From 941be6027796c0293f0108e669c64867f3766213 Mon Sep 17 00:00:00 2001 From: Brandon Palm Date: Mon, 15 Sep 2025 15:12:57 -0500 Subject: [PATCH] PoC: Add cert-manager-proxy --- api/operator/v1alpha1/http01proxy_types.go | 188 +++++++++++++ .../v1alpha1/zz_generated.deepcopy.go | 22 +- .../operator.openshift.io_http01proxies.yaml | 210 +++++++++++++++ config/rbac/role.yaml | 3 + ...tor.openshift.io_v1alpha1_http01proxy.yaml | 11 + pkg/controller/http01proxy/controller.go | 53 ++++ .../applyconfigurations/internal/internal.go | 10 + .../operator/v1alpha1/http01proxy.go | 248 ++++++++++++++++++ .../operator/v1alpha1/http01proxyspec.go | 54 ++++ .../operator/v1alpha1/http01proxystatus.go | 50 ++++ pkg/operator/applyconfigurations/utils.go | 6 + .../v1alpha1/fake/fake_http01proxy.go | 37 +++ .../v1alpha1/fake/fake_operator_client.go | 4 + .../operator/v1alpha1/generated_expansion.go | 2 + .../typed/operator/v1alpha1/http01proxy.go | 58 ++++ .../operator/v1alpha1/operator_client.go | 5 + .../informers/externalversions/generic.go | 2 + .../operator/v1alpha1/http01proxy.go | 74 ++++++ .../operator/v1alpha1/interface.go | 7 + .../operator/v1alpha1/expansion_generated.go | 8 + .../listers/operator/v1alpha1/http01proxy.go | 54 ++++ pkg/operator/setup_manager.go | 10 + 22 files changed, 1115 insertions(+), 1 deletion(-) create mode 100644 api/operator/v1alpha1/http01proxy_types.go create mode 100644 config/crd/bases/operator.openshift.io_http01proxies.yaml create mode 100644 config/samples/operator.openshift.io_v1alpha1_http01proxy.yaml create mode 100644 pkg/controller/http01proxy/controller.go create mode 100644 pkg/operator/applyconfigurations/operator/v1alpha1/http01proxy.go create mode 100644 pkg/operator/applyconfigurations/operator/v1alpha1/http01proxyspec.go create mode 100644 pkg/operator/applyconfigurations/operator/v1alpha1/http01proxystatus.go create mode 100644 pkg/operator/clientset/versioned/typed/operator/v1alpha1/fake/fake_http01proxy.go create mode 100644 pkg/operator/clientset/versioned/typed/operator/v1alpha1/http01proxy.go create mode 100644 pkg/operator/informers/externalversions/operator/v1alpha1/http01proxy.go create mode 100644 pkg/operator/listers/operator/v1alpha1/http01proxy.go diff --git a/api/operator/v1alpha1/http01proxy_types.go b/api/operator/v1alpha1/http01proxy_types.go new file mode 100644 index 000000000..205871880 --- /dev/null +++ b/api/operator/v1alpha1/http01proxy_types.go @@ -0,0 +1,188 @@ +package v1alpha1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" +) + +func init() { + SchemeBuilder.Register(&HTTP01Proxy{}, &HTTP01ProxyList{}) +} + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +//+kubebuilder:object:root=true + +// HTTP01ProxyList is a list of HTTP01Proxy objects. +type HTTP01ProxyList struct { + metav1.TypeMeta `json:",inline"` + + // metadata is the standard list's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + metav1.ListMeta `json:"metadata"` + Items []HTTP01Proxy `json:"items"` +} + +// +genclient +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +// +kubebuilder:subresource:status + +// HTTP01Proxy describes configuration for a cluster-managed HTTP-01 challenge proxy. +// The name must be `default` to make it a singleton per namespace. +// +// When an HTTP01Proxy is created and enabled, the operator may deploy and +// manage components needed to route and respond to ACME HTTP-01 challenges +// for eligible namespaces. +// +// +kubebuilder:object:root=true +// +kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp" +// +kubebuilder:validation:XValidation:rule="self.metadata.name == 'default'",message="http01proxy is a singleton, .metadata.name must be 'default'" +// +operator-sdk:csv:customresourcedefinitions:displayName="HTTP01Proxy" +type HTTP01Proxy struct { + metav1.TypeMeta `json:",inline"` + + // metadata is the standard object's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + metav1.ObjectMeta `json:"metadata,omitempty"` + + // spec is the specification of the desired behavior of the HTTP01Proxy. + // +kubebuilder:validation:Required + // +required + Spec HTTP01ProxySpec `json:"spec,omitempty"` + + // status is the most recently observed status of the HTTP01Proxy. + Status HTTP01ProxyStatus `json:"status,omitempty"` +} + +// HTTP01ProxySpec defines desired behavior for managing HTTP-01 challenge proxying. +type HTTP01ProxySpec struct { + // enabled turns the HTTP01 proxy manager on or off. + // +kubebuilder:default:=false + // +kubebuilder:validation:Optional + // +optional + Enabled bool `json:"enabled,omitempty"` + + // allowedNamespaces restricts which namespaces may utilize the proxy. + // When unset, no namespaces are allowed. Set a label selector to opt-in. + // +kubebuilder:validation:Optional + // +optional + AllowedNamespaces *metav1.LabelSelector `json:"allowedNamespaces,omitempty"` + + // cleanupTTLSeconds is the TTL in seconds to keep any ephemeral resources + // (like Routes) after a challenge is completed. + // +kubebuilder:default:=600 + // +kubebuilder:validation:Minimum:=0 + // +kubebuilder:validation:Optional + // +optional + CleanupTTLSeconds int32 `json:"cleanupTTLSeconds,omitempty"` + + // controllerConfig configures labels or other defaults for resources + // created by the controller. + // +kubebuilder:validation:Optional + // +optional + ControllerConfig *ControllerConfig `json:"controllerConfig,omitempty"` +} + +// HTTP01ProxyStatus is the most recently observed status of the HTTP01Proxy. +type HTTP01ProxyStatus struct { + // conditions holds information about the current state of the HTTP01 proxy controller. + ConditionalStatus `json:",inline,omitempty"` + + // activeChallenges is a best-effort count of challenges currently being serviced. + // +kubebuilder:validation:Optional + // +optional + ActiveChallenges int32 `json:"activeChallenges,omitempty"` + + // lastError contains a short description of the last reconciliation error, if any. + // +kubebuilder:validation:Optional + // +optional + LastError string `json:"lastError,omitempty"` +} + +// DeepCopyInto copies all properties of