From 8326eda98e605660d11441e042f37f30a8ab6b90 Mon Sep 17 00:00:00 2001 From: Gabriel Bernal Date: Mon, 18 May 2026 19:07:56 +0200 Subject: [PATCH] fix: escape reserved words from perses cel validation expressions Signed-off-by: Gabriel Bernal --- ...observability-operator.clusterserviceversion.yaml | 2 +- bundle/manifests/perses.dev_perses.yaml | 12 ++++++------ bundle/manifests/perses.dev_persesdatasources.yaml | 8 ++++---- .../perses.dev_persesglobaldatasources.yaml | 8 ++++---- deploy/perses/crds/perses.dev_perses.yaml | 12 ++++++------ deploy/perses/crds/perses.dev_persesdatasources.yaml | 8 ++++---- .../crds/perses.dev_persesglobaldatasources.yaml | 8 ++++---- go.mod | 2 +- go.sum | 4 ++-- 9 files changed, 32 insertions(+), 32 deletions(-) diff --git a/bundle/manifests/observability-operator.clusterserviceversion.yaml b/bundle/manifests/observability-operator.clusterserviceversion.yaml index 0eba50c4f..cd6831d02 100644 --- a/bundle/manifests/observability-operator.clusterserviceversion.yaml +++ b/bundle/manifests/observability-operator.clusterserviceversion.yaml @@ -43,7 +43,7 @@ metadata: certified: "false" console.openshift.io/operator-monitoring-default: "true" containerImage: observability-operator:1.3.0 - createdAt: "2026-04-30T18:52:36Z" + createdAt: "2026-05-18T17:17:51Z" description: A Go based Kubernetes operator to setup and manage highly available Monitoring Stack using Prometheus, Alertmanager and Thanos Querier. operatorframework.io/cluster-monitoring: "true" diff --git a/bundle/manifests/perses.dev_perses.yaml b/bundle/manifests/perses.dev_perses.yaml index a55dc3d6e..03abd0940 100644 --- a/bundle/manifests/perses.dev_perses.yaml +++ b/bundle/manifests/perses.dev_perses.yaml @@ -3880,7 +3880,7 @@ spec: - message: name is required when type is secret or configmap rule: self.type != 'secret' && self.type != 'configmap' || has(self.name) - message: namespace is required when type is secret or configmap - rule: self.type != 'secret' && self.type != 'configmap' || has(self.namespace) + rule: self.type != 'secret' && self.type != 'configmap' || has(self.__namespace__) kubernetesAuth: description: kubernetesAuth enables Kubernetes native authentication for the Perses client @@ -3959,7 +3959,7 @@ spec: - message: name is required when type is secret or configmap rule: self.type != 'secret' && self.type != 'configmap' || has(self.name) - message: namespace is required when type is secret or configmap - rule: self.type != 'secret' && self.type != 'configmap' || has(self.namespace) + rule: self.type != 'secret' && self.type != 'configmap' || has(self.__namespace__) tls: description: tls provides TLS/SSL configuration for secure connections to Perses @@ -4010,7 +4010,7 @@ spec: || has(self.name) - message: namespace is required when type is secret or configmap rule: self.type != 'secret' && self.type != 'configmap' - || has(self.namespace) + || has(self.__namespace__) enable: description: enable determines whether TLS is enabled for connections to Perses @@ -4066,7 +4066,7 @@ spec: || has(self.name) - message: namespace is required when type is secret or configmap rule: self.type != 'secret' && self.type != 'configmap' - || has(self.namespace) + || has(self.__namespace__) type: object type: object config: @@ -6256,7 +6256,7 @@ spec: - message: name is required when type is secret or configmap rule: self.type != 'secret' && self.type != 'configmap' || has(self.name) - message: namespace is required when type is secret or configmap - rule: self.type != 'secret' && self.type != 'configmap' || has(self.namespace) + rule: self.type != 'secret' && self.type != 'configmap' || has(self.__namespace__) enable: description: enable determines whether TLS is enabled for connections to Perses @@ -6310,7 +6310,7 @@ spec: - message: name is required when type is secret or configmap rule: self.type != 'secret' && self.type != 'configmap' || has(self.name) - message: namespace is required when type is secret or configmap - rule: self.type != 'secret' && self.type != 'configmap' || has(self.namespace) + rule: self.type != 'secret' && self.type != 'configmap' || has(self.