diff --git a/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_dnses-CustomNoUpgrade.crd.yaml b/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_dnses-CustomNoUpgrade.crd.yaml index 05d56f63cfa..baa0d559db4 100644 --- a/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_dnses-CustomNoUpgrade.crd.yaml +++ b/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_dnses-CustomNoUpgrade.crd.yaml @@ -79,6 +79,9 @@ spec: is the IAM role name. type: string x-kubernetes-validations: + - message: 'privateZoneIAMRole must be a valid AWS IAM role + ARN in the format: arn::iam:::role/' + rule: matches(self, '^arn:(aws|aws-cn|aws-us-gov):iam::[0-9]{12}:role/.*$') - message: 'privateZoneIAMRole must be a valid AWS IAM role ARN in the format: arn::iam:::role/' rule: matches(self, '^arn:(aws|aws-cn|aws-us-gov|aws-eusc):iam::[0-9]{12}:role/.*$') diff --git a/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_dnses-DevPreviewNoUpgrade.crd.yaml b/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_dnses-DevPreviewNoUpgrade.crd.yaml index f2d9157713a..49b51f1cf93 100644 --- a/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_dnses-DevPreviewNoUpgrade.crd.yaml +++ b/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_dnses-DevPreviewNoUpgrade.crd.yaml @@ -79,6 +79,9 @@ spec: is the IAM role name. type: string x-kubernetes-validations: + - message: 'privateZoneIAMRole must be a valid AWS IAM role + ARN in the format: arn::iam:::role/' + rule: matches(self, '^arn:(aws|aws-cn|aws-us-gov):iam::[0-9]{12}:role/.*$') - message: 'privateZoneIAMRole must be a valid AWS IAM role ARN in the format: arn::iam:::role/' rule: matches(self, '^arn:(aws|aws-cn|aws-us-gov|aws-eusc):iam::[0-9]{12}:role/.*$') diff --git a/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_dnses-TechPreviewNoUpgrade.crd.yaml b/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_dnses-TechPreviewNoUpgrade.crd.yaml index ce4e9b77f01..2261d39eb05 100644 --- a/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_dnses-TechPreviewNoUpgrade.crd.yaml +++ b/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_dnses-TechPreviewNoUpgrade.crd.yaml @@ -79,6 +79,9 @@ spec: is the IAM role name. type: string x-kubernetes-validations: + - message: 'privateZoneIAMRole must be a valid AWS IAM role + ARN in the format: arn::iam:::role/' + rule: matches(self, '^arn:(aws|aws-cn|aws-us-gov):iam::[0-9]{12}:role/.*$') - message: 'privateZoneIAMRole must be a valid AWS IAM role ARN in the format: arn::iam:::role/' rule: matches(self, '^arn:(aws|aws-cn|aws-us-gov|aws-eusc):iam::[0-9]{12}:role/.*$') diff --git a/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_infrastructures-CustomNoUpgrade.crd.yaml b/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_infrastructures-CustomNoUpgrade.crd.yaml index 53bd9da6047..ed5a1b5e5d3 100644 --- a/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_infrastructures-CustomNoUpgrade.crd.yaml +++ b/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_infrastructures-CustomNoUpgrade.crd.yaml @@ -1084,6 +1084,9 @@ spec: type: array x-kubernetes-list-type: atomic x-kubernetes-validations: + - message: vcenters cannot be added or removed once set + rule: 'size(self) != size(oldSelf) ? size(oldSelf) == 0 + && size(self) < 2 : true' - message: Cannot add and remove vCenters at the same time rule: 'size(self) >= size(oldSelf) ? oldSelf.all(x, self.exists(y, y.server == x.server)) : true' @@ -1100,6 +1103,9 @@ spec: rule: '!has(oldSelf.ingressIPs) || has(self.ingressIPs)' type: object x-kubernetes-validations: + - message: vcenters can have at most 1 item when configured post-install + rule: '!has(oldSelf.vsphere) && has(self.vsphere) ? (has(self.vsphere.vcenters) + && size(self.vsphere.vcenters) < 2) : true' - message: vcenters is required once set and cannot be removed rule: 'oldSelf.?vsphere.vcenters.hasValue() ? self.?vsphere.vcenters.hasValue() : true' diff --git a/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_infrastructures-Default.crd.yaml b/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_infrastructures-Default.crd.yaml index 0305366dfd1..ab1b170ac48 100644 --- a/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_infrastructures-Default.crd.yaml +++ b/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_infrastructures-Default.crd.yaml @@ -1018,6 +1018,9 @@ spec: type: array x-kubernetes-list-type: atomic x-kubernetes-validations: + - message: vcenters cannot be added or removed once set + rule: 'size(self) != size(oldSelf) ? size(oldSelf) == 0 + && size(self) < 2 : true' - message: vcenters must have unique server values rule: self.all(x, self.exists_one(y, y.server == x.server)) type: object diff --git a/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_infrastructures-DevPreviewNoUpgrade.crd.yaml b/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_infrastructures-DevPreviewNoUpgrade.crd.yaml index 0e2cb379c9c..87c4bb5abd5 100644 --- a/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_infrastructures-DevPreviewNoUpgrade.crd.yaml +++ b/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_infrastructures-DevPreviewNoUpgrade.crd.yaml @@ -1084,6 +1084,9 @@ spec: type: array x-kubernetes-list-type: atomic x-kubernetes-validations: + - message: vcenters cannot be added or removed once set + rule: 'size(self) != size(oldSelf) ? size(oldSelf) == 0 + && size(self) < 2 : true' - message: Cannot add and remove vCenters at the same time rule: 'size(self) >= size(oldSelf) ? oldSelf.all(x, self.exists(y, y.server == x.server)) : true' @@ -1100,6 +1103,9 @@ spec: rule: '!has(oldSelf.ingressIPs) || has(self.ingressIPs)' type: object x-kubernetes-validations: + - message: vcenters can have at most 1 item when configured post-install + rule: '!has(oldSelf.vsphere) && has(self.vsphere) ? (has(self.vsphere.vcenters) + && size(self.vsphere.vcenters) < 2) : true' - message: vcenters is required once set and cannot be removed rule: 'oldSelf.?vsphere.vcenters.hasValue() ? self.?vsphere.vcenters.hasValue() : true' diff --git a/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_infrastructures-OKD.crd.yaml b/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_infrastructures-OKD.crd.yaml index 6cdb3f76af3..738390fcfc1 100644 --- a/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_infrastructures-OKD.crd.yaml +++ b/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_infrastructures-OKD.crd.yaml @@ -1018,6 +1018,9 @@ spec: type: array x-kubernetes-list-type: atomic x-kubernetes-validations: + - message: vcenters cannot be added or removed once set + rule: 'size(self) != size(oldSelf) ? size(oldSelf) == 0 + && size(self) < 2 : true' - message: vcenters must have unique server values rule: self.all(x, self.exists_one(y, y.server == x.server)) type: object diff --git a/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_infrastructures-TechPreviewNoUpgrade.crd.yaml b/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_infrastructures-TechPreviewNoUpgrade.crd.yaml index 197bf2706fa..59bb97f32cf 100644 --- a/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_infrastructures-TechPreviewNoUpgrade.crd.yaml +++ b/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_infrastructures-TechPreviewNoUpgrade.crd.yaml @@ -1084,6 +1084,9 @@ spec: type: array x-kubernetes-list-type: atomic x-kubernetes-validations: + - message: vcenters cannot be added or removed once set + rule: 'size(self) != size(oldSelf) ? size(oldSelf) == 0 + && size(self) < 2 : true' - message: Cannot add and remove vCenters at the same time rule: 'size(self) >= size(oldSelf) ? oldSelf.all(x, self.exists(y, y.server == x.server)) : true' @@ -1100,6 +1103,9 @@ spec: rule: '!has(oldSelf.ingressIPs) || has(self.ingressIPs)' type: object x-kubernetes-validations: + - message: vcenters can have at most 1 item when configured post-install + rule: '!has(oldSelf.vsphere) && has(self.vsphere) ? (has(self.vsphere.vcenters) + && size(self.vsphere.vcenters) < 2) : true' - message: vcenters is required once set and cannot be removed rule: 'oldSelf.?vsphere.vcenters.hasValue() ? self.?vsphere.vcenters.hasValue() : true' diff --git a/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_controllerconfigs-CustomNoUpgrade.crd.yaml b/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_controllerconfigs-CustomNoUpgrade.crd.yaml index fbe07bbab7c..edb9f9640dd 100644 --- a/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_controllerconfigs-CustomNoUpgrade.crd.yaml +++ b/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_controllerconfigs-CustomNoUpgrade.crd.yaml @@ -135,6 +135,9 @@ spec: is the IAM role name. type: string x-kubernetes-validations: + - message: 'privateZoneIAMRole must be a valid AWS + IAM role ARN in the format: arn::iam:::role/' + rule: matches(self, '^arn:(aws|aws-cn|aws-us-gov):iam::[0-9]{12}:role/.*$') - message: 'privateZoneIAMRole must be a valid AWS IAM role ARN in the format: arn::iam:::role/' rule: matches(self, '^arn:(aws|aws-cn|aws-us-gov|aws-eusc):iam::[0-9]{12}:role/.