration,omitempty"` - - // lastTransitionTime is the last time the condition transitioned from one status to another. - // This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Type=string - // +kubebuilder:validation:Format=date-time - LastTransitionTime metav1.Time `json:"lastTransitionTime"` - - // reason contains a programmatic identifier indicating the reason for the condition's last transition. - // Producers of specific condition types may define expected values and meanings for this field, - // and whether the values are considered a guaranteed API. - // The value should be a CamelCase string. - // This field may not be empty. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:MaxLength=1024 - // +kubebuilder:validation:MinLength=1 - // +kubebuilder:validation:Pattern=`^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$` - Reason string `json:"reason"` - - // message is a human readable message indicating details about the transition. - // This may be an empty string. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:MaxLength=32768 - Message string `json:"message"` -} diff --git a/generated/1.27/apis/supervisor/config/v1alpha1/types_oidcclient.go b/generated/1.27/apis/supervisor/config/v1alpha1/types_oidcclient.go index 719a597f..48f5de37 100644 --- a/generated/1.27/apis/supervisor/config/v1alpha1/types_oidcclient.go +++ b/generated/1.27/apis/supervisor/config/v1alpha1/types_oidcclient.go @@ -1,4 +1,4 @@ -// Copyright 2022 the Pinniped contributors. All Rights Reserved. +// Copyright 2022-2023 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 @@ -85,7 +85,7 @@ type OIDCClientStatus struct { // +patchStrategy=merge // +listType=map // +listMapKey=type - Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` + Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` // totalClientSecrets is the current number of client secrets that are detected for this OIDCClient. // +optional diff --git a/generated/1.27/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go b/generated/1.27/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go index 68201378..77defc47 100644 --- a/generated/1.27/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.27/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go @@ -9,26 +9,10 @@ package v1alpha1 import ( + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" ) -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Condition) DeepCopyInto(out *Condition) { - *out = *in - in.LastTransitionTime.DeepCopyInto(&out.LastTransitionTime) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Condition. -func (in *Condition) DeepCopy() *Condition { - if in == nil { - return nil - } - out := new(Condition) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *FederationDomain) DeepCopyInto(out *FederationDomain) { *out = *in @@ -265,7 +249,7 @@ func (in *OIDCClientStatus) DeepCopyInto(out *OIDCClientStatus) { *out = *in if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions - *out = make([]Condition, len(*in)) + *out = make([]v1.Condition, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } diff --git a/generated/1.27/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go b/generated/1.27/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go index a8a83e64..63fb1b55 100644 --- a/generated/1.27/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go +++ b/generated/1.27/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go @@ -32,7 +32,7 @@ type ActiveDirectoryIdentityProviderStatus struct { // +patchStrategy=merge // +listType=map // +listMapKey=type - Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` + Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` } type ActiveDirectoryIdentityProviderBind struct { diff --git a/generated/1.27/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go b/generated/1.27/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go index 5c76d6af..68200c51 100644 --- a/generated/1.27/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go +++ b/generated/1.27/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go @@ -32,7 +32,7 @@ type LDAPIdentityProviderStatus struct { // +patchStrategy=merge // +listType=map // +listMapKey=type - Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` + Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` } type LDAPIdentityProviderBind struct { diff --git a/generated/1.27/apis/supervisor/idp/v1alpha1/types_meta.go b/generated/1.27/apis/supervisor/idp/v1alpha1/types_meta.go deleted file mode 100644 index 76a7d547..00000000 --- a/generated/1.27/apis/supervisor/idp/v1alpha1/types_meta.go +++ /dev/null @@ -1,75 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - -// ConditionStatus is effectively an enum type for Condition.Status. -type ConditionStatus string - -// These are valid condition statuses. "ConditionTrue" means a resource is in the condition. -// "ConditionFalse" means a resource is not in the condition. "ConditionUnknown" means kubernetes -// can't decide if a resource is in the condition or not. In the future, we could add other -// intermediate conditions, e.g. ConditionDegraded. -const ( - ConditionTrue ConditionStatus = "True" - ConditionFalse ConditionStatus = "False" - ConditionUnknown ConditionStatus = "Unknown" -) - -// Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API -// version we can switch to using the upstream type. -// See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. -type Condition struct { - // type of condition in CamelCase or in foo.example.com/CamelCase. - // --- - // Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - // useful (see .node.status.conditions), the ability to deconflict is important. - // The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Pattern=`^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$` - // +kubebuilder:validation:MaxLength=316 - Type string `json:"type"` - - // status of the condition, one of True, False, Unknown. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Enum=True;False;Unknown - Status ConditionStatus `json:"status"` - - // observedGeneration represents the .metadata.generation that the condition was set based upon. - // For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - // with respect to the current state of the instance. - // +optional - // +kubebuilder:validation:Minimum=0 - ObservedGeneration int64 `json:"observedGeneration,omitempty"` - - // lastTransitionTime is the last time the condition transitioned from one status to another. - // This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Type=string - // +kubebuilder:validation:Format=date-time - LastTransitionTime metav1.Time `json:"lastTransitionTime"` - - // reason contains a programmatic identifier indicating the reason for the condition's last transition. - // Producers of specific condition types may define expected values and meanings for this field, - // and whether the values are considered a guaranteed API. - // The value should be a CamelCase string. - // This field may not be empty. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:MaxLength=1024 - // +kubebuilder:validation:MinLength=1 - // +kubebuilder:validation:Pattern=`^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$` - Reason string `json:"reason"` - - // message is a human readable message indicating details about the transition. - // This may be an empty string. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:MaxLength=32768 - Message string `json:"message"` -} diff --git a/generated/1.27/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go b/generated/1.27/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go index 99a0f47f..bdbff063 100644 --- a/generated/1.27/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go +++ b/generated/1.27/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go @@ -32,7 +32,7 @@ type OIDCIdentityProviderStatus struct { // +patchStrategy=merge // +listType=map // +listMapKey=type - Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` + Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` } // OIDCAuthorizationConfig provides information about how to form the OAuth2 authorization diff --git a/generated/1.27/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go b/generated/1.27/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go index 62cd7d8e..ad0a3806 100644 --- a/generated/1.27/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.27/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go @@ -9,6 +9,7 @@ package v1alpha1 import ( + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" ) @@ -151,7 +152,7 @@ func (in *ActiveDirectoryIdentityProviderStatus) DeepCopyInto(out *ActiveDirecto *out = *in if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions - *out = make([]Condition, len(*in)) + *out = make([]v1.Condition, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -202,23 +203,6 @@ func (in *ActiveDirectoryIdentityProviderUserSearchAttributes) DeepCopy() *Activ return out } -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Condition) DeepCopyInto(out *Condition) { - *out = *in - in.LastTransitionTime.DeepCopyInto(&out.LastTransitionTime) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Condition. -func (in *Condition) DeepCopy() *Condition { - if in == nil { - return nil - } - out := new(Condition) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *LDAPIdentityProvider) DeepCopyInto(out *LDAPIdentityProvider) { *out = *in @@ -358,7 +342,7 @@ func (in *LDAPIdentityProviderStatus) DeepCopyInto(out *LDAPIdentityProviderStat *out = *in if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions - *out = make([]Condition, len(*in)) + *out = make([]v1.Condition, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -564,7 +548,7 @@ func (in *OIDCIdentityProviderStatus) DeepCopyInto(out *OIDCIdentityProviderStat *out = *in if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions - *out = make([]Condition, len(*in)) + *out = make([]v1.Condition, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } diff --git a/generated/1.27/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml b/generated/1.27/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml index a1a77773..e42e231c 100644 --- a/generated/1.27/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml +++ b/generated/1.27/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml @@ -97,9 +97,15 @@ spec: description: Represents the observations of the authenticator's current state. items: - description: Condition status of a resource (mirrored from the metav1.Condition - type added in Kubernetes 1.19). In a future API version we can - switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition diff --git a/generated/1.27/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml b/generated/1.27/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml index 07c7f1e5..9a3d96b3 100644 --- a/generated/1.27/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml +++ b/generated/1.27/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml @@ -70,9 +70,15 @@ spec: description: Represents the observations of the authenticator's current state. items: - description: Condition status of a resource (mirrored from the metav1.Condition - type added in Kubernetes 1.19). In a future API version we can - switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition diff --git a/generated/1.27/crds/config.supervisor.pinniped.dev_oidcclients.yaml b/generated/1.27/crds/config.supervisor.pinniped.dev_oidcclients.yaml index e4978627..37d4b7c8 100644 --- a/generated/1.27/crds/config.supervisor.pinniped.dev_oidcclients.yaml +++ b/generated/1.27/crds/config.supervisor.pinniped.dev_oidcclients.yaml @@ -129,9 +129,15 @@ spec: description: conditions represent the observations of an OIDCClient's current state. items: - description: Condition status of a resource (mirrored from the metav1.Condition - type added in Kubernetes 1.19). In a future API version we can - switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition diff --git a/generated/1.27/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml b/generated/1.27/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml index 5fab109d..fed52818 100644 --- a/generated/1.27/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml +++ b/generated/1.27/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml @@ -232,9 +232,15 @@ spec: description: Represents the observations of an identity provider's current state. items: - description: Condition status of a resource (mirrored from the metav1.Condition - type added in Kubernetes 1.19). In a future API version we can - switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition diff --git a/generated/1.27/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml b/generated/1.27/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml index 5799cb5c..0e900251 100644 --- a/generated/1.27/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml +++ b/generated/1.27/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml @@ -229,9 +229,15 @@ spec: description: Represents the observations of an identity provider's current state. items: - description: Condition status of a resource (mirrored from the metav1.Condition - type added in Kubernetes 1.19). In a future API version we can - switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition diff --git a/generated/1.27/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml b/generated/1.27/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml index 9bb24fd9..5fad2fd6 100644 --- a/generated/1.27/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml +++ b/generated/1.27/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml @@ -259,9 +259,15 @@ spec: description: Represents the observations of an identity provider's current state. items: - description: Condition status of a resource (mirrored from the metav1.Condition - type added in Kubernetes 1.19). In a future API version we can - switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition diff --git a/generated/1.28/README.adoc b/generated/1.28/README.adoc index fcf0e767..08db55da 100644 --- a/generated/1.28/README.adoc +++ b/generated/1.28/README.adoc @@ -23,41 +23,6 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped concierge authenticatio -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-authentication-v1alpha1-condition"] -==== Condition - -Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API version we can switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-authentication-v1alpha1-jwtauthenticatorstatus[$$JWTAuthenticatorStatus$$] -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-authentication-v1alpha1-webhookauthenticatorstatus[$$WebhookAuthenticatorStatus$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`type`* __string__ | type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-authentication-v1alpha1-conditionstatus[$$ConditionStatus$$]__ | status of the condition, one of True, False, Unknown. -| *`observedGeneration`* __integer__ | observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. -| *`lastTransitionTime`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#time-v1-meta[$$Time$$]__ | lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. -| *`reason`* __string__ | reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. -| *`message`* __string__ | message is a human readable message indicating details about the transition. This may be an empty string. -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-authentication-v1alpha1-conditionstatus"] -==== ConditionStatus (string) - -ConditionStatus is effectively an enum type for Condition.Status. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-authentication-v1alpha1-condition[$$Condition$$] -**** - - - [id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-authentication-v1alpha1-jwtauthenticator"] ==== JWTAuthenticator @@ -114,7 +79,7 @@ Status of a JWT authenticator. [cols="25a,75a", options="header"] |=== | Field | Description -| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-authentication-v1alpha1-condition[$$Condition$$] array__ | Represents the observations of the authenticator's current state. +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of the authenticator's current state. |=== @@ -207,7 +172,7 @@ Status of a webhook authenticator. [cols="25a,75a", options="header"] |=== | Field | Description -| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-authentication-v1alpha1-condition[$$Condition$$] array__ | Represents the observations of the authenticator's current state. +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of the authenticator's current state. |=== @@ -665,40 +630,6 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped supervisor configuratio -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-config-v1alpha1-condition"] -==== Condition - -Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API version we can switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-config-v1alpha1-oidcclientstatus[$$OIDCClientStatus$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`type`* __string__ | type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-config-v1alpha1-conditionstatus[$$ConditionStatus$$]__ | status of the condition, one of True, False, Unknown. -| *`observedGeneration`* __integer__ | observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. -| *`lastTransitionTime`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#time-v1-meta[$$Time$$]__ | lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. -| *`reason`* __string__ | reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. -| *`message`* __string__ | message is a human readable message indicating details about the transition. This may be an empty string. -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-config-v1alpha1-conditionstatus"] -==== ConditionStatus (string) - -ConditionStatus is effectively an enum type for Condition.Status. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-config-v1alpha1-condition[$$Condition$$] -**** - - - [id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-config-v1alpha1-federationdomain"] ==== FederationDomain @@ -894,7 +825,7 @@ OIDCClientStatus is a struct that describes the actual state of an OIDCClient. |=== | Field | Description | *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-config-v1alpha1-oidcclientphase[$$OIDCClientPhase$$]__ | phase summarizes the overall status of the OIDCClient. -| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-config-v1alpha1-condition[$$Condition$$] array__ | conditions represent the observations of an OIDCClient's current state. +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#condition-v1-meta[$$Condition$$] array__ | conditions represent the observations of an OIDCClient's current state. | *`totalClientSecrets`* __integer__ | totalClientSecrets is the current number of client secrets that are detected for this OIDCClient. |=== @@ -1276,7 +1207,7 @@ Status of an Active Directory identity provider. |=== | Field | Description | *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderphase[$$ActiveDirectoryIdentityProviderPhase$$]__ | Phase summarizes the overall status of the ActiveDirectoryIdentityProvider. -| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-condition[$$Condition$$] array__ | Represents the observations of an identity provider's current state. +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of an identity provider's current state. |=== @@ -1317,42 +1248,6 @@ Status of an Active Directory identity provider. |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-condition"] -==== Condition - -Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API version we can switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderstatus[$$ActiveDirectoryIdentityProviderStatus$$] -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-ldapidentityproviderstatus[$$LDAPIdentityProviderStatus$$] -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-oidcidentityproviderstatus[$$OIDCIdentityProviderStatus$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`type`* __string__ | type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-conditionstatus[$$ConditionStatus$$]__ | status of the condition, one of True, False, Unknown. -| *`observedGeneration`* __integer__ | observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. -| *`lastTransitionTime`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#time-v1-meta[$$Time$$]__ | lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. -| *`reason`* __string__ | reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. -| *`message`* __string__ | message is a human readable message indicating details about the transition. This may be an empty string. -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-conditionstatus"] -==== ConditionStatus (string) - -ConditionStatus is effectively an enum type for Condition.Status. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-condition[$$Condition$$] -**** - - - [id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-ldapidentityprovider"] ==== LDAPIdentityProvider @@ -1480,7 +1375,7 @@ Status of an LDAP identity provider. |=== | Field | Description | *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-ldapidentityproviderphase[$$LDAPIdentityProviderPhase$$]__ | Phase summarizes the overall status of the LDAPIdentityProvider. -| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-condition[$$Condition$$] array__ | Represents the observations of an identity provider's current state. +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of an identity provider's current state. |=== @@ -1645,7 +1540,7 @@ OIDCIdentityProviderStatus is the status of an OIDC identity provider. |=== | Field | Description | *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-oidcidentityproviderphase[$$OIDCIdentityProviderPhase$$]__ | Phase summarizes the overall status of the OIDCIdentityProvider. -| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-condition[$$Condition$$] array__ | Represents the observations of an identity provider's current state. +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of an identity provider's current state. |=== diff --git a/generated/1.28/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go b/generated/1.28/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go index a8596b22..b0bf988b 100644 --- a/generated/1.28/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go +++ b/generated/1.28/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2023 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 @@ -12,7 +12,7 @@ type JWTAuthenticatorStatus struct { // +patchStrategy=merge // +listType=map // +listMapKey=type - Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` + Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` } // Spec for configuring a JWT authenticator. diff --git a/generated/1.28/apis/concierge/authentication/v1alpha1/types_meta.go b/generated/1.28/apis/concierge/authentication/v1alpha1/types_meta.go deleted file mode 100644 index 76a7d547..00000000 --- a/generated/1.28/apis/concierge/authentication/v1alpha1/types_meta.go +++ /dev/null @@ -1,75 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - -// ConditionStatus is effectively an enum type for Condition.Status. -type ConditionStatus string - -// These are valid condition statuses. "ConditionTrue" means a resource is in the condition. -// "ConditionFalse" means a resource is not in the condition. "ConditionUnknown" means kubernetes -// can't decide if a resource is in the condition or not. In the future, we could add other -// intermediate conditions, e.g. ConditionDegraded. -const ( - ConditionTrue ConditionStatus = "True" - ConditionFalse ConditionStatus = "False" - ConditionUnknown ConditionStatus = "Unknown" -) - -// Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API -// version we can switch to using the upstream type. -// See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. -type Condition struct { - // type of condition in CamelCase or in foo.example.com/CamelCase. - // --- - // Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - // useful (see .node.status.conditions), the ability to deconflict is important. - // The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Pattern=`^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$` - // +kubebuilder:validation:MaxLength=316 - Type string `json:"type"` - - // status of the condition, one of True, False, Unknown. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Enum=True;False;Unknown - Status ConditionStatus `json:"status"` - - // observedGeneration represents the .metadata.generation that the condition was set based upon. - // For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - // with respect to the current state of the instance. - // +optional - // +kubebuilder:validation:Minimum=0 - ObservedGeneration int64 `json:"observedGeneration,omitempty"` - - // lastTransitionTime is the last time the condition transitioned from one status to another. - // This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Type=string - // +kubebuilder:validation:Format=date-time - LastTransitionTime metav1.Time `json:"lastTransitionTime"` - - // reason contains a programmatic identifier indicating the reason for the condition's last transition. - // Producers of specific condition types may define expected values and meanings for this field, - // and whether the values are considered a guaranteed API. - // The value should be a CamelCase string. - // This field may not be empty. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:MaxLength=1024 - // +kubebuilder:validation:MinLength=1 - // +kubebuilder:validation:Pattern=`^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$` - Reason string `json:"reason"` - - // message is a human readable message indicating details about the transition. - // This may be an empty string. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:MaxLength=32768 - Message string `json:"message"` -} diff --git a/generated/1.28/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go b/generated/1.28/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go index 77b1e045..207249b2 100644 --- a/generated/1.28/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go +++ b/generated/1.28/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2023 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 @@ -12,7 +12,7 @@ type WebhookAuthenticatorStatus struct { // +patchStrategy=merge // +listType=map // +listMapKey=type - Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` + Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` } // Spec for configuring a webhook authenticator. diff --git a/generated/1.28/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go b/generated/1.28/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go index 9a0828bc..2b36eaa8 100644 --- a/generated/1.28/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.28/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go @@ -9,26 +9,10 @@ package v1alpha1 import ( + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" ) -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Condition) DeepCopyInto(out *Condition) { - *out = *in - in.LastTransitionTime.DeepCopyInto(&out.LastTransitionTime) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Condition. -func (in *Condition) DeepCopy() *Condition { - if in == nil { - return nil - } - out := new(Condition) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *JWTAuthenticator) DeepCopyInto(out *JWTAuthenticator) { *out = *in @@ -117,7 +101,7 @@ func (in *JWTAuthenticatorStatus) DeepCopyInto(out *JWTAuthenticatorStatus) { *out = *in if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions - *out = make([]Condition, len(*in)) + *out = make([]v1.Condition, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -254,7 +238,7 @@ func (in *WebhookAuthenticatorStatus) DeepCopyInto(out *WebhookAuthenticatorStat *out = *in if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions - *out = make([]Condition, len(*in)) + *out = make([]v1.Condition, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } diff --git a/generated/1.28/apis/supervisor/config/v1alpha1/types_meta.go b/generated/1.28/apis/supervisor/config/v1alpha1/types_meta.go deleted file mode 100644 index cd46a471..00000000 --- a/generated/1.28/apis/supervisor/config/v1alpha1/types_meta.go +++ /dev/null @@ -1,75 +0,0 @@ -// Copyright 2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - -// ConditionStatus is effectively an enum type for Condition.Status. -type ConditionStatus string - -// These are valid condition statuses. "ConditionTrue" means a resource is in the condition. -// "ConditionFalse" means a resource is not in the condition. "ConditionUnknown" means kubernetes -// can't decide if a resource is in the condition or not. In the future, we could add other -// intermediate conditions, e.g. ConditionDegraded. -const ( - ConditionTrue ConditionStatus = "True" - ConditionFalse ConditionStatus = "False" - ConditionUnknown ConditionStatus = "Unknown" -) - -// Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API -// version we can switch to using the upstream type. -// See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. -type Condition struct { - // type of condition in CamelCase or in foo.example.com/CamelCase. - // --- - // Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - // useful (see .node.status.conditions), the ability to deconflict is important. - // The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Pattern=`^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$` - // +kubebuilder:validation:MaxLength=316 - Type string `json:"type"` - - // status of the condition, one of True, False, Unknown. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Enum=True;False;Unknown - Status ConditionStatus `json:"status"` - - // observedGeneration represents the .metadata.generation that the condition was set based upon. - // For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - // with respect to the current state of the instance. - // +optional - // +kubebuilder:validation:Minimum=0 - ObservedGeneration int64 `json:"observedGeneration,omitempty"` - - // lastTransitionTime is the last time the condition transitioned from one status to another. - // This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Type=string - // +kubebuilder:validation:Format=date-time - LastTransitionTime metav1.Time `json:"lastTransitionTime"` - - // reason contains a programmatic identifier indicating the reason for the condition's last transition. - // Producers of specific condition types may define expected values and meanings for this field, - // and whether the values are considered a guaranteed API. - // The value should be a CamelCase string. - // This field may not be empty. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:MaxLength=1024 - // +kubebuilder:validation:MinLength=1 - // +kubebuilder:validation:Pattern=`^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$` - Reason string `json:"reason"` - - // message is a human readable message indicating details about the transition. - // This may be an empty string. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:MaxLength=32768 - Message string `json:"message"` -} diff --git a/generated/1.28/apis/supervisor/config/v1alpha1/types_oidcclient.go b/generated/1.28/apis/supervisor/config/v1alpha1/types_oidcclient.go index 719a597f..48f5de37 100644 --- a/generated/1.28/apis/supervisor/config/v1alpha1/types_oidcclient.go +++ b/generated/1.28/apis/supervisor/config/v1alpha1/types_oidcclient.go @@ -1,4 +1,4 @@ -// Copyright 2022 the Pinniped contributors. All Rights Reserved. +// Copyright 2022-2023 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 @@ -85,7 +85,7 @@ type OIDCClientStatus struct { // +patchStrategy=merge // +listType=map // +listMapKey=type - Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` + Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` // totalClientSecrets is the current number of client secrets that are detected for this OIDCClient. // +optional diff --git a/generated/1.28/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go b/generated/1.28/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go index 68201378..77defc47 100644 --- a/generated/1.28/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.28/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go @@ -9,26 +9,10 @@ package v1alpha1 import ( + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" ) -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Condition) DeepCopyInto(out *Condition) { - *out = *in - in.LastTransitionTime.DeepCopyInto(&out.LastTransitionTime) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Condition. -func (in *Condition) DeepCopy() *Condition { - if in == nil { - return nil - } - out := new(Condition) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *FederationDomain) DeepCopyInto(out *FederationDomain) { *out = *in @@ -265,7 +249,7 @@ func (in *OIDCClientStatus) DeepCopyInto(out *OIDCClientStatus) { *out = *in if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions - *out = make([]Condition, len(*in)) + *out = make([]v1.Condition, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } diff --git a/generated/1.28/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go b/generated/1.28/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go index a8a83e64..63fb1b55 100644 --- a/generated/1.28/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go +++ b/generated/1.28/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go @@ -32,7 +32,7 @@ type ActiveDirectoryIdentityProviderStatus struct { // +patchStrategy=merge // +listType=map // +listMapKey=type - Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` + Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` } type ActiveDirectoryIdentityProviderBind struct { diff --git a/generated/1.28/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go b/generated/1.28/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go index 5c76d6af..68200c51 100644 --- a/generated/1.28/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go +++ b/generated/1.28/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go @@ -32,7 +32,7 @@ type LDAPIdentityProviderStatus struct { // +patchStrategy=merge // +listType=map // +listMapKey=type - Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` + Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` } type LDAPIdentityProviderBind struct { diff --git a/generated/1.28/apis/supervisor/idp/v1alpha1/types_meta.go b/generated/1.28/apis/supervisor/idp/v1alpha1/types_meta.go deleted file mode 100644 index 76a7d547..00000000 --- a/generated/1.28/apis/supervisor/idp/v1alpha1/types_meta.go +++ /dev/null @@ -1,75 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - -// ConditionStatus is effectively an enum type for Condition.Status. -type ConditionStatus string - -// These are valid condition statuses. "ConditionTrue" means a resource is in the condition. -// "ConditionFalse" means a resource is not in the condition. "ConditionUnknown" means kubernetes -// can't decide if a resource is in the condition or not. In the future, we could add other -// intermediate conditions, e.g. ConditionDegraded. -const ( - ConditionTrue ConditionStatus = "True" - ConditionFalse ConditionStatus = "False" - ConditionUnknown ConditionStatus = "Unknown" -) - -// Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API -// version we can switch to using the upstream type. -// See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. -type Condition struct { - // type of condition in CamelCase or in foo.example.com/CamelCase. - // --- - // Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - // useful (see .node.status.conditions), the ability to deconflict is important. - // The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Pattern=`^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$` - // +kubebuilder:validation:MaxLength=316 - Type string `json:"type"` - - // status of the condition, one of True, False, Unknown. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Enum=True;False;Unknown - Status ConditionStatus `json:"status"` - - // observedGeneration represents the .metadata.generation that the condition was set based upon. - // For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - // with respect to the current state of the instance. - // +optional - // +kubebuilder:validation:Minimum=0 - ObservedGeneration int64 `json:"observedGeneration,omitempty"` - - // lastTransitionTime is the last time the condition transitioned from one status to another. - // This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Type=string - // +kubebuilder:validation:Format=date-time - LastTransitionTime metav1.Time `json:"lastTransitionTime"` - - // reason contains a programmatic identifier indicating the reason for the condition's last transition. - // Producers of specific condition types may define expected values and meanings for this field, - // and whether the values are considered a guaranteed API. - // The value should be a CamelCase string. - // This field may not be empty. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:MaxLength=1024 - // +kubebuilder:validation:MinLength=1 - // +kubebuilder:validation:Pattern=`^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$` - Reason string `json:"reason"` - - // message is a human readable message indicating details about the transition. - // This may be an empty string. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:MaxLength=32768 - Message string `json:"message"` -} diff --git a/generated/1.28/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go b/generated/1.28/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go index 99a0f47f..bdbff063 100644 --- a/generated/1.28/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go +++ b/generated/1.28/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go @@ -32,7 +32,7 @@ type OIDCIdentityProviderStatus struct { // +patchStrategy=merge // +listType=map // +listMapKey=type - Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` + Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` } // OIDCAuthorizationConfig provides information about how to form the OAuth2 authorization diff --git a/generated/1.28/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go b/generated/1.28/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go index 62cd7d8e..ad0a3806 100644 --- a/generated/1.28/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.28/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go @@ -9,6 +9,7 @@ package v1alpha1 import ( + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" ) @@ -151,7 +152,7 @@ func (in *ActiveDirectoryIdentityProviderStatus) DeepCopyInto(out *ActiveDirecto *out = *in if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions - *out = make([]Condition, len(*in)) + *out = make([]v1.Condition, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -202,23 +203,6 @@ func (in *ActiveDirectoryIdentityProviderUserSearchAttributes) DeepCopy() *Activ return out } -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Condition) DeepCopyInto(out *Condition) { - *out = *in - in.LastTransitionTime.DeepCopyInto(&out.LastTransitionTime) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Condition. -func (in *Condition) DeepCopy() *Condition { - if in == nil { - return nil - } - out := new(Condition) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *LDAPIdentityProvider) DeepCopyInto(out *LDAPIdentityProvider) { *out = *in @@ -358,7 +342,7 @@ func (in *LDAPIdentityProviderStatus) DeepCopyInto(out *LDAPIdentityProviderStat *out = *in if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions - *out = make([]Condition, len(*in)) + *out = make([]v1.Condition, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -564,7 +548,7 @@ func (in *OIDCIdentityProviderStatus) DeepCopyInto(out *OIDCIdentityProviderStat *out = *in if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions - *out = make([]Condition, len(*in)) + *out = make([]v1.Condition, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } diff --git a/generated/1.28/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml b/generated/1.28/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml index a1a77773..e42e231c 100644 --- a/generated/1.28/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml +++ b/generated/1.28/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml @@ -97,9 +97,15 @@ spec: description: Represents the observations of the authenticator's current state. items: - description: Condition status of a resource (mirrored from the metav1.Condition - type added in Kubernetes 1.19). In a future API version we can - switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition diff --git a/generated/1.28/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml b/generated/1.28/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml index 07c7f1e5..9a3d96b3 100644 --- a/generated/1.28/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml +++ b/generated/1.28/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml @@ -70,9 +70,15 @@ spec: description: Represents the observations of the authenticator's current state. items: - description: Condition status of a resource (mirrored from the metav1.Condition - type added in Kubernetes 1.19). In a future API version we can - switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition diff --git a/generated/1.28/crds/config.supervisor.pinniped.dev_oidcclients.yaml b/generated/1.28/crds/config.supervisor.pinniped.dev_oidcclients.yaml index e4978627..37d4b7c8 100644 --- a/generated/1.28/crds/config.supervisor.pinniped.dev_oidcclients.yaml +++ b/generated/1.28/crds/config.supervisor.pinniped.dev_oidcclients.yaml @@ -129,9 +129,15 @@ spec: description: conditions represent the observations of an OIDCClient's