diff --git a/.golangci-kal.yml b/.golangci-kal.yml index 38029a4adc83..55d52fb33da2 100644 --- a/.golangci-kal.yml +++ b/.golangci-kal.yml @@ -74,14 +74,11 @@ issues: text: "field Prefix should not use an int, int8 or int16. Use int32 or int64 depending on bounding requirements" linters: - kal - - path: "api/v1alpha1/*|api/v1alpha3/*" + # clusterctl and Runtime Hooks can be fixed once we bump their apiVersion. + - path: "cmd/clusterctl/api/v1alpha3|exp/runtime/hooks/api/v1alpha1" text: "maxlength" linters: - kal - - path: "api/v1beta1/*" - text: "must have a maximum length, add (kubebuilder:validation:MaxLength|kubebuilder:validation:items:MaxLength) marker" - linters: - - kal # controller-gen does not allow to add MaxItems to Schemaless fields - path: "api/v1beta1/*" text: "maxlength: field (AllOf|OneOf|AnyOf) must have a maximum items, add kubebuilder:validation:MaxItems marker" @@ -89,7 +86,7 @@ issues: - kal # It does not make sense to add a maxItems marker on the *List structs as they are not used to generate CRD YAMLs. # This exclude will be removed once https://github.com/JoelSpeed/kal/issues/38 is resolved. - - path: "api/v1beta1/*" + - path: "api/v1beta1/*|api/v1alpha1/*" text: "maxlength: field Items must have a maximum items, add kubebuilder:validation:MaxItems marker" linters: - kal diff --git a/api/v1beta1/cluster_types.go b/api/v1beta1/cluster_types.go index 6588cb438393..14e740ed2c89 100644 --- a/api/v1beta1/cluster_types.go +++ b/api/v1beta1/cluster_types.go @@ -524,8 +524,8 @@ type ClusterAvailabilityGate struct { // Note: Both Cluster API conditions or conditions added by 3rd party controllers can be used as availability gates. // +required // +kubebuilder:validation:Pattern=`^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$` - // +kubebuilder:validation:MaxLength=316 // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=316 ConditionType string `json:"conditionType"` // polarity of the conditionType specified in this availabilityGate. @@ -542,6 +542,8 @@ type ClusterAvailabilityGate struct { type Topology struct { // class is the name of the ClusterClass object to create the topology. // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=253 Class string `json:"class"` // classNamespace is the namespace of the ClusterClass object to create the topology. @@ -555,6 +557,8 @@ type Topology struct { // version is the Kubernetes version of the cluster. // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=256 Version string `json:"version"` // rolloutAfter performs a rollout of the entire cluster one component at a time, @@ -672,6 +676,8 @@ type MachineDeploymentTopology struct { // This should match one of the deployment classes defined in the ClusterClass object // mentioned in the `Cluster.Spec.Class` field. // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=256 Class string `json:"class"` // name is the unique identifier for this MachineDeploymentTopology. @@ -679,11 +685,15 @@ type MachineDeploymentTopology struct { // (e.g. cluster's name, etc). In case the name is greater than the allowed maximum length, // the values are hashed together. // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=256 Name string `json:"name"` // failureDomain is the failure domain the machines will be created in. // Must match a key in the FailureDomains map stored on the cluster object. // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=256 FailureDomain *string `json:"failureDomain,omitempty"` // replicas is the number of worker nodes belonging to this set. @@ -777,6 +787,8 @@ type MachinePoolTopology struct { // This should match one of the deployment classes defined in the ClusterClass object // mentioned in the `Cluster.Spec.Class` field. // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=256 Class string `json:"class"` // name is the unique identifier for this MachinePoolTopology. @@ -784,12 +796,16 @@ type MachinePoolTopology struct { // (e.g. cluster's name, etc). In case the name is greater than the allowed maximum length, // the values are hashed together. // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=256 Name string `json:"name"` // failureDomains is the list of failure domains the machine pool will be created in. // Must match a key in the FailureDomains map stored on the cluster object. // +optional // +kubebuilder:validation:MaxItems=100 + // +kubebuilder:validation:items:MinLength=1 + // +kubebuilder:validation:items:MaxLength=256 FailureDomains []string `json:"failureDomains,omitempty"` // nodeDrainTimeout is the total amount of time that the controller will spend on draining a node. @@ -833,6 +849,8 @@ type MachinePoolTopology struct { type ClusterVariable struct { // name of the variable. // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=256 Name string `json:"name"` // definitionFrom specifies where the definition of this Variable is from. @@ -840,6 +858,7 @@ type ClusterVariable struct { // Deprecated: This field is deprecated, must not be set anymore and is going to be removed in the next apiVersion. // // +optional + // +kubebuilder:validation:MaxLength=256 DefinitionFrom string `json:"definitionFrom,omitempty"` // value of the variable. @@ -905,6 +924,8 @@ type ClusterNetwork struct { // serviceDomain is the domain name for services. // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=253 ServiceDomain string `json:"serviceDomain,omitempty"` } @@ -915,8 +936,10 @@ type ClusterNetwork struct { // NetworkRanges represents ranges of network addresses. type NetworkRanges struct { // cidrBlocks is a list of CIDR blocks. - // +kubebuilder:validation:MaxItems=100 // +required + // +kubebuilder:validation:MaxItems=100 + // +kubebuilder:validation:items:MinLength=1 + // +kubebuilder:validation:items:MaxLength=43 CIDRBlocks []string `json:"cidrBlocks"` } @@ -952,11 +975,13 @@ type ClusterStatus struct { // Deprecated: This field is deprecated and is going to be removed in the next apiVersion. Please see https://github.com/kubernetes-sigs/cluster-api/blob/main/docs/proposals/20240916-improve-status-in-CAPI-resources.md for more details. // // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=10240 FailureMessage *string `json:"failureMessage,omitempty"` // phase represents the current phase of cluster actuation. - // E.g. Pending, Running, Terminating, Failed etc. // +optional + // +kubebuilder:validation:Enum=Pending;Provisioning;Provisioned;Deleting;Failed;Unknown Phase string `json:"phase,omitempty"` // infrastructureReady is the state of the infrastructure provider. @@ -1082,7 +1107,9 @@ func (c *ClusterStatus) GetTypedPhase() ClusterPhase { // APIEndpoint represents a reachable Kubernetes API endpoint. type APIEndpoint struct { // host is the hostname on which the API server is serving. + // TODO: Can't set MinLength=1 for now, because this struct is not always used in pointer fields so today we have cases where host is set to an empty string. // +required + // +kubebuilder:validation:MaxLength=512 Host string `json:"host"` // port is the port on which the API server is serving. diff --git a/api/v1beta1/clusterclass_types.go b/api/v1beta1/clusterclass_types.go index 1fdaa55e09d8..4d62dbf7246b 100644 --- a/api/v1beta1/clusterclass_types.go +++ b/api/v1beta1/clusterclass_types.go @@ -217,6 +217,8 @@ type ControlPlaneClassNamingStrategy struct { // * `.cluster.name`: The name of the cluster object. // * `.random`: A random alphanumeric string, without vowels, of length 5. // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=1024 Template *string `json:"template,omitempty"` } @@ -230,6 +232,8 @@ type InfrastructureNamingStrategy struct { // * `.cluster.name`: The name of the cluster object. // * `.random`: A random alphanumeric string, without vowels, of length 5. // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=1024 Template *string `json:"template,omitempty"` } @@ -259,6 +263,8 @@ type MachineDeploymentClass struct { // this name MUST be unique within a ClusterClass and can be referenced // in the Cluster to create a managed MachineDeployment. // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=256 Class string `json:"class"` // template is a local struct containing a collection of templates for creation of @@ -274,6 +280,8 @@ type MachineDeploymentClass struct { // Must match a key in the FailureDomains map stored on the cluster object. // NOTE: This value can be overridden while defining a Cluster.Topology using this MachineDeploymentClass. // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=256 FailureDomain *string `json:"failureDomain,omitempty"` // namingStrategy allows changing the naming pattern used when creating the MachineDeployment. @@ -359,6 +367,8 @@ type MachineDeploymentClassNamingStrategy struct { // * `.random`: A random alphanumeric string, without vowels, of length 5. // * `.machineDeployment.topologyName`: The name of the MachineDeployment topology (Cluster.spec.topology.workers.machineDeployments[].name). // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=1024 Template *string `json:"template,omitempty"` } @@ -386,6 +396,8 @@ type MachineHealthCheckClass struct { // (b) there are at most 5 unhealthy machines // +optional // +kubebuilder:validation:Pattern=^\[[0-9]+-[0-9]+\]$ + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=32 UnhealthyRange *string `json:"unhealthyRange,omitempty"` // nodeStartupTimeout allows to set the maximum time for MachineHealthCheck @@ -420,6 +432,8 @@ type MachinePoolClass struct { // this name MUST be unique within a ClusterClass and can be referenced // in the Cluster to create a managed MachinePool. // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=256 Class string `json:"class"` // template is a local struct containing a collection of templates for creation of @@ -432,6 +446,8 @@ type MachinePoolClass struct { // NOTE: This value can be overridden while defining a Cluster.Topology using this MachinePoolClass. // +optional // +kubebuilder:validation:MaxItems=100 + // +kubebuilder:validation:items:MinLength=1 + // +kubebuilder:validation:items:MaxLength=256 FailureDomains []string `json:"failureDomains,omitempty"` // namingStrategy allows changing the naming pattern used when creating the MachinePool. @@ -497,6 +513,8 @@ type MachinePoolClassNamingStrategy struct { // * `.random`: A random alphanumeric string, without vowels, of length 5. // * `.machinePool.topologyName`: The name of the MachinePool topology (Cluster.spec.topology.workers.machinePools[].name). // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=1024 Template *string `json:"template,omitempty"` } @@ -510,6 +528,8 @@ func (m MachineHealthCheckClass) IsZero() bool { type ClusterClassVariable struct { // name of the variable. // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=256 Name string `json:"name"` // required specifies if the variable is required. @@ -568,6 +588,8 @@ type VariableSchema struct { type JSONSchemaProps struct { // description is a human-readable description of this variable. // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=4096 Description string `json:"description,omitempty"` // example is an example for this variable. @@ -577,6 +599,7 @@ type JSONSchemaProps struct { // type is the type of the variable. // Valid values are: object, array, string, integer, number or boolean. // +optional + // +kubebuilder:validation:Enum=object;array;string;integer;number;boolean Type string `json:"type,omitempty"` // properties specifies fields of an object. @@ -613,6 +636,8 @@ type JSONSchemaProps struct { // NOTE: Can only be set if type is object. // +optional // +kubebuilder:validation:MaxItems=1000 + // +kubebuilder:validation:items:MinLength=1 + // +kubebuilder:validation:items:MaxLength=256 Required []string `json:"required,omitempty"` // items specifies fields of an array. @@ -644,6 +669,8 @@ type JSONSchemaProps struct { // https://github.com/kubernetes/apiextensions-apiserver/blob/master/pkg/apiserver/validation/formats.go // NOTE: Can only be set if type is string. // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=32 Format string `json:"format,omitempty"` // maxLength is the max length of a string variable. @@ -659,6 +686,8 @@ type JSONSchemaProps struct { // pattern is the regex which a string variable must match. // NOTE: Can only be set if type is string. // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=512 Pattern string `json:"pattern,omitempty"` // maximum is the maximum of an integer or number variable. @@ -829,12 +858,16 @@ type ValidationRule struct { // skipped if an old value could not be found. // // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=4096 Rule string `json:"rule"` // message represents the message displayed when validation fails. The message is required if the Rule contains // line breaks. The message must not contain line breaks. // If unset, the message is "failed rule: {Rule}". // e.g. "must be a URL with the host matching spec.host" // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=512 Message string `json:"message,omitempty"` // messageExpression declares a CEL expression that evaluates to the validation failure message that is returned when this rule fails. // Since messageExpression is used as a failure message, it must evaluate to a string. @@ -846,6 +879,8 @@ type ValidationRule struct { // Example: // "x must be less than max ("+string(self.max)+")" // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=1024 MessageExpression string `json:"messageExpression,omitempty"` // reason provides a machine-readable validation failure reason that is returned to the caller when a request fails this validation rule. // The currently supported reasons are: "FieldValueInvalid", "FieldValueForbidden", "FieldValueRequired", "FieldValueDuplicate". @@ -866,6 +901,8 @@ type ValidationRule struct { // For field name which contains special characters, use `['specialName']` to refer the field name. // e.g. for attribute `foo.34$` appears in a list `testList`, the fieldPath could be set to `.testList['foo.34$']` // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=512 FieldPath string `json:"fieldPath,omitempty"` } @@ -892,10 +929,14 @@ const ( type ClusterClassPatch struct { // name of the patch. // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=256 Name string `json:"name"` // description is a human-readable description of this patch. // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=1024 Description string `json:"description,omitempty"` // enabledIf is a Go template to be used to calculate if a patch should be enabled. @@ -904,6 +945,8 @@ type ClusterClassPatch struct { // be disabled. // If EnabledIf is not set, the patch will be enabled per default. // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=256 EnabledIf *string `json:"enabledIf,omitempty"` // definitions define inline patches. @@ -941,10 +984,14 @@ type PatchDefinition struct { type PatchSelector struct { // apiVersion filters templates by apiVersion. // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=512 APIVersion string `json:"apiVersion"` // kind filters templates by kind. // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=256 Kind string `json:"kind"` // matchResources selects templates based on where they are referenced. @@ -983,6 +1030,8 @@ type PatchSelectorMatchMachineDeploymentClass struct { // names selects templates by class names. // +optional // +kubebuilder:validation:MaxItems=100 + // +kubebuilder:validation:items:MinLength=1 + // +kubebuilder:validation:items:MaxLength=256 Names []string `json:"names,omitempty"` } @@ -992,6 +1041,8 @@ type PatchSelectorMatchMachinePoolClass struct { // names selects templates by class names. // +optional // +kubebuilder:validation:MaxItems=100 + // +kubebuilder:validation:items:MinLength=1 + // +kubebuilder:validation:items:MaxLength=256 Names []string `json:"names,omitempty"` } @@ -1000,6 +1051,7 @@ type JSONPatch struct { // op defines the operation of the patch. // Note: Only `add`, `replace` and `remove` are supported. // +required + // +kubebuilder:validation:Enum=add;replace;remove Op string `json:"op"` // path defines the path of the patch. @@ -1008,6 +1060,8 @@ type JSONPatch struct { // * for op: `add`: only index 0 (prepend) and - (append) are allowed // * for op: `replace` or `remove`: no indexes are allowed // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=512 Path string `json:"path"` // value defines the value of the patch. @@ -1033,12 +1087,16 @@ type JSONPatchValue struct { // variable is the variable to be used as value. // Variable can be one of the variables defined in .spec.variables or a builtin variable. // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=256 Variable *string `json:"variable,omitempty"` // template is the Go template to be used to calculate the value. // A template can reference variables defined in .spec.variables and builtin variables. // Note: The template must evaluate to a valid YAML or JSON value. // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=10240 Template *string `json:"template,omitempty"` } @@ -1047,14 +1105,20 @@ type JSONPatchValue struct { type ExternalPatchDefinition struct { // generateExtension references an extension which is called to generate patches. // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=512 GenerateExtension *string `json:"generateExtension,omitempty"` // validateExtension references an extension which is called to validate the topology. // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=512 ValidateExtension *string `json:"validateExtension,omitempty"` // discoverVariablesExtension references an extension which is called to discover variables. // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=512 DiscoverVariablesExtension *string `json:"discoverVariablesExtension,omitempty"` // settings defines key value pairs to be passed to the extensions. @@ -1110,6 +1174,8 @@ type ClusterClassV1Beta2Status struct { type ClusterClassStatusVariable struct { // name is the name of the variable. // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=256 Name string `json:"name"` // definitionsConflict specifies whether or not there are conflicting definitions for a single variable name. @@ -1128,6 +1194,8 @@ type ClusterClassStatusVariableDefinition struct { // This will be `inline` for variables defined in the ClusterClass or the name of a patch defined in the ClusterClass // for variables discovered from a DiscoverVariables runtime extensions. // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=256 From string `json:"from"` // required specifies if the variable is required. diff --git a/api/v1beta1/common_types.go b/api/v1beta1/common_types.go index 588d5a4512e0..9d1fe06395a6 100644 --- a/api/v1beta1/common_types.go +++ b/api/v1beta1/common_types.go @@ -278,6 +278,7 @@ var ( ) // MachineAddressType describes a valid MachineAddress type. +// +kubebuilder:validation:Enum=Hostname;ExternalIP;InternalIP;ExternalDNS;InternalDNS type MachineAddressType string // Define the MachineAddressType constants. @@ -297,6 +298,8 @@ type MachineAddress struct { // address is the machine address. // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=256 Address string `json:"address"` } diff --git a/api/v1beta1/condition_types.go b/api/v1beta1/condition_types.go index a2722d8ac1ed..d9e0f44f2528 100644 --- a/api/v1beta1/condition_types.go +++ b/api/v1beta1/condition_types.go @@ -24,6 +24,7 @@ import ( // ANCHOR: ConditionSeverity // ConditionSeverity expresses the severity of a Condition Type failing. +// +kubebuilder:validation:MaxLength=32 type ConditionSeverity string const ( @@ -45,6 +46,8 @@ const ( // ANCHOR: ConditionType // ConditionType is a valid value for Condition.Type. +// +kubebuilder:validation:MinLength=1 +// +kubebuilder:validation:MaxLength=256 type ConditionType string // ANCHOR_END: ConditionType @@ -79,11 +82,15 @@ type Condition struct { // The specific API may choose whether or not this field is considered a guaranteed API. // This field may be empty. // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=256 Reason string `json:"reason,omitempty"` // message is a human readable message indicating details about the transition. // This field may be empty. // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=10240 Message string `json:"message,omitempty"` } diff --git a/api/v1beta1/machine_types.go b/api/v1beta1/machine_types.go index 89bf316f380c..3dd7e16d6d3d 100644 --- a/api/v1beta1/machine_types.go +++ b/api/v1beta1/machine_types.go @@ -377,8 +377,9 @@ const ( // MachineSpec defines the desired state of Machine. type MachineSpec struct { // clusterName is the name of the Cluster this object belongs to. - // +kubebuilder:validation:MinLength=1 // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=63 ClusterName string `json:"clusterName"` // bootstrap is a reference to a local struct which encapsulates @@ -394,6 +395,8 @@ type MachineSpec struct { // version defines the desired Kubernetes version. // This field is meant to be optionally used by bootstrap providers. // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=256 Version *string `json:"version,omitempty"` // providerID is the identification ID of the machine provided by the provider. @@ -407,11 +410,15 @@ type MachineSpec struct { // This field will be set by the actuators and consumed by higher level entities like autoscaler that will // be interfacing with cluster-api as generic provider. // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=512 ProviderID *string `json:"providerID,omitempty"` // failureDomain is the failure domain the machine will be created in. // Must match a key in the FailureDomains map stored on the cluster object. // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=256 FailureDomain *string `json:"failureDomain,omitempty"` // The minimum number of seconds for which a Machine should be ready before considering it available. @@ -467,8 +474,8 @@ type MachineReadinessGate struct { // Note: Both Cluster API conditions or conditions added by 3rd party controllers can be used as readiness gates. // +required // +kubebuilder:validation:Pattern=`^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$` - // +kubebuilder:validation:MaxLength=316 // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=316 ConditionType string `json:"conditionType"` // polarity of the conditionType specified in this readinessGate. @@ -542,6 +549,8 @@ type MachineStatus struct { // Deprecated: This field is deprecated and is going to be removed in the next apiVersion. Please see https://github.com/kubernetes-sigs/cluster-api/blob/main/docs/proposals/20240916-improve-status-in-CAPI-resources.md for more details. // // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=10240 FailureMessage *string `json:"failureMessage,omitempty"` // addresses is a list of addresses assigned to the machine. @@ -550,8 +559,8 @@ type MachineStatus struct { Addresses MachineAddresses `json:"addresses,omitempty"` // phase represents the current phase of machine actuation. - // E.g. Pending, Running, Terminating, Failed etc. // +optional + // +kubebuilder:validation:Enum=Pending;Provisioning;Provisioned;Running;Deleting;Deleted;Failed;Unknown Phase string `json:"phase,omitempty"` // certificatesExpiryDate is the expiry date of the machine certificates. @@ -657,6 +666,8 @@ type Bootstrap struct { // dataSecretName is the name of the secret that stores the bootstrap data script. // If nil, the Machine should remain in the Pending state. // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=253 DataSecretName *string `json:"dataSecretName,omitempty"` } diff --git a/api/v1beta1/machinedeployment_types.go b/api/v1beta1/machinedeployment_types.go index 47ff33a41a8a..80307605d5ac 100644 --- a/api/v1beta1/machinedeployment_types.go +++ b/api/v1beta1/machinedeployment_types.go @@ -241,8 +241,9 @@ const ( // MachineDeploymentSpec defines the desired state of MachineDeployment. type MachineDeploymentSpec struct { // clusterName is the name of the Cluster this object belongs to. - // +kubebuilder:validation:MinLength=1 // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=63 ClusterName string `json:"clusterName"` // replicas is the number of desired machines. @@ -441,6 +442,7 @@ type MachineNamingStrategy struct { // without vowels, of length 5. This variable is required part of the // template. If not provided, validation will fail. // +optional + // +kubebuilder:validation:MinLength=1 // +kubebuilder:validation:MaxLength=256 Template string `json:"template,omitempty"` } @@ -457,6 +459,8 @@ type