*$') @@ -1373,6 +1376,10 @@ spec: type: array x-kubernetes-list-type: atomic x-kubernetes-validations: + - message: vcenters cannot be added or removed once + set + rule: 'size(self) != size(oldSelf) ? size(oldSelf) + == 0 && size(self) < 2 : true' - message: Cannot add and remove vCenters at the same time rule: 'size(self) >= size(oldSelf) ? oldSelf.all(x, @@ -1393,6 +1400,10 @@ spec: rule: '!has(oldSelf.ingressIPs) || has(self.ingressIPs)' type: object x-kubernetes-validations: + - message: vcenters can have at most 1 item when configured + post-install + rule: '!has(oldSelf.vsphere) && has(self.vsphere) ? (has(self.vsphere.vcenters) + && size(self.vsphere.vcenters) < 2) : true' - message: vcenters is required once set and cannot be removed rule: 'oldSelf.?vsphere.vcenters.hasValue() ? self.?vsphere.vcenters.hasValue() : true' diff --git a/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_controllerconfigs-Default.crd.yaml b/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_controllerconfigs-Default.crd.yaml index 7c0f73b0413..c8cfc55c5dc 100644 --- a/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_controllerconfigs-Default.crd.yaml +++ b/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_controllerconfigs-Default.crd.yaml @@ -1305,6 +1305,10 @@ spec: type: array x-kubernetes-list-type: atomic x-kubernetes-validations: + - message: vcenters cannot be added or removed once + set + rule: 'size(self) != size(oldSelf) ? size(oldSelf) + == 0 && size(self) < 2 : true' - message: vcenters must have unique server values rule: self.all(x, self.exists_one(y, y.server == x.server)) diff --git a/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_controllerconfigs-DevPreviewNoUpgrade.crd.yaml b/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_controllerconfigs-DevPreviewNoUpgrade.crd.yaml index fec9ab5a459..baedb3a6b66 100644 --- a/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_controllerconfigs-DevPreviewNoUpgrade.crd.yaml +++ b/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_controllerconfigs-DevPreviewNoUpgrade.crd.yaml @@ -135,6 +135,9 @@ spec: is the IAM role name. type: string x-kubernetes-validations: + - message: 'privateZoneIAMRole must be a valid AWS + IAM role ARN in the format: arn::iam:::role/' + rule: matches(self, '^arn:(aws|aws-cn|aws-us-gov):iam::[0-9]{12}:role/.*$') - message: 'privateZoneIAMRole must be a valid AWS IAM role ARN in the format: arn::iam:::role/' rule: matches(self, '^arn:(aws|aws-cn|aws-us-gov|aws-eusc):iam::[0-9]{12}:role/.*$') @@ -1373,6 +1376,10 @@ spec: type: array x-kubernetes-list-type: atomic x-kubernetes-validations: + - message: vcenters cannot be added or removed once + set + rule: 'size(self) != size(oldSelf) ? size(oldSelf) + == 0 && size(self) < 2 : true' - message: Cannot add and remove vCenters at the same time rule: 'size(self) >= size(oldSelf) ? oldSelf.all(x, @@ -1393,6 +1400,10 @@ spec: rule: '!has(oldSelf.ingressIPs) || has(self.ingressIPs)' type: object x-kubernetes-validations: + - message: vcenters can have at most 1 item when configured + post-install + rule: '!has(oldSelf.vsphere) && has(self.vsphere) ? (has(self.vsphere.vcenters) + && size(self.vsphere.vcenters) < 2) : true' - message: vcenters is required once set and cannot be removed rule: 'oldSelf.?vsphere.vcenters.hasValue() ? self.?vsphere.vcenters.hasValue() : true' diff --git a/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_controllerconfigs-OKD.crd.yaml b/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_controllerconfigs-OKD.crd.yaml index baa96854daa..83e58b9b40d 100644 --- a/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_controllerconfigs-OKD.crd.yaml +++ b/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_controllerconfigs-OKD.crd.yaml @@ -1305,6 +1305,10 @@ spec: type: array x-kubernetes-list-type: atomic x-kubernetes-validations: + - message: vcenters cannot be added or removed once + set + rule: 'size(self) != size(oldSelf) ? size(oldSelf) + == 0 && size(self) < 2 : true' - message: vcenters must have unique server values rule: self.all(x, self.exists_one(y, y.server == x.server)) diff --git a/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_controllerconfigs-TechPreviewNoUpgrade.crd.yaml b/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_controllerconfigs-TechPreviewNoUpgrade.crd.yaml index 0d318c38c1f..20ef94a65d6 100644 --- a/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_controllerconfigs-TechPreviewNoUpgrade.crd.yaml +++ b/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_controllerconfigs-TechPreviewNoUpgrade.crd.yaml @@ -135,6 +135,9 @@ spec: is the IAM role name. type: string x-kubernetes-validations: + - message: 'privateZoneIAMRole must be a valid AWS + IAM role ARN in the format: arn::iam:::role/' + rule: matches(self, '^arn:(aws|aws-cn|aws-us-gov):iam::[0-9]{12}:role/.