this object into another object of the +// same type that is provided as a pointer. +func (in *HTTP01Proxy) DeepCopyInto(out *HTTP01Proxy) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTP01Proxy. +func (in *HTTP01Proxy) DeepCopy() *HTTP01Proxy { + if in == nil { + return nil + } + out := new(HTTP01Proxy) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject copies the receiver, creating a new runtime.Object. +func (in *HTTP01Proxy) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto for HTTP01ProxySpec +func (in *HTTP01ProxySpec) DeepCopyInto(out *HTTP01ProxySpec) { + *out = *in + if in.AllowedNamespaces != nil { + out.AllowedNamespaces = new(metav1.LabelSelector) + in.AllowedNamespaces.DeepCopyInto(out.AllowedNamespaces) + } + if in.ControllerConfig != nil { + out.ControllerConfig = new(ControllerConfig) + *out.ControllerConfig = *in.ControllerConfig + if in.ControllerConfig.Labels != nil { + out.ControllerConfig.Labels = make(map[string]string, len(in.ControllerConfig.Labels)) + for k, v := range in.ControllerConfig.Labels { + out.ControllerConfig.Labels[k] = v + } + } + } +} + +// DeepCopyInto for HTTP01ProxyStatus +func (in *HTTP01ProxyStatus) DeepCopyInto(out *HTTP01ProxyStatus) { + *out = *in + if in.Conditions != nil { + out.Conditions = make([]metav1.Condition, len(in.Conditions)) + for i := range in.Conditions { + in.Conditions[i].DeepCopyInto(&out.Conditions[i]) + } + } +} + +// DeepCopyInto copies all properties of this object into another object. +func (in *HTTP01ProxyList) DeepCopyInto(out *HTTP01ProxyList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + out.Items = make([]HTTP01Proxy, len(in.Items)) + for i := range in.Items { + in.Items[i].DeepCopyInto(&out.Items[i]) + } + } +} + +// DeepCopy creates a new deep-copied HTTP01ProxyList. +func (in *HTTP01ProxyList) DeepCopy() *HTTP01ProxyList { + if in == nil { + return nil + } + out := new(HTTP01ProxyList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject creates a new runtime.Object deep copy. +func (in *HTTP01ProxyList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} diff --git a/api/operator/v1alpha1/zz_generated.deepcopy.go b/api/operator/v1alpha1/zz_generated.deepcopy.go index d878e25ce..d9b85e190 100644 --- a/api/operator/v1alpha1/zz_generated.deepcopy.go +++ b/api/operator/v1alpha1/zz_generated.deepcopy.go @@ -24,7 +24,7 @@ import ( "k8s.io/api/core/v1" networkingv1 "k8s.io/api/networking/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime" ) // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. @@ -319,6 +319,26 @@ func (in *DeploymentConfig) DeepCopy() *DeploymentConfig { return out } +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTP01ProxySpec. +func (in *HTTP01ProxySpec) DeepCopy() *HTTP01ProxySpec { + if in == nil { + return nil + } + out := new(HTTP01ProxySpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTP01ProxyStatus. +func (in *HTTP01ProxyStatus) DeepCopy() *HTTP01ProxyStatus { + if in == nil { + return nil + } + out := new(HTTP01ProxyStatus) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *IstioCSR) DeepCopyInto(out *IstioCSR) { *out = *in diff --git a/config/crd/bases/operator.openshift.io_http01proxies.yaml b/config/crd/bases/operator.openshift.io_http01proxies.yaml new file mode 100644 index 000000000..ab5ed7e61 --- /dev/null +++ b/config/crd/bases/operator.openshift.io_http01proxies.yaml @@ -0,0 +1,210 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.15.0 + name: http01proxies.operator.openshift.io +spec: + group: operator.openshift.io + names: + kind: HTTP01Proxy + listKind: HTTP01ProxyList + plural: http01proxies + singular: http01proxy + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: |- + HTTP01Proxy describes configuration for a cluster-managed HTTP-01 challenge proxy. + The name must be `default` to make it a singleton per namespace. + + When an HTTP01Proxy is created and enabled, the operator may deploy and + manage components needed to route and respond to ACME HTTP-01 challenges + for eligible namespaces. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: spec is the specification of the desired behavior of the + HTTP01Proxy. + properties: + allowedNamespaces: + description: |- + allowedNamespaces restricts which namespaces may utilize the proxy. + When unset, no namespaces are allowed. Set a label selector to opt-in. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + cleanupTTLSeconds: + default: 600 + description: |- + cleanupTTLSeconds is the TTL in seconds to keep any ephemeral resources + (like Routes) after a challenge is completed. + format: int32 + minimum: 0 + type: integer + controllerConfig: + description: |- + controllerConfig configures labels or other defaults for resources + created by the controller. + properties: + labels: + additionalProperties: + type: string + description: labels to apply to all resources created for istio-csr + agent deployment. + type: object + x-kubernetes-map-type: granular + type: object + enabled: + default: false + description: enabled turns the HTTP01 proxy manager on or off. + type: boolean + type: object + status: + description: status is the most recently observed status of the HTTP01Proxy. + properties: + activeChallenges: + description: activeChallenges is a best-effort count of challenges + currently being serviced. + format: int32 + type: integer + conditions: + description: conditions holds information of the current state of + the istio-csr agent deployment. + items: + description: Condition contains details for one aspect of the current + state of this API Resource. + properties: + lastTransitionTime: + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + lastError: + description: lastError contains a short description of the last reconciliation + error, if any. + type: string + type: object + required: + - spec + type: object + x-kubernetes-validations: + - message: http01proxy is a singleton, .metadata.name must be 'default' + rule: self.metadata.name == 'default' + served: true + storage: true + subresources: + status: {} diff --git a/config/rbac/role.yaml