From ed2a4ae9369df093121c461e276169cff26ccafd Mon Sep 17 00:00:00 2001 From: kubevirt-bot <25687724+kubevirt-bot@users.noreply.github.com> Date: Fri, 1 Aug 2025 05:14:00 +0000 Subject: [PATCH] Bump KUBEVIRT to v1.2.0-rc.1 Signed-off-by: HCO Bump Bot --- .../hco.kubevirt.io_hyperconvergeds.yaml | 54 +- deploy/cluster_role.yaml | 94 +- deploy/crds/hco00.crd.yaml | 54 +- deploy/crds/kubevirt00.crd.yaml | 817 ++++++++++++++++-- deploy/images.csv | 18 +- deploy/images.env | 36 +- .../1.9.0/manifests/hco00.crd.yaml | 54 +- ...operator.v1.9.0.clusterserviceversion.yaml | 140 ++- .../1.9.0/manifests/kubevirt00.crd.yaml | 817 ++++++++++++++++-- .../1.9.0/manifests/hco00.crd.yaml | 54 +- ...operator.v1.9.0.clusterserviceversion.yaml | 142 ++- .../1.9.0/manifests/kubevirt00.crd.yaml | 817 ++++++++++++++++-- deploy/operator.yaml | 26 +- go.mod | 15 +- go.sum | 22 +- hack/config | 2 +- vendor/github.com/go-logr/logr/.golangci.yaml | 3 - vendor/github.com/go-logr/logr/discard.go | 32 +- vendor/github.com/go-logr/logr/funcr/funcr.go | 27 +- vendor/github.com/go-logr/logr/logr.go | 166 ++-- vendor/github.com/pborman/uuid/.travis.yml | 10 - .../github.com/pborman/uuid/CONTRIBUTING.md | 10 - vendor/github.com/pborman/uuid/CONTRIBUTORS | 1 - vendor/github.com/pborman/uuid/LICENSE | 27 - vendor/github.com/pborman/uuid/README.md | 15 - vendor/github.com/pborman/uuid/dce.go | 84 -- vendor/github.com/pborman/uuid/doc.go | 13 - vendor/github.com/pborman/uuid/hash.go | 53 -- vendor/github.com/pborman/uuid/marshal.go | 85 -- vendor/github.com/pborman/uuid/node.go | 50 -- vendor/github.com/pborman/uuid/sql.go | 68 -- vendor/github.com/pborman/uuid/time.go | 57 -- vendor/github.com/pborman/uuid/util.go | 32 - vendor/github.com/pborman/uuid/uuid.go | 162 ---- vendor/github.com/pborman/uuid/version1.go | 23 - vendor/github.com/pborman/uuid/version4.go | 26 - vendor/k8s.io/klog/v2/contextual.go | 30 +- .../k8s.io/klog/v2/internal/buffer/buffer.go | 41 +- .../klog/v2/internal/serialize/keyvalues.go | 46 +- vendor/k8s.io/klog/v2/klog.go | 97 ++- vendor/k8s.io/utils/trace/trace.go | 19 + .../api/core/v1/deepcopy_generated.go | 811 ++++++++++++++++- vendor/kubevirt.io/api/core/v1/defaults.go | 4 +- vendor/kubevirt.io/api/core/v1/doc.go | 5 +- vendor/kubevirt.io/api/core/v1/register.go | 15 +- vendor/kubevirt.io/api/core/v1/schema.go | 133 ++- .../api/core/v1/schema_swagger_generated.go | 80 +- vendor/kubevirt.io/api/core/v1/types.go | 484 ++++++++++- .../api/core/v1/types_swagger_generated.go | 213 ++++- .../api/core/v1/zz_generated.defaults.go | 2 +- .../pkg/apis/core/v1beta1/authorize.go | 162 ++++ .../pkg/apis/core/v1beta1/authorize_utils.go | 351 ++++++++ .../pkg/apis/core/v1beta1/register.go | 8 +- .../pkg/apis/core/v1beta1/types.go | 153 +++- .../core/v1beta1/types_swagger_generated.go | 99 ++- .../pkg/apis/core/v1beta1/utils.go | 18 + .../core/v1beta1/zz_generated.deepcopy.go | 372 +++++++- vendor/modules.txt | 19 +- 58 files changed, 5888 insertions(+), 1380 deletions(-) delete mode 100644 vendor/github.com/pborman/uuid/.travis.yml delete mode 100644 vendor/github.com/pborman/uuid/CONTRIBUTING.md delete mode 100644 vendor/github.com/pborman/uuid/CONTRIBUTORS delete mode 100644 vendor/github.com/pborman/uuid/LICENSE delete mode 100644 vendor/github.com/pborman/uuid/README.md delete mode 100644 vendor/github.com/pborman/uuid/dce.go delete mode 100644 vendor/github.com/pborman/uuid/doc.go delete mode 100644 vendor/github.com/pborman/uuid/hash.go delete mode 100644 vendor/github.com/pborman/uuid/marshal.go delete mode 100644 vendor/github.com/pborman/uuid/node.go delete mode 100644 vendor/github.com/pborman/uuid/sql.go delete mode 100644 vendor/github.com/pborman/uuid/time.go delete mode 100644 vendor/github.com/pborman/uuid/util.go delete mode 100644 vendor/github.com/pborman/uuid/uuid.go delete mode 100644 vendor/github.com/pborman/uuid/version1.go delete mode 100644 vendor/github.com/pborman/uuid/version4.go create mode 100644 vendor/kubevirt.io/containerized-data-importer-api/pkg/apis/core/v1beta1/authorize.go create mode 100644 vendor/kubevirt.io/containerized-data-importer-api/pkg/apis/core/v1beta1/authorize_utils.go diff --git a/config/crd/bases/hco.kubevirt.io_hyperconvergeds.yaml b/config/crd/bases/hco.kubevirt.io_hyperconvergeds.yaml index 39d5716729..23e27297ec 100644 --- a/config/crd/bases/hco.kubevirt.io_hyperconvergeds.yaml +++ b/config/crd/bases/hco.kubevirt.io_hyperconvergeds.yaml @@ -508,6 +508,21 @@ spec: parameters to create a new raw blank image for the PVC type: object + gcs: + description: DataVolumeSourceGCS provides the + parameters to create a Data Volume from an + GCS source + properties: + secretRef: + description: SecretRef provides the secret + reference needed to access the GCS source + type: string + url: + description: URL is the url of the GCS source + type: string + required: + - url + type: object http: description: DataVolumeSourceHTTP can be either an http or https endpoint, with an optional @@ -803,11 +818,21 @@ spec: description: Name is the name of resource being referenced type: string + namespace: + description: Namespace is the namespace + of resource being referenced Note that + when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant + object is required in the referent namespace + to allow that namespace's owner to accept + the reference. See the ReferenceGrant + documentation for details. (Alpha) This + field requires the CrossNamespaceVolumeDataSource + feature gate to be enabled. + type: string required: - kind - name type: object - x-kubernetes-map-type: atomic resources: description: 'Resources represents the minimum resources the volume should have. More info: @@ -3935,6 +3960,21 @@ spec: parameters to create a new raw blank image for the PVC type: object + gcs: + description: DataVolumeSourceGCS provides the + parameters to create a Data Volume from an + GCS source + properties: + secretRef: + description: SecretRef provides the secret + reference needed to access the GCS source + type: string + url: + description: URL is the url of the GCS source + type: string + required: + - url + type: object http: description: DataVolumeSourceHTTP can be either an http or https endpoint, with an optional @@ -4230,11 +4270,21 @@ spec: description: Name is the name of resource being referenced type: string + namespace: + description: Namespace is the namespace + of resource being referenced Note that + when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant + object is required in the referent namespace + to allow that namespace's owner to accept + the reference. See the ReferenceGrant + documentation for details. (Alpha) This + field requires the CrossNamespaceVolumeDataSource + feature gate to be enabled. + type: string required: - kind - name type: object - x-kubernetes-map-type: atomic resources: description: 'Resources represents the minimum resources the volume should have. More info: diff --git a/deploy/cluster_role.yaml b/deploy/cluster_role.yaml index 53e900dcaf..58bb016cff 100644 --- a/deploy/cluster_role.yaml +++ b/deploy/cluster_role.yaml @@ -42,6 +42,15 @@ metadata: rules: - apiGroups: - "" + resourceNames: + - kubevirt-ca + - kubevirt-export-ca + - kubevirt-virt-handler-certs + - kubevirt-virt-handler-server-certs + - kubevirt-operator-certs + - kubevirt-virt-api-certs + - kubevirt-controller-certs + - kubevirt-exportproxy-certs resources: - secrets verbs: @@ -79,6 +88,18 @@ rules: - routes/custom-host verbs: - create +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - delete + - update + - create + - patch --- apiVersion: rbac.authorization.k8s.io/v1 kind: Role @@ -951,22 +972,6 @@ rules: - list - watch - patch -- apiGroups: - - flavor.kubevirt.io - resources: - - virtualmachineflavors - - virtualmachineclusterflavors - - virtualmachinepreferences - - virtualmachineclusterpreferences - verbs: - - get - - delete - - create - - update - - patch - - list - - watch - - deletecollection - apiGroups: - "" resources: @@ -1066,6 +1071,14 @@ rules: - get - list - watch +- apiGroups: + - "" + resources: + - namespaces + verbs: + - get + - list + - watch - apiGroups: - instancetype.kubevirt.io resources: @@ -1248,6 +1261,8 @@ rules: - virtualmachineinstances/freeze - virtualmachineinstances/unfreeze - virtualmachineinstances/softreboot + - virtualmachineinstances/sev/setupsession + - virtualmachineinstances/sev/injectlaunchsecret verbs: - update - apiGroups: @@ -1262,8 +1277,6 @@ rules: - network-attachment-definitions verbs: - get - - list - - watch - apiGroups: - apiextensions.k8s.io resources: @@ -1374,6 +1387,18 @@ rules: - list - get - watch +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - delete + - update + - create + - patch - apiGroups: - kubevirt.io resources: @@ -1463,6 +1488,13 @@ rules: - get - list - watch +- apiGroups: + - kubevirt.io + resources: + - kubevirts + verbs: + - get + - list - apiGroups: - subresources.kubevirt.io resources: @@ -1481,6 +1513,8 @@ rules: - virtualmachineinstances/guestosinfo - virtualmachineinstances/filesystemlist - virtualmachineinstances/userlist + - virtualmachineinstances/sev/fetchcertchain + - virtualmachineinstances/sev/querylaunchmeasurement verbs: - get - apiGroups: @@ -1493,6 +1527,8 @@ rules: - virtualmachineinstances/freeze - virtualmachineinstances/unfreeze - virtualmachineinstances/softreboot + - virtualmachineinstances/sev/setupsession + - virtualmachineinstances/sev/injectlaunchsecret verbs: - update - apiGroups: @@ -1625,6 +1661,8 @@ rules: - virtualmachineinstances/guestosinfo - virtualmachineinstances/filesystemlist - virtualmachineinstances/userlist + - virtualmachineinstances/sev/fetchcertchain + - virtualmachineinstances/sev/querylaunchmeasurement verbs: - get - apiGroups: @@ -1637,6 +1675,8 @@ rules: - virtualmachineinstances/freeze - virtualmachineinstances/unfreeze - virtualmachineinstances/softreboot + - virtualmachineinstances/sev/setupsession + - virtualmachineinstances/sev/injectlaunchsecret verbs: - update - apiGroups: @@ -1760,6 +1800,13 @@ rules: - get - list - watch +- apiGroups: + - kubevirt.io + resources: + - kubevirts + verbs: + - get + - list - apiGroups: - subresources.kubevirt.io resources: @@ -1767,6 +1814,8 @@ rules: - virtualmachineinstances/guestosinfo - virtualmachineinstances/filesystemlist - virtualmachineinstances/userlist + - virtualmachineinstances/sev/fetchcertchain + - virtualmachineinstances/sev/querylaunchmeasurement verbs: - get - apiGroups: @@ -1840,6 +1889,15 @@ rules: - get - list - watch +- apiGroups: + - instancetype.kubevirt.io + resources: + - virtualmachineclusterinstancetypes + - virtualmachineclusterpreferences + verbs: + - get + - list + - watch - apiGroups: - authentication.k8s.io resources: diff --git a/deploy/crds/hco00.crd.yaml b/deploy/crds/hco00.crd.yaml index 39d5716729..23e27297ec 100644 --- a/deploy/crds/hco00.crd.yaml +++ b/deploy/crds/hco00.crd.yaml @@ -508,6 +508,21 @@ spec: parameters to create a new raw blank image for the PVC type: object + gcs: + description: DataVolumeSourceGCS provides the + parameters to create a Data Volume from an + GCS source + properties: + secretRef: + description: SecretRef provides the secret + reference needed to access the GCS source + type: string + url: + description: URL is the url of the GCS source + type: string + required: + - url + type: object http: description: DataVolumeSourceHTTP can be either an http or https endpoint, with an optional @@ -803,11 +818,21 @@ spec: description: Name is the name of resource being referenced type: string + namespace: + description: Namespace is the namespace + of resource being referenced Note that + when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant + object is required in the referent namespace + to allow that namespace's owner to accept + the reference. See the ReferenceGrant + documentation for details. (Alpha) This + field requires the CrossNamespaceVolumeDataSource + feature gate to be enabled. + type: string required: - kind - name type: object - x-kubernetes-map-type: atomic resources: description: 'Resources represents the minimum resources the volume should have. More info: @@ -3935,6 +3960,21 @@ spec: parameters to create a new raw blank image for the PVC type: object + gcs: + description: DataVolumeSourceGCS provides the + parameters to create a Data Volume from an + GCS source + properties: + secretRef: + description: SecretRef provides the secret + reference needed to access the GCS source + type: string + url: + description: URL is the url of the GCS source + type: string + required: + - url + type: object http: description: DataVolumeSourceHTTP can be either an http or https endpoint, with an optional @@ -4230,11 +4270,21 @@ spec: description: Name is the name of resource being referenced type: string + namespace: + description: Namespace is the namespace + of resource being referenced Note that + when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant + object is required in the referent namespace + to allow that namespace's owner to accept + the reference. See the ReferenceGrant + documentation for details. (Alpha) This + field requires the CrossNamespaceVolumeDataSource + feature gate to be enabled. + type: string required: - kind - name type: object - x-kubernetes-map-type: atomic resources: description: 'Resources represents the minimum resources the volume should have. More info: diff --git a/deploy/crds/kubevirt00.crd.yaml b/deploy/crds/kubevirt00.crd.yaml index bc25479052..6c8c51a197 100644 --- a/deploy/crds/kubevirt00.crd.yaml +++ b/deploy/crds/kubevirt00.crd.yaml @@ -131,6 +131,95 @@ spec: type: object type: object type: object + architectureConfiguration: + properties: + amd64: + properties: + emulatedMachines: + items: + type: string + type: array + x-kubernetes-list-type: atomic + machineType: + type: string + ovmfPath: + type: string + type: object + arm64: + properties: + emulatedMachines: + items: + type: string + type: array + x-kubernetes-list-type: atomic + machineType: + type: string + ovmfPath: + type: string + type: object + defaultArchitecture: + type: string + ppc64le: + properties: + emulatedMachines: + items: + type: string + type: array + x-kubernetes-list-type: atomic + machineType: + type: string + ovmfPath: + type: string + type: object + type: object + autoCPULimitNamespaceLabelSelector: + description: When set, AutoCPULimitNamespaceLabelSelector will + set a CPU limit on virt-launcher for VMIs running inside namespaces + that match the label selector. The CPU limit will equal the + number of requested vCPUs. This setting does not apply to VMIs + with dedicated CPUs. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If + the operator is In or NotIn, the values array must + be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A + single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is "key", + the operator is "In", and the values array contains only + "value". The requirements are ANDed. + type: object + type: object controllerConfiguration: description: ReloadableComponentConfiguration holds all generic k8s configuration options which can be reloaded by components @@ -309,7 +398,87 @@ spec: description: PullPolicy describes a policy for if/when to pull a container image type: string + ksmConfiguration: + description: KSMConfiguration holds the information regarding + the enabling the KSM in the nodes (if available). + properties: + nodeLabelSelector: + description: NodeLabelSelector is a selector that filters + in which nodes the KSM will be enabled. Empty NodeLabelSelector + will enable ksm for every node. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists or + DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is + "key", the operator is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + type: object + liveUpdateConfiguration: + description: LiveUpdateConfiguration holds defaults for live update + features + properties: + maxCpuSockets: + description: MaxCpuSockets holds the maximum amount of sockets + that can be hotplugged + format: int32 + type: integer + maxGuest: + anyOf: + - type: integer + - type: string + description: MaxGuest defines the maximum amount memory that + can be allocated to the guest using hotplug. + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + maxHotplugRatio: + description: 'MaxHotplugRatio is the ratio used to define + the max amount of a hotplug resource that can be made available + to a VM when the specific Max* setting is not defined (MaxCpuSockets, + MaxGuest) Example: VM is configured with 512Mi of guest + memory, if MaxGuest is not defined and MaxHotplugRatio is + 2 then MaxGuest = 1Gi defaults to 4' + format: int32 + type: integer + type: object machineType: + description: Deprecated. Use architectureConfiguration instead. type: string mediatedDevicesConfiguration: description: MediatedDevicesConfiguration holds information about @@ -329,7 +498,7 @@ spec: nodeMediatedDeviceTypes: items: description: NodeMediatedDeviceTypesConfig holds information - about MDEV types to be defined in a specifc node that + about MDEV types to be defined in a specific node that matches the NodeSelector field. properties: mediatedDeviceTypes: @@ -384,8 +553,8 @@ spec: - type: integer - type: string description: BandwidthPerMigration limits the amount of network - bandwith live migrations are allowed to use. The value is - in quantity per second. Defaults to 0 (no limit) + bandwidth live migrations are allowed to use. The value + is in quantity per second. Defaults to 0 (no limit) pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true completionTimeoutPerGiB: @@ -401,6 +570,16 @@ spec: additional layer of live migration encryption provided by KubeVirt. This is usually a bad idea. Defaults to false type: boolean + matchSELinuxLevelOnMigration: + description: By default, the SELinux level of target virt-launcher + pods is forced to the level of the source virt-launcher. + When set to true, MatchSELinuxLevelOnMigration lets the + CRI auto-assign a random level to the target. That will + ensure the target virt-launcher doesn't share categories + with another pod on the node. However, migrations will fail + when using RWX volumes that don't automatically deal with + SELinux levels. + type: boolean network: description: Network is the name of the CNI network to use for live migrations. By default, migrations go through the @@ -442,6 +621,39 @@ spec: network: description: NetworkConfiguration holds network options properties: + binding: + additionalProperties: + properties: + domainAttachmentType: + description: 'DomainAttachmentType is a standard domain + network attachment method kubevirt supports. Supported + values: "tap". The standard domain attachment can + be used instead or in addition to the sidecarImage. + version: 1alphav1' + type: string + migration: + description: 'Migration means the VM using the plugin + can be safely migrated version: 1alphav1' + properties: + method: + description: 'Method defines a pre-defined migration + methodology version: 1alphav1' + type: string + type: object + networkAttachmentDefinition: + description: 'NetworkAttachmentDefinition references + to a NetworkAttachmentDefinition CR object. Format: + , /. If namespace is not specified, + VMI namespace is assumed. version: 1alphav1' + type: string + sidecarImage: + description: 'SidecarImage references a container image + that runs in the virt-launcher pod. The sidecar handles + (libvirt) domain configuration and optional services. + version: 1alphav1' + type: string + type: object + type: object defaultNetworkInterface: type: string permitBridgeInterfaceOnPodNetwork: @@ -492,10 +704,7 @@ spec: resourceName: description: The name of the resource that is representing the device. Exposed by a device plugin and requested - by VMs. Typically of the form vendor.com/product_nameThe - name of the resource that is representing the device. - Exposed by a device plugin and requested by VMs. Typically - of the form vendor.com/product_name + by VMs. Typically of the form vendor.com/product_name type: string required: - pciVendorSelector @@ -503,6 +712,36 @@ spec: type: object type: array x-kubernetes-list-type: atomic + usb: + items: + properties: + externalResourceProvider: + description: If true, KubeVirt will leave the allocation + and monitoring to an external device plugin + type: boolean + resourceName: + description: 'Identifies the list of USB host devices. + e.g: kubevirt.io/storage, kubevirt.io/bootable-usb, + etc' + type: string + selectors: + items: + properties: + product: + type: string + vendor: + type: string + required: + - product + - vendor + type: object + type: array + x-kubernetes-list-type: atomic + required: + - resourceName + type: object + type: array + x-kubernetes-list-type: atomic type: object seccompConfiguration: description: SeccompConfiguration holds Seccomp configuration @@ -538,6 +777,78 @@ spec: version: type: string type: object + supportContainerResources: + description: SupportContainerResources specifies the resource + requirements for various types of supporting containers such + as container disks/virtiofs/sidecars and hotplug attachment + pods. If omitted a sensible default will be supplied. + items: + description: SupportContainerResources are used to specify the + cpu/memory request and limits for the containers that support + various features of Virtual Machines. These containers are + usually idle and don't require a lot of memory or cpu. + properties: + resources: + description: ResourceRequirements describes the compute + resource requirements. + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. \n This field + is immutable. It can only be set for containers." + items: + description: ResourceClaim references one entry in + PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry + in pod.spec.resourceClaims of the Pod where + this field is used. It makes that resource available + inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of + compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + type: + type: string + required: + - resources + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map supportedGuestAgentVersions: description: deprecated items: @@ -567,6 +878,40 @@ spec: type: object virtualMachineInstancesPerNode: type: integer + virtualMachineOptions: + description: VirtualMachineOptions holds the cluster level information + regarding the virtual machine. + properties: + disableFreePageReporting: + description: DisableFreePageReporting disable the free page + reporting of memory balloon device https://libvirt.org/formatdomain.html#memory-balloon-device. + This will have effect only if AutoattachMemBalloon is not + false and the vmi is not requesting any high performance + feature (dedicatedCPU/realtime/hugePages), in which free + page reporting is always disabled. + type: object + disableSerialConsoleLog: + description: DisableSerialConsoleLog disables logging the + auto-attached default serial console. If not set, serial + console logs will be written to a file and then streamed + from a container named 'guest-console-log'. The value can + be individually overridden for each VM, not relevant if + AutoattachSerialConsole is disabled. + type: object + type: object + vmRolloutStrategy: + description: VMRolloutStrategy defines how changes to a VM object + propagate to its VMI + enum: + - Stage + - LiveUpdate + nullable: true + type: string + vmStateStorageClass: + description: VMStateStorageClass is the name of the storage class + to use for the PVCs created to preserve VM state, like TPM. + The storage class must support RWX in filesystem mode. + type: string webhookConfiguration: description: ReloadableComponentConfiguration holds all generic k8s configuration options which can be reloaded by components @@ -988,9 +1333,6 @@ spec: null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. - This field is beta-level and is only honored - when PodAffinityNamespaceSelector feature - is enabled. properties: matchExpressions: description: matchExpressions is a list @@ -1050,7 +1392,7 @@ spec: union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null - namespaceSelector means "this pod's namespace" + namespaceSelector means "this pod's namespace". items: type: string type: array @@ -1159,9 +1501,7 @@ spec: this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty - selector ({}) matches all namespaces. This - field is beta-level and is only honored when - PodAffinityNamespaceSelector feature is enabled. + selector ({}) matches all namespaces. properties: matchExpressions: description: matchExpressions is a list @@ -1218,7 +1558,7 @@ spec: listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this - pod's namespace" + pod's namespace". items: type: string type: array @@ -1329,9 +1669,6 @@ spec: null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. - This field is beta-level and is only honored - when PodAffinityNamespaceSelector feature - is enabled. properties: matchExpressions: description: matchExpressions is a list @@ -1391,7 +1728,7 @@ spec: union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null - namespaceSelector means "this pod's namespace" + namespaceSelector means "this pod's namespace". items: type: string type: array @@ -1500,9 +1837,7 @@ spec: this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty - selector ({}) matches all namespaces. This - field is beta-level and is only honored when - PodAffinityNamespaceSelector feature is enabled. + selector ({}) matches all namespaces. properties: matchExpressions: description: matchExpressions is a list @@ -1559,7 +1894,7 @@ spec: listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this - pod's namespace" + pod's namespace". items: type: string type: array @@ -2024,9 +2359,6 @@ spec: null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. - This field is beta-level and is only honored - when PodAffinityNamespaceSelector feature - is enabled. properties: matchExpressions: description: matchExpressions is a list @@ -2086,7 +2418,7 @@ spec: union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null - namespaceSelector means "this pod's namespace" + namespaceSelector means "this pod's namespace". items: type: string type: array @@ -2195,9 +2527,7 @@ spec: this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty - selector ({}) matches all namespaces. This - field is beta-level and is only honored when - PodAffinityNamespaceSelector feature is enabled. + selector ({}) matches all namespaces. properties: matchExpressions: description: matchExpressions is a list @@ -2254,7 +2584,7 @@ spec: listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this - pod's namespace" + pod's namespace". items: type: string type: array @@ -2365,9 +2695,6 @@ spec: null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. - This field is beta-level and is only honored - when PodAffinityNamespaceSelector feature - is enabled. properties: matchExpressions: description: matchExpressions is a list @@ -2427,7 +2754,7 @@ spec: union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null - namespaceSelector means "this pod's namespace" + namespaceSelector means "this pod's namespace". items: type: string type: array @@ -2536,9 +2863,7 @@ spec: this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty - selector ({}) matches all namespaces. This - field is beta-level and is only honored when - PodAffinityNamespaceSelector feature is enabled. + selector ({}) matches all namespaces. properties: matchExpressions: description: matchExpressions is a list @@ -2595,7 +2920,7 @@ spec: listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this - pod's namespace" + pod's namespace". items: type: string type: array @@ -2709,6 +3034,8 @@ spec: - type type: object type: array + defaultArchitecture: + type: string generations: items: description: GenerationStatus keeps track of the generation for @@ -2777,7 +3104,7 @@ spec: - spec type: object served: true - storage: false + storage: true subresources: status: {} - additionalPrinterColumns: @@ -2787,6 +3114,9 @@ spec: - jsonPath: .status.phase name: Phase type: string + deprecated: true + deprecationWarning: kubevirt.io/v1alpha3 is now deprecated and will be removed + in a future release. name: v1alpha3 schema: openAPIV3Schema: @@ -2893,6 +3223,95 @@ spec: type: object type: object type: object + architectureConfiguration: + properties: + amd64: + properties: + emulatedMachines: + items: + type: string + type: array + x-kubernetes-list-type: atomic + machineType: + type: string + ovmfPath: + type: string + type: object + arm64: + properties: + emulatedMachines: + items: + type: string + type: array + x-kubernetes-list-type: atomic + machineType: + type: string + ovmfPath: + type: string + type: object + defaultArchitecture: + type: string + ppc64le: + properties: + emulatedMachines: + items: + type: string + type: array + x-kubernetes-list-type: atomic + machineType: + type: string + ovmfPath: + type: string + type: object + type: object + autoCPULimitNamespaceLabelSelector: + description: When set, AutoCPULimitNamespaceLabelSelector will + set a CPU limit on virt-launcher for VMIs running inside namespaces + that match the label selector. The CPU limit will equal the + number of requested vCPUs. This setting does not apply to VMIs + with dedicated CPUs. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If + the operator is In or NotIn, the values array must + be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A + single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is "key", + the operator is "In", and the values array contains only + "value". The requirements are ANDed. + type: object + type: object controllerConfiguration: description: ReloadableComponentConfiguration holds all generic k8s configuration options which can be reloaded by components @@ -3071,7 +3490,87 @@ spec: description: PullPolicy describes a policy for if/when to pull a container image type: string + ksmConfiguration: + description: KSMConfiguration holds the information regarding + the enabling the KSM in the nodes (if available). + properties: + nodeLabelSelector: + description: NodeLabelSelector is a selector that filters + in which nodes the KSM will be enabled. Empty NodeLabelSelector + will enable ksm for every node. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists or + DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is + "key", the operator is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + type: object + liveUpdateConfiguration: + description: LiveUpdateConfiguration holds defaults for live update + features + properties: + maxCpuSockets: + description: MaxCpuSockets holds the maximum amount of sockets + that can be hotplugged + format: int32 + type: integer + maxGuest: + anyOf: + - type: integer + - type: string + description: MaxGuest defines the maximum amount memory that + can be allocated to the guest using hotplug. + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + maxHotplugRatio: + description: 'MaxHotplugRatio is the ratio used to define + the max amount of a hotplug resource that can be made available + to a VM when the specific Max* setting is not defined (MaxCpuSockets, + MaxGuest) Example: VM is configured with 512Mi of guest + memory, if MaxGuest is not defined and MaxHotplugRatio is + 2 then MaxGuest = 1Gi defaults to 4' + format: int32 + type: integer + type: object machineType: + description: Deprecated. Use architectureConfiguration instead. type: string mediatedDevicesConfiguration: description: MediatedDevicesConfiguration holds information about @@ -3091,7 +3590,7 @@ spec: nodeMediatedDeviceTypes: items: description: NodeMediatedDeviceTypesConfig holds information - about MDEV types to be defined in a specifc node that + about MDEV types to be defined in a specific node that matches the NodeSelector field. properties: mediatedDeviceTypes: @@ -3146,8 +3645,8 @@ spec: - type: integer - type: string description: BandwidthPerMigration limits the amount of network - bandwith live migrations are allowed to use. The value is - in quantity per second. Defaults to 0 (no limit) + bandwidth live migrations are allowed to use. The value + is in quantity per second. Defaults to 0 (no limit) pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true completionTimeoutPerGiB: @@ -3163,6 +3662,16 @@ spec: additional layer of live migration encryption provided by KubeVirt. This is usually a bad idea. Defaults to false type: boolean + matchSELinuxLevelOnMigration: + description: By default, the SELinux level of target virt-launcher + pods is forced to the level of the source virt-launcher. + When set to true, MatchSELinuxLevelOnMigration lets the + CRI auto-assign a random level to the target. That will + ensure the target virt-launcher doesn't share categories + with another pod on the node. However, migrations will fail + when using RWX volumes that don't automatically deal with + SELinux levels. + type: boolean network: description: Network is the name of the CNI network to use for live migrations. By default, migrations go through the @@ -3204,6 +3713,39 @@ spec: network: description: NetworkConfiguration holds network options properties: + binding: + additionalProperties: + properties: + domainAttachmentType: + description: 'DomainAttachmentType is a standard domain + network attachment method kubevirt supports. Supported + values: "tap". The standard domain attachment can + be used instead or in addition to the sidecarImage. + version: 1alphav1' + type: string + migration: + description: 'Migration means the VM using the plugin + can be safely migrated version: 1alphav1' + properties: + method: + description: 'Method defines a pre-defined migration + methodology version: 1alphav1' + type: string + type: object + networkAttachmentDefinition: + description: 'NetworkAttachmentDefinition references + to a NetworkAttachmentDefinition CR object. Format: + , /. If namespace is not specified, + VMI namespace is assumed. version: 1alphav1' + type: string + sidecarImage: + description: 'SidecarImage references a container image + that runs in the virt-launcher pod. The sidecar handles + (libvirt) domain configuration and optional services. + version: 1alphav1' + type: string + type: object + type: object defaultNetworkInterface: type: string permitBridgeInterfaceOnPodNetwork: @@ -3254,10 +3796,7 @@ spec: resourceName: description: The name of the resource that is representing the device. Exposed by a device plugin and requested - by VMs. Typically of the form vendor.com/product_nameThe - name of the resource that is representing the device. - Exposed by a device plugin and requested by VMs. Typically - of the form vendor.com/product_name + by VMs. Typically of the form vendor.com/product_name type: string required: - pciVendorSelector @@ -3265,6 +3804,36 @@ spec: type: object type: array x-kubernetes-list-type: atomic + usb: + items: + properties: + externalResourceProvider: + description: If true, KubeVirt will leave the allocation + and monitoring to an external device plugin + type: boolean + resourceName: + description: 'Identifies the list of USB host devices. + e.g: kubevirt.io/storage, kubevirt.io/bootable-usb, + etc' + type: string + selectors: + items: + properties: + product: + type: string + vendor: + type: string + required: + - product + - vendor + type: object + type: array + x-kubernetes-list-type: atomic + required: + - resourceName + type: object + type: array + x-kubernetes-list-type: atomic type: object seccompConfiguration: description: SeccompConfiguration holds Seccomp configuration @@ -3300,6 +3869,78 @@ spec: version: type: string type: object + supportContainerResources: + description: SupportContainerResources specifies the resource + requirements for various types of supporting containers such + as container disks/virtiofs/sidecars and hotplug attachment + pods. If omitted a sensible default will be supplied. + items: + description: SupportContainerResources are used to specify the + cpu/memory request and limits for the containers that support + various features of Virtual Machines. These containers are + usually idle and don't require a lot of memory or cpu. + properties: + resources: + description: ResourceRequirements describes the compute + resource requirements. + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. \n This field + is immutable. It can only be set for containers." + items: + description: ResourceClaim references one entry in + PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry + in pod.spec.resourceClaims of the Pod where + this field is used. It makes that resource available + inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of + compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + type: + type: string + required: + - resources + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map supportedGuestAgentVersions: description: deprecated items: @@ -3329,6 +3970,40 @@ spec: type: object virtualMachineInstancesPerNode: type: integer + virtualMachineOptions: + description: VirtualMachineOptions holds the cluster level information + regarding the virtual machine. + properties: + disableFreePageReporting: + description: DisableFreePageReporting disable the free page + reporting of memory balloon device https://libvirt.org/formatdomain.html#memory-balloon-device. + This will have effect only if AutoattachMemBalloon is not + false and the vmi is not requesting any high performance + feature (dedicatedCPU/realtime/hugePages), in which free + page reporting is always disabled. + type: object + disableSerialConsoleLog: + description: DisableSerialConsoleLog disables logging the + auto-attached default serial console. If not set, serial + console logs will be written to a file and then streamed + from a container named 'guest-console-log'. The value can + be individually overridden for each VM, not relevant if + AutoattachSerialConsole is disabled. + type: object + type: object + vmRolloutStrategy: + description: VMRolloutStrategy defines how changes to a VM object + propagate to its VMI + enum: + - Stage + - LiveUpdate + nullable: true + type: string + vmStateStorageClass: + description: VMStateStorageClass is the name of the storage class + to use for the PVCs created to preserve VM state, like TPM. + The storage class must support RWX in filesystem mode. + type: string webhookConfiguration: description: ReloadableComponentConfiguration holds all generic k8s configuration options which can be reloaded by components @@ -3750,9 +4425,6 @@ spec: null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. - This field is beta-level and is only honored - when PodAffinityNamespaceSelector feature - is enabled. properties: matchExpressions: description: matchExpressions is a list @@ -3812,7 +4484,7 @@ spec: union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null - namespaceSelector means "this pod's namespace" + namespaceSelector means "this pod's namespace". items: type: string type: array @@ -3921,9 +4593,7 @@ spec: this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty - selector ({}) matches all namespaces. This - field is beta-level and is only honored when - PodAffinityNamespaceSelector feature is enabled. + selector ({}) matches all namespaces. properties: matchExpressions: description: matchExpressions is a list @@ -3980,7 +4650,7 @@ spec: listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this - pod's namespace" + pod's namespace". items: type: string type: array @@ -4091,9 +4761,6 @@ spec: null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. - This field is beta-level and is only honored - when PodAffinityNamespaceSelector feature - is enabled. properties: matchExpressions: description: matchExpressions is a list @@ -4153,7 +4820,7 @@ spec: union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null - namespaceSelector means "this pod's namespace" + namespaceSelector means "this pod's namespace". items: type: string type: array @@ -4262,9 +4929,7 @@ spec: this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty - selector ({}) matches all namespaces. This - field is beta-level and is only honored when - PodAffinityNamespaceSelector feature is enabled. + selector ({}) matches all namespaces. properties: matchExpressions: description: matchExpressions is a list @@ -4321,7 +4986,7 @@ spec: listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this - pod's namespace" + pod's namespace". items: type: string type: array @@ -4786,9 +5451,6 @@ spec: null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. - This field is beta-level and is only honored - when PodAffinityNamespaceSelector feature - is enabled. properties: matchExpressions: description: matchExpressions is a list @@ -4848,7 +5510,7 @@ spec: union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null - namespaceSelector means "this pod's namespace" + namespaceSelector means "this pod's namespace". items: type: string type: array @@ -4957,9 +5619,7 @@ spec: this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty - selector ({}) matches all namespaces. This - field is beta-level and is only honored when - PodAffinityNamespaceSelector feature is enabled. + selector ({}) matches all namespaces. properties: matchExpressions: description: matchExpressions is a list @@ -5016,7 +5676,7 @@ spec: listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this - pod's namespace" + pod's namespace". items: type: string type: array @@ -5127,9 +5787,6 @@ spec: null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. - This field is beta-level and is only honored - when PodAffinityNamespaceSelector feature - is enabled. properties: matchExpressions: description: matchExpressions is a list @@ -5189,7 +5846,7 @@ spec: union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null - namespaceSelector means "this pod's namespace" + namespaceSelector means "this pod's namespace". items: type: string type: array @@ -5298,9 +5955,7 @@ spec: this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty - selector ({}) matches all namespaces. This - field is beta-level and is only honored when - PodAffinityNamespaceSelector feature is enabled. + selector ({}) matches all namespaces. properties: matchExpressions: description: matchExpressions is a list @@ -5357,7 +6012,7 @@ spec: listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this - pod's namespace" + pod's namespace". items: type: string type: array @@ -5471,6 +6126,8 @@ spec: - type type: object type: array + defaultArchitecture: + type: string generations: items: description: GenerationStatus keeps track of the generation for @@ -5539,6 +6196,6 @@ spec: - spec type: object served: true - storage: true + storage: false subresources: status: {} diff --git a/deploy/images.csv b/deploy/images.csv index 21e7d209cc..bf26e78d48 100644 --- a/deploy/images.csv +++ b/deploy/images.csv @@ -1,13 +1,13 @@ image_var,name,tag,digest -KUBEVIRT_OPERATOR_IMAGE,quay.io/kubevirt/virt-operator,KUBEVIRT_VERSION,5bfc28d150e853eda38b6d2e4f0cf68e6ade1040718cf7598e11cb32058d7c57 -KUBEVIRT_API_IMAGE,quay.io/kubevirt/virt-api,KUBEVIRT_VERSION,2bb3e1227651779f1222ce3b9fbd701226450875ad1f985c098b90b76ea9819b -KUBEVIRT_CONTROLLER_IMAGE,quay.io/kubevirt/virt-controller,KUBEVIRT_VERSION,37d65a4d4e49ae83a631f052dfcc69a47fd044302be9b7e7a4309513bc9efefd -KUBEVIRT_LAUNCHER_IMAGE,quay.io/kubevirt/virt-launcher,KUBEVIRT_VERSION,c510629d04bab4cb621e9f2ccd2503f02a7051a0128a1f17e4faa34eacef8430 -KUBEVIRT_HANDLER_IMAGE,quay.io/kubevirt/virt-handler,KUBEVIRT_VERSION,26734e9d4c41a11919661543c3d0c5a9cbd920eec6e8fa2f75426aee4c131e8b -KUBEVIRT_VIRTIO_IMAGE,quay.io/kubevirt/virtio-container-disk,KUBEVIRT_VERSION,5b99c78ed831401048e72d72f9ec805710ee7625131fd9ad277b38ab1e67cfb9 -KUBEVIRT_LIBGUESTFS_TOOLS_IMAGE,quay.io/kubevirt/libguestfs-tools,KUBEVIRT_VERSION,149b1def5f2f3c629b514c3168aad68b6888c328c27f9f014e2a5303ddd29ff4 -KUBEVIRT_EXPORTPROXY_IMAGE,quay.io/kubevirt/virt-exportproxy,KUBEVIRT_VERSION,ca0810c4202382b770345fdc26d32a6ed24fb25e00ecaf95684b1dce0d07a4d9 -KUBEVIRT_EXPORSERVER_IMAGE,quay.io/kubevirt/virt-exportserver,KUBEVIRT_VERSION,e322c34e7d2c3070985d95fb380b4fe53fabd721fd5f380382a23d846a50a4d3 +KUBEVIRT_OPERATOR_IMAGE,quay.io/kubevirt/virt-operator,KUBEVIRT_VERSION,1909204cb4d4b8c51f83318a7f7a43a86288af4c4e5fa509d42f7e9971e271e9 +KUBEVIRT_API_IMAGE,quay.io/kubevirt/virt-api,KUBEVIRT_VERSION,a268cc8bb2629b78fa8c54f3389538b7feb85f5437b55b46d2859011c7b9d8a8 +KUBEVIRT_CONTROLLER_IMAGE,quay.io/kubevirt/virt-controller,KUBEVIRT_VERSION,d0173c35a2538a6ad5761a37ce721fbaa103652743df3ec55d6fb7cddfd07bd5 +KUBEVIRT_LAUNCHER_IMAGE,quay.io/kubevirt/virt-launcher,KUBEVIRT_VERSION,6c8a88763aa51fc2128262deec116572bb29091808d256dd169219288fa652ba +KUBEVIRT_HANDLER_IMAGE,quay.io/kubevirt/virt-handler,KUBEVIRT_VERSION,b1cb781f36216db5ac6067cfaa46bd1775c4d8a4871cd709e31839e74d766447 +KUBEVIRT_VIRTIO_IMAGE,quay.io/kubevirt/virtio-container-disk,KUBEVIRT_VERSION,f8e71a3a930ce95d646d80862d5ff6f9d3ed7ef2541dd2e2acec0bce26274734 +KUBEVIRT_LIBGUESTFS_TOOLS_IMAGE,quay.io/kubevirt/libguestfs-tools,KUBEVIRT_VERSION,a88aa48b7ab8e64ef3a4a85f7f89a174adcc94a9a77ee24bf0994481eb71a7ce +KUBEVIRT_EXPORTPROXY_IMAGE,quay.io/kubevirt/virt-exportproxy,KUBEVIRT_VERSION,42902dfb2671cc5e71909e529da3dcbd35dbb4d7891c3322d427f8d1853b947e +KUBEVIRT_EXPORSERVER_IMAGE,quay.io/kubevirt/virt-exportserver,KUBEVIRT_VERSION,a346df41edce2e4bd36b68e969b63ead7a24e2e7b09634a7327f204e90f253b7 CNA_OPERATOR_IMAGE,quay.io/kubevirt/cluster-network-addons-operator,NETWORK_ADDONS_VERSION,5eb8b7d50742c7afbf89eb6b322b0f8de58dd8e7a84ab86c7741e6664dae8826 SSP_OPERATOR_IMAGE,quay.io/kubevirt/ssp-operator,SSP_VERSION,3181775f6c149362d3733433f5e2cd1b7bf406ff3ded619bfc626d05796ef705 CDI_OPERATOR_IMAGE,quay.io/kubevirt/cdi-operator,CDI_VERSION,b01ac565915dcaa3ca3e3fb53e37a826b83107bdee157bd5ed1e718ed657c71a diff --git a/deploy/images.env b/deploy/images.env index 6598c43164..1f9847dd67 100755 --- a/deploy/images.env +++ b/deploy/images.env @@ -1,12 +1,12 @@ -KUBEVIRT_OPERATOR_IMAGE=quay.io/kubevirt/virt-operator@sha256:5bfc28d150e853eda38b6d2e4f0cf68e6ade1040718cf7598e11cb32058d7c57 -KUBEVIRT_API_IMAGE=quay.io/kubevirt/virt-api@sha256:2bb3e1227651779f1222ce3b9fbd701226450875ad1f985c098b90b76ea9819b -KUBEVIRT_CONTROLLER_IMAGE=quay.io/kubevirt/virt-controller@sha256:37d65a4d4e49ae83a631f052dfcc69a47fd044302be9b7e7a4309513bc9efefd -KUBEVIRT_LAUNCHER_IMAGE=quay.io/kubevirt/virt-launcher@sha256:c510629d04bab4cb621e9f2ccd2503f02a7051a0128a1f17e4faa34eacef8430 -KUBEVIRT_HANDLER_IMAGE=quay.io/kubevirt/virt-handler@sha256:26734e9d4c41a11919661543c3d0c5a9cbd920eec6e8fa2f75426aee4c131e8b -KUBEVIRT_VIRTIO_IMAGE=quay.io/kubevirt/virtio-container-disk@sha256:5b99c78ed831401048e72d72f9ec805710ee7625131fd9ad277b38ab1e67cfb9 -KUBEVIRT_LIBGUESTFS_TOOLS_IMAGE=quay.io/kubevirt/libguestfs-tools@sha256:149b1def5f2f3c629b514c3168aad68b6888c328c27f9f014e2a5303ddd29ff4 -KUBEVIRT_EXPORTPROXY_IMAGE=quay.io/kubevirt/virt-exportproxy@sha256:ca0810c4202382b770345fdc26d32a6ed24fb25e00ecaf95684b1dce0d07a4d9 -KUBEVIRT_EXPORSERVER_IMAGE=quay.io/kubevirt/virt-exportserver@sha256:e322c34e7d2c3070985d95fb380b4fe53fabd721fd5f380382a23d846a50a4d3 +KUBEVIRT_OPERATOR_IMAGE=quay.io/kubevirt/virt-operator@sha256:1909204cb4d4b8c51f83318a7f7a43a86288af4c4e5fa509d42f7e9971e271e9 +KUBEVIRT_API_IMAGE=quay.io/kubevirt/virt-api@sha256:a268cc8bb2629b78fa8c54f3389538b7feb85f5437b55b46d2859011c7b9d8a8 +KUBEVIRT_CONTROLLER_IMAGE=quay.io/kubevirt/virt-controller@sha256:d0173c35a2538a6ad5761a37ce721fbaa103652743df3ec55d6fb7cddfd07bd5 +KUBEVIRT_LAUNCHER_IMAGE=quay.io/kubevirt/virt-launcher@sha256:6c8a88763aa51fc2128262deec116572bb29091808d256dd169219288fa652ba +KUBEVIRT_HANDLER_IMAGE=quay.io/kubevirt/virt-handler@sha256:b1cb781f36216db5ac6067cfaa46bd1775c4d8a4871cd709e31839e74d766447 +KUBEVIRT_VIRTIO_IMAGE=quay.io/kubevirt/virtio-container-disk@sha256:f8e71a3a930ce95d646d80862d5ff6f9d3ed7ef2541dd2e2acec0bce26274734 +KUBEVIRT_LIBGUESTFS_TOOLS_IMAGE=quay.io/kubevirt/libguestfs-tools@sha256:a88aa48b7ab8e64ef3a4a85f7f89a174adcc94a9a77ee24bf0994481eb71a7ce +KUBEVIRT_EXPORTPROXY_IMAGE=quay.io/kubevirt/virt-exportproxy@sha256:42902dfb2671cc5e71909e529da3dcbd35dbb4d7891c3322d427f8d1853b947e +KUBEVIRT_EXPORSERVER_IMAGE=quay.io/kubevirt/virt-exportserver@sha256:a346df41edce2e4bd36b68e969b63ead7a24e2e7b09634a7327f204e90f253b7 CNA_OPERATOR_IMAGE=quay.io/kubevirt/cluster-network-addons-operator@sha256:5eb8b7d50742c7afbf89eb6b322b0f8de58dd8e7a84ab86c7741e6664dae8826 SSP_OPERATOR_IMAGE=quay.io/kubevirt/ssp-operator@sha256:3181775f6c149362d3733433f5e2cd1b7bf406ff3ded619bfc626d05796ef705 CDI_OPERATOR_IMAGE=quay.io/kubevirt/cdi-operator@sha256:b01ac565915dcaa3ca3e3fb53e37a826b83107bdee157bd5ed1e718ed657c71a @@ -26,15 +26,15 @@ CSI_SNAPSHOT_IMAGE=k8s.gcr.io/sig-storage/csi-snapshotter@sha256:818f35653f2e214 CSI_SIG_STORAGE_PROVISIONER_IMAGE=k8s.gcr.io/sig-storage/csi-provisioner@sha256:4e74c0492bceddc598de1c90cc5bc14dcda94cb49fa9c5bad9d117c4834b5e08 KUBE_RBAC_PROXY_IMAGE=quay.io/openshift/origin-kube-rbac-proxy@sha256:baedb268ac66456018fb30af395bb3d69af5fff3252ff5d549f0231b1ebb6901 KUBEVIRT_CONSOLE_PLUGIN_IMAGE=quay.io/kubevirt-ui/kubevirt-plugin@sha256:5a783ac8af2ad5d6c7dd731ad29dfb013321c06f919dce2242eef1b3d0a9f194 -DIGEST_LIST="quay.io/kubevirt/virt-operator@sha256:5bfc28d150e853eda38b6d2e4f0cf68e6ade1040718cf7598e11cb32058d7c57" -DIGEST_LIST="${DIGEST_LIST},quay.io/kubevirt/virt-api@sha256:2bb3e1227651779f1222ce3b9fbd701226450875ad1f985c098b90b76ea9819b" -DIGEST_LIST="${DIGEST_LIST},quay.io/kubevirt/virt-controller@sha256:37d65a4d4e49ae83a631f052dfcc69a47fd044302be9b7e7a4309513bc9efefd" -DIGEST_LIST="${DIGEST_LIST},quay.io/kubevirt/virt-launcher@sha256:c510629d04bab4cb621e9f2ccd2503f02a7051a0128a1f17e4faa34eacef8430" -DIGEST_LIST="${DIGEST_LIST},quay.io/kubevirt/virt-handler@sha256:26734e9d4c41a11919661543c3d0c5a9cbd920eec6e8fa2f75426aee4c131e8b" -DIGEST_LIST="${DIGEST_LIST},quay.io/kubevirt/virtio-container-disk@sha256:5b99c78ed831401048e72d72f9ec805710ee7625131fd9ad277b38ab1e67cfb9" -DIGEST_LIST="${DIGEST_LIST},quay.io/kubevirt/libguestfs-tools@sha256:149b1def5f2f3c629b514c3168aad68b6888c328c27f9f014e2a5303ddd29ff4" -DIGEST_LIST="${DIGEST_LIST},quay.io/kubevirt/virt-exportproxy@sha256:ca0810c4202382b770345fdc26d32a6ed24fb25e00ecaf95684b1dce0d07a4d9" -DIGEST_LIST="${DIGEST_LIST},quay.io/kubevirt/virt-exportserver@sha256:e322c34e7d2c3070985d95fb380b4fe53fabd721fd5f380382a23d846a50a4d3" +DIGEST_LIST="quay.io/kubevirt/virt-operator@sha256:1909204cb4d4b8c51f83318a7f7a43a86288af4c4e5fa509d42f7e9971e271e9" +DIGEST_LIST="${DIGEST_LIST},quay.io/kubevirt/virt-api@sha256:a268cc8bb2629b78fa8c54f3389538b7feb85f5437b55b46d2859011c7b9d8a8" +DIGEST_LIST="${DIGEST_LIST},quay.io/kubevirt/virt-controller@sha256:d0173c35a2538a6ad5761a37ce721fbaa103652743df3ec55d6fb7cddfd07bd5" +DIGEST_LIST="${DIGEST_LIST},quay.io/kubevirt/virt-launcher@sha256:6c8a88763aa51fc2128262deec116572bb29091808d256dd169219288fa652ba" +DIGEST_LIST="${DIGEST_LIST},quay.io/kubevirt/virt-handler@sha256:b1cb781f36216db5ac6067cfaa46bd1775c4d8a4871cd709e31839e74d766447" +DIGEST_LIST="${DIGEST_LIST},quay.io/kubevirt/virtio-container-disk@sha256:f8e71a3a930ce95d646d80862d5ff6f9d3ed7ef2541dd2e2acec0bce26274734" +DIGEST_LIST="${DIGEST_LIST},quay.io/kubevirt/libguestfs-tools@sha256:a88aa48b7ab8e64ef3a4a85f7f89a174adcc94a9a77ee24bf0994481eb71a7ce" +DIGEST_LIST="${DIGEST_LIST},quay.io/kubevirt/virt-exportproxy@sha256:42902dfb2671cc5e71909e529da3dcbd35dbb4d7891c3322d427f8d1853b947e" +DIGEST_LIST="${DIGEST_LIST},quay.io/kubevirt/virt-exportserver@sha256:a346df41edce2e4bd36b68e969b63ead7a24e2e7b09634a7327f204e90f253b7" DIGEST_LIST="${DIGEST_LIST},quay.io/kubevirt/cluster-network-addons-operator@sha256:5eb8b7d50742c7afbf89eb6b322b0f8de58dd8e7a84ab86c7741e6664dae8826" DIGEST_LIST="${DIGEST_LIST},quay.io/kubevirt/ssp-operator@sha256:3181775f6c149362d3733433f5e2cd1b7bf406ff3ded619bfc626d05796ef705" DIGEST_LIST="${DIGEST_LIST},quay.io/kubevirt/cdi-operator@sha256:b01ac565915dcaa3ca3e3fb53e37a826b83107bdee157bd5ed1e718ed657c71a" diff --git a/deploy/index-image/community-kubevirt-hyperconverged/1.9.0/manifests/hco00.crd.yaml b/deploy/index-image/community-kubevirt-hyperconverged/1.9.0/manifests/hco00.crd.yaml index 39d5716729..23e27297ec 100644 --- a/deploy/index-image/community-kubevirt-hyperconverged/1.9.0/manifests/hco00.crd.yaml +++ b/deploy/index-image/community-kubevirt-hyperconverged/1.9.0/manifests/hco00.crd.yaml @@ -508,6 +508,21 @@ spec: parameters to create a new raw blank image for the PVC type: object + gcs: + description: DataVolumeSourceGCS provides the + parameters to create a Data Volume from an + GCS source + properties: + secretRef: + description: SecretRef provides the secret + reference needed to access the GCS source + type: string + url: + description: URL is the url of the GCS source + type: string + required: + - url + type: object http: description: DataVolumeSourceHTTP can be either an http or https endpoint, with an optional @@ -803,11 +818,21 @@ spec: description: Name is the name of resource being referenced type: string + namespace: + description: Namespace is the namespace + of resource being referenced Note that + when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant + object is required in the referent namespace + to allow that namespace's owner to accept + the reference. See the ReferenceGrant + documentation for details. (Alpha) This + field requires the CrossNamespaceVolumeDataSource + feature gate to be enabled. + type: string required: - kind - name type: object - x-kubernetes-map-type: atomic resources: description: 'Resources represents the minimum resources the volume should have. More info: @@ -3935,6 +3960,21 @@ spec: parameters to create a new raw blank image for the PVC type: object + gcs: + description: DataVolumeSourceGCS provides the + parameters to create a Data Volume from an + GCS source + properties: + secretRef: + description: SecretRef provides the secret + reference needed to access the GCS source + type: string + url: + description: URL is the url of the GCS source + type: string + required: + - url + type: object http: description: DataVolumeSourceHTTP can be either an http or https endpoint, with an optional @@ -4230,11 +4270,21 @@ spec: description: Name is the name of resource being referenced type: string + namespace: + description: Namespace is the namespace + of resource being referenced Note that + when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant + object is required in the referent namespace + to allow that namespace's owner to accept + the reference. See the ReferenceGrant + documentation for details. (Alpha) This + field requires the CrossNamespaceVolumeDataSource + feature gate to be enabled. + type: string required: - kind - name type: object - x-kubernetes-map-type: atomic resources: description: 'Resources represents the minimum resources the volume should have. More info: diff --git a/deploy/index-image/community-kubevirt-hyperconverged/1.9.0/manifests/kubevirt-hyperconverged-operator.v1.9.0.clusterserviceversion.yaml b/deploy/index-image/community-kubevirt-hyperconverged/1.9.0/manifests/kubevirt-hyperconverged-operator.v1.9.0.clusterserviceversion.yaml index 9d5166ba7f..17f0247bd5 100644 --- a/deploy/index-image/community-kubevirt-hyperconverged/1.9.0/manifests/kubevirt-hyperconverged-operator.v1.9.0.clusterserviceversion.yaml +++ b/deploy/index-image/community-kubevirt-hyperconverged/1.9.0/manifests/kubevirt-hyperconverged-operator.v1.9.0.clusterserviceversion.yaml @@ -713,22 +713,6 @@ spec: - list - watch - patch - - apiGroups: - - flavor.kubevirt.io - resources: - - virtualmachineflavors - - virtualmachineclusterflavors - - virtualmachinepreferences - - virtualmachineclusterpreferences - verbs: - - get - - delete - - create - - update - - patch - - list - - watch - - deletecollection - apiGroups: - "" resources: @@ -828,6 +812,14 @@ spec: - get - list - watch + - apiGroups: + - "" + resources: + - namespaces + verbs: + - get + - list + - watch - apiGroups: - instancetype.kubevirt.io resources: @@ -1010,6 +1002,8 @@ spec: - virtualmachineinstances/freeze - virtualmachineinstances/unfreeze - virtualmachineinstances/softreboot + - virtualmachineinstances/sev/setupsession + - virtualmachineinstances/sev/injectlaunchsecret verbs: - update - apiGroups: @@ -1024,8 +1018,6 @@ spec: - network-attachment-definitions verbs: - get - - list - - watch - apiGroups: - apiextensions.k8s.io resources: @@ -1136,6 +1128,18 @@ spec: - list - get - watch + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - delete + - update + - create + - patch - apiGroups: - kubevirt.io resources: @@ -1225,6 +1229,13 @@ spec: - get - list - watch + - apiGroups: + - kubevirt.io + resources: + - kubevirts + verbs: + - get + - list - apiGroups: - subresources.kubevirt.io resources: @@ -1243,6 +1254,8 @@ spec: - virtualmachineinstances/guestosinfo - virtualmachineinstances/filesystemlist - virtualmachineinstances/userlist + - virtualmachineinstances/sev/fetchcertchain + - virtualmachineinstances/sev/querylaunchmeasurement verbs: - get - apiGroups: @@ -1255,6 +1268,8 @@ spec: - virtualmachineinstances/freeze - virtualmachineinstances/unfreeze - virtualmachineinstances/softreboot + - virtualmachineinstances/sev/setupsession + - virtualmachineinstances/sev/injectlaunchsecret verbs: - update - apiGroups: @@ -1387,6 +1402,8 @@ spec: - virtualmachineinstances/guestosinfo - virtualmachineinstances/filesystemlist - virtualmachineinstances/userlist + - virtualmachineinstances/sev/fetchcertchain + - virtualmachineinstances/sev/querylaunchmeasurement verbs: - get - apiGroups: @@ -1399,6 +1416,8 @@ spec: - virtualmachineinstances/freeze - virtualmachineinstances/unfreeze - virtualmachineinstances/softreboot + - virtualmachineinstances/sev/setupsession + - virtualmachineinstances/sev/injectlaunchsecret verbs: - update - apiGroups: @@ -1522,6 +1541,13 @@ spec: - get - list - watch + - apiGroups: + - kubevirt.io + resources: + - kubevirts + verbs: + - get + - list - apiGroups: - subresources.kubevirt.io resources: @@ -1529,6 +1555,8 @@ spec: - virtualmachineinstances/guestosinfo - virtualmachineinstances/filesystemlist - virtualmachineinstances/userlist + - virtualmachineinstances/sev/fetchcertchain + - virtualmachineinstances/sev/querylaunchmeasurement verbs: - get - apiGroups: @@ -1602,6 +1630,15 @@ spec: - get - list - watch + - apiGroups: + - instancetype.kubevirt.io + resources: + - virtualmachineclusterinstancetypes + - virtualmachineclusterpreferences + verbs: + - get + - list + - watch - apiGroups: - authentication.k8s.io resources: @@ -2730,7 +2767,7 @@ spec: fieldPath: metadata.name - name: WATCH_NAMESPACE - name: VIRTIOWIN_CONTAINER - value: quay.io/kubevirt/virtio-container-disk@sha256:5b99c78ed831401048e72d72f9ec805710ee7625131fd9ad277b38ab1e67cfb9 + value: quay.io/kubevirt/virtio-container-disk@sha256:f8e71a3a930ce95d646d80862d5ff6f9d3ed7ef2541dd2e2acec0bce26274734 - name: SMBIOS value: |- Family: KubeVirt @@ -2740,7 +2777,7 @@ spec: - name: HCO_KV_IO_VERSION value: 1.9.0 - name: KUBEVIRT_VERSION - value: v0.59.2 + value: v1.2.0-rc.1 - name: CDI_VERSION value: v1.56.1 - name: NETWORK_ADDONS_VERSION @@ -3065,28 +3102,28 @@ spec: - virt-operator env: - name: VIRT_OPERATOR_IMAGE - value: quay.io/kubevirt/virt-operator@sha256:5bfc28d150e853eda38b6d2e4f0cf68e6ade1040718cf7598e11cb32058d7c57 + value: quay.io/kubevirt/virt-operator@sha256:1909204cb4d4b8c51f83318a7f7a43a86288af4c4e5fa509d42f7e9971e271e9 - name: WATCH_NAMESPACE valueFrom: fieldRef: fieldPath: metadata.annotations['olm.targetNamespaces'] - name: VIRT_API_SHASUM - value: sha256:2bb3e1227651779f1222ce3b9fbd701226450875ad1f985c098b90b76ea9819b + value: sha256:a268cc8bb2629b78fa8c54f3389538b7feb85f5437b55b46d2859011c7b9d8a8 - name: VIRT_CONTROLLER_SHASUM - value: sha256:37d65a4d4e49ae83a631f052dfcc69a47fd044302be9b7e7a4309513bc9efefd + value: sha256:d0173c35a2538a6ad5761a37ce721fbaa103652743df3ec55d6fb7cddfd07bd5 - name: VIRT_HANDLER_SHASUM - value: sha256:26734e9d4c41a11919661543c3d0c5a9cbd920eec6e8fa2f75426aee4c131e8b + value: sha256:b1cb781f36216db5ac6067cfaa46bd1775c4d8a4871cd709e31839e74d766447 - name: VIRT_LAUNCHER_SHASUM - value: sha256:c510629d04bab4cb621e9f2ccd2503f02a7051a0128a1f17e4faa34eacef8430 + value: sha256:6c8a88763aa51fc2128262deec116572bb29091808d256dd169219288fa652ba - name: VIRT_EXPORTPROXY_SHASUM - value: sha256:ca0810c4202382b770345fdc26d32a6ed24fb25e00ecaf95684b1dce0d07a4d9 + value: sha256:42902dfb2671cc5e71909e529da3dcbd35dbb4d7891c3322d427f8d1853b947e - name: VIRT_EXPORTSERVER_SHASUM - value: sha256:e322c34e7d2c3070985d95fb380b4fe53fabd721fd5f380382a23d846a50a4d3 + value: sha256:a346df41edce2e4bd36b68e969b63ead7a24e2e7b09634a7327f204e90f253b7 - name: GS_SHASUM - value: sha256:149b1def5f2f3c629b514c3168aad68b6888c328c27f9f014e2a5303ddd29ff4 + value: sha256:a88aa48b7ab8e64ef3a4a85f7f89a174adcc94a9a77ee24bf0994481eb71a7ce - name: KUBEVIRT_VERSION - value: v0.59.2 - image: quay.io/kubevirt/virt-operator@sha256:5bfc28d150e853eda38b6d2e4f0cf68e6ade1040718cf7598e11cb32058d7c57 + value: v1.2.0-rc.1 + image: quay.io/kubevirt/virt-operator@sha256:1909204cb4d4b8c51f83318a7f7a43a86288af4c4e5fa509d42f7e9971e271e9 imagePullPolicy: IfNotPresent name: virt-operator ports: @@ -3257,7 +3294,7 @@ spec: - name: WAIT_FOR_VMI_STATUS_IMG - name: GENERATE_SSH_KEYS_IMG - name: VIRTIO_IMG - value: quay.io/kubevirt/virtio-container-disk@sha256:5b99c78ed831401048e72d72f9ec805710ee7625131fd9ad277b38ab1e67cfb9 + value: quay.io/kubevirt/virtio-container-disk@sha256:f8e71a3a930ce95d646d80862d5ff6f9d3ed7ef2541dd2e2acec0bce26274734 - name: OPERATOR_NAMESPACE valueFrom: fieldRef: @@ -3506,6 +3543,15 @@ spec: - rules: - apiGroups: - "" + resourceNames: + - kubevirt-ca + - kubevirt-export-ca + - kubevirt-virt-handler-certs + - kubevirt-virt-handler-server-certs + - kubevirt-operator-certs + - kubevirt-virt-api-certs + - kubevirt-controller-certs + - kubevirt-exportproxy-certs resources: - secrets verbs: @@ -3543,6 +3589,18 @@ spec: - routes/custom-host verbs: - create + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - delete + - update + - create + - patch serviceAccountName: kubevirt-operator - rules: - apiGroups: @@ -3911,7 +3969,7 @@ spec: name: kubesecondarydns - image: quay.io/kubevirt-ui/kubevirt-plugin@sha256:5a783ac8af2ad5d6c7dd731ad29dfb013321c06f919dce2242eef1b3d0a9f194 name: kubevirt-plugin - - image: quay.io/kubevirt/libguestfs-tools@sha256:149b1def5f2f3c629b514c3168aad68b6888c328c27f9f014e2a5303ddd29ff4 + - image: quay.io/kubevirt/libguestfs-tools@sha256:a88aa48b7ab8e64ef3a4a85f7f89a174adcc94a9a77ee24bf0994481eb71a7ce name: libguestfs-tools - image: k8s.gcr.io/sig-storage/livenessprobe@sha256:1b7c978a792a8fa4e96244e8059bd71bb49b07e2e5a897fb0c867bdc6db20d5d name: livenessprobe @@ -3929,23 +3987,23 @@ spec: name: ssp-operator - image: quay.io/kubevirt/tekton-tasks-operator@sha256:6c6e296d48eb5e81236443155ffecb39a44bc490d4cd6ac897d02c13908ea3ca name: tekton-tasks-operator - - image: quay.io/kubevirt/virt-api@sha256:2bb3e1227651779f1222ce3b9fbd701226450875ad1f985c098b90b76ea9819b + - image: quay.io/kubevirt/virt-api@sha256:a268cc8bb2629b78fa8c54f3389538b7feb85f5437b55b46d2859011c7b9d8a8 name: virt-api - - image: quay.io/kubevirt/virt-controller@sha256:37d65a4d4e49ae83a631f052dfcc69a47fd044302be9b7e7a4309513bc9efefd + - image: quay.io/kubevirt/virt-controller@sha256:d0173c35a2538a6ad5761a37ce721fbaa103652743df3ec55d6fb7cddfd07bd5 name: virt-controller - - image: quay.io/kubevirt/virt-exportproxy@sha256:ca0810c4202382b770345fdc26d32a6ed24fb25e00ecaf95684b1dce0d07a4d9 + - image: quay.io/kubevirt/virt-exportproxy@sha256:42902dfb2671cc5e71909e529da3dcbd35dbb4d7891c3322d427f8d1853b947e name: virt-exportproxy - - image: quay.io/kubevirt/virt-exportserver@sha256:e322c34e7d2c3070985d95fb380b4fe53fabd721fd5f380382a23d846a50a4d3 + - image: quay.io/kubevirt/virt-exportserver@sha256:a346df41edce2e4bd36b68e969b63ead7a24e2e7b09634a7327f204e90f253b7 name: virt-exportserver - - image: quay.io/kubevirt/virt-handler@sha256:26734e9d4c41a11919661543c3d0c5a9cbd920eec6e8fa2f75426aee4c131e8b + - image: quay.io/kubevirt/virt-handler@sha256:b1cb781f36216db5ac6067cfaa46bd1775c4d8a4871cd709e31839e74d766447 name: virt-handler - - image: quay.io/kubevirt/virt-launcher@sha256:c510629d04bab4cb621e9f2ccd2503f02a7051a0128a1f17e4faa34eacef8430 + - image: quay.io/kubevirt/virt-launcher@sha256:6c8a88763aa51fc2128262deec116572bb29091808d256dd169219288fa652ba name: virt-launcher - - image: quay.io/kubevirt/virt-operator@sha256:5bfc28d150e853eda38b6d2e4f0cf68e6ade1040718cf7598e11cb32058d7c57 + - image: quay.io/kubevirt/virt-operator@sha256:1909204cb4d4b8c51f83318a7f7a43a86288af4c4e5fa509d42f7e9971e271e9 name: virt-operator - - image: quay.io/kubevirt/virtio-container-disk@sha256:5b99c78ed831401048e72d72f9ec805710ee7625131fd9ad277b38ab1e67cfb9 + - image: quay.io/kubevirt/virtio-container-disk@sha256:f8e71a3a930ce95d646d80862d5ff6f9d3ed7ef2541dd2e2acec0bce26274734 name: virtio-container - - image: quay.io/kubevirt/virtio-container-disk@sha256:5b99c78ed831401048e72d72f9ec805710ee7625131fd9ad277b38ab1e67cfb9 + - image: quay.io/kubevirt/virtio-container-disk@sha256:f8e71a3a930ce95d646d80862d5ff6f9d3ed7ef2541dd2e2acec0bce26274734 name: virtio-container-disk replaces: kubevirt-hyperconverged-operator.v1.8.0 selector: diff --git a/deploy/index-image/community-kubevirt-hyperconverged/1.9.0/manifests/kubevirt00.crd.yaml b/deploy/index-image/community-kubevirt-hyperconverged/1.9.0/manifests/kubevirt00.crd.yaml index bc25479052..6c8c51a197 100644 --- a/deploy/index-image/community-kubevirt-hyperconverged/1.9.0/manifests/kubevirt00.crd.yaml +++ b/deploy/index-image/community-kubevirt-hyperconverged/1.9.0/manifests/kubevirt00.crd.yaml @@ -131,6 +131,95 @@ spec: type: object type: object type: object + architectureConfiguration: + properties: + amd64: + properties: + emulatedMachines: + items: + type: string + type: array + x-kubernetes-list-type: atomic + machineType: + type: string + ovmfPath: + type: string + type: object + arm64: + properties: + emulatedMachines: + items: + type: string + type: array + x-kubernetes-list-type: atomic + machineType: + type: string + ovmfPath: + type: string + type: object + defaultArchitecture: + type: string + ppc64le: + properties: + emulatedMachines: + items: + type: string + type: array + x-kubernetes-list-type: atomic + machineType: + type: string + ovmfPath: + type: string + type: object + type: object + autoCPULimitNamespaceLabelSelector: + description: When set, AutoCPULimitNamespaceLabelSelector will + set a CPU limit on virt-launcher for VMIs running inside namespaces + that match the label selector. The CPU limit will equal the + number of requested vCPUs. This setting does not apply to VMIs + with dedicated CPUs. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If + the operator is In or NotIn, the values array must + be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A + single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is "key", + the operator is "In", and the values array contains only + "value". The requirements are ANDed. + type: object + type: object controllerConfiguration: description: ReloadableComponentConfiguration holds all generic k8s configuration options which can be reloaded by components @@ -309,7 +398,87 @@ spec: description: PullPolicy describes a policy for if/when to pull a container image type: string + ksmConfiguration: + description: KSMConfiguration holds the information regarding + the enabling the KSM in the nodes (if available). + properties: + nodeLabelSelector: + description: NodeLabelSelector is a selector that filters + in which nodes the KSM will be enabled. Empty NodeLabelSelector + will enable ksm for every node. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists or + DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is + "key", the operator is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + type: object + liveUpdateConfiguration: + description: LiveUpdateConfiguration holds defaults for live update + features + properties: + maxCpuSockets: + description: MaxCpuSockets holds the maximum amount of sockets + that can be hotplugged + format: int32 + type: integer + maxGuest: + anyOf: + - type: integer + - type: string + description: MaxGuest defines the maximum amount memory that + can be allocated to the guest using hotplug. + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + maxHotplugRatio: + description: 'MaxHotplugRatio is the ratio used to define + the max amount of a hotplug resource that can be made available + to a VM when the specific Max* setting is not defined (MaxCpuSockets, + MaxGuest) Example: VM is configured with 512Mi of guest + memory, if MaxGuest is not defined and MaxHotplugRatio is + 2 then MaxGuest = 1Gi defaults to 4' + format: int32 + type: integer + type: object machineType: + description: Deprecated. Use architectureConfiguration instead. type: string mediatedDevicesConfiguration: description: MediatedDevicesConfiguration holds information about @@ -329,7 +498,7 @@ spec: nodeMediatedDeviceTypes: items: description: NodeMediatedDeviceTypesConfig holds information - about MDEV types to be defined in a specifc node that + about MDEV types to be defined in a specific node that matches the NodeSelector field. properties: mediatedDeviceTypes: @@ -384,8 +553,8 @@ spec: - type: integer - type: string description: BandwidthPerMigration limits the amount of network - bandwith live migrations are allowed to use. The value is - in quantity per second. Defaults to 0 (no limit) + bandwidth live migrations are allowed to use. The value + is in quantity per second. Defaults to 0 (no limit) pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true completionTimeoutPerGiB: @@ -401,6 +570,16 @@ spec: additional layer of live migration encryption provided by KubeVirt. This is usually a bad idea. Defaults to false type: boolean + matchSELinuxLevelOnMigration: + description: By default, the SELinux level of target virt-launcher + pods is forced to the level of the source virt-launcher. + When set to true, MatchSELinuxLevelOnMigration lets the + CRI auto-assign a random level to the target. That will + ensure the target virt-launcher doesn't share categories + with another pod on the node. However, migrations will fail + when using RWX volumes that don't automatically deal with + SELinux levels. + type: boolean network: description: Network is the name of the CNI network to use for live migrations. By default, migrations go through the @@ -442,6 +621,39 @@ spec: network: description: NetworkConfiguration holds network options properties: + binding: + additionalProperties: + properties: + domainAttachmentType: + description: 'DomainAttachmentType is a standard domain + network attachment method kubevirt supports. Supported + values: "tap". The standard domain attachment can + be used instead or in addition to the sidecarImage. + version: 1alphav1' + type: string + migration: + description: 'Migration means the VM using the plugin + can be safely migrated version: 1alphav1' + properties: + method: + description: 'Method defines a pre-defined migration + methodology version: 1alphav1' + type: string + type: object + networkAttachmentDefinition: + description: 'NetworkAttachmentDefinition references + to a NetworkAttachmentDefinition CR object. Format: + , /. If namespace is not specified, + VMI namespace is assumed. version: 1alphav1' + type: string + sidecarImage: + description: 'SidecarImage references a container image + that runs in the virt-launcher pod. The sidecar handles + (libvirt) domain configuration and optional services. + version: 1alphav1' + type: string + type: object + type: object defaultNetworkInterface: type: string permitBridgeInterfaceOnPodNetwork: @@ -492,10 +704,7 @@ spec: resourceName: description: The name of the resource that is representing the device. Exposed by a device plugin and requested - by VMs. Typically of the form vendor.com/product_nameThe - name of the resource that is representing the device. - Exposed by a device plugin and requested by VMs. Typically - of the form vendor.com/product_name + by VMs. Typically of the form vendor.com/product_name type: string required: - pciVendorSelector @@ -503,6 +712,36 @@ spec: type: object type: array x-kubernetes-list-type: atomic + usb: + items: + properties: + externalResourceProvider: + description: If true, KubeVirt will leave the allocation + and monitoring to an external device plugin + type: boolean + resourceName: + description: 'Identifies the list of USB host devices. + e.g: kubevirt.io/storage, kubevirt.io/bootable-usb, + etc' + type: string + selectors: + items: + properties: + product: + type: string + vendor: + type: string + required: + - product + - vendor + type: object + type: array + x-kubernetes-list-type: atomic + required: + - resourceName + type: object + type: array + x-kubernetes-list-type: atomic type: object seccompConfiguration: description: SeccompConfiguration holds Seccomp configuration @@ -538,6 +777,78 @@ spec: version: type: string type: object + supportContainerResources: + description: SupportContainerResources specifies the resource + requirements for various types of supporting containers such + as container disks/virtiofs/sidecars and hotplug attachment + pods. If omitted a sensible default will be supplied. + items: + description: SupportContainerResources are used to specify the + cpu/memory request and limits for the containers that support + various features of Virtual Machines. These containers are + usually idle and don't require a lot of memory or cpu. + properties: + resources: + description: ResourceRequirements describes the compute + resource requirements. + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. \n This field + is immutable. It can only be set for containers." + items: + description: ResourceClaim references one entry in + PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry + in pod.spec.resourceClaims of the Pod where + this field is used. It makes that resource available + inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of + compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + type: + type: string + required: + - resources + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map supportedGuestAgentVersions: description: deprecated items: @@ -567,6 +878,40 @@ spec: type: object virtualMachineInstancesPerNode: type: integer + virtualMachineOptions: + description: VirtualMachineOptions holds the cluster level information + regarding the virtual machine. + properties: + disableFreePageReporting: + description: DisableFreePageReporting disable the free page + reporting of memory balloon device https://libvirt.org/formatdomain.html#memory-balloon-device. + This will have effect only if AutoattachMemBalloon is not + false and the vmi is not requesting any high performance + feature (dedicatedCPU/realtime/hugePages), in which free + page reporting is always disabled. + type: object + disableSerialConsoleLog: + description: DisableSerialConsoleLog disables logging the + auto-attached default serial console. If not set, serial + console logs will be written to a file and then streamed + from a container named 'guest-console-log'. The value can + be individually overridden for each VM, not relevant if + AutoattachSerialConsole is disabled. + type: object + type: object + vmRolloutStrategy: + description: VMRolloutStrategy defines how changes to a VM object + propagate to its VMI + enum: + - Stage + - LiveUpdate + nullable: true + type: string + vmStateStorageClass: + description: VMStateStorageClass is the name of the storage class + to use for the PVCs created to preserve VM state, like TPM. + The storage class must support RWX in filesystem mode. + type: string webhookConfiguration: description: ReloadableComponentConfiguration holds all generic k8s configuration options which can be reloaded by components @@ -988,9 +1333,6 @@ spec: null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. - This field is beta-level and is only honored - when PodAffinityNamespaceSelector feature - is enabled. properties: matchExpressions: description: matchExpressions is a list @@ -1050,7 +1392,7 @@ spec: union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null - namespaceSelector means "this pod's namespace" + namespaceSelector means "this pod's namespace". items: type: string type: array @@ -1159,9 +1501,7 @@ spec: this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty - selector ({}) matches all namespaces. This - field is beta-level and is only honored when - PodAffinityNamespaceSelector feature is enabled. + selector ({}) matches all namespaces. properties: matchExpressions: description: matchExpressions is a list @@ -1218,7 +1558,7 @@ spec: listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this - pod's namespace" + pod's namespace". items: type: string type: array @@ -1329,9 +1669,6 @@ spec: null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. - This field is beta-level and is only honored - when PodAffinityNamespaceSelector feature - is enabled. properties: matchExpressions: description: matchExpressions is a list @@ -1391,7 +1728,7 @@ spec: union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null - namespaceSelector means "this pod's namespace" + namespaceSelector means "this pod's namespace". items: type: string type: array @@ -1500,9 +1837,7 @@ spec: this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty - selector ({}) matches all namespaces. This - field is beta-level and is only honored when - PodAffinityNamespaceSelector feature is enabled. + selector ({}) matches all namespaces. properties: matchExpressions: description: matchExpressions is a list @@ -1559,7 +1894,7 @@ spec: listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this - pod's namespace" + pod's namespace". items: type: string type: array @@ -2024,9 +2359,6 @@ spec: null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. - This field is beta-level and is only honored - when PodAffinityNamespaceSelector feature - is enabled. properties: matchExpressions: description: matchExpressions is a list @@ -2086,7 +2418,7 @@ spec: union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null - namespaceSelector means "this pod's namespace" + namespaceSelector means "this pod's namespace". items: type: string type: array @@ -2195,9 +2527,7 @@ spec: this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty - selector ({}) matches all namespaces. This - field is beta-level and is only honored when - PodAffinityNamespaceSelector feature is enabled. + selector ({}) matches all namespaces. properties: matchExpressions: description: matchExpressions is a list @@ -2254,7 +2584,7 @@ spec: listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this - pod's namespace" + pod's namespace". items: type: string type: array @@ -2365,9 +2695,6 @@ spec: null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. - This field is beta-level and is only honored - when PodAffinityNamespaceSelector feature - is enabled. properties: matchExpressions: description: matchExpressions is a list @@ -2427,7 +2754,7 @@ spec: union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null - namespaceSelector means "this pod's namespace" + namespaceSelector means "this pod's namespace". items: type: string type: array @@ -2536,9 +2863,7 @@ spec: this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty - selector ({}) matches all namespaces. This - field is beta-level and is only honored when - PodAffinityNamespaceSelector feature is enabled. + selector ({}) matches all namespaces. properties: matchExpressions: description: matchExpressions is a list @@ -2595,7 +2920,7 @@ spec: listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this - pod's namespace" + pod's namespace". items: type: string type: array @@ -2709,6 +3034,8 @@ spec: - type type: object type: array + defaultArchitecture: + type: string generations: items: description: GenerationStatus keeps track of the generation for @@ -2777,7 +3104,7 @@ spec: - spec type: object served: true - storage: false + storage: true subresources: status: {} - additionalPrinterColumns: @@ -2787,6 +3114,9 @@ spec: - jsonPath: .status.phase name: Phase type: string + deprecated: true + deprecationWarning: kubevirt.io/v1alpha3 is now deprecated and will be removed + in a future release. name: v1alpha3 schema: openAPIV3Schema: @@ -2893,6 +3223,95 @@ spec: type: object type: object type: object + architectureConfiguration: + properties: + amd64: + properties: + emulatedMachines: + items: + type: string + type: array + x-kubernetes-list-type: atomic + machineType: + type: string + ovmfPath: + type: string + type: object + arm64: + properties: + emulatedMachines: + items: + type: string + type: array + x-kubernetes-list-type: atomic + machineType: + type: string + ovmfPath: + type: string + type: object + defaultArchitecture: + type: string + ppc64le: + properties: + emulatedMachines: + items: + type: string + type: array + x-kubernetes-list-type: atomic + machineType: + type: string + ovmfPath: + type: string + type: object + type: object + autoCPULimitNamespaceLabelSelector: + description: When set, AutoCPULimitNamespaceLabelSelector will + set a CPU limit on virt-launcher for VMIs running inside namespaces + that match the label selector. The CPU limit will equal the + number of requested vCPUs. This setting does not apply to VMIs + with dedicated CPUs. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If + the operator is In or NotIn, the values array must + be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A + single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is "key", + the operator is "In", and the values array contains only + "value". The requirements are ANDed. + type: object + type: object controllerConfiguration: description: ReloadableComponentConfiguration holds all generic k8s configuration options which can be reloaded by components @@ -3071,7 +3490,87 @@ spec: description: PullPolicy describes a policy for if/when to pull a container image type: string + ksmConfiguration: + description: KSMConfiguration holds the information regarding + the enabling the KSM in the nodes (if available). + properties: + nodeLabelSelector: + description: NodeLabelSelector is a selector that filters + in which nodes the KSM will be enabled. Empty NodeLabelSelector + will enable ksm for every node. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists or + DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is + "key", the operator is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + type: object + liveUpdateConfiguration: + description: LiveUpdateConfiguration holds defaults for live update + features + properties: + maxCpuSockets: + description: MaxCpuSockets holds the maximum amount of sockets + that can be hotplugged + format: int32 + type: integer + maxGuest: + anyOf: + - type: integer + - type: string + description: MaxGuest defines the maximum amount memory that + can be allocated to the guest using hotplug. + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + maxHotplugRatio: + description: 'MaxHotplugRatio is the ratio used to define + the max amount of a hotplug resource that can be made available + to a VM when the specific Max* setting is not defined (MaxCpuSockets, + MaxGuest) Example: VM is configured with 512Mi of guest + memory, if MaxGuest is not defined and MaxHotplugRatio is + 2 then MaxGuest = 1Gi defaults to 4' + format: int32 + type: integer + type: object machineType: + description: Deprecated. Use architectureConfiguration instead. type: string mediatedDevicesConfiguration: description: MediatedDevicesConfiguration holds information about @@ -3091,7 +3590,7 @@ spec: nodeMediatedDeviceTypes: items: description: NodeMediatedDeviceTypesConfig holds information - about MDEV types to be defined in a specifc node that + about MDEV types to be defined in a specific node that matches the NodeSelector field. properties: mediatedDeviceTypes: @@ -3146,8 +3645,8 @@ spec: - type: integer - type: string description: BandwidthPerMigration limits the amount of network - bandwith live migrations are allowed to use. The value is - in quantity per second. Defaults to 0 (no limit) + bandwidth live migrations are allowed to use. The value + is in quantity per second. Defaults to 0 (no limit) pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true completionTimeoutPerGiB: @@ -3163,6 +3662,16 @@ spec: additional layer of live migration encryption provided by KubeVirt. This is usually a bad idea. Defaults to false type: boolean + matchSELinuxLevelOnMigration: + description: By default, the SELinux level of target virt-launcher + pods is forced to the level of the source virt-launcher. + When set to true, MatchSELinuxLevelOnMigration lets the + CRI auto-assign a random level to the target. That will + ensure the target virt-launcher doesn't share categories + with another pod on the node. However, migrations will fail + when using RWX volumes that don't automatically deal with + SELinux levels. + type: boolean network: description: Network is the name of the CNI network to use for live migrations. By default, migrations go through the @@ -3204,6 +3713,39 @@ spec: network: description: NetworkConfiguration holds network options properties: + binding: + additionalProperties: + properties: + domainAttachmentType: + description: 'DomainAttachmentType is a standard domain + network attachment method kubevirt supports. Supported + values: "tap". The standard domain attachment can + be used instead or in addition to the sidecarImage. + version: 1alphav1' + type: string + migration: + description: 'Migration means the VM using the plugin + can be safely migrated version: 1alphav1' + properties: + method: + description: 'Method defines a pre-defined migration + methodology version: 1alphav1' + type: string + type: object + networkAttachmentDefinition: + description: 'NetworkAttachmentDefinition references + to a NetworkAttachmentDefinition CR object. Format: + , /. If namespace is not specified, + VMI namespace is assumed. version: 1alphav1' + type: string + sidecarImage: + description: 'SidecarImage references a container image + that runs in the virt-launcher pod. The sidecar handles + (libvirt) domain configuration and optional services. + version: 1alphav1' + type: string + type: object + type: object defaultNetworkInterface: type: string permitBridgeInterfaceOnPodNetwork: @@ -3254,10 +3796,7 @@ spec: resourceName: description: The name of the resource that is representing the device. Exposed by a device plugin and requested - by VMs. Typically of the form vendor.com/product_nameThe - name of the resource that is representing the device. - Exposed by a device plugin and requested by VMs. Typically - of the form vendor.com/product_name + by VMs. Typically of the form vendor.com/product_name type: string required: - pciVendorSelector @@ -3265,6 +3804,36 @@ spec: type: object type: array x-kubernetes-list-type: atomic + usb: + items: + properties: + externalResourceProvider: + description: If true, KubeVirt will leave the allocation + and monitoring to an external device plugin + type: boolean + resourceName: + description: 'Identifies the list of USB host devices. + e.g: kubevirt.io/storage, kubevirt.io/bootable-usb, + etc' + type: string + selectors: + items: + properties: + product: + type: string + vendor: + type: string + required: + - product + - vendor + type: object + type: array + x-kubernetes-list-type: atomic + required: + - resourceName + type: object + type: array + x-kubernetes-list-type: atomic type: object seccompConfiguration: description: SeccompConfiguration holds Seccomp configuration @@ -3300,6 +3869,78 @@ spec: version: type: string type: object + supportContainerResources: + description: SupportContainerResources specifies the resource + requirements for various types of supporting containers such + as container disks/virtiofs/sidecars and hotplug attachment + pods. If omitted a sensible default will be supplied. + items: + description: SupportContainerResources are used to specify the + cpu/memory request and limits for the containers that support + various features of Virtual Machines. These containers are + usually idle and don't require a lot of memory or cpu. + properties: + resources: + description: ResourceRequirements describes the compute + resource requirements. + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. \n This field + is immutable. It can only be set for containers." + items: + description: ResourceClaim references one entry in + PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry + in pod.spec.resourceClaims of the Pod where + this field is used. It makes that resource available + inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of + compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + type: + type: string + required: + - resources + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map supportedGuestAgentVersions: description: deprecated items: @@ -3329,6 +3970,40 @@ spec: type: object virtualMachineInstancesPerNode: type: integer + virtualMachineOptions: + description: VirtualMachineOptions holds the cluster level information + regarding the virtual machine. + properties: + disableFreePageReporting: + description: DisableFreePageReporting disable the free page + reporting of memory balloon device https://libvirt.org/formatdomain.html#memory-balloon-device. + This will have effect only if AutoattachMemBalloon is not + false and the vmi is not requesting any high performance + feature (dedicatedCPU/realtime/hugePages), in which free + page reporting is always disabled. + type: object + disableSerialConsoleLog: + description: DisableSerialConsoleLog disables logging the + auto-attached default serial console. If not set, serial + console logs will be written to a file and then streamed + from a container named 'guest-console-log'. The value can + be individually overridden for each VM, not relevant if + AutoattachSerialConsole is disabled. + type: object + type: object + vmRolloutStrategy: + description: VMRolloutStrategy defines how changes to a VM object + propagate to its VMI + enum: + - Stage + - LiveUpdate + nullable: true + type: string + vmStateStorageClass: + description: VMStateStorageClass is the name of the storage class + to use for the PVCs created to preserve VM state, like TPM. + The storage class must support RWX in filesystem mode. + type: string webhookConfiguration: description: ReloadableComponentConfiguration holds all generic k8s configuration options which can be reloaded by components @@ -3750,9 +4425,6 @@ spec: null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. - This field is beta-level and is only honored - when PodAffinityNamespaceSelector feature - is enabled. properties: matchExpressions: description: matchExpressions is a list @@ -3812,7 +4484,7 @@ spec: union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null - namespaceSelector means "this pod's namespace" + namespaceSelector means "this pod's namespace". items: type: string type: array @@ -3921,9 +4593,7 @@ spec: this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty - selector ({}) matches all namespaces. This - field is beta-level and is only honored when - PodAffinityNamespaceSelector feature is enabled. + selector ({}) matches all namespaces. properties: matchExpressions: description: matchExpressions is a list @@ -3980,7 +4650,7 @@ spec: listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this - pod's namespace" + pod's namespace". items: type: string type: array @@ -4091,9 +4761,6 @@ spec: null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. - This field is beta-level and is only honored - when PodAffinityNamespaceSelector feature - is enabled. properties: matchExpressions: description: matchExpressions is a list @@ -4153,7 +4820,7 @@ spec: union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null - namespaceSelector means "this pod's namespace" + namespaceSelector means "this pod's namespace". items: type: string type: array @@ -4262,9 +4929,7 @@ spec: this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty - selector ({}) matches all namespaces. This - field is beta-level and is only honored when - PodAffinityNamespaceSelector feature is enabled. + selector ({}) matches all namespaces. properties: matchExpressions: description: matchExpressions is a list @@ -4321,7 +4986,7 @@ spec: listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this - pod's namespace" + pod's namespace". items: type: string type: array @@ -4786,9 +5451,6 @@ spec: null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. - This field is beta-level and is only honored - when PodAffinityNamespaceSelector feature - is enabled. properties: matchExpressions: description: matchExpressions is a list @@ -4848,7 +5510,7 @@ spec: union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null - namespaceSelector means "this pod's namespace" + namespaceSelector means "this pod's namespace". items: type: string type: array @@ -4957,9 +5619,7 @@ spec: this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty - selector ({}) matches all namespaces. This - field is beta-level and is only honored when - PodAffinityNamespaceSelector feature is enabled. + selector ({}) matches all namespaces. properties: matchExpressions: description: matchExpressions is a list @@ -5016,7 +5676,7 @@ spec: listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this - pod's namespace" + pod's namespace". items: type: string type: array @@ -5127,9 +5787,6 @@ spec: null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. - This field is beta-level and is only honored - when PodAffinityNamespaceSelector feature - is enabled. properties: matchExpressions: description: matchExpressions is a list @@ -5189,7 +5846,7 @@ spec: union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null - namespaceSelector means "this pod's namespace" + namespaceSelector means "this pod's namespace". items: type: string type: array @@ -5298,9 +5955,7 @@ spec: this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty - selector ({}) matches all namespaces. This - field is beta-level and is only honored when - PodAffinityNamespaceSelector feature is enabled. + selector ({}) matches all namespaces. properties: matchExpressions: description: matchExpressions is a list @@ -5357,7 +6012,7 @@ spec: listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this - pod's namespace" + pod's namespace". items: type: string type: array @@ -5471,6 +6126,8 @@ spec: - type type: object type: array + defaultArchitecture: + type: string generations: items: description: GenerationStatus keeps track of the generation for @@ -5539,6 +6196,6 @@ spec: - spec type: object served: true - storage: true + storage: false subresources: status: {} diff --git a/deploy/olm-catalog/community-kubevirt-hyperconverged/1.9.0/manifests/hco00.crd.yaml b/deploy/olm-catalog/community-kubevirt-hyperconverged/1.9.0/manifests/hco00.crd.yaml index 39d5716729..23e27297ec 100644 --- a/deploy/olm-catalog/community-kubevirt-hyperconverged/1.9.0/manifests/hco00.crd.yaml +++ b/deploy/olm-catalog/community-kubevirt-hyperconverged/1.9.0/manifests/hco00.crd.yaml @@ -508,6 +508,21 @@ spec: parameters to create a new raw blank image for the PVC type: object + gcs: + description: DataVolumeSourceGCS provides the + parameters to create a Data Volume from an + GCS source + properties: + secretRef: + description: SecretRef provides the secret + reference needed to access the GCS source + type: string + url: + description: URL is the url of the GCS source + type: string + required: + - url + type: object http: description: DataVolumeSourceHTTP can be either an http or https endpoint, with an optional @@ -803,11 +818,21 @@ spec: description: Name is the name of resource being referenced type: string + namespace: + description: Namespace is the namespace + of resource being referenced Note that + when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant + object is required in the referent namespace + to allow that namespace's owner to accept + the reference. See the ReferenceGrant + documentation for details. (Alpha) This + field requires the CrossNamespaceVolumeDataSource + feature gate to be enabled. + type: string required: - kind - name type: object - x-kubernetes-map-type: atomic resources: description: 'Resources represents the minimum resources the volume should have. More info: @@ -3935,6 +3960,21 @@ spec: parameters to create a new raw blank image for the PVC type: object + gcs: + description: DataVolumeSourceGCS provides the + parameters to create a Data Volume from an + GCS source + properties: + secretRef: + description: SecretRef provides the secret + reference needed to access the GCS source + type: string + url: + description: URL is the url of the GCS source + type: string + required: + - url + type: object http: description: DataVolumeSourceHTTP can be either an http or https endpoint, with an optional @@ -4230,11 +4270,21 @@ spec: description: Name is the name of resource being referenced type: string + namespace: + description: Namespace is the namespace + of resource being referenced Note that + when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant + object is required in the referent namespace + to allow that namespace's owner to accept + the reference. See the ReferenceGrant + documentation for details. (Alpha) This + field requires the CrossNamespaceVolumeDataSource + feature gate to be enabled. + type: string required: - kind - name type: object - x-kubernetes-map-type: atomic resources: description: 'Resources represents the minimum resources the volume should have. More info: diff --git a/deploy/olm-catalog/community-kubevirt-hyperconverged/1.9.0/manifests/kubevirt-hyperconverged-operator.v1.9.0.clusterserviceversion.yaml b/deploy/olm-catalog/community-kubevirt-hyperconverged/1.9.0/manifests/kubevirt-hyperconverged-operator.v1.9.0.clusterserviceversion.yaml index 2ebf9e7bc9..c2b81bb270 100644 --- a/deploy/olm-catalog/community-kubevirt-hyperconverged/1.9.0/manifests/kubevirt-hyperconverged-operator.v1.9.0.clusterserviceversion.yaml +++ b/deploy/olm-catalog/community-kubevirt-hyperconverged/1.9.0/manifests/kubevirt-hyperconverged-operator.v1.9.0.clusterserviceversion.yaml @@ -9,7 +9,7 @@ metadata: certified: "false" console.openshift.io/disable-operand-delete: "true" containerImage: quay.io/kubevirt/hyperconverged-cluster-operator:1.9.0-unstable - createdAt: "2023-11-09 05:12:39" + createdAt: "2025-08-01 05:13:45" description: A unified operator deploying and controlling KubeVirt and its supporting operators with opinionated defaults operatorframework.io/initialization-resource: '{"apiVersion":"hco.kubevirt.io/v1beta1","kind":"HyperConverged","metadata":{"annotations":{"deployOVS":"false"},"name":"kubevirt-hyperconverged","namespace":"kubevirt-hyperconverged"},"spec":{}}' @@ -713,22 +713,6 @@ spec: - list - watch - patch - - apiGroups: - - flavor.kubevirt.io - resources: - - virtualmachineflavors - - virtualmachineclusterflavors - - virtualmachinepreferences - - virtualmachineclusterpreferences - verbs: - - get - - delete - - create - - update - - patch - - list - - watch - - deletecollection - apiGroups: - "" resources: @@ -828,6 +812,14 @@ spec: - get - list - watch + - apiGroups: + - "" + resources: + - namespaces + verbs: + - get + - list + - watch - apiGroups: - instancetype.kubevirt.io resources: @@ -1010,6 +1002,8 @@ spec: - virtualmachineinstances/freeze - virtualmachineinstances/unfreeze - virtualmachineinstances/softreboot + - virtualmachineinstances/sev/setupsession + - virtualmachineinstances/sev/injectlaunchsecret verbs: - update - apiGroups: @@ -1024,8 +1018,6 @@ spec: - network-attachment-definitions verbs: - get - - list - - watch - apiGroups: - apiextensions.k8s.io resources: @@ -1136,6 +1128,18 @@ spec: - list - get - watch + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - delete + - update + - create + - patch - apiGroups: - kubevirt.io resources: @@ -1225,6 +1229,13 @@ spec: - get - list - watch + - apiGroups: + - kubevirt.io + resources: + - kubevirts + verbs: + - get + - list - apiGroups: - subresources.kubevirt.io resources: @@ -1243,6 +1254,8 @@ spec: - virtualmachineinstances/guestosinfo - virtualmachineinstances/filesystemlist - virtualmachineinstances/userlist + - virtualmachineinstances/sev/fetchcertchain + - virtualmachineinstances/sev/querylaunchmeasurement verbs: - get - apiGroups: @@ -1255,6 +1268,8 @@ spec: - virtualmachineinstances/freeze - virtualmachineinstances/unfreeze - virtualmachineinstances/softreboot + - virtualmachineinstances/sev/setupsession + - virtualmachineinstances/sev/injectlaunchsecret verbs: - update - apiGroups: @@ -1387,6 +1402,8 @@ spec: - virtualmachineinstances/guestosinfo - virtualmachineinstances/filesystemlist - virtualmachineinstances/userlist + - virtualmachineinstances/sev/fetchcertchain + - virtualmachineinstances/sev/querylaunchmeasurement verbs: - get - apiGroups: @@ -1399,6 +1416,8 @@ spec: - virtualmachineinstances/freeze - virtualmachineinstances/unfreeze - virtualmachineinstances/softreboot + - virtualmachineinstances/sev/setupsession + - virtualmachineinstances/sev/injectlaunchsecret verbs: - update - apiGroups: @@ -1522,6 +1541,13 @@ spec: - get - list - watch + - apiGroups: + - kubevirt.io + resources: + - kubevirts + verbs: + - get + - list - apiGroups: - subresources.kubevirt.io resources: @@ -1529,6 +1555,8 @@ spec: - virtualmachineinstances/guestosinfo - virtualmachineinstances/filesystemlist - virtualmachineinstances/userlist + - virtualmachineinstances/sev/fetchcertchain + - virtualmachineinstances/sev/querylaunchmeasurement verbs: - get - apiGroups: @@ -1602,6 +1630,15 @@ spec: - get - list - watch + - apiGroups: + - instancetype.kubevirt.io + resources: + - virtualmachineclusterinstancetypes + - virtualmachineclusterpreferences + verbs: + - get + - list + - watch - apiGroups: - authentication.k8s.io resources: @@ -2730,7 +2767,7 @@ spec: fieldPath: metadata.name - name: WATCH_NAMESPACE - name: VIRTIOWIN_CONTAINER - value: quay.io/kubevirt/virtio-container-disk@sha256:5b99c78ed831401048e72d72f9ec805710ee7625131fd9ad277b38ab1e67cfb9 + value: quay.io/kubevirt/virtio-container-disk@sha256:f8e71a3a930ce95d646d80862d5ff6f9d3ed7ef2541dd2e2acec0bce26274734 - name: SMBIOS value: |- Family: KubeVirt @@ -2740,7 +2777,7 @@ spec: - name: HCO_KV_IO_VERSION value: 1.9.0 - name: KUBEVIRT_VERSION - value: v0.59.2 + value: v1.2.0-rc.1 - name: CDI_VERSION value: v1.56.1 - name: NETWORK_ADDONS_VERSION @@ -3065,28 +3102,28 @@ spec: - virt-operator env: - name: VIRT_OPERATOR_IMAGE - value: quay.io/kubevirt/virt-operator@sha256:5bfc28d150e853eda38b6d2e4f0cf68e6ade1040718cf7598e11cb32058d7c57 + value: quay.io/kubevirt/virt-operator@sha256:1909204cb4d4b8c51f83318a7f7a43a86288af4c4e5fa509d42f7e9971e271e9 - name: WATCH_NAMESPACE valueFrom: fieldRef: fieldPath: metadata.annotations['olm.targetNamespaces'] - name: VIRT_API_SHASUM - value: sha256:2bb3e1227651779f1222ce3b9fbd701226450875ad1f985c098b90b76ea9819b + value: sha256:a268cc8bb2629b78fa8c54f3389538b7feb85f5437b55b46d2859011c7b9d8a8 - name: VIRT_CONTROLLER_SHASUM - value: sha256:37d65a4d4e49ae83a631f052dfcc69a47fd044302be9b7e7a4309513bc9efefd + value: sha256:d0173c35a2538a6ad5761a37ce721fbaa103652743df3ec55d6fb7cddfd07bd5 - name: VIRT_HANDLER_SHASUM - value: sha256:26734e9d4c41a11919661543c3d0c5a9cbd920eec6e8fa2f75426aee4c131e8b + value: sha256:b1cb781f36216db5ac6067cfaa46bd1775c4d8a4871cd709e31839e74d766447 - name: VIRT_LAUNCHER_SHASUM - value: sha256:c510629d04bab4cb621e9f2ccd2503f02a7051a0128a1f17e4faa34eacef8430 + value: sha256:6c8a88763aa51fc2128262deec116572bb29091808d256dd169219288fa652ba - name: VIRT_EXPORTPROXY_SHASUM - value: sha256:ca0810c4202382b770345fdc26d32a6ed24fb25e00ecaf95684b1dce0d07a4d9 + value: sha256:42902dfb2671cc5e71909e529da3dcbd35dbb4d7891c3322d427f8d1853b947e - name: VIRT_EXPORTSERVER_SHASUM - value: sha256:e322c34e7d2c3070985d95fb380b4fe53fabd721fd5f380382a23d846a50a4d3 + value: sha256:a346df41edce2e4bd36b68e969b63ead7a24e2e7b09634a7327f204e90f253b7 - name: GS_SHASUM - value: sha256:149b1def5f2f3c629b514c3168aad68b6888c328c27f9f014e2a5303ddd29ff4 + value: sha256:a88aa48b7ab8e64ef3a4a85f7f89a174adcc94a9a77ee24bf0994481eb71a7ce - name: KUBEVIRT_VERSION - value: v0.59.2 - image: quay.io/kubevirt/virt-operator@sha256:5bfc28d150e853eda38b6d2e4f0cf68e6ade1040718cf7598e11cb32058d7c57 + value: v1.2.0-rc.1 + image: quay.io/kubevirt/virt-operator@sha256:1909204cb4d4b8c51f83318a7f7a43a86288af4c4e5fa509d42f7e9971e271e9 imagePullPolicy: IfNotPresent name: virt-operator ports: @@ -3257,7 +3294,7 @@ spec: - name: WAIT_FOR_VMI_STATUS_IMG - name: GENERATE_SSH_KEYS_IMG - name: VIRTIO_IMG - value: quay.io/kubevirt/virtio-container-disk@sha256:5b99c78ed831401048e72d72f9ec805710ee7625131fd9ad277b38ab1e67cfb9 + value: quay.io/kubevirt/virtio-container-disk@sha256:f8e71a3a930ce95d646d80862d5ff6f9d3ed7ef2541dd2e2acec0bce26274734 - name: OPERATOR_NAMESPACE valueFrom: fieldRef: @@ -3506,6 +3543,15 @@ spec: - rules: - apiGroups: - "" + resourceNames: + - kubevirt-ca + - kubevirt-export-ca + - kubevirt-virt-handler-certs + - kubevirt-virt-handler-server-certs + - kubevirt-operator-certs + - kubevirt-virt-api-certs + - kubevirt-controller-certs + - kubevirt-exportproxy-certs resources: - secrets verbs: @@ -3543,6 +3589,18 @@ spec: - routes/custom-host verbs: - create + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - delete + - update + - create + - patch serviceAccountName: kubevirt-operator - rules: - apiGroups: @@ -3911,7 +3969,7 @@ spec: name: kubesecondarydns - image: quay.io/kubevirt-ui/kubevirt-plugin@sha256:5a783ac8af2ad5d6c7dd731ad29dfb013321c06f919dce2242eef1b3d0a9f194 name: kubevirt-plugin - - image: quay.io/kubevirt/libguestfs-tools@sha256:149b1def5f2f3c629b514c3168aad68b6888c328c27f9f014e2a5303ddd29ff4 + - image: quay.io/kubevirt/libguestfs-tools@sha256:a88aa48b7ab8e64ef3a4a85f7f89a174adcc94a9a77ee24bf0994481eb71a7ce name: libguestfs-tools - image: k8s.gcr.io/sig-storage/livenessprobe@sha256:1b7c978a792a8fa4e96244e8059bd71bb49b07e2e5a897fb0c867bdc6db20d5d name: livenessprobe @@ -3929,23 +3987,23 @@ spec: name: ssp-operator - image: quay.io/kubevirt/tekton-tasks-operator@sha256:6c6e296d48eb5e81236443155ffecb39a44bc490d4cd6ac897d02c13908ea3ca name: tekton-tasks-operator - - image: quay.io/kubevirt/virt-api@sha256:2bb3e1227651779f1222ce3b9fbd701226450875ad1f985c098b90b76ea9819b + - image: quay.io/kubevirt/virt-api@sha256:a268cc8bb2629b78fa8c54f3389538b7feb85f5437b55b46d2859011c7b9d8a8 name: virt-api - - image: quay.io/kubevirt/virt-controller@sha256:37d65a4d4e49ae83a631f052dfcc69a47fd044302be9b7e7a4309513bc9efefd + - image: quay.io/kubevirt/virt-controller@sha256:d0173c35a2538a6ad5761a37ce721fbaa103652743df3ec55d6fb7cddfd07bd5 name: virt-controller - - image: quay.io/kubevirt/virt-exportproxy@sha256:ca0810c4202382b770345fdc26d32a6ed24fb25e00ecaf95684b1dce0d07a4d9 + - image: quay.io/kubevirt/virt-exportproxy@sha256:42902dfb2671cc5e71909e529da3dcbd35dbb4d7891c3322d427f8d1853b947e name: virt-exportproxy - - image: quay.io/kubevirt/virt-exportserver@sha256:e322c34e7d2c3070985d95fb380b4fe53fabd721fd5f380382a23d846a50a4d3 + - image: quay.io/kubevirt/virt-exportserver@sha256:a346df41edce2e4bd36b68e969b63ead7a24e2e7b09634a7327f204e90f253b7 name: virt-exportserver - - image: quay.io/kubevirt/virt-handler@sha256:26734e9d4c41a11919661543c3d0c5a9cbd920eec6e8fa2f75426aee4c131e8b + - image: quay.io/kubevirt/virt-handler@sha256:b1cb781f36216db5ac6067cfaa46bd1775c4d8a4871cd709e31839e74d766447 name: virt-handler - - image: quay.io/kubevirt/virt-launcher@sha256:c510629d04bab4cb621e9f2ccd2503f02a7051a0128a1f17e4faa34eacef8430 + - image: quay.io/kubevirt/virt-launcher@sha256:6c8a88763aa51fc2128262deec116572bb29091808d256dd169219288fa652ba name: virt-launcher - - image: quay.io/kubevirt/virt-operator@sha256:5bfc28d150e853eda38b6d2e4f0cf68e6ade1040718cf7598e11cb32058d7c57 + - image: quay.io/kubevirt/virt-operator@sha256:1909204cb4d4b8c51f83318a7f7a43a86288af4c4e5fa509d42f7e9971e271e9 name: virt-operator - - image: quay.io/kubevirt/virtio-container-disk@sha256:5b99c78ed831401048e72d72f9ec805710ee7625131fd9ad277b38ab1e67cfb9 + - image: quay.io/kubevirt/virtio-container-disk@sha256:f8e71a3a930ce95d646d80862d5ff6f9d3ed7ef2541dd2e2acec0bce26274734 name: virtio-container - - image: quay.io/kubevirt/virtio-container-disk@sha256:5b99c78ed831401048e72d72f9ec805710ee7625131fd9ad277b38ab1e67cfb9 + - image: quay.io/kubevirt/virtio-container-disk@sha256:f8e71a3a930ce95d646d80862d5ff6f9d3ed7ef2541dd2e2acec0bce26274734 name: virtio-container-disk replaces: kubevirt-hyperconverged-operator.v1.8.0 selector: diff --git a/deploy/olm-catalog/community-kubevirt-hyperconverged/1.9.0/manifests/kubevirt00.crd.yaml b/deploy/olm-catalog/community-kubevirt-hyperconverged/1.9.0/manifests/kubevirt00.crd.yaml index bc25479052..6c8c51a197 100644 --- a/deploy/olm-catalog/community-kubevirt-hyperconverged/1.9.0/manifests/kubevirt00.crd.yaml +++ b/deploy/olm-catalog/community-kubevirt-hyperconverged/1.9.0/manifests/kubevirt00.crd.yaml @@ -131,6 +131,95 @@ spec: type: object type: object type: object + architectureConfiguration: + properties: + amd64: + properties: + emulatedMachines: + items: + type: string + type: array + x-kubernetes-list-type: atomic + machineType: + type: string + ovmfPath: + type: string + type: object + arm64: + properties: + emulatedMachines: + items: + type: string + type: array + x-kubernetes-list-type: atomic + machineType: + type: string + ovmfPath: + type: string + type: object + defaultArchitecture: + type: string + ppc64le: + properties: + emulatedMachines: + items: + type: string + type: array + x-kubernetes-list-type: atomic + machineType: + type: string + ovmfPath: + type: string + type: object + type: object + autoCPULimitNamespaceLabelSelector: + description: When set, AutoCPULimitNamespaceLabelSelector will + set a CPU limit on virt-launcher for VMIs running inside namespaces + that match the label selector. The CPU limit will equal the + number of requested vCPUs. This setting does not apply to VMIs + with dedicated CPUs. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If + the operator is In or NotIn, the values array must + be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A + single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is "key", + the operator is "In", and the values array contains only + "value". The requirements are ANDed. + type: object + type: object controllerConfiguration: description: ReloadableComponentConfiguration holds all generic k8s configuration options which can be reloaded by components @@ -309,7 +398,87 @@ spec: description: PullPolicy describes a policy for if/when to pull a container image type: string + ksmConfiguration: + description: KSMConfiguration holds the information regarding + the enabling the KSM in the nodes (if available). + properties: + nodeLabelSelector: + description: NodeLabelSelector is a selector that filters + in which nodes the KSM will be enabled. Empty NodeLabelSelector + will enable ksm for every node. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists or + DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is + "key", the operator is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + type: object + liveUpdateConfiguration: + description: LiveUpdateConfiguration holds defaults for live update + features + properties: + maxCpuSockets: + description: MaxCpuSockets holds the maximum amount of sockets + that can be hotplugged + format: int32 + type: integer + maxGuest: + anyOf: + - type: integer + - type: string + description: MaxGuest defines the maximum amount memory that + can be allocated to the guest using hotplug. + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + maxHotplugRatio: + description: 'MaxHotplugRatio is the ratio used to define + the max amount of a hotplug resource that can be made available + to a VM when the specific Max* setting is not defined (MaxCpuSockets, + MaxGuest) Example: VM is configured with 512Mi of guest + memory, if MaxGuest is not defined and MaxHotplugRatio is + 2 then MaxGuest = 1Gi defaults to 4' + format: int32 + type: integer + type: object machineType: + description: Deprecated. Use architectureConfiguration instead. type: string mediatedDevicesConfiguration: description: MediatedDevicesConfiguration holds information about @@ -329,7 +498,7 @@ spec: nodeMediatedDeviceTypes: items: description: NodeMediatedDeviceTypesConfig holds information - about MDEV types to be defined in a specifc node that + about MDEV types to be defined in a specific node that matches the NodeSelector field. properties: mediatedDeviceTypes: @@ -384,8 +553,8 @@ spec: - type: integer - type: string description: BandwidthPerMigration limits the amount of network - bandwith live migrations are allowed to use. The value is - in quantity per second. Defaults to 0 (no limit) + bandwidth live migrations are allowed to use. The value + is in quantity per second. Defaults to 0 (no limit) pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true completionTimeoutPerGiB: @@ -401,6 +570,16 @@ spec: additional layer of live migration encryption provided by KubeVirt. This is usually a bad idea. Defaults to false type: boolean + matchSELinuxLevelOnMigration: + description: By default, the SELinux level of target virt-launcher + pods is forced to the level of the source virt-launcher. + When set to true, MatchSELinuxLevelOnMigration lets the + CRI auto-assign a random level to the target. That will + ensure the target virt-launcher doesn't share categories + with another pod on the node. However, migrations will fail + when using RWX volumes that don't automatically deal with + SELinux levels. + type: boolean network: description: Network is the name of the CNI network to use for live migrations. By default, migrations go through the @@ -442,6 +621,39 @@ spec: network: description: NetworkConfiguration holds network options properties: + binding: + additionalProperties: + properties: + domainAttachmentType: + description: 'DomainAttachmentType is a standard domain + network attachment method kubevirt supports. Supported + values: "tap". The standard domain attachment can + be used instead or in addition to the sidecarImage. + version: 1alphav1' + type: string + migration: + description: 'Migration means the VM using the plugin + can be safely migrated version: 1alphav1' + properties: + method: + description: 'Method defines a pre-defined migration + methodology version: 1alphav1' + type: string + type: object + networkAttachmentDefinition: + description: 'NetworkAttachmentDefinition references + to a NetworkAttachmentDefinition CR object. Format: + , /. If namespace is not specified, + VMI namespace is assumed. version: 1alphav1' + type: string + sidecarImage: + description: 'SidecarImage references a container image + that runs in the virt-launcher pod. The sidecar handles + (libvirt) domain configuration and optional services. + version: 1alphav1' + type: string + type: object + type: object defaultNetworkInterface: type: string permitBridgeInterfaceOnPodNetwork: @@ -492,10 +704,7 @@ spec: resourceName: description: The name of the resource that is representing the device. Exposed by a device plugin and requested - by VMs. Typically of the form vendor.com/product_nameThe - name of the resource that is representing the device. - Exposed by a device plugin and requested by VMs. Typically - of the form vendor.com/product_name + by VMs. Typically of the form vendor.com/product_name type: string required: - pciVendorSelector @@ -503,6 +712,36 @@ spec: type: object type: array x-kubernetes-list-type: atomic + usb: + items: + properties: + externalResourceProvider: + description: If true, KubeVirt will leave the allocation + and monitoring to an external device plugin + type: boolean + resourceName: + description: 'Identifies the list of USB host devices. + e.g: kubevirt.io/storage, kubevirt.io/bootable-usb, + etc' + type: string + selectors: + items: + properties: + product: + type: string + vendor: + type: string + required: + - product + - vendor + type: object + type: array + x-kubernetes-list-type: atomic + required: + - resourceName + type: object + type: array + x-kubernetes-list-type: atomic type: object seccompConfiguration: description: SeccompConfiguration holds Seccomp configuration @@ -538,6 +777,78 @@ spec: version: type: string type: object + supportContainerResources: + description: SupportContainerResources specifies the resource + requirements for various types of supporting containers such + as container disks/virtiofs/sidecars and hotplug attachment + pods. If omitted a sensible default will be supplied. + items: + description: SupportContainerResources are used to specify the + cpu/memory request and limits for the containers that support + various features of Virtual Machines. These containers are + usually idle and don't require a lot of memory or cpu. + properties: + resources: + description: ResourceRequirements describes the compute + resource requirements. + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. \n This field + is immutable. It can only be set for containers." + items: + description: ResourceClaim references one entry in + PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry + in pod.spec.resourceClaims of the Pod where + this field is used. It makes that resource available + inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of + compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + type: + type: string + required: + - resources + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map supportedGuestAgentVersions: description: deprecated items: @@ -567,6 +878,40 @@ spec: type: object virtualMachineInstancesPerNode: type: integer + virtualMachineOptions: + description: VirtualMachineOptions holds the cluster level information + regarding the virtual machine. + properties: + disableFreePageReporting: + description: DisableFreePageReporting disable the free page + reporting of memory balloon device https://libvirt.org/formatdomain.html#memory-balloon-device. + This will have effect only if AutoattachMemBalloon is not + false and the vmi is not requesting any high performance + feature (dedicatedCPU/realtime/hugePages), in which free + page reporting is always disabled. + type: object + disableSerialConsoleLog: + description: DisableSerialConsoleLog disables logging the + auto-attached default serial console. If not set, serial + console logs will be written to a file and then streamed + from a container named 'guest-console-log'. The value can + be individually overridden for each VM, not relevant if + AutoattachSerialConsole is disabled. + type: object + type: object + vmRolloutStrategy: + description: VMRolloutStrategy defines how changes to a VM object + propagate to its VMI + enum: + - Stage + - LiveUpdate + nullable: true + type: string + vmStateStorageClass: + description: VMStateStorageClass is the name of the storage class + to use for the PVCs created to preserve VM state, like TPM. + The storage class must support RWX in filesystem mode. + type: string webhookConfiguration: description: ReloadableComponentConfiguration holds all generic k8s configuration options which can be reloaded by components @@ -988,9 +1333,6 @@ spec: null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. - This field is beta-level and is only honored - when PodAffinityNamespaceSelector feature - is enabled. properties: matchExpressions: description: matchExpressions is a list @@ -1050,7 +1392,7 @@ spec: union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null - namespaceSelector means "this pod's namespace" + namespaceSelector means "this pod's namespace". items: type: string type: array @@ -1159,9 +1501,7 @@ spec: this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty - selector ({}) matches all namespaces. This - field is beta-level and is only honored when - PodAffinityNamespaceSelector feature is enabled. + selector ({}) matches all namespaces. properties: matchExpressions: description: matchExpressions is a list @@ -1218,7 +1558,7 @@ spec: listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this - pod's namespace" + pod's namespace". items: type: string type: array @@ -1329,9 +1669,6 @@ spec: null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. - This field is beta-level and is only honored - when PodAffinityNamespaceSelector feature - is enabled. properties: matchExpressions: description: matchExpressions is a list @@ -1391,7 +1728,7 @@ spec: union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null - namespaceSelector means "this pod's namespace" + namespaceSelector means "this pod's namespace". items: type: string type: array @@ -1500,9 +1837,7 @@ spec: this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty - selector ({}) matches all namespaces. This - field is beta-level and is only honored when - PodAffinityNamespaceSelector feature is enabled. + selector ({}) matches all namespaces. properties: matchExpressions: description: matchExpressions is a list @@ -1559,7 +1894,7 @@ spec: listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this - pod's namespace" + pod's namespace". items: type: string type: array @@ -2024,9 +2359,6 @@ spec: null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. - This field is beta-level and is only honored - when PodAffinityNamespaceSelector feature - is enabled. properties: matchExpressions: description: matchExpressions is a list @@ -2086,7 +2418,7 @@ spec: union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null - namespaceSelector means "this pod's namespace" + namespaceSelector means "this pod's namespace". items: type: string type: array @@ -2195,9 +2527,7 @@ spec: this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty - selector ({}) matches all namespaces. This - field is beta-level and is only honored when - PodAffinityNamespaceSelector feature is enabled. + selector ({}) matches all namespaces. properties: matchExpressions: description: matchExpressions is a list @@ -2254,7 +2584,7 @@ spec: listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this - pod's namespace" + pod's namespace". items: type: string type: array @@ -2365,9 +2695,6 @@ spec: null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. - This field is beta-level and is only honored - when PodAffinityNamespaceSelector feature - is enabled. properties: matchExpressions: description: matchExpressions is a list @@ -2427,7 +2754,7 @@ spec: union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null - namespaceSelector means "this pod's namespace" + namespaceSelector means "this pod's namespace". items: type: string type: array @@ -2536,9 +2863,7 @@ spec: this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty - selector ({}) matches all namespaces. This - field is beta-level and is only honored when - PodAffinityNamespaceSelector feature is enabled. + selector ({}) matches all namespaces. properties: matchExpressions: description: matchExpressions is a list @@ -2595,7 +2920,7 @@ spec: listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this - pod's namespace" + pod's namespace". items: type: string type: array @@ -2709,6 +3034,8 @@ spec: - type type: object type: array + defaultArchitecture: + type: string generations: items: description: GenerationStatus keeps track of the generation for @@ -2777,7 +3104,7 @@ spec: - spec type: object served: true - storage: false + storage: true subresources: status: {} - additionalPrinterColumns: @@ -2787,6 +3114,9 @@ spec: - jsonPath: .status.phase name: Phase type: string + deprecated: true + deprecationWarning: kubevirt.io/v1alpha3 is now deprecated and will be removed + in a future release. name: v1alpha3 schema: openAPIV3Schema: @@ -2893,6 +3223,95 @@ spec: type: object type: object type: object + architectureConfiguration: + properties: + amd64: + properties: + emulatedMachines: + items: + type: string + type: array + x-kubernetes-list-type: atomic + machineType: + type: string + ovmfPath: + type: string + type: object + arm64: + properties: + emulatedMachines: + items: + type: string + type: array + x-kubernetes-list-type: atomic + machineType: + type: string + ovmfPath: + type: string + type: object + defaultArchitecture: + type: string + ppc64le: + properties: + emulatedMachines: + items: + type: string + type: array + x-kubernetes-list-type: atomic + machineType: + type: string + ovmfPath: + type: string + type: object + type: object + autoCPULimitNamespaceLabelSelector: + description: When set, AutoCPULimitNamespaceLabelSelector will + set a CPU limit on virt-launcher for VMIs running inside namespaces + that match the label selector. The CPU limit will equal the + number of requested vCPUs. This setting does not apply to VMIs + with dedicated CPUs. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If + the operator is In or NotIn, the values array must + be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A + single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is "key", + the operator is "In", and the values array contains only + "value". The requirements are ANDed. + type: object + type: object controllerConfiguration: description: ReloadableComponentConfiguration holds all generic k8s configuration options which can be reloaded by components @@ -3071,7 +3490,87 @@ spec: description: PullPolicy describes a policy for if/when to pull a container image type: string + ksmConfiguration: + description: KSMConfiguration holds the information regarding + the enabling the KSM in the nodes (if available). + properties: + nodeLabelSelector: + description: NodeLabelSelector is a selector that filters + in which nodes the KSM will be enabled. Empty NodeLabelSelector + will enable ksm for every node. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists or + DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is + "key", the operator is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + type: object + liveUpdateConfiguration: + description: LiveUpdateConfiguration holds defaults for live update + features + properties: + maxCpuSockets: + description: MaxCpuSockets holds the maximum amount of sockets + that can be hotplugged + format: int32 + type: integer + maxGuest: + anyOf: + - type: integer + - type: string + description: MaxGuest defines the maximum amount memory that + can be allocated to the guest using hotplug. + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + maxHotplugRatio: + description: 'MaxHotplugRatio is the ratio used to define + the max amount of a hotplug resource that can be made available + to a VM when the specific Max* setting is not defined (MaxCpuSockets, + MaxGuest) Example: VM is configured with 512Mi of guest + memory, if MaxGuest is not defined and MaxHotplugRatio is + 2 then MaxGuest = 1Gi defaults to 4' + format: int32 + type: integer + type: object machineType: + description: Deprecated. Use architectureConfiguration instead. type: string mediatedDevicesConfiguration: description: MediatedDevicesConfiguration holds information about @@ -3091,7 +3590,7 @@ spec: nodeMediatedDeviceTypes: items: description: NodeMediatedDeviceTypesConfig holds information - about MDEV types to be defined in a specifc node that + about MDEV types to be defined in a specific node that matches the NodeSelector field. properties: mediatedDeviceTypes: @@ -3146,8 +3645,8 @@ spec: - type: integer - type: string description: BandwidthPerMigration limits the amount of network - bandwith live migrations are allowed to use. The value is - in quantity per second. Defaults to 0 (no limit) + bandwidth live migrations are allowed to use. The value + is in quantity per second. Defaults to 0 (no limit) pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true completionTimeoutPerGiB: @@ -3163,6 +3662,16 @@ spec: additional layer of live migration encryption provided by KubeVirt. This is usually a bad idea. Defaults to false type: boolean + matchSELinuxLevelOnMigration: + description: By default, the SELinux level of target virt-launcher + pods is forced to the level of the source virt-launcher. + When set to true, MatchSELinuxLevelOnMigration lets the + CRI auto-assign a random level to the target. That will + ensure the target virt-launcher doesn't share categories + with another pod on the node. However, migrations will fail + when using RWX volumes that don't automatically deal with + SELinux levels. + type: boolean network: description: Network is the name of the CNI network to use for live migrations. By default, migrations go through the @@ -3204,6 +3713,39 @@ spec: network: description: NetworkConfiguration holds network options properties: + binding: + additionalProperties: + properties: + domainAttachmentType: + description: 'DomainAttachmentType is a standard domain + network attachment method kubevirt supports. Supported + values: "tap". The standard domain attachment can + be used instead or in addition to the sidecarImage. + version: 1alphav1' + type: string + migration: + description: 'Migration means the VM using the plugin + can be safely migrated version: 1alphav1' + properties: + method: + description: 'Method defines a pre-defined migration + methodology version: 1alphav1' + type: string + type: object + networkAttachmentDefinition: + description: 'NetworkAttachmentDefinition references + to a NetworkAttachmentDefinition CR object. Format: + , /. If namespace is not specified, + VMI namespace is assumed. version: 1alphav1' + type: string + sidecarImage: + description: 'SidecarImage references a container image + that runs in the virt-launcher pod. The sidecar handles + (libvirt) domain configuration and optional services. + version: 1alphav1' + type: string + type: object + type: object defaultNetworkInterface: type: string permitBridgeInterfaceOnPodNetwork: @@ -3254,10 +3796,7 @@ spec: resourceName: description: The name of the resource that is representing the device. Exposed by a device plugin and requested - by VMs. Typically of the form vendor.com/product_nameThe - name of the resource that is representing the device. - Exposed by a device plugin and requested by VMs. Typically - of the form vendor.com/product_name + by VMs. Typically of the form vendor.com/product_name type: string required: - pciVendorSelector @@ -3265,6 +3804,36 @@ spec: type: object type: array x-kubernetes-list-type: atomic + usb: + items: + properties: + externalResourceProvider: + description: If true, KubeVirt will leave the allocation + and monitoring to an external device plugin + type: boolean + resourceName: + description: 'Identifies the list of USB host devices. + e.g: kubevirt.io/storage, kubevirt.io/bootable-usb, + etc' + type: string + selectors: + items: + properties: + product: + type: string + vendor: + type: string + required: + - product + - vendor + type: object + type: array + x-kubernetes-list-type: atomic + required: + - resourceName + type: object + type: array + x-kubernetes-list-type: atomic type: object seccompConfiguration: description: SeccompConfiguration holds Seccomp configuration @@ -3300,6 +3869,78 @@ spec: version: type: string type: object + supportContainerResources: + description: SupportContainerResources specifies the resource + requirements for various types of supporting containers such + as container disks/virtiofs/sidecars and hotplug attachment + pods. If omitted a sensible default will be supplied. + items: + description: SupportContainerResources are used to specify the + cpu/memory request and limits for the containers that support + various features of Virtual Machines. These containers are + usually idle and don't require a lot of memory or cpu. + properties: + resources: + description: ResourceRequirements describes the compute + resource requirements. + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. \n This field + is immutable. It can only be set for containers." + items: + description: ResourceClaim references one entry in + PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry + in pod.spec.resourceClaims of the Pod where + this field is used. It makes that resource available + inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of + compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + type: + type: string + required: + - resources + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map supportedGuestAgentVersions: description: deprecated items: @@ -3329,6 +3970,40 @@ spec: type: object virtualMachineInstancesPerNode: type: integer + virtualMachineOptions: + description: VirtualMachineOptions holds the cluster level information + regarding the virtual machine. + properties: + disableFreePageReporting: + description: DisableFreePageReporting disable the free page + reporting of memory balloon device https://libvirt.org/formatdomain.html#memory-balloon-device. + This will have effect only if AutoattachMemBalloon is not + false and the vmi is not requesting any high performance + feature (dedicatedCPU/realtime/hugePages), in which free + page reporting is always disabled. + type: object + disableSerialConsoleLog: + description: DisableSerialConsoleLog disables logging the + auto-attached default serial console. If not set, serial + console logs will be written to a file and then streamed + from a container named 'guest-console-log'. The value can + be individually overridden for each VM, not relevant if + AutoattachSerialConsole is disabled. + type: object + type: object + vmRolloutStrategy: + description: VMRolloutStrategy defines how changes to a VM object + propagate to its VMI + enum: + - Stage + - LiveUpdate + nullable: true + type: string + vmStateStorageClass: + description: VMStateStorageClass is the name of the storage class + to use for the PVCs created to preserve VM state, like TPM. + The storage class must support RWX in filesystem mode. + type: string webhookConfiguration: description: ReloadableComponentConfiguration holds all generic k8s configuration options which can be reloaded by components @@ -3750,9 +4425,6 @@ spec: null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. - This field is beta-level and is only honored - when PodAffinityNamespaceSelector feature - is enabled. properties: matchExpressions: description: matchExpressions is a list @@ -3812,7 +4484,7 @@ spec: union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null - namespaceSelector means "this pod's namespace" + namespaceSelector means "this pod's namespace". items: type: string type: array @@ -3921,9 +4593,7 @@ spec: this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty - selector ({}) matches all namespaces. This - field is beta-level and is only honored when - PodAffinityNamespaceSelector feature is enabled. + selector ({}) matches all namespaces. properties: matchExpressions: description: matchExpressions is a list @@ -3980,7 +4650,7 @@ spec: listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this - pod's namespace" + pod's namespace". items: type: string type: array @@ -4091,9 +4761,6 @@ spec: null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. - This field is beta-level and is only honored - when PodAffinityNamespaceSelector feature - is enabled. properties: matchExpressions: description: matchExpressions is a list @@ -4153,7 +4820,7 @@ spec: union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null - namespaceSelector means "this pod's namespace" + namespaceSelector means "this pod's namespace". items: type: string type: array @@ -4262,9 +4929,7 @@ spec: this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty - selector ({}) matches all namespaces. This - field is beta-level and is only honored when - PodAffinityNamespaceSelector feature is enabled. + selector ({}) matches all namespaces. properties: matchExpressions: description: matchExpressions is a list @@ -4321,7 +4986,7 @@ spec: listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this - pod's namespace" + pod's namespace". items: type: string type: array @@ -4786,9 +5451,6 @@ spec: null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. - This field is beta-level and is only honored - when PodAffinityNamespaceSelector feature - is enabled. properties: matchExpressions: description: matchExpressions is a list @@ -4848,7 +5510,7 @@ spec: union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null - namespaceSelector means "this pod's namespace" + namespaceSelector means "this pod's namespace". items: type: string type: array @@ -4957,9 +5619,7 @@ spec: this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty - selector ({}) matches all namespaces. This - field is beta-level and is only honored when - PodAffinityNamespaceSelector feature is enabled. + selector ({}) matches all namespaces. properties: matchExpressions: description: matchExpressions is a list @@ -5016,7 +5676,7 @@ spec: listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this - pod's namespace" + pod's namespace". items: type: string type: array @@ -5127,9 +5787,6 @@ spec: null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. - This field is beta-level and is only honored - when PodAffinityNamespaceSelector feature - is enabled. properties: matchExpressions: description: matchExpressions is a list @@ -5189,7 +5846,7 @@ spec: union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null - namespaceSelector means "this pod's namespace" + namespaceSelector means "this pod's namespace". items: type: string type: array @@ -5298,9 +5955,7 @@ spec: this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty - selector ({}) matches all namespaces. This - field is beta-level and is only honored when - PodAffinityNamespaceSelector feature is enabled. + selector ({}) matches all namespaces. properties: matchExpressions: description: matchExpressions is a list @@ -5357,7 +6012,7 @@ spec: listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this - pod's namespace" + pod's namespace". items: type: string type: array @@ -5471,6 +6126,8 @@ spec: - type type: object type: array + defaultArchitecture: + type: string generations: items: description: GenerationStatus keeps track of the generation for @@ -5539,6 +6196,6 @@ spec: - spec type: object served: true - storage: true + storage: false subresources: status: {} diff --git a/deploy/operator.yaml b/deploy/operator.yaml index 0ee546bb98..f4878341d8 100644 --- a/deploy/operator.yaml +++ b/deploy/operator.yaml @@ -44,7 +44,7 @@ spec: fieldPath: metadata.name - name: WATCH_NAMESPACE - name: VIRTIOWIN_CONTAINER - value: quay.io/kubevirt/virtio-container-disk@sha256:5b99c78ed831401048e72d72f9ec805710ee7625131fd9ad277b38ab1e67cfb9 + value: quay.io/kubevirt/virtio-container-disk@sha256:f8e71a3a930ce95d646d80862d5ff6f9d3ed7ef2541dd2e2acec0bce26274734 - name: SMBIOS value: |- Family: KubeVirt @@ -54,7 +54,7 @@ spec: - name: HCO_KV_IO_VERSION value: 1.9.0 - name: KUBEVIRT_VERSION - value: v0.59.2 + value: v1.2.0-rc.1 - name: CDI_VERSION value: v1.56.1 - name: NETWORK_ADDONS_VERSION @@ -400,28 +400,28 @@ spec: - virt-operator env: - name: VIRT_OPERATOR_IMAGE - value: quay.io/kubevirt/virt-operator@sha256:5bfc28d150e853eda38b6d2e4f0cf68e6ade1040718cf7598e11cb32058d7c57 + value: quay.io/kubevirt/virt-operator@sha256:1909204cb4d4b8c51f83318a7f7a43a86288af4c4e5fa509d42f7e9971e271e9 - name: WATCH_NAMESPACE valueFrom: fieldRef: fieldPath: metadata.annotations['olm.targetNamespaces'] - name: VIRT_API_SHASUM - value: sha256:2bb3e1227651779f1222ce3b9fbd701226450875ad1f985c098b90b76ea9819b + value: sha256:a268cc8bb2629b78fa8c54f3389538b7feb85f5437b55b46d2859011c7b9d8a8 - name: VIRT_CONTROLLER_SHASUM - value: sha256:37d65a4d4e49ae83a631f052dfcc69a47fd044302be9b7e7a4309513bc9efefd + value: sha256:d0173c35a2538a6ad5761a37ce721fbaa103652743df3ec55d6fb7cddfd07bd5 - name: VIRT_HANDLER_SHASUM - value: sha256:26734e9d4c41a11919661543c3d0c5a9cbd920eec6e8fa2f75426aee4c131e8b + value: sha256:b1cb781f36216db5ac6067cfaa46bd1775c4d8a4871cd709e31839e74d766447 - name: VIRT_LAUNCHER_SHASUM - value: sha256:c510629d04bab4cb621e9f2ccd2503f02a7051a0128a1f17e4faa34eacef8430 + value: sha256:6c8a88763aa51fc2128262deec116572bb29091808d256dd169219288fa652ba - name: VIRT_EXPORTPROXY_SHASUM - value: sha256:ca0810c4202382b770345fdc26d32a6ed24fb25e00ecaf95684b1dce0d07a4d9 + value: sha256:42902dfb2671cc5e71909e529da3dcbd35dbb4d7891c3322d427f8d1853b947e - name: VIRT_EXPORTSERVER_SHASUM - value: sha256:e322c34e7d2c3070985d95fb380b4fe53fabd721fd5f380382a23d846a50a4d3 + value: sha256:a346df41edce2e4bd36b68e969b63ead7a24e2e7b09634a7327f204e90f253b7 - name: GS_SHASUM - value: sha256:149b1def5f2f3c629b514c3168aad68b6888c328c27f9f014e2a5303ddd29ff4 + value: sha256:a88aa48b7ab8e64ef3a4a85f7f89a174adcc94a9a77ee24bf0994481eb71a7ce - name: KUBEVIRT_VERSION - value: v0.59.2 - image: quay.io/kubevirt/virt-operator@sha256:5bfc28d150e853eda38b6d2e4f0cf68e6ade1040718cf7598e11cb32058d7c57 + value: v1.2.0-rc.1 + image: quay.io/kubevirt/virt-operator@sha256:1909204cb4d4b8c51f83318a7f7a43a86288af4c4e5fa509d42f7e9971e271e9 imagePullPolicy: IfNotPresent name: virt-operator ports: @@ -609,7 +609,7 @@ spec: - name: WAIT_FOR_VMI_STATUS_IMG - name: GENERATE_SSH_KEYS_IMG - name: VIRTIO_IMG - value: quay.io/kubevirt/virtio-container-disk@sha256:5b99c78ed831401048e72d72f9ec805710ee7625131fd9ad277b38ab1e67cfb9 + value: quay.io/kubevirt/virtio-container-disk@sha256:f8e71a3a930ce95d646d80862d5ff6f9d3ed7ef2541dd2e2acec0bce26274734 - name: OPERATOR_NAMESPACE valueFrom: fieldRef: diff --git a/go.mod b/go.mod index a1323d9e99..ce8cd1d8a0 100644 --- a/go.mod +++ b/go.mod @@ -6,7 +6,7 @@ require ( github.com/blang/semver/v4 v4.0.0 github.com/evanphx/json-patch v5.6.0+incompatible github.com/ghodss/yaml v1.0.1-0.20190212211648-25d852aebe32 - github.com/go-logr/logr v1.2.3 + github.com/go-logr/logr v1.2.4 github.com/google/uuid v1.3.0 github.com/imdario/mergo v0.3.13 github.com/kubevirt/cluster-network-addons-operator v0.85.4 @@ -26,14 +26,14 @@ require ( github.com/spf13/pflag v1.0.5 golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d gomodules.xyz/jsonpatch/v2 v2.2.0 - k8s.io/api v0.26.10 + k8s.io/api v0.27.1 k8s.io/apiextensions-apiserver v0.26.10 - k8s.io/apimachinery v0.26.10 + k8s.io/apimachinery v0.27.1 k8s.io/client-go v12.0.0+incompatible k8s.io/kube-openapi v0.0.0-20221207184640-f3cff1453715 - k8s.io/utils v0.0.0-20230115233650-391b47cb4029 - kubevirt.io/api v0.59.2 - kubevirt.io/containerized-data-importer-api v1.56.1 + k8s.io/utils v0.0.0-20230505201702-9f6742963106 + kubevirt.io/api v1.2.0-rc.1 + kubevirt.io/containerized-data-importer-api v1.57.0-alpha1 kubevirt.io/controller-lifecycle-operator-sdk/api v0.2.4 kubevirt.io/ssp-operator/api v0.17.1 sigs.k8s.io/controller-runtime v0.14.7 @@ -70,7 +70,6 @@ require ( github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect github.com/modern-go/reflect2 v1.0.2 // indirect github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect - github.com/pborman/uuid v1.2.0 // indirect github.com/prometheus/common v0.37.0 // indirect github.com/prometheus/procfs v0.8.0 // indirect github.com/sirupsen/logrus v1.9.0 // indirect @@ -93,7 +92,7 @@ require ( gopkg.in/yaml.v3 v3.0.1 // indirect k8s.io/apiserver v0.26.10 // indirect k8s.io/component-base v0.26.10 // indirect - k8s.io/klog/v2 v2.90.0 // indirect + k8s.io/klog/v2 v2.90.1 // indirect kubevirt.io/controller-lifecycle-operator-sdk v0.2.3 // indirect sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect sigs.k8s.io/structured-merge-diff/v4 v4.2.3 // indirect diff --git a/go.sum b/go.sum index 1d5a23af45..e4546a62ca 100644 --- a/go.sum +++ b/go.sum @@ -205,8 +205,9 @@ github.com/go-logr/logr v0.2.