MachineDeploymentStatus struct { // by clients. The string will be in the same format as the query-param syntax. // More info about label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=4096 Selector string `json:"selector,omitempty"` // replicas is the total number of non-terminated machines targeted by this deployment @@ -491,6 +495,7 @@ type MachineDeploymentStatus struct { // phase represents the current phase of a MachineDeployment (ScalingUp, ScalingDown, Running, Failed, or Unknown). // +optional + // +kubebuilder:validation:Enum=ScalingUp;ScalingDown;Running;Failed;Unknown Phase string `json:"phase,omitempty"` // conditions defines current service state of the MachineDeployment. diff --git a/api/v1beta1/machinehealthcheck_types.go b/api/v1beta1/machinehealthcheck_types.go index 816613a99797..0646bad1169c 100644 --- a/api/v1beta1/machinehealthcheck_types.go +++ b/api/v1beta1/machinehealthcheck_types.go @@ -52,8 +52,9 @@ var ( // MachineHealthCheckSpec defines the desired state of MachineHealthCheck. type MachineHealthCheckSpec struct { // clusterName is the name of the Cluster this object belongs to. - // +kubebuilder:validation:MinLength=1 // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=63 ClusterName string `json:"clusterName"` // selector is a label selector to match machines whose health will be exercised @@ -88,6 +89,8 @@ type MachineHealthCheckSpec struct { // // +optional // +kubebuilder:validation:Pattern=^\[[0-9]+-[0-9]+\]$ + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=32 UnhealthyRange *string `json:"unhealthyRange,omitempty"` // nodeStartupTimeout allows to set the maximum time for MachineHealthCheck @@ -172,6 +175,8 @@ type MachineHealthCheckStatus struct { // targets shows the current list of machines the machine health check is watching // +optional // +kubebuilder:validation:MaxItems=10000 + // +kubebuilder:validation:items:MinLength=1 + // +kubebuilder:validation:items:MaxLength=253 Targets []string `json:"targets,omitempty"` // conditions defines current service state of the MachineHealthCheck. diff --git a/api/v1beta1/machineset_types.go b/api/v1beta1/machineset_types.go index 66010245739c..cf52f70a1680 100644 --- a/api/v1beta1/machineset_types.go +++ b/api/v1beta1/machineset_types.go @@ -40,8 +40,9 @@ const ( // MachineSetSpec defines the desired state of MachineSet. type MachineSetSpec struct { // clusterName is the name of the Cluster this object belongs to. - // +kubebuilder:validation:MinLength=1 // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=63 ClusterName string `json:"clusterName"` // replicas is the number of desired replicas. @@ -286,6 +287,8 @@ type MachineSetStatus struct { // by clients. The string will be in the same format as the query-param syntax. // More info about label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=4096 Selector string `json:"selector,omitempty"` // replicas is the most recently observed number of replicas. @@ -346,6 +349,8 @@ type MachineSetStatus struct { // Deprecated: This field is deprecated and is going to be removed in the next apiVersion. Please see https://github.com/kubernetes-sigs/cluster-api/blob/main/docs/proposals/20240916-improve-status-in-CAPI-resources.md for more details. // // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=10240 FailureMessage *string `json:"failureMessage,omitempty"` // conditions defines current service state of the MachineSet. diff --git a/api/v1beta1/zz_generated.openapi.go b/api/v1beta1/zz_generated.openapi.go index ba2796c944cc..7793d65eb87e 100644 --- a/api/v1beta1/zz_generated.openapi.go +++ b/api/v1beta1/zz_generated.openapi.go @@ -1042,7 +1042,7 @@ func schema_sigsk8sio_cluster_api_api_v1beta1_ClusterStatus(ref common.Reference }, "phase": { SchemaProps: spec.SchemaProps{ - Description: "phase represents the current phase of cluster actuation. E.g. Pending, Running, Terminating, Failed etc.", + Description: "phase represents the current phase of cluster actuation.", Type: []string{"string"}, Format: "", }, @@ -4259,7 +4259,7 @@ func schema_sigsk8sio_cluster_api_api_v1beta1_MachineStatus(ref common.Reference }, "phase": { SchemaProps: spec.SchemaProps{ - Description: "phase represents the current phase of machine actuation. E.g. Pending, Running, Terminating, Failed etc.", + Description: "phase represents the current phase of machine actuation.", Type: []string{"string"}, Format: "", }, diff --git a/bootstrap/kubeadm/api/v1beta1/kubeadm_types.go b/bootstrap/kubeadm/api/v1beta1/kubeadm_types.go index 37978d90338f..7b732193d1b3 100644 --- a/bootstrap/kubeadm/api/v1beta1/kubeadm_types.go +++ b/bootstrap/kubeadm/api/v1beta1/kubeadm_types.go @@ -61,6 +61,8 @@ type InitConfiguration struct { // This option takes effect only on Kubernetes >=1.22.0. // +optional // +kubebuilder:validation:MaxItems=50 + // +kubebuilder:validation:items:MinLength=1 + // +kubebuilder:validation:items:MaxLength=256 SkipPhases []string `json:"skipPhases,omitempty"` // patches contains options related to applying patches to components deployed by kubeadm during @@ -88,6 +90,8 @@ type ClusterConfiguration struct { // kubernetesVersion is the target version of the control plane. // NB: This value defaults to the Machine object spec.version // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=256 KubernetesVersion string `json:"kubernetesVersion,omitempty"` // controlPlaneEndpoint sets a stable IP address or DNS name for the control plane; it @@ -103,6 +107,8 @@ type ClusterConfiguration struct { // could be used for assigning a stable DNS to the control plane. // NB: This value defaults to the first value in the Cluster object status.apiEndpoints array. // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=512 ControlPlaneEndpoint string `json:"controlPlaneEndpoint,omitempty"` // apiServer contains extra settings for the API server control plane component @@ -124,6 +130,8 @@ type ClusterConfiguration struct { // certificatesDir specifies where to store or look for all required certificates. // NB: if not provided, this will default to `/etc/kubernetes/pki` // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=512 CertificatesDir string `json:"certificatesDir,omitempty"` // imageRepository sets the container registry to pull images from. @@ -138,6 +146,8 @@ type ClusterConfiguration struct { // `gcr.io/k8s-staging-ci-images` will be used as a default for control plane components // and for kube-proxy, while `registry.k8s.io` will be used for all the other images. // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=512 ImageRepository string `json:"imageRepository,omitempty"` // featureGates enabled by the user. @@ -146,6 +156,8 @@ type ClusterConfiguration struct { // clusterName is the cluster name // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=63 ClusterName string `json:"clusterName,omitempty"` } @@ -176,6 +188,8 @@ type APIServer struct { // certSANs sets extra Subject Alternative Names for the API Server signing cert. // +optional // +kubebuilder:validation:MaxItems=100 + // +kubebuilder:validation:items:MinLength=1 + // +kubebuilder:validation:items:MaxLength=253 CertSANs []string `json:"certSANs,omitempty"` // timeoutForControlPlane controls the timeout that we use for API server to appear @@ -195,11 +209,15 @@ type ImageMeta struct { // imageRepository sets the container registry to pull images from. // if not set, the ImageRepository defined in ClusterConfiguration will be used instead. // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=512 ImageRepository string `json:"imageRepository,omitempty"` // imageTag allows to specify a tag for the image. // In case this value is set, kubeadm does not change automatically the version of the above components during upgrades. // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=256 ImageTag string `json:"imageTag,omitempty"` // TODO: evaluate if we need also a ImageName based on user feedbacks @@ -225,6 +243,8 @@ type ClusterStatus struct { type APIEndpoint struct { // advertiseAddress sets the IP address for the API server to advertise. // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=39 AdvertiseAddress string `json:"advertiseAddress,omitempty"` // bindPort sets the secure port for the API Server to bind to. @@ -241,10 +261,14 @@ type NodeRegistrationOptions struct { // This field is also used in the CommonName field of the kubelet's client certificate to the API server. // Defaults to the hostname of the node if not provided. // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=253 Name string `json:"name,omitempty"` // criSocket is used to retrieve container runtime info. This information will be annotated to the Node API object, for later re-use // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=512 CRISocket string `json:"criSocket,omitempty"` // taints specifies the taints the Node API object should be registered with. If this field is unset, i.e. nil, in the `kubeadm init` process @@ -263,6 +287,8 @@ type NodeRegistrationOptions struct { // ignorePreflightErrors provides a slice of pre-flight errors to be ignored when the current node is registered. // +optional // +kubebuilder:validation:MaxItems=50 + // +kubebuilder:validation:items:MinLength=1 + // +kubebuilder:validation:items:MaxLength=512 IgnorePreflightErrors []string `json:"ignorePreflightErrors,omitempty"` // imagePullPolicy specifies the policy for image pulling @@ -338,14 +364,20 @@ type Networking struct { // Defaults to a comma-delimited string of the Cluster object's spec.clusterNetwork.pods.cidrBlocks, or // to "10.96.0.0/12" if that's unset. // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=1024 ServiceSubnet string `json:"serviceSubnet,omitempty"` // podSubnet is the subnet used by pods. // If unset, the API server will not allocate CIDR ranges for every node. // Defaults to a comma-delimited string of the Cluster object's spec.clusterNetwork.services.cidrBlocks if that is set // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=1024 PodSubnet string `json:"podSubnet,omitempty"` // dnsDomain is the dns domain used by k8s services. Defaults to "cluster.local". // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=253 DNSDomain string `json:"dnsDomain,omitempty"` } @@ -358,6 +390,8 @@ type BootstrapToken struct { // description sets a human-friendly message why this token exists and what it's used // for, so other administrators can know its purpose. // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=512 Description string `json:"description,omitempty"` // ttl defines the time to live for this token. Defaults to 24h. // Expires and TTL are mutually exclusive. @@ -371,11 +405,15 @@ type BootstrapToken struct { // for establishing bidirectional trust, but that can be changed here. // +optional // +kubebuilder:validation:MaxItems=100 + // +kubebuilder:validation:items:MinLength=1 + // +kubebuilder:validation:items:MaxLength=256 Usages []string `json:"usages,omitempty"` // groups specifies the extra groups that this token will authenticate as when/if // used for authentication // +optional // +kubebuilder:validation:MaxItems=100 + // +kubebuilder:validation:items:MinLength=1 + // +kubebuilder:validation:items:MaxLength=256 Groups []string `json:"groups,omitempty"` } @@ -401,6 +439,8 @@ type LocalEtcd struct { // dataDir is the directory etcd will place its data. // Defaults to "/var/lib/etcd". // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=512 DataDir string `json:"dataDir,omitempty"` // extraArgs are extra arguments provided to the etcd binary @@ -418,11 +458,15 @@ type LocalEtcd struct { // serverCertSANs sets extra Subject Alternative Names for the etcd server signing cert. // +optional // +kubebuilder:validation:MaxItems=100 + // +kubebuilder:validation:items:MinLength=1 + // +kubebuilder:validation:items:MaxLength=253 ServerCertSANs []string `json:"serverCertSANs,omitempty"` // peerCertSANs sets extra Subject Alternative Names for the etcd peer signing cert. // +optional // +kubebuilder:validation:MaxItems=100 + // +kubebuilder:validation:items:MinLength=1 + // +kubebuilder:validation:items:MaxLength=253 PeerCertSANs []string `json:"peerCertSANs,omitempty"` } @@ -430,23 +474,31 @@ type LocalEtcd struct { // Kubeadm has no knowledge of where certificate files live and they must be supplied. type ExternalEtcd struct { // endpoints of etcd members. Required for ExternalEtcd. - // +kubebuilder:validation:MaxItems=50 // +required + // +kubebuilder:validation:MaxItems=50 + // +kubebuilder:validation:items:MinLength=1 + // +kubebuilder:validation:items:MaxLength=512 Endpoints []string `json:"endpoints"` // caFile is an SSL Certificate Authority file used to secure etcd communication. // Required if using a TLS connection. // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=512 CAFile string `json:"caFile"` // certFile is an SSL certification file used to secure etcd communication. // Required if using a TLS connection. // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=512 CertFile string `json:"certFile"` // keyFile is an SSL key file used to secure etcd communication. // Required if using a TLS connection. // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=512 KeyFile string `json:"keyFile"` } @@ -467,6 +519,8 @@ type JoinConfiguration struct { // Defaults to "/etc/kubernetes/pki/ca.crt". // +optional // TODO: revisit when there is defaulting from k/k + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=512 CACertPath string `json:"caCertPath,omitempty"` // discovery specifies the options for the kubelet to use during the TLS Bootstrap process @@ -484,6 +538,8 @@ type JoinConfiguration struct { // This option takes effect only on Kubernetes >=1.22.0. // +optional // +kubebuilder:validation:MaxItems=50 + // +kubebuilder:validation:items:MinLength=1 + // +kubebuilder:validation:items:MaxLength=256 SkipPhases []string `json:"skipPhases,omitempty"` // patches contains options related to applying patches to components deployed by kubeadm during @@ -515,6 +571,8 @@ type Discovery struct { // If .BootstrapToken is set, this field is defaulted to .BootstrapToken.Token, but can be overridden. // If .File is set, this field **must be set** in case the KubeConfigFile does not contain any other authentication information // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=512 TLSBootstrapToken string `json:"tlsBootstrapToken,omitempty"` // timeout modifies the discovery timeout @@ -527,10 +585,14 @@ type BootstrapTokenDiscovery struct { // token is a token used to validate cluster information // fetched from the control-plane. // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=512 Token string `json:"token"` // apiServerEndpoint is an IP or domain name to the API server from which info will be fetched. // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=512 APIServerEndpoint string `json:"apiServerEndpoint,omitempty"` // caCertHashes specifies a set of public key pins to verify @@ -543,6 +605,8 @@ type BootstrapTokenDiscovery struct { // openssl x509 -pubkey -in ca.crt openssl rsa -pubin -outform der 2>&/dev/null | openssl dgst -sha256 -hex // +optional // +kubebuilder:validation:MaxItems=100 + // +kubebuilder:validation:items:MinLength=1 + // +kubebuilder:validation:items:MaxLength=512 CACertHashes []string `json:"caCertHashes,omitempty"` // unsafeSkipCAVerification allows token-based discovery @@ -556,6 +620,8 @@ type BootstrapTokenDiscovery struct { type FileDiscovery struct { // kubeConfigPath is used to specify the actual file path or URL to the kubeconfig file from which to load cluster information // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=512 KubeConfigPath string `json:"kubeConfigPath"` // kubeConfig is used (optionally) to generate a KubeConfig based on the KubeadmConfig's information. @@ -593,10 +659,14 @@ type KubeConfigCluster struct { // Defaults to https:// + Cluster.Spec.ControlPlaneEndpoint. // // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=512 Server string `json:"server,omitempty"` // tlsServerName is used to check server certificate. If TLSServerName is empty, the hostname used to contact the server is used. // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=512 TLSServerName string `json:"tlsServerName,omitempty"` // insecureSkipTLSVerify skips the validity check for the server's certificate. This will make your HTTPS connections insecure. @@ -608,6 +678,8 @@ type KubeConfigCluster struct { // Defaults to the Cluster's CA certificate if empty. // // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=51200 CertificateAuthorityData []byte `json:"certificateAuthorityData,omitempty"` // proxyURL is the URL to the proxy to be used for all requests made by this @@ -621,6 +693,8 @@ type KubeConfigCluster struct { // attach, port forward). // // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=512 ProxyURL string `json:"proxyURL,omitempty"` } @@ -644,6 +718,8 @@ type KubeConfigUser struct { type KubeConfigAuthProvider struct { // name is the name of the authentication plugin. // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=256 Name string `json:"name"` // config holds the parameters for the authentication plugin. @@ -659,11 +735,15 @@ type KubeConfigAuthProvider struct { type KubeConfigAuthExec struct { // command to execute. // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=1024 Command string `json:"command"` // args is the arguments to pass to the command when executing it. // +optional // +kubebuilder:validation:MaxItems=100 + // +kubebuilder:validation:items:MinLength=1 + // +kubebuilder:validation:items:MaxLength=512 Args []string `json:"args,omitempty"` // env defines additional environment variables to expose to the process. These @@ -677,6 +757,8 @@ type KubeConfigAuthExec struct { // the same encoding version as the input. // Defaults to client.authentication.k8s.io/v1 if not set. // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=512 APIVersion string `json:"apiVersion,omitempty"` // provideClusterInfo determines whether or not to provide cluster information, @@ -693,9 +775,13 @@ type KubeConfigAuthExec struct { type KubeConfigAuthExecEnv struct { // name of the environment variable // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=512 Name string `json:"name"` // value of the environment variable // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=512 Value string `json:"value"` } @@ -704,13 +790,19 @@ type KubeConfigAuthExecEnv struct { type HostPathMount struct { // name of the volume inside the pod template. // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=512 Name string `json:"name"` // hostPath is the path in the host that will be mounted inside // the pod. // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=512 HostPath string `json:"hostPath"` // mountPath is the path inside the pod where hostPath will be mounted. // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=512 MountPath string `json:"mountPath"` // readOnly controls write access to the volume // +optional @@ -790,6 +882,8 @@ type Patches struct { // specifies additional files to be created on the machine, either with content inline or // by referencing a secret. // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=512 Directory string `json:"directory,omitempty"` } diff --git a/bootstrap/kubeadm/api/v1beta1/kubeadmconfig_types.go b/bootstrap/kubeadm/api/v1beta1/kubeadmconfig_types.go index ccf2b8f45898..344d6b51334b 100644 --- a/bootstrap/kubeadm/api/v1beta1/kubeadmconfig_types.go +++ b/bootstrap/kubeadm/api/v1beta1/kubeadmconfig_types.go @@ -80,11 +80,15 @@ type KubeadmConfigSpec struct { // preKubeadmCommands specifies extra commands to run before kubeadm runs // +optional // +kubebuilder:validation:MaxItems=1000 + // +kubebuilder:validation:items:MinLength=1 + // +kubebuilder:validation:items:MaxLength=10240 PreKubeadmCommands []string `json:"preKubeadmCommands,omitempty"` // postKubeadmCommands specifies extra commands to run after kubeadm runs // +optional // +kubebuilder:validation:MaxItems=1000 + // +kubebuilder:validation:items:MinLength=1 + // +kubebuilder:validation:items:MaxLength=10240 PostKubeadmCommands []string `json:"postKubeadmCommands,omitempty"` // users specifies extra users to add @@ -414,6 +418,8 @@ type ContainerLinuxConfig struct { // // The data format is documented here: https://kinvolk.io/docs/flatcar-container-linux/latest/provisioning/cl-config/ // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=10240 AdditionalConfig string `json:"additionalConfig,omitempty"` // strict controls if AdditionalConfig should be strictly parsed. If so, warnings are treated as errors. @@ -429,6 +435,8 @@ type KubeadmConfigStatus struct { // dataSecretName is the name of the secret that stores the bootstrap data script. // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=253 DataSecretName *string `json:"dataSecretName,omitempty"` // failureReason will be set on non-retryable errors @@ -436,6 +444,8 @@ type KubeadmConfigStatus struct { // Deprecated: This field is deprecated and is going to be removed in the next apiVersion. Please see https://github.com/kubernetes-sigs/cluster-api/blob/main/docs/proposals/20240916-improve-status-in-CAPI-resources.md for more details. // // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=256 FailureReason string `json:"failureReason,omitempty"` // failureMessage will be set on non-retryable errors @@ -443,6 +453,8 @@ type KubeadmConfigStatus struct { // Deprecated: This field is deprecated and is going to be removed in the next apiVersion. Please see https://github.com/kubernetes-sigs/cluster-api/blob/main/docs/proposals/20240916-improve-status-in-CAPI-resources.md for more details. // // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=10240 FailureMessage string `json:"failureMessage,omitempty"` // observedGeneration is the latest generation observed by the controller. @@ -553,14 +565,20 @@ const ( type File struct { // path specifies the full path on disk where to store the file. // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=512 Path string `json:"path"` // owner specifies the ownership of the file, e.g. "root:root". // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=256 Owner string `json:"owner,omitempty"` // permissions specifies the permissions to assign to the file, e.g. "0640". // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=16 Permissions string `json:"permissions,omitempty"` // encoding specifies the encoding of the file contents. @@ -573,6 +591,8 @@ type File struct { // content is the actual content of the file. // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=10240 Content string `json:"content,omitempty"` // contentFrom is a referenced source of content to populate the file. @@ -596,10 +616,14 @@ type FileSource struct { type SecretFileSource struct { // name of the secret in the KubeadmBootstrapConfig's namespace to use. // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=253 Name string `json:"name"` // key is the key in the secret's data map for this value. // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=256 Key string `json:"key"` } @@ -619,10 +643,14 @@ type PasswdSource struct { type SecretPasswdSource struct { // name of the secret in the KubeadmBootstrapConfig's namespace to use. // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=253 Name string `json:"name"` // key is the key in the secret's data map for this value. // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=256 Key string `json:"key"` } @@ -630,18 +658,26 @@ type SecretPasswdSource struct { type User struct { // name specifies the user name // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=256 Name string `json:"name"` // gecos specifies the gecos to use for the user // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=256 Gecos *string `json:"gecos,omitempty"` // groups specifies the additional groups for the user // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=256 Groups *string `json:"groups,omitempty"` // homeDir specifies the home directory to use for the user // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=256 HomeDir *string `json:"homeDir,omitempty"` // inactive specifies whether to mark the user as inactive @@ -650,10 +686,14 @@ type User struct { // shell specifies the user's shell // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=256 Shell *string `json:"shell,omitempty"` // passwd specifies a hashed password for the user // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=256 Passwd *string `json:"passwd,omitempty"` // passwdFrom is a referenced source of passwd to