current state. items: - description: Condition status of a resource (mirrored from the metav1.Condition - type added in Kubernetes 1.19). In a future API version we can - switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition diff --git a/generated/1.28/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml b/generated/1.28/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml index 5fab109d..fed52818 100644 --- a/generated/1.28/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml +++ b/generated/1.28/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml @@ -232,9 +232,15 @@ spec: description: Represents the observations of an identity provider's current state. items: - description: Condition status of a resource (mirrored from the metav1.Condition - type added in Kubernetes 1.19). In a future API version we can - switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition diff --git a/generated/1.28/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml b/generated/1.28/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml index 5799cb5c..0e900251 100644 --- a/generated/1.28/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml +++ b/generated/1.28/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml @@ -229,9 +229,15 @@ spec: description: Represents the observations of an identity provider's current state. items: - description: Condition status of a resource (mirrored from the metav1.Condition - type added in Kubernetes 1.19). In a future API version we can - switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition diff --git a/generated/1.28/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml b/generated/1.28/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml index 9bb24fd9..5fad2fd6 100644 --- a/generated/1.28/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml +++ b/generated/1.28/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml @@ -259,9 +259,15 @@ spec: description: Represents the observations of an identity provider's current state. items: - description: Condition status of a resource (mirrored from the metav1.Condition - type added in Kubernetes 1.19). In a future API version we can - switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition diff --git a/generated/latest/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go b/generated/latest/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go index a8596b22..b0bf988b 100644 --- a/generated/latest/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go +++ b/generated/latest/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2023 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 @@ -12,7 +12,7 @@ type JWTAuthenticatorStatus struct { // +patchStrategy=merge // +listType=map // +listMapKey=type - Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` + Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` } // Spec for configuring a JWT authenticator. diff --git a/generated/latest/apis/concierge/authentication/v1alpha1/types_meta.go b/generated/latest/apis/concierge/authentication/v1alpha1/types_meta.go deleted file mode 100644 index 76a7d547..00000000 --- a/generated/latest/apis/concierge/authentication/v1alpha1/types_meta.go +++ /dev/null @@ -1,75 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - -// ConditionStatus is effectively an enum type for Condition.Status. -type ConditionStatus string - -// These are valid condition statuses. "ConditionTrue" means a resource is in the condition. -// "ConditionFalse" means a resource is not in the condition. "ConditionUnknown" means kubernetes -// can't decide if a resource is in the condition or not. In the future, we could add other -// intermediate conditions, e.g. ConditionDegraded. -const ( - ConditionTrue ConditionStatus = "True" - ConditionFalse ConditionStatus = "False" - ConditionUnknown ConditionStatus = "Unknown" -) - -// Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API -// version we can switch to using the upstream type. -// See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. -type Condition struct { - // type of condition in CamelCase or in foo.example.com/CamelCase. - // --- - // Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - // useful (see .node.status.conditions), the ability to deconflict is important. - // The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Pattern=`^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$` - // +kubebuilder:validation:MaxLength=316 - Type string `json:"type"` - - // status of the condition, one of True, False, Unknown. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Enum=True;False;Unknown - Status ConditionStatus `json:"status"` - - // observedGeneration represents the .metadata.generation that the condition was set based upon. - // For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - // with respect to the current state of the instance. - // +optional - // +kubebuilder:validation:Minimum=0 - ObservedGeneration int64 `json:"observedGeneration,omitempty"` - - // lastTransitionTime is the last time the condition transitioned from one status to another. - // This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Type=string - // +kubebuilder:validation:Format=date-time - LastTransitionTime metav1.Time `json:"lastTransitionTime"` - - // reason contains a programmatic identifier indicating the reason for the condition's last transition. - // Producers of specific condition types may define expected values and meanings for this field, - // and whether the values are considered a guaranteed API. - // The value should be a CamelCase string. - // This field may not be empty. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:MaxLength=1024 - // +kubebuilder:validation:MinLength=1 - // +kubebuilder:validation:Pattern=`^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$` - Reason string `json:"reason"` - - // message is a human readable message indicating details about the transition. - // This may be an empty string. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:MaxLength=32768 - Message string `json:"message"` -} diff --git a/generated/latest/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go b/generated/latest/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go index 77b1e045..207249b2 100644 --- a/generated/latest/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go +++ b/generated/latest/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2023 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 @@ -12,7 +12,7 @@ type WebhookAuthenticatorStatus struct { // +patchStrategy=merge // +listType=map // +listMapKey=type - Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` + Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` } // Spec for configuring a webhook authenticator. diff --git a/generated/latest/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go b/generated/latest/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go index 24617192..a0e57b94 100644 --- a/generated/latest/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go +++ b/generated/latest/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go @@ -8,26 +8,10 @@ package v1alpha1 import ( + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" ) -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Condition) DeepCopyInto(out *Condition) { - *out = *in - in.LastTransitionTime.DeepCopyInto(&out.LastTransitionTime) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Condition. -func (in *Condition) DeepCopy() *Condition { - if in == nil { - return nil - } - out := new(Condition) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *JWTAuthenticator) DeepCopyInto(out *JWTAuthenticator) { *out = *in @@ -116,7 +100,7 @@ func (in *JWTAuthenticatorStatus) DeepCopyInto(out *JWTAuthenticatorStatus) { *out = *in if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions - *out = make([]Condition, len(*in)) + *out = make([]v1.Condition, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -253,7 +237,7 @@ func (in *WebhookAuthenticatorStatus) DeepCopyInto(out *WebhookAuthenticatorStat *out = *in if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions - *out = make([]Condition, len(*in)) + *out = make([]v1.Condition, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } diff --git a/generated/latest/apis/supervisor/config/v1alpha1/types_meta.go b/generated/latest/apis/supervisor/config/v1alpha1/types_meta.go deleted file mode 100644 index cd46a471..00000000 --- a/generated/latest/apis/supervisor/config/v1alpha1/types_meta.go +++ /dev/null @@ -1,75 +0,0 @@ -// Copyright 2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - -// ConditionStatus is effectively an enum type for Condition.Status. -type ConditionStatus string - -// These are valid condition statuses. "ConditionTrue" means a resource is in the condition. -// "ConditionFalse" means a resource is not in the condition. "ConditionUnknown" means kubernetes -// can't decide if a resource is in the condition or not. In the future, we could add other -// intermediate conditions, e.g. ConditionDegraded. -const ( - ConditionTrue ConditionStatus = "True" - ConditionFalse ConditionStatus = "False" - ConditionUnknown ConditionStatus = "Unknown" -) - -// Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API -// version we can switch to using the upstream type. -// See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. -type Condition struct { - // type of condition in CamelCase or in foo.example.com/CamelCase. - // --- - // Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - // useful (see .node.status.conditions), the ability to deconflict is important. - // The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Pattern=`^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$` - // +kubebuilder:validation:MaxLength=316 - Type string `json:"type"` - - // status of the condition, one of True, False, Unknown. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Enum=True;False;Unknown - Status ConditionStatus `json:"status"` - - // observedGeneration represents the .metadata.generation that the condition was set based upon. - // For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - // with respect to the current state of the instance. - // +optional - // +kubebuilder:validation:Minimum=0 - ObservedGeneration int64 `json:"observedGeneration,omitempty"` - - // lastTransitionTime is the last time the condition transitioned from one status to another. - // This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Type=string - // +kubebuilder:validation:Format=date-time - LastTransitionTime metav1.Time `json:"lastTransitionTime"` - - // reason contains a programmatic identifier indicating the reason for the condition's last transition. - // Producers of specific condition types may define expected values and meanings for this field, - // and whether the values are considered a guaranteed API. - // The value should be a CamelCase string. - // This field may not be empty. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:MaxLength=1024 - // +kubebuilder:validation:MinLength=1 - // +kubebuilder:validation:Pattern=`^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$` - Reason string `json:"reason"` - - // message is a human readable message indicating details about the transition. - // This may be an empty string. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:MaxLength=32768 - Message string `json:"message"` -} diff --git a/generated/latest/apis/supervisor/config/v1alpha1/types_oidcclient.go b/generated/latest/apis/supervisor/config/v1alpha1/types_oidcclient.go index 719a597f..48f5de37 100644 --- a/generated/latest/apis/supervisor/config/v1alpha1/types_oidcclient.go +++ b/generated/latest/apis/supervisor/config/v1alpha1/types_oidcclient.go @@ -1,4 +1,4 @@ -// Copyright 2022 the Pinniped contributors. All Rights Reserved. +// Copyright 2022-2023 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 @@ -85,7 +85,7 @@ type OIDCClientStatus struct { // +patchStrategy=merge // +listType=map // +listMapKey=type - Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` + Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` // totalClientSecrets is the current number of client secrets that are detected for this OIDCClient. // +optional diff --git a/generated/latest/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go b/generated/latest/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go index 318bb4ec..551886ce 100644 --- a/generated/latest/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go +++ b/generated/latest/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go @@ -8,26 +8,10 @@ package v1alpha1 import ( + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" ) -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Condition) DeepCopyInto(out *Condition) { - *out = *in - in.LastTransitionTime.DeepCopyInto(&out.LastTransitionTime) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Condition. -func (in *Condition) DeepCopy() *Condition { - if in == nil { - return nil - } - out := new(Condition) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *FederationDomain) DeepCopyInto(out *FederationDomain) { *out = *in @@ -264,7 +248,7 @@ func (in *OIDCClientStatus) DeepCopyInto(out *OIDCClientStatus) { *out = *in if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions - *out = make([]Condition, len(*in)) + *out = make([]v1.Condition, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } diff --git a/generated/latest/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go b/generated/latest/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go index a8a83e64..63fb1b55 100644 --- a/generated/latest/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go +++ b/generated/latest/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go @@ -32,7 +32,7 @@ type ActiveDirectoryIdentityProviderStatus struct { // +patchStrategy=merge // +listType=map // +listMapKey=type - Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` + Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` } type ActiveDirectoryIdentityProviderBind struct { diff --git a/generated/latest/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go b/generated/latest/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go index 5c76d6af..68200c51 100644 --- a/generated/latest/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go +++ b/generated/latest/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go @@ -32,7 +32,7 @@ type LDAPIdentityProviderStatus struct { // +patchStrategy=merge // +listType=map // +listMapKey=type - Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` + Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` } type LDAPIdentityProviderBind struct { diff --git a/generated/latest/apis/supervisor/idp/v1alpha1/types_meta.go b/generated/latest/apis/supervisor/idp/v1alpha1/types_meta.go deleted file mode 100644 index 76a7d547..00000000 --- a/generated/latest/apis/supervisor/idp/v1alpha1/types_meta.go +++ /dev/null @@ -1,75 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - -// ConditionStatus is effectively an enum type for Condition.Status. -type ConditionStatus string - -// These are valid condition statuses. "ConditionTrue" means a resource is in the condition. -// "ConditionFalse" means a resource is not in the condition. "ConditionUnknown" means kubernetes -// can't decide if a resource is in the condition or not. In the future, we could add other -// intermediate conditions, e.g. ConditionDegraded. -const ( - ConditionTrue ConditionStatus = "True" - ConditionFalse ConditionStatus = "False" - ConditionUnknown ConditionStatus = "Unknown" -) - -// Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API -// version we can switch to using the upstream type. -// See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. -type Condition struct { - // type of condition in CamelCase or in foo.example.com/CamelCase. - // --- - // Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - // useful (see .node.status.conditions), the ability to deconflict is important. - // The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Pattern=`^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$` - // +kubebuilder:validation:MaxLength=316 - Type string `json:"type"` - - // status of the condition, one of True, False, Unknown. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Enum=True;False;Unknown - Status ConditionStatus `json:"status"` - - // observedGeneration represents the .metadata.generation that the condition was set based upon. - // For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - // with respect to the current state of the instance. - // +optional - // +kubebuilder:validation:Minimum=0 - ObservedGeneration int64 `json:"observedGeneration,omitempty"` - - // lastTransitionTime is the last time the condition transitioned from one status to another. - // This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:Type=string - // +kubebuilder:validation:Format=date-time - LastTransitionTime metav1.Time `json:"lastTransitionTime"` - - // reason contains a programmatic identifier indicating the reason for the condition's last transition. - // Producers of specific condition types may define expected values and meanings for this field, - // and whether the values are considered a guaranteed API. - // The value should be a CamelCase string. - // This field may not be empty. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:MaxLength=1024 - // +kubebuilder:validation:MinLength=1 - // +kubebuilder:validation:Pattern=`^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$` - Reason string `json:"reason"` - - // message is a human readable message indicating details about the transition. - // This may be an empty string. - // +required - // +kubebuilder:validation:Required - // +kubebuilder:validation:MaxLength=32768 - Message string `json:"message"` -} diff --git a/generated/latest/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go b/generated/latest/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go index 99a0f47f..bdbff063 100644 --- a/generated/latest/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go +++ b/generated/latest/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go @@ -32,7 +32,7 @@ type OIDCIdentityProviderStatus struct { // +patchStrategy=merge // +listType=map // +listMapKey=type - Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` + Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` } // OIDCAuthorizationConfig provides information about how to form the OAuth2 authorization diff --git a/generated/latest/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go b/generated/latest/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go index f9e50dd4..4a1a2c03 100644 --- a/generated/latest/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go +++ b/generated/latest/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go @@ -8,6 +8,7 @@ package v1alpha1 import ( + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" ) @@ -150,7 +151,7 @@ func (in *ActiveDirectoryIdentityProviderStatus) DeepCopyInto(out *ActiveDirecto *out = *in if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions - *out = make([]Condition, len(*in)) + *out = make([]v1.Condition, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -201,23 +202,6 @@ func (in *ActiveDirectoryIdentityProviderUserSearchAttributes) DeepCopy() *Activ return out } -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Condition) DeepCopyInto(out *Condition) { - *out = *in - in.LastTransitionTime.DeepCopyInto(&out.LastTransitionTime) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Condition. -func (in *Condition) DeepCopy() *Condition { - if in == nil { - return nil - } - out := new(Condition) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *LDAPIdentityProvider) DeepCopyInto(out *LDAPIdentityProvider) { *out = *in @@ -357,7 +341,7 @@ func (in *LDAPIdentityProviderStatus) DeepCopyInto(out *LDAPIdentityProviderStat *out = *in if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions - *out = make([]Condition, len(*in)) + *out = make([]v1.Condition, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -563,7 +547,7 @@ func (in *OIDCIdentityProviderStatus) DeepCopyInto(out *OIDCIdentityProviderStat *out = *in if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions - *out = make([]Condition, len(*in)) + *out = make([]v1.Condition, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } diff --git a/internal/controller/conditionsutil/conditions_util.go b/internal/controller/conditionsutil/conditions_util.go index 431c1052..2521a3a6 100644 --- a/internal/controller/conditionsutil/conditions_util.go +++ b/internal/controller/conditionsutil/conditions_util.go @@ -1,4 +1,4 @@ -// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2023 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package conditionsutil @@ -9,13 +9,11 @@ import ( "k8s.io/apimachinery/pkg/api/equality" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - configv1alpha1 "go.pinniped.dev/generated/latest/apis/supervisor/config/v1alpha1" - idpv1alpha1 "go.pinniped.dev/generated/latest/apis/supervisor/idp/v1alpha1" "go.pinniped.dev/internal/plog" ) // MergeIDPConditions merges conditions into conditionsToUpdate. If returns true if it merged any error conditions. -func MergeIDPConditions(conditions []*idpv1alpha1.Condition, observedGeneration int64, conditionsToUpdate *[]idpv1alpha1.Condition, log plog.MinLogger) bool { +func MergeIDPConditions(conditions []*v1.Condition, observedGeneration int64, conditionsToUpdate *[]v1.Condition, log plog.MinLogger) bool { hadErrorCondition := false for i := range conditions { cond := conditions[i].DeepCopy() @@ -24,7 +22,7 @@ func MergeIDPConditions(conditions []*idpv1alpha1.Condition, observedGeneration if mergeIDPCondition(conditionsToUpdate, cond) { log.Info("updated condition", "type", cond.Type, "status", cond.Status, "reason", cond.Reason, "message", cond.Message) } - if cond.Status == idpv1alpha1.ConditionFalse { + if cond.Status == v1.ConditionFalse { hadErrorCondition = true } } @@ -34,11 +32,11 @@ func MergeIDPConditions(conditions []*idpv1alpha1.Condition, observedGeneration return hadErrorCondition } -// mergeIDPCondition merges a new idpv1alpha1.Condition into a slice of existing conditions. It returns true +// mergeIDPCondition merges a new v1.Condition into a slice of existing conditions. It returns true // if the condition has meaningfully changed. -func mergeIDPCondition(existing *[]idpv1alpha1.Condition, new *idpv1alpha1.Condition) bool { +func mergeIDPCondition(existing *[]v1.Condition, new *v1.Condition) bool { // Find any existing condition with a matching type. - var old *idpv1alpha1.Condition + var old *v1.Condition for i := range *existing { if (*existing)[i].Type == new.Type { old = &(*existing)[i] @@ -69,7 +67,7 @@ func mergeIDPCondition(existing *[]idpv1alpha1.Condition, new *idpv1alpha1.Condi } // MergeConfigConditions merges conditions into conditionsToUpdate. If returns true if it merged any error conditions. -func MergeConfigConditions(conditions []*configv1alpha1.Condition, observedGeneration int64, conditionsToUpdate *[]configv1alpha1.Condition, log plog.MinLogger) bool { +func MergeConfigConditions(conditions []*v1.Condition, observedGeneration int64, conditionsToUpdate *[]v1.Condition, log plog.MinLogger) bool { hadErrorCondition := false for i := range conditions { cond := conditions[i].DeepCopy() @@ -78,7 +76,7 @@ func MergeConfigConditions(conditions []*configv1alpha1.Condition, observedGener if mergeConfigCondition(conditionsToUpdate, cond) { log.Info("updated condition", "type", cond.Type, "status", cond.Status, "reason", cond.Reason, "message", cond.Message) } - if cond.Status == configv1alpha1.ConditionFalse { + if cond.Status == v1.ConditionFalse { hadErrorCondition = true } } @@ -88,11 +86,11 @@ func MergeConfigConditions(conditions []*configv1alpha1.Condition, observedGener return hadErrorCondition } -// mergeConfigCondition merges a new idpv1alpha1.Condition into a slice of existing conditions. It returns true +// mergeConfigCondition merges a new v1.Condition into a slice of existing conditions. It returns true // if the condition has meaningfully changed. -func mergeConfigCondition(existing *[]configv1alpha1.Condition, new *configv1alpha1.Condition) bool { +func mergeConfigCondition(existing *[]v1.Condition, new *v1.Condition) bool { // Find any existing condition with a matching type. - var old *configv1alpha1.Condition + var old *v1.Condition for i := range *existing { if (*existing)[i].Type == new.Type { old = &(*existing)[i] diff --git a/internal/controller/supervisorconfig/activedirectoryupstreamwatcher/active_directory_upstream_watcher.go b/internal/controller/supervisorconfig/activedirectoryupstreamwatcher/active_directory_upstream_watcher.go index a375361d..f2d658f6 100644 --- a/internal/controller/supervisorconfig/activedirectoryupstreamwatcher/active_directory_upstream_watcher.go +++ b/internal/controller/supervisorconfig/activedirectoryupstreamwatcher/active_directory_upstream_watcher.go @@ -121,14 +121,14 @@ func (s *activeDirectoryUpstreamGenericLDAPSpec) GroupSearch() upstreamwatchers. return &activeDirectoryUpstreamGenericLDAPGroupSearch{s.activeDirectoryIdentityProvider.Spec.GroupSearch} } -func (s *activeDirectoryUpstreamGenericLDAPSpec) DetectAndSetSearchBase(ctx context.Context, config *upstreamldap.ProviderConfig) *v1alpha1.Condition { +func (s *activeDirectoryUpstreamGenericLDAPSpec) DetectAndSetSearchBase(ctx context.Context, config *upstreamldap.ProviderConfig) *metav1.Condition { config.GroupSearch.Base = s.activeDirectoryIdentityProvider.Spec.GroupSearch.Base config.UserSearch.Base = s.activeDirectoryIdentityProvider.Spec.UserSearch.Base if config.GroupSearch.Base != "" && config.UserSearch.Base != "" { // Both were already set in spec so just return; no need to query the RootDSE - return &v1alpha1.Condition{ + return &metav1.Condition{ Type: upstreamwatchers.TypeSearchBaseFound, - Status: v1alpha1.ConditionTrue, + Status: metav1.ConditionTrue, Reason: upstreamwatchers.ReasonUsingConfigurationFromSpec, Message: "Using search base from ActiveDirectoryIdentityProvider config.", } @@ -139,9 +139,9 @@ func (s *activeDirectoryUpstreamGenericLDAPSpec) DetectAndSetSearchBase(ctx cont // https://ldapwiki.com/wiki/DefaultNamingContext defaultNamingContext, err := ldapProvider.SearchForDefaultNamingContext(ctx) if err != nil { - return &v1alpha1.Condition{ + return &metav1.Condition{ Type: upstreamwatchers.TypeSearchBaseFound, - Status: v1alpha1.ConditionFalse, + Status: metav1.ConditionFalse, Reason: upstreamwatchers.ReasonErrorFetchingSearchBase, Message: fmt.Sprintf(`Error finding search base: %s`, err.Error()), } @@ -152,9 +152,9 @@ func (s *activeDirectoryUpstreamGenericLDAPSpec) DetectAndSetSearchBase(ctx cont if config.GroupSearch.Base == "" { config.GroupSearch.Base = defaultNamingContext } - return &v1alpha1.Condition{ + return &metav1.Condition{ Type: upstreamwatchers.TypeSearchBaseFound, - Status: v1alpha1.ConditionTrue, + Status: metav1.ConditionTrue, Reason: upstreamwatchers.ReasonSuccess, Message: "Successfully fetched defaultNamingContext to use as default search base from RootDSE.", } @@ -219,7 +219,7 @@ type activeDirectoryUpstreamGenericLDAPStatus struct { activeDirectoryIdentityProvider v1alpha1.ActiveDirectoryIdentityProvider } -func (s *activeDirectoryUpstreamGenericLDAPStatus) Conditions() []v1alpha1.Condition { +func (s *activeDirectoryUpstreamGenericLDAPStatus) Conditions() []metav1.Condition { return s.activeDirectoryIdentityProvider.Status.Conditions } @@ -364,7 +364,7 @@ func (c *activeDirectoryWatcherController) validateUpstream(ctx context.Context, return upstreamwatchers.EvaluateConditions(conditions, config) } -func (c *activeDirectoryWatcherController) updateStatus(ctx context.Context, upstream *v1alpha1.ActiveDirectoryIdentityProvider, conditions []*v1alpha1.Condition) { +func (c *activeDirectoryWatcherController) updateStatus(ctx context.Context, upstream *v1alpha1.ActiveDirectoryIdentityProvider, conditions []*metav1.Condition) { log := plog.WithValues("namespace", upstream.Namespace, "name", upstream.Name) updated := upstream.DeepCopy() diff --git a/internal/controller/supervisorconfig/activedirectoryupstreamwatcher/active_directory_upstream_watcher_test.go b/internal/controller/supervisorconfig/activedirectoryupstreamwatcher/active_directory_upstream_watcher_test.go index 40ee4a4c..bb830aa2 100644 --- a/internal/controller/supervisorconfig/activedirectoryupstreamwatcher/active_directory_upstream_watcher_test.go +++ b/internal/controller/supervisorconfig/activedirectoryupstreamwatcher/active_directory_upstream_watcher_test.go @@ -241,8 +241,8 @@ func TestActiveDirectoryUpstreamWatcherControllerSync(t *testing.T) { providerConfigForValidUpstreamWithStartTLS := ©OfProviderConfigForValidUpstreamWithTLS providerConfigForValidUpstreamWithStartTLS.ConnectionProtocol = upstreamldap.StartTLS - bindSecretValidTrueCondition := func(gen int64) v1alpha1.Condition { - return v1alpha1.Condition{ + bindSecretValidTrueCondition := func(gen int64) metav1.Condition { + return metav1.Condition{ Type: "BindSecretValid", Status: "True", LastTransitionTime: now, @@ -251,8 +251,8 @@ func TestActiveDirectoryUpstreamWatcherControllerSync(t *testing.T) { ObservedGeneration: gen, } } - activeDirectoryConnectionValidTrueCondition := func(gen int64, secretVersion string) v1alpha1.Condition { - return v1alpha1.Condition{ + activeDirectoryConnectionValidTrueCondition := func(gen int64, secretVersion string) metav1.Condition { + return metav1.Condition{ Type: "LDAPConnectionValid", Status: "True", LastTransitionTime: now, @@ -263,21 +263,21 @@ func TestActiveDirectoryUpstreamWatcherControllerSync(t *testing.T) { ObservedGeneration: gen, } } - activeDirectoryConnectionValidTrueConditionWithoutTimeOrGeneration := func(secretVersion string) v1alpha1.Condition { + activeDirectoryConnectionValidTrueConditionWithoutTimeOrGeneration := func(secretVersion string) metav1.Condition { c := activeDirectoryConnectionValidTrueCondition(0, secretVersion) c.LastTransitionTime = metav1.Time{} return c } - condPtr := func(c v1alpha1.Condition) *v1alpha1.Condition { + condPtr := func(c metav1.Condition) *metav1.Condition { return &c } - withoutTime := func(c v1alpha1.Condition) v1alpha1.Condition { + withoutTime := func(c metav1.Condition) metav1.Condition { c = *c.DeepCopy() c.LastTransitionTime = metav1.Time{} return c } - tlsConfigurationValidLoadedTrueCondition := func(gen int64) v1alpha1.Condition { - return v1alpha1.Condition{ + tlsConfigurationValidLoadedTrueCondition := func(gen int64) metav1.Condition { + return metav1.Condition{ Type: "TLSConfigurationValid", Status: "True", LastTransitionTime: now, @@ -287,8 +287,8 @@ func TestActiveDirectoryUpstreamWatcherControllerSync(t *testing.T) { } } - searchBaseFoundInRootDSECondition := func(gen int64) v1alpha1.Condition { - return v1alpha1.Condition{ + searchBaseFoundInRootDSECondition := func(gen int64) metav1.Condition { + return metav1.Condition{ Type: "SearchBaseFound", Status: "True", LastTransitionTime: now, @@ -298,8 +298,8 @@ func TestActiveDirectoryUpstreamWatcherControllerSync(t *testing.T) { } } - searchBaseFoundInConfigCondition := func(gen int64) v1alpha1.Condition { - return v1alpha1.Condition{ + searchBaseFoundInConfigCondition := func(gen int64) metav1.Condition { + return metav1.Condition{ Type: "SearchBaseFound", Status: "True", LastTransitionTime: now, @@ -309,8 +309,8 @@ func TestActiveDirectoryUpstreamWatcherControllerSync(t *testing.T) { } } - searchBaseFoundErrorCondition := func(gen int64, message string) v1alpha1.Condition { - return v1alpha1.Condition{ + searchBaseFoundErrorCondition := func(gen int64, message string) metav1.Condition { + return metav1.Condition{ Type: "SearchBaseFound", Status: "False", LastTransitionTime: now, @@ -320,8 +320,8 @@ func TestActiveDirectoryUpstreamWatcherControllerSync(t *testing.T) { } } - allConditionsTrue := func(gen int64, secretVersion string) []v1alpha1.Condition { - return []v1alpha1.Condition{ + allConditionsTrue := func(gen int64, secretVersion string) []metav1.Condition { + return []metav1.Condition{ bindSecretValidTrueCondition(gen), activeDirectoryConnectionValidTrueCondition(gen, secretVersion), searchBaseFoundInConfigCondition(gen), @@ -418,7 +418,7 @@ func TestActiveDirectoryUpstreamWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName, UID: testResourceUID, Generation: 1234}, Status: v1alpha1.ActiveDirectoryIdentityProviderStatus{ Phase: "Error", - Conditions: []v1alpha1.Condition{ + Conditions: []metav1.Condition{ { Type: "BindSecretValid", Status: "False", @@ -446,7 +446,7 @@ func TestActiveDirectoryUpstreamWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName, UID: testResourceUID, Generation: 1234}, Status: v1alpha1.ActiveDirectoryIdentityProviderStatus{ Phase: "Error", - Conditions: []v1alpha1.Condition{ + Conditions: []metav1.Condition{ { Type: "BindSecretValid", Status: "False", @@ -473,7 +473,7 @@ func TestActiveDirectoryUpstreamWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName, UID: testResourceUID, Generation: 1234}, Status: v1alpha1.ActiveDirectoryIdentityProviderStatus{ Phase: "Error", - Conditions: []v1alpha1.Condition{ + Conditions: []metav1.Condition{ { Type: "BindSecretValid", Status: "False", @@ -499,7 +499,7 @@ func TestActiveDirectoryUpstreamWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName, UID: testResourceUID, Generation: 1234}, Status: v1alpha1.ActiveDirectoryIdentityProviderStatus{ Phase: "Error", - Conditions: []v1alpha1.Condition{ + Conditions: []metav1.Condition{ bindSecretValidTrueCondition(1234), { Type: "TLSConfigurationValid", @@ -525,7 +525,7 @@ func TestActiveDirectoryUpstreamWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName, UID: testResourceUID, Generation: 1234}, Status: v1alpha1.ActiveDirectoryIdentityProviderStatus{ Phase: "Error", - Conditions: []v1alpha1.Condition{ + Conditions: []metav1.Condition{ bindSecretValidTrueCondition(1234), { Type: "TLSConfigurationValid", @@ -583,7 +583,7 @@ func TestActiveDirectoryUpstreamWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName, UID: testResourceUID, Generation: 1234}, Status: v1alpha1.ActiveDirectoryIdentityProviderStatus{ Phase: "Ready", - Conditions: []v1alpha1.Condition{ + Conditions: []metav1.Condition{ bindSecretValidTrueCondition(1234), activeDirectoryConnectionValidTrueCondition(1234, "4242"), searchBaseFoundInConfigCondition(1234), @@ -653,7 +653,7 @@ func TestActiveDirectoryUpstreamWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName, UID: testResourceUID, Generation: 1234}, Status: v1alpha1.ActiveDirectoryIdentityProviderStatus{ Phase: "Ready", - Conditions: []v1alpha1.Condition{ + Conditions: []metav1.Condition{ bindSecretValidTrueCondition(1234), activeDirectoryConnectionValidTrueCondition(1234, "4242"), searchBaseFoundInConfigCondition(1234), @@ -726,7 +726,7 @@ func TestActiveDirectoryUpstreamWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName, UID: testResourceUID, Generation: 1234}, Status: v1alpha1.ActiveDirectoryIdentityProviderStatus{ Phase: "Ready", - Conditions: []v1alpha1.Condition{ + Conditions: []metav1.Condition{ bindSecretValidTrueCondition(1234), { Type: "LDAPConnectionValid", @@ -749,7 +749,7 @@ func TestActiveDirectoryUpstreamWatcherControllerSync(t *testing.T) { UserSearchBase: testUserSearchBase, GroupSearchBase: testGroupSearchBase, IDPSpecGeneration: 1234, - ConnectionValidCondition: &v1alpha1.Condition{ + ConnectionValidCondition: &metav1.Condition{ Type: "LDAPConnectionValid", Status: "True", Reason: "Success", @@ -807,7 +807,7 @@ func TestActiveDirectoryUpstreamWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName, UID: testResourceUID, Generation: 1234}, Status: v1alpha1.ActiveDirectoryIdentityProviderStatus{ Phase: "Error", - Conditions: []v1alpha1.Condition{ + Conditions: []metav1.Condition{ bindSecretValidTrueCondition(1234), { Type: "LDAPConnectionValid", @@ -904,7 +904,7 @@ func TestActiveDirectoryUpstreamWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: "other-upstream", Generation: 42, UID: "other-uid"}, Status: v1alpha1.ActiveDirectoryIdentityProviderStatus{ Phase: "Error", - Conditions: []v1alpha1.Condition{ + Conditions: []metav1.Condition{ { Type: "BindSecretValid", Status: "False", @@ -953,7 +953,7 @@ func TestActiveDirectoryUpstreamWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName, UID: testResourceUID, Generation: 1234}, Status: v1alpha1.ActiveDirectoryIdentityProviderStatus{ Phase: "Error", - Conditions: []v1alpha1.Condition{ + Conditions: []metav1.Condition{ bindSecretValidTrueCondition(1234), { Type: "LDAPConnectionValid", @@ -1021,7 +1021,7 @@ func TestActiveDirectoryUpstreamWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName, UID: testResourceUID, Generation: 1234}, Status: v1alpha1.ActiveDirectoryIdentityProviderStatus{ Phase: "Error", - Conditions: []v1alpha1.Condition{ + Conditions: []metav1.Condition{ bindSecretValidTrueCondition(1234), { Type: "LDAPConnectionValid", @@ -1057,7 +1057,7 @@ func TestActiveDirectoryUpstreamWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName, UID: testResourceUID, Generation: 1234}, Status: v1alpha1.ActiveDirectoryIdentityProviderStatus{ Phase: "Error", - Conditions: []v1alpha1.Condition{ + Conditions: []metav1.Condition{ bindSecretValidTrueCondition(1234), { Type: "LDAPConnectionValid", @@ -1080,7 +1080,7 @@ func TestActiveDirectoryUpstreamWatcherControllerSync(t *testing.T) { name: "when the LDAP server connection was already validated using TLS for the current resource generation and secret version, then do not validate it again and keep using TLS", inputUpstreams: []runtime.Object{editedValidUpstream(func(upstream *v1alpha1.ActiveDirectoryIdentityProvider) { upstream.Generation = 1234 - upstream.Status.Conditions = []v1alpha1.Condition{ + upstream.Status.Conditions = []metav1.Condition{ activeDirectoryConnectionValidTrueCondition(1234, "4242"), searchBaseFoundInConfigCondition(1234), } @@ -1122,7 +1122,7 @@ func TestActiveDirectoryUpstreamWatcherControllerSync(t *testing.T) { // validatedsettings cache invalid. inputUpstreams: []runtime.Object{editedValidUpstream(func(upstream *v1alpha1.ActiveDirectoryIdentityProvider) { upstream.Generation = 1234 - upstream.Status.Conditions = []v1alpha1.Condition{ + upstream.Status.Conditions = []metav1.Condition{ activeDirectoryConnectionValidTrueCondition(1234, "4242"), } upstream.Spec.UserSearch.Base = "" @@ -1170,7 +1170,7 @@ func TestActiveDirectoryUpstreamWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName, UID: testResourceUID, Generation: 1234}, Status: v1alpha1.ActiveDirectoryIdentityProviderStatus{ Phase: "Ready", - Conditions: []v1alpha1.Condition{ + Conditions: []metav1.Condition{ bindSecretValidTrueCondition(1234), activeDirectoryConnectionValidTrueCondition(1234, "4242"), searchBaseFoundInRootDSECondition(1234), @@ -1192,7 +1192,7 @@ func TestActiveDirectoryUpstreamWatcherControllerSync(t *testing.T) { name: "when the LDAP server connection was already validated using TLS, and the search base was found, load TLS and search base info into the cache", inputUpstreams: []runtime.Object{editedValidUpstream(func(upstream *v1alpha1.ActiveDirectoryIdentityProvider) { upstream.Generation = 1234 - upstream.Status.Conditions = []v1alpha1.Condition{ + upstream.Status.Conditions = []metav1.Condition{ activeDirectoryConnectionValidTrueCondition(1234, "4242"), searchBaseFoundInRootDSECondition(1234), } @@ -1243,7 +1243,7 @@ func TestActiveDirectoryUpstreamWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName, UID: testResourceUID, Generation: 1234}, Status: v1alpha1.ActiveDirectoryIdentityProviderStatus{ Phase: "Ready", - Conditions: []v1alpha1.Condition{ + Conditions: []metav1.Condition{ bindSecretValidTrueCondition(1234), activeDirectoryConnectionValidTrueCondition(1234, "4242"), searchBaseFoundInRootDSECondition(1234), @@ -1265,7 +1265,7 @@ func TestActiveDirectoryUpstreamWatcherControllerSync(t *testing.T) { name: "when the LDAP server connection was already validated using StartTLS for the current resource generation and secret version, then do not validate it again and keep using StartTLS", inputUpstreams: []runtime.Object{editedValidUpstream(func(upstream *v1alpha1.ActiveDirectoryIdentityProvider) { upstream.Generation = 1234 - upstream.Status.Conditions = []v1alpha1.Condition{ + upstream.Status.Conditions = []metav1.Condition{ activeDirectoryConnectionValidTrueCondition(1234, "4242"), searchBaseFoundInConfigCondition(1234), } @@ -1305,7 +1305,7 @@ func TestActiveDirectoryUpstreamWatcherControllerSync(t *testing.T) { name: "when the LDAP server connection was validated for an older resource generation, then try to validate it again", inputUpstreams: []runtime.Object{editedValidUpstream(func(upstream *v1alpha1.ActiveDirectoryIdentityProvider) { upstream.Generation = 1234 // current generation - upstream.Status.Conditions = []v1alpha1.Condition{ + upstream.Status.Conditions = []metav1.Condition{ activeDirectoryConnectionValidTrueCondition(1233, "4242"), // older spec generation! } })}, @@ -1346,7 +1346,7 @@ func TestActiveDirectoryUpstreamWatcherControllerSync(t *testing.T) { name: "when the LDAP server connection condition failed to update previously, then write the cached condition from the previous connection validation", inputUpstreams: []runtime.Object{editedValidUpstream(func(upstream *v1alpha1.ActiveDirectoryIdentityProvider) { upstream.Generation = 1234 // current generation - upstream.Status.Conditions = []v1alpha1.Condition{ + upstream.Status.Conditions = []metav1.Condition{ activeDirectoryConnectionValidTrueCondition(1234, "4200"), // old version of the condition, as if the previous update of conditions had failed } })}, @@ -1386,7 +1386,7 @@ func TestActiveDirectoryUpstreamWatcherControllerSync(t *testing.T) { name: "when the LDAP server connection