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTg github.com/go-logr/logr v0.3.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU= github.com/go-logr/logr v1.2.0/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-logr/logr v1.2.3 h1:2DntVwHkVopvECVRSlL5PSo9eG+cAkDCuckLubN+rq0= github.com/go-logr/logr v1.2.3/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= +github.com/go-logr/logr v1.2.4 h1:g01GSCwiDw2xSZfjJ2/T9M+S6pFdcNtFYsp+Y43HYDQ= +github.com/go-logr/logr v1.2.4/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE= github.com/go-logr/zapr v0.2.0/go.mod h1:qhKdvif7YF5GI9NWEpyxTSSBdGmzkNguibrdCNVPunU= github.com/go-logr/zapr v1.2.3 h1:a9vnzlIBPQBBkeaR9IuMUfmVOrQlkoC4YfPoFkX3T7A= @@ -322,7 +323,6 @@ github.com/google/pprof v0.0.0-20210601050228-01bbb1931b22/go.mod h1:kpwsk12EmLe github.com/google/pprof v0.0.0-20210609004039-a478d1d731e9/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= -github.com/google/uuid v1.0.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I= github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= @@ -540,8 +540,6 @@ github.com/operator-framework/operator-lib v0.0.0-20230126194151-7fc7204a9445 h1 github.com/operator-framework/operator-lib v0.0.0-20230126194151-7fc7204a9445/go.mod h1:lxhjtIxa4WwJTKsmhWipEDr2RYjs7VjRlD1vtBMXbco= github.com/pascaldekloe/goe v0.0.0-20180627143212-57f6aae5913c/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc= github.com/pascaldekloe/goe v0.1.0/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc= -github.com/pborman/uuid v1.2.0 h1:J7Q5mO4ysT1dv8hyrUGHb9+ooztCXu1D8MY8DZYsu3g= -github.com/pborman/uuid v1.2.0/go.mod h1:X/NO0urCmaxf9VXbdlT7C2Yzkj2IKimNn4k+gtPdI/k= github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic= github.com/performancecopilot/speed/v4 v4.0.0/go.mod h1:qxrSyuDGrTOWfV+uKRFhfxw6h/4HXRGUiZiufxo49BM= github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU= @@ -1231,8 +1229,8 @@ k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE= k8s.io/klog/v2 v2.2.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y= k8s.io/klog/v2 v2.40.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= k8s.io/klog/v2 v2.80.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= -k8s.io/klog/v2 v2.90.0 h1:VkTxIV/FjRXn1fgNNcKGM8cfmL1Z33ZjXRTVxKCoF5M= -k8s.io/klog/v2 v2.90.0/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= +k8s.io/klog/v2 v2.90.1 h1:m4bYOKall2MmOiRaR1J+We67Do7vm9KiQVlT96lnHUw= +k8s.io/klog/v2 v2.90.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= k8s.io/kms v0.26.10/go.mod h1:3ZF23khJJAVfmT2K2kyiQN/kbqKpu2+ogecg9zY7Efk= k8s.io/kube-openapi v0.0.0-20220124234850-424119656bbf/go.mod h1:sX9MT8g7NVZM5lVL/j8QyCCJe8YSMW30QvGZWaCIDIk= k8s.io/kube-openapi v0.0.0-20221012153701-172d655c2280/go.mod h1:+Axhij7bCpeqhklhUTe3xmOn6bWxolyZEeyaFpjGtl4= @@ -1241,12 +1239,12 @@ k8s.io/kube-openapi v0.0.0-20221207184640-f3cff1453715/go.mod h1:+Axhij7bCpeqhkl k8s.io/utils v0.0.0-20210111153108-fddb29f9d009/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= k8s.io/utils v0.0.0-20210802155522-efc7438f0176/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= k8s.io/utils v0.0.0-20221107191617-1a15be271d1d/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= -k8s.io/utils v0.0.0-20230115233650-391b47cb4029 h1:L8zDtT4jrxj+TaQYD0k8KNlr556WaVQylDXswKmX+dE= -k8s.io/utils v0.0.0-20230115233650-391b47cb4029/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= -kubevirt.io/api v0.59.2 h1:t37z6+o1t/l09Ted4DrG5YkYjCasp3TAw3TZOgUC1xI= -kubevirt.io/api v0.59.2/go.mod h1:zts/6mioR8vGgvYmQ17Cb9XsUR9e/WjJcdokmrE38wY= -kubevirt.io/containerized-data-importer-api v1.56.1 h1:Ag6LV/HyaO8u7Uix3iaULSeSFfL1lq2zX0MjNkTR6jE= -kubevirt.io/containerized-data-importer-api v1.56.1/go.mod h1:92HiQEyzPoeMiCbgfG5Qe10JQVbtWMZOXucy56dKdGg= +k8s.io/utils v0.0.0-20230505201702-9f6742963106 h1:EObNQ3TW2D+WptiYXlApGNLVy0zm/JIBVY9i+M4wpAU= +k8s.io/utils v0.0.0-20230505201702-9f6742963106/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +kubevirt.io/api v1.2.0-rc.1 h1:KVBZX3Fbm9+2egFqKGIJwaeaZyNGKOz6xWRUeuy1s3U= +kubevirt.io/api v1.2.0-rc.1/go.mod h1:SbeR9ma4EwnaOZEUkh/lNz0kzYm5LPpEDE30vKXC5Zg= +kubevirt.io/containerized-data-importer-api v1.57.0-alpha1 h1:IWo12+ei3jltSN5jQN1xjgakfvRSF3G3Rr4GXVOOy2I= +kubevirt.io/containerized-data-importer-api v1.57.0-alpha1/go.mod h1:Y/8ETgHS1GjO89bl682DPtQOYEU/1ctPFBz6Sjxm4DM= kubevirt.io/controller-lifecycle-operator-sdk v0.2.3 h1:auv8LrA7gnLfQREnlGVPwgJpTxOEgnw4+mzXlUqKTxY= kubevirt.io/controller-lifecycle-operator-sdk v0.2.3/go.mod h1:ZJhLceiY2Gl5CXFGSp5eMGt/sksOiJP0289nAZFCQf0= kubevirt.io/controller-lifecycle-operator-sdk/api v0.2.4 h1:fZYvD3/Vnitfkx6IJxjLAk8ugnZQ7CXVYcRfkSKmuZY= diff --git a/hack/config b/hack/config index 2890b83155..22cef08db1 100644 --- a/hack/config +++ b/hack/config @@ -1,6 +1,6 @@ #!/bin/bash -KUBEVIRT_VERSION="v0.59.2" +KUBEVIRT_VERSION="v1.2.0-rc.1" CDI_VERSION="v1.56.1" NETWORK_ADDONS_VERSION="v0.85.4" SSP_VERSION="v0.17.1" diff --git a/vendor/github.com/go-logr/logr/.golangci.yaml b/vendor/github.com/go-logr/logr/.golangci.yaml index 94ff801df1..0cffafa7bf 100644 --- a/vendor/github.com/go-logr/logr/.golangci.yaml +++ b/vendor/github.com/go-logr/logr/.golangci.yaml @@ -6,7 +6,6 @@ linters: disable-all: true enable: - asciicheck - - deadcode - errcheck - forcetypeassert - gocritic @@ -18,10 +17,8 @@ linters: - misspell - revive - staticcheck - - structcheck - typecheck - unused - - varcheck issues: exclude-use-default: false diff --git a/vendor/github.com/go-logr/logr/discard.go b/vendor/github.com/go-logr/logr/discard.go index 9d92a38f1d..99fe8be93c 100644 --- a/vendor/github.com/go-logr/logr/discard.go +++ b/vendor/github.com/go-logr/logr/discard.go @@ -20,35 +20,5 @@ package logr // used whenever the caller is not interested in the logs. Logger instances // produced by this function always compare as equal. func Discard() Logger { - return Logger{ - level: 0, - sink: discardLogSink{}, - } -} - -// discardLogSink is a LogSink that discards all messages. -type discardLogSink struct{} - -// Verify that it actually implements the interface -var _ LogSink = discardLogSink{} - -func (l discardLogSink) Init(RuntimeInfo) { -} - -func (l discardLogSink) Enabled(int) bool { - return false -} - -func (l discardLogSink) Info(int, string, ...interface{}) { -} - -func (l discardLogSink) Error(error, string, ...interface{}) { -} - -func (l discardLogSink) WithValues(...interface{}) LogSink { - return l -} - -func (l discardLogSink) WithName(string) LogSink { - return l + return New(nil) } diff --git a/vendor/github.com/go-logr/logr/funcr/funcr.go b/vendor/github.com/go-logr/logr/funcr/funcr.go index 7accdb0c40..e52f0cd01e 100644 --- a/vendor/github.com/go-logr/logr/funcr/funcr.go +++ b/vendor/github.com/go-logr/logr/funcr/funcr.go @@ -21,13 +21,13 @@ limitations under the License. // github.com/go-logr/logr.LogSink with output through an arbitrary // "write" function. See New and NewJSON for details. // -// Custom LogSinks +// # Custom LogSinks // // For users who need more control, a funcr.Formatter can be embedded inside // your own custom LogSink implementation. This is useful when the LogSink // needs to implement additional methods, for example. // -// Formatting +// # Formatting // // This will respect logr.Marshaler, fmt.Stringer, and error interfaces for // values which are being logged. When rendering a struct, funcr will use Go's @@ -37,6 +37,7 @@ package funcr import ( "bytes" "encoding" + "encoding/json" "fmt" "path/filepath" "reflect" @@ -217,7 +218,7 @@ func newFormatter(opts Options, outfmt outputFormat) Formatter { prefix: "", values: nil, depth: 0, - opts: opts, + opts: &opts, } return f } @@ -231,7 +232,7 @@ type Formatter struct { values []interface{} valuesStr string depth int - opts Options + opts *Options } // outputFormat indicates which outputFormat to use. @@ -447,6 +448,7 @@ func (f Formatter) prettyWithFlags(value interface{}, flags uint32, depth int) s if flags&flagRawStruct == 0 { buf.WriteByte('{') } + printComma := false // testing i>0 is not enough because of JSON omitted fields for i := 0; i < t.NumField(); i++ { fld := t.Field(i) if fld.PkgPath != "" { @@ -478,9 +480,10 @@ func (f Formatter) prettyWithFlags(value interface{}, flags uint32, depth int) s if omitempty && isEmpty(v.Field(i)) { continue } - if i > 0 { + if printComma { buf.WriteByte(',') } + printComma = true // if we got here, we are rendering a field if fld.Anonymous && fld.Type.Kind() == reflect.Struct && name == "" { buf.WriteString(f.prettyWithFlags(v.Field(i).Interface(), flags|flagRawStruct, depth+1)) continue @@ -500,6 +503,20 @@ func (f Formatter) prettyWithFlags(value interface{}, flags uint32, depth int) s } return buf.String() case reflect.Slice, reflect.Array: + // If this is outputing as JSON make sure this isn't really a json.RawMessage. + // If so just emit "as-is" and don't pretty it as that will just print + // it as [X,Y,Z,...] which isn't terribly useful vs the string form you really want. + if f.outputFormat == outputJSON { + if rm, ok := value.(json.RawMessage); ok { + // If it's empty make sure we emit an empty value as the array style would below. + if len(rm) > 0 { + buf.Write(rm) + } else { + buf.WriteString("null") + } + return buf.String() + } + } buf.WriteByte('[') for i := 0; i < v.Len(); i++ { if i > 0 { diff --git a/vendor/github.com/go-logr/logr/logr.go b/vendor/github.com/go-logr/logr/logr.go index c3b56b3d2c..e027aea3fd 100644 --- a/vendor/github.com/go-logr/logr/logr.go +++ b/vendor/github.com/go-logr/logr/logr.go @@ -21,7 +21,7 @@ limitations under the License. // to back that API. Packages in the Go ecosystem can depend on this package, // while callers can implement logging with whatever backend is appropriate. // -// Usage +// # Usage // // Logging is done using a Logger instance. Logger is a concrete type with // methods, which defers the actual logging to a LogSink interface. The main @@ -30,16 +30,20 @@ limitations under the License. // "structured logging". // // With Go's standard log package, we might write: -// log.Printf("setting target value %s", targetValue) +// +// log.Printf("setting target value %s", targetValue) // // With logr's structured logging, we'd write: -// logger.Info("setting target", "value", targetValue) +// +// logger.Info("setting target", "value", targetValue) // // Errors are much the same. Instead of: -// log.Printf("failed to open the pod bay door for user %s: %v", user, err) +// +// log.Printf("failed to open the pod bay door for user %s: %v", user, err) // // We'd write: -// logger.Error(err, "failed to open the pod bay door", "user", user) +// +// logger.Error(err, "failed to open the pod bay door", "user", user) // // Info() and Error() are very similar, but they are separate methods so that // LogSink implementations can choose to do things like attach additional @@ -47,7 +51,7 @@ limitations under the License. // always logged, regardless of the current verbosity. If there is no error // instance available, passing nil is valid. // -// Verbosity +// # Verbosity // // Often we want to log information only when the application in "verbose // mode". To write log lines that are more verbose, Logger has a V() method. @@ -58,20 +62,22 @@ limitations under the License. // Error messages do not have a verbosity level and are always logged. // // Where we might have written: -// if flVerbose >= 2 { -// log.Printf("an unusual thing happened") -// } +// +// if flVerbose >= 2 { +// log.Printf("an unusual thing happened") +// } // // We can write: -// logger.V(2).Info("an unusual thing happened") // -// Logger Names +// logger.V(2).Info("an unusual thing happened") +// +// # Logger Names // // Logger instances can have name strings so that all messages logged through // that instance have additional context. For example, you might want to add // a subsystem name: // -// logger.WithName("compactor").Info("started", "time", time.Now()) +// logger.WithName("compactor").Info("started", "time", time.Now()) // // The WithName() method returns a new Logger, which can be passed to // constructors or other functions for further use. Repeated use of WithName() @@ -82,25 +88,27 @@ limitations under the License. // joining operation (e.g. whitespace, commas, periods, slashes, brackets, // quotes, etc). // -// Saved Values +// # Saved Values // // Logger instances can store any number of key/value pairs, which will be // logged alongside all messages logged through that instance. For example, // you might want to create a Logger instance per managed object: // // With the standard log package, we might write: -// log.Printf("decided to set field foo to value %q for object %s/%s", -// targetValue, object.Namespace, object.Name) +// +// log.Printf("decided to set field foo to value %q for object %s/%s", +// targetValue, object.Namespace, object.Name) // // With logr we'd write: -// // Elsewhere: set up the logger to log the object name. -// obj.logger = mainLogger.WithValues( -// "name", obj.name, "namespace", obj.namespace) // -// // later on... -// obj.logger.Info("setting foo", "value", targetValue) +// // Elsewhere: set up the logger to log the object name. +// obj.logger = mainLogger.WithValues( +// "name", obj.name, "namespace", obj.namespace) +// +// // later on... +// obj.logger.Info("setting foo", "value", targetValue) // -// Best Practices +// # Best Practices // // Logger has very few hard rules, with the goal that LogSink implementations // might have a lot of freedom to differentiate. There are, however, some @@ -124,15 +132,15 @@ limitations under the License. // around. For cases where passing a logger is optional, a pointer to Logger // should be used. // -// Key Naming Conventions +// # Key Naming Conventions // // Keys are not strictly required to conform to any specification or regex, but // it is recommended that they: -// * be human-readable and meaningful (not auto-generated or simple ordinals) -// * be constant (not dependent on input data) -// * contain only printable characters -// * not contain whitespace or punctuation -// * use lower case for simple keys and lowerCamelCase for more complex ones +// - be human-readable and meaningful (not auto-generated or simple ordinals) +// - be constant (not dependent on input data) +// - contain only printable characters +// - not contain whitespace or punctuation +// - use lower case for simple keys and lowerCamelCase for more complex ones // // These guidelines help ensure that log data is processed properly regardless // of the log implementation. For example, log implementations will try to @@ -141,51 +149,54 @@ limitations under the License. // While users are generally free to use key names of their choice, it's // generally best to avoid using the following keys, as they're frequently used // by implementations: -// * "caller": the calling information (file/line) of a particular log line -// * "error": the underlying error value in the `Error` method -// * "level": the log level -// * "logger": the name of the associated logger -// * "msg": the log message -// * "stacktrace": the stack trace associated with a particular log line or -// error (often from the `Error` message) -// * "ts": the timestamp for a log line +// - "caller": the calling information (file/line) of a particular log line +// - "error": the underlying error value in the `Error` method +// - "level": the log level +// - "logger": the name of the associated logger +// - "msg": the log message +// - "stacktrace": the stack trace associated with a particular log line or +// error (often from the `Error` message) +// - "ts": the timestamp for a log line // // Implementations are encouraged to make use of these keys to represent the // above concepts, when necessary (for example, in a pure-JSON output form, it // would be necessary to represent at least message and timestamp as ordinary // named values). // -// Break Glass +// # Break Glass // // Implementations may choose to give callers access to the underlying // logging implementation. The recommended pattern for this is: -// // Underlier exposes access to the underlying logging implementation. -// // Since callers only have a logr.Logger, they have to know which -// // implementation is in use, so this interface is less of an abstraction -// // and more of way to test type conversion. -// type Underlier interface { -// GetUnderlying() -// } +// +// // Underlier exposes access to the underlying logging implementation. +// // Since callers only have a logr.Logger, they have to know which +// // implementation is in use, so this interface is less of an abstraction +// // and more of way to test type conversion. +// type Underlier interface { +// GetUnderlying() +// } // // Logger grants access to the sink to enable type assertions like this: -// func DoSomethingWithImpl(log logr.Logger) { -// if underlier, ok := log.GetSink()(impl.Underlier) { -// implLogger := underlier.GetUnderlying() -// ... -// } -// } +// +// func DoSomethingWithImpl(log logr.Logger) { +// if underlier, ok := log.GetSink().(impl.Underlier); ok { +// implLogger := underlier.GetUnderlying() +// ... +// } +// } // // Custom `With*` functions can be implemented by copying the complete // Logger struct and replacing the sink in the copy: -// // WithFooBar changes the foobar parameter in the log sink and returns a -// // new logger with that modified sink. It does nothing for loggers where -// // the sink doesn't support that parameter. -// func WithFoobar(log logr.Logger, foobar int) logr.Logger { -// if foobarLogSink, ok := log.GetSink()(FoobarSink); ok { -// log = log.WithSink(foobarLogSink.WithFooBar(foobar)) -// } -// return log -// } +// +// // WithFooBar changes the foobar parameter in the log sink and returns a +// // new logger with that modified sink. It does nothing for loggers where +// // the sink doesn't support that parameter. +// func WithFoobar(log logr.Logger, foobar int) logr.Logger { +// if foobarLogSink, ok := log.GetSink().(FoobarSink); ok { +// log = log.WithSink(foobarLogSink.WithFooBar(foobar)) +// } +// return log +// } // // Don't use New to construct a new Logger with a LogSink retrieved from an // existing Logger. Source code attribution might not work correctly and @@ -201,11 +212,14 @@ import ( ) // New returns a new Logger instance. This is primarily used by libraries -// implementing LogSink, rather than end users. +// implementing LogSink, rather than end users. Passing a nil sink will create +// a Logger which discards all log lines. func New(sink LogSink) Logger { logger := Logger{} logger.setSink(sink) - sink.Init(runtimeInfo) + if sink != nil { + sink.Init(runtimeInfo) + } return logger } @@ -244,7 +258,7 @@ type Logger struct { // Enabled tests whether this Logger is enabled. For example, commandline // flags might be used to set the logging verbosity and disable some info logs. func (l Logger) Enabled() bool { - return l.sink.Enabled(l.level) + return l.sink != nil && l.sink.Enabled(l.level) } // Info logs a non-error message with the given key/value pairs as context. @@ -254,6 +268,9 @@ func (l Logger) Enabled() bool { // information. The key/value pairs must alternate string keys and arbitrary // values. func (l Logger) Info(msg string, keysAndValues ...interface{}) { + if l.sink == nil { + return + } if l.Enabled() { if withHelper, ok := l.sink.(CallStackHelperLogSink); ok { withHelper.GetCallStackHelper()() @@ -273,6 +290,9 @@ func (l Logger) Info(msg string, keysAndValues ...interface{}) { // triggered this log line, if present. The err parameter is optional // and nil may be passed instead of an error instance. func (l Logger) Error(err error, msg string, keysAndValues ...interface{}) { + if l.sink == nil { + return + } if withHelper, ok := l.sink.(CallStackHelperLogSink); ok { withHelper.GetCallStackHelper()() } @@ -284,6 +304,9 @@ func (l Logger) Error(err error, msg string, keysAndValues ...interface{}) { // level means a log message is less important. Negative V-levels are treated // as 0. func (l Logger) V(level int) Logger { + if l.sink == nil { + return l + } if level < 0 { level = 0 } @@ -294,6 +317,9 @@ func (l Logger) V(level int) Logger { // WithValues returns a new Logger instance with additional key/value pairs. // See Info for documentation on how key/value pairs work. func (l Logger) WithValues(keysAndValues ...interface{}) Logger { + if l.sink == nil { + return l + } l.setSink(l.sink.WithValues(keysAndValues...)) return l } @@ -304,6 +330,9 @@ func (l Logger) WithValues(keysAndValues ...interface{}) Logger { // contain only letters, digits, and hyphens (see the package documentation for // more information). func (l Logger) WithName(name string) Logger { + if l.sink == nil { + return l + } l.setSink(l.sink.WithName(name)) return l } @@ -324,6 +353,9 @@ func (l Logger) WithName(name string) Logger { // WithCallDepth(1) because it works with implementions that support the // CallDepthLogSink and/or CallStackHelperLogSink interfaces. func (l Logger) WithCallDepth(depth int) Logger { + if l.sink == nil { + return l + } if withCallDepth, ok := l.sink.(CallDepthLogSink); ok { l.setSink(withCallDepth.WithCallDepth(depth)) } @@ -345,6 +377,9 @@ func (l Logger) WithCallDepth(depth int) Logger { // implementation does not support either of these, the original Logger will be // returned. func (l Logger) WithCallStackHelper() (func(), Logger) { + if l.sink == nil { + return func() {}, l + } var helper func() if withCallDepth, ok := l.sink.(CallDepthLogSink); ok { l.setSink(withCallDepth.WithCallDepth(1)) @@ -357,6 +392,11 @@ func (l Logger) WithCallStackHelper() (func(), Logger) { return helper, l } +// IsZero returns true if this logger is an uninitialized zero value +func (l Logger) IsZero() bool { + return l.sink == nil +} + // contextKey is how we find Loggers in a context.Context. type contextKey struct{} @@ -442,7 +482,7 @@ type LogSink interface { WithName(name string) LogSink } -// CallDepthLogSink represents a Logger that knows how to climb the call stack +// CallDepthLogSink represents a LogSink that knows how to climb the call stack // to identify the original call site and can offset the depth by a specified // number of frames. This is useful for users who have helper functions // between the "real" call site and the actual calls to Logger methods. @@ -467,7 +507,7 @@ type CallDepthLogSink interface { WithCallDepth(depth int) LogSink } -// CallStackHelperLogSink represents a Logger that knows how to climb +// CallStackHelperLogSink represents a LogSink that knows how to climb // the call stack to identify the original call site and can skip // intermediate helper functions if they mark themselves as // helper. Go's testing package uses that approach. diff --git a/vendor/github.com/pborman/uuid/.travis.yml b/vendor/github.com/pborman/uuid/.travis.yml deleted file mode 100644 index 3deb4a1243..0000000000 --- a/vendor/github.com/pborman/uuid/.travis.yml +++ /dev/null @@ -1,10 +0,0 @@ -language: go - -go: - - "1.9" - - "1.10" - - "1.11" - - tip - -script: - - go test -v ./... diff --git a/vendor/github.com/pborman/uuid/CONTRIBUTING.md b/vendor/github.com/pborman/uuid/CONTRIBUTING.md deleted file mode 100644 index 04fdf09f13..0000000000 --- a/vendor/github.com/pborman/uuid/CONTRIBUTING.md +++ /dev/null @@ -1,10 +0,0 @@ -# How to contribute - -We definitely welcome patches and contribution to this project! - -### Legal requirements - -In order to protect both you and ourselves, you will need to sign the -[Contributor License Agreement](https://cla.developers.google.com/clas). - -You may have already signed it for other Google projects. diff --git a/vendor/github.com/pborman/uuid/CONTRIBUTORS b/vendor/github.com/pborman/uuid/CONTRIBUTORS deleted file mode 100644 index b382a04eda..0000000000 --- a/vendor/github.com/pborman/uuid/CONTRIBUTORS +++ /dev/null @@ -1 +0,0 @@ -Paul Borman diff --git a/vendor/github.com/pborman/uuid/LICENSE b/vendor/github.com/pborman/uuid/LICENSE deleted file mode 100644 index 5dc68268d9..0000000000 --- a/vendor/github.com/pborman/uuid/LICENSE +++ /dev/null @@ -1,27 +0,0 @@ -Copyright (c) 2009,2014 Google Inc. All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are -met: - - * Redistributions of source code must retain the above copyright -notice, this list of conditions and the following disclaimer. - * Redistributions in binary form must reproduce the above -copyright notice, this list of conditions and the following disclaimer -in the documentation and/or other materials provided with the -distribution. - * Neither the name of Google Inc. nor the names of its -contributors may be used to endorse or promote products derived from -this software without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/vendor/github.com/pborman/uuid/README.md b/vendor/github.com/pborman/uuid/README.md deleted file mode 100644 index 810ad40dc9..0000000000 --- a/vendor/github.com/pborman/uuid/README.md +++ /dev/null @@ -1,15 +0,0 @@ -This project was automatically exported from code.google.com/p/go-uuid - -# uuid ![build status](https://travis-ci.org/pborman/uuid.svg?branch=master) -The uuid package generates and inspects UUIDs based on [RFC 4122](http://tools.ietf.org/html/rfc4122) and DCE 1.1: Authentication and Security Services. - -This package now leverages the github.com/google/uuid package (which is based off an earlier version of this package). - -###### Install -`go get github.com/pborman/uuid` - -###### Documentation -[![GoDoc](https://godoc.org/github.com/pborman/uuid?status.svg)](http://godoc.org/github.com/pborman/uuid) - -Full `go doc` style documentation for the package can be viewed online without installing this package by using the GoDoc site here: -http://godoc.org/github.com/pborman/uuid diff --git a/vendor/github.com/pborman/uuid/dce.go b/vendor/github.com/pborman/uuid/dce.go deleted file mode 100644 index 50a0f2d099..0000000000 --- a/vendor/github.com/pborman/uuid/dce.go +++ /dev/null @@ -1,84 +0,0 @@ -// Copyright 2011 Google Inc. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package uuid - -import ( - "encoding/binary" - "fmt" - "os" -) - -// A Domain represents a Version 2 domain -type Domain byte - -// Domain constants for DCE Security (Version 2) UUIDs. -const ( - Person = Domain(0) - Group = Domain(1) - Org = Domain(2) -) - -// NewDCESecurity returns a DCE Security (Version 2) UUID. -// -// The domain should be one of Person, Group or Org. -// On a POSIX system the id should be the users UID for the Person -// domain and the users GID for the Group. The meaning of id for -// the domain Org or on non-POSIX systems is site defined. -// -// For a given domain/id pair the same token may be returned for up to -// 7 minutes and 10 seconds. -func NewDCESecurity(domain Domain, id uint32) UUID { - uuid := NewUUID() - if uuid != nil { - uuid[6] = (uuid[6] & 0x0f) | 0x20 // Version 2 - uuid[9] = byte(domain) - binary.BigEndian.PutUint32(uuid[0:], id) - } - return uuid -} - -// NewDCEPerson returns a DCE Security (Version 2) UUID in the person -// domain with the id returned by os.Getuid. -// -// NewDCEPerson(Person, uint32(os.Getuid())) -func NewDCEPerson() UUID { - return NewDCESecurity(Person, uint32(os.Getuid())) -} - -// NewDCEGroup returns a DCE Security (Version 2) UUID in the group -// domain with the id returned by os.Getgid. -// -// NewDCEGroup(Group, uint32(os.Getgid())) -func NewDCEGroup() UUID { - return NewDCESecurity(Group, uint32(os.Getgid())) -} - -// Domain returns the domain for a Version 2 UUID or false. -func (uuid UUID) Domain() (Domain, bool) { - if v, _ := uuid.Version(); v != 2 { - return 0, false - } - return Domain(uuid[9]), true -} - -// Id returns the id for a Version 2 UUID or false. -func (uuid UUID) Id() (uint32, bool) { - if v, _ := uuid.Version(); v != 2 { - return 0, false - } - return binary.BigEndian.Uint32(uuid[0:4]), true -} - -func (d Domain) String() string { - switch d { - case Person: - return "Person" - case Group: - return "Group" - case Org: - return "Org" - } - return fmt.Sprintf("Domain%d", int(d)) -} diff --git a/vendor/github.com/pborman/uuid/doc.go b/vendor/github.com/pborman/uuid/doc.go deleted file mode 100644 index 727d761674..0000000000 --- a/vendor/github.com/pborman/uuid/doc.go +++ /dev/null @@ -1,13 +0,0 @@ -// Copyright 2011 Google Inc. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -// The uuid package generates and inspects UUIDs. -// -// UUIDs are based on RFC 4122 and DCE 1.1: Authentication and Security -// Services. -// -// This package is a partial wrapper around the github.com/google/uuid package. -// This package represents a UUID as []byte while github.com/google/uuid -// represents a UUID as [16]byte. -package uuid diff --git a/vendor/github.com/pborman/uuid/hash.go b/vendor/github.com/pborman/uuid/hash.go deleted file mode 100644 index a0420c1ef3..0000000000 --- a/vendor/github.com/pborman/uuid/hash.go +++ /dev/null @@ -1,53 +0,0 @@ -// Copyright 2011 Google Inc. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package uuid - -import ( - "crypto/md5" - "crypto/sha1" - "hash" -) - -// Well known Name Space IDs and UUIDs -var ( - NameSpace_DNS = Parse("6ba7b810-9dad-11d1-80b4-00c04fd430c8") - NameSpace_URL = Parse("6ba7b811-9dad-11d1-80b4-00c04fd430c8") - NameSpace_OID = Parse("6ba7b812-9dad-11d1-80b4-00c04fd430c8") - NameSpace_X500 = Parse("6ba7b814-9dad-11d1-80b4-00c04fd430c8") - NIL = Parse("00000000-0000-0000-0000-000000000000") -) - -// NewHash returns a new UUID derived from the hash of space concatenated with -// data generated by h. The hash should be at least 16 byte in length. The -// first 16 bytes of the hash are used to form the UUID. The version of the -// UUID will be the lower 4 bits of version. NewHash is used to implement -// NewMD5 and NewSHA1. -func NewHash(h hash.Hash, space UUID, data []byte, version int) UUID { - h.Reset() - h.Write(space) - h.Write([]byte(data)) - s := h.Sum(nil) - uuid := make([]byte, 16) - copy(uuid, s) - uuid[6] = (uuid[6] & 0x0f) | uint8((version&0xf)<<4) - uuid[8] = (uuid[8] & 0x3f) | 0x80 // RFC 4122 variant - return uuid -} - -// NewMD5 returns a new MD5 (Version 3) UUID based on the -// supplied name space and data. -// -// NewHash(md5.New(), space, data, 3) -func NewMD5(space UUID, data []byte) UUID { - return NewHash(md5.New(), space, data, 3) -} - -// NewSHA1 returns a new SHA1 (Version 5) UUID based on the -// supplied name space and data. -// -// NewHash(sha1.New(), space, data, 5) -func NewSHA1(space UUID, data []byte) UUID { - return NewHash(sha1.New(), space, data, 5) -} diff --git a/vendor/github.com/pborman/uuid/marshal.go b/vendor/github.com/pborman/uuid/marshal.go deleted file mode 100644 index 35b89352ad..0000000000 --- a/vendor/github.com/pborman/uuid/marshal.go +++ /dev/null @@ -1,85 +0,0 @@ -// Copyright 2016 Google Inc. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package uuid - -import ( - "errors" - "fmt" - - guuid "github.com/google/uuid" -) - -// MarshalText implements encoding.TextMarshaler. -func (u UUID) MarshalText() ([]byte, error) { - if len(u) != 16 { - return nil, nil - } - var js [36]byte - encodeHex(js[:], u) - return js[:], nil -} - -// UnmarshalText implements encoding.TextUnmarshaler. -func (u *UUID) UnmarshalText(data []byte) error { - if len(data) == 0 { - return nil - } - id := Parse(string(data)) - if id == nil { - return errors.New("invalid UUID") - } - *u = id - return nil -} - -// MarshalBinary implements encoding.BinaryMarshaler. -func (u UUID) MarshalBinary() ([]byte, error) { - return u[:], nil -} - -// UnmarshalBinary implements encoding.BinaryUnmarshaler. -func (u *UUID) UnmarshalBinary(data []byte) error { - if len(data) == 0 { - return nil - } - if len(data) != 16 { - return fmt.Errorf("invalid UUID (got %d bytes)", len(data)) - } - var id [16]byte - copy(id[:], data) - *u = id[:] - return nil -} - -// MarshalText implements encoding.TextMarshaler. -func (u Array) MarshalText() ([]byte, error) { - var js [36]byte - encodeHex(js[:], u[:]) - return js[:], nil -} - -// UnmarshalText implements encoding.TextUnmarshaler. -func (u *Array) UnmarshalText(data []byte) error { - id, err := guuid.ParseBytes(data) - if err != nil { - return err - } - *u = Array(id) - return nil -} - -// MarshalBinary implements encoding.BinaryMarshaler. -func (u Array) MarshalBinary() ([]byte, error) { - return u[:], nil -} - -// UnmarshalBinary implements encoding.BinaryUnmarshaler. -func (u *Array) UnmarshalBinary(data []byte) error { - if len(data) != 16 { - return fmt.Errorf("invalid UUID (got %d bytes)", len(data)) - } - copy(u[:], data) - return nil -} diff --git a/vendor/github.com/pborman/uuid/node.go b/vendor/github.com/pborman/uuid/node.go deleted file mode 100644 index e524e0101b..0000000000 --- a/vendor/github.com/pborman/uuid/node.go +++ /dev/null @@ -1,50 +0,0 @@ -// Copyright 2011 Google Inc. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package uuid - -import ( - guuid "github.com/google/uuid" -) - -// NodeInterface returns the name of the interface from which the NodeID was -// derived. The interface "user" is returned if the NodeID was set by -// SetNodeID. -func NodeInterface() string { - return guuid.NodeInterface() -} - -// SetNodeInterface selects the hardware address to be used for Version 1 UUIDs. -// If name is "" then the first usable interface found will be used or a random -// Node ID will be generated. If a named interface cannot be found then false -// is returned. -// -// SetNodeInterface never fails when name is "". -func SetNodeInterface(name string) bool { - return guuid.SetNodeInterface(name) -} - -// NodeID returns a slice of a copy of the current Node ID, setting the Node ID -// if not already set. -func NodeID() []byte { - return guuid.NodeID() -} - -// SetNodeID sets the Node ID to be used for Version 1 UUIDs. The first 6 bytes -// of id are used. If id is less than 6 bytes then false is returned and the -// Node ID is not set. -func SetNodeID(id []byte) bool { - return guuid.SetNodeID(id) -} - -// NodeID returns the 6 byte node id encoded in uuid. It returns nil if uuid is -// not valid. The NodeID is only well defined for version 1 and 2 UUIDs. -func (uuid UUID) NodeID() []byte { - if len(uuid) != 16 { - return nil - } - node := make([]byte, 6) - copy(node, uuid[10:]) - return node -} diff --git a/vendor/github.com/pborman/uuid/sql.go b/vendor/github.com/pborman/uuid/sql.go deleted file mode 100644 index 929c3847e2..0000000000 --- a/vendor/github.com/pborman/uuid/sql.go +++ /dev/null @@ -1,68 +0,0 @@ -// Copyright 2015 Google Inc. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package uuid - -import ( - "database/sql/driver" - "errors" - "fmt" -) - -// Scan implements sql.Scanner so UUIDs can be read from databases transparently -// Currently, database types that map to string and []byte are supported. Please -// consult database-specific driver documentation for matching types. -func (uuid *UUID) Scan(src interface{}) error { - switch src.(type) { - case string: - // if an empty UUID comes from a table, we return a null UUID - if src.(string) == "" { - return nil - } - - // see uuid.Parse for required string format - parsed := Parse(src.(string)) - - if parsed == nil { - return errors.New("Scan: invalid UUID format") - } - - *uuid = parsed - case []byte: - b := src.([]byte) - - // if an empty UUID comes from a table, we return a null UUID - if len(b) == 0 { - return nil - } - - // assumes a simple slice of bytes if 16 bytes - // otherwise attempts to parse - if len(b) == 16 { - parsed := make([]byte, 16) - copy(parsed, b) - *uuid = UUID(parsed) - } else { - u := Parse(string(b)) - - if u == nil { - return errors.New("Scan: invalid UUID format") - } - - *uuid = u - } - - default: - return fmt.Errorf("Scan: unable to scan type %T into UUID", src) - } - - return nil -} - -// Value implements sql.Valuer so that UUIDs can be written to databases -// transparently. Currently, UUIDs map to strings. Please consult -// database-specific driver documentation for matching types. -func (uuid UUID) Value() (driver.Value, error) { - return uuid.String(), nil -} diff --git a/vendor/github.com/pborman/uuid/time.go b/vendor/github.com/pborman/uuid/time.go deleted file mode 100644 index 5c0960d872..0000000000 --- a/vendor/github.com/pborman/uuid/time.go +++ /dev/null @@ -1,57 +0,0 @@ -// Copyright 2014 Google Inc. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package uuid - -import ( - "encoding/binary" - - guuid "github.com/google/uuid" -) - -// A Time represents a time as the number of 100's of nanoseconds since 15 Oct -// 1582. -type Time = guuid.Time - -// GetTime returns the current Time (100s of nanoseconds since 15 Oct 1582) and -// clock sequence as well as adjusting the clock sequence as needed. An error -// is returned if the current time cannot be determined. -func GetTime() (Time, uint16, error) { return guuid.GetTime() } - -// ClockSequence returns the current clock sequence, generating one if not -// already set. The clock sequence is only used for Version 1 UUIDs. -// -// The uuid package does not use global static storage for the clock sequence or -// the last time a UUID was generated. Unless SetClockSequence a new random -// clock sequence is generated the first time a clock sequence is requested by -// ClockSequence, GetTime, or NewUUID. (section 4.2.1.1) sequence is generated -// for -func ClockSequence() int { return guuid.ClockSequence() } - -// SetClockSeq sets the clock sequence to the lower 14 bits of seq. Setting to -// -1 causes a new sequence to be generated. -func SetClockSequence(seq int) { guuid.SetClockSequence(seq) } - -// Time returns the time in 100s of nanoseconds since 15 Oct 1582 encoded in -// uuid. It returns false if uuid is not valid. The time is only well defined -// for version 1 and 2 UUIDs. -func (uuid UUID) Time() (Time, bool) { - if len(uuid) != 16 { - return 0, false - } - time := int64(binary.BigEndian.Uint32(uuid[0:4])) - time |= int64(binary.BigEndian.Uint16(uuid[4:6])) << 32 - time |= int64(binary.BigEndian.Uint16(uuid[6:8])&0xfff) << 48 - return Time(time), true -} - -// ClockSequence returns the clock sequence encoded in uuid. It returns false -// if uuid is not valid. The clock sequence is only well defined for version 1 -// and 2 UUIDs. -func (uuid UUID) ClockSequence() (int, bool) { - if len(uuid) != 16 { - return 0, false - } - return int(binary.BigEndian.Uint16(uuid[8:10])) & 0x3fff, true -} diff --git a/vendor/github.com/pborman/uuid/util.go b/vendor/github.com/pborman/uuid/util.go deleted file mode 100644 index 255b5e2485..0000000000 --- a/vendor/github.com/pborman/uuid/util.go +++ /dev/null @@ -1,32 +0,0 @@ -// Copyright 2011 Google Inc. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package uuid - -// xvalues returns the value of a byte as a hexadecimal digit or 255. -var xvalues = [256]byte{ - 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, - 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, - 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, - 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 255, 255, 255, 255, 255, 255, - 255, 10, 11, 12, 13, 14, 15, 255, 255, 255, 255, 255, 255, 255, 255, 255, - 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, - 255, 10, 11, 12, 13, 14, 15, 255, 255, 255, 255, 255, 255, 255, 255, 255, - 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, - 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, - 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, - 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, - 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, - 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, - 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, - 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, - 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, -} - -// xtob converts the the first two hex bytes of x into a byte. -func xtob(x string) (byte, bool) { - b1 := xvalues[x[0]] - b2 := xvalues[x[1]] - return (b1 << 4) | b2, b1 != 255 && b2 != 255 -} diff --git a/vendor/github.com/pborman/uuid/uuid.go b/vendor/github.com/pborman/uuid/uuid.go deleted file mode 100644 index 3370004207..0000000000 --- a/vendor/github.com/pborman/uuid/uuid.go +++ /dev/null @@ -1,162 +0,0 @@ -// Copyright 2011 Google Inc. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package uuid - -import ( - "bytes" - "crypto/rand" - "encoding/hex" - "io" - - guuid "github.com/google/uuid" -) - -// Array is a pass-by-value UUID that can be used as an effecient key in a map. -type Array [16]byte - -// UUID converts uuid into a slice. -func (uuid Array) UUID() UUID { - return uuid[:] -} - -// String returns the string representation of uuid, -// xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx. -func (uuid Array) String() string { - return guuid.UUID(uuid).String() -} - -// A UUID is a 128 bit (16 byte) Universal Unique IDentifier as defined in RFC -// 4122. -type UUID []byte - -// A Version represents a UUIDs version. -type Version = guuid.Version - -// A Variant represents a UUIDs variant. -type Variant = guuid.Variant - -// Constants returned by Variant. -const ( - Invalid = guuid.Invalid // Invalid UUID - RFC4122 = guuid.RFC4122 // The variant specified in RFC4122 - Reserved = guuid.Reserved // Reserved, NCS backward compatibility. - Microsoft = guuid.Microsoft // Reserved, Microsoft Corporation backward compatibility. - Future = guuid.Future // Reserved for future definition. -) - -var rander = rand.Reader // random function - -// New returns a new random (version 4) UUID as a string. It is a convenience -// function for NewRandom().String(). -func New() string { - return NewRandom().String() -} - -// Parse decodes s into a UUID or returns nil. See github.com/google/uuid for -// the formats parsed. -func Parse(s string) UUID { - gu, err := guuid.Parse(s) - if err == nil { - return gu[:] - } - return nil -} - -// ParseBytes is like Parse, except it parses a byte slice instead of a string. -func ParseBytes(b []byte) (UUID, error) { - gu, err := guuid.ParseBytes(b) - if err == nil { - return gu[:], nil - } - return nil, err -} - -// Equal returns true if uuid1 and uuid2 are equal. -func Equal(uuid1, uuid2 UUID) bool { - return bytes.Equal(uuid1, uuid2) -} - -// Array returns an array representation of uuid that can be used as a map key. -// Array panics if uuid is not valid. -func (uuid UUID) Array() Array { - if len(uuid) != 16 { - panic("invalid uuid") - } - var a Array - copy(a[:], uuid) - return a -} - -// String returns the string form of uuid, xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx -// , or "" if uuid is invalid. -func (uuid UUID) String() string { - if len(uuid) != 16 { - return "" - } - var buf [36]byte - encodeHex(buf[:], uuid) - return string(buf[:]) -} - -// URN returns the RFC 2141 URN form of uuid, -// urn:uuid:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx, or "" if uuid is invalid. -func (uuid UUID) URN() string { - if len(uuid) != 16 { - return "" - } - var buf [36 + 9]byte - copy(buf[:], "urn:uuid:") - encodeHex(buf[9:], uuid) - return string(buf[:]) -} - -func encodeHex(dst []byte, uuid UUID) { - hex.Encode(dst[:], uuid[:4]) - dst[8] = '-' - hex.Encode(dst[9:13], uuid[4:6]) - dst[13] = '-' - hex.Encode(dst[14:18], uuid[6:8]) - dst[18] = '-' - hex.Encode(dst[19:23], uuid[8:10]) - dst[23] = '-' - hex.Encode(dst[24:], uuid[10:]) -} - -// Variant returns the variant encoded in uuid. It returns Invalid if -// uuid is invalid. -func (uuid UUID) Variant() Variant { - if len(uuid) != 16 { - return Invalid - } - switch { - case (uuid[8] & 0xc0) == 0x80: - return RFC4122 - case (uuid[8] & 0xe0) == 0xc0: - return Microsoft - case (uuid[8] & 0xe0) == 0xe0: - return Future - default: - return Reserved - } -} - -// Version returns the version of uuid. It returns false if uuid is not -// valid. -func (uuid UUID) Version() (Version, bool) { - if len(uuid) != 16 { - return 0, false - } - return Version(uuid[6] >> 4), true -} - -// SetRand sets the random number generator to r, which implements io.Reader. -// If r.Read returns an error when the package requests random data then -// a panic will be issued. -// -// Calling SetRand with nil sets the random number generator to the default -// generator. -func SetRand(r io.Reader) { - guuid.SetRand(r) -} diff --git a/vendor/github.com/pborman/uuid/version1.go b/vendor/github.com/pborman/uuid/version1.go deleted file mode 100644 index 7af948da79..0000000000 --- a/vendor/github.com/pborman/uuid/version1.go +++ /dev/null @@ -1,23 +0,0 @@ -// Copyright 2011 Google Inc. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package uuid - -import ( - guuid "github.com/google/uuid" -) - -// NewUUID returns a Version 1 UUID based on the current NodeID and clock -// sequence, and the current time. If the NodeID has not been set by SetNodeID -// or SetNodeInterface then it will be set automatically. If the NodeID cannot -// be set NewUUID returns nil. If clock sequence has not been set by -// SetClockSequence then it will be set automatically. If GetTime fails to -// return the current NewUUID returns nil. -func NewUUID() UUID { - gu, err := guuid.NewUUID() - if err == nil { - return UUID(gu[:]) - } - return nil -} diff --git a/vendor/github.com/pborman/uuid/version4.go b/vendor/github.com/pborman/uuid/version4.go deleted file mode 100644 index b459d46d13..0000000000 --- a/vendor/github.com/pborman/uuid/version4.go +++ /dev/null @@ -1,26 +0,0 @@ -// Copyright 2011 Google Inc. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package uuid - -import guuid "github.com/google/uuid" - -// Random returns a Random (Version 4) UUID or panics. -// -// The strength of the UUIDs is based on the strength of the crypto/rand -// package. -// -// A note about uniqueness derived from the UUID Wikipedia entry: -// -// Randomly generated UUIDs have 122 random bits. One's annual risk of being -// hit by a meteorite is estimated to be one chance in 17 billion, that -// means the probability is about 0.00000000006 (6 × 10−11), -// equivalent to the odds of creating a few tens of trillions of UUIDs in a -// year and having one duplicate. -func NewRandom() UUID { - if gu, err := guuid.NewRandom(); err == nil { - return UUID(gu[:]) - } - return nil -} diff --git a/vendor/k8s.io/klog/v2/contextual.go b/vendor/k8s.io/klog/v2/contextual.go index 2428963c0e..005513f2a7 100644 --- a/vendor/k8s.io/klog/v2/contextual.go +++ b/vendor/k8s.io/klog/v2/contextual.go @@ -70,11 +70,14 @@ func SetLogger(logger logr.Logger) { // routing log entries through klogr into klog and then into the actual Logger // backend. func SetLoggerWithOptions(logger logr.Logger, opts ...LoggerOption) { - logging.logger = &logger logging.loggerOptions = loggerOptions{} for _, opt := range opts { opt(&logging.loggerOptions) } + logging.logger = &logWriter{ + Logger: logger, + writeKlogBuffer: logging.loggerOptions.writeKlogBuffer, + } } // ContextualLogger determines whether the logger passed to @@ -93,6 +96,22 @@ func FlushLogger(flush func()) LoggerOption { } } +// WriteKlogBuffer sets a callback that will be invoked by klog to write output +// produced by non-structured log calls like Infof. +// +// The buffer will contain exactly the same data that klog normally would write +// into its own output stream(s). In particular this includes the header, if +// klog is configured to write one. The callback then can divert that data into +// its own output streams. The buffer may or may not end in a line break. +// +// Without such a callback, klog will call the logger's Info or Error method +// with just the message string (i.e. no header). +func WriteKlogBuffer(write func([]byte)) LoggerOption { + return func(o *loggerOptions) { + o.writeKlogBuffer = write + } +} + // LoggerOption implements the functional parameter paradigm for // SetLoggerWithOptions. type LoggerOption func(o *loggerOptions) @@ -100,6 +119,13 @@ type LoggerOption func(o *loggerOptions) type loggerOptions struct { contextualLogger bool flush func() + writeKlogBuffer func([]byte) +} + +// logWriter combines a logger (always set) with a write callback (optional). +type logWriter struct { + Logger + writeKlogBuffer func([]byte) } // ClearLogger removes a backing Logger implementation if one was set earlier @@ -152,7 +178,7 @@ func Background() Logger { if logging.loggerOptions.contextualLogger { // Is non-nil because logging.loggerOptions.contextualLogger is // only true if a logger was set. - return *logging.logger + return logging.logger.Logger } return klogLogger diff --git a/vendor/k8s.io/klog/v2/internal/buffer/buffer.go b/vendor/k8s.io/klog/v2/internal/buffer/buffer.go index d53b49da39..f325ded5e9 100644 --- a/vendor/k8s.io/klog/v2/internal/buffer/buffer.go +++ b/vendor/k8s.io/klog/v2/internal/buffer/buffer.go @@ -55,6 +55,17 @@ func GetBuffer() *Buffer { // PutBuffer returns a buffer to the free list. func PutBuffer(b *Buffer) { + if b.Len() >= 256 { + // Let big buffers die a natural death, without relying on + // sync.Pool behavior. The documentation implies that items may + // get deallocated while stored there ("If the Pool holds the + // only reference when this [= be removed automatically] + // happens, the item might be deallocated."), but + // https://github.com/golang/go/issues/23199 leans more towards + // having such a size limit. + return + } + buffers.Put(b) } @@ -99,7 +110,8 @@ func (buf *Buffer) someDigits(i, d int) int { return copy(buf.Tmp[i:], buf.Tmp[j:]) } -// FormatHeader formats a log header using the provided file name and line number. +// FormatHeader formats a log header using the provided file name and line number +// and writes it into the buffer. func (buf *Buffer) FormatHeader(s severity.Severity, file string, line int, now time.Time) { if line < 0 { line = 0 // not a real line number, but acceptable to someDigits @@ -135,3 +147,30 @@ func (buf *Buffer) FormatHeader(s severity.Severity, file string, line int, now buf.Tmp[n+2] = ' ' buf.Write(buf.Tmp[:n+3]) } + +// SprintHeader formats a log header and returns a string. This is a simpler +// version of FormatHeader for use in ktesting. +func (buf *Buffer) SprintHeader(s severity.Severity, now time.Time) string { + if s > severity.FatalLog { + s = severity.InfoLog // for safety. + } + + // Avoid Fprintf, for speed. The format is so simple that we can do it quickly by hand. + // It's worth about 3X. Fprintf is hard. + _, month, day := now.Date() + hour, minute, second := now.Clock() + // Lmmdd hh:mm:ss.uuuuuu threadid file:line] + buf.Tmp[0] = severity.Char[s] + buf.twoDigits(1, int(month)) + buf.twoDigits(3, day) + buf.Tmp[5] = ' ' + buf.twoDigits(6, hour) + buf.Tmp[8] = ':' + buf.twoDigits(9, minute) + buf.Tmp[11] = ':' + buf.twoDigits(12, second) + buf.Tmp[14] = '.' + buf.nDigits(6, 15, now.Nanosecond()/1000, '0') + buf.Tmp[21] = ']' + return string(buf.Tmp[:22]) +} diff --git a/vendor/k8s.io/klog/v2/internal/serialize/keyvalues.go b/vendor/k8s.io/klog/v2/internal/serialize/keyvalues.go index f9558c3d28..1dc81a15fa 100644 --- a/vendor/k8s.io/klog/v2/internal/serialize/keyvalues.go +++ b/vendor/k8s.io/klog/v2/internal/serialize/keyvalues.go @@ -95,9 +95,15 @@ func MergeKVs(first, second []interface{}) []interface{} { return merged } +type Formatter struct { + AnyToStringHook AnyToStringFunc +} + +type AnyToStringFunc func(v interface{}) string + // MergeKVsInto is a variant of MergeKVs which directly formats the key/value // pairs into a buffer. -func MergeAndFormatKVs(b *bytes.Buffer, first, second []interface{}) { +func (f Formatter) MergeAndFormatKVs(b *bytes.Buffer, first, second []interface{}) { if len(first) == 0 && len(second) == 0 { // Nothing to do at all. return @@ -107,7 +113,7 @@ func MergeAndFormatKVs(b *bytes.Buffer, first, second []interface{}) { // Nothing to be overridden, second slice is well-formed // and can be used directly. for i := 0; i < len(second); i += 2 { - KVFormat(b, second[i], second[i+1]) + f.KVFormat(b, second[i], second[i+1]) } return } @@ -127,24 +133,28 @@ func MergeAndFormatKVs(b *bytes.Buffer, first, second []interface{}) { if overrides[key] { continue } - KVFormat(b, key, first[i+1]) + f.KVFormat(b, key, first[i+1]) } // Round down. l := len(second) l = l / 2 * 2 for i := 1; i < l; i += 2 { - KVFormat(b, second[i-1], second[i]) + f.KVFormat(b, second[i-1], second[i]) } if len(second)%2 == 1 { - KVFormat(b, second[len(second)-1], missingValue) + f.KVFormat(b, second[len(second)-1], missingValue) } } +func MergeAndFormatKVs(b *bytes.Buffer, first, second []interface{}) { + Formatter{}.MergeAndFormatKVs(b, first, second) +} + const missingValue = "(MISSING)" // KVListFormat serializes all key/value pairs into the provided buffer. // A space gets inserted before the first pair and between each pair. -func KVListFormat(b *bytes.Buffer, keysAndValues ...interface{}) { +func (f Formatter) KVListFormat(b *bytes.Buffer, keysAndValues ...interface{}) { for i := 0; i < len(keysAndValues); i += 2 { var v interface{} k := keysAndValues[i] @@ -153,13 +163,17 @@ func KVListFormat(b *bytes.Buffer, keysAndValues ...interface{}) { } else { v = missingValue } - KVFormat(b, k, v) + f.KVFormat(b, k, v) } } +func KVListFormat(b *bytes.Buffer, keysAndValues ...interface{}) { + Formatter{}.KVListFormat(b, keysAndValues...) +} + // KVFormat serializes one key/value pair into the provided buffer. // A space gets inserted before the pair. -func KVFormat(b *bytes.Buffer, k, v interface{}) { +func (f Formatter) KVFormat(b *bytes.Buffer, k, v interface{}) { b.WriteByte(' ') // Keys are assumed to be well-formed according to // https://github.com/kubernetes/community/blob/master/contributors/devel/sig-instrumentation/migration-to-structured-logging.md#name-arguments @@ -203,7 +217,7 @@ func KVFormat(b *bytes.Buffer, k, v interface{}) { case string: writeStringValue(b, true, value) default: - writeStringValue(b, false, fmt.Sprintf("%+v", value)) + writeStringValue(b, false, f.AnyToString(value)) } case []byte: // In https://github.com/kubernetes/klog/pull/237 it was decided @@ -220,8 +234,20 @@ func KVFormat(b *bytes.Buffer, k, v interface{}) { b.WriteByte('=') b.WriteString(fmt.Sprintf("%+q", v)) default: - writeStringValue(b, false, fmt.Sprintf("%+v", v)) + writeStringValue(b, false, f.AnyToString(v)) + } +} + +func KVFormat(b *bytes.Buffer, k, v interface{}) { + Formatter{}.KVFormat(b, k, v) +} + +// AnyToString is the historic fallback formatter. +func (f Formatter) AnyToString(v interface{}) string { + if f.AnyToStringHook != nil { + return f.AnyToStringHook(v) } + return fmt.Sprintf("%+v", v) } // StringerToString converts a Stringer to a string, diff --git a/vendor/k8s.io/klog/v2/klog.go b/vendor/k8s.io/klog/v2/klog.go index c5d98ad38c..466eeaf265 100644 --- a/vendor/k8s.io/klog/v2/klog.go +++ b/vendor/k8s.io/klog/v2/klog.go @@ -91,8 +91,6 @@ import ( "sync/atomic" "time" - "github.com/go-logr/logr" - "k8s.io/klog/v2/internal/buffer" "k8s.io/klog/v2/internal/clock" "k8s.io/klog/v2/internal/dbg" @@ -453,7 +451,7 @@ type settings struct { // logger is the global Logger chosen by users of klog, nil if // none is available. - logger *Logger + logger *logWriter // loggerOptions contains the options that were supplied for // globalLogger. @@ -525,6 +523,11 @@ func (s settings) deepCopy() settings { } s.vmodule.filter = filter + if s.logger != nil { + logger := *s.logger + s.logger = &logger + } + return s } @@ -668,15 +671,16 @@ func (l *loggingT) formatHeader(s severity.Severity, file string, line int) *buf return buf } -func (l *loggingT) println(s severity.Severity, logger *logr.Logger, filter LogFilter, args ...interface{}) { +func (l *loggingT) println(s severity.Severity, logger *logWriter, filter LogFilter, args ...interface{}) { l.printlnDepth(s, logger, filter, 1, args...) } -func (l *loggingT) printlnDepth(s severity.Severity, logger *logr.Logger, filter LogFilter, depth int, args ...interface{}) { +func (l *loggingT) printlnDepth(s severity.Severity, logger *logWriter, filter LogFilter, depth int, args ...interface{}) { buf, file, line := l.header(s, depth) - // if logger is set, we clear the generated header as we rely on the backing - // logger implementation to print headers - if logger != nil { + // If a logger is set and doesn't support writing a formatted buffer, + // we clear the generated header as we rely on the backing + // logger implementation to print headers. + if logger != nil && logger.writeKlogBuffer == nil { buffer.PutBuffer(buf) buf = buffer.GetBuffer() } @@ -687,15 +691,16 @@ func (l *loggingT) printlnDepth(s severity.Severity, logger *logr.Logger, filter l.output(s, logger, buf, depth, file, line, false) } -func (l *loggingT) print(s severity.Severity, logger *logr.Logger, filter LogFilter, args ...interface{}) { +func (l *loggingT) print(s severity.Severity, logger *logWriter, filter LogFilter, args ...interface{}) { l.printDepth(s, logger, filter, 1, args...) } -func (l *loggingT) printDepth(s severity.Severity, logger *logr.Logger, filter LogFilter, depth int, args ...interface{}) { +func (l *loggingT) printDepth(s severity.Severity, logger *logWriter, filter LogFilter, depth int, args ...interface{}) { buf, file, line := l.header(s, depth) - // if logr is set, we clear the generated header as we rely on the backing - // logr implementation to print headers - if logger != nil { + // If a logger is set and doesn't support writing a formatted buffer, + // we clear the generated header as we rely on the backing + // logger implementation to print headers. + if logger != nil && logger.writeKlogBuffer == nil { buffer.PutBuffer(buf) buf = buffer.GetBuffer() } @@ -709,15 +714,16 @@ func (l *loggingT) printDepth(s severity.Severity, logger *logr.Logger, filter L l.output(s, logger, buf, depth, file, line, false) } -func (l *loggingT) printf(s severity.Severity, logger *logr.Logger, filter LogFilter, format string, args ...interface{}) { +func (l *loggingT) printf(s severity.Severity, logger *logWriter, filter LogFilter, format string, args ...interface{}) { l.printfDepth(s, logger, filter, 1, format, args...) } -func (l *loggingT) printfDepth(s severity.Severity, logger *logr.Logger, filter LogFilter, depth int, format string, args ...interface{}) { +func (l *loggingT) printfDepth(s severity.Severity, logger *logWriter, filter LogFilter, depth int, format string, args ...interface{}) { buf, file, line := l.header(s, depth) - // if logr is set, we clear the generated header as we rely on the backing - // logr implementation to print headers - if logger != nil { + // If a logger is set and doesn't support writing a formatted buffer, + // we clear the generated header as we rely on the backing + // logger implementation to print headers. + if logger != nil && logger.writeKlogBuffer == nil { buffer.PutBuffer(buf) buf = buffer.GetBuffer() } @@ -734,11 +740,12 @@ func (l *loggingT) printfDepth(s severity.Severity, logger *logr.Logger, filter // printWithFileLine behaves like print but uses the provided file and line number. If // alsoLogToStderr is true, the log message always appears on standard error; it // will also appear in the log file unless --logtostderr is set. -func (l *loggingT) printWithFileLine(s severity.Severity, logger *logr.Logger, filter LogFilter, file string, line int, alsoToStderr bool, args ...interface{}) { +func (l *loggingT) printWithFileLine(s severity.Severity, logger *logWriter, filter LogFilter, file string, line int, alsoToStderr bool, args ...interface{}) { buf := l.formatHeader(s, file, line) - // if logr is set, we clear the generated header as we rely on the backing - // logr implementation to print headers - if logger != nil { + // If a logger is set and doesn't support writing a formatted buffer, + // we clear the generated header as we rely on the backing + // logger implementation to print headers. + if logger != nil && logger.writeKlogBuffer == nil { buffer.PutBuffer(buf) buf = buffer.GetBuffer() } @@ -753,7 +760,7 @@ func (l *loggingT) printWithFileLine(s severity.Severity, logger *logr.Logger, f } // if loggr is specified, will call loggr.Error, otherwise output with logging module. -func (l *loggingT) errorS(err error, logger *logr.Logger, filter LogFilter, depth int, msg string, keysAndValues ...interface{}) { +func (l *loggingT) errorS(err error, logger *logWriter, filter LogFilter, depth int, msg string, keysAndValues ...interface{}) { if filter != nil { msg, keysAndValues = filter.FilterS(msg, keysAndValues) } @@ -765,7 +772,7 @@ func (l *loggingT) errorS(err error, logger *logr.Logger, filter LogFilter, dept } // if loggr is specified, will call loggr.Info, otherwise output with logging module. -func (l *loggingT) infoS(logger *logr.Logger, filter LogFilter, depth int, msg string, keysAndValues ...interface{}) { +func (l *loggingT) infoS(logger *logWriter, filter LogFilter, depth int, msg string, keysAndValues ...interface{}) { if filter != nil { msg, keysAndValues = filter.FilterS(msg, keysAndValues) } @@ -846,7 +853,7 @@ func LogToStderr(stderr bool) { } // output writes the data to the log files and releases the buffer. -func (l *loggingT) output(s severity.Severity, log *logr.Logger, buf *buffer.Buffer, depth int, file string, line int, alsoToStderr bool) { +func (l *loggingT) output(s severity.Severity, logger *logWriter, buf *buffer.Buffer, depth int, file string, line int, alsoToStderr bool) { var isLocked = true l.mu.Lock() defer func() { @@ -862,13 +869,17 @@ func (l *loggingT) output(s severity.Severity, log *logr.Logger, buf *buffer.Buf } } data := buf.Bytes() - if log != nil { - // TODO: set 'severity' and caller information as structured log info - // keysAndValues := []interface{}{"severity", severityName[s], "file", file, "line", line} - if s == severity.ErrorLog { - logging.logger.WithCallDepth(depth+3).Error(nil, string(data)) + if logger != nil { + if logger.writeKlogBuffer != nil { + logger.writeKlogBuffer(data) } else { - log.WithCallDepth(depth + 3).Info(string(data)) + // TODO: set 'severity' and caller information as structured log info + // keysAndValues := []interface{}{"severity", severityName[s], "file", file, "line", line} + if s == severity.ErrorLog { + logger.WithCallDepth(depth+3).Error(nil, string(data)) + } else { + logger.WithCallDepth(depth + 3).Info(string(data)) + } } } else if l.toStderr { os.Stderr.Write(data) @@ -1277,7 +1288,7 @@ func (l *loggingT) setV(pc uintptr) Level { // See the documentation of V for more information. type Verbose struct { enabled bool - logr *logr.Logger + logger *logWriter } func newVerbose(level Level, b bool) Verbose { @@ -1285,7 +1296,7 @@ func newVerbose(level Level, b bool) Verbose { return Verbose{b, nil} } v := logging.logger.V(int(level)) - return Verbose{b, &v} + return Verbose{b, &logWriter{Logger: v, writeKlogBuffer: logging.loggerOptions.writeKlogBuffer}} } // V reports whether verbosity at the call site is at least the requested level. @@ -1359,7 +1370,7 @@ func (v Verbose) Enabled() bool { // See the documentation of V for usage. func (v Verbose) Info(args ...interface{}) { if v.enabled { - logging.print(severity.InfoLog, v.logr, logging.filter, args...) + logging.print(severity.InfoLog, v.logger, logging.filter, args...) } } @@ -1367,7 +1378,7 @@ func (v Verbose) Info(args ...interface{}) { // See the documentation of V for usage. func (v Verbose) InfoDepth(depth int, args ...interface{}) { if v.enabled { - logging.printDepth(severity.InfoLog, v.logr, logging.filter, depth, args...) + logging.printDepth(severity.InfoLog, v.logger, logging.filter, depth, args...) } } @@ -1375,7 +1386,7 @@ func (v Verbose) InfoDepth(depth int, args ...interface{}) { // See the documentation of V for usage. func (v Verbose) Infoln(args ...interface{}) { if v.enabled { - logging.println(severity.InfoLog, v.logr, logging.filter, args...) + logging.println(severity.InfoLog, v.logger, logging.filter, args...) } } @@ -1383,7 +1394,7 @@ func (v Verbose) Infoln(args ...interface{}) { // See the documentation of V for usage. func (v Verbose) InfolnDepth(depth int, args ...interface{}) { if v.enabled { - logging.printlnDepth(severity.InfoLog, v.logr, logging.filter, depth, args...) + logging.printlnDepth(severity.InfoLog, v.logger, logging.filter, depth, args...) } } @@ -1391,7 +1402,7 @@ func (v Verbose) InfolnDepth(depth int, args ...interface{}) { // See the documentation of V for usage. func (v Verbose) Infof(format string, args ...interface{}) { if v.enabled { - logging.printf(severity.InfoLog, v.logr, logging.filter, format, args...) + logging.printf(severity.InfoLog, v.logger, logging.filter, format, args...) } } @@ -1399,7 +1410,7 @@ func (v Verbose) Infof(format string, args ...interface{}) { // See the documentation of V for usage. func (v Verbose) InfofDepth(depth int, format string, args ...interface{}) { if v.enabled { - logging.printfDepth(severity.InfoLog, v.logr, logging.filter, depth, format, args...) + logging.printfDepth(severity.InfoLog, v.logger, logging.filter, depth, format, args...) } } @@ -1407,7 +1418,7 @@ func (v Verbose) InfofDepth(depth int, format string, args ...interface{}) { // See the documentation of V for usage. func (v Verbose) InfoS(msg string, keysAndValues ...interface{}) { if v.enabled { - logging.infoS(v.logr, logging.filter, 0, msg, keysAndValues...) + logging.infoS(v.logger, logging.filter, 0, msg, keysAndValues...) } } @@ -1421,14 +1432,14 @@ func InfoSDepth(depth int, msg string, keysAndValues ...interface{}) { // See the documentation of V for usage. func (v Verbose) InfoSDepth(depth int, msg string, keysAndValues ...interface{}) { if v.enabled { - logging.infoS(v.logr, logging.filter, depth, msg, keysAndValues...) + logging.infoS(v.logger, logging.filter, depth, msg, keysAndValues...) } } // Deprecated: Use ErrorS instead. func (v Verbose) Error(err error, msg string, args ...interface{}) { if v.enabled { - logging.errorS(err, v.logr, logging.filter, 0, msg, args...) + logging.errorS(err, v.logger, logging.filter, 0, msg, args...) } } @@ -1436,7 +1447,7 @@ func (v Verbose) Error(err error, msg string, args ...interface{}) { // See the documentation of V for usage. func (v Verbose) ErrorS(err error, msg string, keysAndValues ...interface{}) { if v.enabled { - logging.errorS(err, v.logr, logging.filter, 0, msg, keysAndValues...) + logging.errorS(err, v.logger, logging.filter, 0, msg, keysAndValues...) } } diff --git a/vendor/k8s.io/utils/trace/trace.go b/vendor/k8s.io/utils/trace/trace.go index a0b07a6d78..187eb5d8c5 100644 --- a/vendor/k8s.io/utils/trace/trace.go +++ b/vendor/k8s.io/utils/trace/trace.go @@ -65,6 +65,11 @@ func durationToMilliseconds(timeDuration time.Duration) int64 { } type traceItem interface { + // rLock must be called before invoking time or writeItem. + rLock() + // rUnlock must be called after processing the item is complete. + rUnlock() + // time returns when the trace was recorded as completed. time() time.Time // writeItem outputs the traceItem to the buffer. If stepThreshold is non-nil, only output the @@ -79,6 +84,10 @@ type traceStep struct { fields []Field } +// rLock doesn't need to do anything because traceStep instances are immutable. +func (s traceStep) rLock() {} +func (s traceStep) rUnlock() {} + func (s traceStep) time() time.Time { return s.stepTime } @@ -106,6 +115,14 @@ type Trace struct { traceItems []traceItem } +func (t *Trace) rLock() { + t.lock.RLock() +} + +func (t *Trace) rUnlock() { + t.lock.RUnlock() +} + func (t *Trace) time() time.Time { if t.endTime != nil { return *t.endTime @@ -231,8 +248,10 @@ func (t *Trace) logTrace() { func (t *Trace) writeTraceSteps(b *bytes.Buffer, formatter string, stepThreshold *time.Duration) { lastStepTime := t.startTime for _, stepOrTrace := range t.traceItems { + stepOrTrace.rLock() stepOrTrace.writeItem(b, formatter, lastStepTime, stepThreshold) lastStepTime = stepOrTrace.time() + stepOrTrace.rUnlock() } } diff --git a/vendor/kubevirt.io/api/core/v1/deepcopy_generated.go b/vendor/kubevirt.io/api/core/v1/deepcopy_generated.go index b6a50d1598..3ae71e03cf 100644 --- a/vendor/kubevirt.io/api/core/v1/deepcopy_generated.go +++ b/vendor/kubevirt.io/api/core/v1/deepcopy_generated.go @@ -2,7 +2,7 @@ // +build !ignore_autogenerated /* -Copyright 2023 The KubeVirt Authors. +Copyright The KubeVirt Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. @@ -29,6 +29,22 @@ import ( v1beta1 "kubevirt.io/containerized-data-importer-api/pkg/apis/core/v1beta1" ) +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ACPI) DeepCopyInto(out *ACPI) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACPI. +func (in *ACPI) DeepCopy() *ACPI { + if in == nil { + return nil + } + out := new(ACPI) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *AccessCredential) DeepCopyInto(out *AccessCredential) { *out = *in @@ -102,6 +118,58 @@ func (in *AddVolumeOptions) DeepCopy() *AddVolumeOptions { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ArchConfiguration) DeepCopyInto(out *ArchConfiguration) { + *out = *in + if in.Amd64 != nil { + in, out := &in.Amd64, &out.Amd64 + *out = new(ArchSpecificConfiguration) + (*in).DeepCopyInto(*out) + } + if in.Arm64 != nil { + in, out := &in.Arm64, &out.Arm64 + *out = new(ArchSpecificConfiguration) + (*in).DeepCopyInto(*out) + } + if in.Ppc64le != nil { + in, out := &in.Ppc64le, &out.Ppc64le + *out = new(ArchSpecificConfiguration) + (*in).DeepCopyInto(*out) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ArchConfiguration. +func (in *ArchConfiguration) DeepCopy() *ArchConfiguration { + if in == nil { + return nil + } + out := new(ArchConfiguration) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ArchSpecificConfiguration) DeepCopyInto(out *ArchSpecificConfiguration) { + *out = *in + if in.EmulatedMachines != nil { + in, out := &in.EmulatedMachines, &out.EmulatedMachines + *out = make([]string, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ArchSpecificConfiguration. +func (in *ArchSpecificConfiguration) DeepCopy() *ArchSpecificConfiguration { + if in == nil { + return nil + } + out := new(ArchSpecificConfiguration) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *AuthorizedKeysFile) DeepCopyInto(out *AuthorizedKeysFile) { *out = *in @@ -259,6 +327,22 @@ func (in *CPUFeature) DeepCopy() *CPUFeature { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CPUTopology) DeepCopyInto(out *CPUTopology) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CPUTopology. +func (in *CPUTopology) DeepCopy() *CPUTopology { + if in == nil { + return nil + } + out := new(CPUTopology) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *CertConfig) DeepCopyInto(out *CertConfig) { *out = *in @@ -541,6 +625,22 @@ func (in *ConfigMapVolumeSource) DeepCopy() *ConfigMapVolumeSource { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ContainerDiskInfo) DeepCopyInto(out *ContainerDiskInfo) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ContainerDiskInfo. +func (in *ContainerDiskInfo) DeepCopy() *ContainerDiskInfo { + if in == nil { + return nil + } + out := new(ContainerDiskInfo) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ContainerDiskSource) DeepCopyInto(out *ContainerDiskSource) { *out = *in @@ -824,6 +924,11 @@ func (in *Devices) DeepCopyInto(out *Devices) { *out = new(bool) **out = **in } + if in.LogSerialConsole != nil { + in, out := &in.LogSerialConsole, &out.LogSerialConsole + *out = new(bool) + **out = **in + } if in.AutoattachMemBalloon != nil { in, out := &in.AutoattachMemBalloon, &out.AutoattachMemBalloon *out = new(bool) @@ -861,6 +966,11 @@ func (in *Devices) DeepCopyInto(out *Devices) { (*in)[i].DeepCopyInto(&(*out)[i]) } } + if in.DownwardMetrics != nil { + in, out := &in.DownwardMetrics, &out.DownwardMetrics + *out = new(DownwardMetrics) + **out = **in + } if in.Filesystems != nil { in, out := &in.Filesystems, &out.Filesystems *out = make([]Filesystem, len(*in)) @@ -886,7 +996,7 @@ func (in *Devices) DeepCopyInto(out *Devices) { if in.TPM != nil { in, out := &in.TPM, &out.TPM *out = new(TPMDevice) - **out = **in + (*in).DeepCopyInto(*out) } return } @@ -901,6 +1011,38 @@ func (in *Devices) DeepCopy() *Devices { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *DisableFreePageReporting) DeepCopyInto(out *DisableFreePageReporting) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DisableFreePageReporting. +func (in *DisableFreePageReporting) DeepCopy() *DisableFreePageReporting { + if in == nil { + return nil + } + out := new(DisableFreePageReporting) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *DisableSerialConsoleLog) DeepCopyInto(out *DisableSerialConsoleLog) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DisableSerialConsoleLog. +func (in *DisableSerialConsoleLog) DeepCopy() *DisableSerialConsoleLog { + if in == nil { + return nil + } + out := new(DisableSerialConsoleLog) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *Disk) DeepCopyInto(out *Disk) { *out = *in @@ -925,6 +1067,11 @@ func (in *Disk) DeepCopyInto(out *Disk) { *out = new(bool) **out = **in } + if in.ErrorPolicy != nil { + in, out := &in.ErrorPolicy, &out.ErrorPolicy + *out = new(DiskErrorPolicy) + **out = **in + } return } @@ -1116,6 +1263,22 @@ func (in *DownwardAPIVolumeSource) DeepCopy() *DownwardAPIVolumeSource { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *DownwardMetrics) DeepCopyInto(out *DownwardMetrics) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DownwardMetrics. +func (in *DownwardMetrics) DeepCopy() *DownwardMetrics { + if in == nil { + return nil + } + out := new(DownwardMetrics) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *DownwardMetricsVolumeSource) DeepCopyInto(out *DownwardMetricsVolumeSource) { *out = *in @@ -1140,6 +1303,11 @@ func (in *EFI) DeepCopyInto(out *EFI) { *out = new(bool) **out = **in } + if in.Persistent != nil { + in, out := &in.Persistent, &out.Persistent + *out = new(bool) + **out = **in + } return } @@ -1474,6 +1642,11 @@ func (in *Firmware) DeepCopyInto(out *Firmware) { *out = new(KernelBoot) (*in).DeepCopyInto(*out) } + if in.ACPI != nil { + in, out := &in.ACPI, &out.ACPI + *out = new(ACPI) + **out = **in + } return } @@ -1804,6 +1977,22 @@ func (in *I6300ESBWatchdog) DeepCopy() *I6300ESBWatchdog { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *InitrdInfo) DeepCopyInto(out *InitrdInfo) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InitrdInfo. +func (in *InitrdInfo) DeepCopy() *InitrdInfo { + if in == nil { + return nil + } + out := new(InitrdInfo) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *Input) DeepCopyInto(out *Input) { *out = *in @@ -1823,6 +2012,11 @@ func (in *Input) DeepCopy() *Input { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *InstancetypeMatcher) DeepCopyInto(out *InstancetypeMatcher) { *out = *in + if in.InferFromVolumeFailurePolicy != nil { + in, out := &in.InferFromVolumeFailurePolicy, &out.InferFromVolumeFailurePolicy + *out = new(InferFromVolumeFailurePolicy) + **out = **in + } return } @@ -1840,6 +2034,11 @@ func (in *InstancetypeMatcher) DeepCopy() *InstancetypeMatcher { func (in *Interface) DeepCopyInto(out *Interface) { *out = *in in.InterfaceBindingMethod.DeepCopyInto(&out.InterfaceBindingMethod) + if in.Binding != nil { + in, out := &in.Binding, &out.Binding + *out = new(PluginBinding) + **out = **in + } if in.Ports != nil { in, out := &in.Ports, &out.Ports *out = make([]Port, len(*in)) @@ -1914,6 +2113,43 @@ func (in *InterfaceBindingMethod) DeepCopy() *InterfaceBindingMethod { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *InterfaceBindingMigration) DeepCopyInto(out *InterfaceBindingMigration) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InterfaceBindingMigration. +func (in *InterfaceBindingMigration) DeepCopy() *InterfaceBindingMigration { + if in == nil { + return nil + } + out := new(InterfaceBindingMigration) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *InterfaceBindingPlugin) DeepCopyInto(out *InterfaceBindingPlugin) { + *out = *in + if in.Migration != nil { + in, out := &in.Migration, &out.Migration + *out = new(InterfaceBindingMigration) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InterfaceBindingPlugin. +func (in *InterfaceBindingPlugin) DeepCopy() *InterfaceBindingPlugin { + if in == nil { + return nil + } + out := new(InterfaceBindingPlugin) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *InterfaceBridge) DeepCopyInto(out *InterfaceBridge) { *out = *in @@ -2010,6 +2246,27 @@ func (in *InterfaceSlirp) DeepCopy() *InterfaceSlirp { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *KSMConfiguration) DeepCopyInto(out *KSMConfiguration) { + *out = *in + if in.NodeLabelSelector != nil { + in, out := &in.NodeLabelSelector, &out.NodeLabelSelector + *out = new(metav1.LabelSelector) + (*in).DeepCopyInto(*out) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KSMConfiguration. +func (in *KSMConfiguration) DeepCopy() *KSMConfiguration { + if in == nil { + return nil + } + out := new(KSMConfiguration) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *KVMTimer) DeepCopyInto(out *KVMTimer) { *out = *in @@ -2068,6 +2325,48 @@ func (in *KernelBootContainer) DeepCopy() *KernelBootContainer { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *KernelBootStatus) DeepCopyInto(out *KernelBootStatus) { + *out = *in + if in.KernelInfo != nil { + in, out := &in.KernelInfo, &out.KernelInfo + *out = new(KernelInfo) + **out = **in + } + if in.InitrdInfo != nil { + in, out := &in.InitrdInfo, &out.InitrdInfo + *out = new(InitrdInfo) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KernelBootStatus. +func (in *KernelBootStatus) DeepCopy() *KernelBootStatus { + if in == nil { + return nil + } + out := new(KernelBootStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *KernelInfo) DeepCopyInto(out *KernelInfo) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KernelInfo. +func (in *KernelInfo) DeepCopy() *KernelInfo { + if in == nil { + return nil + } + out := new(KernelInfo) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *KubeVirt) DeepCopyInto(out *KubeVirt) { *out = *in @@ -2168,6 +2467,11 @@ func (in *KubeVirtConfiguration) DeepCopyInto(out *KubeVirtConfiguration) { *out = new(SMBiosConfiguration) **out = **in } + if in.ArchitectureConfiguration != nil { + in, out := &in.ArchitectureConfiguration, &out.ArchitectureConfiguration + *out = new(ArchConfiguration) + (*in).DeepCopyInto(*out) + } if in.EvictionStrategy != nil { in, out := &in.EvictionStrategy, &out.EvictionStrategy *out = new(EvictionStrategy) @@ -2178,6 +2482,13 @@ func (in *KubeVirtConfiguration) DeepCopyInto(out *KubeVirtConfiguration) { *out = new(string) **out = **in } + if in.SupportContainerResources != nil { + in, out := &in.SupportContainerResources, &out.SupportContainerResources + *out = make([]SupportContainerResources, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } if in.SupportedGuestAgentVersions != nil { in, out := &in.SupportedGuestAgentVersions, &out.SupportedGuestAgentVersions *out = make([]string, len(*in)) @@ -2240,6 +2551,31 @@ func (in *KubeVirtConfiguration) DeepCopyInto(out *KubeVirtConfiguration) { *out = new(SeccompConfiguration) (*in).DeepCopyInto(*out) } + if in.VirtualMachineOptions != nil { + in, out := &in.VirtualMachineOptions, &out.VirtualMachineOptions + *out = new(VirtualMachineOptions) + (*in).DeepCopyInto(*out) + } + if in.KSMConfiguration != nil { + in, out := &in.KSMConfiguration, &out.KSMConfiguration + *out = new(KSMConfiguration) + (*in).DeepCopyInto(*out) + } + if in.AutoCPULimitNamespaceLabelSelector != nil { + in, out := &in.AutoCPULimitNamespaceLabelSelector, &out.AutoCPULimitNamespaceLabelSelector + *out = new(metav1.LabelSelector) + (*in).DeepCopyInto(*out) + } + if in.LiveUpdateConfiguration != nil { + in, out := &in.LiveUpdateConfiguration, &out.LiveUpdateConfiguration + *out = new(LiveUpdateConfiguration) + (*in).DeepCopyInto(*out) + } + if in.VMRolloutStrategy != nil { + in, out := &in.VMRolloutStrategy, &out.VMRolloutStrategy + *out = new(VMRolloutStrategy) + **out = **in + } return } @@ -2437,7 +2773,7 @@ func (in *LaunchSecurity) DeepCopyInto(out *LaunchSecurity) { if in.SEV != nil { in, out := &in.SEV, &out.SEV *out = new(SEV) - **out = **in + (*in).DeepCopyInto(*out) } return } @@ -2452,6 +2788,90 @@ func (in *LaunchSecurity) DeepCopy() *LaunchSecurity { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *LiveUpdateAffinity) DeepCopyInto(out *LiveUpdateAffinity) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LiveUpdateAffinity. +func (in *LiveUpdateAffinity) DeepCopy() *LiveUpdateAffinity { + if in == nil { + return nil + } + out := new(LiveUpdateAffinity) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *LiveUpdateCPU) DeepCopyInto(out *LiveUpdateCPU) { + *out = *in + if in.MaxSockets != nil { + in, out := &in.MaxSockets, &out.MaxSockets + *out = new(uint32) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LiveUpdateCPU. +func (in *LiveUpdateCPU) DeepCopy() *LiveUpdateCPU { + if in == nil { + return nil + } + out := new(LiveUpdateCPU) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *LiveUpdateConfiguration) DeepCopyInto(out *LiveUpdateConfiguration) { + *out = *in + if in.MaxCpuSockets != nil { + in, out := &in.MaxCpuSockets, &out.MaxCpuSockets + *out = new(uint32) + **out = **in + } + if in.MaxGuest != nil { + in, out := &in.MaxGuest, &out.MaxGuest + x := (*in).DeepCopy() + *out = &x + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LiveUpdateConfiguration. +func (in *LiveUpdateConfiguration) DeepCopy() *LiveUpdateConfiguration { + if in == nil { + return nil + } + out := new(LiveUpdateConfiguration) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *LiveUpdateMemory) DeepCopyInto(out *LiveUpdateMemory) { + *out = *in + if in.MaxGuest != nil { + in, out := &in.MaxGuest, &out.MaxGuest + x := (*in).DeepCopy() + *out = &x + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LiveUpdateMemory. +func (in *LiveUpdateMemory) DeepCopy() *LiveUpdateMemory { + if in == nil { + return nil + } + out := new(LiveUpdateMemory) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *LogVerbosity) DeepCopyInto(out *LogVerbosity) { *out = *in @@ -2569,6 +2989,11 @@ func (in *Memory) DeepCopyInto(out *Memory) { x := (*in).DeepCopy() *out = &x } + if in.MaxGuest != nil { + in, out := &in.MaxGuest, &out.MaxGuest + x := (*in).DeepCopy() + *out = &x + } return } @@ -2577,24 +3002,55 @@ func (in *Memory) DeepCopy() *Memory { if in == nil { return nil } - out := new(Memory) + out := new(Memory) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MemoryDumpVolumeSource) DeepCopyInto(out *MemoryDumpVolumeSource) { + *out = *in + out.PersistentVolumeClaimVolumeSource = in.PersistentVolumeClaimVolumeSource + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MemoryDumpVolumeSource. +func (in *MemoryDumpVolumeSource) DeepCopy() *MemoryDumpVolumeSource { + if in == nil { + return nil + } + out := new(MemoryDumpVolumeSource) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *MemoryDumpVolumeSource) DeepCopyInto(out *MemoryDumpVolumeSource) { +func (in *MemoryStatus) DeepCopyInto(out *MemoryStatus) { *out = *in - out.PersistentVolumeClaimVolumeSource = in.PersistentVolumeClaimVolumeSource + if in.GuestAtBoot != nil { + in, out := &in.GuestAtBoot, &out.GuestAtBoot + x := (*in).DeepCopy() + *out = &x + } + if in.GuestCurrent != nil { + in, out := &in.GuestCurrent, &out.GuestCurrent + x := (*in).DeepCopy() + *out = &x + } + if in.GuestRequested != nil { + in, out := &in.GuestRequested, &out.GuestRequested + x := (*in).DeepCopy() + *out = &x + } return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MemoryDumpVolumeSource. -func (in *MemoryDumpVolumeSource) DeepCopy() *MemoryDumpVolumeSource { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MemoryStatus. +func (in *MemoryStatus) DeepCopy() *MemoryStatus { if in == nil { return nil } - out := new(MemoryDumpVolumeSource) + out := new(MemoryStatus) in.DeepCopyInto(out) return out } @@ -2679,6 +3135,11 @@ func (in *MigrationConfiguration) DeepCopyInto(out *MigrationConfiguration) { *out = new(string) **out = **in } + if in.MatchSELinuxLevelOnMigration != nil { + in, out := &in.MatchSELinuxLevelOnMigration, &out.MatchSELinuxLevelOnMigration + *out = new(bool) + **out = **in + } return } @@ -2775,6 +3236,13 @@ func (in *NetworkConfiguration) DeepCopyInto(out *NetworkConfiguration) { *out = new(bool) **out = **in } + if in.Binding != nil { + in, out := &in.Binding, &out.Binding + *out = make(map[string]InterfaceBindingPlugin, len(*in)) + for key, val := range *in { + (*out)[key] = *val.DeepCopy() + } + } return } @@ -2814,6 +3282,22 @@ func (in *NetworkSource) DeepCopy() *NetworkSource { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NoCloudSSHPublicKeyAccessCredentialPropagation) DeepCopyInto(out *NoCloudSSHPublicKeyAccessCredentialPropagation) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NoCloudSSHPublicKeyAccessCredentialPropagation. +func (in *NoCloudSSHPublicKeyAccessCredentialPropagation) DeepCopy() *NoCloudSSHPublicKeyAccessCredentialPropagation { + if in == nil { + return nil + } + out := new(NoCloudSSHPublicKeyAccessCredentialPropagation) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *NodeMediatedDeviceTypesConfig) DeepCopyInto(out *NodeMediatedDeviceTypesConfig) { *out = *in @@ -2954,6 +3438,13 @@ func (in *PermittedHostDevices) DeepCopyInto(out *PermittedHostDevices) { *out = make([]MediatedHostDevice, len(*in)) copy(*out, *in) } + if in.USB != nil { + in, out := &in.USB, &out.USB + *out = make([]USBHostDevice, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } return } @@ -3029,6 +3520,22 @@ func (in *PersistentVolumeClaimVolumeSource) DeepCopy() *PersistentVolumeClaimVo return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PluginBinding) DeepCopyInto(out *PluginBinding) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PluginBinding. +func (in *PluginBinding) DeepCopy() *PluginBinding { + if in == nil { + return nil + } + out := new(PluginBinding) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *PodNetwork) DeepCopyInto(out *PodNetwork) { *out = *in @@ -3064,6 +3571,11 @@ func (in *Port) DeepCopy() *Port { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *PreferenceMatcher) DeepCopyInto(out *PreferenceMatcher) { *out = *in + if in.InferFromVolumeFailurePolicy != nil { + in, out := &in.InferFromVolumeFailurePolicy, &out.InferFromVolumeFailurePolicy + *out = new(InferFromVolumeFailurePolicy) + **out = **in + } return } @@ -3359,6 +3871,16 @@ func (in *Rng) DeepCopy() *Rng { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *SEV) DeepCopyInto(out *SEV) { *out = *in + if in.Policy != nil { + in, out := &in.Policy, &out.Policy + *out = new(SEVPolicy) + (*in).DeepCopyInto(*out) + } + if in.Attestation != nil { + in, out := &in.Attestation, &out.Attestation + *out = new(SEVAttestation) + **out = **in + } return } @@ -3372,6 +3894,125 @@ func (in *SEV) DeepCopy() *SEV { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SEVAttestation) DeepCopyInto(out *SEVAttestation) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SEVAttestation. +func (in *SEVAttestation) DeepCopy() *SEVAttestation { + if in == nil { + return nil + } + out := new(SEVAttestation) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SEVMeasurementInfo) DeepCopyInto(out *SEVMeasurementInfo) { + *out = *in + out.TypeMeta = in.TypeMeta + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SEVMeasurementInfo. +func (in *SEVMeasurementInfo) DeepCopy() *SEVMeasurementInfo { + if in == nil { + return nil + } + out := new(SEVMeasurementInfo) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *SEVMeasurementInfo) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SEVPlatformInfo) DeepCopyInto(out *SEVPlatformInfo) { + *out = *in + out.TypeMeta = in.TypeMeta + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SEVPlatformInfo. +func (in *SEVPlatformInfo) DeepCopy() *SEVPlatformInfo { + if in == nil { + return nil + } + out := new(SEVPlatformInfo) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *SEVPlatformInfo) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SEVPolicy) DeepCopyInto(out *SEVPolicy) { + *out = *in + if in.EncryptedState != nil { + in, out := &in.EncryptedState, &out.EncryptedState + *out = new(bool) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SEVPolicy. +func (in *SEVPolicy) DeepCopy() *SEVPolicy { + if in == nil { + return nil + } + out := new(SEVPolicy) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SEVSecretOptions) DeepCopyInto(out *SEVSecretOptions) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SEVSecretOptions. +func (in *SEVSecretOptions) DeepCopy() *SEVSecretOptions { + if in == nil { + return nil + } + out := new(SEVSecretOptions) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SEVSessionOptions) DeepCopyInto(out *SEVSessionOptions) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SEVSessionOptions. +func (in *SEVSessionOptions) DeepCopy() *SEVSessionOptions { + if in == nil { + return nil + } + out := new(SEVSessionOptions) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *SMBiosConfiguration) DeepCopyInto(out *SMBiosConfiguration) { *out = *in @@ -3414,6 +4055,11 @@ func (in *SSHPublicKeyAccessCredentialPropagationMethod) DeepCopyInto(out *SSHPu *out = new(ConfigDriveSSHPublicKeyAccessCredentialPropagation) **out = **in } + if in.NoCloud != nil { + in, out := &in.NoCloud, &out.NoCloud + *out = new(NoCloudSSHPublicKeyAccessCredentialPropagation) + **out = **in + } if in.QemuGuestAgent != nil { in, out := &in.QemuGuestAgent, &out.QemuGuestAgent *out = new(QemuGuestAgentSSHPublicKeyAccessCredentialPropagation) @@ -3592,6 +4238,23 @@ func (in *StopOptions) DeepCopy() *StopOptions { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SupportContainerResources) DeepCopyInto(out *SupportContainerResources) { + *out = *in + in.Resources.DeepCopyInto(&out.Resources) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SupportContainerResources. +func (in *SupportContainerResources) DeepCopy() *SupportContainerResources { + if in == nil { + return nil + } + out := new(SupportContainerResources) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *SyNICTimer) DeepCopyInto(out *SyNICTimer) { *out = *in @@ -3668,6 +4331,11 @@ func (in *TLSConfiguration) DeepCopy() *TLSConfiguration { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *TPMDevice) DeepCopyInto(out *TPMDevice) { *out = *in + if in.Persistent != nil { + in, out := &in.Persistent, &out.Persistent + *out = new(bool) + **out = **in + } return } @@ -3759,6 +4427,43 @@ func (in *TopologyHints) DeepCopy() *TopologyHints { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *USBHostDevice) DeepCopyInto(out *USBHostDevice) { + *out = *in + if in.Selectors != nil { + in, out := &in.Selectors, &out.Selectors + *out = make([]USBSelector, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new USBHostDevice. +func (in *USBHostDevice) DeepCopy() *USBHostDevice { + if in == nil { + return nil + } + out := new(USBHostDevice) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *USBSelector) DeepCopyInto(out *USBSelector) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new USBSelector. +func (in *USBSelector) DeepCopy() *USBSelector { + if in == nil { + return nil + } + out := new(USBSelector) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *UnpauseOptions) DeepCopyInto(out *UnpauseOptions) { *out = *in @@ -4020,6 +4725,11 @@ func (in *VirtualMachineInstanceCondition) DeepCopy() *VirtualMachineInstanceCon // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *VirtualMachineInstanceFileSystem) DeepCopyInto(out *VirtualMachineInstanceFileSystem) { *out = *in + if in.Disk != nil { + in, out := &in.Disk, &out.Disk + *out = make([]VirtualMachineInstanceFileSystemDisk, len(*in)) + copy(*out, *in) + } return } @@ -4033,13 +4743,31 @@ func (in *VirtualMachineInstanceFileSystem) DeepCopy() *VirtualMachineInstanceFi return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *VirtualMachineInstanceFileSystemDisk) DeepCopyInto(out *VirtualMachineInstanceFileSystemDisk) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VirtualMachineInstanceFileSystemDisk. +func (in *VirtualMachineInstanceFileSystemDisk) DeepCopy() *VirtualMachineInstanceFileSystemDisk { + if in == nil { + return nil + } + out := new(VirtualMachineInstanceFileSystemDisk) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *VirtualMachineInstanceFileSystemInfo) DeepCopyInto(out *VirtualMachineInstanceFileSystemInfo) { *out = *in if in.Filesystems != nil { in, out := &in.Filesystems, &out.Filesystems *out = make([]VirtualMachineInstanceFileSystem, len(*in)) - copy(*out, *in) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } } return } @@ -4062,7 +4790,9 @@ func (in *VirtualMachineInstanceFileSystemList) DeepCopyInto(out *VirtualMachine if in.Items != nil { in, out := &in.Items, &out.Items *out = make([]VirtualMachineInstanceFileSystem, len(*in)) - copy(*out, *in) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } } return } @@ -4341,6 +5071,10 @@ func (in *VirtualMachineInstanceMigrationState) DeepCopyInto(out *VirtualMachine in, out := &in.EndTimestamp, &out.EndTimestamp *out = (*in).DeepCopy() } + if in.TargetNodeDomainReadyTimestamp != nil { + in, out := &in.TargetNodeDomainReadyTimestamp, &out.TargetNodeDomainReadyTimestamp + *out = (*in).DeepCopy() + } if in.TargetDirectMigrationNodePorts != nil { in, out := &in.TargetDirectMigrationNodePorts, &out.TargetDirectMigrationNodePorts *out = make(map[string]int, len(*in)) @@ -4828,6 +5562,11 @@ func (in *VirtualMachineInstanceStatus) DeepCopyInto(out *VirtualMachineInstance (*in)[i].DeepCopyInto(&(*out)[i]) } } + if in.KernelBootStatus != nil { + in, out := &in.KernelBootStatus, &out.KernelBootStatus + *out = new(KernelBootStatus) + (*in).DeepCopyInto(*out) + } if in.TopologyHints != nil { in, out := &in.TopologyHints, &out.TopologyHints *out = new(TopologyHints) @@ -4838,6 +5577,21 @@ func (in *VirtualMachineInstanceStatus) DeepCopyInto(out *VirtualMachineInstance *out = new(uint32) **out = **in } + if in.Machine != nil { + in, out := &in.Machine, &out.Machine + *out = new(Machine) + **out = **in + } + if in.CurrentCPUTopology != nil { + in, out := &in.CurrentCPUTopology, &out.CurrentCPUTopology + *out = new(CPUTopology) + **out = **in + } + if in.Memory != nil { + in, out := &in.Memory, &out.Memory + *out = new(MemoryStatus) + (*in).DeepCopyInto(*out) + } return } @@ -4931,6 +5685,32 @@ func (in *VirtualMachineMemoryDumpRequest) DeepCopy() *VirtualMachineMemoryDumpR return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *VirtualMachineOptions) DeepCopyInto(out *VirtualMachineOptions) { + *out = *in + if in.DisableFreePageReporting != nil { + in, out := &in.DisableFreePageReporting, &out.DisableFreePageReporting + *out = new(DisableFreePageReporting) + **out = **in + } + if in.DisableSerialConsoleLog != nil { + in, out := &in.DisableSerialConsoleLog, &out.DisableSerialConsoleLog + *out = new(DisableSerialConsoleLog) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VirtualMachineOptions. +func (in *VirtualMachineOptions) DeepCopy() *VirtualMachineOptions { + if in == nil { + return nil + } + out := new(VirtualMachineOptions) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *VirtualMachineSpec) DeepCopyInto(out *VirtualMachineSpec) { *out = *in @@ -4947,12 +5727,12 @@ func (in *VirtualMachineSpec) DeepCopyInto(out *VirtualMachineSpec) { if in.Instancetype != nil { in, out := &in.Instancetype, &out.Instancetype *out = new(InstancetypeMatcher) - **out = **in + (*in).DeepCopyInto(*out) } if in.Preference != nil { in, out := &in.Preference, &out.Preference *out = new(PreferenceMatcher) - **out = **in + (*in).DeepCopyInto(*out) } if in.Template != nil { in, out := &in.Template, &out.Template @@ -5257,6 +6037,11 @@ func (in *VolumeStatus) DeepCopyInto(out *VolumeStatus) { *out = new(DomainMemoryDumpInfo) (*in).DeepCopyInto(*out) } + if in.ContainerDiskVolume != nil { + in, out := &in.ContainerDiskVolume, &out.ContainerDiskVolume + *out = new(ContainerDiskInfo) + **out = **in + } return } diff --git a/vendor/kubevirt.io/api/core/v1/defaults.go b/vendor/kubevirt.io/api/core/v1/defaults.go index c87451c617..376931cc35 100644 --- a/vendor/kubevirt.io/api/core/v1/defaults.go +++ b/vendor/kubevirt.io/api/core/v1/defaults.go @@ -1,7 +1,7 @@ package v1 import ( - "github.com/pborman/uuid" + "github.com/google/uuid" "k8s.io/apimachinery/pkg/types" ) @@ -106,7 +106,7 @@ func SetDefaults_I6300ESBWatchdog(obj *I6300ESBWatchdog) { func SetDefaults_Firmware(obj *Firmware) { if obj.UUID == "" { - obj.UUID = types.UID(uuid.NewRandom().String()) + obj.UUID = types.UID(uuid.NewString()) } } diff --git a/vendor/kubevirt.io/api/core/v1/doc.go b/vendor/kubevirt.io/api/core/v1/doc.go index d434314c98..62fb8b7aa7 100644 --- a/vendor/kubevirt.io/api/core/v1/doc.go +++ b/vendor/kubevirt.io/api/core/v1/doc.go @@ -1,8 +1,9 @@ // +k8s:deepcopy-gen=package +// +k8s:openapi-gen=true // +k8s:defaulter-gen=TypeMeta // +groupName=kubevirt.io -// +versionName=v1alpha3 -// +k8s:openapi-gen=true +// +versionName=v1 + // Package v1 is the v1 version of the API. package v1 diff --git a/vendor/kubevirt.io/api/core/v1/register.go b/vendor/kubevirt.io/api/core/v1/register.go index 2bc8efc4fb..ac213dce04 100644 --- a/vendor/kubevirt.io/api/core/v1/register.go +++ b/vendor/kubevirt.io/api/core/v1/register.go @@ -23,6 +23,7 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime/schema" + "k8s.io/utils/pointer" "kubevirt.io/api/core" ) @@ -33,17 +34,19 @@ const KubeVirtClientGoSchemeRegistrationVersionEnvVar = "KUBEVIRT_CLIENT_GO_SCHE var ( ApiLatestVersion = "v1" ApiSupportedWebhookVersions = []string{"v1alpha3", "v1"} - ApiStorageVersion = "v1alpha3" + ApiStorageVersion = "v1" ApiSupportedVersions = []extv1.CustomResourceDefinitionVersion{ { Name: "v1", Served: true, - Storage: false, + Storage: true, }, { - Name: "v1alpha3", - Served: true, - Storage: true, + Name: "v1alpha3", + Served: true, + Storage: false, + Deprecated: true, + DeprecationWarning: pointer.String("kubevirt.io/v1alpha3 is now deprecated and will be removed in a future release."), }, } ) @@ -62,7 +65,7 @@ var ( // SubresourceGroupVersions is group version list used to register these objects // The preferred group version is the first item in the list. - SubresourceGroupVersions = []schema.GroupVersion{{Group: SubresourceGroupName, Version: ApiLatestVersion}, {Group: SubresourceGroupName, Version: ApiStorageVersion}} + SubresourceGroupVersions = []schema.GroupVersion{{Group: SubresourceGroupName, Version: ApiLatestVersion}, {Group: SubresourceGroupName, Version: "v1alpha3"}} // SubresourceStorageGroupVersion is the group version our api is persistented internally as SubresourceStorageGroupVersion = schema.GroupVersion{Group: SubresourceGroupName, Version: ApiStorageVersion} diff --git a/vendor/kubevirt.io/api/core/v1/schema.go b/vendor/kubevirt.io/api/core/v1/schema.go index 73e63a29cb..8cbf4f996b 100644 --- a/vendor/kubevirt.io/api/core/v1/schema.go +++ b/vendor/kubevirt.io/api/core/v1/schema.go @@ -39,6 +39,15 @@ const ( const HotplugDiskDir = "/var/run/kubevirt/hotplug-disks/" +type DiskErrorPolicy string + +const ( + DiskErrorPolicyStop DiskErrorPolicy = "stop" + DiskErrorPolicyIgnore DiskErrorPolicy = "ignore" + DiskErrorPolicyReport DiskErrorPolicy = "report" + DiskErrorPolicyEnospace DiskErrorPolicy = "enospace" +) + /* ATTENTION: Rerun code generators when comments on structs or fields are modified. */ @@ -75,7 +84,6 @@ type ConfigMapVolumeSource struct { type SecretVolumeSource struct { // Name of the secret in the pod's namespace to use. // More info: https://kubernetes.io/docs/concepts/storage/volumes#secret - // +optional SecretName string `json:"secretName,omitempty"` // Specify whether the Secret or it's keys must be defined // +optional @@ -238,6 +246,10 @@ type EFI struct { // Defaults to true // +optional SecureBoot *bool `json:"secureBoot,omitempty"` + // If set to true, Persistent will persist the EFI NVRAM across reboots. + // Defaults to false + // +optional + Persistent *bool `json:"persistent,omitempty"` } // If set, the VM will be booted from the defined kernel / initrd. @@ -294,6 +306,9 @@ type CPU struct { // Sockets specifies the number of sockets inside the vmi. // Must be a value greater or equal 1. Sockets uint32 `json:"sockets,omitempty"` + // MaxSockets specifies the maximum amount of sockets that can + // be hotplugged + MaxSockets uint32 `json:"maxSockets,omitempty"` // Threads specifies the number of threads inside the vmi. // Must be a value greater or equal 1. Threads uint32 `json:"threads,omitempty"` @@ -371,6 +386,21 @@ type Memory struct { // Defaults to the requested memory in the resources section if not specified. // + optional Guest *resource.Quantity `json:"guest,omitempty"` + // MaxGuest allows to specify the maximum amount of memory which is visible inside the Guest OS. + // The delta between MaxGuest and Guest is the amount of memory that can be hot(un)plugged. + MaxGuest *resource.Quantity `json:"maxGuest,omitempty"` +} + +type MemoryStatus struct { + // GuestAtBoot specifies with how much memory the VirtualMachine intiallly booted with. + // +optional + GuestAtBoot *resource.Quantity `json:"guestAtBoot,omitempty"` + // GuestCurrent specifies how much memory is currently available for the VirtualMachine. + // +optional + GuestCurrent *resource.Quantity `json:"guestCurrent,omitempty"` + // GuestRequested specifies how much memory was requested (hotplug) for the VirtualMachine. + // +optional + GuestRequested *resource.Quantity `json:"guestRequested,omitempty"` } // Hugepages allow to use hugepages for the VirtualMachineInstance instead of regular memory. @@ -397,6 +427,15 @@ type Firmware struct { // Settings to set the kernel for booting. // +optional KernelBoot *KernelBoot `json:"kernelBoot,omitempty"` + // Information that can be set in the ACPI table + ACPI *ACPI `json:"acpi,omitempty"` +} + +type ACPI struct { + // SlicNameRef should match the volume name of a secret object. The data in the secret should + // be a binary blob that follows the ACPI SLIC standard, see: + // https://learn.microsoft.com/en-us/previous-versions/windows/hardware/design/dn653305(v=vs.85) + SlicNameRef string `json:"slicNameRef,omitempty"` } type Devices struct { @@ -419,9 +458,14 @@ type Devices struct { // Whether to attach the default graphics device or not. // VNC will not be available if set to false. Defaults to true. AutoattachGraphicsDevice *bool `json:"autoattachGraphicsDevice,omitempty"` - // Whether to attach the default serial console or not. + // Whether to attach the default virtio-serial console or not. // Serial console access will not be available if set to false. Defaults to true. AutoattachSerialConsole *bool `json:"autoattachSerialConsole,omitempty"` + // Whether to log the auto-attached default serial console or not. + // Serial console logs will be collect to a file and then streamed from a named `guest-console-log`. + // Not relevant if autoattachSerialConsole is disabled. + // Defaults to cluster wide setting on VirtualMachineOptions. + LogSerialConsole *bool `json:"logSerialConsole,omitempty"` // Whether to attach the Memory balloon device with default period. // Period can be adjusted in virt-config. // Defaults to true. @@ -448,6 +492,9 @@ type Devices struct { // +optional // +listType=atomic GPUs []GPU `json:"gpus,omitempty"` + // DownwardMetrics creates a virtio serials for exposing the downward metrics to the vmi. + // +optional + DownwardMetrics *DownwardMetrics `json:"downwardMetrics,omitempty"` // Filesystems describes filesystem which is connected to the vmi. // +optional // +listType=atomic @@ -493,7 +540,11 @@ type SoundDevice struct { Model string `json:"model,omitempty"` } -type TPMDevice struct{} +type TPMDevice struct { + // Persistent indicates the state of the TPM device should be kept accross reboots + // Defaults to false + Persistent *bool `json:"persistent,omitempty"` +} type InputBus string @@ -529,6 +580,8 @@ type Filesystem struct { type FilesystemVirtiofs struct{} +type DownwardMetrics struct{} + type GPU struct { // Name of the GPU device as exposed by a device plugin Name string `json:"name"` @@ -600,6 +653,9 @@ type Disk struct { // If specified the disk is made sharable and multiple write from different VMs are permitted // +optional Shareable *bool `json:"shareable,omitempty"` + // If specified, it can change the default error policy (stop) for the disk + // +optional + ErrorPolicy *DiskErrorPolicy `json:"errorPolicy,omitempty"` } // CustomBlockSize represents the desired logical and physical block size for a VM disk. @@ -653,6 +709,26 @@ type LaunchSecurity struct { } type SEV struct { + // Guest policy flags as defined in AMD SEV API specification. + // Note: due to security reasons it is not allowed to enable guest debugging. Therefore NoDebug flag is not exposed to users and is always true. + Policy *SEVPolicy `json:"policy,omitempty"` + // If specified, run the attestation process for a vmi. + // +opitonal + Attestation *SEVAttestation `json:"attestation,omitempty"` + // Base64 encoded session blob. + Session string `json:"session,omitempty"` + // Base64 encoded guest owner's Diffie-Hellman key. + DHCert string `json:"dhCert,omitempty"` +} + +type SEVPolicy struct { + // SEV-ES is required. + // Defaults to false. + // +optional + EncryptedState *bool `json:"encryptedState,omitempty"` +} + +type SEVAttestation struct { } type LunTarget struct { @@ -662,6 +738,8 @@ type LunTarget struct { // ReadOnly. // Defaults to false. ReadOnly bool `json:"readonly,omitempty"` + // Reservation indicates if the disk needs to support the persistent reservation for the SCSI disk + Reservation bool `json:"reservation,omitempty"` } // TrayState indicates if a tray of a cdrom is open or closed. @@ -1157,6 +1235,10 @@ type Interface struct { // BindingMethod specifies the method which will be used to connect the interface to the guest. // Defaults to Bridge. InterfaceBindingMethod `json:",inline"` + // Binding specifies the binding plugin that will be used to connect the interface to the guest. + // It provides an alternative to InterfaceBindingMethod. + // version: 1alphav1 + Binding *PluginBinding `json:"binding,omitempty"` // List of ports to be forwarded to the virtual machine. Ports []Port `json:"ports,omitempty"` // Interface MAC address. For example: de:ad:00:00:be:af or DE-AD-00-00-BE-AF. @@ -1181,8 +1263,18 @@ type Interface struct { // This value is required to be unique across all devices and be between 1 and (16*1024-1). // +optional ACPIIndex int `json:"acpiIndex,omitempty"` + // State represents the requested operational state of the interface. + // The (only) value supported is `absent`, expressing a request to remove the interface. + // +optional + State InterfaceState `json:"state,omitempty"` } +type InterfaceState string + +const ( + InterfaceStateAbsent InterfaceState = "absent" +) + // Extra DHCP options to use in the interface. type DHCPOptions struct { // If specified will pass option 67 to interface's DHCP server @@ -1234,8 +1326,12 @@ type InterfaceBindingMethod struct { Slirp *InterfaceSlirp `json:"slirp,omitempty"` Masquerade *InterfaceMasquerade `json:"masquerade,omitempty"` SRIOV *InterfaceSRIOV `json:"sriov,omitempty"` - Macvtap *InterfaceMacvtap `json:"macvtap,omitempty"` - Passt *InterfacePasst `json:"passt,omitempty"` + // Deprecated, please refer to Kubevirt user guide for alternatives. + // +optional + Macvtap *InterfaceMacvtap `json:"macvtap,omitempty"` + // Deprecated, please refer to Kubevirt user guide for alternatives. + // +optional + Passt *InterfacePasst `json:"passt,omitempty"` } // InterfaceBridge connects to a given network via a linux bridge. @@ -1256,6 +1352,13 @@ type InterfaceMacvtap struct{} // InterfacePasst connects to a given network. type InterfacePasst struct{} +// PluginBinding represents a binding implemented in a plugin. +type PluginBinding struct { + // Name references to the binding name as denined in the kubevirt CR. + // version: 1alphav1 + Name string `json:"name"` +} + // Port represents a port to expose from the virtual machine. // Default protocol TCP. // The port field is mandatory @@ -1280,6 +1383,7 @@ type AccessCredentialSecretSource struct { } type ConfigDriveSSHPublicKeyAccessCredentialPropagation struct{} +type NoCloudSSHPublicKeyAccessCredentialPropagation struct{} // AuthorizedKeysFile represents a path within the guest // that ssh public keys should be propagated to @@ -1317,6 +1421,11 @@ type SSHPublicKeyAccessCredentialPropagationMethod struct { // +optional ConfigDrive *ConfigDriveSSHPublicKeyAccessCredentialPropagation `json:"configDrive,omitempty"` + // NoCloudPropagation means that the ssh public keys are injected + // into the VM using metadata using the noCloud cloud-init provider + // +optional + NoCloud *NoCloudSSHPublicKeyAccessCredentialPropagation `json:"noCloud,omitempty"` + // QemuGuestAgentAccessCredentailPropagation means ssh public keys are // dynamically injected into the vm at runtime via the qemu guest agent. // This feature requires the qemu guest agent to be running within the guest. @@ -1439,3 +1548,17 @@ type MultusNetwork struct { // multus-cni.io/default-network annotation. Default bool `json:"default,omitempty"` } + +// CPUTopology allows specifying the amount of cores, sockets +// and threads. +type CPUTopology struct { + // Cores specifies the number of cores inside the vmi. + // Must be a value greater or equal 1. + Cores uint32 `json:"cores,omitempty"` + // Sockets specifies the number of sockets inside the vmi. + // Must be a value greater or equal 1. + Sockets uint32 `json:"sockets,omitempty"` + // Threads specifies the number of threads inside the vmi. + // Must be a value greater or equal 1. + Threads uint32 `json:"threads,omitempty"` +} diff --git a/vendor/kubevirt.io/api/core/v1/schema_swagger_generated.go b/vendor/kubevirt.io/api/core/v1/schema_swagger_generated.go index 5afc9bf97f..2267714428 100644 --- a/vendor/kubevirt.io/api/core/v1/schema_swagger_generated.go +++ b/vendor/kubevirt.io/api/core/v1/schema_swagger_generated.go @@ -23,7 +23,7 @@ func (ConfigMapVolumeSource) SwaggerDoc() map[string]string { func (SecretVolumeSource) SwaggerDoc() map[string]string { return map[string]string{ "": "SecretVolumeSource adapts a Secret into a volume.", - "secretName": "Name of the secret in the pod's namespace to use.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#secret\n+optional", + "secretName": "Name of the secret in the pod's namespace to use.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#secret", "optional": "Specify whether the Secret or it's keys must be defined\n+optional", "volumeLabel": "The volume label of the resulting disk inside the VMI.\nDifferent bootstrapping mechanisms require different values.\nTypical values are \"cidata\" (cloud-init), \"config-2\" (cloud-init) or \"OEMDRV\" (kickstart).\n+optional", } @@ -123,6 +123,7 @@ func (EFI) SwaggerDoc() map[string]string { return map[string]string{ "": "If set, EFI will be used instead of BIOS.", "secureBoot": "If set, SecureBoot will be enabled and the OVMF roms will be swapped for\nSecureBoot-enabled ones.\nRequires SMM to be enabled.\nDefaults to true\n+optional", + "persistent": "If set to true, Persistent will persist the EFI NVRAM across reboots.\nDefaults to false\n+optional", } } @@ -158,6 +159,7 @@ func (CPU) SwaggerDoc() map[string]string { "": "CPU allows specifying the CPU topology.", "cores": "Cores specifies the number of cores inside the vmi.\nMust be a value greater or equal 1.", "sockets": "Sockets specifies the number of sockets inside the vmi.\nMust be a value greater or equal 1.", + "maxSockets": "MaxSockets specifies the maximum amount of sockets that can\nbe hotplugged", "threads": "Threads specifies the number of threads inside the vmi.\nMust be a value greater or equal 1.", "model": "Model specifies the CPU model inside the VMI.\nList of available models https://github.com/libvirt/libvirt/tree/master/src/cpu_map.\nIt is possible to specify special cases like \"host-passthrough\" to get the same CPU as the node\nand \"host-model\" to get CPU closest to the node one.\nDefaults to host-model.\n+optional", "features": "Features specifies the CPU features list inside the VMI.\n+optional", @@ -200,6 +202,15 @@ func (Memory) SwaggerDoc() map[string]string { "": "Memory allows specifying the VirtualMachineInstance memory features.", "hugepages": "Hugepages allow to use hugepages for the VirtualMachineInstance instead of regular memory.\n+optional", "guest": "Guest allows to specifying the amount of memory which is visible inside the Guest OS.\nThe Guest must lie between Requests and Limits from the resources section.\nDefaults to the requested memory in the resources section if not specified.\n+ optional", + "maxGuest": "MaxGuest allows to specify the maximum amount of memory which is visible inside the Guest OS.\nThe delta between MaxGuest and Guest is the amount of memory that can be hot(un)plugged.", + } +} + +func (MemoryStatus) SwaggerDoc() map[string]string { + return map[string]string{ + "guestAtBoot": "GuestAtBoot specifies with how much memory the VirtualMachine intiallly booted with.\n+optional", + "guestCurrent": "GuestCurrent specifies how much memory is currently available for the VirtualMachine.\n+optional", + "guestRequested": "GuestRequested specifies how much memory was requested (hotplug) for the VirtualMachine.\n+optional", } } @@ -222,6 +233,13 @@ func (Firmware) SwaggerDoc() map[string]string { "bootloader": "Settings to control the bootloader that is used.\n+optional", "serial": "The system-serial-number in SMBIOS", "kernelBoot": "Settings to set the kernel for booting.\n+optional", + "acpi": "Information that can be set in the ACPI table", + } +} + +func (ACPI) SwaggerDoc() map[string]string { + return map[string]string{ + "slicNameRef": "SlicNameRef should match the volume name of a secret object. The data in the secret should\nbe a binary blob that follows the ACPI SLIC standard, see:\nhttps://learn.microsoft.com/en-us/previous-versions/windows/hardware/design/dn653305(v=vs.85)", } } @@ -235,7 +253,8 @@ func (Devices) SwaggerDoc() map[string]string { "inputs": "Inputs describe input devices", "autoattachPodInterface": "Whether to attach a pod network interface. Defaults to true.", "autoattachGraphicsDevice": "Whether to attach the default graphics device or not.\nVNC will not be available if set to false. Defaults to true.", - "autoattachSerialConsole": "Whether to attach the default serial console or not.\nSerial console access will not be available if set to false. Defaults to true.", + "autoattachSerialConsole": "Whether to attach the default virtio-serial console or not.\nSerial console access will not be available if set to false. Defaults to true.", + "logSerialConsole": "Whether to log the auto-attached default serial console or not.\nSerial console logs will be collect to a file and then streamed from a named `guest-console-log`.\nNot relevant if autoattachSerialConsole is disabled.\nDefaults to cluster wide setting on VirtualMachineOptions.", "autoattachMemBalloon": "Whether to attach the Memory balloon device with default period.\nPeriod can be adjusted in virt-config.\nDefaults to true.\n+optional", "autoattachInputDevice": "Whether to attach an Input Device.\nDefaults to false.\n+optional", "autoattachVSOCK": "Whether to attach the VSOCK CID to the VM or not.\nVSOCK access will be available if set to true. Defaults to false.", @@ -243,6 +262,7 @@ func (Devices) SwaggerDoc() map[string]string { "blockMultiQueue": "Whether or not to enable virtio multi-queue for block devices.\nDefaults to false.\n+optional", "networkInterfaceMultiqueue": "If specified, virtual network interfaces configured with a virtio bus will also enable the vhost multiqueue feature for network devices. The number of queues created depends on additional factors of the VirtualMachineInstance, like the number of guest CPUs.\n+optional", "gpus": "Whether to attach a GPU device to the vmi.\n+optional\n+listType=atomic", + "downwardMetrics": "DownwardMetrics creates a virtio serials for exposing the downward metrics to the vmi.\n+optional", "filesystems": "Filesystems describes filesystem which is connected to the vmi.\n+optional\n+listType=atomic", "hostDevices": "Whether to attach a host device to the vmi.\n+optional\n+listType=atomic", "clientPassthrough": "To configure and access client devices such as redirecting USB\n+optional", @@ -266,7 +286,9 @@ func (SoundDevice) SwaggerDoc() map[string]string { } func (TPMDevice) SwaggerDoc() map[string]string { - return map[string]string{} + return map[string]string{ + "persistent": "Persistent indicates the state of the TPM device should be kept accross reboots\nDefaults to false", + } } func (Input) SwaggerDoc() map[string]string { @@ -288,6 +310,10 @@ func (FilesystemVirtiofs) SwaggerDoc() map[string]string { return map[string]string{} } +func (DownwardMetrics) SwaggerDoc() map[string]string { + return map[string]string{} +} + func (GPU) SwaggerDoc() map[string]string { return map[string]string{ "name": "Name of the GPU device as exposed by a device plugin", @@ -324,6 +350,7 @@ func (Disk) SwaggerDoc() map[string]string { "tag": "If specified, disk address and its tag will be provided to the guest via config drive metadata\n+optional", "blockSize": "If specified, the virtual disk will be presented with the given block sizes.\n+optional", "shareable": "If specified the disk is made sharable and multiple write from different VMs are permitted\n+optional", + "errorPolicy": "If specified, it can change the default error policy (stop) for the disk\n+optional", } } @@ -363,13 +390,29 @@ func (LaunchSecurity) SwaggerDoc() map[string]string { } func (SEV) SwaggerDoc() map[string]string { + return map[string]string{ + "policy": "Guest policy flags as defined in AMD SEV API specification.\nNote: due to security reasons it is not allowed to enable guest debugging. Therefore NoDebug flag is not exposed to users and is always true.", + "attestation": "If specified, run the attestation process for a vmi.\n+opitonal", + "session": "Base64 encoded session blob.", + "dhCert": "Base64 encoded guest owner's Diffie-Hellman key.", + } +} + +func (SEVPolicy) SwaggerDoc() map[string]string { + return map[string]string{ + "encryptedState": "SEV-ES is required.\nDefaults to false.\n+optional", + } +} + +func (SEVAttestation) SwaggerDoc() map[string]string { return map[string]string{} } func (LunTarget) SwaggerDoc() map[string]string { return map[string]string{ - "bus": "Bus indicates the type of disk device to emulate.\nsupported values: virtio, sata, scsi.", - "readonly": "ReadOnly.\nDefaults to false.", + "bus": "Bus indicates the type of disk device to emulate.\nsupported values: virtio, sata, scsi.", + "readonly": "ReadOnly.\nDefaults to false.", + "reservation": "Reservation indicates if the disk needs to support the persistent reservation for the SCSI disk", } } @@ -619,6 +662,7 @@ func (Interface) SwaggerDoc() map[string]string { return map[string]string{ "name": "Logical name of the interface as well as a reference to the associated networks.\nMust match the Name of a Network.", "model": "Interface model.\nOne of: e1000, e1000e, ne2k_pci, pcnet, rtl8139, virtio.\nDefaults to virtio.", + "binding": "Binding specifies the binding plugin that will be used to connect the interface to the guest.\nIt provides an alternative to InterfaceBindingMethod.\nversion: 1alphav1", "ports": "List of ports to be forwarded to the virtual machine.", "macAddress": "Interface MAC address. For example: de:ad:00:00:be:af or DE-AD-00-00-BE-AF.", "bootOrder": "BootOrder is an integer value > 0, used to determine ordering of boot devices.\nLower values take precedence.\nEach interface or disk that has a boot order must have a unique value.\nInterfaces without a boot order are not tried.\n+optional", @@ -626,6 +670,7 @@ func (Interface) SwaggerDoc() map[string]string { "dhcpOptions": "If specified the network interface will pass additional DHCP options to the VMI\n+optional", "tag": "If specified, the virtual network interface address and its tag will be provided to the guest via config drive\n+optional", "acpiIndex": "If specified, the ACPI index is used to provide network interface device naming, that is stable across changes\nin PCI addresses assigned to the device.\nThis value is required to be unique across all devices and be between 1 and (16*1024-1).\n+optional", + "state": "State represents the requested operational state of the interface.\nThe (only) value supported is `absent`, expressing a request to remove the interface.\n+optional", } } @@ -649,7 +694,9 @@ func (DHCPPrivateOptions) SwaggerDoc() map[string]string { func (InterfaceBindingMethod) SwaggerDoc() map[string]string { return map[string]string{ - "": "Represents the method which will be used to connect the interface to the guest.\nOnly one of its members may be specified.", + "": "Represents the method which will be used to connect the interface to the guest.\nOnly one of its members may be specified.", + "macvtap": "Deprecated, please refer to Kubevirt user guide for alternatives.\n+optional", + "passt": "Deprecated, please refer to Kubevirt user guide for alternatives.\n+optional", } } @@ -689,6 +736,13 @@ func (InterfacePasst) SwaggerDoc() map[string]string { } } +func (PluginBinding) SwaggerDoc() map[string]string { + return map[string]string{ + "": "PluginBinding represents a binding implemented in a plugin.", + "name": "Name references to the binding name as denined in the kubevirt CR.\nversion: 1alphav1", + } +} + func (Port) SwaggerDoc() map[string]string { return map[string]string{ "": "Port represents a port to expose from the virtual machine.\nDefault protocol TCP.\nThe port field is mandatory", @@ -708,6 +762,10 @@ func (ConfigDriveSSHPublicKeyAccessCredentialPropagation) SwaggerDoc() map[strin return map[string]string{} } +func (NoCloudSSHPublicKeyAccessCredentialPropagation) SwaggerDoc() map[string]string { + return map[string]string{} +} + func (AuthorizedKeysFile) SwaggerDoc() map[string]string { return map[string]string{ "": "AuthorizedKeysFile represents a path within the guest\nthat ssh public keys should be propagated to", @@ -736,6 +794,7 @@ func (SSHPublicKeyAccessCredentialPropagationMethod) SwaggerDoc() map[string]str return map[string]string{ "": "SSHPublicKeyAccessCredentialPropagationMethod represents the method used to\ninject a ssh public key into the vm guest.\nOnly one of its members may be specified.", "configDrive": "ConfigDrivePropagation means that the ssh public keys are injected\ninto the VM using metadata using the configDrive cloud-init provider\n+optional", + "noCloud": "NoCloudPropagation means that the ssh public keys are injected\ninto the VM using metadata using the noCloud cloud-init provider\n+optional", "qemuGuestAgent": "QemuGuestAgentAccessCredentailPropagation means ssh public keys are\ndynamically injected into the vm at runtime via the qemu guest agent.\nThis feature requires the qemu guest agent to be running within the guest.\n+optional", } } @@ -812,3 +871,12 @@ func (MultusNetwork) SwaggerDoc() map[string]string { "default": "Select the default network and add it to the\nmultus-cni.io/default-network annotation.", } } + +func (CPUTopology) SwaggerDoc() map[string]string { + return map[string]string{ + "": "CPUTopology allows specifying the amount of cores, sockets\nand threads.", + "cores": "Cores specifies the number of cores inside the vmi.\nMust be a value greater or equal 1.", + "sockets": "Sockets specifies the number of sockets inside the vmi.\nMust be a value greater or equal 1.", + "threads": "Threads specifies the number of threads inside the vmi.\nMust be a value greater or equal 1.", + } +} diff --git a/vendor/kubevirt.io/api/core/v1/types.go b/vendor/kubevirt.io/api/core/v1/types.go index 41ba167ede..7835d6aa2c 100644 --- a/vendor/kubevirt.io/api/core/v1/types.go +++ b/vendor/kubevirt.io/api/core/v1/types.go @@ -109,9 +109,12 @@ type VirtualMachineInstanceSpec struct { // +listMapKey=topologyKey // +listMapKey=whenUnsatisfiable TopologySpreadConstraints []k8sv1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty" patchStrategy:"merge" patchMergeKey:"topologyKey"` - // EvictionStrategy can be set to "LiveMigrate" if the VirtualMachineInstance should be - // migrated instead of shut-off in case of a node drain. - // + // EvictionStrategy describes the strategy to follow when a node drain occurs. + // The possible options are: + // - "None": No action will be taken, according to the specified 'RunStrategy' the VirtualMachine will be restarted or shutdown. + // - "LiveMigrate": the VirtualMachineInstance will be migrated instead of being shutdown. + // - "LiveMigrateIfPossible": the same as "LiveMigrate" but only if the VirtualMachine is Live-Migratable, otherwise it will behave as "None". + // - "External": the VirtualMachineInstance will be protected by a PDB and `vmi.Status.EvacuationNodeName` will be set on eviction. This is mainly useful for cluster-api-provider-kubevirt (capk) which needs a way for VMI's to be blocked from eviction, yet signal capk that eviction has been called on the VMI so the capk controller can handle tearing the VMI down. Details can be found in the commit description https://github.com/kubevirt/kubevirt/commit/c1d77face705c8b126696bac9a3ee3825f27f1fa. // +optional EvictionStrategy *EvictionStrategy `json:"evictionStrategy,omitempty"` // StartStrategy can be set to "Paused" if Virtual Machine should be started in paused state. @@ -162,6 +165,8 @@ type VirtualMachineInstanceSpec struct { // +listType=atomic // +optional AccessCredentials []AccessCredential `json:"accessCredentials,omitempty"` + // Specifies the architecture of the vm guest you are attempting to run. Defaults to the compiled architecture of the KubeVirt components + Architecture string `json:"architecture,omitempty"` } func (vmiSpec *VirtualMachineInstanceSpec) UnmarshalJSON(data []byte) error { @@ -245,6 +250,10 @@ type VirtualMachineInstanceStatus struct { // +listType=atomic VolumeStatus []VolumeStatus `json:"volumeStatus,omitempty"` + // KernelBootStatus contains info about the kernelBootContainer + // +optional + KernelBootStatus *KernelBootStatus `json:"kernelBootStatus,omitempty"` + // FSFreezeStatus is the state of the fs of the guest // it can be either frozen or thawed // +optional @@ -269,6 +278,19 @@ type VirtualMachineInstanceStatus struct { // SELinuxContext is the actual SELinux context of the virt-launcher pod // +optional SelinuxContext string `json:"selinuxContext,omitempty"` + + // Machine shows the final resulting qemu machine type. This can be different + // than the machine type selected in the spec, due to qemus machine type alias mechanism. + // +optional + Machine *Machine `json:"machine,omitempty"` + // CurrentCPUTopology specifies the current CPU topology used by the VM workload. + // Current topology may differ from the desired topology in the spec while CPU hotplug + // takes place. + CurrentCPUTopology *CPUTopology `json:"currentCPUTopology,omitempty"` + + // Memory shows various informations about the VirtualMachine memory. + // +optional + Memory *MemoryStatus `json:"memory,omitempty"` } // PersistentVolumeClaimInfo contains the relavant information virt-handler needs cached about a PVC @@ -321,6 +343,28 @@ type VolumeStatus struct { Size int64 `json:"size,omitempty"` // If the volume is memorydump volume, this will contain the memorydump info. MemoryDumpVolume *DomainMemoryDumpInfo `json:"memoryDumpVolume,omitempty"` + // ContainerDiskVolume shows info about the containerdisk, if the volume is a containerdisk + ContainerDiskVolume *ContainerDiskInfo `json:"containerDiskVolume,omitempty"` +} + +// KernelInfo show info about the kernel image +type KernelInfo struct { + // Checksum is the checksum of the kernel image + Checksum uint32 `json:"checksum,omitempty"` +} + +// InitrdInfo show info about the initrd file +type InitrdInfo struct { + // Checksum is the checksum of the initrd file + Checksum uint32 `json:"checksum,omitempty"` +} + +// KernelBootStatus contains info about the kernelBootContainer +type KernelBootStatus struct { + // KernelInfo show info about the kernel image + KernelInfo *KernelInfo `json:"kernelInfo,omitempty"` + // InitrdInfo show info about the initrd file + InitrdInfo *InitrdInfo `json:"initrdInfo,omitempty"` } // DomainMemoryDumpInfo represents the memory dump information @@ -343,6 +387,12 @@ type HotplugVolumeStatus struct { AttachPodUID types.UID `json:"attachPodUID,omitempty"` } +// ContainerDiskInfo shows info about the containerdisk +type ContainerDiskInfo struct { + // Checksum is the checksum of the rootdisk or kernel artifacts inside the containerdisk + Checksum uint32 `json:"checksum,omitempty"` +} + // VolumePhase indicates the current phase of the hotplug process. type VolumePhase string @@ -437,6 +487,25 @@ func (v *VirtualMachineInstance) IsRealtimeEnabled() bool { return v.Spec.Domain.CPU != nil && v.Spec.Domain.CPU.Realtime != nil } +// IsHighPerformanceVMI returns true if the VMI is considered as high performance. +// A VMI is considered as high performance if one of the following is true: +// - the vmi requests a dedicated cpu +// - the realtime flag is enabled +// - the vmi requests hugepages +func (v *VirtualMachineInstance) IsHighPerformanceVMI() bool { + if v.Spec.Domain.CPU != nil { + if v.Spec.Domain.CPU.DedicatedCPUPlacement || v.Spec.Domain.CPU.Realtime != nil { + return true + } + } + + if v.Spec.Domain.Memory != nil && v.Spec.Domain.Memory.Hugepages != nil { + return true + } + + return false +} + type VirtualMachineInstanceConditionType string // These are valid conditions of VMIs. @@ -483,6 +552,20 @@ const ( VirtualMachineInstanceReasonSEVNotMigratable = "SEVNotLiveMigratable" // Reason means that VMI is not live migratable because it uses HyperV Reenlightenment while TSC Frequency is not available VirtualMachineInstanceReasonNoTSCFrequencyMigratable = "NoTSCFrequencyNotLiveMigratable" + // Reason means that VMI is not live migratable because it requested SCSI persitent reservation + VirtualMachineInstanceReasonPRNotMigratable = "PersistentReservationNotLiveMigratable" + // Indicates that the VMI is in progress of Hot vCPU Plug/UnPlug + VirtualMachineInstanceVCPUChange = "HotVCPUChange" + // Indicates that the VMI is hot(un)plugging memory + VirtualMachineInstanceMemoryChange = "HotMemoryChange" + + // Summarizes that all the DataVolumes attached to the VMI are Ready or not + VirtualMachineInstanceDataVolumesReady = "DataVolumesReady" + + // Reason means that not all of the VMI's DVs are ready + VirtualMachineInstanceReasonNotAllDVsReady = "NotAllDVsReady" + // Reason means that all of the VMI's DVs are bound and not running + VirtualMachineInstanceReasonAllDVsReady = "AllDVsReady" ) const ( @@ -569,7 +652,7 @@ type VirtualMachineInstanceNetworkInterface struct { IPs []string `json:"ipAddresses,omitempty"` // The interface name inside the Virtual Machine InterfaceName string `json:"interfaceName,omitempty"` - // Specifies the origin of the interface data collected. values: domain, guest-agent, or both + // Specifies the origin of the interface data collected. values: domain, guest-agent, multus-status. InfoSource string `json:"infoSource,omitempty"` // Specifies how many queues are allocated by MultiQueue QueueCount int32 `json:"queueCount,omitempty"` @@ -608,6 +691,8 @@ type VirtualMachineInstanceMigrationState struct { // +nullable EndTimestamp *metav1.Time `json:"endTimestamp,omitempty"` + // The timestamp at which the target node detects the domain is active + TargetNodeDomainReadyTimestamp *metav1.Time `json:"targetNodeDomainReadyTimestamp,omitempty"` // The Target Node has seen the Domain Start Event TargetNodeDomainDetected bool `json:"targetNodeDomainDetected,omitempty"` // The address of the target node to use for the migration @@ -878,6 +963,24 @@ const ( // SEVLabel marks the node as capable of running workloads with SEV SEVLabel string = "kubevirt.io/sev" + // SEVESLabel marks the node as capable of running workloads with SEV-ES + SEVESLabel string = "kubevirt.io/sev-es" + + // KSMEnabledLabel marks the node as KSM enabled + KSMEnabledLabel string = "kubevirt.io/ksm-enabled" + + // KSMHandlerManagedAnnotation is an annotation used to mark the nodes where the virt-handler has enabled the ksm + KSMHandlerManagedAnnotation string = "kubevirt.io/ksm-handler-managed" + + // KSM debug annotations to override default constants + KSMPagesBoostOverride string = "kubevirt.io/ksm-pages-boost-override" + KSMPagesDecayOverride string = "kubevirt.io/ksm-pages-decay-override" + KSMPagesMinOverride string = "kubevirt.io/ksm-pages-min-override" + KSMPagesMaxOverride string = "kubevirt.io/ksm-pages-max-override" + KSMPagesInitOverride string = "kubevirt.io/ksm-pages-init-override" + KSMSleepMsBaselineOverride string = "kubevirt.io/ksm-sleep-ms-baseline-override" + KSMFreePercentOverride string = "kubevirt.io/ksm-free-percent-override" + // InstancetypeAnnotation is the name of a VirtualMachineInstancetype InstancetypeAnnotation string = "kubevirt.io/instancetype-name" @@ -900,6 +1003,46 @@ const ( // PVCMemoryDumpAnnotation is the name of the memory dump representing the vm name, // pvc name and the timestamp the memory dump was collected PVCMemoryDumpAnnotation string = "kubevirt.io/memory-dump" + + // AllowPodBridgeNetworkLiveMigrationAnnotation allow to run live migration when the + // vm has the pod networking bind with a bridge + AllowPodBridgeNetworkLiveMigrationAnnotation string = "kubevirt.io/allow-pod-bridge-network-live-migration" + + // VirtualMachineGenerationAnnotation is the generation of a Virtual Machine. + VirtualMachineGenerationAnnotation string = "kubevirt.io/vm-generation" + + // MigrationTargetReadyTimestamp indicates the time at which the target node + // detected that the VMI became active on the target during live migration. + MigrationTargetReadyTimestamp string = "kubevirt.io/migration-target-ready-timestamp" + + // FreePageReportingDisabledAnnotation indicates if the the vmi wants to explicitly disable + // the freePageReporting feature of the memballooning. + // This annotation only allows to opt-out from freePageReporting in those cases where it is + // enabled (no high performance vmis). + // This annotation does not allow to enable freePageReporting for high performance vmis, + // in which freePageReporting is always disabled. + FreePageReportingDisabledAnnotation string = "kubevirt.io/free-page-reporting-disabled" + + // VirtualMachinePodCPULimitsLabel indicates VMI pod CPU resource limits + VirtualMachinePodCPULimitsLabel string = "kubevirt.io/vmi-pod-cpu-resource-limits" + // VirtualMachinePodMemoryRequestsLabel indicates VMI pod Memory resource requests + VirtualMachinePodMemoryRequestsLabel string = "kubevirt.io/vmi-pod-memory-resource-requests" + // MemoryHotplugOverheadRatioLabel indicates the guest memory overhead ratio required + // to correctly compute the target pod memory requests when doing memory hotplug. + // The label is used to store this value when memory hotplug is requested as it may change + // between the creation of the target pod and when the evaluation of `MemoryHotplugReadyLabel` + // happens. + MemoryHotplugOverheadRatioLabel string = "kubevirt.io/memory-hotplug-overhead-ratio" + + // AutoMemoryLimitsRatioLabel allows to use a custom ratio for auto memory limits calculation. + // Must be a float >= 1. + AutoMemoryLimitsRatioLabel string = "alpha.kubevirt.io/auto-memory-limits-ratio" + + // MigrationInterfaceName is an arbitrary name used in virt-handler to connect it to a dedicated migration network + MigrationInterfaceName string = "migration0" + + // EmulatorThreadCompleteToEvenParity alpha annotation will cause Kubevirt to complete the VMI's CPU count to an even parity when IsolateEmulatorThread options are requested + EmulatorThreadCompleteToEvenParity string = "alpha.kubevirt.io/EmulatorThreadCompleteToEvenParity" ) func NewVMI(name string, uid types.UID) *VirtualMachineInstance { @@ -1423,6 +1566,7 @@ type VirtualMachineStatus struct { // Ready indicates if the virtual machine is running and ready Ready bool `json:"ready,omitempty"` // PrintableStatus is a human readable, high-level representation of the status of the virtual machine + // +kubebuilder:default=Stopped PrintableStatus VirtualMachinePrintableStatus `json:"printableStatus,omitempty"` // Hold the state information of the VirtualMachine and its VirtualMachineInstance Conditions []VirtualMachineCondition `json:"conditions,omitempty" optional:"true"` @@ -1449,6 +1593,18 @@ type VirtualMachineStatus struct { // +nullable // +optional MemoryDumpRequest *VirtualMachineMemoryDumpRequest `json:"memoryDumpRequest,omitempty" optional:"true"` + + // ObservedGeneration is the generation observed by the vmi when started. + // +optional + ObservedGeneration int64 `json:"observedGeneration,omitempty" optional:"true"` + + // DesiredGeneration is the generation which is desired for the VMI. + // This will be used in comparisons with ObservedGeneration to understand when + // the VMI is out of sync. This will be changed at the same time as + // ObservedGeneration to remove errors which could occur if Generation is + // updated through an Update() before ObservedGeneration in Status. + // +optional + DesiredGeneration int64 `json:"desiredGeneration,omitempty" optional:"true"` } type VolumeSnapshotStatus struct { @@ -1504,6 +1660,12 @@ const ( // VirtualMachinePaused is added in a virtual machine when its vmi // signals with its own condition that it is paused. VirtualMachinePaused VirtualMachineConditionType = "Paused" + + // VirtualMachineInitialized means the virtual machine object has been seen by the VM controller + VirtualMachineInitialized VirtualMachineConditionType = "Initialized" + + // VirtualMachineRestartRequired is added when changes made to the VM can't be live-propagated to the VMI + VirtualMachineRestartRequired VirtualMachineConditionType = "RestartRequired" ) type HostDiskType string @@ -1843,6 +2005,7 @@ type KubeVirtStatus struct { ObservedDeploymentID string `json:"observedDeploymentID,omitempty" optional:"true"` OutdatedVirtualMachineInstanceWorkloads *int `json:"outdatedVirtualMachineInstanceWorkloads,omitempty" optional:"true"` ObservedGeneration *int64 `json:"observedGeneration,omitempty"` + DefaultArchitecture string `json:"defaultArchitecture,omitempty"` // +listType=atomic Generations []GenerationStatus `json:"generations,omitempty" optional:"true"` } @@ -1895,9 +2058,10 @@ const ( ) const ( - EvictionStrategyNone EvictionStrategy = "None" - EvictionStrategyLiveMigrate EvictionStrategy = "LiveMigrate" - EvictionStrategyExternal EvictionStrategy = "External" + EvictionStrategyNone EvictionStrategy = "None" + EvictionStrategyLiveMigrate EvictionStrategy = "LiveMigrate" + EvictionStrategyLiveMigrateIfPossible EvictionStrategy = "LiveMigrateIfPossible" + EvictionStrategyExternal EvictionStrategy = "External" ) // RestartOptions may be provided when deleting an API object. @@ -2063,13 +2227,20 @@ type VirtualMachineInstanceFileSystemList struct { Items []VirtualMachineInstanceFileSystem `json:"items"` } +// VirtualMachineInstanceFileSystemDisk represents the guest os FS disks +type VirtualMachineInstanceFileSystemDisk struct { + Serial string `json:"serial,omitempty"` + BusType string `json:"busType"` +} + // VirtualMachineInstanceFileSystem represents guest os disk type VirtualMachineInstanceFileSystem struct { - DiskName string `json:"diskName"` - MountPoint string `json:"mountPoint"` - FileSystemType string `json:"fileSystemType"` - UsedBytes int `json:"usedBytes"` - TotalBytes int `json:"totalBytes"` + DiskName string `json:"diskName"` + MountPoint string `json:"mountPoint"` + FileSystemType string `json:"fileSystemType"` + UsedBytes int `json:"usedBytes"` + TotalBytes int `json:"totalBytes"` + Disk []VirtualMachineInstanceFileSystemDisk `json:"disk,omitempty"` } // FreezeUnfreezeTimeout represent the time unfreeze will be triggered if guest was not unfrozen by unfreeze command @@ -2196,13 +2367,14 @@ type KubeVirtConfiguration struct { EmulatedMachines []string `json:"emulatedMachines,omitempty"` ImagePullPolicy k8sv1.PullPolicy `json:"imagePullPolicy,omitempty"` MigrationConfiguration *MigrationConfiguration `json:"migrations,omitempty"` - MachineType string `json:"machineType,omitempty"` - NetworkConfiguration *NetworkConfiguration `json:"network,omitempty"` - OVMFPath string `json:"ovmfPath,omitempty"` - SELinuxLauncherType string `json:"selinuxLauncherType,omitempty"` - DefaultRuntimeClass string `json:"defaultRuntimeClass,omitempty"` - SMBIOSConfig *SMBiosConfiguration `json:"smbios,omitempty"` - + // Deprecated. Use architectureConfiguration instead. + MachineType string `json:"machineType,omitempty"` + NetworkConfiguration *NetworkConfiguration `json:"network,omitempty"` + OVMFPath string `json:"ovmfPath,omitempty"` + SELinuxLauncherType string `json:"selinuxLauncherType,omitempty"` + DefaultRuntimeClass string `json:"defaultRuntimeClass,omitempty"` + SMBIOSConfig *SMBiosConfiguration `json:"smbios,omitempty"` + ArchitectureConfiguration *ArchConfiguration `json:"architectureConfiguration,omitempty"` // EvictionStrategy defines at the cluster level if the VirtualMachineInstance should be // migrated instead of shut-off in case of a node drain. If the VirtualMachineInstance specific // field is set it overrides the cluster level one. @@ -2216,6 +2388,11 @@ type KubeVirtConfiguration struct { // If not set, the default is 1. AdditionalGuestMemoryOverheadRatio *string `json:"additionalGuestMemoryOverheadRatio,omitempty"` + // +listType=map + // +listMapKey=type + // SupportContainerResources specifies the resource requirements for various types of supporting containers such as container disks/virtiofs/sidecars and hotplug attachment pods. If omitted a sensible default will be supplied. + SupportContainerResources []SupportContainerResources `json:"supportContainerResources,omitempty"` + // deprecated SupportedGuestAgentVersions []string `json:"supportedGuestAgentVersions,omitempty"` MemBalloonStatsPeriod *uint32 `json:"memBalloonStatsPeriod,omitempty"` @@ -2230,6 +2407,50 @@ type KubeVirtConfiguration struct { HandlerConfiguration *ReloadableComponentConfiguration `json:"handlerConfiguration,omitempty"` TLSConfiguration *TLSConfiguration `json:"tlsConfiguration,omitempty"` SeccompConfiguration *SeccompConfiguration `json:"seccompConfiguration,omitempty"` + + // VMStateStorageClass