b/config/rbac/role.yaml index c387f3a40..faa178e83 100644 --- a/config/rbac/role.yaml +++ b/config/rbac/role.yaml @@ -213,6 +213,7 @@ rules: - operator.openshift.io resources: - certmanagers + - http01proxies verbs: - create - delete @@ -225,6 +226,7 @@ rules: - operator.openshift.io resources: - certmanagers/finalizers + - http01proxies/finalizers - istiocsrs/finalizers verbs: - update @@ -232,6 +234,7 @@ rules: - operator.openshift.io resources: - certmanagers/status + - http01proxies/status - istiocsrs/status verbs: - get diff --git a/config/samples/operator.openshift.io_v1alpha1_http01proxy.yaml b/config/samples/operator.openshift.io_v1alpha1_http01proxy.yaml new file mode 100644 index 000000000..46f7f5ce1 --- /dev/null +++ b/config/samples/operator.openshift.io_v1alpha1_http01proxy.yaml @@ -0,0 +1,11 @@ +apiVersion: operator.openshift.io/v1alpha1 +kind: HTTP01Proxy +metadata: + name: default +spec: + enabled: true + allowedNamespaces: + matchLabels: + acme-http01-enabled: "true" + cleanupTTLSeconds: 600 + diff --git a/pkg/controller/http01proxy/controller.go b/pkg/controller/http01proxy/controller.go new file mode 100644 index 000000000..b2695c6cc --- /dev/null +++ b/pkg/controller/http01proxy/controller.go @@ -0,0 +1,53 @@ +package http01proxy + +import ( + "context" + "fmt" + + corev1 "k8s.io/api/core/v1" + "k8s.io/apimachinery/pkg/runtime" + ctrl "sigs.k8s.io/controller-runtime" + "sigs.k8s.io/controller-runtime/pkg/client" + "sigs.k8s.io/controller-runtime/pkg/log" + + operatorv1alpha1 "github.com/openshift/cert-manager-operator/api/operator/v1alpha1" +) + +const ControllerName = "http01proxy-controller" + +// Reconciler reconciles an HTTP01Proxy object +type Reconciler struct { + client.Client + Scheme *runtime.Scheme +} + +func New(mgr ctrl.Manager) (*Reconciler, error) { + return &Reconciler{Client: mgr.GetClient(), Scheme: mgr.GetScheme()}, nil +} + +//+kubebuilder:rbac:groups=operator.openshift.io,resources=http01proxies,verbs=get;list;watch;create;update;patch;delete +//+kubebuilder:rbac:groups=operator.openshift.io,resources=http01proxies/status,verbs=get;update;patch +//+kubebuilder:rbac:groups=operator.openshift.io,resources=http01proxies/finalizers,verbs=update + +// TODO: additional RBAC will be needed to read Challenges and manage Routes/Services + +func (r *Reconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) { + logger := log.FromContext(ctx) + logger.Info("Reconciling HTTP01Proxy", "name", req.NamespacedName) + + // Minimal no-op reconcile for scaffold + return ctrl.Result{}, nil +} + +func (r *Reconciler) SetupWithManager(mgr ctrl.Manager) error { + return ctrl.NewControllerManagedBy(mgr). + For(&operatorv1alpha1.HTTP01Proxy{}). + Complete(r) +} + +// helper to record events (future use) +func (r *Reconciler) recordEventf(obj runtime.Object, eventtype, reason, messageFmt string, args ...interface{}) { + _ = fmt.Sprintf(messageFmt, args...) + // intentionally no-op for now; will wire an EventRecorder when we add logic + _ = corev1.EventTypeNormal +} diff --git a/pkg/operator/applyconfigurations/internal/internal.go b/pkg/operator/applyconfigurations/internal/internal.go index ab48e360d..54b192d74 100644 --- a/pkg/operator/applyconfigurations/internal/internal.go +++ b/pkg/operator/applyconfigurations/internal/internal.go @@ -33,6 +33,16 @@ var schemaYAML = typed.YAMLObject(`types: elementType: namedType: __untyped_deduced_ elementRelationship: separable +- name: com.github.openshift.cert-manager-operator.api.operator.v1alpha1.HTTP01Proxy + scalar: untyped + list: + elementType: + namedType: __untyped_atomic_ + elementRelationship: atomic + map: + elementType: + namedType: __untyped_deduced_ + elementRelationship: separable - name: com.github.openshift.cert-manager-operator.api.operator.v1alpha1.IstioCSR scalar: untyped list: diff --git a/pkg/operator/applyconfigurations/operator/v1alpha1/http01proxy.go b/pkg/operator/applyconfigurations/operator/v1alpha1/http01proxy.go new file mode 100644 index 000000000..6f561d67d --- /dev/null +++ b/pkg/operator/applyconfigurations/operator/v1alpha1/http01proxy.go @@ -0,0 +1,248 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + operatorv1alpha1 "github.com/openshift/cert-manager-operator/api/operator/v1alpha1" + internal "github.com/openshift/cert-manager-operator/pkg/operator/applyconfigurations/internal" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + managedfields "k8s.io/apimachinery/pkg/util/managedfields" + v1 "k8s.io/client-go/applyconfigurations/meta/v1" +) + +// HTTP01ProxyApplyConfiguration represents a declarative configuration of the HTTP01Proxy type for use +// with apply. +type HTTP01ProxyApplyConfiguration struct { + v1.TypeMetaApplyConfiguration `json:",inline"` + *v1.ObjectMetaApplyConfiguration `json:"metadata,omitempty"` + Spec *HTTP01ProxySpecApplyConfiguration `json:"spec,omitempty"` + Status *HTTP01ProxyStatusApplyConfiguration `json:"status,omitempty"` +} + +// HTTP01Proxy constructs a declarative configuration of the HTTP01Proxy type for use with +// apply. +func HTTP01Proxy(name, namespace string) *HTTP01ProxyApplyConfiguration { + b := &HTTP01ProxyApplyConfiguration{} + b.WithName(name) + b.WithNamespace(namespace) + b.WithKind("HTTP01Proxy") + b.WithAPIVersion("operator.openshift.io/v1alpha1") + return b +} + +// ExtractHTTP01Proxy extracts the applied configuration owned by fieldManager from +// hTTP01Proxy. If no managedFields are found in hTTP01Proxy for fieldManager, a +// HTTP01ProxyApplyConfiguration is returned with only the Name, Namespace (if applicable), +// APIVersion and Kind populated. It is possible that no managed fields were found for because other +// field managers have taken ownership of all the fields previously owned by fieldManager, or because +// the fieldManager never owned fields any fields. +// hTTP01Proxy must be a unmodified HTTP01Proxy API object that was retrieved from the Kubernetes API. +// ExtractHTTP01Proxy provides a way to perform a extract/modify-in-place/apply workflow. +// Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously +// applied if another