__namespace__) type: object tolerations: description: tolerations allow pods to schedule onto nodes with matching diff --git a/bundle/manifests/perses.dev_persesdatasources.yaml b/bundle/manifests/perses.dev_persesdatasources.yaml index d3c294ef8..5952270e1 100644 --- a/bundle/manifests/perses.dev_persesdatasources.yaml +++ b/bundle/manifests/perses.dev_persesdatasources.yaml @@ -393,7 +393,7 @@ spec: - message: name is required when type is secret or configmap rule: self.type != 'secret' && self.type != 'configmap' || has(self.name) - message: namespace is required when type is secret or configmap - rule: self.type != 'secret' && self.type != 'configmap' || has(self.namespace) + rule: self.type != 'secret' && self.type != 'configmap' || has(self.__namespace__) kubernetesAuth: description: kubernetesAuth enables Kubernetes native authentication for the Perses client @@ -472,7 +472,7 @@ spec: - message: name is required when type is secret or configmap rule: self.type != 'secret' && self.type != 'configmap' || has(self.name) - message: namespace is required when type is secret or configmap - rule: self.type != 'secret' && self.type != 'configmap' || has(self.namespace) + rule: self.type != 'secret' && self.type != 'configmap' || has(self.__namespace__) tls: description: tls provides TLS/SSL configuration for secure connections to Perses @@ -523,7 +523,7 @@ spec: || has(self.name) - message: namespace is required when type is secret or configmap rule: self.type != 'secret' && self.type != 'configmap' - || has(self.namespace) + || has(self.__namespace__) enable: description: enable determines whether TLS is enabled for connections to Perses @@ -579,7 +579,7 @@ spec: || has(self.name) - message: namespace is required when type is secret or configmap rule: self.type != 'secret' && self.type != 'configmap' - || has(self.namespace) + || has(self.__namespace__) type: object type: object config: diff --git a/bundle/manifests/perses.dev_persesglobaldatasources.yaml b/bundle/manifests/perses.dev_persesglobaldatasources.yaml index 5aa5896f0..86d50407e 100644 --- a/bundle/manifests/perses.dev_persesglobaldatasources.yaml +++ b/bundle/manifests/perses.dev_persesglobaldatasources.yaml @@ -101,7 +101,7 @@ spec: - message: name is required when type is secret or configmap rule: self.type != 'secret' && self.type != 'configmap' || has(self.name) - message: namespace is required when type is secret or configmap - rule: self.type != 'secret' && self.type != 'configmap' || has(self.namespace) + rule: self.type != 'secret' && self.type != 'configmap' || has(self.__namespace__) kubernetesAuth: description: kubernetesAuth enables Kubernetes native authentication for the Perses client @@ -180,7 +180,7 @@ spec: - message: name is required when type is secret or configmap rule: self.type != 'secret' && self.type != 'configmap' || has(self.name) - message: namespace is required when type is secret or configmap - rule: self.type != 'secret' && self.type != 'configmap' || has(self.namespace) + rule: self.type != 'secret' && self.type != 'configmap' || has(self.__namespace__) tls: description: tls provides TLS/SSL configuration for secure connections to Perses @@ -231,7 +231,7 @@ spec: || has(self.name) - message: namespace is required when type is secret or configmap rule: self.type != 'secret' && self.type != 'configmap' - || has(self.namespace) + || has(self.__namespace__) enable: description: enable determines whether TLS is enabled for connections to Perses @@ -287,7 +287,7 @@ spec: || has(self.name) - message: namespace is required when type is secret or configmap rule: self.type != 'secret' && self.type != 'configmap' - || has(self.namespace) + || has(self.