Documentation
¶
Overview ¶
Package v1beta1 contains API Schema definitions for the policy v1beta1 API group +kubebuilder:object:generate=true +groupName=policy.open-cluster-management.io
Index ¶
- Variables
- type ComplianceConfig
- type ComplianceConfigAction
- type OperatorPolicy
- type OperatorPolicyList
- type OperatorPolicySpec
- type OperatorPolicyStatus
- func (in *OperatorPolicyStatus) DeepCopy() *OperatorPolicyStatus
- func (in *OperatorPolicyStatus) DeepCopyInto(out *OperatorPolicyStatus)
- func (status OperatorPolicyStatus) GetCondition(condType string) (int, metav1.Condition)
- func (status OperatorPolicyStatus) RelatedObjsOfKind(kind string) map[int]policyv1.RelatedObject
- func (status OperatorPolicyStatus) SubscriptionInterventionExpired() bool
- func (status OperatorPolicyStatus) SubscriptionInterventionWaiting() bool
- type RemovalAction
- type RemovalBehavior
Constants ¶
This section is empty.
Variables ¶
var ( // GroupVersion is group version used to register these objects GroupVersion = schema.GroupVersion{Group: "policy.open-cluster-management.io", Version: "v1beta1"} // SchemeBuilder is used to add go types to the GroupVersionKind scheme SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion} // AddToScheme adds the types in this group-version to the given scheme. AddToScheme = SchemeBuilder.AddToScheme )
Functions ¶
This section is empty.
Types ¶
type ComplianceConfig ¶ added in v0.14.0
type ComplianceConfig struct {
// CatalogSourceUnhealthy specifies how the CatalogSourceUnhealthy typed condition should affect
// overall policy compliance. The default value is `Compliant`.
//
//+kubebuilder:default=Compliant
CatalogSourceUnhealthy ComplianceConfigAction `json:"catalogSourceUnhealthy,omitempty"`
// overall policy compliance. The default value is `NonCompliant`.
//
//+kubebuilder:default=NonCompliant
DeploymentsUnavailable ComplianceConfigAction `json:"deploymentsUnavailable,omitempty"`
// UpgradesAvailable specifies how the InstallPlanCompliant typed condition should affect overall
// policy compliance. The default value is `Compliant`.
//
//+kubebuilder:default=Compliant
UpgradesAvailable ComplianceConfigAction `json:"upgradesAvailable,omitempty"`
}
ComplianceConfig defines how resource statuses affect the overall operator policy status and compliance.
func (*ComplianceConfig) DeepCopy ¶ added in v0.14.0
func (in *ComplianceConfig) DeepCopy() *ComplianceConfig
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ComplianceConfig.
func (*ComplianceConfig) DeepCopyInto ¶ added in v0.14.0
func (in *ComplianceConfig) DeepCopyInto(out *ComplianceConfig)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ComplianceConfigAction ¶ added in v0.14.0
type ComplianceConfigAction string
ComplianceConfigAction configures how a status condition is reported when the involved operators are out of compliance with the operator policy. Options are `Compliant` or `NonCompliant`.
+kubebuilder:validation:Enum=Compliant;NonCompliant
const ( // Compliant is a ComplianceConfigAction that only shows the status message and does not affect // the overall compliance. Compliant ComplianceConfigAction = "Compliant" // NonCompliant is a ComplianceConfigAction that shows the status message and sets the overall // compliance when the condition is met. NonCompliant ComplianceConfigAction = "NonCompliant" )
type OperatorPolicy ¶
type OperatorPolicy struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
Spec OperatorPolicySpec `json:"spec,omitempty"`
Status OperatorPolicyStatus `json:"status,omitempty"`
}
OperatorPolicy is the schema for the operatorpolicies API. You can use the operator policy to manage operators by providing automation for their management and reporting on the status across the various operator objects.
+kubebuilder:object:root=true +kubebuilder:subresource:status
func (*OperatorPolicy) DeepCopy ¶
func (in *OperatorPolicy) DeepCopy() *OperatorPolicy
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OperatorPolicy.
func (*OperatorPolicy) DeepCopyInto ¶
func (in *OperatorPolicy) DeepCopyInto(out *OperatorPolicy)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*OperatorPolicy) DeepCopyObject ¶
func (in *OperatorPolicy) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type OperatorPolicyList ¶
type OperatorPolicyList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"`
Items []OperatorPolicy `json:"items"`
}
OperatorPolicyList contains a list of operator policies.