*$') - message: 'privateZoneIAMRole must be a valid AWS IAM role ARN in the format: arn::iam:::role/' rule: matches(self, '^arn:(aws|aws-cn|aws-us-gov|aws-eusc):iam::[0-9]{12}:role/.*$') @@ -1373,6 +1376,10 @@ spec: type: array x-kubernetes-list-type: atomic x-kubernetes-validations: + - message: vcenters cannot be added or removed once + set + rule: 'size(self) != size(oldSelf) ? size(oldSelf) + == 0 && size(self) < 2 : true' - message: Cannot add and remove vCenters at the same time rule: 'size(self) >= size(oldSelf) ? oldSelf.all(x, @@ -1393,6 +1400,10 @@ spec: rule: '!has(oldSelf.ingressIPs) || has(self.ingressIPs)' type: object x-kubernetes-validations: + - message: vcenters can have at most 1 item when configured + post-install + rule: '!has(oldSelf.vsphere) && has(self.vsphere) ? (has(self.vsphere.vcenters) + && size(self.vsphere.vcenters) < 2) : true' - message: vcenters is required once set and cannot be removed rule: 'oldSelf.?vsphere.vcenters.hasValue() ? self.?vsphere.vcenters.hasValue() : true' diff --git a/operator/v1/zz_generated.crd-manifests/0000_50_csi-driver_01_clustercsidrivers-CustomNoUpgrade.crd.yaml b/operator/v1/zz_generated.crd-manifests/0000_50_csi-driver_01_clustercsidrivers-CustomNoUpgrade.crd.yaml index 19b319fcb8d..c203718bf83 100644 --- a/operator/v1/zz_generated.crd-manifests/0000_50_csi-driver_01_clustercsidrivers-CustomNoUpgrade.crd.yaml +++ b/operator/v1/zz_generated.crd-manifests/0000_50_csi-driver_01_clustercsidrivers-CustomNoUpgrade.crd.yaml @@ -133,6 +133,9 @@ spec: is the KMS key ID or alias name. type: string x-kubernetes-validations: + - message: 'kmsKeyARN must be a valid AWS KMS key ARN in the + format: arn::kms:::(key|alias)/' + rule: matches(self, '^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b|aws-iso-e|aws-iso-f):kms:[a-z0-9-]+:[0-9]{12}:(key|alias)/.*$') - message: 'kmsKeyARN must be a valid AWS KMS key ARN in the format: arn::kms:::(key|alias)/' rule: matches(self, '^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b|aws-iso-e|aws-iso-f|aws-eusc):kms:[a-z0-9-]+:[0-9]{12}:(key|alias)/.*$') diff --git a/operator/v1/zz_generated.crd-manifests/0000_50_csi-driver_01_clustercsidrivers-DevPreviewNoUpgrade.crd.yaml b/operator/v1/zz_generated.crd-manifests/0000_50_csi-driver_01_clustercsidrivers-DevPreviewNoUpgrade.crd.yaml index a03dd7d88db..5f5b2531835 100644 --- a/operator/v1/zz_generated.crd-manifests/0000_50_csi-driver_01_clustercsidrivers-DevPreviewNoUpgrade.crd.yaml +++ b/operator/v1/zz_generated.crd-manifests/0000_50_csi-driver_01_clustercsidrivers-DevPreviewNoUpgrade.crd.yaml @@ -133,6 +133,9 @@ spec: is the KMS key ID or alias name. type: string x-kubernetes-validations: + - message: 'kmsKeyARN must be a valid AWS KMS key ARN in the + format: arn::kms:::(key|alias)/' + rule: matches(self, '^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b|aws-iso-e|aws-iso-f):kms:[a-z0-9-]+:[0-9]{12}:(key|alias)/.*$') - message: 'kmsKeyARN must be a valid AWS KMS key ARN in the format: arn::kms:::(key|alias)/' rule: matches(self, '^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b|aws-iso-e|aws-iso-f|aws-eusc):kms:[a-z0-9-]+:[0-9]{12}:(key|alias)/.*$') diff --git a/operator/v1/zz_generated.crd-manifests/0000_50_csi-driver_01_clustercsidrivers-TechPreviewNoUpgrade.crd.yaml b/operator/v1/zz_generated.crd-manifests/0000_50_csi-driver_01_clustercsidrivers-TechPreviewNoUpgrade.crd.yaml index 3dc68028e00..1a29a566203 100644 --- a/operator/v1/zz_generated.crd-manifests/0000_50_csi-driver_01_clustercsidrivers-TechPreviewNoUpgrade.crd.yaml +++ b/operator/v1/zz_generated.crd-manifests/0000_50_csi-driver_01_clustercsidrivers-TechPreviewNoUpgrade.crd.yaml @@ -133,6 +133,9 @@ spec: is the KMS key ID or alias name. type: string x-kubernetes-validations: + - message: 'kmsKeyARN must be a valid AWS KMS key ARN in the + format: arn::kms:::(key|alias)/' + rule: matches(self, '^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b|aws-iso-e|aws-iso-f):kms:[a-z0-9-]+:[0-9]{12}:(key|alias)/.*$') - message: 'kmsKeyARN must be a valid AWS KMS key ARN in the format: arn::kms:::(key|alias)/' rule: matches(self, '^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b|aws-iso-e|aws-iso-f|aws-eusc):kms:[a-z0-9-]+:[0-9]{12}:(key|alias)/.