__namespace__) type: object type: object config: diff --git a/deploy/perses/crds/perses.dev_perses.yaml b/deploy/perses/crds/perses.dev_perses.yaml index 43a7b66e2..504fdba9a 100644 --- a/deploy/perses/crds/perses.dev_perses.yaml +++ b/deploy/perses/crds/perses.dev_perses.yaml @@ -3869,7 +3869,7 @@ spec: - message: name is required when type is secret or configmap rule: self.type != 'secret' && self.type != 'configmap' || has(self.name) - message: namespace is required when type is secret or configmap - rule: self.type != 'secret' && self.type != 'configmap' || has(self.namespace) + rule: self.type != 'secret' && self.type != 'configmap' || has(self.__namespace__) kubernetesAuth: description: kubernetesAuth enables Kubernetes native authentication for the Perses client @@ -3948,7 +3948,7 @@ spec: - message: name is required when type is secret or configmap rule: self.type != 'secret' && self.type != 'configmap' || has(self.name) - message: namespace is required when type is secret or configmap - rule: self.type != 'secret' && self.type != 'configmap' || has(self.namespace) + rule: self.type != 'secret' && self.type != 'configmap' || has(self.__namespace__) tls: description: tls provides TLS/SSL configuration for secure connections to Perses @@ -3999,7 +3999,7 @@ spec: || has(self.name) - message: namespace is required when type is secret or configmap rule: self.type != 'secret' && self.type != 'configmap' - || has(self.namespace) + || has(self.__namespace__) enable: description: enable determines whether TLS is enabled for connections to Perses @@ -4055,7 +4055,7 @@ spec: || has(self.name) - message: namespace is required when type is secret or configmap rule: self.type != 'secret' && self.type != 'configmap' - || has(self.namespace) + || has(self.__namespace__) type: object type: object config: @@ -6245,7 +6245,7 @@ spec: - message: name is required when type is secret or configmap rule: self.type != 'secret' && self.type != 'configmap' || has(self.name) - message: namespace is required when type is secret or configmap - rule: self.type != 'secret' && self.type != 'configmap' || has(self.namespace) + rule: self.type != 'secret' && self.type != 'configmap' || has(self.__namespace__) enable: description: enable determines whether TLS is enabled for connections to Perses @@ -6299,7 +6299,7 @@ spec: - message: name is required when type is secret or configmap rule: self.type != 'secret' && self.type != 'configmap' || has(self.name) - message: namespace is required when type is secret or configmap - rule: self.type != 'secret' && self.type != 'configmap' || has(self.namespace) + rule: self.type != 'secret' && self.type != 'configmap' || has(self.__namespace__) type: object tolerations: description: tolerations allow pods to schedule onto nodes with matching diff --git a/deploy/perses/crds/perses.dev_persesdatasources.yaml b/deploy/perses/crds/perses.dev_persesdatasources.yaml index fa8e5809b..47839f489 100644 --- a/deploy/perses/crds/perses.dev_persesdatasources.yaml +++ b/deploy/perses/crds/perses.dev_persesdatasources.yaml @@ -392,7 +392,7 @@ spec: - message: name is required when type is secret or configmap rule: self.type != 'secret' && self.type != 'configmap' || has(self.name) - message: namespace is required when type is secret or configmap - rule: self.type != 'secret' && self.type != 'configmap' || has(self.namespace) + rule: self.type != 'secret' && self.type != 'configmap' || has(self.__namespace__) kubernetesAuth: description: kubernetesAuth enables Kubernetes native authentication for the Perses client @@ -471,7 +471,7 @@ spec: - message: name is required when type is secret or configmap rule: self.type != 'secret' && self.type != 'configmap' || has(self.name) - message: namespace is required when type is secret or configmap - rule: self.type != 'secret' && self.type != 'configmap' || has(self.namespace) + rule: self.type != 'secret' && self.type != 'configmap' || has(self.__namespace__) tls: description: tls provides TLS/SSL configuration for secure connections to Perses @@ -522,7 +522,7 @@ spec: || has(self.name) - message: namespace is required when type is secret or configmap rule: self.type != 'secret' && self.type != 'configmap' - || has(self.namespace) + || has(self.