is the name of the storage class to use for the PVCs created to preserve VM state, like TPM. + // The storage class must support RWX in filesystem mode. + VMStateStorageClass string `json:"vmStateStorageClass,omitempty"` + VirtualMachineOptions *VirtualMachineOptions `json:"virtualMachineOptions,omitempty"` + + // KSMConfiguration holds the information regarding the enabling the KSM in the nodes (if available). + KSMConfiguration *KSMConfiguration `json:"ksmConfiguration,omitempty"` + + // When set, AutoCPULimitNamespaceLabelSelector will set a CPU limit on virt-launcher for VMIs running inside + // namespaces that match the label selector. + // The CPU limit will equal the number of requested vCPUs. + // This setting does not apply to VMIs with dedicated CPUs. + AutoCPULimitNamespaceLabelSelector *metav1.LabelSelector `json:"autoCPULimitNamespaceLabelSelector,omitempty"` + // LiveUpdateConfiguration holds defaults for live update features + LiveUpdateConfiguration *LiveUpdateConfiguration `json:"liveUpdateConfiguration,omitempty"` + + // VMRolloutStrategy defines how changes to a VM object propagate to its VMI + // +nullable + // +kubebuilder:validation:Enum=Stage;LiveUpdate + VMRolloutStrategy *VMRolloutStrategy `json:"vmRolloutStrategy,omitempty"` +} + +type VMRolloutStrategy string + +const ( + // VMRolloutStrategyStage is the default strategy. It means changes to VM objects will be staged until the next VM reboot + VMRolloutStrategyStage VMRolloutStrategy = "Stage" + // VMRolloutStrategyLiveUpdate means changes to VM objects will be propagated to their VMI when possible + VMRolloutStrategyLiveUpdate VMRolloutStrategy = "LiveUpdate" +) + +type ArchConfiguration struct { + Amd64 *ArchSpecificConfiguration `json:"amd64,omitempty"` + Arm64 *ArchSpecificConfiguration `json:"arm64,omitempty"` + Ppc64le *ArchSpecificConfiguration `json:"ppc64le,omitempty"` + DefaultArchitecture string `json:"defaultArchitecture,omitempty"` +} + +type ArchSpecificConfiguration struct { + OVMFPath string `json:"ovmfPath,omitempty"` + // +listType=atomic + EmulatedMachines []string `json:"emulatedMachines,omitempty,flow"` + MachineType string `json:"machineType,omitempty"` } type SMBiosConfiguration struct { @@ -2240,6 +2461,29 @@ type SMBiosConfiguration struct { Family string `json:"family,omitempty"` } +type SupportContainerType string + +const ( + // HotplugAttachment is the container resources of the hotplug attachment pod used to hotplug a disk + HotplugAttachment SupportContainerType = "hotplug-disk" + // ContainerDisk is the container resources used to attach a container disk to the Virtual Machine + ContainerDisk SupportContainerType = "container-disk" + // VirtioFS is the container resources used to attach a virtio-fs volume to the Virtual Machine + VirtioFS SupportContainerType = "virtiofs" + // SideCar is the container resources for a side car + SideCar SupportContainerType = "sidecar" + // VMExport is the container resources for a vm exporter pod + VMExport SupportContainerType = "vmexport" + // GuestConsoleLog is the container resources for a guest console log streaming container + GuestConsoleLog SupportContainerType = "guest-console-log" +) + +// SupportContainerResources are used to specify the cpu/memory request and limits for the containers that support various features of Virtual Machines. These containers are usually idle and don't require a lot of memory or cpu. +type SupportContainerResources struct { + Type SupportContainerType `json:"type"` + Resources k8sv1.ResourceRequirements `json:"resources"` +} + type TLSProtocolVersion string const ( @@ -2269,6 +2513,24 @@ type SeccompConfiguration struct { VirtualMachineInstanceProfile *VirtualMachineInstanceProfile `json:"virtualMachineInstanceProfile,omitempty"` } +// VirtualMachineOptions holds the cluster level information regarding the virtual machine. +type VirtualMachineOptions struct { + // DisableFreePageReporting disable the free page reporting of + // memory balloon device https://libvirt.org/formatdomain.html#memory-balloon-device. + // This will have effect only if AutoattachMemBalloon is not false and the vmi is not + // requesting any high performance feature (dedicatedCPU/realtime/hugePages), in which free page reporting is always disabled. + DisableFreePageReporting *DisableFreePageReporting `json:"disableFreePageReporting,omitempty"` + + // DisableSerialConsoleLog disables logging the auto-attached default serial console. + // If not set, serial console logs will be written to a file and then streamed from a container named `guest-console-log`. + // The value can be individually overridden for each VM, not relevant if AutoattachSerialConsole is disabled. + DisableSerialConsoleLog *DisableSerialConsoleLog `json:"disableSerialConsoleLog,omitempty"` +} + +type DisableFreePageReporting struct{} + +type DisableSerialConsoleLog struct{} + // TLSConfiguration holds TLS options type TLSConfiguration struct { // MinTLSVersion is a way to specify the minimum protocol version that is acceptable for TLS connections. @@ -2300,7 +2562,7 @@ type MigrationConfiguration struct { // AllowAutoConverge allows the platform to compromise performance/availability of VMIs to // guarantee successful VMI live migrations. Defaults to false AllowAutoConverge *bool `json:"allowAutoConverge,omitempty"` - // BandwidthPerMigration limits the amount of network bandwith live migrations are allowed to use. + // BandwidthPerMigration limits the amount of network bandwidth live migrations are allowed to use. // The value is in quantity per second. Defaults to 0 (no limit) BandwidthPerMigration *resource.Quantity `json:"bandwidthPerMigration,omitempty"` // CompletionTimeoutPerGiB is the maximum number of seconds per GiB a migration is allowed to take. @@ -2325,6 +2587,11 @@ type MigrationConfiguration struct { // Network is the name of the CNI network to use for live migrations. By default, migrations go // through the pod network. Network *string `json:"network,omitempty"` + // By default, the SELinux level of target virt-launcher pods is forced to the level of the source virt-launcher. + // When set to true, MatchSELinuxLevelOnMigration lets the CRI auto-assign a random level to the target. + // That will ensure the target virt-launcher doesn't share categories with another pod on the node. + // However, migrations will fail when using RWX volumes that don't automatically deal with SELinux levels. + MatchSELinuxLevelOnMigration *bool `json:"matchSELinuxLevelOnMigration,omitempty"` } // DiskVerification holds container disks verification limits @@ -2384,6 +2651,7 @@ type LogVerbosity struct { const ( PCIResourcePrefix = "PCI_RESOURCE" MDevResourcePrefix = "MDEV_PCI_RESOURCE" + USBResourcePrefix = "USB_RESOURCE" ) // PermittedHostDevices holds information about devices allowed for passthrough @@ -2392,6 +2660,24 @@ type PermittedHostDevices struct { PciHostDevices []PciHostDevice `json:"pciHostDevices,omitempty"` // +listType=atomic MediatedDevices []MediatedHostDevice `json:"mediatedDevices,omitempty"` + // +listType=atomic + USB []USBHostDevice `json:"usb,omitempty"` +} + +type USBHostDevice struct { + // Identifies the list of USB host devices. + // e.g: kubevirt.io/storage, kubevirt.io/bootable-usb, etc + ResourceName string `json:"resourceName"` + // +listType=atomic + Selectors []USBSelector `json:"selectors,omitempty"` + // If true, KubeVirt will leave the allocation and monitoring to an + // external device plugin + ExternalResourceProvider bool `json:"externalResourceProvider,omitempty"` +} + +type USBSelector struct { + Vendor string `json:"vendor"` + Product string `json:"product"` } // PciHostDevice represents a host PCI device allowed for passthrough @@ -2400,9 +2686,7 @@ type PciHostDevice struct { PCIVendorSelector string `json:"pciVendorSelector"` // The name of the resource that is representing the device. Exposed by // a device plugin and requested by VMs. Typically of the form - // vendor.com/product_nameThe name of the resource that is representing - // the device. Exposed by a device plugin and requested by VMs. - // Typically of the form vendor.com/product_name + // vendor.com/product_name ResourceName string `json:"resourceName"` // If true, KubeVirt will leave the allocation and monitoring to an // external device plugin @@ -2430,7 +2714,7 @@ type MediatedDevicesConfiguration struct { NodeMediatedDeviceTypes []NodeMediatedDeviceTypesConfig `json:"nodeMediatedDeviceTypes,omitempty"` } -// NodeMediatedDeviceTypesConfig holds information about MDEV types to be defined in a specifc node that matches the NodeSelector field. +// NodeMediatedDeviceTypesConfig holds information about MDEV types to be defined in a specific node that matches the NodeSelector field. // +k8s:openapi-gen=true type NodeMediatedDeviceTypesConfig struct { // NodeSelector is a selector which must be true for the vmi to fit on a node. @@ -2446,13 +2730,64 @@ type NodeMediatedDeviceTypesConfig struct { MediatedDeviceTypes []string `json:"mediatedDeviceTypes"` } +// KSMConfiguration holds information about KSM. +// +k8s:openapi-gen=true +type KSMConfiguration struct { + // NodeLabelSelector is a selector that filters in which nodes the KSM will be enabled. + // Empty NodeLabelSelector will enable ksm for every node. + // +optional + NodeLabelSelector *metav1.LabelSelector `json:"nodeLabelSelector,omitempty"` +} + // NetworkConfiguration holds network options type NetworkConfiguration struct { - NetworkInterface string `json:"defaultNetworkInterface,omitempty"` - PermitSlirpInterface *bool `json:"permitSlirpInterface,omitempty"` - PermitBridgeInterfaceOnPodNetwork *bool `json:"permitBridgeInterfaceOnPodNetwork,omitempty"` + NetworkInterface string `json:"defaultNetworkInterface,omitempty"` + PermitSlirpInterface *bool `json:"permitSlirpInterface,omitempty"` + PermitBridgeInterfaceOnPodNetwork *bool `json:"permitBridgeInterfaceOnPodNetwork,omitempty"` + Binding map[string]InterfaceBindingPlugin `json:"binding,omitempty"` +} + +type InterfaceBindingPlugin struct { + // SidecarImage references a container image that runs in the virt-launcher pod. + // The sidecar handles (libvirt) domain configuration and optional services. + // version: 1alphav1 + SidecarImage string `json:"sidecarImage,omitempty"` + // NetworkAttachmentDefinition references to a NetworkAttachmentDefinition CR object. + // Format: , /. + // If namespace is not specified, VMI namespace is assumed. + // version: 1alphav1 + NetworkAttachmentDefinition string `json:"networkAttachmentDefinition,omitempty"` + // DomainAttachmentType is a standard domain network attachment method kubevirt supports. + // Supported values: "tap". + // The standard domain attachment can be used instead or in addition to the sidecarImage. + // version: 1alphav1 + DomainAttachmentType DomainAttachmentType `json:"domainAttachmentType,omitempty"` + // Migration means the VM using the plugin can be safely migrated + // version: 1alphav1 + Migration *InterfaceBindingMigration `json:"migration,omitempty"` +} + +type DomainAttachmentType string + +const ( + // Tap domain attachment type is a generic way to bind ethernet connection into guests using tap device + // https://libvirt.org/formatdomain.html#generic-ethernet-connection. + Tap DomainAttachmentType = "tap" +) + +type InterfaceBindingMigration struct { + // Method defines a pre-defined migration methodology + // version: 1alphav1 + Method MigrationMethod `json:"method,omitempty"` } +type MigrationMethod string + +const ( + // LinkRefresh method will invoke link down -> link up interface to give a chance to the guest to request new IP address and routes from DHCP + LinkRefresh MigrationMethod = "link-refresh" +) + // GuestAgentPing configures the guest-agent based ping probe type GuestAgentPing struct { } @@ -2477,6 +2812,13 @@ type Matcher interface { GetRevisionName() string } +type InferFromVolumeFailurePolicy string + +const ( + RejectInferFromVolumeFailure InferFromVolumeFailurePolicy = "Reject" + IgnoreInferFromVolumeFailure InferFromVolumeFailurePolicy = "Ignore" +) + // InstancetypeMatcher references a instancetype that is used to fill fields in the VMI template. type InstancetypeMatcher struct { // Name is the name of the VirtualMachineInstancetype or VirtualMachineClusterInstancetype @@ -2504,6 +2846,13 @@ type InstancetypeMatcher struct { // // +optional InferFromVolume string `json:"inferFromVolume,omitempty"` + + // InferFromVolumeFailurePolicy controls what should happen on failure when inferring the instancetype. + // Allowed values are: "RejectInferFromVolumeFailure" and "IgnoreInferFromVolumeFailure". + // If not specified, "RejectInferFromVolumeFailure" is used by default. + // + // +optional + InferFromVolumeFailurePolicy *InferFromVolumeFailurePolicy `json:"inferFromVolumeFailurePolicy,omitempty"` } func (i InstancetypeMatcher) GetName() string { @@ -2541,6 +2890,13 @@ type PreferenceMatcher struct { // // +optional InferFromVolume string `json:"inferFromVolume,omitempty"` + + // InferFromVolumeFailurePolicy controls what should happen on failure when preference the instancetype. + // Allowed values are: "RejectInferFromVolumeFailure" and "IgnoreInferFromVolumeFailure". + // If not specified, "RejectInferFromVolumeFailure" is used by default. + // + // +optional + InferFromVolumeFailurePolicy *InferFromVolumeFailurePolicy `json:"inferFromVolumeFailurePolicy,omitempty"` } func (p PreferenceMatcher) GetName() string { @@ -2550,3 +2906,77 @@ func (p PreferenceMatcher) GetName() string { func (p PreferenceMatcher) GetRevisionName() string { return p.RevisionName } + +type LiveUpdateAffinity struct{} + +type LiveUpdateCPU struct { + // The maximum amount of sockets that can be hot-plugged to the Virtual Machine + MaxSockets *uint32 `json:"maxSockets,omitempty" optional:"true"` +} + +type LiveUpdateConfiguration struct { + // MaxHotplugRatio is the ratio used to define the max amount + // of a hotplug resource that can be made available to a VM + // when the specific Max* setting is not defined (MaxCpuSockets, MaxGuest) + // Example: VM is configured with 512Mi of guest memory, if MaxGuest is not + // defined and MaxHotplugRatio is 2 then MaxGuest = 1Gi + // defaults to 4 + MaxHotplugRatio uint32 `json:"maxHotplugRatio,omitempty"` + // MaxCpuSockets holds the maximum amount of sockets that can be hotplugged + MaxCpuSockets *uint32 `json:"maxCpuSockets,omitempty"` + // MaxGuest defines the maximum amount memory that can be allocated + // to the guest using hotplug. + MaxGuest *resource.Quantity `json:"maxGuest,omitempty"` +} + +type LiveUpdateMemory struct { + // MaxGuest defines the maximum amount memory that can be allocated for the VM. + // +optional + MaxGuest *resource.Quantity `json:"maxGuest,omitempty"` +} + +// SEVPlatformInfo contains information about the AMD SEV features for the node. +// +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type SEVPlatformInfo struct { + metav1.TypeMeta `json:",inline"` + // Base64 encoded platform Diffie-Hellman key. + PDH string `json:"pdh,omitempty"` + // Base64 encoded SEV certificate chain. + CertChain string `json:"certChain,omitempty"` +} + +// SEVMeasurementInfo contains information about the guest launch measurement. +// +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type SEVMeasurementInfo struct { + metav1.TypeMeta `json:",inline"` + // Base64 encoded launch measurement of the SEV guest. + Measurement string `json:"measurement,omitempty"` + // API major version of the SEV host. + APIMajor uint `json:"apiMajor,omitempty"` + // API minor version of the SEV host. + APIMinor uint `json:"apiMinor,omitempty"` + // Build ID of the SEV host. + BuildID uint `json:"buildID,omitempty"` + // Policy of the SEV guest. + Policy uint `json:"policy,omitempty"` + // SHA256 of the loader binary + LoaderSHA string `json:"loaderSHA,omitempty"` +} + +// SEVSessionOptions is used to provide SEV session parameters. +type SEVSessionOptions struct { + // Base64 encoded session blob. + Session string `json:"session,omitempty"` + // Base64 encoded guest owner's Diffie-Hellman key. + DHCert string `json:"dhCert,omitempty"` +} + +// SEVSecretOptions is used to provide a secret for a running guest. +type SEVSecretOptions struct { + // Base64 encoded header needed to decrypt the secret. + Header string `json:"header,omitempty"` + // Base64 encoded encrypted launch secret. + Secret string `json:"secret,omitempty"` +} diff --git a/vendor/kubevirt.io/api/core/v1/types_swagger_generated.go b/vendor/kubevirt.io/api/core/v1/types_swagger_generated.go index 58c9bcd5a1..7e05bdc0f9 100644 --- a/vendor/kubevirt.io/api/core/v1/types_swagger_generated.go +++ b/vendor/kubevirt.io/api/core/v1/types_swagger_generated.go @@ -26,7 +26,7 @@ func (VirtualMachineInstanceSpec) SwaggerDoc() map[string]string { "schedulerName": "If specified, the VMI will be dispatched by specified scheduler.\nIf not specified, the VMI will be dispatched by default scheduler.\n+optional", "tolerations": "If toleration is specified, obey all the toleration rules.", "topologySpreadConstraints": "TopologySpreadConstraints describes how a group of VMIs will be spread across a given topology\ndomains. K8s scheduler will schedule VMI pods in a way which abides by the constraints.\n+optional\n+patchMergeKey=topologyKey\n+patchStrategy=merge\n+listType=map\n+listMapKey=topologyKey\n+listMapKey=whenUnsatisfiable", - "evictionStrategy": "EvictionStrategy can be set to \"LiveMigrate\" if the VirtualMachineInstance should be\nmigrated instead of shut-off in case of a node drain.\n\n+optional", + "evictionStrategy": "EvictionStrategy describes the strategy to follow when a node drain occurs.\nThe possible options are:\n- \"None\": No action will be taken, according to the specified 'RunStrategy' the VirtualMachine will be restarted or shutdown.\n- \"LiveMigrate\": the VirtualMachineInstance will be migrated instead of being shutdown.\n- \"LiveMigrateIfPossible\": the same as \"LiveMigrate\" but only if the VirtualMachine is Live-Migratable, otherwise it will behave as \"None\".\n- \"External\": the VirtualMachineInstance will be protected by a PDB and `vmi.Status.EvacuationNodeName` will be set on eviction. This is mainly useful for cluster-api-provider-kubevirt (capk) which needs a way for VMI's to be blocked from eviction, yet signal capk that eviction has been called on the VMI so the capk controller can handle tearing the VMI down. Details can be found in the commit description https://github.com/kubevirt/kubevirt/commit/c1d77face705c8b126696bac9a3ee3825f27f1fa.\n+optional", "startStrategy": "StartStrategy can be set to \"Paused\" if Virtual Machine should be started in paused state.\n\n+optional", "terminationGracePeriodSeconds": "Grace period observed after signalling a VirtualMachineInstance to stop after which the VirtualMachineInstance is force terminated.", "volumes": "List of volumes that can be mounted by disks belonging to the vmi.", @@ -38,6 +38,7 @@ func (VirtualMachineInstanceSpec) SwaggerDoc() map[string]string { "dnsPolicy": "Set DNS policy for the pod.\nDefaults to \"ClusterFirst\".\nValid values are 'ClusterFirstWithHostNet', 'ClusterFirst', 'Default' or 'None'.\nDNS parameters given in DNSConfig will be merged with the policy selected with DNSPolicy.\nTo have DNS options set along with hostNetwork, you have to specify DNS policy\nexplicitly to 'ClusterFirstWithHostNet'.\n+optional", "dnsConfig": "Specifies the DNS parameters of a pod.\nParameters specified here will be merged to the generated DNS\nconfiguration based on DNSPolicy.\n+optional", "accessCredentials": "Specifies a set of public keys to inject into the vm guest\n+listType=atomic\n+optional", + "architecture": "Specifies the architecture of the vm guest you are attempting to run. Defaults to the compiled architecture of the KubeVirt components", } } @@ -71,12 +72,16 @@ func (VirtualMachineInstanceStatus) SwaggerDoc() map[string]string { "evacuationNodeName": "EvacuationNodeName is used to track the eviction process of a VMI. It stores the name of the node that we want\nto evacuate. It is meant to be used by KubeVirt core components only and can't be set or modified by users.\n+optional", "activePods": "ActivePods is a mapping of pod UID to node name.\nIt is possible for multiple pods to be running for a single VMI during migration.", "volumeStatus": "VolumeStatus contains the statuses of all the volumes\n+optional\n+listType=atomic", + "kernelBootStatus": "KernelBootStatus contains info about the kernelBootContainer\n+optional", "fsFreezeStatus": "FSFreezeStatus is the state of the fs of the guest\nit can be either frozen or thawed\n+optional", "topologyHints": "+optional", "virtualMachineRevisionName": "VirtualMachineRevisionName is used to get the vm revision of the vmi when doing\nan online vm snapshot\n+optional", "runtimeUser": "RuntimeUser is used to determine what user will be used in launcher\n+optional", "VSOCKCID": "VSOCKCID is used to track the allocated VSOCK CID in the VM.\n+optional", "selinuxContext": "SELinuxContext is the actual SELinux context of the virt-launcher pod\n+optional", + "machine": "Machine shows the final resulting qemu machine type. This can be different\nthan the machine type selected in the spec, due to qemus machine type alias mechanism.\n+optional", + "currentCPUTopology": "CurrentCPUTopology specifies the current CPU topology used by the VM workload.\nCurrent topology may differ from the desired topology in the spec while CPU hotplug\ntakes place.", + "memory": "Memory shows various informations about the VirtualMachine memory.\n+optional", } } @@ -104,6 +109,29 @@ func (VolumeStatus) SwaggerDoc() map[string]string { "hotplugVolume": "If the volume is hotplug, this will contain the hotplug status.", "size": "Represents the size of the volume", "memoryDumpVolume": "If the volume is memorydump volume, this will contain the memorydump info.", + "containerDiskVolume": "ContainerDiskVolume shows info about the containerdisk, if the volume is a containerdisk", + } +} + +func (KernelInfo) SwaggerDoc() map[string]string { + return map[string]string{ + "": "KernelInfo show info about the kernel image", + "checksum": "Checksum is the checksum of the kernel image", + } +} + +func (InitrdInfo) SwaggerDoc() map[string]string { + return map[string]string{ + "": "InitrdInfo show info about the initrd file", + "checksum": "Checksum is the checksum of the initrd file", + } +} + +func (KernelBootStatus) SwaggerDoc() map[string]string { + return map[string]string{ + "": "KernelBootStatus contains info about the kernelBootContainer", + "kernelInfo": "KernelInfo show info about the kernel image", + "initrdInfo": "InitrdInfo show info about the initrd file", } } @@ -125,6 +153,13 @@ func (HotplugVolumeStatus) SwaggerDoc() map[string]string { } } +func (ContainerDiskInfo) SwaggerDoc() map[string]string { + return map[string]string{ + "": "ContainerDiskInfo shows info about the containerdisk", + "checksum": "Checksum is the checksum of the rootdisk or kernel artifacts inside the containerdisk", + } +} + func (VirtualMachineInstanceCondition) SwaggerDoc() map[string]string { return map[string]string{ "lastProbeTime": "+nullable", @@ -146,7 +181,7 @@ func (VirtualMachineInstanceNetworkInterface) SwaggerDoc() map[string]string { "name": "Name of the interface, corresponds to name of the network assigned to the interface", "ipAddresses": "List of all IP addresses of a Virtual Machine interface", "interfaceName": "The interface name inside the Virtual Machine", - "infoSource": "Specifies the origin of the interface data collected. values: domain, guest-agent, or both", + "infoSource": "Specifies the origin of the interface data collected. values: domain, guest-agent, multus-status.", "queueCount": "Specifies how many queues are allocated by MultiQueue", } } @@ -169,6 +204,7 @@ func (VirtualMachineInstanceMigrationState) SwaggerDoc() map[string]string { "": "+k8s:openapi-gen=true", "startTimestamp": "The time the migration action began\n+nullable", "endTimestamp": "The time the migration action ended\n+nullable", + "targetNodeDomainReadyTimestamp": "The timestamp at which the target node detects the domain is active", "targetNodeDomainDetected": "The Target Node has seen the Domain Start Event", "targetNodeAddress": "The address of the target node to use for the migration", "targetDirectMigrationNodePorts": "The list of ports opened for live migration on the destination node", @@ -344,13 +380,15 @@ func (VirtualMachineStatus) SwaggerDoc() map[string]string { "restoreInProgress": "RestoreInProgress is the name of the VirtualMachineRestore currently executing", "created": "Created indicates if the virtual machine is created in the cluster", "ready": "Ready indicates if the virtual machine is running and ready", - "printableStatus": "PrintableStatus is a human readable, high-level representation of the status of the virtual machine", + "printableStatus": "PrintableStatus is a human readable, high-level representation of the status of the virtual machine\n+kubebuilder:default=Stopped", "conditions": "Hold the state information of the VirtualMachine and its VirtualMachineInstance", "stateChangeRequests": "StateChangeRequests indicates a list of actions that should be taken on a VMI\ne.g. stop a specific VMI then start a new one.", "volumeRequests": "VolumeRequests indicates a list of volumes add or remove from the VMI template and\nhotplug on an active running VMI.\n+listType=atomic", "volumeSnapshotStatuses": "VolumeSnapshotStatuses indicates a list of statuses whether snapshotting is\nsupported by each volume.", "startFailure": "StartFailure tracks consecutive VMI startup failures for the purposes of\ncrash loop backoffs\n+nullable\n+optional", "memoryDumpRequest": "MemoryDumpRequest tracks memory dump request phase and info of getting a memory\ndump to the given pvc\n+nullable\n+optional", + "observedGeneration": "ObservedGeneration is the generation observed by the vmi when started.\n+optional", + "desiredGeneration": "DesiredGeneration is the generation which is desired for the VMI.\nThis will be used in comparisons with ObservedGeneration to understand when\nthe VMI is out of sync. This will be changed at the same time as\nObservedGeneration to remove errors which could occur if Generation is\nupdated through an Update() before ObservedGeneration in Status.\n+optional", } } @@ -605,6 +643,12 @@ func (VirtualMachineInstanceFileSystemList) SwaggerDoc() map[string]string { } } +func (VirtualMachineInstanceFileSystemDisk) SwaggerDoc() map[string]string { + return map[string]string{ + "": "VirtualMachineInstanceFileSystemDisk represents the guest os FS disks", + } +} + func (VirtualMachineInstanceFileSystem) SwaggerDoc() map[string]string { return map[string]string{ "": "VirtualMachineInstanceFileSystem represents guest os disk", @@ -684,9 +728,26 @@ func (ReloadableComponentConfiguration) SwaggerDoc() map[string]string { func (KubeVirtConfiguration) SwaggerDoc() map[string]string { return map[string]string{ "": "KubeVirtConfiguration holds all kubevirt configurations", + "machineType": "Deprecated. Use architectureConfiguration instead.", "evictionStrategy": "EvictionStrategy defines at the cluster level if the VirtualMachineInstance should be\nmigrated instead of shut-off in case of a node drain. If the VirtualMachineInstance specific\nfield is set it overrides the cluster level one.", "additionalGuestMemoryOverheadRatio": "AdditionalGuestMemoryOverheadRatio can be used to increase the virtualization infrastructure\noverhead. This is useful, since the calculation of this overhead is not accurate and cannot\nbe entirely known in advance. The ratio that is being set determines by which factor to increase\nthe overhead calculated by Kubevirt. A higher ratio means that the VMs would be less compromised\nby node pressures, but would mean that fewer VMs could be scheduled to a node.\nIf not set, the default is 1.", + "supportContainerResources": "+listType=map\n+listMapKey=type\nSupportContainerResources specifies the resource requirements for various types of supporting containers such as container disks/virtiofs/sidecars and hotplug attachment pods. If omitted a sensible default will be supplied.", "supportedGuestAgentVersions": "deprecated", + "vmStateStorageClass": "VMStateStorageClass is the name of the storage class to use for the PVCs created to preserve VM state, like TPM.\nThe storage class must support RWX in filesystem mode.", + "ksmConfiguration": "KSMConfiguration holds the information regarding the enabling the KSM in the nodes (if available).", + "autoCPULimitNamespaceLabelSelector": "When set, AutoCPULimitNamespaceLabelSelector will set a CPU limit on virt-launcher for VMIs running inside\nnamespaces that match the label selector.\nThe CPU limit will equal the number of requested vCPUs.\nThis setting does not apply to VMIs with dedicated CPUs.", + "liveUpdateConfiguration": "LiveUpdateConfiguration holds defaults for live update features", + "vmRolloutStrategy": "VMRolloutStrategy defines how changes to a VM object propagate to its VMI\n+nullable\n+kubebuilder:validation:Enum=Stage;LiveUpdate", + } +} + +func (ArchConfiguration) SwaggerDoc() map[string]string { + return map[string]string{} +} + +func (ArchSpecificConfiguration) SwaggerDoc() map[string]string { + return map[string]string{ + "emulatedMachines": "+listType=atomic", } } @@ -694,6 +755,12 @@ func (SMBiosConfiguration) SwaggerDoc() map[string]string { return map[string]string{} } +func (SupportContainerResources) SwaggerDoc() map[string]string { + return map[string]string{ + "": "SupportContainerResources are used to specify the cpu/memory request and limits for the containers that support various features of Virtual Machines. These containers are usually idle and don't require a lot of memory or cpu.", + } +} + func (CustomProfile) SwaggerDoc() map[string]string { return map[string]string{} } @@ -711,6 +778,22 @@ func (SeccompConfiguration) SwaggerDoc() map[string]string { } } +func (VirtualMachineOptions) SwaggerDoc() map[string]string { + return map[string]string{ + "": "VirtualMachineOptions holds the cluster level information regarding the virtual machine.", + "disableFreePageReporting": "DisableFreePageReporting disable the free page reporting of\nmemory balloon device https://libvirt.org/formatdomain.html#memory-balloon-device.\nThis will have effect only if AutoattachMemBalloon is not false and the vmi is not\nrequesting any high performance feature (dedicatedCPU/realtime/hugePages), in which free page reporting is always disabled.", + "disableSerialConsoleLog": "DisableSerialConsoleLog disables logging the auto-attached default serial console.\nIf not set, serial console logs will be written to a file and then streamed from a container named `guest-console-log`.\nThe value can be individually overridden for each VM, not relevant if AutoattachSerialConsole is disabled.", + } +} + +func (DisableFreePageReporting) SwaggerDoc() map[string]string { + return map[string]string{} +} + +func (DisableSerialConsoleLog) SwaggerDoc() map[string]string { + return map[string]string{} +} + func (TLSConfiguration) SwaggerDoc() map[string]string { return map[string]string{ "": "TLSConfiguration holds TLS options", @@ -726,13 +809,14 @@ func (MigrationConfiguration) SwaggerDoc() map[string]string { "parallelOutboundMigrationsPerNode": "ParallelOutboundMigrationsPerNode is the maximum number of concurrent outgoing live migrations\nallowed per node. Defaults to 2", "parallelMigrationsPerCluster": "ParallelMigrationsPerCluster is the total number of concurrent live migrations\nallowed cluster-wide. Defaults to 5", "allowAutoConverge": "AllowAutoConverge allows the platform to compromise performance/availability of VMIs to\nguarantee successful VMI live migrations. Defaults to false", - "bandwidthPerMigration": "BandwidthPerMigration limits the amount of network bandwith live migrations are allowed to use.\nThe value is in quantity per second. Defaults to 0 (no limit)", + "bandwidthPerMigration": "BandwidthPerMigration limits the amount of network bandwidth live migrations are allowed to use.\nThe value is in quantity per second. Defaults to 0 (no limit)", "completionTimeoutPerGiB": "CompletionTimeoutPerGiB is the maximum number of seconds per GiB a migration is allowed to take.\nIf a live-migration takes longer to migrate than this value multiplied by the size of the VMI,\nthe migration will be cancelled, unless AllowPostCopy is true. Defaults to 800", "progressTimeout": "ProgressTimeout is the maximum number of seconds a live migration is allowed to make no progress.\nHitting this timeout means a migration transferred 0 data for that many seconds. The migration is\nthen considered stuck and therefore cancelled. Defaults to 150", "unsafeMigrationOverride": "UnsafeMigrationOverride allows live migrations to occur even if the compatibility check\nindicates the migration will be unsafe to the guest. Defaults to false", "allowPostCopy": "AllowPostCopy enables post-copy live migrations. Such migrations allow even the busiest VMIs\nto successfully live-migrate. However, events like a network failure can cause a VMI crash.\nIf set to true, migrations will still start in pre-copy, but switch to post-copy when\nCompletionTimeoutPerGiB triggers. Defaults to false", "disableTLS": "When set to true, DisableTLS will disable the additional layer of live migration encryption\nprovided by KubeVirt. This is usually a bad idea. Defaults to false", "network": "Network is the name of the CNI network to use for live migrations. By default, migrations go\nthrough the pod network.", + "matchSELinuxLevelOnMigration": "By default, the SELinux level of target virt-launcher pods is forced to the level of the source virt-launcher.\nWhen set to true, MatchSELinuxLevelOnMigration lets the CRI auto-assign a random level to the target.\nThat will ensure the target virt-launcher doesn't share categories with another pod on the node.\nHowever, migrations will fail when using RWX volumes that don't automatically deal with SELinux levels.", } } @@ -768,14 +852,27 @@ func (PermittedHostDevices) SwaggerDoc() map[string]string { "": "PermittedHostDevices holds information about devices allowed for passthrough", "pciHostDevices": "+listType=atomic", "mediatedDevices": "+listType=atomic", + "usb": "+listType=atomic", + } +} + +func (USBHostDevice) SwaggerDoc() map[string]string { + return map[string]string{ + "resourceName": "Identifies the list of USB host devices.\ne.g: kubevirt.io/storage, kubevirt.io/bootable-usb, etc", + "selectors": "+listType=atomic", + "externalResourceProvider": "If true, KubeVirt will leave the allocation and monitoring to an\nexternal device plugin", } } +func (USBSelector) SwaggerDoc() map[string]string { + return map[string]string{} +} + func (PciHostDevice) SwaggerDoc() map[string]string { return map[string]string{ "": "PciHostDevice represents a host PCI device allowed for passthrough", "pciVendorSelector": "The vendor_id:product_id tuple of the PCI device", - "resourceName": "The name of the resource that is representing the device. Exposed by\na device plugin and requested by VMs. Typically of the form\nvendor.com/product_nameThe name of the resource that is representing\nthe device. Exposed by a device plugin and requested by VMs.\nTypically of the form vendor.com/product_name", + "resourceName": "The name of the resource that is representing the device. Exposed by\na device plugin and requested by VMs. Typically of the form\nvendor.com/product_name", "externalResourceProvider": "If true, KubeVirt will leave the allocation and monitoring to an\nexternal device plugin", } } @@ -797,19 +894,41 @@ func (MediatedDevicesConfiguration) SwaggerDoc() map[string]string { func (NodeMediatedDeviceTypesConfig) SwaggerDoc() map[string]string { return map[string]string{ - "": "NodeMediatedDeviceTypesConfig holds information about MDEV types to be defined in a specifc node that matches the NodeSelector field.\n+k8s:openapi-gen=true", + "": "NodeMediatedDeviceTypesConfig holds information about MDEV types to be defined in a specific node that matches the NodeSelector field.\n+k8s:openapi-gen=true", "nodeSelector": "NodeSelector is a selector which must be true for the vmi to fit on a node.\nSelector which must match a node's labels for the vmi to be scheduled on that node.\nMore info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/", "mediatedDevicesTypes": "Deprecated. Use mediatedDeviceTypes instead.\n+optional\n+listType=atomic", "mediatedDeviceTypes": "+optional\n+listType=atomic", } } +func (KSMConfiguration) SwaggerDoc() map[string]string { + return map[string]string{ + "": "KSMConfiguration holds information about KSM.\n+k8s:openapi-gen=true", + "nodeLabelSelector": "NodeLabelSelector is a selector that filters in which nodes the KSM will be enabled.\nEmpty NodeLabelSelector will enable ksm for every node.\n+optional", + } +} + func (NetworkConfiguration) SwaggerDoc() map[string]string { return map[string]string{ "": "NetworkConfiguration holds network options", } } +func (InterfaceBindingPlugin) SwaggerDoc() map[string]string { + return map[string]string{ + "sidecarImage": "SidecarImage references a container image that runs in the virt-launcher pod.\nThe sidecar handles (libvirt) domain configuration and optional services.\nversion: 1alphav1", + "networkAttachmentDefinition": "NetworkAttachmentDefinition references to a NetworkAttachmentDefinition CR object.\nFormat: , /.\nIf namespace is not specified, VMI namespace is assumed.\nversion: 1alphav1", + "domainAttachmentType": "DomainAttachmentType is a standard domain network attachment method kubevirt supports.\nSupported values: \"tap\".\nThe standard domain attachment can be used instead or in addition to the sidecarImage.\nversion: 1alphav1", + "migration": "Migration means the VM using the plugin can be safely migrated\nversion: 1alphav1", + } +} + +func (InterfaceBindingMigration) SwaggerDoc() map[string]string { + return map[string]string{ + "method": "Method defines a pre-defined migration methodology\nversion: 1alphav1", + } +} + func (GuestAgentPing) SwaggerDoc() map[string]string { return map[string]string{ "": "GuestAgentPing configures the guest-agent based ping probe", @@ -830,20 +949,82 @@ func (ClusterProfilerRequest) SwaggerDoc() map[string]string { func (InstancetypeMatcher) SwaggerDoc() map[string]string { return map[string]string{ - "": "InstancetypeMatcher references a instancetype that is used to fill fields in the VMI template.", - "name": "Name is the name of the VirtualMachineInstancetype or VirtualMachineClusterInstancetype\n\n+optional", - "kind": "Kind specifies which instancetype resource is referenced.\nAllowed values are: \"VirtualMachineInstancetype\" and \"VirtualMachineClusterInstancetype\".\nIf not specified, \"VirtualMachineClusterInstancetype\" is used by default.\n\n+optional", - "revisionName": "RevisionName specifies a ControllerRevision containing a specific copy of the\nVirtualMachineInstancetype or VirtualMachineClusterInstancetype to be used. This is initially\ncaptured the first time the instancetype is applied to the VirtualMachineInstance.\n\n+optional", - "inferFromVolume": "InferFromVolume lists the name of a volume that should be used to infer or discover the instancetype\nto be used through known annotations on the underlying resource. Once applied to the InstancetypeMatcher\nthis field is removed.\n\n+optional", + "": "InstancetypeMatcher references a instancetype that is used to fill fields in the VMI template.", + "name": "Name is the name of the VirtualMachineInstancetype or VirtualMachineClusterInstancetype\n\n+optional", + "kind": "Kind specifies which instancetype resource is referenced.\nAllowed values are: \"VirtualMachineInstancetype\" and \"VirtualMachineClusterInstancetype\".\nIf not specified, \"VirtualMachineClusterInstancetype\" is used by default.\n\n+optional", + "revisionName": "RevisionName specifies a ControllerRevision containing a specific copy of the\nVirtualMachineInstancetype or VirtualMachineClusterInstancetype to be used. This is initially\ncaptured the first time the instancetype is applied to the VirtualMachineInstance.\n\n+optional", + "inferFromVolume": "InferFromVolume lists the name of a volume that should be used to infer or discover the instancetype\nto be used through known annotations on the underlying resource. Once applied to the InstancetypeMatcher\nthis field is removed.\n\n+optional", + "inferFromVolumeFailurePolicy": "InferFromVolumeFailurePolicy controls what should happen on failure when inferring the instancetype.\nAllowed values are: \"RejectInferFromVolumeFailure\" and \"IgnoreInferFromVolumeFailure\".\nIf not specified, \"RejectInferFromVolumeFailure\" is used by default.\n\n+optional", } } func (PreferenceMatcher) SwaggerDoc() map[string]string { return map[string]string{ - "": "PreferenceMatcher references a set of preference that is used to fill fields in the VMI template.", - "name": "Name is the name of the VirtualMachinePreference or VirtualMachineClusterPreference\n\n+optional", - "kind": "Kind specifies which preference resource is referenced.\nAllowed values are: \"VirtualMachinePreference\" and \"VirtualMachineClusterPreference\".\nIf not specified, \"VirtualMachineClusterPreference\" is used by default.\n\n+optional", - "revisionName": "RevisionName specifies a ControllerRevision containing a specific copy of the\nVirtualMachinePreference or VirtualMachineClusterPreference to be used. This is\ninitially captured the first time the instancetype is applied to the VirtualMachineInstance.\n\n+optional", - "inferFromVolume": "InferFromVolume lists the name of a volume that should be used to infer or discover the preference\nto be used through known annotations on the underlying resource. Once applied to the PreferenceMatcher\nthis field is removed.\n\n+optional", + "": "PreferenceMatcher references a set of preference that is used to fill fields in the VMI template.", + "name": "Name is the name of the VirtualMachinePreference or VirtualMachineClusterPreference\n\n+optional", + "kind": "Kind specifies which preference resource is referenced.\nAllowed values are: \"VirtualMachinePreference\" and \"VirtualMachineClusterPreference\".\nIf not specified, \"VirtualMachineClusterPreference\" is used by default.\n\n+optional", + "revisionName": "RevisionName specifies a ControllerRevision containing a specific copy of the\nVirtualMachinePreference or VirtualMachineClusterPreference to be used. This is\ninitially captured the first time the instancetype is applied to the VirtualMachineInstance.\n\n+optional", + "inferFromVolume": "InferFromVolume lists the name of a volume that should be used to infer or discover the preference\nto be used through known annotations on the underlying resource. Once applied to the PreferenceMatcher\nthis field is removed.\n\n+optional", + "inferFromVolumeFailurePolicy": "InferFromVolumeFailurePolicy controls what should happen on failure when preference the instancetype.\nAllowed values are: \"RejectInferFromVolumeFailure\" and \"IgnoreInferFromVolumeFailure\".\nIf not specified, \"RejectInferFromVolumeFailure\" is used by default.\n\n+optional", + } +} + +func (LiveUpdateAffinity) SwaggerDoc() map[string]string { + return map[string]string{} +} + +func (LiveUpdateCPU) SwaggerDoc() map[string]string { + return map[string]string{ + "maxSockets": "The maximum amount of sockets that can be hot-plugged to the Virtual Machine", + } +} + +func (LiveUpdateConfiguration) SwaggerDoc() map[string]string { + return map[string]string{ + "maxHotplugRatio": "MaxHotplugRatio is the ratio used to define the max amount\nof a hotplug resource that can be made available to a VM\nwhen the specific Max* setting is not defined (MaxCpuSockets, MaxGuest)\nExample: VM is configured with 512Mi of guest memory, if MaxGuest is not\ndefined and MaxHotplugRatio is 2 then MaxGuest = 1Gi\ndefaults to 4", + "maxCpuSockets": "MaxCpuSockets holds the maximum amount of sockets that can be hotplugged", + "maxGuest": "MaxGuest defines the maximum amount memory that can be allocated\nto the guest using hotplug.", + } +} + +func (LiveUpdateMemory) SwaggerDoc() map[string]string { + return map[string]string{ + "maxGuest": "MaxGuest defines the maximum amount memory that can be allocated for the VM.\n+optional", + } +} + +func (SEVPlatformInfo) SwaggerDoc() map[string]string { + return map[string]string{ + "": "SEVPlatformInfo contains information about the AMD SEV features for the node.\n\n+k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object", + "pdh": "Base64 encoded platform Diffie-Hellman key.", + "certChain": "Base64 encoded SEV certificate chain.", + } +} + +func (SEVMeasurementInfo) SwaggerDoc() map[string]string { + return map[string]string{ + "": "SEVMeasurementInfo contains information about the guest launch measurement.