fieldManager has updated or force applied any of the previously applied fields. +// Experimental! +func ExtractHTTP01Proxy(hTTP01Proxy *operatorv1alpha1.HTTP01Proxy, fieldManager string) (*HTTP01ProxyApplyConfiguration, error) { + return extractHTTP01Proxy(hTTP01Proxy, fieldManager, "") +} + +// ExtractHTTP01ProxyStatus is the same as ExtractHTTP01Proxy except +// that it extracts the status subresource applied configuration. +// Experimental! +func ExtractHTTP01ProxyStatus(hTTP01Proxy *operatorv1alpha1.HTTP01Proxy, fieldManager string) (*HTTP01ProxyApplyConfiguration, error) { + return extractHTTP01Proxy(hTTP01Proxy, fieldManager, "status") +} + +func extractHTTP01Proxy(hTTP01Proxy *operatorv1alpha1.HTTP01Proxy, fieldManager string, subresource string) (*HTTP01ProxyApplyConfiguration, error) { + b := &HTTP01ProxyApplyConfiguration{} + err := managedfields.ExtractInto(hTTP01Proxy, internal.Parser().Type("com.github.openshift.cert-manager-operator.api.operator.v1alpha1.HTTP01Proxy"), fieldManager, b, subresource) + if err != nil { + return nil, err + } + b.WithName(hTTP01Proxy.Name) + b.WithNamespace(hTTP01Proxy.Namespace) + + b.WithKind("HTTP01Proxy") + b.WithAPIVersion("operator.openshift.io/v1alpha1") + return b, nil +} + +// WithKind sets the Kind field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Kind field is set to the value of the last call. +func (b *HTTP01ProxyApplyConfiguration) WithKind(value string) *HTTP01ProxyApplyConfiguration { + b.TypeMetaApplyConfiguration.Kind = &value + return b +} + +// WithAPIVersion sets the APIVersion field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the APIVersion field is set to the value of the last call. +func (b *HTTP01ProxyApplyConfiguration) WithAPIVersion(value string) *HTTP01ProxyApplyConfiguration { + b.TypeMetaApplyConfiguration.APIVersion = &value + return b +} + +// WithName sets the Name field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Name field is set to the value of the last call. +func (b *HTTP01ProxyApplyConfiguration) WithName(value string) *HTTP01ProxyApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.ObjectMetaApplyConfiguration.Name = &value + return b +} + +// WithGenerateName sets the GenerateName field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the GenerateName field is set to the value of the last call. +func (b *HTTP01ProxyApplyConfiguration) WithGenerateName(value string) *HTTP01ProxyApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.ObjectMetaApplyConfiguration.GenerateName = &value + return b +} + +// WithNamespace sets the Namespace field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Namespace field is set to the value of the last call. +func (b *HTTP01ProxyApplyConfiguration) WithNamespace(value string) *HTTP01ProxyApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.ObjectMetaApplyConfiguration.Namespace = &value + return b +} + +// WithUID sets the UID field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the UID field is set to the value of the last call. +func (b *HTTP01ProxyApplyConfiguration) WithUID(value types.UID) *HTTP01ProxyApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.ObjectMetaApplyConfiguration.UID = &value + return b +} + +// WithResourceVersion sets the ResourceVersion field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the ResourceVersion field is set to the value of the last call. +func (b *HTTP01ProxyApplyConfiguration) WithResourceVersion(value string) *HTTP01ProxyApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.ObjectMetaApplyConfiguration.ResourceVersion = &value + return b +} + +// WithGeneration sets the Generation field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Generation field is set to the value of the last call. +func (b *HTTP01ProxyApplyConfiguration) WithGeneration(value int64) *HTTP01ProxyApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.ObjectMetaApplyConfiguration.Generation = &value + return b +} + +// WithCreationTimestamp sets the CreationTimestamp field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the CreationTimestamp field is set to the value of the last call. +func (b *HTTP01ProxyApplyConfiguration) WithCreationTimestamp(value metav1.Time) *HTTP01ProxyApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.ObjectMetaApplyConfiguration.CreationTimestamp = &value + return b +} + +// WithDeletionTimestamp sets the DeletionTimestamp field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the DeletionTimestamp field is set to the value of the last call. +func (b *HTTP01ProxyApplyConfiguration) WithDeletionTimestamp(value metav1.Time) *HTTP01ProxyApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.ObjectMetaApplyConfiguration.DeletionTimestamp = &value + return b +} + +// WithDeletionGracePeriodSeconds sets the DeletionGracePeriodSeconds field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the DeletionGracePeriodSeconds field is set to the value of the last call. +func (b *HTTP01ProxyApplyConfiguration) WithDeletionGracePeriodSeconds(value int64) *HTTP01ProxyApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.ObjectMetaApplyConfiguration.DeletionGracePeriodSeconds = &value + return b +} + +// WithLabels puts the entries into the Labels field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, the entries provided by each call will be put on the Labels field, +// overwriting an existing map entries in Labels field with the same key. +func (b *HTTP01ProxyApplyConfiguration) WithLabels(entries map[string]string) *HTTP01ProxyApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + if b.ObjectMetaApplyConfiguration.Labels == nil && len(entries) > 0 { + b.ObjectMetaApplyConfiguration.Labels = make(map[string]string, len(entries)) + } + for k, v := range entries { + b.ObjectMetaApplyConfiguration.Labels[k] = v + } + return b +} + +// WithAnnotations puts the entries into the Annotations field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, the entries provided by each call will be put on the Annotations field, +// overwriting an existing map entries in Annotations field with the same key. +func (b *HTTP01ProxyApplyConfiguration) WithAnnotations(entries map[string]string) *HTTP01ProxyApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + if b.ObjectMetaApplyConfiguration.Annotations == nil && len(entries) > 0 { + b.ObjectMetaApplyConfiguration.Annotations = make(map[string]string, len(entries)) + } + for k, v := range entries { + b.ObjectMetaApplyConfiguration.Annotations[k] = v + } + return b +} + +// WithOwnerReferences adds the given value to the OwnerReferences field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the OwnerReferences field. +func (b *HTTP01ProxyApplyConfiguration) WithOwnerReferences(values ...