populate the passwd. @@ -662,6 +702,8 @@ type User struct { // primaryGroup specifies the primary group for the user // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=256 PrimaryGroup *string `json:"primaryGroup,omitempty"` // lockPassword specifies if password login should be disabled @@ -670,11 +712,15 @@ type User struct { // sudo specifies a sudo role for the user // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=256 Sudo *string `json:"sudo,omitempty"` // sshAuthorizedKeys specifies a list of ssh authorized keys for the user // +optional // +kubebuilder:validation:MaxItems=100 + // +kubebuilder:validation:items:MinLength=1 + // +kubebuilder:validation:items:MaxLength=2048 SSHAuthorizedKeys []string `json:"sshAuthorizedKeys,omitempty"` } @@ -683,6 +729,8 @@ type NTP struct { // servers specifies which NTP servers to use // +optional // +kubebuilder:validation:MaxItems=100 + // +kubebuilder:validation:items:MinLength=1 + // +kubebuilder:validation:items:MaxLength=512 Servers []string `json:"servers,omitempty"` // enabled specifies whether NTP should be enabled @@ -707,6 +755,8 @@ type DiskSetup struct { type Partition struct { // device is the name of the device. // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=256 Device string `json:"device"` // layout specifies the device layout. // If it is true, a single partition will be created for the entire device. @@ -721,6 +771,7 @@ type Partition struct { // 'mbr': default and setups a MS-DOS partition table // 'gpt': setups a GPT partition table // +optional + // +kubebuilder:validation:Enum=mbr;gpt TableType *string `json:"tableType,omitempty"` } @@ -728,15 +779,23 @@ type Partition struct { type Filesystem struct { // device specifies the device name // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=256 Device string `json:"device"` // filesystem specifies the file system type. // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=128 Filesystem string `json:"filesystem"` // label specifies the file system label to be used. If set to None, no label is used. // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=512 Label string `json:"label"` // partition specifies the partition to use. The valid options are: "auto|any", "auto", "any", "none", and , where NUM is the actual partition number. // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=128 Partition *string `json:"partition,omitempty"` // overwrite defines whether or not to overwrite any existing filesystem. // If true, any pre-existing file system will be destroyed. Use with Caution. @@ -745,12 +804,18 @@ type Filesystem struct { // replaceFS is a special directive, used for Microsoft Azure that instructs cloud-init to replace a file system of . // NOTE: unless you define a label, this requires the use of the 'any' partition directive. // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=128 ReplaceFS *string `json:"replaceFS,omitempty"` // extraOpts defined extra options to add to the command for creating the file system. // +optional // +kubebuilder:validation:MaxItems=100 + // +kubebuilder:validation:items:MinLength=1 + // +kubebuilder:validation:items:MaxLength=256 ExtraOpts []string `json:"extraOpts,omitempty"` } // MountPoints defines input for generated mounts in cloud-init. +// +kubebuilder:validation:items:MinLength=1 +// +kubebuilder:validation:items:MaxLength=512 type MountPoints []string diff --git a/bootstrap/kubeadm/config/crd/bases/bootstrap.cluster.x-k8s.io_kubeadmconfigs.yaml b/bootstrap/kubeadm/config/crd/bases/bootstrap.cluster.x-k8s.io_kubeadmconfigs.yaml index 956925ad8dab..9e6fa96975bf 100644 --- a/bootstrap/kubeadm/config/crd/bases/bootstrap.cluster.x-k8s.io_kubeadmconfigs.yaml +++ b/bootstrap/kubeadm/config/crd/bases/bootstrap.cluster.x-k8s.io_kubeadmconfigs.yaml @@ -2051,6 +2051,8 @@ spec: description: certSANs sets extra Subject Alternative Names for the API Server signing cert. items: + maxLength: 253 + minLength: 1 type: string maxItems: 100 type: array @@ -2196,13 +2198,19 @@ spec: description: |- hostPath is the path in the host that will be mounted inside the pod. + maxLength: 512 + minLength: 1 type: string mountPath: description: mountPath is the path inside the pod where hostPath will be mounted. + maxLength: 512 + minLength: 1 type: string name: description: name of the volume inside the pod template. + maxLength: 512 + minLength: 1 type: string pathType: description: pathType is the type of the HostPath. @@ -2233,9 +2241,13 @@ spec: description: |- certificatesDir specifies where to store or look for all required certificates. NB: if not provided, this will default to `/etc/kubernetes/pki` + maxLength: 512 + minLength: 1 type: string clusterName: description: clusterName is the cluster name + maxLength: 63 + minLength: 1 type: string controlPlaneEndpoint: description: |- @@ -2251,6 +2263,8 @@ spec: e.g. in environments with enforced node recycling, the ControlPlaneEndpoint could be used for assigning a stable DNS to the control plane. NB: This value defaults to the first value in the Cluster object status.apiEndpoints array. + maxLength: 512 + minLength: 1 type: string controllerManager: description: controllerManager contains extra settings for the @@ -2398,13 +2412,19 @@ spec: description: |- hostPath is the path in the host that will be mounted inside the pod. + maxLength: 512 + minLength: 1 type: string mountPath: description: mountPath is the path inside the pod where hostPath will be mounted. + maxLength: 512 + minLength: 1 type: string name: description: name of the volume inside the pod template. + maxLength: 512 + minLength: 1 type: string pathType: description: pathType is the type of the HostPath. @@ -2428,11 +2448,15 @@ spec: description: |- imageRepository sets the container registry to pull images from. if not set, the ImageRepository defined in ClusterConfiguration will be used instead. + maxLength: 512 + minLength: 1 type: string imageTag: description: |- imageTag allows to specify a tag for the image. In case this value is set, kubeadm does not change automatically the version of the above components during upgrades. + maxLength: 256 + minLength: 1 type: string type: object etcd: @@ -2449,15 +2473,21 @@ spec: description: |- caFile is an SSL Certificate Authority file used to secure etcd communication. Required if using a TLS connection. + maxLength: 512 + minLength: 1 type: string certFile: description: |- certFile is an SSL certification file used to secure etcd communication. Required if using a TLS connection. + maxLength: 512 + minLength: 1 type: string endpoints: description: endpoints of etcd members. Required for ExternalEtcd. items: + maxLength: 512 + minLength: 1 type: string maxItems: 50 type: array @@ -2465,6 +2495,8 @@ spec: description: |- keyFile is an SSL key file used to secure etcd communication. Required if using a TLS connection. + maxLength: 512 + minLength: 1 type: string required: - caFile @@ -2481,6 +2513,8 @@ spec: description: |- dataDir is the directory etcd will place its data. Defaults to "/var/lib/etcd". + maxLength: 512 + minLength: 1 type: string extraArgs: additionalProperties: @@ -2618,16 +2652,22 @@ spec: description: |- imageRepository sets the container registry to pull images from. if not set, the ImageRepository defined in ClusterConfiguration will be used instead. + maxLength: 512 + minLength: 1 type: string imageTag: description: |- imageTag allows to specify a tag for the image. In case this value is set, kubeadm does not change automatically the version of the above components during upgrades. + maxLength: 256 + minLength: 1 type: string peerCertSANs: description: peerCertSANs sets extra Subject Alternative Names for the etcd peer signing cert. items: + maxLength: 253 + minLength: 1 type: string maxItems: 100 type: array @@ -2635,6 +2675,8 @@ spec: description: serverCertSANs sets extra Subject Alternative Names for the etcd server signing cert. items: + maxLength: 253 + minLength: 1 type: string maxItems: 100 type: array @@ -2658,6 +2700,8 @@ spec: * If the version is a CI build (kubernetes version starts with `ci/` or `ci-cross/`) `gcr.io/k8s-staging-ci-images` will be used as a default for control plane components and for kube-proxy, while `registry.k8s.io` will be used for all the other images. + maxLength: 512 + minLength: 1 type: string kind: description: |- @@ -2671,6 +2715,8 @@ spec: description: |- kubernetesVersion is the target version of the control plane. NB: This value defaults to the Machine object spec.version + maxLength: 256 + minLength: 1 type: string networking: description: |- @@ -2680,18 +2726,24 @@ spec: dnsDomain: description: dnsDomain is the dns domain used by k8s services. Defaults to "cluster.local". + maxLength: 253 + minLength: 1 type: string podSubnet: description: |- podSubnet is the subnet used by pods. If unset, the API server will not allocate CIDR ranges for every node. Defaults to a comma-delimited string of the Cluster object's spec.clusterNetwork.services.cidrBlocks if that is set + maxLength: 1024 + minLength: 1 type: string serviceSubnet: description: |- serviceSubnet is the subnet used by k8s services. Defaults to a comma-delimited string of the Cluster object's spec.clusterNetwork.pods.cidrBlocks, or to "10.96.0.0/12" if that's unset. + maxLength: 1024 + minLength: 1 type: string type: object scheduler: @@ -2840,13 +2892,19 @@ spec: description: |- hostPath is the path in the host that will be mounted inside the pod. + maxLength: 512 + minLength: 1 type: string mountPath: description: mountPath is the path inside the pod where hostPath will be mounted. + maxLength: 512 + minLength: 1 type: string name: description: name of the volume inside the pod template. + maxLength: 512 + minLength: 1 type: string pathType: description: pathType is the type of the HostPath. @@ -2875,20 +2933,28 @@ spec: properties: device: description: device specifies the device name + maxLength: 256 + minLength: 1 type: string extraOpts: description: extraOpts defined extra options to add to the command for creating the file system. items: + maxLength: 256 + minLength: 1 type: string maxItems: 100 type: array filesystem: description: filesystem specifies the file system type. + maxLength: 128 + minLength: 1 type: string label: description: label specifies the file system label to be used. If set to None, no label is used. + maxLength: 512 + minLength: 1 type: string overwrite: description: |- @@ -2899,11 +2965,15 @@ spec: description: 'partition specifies the partition to use. The valid options are: "auto|any", "auto", "any", "none", and , where NUM is the actual partition number.' + maxLength: 128 + minLength: 1 type: string replaceFS: description: |- replaceFS is a special directive, used for Microsoft Azure that instructs cloud-init to replace a file system of . NOTE: unless you define a label, this requires the use of the 'any' partition directive. + maxLength: 128 + minLength: 1 type: string required: - device @@ -2920,6 +2990,8 @@ spec: properties: device: description: device is the name of the device. + maxLength: 256 + minLength: 1 type: string layout: description: |- @@ -2937,6 +3009,9 @@ spec: tableType specifies the tupe of partition table. The following are supported: 'mbr': default and setups a MS-DOS partition table 'gpt': setups a GPT partition table + enum: + - mbr + - gpt type: string required: - device @@ -2958,6 +3033,8 @@ spec: type: boolean content: description: content is the actual content of the file. + maxLength: 10240 + minLength: 1 type: string contentFrom: description: contentFrom is a referenced source of content to @@ -2970,10 +3047,14 @@ spec: key: description: key is the key in the secret's data map for this value. + maxLength: 256 + minLength: 1 type: string name: description: name of the secret in the KubeadmBootstrapConfig's namespace to use. + maxLength: 253 + minLength: 1 type: string required: - key @@ -2992,14 +3073,20 @@ spec: owner: description: owner specifies the ownership of the file, e.g. "root:root". + maxLength: 256 + minLength: 1 type: string path: description: path specifies the full path on disk where to store the file. + maxLength: 512 + minLength: 1 type: string permissions: description: permissions specifies the permissions to assign to the file, e.g. "0640". + maxLength: 16 + minLength: 1 type: string required: - path @@ -3024,6 +3111,8 @@ spec: configuration generated by the bootstrapper controller. More info: https://coreos.github.io/ignition/operator-notes/#config-merging The data format is documented here: https://kinvolk.io/docs/flatcar-container-linux/latest/provisioning/cl-config/ + maxLength: 10240 + minLength: 1 type: string strict: description: strict controls if AdditionalConfig should be @@ -3054,6 +3143,8 @@ spec: description: |- description sets a human-friendly message why this token exists and what it's used for, so other administrators can know its purpose. + maxLength: 512 + minLength: 1 type: string expires: description: |- @@ -3066,6 +3157,8 @@ spec: groups specifies the extra groups that this token will authenticate as when/if used for authentication items: + maxLength: 256 + minLength: 1 type: string maxItems: 100 type: array @@ -3084,6 +3177,8 @@ spec: usages describes the ways in which this token can be used. Can by default be used for establishing bidirectional trust, but that can be changed here. items: + maxLength: 256 + minLength: 1 type: string maxItems: 100 type: array @@ -3112,6 +3207,8 @@ spec: advertiseAddress: description: advertiseAddress sets the IP address for the API server to advertise. + maxLength: 39 + minLength: 1 type: string bindPort: description: |- @@ -3130,11 +3227,15 @@ spec: description: criSocket is used to retrieve container runtime info. This information will be annotated to the Node API object, for later re-use + maxLength: 512 + minLength: 1 type: string ignorePreflightErrors: description: ignorePreflightErrors provides a slice of pre-flight errors to be ignored when the current node is registered. items: + maxLength: 512 + minLength: 1 type: string maxItems: 50 type: array @@ -3169,6 +3270,8 @@ spec: name is the `.Metadata.Name` field of the Node API object that will be created in this `kubeadm init` or `kubeadm join` operation. This field is also used in the CommonName field of the kubelet's client certificate to the API server. Defaults to the hostname of the node if not provided. + maxLength: 253 + minLength: 1 type: string taints: description: |- @@ -3224,6 +3327,8 @@ spec: These files can be written into the target directory via KubeadmConfig.Files which specifies additional files to be created on the machine, either with content inline or by referencing a secret. + maxLength: 512 + minLength: 1 type: string type: object skipPhases: @@ -3232,6 +3337,8 @@ spec: The list of phases can be obtained with the "kubeadm init --help" command. This option takes effect only on Kubernetes >=1.22.0. items: + maxLength: 256 + minLength: 1 type: string maxItems: 50 type: array @@ -3252,6 +3359,8 @@ spec: caCertPath is the path to the SSL certificate authority used to secure comunications between node and control-plane. Defaults to "/etc/kubernetes/pki/ca.crt". + maxLength: 512 + minLength: 1 type: string controlPlane: description: |- @@ -3265,6 +3374,8 @@ spec: advertiseAddress: description: advertiseAddress sets the IP address for the API server to advertise. + maxLength: 39 + minLength: 1 type: string bindPort: description: |- @@ -3286,6 +3397,8 @@ spec: apiServerEndpoint: description: apiServerEndpoint is an IP or domain name to the API server from which info will be fetched. + maxLength: 512 + minLength: 1 type: string caCertHashes: description: |- @@ -3298,6 +3411,8 @@ spec: ASN.1. These hashes can be calculated using, for example, OpenSSL: openssl x509 -pubkey -in ca.crt openssl rsa -pubin -outform der 2>&/dev/null | openssl dgst -sha256 -hex items: + maxLength: 512 + minLength: 1 type: string maxItems: 100 type: array @@ -3305,6 +3420,8 @@ spec: description: |- token is a token used to validate cluster information fetched from the control-plane. + maxLength: 512 + minLength: 1 type: string unsafeSkipCAVerification: description: |- @@ -3342,6 +3459,8 @@ spec: Defaults to the Cluster's CA certificate if empty. format: byte + maxLength: 51200 + minLength: 1 type: string insecureSkipTLSVerify: description: insecureSkipTLSVerify skips the validity @@ -3359,17 +3478,23 @@ spec: socks5 proxying does not currently support spdy streaming endpoints (exec, attach, port forward). + maxLength: 512 + minLength: 1 type: string server: description: |- server is the address of the kubernetes cluster (https://hostname:port). Defaults to https:// + Cluster.Spec.ControlPlaneEndpoint. + maxLength: 512 + minLength: 1 type: string tlsServerName: description: tlsServerName is used to check server certificate. If TLSServerName is empty, the hostname used to contact the server is used. + maxLength: 512 + minLength: 1 type: string type: object user: @@ -3390,6 +3515,8 @@ spec: name: description: name is the name of the authentication plugin. + maxLength: 256 + minLength: 1 type: string required: - name @@ -3403,16 +3530,22 @@ spec: apiVersion is preferred input version of the ExecInfo. The returned ExecCredentials MUST use the same encoding version as the input. Defaults to client.authentication.k8s.io/v1 if not set. + maxLength: 512 + minLength: 1 type: string args: description: args is the arguments to pass to the command when executing it. items: + maxLength: 512 + minLength: 1 type: string maxItems: 100 type: array command: description: command to execute. + maxLength: 1024 + minLength: 1 type: string env: description: |- @@ -3427,10 +3560,14 @@ spec: name: description: name of the environment variable + maxLength: 512 + minLength: 1 type: string value: description: value of the environment variable + maxLength: 512 + minLength: 1 type: string required: - name @@ -3457,6 +3594,8 @@ spec: description: kubeConfigPath is used to specify the actual file path or URL to the kubeconfig file from which to load cluster information + maxLength: 512 + minLength: 1 type: string required: - kubeConfigPath @@ -3469,6 +3608,8 @@ spec: tlsBootstrapToken is a token used for TLS bootstrapping. If .BootstrapToken is set, this field is defaulted to .BootstrapToken.Token, but can be overridden. If .File is set, this field **must be set** in case the KubeConfigFile does not contain any other authentication information + maxLength: 512 + minLength: 1 type: string type: object kind: @@ -3489,11 +3630,15 @@ spec: description: criSocket is used to retrieve container runtime info. This information will be annotated to the Node API object, for later re-use + maxLength: 512 + minLength: 1 type: string ignorePreflightErrors: description: ignorePreflightErrors provides a slice of pre-flight errors to be ignored when the current node is registered. items: + maxLength: 512 + minLength: 1 type: string maxItems: 50 type: array @@ -3528,6 +3673,8 @@ spec: name is the `.Metadata.Name` field of the Node API object that will be created in this `kubeadm init` or `kubeadm join` operation. This field is also used in the CommonName field of the kubelet's client certificate to the API server. Defaults to the hostname of the node if not provided. + maxLength: 253 + minLength: 1 type: string taints: description: |- @@ -3583,6 +3730,8 @@ spec: These files can be written into the target directory via KubeadmConfig.Files which specifies additional files to be created on the machine, either with content inline or by referencing a secret. + maxLength: 512 + minLength: 1 type: string type: object skipPhases: @@ -3591,6 +3740,8 @@ spec: The list of phases can be obtained with the "kubeadm init --help" command. This option takes effect only on Kubernetes >=1.22.0. items: + maxLength: 256 + minLength: 1 type: string maxItems: 50 type: array @@ -3600,6 +3751,8 @@ spec: items: description: MountPoints defines input for generated mounts in cloud-init. items: + maxLength: 512 + minLength: 1 type: string type: array maxItems: 100 @@ -3613,6 +3766,8 @@ spec: servers: description: servers specifies which NTP servers to use items: + maxLength: 512 + minLength: 1 type: string maxItems: 100 type: array @@ -3621,6 +3776,8 @@ spec: description: postKubeadmCommands specifies extra commands to run after kubeadm runs items: + maxLength: 10240 + minLength: 1 type: string maxItems: 1000 type: array @@ -3628,6 +3785,8 @@ spec: description: preKubeadmCommands specifies extra commands to run before kubeadm runs items: + maxLength: 10240 + minLength: 1 type: string maxItems: 1000 type: array @@ -3654,14 +3813,20 @@ spec: properties: gecos: description: gecos specifies the gecos to use for the user + maxLength: 256 + minLength: 1 type: string groups: description: groups specifies the additional groups for the user + maxLength: 256 + minLength: 1 type: string homeDir: description: homeDir specifies the home directory to use for the user + maxLength: 256 + minLength: 1 type: string inactive: description: inactive specifies whether to mark the user as @@ -3673,9 +3838,13 @@ spec: type: boolean name: description: name specifies the user name + maxLength: 256 + minLength: 1 type: string passwd: description: passwd specifies a hashed password for the user + maxLength: 256 + minLength: 1 type: string passwdFrom: description: passwdFrom is a referenced source of passwd to @@ -3688,10 +3857,14 @@ spec: key: description: key is the key in the secret's data map for this value. + maxLength: 256 + minLength: 1 type: string name: description: name of the secret in the KubeadmBootstrapConfig's namespace to use. + maxLength: 253 + minLength: 1 type: string required: - key @@ -3703,19 +3876,27 @@ spec: primaryGroup: description: primaryGroup specifies the primary group for the user + maxLength: 256 + minLength: 1 type: string shell: description: shell specifies the user's shell + maxLength: 256 + minLength: 1 type: string sshAuthorizedKeys: description: sshAuthorizedKeys specifies a list of ssh authorized keys for the user items: + maxLength: 2048 + minLength: 1 type: string maxItems: 100 type: array sudo: description: sudo specifies a sudo role for the user + maxLength: 256 + minLength: 1 type: string required: - name @@ -3749,18 +3930,23 @@ spec: description: |- message is a human readable message indicating details about the transition. This field may be empty. + maxLength: 10240 + minLength: 1 type: string reason: description: |- reason is the reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may be empty. + maxLength: 256 + minLength: 1 type: string severity: description: |- severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + maxLength: 32 type: string status: description: status of the condition, one of True, False, Unknown. @@ -3770,6 +3956,8 @@ spec: type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. + maxLength: 256 + minLength: 1 type: string required: - lastTransitionTime @@ -3780,18 +3968,24 @@ spec: dataSecretName: description: dataSecretName is the name of the secret that stores the bootstrap data script. + maxLength: 253 + minLength: 1 type: string failureMessage: description: |- failureMessage will be set on non-retryable errors Deprecated: This field is deprecated and is going to be removed in the next apiVersion. Please see https://github.com/kubernetes-sigs/cluster-api/blob/main/docs/proposals/20240916-improve-status-in-CAPI-resources.md for more details. + maxLength: 10240 + minLength: 1 type: string failureReason: description: |- failureReason will be set on non-retryable errors Deprecated: This field is deprecated and is going to be removed in the next apiVersion. Please see https://github.com/kubernetes-sigs/cluster-api/blob/main/docs/proposals/20240916-improve-status-in-CAPI-resources.md for more details. + maxLength: 256 + minLength: 1 type: string observedGeneration: description: observedGeneration is the latest generation observed diff --git a/bootstrap/kubeadm/config/crd/bases/bootstrap.cluster.x-k8s.io_kubeadmconfigtemplates.yaml b/bootstrap/kubeadm/config/crd/bases/bootstrap.cluster.x-k8s.io_kubeadmconfigtemplates.yaml index 5716b66e93a4..99d7af35e683 100644 --- a/bootstrap/kubeadm/config/crd/bases/bootstrap.cluster.x-k8s.io_kubeadmconfigtemplates.yaml +++ b/bootstrap/kubeadm/config/crd/bases/bootstrap.cluster.x-k8s.io_kubeadmconfigtemplates.yaml @@ -1998,6 +1998,8 @@ spec: description: certSANs sets extra Subject Alternative Names for the API Server signing cert. items: + maxLength: 253 + minLength: 1 type: string maxItems: 100 type: array @@ -2147,14 +2149,20 @@ spec: description: |- hostPath is the path in the host that will be mounted inside the pod. + maxLength: 512 + minLength: 1 type: string mountPath: description: mountPath is the path inside the pod where hostPath will be mounted. + maxLength: 512 + minLength: 1 type: string name: description: name of the volume inside the pod template. + maxLength: 512 + minLength: 1 type: string pathType: description: pathType is the type of the HostPath. @@ -2186,9 +2194,13 @@ spec: description: |- certificatesDir specifies where to store or look for all required certificates. NB: if not provided, this will default to `/etc/kubernetes/pki` + maxLength: 512 + minLength: 1 type: string clusterName: description: clusterName is the cluster name + maxLength: 63 + minLength: 1 type: string controlPlaneEndpoint: description: |- @@ -2204,6 +2216,8 @@ spec: e.g. in environments with enforced node recycling, the ControlPlaneEndpoint could be used for assigning a stable DNS to the control plane. NB: This value defaults to the first value in the Cluster object status.apiEndpoints array. + maxLength: 512 + minLength: 1 type: string controllerManager: description: controllerManager contains extra settings @@ -2355,14 +2369,20 @@ spec: description: |- hostPath is the path in the host that will be mounted inside the pod. + maxLength: 512 + minLength: 1 type: string mountPath: description: mountPath is the path inside the pod where hostPath will be mounted. + maxLength: 512 + minLength: 1 type: string name: description: name of the volume inside the pod template. + maxLength: 512 + minLength: 1 type: string pathType: description: pathType is the type of the HostPath. @@ -2387,11 +2407,15 @@ spec: description: |- imageRepository sets the container registry to pull images from. if not set, the ImageRepository defined in ClusterConfiguration will be used instead. + maxLength: 512 + minLength: 1 type: string imageTag: description: |- imageTag allows to specify a tag for the image. In case this value is set, kubeadm does not change automatically the version of the above components during upgrades. + maxLength: 256 + minLength: 1 type: string type: object etcd: @@ -2408,16 +2432,22 @@ spec: description: |- caFile is an SSL Certificate Authority file used to secure etcd communication. Required if using a TLS connection. + maxLength: 512 + minLength: 1 type: string certFile: description: |- certFile is an SSL certification file used to secure etcd communication. Required if using a TLS connection. + maxLength: 512 + minLength: 1 type: string endpoints: description: endpoints of etcd members. Required for ExternalEtcd. items: + maxLength: 512 + minLength: 1 type: string maxItems: 50 type: array @@ -2425,6 +2455,8 @@ spec: description: |- keyFile is an SSL key file used to secure etcd communication. Required if using a TLS connection. + maxLength: 512 + minLength: 1 type: string required: - caFile @@ -2441,6 +2473,8 @@ spec: description: |- dataDir is the directory etcd will place its data. Defaults to "/var/lib/etcd". + maxLength: 512 + minLength: 1 type: string extraArgs: additionalProperties: @@ -2583,16 +2617,22 @@ spec: description: |- imageRepository sets the container registry to pull images from. if not set, the ImageRepository defined in ClusterConfiguration will be used instead. + maxLength: 512 + minLength: 1 type: string imageTag: description: |- imageTag allows to specify a tag for the image. In case this value is set, kubeadm does not change automatically the version of the above components during upgrades. + maxLength: 256 + minLength: 1 type: string peerCertSANs: description: peerCertSANs sets extra Subject Alternative Names for the etcd peer signing cert. items: + maxLength: 253 + minLength: 1 type: string maxItems: 100 type: array @@ -2601,6 +2641,8 @@ spec: Alternative Names for the etcd server signing cert. items: + maxLength: 253 + minLength: 1 type: string maxItems: 100 type: array @@ -2624,6 +2666,8 @@ spec: * If the version is a CI build (kubernetes version starts with `ci/` or `ci-cross/`) `gcr.io/k8s-staging-ci-images` will be used as a default for control plane components and for kube-proxy, while `registry.k8s.io` will be used for all the other images. + maxLength: 512 + minLength: 1 type: string kind: description: |- @@ -2637,6 +2681,8 @@ spec: description: |- kubernetesVersion is the target version of the control plane. NB: This value defaults to the Machine object spec.version + maxLength: 256 + minLength: 1 type: string networking: description: |- @@ -2646,18 +2692,24 @@ spec: dnsDomain: description: dnsDomain is the dns domain used by k8s services. Defaults to "cluster.local". + maxLength: 253 + minLength: 1 type: string podSubnet: description: |- podSubnet is the subnet used by pods. If unset, the API server will not allocate CIDR ranges for every node. Defaults to a comma-delimited string of the Cluster object's spec.clusterNetwork.services.cidrBlocks if that is set + maxLength: 1024 + minLength: 1 type: string serviceSubnet: description: |- serviceSubnet is the subnet used by k8s services. Defaults to a comma-delimited string of the Cluster object's spec.clusterNetwork.pods.cidrBlocks, or to "10.96.0.0/12" if that's unset. + maxLength: 1024 + minLength: 1 type: string type: object scheduler: @@ -2810,14 +2862,20 @@ spec: description: |- hostPath is the path in the host that will be mounted inside the pod. + maxLength: 512 + minLength: 1 type: string mountPath: description: mountPath is the path inside the pod where hostPath will be mounted. + maxLength: 512 + minLength: 1 type: string name: description: name of the volume inside the pod template. + maxLength: 512 + minLength: 1 type: string pathType: description: pathType is the type of the HostPath. @@ -2848,21 +2906,29 @@ spec: properties: device: description: device specifies the device name + maxLength: 256 + minLength: 1 type: string extraOpts: description: extraOpts defined extra options to add to the command for creating the file system. items: + maxLength: 256 + minLength: 1 type: string maxItems: 100 type: array filesystem: description: filesystem specifies the file system type. + maxLength: 128 + minLength: 1 type: string label: description: label specifies the file system label to be used. If set to None, no label is used. + maxLength: 512 + minLength: 1 type: string overwrite: description: |- @@ -2874,11 +2940,15 @@ spec: to use. The valid options are: "auto|any", "auto", "any", "none", and , where NUM is the actual partition number.' + maxLength: 128 + minLength: 1 type: string replaceFS: description: |- replaceFS is a special directive, used for Microsoft Azure that instructs cloud-init to replace a file system of . NOTE: unless you define a label, this requires the use of the 'any' partition directive. + maxLength: 128 + minLength: 1 type: string required: - device @@ -2896,6 +2966,8 @@ spec: properties: device: description: device is the name of the device. + maxLength: 256 + minLength: 1 type: string layout: description: |- @@ -2913,6 +2985,9 @@ spec: tableType specifies the tupe of partition table. The following are supported: 'mbr': default and setups a MS-DOS partition table 'gpt': setups a GPT partition table + enum: + - mbr + - gpt type: string required: - device @@ -2934,6 +3009,8 @@ spec: type: boolean content: description: content is the actual content of the file. + maxLength: 10240 + minLength: 1 type: string contentFrom: description: contentFrom is a referenced source of content @@ -2946,10 +3023,14 @@ spec: key: description: key is the key in the secret's data map for this value. + maxLength: 256 + minLength: 1 type: string name: description: name of the secret in the KubeadmBootstrapConfig's namespace to use. + maxLength: 253 + minLength: 1 type: string required: - key @@ -2969,14 +3050,20 @@ spec: owner: description: owner specifies the ownership of the file, e.g. "root:root". + maxLength: 256 + minLength: 1 type: string path: description: path specifies the full path on disk where to store the file. + maxLength: 512 + minLength: 1 type: string permissions: description: permissions specifies the permissions to assign to the file, e.g. "0640". + maxLength: 16 + minLength: 1 type: string required: - path @@ -3003,6 +3090,8 @@ spec: configuration generated by the bootstrapper controller. More info: https://coreos.github.io/ignition/operator-notes/#config-merging The data format is documented here: https://kinvolk.io/docs/flatcar-container-linux/latest/provisioning/cl-config/ + maxLength: 10240 + minLength: 1 type: string strict: description: strict controls if AdditionalConfig should @@ -3034,6 +3123,8 @@ spec: description: |- description sets a human-friendly message why this token exists and what it's used for, so other administrators can know its purpose. + maxLength: 512 + minLength: 1 type: string expires: description: |- @@ -3046,6 +3137,8 @@ spec: groups specifies the extra groups that this token will authenticate as when/if used for authentication items: + maxLength: 256 + minLength: 1 type: string maxItems: 100 type: array @@ -3064,6 +3157,8 @@ spec: usages describes the ways in which this token can be used. Can by default be used for establishing bidirectional trust, but that can be changed here. items: + maxLength: 256 + minLength: 1 type: string maxItems: 100 type: array @@ -3092,6 +3187,8 @@ spec: advertiseAddress: description: advertiseAddress sets the IP address for the API server to advertise. + maxLength: 39 + minLength: 1 type: string bindPort: description: |- @@ -3110,12 +3207,16 @@ spec: description: criSocket is used to retrieve container runtime info. This information will be annotated to the Node API object, for later re-use + maxLength: 512 + minLength: 1 type: string ignorePreflightErrors: description: ignorePreflightErrors provides a slice of pre-flight errors to be ignored when the current node is registered. items: + maxLength: 512 + minLength: 1 type: string maxItems: 50 type: array @@ -3150,6 +3251,8 @@ spec: name is the `.Metadata.Name` field of the Node API object that will be created in this `kubeadm init` or `kubeadm join` operation. This field is also used in the CommonName field of the kubelet's client certificate to the API server. Defaults to the hostname of the node if not provided. + maxLength: 253 + minLength: 1 type: string taints: description: |- @@ -3205,6 +3308,8 @@ spec: These files can be written into the target directory via KubeadmConfig.Files which specifies additional files to be created on the machine, either with content inline or by referencing a secret. + maxLength: 512 + minLength: 1 type: string type: object skipPhases: @@ -3213,6 +3318,8 @@ spec: The list of phases can be obtained with the "kubeadm init --help" command. This option takes effect only on Kubernetes >=1.22.0. items: + maxLength: 256 + minLength: 1 type: string maxItems: 50 type: array @@ -3233,6 +3340,8 @@ spec: caCertPath is the path to the SSL certificate authority used to secure comunications between node and control-plane. Defaults to "/etc/kubernetes/pki/ca.crt". + maxLength: 512 + minLength: 1 type: string controlPlane: description: |- @@ -3247,6 +3356,8 @@ spec: advertiseAddress: description: advertiseAddress sets the IP address for the API server to advertise. + maxLength: 39 + minLength: 1 type: string bindPort: description: |- @@ -3269,6 +3380,8 @@ spec: description: apiServerEndpoint is an IP or domain name to the API server from which info will be fetched. + maxLength: 512 + minLength: 1 type: string caCertHashes: description: |- @@ -3281,6 +3394,8 @@ spec: ASN.1. These hashes can be calculated using, for example, OpenSSL: openssl x509 -pubkey -in ca.crt openssl rsa -pubin -outform der 2>&/dev/null | openssl dgst -sha256 -hex items: + maxLength: 512 + minLength: 1 type: string maxItems: 100 type: array @@ -3288,6 +3403,8 @@ spec: description: |- token is a token used to validate cluster information fetched from the control-plane. + maxLength: 512 + minLength: 1 type: string unsafeSkipCAVerification: description: |- @@ -3325,6 +3442,8 @@ spec: Defaults to the Cluster's CA certificate if empty. format: byte + maxLength: 51200 + minLength: 1 type: string insecureSkipTLSVerify: description: insecureSkipTLSVerify skips @@ -3343,18 +3462,24 @@ spec: socks5 proxying does not currently support spdy streaming endpoints (exec, attach, port forward). + maxLength: 512 + minLength: 1 type: string server: description: |- server is the address of the kubernetes cluster (https://hostname:port). Defaults to https:// + Cluster.Spec.ControlPlaneEndpoint. + maxLength: 512 + minLength: 1 type: string tlsServerName: description: tlsServerName is used to check server certificate. If TLSServerName is empty, the hostname used to contact the server is used. + maxLength: 512 + minLength: 1 type: string type: object user: @@ -3376,6 +3501,8 @@ spec: name: description: name is the name of the authentication plugin. + maxLength: 256 + minLength: 1 type: string required: - name @@ -3390,17 +3517,23 @@ spec: apiVersion is preferred input version of the ExecInfo. The returned ExecCredentials MUST use the same encoding version as the input. Defaults to client.authentication.k8s.io/v1 if not set. + maxLength: 512 + minLength: 1 type: string args: description: args is the arguments to pass to the command when executing it. items: + maxLength: 512 + minLength: 1 type: string maxItems: 100 type: array command: description: command to execute. + maxLength: 1024 + minLength: 1 type: string env: description: |- @@ -3415,10 +3548,14 @@ spec: name: description: name of the environment variable + maxLength: 512 + minLength: 1 type: string value: description: value of the environment variable + maxLength: 512 + minLength: 1 type: string required: - name @@ -3445,6 +3582,8 @@ spec: description: kubeConfigPath is used to specify the actual file path or URL to the kubeconfig file from which to load cluster information + maxLength: 512 + minLength: 1 type: string required: - kubeConfigPath @@ -3457,6 +3596,8 @@ spec: tlsBootstrapToken is a token used for TLS bootstrapping. If .BootstrapToken is set, this field is defaulted to .BootstrapToken.Token, but can be overridden. If .File is set, this field **must be set** in case the KubeConfigFile does not contain any other authentication information + maxLength: 512 + minLength: 1 type: string type: object kind: @@ -3477,12 +3618,16 @@ spec: description: criSocket is used to retrieve container runtime info. This information will be annotated to the Node API object, for later re-use + maxLength: 512 + minLength: 1 type: string ignorePreflightErrors: description: ignorePreflightErrors provides a slice of pre-flight errors to be ignored when the current node is registered. items: + maxLength: 512 + minLength: 1 type: string maxItems: 50 type: array @@ -3517,6 +3662,8 @@ spec: name is the `.Metadata.Name` field of the Node API object that will be created in this `kubeadm init` or `kubeadm join` operation. This field is also used in the CommonName field of the kubelet's client certificate to the API server. Defaults to the hostname of the node if not provided. + maxLength: 253 + minLength: 1 type: string taints: description: |- @@ -3572,6 +3719,8 @@ spec: These files can be written into the target directory via KubeadmConfig.Files which specifies additional files to be created on the machine, either with content inline or by referencing a secret. + maxLength: 512 + minLength: 1 type: string type: object skipPhases: @@ -3580,6 +3729,8 @@ spec: The list of phases can be obtained with the "kubeadm init --help" command. This option takes effect only on Kubernetes >=1.22.0. items: + maxLength: 256 + minLength: 1 type: string maxItems: 50 type: array @@ -3591,6 +3742,8 @@ spec: description: MountPoints defines input for generated mounts in cloud-init. items: + maxLength: 512 + minLength: 1 type: string type: array maxItems: 100 @@ -3604,6 +3757,8 @@ spec: servers: description: servers specifies which NTP servers to use items: + maxLength: 512 + minLength: 1 type: string maxItems: 100 type: array @@ -3612,6 +3767,8 @@ spec: description: postKubeadmCommands specifies extra commands to run after kubeadm runs items: + maxLength: 10240 + minLength: 1 type: string maxItems: 1000 type: array @@ -3619,6 +3776,8 @@ spec: description: preKubeadmCommands specifies extra commands to run before kubeadm runs items: + maxLength: 10240 + minLength: 1 type: string maxItems: 1000 type: array @@ -3647,14 +3806,20 @@ spec: gecos: description: gecos specifies the gecos to use for the user + maxLength: 256 + minLength: 1 type: string groups: description: groups specifies the additional groups for the user + maxLength: 256 + minLength: 1 type: string homeDir: description: homeDir specifies the home directory to use for the user + maxLength: 256 + minLength: 1 type: string inactive: description: inactive specifies whether to mark the @@ -3666,10 +3831,14 @@ spec: type: boolean name: description: name specifies the user name + maxLength: 256 + minLength: 1 type: string passwd: description: passwd specifies a hashed password for the user + maxLength: 256 + minLength: 1 type: string passwdFrom: description: passwdFrom is a referenced source of passwd @@ -3682,10 +3851,14 @@ spec: key: description: key is the key in the secret's data map for this value. + maxLength: 256 + minLength: 1 type: string name: description: name of the secret in the KubeadmBootstrapConfig's namespace to use. + maxLength: 253 + minLength: 1 type: string required: - key @@ -3697,19 +3870,27 @@ spec: primaryGroup: description: primaryGroup specifies the primary group for the user + maxLength: 256 + minLength: 1 type: string shell: description: shell specifies the user's shell + maxLength: 256 + minLength: 1 type: string sshAuthorizedKeys: description: sshAuthorizedKeys specifies a list of ssh authorized keys for the user items: + maxLength: 2048 + minLength: 1 type: string maxItems: 100 type: array sudo: description: sudo specifies a sudo role for the user + maxLength: 256 + minLength: 1 type: string required: - name diff --git a/config/crd/bases/addons.cluster.x-k8s.io_clusterresourcesetbindings.yaml b/config/crd/bases/addons.cluster.x-k8s.io_clusterresourcesetbindings.yaml index fe7703586835..f88ac77d4fe3 100644 --- a/config/crd/bases/addons.cluster.x-k8s.io_clusterresourcesetbindings.yaml +++ b/config/crd/bases/addons.cluster.x-k8s.io_clusterresourcesetbindings.yaml @@ -239,6 +239,8 @@ spec: clusterResourceSetName: description: clusterResourceSetName is the name of the ClusterResourceSet that is applied to the owner cluster of the binding. + maxLength: 253 + minLength: 1 type: string resources: description: resources is a list of resources that the ClusterResourceSet @@ -256,6 +258,8 @@ spec: description: |- hash is the hash of a resource's data. This can be used to decide if a resource is changed. For "ApplyOnce" ClusterResourceSet.spec.strategy, this is no-op as that strategy does not act on change. + maxLength: 256 + minLength: 1 type: string kind: description: 'kind of the resource. Supported kinds are: @@ -272,6 +276,7 @@ spec: name: description: name of the resource that is in the same namespace with ClusterResourceSet object. + maxLength: 253 minLength: 1 type: string required: @@ -290,6 +295,8 @@ spec: description: |- clusterName is the name of the Cluster this binding applies to. Note: this field mandatory in v1beta2. + maxLength: 63 + minLength: 1 type: string type: object type: object diff --git a/config/crd/bases/addons.cluster.x-k8s.io_clusterresourcesets.yaml b/config/crd/bases/addons.cluster.x-k8s.io_clusterresourcesets.yaml index c0241c801b8f..500f5c5a580b 100644 --- a/config/crd/bases/addons.cluster.x-k8s.io_clusterresourcesets.yaml +++ b/config/crd/bases/addons.cluster.x-k8s.io_clusterresourcesets.yaml @@ -456,6 +456,7 @@ spec: name: description: name of the resource that is in the same namespace with ClusterResourceSet object. + maxLength: 253 minLength: 1 type: string required: @@ -494,18 +495,23 @@ spec: description: |- message is a human readable message indicating details about the transition. This field may be empty. + maxLength: 10240 + minLength: 1 type: string reason: description: |- reason is the reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may be empty. + maxLength: 256 + minLength: 1 type: string severity: description: |- severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + maxLength: 32 type: string status: description: status of the condition, one of True, False, Unknown. @@ -515,6 +521,8 @@ spec: type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. + maxLength: 256 + minLength: 1 type: string required: - lastTransitionTime diff --git a/config/crd/bases/cluster.x-k8s.io_clusterclasses.yaml b/config/crd/bases/cluster.x-k8s.io_clusterclasses.yaml index 8e66643d0b3c..7d8f42572c73 100644 --- a/config/crd/bases/cluster.x-k8s.io_clusterclasses.yaml +++ b/config/crd/bases/cluster.x-k8s.io_clusterclasses.yaml @@ -611,6 +611,8 @@ spec: Eg. "[3-5]" - This means that remediation will be allowed only when: (a) there are at least 3 unhealthy machines (and) (b) there are at most 5 unhealthy machines + maxLength: 32 + minLength: 1 pattern: ^\[[0-9]+-[0-9]+\]$ type: string type: object @@ -712,6 +714,8 @@ spec: The templating mechanism provides the following arguments: * `.cluster.name`: The name of the cluster object. * `.random`: A random alphanumeric string, without vowels, of length 5. + maxLength: 1024 + minLength: 1 type: string type: object nodeDeletionTimeout: @@ -895,6 +899,8 @@ spec: The templating mechanism provides the following arguments: * `.cluster.name`: The name of the cluster object. * `.random`: A random alphanumeric string, without vowels, of length 5. + maxLength: 1024 + minLength: 1 type: string type: object patches: @@ -927,6 +933,10 @@ spec: description: |- op defines the operation of the patch. Note: Only `add`, `replace` and `remove` are supported. + enum: + - add + - replace + - remove type: string path: description: |- @@ -935,6 +945,8 @@ spec: Note: For now the only allowed array modifications are `append` and `prepend`, i.e.: * for op: `add`: only index 0 (prepend) and - (append) are allowed * for op: `replace` or `remove`: no indexes are allowed + maxLength: 512 + minLength: 1 type: string value: description: |- @@ -957,11 +969,15 @@ spec: template is the Go template to be used to calculate the value. A template can reference variables defined in .spec.variables and builtin variables. Note: The template must evaluate to a valid YAML or JSON value. + maxLength: 10240 + minLength: 1 type: string variable: description: |- variable is the variable to be used as value. Variable can be one of the variables defined in .spec.variables or a builtin variable. + maxLength: 256 + minLength: 1 type: string type: object required: @@ -976,9 +992,13 @@ spec: properties: apiVersion: description: apiVersion filters templates by apiVersion. + maxLength: 512 + minLength: 1 type: string kind: description: kind filters templates by kind. + maxLength: 256 + minLength: 1 type: string matchResources: description: matchResources selects templates based @@ -1003,6 +1023,8 @@ spec: description: names selects templates by class names. items: + maxLength: 256 + minLength: 1 type: string maxItems: 100 type: array @@ -1016,6 +1038,8 @@ spec: description: names selects templates by class names. items: + maxLength: 256 + minLength: 1 type: string maxItems: 100 type: array @@ -1035,6 +1059,8 @@ spec: description: description: description is a human-readable description of this patch. + maxLength: 1024 + minLength: 1 type: string enabledIf: description: |- @@ -1043,6 +1069,8 @@ spec: The patch will be enabled if the template evaluates to `true`, otherwise it will be disabled. If EnabledIf is not set, the patch will be enabled per default. + maxLength: 256 + minLength: 1 type: string external: description: |- @@ -1052,10 +1080,14 @@ spec: discoverVariablesExtension: description: discoverVariablesExtension references an extension which is called to discover variables. + maxLength: 512 + minLength: 1 type: string generateExtension: description: generateExtension references an extension which is called to generate patches. + maxLength: 512 + minLength: 1 type: string settings: additionalProperties: @@ -1068,10 +1100,14 @@ spec: validateExtension: description: validateExtension references an extension which is called to validate the topology. + maxLength: 512 + minLength: 1 type: string type: object name: description: name of the patch. + maxLength: 256 + minLength: 1 type: string required: - name @@ -1113,6 +1149,8 @@ spec: type: object name: description: name of the variable. + maxLength: 256 + minLength: 1 type: string required: description: |- @@ -1158,6 +1196,8 @@ spec: description: description: description is a human-readable description of this variable. + maxLength: 4096 + minLength: 1 type: string enum: description: |- @@ -1186,6 +1226,8 @@ spec: For a list of supported formats please see: (of the k8s.io/apiextensions-apiserver version we're currently using) https://github.com/kubernetes/apiextensions-apiserver/blob/master/pkg/apiserver/validation/formats.go NOTE: Can only be set if type is string. + maxLength: 32 + minLength: 1 type: string items: description: |- @@ -1262,6 +1304,8 @@ spec: description: |- pattern is the regex which a string variable must match. NOTE: Can only be set if type is string. + maxLength: 512 + minLength: 1 type: string properties: description: |- @@ -1276,6 +1320,8 @@ spec: required specifies which fields of an object are required. NOTE: Can only be set if type is object. items: + maxLength: 256 + minLength: 1 type: string maxItems: 1000 type: array @@ -1283,6 +1329,13 @@ spec: description: |- type is the type of the variable. Valid values are: object, array, string, integer, number or boolean. + enum: + - object + - array + - string + - integer + - number + - boolean type: string uniqueItems: description: |- @@ -1330,6 +1383,8 @@ spec: Numeric index of array is not supported. For field name which contains special characters, use `['specialName']` to refer the field name. e.g. for attribute `foo.34$` appears in a list `testList`, the fieldPath could be set to `.testList['foo.34$']` + maxLength: 512 + minLength: 1 type: string message: description: |- @@ -1337,6 +1392,8 @@ spec: line breaks. The message must not contain line breaks. If unset, the message is "failed rule: {Rule}". e.g. "must be a URL with the host matching spec.host" + maxLength: 512 + minLength: 1 type: string messageExpression: description: |- @@ -1349,6 +1406,8 @@ spec: messageExpression has access to all the same variables as the rule; the only difference is the return type. Example: "x must be less than max ("+string(self.max)+")" + maxLength: 1024 + minLength: 1 type: string reason: default: FieldValueInvalid @@ -1424,6 +1483,8 @@ spec: rules by default are applied only on UPDATE requests and are\nskipped if an old value could not be found." + maxLength: 4096 + minLength: 1 type: string required: - rule @@ -1485,12 +1546,16 @@ spec: class denotes a type of worker node present in the cluster, this name MUST be unique within a ClusterClass and can be referenced in the Cluster to create a managed MachineDeployment. + maxLength: 256 + minLength: 1 type: string failureDomain: description: |- failureDomain is the failure domain the machines will be created in. Must match a key in the FailureDomains map stored on the cluster object. NOTE: This value can be overridden while defining a Cluster.Topology using this MachineDeploymentClass. + maxLength: 256 + minLength: 1 type: string machineHealthCheck: description: machineHealthCheck defines a MachineHealthCheck @@ -1611,6 +1676,8 @@ spec: Eg. "[3-5]" - This means that remediation will be allowed only when: (a) there are at least 3 unhealthy machines (and) (b) there are at most 5 unhealthy machines + maxLength: 32 + minLength: 1 pattern: ^\[[0-9]+-[0-9]+\]$ type: string type: object @@ -1637,6 +1704,8 @@ spec: * `.cluster.name`: The name of the cluster object. * `.random`: A random alphanumeric string, without vowels, of length 5. * `.machineDeployment.topologyName`: The name of the MachineDeployment topology (Cluster.spec.topology.workers.machineDeployments[].name). + maxLength: 1024 + minLength: 1 type: string type: object nodeDeletionTimeout: @@ -1957,6 +2026,8 @@ spec: class denotes a type of machine pool present in the cluster, this name MUST be unique within a ClusterClass and can be referenced in the Cluster to create a managed MachinePool. + maxLength: 256 + minLength: 1 type: string failureDomains: description: |- @@ -1964,6 +2035,8 @@ spec: Must match a key in the FailureDomains map stored on the cluster object. NOTE: This value can be overridden while defining a Cluster.Topology using this MachinePoolClass. items: + maxLength: 256 + minLength: 1 type: string maxItems: 100 type: array @@ -1990,6 +2063,8 @@ spec: * `.cluster.name`: The name of the cluster object. * `.random`: A random alphanumeric string, without vowels, of length 5. * `.machinePool.topologyName`: The name of the MachinePool topology (Cluster.spec.topology.workers.machinePools[].name). + maxLength: 1024 + minLength: 1 type: string type: object nodeDeletionTimeout: @@ -2182,18 +2257,23 @@ spec: description: |- message is a human readable message indicating details about the transition. This field may be empty. + maxLength: 10240 + minLength: 1 type: string reason: description: |- reason is the reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may be empty. + maxLength: 256 + minLength: 1 type: string severity: description: |- severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + maxLength: 32 type: string status: description: status of the condition, one of True, False, Unknown. @@ -2203,6 +2283,8 @@ spec: type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. + maxLength: 256 + minLength: 1 type: string required: - lastTransitionTime @@ -2302,6 +2384,8 @@ spec: from specifies the origin of the variable definition. This will be `inline` for variables defined in the ClusterClass or the name of a patch defined in the ClusterClass for variables discovered from a DiscoverVariables runtime extensions. + maxLength: 256 + minLength: 1 type: string metadata: description: |- @@ -2371,6 +2455,8 @@ spec: description: description: description is a human-readable description of this variable. + maxLength: 4096 + minLength: 1 type: string enum: description: |- @@ -2399,6 +2485,8 @@ spec: For a list of supported formats please see: (of the k8s.io/apiextensions-apiserver version we're currently using) https://github.com/kubernetes/apiextensions-apiserver/blob/master/pkg/apiserver/validation/formats.go NOTE: Can only be set if type is string. + maxLength: 32 + minLength: 1 type: string items: description: |- @@ -2475,6 +2563,8 @@ spec: description: |- pattern is the regex which a string variable must match. NOTE: Can only be set if type is string. + maxLength: 512 + minLength: 1 type: string properties: description: |- @@ -2489,6 +2579,8 @@ spec: required specifies which fields of an object are required. NOTE: Can only be set if type is object. items: + maxLength: 256 + minLength: 1 type: string maxItems: 1000 type: array @@ -2496,6 +2588,13 @@ spec: description: |- type is the type of the variable. Valid values are: object, array, string, integer, number or boolean. + enum: + - object + - array + - string + - integer + - number + - boolean type: string uniqueItems: description: |- @@ -2543,6 +2642,8 @@ spec: Numeric index of array is not supported. For field name which contains special characters, use `['specialName']` to refer the field name. e.g. for attribute `foo.34$` appears in a list `testList`, the fieldPath could be set to `.testList['foo.34$']` + maxLength: 512 + minLength: 1 type: string message: description: |- @@ -2550,6 +2651,8 @@ spec: line breaks. The message must not contain line breaks. If unset, the message is "failed rule: {Rule}". e.g. "must be a URL with the host matching spec.host" + maxLength: 512 + minLength: 1 type: string messageExpression: description: |- @@ -2562,6 +2665,8 @@ spec: messageExpression has access to all the same variables as the rule; the only difference is the return type. Example: "x must be less than max ("+string(self.max)+")" + maxLength: 1024 + minLength: 1 type: string reason: default: FieldValueInvalid @@ -2646,6 +2751,8 @@ spec: rules by default are applied only on UPDATE requests and are\nskipped if an old value could not be found." + maxLength: 4096 + minLength: 1 type: string required: - rule @@ -2693,6 +2800,8 @@ spec: type: boolean name: description: name is the name of the variable. + maxLength: 256 + minLength: 1 type: string required: - definitions diff --git a/config/crd/bases/cluster.x-k8s.io_clusters.yaml b/config/crd/bases/cluster.x-k8s.io_clusters.yaml index bf70a3dc1346..a531234fc356 100644 --- a/config/crd/bases/cluster.x-k8s.io_clusters.yaml +++ b/config/crd/bases/cluster.x-k8s.io_clusters.yaml @@ -813,6 +813,8 @@ spec: cidrBlocks: description: cidrBlocks is a list of CIDR blocks. items: + maxLength: 43 + minLength: 1 type: string maxItems: 100 type: array @@ -821,6 +823,8 @@ spec: type: object serviceDomain: description: serviceDomain is the domain name for services. + maxLength: 253 + minLength: 1 type: string services: description: services is the network ranges from which service @@ -829,6 +833,8 @@ spec: cidrBlocks: description: cidrBlocks is a list of CIDR blocks. items: + maxLength: 43 + minLength: 1 type: string maxItems: 100 type: array @@ -842,6 +848,7 @@ spec: properties: host: description: host is the hostname on which the API server is serving. + maxLength: 512 type: string port: description: port is the port on which the API server is serving. @@ -955,6 +962,8 @@ spec: class: description: class is the name of the ClusterClass object to create the topology. + maxLength: 253 + minLength: 1 type: string classNamespace: description: |- @@ -1100,6 +1109,8 @@ spec: Eg. "[3-5]" - This means that remediation will be allowed only when: (a) there are at least 3 unhealthy machines (and) (b) there are at most 5 unhealthy machines + maxLength: 32 + minLength: 1 pattern: ^\[[0-9]+-[0-9]+\]$ type: string type: object @@ -1215,9 +1226,12 @@ spec: definitionFrom specifies where the definition of this Variable is from. Deprecated: This field is deprecated, must not be set anymore and is going to be removed in the next apiVersion. + maxLength: 256 type: string name: description: name of the variable. + maxLength: 256 + minLength: 1 type: string value: description: |- @@ -1263,9 +1277,12 @@ spec: definitionFrom specifies where the definition of this Variable is from. Deprecated: This field is deprecated, must not be set anymore and is going to be removed in the next apiVersion. + maxLength: 256 type: string name: description: name of the variable. + maxLength: 256 + minLength: 1 type: string value: description: |- @@ -1288,6 +1305,8 @@ spec: x-kubernetes-list-type: map version: description: version is the Kubernetes version of the cluster. + maxLength: 256 + minLength: 1 type: string workers: description: |- @@ -1307,11 +1326,15 @@ spec: class is the name of the MachineDeploymentClass used to create the set of worker nodes. This should match one of the deployment classes defined in the ClusterClass object mentioned in the `Cluster.Spec.Class` field. + maxLength: 256 + minLength: 1 type: string failureDomain: description: |- failureDomain is the failure domain the machines will be created in. Must match a key in the FailureDomains map stored on the cluster object. + maxLength: 256 + minLength: 1 type: string machineHealthCheck: description: |- @@ -1445,6 +1468,8 @@ spec: Eg. "[3-5]" - This means that remediation will be allowed only when: (a) there are at least 3 unhealthy machines (and) (b) there are at most 5 unhealthy machines + maxLength: 32 + minLength: 1 pattern: ^\[[0-9]+-[0-9]+\]$ type: string type: object @@ -1486,6 +1511,8 @@ spec: The value is used with other unique identifiers to create a MachineDeployment's Name (e.g. cluster's name, etc). In case the name is greater than the allowed maximum length, the values are hashed together. + maxLength: 256 + minLength: 1 type: string nodeDeletionTimeout: description: |- @@ -1665,9 +1692,12 @@ spec: definitionFrom specifies where the definition of this Variable is from. Deprecated: This field is deprecated, must not be set anymore and is going to be removed in the next apiVersion. + maxLength: 256 type: string name: description: name of the variable. + maxLength: 256 + minLength: 1 type: string value: description: |- @@ -1711,12 +1741,16 @@ spec: class is the name of the MachinePoolClass used to create the pool of worker nodes. This should match one of the deployment classes defined in the ClusterClass object mentioned in the `Cluster.Spec.Class` field. + maxLength: 256 + minLength: 1 type: string failureDomains: description: |- failureDomains is the list of failure domains the machine pool will be created in. Must match a key in the FailureDomains map stored on the cluster object. items: + maxLength: 256 + minLength: 1 type: string maxItems: 100 type: array @@ -1758,6 +1792,8 @@ spec: The value is used with other unique identifiers to create a MachinePool's Name (e.g. cluster's name, etc). In case the name is greater than the allowed maximum length, the values are hashed together. + maxLength: 256 + minLength: 1 type: string nodeDeletionTimeout: description: |- @@ -1801,9 +1837,12 @@ spec: definitionFrom specifies where the definition of this Variable is from. Deprecated: This field is deprecated, must not be set anymore and is going to be removed in the next apiVersion. + maxLength: 256 type: string name: description: name of the variable. + maxLength: 256 + minLength: 1 type: string value: description: |- @@ -1860,18 +1899,23 @@ spec: description: |- message is a human readable message indicating details about the transition. This field may be empty. + maxLength: 10240 + minLength: 1 type: string reason: description: |- reason is the reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may be empty. + maxLength: 256 + minLength: 1 type: string severity: description: |- severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + maxLength: 32 type: string status: description: status of the condition, one of True, False, Unknown. @@ -1881,6 +1925,8 @@ spec: type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. + maxLength: 256 + minLength: 1 type: string required: - lastTransitionTime @@ -1922,6 +1968,8 @@ spec: state, and will be set to a descriptive error message. Deprecated: This field is deprecated and is going to be removed in the next apiVersion. Please see https://github.com/kubernetes-sigs/cluster-api/blob/main/docs/proposals/20240916-improve-status-in-CAPI-resources.md for more details. + maxLength: 10240 + minLength: 1 type: string failureReason: description: |- @@ -1941,9 +1989,14 @@ spec: format: int64 type: integer phase: - description: |- - phase represents the current phase of cluster actuation. - E.g. Pending, Running, Terminating, Failed etc. + description: phase represents the current phase of cluster actuation. + enum: + - Pending + - Provisioning + - Provisioned + - Deleting + - Failed + - Unknown type: string v1beta2: description: v1beta2 groups all the fields that will be added or modified diff --git a/config/crd/bases/cluster.x-k8s.io_machinedeployments.yaml b/config/crd/bases/cluster.x-k8s.io_machinedeployments.yaml index 6e93abdace86..74ff1ad5ff33 100644 --- a/config/crd/bases/cluster.x-k8s.io_machinedeployments.yaml +++ b/config/crd/bases/cluster.x-k8s.io_machinedeployments.yaml @@ -1122,6 +1122,7 @@ spec: clusterName: description: clusterName is the name of the Cluster this object belongs to. + maxLength: 63 minLength: 1 type: string machineNamingStrategy: @@ -1148,6 +1149,7 @@ spec: without vowels, of length 5. This variable is required part of the template. If not provided, validation will fail. maxLength: 256 + minLength: 1 type: string type: object minReadySeconds: @@ -1440,17 +1442,22 @@ spec: description: |- dataSecretName is the name of the secret that stores the bootstrap data script. If nil, the Machine should remain in the Pending state. + maxLength: 253 + minLength: 1 type: string type: object clusterName: description: clusterName is the name of the Cluster this object belongs to. + maxLength: 63 minLength: 1 type: string failureDomain: description: |- failureDomain is the failure domain the machine will be created in. Must match a key in the FailureDomains map stored on the cluster object. + maxLength: 256 + minLength: 1 type: string infrastructureRef: description: |- @@ -1526,6 +1533,8 @@ spec: and then a comparison is done to find out unregistered machines and are marked for delete. This field will be set by the actuators and consumed by higher level entities like autoscaler that will be interfacing with cluster-api as generic provider. + maxLength: 512 + minLength: 1 type: string readinessGates: description: |- @@ -1579,6 +1588,8 @@ spec: description: |- version defines the desired Kubernetes version. This field is meant to be optionally used by bootstrap providers. + maxLength: 256 + minLength: 1 type: string required: - bootstrap @@ -1617,18 +1628,23 @@ spec: description: |- message is a human readable message indicating details about the transition. This field may be empty. + maxLength: 10240 + minLength: 1 type: string reason: description: |- reason is the reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may be empty. + maxLength: 256 + minLength: 1 type: string severity: description: |- severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + maxLength: 32 type: string status: description: status of the condition, one of True, False, Unknown. @@ -1638,6 +1654,8 @@ spec: type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. + maxLength: 256 + minLength: 1 type: string required: - lastTransitionTime @@ -1653,6 +1671,12 @@ spec: phase: description: phase represents the current phase of a MachineDeployment (ScalingUp, ScalingDown, Running, Failed, or Unknown). + enum: + - ScalingUp + - ScalingDown + - Running + - Failed + - Unknown type: string readyReplicas: description: readyReplicas is the total number of ready machines targeted @@ -1670,6 +1694,8 @@ spec: selector is the same as the label selector but in the string format to avoid introspection by clients. The string will be in the same format as the query-param syntax. More info about label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors + maxLength: 4096 + minLength: 1 type: string unavailableReplicas: description: |- diff --git a/config/crd/bases/cluster.x-k8s.io_machinehealthchecks.yaml b/config/crd/bases/cluster.x-k8s.io_machinehealthchecks.yaml index 60064b48f31f..5c3c778348b7 100644 --- a/config/crd/bases/cluster.x-k8s.io_machinehealthchecks.yaml +++ b/config/crd/bases/cluster.x-k8s.io_machinehealthchecks.yaml @@ -647,6 +647,7 @@ spec: clusterName: description: clusterName is the name of the Cluster this object belongs to. + maxLength: 63 minLength: 1 type: string maxUnhealthy: @@ -814,6 +815,8 @@ spec: (b) there are at most 5 unhealthy machines Deprecated: This field is deprecated and is going to be removed in the next apiVersion. Please see https://github.com/kubernetes-sigs/cluster-api/issues/10722 for more details. + maxLength: 32 + minLength: 1 pattern: ^\[[0-9]+-[0-9]+\]$ type: string required: @@ -841,18 +844,23 @@ spec: description: |- message is a human readable message indicating details about the transition. This field may be empty. + maxLength: 10240 + minLength: 1 type: string reason: description: |- reason is the reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may be empty. + maxLength: 256 + minLength: 1 type: string severity: description: |- severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + maxLength: 32 type: string status: description: status of the condition, one of True, False, Unknown. @@ -862,6 +870,8 @@ spec: type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. + maxLength: 256 + minLength: 1 type: string required: - lastTransitionTime @@ -897,6 +907,8 @@ spec: description: targets shows the current list of machines the machine health check is watching items: + maxLength: 253 + minLength: 1 type: string maxItems: 10000 type: array diff --git a/config/crd/bases/cluster.x-k8s.io_machinepools.yaml b/config/crd/bases/cluster.x-k8s.io_machinepools.yaml index f9fa2862262d..441f19f0ff89 100644 --- a/config/crd/bases/cluster.x-k8s.io_machinepools.yaml +++ b/config/crd/bases/cluster.x-k8s.io_machinepools.yaml @@ -1056,12 +1056,15 @@ spec: clusterName: description: clusterName is the name of the Cluster this object belongs to. + maxLength: 63 minLength: 1 type: string failureDomains: description: failureDomains is the list of failure domains this MachinePool should be attached to. items: + maxLength: 256 + minLength: 1 type: string maxItems: 100 type: array @@ -1078,6 +1081,8 @@ spec: providerIDList are the identification IDs of machine instances provided by the provider. This field must match the provider IDs as seen on the node objects corresponding to a machine pool's machine instances. items: + maxLength: 512 + minLength: 1 type: string maxItems: 10000 type: array @@ -1175,17 +1180,22 @@ spec: description: |- dataSecretName is the name of the secret that stores the bootstrap data script. If nil, the Machine should remain in the Pending state. + maxLength: 253 + minLength: 1 type: string type: object clusterName: description: clusterName is the name of the Cluster this object belongs to. + maxLength: 63 minLength: 1 type: string failureDomain: description: |- failureDomain is the failure domain the machine will be created in. Must match a key in the FailureDomains map stored on the cluster object. + maxLength: 256 + minLength: 1 type: string infrastructureRef: description: |- @@ -1261,6 +1271,8 @@ spec: and then a comparison is done to find out unregistered machines and are marked for delete. This field will be set by the actuators and consumed by higher level entities like autoscaler that will be interfacing with cluster-api as generic provider. + maxLength: 512 + minLength: 1 type: string readinessGates: description: |- @@ -1314,6 +1326,8 @@ spec: description: |- version defines the desired Kubernetes version. This field is meant to be optionally used by bootstrap providers. + maxLength: 256 + minLength: 1 type: string required: - bootstrap @@ -1353,18 +1367,23 @@ spec: description: |- message is a human readable message indicating details about the transition. This field may be empty. + maxLength: 10240 + minLength: 1 type: string reason: description: |- reason is the reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may be empty. + maxLength: 256 + minLength: 1 type: string severity: description: |- severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + maxLength: 32 type: string status: description: status of the condition, one of True, False, Unknown. @@ -1374,6 +1393,8 @@ spec: type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. + maxLength: 256 + minLength: 1 type: string required: - lastTransitionTime @@ -1387,6 +1408,8 @@ spec: and will be set to a descriptive error message. Deprecated: This field is deprecated and is going to be removed in the next apiVersion. Please see https://github.com/kubernetes-sigs/cluster-api/blob/main/docs/proposals/20240916-improve-status-in-CAPI-resources.md for more details. + maxLength: 10240 + minLength: 1 type: string failureReason: description: |- @@ -1454,9 +1477,18 @@ spec: format: int64 type: integer phase: - description: |- - phase represents the current phase of cluster actuation. - E.g. Pending, Running, Terminating, Failed etc. + description: phase represents the current phase of cluster actuation. + enum: + - Pending + - Provisioning + - Provisioned + - Running + - ScalingUp + - ScalingDown + - Scaling + - Deleting + - Failed + - Unknown type: string readyReplicas: description: readyReplicas is the number of ready replicas for this diff --git a/config/crd/bases/cluster.x-k8s.io_machines.yaml b/config/crd/bases/cluster.x-k8s.io_machines.yaml index f0c63be51746..5de66bb9bf5b 100644 --- a/config/crd/bases/cluster.x-k8s.io_machines.yaml +++ b/config/crd/bases/cluster.x-k8s.io_machines.yaml @@ -939,17 +939,22 @@ spec: description: |- dataSecretName is the name of the secret that stores the bootstrap data script. If nil, the Machine should remain in the Pending state. + maxLength: 253 + minLength: 1 type: string type: object clusterName: description: clusterName is the name of the Cluster this object belongs to. + maxLength: 63 minLength: 1 type: string failureDomain: description: |- failureDomain is the failure domain the machine will be created in. Must match a key in the FailureDomains map stored on the cluster object. + maxLength: 256 + minLength: 1 type: string infrastructureRef: description: |- @@ -1025,6 +1030,8 @@ spec: and then a comparison is done to find out unregistered machines and are marked for delete. This field will be set by the actuators and consumed by higher level entities like autoscaler that will be interfacing with