validation previously failed for this resource generation, then try to validate it again", inputUpstreams: []runtime.Object{editedValidUpstream(func(upstream *v1alpha1.ActiveDirectoryIdentityProvider) { upstream.Generation = 1234 - upstream.Status.Conditions = []v1alpha1.Condition{ + upstream.Status.Conditions = []metav1.Condition{ { Type: "LDAPConnectionValid", Status: "False", // failure! @@ -1425,7 +1425,7 @@ func TestActiveDirectoryUpstreamWatcherControllerSync(t *testing.T) { name: "when the LDAP server connection was already validated for this resource generation but the bind secret has changed, then try to validate it again", inputUpstreams: []runtime.Object{editedValidUpstream(func(upstream *v1alpha1.ActiveDirectoryIdentityProvider) { upstream.Generation = 1234 - upstream.Status.Conditions = []v1alpha1.Condition{ + upstream.Status.Conditions = []metav1.Condition{ activeDirectoryConnectionValidTrueCondition(1234, "4241"), // same spec generation, old secret version } })}, @@ -1570,7 +1570,7 @@ func TestActiveDirectoryUpstreamWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName, UID: testResourceUID, Generation: 1234}, Status: v1alpha1.ActiveDirectoryIdentityProviderStatus{ Phase: "Ready", - Conditions: []v1alpha1.Condition{ + Conditions: []metav1.Condition{ bindSecretValidTrueCondition(1234), activeDirectoryConnectionValidTrueCondition(1234, "4242"), searchBaseFoundInRootDSECondition(1234), @@ -1634,7 +1634,7 @@ func TestActiveDirectoryUpstreamWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName, UID: testResourceUID, Generation: 1234}, Status: v1alpha1.ActiveDirectoryIdentityProviderStatus{ Phase: "Ready", - Conditions: []v1alpha1.Condition{ + Conditions: []metav1.Condition{ bindSecretValidTrueCondition(1234), activeDirectoryConnectionValidTrueCondition(1234, "4242"), searchBaseFoundInRootDSECondition(1234), @@ -1698,7 +1698,7 @@ func TestActiveDirectoryUpstreamWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName, UID: testResourceUID, Generation: 1234}, Status: v1alpha1.ActiveDirectoryIdentityProviderStatus{ Phase: "Ready", - Conditions: []v1alpha1.Condition{ + Conditions: []metav1.Condition{ bindSecretValidTrueCondition(1234), activeDirectoryConnectionValidTrueCondition(1234, "4242"), searchBaseFoundInRootDSECondition(1234), @@ -1734,7 +1734,7 @@ func TestActiveDirectoryUpstreamWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName, UID: testResourceUID, Generation: 1234}, Status: v1alpha1.ActiveDirectoryIdentityProviderStatus{ Phase: "Error", - Conditions: []v1alpha1.Condition{ + Conditions: []metav1.Condition{ bindSecretValidTrueCondition(1234), activeDirectoryConnectionValidTrueCondition(1234, "4242"), searchBaseFoundErrorCondition(1234, "Error finding search base: error querying RootDSE for defaultNamingContext: some error"), @@ -1770,7 +1770,7 @@ func TestActiveDirectoryUpstreamWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName, UID: testResourceUID, Generation: 1234}, Status: v1alpha1.ActiveDirectoryIdentityProviderStatus{ Phase: "Error", - Conditions: []v1alpha1.Condition{ + Conditions: []metav1.Condition{ bindSecretValidTrueCondition(1234), activeDirectoryConnectionValidTrueCondition(1234, "4242"), searchBaseFoundErrorCondition(1234, "Error finding search base: error querying RootDSE for defaultNamingContext: empty search base DN found"), @@ -1812,7 +1812,7 @@ func TestActiveDirectoryUpstreamWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName, UID: testResourceUID, Generation: 1234}, Status: v1alpha1.ActiveDirectoryIdentityProviderStatus{ Phase: "Error", - Conditions: []v1alpha1.Condition{ + Conditions: []metav1.Condition{ bindSecretValidTrueCondition(1234), activeDirectoryConnectionValidTrueCondition(1234, "4242"), searchBaseFoundErrorCondition(1234, "Error finding search base: error querying RootDSE for defaultNamingContext: expected to find 1 entry but found 2"), @@ -1841,7 +1841,7 @@ func TestActiveDirectoryUpstreamWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName, UID: testResourceUID, Generation: 1234}, Status: v1alpha1.ActiveDirectoryIdentityProviderStatus{ Phase: "Error", - Conditions: []v1alpha1.Condition{ + Conditions: []metav1.Condition{ bindSecretValidTrueCondition(1234), activeDirectoryConnectionValidTrueCondition(1234, "4242"), searchBaseFoundErrorCondition(1234, "Error finding search base: error querying RootDSE for defaultNamingContext: expected to find 1 entry but found 0"), @@ -1855,7 +1855,7 @@ func TestActiveDirectoryUpstreamWatcherControllerSync(t *testing.T) { name: "when search base was previously found but the bind secret has changed", inputUpstreams: []runtime.Object{editedValidUpstream(func(upstream *v1alpha1.ActiveDirectoryIdentityProvider) { upstream.Generation = 1234 - upstream.Status.Conditions = []v1alpha1.Condition{ + upstream.Status.Conditions = []metav1.Condition{ searchBaseFoundInRootDSECondition(1234), } upstream.Spec.UserSearch.Attributes = v1alpha1.ActiveDirectoryIdentityProviderUserSearchAttributes{} @@ -1910,7 +1910,7 @@ func TestActiveDirectoryUpstreamWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName, UID: testResourceUID, Generation: 1234}, Status: v1alpha1.ActiveDirectoryIdentityProviderStatus{ Phase: "Ready", - Conditions: []v1alpha1.Condition{ + Conditions: []metav1.Condition{ bindSecretValidTrueCondition(1234), activeDirectoryConnectionValidTrueCondition(1234, "4242"), searchBaseFoundInRootDSECondition(1234), @@ -1973,7 +1973,7 @@ func TestActiveDirectoryUpstreamWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName, Generation: 1234, UID: testResourceUID}, Status: v1alpha1.ActiveDirectoryIdentityProviderStatus{ Phase: "Ready", - Conditions: []v1alpha1.Condition{ + Conditions: []metav1.Condition{ bindSecretValidTrueCondition(1234), activeDirectoryConnectionValidTrueCondition(1234, "4242"), searchBaseFoundInConfigCondition(1234), diff --git a/internal/controller/supervisorconfig/ldapupstreamwatcher/ldap_upstream_watcher.go b/internal/controller/supervisorconfig/ldapupstreamwatcher/ldap_upstream_watcher.go index 424a9028..aa9ce940 100644 --- a/internal/controller/supervisorconfig/ldapupstreamwatcher/ldap_upstream_watcher.go +++ b/internal/controller/supervisorconfig/ldapupstreamwatcher/ldap_upstream_watcher.go @@ -77,7 +77,7 @@ func (s *ldapUpstreamGenericLDAPSpec) GroupSearch() upstreamwatchers.UpstreamGen return &ldapUpstreamGenericLDAPGroupSearch{s.ldapIdentityProvider.Spec.GroupSearch} } -func (s *ldapUpstreamGenericLDAPSpec) DetectAndSetSearchBase(_ context.Context, config *upstreamldap.ProviderConfig) *v1alpha1.Condition { +func (s *ldapUpstreamGenericLDAPSpec) DetectAndSetSearchBase(_ context.Context, config *upstreamldap.ProviderConfig) *metav1.Condition { config.GroupSearch.Base = s.ldapIdentityProvider.Spec.GroupSearch.Base config.UserSearch.Base = s.ldapIdentityProvider.Spec.UserSearch.Base return nil @@ -127,7 +127,7 @@ type ldapUpstreamGenericLDAPStatus struct { ldapIdentityProvider v1alpha1.LDAPIdentityProvider } -func (s *ldapUpstreamGenericLDAPStatus) Conditions() []v1alpha1.Condition { +func (s *ldapUpstreamGenericLDAPStatus) Conditions() []metav1.Condition { return s.ldapIdentityProvider.Status.Conditions } @@ -256,7 +256,7 @@ func (c *ldapWatcherController) validateUpstream(ctx context.Context, upstream * return upstreamwatchers.EvaluateConditions(conditions, config) } -func (c *ldapWatcherController) updateStatus(ctx context.Context, upstream *v1alpha1.LDAPIdentityProvider, conditions []*v1alpha1.Condition) { +func (c *ldapWatcherController) updateStatus(ctx context.Context, upstream *v1alpha1.LDAPIdentityProvider, conditions []*metav1.Condition) { log := plog.WithValues("namespace", upstream.Namespace, "name", upstream.Name) updated := upstream.DeepCopy() diff --git a/internal/controller/supervisorconfig/ldapupstreamwatcher/ldap_upstream_watcher_test.go b/internal/controller/supervisorconfig/ldapupstreamwatcher/ldap_upstream_watcher_test.go index 3eff7621..cc8e0188 100644 --- a/internal/controller/supervisorconfig/ldapupstreamwatcher/ldap_upstream_watcher_test.go +++ b/internal/controller/supervisorconfig/ldapupstreamwatcher/ldap_upstream_watcher_test.go @@ -239,8 +239,8 @@ func TestLDAPUpstreamWatcherControllerSync(t *testing.T) { providerConfigForValidUpstreamWithStartTLS := ©OfProviderConfigForValidUpstreamWithTLS providerConfigForValidUpstreamWithStartTLS.ConnectionProtocol = upstreamldap.StartTLS - bindSecretValidTrueCondition := func(gen int64) v1alpha1.Condition { - return v1alpha1.Condition{ + bindSecretValidTrueCondition := func(gen int64) metav1.Condition { + return metav1.Condition{ Type: "BindSecretValid", Status: "True", LastTransitionTime: now, @@ -249,8 +249,8 @@ func TestLDAPUpstreamWatcherControllerSync(t *testing.T) { ObservedGeneration: gen, } } - ldapConnectionValidTrueCondition := func(gen int64, secretVersion string) v1alpha1.Condition { - return v1alpha1.Condition{ + ldapConnectionValidTrueCondition := func(gen int64, secretVersion string) metav1.Condition { + return metav1.Condition{ Type: "LDAPConnectionValid", Status: "True", LastTransitionTime: now, @@ -261,16 +261,16 @@ func TestLDAPUpstreamWatcherControllerSync(t *testing.T) { ObservedGeneration: gen, } } - ldapConnectionValidTrueConditionWithoutTimeOrGeneration := func(secretVersion string) v1alpha1.Condition { + ldapConnectionValidTrueConditionWithoutTimeOrGeneration := func(secretVersion string) metav1.Condition { c := ldapConnectionValidTrueCondition(0, secretVersion) c.LastTransitionTime = metav1.Time{} return c } - condPtr := func(c v1alpha1.Condition) *v1alpha1.Condition { + condPtr := func(c metav1.Condition) *metav1.Condition { return &c } - tlsConfigurationValidLoadedTrueCondition := func(gen int64) v1alpha1.Condition { - return v1alpha1.Condition{ + tlsConfigurationValidLoadedTrueCondition := func(gen int64) metav1.Condition { + return metav1.Condition{ Type: "TLSConfigurationValid", Status: "True", LastTransitionTime: now, @@ -279,8 +279,8 @@ func TestLDAPUpstreamWatcherControllerSync(t *testing.T) { ObservedGeneration: gen, } } - allConditionsTrue := func(gen int64, secretVersion string) []v1alpha1.Condition { - return []v1alpha1.Condition{ + allConditionsTrue := func(gen int64, secretVersion string) []metav1.Condition { + return []metav1.Condition{ bindSecretValidTrueCondition(gen), ldapConnectionValidTrueCondition(gen, secretVersion), tlsConfigurationValidLoadedTrueCondition(gen), @@ -347,7 +347,7 @@ func TestLDAPUpstreamWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName, Generation: 1234, UID: testResourceUID}, Status: v1alpha1.LDAPIdentityProviderStatus{ Phase: "Error", - Conditions: []v1alpha1.Condition{ + Conditions: []metav1.Condition{ { Type: "BindSecretValid", Status: "False", @@ -375,7 +375,7 @@ func TestLDAPUpstreamWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName, Generation: 1234, UID: testResourceUID}, Status: v1alpha1.LDAPIdentityProviderStatus{ Phase: "Error", - Conditions: []v1alpha1.Condition{ + Conditions: []metav1.Condition{ { Type: "BindSecretValid", Status: "False", @@ -402,7 +402,7 @@ func TestLDAPUpstreamWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName, Generation: 1234, UID: testResourceUID}, Status: v1alpha1.LDAPIdentityProviderStatus{ Phase: "Error", - Conditions: []v1alpha1.Condition{ + Conditions: []metav1.Condition{ { Type: "BindSecretValid", Status: "False", @@ -428,7 +428,7 @@ func TestLDAPUpstreamWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName, Generation: 1234, UID: testResourceUID}, Status: v1alpha1.LDAPIdentityProviderStatus{ Phase: "Error", - Conditions: []v1alpha1.Condition{ + Conditions: []metav1.Condition{ bindSecretValidTrueCondition(1234), { Type: "TLSConfigurationValid", @@ -454,7 +454,7 @@ func TestLDAPUpstreamWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName, Generation: 1234, UID: testResourceUID}, Status: v1alpha1.LDAPIdentityProviderStatus{ Phase: "Error", - Conditions: []v1alpha1.Condition{ + Conditions: []metav1.Condition{ bindSecretValidTrueCondition(1234), { Type: "TLSConfigurationValid", @@ -506,7 +506,7 @@ func TestLDAPUpstreamWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName, Generation: 1234, UID: testResourceUID}, Status: v1alpha1.LDAPIdentityProviderStatus{ Phase: "Ready", - Conditions: []v1alpha1.Condition{ + Conditions: []metav1.Condition{ bindSecretValidTrueCondition(1234), ldapConnectionValidTrueCondition(1234, "4242"), { @@ -571,7 +571,7 @@ func TestLDAPUpstreamWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName, Generation: 1234, UID: testResourceUID}, Status: v1alpha1.LDAPIdentityProviderStatus{ Phase: "Ready", - Conditions: []v1alpha1.Condition{ + Conditions: []metav1.Condition{ bindSecretValidTrueCondition(1234), { Type: "LDAPConnectionValid", @@ -593,7 +593,7 @@ func TestLDAPUpstreamWatcherControllerSync(t *testing.T) { UserSearchBase: testUserSearchBase, GroupSearchBase: testGroupSearchBase, IDPSpecGeneration: 1234, - ConnectionValidCondition: &v1alpha1.Condition{ + ConnectionValidCondition: &metav1.Condition{ Type: "LDAPConnectionValid", Status: "True", Reason: "Success", @@ -644,7 +644,7 @@ func TestLDAPUpstreamWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName, Generation: 1234, UID: testResourceUID}, Status: v1alpha1.LDAPIdentityProviderStatus{ Phase: "Error", - Conditions: []v1alpha1.Condition{ + Conditions: []metav1.Condition{ bindSecretValidTrueCondition(1234), { Type: "LDAPConnectionValid", @@ -733,7 +733,7 @@ func TestLDAPUpstreamWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: "other-upstream", Generation: 42, UID: "other-uid"}, Status: v1alpha1.LDAPIdentityProviderStatus{ Phase: "Error", - Conditions: []v1alpha1.Condition{ + Conditions: []metav1.Condition{ { Type: "BindSecretValid", Status: "False", @@ -779,7 +779,7 @@ func TestLDAPUpstreamWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName, Generation: 1234, UID: testResourceUID}, Status: v1alpha1.LDAPIdentityProviderStatus{ Phase: "Error", - Conditions: []v1alpha1.Condition{ + Conditions: []metav1.Condition{ bindSecretValidTrueCondition(1234), { Type: "LDAPConnectionValid", @@ -801,7 +801,7 @@ func TestLDAPUpstreamWatcherControllerSync(t *testing.T) { name: "when the LDAP server connection was already validated using TLS for the current resource generation and secret version, then do not validate it again and keep using TLS", inputUpstreams: []runtime.Object{editedValidUpstream(func(upstream *v1alpha1.LDAPIdentityProvider) { upstream.Generation = 1234 - upstream.Status.Conditions = []v1alpha1.Condition{ + upstream.Status.Conditions = []metav1.Condition{ ldapConnectionValidTrueCondition(1234, "4242"), } })}, @@ -838,7 +838,7 @@ func TestLDAPUpstreamWatcherControllerSync(t *testing.T) { name: "when the LDAP server connection was already validated using StartTLS for the current resource generation and secret version, then do not validate it again and keep using StartTLS", inputUpstreams: []runtime.Object{editedValidUpstream(func(upstream *v1alpha1.LDAPIdentityProvider) { upstream.Generation = 1234 - upstream.Status.Conditions = []v1alpha1.Condition{ + upstream.Status.Conditions = []metav1.Condition{ ldapConnectionValidTrueCondition(1234, "4242"), } })}, @@ -875,7 +875,7 @@ func TestLDAPUpstreamWatcherControllerSync(t *testing.T) { name: "when the LDAP server connection was validated for an older resource generation, then try to validate it again", inputUpstreams: []runtime.Object{editedValidUpstream(func(upstream *v1alpha1.LDAPIdentityProvider) { upstream.Generation = 1234 // current generation - upstream.Status.Conditions = []v1alpha1.Condition{ + upstream.Status.Conditions = []metav1.Condition{ ldapConnectionValidTrueCondition(1233, "4242"), // older spec generation! } })}, @@ -913,7 +913,7 @@ func TestLDAPUpstreamWatcherControllerSync(t *testing.T) { name: "when the LDAP server connection condition failed to update previously, then write the cached condition from the previous connection validation", inputUpstreams: []runtime.Object{editedValidUpstream(func(upstream *v1alpha1.LDAPIdentityProvider) { upstream.Generation = 1234 // current generation - upstream.Status.Conditions = []v1alpha1.Condition{ + upstream.Status.Conditions = []metav1.Condition{ ldapConnectionValidTrueCondition(1234, "4200"), // old version of the condition, as if the previous update of conditions had failed } })}, @@ -951,7 +951,7 @@ func TestLDAPUpstreamWatcherControllerSync(t *testing.T) { name: "when the LDAP server connection validation previously failed for this resource generation, then try to validate it again", inputUpstreams: []runtime.Object{editedValidUpstream(func(upstream *v1alpha1.LDAPIdentityProvider) { upstream.Generation = 1234 - upstream.Status.Conditions = []v1alpha1.Condition{ + upstream.Status.Conditions = []metav1.Condition{ { Type: "LDAPConnectionValid", Status: "False", // failure! @@ -990,7 +990,7 @@ func TestLDAPUpstreamWatcherControllerSync(t *testing.T) { // this shouldn't happen, but if it does, just throw it out and try again. inputUpstreams: []runtime.Object{editedValidUpstream(func(upstream *v1alpha1.LDAPIdentityProvider) { upstream.Generation = 1234 - upstream.Status.Conditions = []v1alpha1.Condition{ + upstream.Status.Conditions = []metav1.Condition{ { Type: "LDAPConnectionValid", Status: "False", // failure! @@ -1032,7 +1032,7 @@ func TestLDAPUpstreamWatcherControllerSync(t *testing.T) { name: "when the LDAP server connection was already validated for this resource generation but the bind secret has changed, then try to validate it again", inputUpstreams: []runtime.Object{editedValidUpstream(func(upstream *v1alpha1.LDAPIdentityProvider) { upstream.Generation = 1234 - upstream.Status.Conditions = []v1alpha1.Condition{ + upstream.Status.Conditions = []metav1.Condition{ ldapConnectionValidTrueCondition(1234, "4241"), // same spec generation, old secret version } })}, @@ -1104,7 +1104,7 @@ func TestLDAPUpstreamWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName, Generation: 1234, UID: testResourceUID}, Status: v1alpha1.LDAPIdentityProviderStatus{ Phase: "Ready", - Conditions: []v1alpha1.Condition{ + Conditions: []metav1.Condition{ bindSecretValidTrueCondition(1234), ldapConnectionValidTrueCondition(1234, "4242"), { diff --git a/internal/controller/supervisorconfig/oidcclientwatcher/oidc_client_watcher.go b/internal/controller/supervisorconfig/oidcclientwatcher/oidc_client_watcher.go index 44377fa3..fbd54d41 100644 --- a/internal/controller/supervisorconfig/oidcclientwatcher/oidc_client_watcher.go +++ b/internal/controller/supervisorconfig/oidcclientwatcher/oidc_client_watcher.go @@ -1,4 +1,4 @@ -// Copyright 2022 the Pinniped contributors. All Rights Reserved. +// Copyright 2022-2023 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package oidcclientwatcher @@ -128,7 +128,7 @@ func (c *oidcClientWatcherController) Sync(ctx controllerlib.Context) error { func (c *oidcClientWatcherController) updateStatus( ctx context.Context, upstream *v1alpha1.OIDCClient, - conditions []*v1alpha1.Condition, + conditions []*metav1.Condition, totalClientSecrets int, ) error { updated := upstream.DeepCopy() diff --git a/internal/controller/supervisorconfig/oidcclientwatcher/oidc_client_watcher_test.go b/internal/controller/supervisorconfig/oidcclientwatcher/oidc_client_watcher_test.go index 05ea4fd8..75fb62ad 100644 --- a/internal/controller/supervisorconfig/oidcclientwatcher/oidc_client_watcher_test.go +++ b/internal/controller/supervisorconfig/oidcclientwatcher/oidc_client_watcher_test.go @@ -1,4 +1,4 @@ -// Copyright 2022 the Pinniped contributors. All Rights Reserved. +// Copyright 2022-2023 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package oidcclientwatcher @@ -169,8 +169,8 @@ func TestOIDCClientWatcherControllerSync(t *testing.T) { now := metav1.NewTime(time.Now().UTC()) earlier := metav1.NewTime(now.Add(-1 * time.Hour).UTC()) - happyAllowedGrantTypesCondition := func(time metav1.Time, observedGeneration int64) configv1alpha1.Condition { - return configv1alpha1.Condition{ + happyAllowedGrantTypesCondition := func(time metav1.Time, observedGeneration int64) metav1.Condition { + return metav1.Condition{ Type: "AllowedGrantTypesValid", Status: "True", LastTransitionTime: time, @@ -180,8 +180,8 @@ func TestOIDCClientWatcherControllerSync(t *testing.T) { } } - sadAllowedGrantTypesCondition := func(time metav1.Time, observedGeneration int64, message string) configv1alpha1.Condition { - return configv1alpha1.Condition{ + sadAllowedGrantTypesCondition := func(time metav1.Time, observedGeneration int64, message string) metav1.Condition { + return metav1.Condition{ Type: "AllowedGrantTypesValid", Status: "False", LastTransitionTime: time, @@ -191,8 +191,8 @@ func TestOIDCClientWatcherControllerSync(t *testing.T) { } } - happyClientSecretsCondition := func(howMany int, time metav1.Time, observedGeneration int64) configv1alpha1.Condition { - return configv1alpha1.Condition{ + happyClientSecretsCondition := func(howMany int, time metav1.Time, observedGeneration int64) metav1.Condition { + return metav1.Condition{ Type: "ClientSecretExists", Status: "True", LastTransitionTime: time, @@ -202,8 +202,8 @@ func TestOIDCClientWatcherControllerSync(t *testing.T) { } } - sadNoClientSecretsCondition := func(time metav1.Time, observedGeneration int64, message string) configv1alpha1.Condition { - return configv1alpha1.Condition{ + sadNoClientSecretsCondition := func(time metav1.Time, observedGeneration int64, message string) metav1.Condition { + return metav1.Condition{ Type: "ClientSecretExists", Status: "False", LastTransitionTime: time, @@ -213,8 +213,8 @@ func TestOIDCClientWatcherControllerSync(t *testing.T) { } } - sadInvalidClientSecretsCondition := func(time metav1.Time, observedGeneration int64, message string) configv1alpha1.Condition { - return configv1alpha1.Condition{ + sadInvalidClientSecretsCondition := func(time metav1.Time, observedGeneration int64, message string) metav1.Condition { + return metav1.Condition{ Type: "ClientSecretExists", Status: "False", LastTransitionTime: time, @@ -224,8 +224,8 @@ func TestOIDCClientWatcherControllerSync(t *testing.T) { } } - happyAllowedScopesCondition := func(time metav1.Time, observedGeneration int64) configv1alpha1.Condition { - return configv1alpha1.Condition{ + happyAllowedScopesCondition := func(time metav1.Time, observedGeneration int64) metav1.Condition { + return metav1.Condition{ Type: "AllowedScopesValid", Status: "True", LastTransitionTime: time, @@ -235,8 +235,8 @@ func TestOIDCClientWatcherControllerSync(t *testing.T) { } } - sadAllowedScopesCondition := func(time metav1.Time, observedGeneration int64, message string) configv1alpha1.Condition { - return configv1alpha1.Condition{ + sadAllowedScopesCondition := func(time metav1.Time, observedGeneration int64, message string) metav1.Condition { + return metav1.Condition{ Type: "AllowedScopesValid", Status: "False", LastTransitionTime: time, @@ -292,7 +292,7 @@ func TestOIDCClientWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName, Generation: 1234, UID: testUID}, Status: configv1alpha1.OIDCClientStatus{ Phase: "Ready", - Conditions: []configv1alpha1.Condition{ + Conditions: []metav1.Condition{ happyAllowedGrantTypesCondition(now, 1234), happyAllowedScopesCondition(now, 1234), happyClientSecretsCondition(1, now, 1234), @@ -317,7 +317,7 @@ func TestOIDCClientWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName, Generation: 1234, UID: testUID}, Status: configv1alpha1.OIDCClientStatus{ Phase: "Ready", - Conditions: []configv1alpha1.Condition{ + Conditions: []metav1.Condition{ happyAllowedGrantTypesCondition(now, 1234), happyAllowedScopesCondition(now, 1234), happyClientSecretsCondition(2, now, 1234), @@ -336,7 +336,7 @@ func TestOIDCClientWatcherControllerSync(t *testing.T) { }, Status: configv1alpha1.OIDCClientStatus{ Phase: "Ready", - Conditions: []configv1alpha1.Condition{ + Conditions: []metav1.Condition{ happyAllowedGrantTypesCondition(earlier, 1234), happyAllowedScopesCondition(earlier, 1234), happyClientSecretsCondition(1, earlier, 1234), @@ -350,7 +350,7 @@ func TestOIDCClientWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName, Generation: 1234, UID: testUID}, Status: configv1alpha1.OIDCClientStatus{ Phase: "Ready", - Conditions: []configv1alpha1.Condition{ + Conditions: []metav1.Condition{ happyAllowedGrantTypesCondition(earlier, 1234), happyAllowedScopesCondition(earlier, 1234), happyClientSecretsCondition(1, earlier, 1234), @@ -370,7 +370,7 @@ func TestOIDCClientWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName, Generation: 1234, UID: testUID}, Status: configv1alpha1.OIDCClientStatus{ Phase: "Error", - Conditions: []configv1alpha1.Condition{ + Conditions: []metav1.Condition{ sadAllowedGrantTypesCondition(now, 1234, `"authorization_code" must always be included in "allowedGrantTypes"`), sadAllowedScopesCondition(now, 1234, `"openid" must always be included in "allowedScopes"`), sadNoClientSecretsCondition(now, 1234, "no client secret found (no Secret storage found)"), @@ -393,7 +393,7 @@ func TestOIDCClientWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName, Generation: 1234, UID: testUID}, Status: configv1alpha1.OIDCClientStatus{ Phase: "Error", - Conditions: []configv1alpha1.Condition{ + Conditions: []metav1.Condition{ happyAllowedGrantTypesCondition(now, 1234), happyAllowedScopesCondition(now, 1234), sadNoClientSecretsCondition(now, 1234, "error reading client secret storage: OIDC client secret storage data has wrong version: OIDC client secret storage has version wrong-version instead of 1"), @@ -416,7 +416,7 @@ func TestOIDCClientWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName, Generation: 1234, UID: testUID}, Status: configv1alpha1.OIDCClientStatus{ Phase: "Error", - Conditions: []configv1alpha1.Condition{ + Conditions: []metav1.Condition{ happyAllowedGrantTypesCondition(now, 1234), happyAllowedScopesCondition(now, 1234), sadNoClientSecretsCondition(now, 1234, "no client secret found (empty list in storage)"), @@ -443,7 +443,7 @@ func TestOIDCClientWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName, Generation: 1234, UID: testUID}, Status: configv1alpha1.OIDCClientStatus{ Phase: "Error", - Conditions: []configv1alpha1.Condition{ + Conditions: []metav1.Condition{ happyAllowedGrantTypesCondition(now, 1234), happyAllowedScopesCondition(now, 1234), sadInvalidClientSecretsCondition(now, 1234, @@ -477,7 +477,7 @@ func TestOIDCClientWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: "client.oauth.pinniped.dev-test1", Generation: 1234, UID: "uid1"}, Status: configv1alpha1.OIDCClientStatus{ Phase: "Ready", - Conditions: []configv1alpha1.Condition{ + Conditions: []metav1.Condition{ happyAllowedGrantTypesCondition(now, 1234), happyAllowedScopesCondition(now, 1234), happyClientSecretsCondition(1, now, 1234), @@ -489,7 +489,7 @@ func TestOIDCClientWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: "client.oauth.pinniped.dev-test2", Generation: 4567, UID: "uid2"}, Status: configv1alpha1.OIDCClientStatus{ Phase: "Error", - Conditions: []configv1alpha1.Condition{ + Conditions: []metav1.Condition{ sadAllowedGrantTypesCondition(now, 4567, `"authorization_code" must always be included in "allowedGrantTypes"`), sadAllowedScopesCondition(now, 4567, `"openid" must always be included in "allowedScopes"`), sadNoClientSecretsCondition(now, 4567, "no client secret found (no Secret storage found)"), @@ -510,7 +510,7 @@ func TestOIDCClientWatcherControllerSync(t *testing.T) { // was invalid on previous run of controller which observed an old generation at an earlier time Status: configv1alpha1.OIDCClientStatus{ Phase: "Error", - Conditions: []configv1alpha1.Condition{ + Conditions: []metav1.Condition{ sadAllowedGrantTypesCondition(earlier, 1234, `"authorization_code" must always be included in "allowedGrantTypes"`), sadAllowedScopesCondition(earlier, 1234, `"openid" must always be included in "allowedScopes"`), happyClientSecretsCondition(1, earlier, 1234), @@ -525,7 +525,7 @@ func TestOIDCClientWatcherControllerSync(t *testing.T) { // status was updated to reflect the current generation at the current time Status: configv1alpha1.OIDCClientStatus{ Phase: "Ready", - Conditions: []configv1alpha1.Condition{ + Conditions: []metav1.Condition{ happyAllowedGrantTypesCondition(now, 4567), happyAllowedScopesCondition(now, 4567), happyClientSecretsCondition(1, earlier, 4567), // was already validated earlier @@ -549,7 +549,7 @@ func TestOIDCClientWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName, Generation: 1234, UID: testUID}, Status: configv1alpha1.OIDCClientStatus{ Phase: "Error", - Conditions: []configv1alpha1.Condition{ + Conditions: []metav1.Condition{ sadAllowedGrantTypesCondition(now, 1234, `"refresh_token" must be included in "allowedGrantTypes" when "offline_access" is included in "allowedScopes"`), happyAllowedScopesCondition(now, 1234), happyClientSecretsCondition(1, now, 1234), @@ -573,7 +573,7 @@ func TestOIDCClientWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName, Generation: 1234, UID: testUID}, Status: configv1alpha1.OIDCClientStatus{ Phase: "Error", - Conditions: []configv1alpha1.Condition{ + Conditions: []metav1.Condition{ sadAllowedGrantTypesCondition(now, 1234, `"authorization_code" must always be included in "allowedGrantTypes"; `+ `"urn:ietf:params:oauth:grant-type:token-exchange" must be included in "allowedGrantTypes" when "pinniped:request-audience" is included in "allowedScopes"`), @@ -602,7 +602,7 @@ func TestOIDCClientWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName, Generation: 1234, UID: testUID}, Status: configv1alpha1.OIDCClientStatus{ Phase: "Error", - Conditions: []configv1alpha1.Condition{ + Conditions: []metav1.Condition{ sadAllowedGrantTypesCondition(now, 1234, `"authorization_code" must always be included in "allowedGrantTypes"; `+ `"refresh_token" must be included in "allowedGrantTypes" when "offline_access" is included in "allowedScopes"`), @@ -630,7 +630,7 @@ func TestOIDCClientWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName, Generation: 1234, UID: testUID}, Status: configv1alpha1.OIDCClientStatus{ Phase: "Error", - Conditions: []configv1alpha1.Condition{ + Conditions: []metav1.Condition{ sadAllowedGrantTypesCondition(now, 1234, `"urn:ietf:params:oauth:grant-type:token-exchange" must be included in "allowedGrantTypes" when "pinniped:request-audience" is included in "allowedScopes"`), happyAllowedScopesCondition(now, 1234), happyClientSecretsCondition(1, now, 1234), @@ -654,7 +654,7 @@ func TestOIDCClientWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName, Generation: 1234, UID: testUID}, Status: configv1alpha1.OIDCClientStatus{ Phase: "Error", - Conditions: []configv1alpha1.Condition{ + Conditions: []metav1.Condition{ happyAllowedGrantTypesCondition(now, 1234), sadAllowedScopesCondition(now, 1234, `"offline_access" must be included in "allowedScopes" when "refresh_token" is included in "allowedGrantTypes"`), happyClientSecretsCondition(1, now, 1234), @@ -678,7 +678,7 @@ func TestOIDCClientWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName, Generation: 1234, UID: testUID}, Status: configv1alpha1.OIDCClientStatus{ Phase: "Error", - Conditions: []configv1alpha1.Condition{ + Conditions: []metav1.Condition{ happyAllowedGrantTypesCondition(now, 1234), sadAllowedScopesCondition(now, 1234, `"username" and "groups" must be included in "allowedScopes" when "pinniped:request-audience" is included in "allowedScopes"`), happyClientSecretsCondition(1, now, 1234), @@ -702,7 +702,7 @@ func TestOIDCClientWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName, Generation: 1234, UID: testUID}, Status: configv1alpha1.OIDCClientStatus{ Phase: "Error", - Conditions: []configv1alpha1.Condition{ + Conditions: []metav1.Condition{ happyAllowedGrantTypesCondition(now, 1234), sadAllowedScopesCondition(now, 1234, `"username" and "groups" must be included in "allowedScopes" when "pinniped:request-audience" is included in "allowedScopes"`), happyClientSecretsCondition(1, now, 1234), @@ -726,7 +726,7 @@ func TestOIDCClientWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName, Generation: 1234, UID: testUID}, Status: configv1alpha1.OIDCClientStatus{ Phase: "Error", - Conditions: []configv1alpha1.Condition{ + Conditions: []metav1.Condition{ happyAllowedGrantTypesCondition(now, 1234), sadAllowedScopesCondition(now, 1234, `"username" and "groups" must be included in "allowedScopes" when "pinniped:request-audience" is included in "allowedScopes"`), happyClientSecretsCondition(1, now, 1234), @@ -750,7 +750,7 @@ func TestOIDCClientWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName, Generation: 1234, UID: testUID}, Status: configv1alpha1.OIDCClientStatus{ Phase: "Error", - Conditions: []configv1alpha1.Condition{ + Conditions: []metav1.Condition{ happyAllowedGrantTypesCondition(now, 1234), sadAllowedScopesCondition(now, 1234, `"pinniped:request-audience" must be included in "allowedScopes" when "urn:ietf:params:oauth:grant-type:token-exchange" is included in "allowedGrantTypes"`), happyClientSecretsCondition(1, now, 1234), @@ -774,7 +774,7 @@ func TestOIDCClientWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName, Generation: 1234, UID: testUID}, Status: configv1alpha1.OIDCClientStatus{ Phase: "Ready", - Conditions: []configv1alpha1.Condition{ + Conditions: []metav1.Condition{ happyAllowedGrantTypesCondition(now, 1234), happyAllowedScopesCondition(now, 1234), happyClientSecretsCondition(1, now, 1234), @@ -798,7 +798,7 @@ func TestOIDCClientWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName, Generation: 1234, UID: testUID}, Status: configv1alpha1.OIDCClientStatus{ Phase: "Ready", - Conditions: []configv1alpha1.Condition{ + Conditions: []metav1.Condition{ happyAllowedGrantTypesCondition(now, 1234), happyAllowedScopesCondition(now, 1234), happyClientSecretsCondition(1, now, 1234), @@ -822,7 +822,7 @@ func TestOIDCClientWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName, Generation: 1234, UID: testUID}, Status: configv1alpha1.OIDCClientStatus{ Phase: "Ready", - Conditions: []configv1alpha1.Condition{ + Conditions: []metav1.Condition{ happyAllowedGrantTypesCondition(now, 1234), happyAllowedScopesCondition(now, 1234), happyClientSecretsCondition(1, now, 1234), @@ -846,7 +846,7 @@ func TestOIDCClientWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName, Generation: 1234, UID: testUID}, Status: configv1alpha1.OIDCClientStatus{ Phase: "Ready", - Conditions: []configv1alpha1.Condition{ + Conditions: []metav1.Condition{ happyAllowedGrantTypesCondition(now, 1234), happyAllowedScopesCondition(now, 1234), happyClientSecretsCondition(1, now, 1234), @@ -870,7 +870,7 @@ func TestOIDCClientWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName, Generation: 1234, UID: testUID}, Status: configv1alpha1.OIDCClientStatus{ Phase: "Ready", - Conditions: []configv1alpha1.Condition{ + Conditions: []metav1.Condition{ happyAllowedGrantTypesCondition(now, 1234), happyAllowedScopesCondition(now, 1234), happyClientSecretsCondition(1, now, 1234), @@ -894,7 +894,7 @@ func TestOIDCClientWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName, Generation: 1234, UID: testUID}, Status: configv1alpha1.OIDCClientStatus{ Phase: "Ready", - Conditions: []configv1alpha1.Condition{ + Conditions: []metav1.Condition{ happyAllowedGrantTypesCondition(now, 1234), happyAllowedScopesCondition(now, 1234), happyClientSecretsCondition(1, now, 1234), @@ -918,7 +918,7 @@ func TestOIDCClientWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName, Generation: 1234, UID: testUID}, Status: configv1alpha1.OIDCClientStatus{ Phase: "Ready", - Conditions: []configv1alpha1.Condition{ + Conditions: []metav1.Condition{ happyAllowedGrantTypesCondition(now, 1234), happyAllowedScopesCondition(now, 1234), happyClientSecretsCondition(1, now, 1234), @@ -942,7 +942,7 @@ func TestOIDCClientWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName, Generation: 1234, UID: testUID}, Status: configv1alpha1.OIDCClientStatus{ Phase: "Ready", - Conditions: []configv1alpha1.Condition{ + Conditions: []metav1.Condition{ happyAllowedGrantTypesCondition(now, 1234), happyAllowedScopesCondition(now, 1234), happyClientSecretsCondition(1, now, 1234), diff --git a/internal/controller/supervisorconfig/oidcupstreamwatcher/oidc_upstream_watcher.go b/internal/controller/supervisorconfig/oidcupstreamwatcher/oidc_upstream_watcher.go index 84904b08..3cfbc7e2 100644 --- a/internal/controller/supervisorconfig/oidcupstreamwatcher/oidc_upstream_watcher.go +++ b/internal/controller/supervisorconfig/oidcupstreamwatcher/oidc_upstream_watcher.go @@ -219,22 +219,22 @@ func (c *oidcWatcherController) validateUpstream(ctx controllerlib.Context, upst ResourceUID: upstream.UID, } - conditions := []*v1alpha1.Condition{ + conditions := []*metav1.Condition{ c.validateSecret(upstream, &result), c.validateIssuer(ctx.Context, upstream, &result), } if len(rejectedAuthcodeAuthorizeParameters) > 0 { - conditions = append(conditions, &v1alpha1.Condition{ + conditions = append(conditions, &metav1.Condition{ Type: typeAdditionalAuthorizeParametersValid, - Status: v1alpha1.ConditionFalse, + Status: metav1.ConditionFalse, Reason: reasonDisallowedParameterName, Message: fmt.Sprintf("the following additionalAuthorizeParameters are not allowed: %s", strings.Join(rejectedAuthcodeAuthorizeParameters, ",")), }) } else { - conditions = append(conditions, &v1alpha1.Condition{ + conditions = append(conditions, &metav1.Condition{ Type: typeAdditionalAuthorizeParametersValid, - Status: v1alpha1.ConditionTrue, + Status: metav1.ConditionTrue, Reason: upstreamwatchers.ReasonSuccess, Message: allParamNamesAllowedMsg, }) @@ -245,7 +245,7 @@ func (c *oidcWatcherController) validateUpstream(ctx controllerlib.Context, upst valid := true log := c.log.WithValues("namespace", upstream.Namespace, "name", upstream.Name) for _, condition := range conditions { - if condition.Status == v1alpha1.ConditionFalse { + if condition.Status == metav1.ConditionFalse { valid = false log.WithValues( "type", condition.Type, @@ -261,15 +261,15 @@ func (c *oidcWatcherController) validateUpstream(ctx controllerlib.Context, upst } // validateSecret validates the .spec.client.secretName field and returns the appropriate ClientCredentialsValid condition. -func (c *oidcWatcherController) validateSecret(upstream *v1alpha1.OIDCIdentityProvider, result *upstreamoidc.ProviderConfig) *v1alpha1.Condition { +func (c *oidcWatcherController) validateSecret(upstream *v1alpha1.OIDCIdentityProvider, result *upstreamoidc.ProviderConfig) *metav1.Condition { secretName := upstream.Spec.Client.SecretName // Fetch the Secret from informer cache. secret, err := c.secretInformer.Lister().Secrets(upstream.Namespace).Get(secretName) if err != nil { - return &v1alpha1.Condition{ + return &metav1.Condition{ Type: typeClientCredentialsValid, - Status: v1alpha1.ConditionFalse, + Status: metav1.ConditionFalse, Reason: upstreamwatchers.ReasonNotFound, Message: err.Error(), } @@ -277,9 +277,9 @@ func (c *oidcWatcherController) validateSecret(upstream *v1alpha1.OIDCIdentityPr // Validate the secret .type field. if secret.Type != oidcClientSecretType { - return &v1alpha1.Condition{ + return &metav1.Condition{ Type: typeClientCredentialsValid, - Status: v1alpha1.ConditionFalse, + Status: metav1.ConditionFalse, Reason: upstreamwatchers.ReasonWrongType, Message: fmt.Sprintf("referenced Secret %q has wrong type %q (should be %q)", secretName, secret.Type, oidcClientSecretType), } @@ -289,9 +289,9 @@ func (c *oidcWatcherController) validateSecret(upstream *v1alpha1.OIDCIdentityPr clientID := secret.Data[clientIDDataKey] clientSecret := secret.Data[clientSecretDataKey] if len(clientID) == 0 || len(clientSecret) == 0 { - return &v1alpha1.Condition{ + return &metav1.Condition{ Type: typeClientCredentialsValid, - Status: v1alpha1.ConditionFalse, + Status: metav1.ConditionFalse, Reason: upstreamwatchers.ReasonMissingKeys, Message: fmt.Sprintf("referenced Secret %q is missing required keys %q", secretName, []string{clientIDDataKey, clientSecretDataKey}), } @@ -300,16 +300,16 @@ func (c *oidcWatcherController) validateSecret(upstream *v1alpha1.OIDCIdentityPr // If everything is valid, update the result and set the condition to true. result.Config.ClientID = string(clientID) result.Config.ClientSecret = string(clientSecret) - return &v1alpha1.Condition{ + return &metav1.Condition{ Type: typeClientCredentialsValid, - Status: v1alpha1.ConditionTrue, + Status: metav1.ConditionTrue, Reason: upstreamwatchers.ReasonSuccess, Message: "loaded client credentials", } } // validateIssuer validates the .spec.issuer field, performs OIDC discovery, and returns the appropriate OIDCDiscoverySucceeded condition. -func (c *oidcWatcherController) validateIssuer(ctx context.Context, upstream *v1alpha1.OIDCIdentityProvider, result *upstreamoidc.ProviderConfig) *v1alpha1.Condition { +func (c *oidcWatcherController) validateIssuer(ctx context.Context, upstream *v1alpha1.OIDCIdentityProvider, result *upstreamoidc.ProviderConfig) *metav1.Condition { // Get the provider and HTTP Client from cache if possible. discoveredProvider, httpClient := c.validatorCache.getProvider(&upstream.Spec) @@ -318,9 +318,9 @@ func (c *oidcWatcherController) validateIssuer(ctx context.Context, upstream *v1 var err error httpClient, err = getClient(upstream) if err != nil { - return &v1alpha1.Condition{ + return &metav1.Condition{ Type: typeOIDCDiscoverySucceeded, - Status: v1alpha1.ConditionFalse, + Status: metav1.ConditionFalse, Reason: upstreamwatchers.ReasonInvalidTLSConfig, Message: err.Error(), } @@ -338,9 +338,9 @@ func (c *oidcWatcherController) validateIssuer(ctx context.Context, upstream *v1 "name", upstream.Name, "issuer", upstream.Spec.Issuer, ).Error(err, "failed to perform OIDC discovery") - return &v1alpha1.Condition{ + return &metav1.Condition{ Type: typeOIDCDiscoverySucceeded, - Status: v1alpha1.ConditionFalse, + Status: metav1.ConditionFalse, Reason: reasonUnreachable, Message: fmt.Sprintf("failed to perform OIDC discovery against %q:\n%s", upstream.Spec.Issuer, truncateMostLongErr(err)), } @@ -357,9 +357,9 @@ func (c *oidcWatcherController) validateIssuer(ctx context.Context, upstream *v1 } if err := discoveredProvider.Claims(&additionalDiscoveryClaims); err != nil { // This shouldn't actually happen because the above call to NewProvider() would have already returned this error. - return &v1alpha1.Condition{ + return &metav1.Condition{ Type: typeOIDCDiscoverySucceeded, - Status: v1alpha1.ConditionFalse, + Status: metav1.ConditionFalse, Reason: reasonInvalidResponse, Message: fmt.Sprintf("failed to unmarshal OIDC discovery response from %q:\n%s", upstream.Spec.Issuer, truncateMostLongErr(err)), } @@ -400,15 +400,15 @@ func (c *oidcWatcherController) validateIssuer(ctx context.Context, upstream *v1 result.Config.Endpoint = discoveredProvider.Endpoint() result.Provider = discoveredProvider result.Client = httpClient - return &v1alpha1.Condition{ + return &metav1.Condition{ Type: typeOIDCDiscoverySucceeded, - Status: v1alpha1.ConditionTrue, + Status: metav1.ConditionTrue, Reason: upstreamwatchers.ReasonSuccess, Message: "discovered issuer configuration", } } -func (c *oidcWatcherController) updateStatus(ctx context.Context, upstream *v1alpha1.OIDCIdentityProvider, conditions []*v1alpha1.Condition) { +func (c *oidcWatcherController) updateStatus(ctx context.Context, upstream *v1alpha1.OIDCIdentityProvider, conditions []*metav1.Condition) { log := c.log.WithValues("namespace", upstream.Namespace, "name", upstream.Name) updated := upstream.DeepCopy() @@ -485,28 +485,28 @@ func truncateMostLongErr(err error) string { return msg[:max] + fmt.Sprintf(" [truncated %d chars]", len(msg)-max) } -func validateHTTPSURL(maybeHTTPSURL, endpointType, reason string) (*url.URL, *v1alpha1.Condition) { +func validateHTTPSURL(maybeHTTPSURL, endpointType, reason string) (*url.URL, *metav1.Condition) { parsedURL, err := url.Parse(maybeHTTPSURL) if err != nil { - return nil, &v1alpha1.Condition{ + return nil, &metav1.Condition{ Type: typeOIDCDiscoverySucceeded, - Status: v1alpha1.ConditionFalse, + Status: metav1.ConditionFalse, Reason: reason, Message: fmt.Sprintf("failed to parse %s URL: %v", endpointType, truncateMostLongErr(err)), } } if parsedURL.Scheme != "https" { - return nil, &v1alpha1.Condition{ + return nil, &metav1.Condition{ Type: typeOIDCDiscoverySucceeded, - Status: v1alpha1.ConditionFalse, + Status: metav1.ConditionFalse, Reason: reason, Message: fmt.Sprintf(`%s URL '%s' must have "https" scheme, not %q`, endpointType, maybeHTTPSURL, parsedURL.Scheme), } } if len(parsedURL.Query()) != 0 || parsedURL.Fragment != "" { - return nil, &v1alpha1.Condition{ + return nil, &metav1.Condition{ Type: typeOIDCDiscoverySucceeded, - Status: v1alpha1.ConditionFalse, + Status: metav1.ConditionFalse, Reason: reason, Message: fmt.Sprintf(`%s URL '%s' cannot contain query or fragment component`, endpointType, maybeHTTPSURL), } diff --git a/internal/controller/supervisorconfig/oidcupstreamwatcher/oidc_upstream_watcher_test.go b/internal/controller/supervisorconfig/oidcupstreamwatcher/oidc_upstream_watcher_test.go index ae8a2973..7077cf57 100644 --- a/internal/controller/supervisorconfig/oidcupstreamwatcher/oidc_upstream_watcher_test.go +++ b/internal/controller/supervisorconfig/oidcupstreamwatcher/oidc_upstream_watcher_test.go @@ -123,7 +123,7 @@ func TestOIDCUpstreamWatcherControllerSync(t *testing.T) { require.NoError(t, err) wrongCABase64 := base64.StdEncoding.EncodeToString(wrongCA.Bundle()) - happyAdditionalAuthorizeParametersValidCondition := v1alpha1.Condition{ + happyAdditionalAuthorizeParametersValidCondition := metav1.Condition{ Type: "AdditionalAuthorizeParametersValid", Status: "True", Reason: "Success", @@ -184,7 +184,7 @@ func TestOIDCUpstreamWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName}, Status: v1alpha1.OIDCIdentityProviderStatus{ Phase: "Error", - Conditions: []v1alpha1.Condition{ + Conditions: []metav1.Condition{ happyAdditionalAuthorizeParametersValidCondition, { Type: "ClientCredentialsValid", @@ -231,7 +231,7 @@ func TestOIDCUpstreamWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName}, Status: v1alpha1.OIDCIdentityProviderStatus{ Phase: "Error", - Conditions: []v1alpha1.Condition{ + Conditions: []metav1.Condition{ happyAdditionalAuthorizeParametersValidCondition, { Type: "ClientCredentialsValid", @@ -277,7 +277,7 @@ func TestOIDCUpstreamWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName}, Status: v1alpha1.OIDCIdentityProviderStatus{ Phase: "Error", - Conditions: []v1alpha1.Condition{ + Conditions: []metav1.Condition{ happyAdditionalAuthorizeParametersValidCondition, { Type: "ClientCredentialsValid", @@ -326,7 +326,7 @@ func TestOIDCUpstreamWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName}, Status: v1alpha1.OIDCIdentityProviderStatus{ Phase: "Error", - Conditions: []v1alpha1.Condition{ + Conditions: []metav1.Condition{ happyAdditionalAuthorizeParametersValidCondition, { Type: "ClientCredentialsValid", @@ -375,7 +375,7 @@ func TestOIDCUpstreamWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName}, Status: v1alpha1.OIDCIdentityProviderStatus{ Phase: "Error", - Conditions: []v1alpha1.Condition{ + Conditions: []metav1.Condition{ happyAdditionalAuthorizeParametersValidCondition, { Type: "ClientCredentialsValid", @@ -421,7 +421,7 @@ func TestOIDCUpstreamWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName}, Status: v1alpha1.OIDCIdentityProviderStatus{ Phase: "Error", - Conditions: []v1alpha1.Condition{ + Conditions: []metav1.Condition{ happyAdditionalAuthorizeParametersValidCondition, { Type: "ClientCredentialsValid", @@ -467,7 +467,7 @@ func TestOIDCUpstreamWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName}, Status: v1alpha1.OIDCIdentityProviderStatus{ Phase: "Error", - Conditions: []v1alpha1.Condition{ + Conditions: []metav1.Condition{ happyAdditionalAuthorizeParametersValidCondition, { Type: "ClientCredentialsValid", @@ -513,7 +513,7 @@ func TestOIDCUpstreamWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName}, Status: v1alpha1.OIDCIdentityProviderStatus{ Phase: "Error", - Conditions: []v1alpha1.Condition{ + Conditions: []metav1.Condition{ happyAdditionalAuthorizeParametersValidCondition, { Type: "ClientCredentialsValid", @@ -559,7 +559,7 @@ func TestOIDCUpstreamWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName}, Status: v1alpha1.OIDCIdentityProviderStatus{ Phase: "Error", - Conditions: []v1alpha1.Condition{ + Conditions: []metav1.Condition{ happyAdditionalAuthorizeParametersValidCondition, { Type: "ClientCredentialsValid", @@ -607,7 +607,7 @@ func TestOIDCUpstreamWatcherControllerSync(t *testing.T) { ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName}, Status: v1alpha1.OIDCIdentityProviderStatus{ Phase: "Error", - Conditions: []v1alpha1.Condition{ + Conditions: []metav1.Condition{ happyAdditionalAuthorizeParametersValidCondition, { Type: "ClientCredentialsValid", @@ -655,7 +655,7 @@ Get "` + testIssuerURL + `/valid-url-that-is-really-really-long-nananananananana ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName}, Status: v1alpha1.OIDCIdentityProviderStatus{ Phase: "Error", - Conditions: []v1alpha1.Condition{ + Conditions: []metav1.Condition{ happyAdditionalAuthorizeParametersValidCondition, { Type: "ClientCredentialsValid", @@ -702,7 +702,7 @@ Get "` + testIssuerURL + `/valid-url-that-is-really-really-long-nananananananana ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName}, Status: v1alpha1.OIDCIdentityProviderStatus{ Phase: "Error", - Conditions: []v1alpha1.Condition{ + Conditions: []metav1.Condition{ happyAdditionalAuthorizeParametersValidCondition, { Type: "ClientCredentialsValid", @@ -749,7 +749,7 @@ Get "` + testIssuerURL + `/valid-url-that-is-really-really-long-nananananananana ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName}, Status: v1alpha1.OIDCIdentityProviderStatus{ Phase: "Error", - Conditions: []v1alpha1.Condition{ + Conditions: []metav1.Condition{ happyAdditionalAuthorizeParametersValidCondition, { Type: "ClientCredentialsValid", @@ -796,7 +796,7 @@ Get "` + testIssuerURL + `/valid-url-that-is-really-really-long-nananananananana ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName}, Status: v1alpha1.OIDCIdentityProviderStatus{ Phase: "Error", - Conditions: []v1alpha1.Condition{ + Conditions: []metav1.Condition{ happyAdditionalAuthorizeParametersValidCondition, { Type: "ClientCredentialsValid", @@ -843,7 +843,7 @@ Get "` + testIssuerURL + `/valid-url-that-is-really-really-long-nananananananana ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName}, Status: v1alpha1.OIDCIdentityProviderStatus{ Phase: "Error", - Conditions: []v1alpha1.Condition{ + Conditions: []metav1.Condition{ happyAdditionalAuthorizeParametersValidCondition, { Type: "ClientCredentialsValid", @@ -890,7 +890,7 @@ Get "` + testIssuerURL + `/valid-url-that-is-really-really-long-nananananananana ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName}, Status: v1alpha1.OIDCIdentityProviderStatus{ Phase: "Error", - Conditions: []v1alpha1.Condition{ + Conditions: []metav1.Condition{ happyAdditionalAuthorizeParametersValidCondition, { Type: "ClientCredentialsValid", @@ -937,7 +937,7 @@ Get "` + testIssuerURL + `/valid-url-that-is-really-really-long-nananananananana ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName}, Status: v1alpha1.OIDCIdentityProviderStatus{ Phase: "Error", - Conditions: []v1alpha1.Condition{ + Conditions: []metav1.Condition{ happyAdditionalAuthorizeParametersValidCondition, { Type: "ClientCredentialsValid", @@ -973,7 +973,7 @@ Get "` + testIssuerURL + `/valid-url-that-is-really-really-long-nananananananana }, Status: v1alpha1.OIDCIdentityProviderStatus{ Phase: "Error", - Conditions: []v1alpha1.Condition{ + Conditions: []metav1.Condition{ {Type: "ClientCredentialsValid", Status: "False", LastTransitionTime: earlier, Reason: "SomeError1", Message: "some previous error 1"}, {Type: "OIDCDiscoverySucceeded", Status: "False", LastTransitionTime: earlier, Reason: "SomeError2", Message: "some previous error 2"}, }, @@ -1008,7 +1008,7 @@ Get "` + testIssuerURL + `/valid-url-that-is-really-really-long-nananananananana ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName, UID: testUID}, Status: v1alpha1.OIDCIdentityProviderStatus{ Phase: "Ready", - Conditions: []v1alpha1.Condition{ + Conditions: []metav1.Condition{ happyAdditionalAuthorizeParametersValidCondition, {Type: "ClientCredentialsValid", Status: "True", LastTransitionTime: now, Reason: "Success", Message: "loaded client credentials"}, {Type: "OIDCDiscoverySucceeded", Status: "True", LastTransitionTime: now, Reason: "Success", Message: "discovered issuer configuration"}, @@ -1028,7 +1028,7 @@ Get "` + testIssuerURL + `/valid-url-that-is-really-really-long-nananananananana }, Status: v1alpha1.OIDCIdentityProviderStatus{ Phase: "Ready", - Conditions: []v1alpha1.Condition{ + Conditions: []metav1.Condition{ happyAdditionalAuthorizeParametersValidConditionEarlier, {Type: "ClientCredentialsValid", Status: "True", LastTransitionTime: earlier, Reason: "Success", Message: "loaded client credentials"}, {Type: "OIDCDiscoverySucceeded", Status: "True", LastTransitionTime: earlier, Reason: "Success", Message: "discovered issuer configuration"}, @@ -1064,7 +1064,7 @@ Get "` + testIssuerURL + `/valid-url-that-is-really-really-long-nananananananana ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName, Generation: 1234, UID: testUID}, Status: v1alpha1.OIDCIdentityProviderStatus{ Phase: "Ready", - Conditions: []v1alpha1.Condition{ + Conditions: []metav1.Condition{ {Type: "AdditionalAuthorizeParametersValid", Status: "True", LastTransitionTime: earlier, Reason: "Success", Message: "additionalAuthorizeParameters parameter names are allowed", ObservedGeneration: 1234}, {Type: "ClientCredentialsValid", Status: "True", LastTransitionTime: earlier, Reason: "Success", Message: "loaded client credentials", ObservedGeneration: 1234}, {Type: "OIDCDiscoverySucceeded", Status: "True", LastTransitionTime: earlier, Reason: "Success", Message: "discovered issuer configuration", ObservedGeneration: 1234}, @@ -1084,7 +1084,7 @@ Get "` + testIssuerURL + `/valid-url-that-is-really-really-long-nananananananana }, Status: v1alpha1.OIDCIdentityProviderStatus{ Phase: "Ready", - Conditions: []v1alpha1.Condition{ + Conditions: []metav1.Condition{ happyAdditionalAuthorizeParametersValidConditionEarlier, {Type: "ClientCredentialsValid", Status: "True", LastTransitionTime: earlier, Reason: "Success", Message: "loaded client credentials"}, {Type: "OIDCDiscoverySucceeded", Status: "True", LastTransitionTime: earlier, Reason: "Success", Message: "discovered issuer configuration"}, @@ -1120,7 +1120,7 @@ Get "` + testIssuerURL + `/valid-url-that-is-really-really-long-nananananananana ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName, Generation: 1234, UID: testUID}, Status: v1alpha1.OIDCIdentityProviderStatus{ Phase: "Ready", - Conditions: []v1alpha1.Condition{ + Conditions: []metav1.Condition{ {Type: "AdditionalAuthorizeParametersValid", Status: "True", LastTransitionTime: earlier, Reason: "Success", Message: "additionalAuthorizeParameters parameter names are allowed", ObservedGeneration: 1234}, {Type: "ClientCredentialsValid", Status: "True", LastTransitionTime: earlier, Reason: "Success", Message: "loaded client credentials", ObservedGeneration: 1234}, {Type: "OIDCDiscoverySucceeded", Status: "True", LastTransitionTime: earlier, Reason: "Success", Message: "discovered issuer configuration", ObservedGeneration: 1234}, @@ -1143,7 +1143,7 @@ Get "` + testIssuerURL + `/valid-url-that-is-really-really-long-nananananananana }, Status: v1alpha1.OIDCIdentityProviderStatus{ Phase: "Ready", - Conditions: []v1alpha1.Condition{ + Conditions: []metav1.Condition{ happyAdditionalAuthorizeParametersValidConditionEarlier, {Type: "ClientCredentialsValid", Status: "True", LastTransitionTime: earlier, Reason: "Success", Message: "loaded client credentials"}, {Type: "OIDCDiscoverySucceeded", Status: "True", LastTransitionTime: earlier, Reason: "Success", Message: "discovered issuer configuration"}, @@ -1179,7 +1179,7 @@ Get "` + testIssuerURL + `/valid-url-that-is-really-really-long-nananananananana ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName, Generation: 1234, UID: testUID}, Status: v1alpha1.OIDCIdentityProviderStatus{ Phase: "Ready", - Conditions: []v1alpha1.Condition{ + Conditions: []metav1.Condition{ {Type: "AdditionalAuthorizeParametersValid", Status: "True", LastTransitionTime: earlier, Reason: "Success", Message: "additionalAuthorizeParameters parameter names are allowed", ObservedGeneration: 1234}, {Type: "ClientCredentialsValid", Status: "True", LastTransitionTime: earlier, Reason: "Success", Message: "loaded client credentials", ObservedGeneration: 1234}, {Type: "OIDCDiscoverySucceeded", Status: "True", LastTransitionTime: earlier, Reason: "Success", Message: "discovered issuer configuration", ObservedGeneration: 1234}, @@ -1210,7 +1210,7 @@ Get "` + testIssuerURL + `/valid-url-that-is-really-really-long-nananananananana }, Status: v1alpha1.OIDCIdentityProviderStatus{ Phase: "Ready", - Conditions: []v1alpha1.Condition{ + Conditions: []metav1.Condition{ happyAdditionalAuthorizeParametersValidConditionEarlier, {Type: "ClientCredentialsValid", Status: "True", LastTransitionTime: earlier, Reason: "Success", Message: "loaded client credentials"}, {Type: "OIDCDiscoverySucceeded", Status: "True", LastTransitionTime: earlier, Reason: "Success", Message: "discovered issuer configuration"}, @@ -1248,7 +1248,7 @@ Get "` + testIssuerURL + `/valid-url-that-is-really-really-long-nananananananana ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName, Generation: 1234, UID: testUID}, Status: v1alpha1.OIDCIdentityProviderStatus{ Phase: "Ready", - Conditions: []v1alpha1.Condition{ + Conditions: []metav1.Condition{ {Type: "AdditionalAuthorizeParametersValid", Status: "True", LastTransitionTime: earlier, Reason: "Success", Message: "additionalAuthorizeParameters parameter names are allowed", ObservedGeneration: 1234}, {Type: "ClientCredentialsValid", Status: "True", LastTransitionTime: earlier, Reason: "Success", Message: "loaded client credentials", ObservedGeneration: 1234}, {Type: "OIDCDiscoverySucceeded", Status: "True", LastTransitionTime: earlier, Reason: "Success", Message: "discovered issuer configuration", ObservedGeneration: 1234}, @@ -1297,7 +1297,7 @@ Get "` + testIssuerURL + `/valid-url-that-is-really-really-long-nananananananana ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName, Generation: 1234, UID: testUID}, Status: v1alpha1.OIDCIdentityProviderStatus{ Phase: "Error", - Conditions: []v1alpha1.Condition{ + Conditions: []metav1.Condition{ {Type: "AdditionalAuthorizeParametersValid", Status: "False", LastTransitionTime: now, Reason: "DisallowedParameterName", Message: "the following additionalAuthorizeParameters are not allowed: " + "response_type,scope,client_id,state,nonce,code_challenge,code_challenge_method,redirect_uri,hd", ObservedGeneration: 1234}, @@ -1335,7 +1335,7 @@ Get "` + testIssuerURL + `/valid-url-that-is-really-really-long-nananananananana ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName}, Status: v1alpha1.OIDCIdentityProviderStatus{ Phase: "Error", - Conditions: []v1alpha1.Condition{ + Conditions: []metav1.Condition{ happyAdditionalAuthorizeParametersValidCondition, { Type: "ClientCredentialsValid", @@ -1384,7 +1384,7 @@ oidc: issuer did not match the issuer returned by provider, expected "` + testIs ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName}, Status: v1alpha1.OIDCIdentityProviderStatus{ Phase: "Error", - Conditions: []v1alpha1.Condition{ + Conditions: []metav1.Condition{ happyAdditionalAuthorizeParametersValidCondition, { Type: "ClientCredentialsValid", diff --git a/internal/controller/supervisorconfig/upstreamwatchers/upstream_watchers.go b/internal/controller/supervisorconfig/upstreamwatchers/upstream_watchers.go index 33107dd8..1ab87787 100644 --- a/internal/controller/supervisorconfig/upstreamwatchers/upstream_watchers.go +++ b/internal/controller/supervisorconfig/upstreamwatchers/upstream_watchers.go @@ -11,6 +11,7 @@ import ( "time" corev1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" corev1informers "k8s.io/client-go/informers/core/v1" "go.pinniped.dev/generated/latest/apis/supervisor/idp/v1alpha1" @@ -60,7 +61,7 @@ type ValidatedSettings struct { // can keep writing them to the status in the future. This matters most when the first attempt // to write them to the IDP's status fails. In this case, future Syncs calls will be able to // use these cached values to try writing them again. - ConnectionValidCondition, SearchBaseFoundCondition *v1alpha1.Condition + ConnectionValidCondition, SearchBaseFoundCondition *metav1.Condition } // ValidatedSettingsCacheI is an interface for an in-memory cache with an entry for each upstream @@ -113,7 +114,7 @@ type UpstreamGenericLDAPSpec interface { BindSecretName() string UserSearch() UpstreamGenericLDAPUserSearch GroupSearch() UpstreamGenericLDAPGroupSearch - DetectAndSetSearchBase(ctx context.Context, config *upstreamldap.ProviderConfig) *v1alpha1.Condition + DetectAndSetSearchBase(ctx context.Context, config *upstreamldap.ProviderConfig) *metav1.Condition } type UpstreamGenericLDAPUserSearch interface { @@ -131,10 +132,10 @@ type UpstreamGenericLDAPGroupSearch interface { } type UpstreamGenericLDAPStatus interface { - Conditions() []v1alpha1.Condition + Conditions() []metav1.Condition } -func ValidateTLSConfig(tlsSpec *v1alpha1.TLSSpec, config *upstreamldap.ProviderConfig) *v1alpha1.Condition { +func ValidateTLSConfig(tlsSpec *v1alpha1.TLSSpec, config *upstreamldap.ProviderConfig) *metav1.Condition { if tlsSpec == nil { return validTLSCondition(noTLSConfigurationMessage) } @@ -162,7 +163,7 @@ func TestConnection( bindSecretName string, config *upstreamldap.ProviderConfig, currentSecretVersion string, -) *v1alpha1.Condition { +) *metav1.Condition { // First try using TLS. config.ConnectionProtocol = upstreamldap.TLS tlsLDAPProvider := upstreamldap.New(*config) @@ -187,57 +188,57 @@ func TestConnection( } if err != nil { - return &v1alpha1.Condition{ + return &metav1.Condition{ Type: typeLDAPConnectionValid, - Status: v1alpha1.ConditionFalse, + Status: metav1.ConditionFalse, Reason: reasonLDAPConnectionError, Message: fmt.Sprintf(`could not successfully connect to "%s" and bind as user "%s": %s`, config.Host, config.BindUsername, err.Error()), } } - return &v1alpha1.Condition{ + return &metav1.Condition{ Type: typeLDAPConnectionValid, - Status: v1alpha1.ConditionTrue, + Status: metav1.ConditionTrue, Reason: ReasonSuccess, Message: fmt.Sprintf(`successfully able to connect to "%s" and bind as user "%s" [validated with Secret "%s" at version "%s"]`, config.Host, config.BindUsername, bindSecretName, currentSecretVersion), } } -func validTLSCondition(message string) *v1alpha1.Condition { - return &v1alpha1.Condition{ +func validTLSCondition(message string) *metav1.Condition { + return &metav1.Condition{ Type: typeTLSConfigurationValid, - Status: v1alpha1.ConditionTrue, + Status: metav1.ConditionTrue, Reason: ReasonSuccess, Message: message, } } -func invalidTLSCondition(message string) *v1alpha1.Condition { - return &v1alpha1.Condition{ +func invalidTLSCondition(message string) *metav1.Condition { + return &metav1.Condition{ Type: typeTLSConfigurationValid, - Status: v1alpha1.ConditionFalse, + Status: metav1.ConditionFalse, Reason: ReasonInvalidTLSConfig, Message: message, } } -func ValidateSecret(secretInformer corev1informers.SecretInformer, secretName string, secretNamespace string, config *upstreamldap.ProviderConfig) (*v1alpha1.Condition, string) { +func ValidateSecret(secretInformer corev1informers.SecretInformer, secretName string, secretNamespace string, config *upstreamldap.ProviderConfig) (*metav1.Condition, string) { secret, err := secretInformer.Lister().Secrets(secretNamespace).Get(secretName) if err != nil { - return &v1alpha1.Condition{ + return &metav1.Condition{ Type: typeBindSecretValid, - Status: v1alpha1.ConditionFalse, + Status: metav1.ConditionFalse, Reason: ReasonNotFound, Message: err.Error(), }, "" } if secret.Type != corev1.SecretTypeBasicAuth { - return &v1alpha1.Condition{ + return &metav1.Condition{ Type: typeBindSecretValid, - Status: v1alpha1.ConditionFalse, + Status: metav1.ConditionFalse, Reason: ReasonWrongType, Message: fmt.Sprintf("referenced Secret %q has wrong type %q (should be %q)", secretName, secret.Type, corev1.SecretTypeBasicAuth), @@ -247,18 +248,18 @@ func ValidateSecret(secretInformer corev1informers.SecretInformer, secretName st config.BindUsername = string(secret.Data[corev1.BasicAuthUsernameKey]) config.BindPassword = string(secret.Data[corev1.BasicAuthPasswordKey]) if len(config.BindUsername) == 0 || len(config.BindPassword) == 0 { - return &v1alpha1.Condition{ + return &metav1.Condition{ Type: typeBindSecretValid, - Status: v1alpha1.ConditionFalse, + Status: metav1.ConditionFalse, Reason: ReasonMissingKeys, Message: fmt.Sprintf("referenced Secret %q is missing required keys %q", secretName, []string{corev1.BasicAuthUsernameKey, corev1.BasicAuthPasswordKey}), }, secret.ResourceVersion } - return &v1alpha1.Condition{ + return &metav1.Condition{ Type: typeBindSecretValid, - Status: v1alpha1.ConditionTrue, + Status: metav1.ConditionTrue, Reason: ReasonSuccess, Message: "loaded bind secret", }, secret.ResourceVersion @@ -266,7 +267,7 @@ func ValidateSecret(secretInformer corev1informers.SecretInformer, secretName st // gradatedCondition is a condition and a boolean that tells you whether the condition is fatal or just a warning. type gradatedCondition struct { - condition *v1alpha1.Condition + condition *metav1.Condition isFatal bool } @@ -275,15 +276,15 @@ type GradatedConditions struct { gradatedConditions []gradatedCondition } -func (g *GradatedConditions) Conditions() []*v1alpha1.Condition { - conditions := []*v1alpha1.Condition{} +func (g *GradatedConditions) Conditions() []*metav1.Condition { + conditions := []*metav1.Condition{} for _, gc := range g.gradatedConditions { conditions = append(conditions, gc.condition) } return conditions } -func (g *GradatedConditions) Append(condition *v1alpha1.Condition, isFatal bool) { +func (g *GradatedConditions) Append(condition *metav1.Condition, isFatal bool) { g.gradatedConditions = append(g.gradatedConditions, gradatedCondition{condition: condition, isFatal: isFatal}) } @@ -302,9 +303,9 @@ func ValidateGenericLDAP( tlsValidCondition := ValidateTLSConfig(upstream.Spec().TLSSpec(), config) conditions.Append(tlsValidCondition, true) - var ldapConnectionValidCondition, searchBaseFoundCondition *v1alpha1.Condition + var ldapConnectionValidCondition, searchBaseFoundCondition *metav1.Condition // No point in trying to connect to the server if the config was already determined to be invalid. - if secretValidCondition.Status == v1alpha1.ConditionTrue && tlsValidCondition.Status == v1alpha1.ConditionTrue { + if secretValidCondition.Status == metav1.ConditionTrue && tlsValidCondition.Status == metav1.ConditionTrue { ldapConnectionValidCondition, searchBaseFoundCondition = validateAndSetLDAPServerConnectivityAndSearchBase(ctx, validatedSettingsCache, upstream, config, currentSecretVersion) conditions.Append(ldapConnectionValidCondition, false) if searchBaseFoundCondition != nil { // currently, only used for AD, so may be nil @@ -320,9 +321,9 @@ func validateAndSetLDAPServerConnectivityAndSearchBase( upstream UpstreamGenericLDAPIDP, config *upstreamldap.ProviderConfig, currentSecretVersion string, -) (*v1alpha1.Condition, *v1alpha1.Condition) { +) (*metav1.Condition, *metav1.Condition) { validatedSettings, hasPreviousValidatedSettings := validatedSettingsCache.Get(upstream.Name(), currentSecretVersion, upstream.Generation()) - var ldapConnectionValidCondition, searchBaseFoundCondition *v1alpha1.Condition + var ldapConnectionValidCondition, searchBaseFoundCondition *metav1.Condition if hasPreviousValidatedSettings && validatedSettings.UserSearchBase != "" && validatedSettings.GroupSearchBase != "" { // Found previously validated settings in the cache (which is also not missing search base fields), so use them. @@ -344,8 +345,8 @@ func validateAndSetLDAPServerConnectivityAndSearchBase( // When there were no failures, write the newly validated settings to the cache. // It's okay for the search base condition to be nil, since it's only used by Active Directory providers, // but if it exists make sure it was not a failure. - if ldapConnectionValidCondition.Status == v1alpha1.ConditionTrue && - (searchBaseFoundCondition == nil || (searchBaseFoundCondition.Status == v1alpha1.ConditionTrue)) { + if ldapConnectionValidCondition.Status == metav1.ConditionTrue && + (searchBaseFoundCondition == nil || (searchBaseFoundCondition.Status == metav1.ConditionTrue)) { // Remember (in-memory for this pod) that the controller has successfully validated the LDAP or AD provider // using this version of the Secret. This is for performance reasons, to avoid attempting to connect to // the LDAP server more than is needed. If the pod restarts, it will attempt this validation again. @@ -366,14 +367,14 @@ func validateAndSetLDAPServerConnectivityAndSearchBase( func EvaluateConditions(conditions GradatedConditions, config *upstreamldap.ProviderConfig) (provider.UpstreamLDAPIdentityProviderI, bool) { for _, gradatedCondition := range conditions.gradatedConditions { - if gradatedCondition.condition.Status != v1alpha1.ConditionTrue && gradatedCondition.isFatal { + if gradatedCondition.condition.Status != metav1.ConditionTrue && gradatedCondition.isFatal { // Invalid provider, so do not load it into the cache. return nil, true } } for _, gradatedCondition := range conditions.gradatedConditions { - if gradatedCondition.condition.Status != v1alpha1.ConditionTrue && !gradatedCondition.isFatal { + if gradatedCondition.condition.Status != metav1.ConditionTrue && !gradatedCondition.isFatal { // Error but load it into the cache anyway, treating this condition failure more like a warning. // Try again hoping that the condition will improve. return upstreamldap.New(*config), true diff --git a/internal/oidc/oidcclientvalidator/oidcclientvalidator.go b/internal/oidc/oidcclientvalidator/oidcclientvalidator.go index ab16fef3..c7eb26a2 100644 --- a/internal/oidc/oidcclientvalidator/oidcclientvalidator.go +++ b/internal/oidc/oidcclientvalidator/oidcclientvalidator.go @@ -1,4 +1,4 @@ -// Copyright 2022 the Pinniped contributors. All Rights Reserved. +// Copyright 2022-2023 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package oidcclientvalidator @@ -9,6 +9,7 @@ import ( "golang.org/x/crypto/bcrypt" v1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "go.pinniped.dev/generated/latest/apis/supervisor/config/v1alpha1" oidcapi "go.pinniped.dev/generated/latest/apis/supervisor/oidc" @@ -36,8 +37,8 @@ const ( // get the validation error for that case. It returns a bool to indicate if the client is valid, // along with a slice of conditions containing more details, and the list of client secrets in the // case that the client was valid. -func Validate(oidcClient *v1alpha1.OIDCClient, secret *v1.Secret, minBcryptCost int) (bool, []*v1alpha1.Condition, []string) { - conds := make([]*v1alpha1.Condition, 0, 3) +func Validate(oidcClient *v1alpha1.OIDCClient, secret *v1.Secret, minBcryptCost int) (bool, []*metav1.Condition, []string) { + conds := make([]*metav1.Condition, 0, 3) conds, clientSecrets := validateSecret(secret, conds, minBcryptCost) conds = validateAllowedGrantTypes(oidcClient, conds) @@ -45,7 +46,7 @@ func Validate(oidcClient *v1alpha1.OIDCClient, secret *v1.Secret, minBcryptCost valid := true for _, cond := range conds { - if cond.Status != v1alpha1.ConditionTrue { + if cond.Status != metav1.ConditionTrue { valid = false break } @@ -54,7 +55,7 @@ func Validate(oidcClient *v1alpha1.OIDCClient, secret *v1.Secret, minBcryptCost } // validateAllowedScopes checks if allowedScopes is valid on the OIDCClient. -func validateAllowedScopes(oidcClient *v1alpha1.OIDCClient, conditions []*v1alpha1.Condition) []*v1alpha1.Condition { +func validateAllowedScopes(oidcClient *v1alpha1.OIDCClient, conditions []*metav1.Condition) []*metav1.Condition { m := make([]string, 0, 4) if !allowedScopesContains(oidcClient, oidcapi.ScopeOpenID) { @@ -75,16 +76,16 @@ func validateAllowedScopes(oidcClient *v1alpha1.OIDCClient, conditions []*v1alph } if len(m) == 0 { - conditions = append(conditions, &v1alpha1.Condition{ + conditions = append(conditions, &metav1.Condition{ Type: allowedScopesValid, - Status: v1alpha1.ConditionTrue, + Status: metav1.ConditionTrue, Reason: reasonSuccess, Message: fmt.Sprintf("%q is valid", allowedScopesFieldName), }) } else { - conditions = append(conditions, &v1alpha1.Condition{ + conditions = append(conditions, &metav1.Condition{ Type: allowedScopesValid, - Status: v1alpha1.ConditionFalse, + Status: metav1.ConditionFalse, Reason: reasonMissingRequiredValue, Message: strings.Join(m, "; "), }) @@ -94,7 +95,7 @@ func validateAllowedScopes(oidcClient *v1alpha1.OIDCClient, conditions []*v1alph } // validateAllowedGrantTypes checks if allowedGrantTypes is valid on the OIDCClient. -func validateAllowedGrantTypes(oidcClient *v1alpha1.OIDCClient, conditions []*v1alpha1.Condition) []*v1alpha1.Condition { +func validateAllowedGrantTypes(oidcClient *v1alpha1.OIDCClient, conditions []*metav1.Condition) []*metav1.Condition { m := make([]string, 0, 3) if !allowedGrantTypesContains(oidcClient, oidcapi.GrantTypeAuthorizationCode) { @@ -111,16 +112,16 @@ func validateAllowedGrantTypes(oidcClient *v1alpha1.OIDCClient, conditions []*v1 } if len(m) == 0 { - conditions = append(conditions, &v1alpha1.Condition{ + conditions = append(conditions, &metav1.Condition{ Type: allowedGrantTypesValid, - Status: v1alpha1.ConditionTrue, + Status: metav1.ConditionTrue, Reason: reasonSuccess, Message: fmt.Sprintf("%q is valid", allowedGrantTypesFieldName), }) } else { - conditions = append(conditions, &v1alpha1.Condition{ + conditions = append(conditions, &metav1.Condition{ Type: allowedGrantTypesValid, - Status: v1alpha1.ConditionFalse, + Status: metav1.ConditionFalse, Reason: reasonMissingRequiredValue, Message: strings.Join(m, "; "), }) @@ -131,14 +132,14 @@ func validateAllowedGrantTypes(oidcClient *v1alpha1.OIDCClient, conditions []*v1 // validateSecret checks if the client secret storage Secret is valid and contains at least one client secret. // It returns the updated conditions slice along with the client secrets found in that case that it is valid. -func validateSecret(secret *v1.Secret, conditions []*v1alpha1.Condition, minBcryptCost int) ([]*v1alpha1.Condition, []string) { +func validateSecret(secret *v1.Secret, conditions []*metav1.Condition, minBcryptCost int) ([]*metav1.Condition, []string) { emptyList := []string{} if secret == nil { // Invalid: no storage Secret found. - conditions = append(conditions, &v1alpha1.Condition{ + conditions = append(conditions, &metav1.Condition{ Type: clientSecretExists, - Status: v1alpha1.ConditionFalse, + Status: metav1.ConditionFalse, Reason: reasonNoClientSecretFound, Message: "no client secret found (no Secret storage found)", }) @@ -148,9 +149,9 @@ func validateSecret(secret *v1.Secret, conditions []*v1alpha1.Condition, minBcry storedClientSecrets, err := oidcclientsecretstorage.ReadFromSecret(secret) if err != nil { // Invalid: storage Secret exists but its data could not be parsed. - conditions = append(conditions, &v1alpha1.Condition{ + conditions = append(conditions, &metav1.Condition{ Type: clientSecretExists, - Status: v1alpha1.ConditionFalse, + Status: metav1.ConditionFalse, Reason: reasonNoClientSecretFound, Message: fmt.Sprintf("error reading client secret storage: %s", err.Error()), }) @@ -161,9 +162,9 @@ func validateSecret(secret *v1.Secret, conditions []*v1alpha1.Condition, minBcry storedClientSecretsCount := len(storedClientSecrets) if storedClientSecretsCount == 0 { // Invalid: no client secrets stored. - conditions = append(conditions, &v1alpha1.Condition{ + conditions = append(conditions, &metav1.Condition{ Type: clientSecretExists, - Status: v1alpha1.ConditionFalse, + Status: metav1.ConditionFalse, Reason: reasonNoClientSecretFound, Message: "no client secret found (empty list in storage)", }) @@ -186,9 +187,9 @@ func validateSecret(secret *v1.Secret, conditions []*v1alpha1.Condition, minBcry } if len(bcryptErrs) > 0 { // Invalid: some stored client secrets were not valid. - conditions = append(conditions, &v1alpha1.Condition{ + conditions = append(conditions, &metav1.Condition{ Type: clientSecretExists, - Status: v1alpha1.ConditionFalse, + Status: metav1.ConditionFalse, Reason: reasonInvalidClientSecretFound, Message: fmt.Sprintf("%d stored client secrets found, but some were invalid, so none will be used: %s", storedClientSecretsCount, strings.Join(bcryptErrs, "; ")), @@ -197,9 +198,9 @@ func validateSecret(secret *v1.Secret, conditions []*v1alpha1.Condition, minBcry } // Valid: has at least one client secret stored for this OIDC client, and all stored client secrets are valid. - conditions = append(conditions, &v1alpha1.Condition{ + conditions = append(conditions, &metav1.Condition{ Type: clientSecretExists, - Status: v1alpha1.ConditionTrue, + Status: metav1.ConditionTrue, Reason: reasonSuccess, Message: fmt.Sprintf("%d client secret(s) found", storedClientSecretsCount), }) diff --git a/internal/testutil/oidcclient.go b/internal/testutil/oidcclient.go index 6b8968d0..4dc27496 100644 --- a/internal/testutil/oidcclient.go +++ b/internal/testutil/oidcclient.go @@ -1,4 +1,4 @@ -// Copyright 2022 the Pinniped contributors. All Rights Reserved. +// Copyright 2022-2023 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package testutil @@ -63,7 +63,7 @@ func newOIDCClient( // OIDCClientValidatorFunc is an interface-like type that allows these test helpers to avoid having a direct dependency // on the production code, to avoid circular module dependencies. Implemented by oidcclientvalidator.Validate. -type OIDCClientValidatorFunc func(oidcClient *configv1alpha1.OIDCClient, secret *corev1.Secret, minBcryptCost int) (bool, []*configv1alpha1.Condition, []string) +type OIDCClientValidatorFunc func(oidcClient *configv1alpha1.OIDCClient, secret *corev1.Secret, minBcryptCost int) (bool, []*metav1.Condition, []string) // FullyCapableOIDCClientAndStorageSecret returns an OIDC client which is allowed to use all grant types and all scopes // that are supported by the Supervisor for dynamic clients, along with a corresponding client secret storage Secret. diff --git a/test/integration/supervisor_oidc_client_test.go b/test/integration/supervisor_oidc_client_test.go index 9a80697d..77f659b6 100644 --- a/test/integration/supervisor_oidc_client_test.go +++ b/test/integration/supervisor_oidc_client_test.go @@ -527,7 +527,7 @@ func TestOIDCClientControllerValidations_Parallel(t *testing.T) { client *supervisorconfigv1alpha1.OIDCClient secret *corev1.Secret wantPhase string - wantConditions []supervisorconfigv1alpha1.Condition + wantConditions []metav1.Condition }{ { name: "invalid AllowedGrantTypes and AllowedScopes (missing minimum required values), with no Secret", @@ -542,7 +542,7 @@ func TestOIDCClientControllerValidations_Parallel(t *testing.T) { }, }, wantPhase: "Error", - wantConditions: []supervisorconfigv1alpha1.Condition{ + wantConditions: []metav1.Condition{ { Type: "AllowedGrantTypesValid", Status: "False", @@ -577,7 +577,7 @@ func TestOIDCClientControllerValidations_Parallel(t *testing.T) { }, secret: testutil.OIDCClientSecretStorageSecretWithoutName(t, env.SupervisorNamespace, []string{}), wantPhase: "Error", - wantConditions: []supervisorconfigv1alpha1.Condition{ + wantConditions: []metav1.Condition{ { Type: "AllowedGrantTypesValid", Status: "True", @@ -612,7 +612,7 @@ func TestOIDCClientControllerValidations_Parallel(t *testing.T) { }, secret: testutil.OIDCClientSecretStorageSecretWithoutName(t, env.SupervisorNamespace, []string{testutil.HashedPassword1AtSupervisorMinCost}), wantPhase: "Ready", - wantConditions: []supervisorconfigv1alpha1.Condition{ + wantConditions: []metav1.Condition{ { Type: "AllowedGrantTypesValid", Status: "True", diff --git a/test/integration/supervisor_upstream_test.go b/test/integration/supervisor_upstream_test.go index 7d3164a5..fdd21269 100644 --- a/test/integration/supervisor_upstream_test.go +++ b/test/integration/supervisor_upstream_test.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2023 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package integration @@ -26,16 +26,16 @@ func TestSupervisorUpstreamOIDCDiscovery(t *testing.T) { }, } upstream := testlib.CreateTestOIDCIdentityProvider(t, spec, v1alpha1.PhaseError) - expectUpstreamConditions(t, upstream, []v1alpha1.Condition{ + expectUpstreamConditions(t, upstream, []metav1.Condition{ { Type: "ClientCredentialsValid", - Status: v1alpha1.ConditionFalse, + Status: metav1.ConditionFalse, Reason: "SecretNotFound", Message: `secret "does-not-exist" not found`, }, { Type: "OIDCDiscoverySucceeded", - Status: v1alpha1.ConditionFalse, + Status: metav1.ConditionFalse, Reason: "Unreachable", Message: `failed to perform OIDC discovery against "https://127.0.0.1:444444/invalid-url-that-is-really-really-long-nanananananananannanananan-batman-nanananananananananananananana-batman-lalalalalalalalalal-batman-weeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee": Get "https://127.0.0.1:444444/invalid-url-that-is-really-really-long-nanananananananannanananan-batman-nanananananananananananananana-batman-lalalalalalalalalal-batman-weeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee/.well-known/openid-configuration": dial tcp: address 444444: in [truncated 10 chars]`, @@ -64,16 +64,16 @@ Get "https://127.0.0.1:444444/invalid-url-that-is-really-really-long-nananananan }, } upstream := testlib.CreateTestOIDCIdentityProvider(t, spec, v1alpha1.PhaseError) - expectUpstreamConditions(t, upstream, []v1alpha1.Condition{ + expectUpstreamConditions(t, upstream, []metav1.Condition{ { Type: "ClientCredentialsValid", - Status: v1alpha1.ConditionTrue, + Status: metav1.ConditionTrue, Reason: "Success", Message: "loaded client credentials", }, { Type: "OIDCDiscoverySucceeded", - Status: v1alpha1.ConditionFalse, + Status: metav1.ConditionFalse, Reason: "Unreachable", Message: `failed to perform OIDC discovery against "` + env.SupervisorUpstreamOIDC.Issuer + `/": oidc: issuer did not match the issuer returned by provider, expected "` + env.SupervisorUpstreamOIDC.Issuer + `/" got "` + env.SupervisorUpstreamOIDC.Issuer + `"`, @@ -102,16 +102,16 @@ oidc: issuer did not match the issuer returned by provider, expected "` + env.Su }, } upstream := testlib.CreateTestOIDCIdentityProvider(t, spec, v1alpha1.PhaseReady) - expectUpstreamConditions(t, upstream, []v1alpha1.Condition{ + expectUpstreamConditions(t, upstream, []metav1.Condition{ { Type: "ClientCredentialsValid", - Status: v1alpha1.ConditionTrue, + Status: metav1.ConditionTrue, Reason: "Success", Message: "loaded client credentials", }, { Type: "OIDCDiscoverySucceeded", - Status: v1alpha1.ConditionTrue, + Status: metav1.ConditionTrue, Reason: "Success", Message: "discovered issuer configuration", }, @@ -125,9 +125,9 @@ oidc: issuer did not match the issuer returned by provider, expected "` + env.Su }) } -func expectUpstreamConditions(t *testing.T, upstream *v1alpha1.OIDCIdentityProvider, expected []v1alpha1.Condition) { +func expectUpstreamConditions(t *testing.T, upstream *v1alpha1.OIDCIdentityProvider, expected []metav1.Condition) { t.Helper() - normalized := make([]v1alpha1.Condition, 0, len(upstream.Status.Conditions)) + normalized := make([]metav1.Condition, 0, len(upstream.Status.Conditions)) for _, c := range upstream.Status.Conditions { c.ObservedGeneration = 0 c.LastTransitionTime = metav1.Time{}