\n\n+k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object", + "measurement": "Base64 encoded launch measurement of the SEV guest.", + "apiMajor": "API major version of the SEV host.", + "apiMinor": "API minor version of the SEV host.", + "buildID": "Build ID of the SEV host.", + "policy": "Policy of the SEV guest.", + "loaderSHA": "SHA256 of the loader binary", + } +} + +func (SEVSessionOptions) SwaggerDoc() map[string]string { + return map[string]string{ + "": "SEVSessionOptions is used to provide SEV session parameters.", + "session": "Base64 encoded session blob.", + "dhCert": "Base64 encoded guest owner's Diffie-Hellman key.", + } +} + +func (SEVSecretOptions) SwaggerDoc() map[string]string { + return map[string]string{ + "": "SEVSecretOptions is used to provide a secret for a running guest.", + "header": "Base64 encoded header needed to decrypt the secret.", + "secret": "Base64 encoded encrypted launch secret.", } } diff --git a/vendor/kubevirt.io/api/core/v1/zz_generated.defaults.go b/vendor/kubevirt.io/api/core/v1/zz_generated.defaults.go index 08972aea23..6cf7f0bc04 100644 --- a/vendor/kubevirt.io/api/core/v1/zz_generated.defaults.go +++ b/vendor/kubevirt.io/api/core/v1/zz_generated.defaults.go @@ -2,7 +2,7 @@ // +build !ignore_autogenerated /* -Copyright 2023 The KubeVirt Authors. +Copyright The KubeVirt Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/vendor/kubevirt.io/containerized-data-importer-api/pkg/apis/core/v1beta1/authorize.go b/vendor/kubevirt.io/containerized-data-importer-api/pkg/apis/core/v1beta1/authorize.go new file mode 100644 index 0000000000..cfc23d29b0 --- /dev/null +++ b/vendor/kubevirt.io/containerized-data-importer-api/pkg/apis/core/v1beta1/authorize.go @@ -0,0 +1,162 @@ +/* +Copyright 2020 The CDI Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package v1beta1 + +import ( + "errors" + + authentication "k8s.io/api/authentication/v1" + k8serrors "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/klog/v2" + + "kubevirt.io/containerized-data-importer-api/pkg/apis/core" +) + +const ( + // AnnPrePopulated is a PVC annotation telling the datavolume controller that the PVC is already populated + AnnPrePopulated = core.GroupName + "/storage.prePopulated" + // AnnCheckStaticVolume checks if a statically allocated PV exists before creating the target PVC. + // If so, PVC is still created but population is skipped + AnnCheckStaticVolume = core.GroupName + "/storage.checkStaticVolume" +) + +// ErrNoTokenOkay indicates proceeding without token is allowed +// This error should only be of interest to entities that give out DataVolume tokens +var ErrNoTokenOkay = errors.New("proceeding without token is okay under the circumstances") + +// AuthorizeUser indicates if the creating user is authorized to create the data volume +// For sources other than clone (import/upload/etc), this is a no-op +func (dv *DataVolume) AuthorizeUser(requestNamespace, requestName string, proxy AuthorizationHelperProxy, userInfo authentication.UserInfo) (CloneAuthResponse, error) { + _, prePopulated := dv.Annotations[AnnPrePopulated] + _, checkStaticVolume := dv.Annotations[AnnCheckStaticVolume] + noTokenOkay := prePopulated || checkStaticVolume + + targetNamespace, targetName := dv.Namespace, dv.Name + if targetNamespace == "" { + targetNamespace = requestNamespace + } + if targetName == "" { + targetName = requestName + } + + cloneSourceHandler, err := newCloneSourceHandler(dv, proxy.GetDataSource) + if err != nil { + if k8serrors.IsNotFound(err) && noTokenOkay { + // no token needed, likely since no datasource + klog.V(3).Infof("DataVolume %s/%s is pre/static populated, not adding token, no datasource", targetNamespace, targetName) + return CloneAuthResponse{Allowed: true, Reason: "", Handler: cloneSourceHandler}, ErrNoTokenOkay + } + return CloneAuthResponse{Allowed: false, Reason: "", Handler: cloneSourceHandler}, err + } + + if cloneSourceHandler.CloneType == noClone { + klog.V(3).Infof("DataVolume %s/%s not cloning", targetNamespace, targetName) + return CloneAuthResponse{Allowed: true, Reason: "", Handler: cloneSourceHandler}, ErrNoTokenOkay + } + + sourceName, sourceNamespace := cloneSourceHandler.SourceName, cloneSourceHandler.SourceNamespace + if sourceNamespace == "" { + sourceNamespace = targetNamespace + } + + _, err = proxy.GetNamespace(sourceNamespace) + if err != nil { + if k8serrors.IsNotFound(err) && noTokenOkay { + // no token needed, likely since no source namespace + klog.V(3).Infof("DataVolume %s/%s is pre/static populated, not adding token, no source namespace", targetNamespace, targetName) + return CloneAuthResponse{Allowed: true, Reason: "", Handler: cloneSourceHandler}, ErrNoTokenOkay + } + return CloneAuthResponse{Allowed: false, Reason: "", Handler: cloneSourceHandler}, err + } + + ok, reason, err := cloneSourceHandler.UserCloneAuthFunc(proxy.CreateSar, sourceNamespace, sourceName, targetNamespace, userInfo) + if err != nil { + return CloneAuthResponse{Allowed: false, Reason: reason, Handler: cloneSourceHandler}, err + } + + if !ok { + if noTokenOkay { + klog.V(3).Infof("DataVolume %s/%s is pre/static populated, not adding token, auth failed", targetNamespace, targetName) + return CloneAuthResponse{Allowed: true, Reason: "", Handler: cloneSourceHandler}, ErrNoTokenOkay + } + } + + return CloneAuthResponse{Allowed: ok, Reason: reason, Handler: cloneSourceHandler}, err +} + +// AuthorizeSA indicates if the creating ServiceAccount is authorized to create the data volume +// For sources other than clone (import/upload/etc), this is a no-op +func (dv *DataVolume) AuthorizeSA(requestNamespace, requestName string, proxy AuthorizationHelperProxy, saNamespace, saName string) (CloneAuthResponse, error) { + _, prePopulated := dv.Annotations[AnnPrePopulated] + _, checkStaticVolume := dv.Annotations[AnnCheckStaticVolume] + noTokenOkay := prePopulated || checkStaticVolume + + targetNamespace, targetName := dv.Namespace, dv.Name + if targetNamespace == "" { + targetNamespace = requestNamespace + } + if saNamespace == "" { + saNamespace = targetNamespace + } + if targetName == "" { + targetName = requestName + } + + cloneSourceHandler, err := newCloneSourceHandler(dv, proxy.GetDataSource) + if err != nil { + if k8serrors.IsNotFound(err) && noTokenOkay { + // no token needed, likely since no datasource + klog.V(3).Infof("DataVolume %s/%s is pre/static populated, not adding token, no datasource", targetNamespace, targetName) + return CloneAuthResponse{Allowed: true, Reason: "", Handler: cloneSourceHandler}, ErrNoTokenOkay + } + return CloneAuthResponse{Allowed: false, Reason: "", Handler: cloneSourceHandler}, err + } + + if cloneSourceHandler.CloneType == noClone { + klog.V(3).Infof("DataVolume %s/%s not cloning", targetNamespace, targetName) + return CloneAuthResponse{Allowed: true, Reason: "", Handler: cloneSourceHandler}, ErrNoTokenOkay + } + + sourceName, sourceNamespace := cloneSourceHandler.SourceName, cloneSourceHandler.SourceNamespace + if sourceNamespace == "" { + sourceNamespace = targetNamespace + } + + _, err = proxy.GetNamespace(sourceNamespace) + if err != nil { + if k8serrors.IsNotFound(err) && noTokenOkay { + // no token needed, likely since no source namespace + klog.V(3).Infof("DataVolume %s/%s is pre/static populated, not adding token, no source namespace", targetNamespace, targetName) + return CloneAuthResponse{Allowed: true, Reason: "", Handler: cloneSourceHandler}, ErrNoTokenOkay + } + return CloneAuthResponse{Allowed: false, Reason: "", Handler: cloneSourceHandler}, err + } + + ok, reason, err := cloneSourceHandler.SACloneAuthFunc(proxy.CreateSar, sourceNamespace, sourceName, saNamespace, saName) + if err != nil { + return CloneAuthResponse{Allowed: false, Reason: reason, Handler: cloneSourceHandler}, err + } + + if !ok { + if noTokenOkay { + klog.V(3).Infof("DataVolume %s/%s is pre/static populated, not adding token, auth failed", targetNamespace, targetName) + return CloneAuthResponse{Allowed: true, Reason: "", Handler: cloneSourceHandler}, ErrNoTokenOkay + } + } + + return CloneAuthResponse{Allowed: ok, Reason: reason, Handler: cloneSourceHandler}, err +} diff --git a/vendor/kubevirt.io/containerized-data-importer-api/pkg/apis/core/v1beta1/authorize_utils.go b/vendor/kubevirt.io/containerized-data-importer-api/pkg/apis/core/v1beta1/authorize_utils.go new file mode 100644 index 0000000000..474866c132 --- /dev/null +++ b/vendor/kubevirt.io/containerized-data-importer-api/pkg/apis/core/v1beta1/authorize_utils.go @@ -0,0 +1,351 @@ +/* +Copyright 2020 The CDI Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package v1beta1 + +import ( + "fmt" + + authentication "k8s.io/api/authentication/v1" + authorization "k8s.io/api/authorization/v1" + corev1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/klog/v2" +) + +func newCloneSourceHandler(dataVolume *DataVolume, dsGet dsGetFunc) (CloneSourceHandler, error) { + var pvcSource *DataVolumeSourcePVC + var snapshotSource *DataVolumeSourceSnapshot + + if dataVolume.Spec.Source != nil { + if dataVolume.Spec.Source.PVC != nil { + pvcSource = dataVolume.Spec.Source.PVC + } else if dataVolume.Spec.Source.Snapshot != nil { + snapshotSource = dataVolume.Spec.Source.Snapshot + } + } else if dataVolume.Spec.SourceRef != nil && dataVolume.Spec.SourceRef.Kind == DataVolumeDataSource { + ns := dataVolume.Namespace + if dataVolume.Spec.SourceRef.Namespace != nil && *dataVolume.Spec.SourceRef.Namespace != "" { + ns = *dataVolume.Spec.SourceRef.Namespace + } + dataSource, err := dsGet(ns, dataVolume.Spec.SourceRef.Name) + if err != nil { + return CloneSourceHandler{}, err + } + if dataSource.Spec.Source.PVC != nil { + pvcSource = dataSource.Spec.Source.PVC + } else if dataSource.Spec.Source.Snapshot != nil { + snapshotSource = dataSource.Spec.Source.Snapshot + } + } + + switch { + case pvcSource != nil: + return CloneSourceHandler{ + CloneType: pvcClone, + TokenResource: tokenResourcePvc, + UserCloneAuthFunc: CanUserClonePVC, + SACloneAuthFunc: CanServiceAccountClonePVC, + SourceName: pvcSource.Name, + SourceNamespace: pvcSource.Namespace, + }, nil + case snapshotSource != nil: + return CloneSourceHandler{ + CloneType: snapshotClone, + TokenResource: tokenResourceSnapshot, + UserCloneAuthFunc: CanUserCloneSnapshot, + SACloneAuthFunc: CanServiceAccountCloneSnapshot, + SourceName: snapshotSource.Name, + SourceNamespace: snapshotSource.Namespace, + }, nil + default: + return CloneSourceHandler{ + CloneType: noClone, + }, nil + } +} + +var ( + tokenResourcePvc = metav1.GroupVersionResource{ + Group: "", + Version: "v1", + Resource: "persistentvolumeclaims", + } + + tokenResourceSnapshot = metav1.GroupVersionResource{ + Group: "snapshot.storage.k8s.io", + Version: "v1", + Resource: "volumesnapshots", + } +) + +type cloneType int + +const ( + noClone cloneType = iota + pvcClone + snapshotClone +) + +// CloneSourceHandler is a helper around determining the +// correct way of authorizing a particular DataVolume +// +k8s:deepcopy-gen=false +// +k8s:openapi-gen=false +type CloneSourceHandler struct { + CloneType cloneType + TokenResource metav1.GroupVersionResource + UserCloneAuthFunc UserCloneAuthFunc + SACloneAuthFunc ServiceAccountCloneAuthFunc + SourceName string + SourceNamespace string +} + +// CloneAuthResponse contains various response details +// regarding authorizing a datavolume +// +k8s:deepcopy-gen=false +// +k8s:openapi-gen=false +type CloneAuthResponse struct { + Handler CloneSourceHandler + Allowed bool + Reason string +} + +type createSarFunc func(*authorization.SubjectAccessReview) (*authorization.SubjectAccessReview, error) +type dsGetFunc func(string, string) (*DataSource, error) + +// AuthorizationHelperProxy proxies calls to APIs used for DV authorization +type AuthorizationHelperProxy interface { + CreateSar(*authorization.SubjectAccessReview) (*authorization.SubjectAccessReview, error) + GetNamespace(string) (*corev1.Namespace, error) + GetDataSource(string, string) (*DataSource, error) +} + +// UserCloneAuthFunc represents a user clone auth func +type UserCloneAuthFunc func(createSar createSarFunc, sourceNamespace, pvcName, targetNamespace string, userInfo authentication.UserInfo) (bool, string, error) + +// ServiceAccountCloneAuthFunc represents a serviceaccount clone auth func +type ServiceAccountCloneAuthFunc func(createSar createSarFunc, pvcNamespace, pvcName, saNamespace, saName string) (bool, string, error) + +// CanUserClonePVC checks if a user has "appropriate" permission to clone from the given PVC +func CanUserClonePVC(createSar createSarFunc, sourceNamespace, pvcName, targetNamespace string, + userInfo authentication.UserInfo) (bool, string, error) { + if sourceNamespace == targetNamespace { + return true, "", nil + } + + var newExtra map[string]authorization.ExtraValue + if len(userInfo.Extra) > 0 { + newExtra = make(map[string]authorization.ExtraValue) + for k, v := range userInfo.Extra { + newExtra[k] = authorization.ExtraValue(v) + } + } + + sarSpec := authorization.SubjectAccessReviewSpec{ + User: userInfo.Username, + Groups: userInfo.Groups, + Extra: newExtra, + } + + return sendSubjectAccessReviewsPvc(createSar, sourceNamespace, pvcName, sarSpec) +} + +// CanServiceAccountClonePVC checks if a ServiceAccount has "appropriate" permission to clone from the given PVC +func CanServiceAccountClonePVC(createSar createSarFunc, pvcNamespace, pvcName, saNamespace, saName string) (bool, string, error) { + if pvcNamespace == saNamespace { + return true, "", nil + } + + user := fmt.Sprintf("system:serviceaccount:%s:%s", saNamespace, saName) + + sarSpec := authorization.SubjectAccessReviewSpec{ + User: user, + Groups: []string{ + "system:serviceaccounts", + "system:serviceaccounts:" + saNamespace, + "system:authenticated", + }, + } + + return sendSubjectAccessReviewsPvc(createSar, pvcNamespace, pvcName, sarSpec) +} + +// CanUserCloneSnapshot checks if a user has "appropriate" permission to clone from the given snapshot +func CanUserCloneSnapshot(createSar createSarFunc, sourceNamespace, pvcName, targetNamespace string, + userInfo authentication.UserInfo) (bool, string, error) { + if sourceNamespace == targetNamespace { + return true, "", nil + } + + var newExtra map[string]authorization.ExtraValue + if len(userInfo.Extra) > 0 { + newExtra = make(map[string]authorization.ExtraValue) + for k, v := range userInfo.Extra { + newExtra[k] = authorization.ExtraValue(v) + } + } + + sarSpec := authorization.SubjectAccessReviewSpec{ + User: userInfo.Username, + Groups: userInfo.Groups, + Extra: newExtra, + } + + return sendSubjectAccessReviewsSnapshot(createSar, sourceNamespace, pvcName, sarSpec) +} + +// CanServiceAccountCloneSnapshot checks if a ServiceAccount has "appropriate" permission to clone from the given snapshot +func CanServiceAccountCloneSnapshot(createSar createSarFunc, pvcNamespace, pvcName, saNamespace, saName string) (bool, string, error) { + if pvcNamespace == saNamespace { + return true, "", nil + } + + user := fmt.Sprintf("system:serviceaccount:%s:%s", saNamespace, saName) + + sarSpec := authorization.SubjectAccessReviewSpec{ + User: user, + Groups: []string{ + "system:serviceaccounts", + "system:serviceaccounts:" + saNamespace, + "system:authenticated", + }, + } + + return sendSubjectAccessReviewsSnapshot(createSar, pvcNamespace, pvcName, sarSpec) +} + +func sendSubjectAccessReviewsPvc(createSar createSarFunc, namespace, name string, sarSpec authorization.SubjectAccessReviewSpec) (bool, string, error) { + allowed := false + + for _, ra := range getResourceAttributesPvc(namespace, name) { + sar := &authorization.SubjectAccessReview{ + Spec: sarSpec, + } + sar.Spec.ResourceAttributes = &ra + + klog.V(3).Infof("Sending SubjectAccessReview %+v", sar) + + response, err := createSar(sar) + if err != nil { + return false, "", err + } + + klog.V(3).Infof("SubjectAccessReview response %+v", response) + + if response.Status.Allowed { + allowed = true + break + } + } + + if !allowed { + return false, fmt.Sprintf("User %s has insufficient permissions in clone source namespace %s", sarSpec.User, namespace), nil + } + + return true, "", nil +} + +func sendSubjectAccessReviewsSnapshot(createSar createSarFunc, namespace, name string, sarSpec authorization.SubjectAccessReviewSpec) (bool, string, error) { + // Either explicitly allowed + sar := &authorization.SubjectAccessReview{ + Spec: sarSpec, + } + explicitResourceAttr := getExplicitResourceAttributeSnapshot(namespace, name) + sar.Spec.ResourceAttributes = &explicitResourceAttr + + klog.V(3).Infof("Sending SubjectAccessReview %+v", sar) + + response, err := createSar(sar) + if err != nil { + return false, "", err + } + + klog.V(3).Infof("SubjectAccessReview response %+v", response) + + if response.Status.Allowed { + return true, "", nil + } + + // Or both implicit conditions hold + for _, ra := range getImplicitResourceAttributesSnapshot(namespace, name) { + sar = &authorization.SubjectAccessReview{ + Spec: sarSpec, + } + sar.Spec.ResourceAttributes = &ra + + klog.V(3).Infof("Sending SubjectAccessReview %+v", sar) + + response, err = createSar(sar) + if err != nil { + return false, "", err + } + + klog.V(3).Infof("SubjectAccessReview response %+v", response) + + if !response.Status.Allowed { + return false, fmt.Sprintf("User %s has insufficient permissions in clone source namespace %s", sarSpec.User, namespace), nil + } + } + + return true, "", nil +} + +func getResourceAttributesPvc(namespace, name string) []authorization.ResourceAttributes { + return []authorization.ResourceAttributes{ + { + Namespace: namespace, + Verb: "create", + Group: SchemeGroupVersion.Group, + Resource: "datavolumes", + Subresource: DataVolumeCloneSourceSubresource, + Name: name, + }, + { + Namespace: namespace, + Verb: "create", + Resource: "pods", + Name: name, + }, + } +} + +func getExplicitResourceAttributeSnapshot(namespace, name string) authorization.ResourceAttributes { + return authorization.ResourceAttributes{ + Namespace: namespace, + Verb: "create", + Group: SchemeGroupVersion.Group, + Resource: "datavolumes", + Subresource: DataVolumeCloneSourceSubresource, + Name: name, + } +} + +func getImplicitResourceAttributesSnapshot(namespace, name string) []authorization.ResourceAttributes { + return []authorization.ResourceAttributes{ + { + Namespace: namespace, + Verb: "create", + Resource: "pods", + Name: name, + }, + { + Namespace: namespace, + Verb: "create", + Resource: "pvcs", + Name: name, + }, + } +} diff --git a/vendor/kubevirt.io/containerized-data-importer-api/pkg/apis/core/v1beta1/register.go b/vendor/kubevirt.io/containerized-data-importer-api/pkg/apis/core/v1beta1/register.go index 3b7fd892c6..8aa80f3c53 100644 --- a/vendor/kubevirt.io/containerized-data-importer-api/pkg/apis/core/v1beta1/register.go +++ b/vendor/kubevirt.io/containerized-data-importer-api/pkg/apis/core/v1beta1/register.go @@ -11,7 +11,7 @@ import ( // SchemeGroupVersion is group version used to register these objects var SchemeGroupVersion = schema.GroupVersion{Group: core.GroupName, Version: "v1beta1"} -//CDIGroupVersionKind group version kind +// CDIGroupVersionKind group version kind var CDIGroupVersionKind = schema.GroupVersionKind{Group: SchemeGroupVersion.Group, Version: SchemeGroupVersion.Version, Kind: "CDI"} // Kind takes an unqualified kind and returns back a Group qualified GroupKind @@ -48,6 +48,12 @@ func addKnownTypes(scheme *runtime.Scheme) error { &DataImportCronList{}, &ObjectTransfer{}, &ObjectTransferList{}, + &VolumeImportSource{}, + &VolumeImportSourceList{}, + &VolumeUploadSource{}, + &VolumeUploadSourceList{}, + &VolumeCloneSource{}, + &VolumeCloneSourceList{}, ) metav1.AddToGroupVersion(scheme, SchemeGroupVersion) return nil diff --git a/vendor/kubevirt.io/containerized-data-importer-api/pkg/apis/core/v1beta1/types.go b/vendor/kubevirt.io/containerized-data-importer-api/pkg/apis/core/v1beta1/types.go index cead1d9be7..86dc46c254 100644 --- a/vendor/kubevirt.io/containerized-data-importer-api/pkg/apis/core/v1beta1/types.go +++ b/vendor/kubevirt.io/containerized-data-importer-api/pkg/apis/core/v1beta1/types.go @@ -103,7 +103,7 @@ type StorageSpec struct { // * While DataSource ignores disallowed values (dropping them), DataSourceRef preserves all values, and generates an error if a disallowed value is specified. // (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. // +optional - DataSourceRef *corev1.TypedLocalObjectReference `json:"dataSourceRef,omitempty"` + DataSourceRef *corev1.TypedObjectReference `json:"dataSourceRef,omitempty"` } // DataVolumeCheckpoint defines a stage in a warm migration. @@ -124,10 +124,11 @@ const ( DataVolumeArchive DataVolumeContentType = "archive" ) -// DataVolumeSource represents the source for our Data Volume, this can be HTTP, Imageio, S3, Registry or an existing PVC +// DataVolumeSource represents the source for our Data Volume, this can be HTTP, Imageio, S3, GCS, Registry or an existing PVC type DataVolumeSource struct { HTTP *DataVolumeSourceHTTP `json:"http,omitempty"` S3 *DataVolumeSourceS3 `json:"s3,omitempty"` + GCS *DataVolumeSourceGCS `json:"gcs,omitempty"` Registry *DataVolumeSourceRegistry `json:"registry,omitempty"` PVC *DataVolumeSourcePVC `json:"pvc,omitempty"` Upload *DataVolumeSourceUpload `json:"upload,omitempty"` @@ -171,6 +172,14 @@ type DataVolumeSourceS3 struct { CertConfigMap string `json:"certConfigMap,omitempty"` } +// DataVolumeSourceGCS provides the parameters to create a Data Volume from an GCS source +type DataVolumeSourceGCS struct { + //URL is the url of the GCS source + URL string `json:"url"` + //SecretRef provides the secret reference needed to access the GCS source + SecretRef string `json:"secretRef,omitempty"` +} + // DataVolumeSourceRegistry provides the parameters to create a Data Volume from an registry source type DataVolumeSourceRegistry struct { //URL is the url of the registry source (starting with the scheme: docker, oci-archive) @@ -357,6 +366,9 @@ const ( // WaitForFirstConsumer represents a data volume with a current phase of WaitForFirstConsumer WaitForFirstConsumer DataVolumePhase = "WaitForFirstConsumer" + // PendingPopulation represents a data volume which should be populated by + // the CDI populators but haven't created the pvc' yet + PendingPopulation DataVolumePhase = "PendingPopulation" // Succeeded represents a DataVolumePhase of Succeeded Succeeded DataVolumePhase = "Succeeded" @@ -609,6 +621,137 @@ type DataImportCronList struct { Items []DataImportCron `json:"items"` } +// VolumeImportSource works as a specification to populate PersistentVolumeClaims with data +// imported from an HTTP/S3/Registry/Blank/ImageIO/VDDK source +// +genclient +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +// +kubebuilder:object:root=true +// +kubebuilder:storageversion +type VolumeImportSource struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + Spec VolumeImportSourceSpec `json:"spec"` + // +optional + Status VolumeImportSourceStatus `json:"status"` +} + +// VolumeImportSourceSpec defines the Spec field for VolumeImportSource +type VolumeImportSourceSpec struct { + //Source is the src of the data to be imported in the target PVC + Source *ImportSourceType `json:"source,omitempty"` + // Preallocation controls whether storage for the target PVC should be allocated in advance. + Preallocation *bool `json:"preallocation,omitempty"` + // ContentType represents the type of the imported data (Kubevirt or archive) + ContentType DataVolumeContentType `json:"contentType,omitempty"` +} + +// ImportSourceType contains each one of the source types allowed in a VolumeImportSource +type ImportSourceType struct { + HTTP *DataVolumeSourceHTTP `json:"http,omitempty"` + S3 *DataVolumeSourceS3 `json:"s3,omitempty"` + Registry *DataVolumeSourceRegistry `json:"registry,omitempty"` + GCS *DataVolumeSourceGCS `json:"gcs,omitempty"` + Blank *DataVolumeBlankImage `json:"blank,omitempty"` + Imageio *DataVolumeSourceImageIO `json:"imageio,omitempty"` + VDDK *DataVolumeSourceVDDK `json:"vddk,omitempty"` +} + +// VolumeImportSourceStatus provides the most recently observed status of the VolumeImportSource +type VolumeImportSourceStatus struct { +} + +// VolumeImportSourceList provides the needed parameters to do request a list of Import Sources from the system +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type VolumeImportSourceList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata"` + + // Items provides a list of DataSources + Items []VolumeImportSource `json:"items"` +} + +// VolumeUploadSource is a specification to populate PersistentVolumeClaims with upload data +// +genclient +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +// +kubebuilder:object:root=true +// +kubebuilder:storageversion +type VolumeUploadSource struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + Spec VolumeUploadSourceSpec `json:"spec"` + // +optional + Status VolumeUploadSourceStatus `json:"status,omitempty"` +} + +// VolumeUploadSourceSpec defines specification for VolumeUploadSource +type VolumeUploadSourceSpec struct { + // ContentType represents the type of the upload data (Kubevirt or archive) + ContentType DataVolumeContentType `json:"contentType,omitempty"` + // Preallocation controls whether storage for the target PVC should be allocated in advance. + Preallocation *bool `json:"preallocation,omitempty"` +} + +// VolumeUploadSourceStatus provides the most recently observed status of the VolumeUploadSource +type VolumeUploadSourceStatus struct { +} + +// VolumeUploadSourceList provides the needed parameters to do request a list of Upload Sources from the system +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type VolumeUploadSourceList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata"` + + // Items provides a list of DataSources + Items []VolumeImportSource `json:"items"` +} + +const ( + // VolumeImportSourceRef is import source for DataSourceRef for PVC + VolumeImportSourceRef = "VolumeImportSource" + // VolumeUploadSourceRef is upload source for DataSourceRef for PVC + VolumeUploadSourceRef = "VolumeUploadSource" + // VolumeCloneSourceRef is smart clone source for DataSourceRef for PVC + VolumeCloneSourceRef = "VolumeCloneSource" +) + +// VolumeCloneSource refers to a PVC/VolumeSnapshot of any storageclass/volumemode +// to be used as the source of a new PVC +// +genclient +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +// +kubebuilder:object:root=true +// +kubebuilder:storageversion +type VolumeCloneSource struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + Spec VolumeCloneSourceSpec `json:"spec"` +} + +// VolumeCloneSourceSpec defines the Spec field for VolumeCloneSource +type VolumeCloneSourceSpec struct { + // Source is the src of the data to be cloned to the target PVC + Source corev1.TypedLocalObjectReference `json:"source"` + + // Preallocation controls whether storage for the target PVC should be allocated in advance. + // +optional + Preallocation *bool `json:"preallocation,omitempty"` + + // PriorityClassName is the priorityclass for the claim + // +optional + PriorityClassName *string `json:"priorityClassName,omitempty"` +} + +// VolumeCloneSourceList provides the needed parameters to do request a list of VolumeCloneSources from the system +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type VolumeCloneSourceList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata"` + // Items provides a list of DataSources + Items []VolumeCloneSource `json:"items"` +} + // this has to be here otherwise informer-gen doesn't recognize it // see https://github.com/kubernetes/code-generator/issues/59 // +genclient:nonNamespaced @@ -664,7 +807,7 @@ type CDISpec struct { // Restrict on which nodes CDI workload pods will be scheduled Workloads sdkapi.NodePlacement `json:"workload,omitempty"` // Clone strategy override: should we use a host-assisted copy even if snapshots are available? - // +kubebuilder:validation:Enum="copy";"snapshot" + // +kubebuilder:validation:Enum="copy";"snapshot";"csi-clone" CloneStrategyOverride *CDICloneStrategy `json:"cloneStrategyOverride,omitempty"` // CDIConfig at CDI level Config *CDIConfigSpec `json:"config,omitempty"` @@ -775,6 +918,8 @@ type CDIConfigSpec struct { DataVolumeTTLSeconds *int32 `json:"dataVolumeTTLSeconds,omitempty"` // TLSSecurityProfile is used by operators to apply cluster-wide TLS security settings to operands. TLSSecurityProfile *ocpconfigv1.TLSSecurityProfile `json:"tlsSecurityProfile,omitempty"` + // The imagePullSecrets used to pull the container images + ImagePullSecrets []corev1.LocalObjectReference `json:"imagePullSecrets,omitempty"` } // CDIConfigStatus provides the most recently observed status of the CDI Config resource @@ -792,6 +937,8 @@ type CDIConfigStatus struct { FilesystemOverhead *FilesystemOverhead `json:"filesystemOverhead,omitempty"` // Preallocation controls whether storage for DataVolumes should be allocated in advance. Preallocation bool `json:"preallocation,omitempty"` + // The imagePullSecrets used to pull the container images + ImagePullSecrets []corev1.LocalObjectReference `json:"imagePullSecrets,omitempty"` } // CDIConfigList provides the needed parameters to do request a list of CDIConfigs from the system diff --git a/vendor/kubevirt.io/containerized-data-importer-api/pkg/apis/core/v1beta1/types_swagger_generated.go b/vendor/kubevirt.io/containerized-data-importer-api/pkg/apis/core/v1beta1/types_swagger_generated.go index 9c62028926..aaa83e1c28 100644 --- a/vendor/kubevirt.io/containerized-data-importer-api/pkg/apis/core/v1beta1/types_swagger_generated.go +++ b/vendor/kubevirt.io/containerized-data-importer-api/pkg/apis/core/v1beta1/types_swagger_generated.go @@ -48,7 +48,7 @@ func (DataVolumeCheckpoint) SwaggerDoc() map[string]string { func (DataVolumeSource) SwaggerDoc() map[string]string { return map[string]string{ - "": "DataVolumeSource represents the source for our Data Volume, this can be HTTP, Imageio, S3, Registry or an existing PVC", + "": "DataVolumeSource represents the source for our Data Volume, this can be HTTP, Imageio, S3, GCS, Registry or an existing PVC", } } @@ -89,6 +89,14 @@ func (DataVolumeSourceS3) SwaggerDoc() map[string]string { } } +func (DataVolumeSourceGCS) SwaggerDoc() map[string]string { + return map[string]string{ + "": "DataVolumeSourceGCS provides the parameters to create a Data Volume from an GCS source", + "url": "URL is the url of the GCS source", + "secretRef": "SecretRef provides the secret reference needed to access the GCS source", + } +} + func (DataVolumeSourceRegistry) SwaggerDoc() map[string]string { return map[string]string{ "": "DataVolumeSourceRegistry provides the parameters to create a Data Volume from an registry source", @@ -299,6 +307,91 @@ func (DataImportCronList) SwaggerDoc() map[string]string { } } +func (VolumeImportSource) SwaggerDoc() map[string]string { + return map[string]string{ + "": "VolumeImportSource works as a specification to populate PersistentVolumeClaims with data\nimported from an HTTP/S3/Registry/Blank/ImageIO/VDDK source\n+genclient\n+k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object\n+kubebuilder:object:root=true\n+kubebuilder:storageversion", + "status": "+optional", + } +} + +func (VolumeImportSourceSpec) SwaggerDoc() map[string]string { + return map[string]string{ + "": "VolumeImportSourceSpec defines the Spec field for VolumeImportSource", + "source": "Source is the src of the data to be imported in the target PVC", + "preallocation": "Preallocation controls whether storage for the target PVC should be allocated in advance.", + "contentType": "ContentType represents the type of the imported data (Kubevirt or archive)", + } +} + +func (ImportSourceType) SwaggerDoc() map[string]string { + return map[string]string{ + "": "ImportSourceType contains each one of the source types allowed in a VolumeImportSource", + } +} + +func (VolumeImportSourceStatus) SwaggerDoc() map[string]string { + return map[string]string{ + "": "VolumeImportSourceStatus provides the most recently observed status of the VolumeImportSource", + } +} + +func (VolumeImportSourceList) SwaggerDoc() map[string]string { + return map[string]string{ + "": "VolumeImportSourceList provides the needed parameters to do request a list of Import Sources from the system\n+k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object", + "items": "Items provides a list of DataSources", + } +} + +func (VolumeUploadSource) SwaggerDoc() map[string]string { + return map[string]string{ + "": "VolumeUploadSource is a specification to populate PersistentVolumeClaims with upload data\n+genclient\n+k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object\n+kubebuilder:object:root=true\n+kubebuilder:storageversion", + "status": "+optional", + } +} + +func (VolumeUploadSourceSpec) SwaggerDoc() map[string]string { + return map[string]string{ + "": "VolumeUploadSourceSpec defines specification for VolumeUploadSource", + "contentType": "ContentType represents the type of the upload data (Kubevirt or archive)", + "preallocation": "Preallocation controls whether storage for the target PVC should be allocated in advance.", + } +} + +func (VolumeUploadSourceStatus) SwaggerDoc() map[string]string { + return map[string]string{ + "": "VolumeUploadSourceStatus provides the most recently observed status of the VolumeUploadSource", + } +} + +func (VolumeUploadSourceList) SwaggerDoc() map[string]string { + return map[string]string{ + "": "VolumeUploadSourceList provides the needed parameters to do request a list of Upload Sources from the system\n+k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object", + "items": "Items provides a list of DataSources", + } +} + +func (VolumeCloneSource) SwaggerDoc() map[string]string { + return map[string]string{ + "": "VolumeCloneSource refers to a PVC/VolumeSnapshot of any storageclass/volumemode\nto be used as the source of a new PVC\n+genclient\n+k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object\n+kubebuilder:object:root=true\n+kubebuilder:storageversion", + } +} + +func (VolumeCloneSourceSpec) SwaggerDoc() map[string]string { + return map[string]string{ + "": "VolumeCloneSourceSpec defines the Spec field for VolumeCloneSource", + "source": "Source is the src of the data to be cloned to the target PVC", + "preallocation": "Preallocation controls whether storage for the target PVC should be allocated in advance.\n+optional", + "priorityClassName": "PriorityClassName is the priorityclass for the claim\n+optional", + } +} + +func (VolumeCloneSourceList) SwaggerDoc() map[string]string { + return map[string]string{ + "": "VolumeCloneSourceList provides the needed parameters to do request a list of VolumeCloneSources from the system\n+k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object", + "items": "Items provides a list of DataSources", + } +} + func (CDI) SwaggerDoc() map[string]string { return map[string]string{ "": "CDI is the CDI Operator CRD\n+genclient\n+k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object\n+kubebuilder:object:root=true\n+kubebuilder:storageversion\n+kubebuilder:resource:shortName=cdi;cdis,scope=Cluster\n+kubebuilder:printcolumn:name=\"Age\",type=\"date\",JSONPath=\".metadata.creationTimestamp\"\n+kubebuilder:printcolumn:name=\"Phase\",type=\"string\",JSONPath=\".status.phase\"", @@ -329,7 +422,7 @@ func (CDISpec) SwaggerDoc() map[string]string { "uninstallStrategy": "+kubebuilder:validation:Enum=RemoveWorkloads;BlockUninstallIfWorkloadsExist\nCDIUninstallStrategy defines the state to leave CDI on uninstall", "infra": "Rules on which nodes CDI infrastructure pods will be scheduled", "workload": "Restrict on which nodes CDI workload pods will be scheduled", - "cloneStrategyOverride": "Clone strategy override: should we use a host-assisted copy even if snapshots are available?\n+kubebuilder:validation:Enum=\"copy\";\"snapshot\"", + "cloneStrategyOverride": "Clone strategy override: should we use a host-assisted copy even if snapshots are available?\n+kubebuilder:validation:Enum=\"copy\";\"snapshot\";\"csi-clone\"", "config": "CDIConfig at CDI level", "certConfig": "certificate configuration", "priorityClass": "PriorityClass of the CDI control plane", @@ -376,6 +469,7 @@ func (CDIConfigSpec) SwaggerDoc() map[string]string { "insecureRegistries": "InsecureRegistries is a list of TLS disabled registries", "dataVolumeTTLSeconds": "DataVolumeTTLSeconds is the time in seconds after DataVolume completion it can be garbage collected. The default is 0 sec. To disable GC use -1.\n+optional", "tlsSecurityProfile": "TLSSecurityProfile is used by operators to apply cluster-wide TLS security settings to operands.", + "imagePullSecrets": "The imagePullSecrets used to pull the container images", } } @@ -388,6 +482,7 @@ func (CDIConfigStatus) SwaggerDoc() map[string]string { "defaultPodResourceRequirements": "ResourceRequirements describes the compute resource requirements.", "filesystemOverhead": "FilesystemOverhead describes the space reserved for overhead when using Filesystem volumes. A percentage value is between 0 and 1", "preallocation": "Preallocation controls whether storage for DataVolumes should be allocated in advance.", + "imagePullSecrets": "The imagePullSecrets used to pull the container images", } } diff --git a/vendor/kubevirt.io/containerized-data-importer-api/pkg/apis/core/v1beta1/utils.go b/vendor/kubevirt.io/containerized-data-importer-api/pkg/apis/core/v1beta1/utils.go index b935d7f332..760678b665 100644 --- a/vendor/kubevirt.io/containerized-data-importer-api/pkg/apis/core/v1beta1/utils.go +++ b/vendor/kubevirt.io/containerized-data-importer-api/pkg/apis/core/v1beta1/utils.go @@ -40,6 +40,24 @@ func IsPopulated(pvc *corev1.PersistentVolumeClaim, getDvFunc func(name, namespa return true, nil } +// IsSucceededOrPendingPopulation indicates if the persistent volume passed in has been fully populated or is waiting for a consumer. +// It follow the following logic +// 1. If the PVC is not owned by a DataVolume, return true, we assume someone else has properly populated the image +// 2. If the PVC is owned by a DataVolume, look up the DV and check the phase, if phase succeeded or pending population return true +// 3. If the PVC is owned by a DataVolume, look up the DV and check the phase, if phase !succeeded return false +func IsSucceededOrPendingPopulation(pvc *corev1.PersistentVolumeClaim, getDvFunc func(name, namespace string) (*DataVolume, error)) (bool, error) { + pvcOwner := metav1.GetControllerOf(pvc) + if pvcOwner != nil && pvcOwner.Kind == "DataVolume" { + // Find the data volume: + dv, err := getDvFunc(pvcOwner.Name, pvc.Namespace) + if err != nil { + return false, err + } + return dv.Status.Phase == Succeeded || dv.Status.Phase == PendingPopulation, nil + } + return true, nil +} + // IsWaitForFirstConsumerBeforePopulating indicates if the persistent volume passed in is in ClaimPending state and waiting for first consumer. // It follow the following logic // 1. If the PVC is not owned by a DataVolume, return false, we can not assume it will be populated diff --git a/vendor/kubevirt.io/containerized-data-importer-api/pkg/apis/core/v1beta1/zz_generated.deepcopy.go b/vendor/kubevirt.io/containerized-data-importer-api/pkg/apis/core/v1beta1/zz_generated.deepcopy.go index 8913ef5145..a8ea39f6f4 100644 --- a/vendor/kubevirt.io/containerized-data-importer-api/pkg/apis/core/v1beta1/zz_generated.deepcopy.go +++ b/vendor/kubevirt.io/containerized-data-importer-api/pkg/apis/core/v1beta1/zz_generated.deepcopy.go @@ -196,6 +196,11 @@ func (in *CDIConfigSpec) DeepCopyInto(out *CDIConfigSpec) { *out = new(configv1.TLSSecurityProfile) (*in).DeepCopyInto(*out) } + if in.ImagePullSecrets != nil { + in, out := &in.ImagePullSecrets, &out.ImagePullSecrets + *out = make([]v1.LocalObjectReference, len(*in)) + copy(*out, *in) + } return } @@ -232,6 +237,11 @@ func (in *CDIConfigStatus) DeepCopyInto(out *CDIConfigStatus) { *out = new(FilesystemOverhead) (*in).DeepCopyInto(*out) } + if in.ImagePullSecrets != nil { + in, out := &in.ImagePullSecrets, &out.ImagePullSecrets + *out = make([]v1.LocalObjectReference, len(*in)) + copy(*out, *in) + } return } @@ -828,6 +838,11 @@ func (in *DataVolumeSource) DeepCopyInto(out *DataVolumeSource) { *out = new(DataVolumeSourceS3) **out = **in } + if in.GCS != nil { + in, out := &in.GCS, &out.GCS + *out = new(DataVolumeSourceGCS) + **out = **in + } if in.Registry != nil { in, out := &in.Registry, &out.Registry *out = new(DataVolumeSourceRegistry) @@ -876,6 +891,22 @@ func (in *DataVolumeSource) DeepCopy() *DataVolumeSource { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *DataVolumeSourceGCS) DeepCopyInto(out *DataVolumeSourceGCS) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DataVolumeSourceGCS. +func (in *DataVolumeSourceGCS) DeepCopy() *DataVolumeSourceGCS { + if in == nil { + return nil + } + out := new(DataVolumeSourceGCS) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *DataVolumeSourceHTTP) DeepCopyInto(out *DataVolumeSourceHTTP) { *out = *in @@ -1188,6 +1219,57 @@ func (in *ImportProxy) DeepCopy() *ImportProxy { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ImportSourceType) DeepCopyInto(out *ImportSourceType) { + *out = *in + if in.HTTP != nil { + in, out := &in.HTTP, &out.HTTP + *out = new(DataVolumeSourceHTTP) + (*in).DeepCopyInto(*out) + } + if in.S3 != nil { + in, out := &in.S3, &out.S3 + *out = new(DataVolumeSourceS3) + **out = **in + } + if in.Registry != nil { + in, out := &in.Registry, &out.Registry + *out = new(DataVolumeSourceRegistry) + (*in).DeepCopyInto(*out) + } + if in.GCS != nil { + in, out := &in.GCS, &out.GCS + *out = new(DataVolumeSourceGCS) + **out = **in + } + if in.Blank != nil { + in, out := &in.Blank, &out.Blank + *out = new(DataVolumeBlankImage) + **out = **in + } + if in.Imageio != nil { + in, out := &in.Imageio, &out.Imageio + *out = new(DataVolumeSourceImageIO) + **out = **in + } + if in.VDDK != nil { + in, out := &in.VDDK, &out.VDDK + *out = new(DataVolumeSourceVDDK) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImportSourceType. +func (in *ImportSourceType) DeepCopy() *ImportSourceType { + if in == nil { + return nil + } + out := new(ImportSourceType) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ImportStatus) DeepCopyInto(out *ImportStatus) { *out = *in @@ -1494,7 +1576,7 @@ func (in *StorageSpec) DeepCopyInto(out *StorageSpec) { } if in.DataSourceRef != nil { in, out := &in.DataSourceRef, &out.DataSourceRef - *out = new(v1.TypedLocalObjectReference) + *out = new(v1.TypedObjectReference) (*in).DeepCopyInto(*out) } return @@ -1558,3 +1640,291 @@ func (in *TransferTarget) DeepCopy() *TransferTarget { in.DeepCopyInto(out) return out } + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *VolumeCloneSource) DeepCopyInto(out *VolumeCloneSource) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VolumeCloneSource. +func (in *VolumeCloneSource) DeepCopy() *VolumeCloneSource { + if in == nil { + return nil + } + out := new(VolumeCloneSource) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *VolumeCloneSource) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *VolumeCloneSourceList) DeepCopyInto(out *VolumeCloneSourceList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]VolumeCloneSource, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VolumeCloneSourceList. +func (in *VolumeCloneSourceList) DeepCopy() *VolumeCloneSourceList { + if in == nil { + return nil + } + out := new(VolumeCloneSourceList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *VolumeCloneSourceList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *VolumeCloneSourceSpec) DeepCopyInto(out *VolumeCloneSourceSpec) { + *out = *in + in.Source.DeepCopyInto(&out.Source) + if in.Preallocation != nil { + in, out := &in.Preallocation, &out.Preallocation + *out = new(bool) + **out = **in + } + if in.PriorityClassName != nil { + in, out := &in.PriorityClassName, &out.PriorityClassName + *out = new(string) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VolumeCloneSourceSpec. +func (in *VolumeCloneSourceSpec) DeepCopy() *VolumeCloneSourceSpec { + if in == nil { + return nil + } + out := new(VolumeCloneSourceSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *VolumeImportSource) DeepCopyInto(out *VolumeImportSource) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + out.Status = in.Status + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VolumeImportSource. +func (in *VolumeImportSource) DeepCopy() *VolumeImportSource { + if in == nil { + return nil + } + out := new(VolumeImportSource) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *VolumeImportSource) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *VolumeImportSourceList) DeepCopyInto(out *VolumeImportSourceList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]VolumeImportSource, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VolumeImportSourceList. +func (in *VolumeImportSourceList) DeepCopy() *VolumeImportSourceList { + if in == nil { + return nil + } + out := new(VolumeImportSourceList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *VolumeImportSourceList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *VolumeImportSourceSpec) DeepCopyInto(out *VolumeImportSourceSpec) { + *out = *in + if in.Source != nil { + in, out := &in.Source, &out.Source + *out = new(ImportSourceType) + (*in).DeepCopyInto(*out) + } + if in.Preallocation != nil { + in, out := &in.Preallocation, &out.Preallocation + *out = new(bool) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VolumeImportSourceSpec. +func (in *VolumeImportSourceSpec) DeepCopy() *VolumeImportSourceSpec { + if in == nil { + return nil + } + out := new(VolumeImportSourceSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *VolumeImportSourceStatus) DeepCopyInto(out *VolumeImportSourceStatus) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VolumeImportSourceStatus. +func (in *VolumeImportSourceStatus) DeepCopy() *VolumeImportSourceStatus { + if in == nil { + return nil + } + out := new(VolumeImportSourceStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *VolumeUploadSource) DeepCopyInto(out *VolumeUploadSource) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + out.Status = in.Status + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VolumeUploadSource. +func (in *VolumeUploadSource) DeepCopy() *VolumeUploadSource { + if in == nil { + return nil + } + out := new(VolumeUploadSource) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *VolumeUploadSource) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *VolumeUploadSourceList) DeepCopyInto(out *VolumeUploadSourceList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]VolumeImportSource, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VolumeUploadSourceList. +func (in *VolumeUploadSourceList) DeepCopy() *VolumeUploadSourceList { + if in == nil { + return nil + } + out := new(VolumeUploadSourceList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *VolumeUploadSourceList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *VolumeUploadSourceSpec) DeepCopyInto(out *VolumeUploadSourceSpec) { + *out = *in + if in.Preallocation != nil { + in, out := &in.Preallocation, &out.Preallocation + *out = new(bool) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VolumeUploadSourceSpec. +func (in *VolumeUploadSourceSpec) DeepCopy() *VolumeUploadSourceSpec { + if in == nil { + return nil + } + out := new(VolumeUploadSourceSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *VolumeUploadSourceStatus) DeepCopyInto(out *VolumeUploadSourceStatus) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VolumeUploadSourceStatus. +func (in *VolumeUploadSourceStatus) DeepCopy() *VolumeUploadSourceStatus { + if in == nil { + return nil + } + out := new(VolumeUploadSourceStatus) + in.DeepCopyInto(out) + return out +} diff --git a/vendor/modules.txt b/vendor/modules.txt index 21b95180f1..da1aa5bc7c 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -28,7 +28,7 @@ github.com/fsnotify/fsnotify # github.com/ghodss/yaml v1.0.1-0.20190212211648-25d852aebe32 ## explicit github.com/ghodss/yaml -# github.com/go-logr/logr v1.2.3 +# github.com/go-logr/logr v1.2.4 ## explicit; go 1.16 github.com/go-logr/logr github.com/go-logr/logr/funcr @@ -172,9 +172,6 @@ github.com/operator-framework/operator-lib/handler github.com/operator-framework/operator-lib/handler/internal/metrics github.com/operator-framework/operator-lib/internal/annotation github.com/operator-framework/operator-lib/internal/utils -# github.com/pborman/uuid v1.2.0 -## explicit -github.com/pborman/uuid # github.com/pkg/errors v0.9.1 ## explicit github.com/pkg/errors @@ -353,7 +350,7 @@ gopkg.in/yaml.v2 # gopkg.in/yaml.v3 v3.0.1 => gopkg.in/yaml.v3 v3.0.1 ## explicit gopkg.in/yaml.v3 -# k8s.io/api v0.26.10 => k8s.io/api v0.26.10 +# k8s.io/api v0.27.1 => k8s.io/api v0.26.10 ## explicit; go 1.19 k8s.io/api/admission/v1 k8s.io/api/admission/v1beta1 @@ -413,7 +410,7 @@ k8s.io/api/storage/v1beta1 k8s.io/apiextensions-apiserver/pkg/apis/apiextensions k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1 k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1 -# k8s.io/apimachinery v0.26.10 => k8s.io/apimachinery v0.26.10 +# k8s.io/apimachinery v0.27.1 => k8s.io/apimachinery v0.26.10 ## explicit; go 1.19 k8s.io/apimachinery/pkg/api/equality k8s.io/apimachinery/pkg/api/errors @@ -607,7 +604,7 @@ k8s.io/client-go/util/workqueue ## explicit; go 1.19 k8s.io/component-base/config k8s.io/component-base/config/v1alpha1 -# k8s.io/klog/v2 v2.90.0 +# k8s.io/klog/v2 v2.90.1 ## explicit; go 1.13 k8s.io/klog/v2 k8s.io/klog/v2/internal/buffer @@ -629,7 +626,7 @@ k8s.io/kube-openapi/pkg/schemamutation k8s.io/kube-openapi/pkg/spec3 k8s.io/kube-openapi/pkg/util/proto k8s.io/kube-openapi/pkg/validation/spec -# k8s.io/utils v0.0.0-20230115233650-391b47cb4029 +# k8s.io/utils v0.0.0-20230505201702-9f6742963106 ## explicit; go 1.18 k8s.io/utils/buffer k8s.io/utils/clock @@ -640,12 +637,12 @@ k8s.io/utils/net k8s.io/utils/pointer k8s.io/utils/strings/slices k8s.io/utils/trace -# kubevirt.io/api v0.59.2 +# kubevirt.io/api v1.2.0-rc.1 ## explicit; go 1.17 kubevirt.io/api/core kubevirt.io/api/core/v1 -# kubevirt.io/containerized-data-importer-api v1.56.1 -## explicit; go 1.18 +# kubevirt.io/containerized-data-importer-api v1.57.0-alpha1 +## explicit; go 1.19 kubevirt.io/containerized-data-importer-api/pkg/apis/core kubevirt.io/containerized-data-importer-api/pkg/apis/core/v1beta1 # kubevirt.io/controller-lifecycle-operator-sdk v0.2.3