*$') diff --git a/payload-manifests/crds/0000_10_config-operator_01_dnses-CustomNoUpgrade.crd.yaml b/payload-manifests/crds/0000_10_config-operator_01_dnses-CustomNoUpgrade.crd.yaml index 05d56f63cfa..baa0d559db4 100644 --- a/payload-manifests/crds/0000_10_config-operator_01_dnses-CustomNoUpgrade.crd.yaml +++ b/payload-manifests/crds/0000_10_config-operator_01_dnses-CustomNoUpgrade.crd.yaml @@ -79,6 +79,9 @@ spec: is the IAM role name. type: string x-kubernetes-validations: + - message: 'privateZoneIAMRole must be a valid AWS IAM role + ARN in the format: arn::iam:::role/' + rule: matches(self, '^arn:(aws|aws-cn|aws-us-gov):iam::[0-9]{12}:role/.*$') - message: 'privateZoneIAMRole must be a valid AWS IAM role ARN in the format: arn::iam:::role/' rule: matches(self, '^arn:(aws|aws-cn|aws-us-gov|aws-eusc):iam::[0-9]{12}:role/.*$') diff --git a/payload-manifests/crds/0000_10_config-operator_01_dnses-DevPreviewNoUpgrade.crd.yaml b/payload-manifests/crds/0000_10_config-operator_01_dnses-DevPreviewNoUpgrade.crd.yaml index f2d9157713a..49b51f1cf93 100644 --- a/payload-manifests/crds/0000_10_config-operator_01_dnses-DevPreviewNoUpgrade.crd.yaml +++ b/payload-manifests/crds/0000_10_config-operator_01_dnses-DevPreviewNoUpgrade.crd.yaml @@ -79,6 +79,9 @@ spec: is the IAM role name. type: string x-kubernetes-validations: + - message: 'privateZoneIAMRole must be a valid AWS IAM role + ARN in the format: arn::iam:::role/' + rule: matches(self, '^arn:(aws|aws-cn|aws-us-gov):iam::[0-9]{12}:role/.*$') - message: 'privateZoneIAMRole must be a valid AWS IAM role ARN in the format: arn::iam:::role/' rule: matches(self, '^arn:(aws|aws-cn|aws-us-gov|aws-eusc):iam::[0-9]{12}:role/.*$') diff --git a/payload-manifests/crds/0000_10_config-operator_01_dnses-TechPreviewNoUpgrade.crd.yaml b/payload-manifests/crds/0000_10_config-operator_01_dnses-TechPreviewNoUpgrade.crd.yaml index ce4e9b77f01..2261d39eb05 100644 --- a/payload-manifests/crds/0000_10_config-operator_01_dnses-TechPreviewNoUpgrade.crd.yaml +++ b/payload-manifests/crds/0000_10_config-operator_01_dnses-TechPreviewNoUpgrade.crd.yaml @@ -79,6 +79,9 @@ spec: is the IAM role name. type: string x-kubernetes-validations: + - message: 'privateZoneIAMRole must be a valid AWS IAM role + ARN in the format: arn::iam:::role/' + rule: matches(self, '^arn:(aws|aws-cn|aws-us-gov):iam::[0-9]{12}:role/.*$') - message: 'privateZoneIAMRole must be a valid AWS IAM role ARN in the format: arn::iam:::role/' rule: matches(self, '^arn:(aws|aws-cn|aws-us-gov|aws-eusc):iam::[0-9]{12}:role/.*$') diff --git a/payload-manifests/crds/0000_10_config-operator_01_infrastructures-CustomNoUpgrade.crd.yaml b/payload-manifests/crds/0000_10_config-operator_01_infrastructures-CustomNoUpgrade.crd.yaml index 53bd9da6047..ed5a1b5e5d3 100644 --- a/payload-manifests/crds/0000_10_config-operator_01_infrastructures-CustomNoUpgrade.crd.yaml +++ b/payload-manifests/crds/0000_10_config-operator_01_infrastructures-CustomNoUpgrade.crd.yaml @@ -1084,6 +1084,9 @@ spec: type: array x-kubernetes-list-type: atomic x-kubernetes-validations: + - message: vcenters cannot be added or removed once set + rule: 'size(self) != size(oldSelf) ? size(oldSelf) == 0 + && size(self) < 2 : true' - message: Cannot add and remove vCenters at the same time rule: 'size(self) >= size(oldSelf) ? oldSelf.all(x, self.exists(y, y.server == x.server)) : true' @@ -1100,6 +1103,9 @@ spec: rule: '!has(oldSelf.ingressIPs) || has(self.ingressIPs)' type: object x-kubernetes-validations: + - message: vcenters can have at most 1 item when configured post-install + rule: '!has(oldSelf.vsphere) && has(self.vsphere) ? (has(self.vsphere.vcenters) + && size(self.vsphere.vcenters) < 2) : true' - message: vcenters is required once set and cannot be removed rule: 'oldSelf.?vsphere.vcenters.hasValue() ? self.?vsphere.vcenters.hasValue() : true' diff --git a/payload-manifests/crds/0000_10_config-operator_01_infrastructures-Default.crd.yaml b/payload-manifests/crds/0000_10_config-operator_01_infrastructures-Default.crd.yaml index 0305366dfd1..ab1b170ac48 100644 --- a/payload-manifests/crds/0000_10_config-operator_01_infrastructures-Default.crd.yaml +++ b/payload-manifests/crds/0000_10_config-operator_01_infrastructures-Default.crd.yaml @@ -1018,6 +1018,9 @@ spec: type: array x-kubernetes-list-type: atomic x-kubernetes-validations: + - message: vcenters cannot be added or removed once set + rule: 'size(self) != size(oldSelf) ? size(oldSelf) == 0 + && size(self) < 2 : true' - message: vcenters must have unique server values rule: self.all(x, self.exists_one(y, y.server == x.server)) type: object diff --git a/payload-manifests/crds/0000_10_config-operator_01_infrastructures-DevPreviewNoUpgrade.crd.yaml b/payload-manifests/crds/0000_10_config-operator_01_infrastructures-DevPreviewNoUpgrade.crd.yaml index 0e2cb379c9c..87c4bb5abd5 100644 --- a/payload-manifests/crds/0000_10_config-operator_01_infrastructures-DevPreviewNoUpgrade.crd.yaml +++ b/payload-manifests/crds/0000_10_config-operator_01_infrastructures-DevPreviewNoUpgrade.crd.yaml @@ -1084,6 +1084,9 @@ spec: type: array x-kubernetes-list-type: atomic x-kubernetes-validations: + - message: vcenters cannot be added or removed once set + rule: 'size(self) != size(oldSelf) ? size(oldSelf) == 0 + && size(self) < 2 : true' - message: Cannot add and remove vCenters at the same time rule: 'size(self) >= size(oldSelf) ? oldSelf.all(x, self.exists(y, y.server == x.server)) : true' @@ -1100,6 +1103,9 @@ spec: rule: '!has(oldSelf.ingressIPs) || has(self.ingressIPs)' type: object x-kubernetes-validations: + - message: vcenters can have at most 1 item when configured post-install + rule: '!has(oldSelf.vsphere) && has(self.vsphere) ? (has(self.vsphere.vcenters) + && size(self.vsphere.vcenters) < 2) : true' - message: vcenters is required once set and cannot be removed rule: 'oldSelf.?vsphere.vcenters.hasValue() ? self.?vsphere.vcenters.hasValue() : true' diff --git a/payload-manifests/crds/0000_10_config-operator_01_infrastructures-OKD.crd.yaml b/payload-manifests/crds/0000_10_config-operator_01_infrastructures-OKD.crd.yaml index 6cdb3f76af3..738390fcfc1 100644 --- a/payload-manifests/crds/0000_10_config-operator_01_infrastructures-OKD.crd.yaml +++ b/payload-manifests/crds/0000_10_config-operator_01_infrastructures-OKD.crd.yaml @@ -1018,6 +1018,9 @@ spec: type: array x-kubernetes-list-type: atomic x-kubernetes-validations: + - message: vcenters cannot be added or removed once set + rule: 'size(self) != size(oldSelf) ? size(oldSelf) == 0 + && size(self) < 2 : true' - message: vcenters must have unique server values rule: self.all(x, self.exists_one(y, y.server == x.server)) type: object diff --git a/payload-manifests/crds/0000_10_config-operator_01_infrastructures-TechPreviewNoUpgrade.crd.yaml b/payload-manifests/crds/0000_10_config-operator_01_infrastructures-TechPreviewNoUpgrade.crd.yaml index 197bf2706fa..59bb97f32cf 100644 --- a/payload-manifests/crds/0000_10_config-operator_01_infrastructures-TechPreviewNoUpgrade.crd.yaml +++ b/payload-manifests/crds/0000_10_config-operator_01_infrastructures-TechPreviewNoUpgrade.crd.yaml @@ -1084,6 +1084,9 @@ spec: type: array x-kubernetes-list-type: atomic x-kubernetes-validations: + - message: vcenters cannot be added or removed once set + rule: 'size(self) != size(oldSelf) ? size(oldSelf) == 0 + && size(self) < 2 : true' - message: Cannot add and remove vCenters at the same time rule: 'size(self) >= size(oldSelf) ? oldSelf.all(x, self.exists(y, y.server == x.server)) : true' @@ -1100,6 +1103,9 @@ spec: rule: '!has(oldSelf.ingressIPs) || has(self.ingressIPs)' type: object x-kubernetes-validations: + - message: vcenters can have at most 1 item when configured post-install + rule: '!has(oldSelf.vsphere) && has(self.vsphere) ? (has(self.vsphere.vcenters) + && size(self.vsphere.vcenters) < 2) : true' - message: vcenters is required once set and cannot be removed rule: 'oldSelf.?vsphere.vcenters.hasValue() ? self.?vsphere.vcenters.hasValue() : true' diff --git a/payload-manifests/crds/0000_50_csi-driver_01_clustercsidrivers-CustomNoUpgrade.crd.yaml b/payload-manifests/crds/0000_50_csi-driver_01_clustercsidrivers-CustomNoUpgrade.crd.yaml index 19b319fcb8d..c203718bf83 100644 --- a/payload-manifests/crds/0000_50_csi-driver_01_clustercsidrivers-CustomNoUpgrade.crd.yaml +++ b/payload-manifests/crds/0000_50_csi-driver_01_clustercsidrivers-CustomNoUpgrade.crd.yaml @@ -133,6 +133,9 @@ spec: is the KMS key ID or alias name. type: string x-kubernetes-validations: + - message: 'kmsKeyARN must be a valid AWS KMS key ARN in the + format: arn::kms:::(key|alias)/' + rule: matches(self, '^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b|aws-iso-e|aws-iso-f):kms:[a-z0-9-]+:[0-9]{12}:(key|alias)/.*$') - message: 'kmsKeyARN must be a valid AWS KMS key ARN in the format: arn::kms:::(key|alias)/' rule: matches(self, '^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b|aws-iso-e|aws-iso-f|aws-eusc):kms:[a-z0-9-]+:[0-9]{12}:(key|alias)/.