+kubebuilder:object:root=true
func (*OperatorPolicyList) DeepCopy ¶
func (in *OperatorPolicyList) DeepCopy() *OperatorPolicyList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OperatorPolicyList.
func (*OperatorPolicyList) DeepCopyInto ¶
func (in *OperatorPolicyList) DeepCopyInto(out *OperatorPolicyList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*OperatorPolicyList) DeepCopyObject ¶
func (in *OperatorPolicyList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type OperatorPolicySpec ¶
type OperatorPolicySpec struct {
Severity policyv1.Severity `json:"severity,omitempty"`
RemediationAction policyv1.RemediationAction `json:"remediationAction,omitempty"`
// ComplianceType specifies the desired state of the operator on the cluster. If set to
// `musthave`, the policy is compliant when the operator is found. If set to `mustnothave`,
// the policy is compliant when the operator is not found.
//
// +kubebuilder:validation:Enum=musthave;mustnothave
ComplianceType policyv1.ComplianceType `json:"complianceType"`
// OperatorGroup specifies which `OperatorGroup` to inspect. Include the name, namespace, and any
// `spec` fields for the operator group. For more info, see `kubectl explain operatorgroups.spec`
// or view https://olm.operatorframework.io/docs/concepts/crds/operatorgroup/.
//
//+kubebuilder:pruning:PreserveUnknownFields
//+optional
OperatorGroup *runtime.RawExtension `json:"operatorGroup,omitempty"`
// Subscription specifies which operator `Subscription` resource to inspect. Include the
// namespace, and any `spec` fields for the Subscription. For more info, see `kubectl explain
// subscriptions.operators.coreos.com.spec` or view
// https://olm.operatorframework.io/docs/concepts/crds/subscription/.
//
//+kubebuilder:validation:Required
//+kubebuilder:pruning:PreserveUnknownFields
Subscription runtime.RawExtension `json:"subscription"`
// Versions is a list of non-empty strings that specifies which installed versions are compliant
// when in `inform` mode and which `InstallPlans` are approved when in `enforce` mode.
Versions []policyv1.NonEmptyString `json:"versions,omitempty"`
// Use RemovalBehavior to define what resources need to be removed when enforcing `mustnothave`
// policies. When in `inform` mode, any resources that are deleted if the policy is set to
// `enforce` makes the policy noncompliant, but resources that are kept are compliant.
//
//+kubebuilder:default={}
RemovalBehavior RemovalBehavior `json:"removalBehavior,omitempty"`
// UpgradeApproval determines whether 'upgrade' InstallPlans for the operator will be approved
// by the controller when the policy is enforced and in 'musthave' mode. The initial InstallPlan
// approval is not affected by this setting. This setting has no effect when the policy is in
// 'mustnothave' mode. Allowed values are "None" or "Automatic".
//
//+kubebuilder:validation:Required
//+kubebuilder:validation:Enum=None;Automatic
UpgradeApproval string `json:"upgradeApproval"`
// ComplianceConfig defines how resource statuses affect the OperatorPolicy status and compliance.
// When set to Compliant, the condition does not impact the OperatorPolicy compliance. When set to
// NonCompliant, the condition causes the OperatorPolicy to become NonCompliant.
//
//+kubebuilder:default={}
ComplianceConfig ComplianceConfig `json:"complianceConfig,omitempty"`
}
OperatorPolicySpec defines the desired state of a particular operator on the cluster.
func (*OperatorPolicySpec) DeepCopy ¶
func (in *OperatorPolicySpec) DeepCopy() *OperatorPolicySpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OperatorPolicySpec.
func (*OperatorPolicySpec) DeepCopyInto ¶
func (in *OperatorPolicySpec) DeepCopyInto(out *OperatorPolicySpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type OperatorPolicyStatus ¶
type OperatorPolicyStatus struct {
// ComplianceState reports the most recent compliance state of the operator policy.
ComplianceState policyv1.ComplianceState `json:"compliant,omitempty"`
// ObservedGeneration is the latest generation observed by the controller.
// +optional
ObservedGeneration int64 `json:"observedGeneration,omitempty"`
// Conditions includes historic details on the condition of the operator policy.
//
//+listType=map
//+listMapKey=type
Conditions []metav1.Condition `json:"conditions,omitempty"`
// RelatedObjects reports a list of resources associated with the operator policy.
//
//+optional
RelatedObjects []policyv1.RelatedObject `json:"relatedObjects"`
// The resolved name.namespace of the subscription
ResolvedSubscriptionLabel string `json:"resolvedSubscriptionLabel,omitempty"`
// The list of overlapping OperatorPolicies (as name.namespace) which all manage the same
// subscription, including this policy. When no overlapping is detected, this list will be empty.
OverlappingPolicies []string `json:"overlappingPolicies,omitempty"`
// Timestamp for a possible intervention to help a Subscription stuck with a
// ConstraintsNotSatisfiable condition. Can be in the future, indicating the
// policy is waiting for OLM to resolve the situation. If in the recent past,
// the policy may update the status of the Subscription.