cluster-api as generic provider. + maxLength: 512 + minLength: 1 type: string readinessGates: description: |- @@ -1078,6 +1085,8 @@ spec: description: |- version defines the desired Kubernetes version. This field is meant to be optionally used by bootstrap providers. + maxLength: 256 + minLength: 1 type: string required: - bootstrap @@ -1097,10 +1106,18 @@ spec: properties: address: description: address is the machine address. + maxLength: 256 + minLength: 1 type: string type: description: type is the machine address type, one of Hostname, ExternalIP, InternalIP, ExternalDNS or InternalDNS. + enum: + - Hostname + - ExternalIP + - InternalIP + - ExternalDNS + - InternalDNS type: string required: - address @@ -1133,18 +1150,23 @@ spec: description: |- message is a human readable message indicating details about the transition. This field may be empty. + maxLength: 10240 + minLength: 1 type: string reason: description: |- reason is the reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may be empty. + maxLength: 256 + minLength: 1 type: string severity: description: |- severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + maxLength: 32 type: string status: description: status of the condition, one of True, False, Unknown. @@ -1154,6 +1176,8 @@ spec: type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. + maxLength: 256 + minLength: 1 type: string required: - lastTransitionTime @@ -1203,6 +1227,8 @@ spec: controller's output. Deprecated: This field is deprecated and is going to be removed in the next apiVersion. Please see https://github.com/kubernetes-sigs/cluster-api/blob/main/docs/proposals/20240916-improve-status-in-CAPI-resources.md for more details. + maxLength: 10240 + minLength: 1 type: string failureReason: description: |- @@ -1339,9 +1365,16 @@ spec: format: int64 type: integer phase: - description: |- - phase represents the current phase of machine actuation. - E.g. Pending, Running, Terminating, Failed etc. + description: phase represents the current phase of machine actuation. + enum: + - Pending + - Provisioning + - Provisioned + - Running + - Deleting + - Deleted + - Failed + - Unknown type: string v1beta2: description: v1beta2 groups all the fields that will be added or modified diff --git a/config/crd/bases/cluster.x-k8s.io_machinesets.yaml b/config/crd/bases/cluster.x-k8s.io_machinesets.yaml index 21aaab0cc6ef..b9d538ffdd29 100644 --- a/config/crd/bases/cluster.x-k8s.io_machinesets.yaml +++ b/config/crd/bases/cluster.x-k8s.io_machinesets.yaml @@ -987,6 +987,7 @@ spec: clusterName: description: clusterName is the name of the Cluster this object belongs to. + maxLength: 63 minLength: 1 type: string deletePolicy: @@ -1022,6 +1023,7 @@ spec: without vowels, of length 5. This variable is required part of the template. If not provided, validation will fail. maxLength: 256 + minLength: 1 type: string type: object minReadySeconds: @@ -1192,17 +1194,22 @@ spec: description: |- dataSecretName is the name of the secret that stores the bootstrap data script. If nil, the Machine should remain in the Pending state. + maxLength: 253 + minLength: 1 type: string type: object clusterName: description: clusterName is the name of the Cluster this object belongs to. + maxLength: 63 minLength: 1 type: string failureDomain: description: |- failureDomain is the failure domain the machine will be created in. Must match a key in the FailureDomains map stored on the cluster object. + maxLength: 256 + minLength: 1 type: string infrastructureRef: description: |- @@ -1278,6 +1285,8 @@ spec: and then a comparison is done to find out unregistered machines and are marked for delete. This field will be set by the actuators and consumed by higher level entities like autoscaler that will be interfacing with cluster-api as generic provider. + maxLength: 512 + minLength: 1 type: string readinessGates: description: |- @@ -1331,6 +1340,8 @@ spec: description: |- version defines the desired Kubernetes version. This field is meant to be optionally used by bootstrap providers. + maxLength: 256 + minLength: 1 type: string required: - bootstrap @@ -1367,18 +1378,23 @@ spec: description: |- message is a human readable message indicating details about the transition. This field may be empty. + maxLength: 10240 + minLength: 1 type: string reason: description: |- reason is the reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may be empty. + maxLength: 256 + minLength: 1 type: string severity: description: |- severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + maxLength: 32 type: string status: description: status of the condition, one of True, False, Unknown. @@ -1388,6 +1404,8 @@ spec: type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. + maxLength: 256 + minLength: 1 type: string required: - lastTransitionTime @@ -1402,6 +1420,8 @@ spec: for logging and human consumption. Deprecated: This field is deprecated and is going to be removed in the next apiVersion. Please see https://github.com/kubernetes-sigs/cluster-api/blob/main/docs/proposals/20240916-improve-status-in-CAPI-resources.md for more details. + maxLength: 10240 + minLength: 1 type: string failureReason: description: |- @@ -1457,6 +1477,8 @@ spec: selector is the same as the label selector but in the string format to avoid introspection by clients. The string will be in the same format as the query-param syntax. More info about label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors + maxLength: 4096 + minLength: 1 type: string v1beta2: description: v1beta2 groups all the fields that will be added or modified diff --git a/config/crd/bases/ipam.cluster.x-k8s.io_ipaddressclaims.yaml b/config/crd/bases/ipam.cluster.x-k8s.io_ipaddressclaims.yaml index a820133b3ad3..4b3561dc8f2a 100644 --- a/config/crd/bases/ipam.cluster.x-k8s.io_ipaddressclaims.yaml +++ b/config/crd/bases/ipam.cluster.x-k8s.io_ipaddressclaims.yaml @@ -113,18 +113,23 @@ spec: description: |- message is a human readable message indicating details about the transition. This field may be empty. + maxLength: 10240 + minLength: 1 type: string reason: description: |- reason is the reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may be empty. + maxLength: 256 + minLength: 1 type: string severity: description: |- severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + maxLength: 32 type: string status: description: status of the condition, one of True, False, Unknown. @@ -134,6 +139,8 @@ spec: type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. + maxLength: 256 + minLength: 1 type: string required: - lastTransitionTime @@ -188,6 +195,8 @@ spec: clusterName: description: clusterName is the name of the Cluster this object belongs to. + maxLength: 63 + minLength: 1 type: string poolRef: description: poolRef is a reference to the pool from which an IP address @@ -248,18 +257,23 @@ spec: description: |- message is a human readable message indicating details about the transition. This field may be empty. + maxLength: 10240 + minLength: 1 type: string reason: description: |- reason is the reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may be empty. + maxLength: 256 + minLength: 1 type: string severity: description: |- severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + maxLength: 32 type: string status: description: status of the condition, one of True, False, Unknown. @@ -269,6 +283,8 @@ spec: type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. + maxLength: 256 + minLength: 1 type: string required: - lastTransitionTime diff --git a/config/crd/bases/ipam.cluster.x-k8s.io_ipaddresses.yaml b/config/crd/bases/ipam.cluster.x-k8s.io_ipaddresses.yaml index 5b5255306833..cf0cd41608ce 100644 --- a/config/crd/bases/ipam.cluster.x-k8s.io_ipaddresses.yaml +++ b/config/crd/bases/ipam.cluster.x-k8s.io_ipaddresses.yaml @@ -60,6 +60,8 @@ spec: properties: address: description: address is the IP address. + maxLength: 39 + minLength: 1 type: string claimRef: description: claimRef is a reference to the claim this IPAddress was @@ -79,6 +81,8 @@ spec: gateway: description: gateway is the network gateway of the network the address is from. + maxLength: 39 + minLength: 1 type: string poolRef: description: poolRef is a reference to the pool that this IPAddress @@ -158,6 +162,8 @@ spec: properties: address: description: address is the IP address. + maxLength: 39 + minLength: 1 type: string claimRef: description: claimRef is a reference to the claim this IPAddress was @@ -177,6 +183,8 @@ spec: gateway: description: gateway is the network gateway of the network the address is from. + maxLength: 39 + minLength: 1 type: string poolRef: description: poolRef is a reference to the pool that this IPAddress diff --git a/config/crd/bases/runtime.cluster.x-k8s.io_extensionconfigs.yaml b/config/crd/bases/runtime.cluster.x-k8s.io_extensionconfigs.yaml index 9c5d22d5ce99..a11dbbeb3150 100644 --- a/config/crd/bases/runtime.cluster.x-k8s.io_extensionconfigs.yaml +++ b/config/crd/bases/runtime.cluster.x-k8s.io_extensionconfigs.yaml @@ -56,6 +56,8 @@ spec: description: caBundle is a PEM encoded CA bundle which will be used to validate the Extension server's server certificate. format: byte + maxLength: 51200 + minLength: 1 type: string service: description: |- @@ -66,14 +68,20 @@ spec: properties: name: description: name is the name of the service. + maxLength: 63 + minLength: 1 type: string namespace: description: namespace is the namespace of the service. + maxLength: 63 + minLength: 1 type: string path: description: |- path is an optional URL path and if present may be any string permissible in a URL. If a path is set it will be used as prefix to the hook-specific path. + maxLength: 512 + minLength: 1 type: string port: description: |- @@ -103,6 +111,8 @@ spec: Attempting to use a user or basic auth e.g. "user:password@" is not allowed. Fragments ("#...") and query parameters ("?...") are not allowed either. + maxLength: 512 + minLength: 1 type: string type: object namespaceSelector: @@ -185,18 +195,23 @@ spec: description: |- message is a human readable message indicating details about the transition. This field may be empty. + maxLength: 10240 + minLength: 1 type: string reason: description: |- reason is the reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may be empty. + maxLength: 256 + minLength: 1 type: string severity: description: |- severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + maxLength: 32 type: string status: description: status of the condition, one of True, False, Unknown. @@ -206,6 +221,8 @@ spec: type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. + maxLength: 256 + minLength: 1 type: string required: - lastTransitionTime @@ -224,9 +241,14 @@ spec: description: |- failurePolicy defines how failures in calls to the ExtensionHandler should be handled by a client. Defaults to Fail if not set. + enum: + - Ignore + - Fail type: string name: description: name is the unique name of the ExtensionHandler. + maxLength: 512 + minLength: 1 type: string requestHook: description: requestHook defines the versioned runtime hook @@ -235,9 +257,13 @@ spec: apiVersion: description: apiVersion is the group and version of the Hook. + maxLength: 512 + minLength: 1 type: string hook: description: hook is the name of the hook. + maxLength: 256 + minLength: 1 type: string required: - apiVersion @@ -253,6 +279,7 @@ spec: - name - requestHook type: object + maxItems: 512 type: array x-kubernetes-list-map-keys: - name diff --git a/controlplane/kubeadm/api/v1beta1/kubeadm_control_plane_types.go b/controlplane/kubeadm/api/v1beta1/kubeadm_control_plane_types.go index 8e9e2b0c94da..0ab5d5d499a2 100644 --- a/controlplane/kubeadm/api/v1beta1/kubeadm_control_plane_types.go +++ b/controlplane/kubeadm/api/v1beta1/kubeadm_control_plane_types.go @@ -29,6 +29,7 @@ import ( ) // RolloutStrategyType defines the rollout strategies for a KubeadmControlPlane. +// +kubebuilder:validation:Enum=RollingUpdate type RolloutStrategyType string const ( @@ -91,6 +92,8 @@ type KubeadmControlPlaneSpec struct { // * registry.k8s.io (new registry): >= v1.22.17, >= v1.23.15, >= v1.24.9, >= v1.25.0 // * k8s.gcr.io (old registry): all older versions // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=256 Version string `json:"version"` // machineTemplate contains information about how machines @@ -272,6 +275,7 @@ type MachineNamingStrategy struct { // The variable `.random` is substituted with random alphanumeric string, without vowels, of length 5. This variable is required // part of the template. If not provided, validation will fail. // +optional + // +kubebuilder:validation:MinLength=1 // +kubebuilder:validation:MaxLength=256 Template string `json:"template,omitempty"` } @@ -284,6 +288,8 @@ type KubeadmControlPlaneStatus struct { // describe.. The string will be in the same format as the query-param syntax. // More info about label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=4096 Selector string `json:"selector,omitempty"` // replicas is the total number of non-terminated machines targeted by this control plane @@ -294,6 +300,8 @@ type KubeadmControlPlaneStatus struct { // version represents the minimum Kubernetes version for the control plane machines // in the cluster. // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=256 Version *string `json:"version,omitempty"` // updatedReplicas is the total number of non-terminated machines targeted by this control plane @@ -347,6 +355,8 @@ type KubeadmControlPlaneStatus struct { // Deprecated: This field is deprecated and is going to be removed in the next apiVersion. Please see https://github.com/kubernetes-sigs/cluster-api/blob/main/docs/proposals/20240916-improve-status-in-CAPI-resources.md for more details. // // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=10240 FailureMessage *string `json:"failureMessage,omitempty"` // observedGeneration is the latest generation observed by the controller. @@ -397,6 +407,8 @@ type KubeadmControlPlaneV1Beta2Status struct { type LastRemediationStatus struct { // machine is the machine name of the latest machine being remediated. // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=253 Machine string `json:"machine"` // timestamp is when last remediation happened. It is represented in RFC3339 form and is in UTC. diff --git a/controlplane/kubeadm/config/crd/bases/controlplane.cluster.x-k8s.io_kubeadmcontrolplanes.yaml b/controlplane/kubeadm/config/crd/bases/controlplane.cluster.x-k8s.io_kubeadmcontrolplanes.yaml index 9c850cc5209e..e197980312e2 100644 --- a/controlplane/kubeadm/config/crd/bases/controlplane.cluster.x-k8s.io_kubeadmcontrolplanes.yaml +++ b/controlplane/kubeadm/config/crd/bases/controlplane.cluster.x-k8s.io_kubeadmcontrolplanes.yaml @@ -2522,6 +2522,8 @@ spec: description: certSANs sets extra Subject Alternative Names for the API Server signing cert. items: + maxLength: 253 + minLength: 1 type: string maxItems: 100 type: array @@ -2668,13 +2670,19 @@ spec: description: |- hostPath is the path in the host that will be mounted inside the pod. + maxLength: 512 + minLength: 1 type: string mountPath: description: mountPath is the path inside the pod where hostPath will be mounted. + maxLength: 512 + minLength: 1 type: string name: description: name of the volume inside the pod template. + maxLength: 512 + minLength: 1 type: string pathType: description: pathType is the type of the HostPath. @@ -2706,9 +2714,13 @@ spec: description: |- certificatesDir specifies where to store or look for all required certificates. NB: if not provided, this will default to `/etc/kubernetes/pki` + maxLength: 512 + minLength: 1 type: string clusterName: description: clusterName is the cluster name + maxLength: 63 + minLength: 1 type: string controlPlaneEndpoint: description: |- @@ -2724,6 +2736,8 @@ spec: e.g. in environments with enforced node recycling, the ControlPlaneEndpoint could be used for assigning a stable DNS to the control plane. NB: This value defaults to the first value in the Cluster object status.apiEndpoints array. + maxLength: 512 + minLength: 1 type: string controllerManager: description: controllerManager contains extra settings for @@ -2872,13 +2886,19 @@ spec: description: |- hostPath is the path in the host that will be mounted inside the pod. + maxLength: 512 + minLength: 1 type: string mountPath: description: mountPath is the path inside the pod where hostPath will be mounted. + maxLength: 512 + minLength: 1 type: string name: description: name of the volume inside the pod template. + maxLength: 512 + minLength: 1 type: string pathType: description: pathType is the type of the HostPath. @@ -2903,11 +2923,15 @@ spec: description: |- imageRepository sets the container registry to pull images from. if not set, the ImageRepository defined in ClusterConfiguration will be used instead. + maxLength: 512 + minLength: 1 type: string imageTag: description: |- imageTag allows to specify a tag for the image. In case this value is set, kubeadm does not change automatically the version of the above components during upgrades. + maxLength: 256 + minLength: 1 type: string type: object etcd: @@ -2924,16 +2948,22 @@ spec: description: |- caFile is an SSL Certificate Authority file used to secure etcd communication. Required if using a TLS connection. + maxLength: 512 + minLength: 1 type: string certFile: description: |- certFile is an SSL certification file used to secure etcd communication. Required if using a TLS connection. + maxLength: 512 + minLength: 1 type: string endpoints: description: endpoints of etcd members. Required for ExternalEtcd. items: + maxLength: 512 + minLength: 1 type: string maxItems: 50 type: array @@ -2941,6 +2971,8 @@ spec: description: |- keyFile is an SSL key file used to secure etcd communication. Required if using a TLS connection. + maxLength: 512 + minLength: 1 type: string required: - caFile @@ -2957,6 +2989,8 @@ spec: description: |- dataDir is the directory etcd will place its data. Defaults to "/var/lib/etcd". + maxLength: 512 + minLength: 1 type: string extraArgs: additionalProperties: @@ -3097,16 +3131,22 @@ spec: description: |- imageRepository sets the container registry to pull images from. if not set, the ImageRepository defined in ClusterConfiguration will be used instead. + maxLength: 512 + minLength: 1 type: string imageTag: description: |- imageTag allows to specify a tag for the image. In case this value is set, kubeadm does not change automatically the version of the above components during upgrades. + maxLength: 256 + minLength: 1 type: string peerCertSANs: description: peerCertSANs sets extra Subject Alternative Names for the etcd peer signing cert. items: + maxLength: 253 + minLength: 1 type: string maxItems: 100 type: array @@ -3114,6 +3154,8 @@ spec: description: serverCertSANs sets extra Subject Alternative Names for the etcd server signing cert. items: + maxLength: 253 + minLength: 1 type: string maxItems: 100 type: array @@ -3137,6 +3179,8 @@ spec: * If the version is a CI build (kubernetes version starts with `ci/` or `ci-cross/`) `gcr.io/k8s-staging-ci-images` will be used as a default for control plane components and for kube-proxy, while `registry.k8s.io` will be used for all the other images. + maxLength: 512 + minLength: 1 type: string kind: description: |- @@ -3150,6 +3194,8 @@ spec: description: |- kubernetesVersion is the target version of the control plane. NB: This value defaults to the Machine object spec.version + maxLength: 256 + minLength: 1 type: string networking: description: |- @@ -3159,18 +3205,24 @@ spec: dnsDomain: description: dnsDomain is the dns domain used by k8s services. Defaults to "cluster.local". + maxLength: 253 + minLength: 1 type: string podSubnet: description: |- podSubnet is the subnet used by pods. If unset, the API server will not allocate CIDR ranges for every node. Defaults to a comma-delimited string of the Cluster object's spec.clusterNetwork.services.cidrBlocks if that is set + maxLength: 1024 + minLength: 1 type: string serviceSubnet: description: |- serviceSubnet is the subnet used by k8s services. Defaults to a comma-delimited string of the Cluster object's spec.clusterNetwork.pods.cidrBlocks, or to "10.96.0.0/12" if that's unset. + maxLength: 1024 + minLength: 1 type: string type: object scheduler: @@ -3320,13 +3372,19 @@ spec: description: |- hostPath is the path in the host that will be mounted inside the pod. + maxLength: 512 + minLength: 1 type: string mountPath: description: mountPath is the path inside the pod where hostPath will be mounted. + maxLength: 512 + minLength: 1 type: string name: description: name of the volume inside the pod template. + maxLength: 512 + minLength: 1 type: string pathType: description: pathType is the type of the HostPath. @@ -3356,20 +3414,28 @@ spec: properties: device: description: device specifies the device name + maxLength: 256 + minLength: 1 type: string extraOpts: description: extraOpts defined extra options to add to the command for creating the file system. items: + maxLength: 256 + minLength: 1 type: string maxItems: 100 type: array filesystem: description: filesystem specifies the file system type. + maxLength: 128 + minLength: 1 type: string label: description: label specifies the file system label to be used. If set to None, no label is used. + maxLength: 512 + minLength: 1 type: string overwrite: description: |- @@ -3381,11 +3447,15 @@ spec: The valid options are: "auto|any", "auto", "any", "none", and , where NUM is the actual partition number.' + maxLength: 128 + minLength: 1 type: string replaceFS: description: |- replaceFS is a special directive, used for Microsoft Azure that instructs cloud-init to replace a file system of . NOTE: unless you define a label, this requires the use of the 'any' partition directive. + maxLength: 128 + minLength: 1 type: string required: - device @@ -3403,6 +3473,8 @@ spec: properties: device: description: device is the name of the device. + maxLength: 256 + minLength: 1 type: string layout: description: |- @@ -3420,6 +3492,9 @@ spec: tableType specifies the tupe of partition table. The following are supported: 'mbr': default and setups a MS-DOS partition table 'gpt': setups a GPT partition table + enum: + - mbr + - gpt type: string required: - device @@ -3441,6 +3516,8 @@ spec: type: boolean content: description: content is the actual content of the file. + maxLength: 10240 + minLength: 1 type: string contentFrom: description: contentFrom is a referenced source of content @@ -3453,10 +3530,14 @@ spec: key: description: key is the key in the secret's data map for this value. + maxLength: 256 + minLength: 1 type: string name: description: name of the secret in the KubeadmBootstrapConfig's namespace to use. + maxLength: 253 + minLength: 1 type: string required: - key @@ -3476,14 +3557,20 @@ spec: owner: description: owner specifies the ownership of the file, e.g. "root:root". + maxLength: 256 + minLength: 1 type: string path: description: path specifies the full path on disk where to store the file. + maxLength: 512 + minLength: 1 type: string permissions: description: permissions specifies the permissions to assign to the file, e.g. "0640". + maxLength: 16 + minLength: 1 type: string required: - path @@ -3509,6 +3596,8 @@ spec: configuration generated by the bootstrapper controller. More info: https://coreos.github.io/ignition/operator-notes/#config-merging The data format is documented here: https://kinvolk.io/docs/flatcar-container-linux/latest/provisioning/cl-config/ + maxLength: 10240 + minLength: 1 type: string strict: description: strict controls if AdditionalConfig should @@ -3539,6 +3628,8 @@ spec: description: |- description sets a human-friendly message why this token exists and what it's used for, so other administrators can know its purpose. + maxLength: 512 + minLength: 1 type: string expires: description: |- @@ -3551,6 +3642,8 @@ spec: groups specifies the extra groups that this token will authenticate as when/if used for authentication items: + maxLength: 256 + minLength: 1 type: string maxItems: 100 type: array @@ -3569,6 +3662,8 @@ spec: usages describes the ways in which this token can be used. Can by default be used for establishing bidirectional trust, but that can be changed here. items: + maxLength: 256 + minLength: 1 type: string maxItems: 100 type: array @@ -3597,6 +3692,8 @@ spec: advertiseAddress: description: advertiseAddress sets the IP address for the API server to advertise. + maxLength: 39 + minLength: 1 type: string bindPort: description: |- @@ -3615,12 +3712,16 @@ spec: description: criSocket is used to retrieve container runtime info. This information