*v1.OwnerReferenceApplyConfiguration) *HTTP01ProxyApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + for i := range values { + if values[i] == nil { + panic("nil value passed to WithOwnerReferences") + } + b.ObjectMetaApplyConfiguration.OwnerReferences = append(b.ObjectMetaApplyConfiguration.OwnerReferences, *values[i]) + } + return b +} + +// WithFinalizers adds the given value to the Finalizers field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Finalizers field. +func (b *HTTP01ProxyApplyConfiguration) WithFinalizers(values ...string) *HTTP01ProxyApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + for i := range values { + b.ObjectMetaApplyConfiguration.Finalizers = append(b.ObjectMetaApplyConfiguration.Finalizers, values[i]) + } + return b +} + +func (b *HTTP01ProxyApplyConfiguration) ensureObjectMetaApplyConfigurationExists() { + if b.ObjectMetaApplyConfiguration == nil { + b.ObjectMetaApplyConfiguration = &v1.ObjectMetaApplyConfiguration{} + } +} + +// WithSpec sets the Spec field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Spec field is set to the value of the last call. +func (b *HTTP01ProxyApplyConfiguration) WithSpec(value *HTTP01ProxySpecApplyConfiguration) *HTTP01ProxyApplyConfiguration { + b.Spec = value + return b +} + +// WithStatus sets the Status field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Status field is set to the value of the last call. +func (b *HTTP01ProxyApplyConfiguration) WithStatus(value *HTTP01ProxyStatusApplyConfiguration) *HTTP01ProxyApplyConfiguration { + b.Status = value + return b +} + +// GetName retrieves the value of the Name field in the declarative configuration. +func (b *HTTP01ProxyApplyConfiguration) GetName() *string { + b.ensureObjectMetaApplyConfigurationExists() + return b.ObjectMetaApplyConfiguration.Name +} diff --git a/pkg/operator/applyconfigurations/operator/v1alpha1/http01proxyspec.go b/pkg/operator/applyconfigurations/operator/v1alpha1/http01proxyspec.go new file mode 100644 index 000000000..40c98176a --- /dev/null +++ b/pkg/operator/applyconfigurations/operator/v1alpha1/http01proxyspec.go @@ -0,0 +1,54 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1 "k8s.io/client-go/applyconfigurations/meta/v1" +) + +// HTTP01ProxySpecApplyConfiguration represents a declarative configuration of the HTTP01ProxySpec type for use +// with apply. +type HTTP01ProxySpecApplyConfiguration struct { + Enabled *bool `json:"enabled,omitempty"` + AllowedNamespaces *v1.LabelSelectorApplyConfiguration `json:"allowedNamespaces,omitempty"` + CleanupTTLSeconds *int32 `json:"cleanupTTLSeconds,omitempty"` + ControllerConfig *ControllerConfigApplyConfiguration `json:"controllerConfig,omitempty"` +} + +// HTTP01ProxySpecApplyConfiguration constructs a declarative configuration of the HTTP01ProxySpec type for use with +// apply. +func HTTP01ProxySpec() *HTTP01ProxySpecApplyConfiguration { + return &HTTP01ProxySpecApplyConfiguration{} +} + +// WithEnabled sets the Enabled field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Enabled field is set to the value of the last call. +func (b *HTTP01ProxySpecApplyConfiguration) WithEnabled(value bool) *HTTP01ProxySpecApplyConfiguration { + b.Enabled = &value + return b +} + +// WithAllowedNamespaces sets the AllowedNamespaces field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the AllowedNamespaces field is set to the value of the last call. +func (b *HTTP01ProxySpecApplyConfiguration) WithAllowedNamespaces(value *v1.LabelSelectorApplyConfiguration) *HTTP01ProxySpecApplyConfiguration { + b.AllowedNamespaces = value + return b +} + +// WithCleanupTTLSeconds sets the CleanupTTLSeconds field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the CleanupTTLSeconds field is set to the value of the last call. +func (b *HTTP01ProxySpecApplyConfiguration) WithCleanupTTLSeconds(value int32) *HTTP01ProxySpecApplyConfiguration { + b.CleanupTTLSeconds = &value + return b +} + +// WithControllerConfig sets the ControllerConfig field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the ControllerConfig field is set to the value of the last call. +func (b *HTTP01ProxySpecApplyConfiguration) WithControllerConfig(value *ControllerConfigApplyConfiguration) *HTTP01ProxySpecApplyConfiguration { + b.ControllerConfig = value + return b +} diff --git a/pkg/operator/applyconfigurations/operator/v1alpha1/http01proxystatus.go b/pkg/operator/applyconfigurations/operator/v1alpha1/http01proxystatus.go new file mode 100644 index 000000000..5c218408e --- /dev/null +++ b/pkg/operator/applyconfigurations/operator/v1alpha1/http01proxystatus.go @@ -0,0 +1,50 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1 "k8s.io/client-go/applyconfigurations/meta/v1" +) + +// HTTP01ProxyStatusApplyConfiguration represents a declarative configuration of the HTTP01ProxyStatus type for use +// with apply. +type HTTP01ProxyStatusApplyConfiguration struct { + ConditionalStatusApplyConfiguration `json:",omitempty,inline"` + ActiveChallenges *int32 `json:"activeChallenges,omitempty"` + LastError *string `json:"lastError,omitempty"` +} + +// HTTP01ProxyStatusApplyConfiguration constructs a declarative configuration of the HTTP01ProxyStatus type for use with +// apply. +func HTTP01ProxyStatus() *HTTP01ProxyStatusApplyConfiguration { + return &HTTP01ProxyStatusApplyConfiguration{} +} + +// WithConditions adds the given value to the Conditions field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Conditions field. +func (b *HTTP01ProxyStatusApplyConfiguration) WithConditions(values ...