SubscriptionInterventionTime *metav1.Time `json:"subscriptionInterventionTime,omitempty"`
}
OperatorPolicyStatus is the observed state of the operators from the specifications given in the operator policy.
func (*OperatorPolicyStatus) DeepCopy ¶
func (in *OperatorPolicyStatus) DeepCopy() *OperatorPolicyStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OperatorPolicyStatus.
func (*OperatorPolicyStatus) DeepCopyInto ¶
func (in *OperatorPolicyStatus) DeepCopyInto(out *OperatorPolicyStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (OperatorPolicyStatus) GetCondition ¶ added in v0.13.0
func (status OperatorPolicyStatus) GetCondition(condType string) (int, metav1.Condition)
GetCondition iterates over the status conditions of the policy and returns the index and condition matching the given condition Type. It will return -1 as the index if no condition of the specified Type is found.
func (OperatorPolicyStatus) RelatedObjsOfKind ¶ added in v0.13.0
func (status OperatorPolicyStatus) RelatedObjsOfKind(kind string) map[int]policyv1.RelatedObject
RelatedObjsOfKind iterates over the related objects in the status and returns a map of the index in the array to the related object that has the given kind.
func (OperatorPolicyStatus) SubscriptionInterventionExpired ¶ added in v0.14.0
func (status OperatorPolicyStatus) SubscriptionInterventionExpired() bool
Returns true if the SubscriptionInterventionTime is far enough in the past to be considered expired, and therefore should be removed from the status.
func (OperatorPolicyStatus) SubscriptionInterventionWaiting ¶ added in v0.14.0
func (status OperatorPolicyStatus) SubscriptionInterventionWaiting() bool
Returns true if the SubscriptionInterventionTime is in the future.
type RemovalAction ¶
type RemovalAction string
RemovalAction is the behavior when the operator policy is removed. The supported options are `Keep`, `Delete`, or `DeleteIfUnused`.
+kubebuilder:validation:Enum=Keep;Delete;DeleteIfUnused
const ( // Keep is a RemovalBehavior indicating that the controller may not delete a type. Keep RemovalAction = "Keep" // Delete is a RemovalBehavior indicating that the controller may delete a type. Delete RemovalAction = "Delete" // DeleteIfUnused is a RemovalBehavior indicating that the controller may delete a type only if it // is not being used by another subscription. DeleteIfUnused RemovalAction = "DeleteIfUnused" )
func (RemovalAction) IsDelete ¶ added in v0.14.0
func (ra RemovalAction) IsDelete() bool
func (RemovalAction) IsDeleteIfUnused ¶ added in v0.14.0
func (ra RemovalAction) IsDeleteIfUnused() bool
func (RemovalAction) IsKeep ¶ added in v0.14.0
func (ra RemovalAction) IsKeep() bool
type RemovalBehavior ¶
type RemovalBehavior struct {
// Use the `operatorGroups` parameter to specify whether to delete the OperatorGroup. The default
// value is `DeleteIfUnused`, which only deletes the OperatorGroup if there is not another
// resource using it.
//
//+kubebuilder:default=DeleteIfUnused
//+kubebuilder:validation:Enum=Keep;DeleteIfUnused
OperatorGroups RemovalAction `json:"operatorGroups,omitempty"`
// Use the `subscriptions` parameter to specify whether to delete the Subscription. The default
// value is `Delete`.
//
//+kubebuilder:default=Delete
//+kubebuilder:validation:Enum=Keep;Delete
Subscriptions RemovalAction `json:"subscriptions,omitempty"`
// Use the `clusterServiceVersions` parameter to specify whether to delete the
// ClusterServiceVersion. The default value is `Delete`.
//
//+kubebuilder:default=Delete
//+kubebuilder:validation:Enum=Keep;Delete
CSVs RemovalAction `json:"clusterServiceVersions,omitempty"`
// Use the customResourceDefinitions parameter to specify whether to delete any
// CustomResourceDefinitions associated with the operator. The default value is `Keep`, because
// deleting them should be done deliberately.
//
//+kubebuilder:default=Keep
//+kubebuilder:validation:Enum=Keep;Delete
CRDs RemovalAction `json:"customResourceDefinitions,omitempty"`
}
func (RemovalBehavior) ApplyDefaults ¶ added in v0.14.0
func (rb RemovalBehavior) ApplyDefaults() RemovalBehavior
ApplyDefaults ensures that unset fields in a RemovalBehavior behave as if they were set to the default values. In a cluster, Kubernetes API validation should ensure that there are no unset values and should apply the default values itself.
func (*RemovalBehavior) DeepCopy ¶ added in v0.13.0
func (in *RemovalBehavior) DeepCopy() *RemovalBehavior
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RemovalBehavior.
func (*RemovalBehavior) DeepCopyInto ¶ added in v0.13.0
func (in *RemovalBehavior) DeepCopyInto(out *RemovalBehavior)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
Source Files