__namespace__) enable: description: enable determines whether TLS is enabled for connections to Perses @@ -578,7 +578,7 @@ spec: || has(self.name) - message: namespace is required when type is secret or configmap rule: self.type != 'secret' && self.type != 'configmap' - || has(self.namespace) + || has(self.__namespace__) type: object type: object config: diff --git a/deploy/perses/crds/perses.dev_persesglobaldatasources.yaml b/deploy/perses/crds/perses.dev_persesglobaldatasources.yaml index 4e5944c45..c006457c8 100644 --- a/deploy/perses/crds/perses.dev_persesglobaldatasources.yaml +++ b/deploy/perses/crds/perses.dev_persesglobaldatasources.yaml @@ -90,7 +90,7 @@ spec: - message: name is required when type is secret or configmap rule: self.type != 'secret' && self.type != 'configmap' || has(self.name) - message: namespace is required when type is secret or configmap - rule: self.type != 'secret' && self.type != 'configmap' || has(self.namespace) + rule: self.type != 'secret' && self.type != 'configmap' || has(self.__namespace__) kubernetesAuth: description: kubernetesAuth enables Kubernetes native authentication for the Perses client @@ -169,7 +169,7 @@ spec: - message: name is required when type is secret or configmap rule: self.type != 'secret' && self.type != 'configmap' || has(self.name) - message: namespace is required when type is secret or configmap - rule: self.type != 'secret' && self.type != 'configmap' || has(self.namespace) + rule: self.type != 'secret' && self.type != 'configmap' || has(self.__namespace__) tls: description: tls provides TLS/SSL configuration for secure connections to Perses @@ -220,7 +220,7 @@ spec: || has(self.name) - message: namespace is required when type is secret or configmap rule: self.type != 'secret' && self.type != 'configmap' - || has(self.namespace) + || has(self.__namespace__) enable: description: enable determines whether TLS is enabled for connections to Perses @@ -276,7 +276,7 @@ spec: || has(self.name) - message: namespace is required when type is secret or configmap rule: self.type != 'secret' && self.type != 'configmap' - || has(self.namespace) + || has(self.__namespace__) type: object type: object config: diff --git a/go.mod b/go.mod index c27904170..a2b35e72a 100644 --- a/go.mod +++ b/go.mod @@ -26,7 +26,7 @@ require ( github.com/rhobs/observability-operator/pkg/apis v0.0.0-20251009091129-76135c924ed6 github.com/rhobs/openshift-api v0.0.0-20260512142436-2e89e902a420 github.com/rhobs/perses v0.0.0-20260422074433-2c06d5cd1312 - github.com/rhobs/perses-operator v0.1.10-0.20260422102948-9bec730aa616 + github.com/rhobs/perses-operator v0.1.10-0.20260518165420-4a0e166ccfca github.com/stretchr/testify v1.11.1 go.uber.org/zap v1.27.1 golang.org/x/exp v0.0.0-20260312153236-7ab1446f8b90 diff --git a/go.sum b/go.sum index a08ba394a..01bbeb13a 100644 --- a/go.sum +++ b/go.sum @@ -363,8 +363,8 @@ github.com/rhobs/openshift-api v0.0.0-20260512142436-2e89e902a420 h1:7e9fFgSnTQH github.com/rhobs/openshift-api v0.0.0-20260512142436-2e89e902a420/go.mod h1:W0V3SoeXIKmaTN3pqMKDiLZ23rc9viuqYenk9+89N+o= github.com/rhobs/perses v0.0.0-20260422074433-2c06d5cd1312 h1:FIHpZaFw4s8KwL1MbBbehbhnaIoWqK9w6BQHp8qtk50= github.com/rhobs/perses v0.0.0-20260422074433-2c06d5cd1312/go.mod h1:1eTdHfUEzWvkpxzblN5MeXnvcTLoMFSXcAl1rbdEkJo= -github.com/rhobs/perses-operator v0.1.10-0.20260422102948-9bec730aa616 h1:pBAB0AH1JT21OkD8wpoxeTuPot9mWQWo2KYRKaCzPMo= -github.com/rhobs/perses-operator v0.1.10-0.20260422102948-9bec730aa616/go.mod h1:REkyhfFzgup4/wvVoTPDFtKFz/1xWG24P0I1+1eRbMU= +github.com/rhobs/perses-operator v0.1.10-0.20260518165420-4a0e166ccfca h1:2C6DuqBYT8MkHBEXIc2kF9xrXvQh2Ifp7l+Xcy1HtwU= +github.com/rhobs/perses-operator v0.1.10-0.20260518165420-4a0e166ccfca/go.mod h1:ZduotU/1fKgK0r1LGMRIKftKE0LWofh1j97p+XCsplA= github.com/rogpeppe/go-internal v1.14.1 h1:UQB4HGPB6osV0SQTLymcB4TgvyWu6ZyliaW0tI/otEQ= github.com/rogpeppe/go-internal v1.14.1/go.mod h1:MaRKkUm5W0goXpeCfT7UZI6fk/L7L7so1lCWt35ZSgc= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=