*v1.ConditionApplyConfiguration) *HTTP01ProxyStatusApplyConfiguration { + for i := range values { + if values[i] == nil { + panic("nil value passed to WithConditions") + } + b.ConditionalStatusApplyConfiguration.Conditions = append(b.ConditionalStatusApplyConfiguration.Conditions, *values[i]) + } + return b +} + +// WithActiveChallenges sets the ActiveChallenges field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the ActiveChallenges field is set to the value of the last call. +func (b *HTTP01ProxyStatusApplyConfiguration) WithActiveChallenges(value int32) *HTTP01ProxyStatusApplyConfiguration { + b.ActiveChallenges = &value + return b +} + +// WithLastError sets the LastError field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the LastError field is set to the value of the last call. +func (b *HTTP01ProxyStatusApplyConfiguration) WithLastError(value string) *HTTP01ProxyStatusApplyConfiguration { + b.LastError = &value + return b +} diff --git a/pkg/operator/applyconfigurations/utils.go b/pkg/operator/applyconfigurations/utils.go index 11e43885f..bdcc534c1 100644 --- a/pkg/operator/applyconfigurations/utils.go +++ b/pkg/operator/applyconfigurations/utils.go @@ -36,6 +36,12 @@ func ForKind(kind schema.GroupVersionKind) interface{} { return &operatorv1alpha1.ControllerConfigApplyConfiguration{} case v1alpha1.SchemeGroupVersion.WithKind("DeploymentConfig"): return &operatorv1alpha1.DeploymentConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("HTTP01Proxy"): + return &operatorv1alpha1.HTTP01ProxyApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("HTTP01ProxySpec"): + return &operatorv1alpha1.HTTP01ProxySpecApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("HTTP01ProxyStatus"): + return &operatorv1alpha1.HTTP01ProxyStatusApplyConfiguration{} case v1alpha1.SchemeGroupVersion.WithKind("IstioConfig"): return &operatorv1alpha1.IstioConfigApplyConfiguration{} case v1alpha1.SchemeGroupVersion.WithKind("IstioCSR"): diff --git a/pkg/operator/clientset/versioned/typed/operator/v1alpha1/fake/fake_http01proxy.go b/pkg/operator/clientset/versioned/typed/operator/v1alpha1/fake/fake_http01proxy.go new file mode 100644 index 000000000..0fb97493a --- /dev/null +++ b/pkg/operator/clientset/versioned/typed/operator/v1alpha1/fake/fake_http01proxy.go @@ -0,0 +1,37 @@ +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "github.com/openshift/cert-manager-operator/api/operator/v1alpha1" + operatorv1alpha1 "github.com/openshift/cert-manager-operator/pkg/operator/applyconfigurations/operator/v1alpha1" + typedoperatorv1alpha1 "github.com/openshift/cert-manager-operator/pkg/operator/clientset/versioned/typed/operator/v1alpha1" + gentype "k8s.io/client-go/gentype" +) + +// fakeHTTP01Proxies implements HTTP01ProxyInterface +type fakeHTTP01Proxies struct { + *gentype.FakeClientWithListAndApply[*v1alpha1.HTTP01Proxy, *v1alpha1.HTTP01ProxyList, *operatorv1alpha1.HTTP01ProxyApplyConfiguration] + Fake *FakeOperatorV1alpha1 +} + +func newFakeHTTP01Proxies(fake *FakeOperatorV1alpha1, namespace string) typedoperatorv1alpha1.HTTP01ProxyInterface { + return &fakeHTTP01Proxies{ + gentype.NewFakeClientWithListAndApply[*v1alpha1.HTTP01Proxy, *v1alpha1.HTTP01ProxyList, *operatorv1alpha1.HTTP01ProxyApplyConfiguration]( + fake.Fake, + namespace, + v1alpha1.SchemeGroupVersion.WithResource("http01proxies"), + v1alpha1.SchemeGroupVersion.WithKind("HTTP01Proxy"), + func() *v1alpha1.HTTP01Proxy { return &v1alpha1.HTTP01Proxy{} }, + func() *v1alpha1.HTTP01ProxyList { return &v1alpha1.HTTP01ProxyList{} }, + func(dst, src *v1alpha1.HTTP01ProxyList) { dst.ListMeta = src.ListMeta }, + func(list *v1alpha1.HTTP01ProxyList) []*v1alpha1.HTTP01Proxy { + return gentype.ToPointerSlice(list.Items) + }, + func(list *v1alpha1.HTTP01ProxyList, items []*v1alpha1.HTTP01Proxy) { + list.Items = gentype.FromPointerSlice(items) + }, + ), + fake, + } +} diff --git a/pkg/operator/clientset/versioned/typed/operator/v1alpha1/fake/fake_operator_client.go b/pkg/operator/clientset/versioned/typed/operator/v1alpha1/fake/fake_operator_client.go index cc50d82f9..9ce96c019 100644 --- a/pkg/operator/clientset/versioned/typed/operator/v1alpha1/fake/fake_operator_client.go +++ b/pkg/operator/clientset/versioned/typed/operator/v1alpha1/fake/fake_operator_client.go @@ -16,6 +16,10 @@ func (c *FakeOperatorV1alpha1) CertManagers() v1alpha1.CertManagerInterface { return newFakeCertManagers(c) } +func (c *FakeOperatorV1alpha1) HTTP01Proxies(namespace string) v1alpha1.HTTP01ProxyInterface { + return newFakeHTTP01Proxies(c, namespace) +} + func (c *FakeOperatorV1alpha1) IstioCSRs(namespace string) v1alpha1.IstioCSRInterface { return newFakeIstioCSRs(c, namespace) } diff --git a/pkg/operator/clientset/versioned/typed/operator/v1alpha1/generated_expansion.go b/pkg/operator/clientset/versioned/typed/operator/v1alpha1/generated_expansion.go index 56f852de5..252e2fc36 100644 --- a/pkg/operator/clientset/versioned/typed/operator/v1alpha1/generated_expansion.go +++ b/pkg/operator/clientset/versioned/typed/operator/v1alpha1/generated_expansion.go @@ -4,4 +4,6 @@ package v1alpha1 type CertManagerExpansion interface{} +type HTTP01ProxyExpansion interface{} + type IstioCSRExpansion interface{} diff --git a/pkg/operator/clientset/versioned/typed/operator/v1alpha1/http01proxy.go b/pkg/operator/clientset/versioned/typed/operator/v1alpha1/http01proxy.go new file mode 100644 index 000000000..ef636b340 --- /dev/null +++ b/pkg/operator/clientset/versioned/typed/operator/v1alpha1/http01proxy.go @@ -0,0 +1,58 @@ +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + context "context" + + operatorv1alpha1 "github.com/openshift/cert-manager-operator/api/operator/v1alpha1" + applyconfigurationsoperatorv1alpha1 "github.com/openshift/cert-manager-operator/pkg/operator/applyconfigurations/operator/v1alpha1" + scheme "github.com/openshift/cert-manager-operator/pkg/operator/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + gentype "k8s.io/client-go/gentype" +) + +// HTTP01ProxiesGetter