*$') diff --git a/payload-manifests/crds/0000_50_csi-driver_01_clustercsidrivers-DevPreviewNoUpgrade.crd.yaml b/payload-manifests/crds/0000_50_csi-driver_01_clustercsidrivers-DevPreviewNoUpgrade.crd.yaml index a03dd7d88db..5f5b2531835 100644 --- a/payload-manifests/crds/0000_50_csi-driver_01_clustercsidrivers-DevPreviewNoUpgrade.crd.yaml +++ b/payload-manifests/crds/0000_50_csi-driver_01_clustercsidrivers-DevPreviewNoUpgrade.crd.yaml @@ -133,6 +133,9 @@ spec: is the KMS key ID or alias name. type: string x-kubernetes-validations: + - message: 'kmsKeyARN must be a valid AWS KMS key ARN in the + format: arn::kms:::(key|alias)/' + rule: matches(self, '^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b|aws-iso-e|aws-iso-f):kms:[a-z0-9-]+:[0-9]{12}:(key|alias)/.*$') - message: 'kmsKeyARN must be a valid AWS KMS key ARN in the format: arn::kms:::(key|alias)/' rule: matches(self, '^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b|aws-iso-e|aws-iso-f|aws-eusc):kms:[a-z0-9-]+:[0-9]{12}:(key|alias)/.*$') diff --git a/payload-manifests/crds/0000_50_csi-driver_01_clustercsidrivers-TechPreviewNoUpgrade.crd.yaml b/payload-manifests/crds/0000_50_csi-driver_01_clustercsidrivers-TechPreviewNoUpgrade.crd.yaml index 3dc68028e00..1a29a566203 100644 --- a/payload-manifests/crds/0000_50_csi-driver_01_clustercsidrivers-TechPreviewNoUpgrade.crd.yaml +++ b/payload-manifests/crds/0000_50_csi-driver_01_clustercsidrivers-TechPreviewNoUpgrade.crd.yaml @@ -133,6 +133,9 @@ spec: is the KMS key ID or alias name. type: string x-kubernetes-validations: + - message: 'kmsKeyARN must be a valid AWS KMS key ARN in the + format: arn::kms:::(key|alias)/' + rule: matches(self, '^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b|aws-iso-e|aws-iso-f):kms:[a-z0-9-]+:[0-9]{12}:(key|alias)/.*$') - message: 'kmsKeyARN must be a valid AWS KMS key ARN in the format: arn::kms:::(key|alias)/' rule: matches(self, '^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b|aws-iso-e|aws-iso-f|aws-eusc):kms:[a-z0-9-]+:[0-9]{12}:(key|alias)/.*$') diff --git a/payload-manifests/crds/0000_80_machine-config_01_controllerconfigs-CustomNoUpgrade.crd.yaml b/payload-manifests/crds/0000_80_machine-config_01_controllerconfigs-CustomNoUpgrade.crd.yaml index fbe07bbab7c..edb9f9640dd 100644 --- a/payload-manifests/crds/0000_80_machine-config_01_controllerconfigs-CustomNoUpgrade.crd.yaml +++ b/payload-manifests/crds/0000_80_machine-config_01_controllerconfigs-CustomNoUpgrade.crd.yaml @@ -135,6 +135,9 @@ spec: is the IAM role name. type: string x-kubernetes-validations: + - message: 'privateZoneIAMRole must be a valid AWS + IAM role ARN in the format: arn::iam:::role/' + rule: matches(self, '^arn:(aws|aws-cn|aws-us-gov):iam::[0-9]{12}:role/.*$') - message: 'privateZoneIAMRole must be a valid AWS IAM role ARN in the format: arn::iam:::role/' rule: matches(self, '^arn:(aws|aws-cn|aws-us-gov|aws-eusc):iam::[0-9]{12}:role/.*$') @@ -1373,6 +1376,10 @@ spec: type: array x-kubernetes-list-type: atomic x-kubernetes-validations: + - message: vcenters cannot be added or removed once + set + rule: 'size(self) != size(oldSelf) ? size(oldSelf) + == 0 && size(self) < 2 : true' - message: Cannot add and remove vCenters at the same time rule: 'size(self) >= size(oldSelf) ? oldSelf.all(x, @@ -1393,6 +1400,10 @@ spec: rule: '!has(oldSelf.ingressIPs) || has(self.ingressIPs)' type: object x-kubernetes-validations: + - message: vcenters can have at most 1 item when configured + post-install + rule: '!has(oldSelf.vsphere) && has(self.vsphere) ? (has(self.vsphere.vcenters) + && size(self.vsphere.vcenters) < 2) : true' - message: vcenters is required once set and cannot be removed rule: 'oldSelf.?vsphere.vcenters.hasValue() ? self.?vsphere.vcenters.hasValue() : true' diff --git a/payload-manifests/crds/0000_80_machine-config_01_controllerconfigs-Default.crd.yaml b/payload-manifests/crds/0000_80_machine-config_01_controllerconfigs-Default.crd.yaml index 7c0f73b0413..c8cfc55c5dc 100644 --- a/payload-manifests/crds/0000_80_machine-config_01_controllerconfigs-Default.crd.yaml +++ b/payload-manifests/crds/0000_80_machine-config_01_controllerconfigs-Default.crd.yaml @@ -1305,6 +1305,10 @@ spec: type: array x-kubernetes-list-type: atomic x-kubernetes-validations: + - message: vcenters cannot be added or removed once + set + rule: 'size(self) != size(oldSelf) ? size(oldSelf) + == 0 && size(self) < 2 : true' - message: vcenters must have unique server values rule: self.all(x, self.exists_one(y, y.server == x.server)) diff --git a/payload-manifests/crds/0000_80_machine-config_01_controllerconfigs-DevPreviewNoUpgrade.crd.yaml b/payload-manifests/crds/0000_80_machine-config_01_controllerconfigs-DevPreviewNoUpgrade.crd.yaml index fec9ab5a459..baedb3a6b66 100644 --- a/payload-manifests/crds/0000_80_machine-config_01_controllerconfigs-DevPreviewNoUpgrade.crd.yaml +++ b/payload-manifests/crds/0000_80_machine-config_01_controllerconfigs-DevPreviewNoUpgrade.crd.yaml @@ -135,6 +135,9 @@ spec: is the IAM role name. type: string x-kubernetes-validations: + - message: 'privateZoneIAMRole must be a valid AWS + IAM role ARN in the format: arn::iam:::role/' + rule: matches(self, '^arn:(aws|aws-cn|aws-us-gov):iam::[0-9]{12}:role/.