Skip to content

Commit

Permalink
Remove the deprecated ToolchainCluster.Spec fields (#448)
Browse files Browse the repository at this point in the history
Note that the spec.apiEndpoint has not been removed but merely made optional.

We need this indirection because we need to make the removal in two
steps so that the potentially different versions of the CRD in host and
member stay compatible.
metlos authored Oct 8, 2024

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature.
1 parent 6ce14bf commit ebfefc0
Showing 4 changed files with 14 additions and 104 deletions.
38 changes: 4 additions & 34 deletions api/v1alpha1/docs/apiref.adoc
Original file line number Diff line number Diff line change
@@ -3063,22 +3063,6 @@ Supported condition types: ConditionReady + | |
|===


[id="{anchor_prefix}-github-com-codeready-toolchain-api-api-v1alpha1-tlsvalidation"]
==== TLSValidation

_Underlying type:_ _string_





.Appears In:
****
- xref:{anchor_prefix}-github-com-codeready-toolchain-api-api-v1alpha1-toolchainclusterspec[$$ToolchainClusterSpec$$]
****



[id="{anchor_prefix}-github-com-codeready-toolchain-api-api-v1alpha1-tiertemplate"]
==== TierTemplate

@@ -3354,27 +3338,13 @@ ToolchainClusterSpec defines the desired state of ToolchainCluster
hostname:port, IP or IP:port. +


Be aware that this field is going to be replaced with +
the Status.APIEndpoint in the future. + | |
| *`caBundle`* __string__ | CABundle contains the certificate authority information. +
Be aware that this is kept in the spec only for compatibility reasons +
and doesn't serve any purpose. Use the Status.APIEndpoint instead. +


Note that this is going to be deprecated and removed. It will be replaced by a field in +
the kubecondig of the connection secret + | |
| *`secretRef`* __xref:{anchor_prefix}-github-com-codeready-toolchain-api-api-v1alpha1-localsecretreference[$$LocalSecretReference$$]__ | Name of the secret containing the token required to access the +
member cluster. The secret needs to exist in the same namespace +
as the control plane and should have a "token" key. +


In the near future, the secret will contain the whole kubeconfig required to connect +
Deprecated: This is not used for anything. + | |
| *`secretRef`* __xref:{anchor_prefix}-github-com-codeready-toolchain-api-api-v1alpha1-localsecretreference[$$LocalSecretReference$$]__ | Name of the secret containing the kubeconfig required to connect +
to the cluster. + | |
| *`disabledTLSValidations`* __xref:{anchor_prefix}-github-com-codeready-toolchain-api-api-v1alpha1-tlsvalidation[$$TLSValidation$$] array__ | DisabledTLSValidations defines a list of checks to ignore when validating +
the TLS connection to the member cluster. This can be any of *, SubjectName, or ValidityPeriod. +
If * is specified, it is expected to be the only option in list. +


Note that this is going to be deprecated and removed. It will be replaced by +
the kubeconfig stored in the connection secret. + | |
|===


39 changes: 6 additions & 33 deletions api/v1alpha1/toolchaincluster_types.go
Original file line number Diff line number Diff line change
@@ -21,49 +21,22 @@ const (
ToolchainClusterLabel = LabelKeyPrefix + "toolchain-cluster"
)

type TLSValidation string

const (
TLSAll TLSValidation = "*"
TLSSubjectName TLSValidation = "SubjectName"
TLSValidityPeriod TLSValidation = "ValidityPeriod"
)

// ToolchainClusterSpec defines the desired state of ToolchainCluster
// +k8s:openapi-gen=true
type ToolchainClusterSpec struct {
// The API endpoint of the member cluster. This can be a hostname,
// hostname:port, IP or IP:port.
//
// Be aware that this field is going to be replaced with
// the Status.APIEndpoint in the future.
APIEndpoint string `json:"apiEndpoint"`

// CABundle contains the certificate authority information.
// +optional
// Be aware that this is kept in the spec only for compatibility reasons
// and doesn't serve any purpose. Use the Status.APIEndpoint instead.
//
// Note that this is going to be deprecated and removed. It will be replaced by a field in
// the kubecondig of the connection secret
CABundle string `json:"caBundle,omitempty"`
// Deprecated: This is not used for anything.
// +optional
APIEndpoint string `json:"apiEndpoint,omitempty"`

// Name of the secret containing the token required to access the
// member cluster. The secret needs to exist in the same namespace
// as the control plane and should have a "token" key.
//
// In the near future, the secret will contain the whole kubeconfig required to connect
// Name of the secret containing the kubeconfig required to connect
// to the cluster.
SecretRef LocalSecretReference `json:"secretRef"`

// DisabledTLSValidations defines a list of checks to ignore when validating
// the TLS connection to the member cluster. This can be any of *, SubjectName, or ValidityPeriod.
// If * is specified, it is expected to be the only option in list.
//
// Note that this is going to be deprecated and removed. It will be replaced by
// the kubeconfig stored in the connection secret.
//
// +optional
// +listType=set
DisabledTLSValidations []TLSValidation `json:"disabledTLSValidations,omitempty"`
}

// LocalSecretReference is a reference to a secret within the enclosing
7 changes: 1 addition & 6 deletions api/v1alpha1/zz_generated.deepcopy.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

34 changes: 3 additions & 31 deletions api/v1alpha1/zz_generated.openapi.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

0 comments on commit ebfefc0

Please sign in to comment.