has a method to return a HTTP01ProxyInterface. +// A group's client should implement this interface. +type HTTP01ProxiesGetter interface { + HTTP01Proxies(namespace string) HTTP01ProxyInterface +} + +// HTTP01ProxyInterface has methods to work with HTTP01Proxy resources. +type HTTP01ProxyInterface interface { + Create(ctx context.Context, hTTP01Proxy *operatorv1alpha1.HTTP01Proxy, opts v1.CreateOptions) (*operatorv1alpha1.HTTP01Proxy, error) + Update(ctx context.Context, hTTP01Proxy *operatorv1alpha1.HTTP01Proxy, opts v1.UpdateOptions) (*operatorv1alpha1.HTTP01Proxy, error) + // Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). + UpdateStatus(ctx context.Context, hTTP01Proxy *operatorv1alpha1.HTTP01Proxy, opts v1.UpdateOptions) (*operatorv1alpha1.HTTP01Proxy, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*operatorv1alpha1.HTTP01Proxy, error) + List(ctx context.Context, opts v1.ListOptions) (*operatorv1alpha1.HTTP01ProxyList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *operatorv1alpha1.HTTP01Proxy, err error) + Apply(ctx context.Context, hTTP01Proxy *applyconfigurationsoperatorv1alpha1.HTTP01ProxyApplyConfiguration, opts v1.ApplyOptions) (result *operatorv1alpha1.HTTP01Proxy, err error) + // Add a +genclient:noStatus comment above the type to avoid generating ApplyStatus(). + ApplyStatus(ctx context.Context, hTTP01Proxy *applyconfigurationsoperatorv1alpha1.HTTP01ProxyApplyConfiguration, opts v1.ApplyOptions) (result *operatorv1alpha1.HTTP01Proxy, err error) + HTTP01ProxyExpansion +} + +// hTTP01Proxies implements HTTP01ProxyInterface +type hTTP01Proxies struct { + *gentype.ClientWithListAndApply[*operatorv1alpha1.HTTP01Proxy, *operatorv1alpha1.HTTP01ProxyList, *applyconfigurationsoperatorv1alpha1.HTTP01ProxyApplyConfiguration] +} + +// newHTTP01Proxies returns a HTTP01Proxies +func newHTTP01Proxies(c *OperatorV1alpha1Client, namespace string) *hTTP01Proxies { + return &hTTP01Proxies{ + gentype.NewClientWithListAndApply[*operatorv1alpha1.HTTP01Proxy, *operatorv1alpha1.HTTP01ProxyList, *applyconfigurationsoperatorv1alpha1.HTTP01ProxyApplyConfiguration]( + "http01proxies", + c.RESTClient(), + scheme.ParameterCodec, + namespace, + func() *operatorv1alpha1.HTTP01Proxy { return &operatorv1alpha1.HTTP01Proxy{} }, + func() *operatorv1alpha1.HTTP01ProxyList { return &operatorv1alpha1.HTTP01ProxyList{} }, + ), + } +} diff --git a/pkg/operator/clientset/versioned/typed/operator/v1alpha1/operator_client.go b/pkg/operator/clientset/versioned/typed/operator/v1alpha1/operator_client.go index 29d98139d..6b5400439 100644 --- a/pkg/operator/clientset/versioned/typed/operator/v1alpha1/operator_client.go +++ b/pkg/operator/clientset/versioned/typed/operator/v1alpha1/operator_client.go @@ -13,6 +13,7 @@ import ( type OperatorV1alpha1Interface interface { RESTClient() rest.Interface CertManagersGetter + HTTP01ProxiesGetter IstioCSRsGetter } @@ -25,6 +26,10 @@ func (c *OperatorV1alpha1Client) CertManagers() CertManagerInterface { return newCertManagers(c) } +func (c *OperatorV1alpha1Client) HTTP01Proxies(namespace string) HTTP01ProxyInterface { + return newHTTP01Proxies(c, namespace) +} + func (c *OperatorV1alpha1Client) IstioCSRs(namespace string) IstioCSRInterface { return newIstioCSRs(c, namespace) } diff --git a/pkg/operator/informers/externalversions/generic.go b/pkg/operator/informers/externalversions/generic.go index 0c542fe66..5b31ce58e 100644 --- a/pkg/operator/informers/externalversions/generic.go +++ b/pkg/operator/informers/externalversions/generic.go @@ -39,6 +39,8 @@ func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource // Group=operator.openshift.io, Version=v1alpha1 case v1alpha1.SchemeGroupVersion.WithResource("certmanagers"): return &genericInformer{resource: resource.GroupResource(), informer: f.Operator().V1alpha1().CertManagers().Informer()}, nil + case v1alpha1.SchemeGroupVersion.WithResource("http01proxies"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Operator().V1alpha1().HTTP01Proxies().Informer()}, nil case v1alpha1.SchemeGroupVersion.WithResource("istiocsrs"): return &genericInformer{resource: resource.GroupResource(), informer: f.Operator().V1alpha1().IstioCSRs().Informer()}, nil diff --git a/pkg/operator/informers/externalversions/operator/v1alpha1/http01proxy.go b/pkg/operator/informers/externalversions/operator/v1alpha1/http01proxy.go new file mode 100644 index 000000000..467398b52 --- /dev/null +++ b/pkg/operator/informers/externalversions/operator/v1alpha1/http01proxy.go @@ -0,0 +1,74 @@ +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + context "context" + time "time" + + apioperatorv1alpha1 "github.com/openshift/cert-manager-operator/api/operator/v1alpha1" + versioned "github.com/openshift/cert-manager-operator/pkg/operator/clientset/versioned" + internalinterfaces "github.com/openshift/cert-manager-operator/pkg/operator/informers/externalversions/internalinterfaces" + operatorv1alpha1 "github.com/openshift/cert-manager-operator/pkg/operator/listers/operator/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// HTTP01ProxyInformer provides access to a shared informer and lister for +// HTTP01Proxies. +type HTTP01ProxyInformer interface { + Informer() cache.SharedIndexInformer + Lister() operatorv1alpha1.HTTP01ProxyLister +} + +type hTTP01ProxyInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc + namespace string +} + +// NewHTTP01ProxyInformer constructs a new informer for HTTP01Proxy type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewHTTP01ProxyInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredHTTP01ProxyInformer(client, namespace, resyncPeriod, indexers, nil) +} + +// NewFilteredHTTP01ProxyInformer constructs a new informer for HTTP01Proxy type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredHTTP01ProxyInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.OperatorV1alpha1().HTTP01Proxies(namespace).List(context.TODO(), options) + }, + WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.OperatorV1alpha1().HTTP01Proxies(namespace).Watch(context.TODO(), options) + }, + }, + &apioperatorv1alpha1.HTTP01Proxy{}, + resyncPeriod, + indexers, + ) +} + +func (f *hTTP01ProxyInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredHTTP01ProxyInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *hTTP01ProxyInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&apioperatorv1alpha1.HTTP01Proxy{}, f.defaultInformer) +} + +func (f *hTTP01ProxyInformer) Lister() operatorv1alpha1.HTTP01ProxyLister { + return operatorv1alpha1.NewHTTP01ProxyLister(f.Informer().GetIndexer()) +} diff --git a/pkg/operator/informers/externalversions/operator/v1alpha1/interface.go b/pkg/operator/informers/externalversions/operator/v1alpha1/interface.go index 5eb8c8ede..c8bf2dbd4 100644 --- a/pkg/operator/informers/externalversions/operator/v1alpha1/interface.go +++ b/pkg/operator/informers/externalversions/operator/v1alpha1/interface.go @@ -10,6 +10,8 @@ import ( type Interface interface { // CertManagers returns a CertManagerInformer. CertManagers() CertManagerInformer + // HTTP01Proxies returns a HTTP01ProxyInformer. + HTTP01Proxies() HTTP01ProxyInformer // IstioCSRs returns a IstioCSRInformer. IstioCSRs() IstioCSRInformer } @@ -30,6 +32,11 @@ func (v *version) CertManagers() CertManagerInformer { return &certManagerInformer{factory: v.factory, tweakListOptions: v.tweakListOptions} } +// HTTP01Proxies returns a HTTP01ProxyInformer. +func (v *version) HTTP01Proxies() HTTP01ProxyInformer { + return &hTTP01ProxyInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} +} + // IstioCSRs returns a IstioCSRInformer. func (v *version) IstioCSRs() IstioCSRInformer { return &istioCSRInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} diff --git a/pkg/operator/listers/operator/v1alpha1/expansion_generated.go b/pkg/operator/listers/operator/v1alpha1/expansion_generated.go index c91ed34e9..78943acbc 100644 --- a/pkg/operator/listers/operator/v1alpha1/expansion_generated.go +++ b/pkg/operator/listers/operator/v1alpha1/expansion_generated.go @@ -6,6 +6,14 @@ package v1alpha1 // CertManagerLister. type CertManagerListerExpansion interface{} +// HTTP01ProxyListerExpansion allows custom methods to be added to +// HTTP01ProxyLister. +type HTTP01ProxyListerExpansion interface{} + +// HTTP01ProxyNamespaceListerExpansion allows custom methods to be added to +// HTTP01ProxyNamespaceLister. +type HTTP01ProxyNamespaceListerExpansion interface{} + // IstioCSRListerExpansion allows custom methods to be added to // IstioCSRLister. type IstioCSRListerExpansion interface{} diff --git a/pkg/operator/listers/operator/v1alpha1/http01proxy.go b/pkg/operator/listers/operator/v1alpha1/http01proxy.go new file mode 100644 index 000000000..951da193a --- /dev/null +++ b/pkg/operator/listers/operator/v1alpha1/http01proxy.go @@ -0,0 +1,54 @@ +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + operatorv1alpha1 "github.com/openshift/cert-manager-operator/api/operator/v1alpha1" + labels "k8s.io/apimachinery/pkg/labels" + listers "k8s.io/client-go/listers" + cache "k8s.io/client-go/tools/cache" +) + +// HTTP01ProxyLister helps list HTTP01Proxies. +// All objects returned here must be treated as read-only. +type HTTP01ProxyLister interface { + // List lists all HTTP01Proxies in the indexer. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*operatorv1alpha1.HTTP01Proxy, err error) + // HTTP01Proxies returns an object that can list and get HTTP01Proxies. + HTTP01Proxies(namespace string) HTTP01ProxyNamespaceLister + HTTP01ProxyListerExpansion +} + +// hTTP01ProxyLister implements the HTTP01ProxyLister interface. +type hTTP01ProxyLister struct { + listers.ResourceIndexer[*operatorv1alpha1.HTTP01Proxy] +} + +// NewHTTP01ProxyLister returns a new HTTP01ProxyLister. +func NewHTTP01ProxyLister(indexer cache.Indexer) HTTP01ProxyLister { + return &hTTP01ProxyLister{listers.New[*operatorv1alpha1.HTTP01Proxy](indexer, operatorv1alpha1.Resource("http01proxy"))} +} + +// HTTP01Proxies returns an object that can list and get HTTP01Proxies. +func (s *hTTP01ProxyLister) HTTP01Proxies(namespace string) HTTP01ProxyNamespaceLister { + return hTTP01ProxyNamespaceLister{listers.NewNamespaced[*operatorv1alpha1.HTTP01Proxy](s.ResourceIndexer, namespace)} +} + +// HTTP01ProxyNamespaceLister helps list and get HTTP01Proxies. +// All objects returned here must be treated as read-only. +type HTTP01ProxyNamespaceLister interface { + // List lists all HTTP01Proxies in the indexer for a given namespace. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*operatorv1alpha1.HTTP01Proxy, err error) + // Get retrieves the HTTP01Proxy from the indexer for a given namespace and name. + // Objects returned here must be treated as read-only. + Get(name string) (*operatorv1alpha1.HTTP01Proxy, error) + HTTP01ProxyNamespaceListerExpansion +} + +// hTTP01ProxyNamespaceLister implements the HTTP01ProxyNamespaceLister +// interface. +type hTTP01ProxyNamespaceLister struct { + listers.ResourceIndexer[*operatorv1alpha1.HTTP01Proxy] +} diff --git a/pkg/operator/setup_manager.go b/pkg/operator/setup_manager.go index ba8c49602..5f33a1992 100644 --- a/pkg/operator/setup_manager.go +++ b/pkg/operator/setup_manager.go @@ -20,6 +20,7 @@ import ( certmanagerv1 "github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1" v1alpha1 "github.com/openshift/cert-manager-operator/api/operator/v1alpha1" + "github.com/openshift/cert-manager-operator/pkg/controller/http01proxy" "github.com/openshift/cert-manager-operator/pkg/controller/istiocsr" "github.com/openshift/cert-manager-operator/pkg/version" ) @@ -69,6 +70,15 @@ func NewControllerManager() (*Manager, error) { if err := r.SetupWithManager(mgr); err != nil { return nil, fmt.Errorf("failed to create %s controller: %w", istiocsr.ControllerName, err) } + + // http01proxy controller + rh, err := http01proxy.New(mgr) + if err != nil { + return nil, fmt.Errorf("failed to create %s reconciler object: %w", http01proxy.ControllerName, err) + } + if err := rh.SetupWithManager(mgr); err != nil { + return nil, fmt.Errorf("failed to create %s controller: %w", http01proxy.ControllerName, err) + } // +kubebuilder:scaffold:builder return &Manager{