*$') - message: 'privateZoneIAMRole must be a valid AWS IAM role ARN in the format: arn::iam:::role/' rule: matches(self, '^arn:(aws|aws-cn|aws-us-gov|aws-eusc):iam::[0-9]{12}:role/.*$') @@ -1373,6 +1376,10 @@ spec: type: array x-kubernetes-list-type: atomic x-kubernetes-validations: + - message: vcenters cannot be added or removed once + set + rule: 'size(self) != size(oldSelf) ? size(oldSelf) + == 0 && size(self) < 2 : true' - message: Cannot add and remove vCenters at the same time rule: 'size(self) >= size(oldSelf) ? oldSelf.all(x, @@ -1393,6 +1400,10 @@ spec: rule: '!has(oldSelf.ingressIPs) || has(self.ingressIPs)' type: object x-kubernetes-validations: + - message: vcenters can have at most 1 item when configured + post-install + rule: '!has(oldSelf.vsphere) && has(self.vsphere) ? (has(self.vsphere.vcenters) + && size(self.vsphere.vcenters) < 2) : true' - message: vcenters is required once set and cannot be removed rule: 'oldSelf.?vsphere.vcenters.hasValue() ? self.?vsphere.vcenters.hasValue() : true' diff --git a/payload-manifests/crds/0000_80_machine-config_01_controllerconfigs-OKD.crd.yaml b/payload-manifests/crds/0000_80_machine-config_01_controllerconfigs-OKD.crd.yaml index baa96854daa..83e58b9b40d 100644 --- a/payload-manifests/crds/0000_80_machine-config_01_controllerconfigs-OKD.crd.yaml +++ b/payload-manifests/crds/0000_80_machine-config_01_controllerconfigs-OKD.crd.yaml @@ -1305,6 +1305,10 @@ spec: type: array x-kubernetes-list-type: atomic x-kubernetes-validations: + - message: vcenters cannot be added or removed once + set + rule: 'size(self) != size(oldSelf) ? size(oldSelf) + == 0 && size(self) < 2 : true' - message: vcenters must have unique server values rule: self.all(x, self.exists_one(y, y.server == x.server)) diff --git a/payload-manifests/crds/0000_80_machine-config_01_controllerconfigs-TechPreviewNoUpgrade.crd.yaml b/payload-manifests/crds/0000_80_machine-config_01_controllerconfigs-TechPreviewNoUpgrade.crd.yaml index 0d318c38c1f..20ef94a65d6 100644 --- a/payload-manifests/crds/0000_80_machine-config_01_controllerconfigs-TechPreviewNoUpgrade.crd.yaml +++ b/payload-manifests/crds/0000_80_machine-config_01_controllerconfigs-TechPreviewNoUpgrade.crd.yaml @@ -135,6 +135,9 @@ spec: is the IAM role name. type: string x-kubernetes-validations: + - message: 'privateZoneIAMRole must be a valid AWS + IAM role ARN in the format: arn::iam:::role/' + rule: matches(self, '^arn:(aws|aws-cn|aws-us-gov):iam::[0-9]{12}:role/.*$') - message: 'privateZoneIAMRole must be a valid AWS IAM role ARN in the format: arn::iam:::role/' rule: matches(self, '^arn:(aws|aws-cn|aws-us-gov|aws-eusc):iam::[0-9]{12}:role/.*$') @@ -1373,6 +1376,10 @@ spec: type: array x-kubernetes-list-type: atomic x-kubernetes-validations: + - message: vcenters cannot be added or removed once + set + rule: 'size(self) != size(oldSelf) ? size(oldSelf) + == 0 && size(self) < 2 : true' - message: Cannot add and remove vCenters at the same time rule: 'size(self) >= size(oldSelf) ? oldSelf.all(x, @@ -1393,6 +1400,10 @@ spec: rule: '!has(oldSelf.ingressIPs) || has(self.ingressIPs)' type: object x-kubernetes-validations: + - message: vcenters can have at most 1 item when configured + post-install + rule: '!has(oldSelf.vsphere) && has(self.vsphere) ? (has(self.vsphere.vcenters) + && size(self.vsphere.vcenters) < 2) : true' - message: vcenters is required once set and cannot be removed rule: 'oldSelf.?vsphere.vcenters.hasValue() ? self.?vsphere.vcenters.hasValue() : true' diff --git a/tools/codegen/pkg/manifestmerge/crd-schema.json b/tools/codegen/pkg/manifestmerge/crd-schema.json index 03a3d3ce832..71a493a0ad7 100644 --- a/tools/codegen/pkg/manifestmerge/crd-schema.json +++ b/tools/codegen/pkg/manifestmerge/crd-schema.json @@ -727,7 +727,10 @@ "default": {} }, "type": "array", - "x-kubernetes-list-type": "atomic" + "x-kubernetes-list-type": "map", + "x-kubernetes-list-map-keys": [ + "rule" + ] } }, "type": "object"