will be annotated to the Node API object, for later re-use + maxLength: 512 + minLength: 1 type: string ignorePreflightErrors: description: ignorePreflightErrors provides a slice of pre-flight errors to be ignored when the current node is registered. items: + maxLength: 512 + minLength: 1 type: string maxItems: 50 type: array @@ -3655,6 +3756,8 @@ spec: name is the `.Metadata.Name` field of the Node API object that will be created in this `kubeadm init` or `kubeadm join` operation. This field is also used in the CommonName field of the kubelet's client certificate to the API server. Defaults to the hostname of the node if not provided. + maxLength: 253 + minLength: 1 type: string taints: description: |- @@ -3710,6 +3813,8 @@ spec: These files can be written into the target directory via KubeadmConfig.Files which specifies additional files to be created on the machine, either with content inline or by referencing a secret. + maxLength: 512 + minLength: 1 type: string type: object skipPhases: @@ -3718,6 +3823,8 @@ spec: The list of phases can be obtained with the "kubeadm init --help" command. This option takes effect only on Kubernetes >=1.22.0. items: + maxLength: 256 + minLength: 1 type: string maxItems: 50 type: array @@ -3738,6 +3845,8 @@ spec: caCertPath is the path to the SSL certificate authority used to secure comunications between node and control-plane. Defaults to "/etc/kubernetes/pki/ca.crt". + maxLength: 512 + minLength: 1 type: string controlPlane: description: |- @@ -3751,6 +3860,8 @@ spec: advertiseAddress: description: advertiseAddress sets the IP address for the API server to advertise. + maxLength: 39 + minLength: 1 type: string bindPort: description: |- @@ -3772,6 +3883,8 @@ spec: apiServerEndpoint: description: apiServerEndpoint is an IP or domain name to the API server from which info will be fetched. + maxLength: 512 + minLength: 1 type: string caCertHashes: description: |- @@ -3784,6 +3897,8 @@ spec: ASN.1. These hashes can be calculated using, for example, OpenSSL: openssl x509 -pubkey -in ca.crt openssl rsa -pubin -outform der 2>&/dev/null | openssl dgst -sha256 -hex items: + maxLength: 512 + minLength: 1 type: string maxItems: 100 type: array @@ -3791,6 +3906,8 @@ spec: description: |- token is a token used to validate cluster information fetched from the control-plane. + maxLength: 512 + minLength: 1 type: string unsafeSkipCAVerification: description: |- @@ -3828,6 +3945,8 @@ spec: Defaults to the Cluster's CA certificate if empty. format: byte + maxLength: 51200 + minLength: 1 type: string insecureSkipTLSVerify: description: insecureSkipTLSVerify skips the @@ -3845,18 +3964,24 @@ spec: socks5 proxying does not currently support spdy streaming endpoints (exec, attach, port forward). + maxLength: 512 + minLength: 1 type: string server: description: |- server is the address of the kubernetes cluster (https://hostname:port). Defaults to https:// + Cluster.Spec.ControlPlaneEndpoint. + maxLength: 512 + minLength: 1 type: string tlsServerName: description: tlsServerName is used to check server certificate. If TLSServerName is empty, the hostname used to contact the server is used. + maxLength: 512 + minLength: 1 type: string type: object user: @@ -3878,6 +4003,8 @@ spec: name: description: name is the name of the authentication plugin. + maxLength: 256 + minLength: 1 type: string required: - name @@ -3892,16 +4019,22 @@ spec: apiVersion is preferred input version of the ExecInfo. The returned ExecCredentials MUST use the same encoding version as the input. Defaults to client.authentication.k8s.io/v1 if not set. + maxLength: 512 + minLength: 1 type: string args: description: args is the arguments to pass to the command when executing it. items: + maxLength: 512 + minLength: 1 type: string maxItems: 100 type: array command: description: command to execute. + maxLength: 1024 + minLength: 1 type: string env: description: |- @@ -3916,10 +4049,14 @@ spec: name: description: name of the environment variable + maxLength: 512 + minLength: 1 type: string value: description: value of the environment variable + maxLength: 512 + minLength: 1 type: string required: - name @@ -3946,6 +4083,8 @@ spec: description: kubeConfigPath is used to specify the actual file path or URL to the kubeconfig file from which to load cluster information + maxLength: 512 + minLength: 1 type: string required: - kubeConfigPath @@ -3958,6 +4097,8 @@ spec: tlsBootstrapToken is a token used for TLS bootstrapping. If .BootstrapToken is set, this field is defaulted to .BootstrapToken.Token, but can be overridden. If .File is set, this field **must be set** in case the KubeConfigFile does not contain any other authentication information + maxLength: 512 + minLength: 1 type: string type: object kind: @@ -3978,12 +4119,16 @@ spec: description: criSocket is used to retrieve container runtime info. This information will be annotated to the Node API object, for later re-use + maxLength: 512 + minLength: 1 type: string ignorePreflightErrors: description: ignorePreflightErrors provides a slice of pre-flight errors to be ignored when the current node is registered. items: + maxLength: 512 + minLength: 1 type: string maxItems: 50 type: array @@ -4018,6 +4163,8 @@ spec: name is the `.Metadata.Name` field of the Node API object that will be created in this `kubeadm init` or `kubeadm join` operation. This field is also used in the CommonName field of the kubelet's client certificate to the API server. Defaults to the hostname of the node if not provided. + maxLength: 253 + minLength: 1 type: string taints: description: |- @@ -4073,6 +4220,8 @@ spec: These files can be written into the target directory via KubeadmConfig.Files which specifies additional files to be created on the machine, either with content inline or by referencing a secret. + maxLength: 512 + minLength: 1 type: string type: object skipPhases: @@ -4081,6 +4230,8 @@ spec: The list of phases can be obtained with the "kubeadm init --help" command. This option takes effect only on Kubernetes >=1.22.0. items: + maxLength: 256 + minLength: 1 type: string maxItems: 50 type: array @@ -4091,6 +4242,8 @@ spec: description: MountPoints defines input for generated mounts in cloud-init. items: + maxLength: 512 + minLength: 1 type: string type: array maxItems: 100 @@ -4104,6 +4257,8 @@ spec: servers: description: servers specifies which NTP servers to use items: + maxLength: 512 + minLength: 1 type: string maxItems: 100 type: array @@ -4112,6 +4267,8 @@ spec: description: postKubeadmCommands specifies extra commands to run after kubeadm runs items: + maxLength: 10240 + minLength: 1 type: string maxItems: 1000 type: array @@ -4119,6 +4276,8 @@ spec: description: preKubeadmCommands specifies extra commands to run before kubeadm runs items: + maxLength: 10240 + minLength: 1 type: string maxItems: 1000 type: array @@ -4146,14 +4305,20 @@ spec: properties: gecos: description: gecos specifies the gecos to use for the user + maxLength: 256 + minLength: 1 type: string groups: description: groups specifies the additional groups for the user + maxLength: 256 + minLength: 1 type: string homeDir: description: homeDir specifies the home directory to use for the user + maxLength: 256 + minLength: 1 type: string inactive: description: inactive specifies whether to mark the user @@ -4165,10 +4330,14 @@ spec: type: boolean name: description: name specifies the user name + maxLength: 256 + minLength: 1 type: string passwd: description: passwd specifies a hashed password for the user + maxLength: 256 + minLength: 1 type: string passwdFrom: description: passwdFrom is a referenced source of passwd @@ -4181,10 +4350,14 @@ spec: key: description: key is the key in the secret's data map for this value. + maxLength: 256 + minLength: 1 type: string name: description: name of the secret in the KubeadmBootstrapConfig's namespace to use. + maxLength: 253 + minLength: 1 type: string required: - key @@ -4196,19 +4369,27 @@ spec: primaryGroup: description: primaryGroup specifies the primary group for the user + maxLength: 256 + minLength: 1 type: string shell: description: shell specifies the user's shell + maxLength: 256 + minLength: 1 type: string sshAuthorizedKeys: description: sshAuthorizedKeys specifies a list of ssh authorized keys for the user items: + maxLength: 2048 + minLength: 1 type: string maxItems: 100 type: array sudo: description: sudo specifies a sudo role for the user + maxLength: 256 + minLength: 1 type: string required: - name @@ -4240,6 +4421,7 @@ spec: The variable `.random` is substituted with random alphanumeric string, without vowels, of length 5. This variable is required part of the template. If not provided, validation will fail. maxLength: 256 + minLength: 1 type: string type: object machineTemplate: @@ -4488,6 +4670,8 @@ spec: type of rollout. Currently the only supported strategy is "RollingUpdate". Default is RollingUpdate. + enum: + - RollingUpdate type: string type: object version: @@ -4498,6 +4682,8 @@ spec: Please use a newer patch version with the new registry instead. The default registries of kubeadm are: * registry.k8s.io (new registry): >= v1.22.17, >= v1.23.15, >= v1.24.9, >= v1.25.0 * k8s.gcr.io (old registry): all older versions + maxLength: 256 + minLength: 1 type: string required: - kubeadmConfigSpec @@ -4524,18 +4710,23 @@ spec: description: |- message is a human readable message indicating details about the transition. This field may be empty. + maxLength: 10240 + minLength: 1 type: string reason: description: |- reason is the reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may be empty. + maxLength: 256 + minLength: 1 type: string severity: description: |- severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + maxLength: 32 type: string status: description: status of the condition, one of True, False, Unknown. @@ -4545,6 +4736,8 @@ spec: type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. + maxLength: 256 + minLength: 1 type: string required: - lastTransitionTime @@ -4558,6 +4751,8 @@ spec: state, and will be set to a descriptive error message. Deprecated: This field is deprecated and is going to be removed in the next apiVersion. Please see https://github.com/kubernetes-sigs/cluster-api/blob/main/docs/proposals/20240916-improve-status-in-CAPI-resources.md for more details. + maxLength: 10240 + minLength: 1 type: string failureReason: description: |- @@ -4581,6 +4776,8 @@ spec: machine: description: machine is the machine name of the latest machine being remediated. + maxLength: 253 + minLength: 1 type: string retryCount: description: |- @@ -4629,6 +4826,8 @@ spec: scale subresource and additional integrations for things like kubectl describe.. The string will be in the same format as the query-param syntax. More info about label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors + maxLength: 4096 + minLength: 1 type: string unavailableReplicas: description: |- @@ -4739,6 +4938,8 @@ spec: description: |- version represents the minimum Kubernetes version for the control plane machines in the cluster. + maxLength: 256 + minLength: 1 type: string type: object type: object diff --git a/controlplane/kubeadm/config/crd/bases/controlplane.cluster.x-k8s.io_kubeadmcontrolplanetemplates.yaml b/controlplane/kubeadm/config/crd/bases/controlplane.cluster.x-k8s.io_kubeadmcontrolplanetemplates.yaml index 3f18102a625c..010700e16e76 100644 --- a/controlplane/kubeadm/config/crd/bases/controlplane.cluster.x-k8s.io_kubeadmcontrolplanetemplates.yaml +++ b/controlplane/kubeadm/config/crd/bases/controlplane.cluster.x-k8s.io_kubeadmcontrolplanetemplates.yaml @@ -1207,6 +1207,8 @@ spec: description: certSANs sets extra Subject Alternative Names for the API Server signing cert. items: + maxLength: 253 + minLength: 1 type: string maxItems: 100 type: array @@ -1358,14 +1360,20 @@ spec: description: |- hostPath is the path in the host that will be mounted inside the pod. + maxLength: 512 + minLength: 1 type: string mountPath: description: mountPath is the path inside the pod where hostPath will be mounted. + maxLength: 512 + minLength: 1 type: string name: description: name of the volume inside the pod template. + maxLength: 512 + minLength: 1 type: string pathType: description: pathType is the type of the @@ -1398,9 +1406,13 @@ spec: description: |- certificatesDir specifies where to store or look for all required certificates. NB: if not provided, this will default to `/etc/kubernetes/pki` + maxLength: 512 + minLength: 1 type: string clusterName: description: clusterName is the cluster name + maxLength: 63 + minLength: 1 type: string controlPlaneEndpoint: description: |- @@ -1416,6 +1428,8 @@ spec: e.g. in environments with enforced node recycling, the ControlPlaneEndpoint could be used for assigning a stable DNS to the control plane. NB: This value defaults to the first value in the Cluster object status.apiEndpoints array. + maxLength: 512 + minLength: 1 type: string controllerManager: description: controllerManager contains extra settings @@ -1569,14 +1583,20 @@ spec: description: |- hostPath is the path in the host that will be mounted inside the pod. + maxLength: 512 + minLength: 1 type: string mountPath: description: mountPath is the path inside the pod where hostPath will be mounted. + maxLength: 512 + minLength: 1 type: string name: description: name of the volume inside the pod template. + maxLength: 512 + minLength: 1 type: string pathType: description: pathType is the type of the @@ -1602,11 +1622,15 @@ spec: description: |- imageRepository sets the container registry to pull images from. if not set, the ImageRepository defined in ClusterConfiguration will be used instead. + maxLength: 512 + minLength: 1 type: string imageTag: description: |- imageTag allows to specify a tag for the image. In case this value is set, kubeadm does not change automatically the version of the above components during upgrades. + maxLength: 256 + minLength: 1 type: string type: object etcd: @@ -1623,16 +1647,22 @@ spec: description: |- caFile is an SSL Certificate Authority file used to secure etcd communication. Required if using a TLS connection. + maxLength: 512 + minLength: 1 type: string certFile: description: |- certFile is an SSL certification file used to secure etcd communication. Required if using a TLS connection. + maxLength: 512 + minLength: 1 type: string endpoints: description: endpoints of etcd members. Required for ExternalEtcd. items: + maxLength: 512 + minLength: 1 type: string maxItems: 50 type: array @@ -1640,6 +1670,8 @@ spec: description: |- keyFile is an SSL key file used to secure etcd communication. Required if using a TLS connection. + maxLength: 512 + minLength: 1 type: string required: - caFile @@ -1656,6 +1688,8 @@ spec: description: |- dataDir is the directory etcd will place its data. Defaults to "/var/lib/etcd". + maxLength: 512 + minLength: 1 type: string extraArgs: additionalProperties: @@ -1802,17 +1836,23 @@ spec: description: |- imageRepository sets the container registry to pull images from. if not set, the ImageRepository defined in ClusterConfiguration will be used instead. + maxLength: 512 + minLength: 1 type: string imageTag: description: |- imageTag allows to specify a tag for the image. In case this value is set, kubeadm does not change automatically the version of the above components during upgrades. + maxLength: 256 + minLength: 1 type: string peerCertSANs: description: peerCertSANs sets extra Subject Alternative Names for the etcd peer signing cert. items: + maxLength: 253 + minLength: 1 type: string maxItems: 100 type: array @@ -1821,6 +1861,8 @@ spec: Alternative Names for the etcd server signing cert. items: + maxLength: 253 + minLength: 1 type: string maxItems: 100 type: array @@ -1844,6 +1886,8 @@ spec: * If the version is a CI build (kubernetes version starts with `ci/` or `ci-cross/`) `gcr.io/k8s-staging-ci-images` will be used as a default for control plane components and for kube-proxy, while `registry.k8s.io` will be used for all the other images. + maxLength: 512 + minLength: 1 type: string kind: description: |- @@ -1857,6 +1901,8 @@ spec: description: |- kubernetesVersion is the target version of the control plane. NB: This value defaults to the Machine object spec.version + maxLength: 256 + minLength: 1 type: string networking: description: |- @@ -1866,18 +1912,24 @@ spec: dnsDomain: description: dnsDomain is the dns domain used by k8s services. Defaults to "cluster.local". + maxLength: 253 + minLength: 1 type: string podSubnet: description: |- podSubnet is the subnet used by pods. If unset, the API server will not allocate CIDR ranges for every node. Defaults to a comma-delimited string of the Cluster object's spec.clusterNetwork.services.cidrBlocks if that is set + maxLength: 1024 + minLength: 1 type: string serviceSubnet: description: |- serviceSubnet is the subnet used by k8s services. Defaults to a comma-delimited string of the Cluster object's spec.clusterNetwork.pods.cidrBlocks, or to "10.96.0.0/12" if that's unset. + maxLength: 1024 + minLength: 1 type: string type: object scheduler: @@ -2032,14 +2084,20 @@ spec: description: |- hostPath is the path in the host that will be mounted inside the pod. + maxLength: 512 + minLength: 1 type: string mountPath: description: mountPath is the path inside the pod where hostPath will be mounted. + maxLength: 512 + minLength: 1 type: string name: description: name of the volume inside the pod template. + maxLength: 512 + minLength: 1 type: string pathType: description: pathType is the type of the @@ -2071,23 +2129,31 @@ spec: properties: device: description: device specifies the device name + maxLength: 256 + minLength: 1 type: string extraOpts: description: extraOpts defined extra options to add to the command for creating the file system. items: + maxLength: 256 + minLength: 1 type: string maxItems: 100 type: array filesystem: description: filesystem specifies the file system type. + maxLength: 128 + minLength: 1 type: string label: description: label specifies the file system label to be used. If set to None, no label is used. + maxLength: 512 + minLength: 1 type: string overwrite: description: |- @@ -2099,11 +2165,15 @@ spec: to use. The valid options are: "auto|any", "auto", "any", "none", and , where NUM is the actual partition number.' + maxLength: 128 + minLength: 1 type: string replaceFS: description: |- replaceFS is a special directive, used for Microsoft Azure that instructs cloud-init to replace a file system of . NOTE: unless you define a label, this requires the use of the 'any' partition directive. + maxLength: 128 + minLength: 1 type: string required: - device @@ -2121,6 +2191,8 @@ spec: properties: device: description: device is the name of the device. + maxLength: 256 + minLength: 1 type: string layout: description: |- @@ -2138,6 +2210,9 @@ spec: tableType specifies the tupe of partition table. The following are supported: 'mbr': default and setups a MS-DOS partition table 'gpt': setups a GPT partition table + enum: + - mbr + - gpt type: string required: - device @@ -2160,6 +2235,8 @@ spec: content: description: content is the actual content of the file. + maxLength: 10240 + minLength: 1 type: string contentFrom: description: contentFrom is a referenced source @@ -2172,10 +2249,14 @@ spec: key: description: key is the key in the secret's data map for this value. + maxLength: 256 + minLength: 1 type: string name: description: name of the secret in the KubeadmBootstrapConfig's namespace to use. + maxLength: 253 + minLength: 1 type: string required: - key @@ -2195,14 +2276,20 @@ spec: owner: description: owner specifies the ownership of the file, e.g. "root:root". + maxLength: 256 + minLength: 1 type: string path: description: path specifies the full path on disk where to store the file. + maxLength: 512 + minLength: 1 type: string permissions: description: permissions specifies the permissions to assign to the file, e.g. "0640". + maxLength: 16 + minLength: 1 type: string required: - path @@ -2229,6 +2316,8 @@ spec: configuration generated by the bootstrapper controller. More info: https://coreos.github.io/ignition/operator-notes/#config-merging The data format is documented here: https://kinvolk.io/docs/flatcar-container-linux/latest/provisioning/cl-config/ + maxLength: 10240 + minLength: 1 type: string strict: description: strict controls if AdditionalConfig @@ -2260,6 +2349,8 @@ spec: description: |- description sets a human-friendly message why this token exists and what it's used for, so other administrators can know its purpose. + maxLength: 512 + minLength: 1 type: string expires: description: |- @@ -2272,6 +2363,8 @@ spec: groups specifies the extra groups that this token will authenticate as when/if used for authentication items: + maxLength: 256 + minLength: 1 type: string maxItems: 100 type: array @@ -2290,6 +2383,8 @@ spec: usages describes the ways in which this token can be used. Can by default be used for establishing bidirectional trust, but that can be changed here. items: + maxLength: 256 + minLength: 1 type: string maxItems: 100 type: array @@ -2318,6 +2413,8 @@ spec: advertiseAddress: description: advertiseAddress sets the IP address for the API server to advertise. + maxLength: 39 + minLength: 1 type: string bindPort: description: |- @@ -2336,12 +2433,16 @@ spec: description: criSocket is used to retrieve container runtime info. This information will be annotated to the Node API object, for later re-use + maxLength: 512 + minLength: 1 type: string ignorePreflightErrors: description: ignorePreflightErrors provides a slice of pre-flight errors to be ignored when the current node is registered. items: + maxLength: 512 + minLength: 1 type: string maxItems: 50 type: array @@ -2376,6 +2477,8 @@ spec: name is the `.Metadata.Name` field of the Node API object that will be created in this `kubeadm init` or `kubeadm join` operation. This field is also used in the CommonName field of the kubelet's client certificate to the API server. Defaults to the hostname of the node if not provided. + maxLength: 253 + minLength: 1 type: string taints: description: |- @@ -2431,6 +2534,8 @@ spec: These files can be written into the target directory via KubeadmConfig.Files which specifies additional files to be created on the machine, either with content inline or by referencing a secret. + maxLength: 512 + minLength: 1 type: string type: object skipPhases: @@ -2439,6 +2544,8 @@ spec: The list of phases can be obtained with the "kubeadm init --help" command. This option takes effect only on Kubernetes >=1.22.0. items: + maxLength: 256 + minLength: 1 type: string maxItems: 50 type: array @@ -2459,6 +2566,8 @@ spec: caCertPath is the path to the SSL certificate authority used to secure comunications between node and control-plane. Defaults to "/etc/kubernetes/pki/ca.crt". + maxLength: 512 + minLength: 1 type: string controlPlane: description: |- @@ -2473,6 +2582,8 @@ spec: advertiseAddress: description: advertiseAddress sets the IP address for the API server to advertise. + maxLength: 39 + minLength: 1 type: string bindPort: description: |- @@ -2495,6 +2606,8 @@ spec: description: apiServerEndpoint is an IP or domain name to the API server from which info will be fetched. + maxLength: 512 + minLength: 1 type: string caCertHashes: description: |- @@ -2507,6 +2620,8 @@ spec: ASN.1. These hashes can be calculated using, for example, OpenSSL: openssl x509 -pubkey -in ca.crt openssl rsa -pubin -outform der 2>&/dev/null | openssl dgst -sha256 -hex items: + maxLength: 512 + minLength: 1 type: string maxItems: 100 type: array @@ -2514,6 +2629,8 @@ spec: description: |- token is a token used to validate cluster information fetched from the control-plane. + maxLength: 512 + minLength: 1 type: string unsafeSkipCAVerification: description: |- @@ -2551,6 +2668,8 @@ spec: Defaults to the Cluster's CA certificate if empty. format: byte + maxLength: 51200 + minLength: 1 type: string insecureSkipTLSVerify: description: insecureSkipTLSVerify @@ -2569,18 +2688,24 @@ spec: socks5 proxying does not currently support spdy streaming endpoints (exec, attach, port forward). + maxLength: 512 + minLength: 1 type: string server: description: |- server is the address of the kubernetes cluster (https://hostname:port). Defaults to https:// + Cluster.Spec.ControlPlaneEndpoint. + maxLength: 512 + minLength: 1 type: string tlsServerName: description: tlsServerName is used to check server certificate. If TLSServerName is empty, the hostname used to contact the server is used. + maxLength: 512 + minLength: 1 type: string type: object user: @@ -2603,6 +2728,8 @@ spec: name: description: name is the name of the authentication plugin. + maxLength: 256 + minLength: 1 type: string required: - name @@ -2617,17 +2744,23 @@ spec: apiVersion is preferred input version of the ExecInfo. The returned ExecCredentials MUST use the same encoding version as the input. Defaults to client.authentication.k8s.io/v1 if not set. + maxLength: 512 + minLength: 1 type: string args: description: args is the arguments to pass to the command when executing it. items: + maxLength: 512 + minLength: 1 type: string maxItems: 100 type: array command: description: command to execute. + maxLength: 1024 + minLength: 1 type: string env: description: |- @@ -2642,10 +2775,14 @@ spec: name: description: name of the environment variable + maxLength: 512 + minLength: 1 type: string value: description: value of the environment variable + maxLength: 512 + minLength: 1 type: string required: - name @@ -2672,6 +2809,8 @@ spec: description: kubeConfigPath is used to specify the actual file path or URL to the kubeconfig file from which to load cluster information + maxLength: 512 + minLength: 1 type: string required: - kubeConfigPath @@ -2684,6 +2823,8 @@ spec: tlsBootstrapToken is a token used for TLS bootstrapping. If .BootstrapToken is set, this field is defaulted to .BootstrapToken.Token, but can be overridden. If .File is set, this field **must be set** in case the KubeConfigFile does not contain any other authentication information + maxLength: 512 + minLength: 1 type: string type: object kind: @@ -2704,12 +2845,16 @@ spec: description: criSocket is used to retrieve container runtime info. This information will be annotated to the Node API object, for later re-use + maxLength: 512 + minLength: 1 type: string ignorePreflightErrors: description: ignorePreflightErrors provides a slice of pre-flight errors to be ignored when the current node is registered. items: + maxLength: 512 + minLength: 1 type: string maxItems: 50 type: array @@ -2744,6 +2889,8 @@ spec: name is the `.Metadata.Name` field of the Node API object that will be created in this `kubeadm init` or `kubeadm join` operation. This field is also used in the CommonName field of the kubelet's client certificate to the API server. Defaults to the hostname of the node if not provided. + maxLength: 253 + minLength: 1 type: string taints: description: |- @@ -2799,6 +2946,8 @@ spec: These files can be written into the target directory via KubeadmConfig.Files which specifies additional files to be created on the machine, either with content inline or by referencing a secret. + maxLength: 512 + minLength: 1 type: string type: object skipPhases: @@ -2807,6 +2956,8 @@ spec: The list of phases can be obtained with the "kubeadm init --help" command. This option takes effect only on Kubernetes >=1.22.0. items: + maxLength: 256 + minLength: 1 type: string maxItems: 50 type: array @@ -2818,6 +2969,8 @@ spec: description: MountPoints defines input for generated mounts in cloud-init. items: + maxLength: 512 + minLength: 1 type: string type: array maxItems: 100 @@ -2833,6 +2986,8 @@ spec: description: servers specifies which NTP servers to use items: + maxLength: 512 + minLength: 1 type: string maxItems: 100 type: array @@ -2841,6 +2996,8 @@ spec: description: postKubeadmCommands specifies extra commands to run after kubeadm runs items: + maxLength: 10240 + minLength: 1 type: string maxItems: 1000 type: array @@ -2848,6 +3005,8 @@ spec: description: preKubeadmCommands specifies extra commands to run before kubeadm runs items: + maxLength: 10240 + minLength: 1 type: string maxItems: 1000 type: array @@ -2876,14 +3035,20 @@ spec: gecos: description: gecos specifies the gecos to use for the user + maxLength: 256 + minLength: 1 type: string groups: description: groups specifies the additional groups for the user + maxLength: 256 + minLength: 1 type: string homeDir: description: homeDir specifies the home directory to use for the user + maxLength: 256 + minLength: 1 type: string inactive: description: inactive specifies whether to mark @@ -2895,10 +3060,14 @@ spec: type: boolean name: description: name specifies the user name + maxLength: 256 + minLength: 1 type: string passwd: description: passwd specifies a hashed password for the user + maxLength: 256 + minLength: 1 type: string passwdFrom: description: passwdFrom is a referenced source of @@ -2911,10 +3080,14 @@ spec: key: description: key is the key in the secret's data map for this value. + maxLength: 256 + minLength: 1 type: string name: description: name of the secret in the KubeadmBootstrapConfig's namespace to use. + maxLength: 253 + minLength: 1 type: string required: - key @@ -2926,20 +3099,28 @@ spec: primaryGroup: description: primaryGroup specifies the primary group for the user + maxLength: 256 + minLength: 1 type: string shell: description: shell specifies the user's shell + maxLength: 256 + minLength: 1 type: string sshAuthorizedKeys: description: sshAuthorizedKeys specifies a list of ssh authorized keys for the user items: + maxLength: 2048 + minLength: 1 type: string maxItems: 100 type: array sudo: description: sudo specifies a sudo role for the user + maxLength: 256 + minLength: 1 type: string required: - name @@ -2971,6 +3152,7 @@ spec: The variable `.random` is substituted with random alphanumeric string, without vowels, of length 5. This variable is required part of the template. If not provided, validation will fail. maxLength: 256 + minLength: 1 type: string type: object machineTemplate: @@ -3121,6 +3303,8 @@ spec: type of rollout. Currently the only supported strategy is "RollingUpdate". Default is RollingUpdate. + enum: + - RollingUpdate type: string type: object required: diff --git a/exp/addons/api/v1beta1/clusterresourceset_types.go b/exp/addons/api/v1beta1/clusterresourceset_types.go index fbe63d3eb49b..d6b6d29f7d2b 100644 --- a/exp/addons/api/v1beta1/clusterresourceset_types.go +++ b/exp/addons/api/v1beta1/clusterresourceset_types.go @@ -87,8 +87,9 @@ const ( // ResourceRef specifies a resource. type ResourceRef struct { // name of the resource that is in the same namespace with ClusterResourceSet object. - // +kubebuilder:validation:MinLength=1 // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=253 Name string `json:"name"` // kind of the resource. Supported kinds are: Secrets and ConfigMaps. diff --git a/exp/addons/api/v1beta1/clusterresourcesetbinding_types.go b/exp/addons/api/v1beta1/clusterresourcesetbinding_types.go index 457ab1f96046..783b12da002c 100644 --- a/exp/addons/api/v1beta1/clusterresourcesetbinding_types.go +++ b/exp/addons/api/v1beta1/clusterresourcesetbinding_types.go @@ -33,6 +33,8 @@ type ResourceBinding struct { // hash is the hash of a resource's data. This can be used to decide if a resource is changed. // For "ApplyOnce" ClusterResourceSet.spec.strategy, this is no-op as that strategy does not act on change. // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=256 Hash string `json:"hash,omitempty"` // lastAppliedTime identifies when this resource was last applied to the cluster. @@ -50,6 +52,8 @@ type ResourceBinding struct { type ResourceSetBinding struct { // clusterResourceSetName is the name of the ClusterResourceSet that is applied to the owner cluster of the binding. // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=253 ClusterResourceSetName string `json:"clusterResourceSetName"` // resources is a list of resources that the ClusterResourceSet has. @@ -198,6 +202,8 @@ type ClusterResourceSetBindingSpec struct { // clusterName is the name of the Cluster this binding applies to. // Note: this field mandatory in v1beta2. // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=63 ClusterName string `json:"clusterName,omitempty"` } diff --git a/exp/api/v1beta1/machinepool_types.go b/exp/api/v1beta1/machinepool_types.go index dfe098f2c9da..be97236182d4 100644 --- a/exp/api/v1beta1/machinepool_types.go +++ b/exp/api/v1beta1/machinepool_types.go @@ -34,8 +34,9 @@ const ( // MachinePoolSpec defines the desired state of MachinePool. type MachinePoolSpec struct { // clusterName is the name of the Cluster this object belongs to. - // +kubebuilder:validation:MinLength=1 // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=63 ClusterName string `json:"clusterName"` // replicas is the number of desired machines. Defaults to 1. @@ -58,11 +59,15 @@ type MachinePoolSpec struct { // This field must match the provider IDs as seen on the node objects corresponding to a machine pool's machine instances. // +optional // +kubebuilder:validation:MaxItems=10000 + // +kubebuilder:validation:items:MinLength=1 + // +kubebuilder:validation:items:MaxLength=512 ProviderIDList []string `json:"providerIDList,omitempty"` // failureDomains is the list of failure domains this MachinePool should be attached to. // +optional // +kubebuilder:validation:MaxItems=100 + // +kubebuilder:validation:items:MinLength=1 + // +kubebuilder:validation:items:MaxLength=256 FailureDomains []string `json:"failureDomains,omitempty"` } @@ -114,11 +119,13 @@ type MachinePoolStatus struct { // Deprecated: This field is deprecated and is going to be removed in the next apiVersion. Please see https://github.com/kubernetes-sigs/cluster-api/blob/main/docs/proposals/20240916-improve-status-in-CAPI-resources.md for more details. // // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=10240 FailureMessage *string `json:"failureMessage,omitempty"` // phase represents the current phase of cluster actuation. - // E.g. Pending, Running, Terminating, Failed etc. // +optional + // +kubebuilder:validation:Enum=Pending;Provisioning;Provisioned;Running;ScalingUp;ScalingDown;Scaling;Deleting;Failed;Unknown Phase string `json:"phase,omitempty"` // bootstrapReady is the state of the bootstrap provider. diff --git a/exp/ipam/api/v1alpha1/ipaddress_types.go b/exp/ipam/api/v1alpha1/ipaddress_types.go index c6ca47ff3bb1..59afd7db8d3e 100644 --- a/exp/ipam/api/v1alpha1/ipaddress_types.go +++ b/exp/ipam/api/v1alpha1/ipaddress_types.go @@ -33,6 +33,8 @@ type IPAddressSpec struct { // address is the IP address. // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=39 Address string `json:"address"` // prefix is the prefix of the address. @@ -41,6 +43,8 @@ type IPAddressSpec struct { // gateway is the network gateway of the network the address is from. // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=39 Gateway string `json:"gateway,omitempty"` } diff --git a/exp/ipam/api/v1beta1/ipaddress_types.go b/exp/ipam/api/v1beta1/ipaddress_types.go index 11c65e9e1073..8410bf08f794 100644 --- a/exp/ipam/api/v1beta1/ipaddress_types.go +++ b/exp/ipam/api/v1beta1/ipaddress_types.go @@ -33,6 +33,8 @@ type IPAddressSpec struct { // address is the IP address. // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=39 Address string `json:"address"` // prefix is the prefix of the address. @@ -41,6 +43,8 @@ type IPAddressSpec struct { // gateway is the network gateway of the network the address is from. // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=39 Gateway string `json:"gateway,omitempty"` } diff --git a/exp/ipam/api/v1beta1/ipaddressclaim_types.go b/exp/ipam/api/v1beta1/ipaddressclaim_types.go index b5b778082eb8..acee5ce72fc0 100644 --- a/exp/ipam/api/v1beta1/ipaddressclaim_types.go +++ b/exp/ipam/api/v1beta1/ipaddressclaim_types.go @@ -27,6 +27,8 @@ import ( type IPAddressClaimSpec struct { // clusterName is the name of the Cluster this object belongs to. // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=63 ClusterName string `json:"clusterName,omitempty"` // poolRef is a reference to the pool from which an IP address should be created. diff --git a/exp/runtime/api/v1alpha1/extensionconfig_types.go b/exp/runtime/api/v1alpha1/extensionconfig_types.go index 0ec14aaf5ad1..6bb04a28254c 100644 --- a/exp/runtime/api/v1alpha1/extensionconfig_types.go +++ b/exp/runtime/api/v1alpha1/extensionconfig_types.go @@ -63,6 +63,8 @@ type ClientConfig struct { // allowed either. // // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=512 URL *string `json:"url,omitempty"` // service is a reference to the Kubernetes service for the Extension server. @@ -75,6 +77,8 @@ type ClientConfig struct { // caBundle is a PEM encoded CA bundle which will be used to validate the Extension server's server certificate. // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=51200 CABundle []byte `json:"caBundle,omitempty"` } @@ -82,15 +86,21 @@ type ClientConfig struct { type ServiceReference struct { // namespace is the namespace of the service. // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=63 Namespace string `json:"namespace"` // name is the name of the service. // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=63 Name string `json:"name"` // path is an optional URL path and if present may be any string permissible in // a URL. If a path is set it will be used as prefix to the hook-specific path. // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=512 Path *string `json:"path,omitempty"` // port is the port on the service that's hosting the Extension server. @@ -110,6 +120,7 @@ type ExtensionConfigStatus struct { // +optional // +listType=map // +listMapKey=name + // +kubebuilder:validation:MaxItems=512 Handlers []ExtensionHandler `json:"handlers,omitempty"` // conditions define the current service state of the ExtensionConfig. @@ -137,6 +148,8 @@ type ExtensionConfigV1Beta2Status struct { type ExtensionHandler struct { // name is the unique name of the ExtensionHandler. // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=512 Name string `json:"name"` // requestHook defines the versioned runtime hook which this ExtensionHandler serves. @@ -151,6 +164,7 @@ type ExtensionHandler struct { // failurePolicy defines how failures in calls to the ExtensionHandler should be handled by a client. // Defaults to Fail if not set. // +optional + // +kubebuilder:validation:Enum=Ignore;Fail FailurePolicy *FailurePolicy `json:"failurePolicy,omitempty"` } @@ -158,10 +172,14 @@ type ExtensionHandler struct { type GroupVersionHook struct { // apiVersion is the group and version of the Hook. // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=512 APIVersion string `json:"apiVersion"` // hook is the name of the hook. // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=256 Hook string `json:"hook"` } diff --git a/test/infrastructure/docker/config/crd/bases/infrastructure.cluster.x-k8s.io_devclusters.yaml b/test/infrastructure/docker/config/crd/bases/infrastructure.cluster.x-k8s.io_devclusters.yaml index d2ffc3591627..db80960850d2 100644 --- a/test/infrastructure/docker/config/crd/bases/infrastructure.cluster.x-k8s.io_devclusters.yaml +++ b/test/infrastructure/docker/config/crd/bases/infrastructure.cluster.x-k8s.io_devclusters.yaml @@ -163,18 +163,23 @@ spec: description: |- message is a human readable message indicating details about the transition. This field may be empty. + maxLength: 10240 + minLength: 1 type: string reason: description: |- reason is the reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may be empty. + maxLength: 256 + minLength: 1 type: string severity: description: |- severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + maxLength: 32 type: string status: description: status of the condition, one of True, False, Unknown. @@ -184,6 +189,8 @@ spec: type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. + maxLength: 256 + minLength: 1 type: string required: - lastTransitionTime diff --git a/test/infrastructure/docker/config/crd/bases/infrastructure.cluster.x-k8s.io_devmachines.yaml b/test/infrastructure/docker/config/crd/bases/infrastructure.cluster.x-k8s.io_devmachines.yaml index 855e421d0df7..a775ca09b19e 100644 --- a/test/infrastructure/docker/config/crd/bases/infrastructure.cluster.x-k8s.io_devmachines.yaml +++ b/test/infrastructure/docker/config/crd/bases/infrastructure.cluster.x-k8s.io_devmachines.yaml @@ -235,10 +235,18 @@ spec: properties: address: description: address is the machine address. + maxLength: 256 + minLength: 1 type: string type: description: type is the machine address type, one of Hostname, ExternalIP, InternalIP, ExternalDNS or InternalDNS. + enum: + - Hostname + - ExternalIP + - InternalIP + - ExternalDNS + - InternalDNS type: string required: - address @@ -276,18 +284,23 @@ spec: description: |- message is a human readable message indicating details about the transition. This field may be empty. + maxLength: 10240 + minLength: 1 type: string reason: description: |- reason is the reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may be empty. + maxLength: 256 + minLength: 1 type: string severity: description: |- severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + maxLength: 32 type: string status: description: status of the condition, one of True, False, Unknown. @@ -297,6 +310,8 @@ spec: type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. + maxLength: 256 + minLength: 1 type: string required: - lastTransitionTime diff --git a/test/infrastructure/docker/config/crd/bases/infrastructure.cluster.x-k8s.io_dockerclusters.yaml b/test/infrastructure/docker/config/crd/bases/infrastructure.cluster.x-k8s.io_dockerclusters.yaml index 029757d53a50..7a2ff464ab0f 100644 --- a/test/infrastructure/docker/config/crd/bases/infrastructure.cluster.x-k8s.io_dockerclusters.yaml +++ b/test/infrastructure/docker/config/crd/bases/infrastructure.cluster.x-k8s.io_dockerclusters.yaml @@ -461,18 +461,23 @@ spec: description: |- message is a human readable message indicating details about the transition. This field may be empty. + maxLength: 10240 + minLength: 1 type: string reason: description: |- reason is the reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may be empty. + maxLength: 256 + minLength: 1 type: string severity: description: |- severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + maxLength: 32 type: string status: description: status of the condition, one of True, False, Unknown. @@ -482,6 +487,8 @@ spec: type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. + maxLength: 256 + minLength: 1 type: string required: - lastTransitionTime diff --git a/test/infrastructure/docker/config/crd/bases/infrastructure.cluster.x-k8s.io_dockermachinepools.yaml b/test/infrastructure/docker/config/crd/bases/infrastructure.cluster.x-k8s.io_dockermachinepools.yaml index baa5756d2753..aa8eb20a1e87 100644 --- a/test/infrastructure/docker/config/crd/bases/infrastructure.cluster.x-k8s.io_dockermachinepools.yaml +++ b/test/infrastructure/docker/config/crd/bases/infrastructure.cluster.x-k8s.io_dockermachinepools.yaml @@ -505,18 +505,23 @@ spec: description: |- message is a human readable message indicating details about the transition. This field may be empty. + maxLength: 10240 + minLength: 1 type: string reason: description: |- reason is the reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may be empty. + maxLength: 256 + minLength: 1 type: string severity: description: |- severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + maxLength: 32 type: string status: description: status of the condition, one of True, False, Unknown. @@ -526,6 +531,8 @@ spec: type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. + maxLength: 256 + minLength: 1 type: string required: - lastTransitionTime @@ -553,10 +560,18 @@ spec: properties: address: description: address is the machine address. + maxLength: 256 + minLength: 1 type: string type: description: type is the machine address type, one of Hostname, ExternalIP, InternalIP, ExternalDNS or InternalDNS. + enum: + - Hostname + - ExternalIP + - InternalIP + - ExternalDNS + - InternalDNS type: string required: - address diff --git a/test/infrastructure/docker/config/crd/bases/infrastructure.cluster.x-k8s.io_dockermachines.yaml b/test/infrastructure/docker/config/crd/bases/infrastructure.cluster.x-k8s.io_dockermachines.yaml index 07108b120d1f..d8059896c865 100644 --- a/test/infrastructure/docker/config/crd/bases/infrastructure.cluster.x-k8s.io_dockermachines.yaml +++ b/test/infrastructure/docker/config/crd/bases/infrastructure.cluster.x-k8s.io_dockermachines.yaml @@ -442,10 +442,18 @@ spec: properties: address: description: address is the machine address. + maxLength: 256 + minLength: 1 type: string type: description: type is the machine address type, one of Hostname, ExternalIP, InternalIP, ExternalDNS or InternalDNS. + enum: + - Hostname + - ExternalIP + - InternalIP + - ExternalDNS + - InternalDNS type: string required: - address @@ -469,18 +477,23 @@ spec: description: |- message is a human readable message indicating details about the transition. This field may be empty. + maxLength: 10240 + minLength: 1 type: string reason: description: |- reason is the reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may be empty. + maxLength: 256 + minLength: 1 type: string severity: description: |- severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + maxLength: 32 type: string status: description: status of the condition, one of True, False, Unknown. @@ -490,6 +503,8 @@ spec: type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. + maxLength: 256 + minLength: 1 type: string required: - lastTransitionTime diff --git a/util/patch/patch_test.go b/util/patch/patch_test.go index eb01dabc929c..2056275d9d14 100644 --- a/util/patch/patch_test.go +++ b/util/patch/patch_test.go @@ -320,7 +320,7 @@ func TestPatchHelper(t *testing.T) { obj.Spec.Paused = true obj.Spec.ControlPlaneEndpoint.Host = "test://endpoint" obj.Spec.ControlPlaneEndpoint.Port = 8443 - obj.Status.Phase = "custom-phase" + obj.Status.Phase = "Provisioning" conditions.MarkTrue(obj, clusterv1.ReadyCondition) t.Log("Patching the object") diff --git a/util/test/builder/crd/test.cluster.x-k8s.io_phase0obj.yaml b/util/test/builder/crd/test.cluster.x-k8s.io_phase0obj.yaml index 3cc17b33d09f..6fc6bc139dd7 100644 --- a/util/test/builder/crd/test.cluster.x-k8s.io_phase0obj.yaml +++ b/util/test/builder/crd/test.cluster.x-k8s.io_phase0obj.yaml @@ -67,18 +67,23 @@ spec: description: |- message is a human readable message indicating details about the transition. This field may be empty. + maxLength: 10240 + minLength: 1 type: string reason: description: |- reason is the reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may be empty. + maxLength: 256 + minLength: 1 type: string severity: description: |- severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + maxLength: 32 type: string status: description: status of the condition, one of True, False, Unknown. @@ -88,6 +93,8 @@ spec: type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. + maxLength: 256 + minLength: 1 type: string required: - lastTransitionTime diff --git a/util/test/builder/crd/test.cluster.x-k8s.io_phase1obj.yaml b/util/test/builder/crd/test.cluster.x-k8s.io_phase1obj.yaml index 1f4863eb4e26..1ae775f8c0f0 100644 --- a/util/test/builder/crd/test.cluster.x-k8s.io_phase1obj.yaml +++ b/util/test/builder/crd/test.cluster.x-k8s.io_phase1obj.yaml @@ -68,18 +68,23 @@ spec: description: |- message is a human readable message indicating details about the transition. This field may be empty. + maxLength: 10240 + minLength: 1 type: string reason: description: |- reason is the reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may be empty. + maxLength: 256 + minLength: 1 type: string severity: description: |- severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + maxLength: 32 type: string status: description: status of the condition, one of True, False, Unknown. @@ -89,6 +94,8 @@ spec: type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. + maxLength: 256 + minLength: 1 type: string required: - lastTransitionTime diff --git a/util/test/builder/crd/test.cluster.x-k8s.io_phase2obj.yaml b/util/test/builder/crd/test.cluster.x-k8s.io_phase2obj.yaml index e4e296d6d41d..d4859d2b1b19 100644 --- a/util/test/builder/crd/test.cluster.x-k8s.io_phase2obj.yaml +++ b/util/test/builder/crd/test.cluster.x-k8s.io_phase2obj.yaml @@ -136,18 +136,23 @@ spec: description: |- message is a human readable message indicating details about the transition. This field may be empty. + maxLength: 10240 + minLength: 1 type: string reason: description: |- reason is the reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may be empty. + maxLength: 256 + minLength: 1 type: string severity: description: |- severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + maxLength: 32 type: string status: description: status of the condition, one of True, False, @@ -158,6 +163,8 @@ spec: type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. + maxLength: 256 + minLength: 1 type: string required: - lastTransitionTime